Merge staging-next into staging

This commit is contained in:
Frederik Rietdijk 2020-04-03 21:55:10 +02:00
commit edaa972160
363 changed files with 6652 additions and 4226 deletions

4
.github/CODEOWNERS vendored
View File

@ -82,8 +82,8 @@
/pkgs/development/r-modules @peti
# Ruby
/pkgs/development/interpreters/ruby @alyssais @zimbatm
/pkgs/development/ruby-modules @alyssais @zimbatm
/pkgs/development/interpreters/ruby @alyssais
/pkgs/development/ruby-modules @alyssais
# Rust
/pkgs/development/compilers/rust @Mic92 @LnL7

View File

@ -261,12 +261,7 @@ deoplete-fish = super.deoplete-fish.overrideAttrs(old: {
Sometimes plugins require an override that must be changed when the plugin is updated. This can cause issues when Vim plugins are auto-updated but the associated override isn't updated. For these plugins, the override should be written so that it specifies all information required to install the plugin, and running `./update.py` doesn't change the derivation for the plugin. Manually updating the override is required to update these types of plugins. An example of such a plugin is `LanguageClient-neovim`.
To add a new plugin:
1. run `./update.py` and create a commit named "vimPlugins: Update",
2. add the new plugin to [vim-plugin-names](/pkgs/misc/vim-plugins/vim-plugin-names) and add overrides if required to [overrides.nix](/pkgs/misc/vim-plugins/overrides.nix),
3. run `./update.py` again and create a commit named "vimPlugins.[name]: init at [version]" (where `name` and `version` can be found in [generated.nix](/pkgs/misc/vim-plugins/generated.nix)), and
4. create a pull request.
To add a new plugin, run `./update.py --add "[owner]/[name]"`. **NOTE**: This script automatically commits to your git repository. Be sure to check out a fresh branch before running.
## Important repositories

View File

@ -37,7 +37,7 @@ security updates. More up to date packages and modules are available via the
Both `nixos-unstable` and `nixpkgs` follow the `master` branch of the Nixpkgs
repository, although both do lag the `master` branch by generally
[a couple of days](https://howoldis.herokuapp.com/). Updates to a channel are
[a couple of days](https://status.nixos.org/). Updates to a channel are
distributed as soon as all tests for that channel pass, e.g.
[this table](https://hydra.nixos.org/job/nixpkgs/trunk/unstable#tabs-constituents)
shows the status of tests for the `nixpkgs` channel.

View File

@ -25,7 +25,7 @@
import ./nixos/lib/eval-config.nix (args // {
modules = modules ++
[ { system.nixos.versionSuffix =
".${lib.substring 0 8 self.lastModified}.${self.shortRev or "dirty"}";
".${lib.substring 0 8 (self.lastModifiedDate or self.lastModified)}.${self.shortRev or "dirty"}";
system.nixos.revision = lib.mkIf (self ? rev) self.rev;
}
];

View File

@ -4,7 +4,7 @@
let
inherit (builtins) head tail length;
inherit (lib.trivial) and;
inherit (lib.strings) concatStringsSep;
inherit (lib.strings) concatStringsSep sanitizeDerivationName;
inherit (lib.lists) fold concatMap concatLists;
in
@ -310,7 +310,7 @@ rec {
path' = builtins.storePath path;
res =
{ type = "derivation";
name = builtins.unsafeDiscardStringContext (builtins.substring 33 (-1) (baseNameOf path'));
name = sanitizeDerivationName (builtins.substring 33 (-1) (baseNameOf path'));
outPath = path';
outputs = [ "out" ];
out = res;

View File

@ -682,6 +682,11 @@ lib.mapAttrs (n: v: v // { shortName = n; }) {
# channel and NixOS images.
};
unicode-dfs-2016 = spdx {
spdxId = "Unicode-DFS-2016";
fullName = "Unicode License Agreement - Data Files and Software (2016)";
};
unlicense = spdx {
spdxId = "Unlicense";
fullName = "The Unlicense";

View File

@ -678,4 +678,36 @@ rec {
=> "1.0"
*/
fileContents = file: removeSuffix "\n" (builtins.readFile file);
/* Creates a valid derivation name from a potentially invalid one.
Type: sanitizeDerivationName :: String -> String
Example:
sanitizeDerivationName "../hello.bar # foo"
=> "-hello.bar-foo"
sanitizeDerivationName ""
=> "unknown"
sanitizeDerivationName pkgs.hello
=> "-nix-store-2g75chlbpxlrqn15zlby2dfh8hr9qwbk-hello-2.10"
*/
sanitizeDerivationName = string: lib.pipe string [
# Get rid of string context. This is safe under the assumption that the
# resulting string is only used as a derivation name
builtins.unsafeDiscardStringContext
# Strip all leading "."
(x: builtins.elemAt (builtins.match "\\.*(.*)" x) 0)
# Split out all invalid characters
# https://github.com/NixOS/nix/blob/2.3.2/src/libstore/store-api.cc#L85-L112
# https://github.com/NixOS/nix/blob/2242be83c61788b9c0736a92bb0b5c7bbfc40803/nix-rust/src/store/path.rs#L100-L125
(builtins.split "[^[:alnum:]+._?=-]+")
# Replace invalid character ranges with a "-"
(concatMapStrings (s: if lib.isList s then "-" else s))
# Limit to 211 characters (minus 4 chars for ".drv")
(x: substring (lib.max (stringLength x - 207) 0) (-1) x)
# If the result is empty, replace it with "unknown"
(x: if stringLength x == 0 then "unknown" else x)
];
}

View File

@ -3,6 +3,23 @@
# if the resulting list is empty, all tests passed
with import ../default.nix;
let
testSanitizeDerivationName = { name, expected }:
let
drv = derivation {
name = strings.sanitizeDerivationName name;
builder = "x";
system = "x";
};
in {
# Evaluate the derivation so an invalid name would be caught
expr = builtins.seq drv.drvPath drv.name;
inherit expected;
};
in
runTests {
@ -490,4 +507,29 @@ runTests {
expected = "'-X' 'PUT' '--data' '{\"id\":0}' '--retry' '3' '--url' 'https://example.com/foo' '--url' 'https://example.com/bar' '--verbose'";
};
testSanitizeDerivationNameLeadingDots = testSanitizeDerivationName {
name = "..foo";
expected = "foo";
};
testSanitizeDerivationNameAscii = testSanitizeDerivationName {
name = " !\"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\\]^_`abcdefghijklmnopqrstuvwxyz{|}~";
expected = "-+--.-0123456789-=-?-ABCDEFGHIJKLMNOPQRSTUVWXYZ-_-abcdefghijklmnopqrstuvwxyz-";
};
testSanitizeDerivationNameTooLong = testSanitizeDerivationName {
name = "This string is loooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooong";
expected = "loooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooong";
};
testSanitizeDerivationNameTooLongWithInvalid = testSanitizeDerivationName {
name = "Hello there aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa &&&&&&&&";
expected = "there-aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa-";
};
testSanitizeDerivationNameEmpty = testSanitizeDerivationName {
name = "";
expected = "unknown";
};
}

View File

@ -2839,6 +2839,12 @@
githubId = 12064730;
name = "Alex Ivanov";
};
gnxlxnxx = {
email = "gnxlxnxx@web.de";
github = "gnxlxnxx";
githubId = 25820499;
name = "Roman Kretschmer";
};
goibhniu = {
email = "cillian.deroiste@gmail.com";
github = "cillianderoiste";
@ -3235,6 +3241,12 @@
fingerprint = "7311 2700 AB4F 4CDF C68C F6A5 79C3 C47D C652 EA54";
}];
};
ivar = {
email = "ivar.scholten@protonmail.com";
github = "IvarWithoutBones";
githubId = 41924494;
Name = "Ivar";
};
ivegotasthma = {
email = "ivegotasthma@protonmail.com";
github = "ivegotasthma";
@ -7336,6 +7348,12 @@
githubId = 378734;
name = "TG Θ";
};
th0rgal = {
email = "thomas.marchand@tuta.io";
github = "Th0rgal";
githubId = 41830259;
name = "Thomas Marchand";
};
thall = {
email = "niclas.thall@gmail.com";
github = "thall";

View File

@ -757,6 +757,12 @@ auth required pam_succeed_if.so uid >= 1000 quiet
</warning>
</para>
</listitem>
<listitem>
<para>
The TokuDB storage engine will be disabled in <package>mariadb</package> 10.5. It is recommended to switch
to RocksDB. See also <link xlink:href="https://mariadb.com/kb/en/tokudb/">TokuDB</link>.
</para>
</listitem>
</itemizedlist>
</section>
@ -888,6 +894,15 @@ auth required pam_succeed_if.so uid >= 1000 quiet
<listitem>
<para>
<package>mongodb</package> has been updated to version <literal>3.4.24</literal>.
<warning>
<para>
Please note that <package>mongodb</package> has been relicensed under their own
<link xlink:href="https://www.mongodb.com/licensing/server-side-public-license/faq"><literal>
sspl</literal></link>-license. Since it's not entirely free and not OSI-approved,
it's listed as non-free. This means that Hydra doesn't provide prebuilt
<package>mongodb</package>-packages and needs to be built locally.
</para>
</warning>
</para>
</listitem>
</itemizedlist>

View File

@ -86,7 +86,7 @@ let
optionsList = lib.sort optionLess optionsListDesc;
# Convert the list of options into an XML file.
optionsXML = pkgs.writeText "options.xml" (builtins.toXML optionsList);
optionsXML = builtins.toFile "options.xml" (builtins.toXML optionsList);
optionsNix = builtins.listToAttrs (map (o: { name = o.name; value = removeAttrs o ["name" "visible" "internal"]; }) optionsList);

View File

@ -16,6 +16,10 @@ in
{
meta = {
maintainers = teams.gnome.members;
};
options = {
programs.bash.vteIntegration = mkOption {

View File

@ -2,19 +2,23 @@
with lib;
{
meta = {
maintainers = teams.freedesktop.members;
};
options = {
xdg.autostart.enable = mkOption {
type = types.bool;
default = true;
description = ''
Whether to install files to support the
Whether to install files to support the
<link xlink:href="https://specifications.freedesktop.org/autostart-spec/autostart-spec-latest.html">XDG Autostart specification</link>.
'';
};
};
config = mkIf config.xdg.autostart.enable {
environment.pathsToLink = [
environment.pathsToLink = [
"/etc/xdg/autostart"
];
};

View File

@ -2,6 +2,10 @@
with lib;
{
meta = {
maintainers = teams.freedesktop.members;
};
options = {
xdg.icons.enable = mkOption {
type = types.bool;

View File

@ -2,19 +2,23 @@
with lib;
{
meta = {
maintainers = teams.freedesktop.members;
};
options = {
xdg.menus.enable = mkOption {
type = types.bool;
default = true;
description = ''
Whether to install files to support the
Whether to install files to support the
<link xlink:href="https://specifications.freedesktop.org/menu-spec/menu-spec-latest.html">XDG Desktop Menu specification</link>.
'';
};
};
config = mkIf config.xdg.menus.enable {
environment.pathsToLink = [
environment.pathsToLink = [
"/share/applications"
"/share/desktop-directories"
"/etc/xdg/menus"

View File

@ -2,6 +2,10 @@
with lib;
{
meta = {
maintainers = teams.freedesktop.members;
};
options = {
xdg.mime.enable = mkOption {
type = types.bool;

View File

@ -7,6 +7,10 @@ with lib;
(mkRenamedOptionModule [ "services" "flatpak" "extraPortals" ] [ "xdg" "portal" "extraPortals" ])
];
meta = {
maintainers = teams.freedesktop.members;
};
options.xdg.portal = {
enable =
mkEnableOption "<link xlink:href='https://github.com/flatpak/xdg-desktop-portal'>xdg desktop integration</link>"//{

View File

@ -2,6 +2,10 @@
with lib;
{
meta = {
maintainers = teams.freedesktop.members;
};
options = {
xdg.sounds.enable = mkOption {
type = types.bool;

View File

@ -8,7 +8,12 @@ with lib;
options = {
hardware.sensor.iio = {
enable = mkOption {
description = "Enable this option to support IIO sensors.";
description = ''
Enable this option to support IIO sensors.
IIO sensors are used for orientation and ambient light
sensors on some mobile devices.
'';
type = types.bool;
default = false;
};

View File

@ -75,5 +75,9 @@ in
QT_IM_MODULE = "ibus";
XMODIFIERS = "@im=ibus";
};
xdg.portal.extraPortals = mkIf xdg.portal.enable [
ibusPackage
];
};
}

View File

@ -295,7 +295,6 @@
./services/desktops/deepin/deepin.nix
./services/desktops/dleyna-renderer.nix
./services/desktops/dleyna-server.nix
./services/desktops/pantheon/contractor.nix
./services/desktops/pantheon/files.nix
./services/desktops/flatpak.nix
./services/desktops/geoclue2.nix
@ -396,7 +395,6 @@
./services/mail/mailcatcher.nix
./services/mail/mailhog.nix
./services/mail/mailman.nix
./services/mail/magic-wormhole-mailbox-server.nix
./services/mail/mlmmj.nix
./services/mail/offlineimap.nix
./services/mail/opendkim.nix
@ -645,6 +643,7 @@
./services/networking/lldpd.nix
./services/networking/logmein-hamachi.nix
./services/networking/mailpile.nix
./services/networking/magic-wormhole-mailbox-server.nix
./services/networking/matterbridge.nix
./services/networking/mjpg-streamer.nix
./services/networking/minidlna.nix
@ -655,6 +654,7 @@
./services/networking/miredo.nix
./services/networking/mstpd.nix
./services/networking/mtprotoproxy.nix
./services/networking/mullvad-vpn.nix
./services/networking/murmur.nix
./services/networking/mxisd.nix
./services/networking/namecoind.nix
@ -683,6 +683,7 @@
./services/networking/ostinato.nix
./services/networking/owamp.nix
./services/networking/pdnsd.nix
./services/networking/pixiecore.nix
./services/networking/polipo.nix
./services/networking/powerdns.nix
./services/networking/pdns-recursor.nix

View File

@ -14,12 +14,17 @@ with lib;
nix.allowedUsers = mkDefault [ "@users" ];
environment.memoryAllocator.provider = mkDefault "scudo";
environment.variables.SCUDO_OPTIONS = mkDefault "ZeroContents=1";
security.hideProcessInformation = mkDefault true;
security.lockKernelModules = mkDefault true;
security.allowUserNamespaces = mkDefault false;
nix.useSandbox = mkDefault false;
security.protectKernelImage = mkDefault true;
security.allowSimultaneousMultithreading = mkDefault false;

View File

@ -6,6 +6,10 @@ let
cfg = config.programs.geary;
in {
meta = {
maintainers = teams.gnome.members;
};
options = {
programs.geary.enable = mkEnableOption "Geary, a Mail client for GNOME 3";
};

View File

@ -6,6 +6,10 @@ with lib;
{
meta = {
maintainers = teams.gnome.members;
};
# Added 2019-08-09
imports = [
(mkRenamedOptionModule

View File

@ -6,6 +6,10 @@ with lib;
{
meta = {
maintainers = teams.gnome.members;
};
# Added 2019-08-09
imports = [
(mkRenamedOptionModule

View File

@ -12,6 +12,10 @@ in
{
meta = {
maintainers = teams.gnome.members;
};
# Added 2019-08-19
imports = [
(mkRenamedOptionModule
@ -20,9 +24,7 @@ in
];
options = {
programs.gnome-terminal.enable = mkEnableOption "GNOME Terminal";
};
config = mkIf cfg.enable {

View File

@ -1,6 +1,10 @@
{ config, lib, pkgs, ... }:
{
meta = {
maintainers = lib.teams.freedesktop.members;
};
options.programs.nm-applet.enable = lib.mkEnableOption "nm-applet";
config = lib.mkIf config.programs.nm-applet.enable {

View File

@ -63,9 +63,11 @@ in {
javaProperties = mkOption {
type = types.attrs;
default = { };
example = {
"java.net.preferIPv4Stack" = "true";
};
example = literalExample ''
{
"java.net.preferIPv4Stack" = "true";
}
'';
apply = attrs: {
"activemq.base" = "${cfg.baseDir}";
"activemq.data" = "${cfg.baseDir}/data";

View File

@ -189,6 +189,7 @@ let
in {
meta.maintainers = with maintainers; [ dotlambda ];
meta.doc = ./borgbackup.xml;
###### interface
@ -197,10 +198,11 @@ in {
Deduplicating backups using BorgBackup.
Adding a job will cause a borg-job-NAME wrapper to be added
to your system path, so that you can perform maintenance easily.
See also the chapter about BorgBackup in the NixOS manual.
'';
default = { };
example = literalExample ''
{
{ # for a local backup
rootBackup = {
paths = "/";
exclude = [ "/nix" ];
@ -213,6 +215,23 @@ in {
startAt = "weekly";
};
}
{ # Root backing each day up to a remote backup server. We assume that you have
# * created a password less key: ssh-keygen -N "" -t ed25519 -f /path/to/ssh_key
# best practices are: use -t ed25519, /path/to = /run/keys
# * the passphrase is in the file /run/keys/borgbackup_passphrase
# * you have initialized the repository manually
paths = [ "/etc" "/home" ];
exclude = [ "/nix" "'**/.cache'" ];
doInit = false;
repo = "user3@arep.repo.borgbase.com:repo";
encryption = {
mode = "repokey-blake2";
passCommand = "cat /path/to/passphrase";
};
environment = { BORG_RSH = "ssh -i /path/to/ssh_key"; };
compression = "auto,lzma";
startAt = "daily";
};
'';
type = types.attrsOf (types.submodule (let globalConfig = config; in
{ name, config, ... }: {
@ -268,6 +287,8 @@ in {
<manvolnum>7</manvolnum></citerefentry>.
If you do not want the backup to start
automatically, use <literal>[ ]</literal>.
It will generate a systemd service borgbackup-job-NAME.
You may trigger it manually via systemctl restart borgbackup-job-NAME.
'';
};
@ -303,6 +324,10 @@ in {
you to specify a <option>passCommand</option>
or a <option>passphrase</option>.
'';
example = ''
encryption.mode = "repokey-blake2" ;
encryption.passphrase = "mySecretPassphrase" ;
'';
};
encryption.passCommand = mkOption {
@ -538,6 +563,7 @@ in {
description = ''
Serve BorgBackup repositories to given public SSH keys,
restricting their access to the repository only.
See also the chapter about BorgBackup in the NixOS manual.
Also, clients do not need to specify the absolute path when accessing the repository,
i.e. <literal>user@machine:.</literal> is enough. (Note colon and dot.)
'';

View File

@ -0,0 +1,227 @@
<chapter xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0"
xml:id="module-borgbase">
<title>BorgBackup</title>
<para>
<emphasis>Source:</emphasis>
<filename>modules/services/backup/borgbackup.nix</filename>
</para>
<para>
<emphasis>Upstream documentation:</emphasis>
<link xlink:href="https://borgbackup.readthedocs.io/"/>
</para>
<para>
<link xlink:href="https://www.borgbackup.org/">BorgBackup</link> (short: Borg)
is a deduplicating backup program. Optionally, it supports compression and
authenticated encryption.
</para>
<para>
The main goal of Borg is to provide an efficient and secure way to backup
data. The data deduplication technique used makes Borg suitable for daily
backups since only changes are stored. The authenticated encryption technique
makes it suitable for backups to not fully trusted targets.
</para>
<section xml:id="module-services-backup-borgbackup-configuring">
<title>Configuring</title>
<para>
A complete list of options for the Borgbase module may be found
<link linkend="opt-services.borgbackup.jobs">here</link>.
</para>
</section>
<section xml:id="opt-services-backup-borgbackup-local-directory">
<title>Basic usage for a local backup</title>
<para>
A very basic configuration for backing up to a locally accessible directory
is:
<programlisting>
{
opt.services.borgbackup.jobs = {
{ rootBackup = {
paths = "/";
exclude = [ "/nix" "/path/to/local/repo" ];
repo = "/path/to/local/repo";
doInit = true;
encryption = {
mode = "repokey";
passphrase = "secret";
};
compression = "auto,lzma";
startAt = "weekly";
};
}
};
}</programlisting>
</para>
<warning>
<para>
If you do not want the passphrase to be stored in the world-readable
Nix store, use passCommand. You find an example below.
</para>
</warning>
</section>
<section xml:id="opt-services-backup-create-server">
<title>Create a borg backup server</title>
<para>You should use a different SSH key for each repository you write to,
because the specified keys are restricted to running borg serve and can only
access this single repository. You need the output of the generate pub file.
</para>
<para>
<programlisting>
# sudo ssh-keygen -N '' -t ed25519 -f /run/keys/id_ed25519_my_borg_repo
# cat /run/keys/id_ed25519_my_borg_repo
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID78zmOyA+5uPG4Ot0hfAy+sLDPU1L4AiIoRYEIVbbQ/ root@nixos</programlisting>
</para>
<para>
Add the following snippet to your NixOS configuration:
<programlisting>
{
services.borgbackup.repos = {
my_borg_repo = {
authorizedKeys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID78zmOyA+5uPG4Ot0hfAy+sLDPU1L4AiIoRYEIVbbQ/ root@nixos"
] ;
path = "/var/lib/my_borg_repo" ;
};
};
}</programlisting>
</para>
</section>
<section xml:id="opt-services-backup-borgbackup-remote-server">
<title>Backup to the borg repository server</title>
<para>The following NixOS snippet creates an hourly backup to the service
(on the host nixos) as created in the section above. We assume
that you have stored a secret passphrasse in the file
<code>/run/keys/borgbackup_passphrase</code>, which should be only
accessible by root
</para>
<para>
<programlisting>
{
services.borgbackup.jobs = {
backupToLocalServer = {
paths = [ "/etc/nixos" ];
doInit = true;
repo = "borg@nixos:." ;
encryption = {
mode = "repokey-blake2";
passCommand = "cat /run/keys/borgbackup_passphrase";
};
environment = { BORG_RSH = "ssh -i /run/keys/id_ed25519_my_borg_repo"; };
compression = "auto,lzma";
startAt = "hourly";
};
};
};</programlisting>
</para>
<para>The following few commands (run as root) let you test your backup.
<programlisting>
> nixos-rebuild switch
...restarting the following units: polkit.service
> systemctl restart borgbackup-job-backupToLocalServer
> sleep 10
> systemctl restart borgbackup-job-backupToLocalServer
> export BORG_PASSPHRASE=topSecrect
> borg list --rsh='ssh -i /run/keys/id_ed25519_my_borg_repo' borg@nixos:.
nixos-backupToLocalServer-2020-03-30T21:46:17 Mon, 2020-03-30 21:46:19 [84feb97710954931ca384182f5f3cb90665f35cef214760abd7350fb064786ac]
nixos-backupToLocalServer-2020-03-30T21:46:30 Mon, 2020-03-30 21:46:32 [e77321694ecd160ca2228611747c6ad1be177d6e0d894538898de7a2621b6e68]</programlisting>
</para>
</section>
<section xml:id="opt-services-backup-borgbackup-borgbase">
<title>Backup to a hosting service</title>
<para>
Several companies offer <link
xlink:href="https://www.borgbackup.org/support/commercial.html">(paid)
hosting services</link> for Borg repositories.
</para>
<para>
To backup your home directory to borgbase you have to:
</para>
<itemizedlist>
<listitem>
<para>
Generate a SSH key without a password, to access the remote server. E.g.
</para>
<para>
<programlisting>sudo ssh-keygen -N '' -t ed25519 -f /run/keys/id_ed25519_borgbase</programlisting>
</para>
</listitem>
<listitem>
<para>
Create the repository on the server by following the instructions for your
hosting server.
</para>
</listitem>
<listitem>
<para>
Initialize the repository on the server. Eg.
<programlisting>
sudo borg init --encryption=repokey-blake2 \
-rsh "ssh -i /run/keys/id_ed25519_borgbase" \
zzz2aaaaa@zzz2aaaaa.repo.borgbase.com:repo</programlisting>
</para>
</listitem>
<listitem>
<para>Add it to your NixOS configuration, e.g.
<programlisting>
{
services.borgbackup.jobs = {
my_Remote_Backup = {
paths = [ "/" ];
exclude = [ "/nix" "'**/.cache'" ];
repo = "zzz2aaaaa@zzz2aaaaa.repo.borgbase.com:repo";
encryption = {
mode = "repokey-blake2";
passCommand = "cat /run/keys/borgbackup_passphrase";
};
BORG_RSH = "ssh -i /run/keys/id_ed25519_borgbase";
compression = "auto,lzma";
startAt = "daily";
};
};
}}</programlisting>
</para>
</listitem>
</itemizedlist>
</section>
<section xml:id="opt-services-backup-borgbackup-vorta">
<title>Vorta backup client for the desktop</title>
<para>
Vorta is a backup client for macOS and Linux desktops. It integrates the
mighty BorgBackup with your desktop environment to protect your data from
disk failure, ransomware and theft.
</para>
<para>
It is available as a flatpak package. To enable it you must set the
following two configuration items.
</para>
<para>
<programlisting>
services.flatpak.enable = true ;
# next line is needed to avoid the Error
# Error deploying: GDBus.Error:org.freedesktop.DBus.Error.ServiceUnknown:
services.accounts-daemon.enable = true;
</programlisting>
</para>
<para>As a normal user you must first install, then run vorta using the
following commands:
<programlisting>
flatpak remote-add --if-not-exists flathub https://flathub.org/repo/flathub.flatpakrepo
flatpak install flathub com.borgbase.Vorta
flatpak run --branch=stable --arch=x86_64 --command=vorta com.borgbase.Vorta
</programlisting>
After running <code>flatpak install</code> you can start Vorta also via
the KDE application menu.
</para>
<para>
Details about using Vorta can be found under <link
xlink:href="https://vorta.borgbase.com/usage">https://vorta.borgbase.com
</link>.
</para>
</section>
</chapter>

View File

@ -138,7 +138,11 @@ in {
};
}));
default = {};
example."pool/test".target = "root@target:pool/test";
example = literalExample ''
{
"pool/test".target = "root@target:pool/test";
}
'';
description = "Syncoid commands to run.";
};
};

View File

@ -7,33 +7,41 @@ with lib;
options.services.hadoop = {
coreSite = mkOption {
default = {};
example = {
"fs.defaultFS" = "hdfs://localhost";
};
example = literalExample ''
{
"fs.defaultFS" = "hdfs://localhost";
}
'';
description = "Hadoop core-site.xml definition";
};
hdfsSite = mkOption {
default = {};
example = {
"dfs.nameservices" = "namenode1";
};
example = literalExample ''
{
"dfs.nameservices" = "namenode1";
}
'';
description = "Hadoop hdfs-site.xml definition";
};
mapredSite = mkOption {
default = {};
example = {
"mapreduce.map.cpu.vcores" = "1";
};
example = literalExample ''
{
"mapreduce.map.cpu.vcores" = "1";
}
'';
description = "Hadoop mapred-site.xml definition";
};
yarnSite = mkOption {
default = {};
example = {
"yarn.resourcemanager.ha.id" = "resourcemanager1";
};
example = literalExample ''
{
"yarn.resourcemanager.ha.id" = "resourcemanager1";
}
'';
description = "Hadoop yarn-site.xml definition";
};

View File

@ -208,8 +208,12 @@ in
description = "Buildkite agent user";
extraGroups = [ "keys" ];
isSystemUser = true;
group = "buildkite-agent-${name}";
};
});
config.users.groups = mapAgents (name: cfg: {
"buildkite-agent-${name}" = {};
});
config.systemd.services = mapAgents (name: cfg: {
"buildkite-agent-${name}" =

View File

@ -7,12 +7,10 @@
<!-- FIXME: render nicely -->
<!-- FIXME: source can be added automatically -->
<para>
<emphasis>Source:</emphasis>
<filename>modules/services/databases/postgresql.nix</filename>
<emphasis>Source:</emphasis> <filename>modules/services/databases/postgresql.nix</filename>
</para>
<para>
<emphasis>Upstream documentation:</emphasis>
<link xlink:href="http://www.postgresql.org/docs/"/>
<emphasis>Upstream documentation:</emphasis> <link xlink:href="http://www.postgresql.org/docs/"/>
</para>
<!-- FIXME: more stuff, like maintainer? -->
<para>
@ -23,18 +21,12 @@
<title>Configuring</title>
<para>
To enable PostgreSQL, add the following to your
<filename>configuration.nix</filename>:
To enable PostgreSQL, add the following to your <filename>configuration.nix</filename>:
<programlisting>
<xref linkend="opt-services.postgresql.enable"/> = true;
<xref linkend="opt-services.postgresql.package"/> = pkgs.postgresql_11;
</programlisting>
Note that you are required to specify the desired version of PostgreSQL
(e.g. <literal>pkgs.postgresql_11</literal>). Since upgrading your
PostgreSQL version requires a database dump and reload (see below), NixOS
cannot provide a default value for
<xref linkend="opt-services.postgresql.package"/> such as the most recent
release of PostgreSQL.
Note that you are required to specify the desired version of PostgreSQL (e.g. <literal>pkgs.postgresql_11</literal>). Since upgrading your PostgreSQL version requires a database dump and reload (see below), NixOS cannot provide a default value for <xref linkend="opt-services.postgresql.package"/> such as the most recent release of PostgreSQL.
</para>
<!--
@ -51,9 +43,7 @@ Type "help" for help.
-->
<para>
By default, PostgreSQL stores its databases in
<filename>/var/lib/postgresql/$psqlSchema</filename>. You can override this using
<xref linkend="opt-services.postgresql.dataDir"/>, e.g.
By default, PostgreSQL stores its databases in <filename>/var/lib/postgresql/$psqlSchema</filename>. You can override this using <xref linkend="opt-services.postgresql.dataDir"/>, e.g.
<programlisting>
<xref linkend="opt-services.postgresql.dataDir"/> = "/data/postgresql";
</programlisting>
@ -63,25 +53,83 @@ Type "help" for help.
<title>Upgrading</title>
<para>
FIXME: document dump/upgrade/load cycle.
Major PostgreSQL upgrade requires PostgreSQL downtime and a few imperative steps to be called. To simplify this process, use the following NixOS module:
<programlisting>
containers.temp-pg.config.services.postgresql = {
enable = true;
package = pkgs.postgresql_12;
## set a custom new dataDir
# dataDir = "/some/data/dir";
};
environment.systemPackages =
let newpg = config.containers.temp-pg.config.services.postgresql;
in [
(pkgs.writeScriptBin "upgrade-pg-cluster" ''
set -x
export OLDDATA="${config.services.postgresql.dataDir}"
export NEWDATA="${newpg.dataDir}"
export OLDBIN="${config.services.postgresql.package}/bin"
export NEWBIN="${newpg.package}/bin"
install -d -m 0700 -o postgres -g postgres "$NEWDATA"
cd "$NEWDATA"
sudo -u postgres $NEWBIN/initdb -D "$NEWDATA"
systemctl stop postgresql # old one
sudo -u postgres $NEWBIN/pg_upgrade \
--old-datadir "$OLDDATA" --new-datadir "$NEWDATA" \
--old-bindir $OLDBIN --new-bindir $NEWBIN \
"$@"
'')
];
</programlisting>
</para>
<para>
The upgrade process is:
</para>
<orderedlist>
<listitem>
<para>
Rebuild nixos configuration with the configuration above added to your <filename>configuration.nix</filename>. Alternatively, add that into separate file and reference it in <literal>imports</literal> list.
</para>
</listitem>
<listitem>
<para>
Login as root (<literal>sudo su -</literal>)
</para>
</listitem>
<listitem>
<para>
Run <literal>upgrade-pg-cluster</literal>. It will stop old postgresql, initialize new one and migrate old one to new one. You may supply arguments like <literal>--jobs 4</literal> and <literal>--link</literal> to speedup migration process. See <link xlink:href="https://www.postgresql.org/docs/current/pgupgrade.html" /> for details.
</para>
</listitem>
<listitem>
<para>
Change postgresql package in NixOS configuration to the one you were upgrading to, and change <literal>dataDir</literal> to the one you have migrated to. Rebuild NixOS. This should start new postgres using upgraded data directory.
</para>
</listitem>
<listitem>
<para>
After upgrade you may want to <literal>ANALYZE</literal> new db.
</para>
</listitem>
</orderedlist>
</section>
<section xml:id="module-services-postgres-options">
<title>Options</title>
<para>
A complete list of options for the PostgreSQL module may be found
<link linkend="opt-services.postgresql.enable">here</link>.
A complete list of options for the PostgreSQL module may be found <link linkend="opt-services.postgresql.enable">here</link>.
</para>
</section>
<section xml:id="module-services-postgres-plugins">
<title>Plugins</title>
<para>
Plugins collection for each PostgreSQL version can be accessed with
<literal>.pkgs</literal>. For example, for
<literal>pkgs.postgresql_11</literal> package, its plugin collection is
accessed by <literal>pkgs.postgresql_11.pkgs</literal>:
Plugins collection for each PostgreSQL version can be accessed with <literal>.pkgs</literal>. For example, for <literal>pkgs.postgresql_11</literal> package, its plugin collection is accessed by <literal>pkgs.postgresql_11.pkgs</literal>:
<screen>
<prompt>$ </prompt>nix repl '&lt;nixpkgs&gt;'
@ -98,8 +146,9 @@ postgresql_11.pkgs.pg_partman postgresql_11.pkgs.pgroonga
...
</screen>
</para>
<para>
To add plugins via NixOS configuration, set <literal>services.postgresql.extraPlugins</literal>:
To add plugins via NixOS configuration, set <literal>services.postgresql.extraPlugins</literal>:
<programlisting>
<xref linkend="opt-services.postgresql.package"/> = pkgs.postgresql_11;
<xref linkend="opt-services.postgresql.extraPlugins"/> = with pkgs.postgresql_11.pkgs; [
@ -108,10 +157,9 @@ postgresql_11.pkgs.pg_partman postgresql_11.pkgs.pgroonga
];
</programlisting>
</para>
<para>
You can build custom PostgreSQL-with-plugins (to be used outside of NixOS) using
function <literal>.withPackages</literal>. For example, creating a custom
PostgreSQL package in an overlay can look like:
You can build custom PostgreSQL-with-plugins (to be used outside of NixOS) using function <literal>.withPackages</literal>. For example, creating a custom PostgreSQL package in an overlay can look like:
<programlisting>
self: super: {
postgresql_custom = self.postgresql_11.withPackages (ps: [
@ -121,8 +169,9 @@ self: super: {
}
</programlisting>
</para>
<para>
Here's a recipe on how to override a particular plugin through an overlay:
Here's a recipe on how to override a particular plugin through an overlay:
<programlisting>
self: super: {
postgresql_11 = super.postgresql_11.override { this = self.postgresql_11; } // {

View File

@ -6,6 +6,10 @@ with lib;
{
meta = {
maintainers = teams.freedesktop.members;
};
###### interface
options = {

View File

@ -5,6 +5,10 @@
with lib;
{
meta = {
maintainers = with maintainers; [ worldofpeace ];
};
###### interface
options = {

View File

@ -6,6 +6,10 @@ with lib;
{
meta = {
maintainers = teams.gnome.members;
};
###### interface
options = {

View File

@ -4,6 +4,10 @@
with lib;
{
meta = {
maintainers = teams.gnome.members;
};
###### interface
options = {
services.gnome3.chrome-gnome-shell.enable = mkEnableOption ''

View File

@ -6,6 +6,10 @@ with lib;
{
meta = {
maintainers = teams.gnome.members;
};
###### interface
options = {
@ -16,7 +20,7 @@ with lib;
type = types.bool;
default = false;
description = ''
Whether to enable Evolution Data Server, a collection of services for
Whether to enable Evolution Data Server, a collection of services for
storing addressbooks and calendars.
'';
};

View File

@ -6,6 +6,10 @@ with lib;
{
meta = {
maintainers = teams.gnome.members;
};
###### interface
options = {

View File

@ -44,6 +44,10 @@ in
{
meta = {
maintainers = teams.gnome.members;
};
###### interface
options = {

View File

@ -6,6 +6,10 @@ with lib;
{
meta = {
maintainers = teams.gnome.members;
};
###### interface
options = {

View File

@ -6,6 +6,10 @@ with lib;
{
meta = {
maintainers = teams.gnome.members;
};
###### interface
options = {

View File

@ -6,6 +6,10 @@ with lib;
{
meta = {
maintainers = teams.gnome.members;
};
###### interface
options = {

View File

@ -4,6 +4,10 @@
with lib;
{
meta = {
maintainers = teams.gnome.members;
};
###### interface
options = {
services.gnome3.gnome-remote-desktop = {

View File

@ -12,6 +12,10 @@ in
{
meta = {
maintainers = teams.gnome.members;
};
imports = [
(mkRemovedOptionModule
["services" "gnome3" "gnome-settings-daemon" "package"]

View File

@ -6,6 +6,10 @@ with lib;
{
meta = {
maintainers = teams.gnome.members;
};
###### interface
options = {

View File

@ -4,6 +4,10 @@
with lib;
{
meta = {
maintainers = teams.gnome.members;
};
###### interface
options = {
services.gnome3.rygel = {

View File

@ -6,6 +6,10 @@ with lib;
{
meta = {
maintainers = teams.gnome.members;
};
###### interface
options = {

View File

@ -6,6 +6,10 @@ with lib;
{
meta = {
maintainers = teams.gnome.members;
};
###### interface
options = {
@ -25,7 +29,6 @@ with lib;
};
###### implementation
config = mkIf config.services.gnome3.tracker-miners.enable {

View File

@ -6,6 +6,10 @@ with lib;
{
meta = {
maintainers = teams.gnome.members;
};
###### interface
options = {

View File

@ -12,6 +12,10 @@ in
{
meta = {
maintainers = teams.gnome.members;
};
# Added 2019-08-19
imports = [
(mkRenamedOptionModule

View File

@ -1,18 +0,0 @@
# Contractor
{ config, pkgs, lib, ... }:
with lib;
{
###### implementation
config = mkIf config.services.pantheon.contractor.enable {
};
}

View File

@ -8,6 +8,11 @@ let
packages = with pkgs; [ pipewire ];
in {
meta = {
maintainers = teams.freedesktop.members;
};
###### interface
options = {
services.pipewire = {
@ -33,5 +38,4 @@ in {
systemd.user.sockets.pipewire.wantedBy = lib.mkIf cfg.socketActivation [ "sockets.target" ];
};
meta.maintainers = with lib.maintainers; [ jtojnar ];
}

View File

@ -6,6 +6,10 @@ with lib;
{
meta = {
maintainers = teams.gnome.members;
};
###### interface
options = {

View File

@ -18,6 +18,10 @@ in
"")
];
meta = {
maintainers = with maintainers; [ worldofpeace ];
};
###### interface
options = {

View File

@ -5,6 +5,11 @@
with lib;
{
meta = {
maintainers = with maintainers; [ worldofpeace ];
};
###### interface
options = {

View File

@ -25,8 +25,6 @@ let
StateDirectory = "sympa";
ProtectHome = true;
ProtectSystem = "full";
ProtectKernelTunables = true;
ProtectKernelModules = true;
ProtectControlGroups = true;
};
@ -415,7 +413,7 @@ in
# force-copy static_content so it's up to date with package
# set permissions for wwsympa which needs write access (...)
"R ${dataDir}/static_content - - - - -"
"C ${dataDir}/static_content 0711 ${user} ${group} - ${pkg}/static_content"
"C ${dataDir}/static_content 0711 ${user} ${group} - ${pkg}/var/lib/sympa/static_content"
"e ${dataDir}/static_content/* 0711 ${user} ${group} - -"
"d /run/sympa 0755 ${user} ${group} - -"
@ -497,7 +495,7 @@ in
-F ${toString cfg.web.fcgiProcs} \
-P /run/sympa/wwsympa.pid \
-s /run/sympa/wwsympa.socket \
-- ${pkg}/bin/wwsympa.fcgi
-- ${pkg}/lib/sympa/cgi/wwsympa.fcgi
'';
} // commonServiceConfig;
@ -518,7 +516,7 @@ in
fastcgi_split_path_info ^(${loc})(.*)$;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param SCRIPT_FILENAME ${pkg}/bin/wwsympa.fcgi;
fastcgi_param SCRIPT_FILENAME ${pkg}/lib/sympa/cgi/wwsympa.fcgi;
'';
}) // {
"/static-sympa/".alias = "${dataDir}/static_content/";
@ -550,7 +548,7 @@ in
args = [
"flags=hqRu"
"user=${user}"
"argv=${pkg}/bin/queue"
"argv=${pkg}/libexec/queue"
"\${nexthop}"
];
};
@ -562,7 +560,7 @@ in
args = [
"flags=hqRu"
"user=${user}"
"argv=${pkg}/bin/bouncequeue"
"argv=${pkg}/libexec/bouncequeue"
"\${nexthop}"
];
};

View File

@ -376,6 +376,59 @@ in
If enabled (the default), checks that Nix can parse the generated nix.conf.
'';
};
registry = mkOption {
type = types.attrsOf (types.submodule (
let
inputAttrs = types.attrsOf (types.oneOf [types.str types.int types.bool types.package]);
in
{ config, name, ... }:
{ options = {
from = mkOption {
type = inputAttrs;
example = { type = "indirect"; id = "nixpkgs"; };
description = "The flake reference to be rewritten.";
};
to = mkOption {
type = inputAttrs;
example = { type = "github"; owner = "my-org"; repo = "my-nixpkgs"; };
description = "The flake reference to which <option>from></option> is to be rewritten.";
};
flake = mkOption {
type = types.unspecified;
default = null;
example = literalExample "nixpkgs";
description = ''
The flake input to which <option>from></option> is to be rewritten.
'';
};
exact = mkOption {
type = types.bool;
default = true;
description = ''
Whether the <option>from</option> reference needs to match exactly. If set,
a <option>from</option> reference like <literal>nixpkgs</literal> does not
match with a reference like <literal>nixpkgs/nixos-20.03</literal>.
'';
};
};
config = {
from = mkDefault { type = "indirect"; id = name; };
to = mkIf (config.flake != null)
({ type = "path";
path = config.flake.outPath;
} // lib.filterAttrs
(n: v: n == "lastModified" || n == "rev" || n == "revCount" || n == "narHash")
config.flake);
};
}
));
default = {};
description = ''
A system-wide flake registry.
'';
};
};
};
@ -390,6 +443,11 @@ in
environment.etc."nix/nix.conf".source = nixConf;
environment.etc."nix/registry.json".text = builtins.toJSON {
version = 2;
flakes = mapAttrsToList (n: v: { inherit (v) from to exact; }) cfg.registry;
};
# List of machines for distributed Nix builds in the format
# expected by build-remote.pl.
environment.etc."nix/machines" =

View File

@ -98,13 +98,14 @@ in
Set of AFP volumes to export.
See <literal>man apf.conf</literal> for more information.
'';
example =
example = literalExample ''
{ srv =
{ path = "/srv";
"read only" = true;
"hosts allow" = "10.1.0.0/16 10.2.1.100 2001:0db8:1234::/48";
};
};
}
'';
};
extmap = mkOption {

View File

@ -74,13 +74,14 @@ in
See <command>man rsyncd.conf</command> for options.
'';
type = types.attrsOf (types.attrsOf types.str);
example =
example = literalExample ''
{ srv =
{ path = "/srv";
"read only" = "yes";
comment = "Public rsync share.";
};
};
}
'';
};
user = mkOption {

View File

@ -189,7 +189,7 @@ in
See <command>man smb.conf</command> for options.
'';
type = types.attrsOf (types.attrsOf types.unspecified);
example =
example = literalExample ''
{ public =
{ path = "/srv/public";
"read only" = true;
@ -197,7 +197,8 @@ in
"guest ok" = "yes";
comment = "Public samba share.";
};
};
}
'';
};
};

View File

@ -334,10 +334,12 @@ in {
nsrecord = mkOption {
type = types.attrsOf types.str;
default = { };
example = {
"files.local" = "192.168.1.12";
"site.local" = "192.168.1.43";
};
example = literalExample ''
{
"files.local" = "192.168.1.12";
"site.local" = "192.168.1.43";
}
'';
description = "Adds static nsrecords.";
};
};

View File

@ -61,10 +61,12 @@ in {
Table of {hostname: server} pairs to use as authoritative servers for hosts (and subhosts).
If entry for @ is not specified predefined list of root servers is used.
'';
example = {
"@" = ["8.8.8.8" "8.8.4.4"];
"example.com" = ["192.168.100.100"];
};
example = literalExample ''
{
"@" = ["8.8.8.8" "8.8.4.4"];
"example.com" = ["192.168.100.100"];
}
'';
};
forwardOnly = mkOption {

View File

@ -0,0 +1,43 @@
{ config, lib, pkgs, ... }:
let
cfg = config.services.mullvad-vpn;
in
with lib;
{
options.services.mullvad-vpn.enable = mkOption {
type = types.bool;
default = false;
description = ''
This option enables Mullvad VPN daemon.
'';
};
config = mkIf cfg.enable {
boot.kernelModules = [ "tun" ];
systemd.services.mullvad-daemon = {
description = "Mullvad VPN daemon";
wantedBy = [ "multi-user.target" ];
wants = [ "network.target" ];
after = [
"network-online.target"
"NetworkManager.service"
"systemd-resolved.service"
];
path = [
pkgs.iproute
# Needed for ping
"/run/wrappers"
];
serviceConfig = {
StartLimitBurst = 5;
StartLimitIntervalSec = 20;
ExecStart = "${pkgs.mullvad-vpn}/bin/mullvad-daemon -v --disable-stdout-timestamps";
Restart = "always";
RestartSec = 1;
};
};
};
meta.maintainers = [ maintainers.xfix ];
}

View File

@ -43,7 +43,7 @@ let
timeout = mkOption {
type = types.int;
description = ''
Controls how long to wait for a Neighbor Advertisment Message before
Controls how long to wait for a Neighbor Advertisment Message before
invalidating the entry, in milliseconds.
'';
default = 500;
@ -51,7 +51,7 @@ let
ttl = mkOption {
type = types.int;
description = ''
Controls how long a valid or invalid entry remains in the cache, in
Controls how long a valid or invalid entry remains in the cache, in
milliseconds.
'';
default = 30000;
@ -142,7 +142,11 @@ in {
messages, and respond to them according to a set of rules.
'';
default = {};
example = { eth0.rules."1111::/64" = {}; };
example = literalExample ''
{
eth0.rules."1111::/64" = {};
}
'';
};
};

View File

@ -131,6 +131,10 @@ let
in {
meta = {
maintainers = teams.freedesktop.members;
};
###### interface
options = {

View File

@ -0,0 +1,134 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.pixiecore;
in
{
meta.maintainers = with maintainers; [ bbigras danderson ];
options = {
services.pixiecore = {
enable = mkEnableOption "Pixiecore";
openFirewall = mkOption {
type = types.bool;
default = false;
description = ''
Open ports (67, 69 UDP and 4011, 'port', 'statusPort' TCP) in the firewall for Pixiecore.
'';
};
mode = mkOption {
description = "Which mode to use";
default = "boot";
type = types.enum [ "api" "boot" ];
};
debug = mkOption {
type = types.bool;
default = false;
description = "Log more things that aren't directly related to booting a recognized client";
};
dhcpNoBind = mkOption {
type = types.bool;
default = false;
description = "Handle DHCP traffic without binding to the DHCP server port";
};
kernel = mkOption {
type = types.str or types.path;
default = "";
description = "Kernel path. Ignored unless mode is set to 'boot'";
};
initrd = mkOption {
type = types.str or types.path;
default = "";
description = "Initrd path. Ignored unless mode is set to 'boot'";
};
cmdLine = mkOption {
type = types.str;
default = "";
description = "Kernel commandline arguments. Ignored unless mode is set to 'boot'";
};
listen = mkOption {
type = types.str;
default = "0.0.0.0";
description = "IPv4 address to listen on";
};
port = mkOption {
type = types.port;
default = 80;
description = "Port to listen on for HTTP";
};
statusPort = mkOption {
type = types.port;
default = 80;
description = "HTTP port for status information (can be the same as --port)";
};
apiServer = mkOption {
type = types.str;
example = "localhost:8080";
description = "host:port to connect to the API. Ignored unless mode is set to 'api'";
};
extraArguments = mkOption {
type = types.listOf types.str;
default = [];
description = "Additional command line arguments to pass to Pixiecore";
};
};
};
config = mkIf cfg.enable {
users.groups.pixiecore = {};
users.users.pixiecore = {
description = "Pixiecore daemon user";
group = "pixiecore";
};
networking.firewall = mkIf cfg.openFirewall {
allowedTCPPorts = [ 4011 cfg.port cfg.statusPort ];
allowedUDPPorts = [ 67 69 ];
};
systemd.services.pixiecore = {
description = "Pixiecore server";
after = [ "network.target"];
wants = [ "network.target"];
wantedBy = [ "multi-user.target"];
serviceConfig = {
User = "pixiecore";
Restart = "always";
AmbientCapabilities = [ "cap_net_bind_service" ] ++ optional cfg.dhcpNoBind "cap_net_raw";
ExecStart =
let
argString =
if cfg.mode == "boot"
then [ "boot" cfg.kernel ]
++ optional (cfg.initrd != "") cfg.initrd
++ optional (cfg.cmdLine != "") "--cmdline=${lib.escapeShellArg cfg.cmdLine}"
else [ "api" cfg.apiServer ];
in
''
${pkgs.pixiecore}/bin/pixiecore \
${lib.escapeShellArgs argString} \
${optionalString cfg.debug "--debug"} \
${optionalString cfg.dhcpNoBind "--dhcp-no-bind"} \
--listen-addr ${lib.escapeShellArg cfg.listen} \
--port ${toString cfg.port} \
--status-port ${toString cfg.statusPort} \
${escapeShellArgs cfg.extraArguments}
'';
};
};
};
}

View File

@ -4,7 +4,7 @@ let
inherit (builtins) toFile;
inherit (lib) concatMapStringsSep concatStringsSep mapAttrsToList
mkIf mkEnableOption mkOption types;
mkIf mkEnableOption mkOption types literalExample;
cfg = config.services.strongswan;
@ -79,19 +79,21 @@ in
connections = mkOption {
type = types.attrsOf (types.attrsOf types.str);
default = {};
example = {
"%default" = {
keyexchange = "ikev2";
keyingtries = "1";
};
roadwarrior = {
auto = "add";
leftcert = "/run/keys/moonCert.pem";
leftid = "@moon.strongswan.org";
leftsubnet = "10.1.0.0/16";
right = "%any";
};
};
example = literalExample ''
{
"%default" = {
keyexchange = "ikev2";
keyingtries = "1";
};
roadwarrior = {
auto = "add";
leftcert = "/run/keys/moonCert.pem";
leftid = "@moon.strongswan.org";
leftsubnet = "10.1.0.0/16";
right = "%any";
};
}
'';
description = ''
A set of connections and their options for the conn xxx
sections of the <filename>ipsec.conf</filename> file.

View File

@ -169,12 +169,14 @@ in {
description = ''
folders which should be shared by syncthing.
'';
example = {
"/home/user/sync" = {
id = "syncme";
devices = [ "bigbox" ];
};
};
example = literalExample ''
{
"/home/user/sync" = {
id = "syncme";
devices = [ "bigbox" ];
};
}
'';
type = types.attrsOf (types.submodule ({ name, ... }: {
options = {

View File

@ -302,7 +302,7 @@ in {
###### implementation
config = mkIf (cfg.interfaces != {}) {
boot.extraModulePackages = [ kernel.wireguard ];
boot.extraModulePackages = optional (versionOlder kernel.kernel.version "5.6") kernel.wireguard;
environment.systemPackages = [ pkgs.wireguard-tools ];
# This is forced to false for now because the default "--validmark" rpfilter we apply on reverse path filtering
# breaks the wg-quick routing because wireguard packets leave with a fwmark from wireguard.

View File

@ -299,5 +299,5 @@ in
])));
};
meta.maintainers = with lib.maintainers; [ b42 ];
meta.maintainers = with lib.maintainers; [ mmilata ];
}

View File

@ -46,9 +46,11 @@ in
https://www.jetbrains.com/help/youtrack/standalone/YouTrack-Java-Start-Parameters.html
for more information.
'';
example = {
"jetbrains.youtrack.overrideRootPassword" = "tortuga";
};
example = literalExample ''
{
"jetbrains.youtrack.overrideRootPassword" = "tortuga";
}
'';
type = types.attrsOf types.str;
};

View File

@ -57,6 +57,10 @@ in
{
meta = {
maintainers = teams.gnome.members;
};
options = {
services.gnome3 = {

View File

@ -8,6 +8,10 @@ in
{
meta = {
maintainers = with maintainers; [ worldofpeace ];
};
imports = [
# added 2019-08-18
# needed to preserve some semblance of UI familarity

View File

@ -3,6 +3,7 @@
, gobject-introspection
, python3
, wrapGAppsHook
, lib
}:
python3.pkgs.buildPythonApplication {
@ -36,4 +37,8 @@ python3.pkgs.buildPythonApplication {
cp $src $out/bin/set-session
chmod +x $out/bin/set-session
'';
meta = with lib; {
maintainers = with maintainers; [ worldofpeace ];
};
}

View File

@ -54,14 +54,6 @@ let
exec &> >(tee ~/.xsession-errors)
''}
# Start PulseAudio if enabled.
${optionalString (config.hardware.pulseaudio.enable) ''
# Publish access credentials in the root window.
if ${config.hardware.pulseaudio.package.out}/bin/pulseaudio --dump-modules | grep module-x11-publish &> /dev/null; then
${config.hardware.pulseaudio.package.out}/bin/pactl load-module module-x11-publish "display=$DISPLAY"
fi
''}
# Tell systemd about our $DISPLAY and $XAUTHORITY.
# This is needed by the ssh-agent unit.
#

View File

@ -38,6 +38,10 @@ in
{
meta = {
maintainers = teams.gnome.members;
};
###### interface
options = {

View File

@ -10,6 +10,10 @@ let
in
{
meta = {
maintainers = with maintainers; [ worldofpeace ];
};
options = {
services.xserver.displayManager.lightdm.greeters.pantheon = {

View File

@ -69,6 +69,10 @@ let
in
{
meta = {
maintainers = with maintainers; [ worldofpeace ];
};
# Note: the order in which lightdm greeter modules are imported
# here determines the default: later modules (if enable) are
# preferred.

View File

@ -433,6 +433,7 @@ in
services.zfs.zed.settings = {
ZED_EMAIL_PROG = mkDefault "${pkgs.mailutils}/bin/mail";
PATH = lib.makeBinPath [ packages.zfsUser pkgs.utillinux pkgs.gawk pkgs.gnused pkgs.gnugrep pkgs.coreutils pkgs.curl ];
};
environment.etc = genAttrs

View File

@ -609,9 +609,11 @@ in
bindMounts = mkOption {
type = with types; loaOf (submodule bindMountOpts);
default = {};
example = { "/home" = { hostPath = "/home/alice";
isReadOnly = false; };
};
example = literalExample ''
{ "/home" = { hostPath = "/home/alice";
isReadOnly = false; };
}
'';
description =
''

View File

@ -51,6 +51,8 @@ let
hashed-mirrors =
connect-timeout = 1
'';
# save some memory
documentation.enable = false;
};
# /etc/nixos/configuration.nix for the vm
configFile = pkgs.writeText "configuration.nix" ''

View File

@ -1,5 +1,5 @@
{ mkDerivation, lib, fetchFromGitHub, cmake, pkgconfig, vlc
, qtbase, qtmultimedia, qtsvg, qttools
{ mkDerivation, lib, fetchFromGitHub, cmake, pkgconfig
, qtbase, qtsvg, qttools
# Cantata doesn't build with cdparanoia enabled so we disable that
# default for now until I (or someone else) figure it out.
@ -9,12 +9,14 @@
, withMusicbrainz ? false, libmusicbrainz5
, withTaglib ? true, taglib, taglib_extras
, withHttpStream ? true, qtmultimedia
, withReplaygain ? true, ffmpeg, speex, mpg123
, withMtp ? true, libmtp
, withOnlineServices ? true
, withDevices ? true, udisks2
, withDynamic ? true
, withHttpServer ? true
, withLibVlc ? false, vlc
, withStreams ? true
}:
@ -26,6 +28,7 @@ assert withMtp -> withTaglib;
assert withMusicbrainz -> withCdda && withTaglib;
assert withOnlineServices -> withTaglib;
assert withReplaygain -> withTaglib;
assert withLibVlc -> withHttpStream;
let
version = "2.4.1";
@ -45,15 +48,17 @@ in mkDerivation {
sha256 = "0ix7xp352bziwz31mw79y7wxxmdn6060p8ry2px243ni1lz1qx1c";
};
buildInputs = [ vlc qtbase qtmultimedia qtsvg ]
buildInputs = [ qtbase qtsvg ]
++ lib.optionals withTaglib [ taglib taglib_extras ]
++ lib.optionals withReplaygain [ ffmpeg speex mpg123 ]
++ lib.optional withHttpStream qtmultimedia
++ lib.optional withCdda cdparanoia
++ lib.optional withCddb libcddb
++ lib.optional withLame lame
++ lib.optional withMtp libmtp
++ lib.optional withMusicbrainz libmusicbrainz5
++ lib.optional withUdisks udisks2;
++ lib.optional withUdisks udisks2
++ lib.optional withLibVlc vlc;
nativeBuildInputs = [ cmake pkgconfig qttools ];
@ -62,6 +67,7 @@ in mkDerivation {
cmakeFlags = lib.flatten [
(fstats withTaglib [ "TAGLIB" "TAGLIB_EXTRAS" ])
(fstats withReplaygain [ "FFMPEG" "MPG123" "SPEEXDSP" ])
(fstat withHttpStream "HTTP_STREAM_PLAYBACK")
(fstat withCdda "CDPARANOIA")
(fstat withCddb "CDDB")
(fstat withLame "LAME")
@ -71,6 +77,7 @@ in mkDerivation {
(fstat withDynamic "DYNAMIC")
(fstat withDevices "DEVICES_SUPPORT")
(fstat withHttpServer "HTTP_SERVER")
(fstat withLibVlc "LIBVLC")
(fstat withStreams "STREAMS")
(fstat withUdisks "UDISKS2")
"-DENABLE_HTTPS_SUPPORT=ON"

View File

@ -7,13 +7,13 @@
stdenv.mkDerivation rec {
pname = "ft2-clone";
version = "1.09";
version = "1.15";
src = fetchFromGitHub {
owner = "8bitbubsy";
repo = "ft2-clone";
rev = "v${version}";
sha256 = "18my7fywaf66rq8phsly8lglxzpglran8rj27fvwgpni8098ic7d";
sha256 = "19xgdaij71gpvq216zjlp60zmfdl2a8kf8sc3bpk8a4d4xh4n151";
};
nativeBuildInputs = [ cmake ];

View File

@ -23,7 +23,7 @@
python3.pkgs.buildPythonApplication rec {
pname = "lollypop";
version = "1.2.23";
version = "1.2.32";
format = "other";
doCheck = false;
@ -32,7 +32,7 @@ python3.pkgs.buildPythonApplication rec {
url = "https://gitlab.gnome.org/World/lollypop";
rev = "refs/tags/${version}";
fetchSubmodules = true;
sha256 = "059z7ri5qwkmfh2kvv8rq5wp80mz75423wc5hnm33wb9sgdd5x47";
sha256 = "03x6qihd349pq5lmgahb77sys60g16v5v6qkdlzf8k88451k8p7n";
};
nativeBuildInputs = [

View File

@ -2,13 +2,15 @@
, withALSA ? true, alsaLib ? null
, withPulseAudio ? false, libpulseaudio ? null
, withPortAudio ? false, portaudio ? null
, withMPRIS ? false, dbus ? null
}:
let
features = [ "cursive/pancurses-backend" ]
++ lib.optional withALSA "alsa_backend"
++ lib.optional withPulseAudio "pulseaudio_backend"
++ lib.optional withPortAudio "portaudio_backend";
++ lib.optional withPortAudio "portaudio_backend"
++ lib.optional withMPRIS "mpris";
in
rustPlatform.buildRustPackage rec {
pname = "ncspot";
@ -30,7 +32,8 @@ rustPlatform.buildRustPackage rec {
buildInputs = [ ncurses openssl ]
++ lib.optional withALSA alsaLib
++ lib.optional withPulseAudio libpulseaudio
++ lib.optional withPortAudio portaudio;
++ lib.optional withPortAudio portaudio
++ lib.optional withMPRIS dbus;
doCheck = false;

View File

@ -1,7 +1,15 @@
{ stdenv, python3Packages, fetchFromGitHub, gettext, chromaprint, qt5 }:
{ stdenv, python3Packages, fetchFromGitHub, gettext, chromaprint, qt5
, enablePlayback ? true
, gst_all_1
}:
let
pythonPackages = python3Packages;
pyqt5 = if enablePlayback then
pythonPackages.pyqt5_with_qtmultimedia
else
pythonPackages.pyqt5
;
in pythonPackages.buildPythonApplication rec {
pname = "picard";
version = "2.3.1";
@ -13,7 +21,16 @@ in pythonPackages.buildPythonApplication rec {
sha256 = "0xalg4dvaqb396h4s6gzxnplgv1lcvsczmmrlhyrj0kfj10amhsj";
};
nativeBuildInputs = [ gettext qt5.wrapQtAppsHook qt5.qtbase ];
nativeBuildInputs = [ gettext qt5.wrapQtAppsHook qt5.qtbase ]
++ stdenv.lib.optionals (pyqt5.multimediaEnabled) [
qt5.qtmultimedia.bin
gst_all_1.gstreamer
gst_all_1.gst-vaapi
gst_all_1.gst-libav
gst_all_1.gst-plugins-base
gst_all_1.gst-plugins-good
]
;
propagatedBuildInputs = with pythonPackages; [
pyqt5
@ -27,10 +44,14 @@ in pythonPackages.buildPythonApplication rec {
substituteInPlace setup.cfg --replace "" "'"
'';
installPhase = ''
python setup.py install --prefix="$out"
wrapQtApp $out/bin/picard
'';
# In order to spare double wrapping, we use:
preFixup = ''
makeWrapperArgs+=("''${qtWrapperArgs[@]}")
''
+ stdenv.lib.optionalString (pyqt5.multimediaEnabled) ''
makeWrapperArgs+=(--prefix GST_PLUGIN_SYSTEM_PATH_1_0 : "$GST_PLUGIN_SYSTEM_PATH_1_0")
''
;
meta = with stdenv.lib; {
homepage = "https://picard.musicbrainz.org/";

View File

@ -7,13 +7,13 @@
stdenv.mkDerivation rec {
pname = "pt2-clone";
version = "1.06";
version = "1.07";
src = fetchFromGitHub {
owner = "8bitbubsy";
repo = "pt2-clone";
rev = "v${version}";
sha256 = "00zifwiprd3i60z4pf4471jxbc33vh9p30ib0lnzwpgjz5pnxqnr";
sha256 = "0g2bp9n05ng2fvqw86pb941zamcqnfz1l066wvh5j3av1w22khi8";
};
nativeBuildInputs = [ cmake ];

View File

@ -46,13 +46,13 @@ let
];
in stdenv.mkDerivation rec {
pname = "pulseeffects";
version = "4.7.1";
version = "4.7.2";
src = fetchFromGitHub {
owner = "wwmm";
repo = "pulseeffects";
rev = "v${version}";
sha256 = "1r1hk5zp2cgrwyqkvp8kg2dkbihdyx3ydzhmirkwya8jag9pwadd";
sha256 = "1yga25da5bpg12zkikp6dn4wqhn9f7r10awvjzfcz8s6w9xlz6rx";
};
nativeBuildInputs = [

View File

@ -7,13 +7,13 @@ with stdenv.lib;
mkDerivation rec {
name = "bitcoin" + (toString (optional (!withGui) "d")) + "-abc-" + version;
version = "0.21.1";
version = "0.21.3";
src = fetchFromGitHub {
owner = "bitcoin-ABC";
repo = "bitcoin-abc";
rev = "v${version}";
sha256 = "1aswgmzqk3vhxhp5k0m0awk22lf5ayaqg2cmlqy12jvfmpka9lrj";
sha256 = "1pzdgghbsss2qjfgl42lvkbs5yc5q6jnzqnp24lljmrh341g2zn4";
};
patches = [ ./fix-bitcoin-qt-build.patch ];

View File

@ -2,16 +2,16 @@
buildGoModule rec {
pname = "go-ethereum";
version = "1.9.11";
version = "1.9.12";
src = fetchFromGitHub {
owner = "ethereum";
repo = pname;
rev = "v${version}";
sha256 = "0xhkdxn5ajzi05252is5whqank81xy94jp1l5z2a44rajv8rh9vs";
sha256 = "143imiphyzk3009cfnqj7q013pb1wva13zq63byfj3d204b58cg6";
};
modSha256 = "0jcj0knkhyndndyv1j9xhgbg5psagvyd27ailna3x9ikjlb8f7gg";
modSha256 = "15a8if5gx361nrqgv201jy8saq1ir1g18rpqzdmavg4ic75si5x1";
subPackages = [
"cmd/abigen"

View File

@ -2,11 +2,11 @@
stdenv.mkDerivation rec {
pname = "tessera";
version = "0.10.2";
version = "0.10.4";
src = fetchurl {
url = "https://oss.sonatype.org/service/local/repositories/releases/content/com/jpmorgan/quorum/${pname}-app/${version}/${pname}-app-${version}-app.jar";
sha256 = "1zn8w7q0q5man0407kb82lw4mlvyiy9whq2f6izf2b5415f9s0m4";
sha256 = "1sqj0mc80922yavx9hlwnl1kpmavpza2g2aycz1qd0zv0s31z9wj";
};
nativeBuildInputs = [ makeWrapper ];

View File

@ -8,9 +8,9 @@ let
inherit (gnome2) GConf gnome_vfs;
};
stableVersion = {
version = "3.6.1.0"; # "Android Studio 3.6.1"
build = "192.6241897";
sha256Hash = "1mwzk18224bl8hbw9cdxwzgj5cfain4y70q64cpj4p0snffxqm77";
version = "3.6.2.0"; # "Android Studio 3.6.2"
build = "192.6308749";
sha256Hash = "04r4iwlmns1lf3wfd32cqmndbdz9rf7hfbi5r6qmvpi8j83fghvr";
};
betaVersion = {
version = "4.0.0.12"; # "Android Studio 4.0 Beta 3"

View File

@ -1,4 +1,4 @@
{ stdenv, fetchFromGitHub, meson, ninja, cmake
{ stdenv, fetchFromGitLab, meson, ninja, cmake
, wrapGAppsHook, pkgconfig, desktop-file-utils
, appstream-glib, pythonPackages, glib, gobject-introspection
, gtk3, webkitgtk, glib-networking, gnome3, gspell, texlive
@ -10,14 +10,15 @@ let
texliveDist = texlive.combined.scheme-medium;
in stdenv.mkDerivation rec {
pname = "uberwriter";
version = "unstable-2020-01-24";
pname = "apostrophe";
version = "unstable-2020-03-29";
src = fetchFromGitHub {
owner = pname;
src = fetchFromGitLab {
owner = "somas";
repo = pname;
rev = "0647b413407eb8789a25c353602c4ac979dc342a";
sha256 = "19z52fpbf0p7dzx7q0r5pk3nn0c8z69g1hv6db0cqp61cqv5z95q";
domain = "gitlab.gnome.org";
rev = "219fa8976e3b8a6f0cea15cfefe4e336423f2bdb";
sha256 = "192n5qs3x6rx62mqxd6wajwm453pns8kjyz5v3xc891an6bm1kqx";
};
nativeBuildInputs = [ meson ninja cmake pkgconfig desktop-file-utils
@ -30,10 +31,10 @@ in stdenv.mkDerivation rec {
postPatch = ''
patchShebangs --build build-aux/meson_post_install.py
substituteInPlace uberwriter/config.py --replace "/usr/share/uberwriter" "$out/share/uberwriter"
substituteInPlace ${pname}/config.py --replace "/usr/share/${pname}" "$out/share/${pname}"
# get rid of unused distributed dependencies
rm -r uberwriter/{pylocales,pressagio}
rm -r ${pname}/pylocales
'';
preFixup = ''
@ -46,7 +47,7 @@ in stdenv.mkDerivation rec {
'';
meta = with stdenv.lib; {
homepage = http://uberwriter.github.io/uberwriter/;
homepage = "https://gitlab.gnome.org/somas/apostrophe";
description = "A distraction free Markdown editor for GNU/Linux";
license = licenses.gpl3;
platforms = platforms.linux;

View File

@ -0,0 +1,28 @@
{ stdenv, fetchFromGitHub,
qmake, qtbase, qtxmlpatterns, qtsvg, qtscxml, qtquick1, libGLU }:
stdenv.mkDerivation rec {
name = "qxmledit-${version}" ;
version = "0.9.15" ;
src = fetchFromGitHub ( stdenv.lib.importJSON ./qxmledit.json ) ;
nativeBuildInputs = [ qmake ] ;
buildInputs = [ qtbase qtxmlpatterns qtsvg qtscxml qtquick1 libGLU ] ;
qmakeFlags = [ "CONFIG+=release" ] ;
outputs = [ "out" "doc" ] ;
preConfigure = ''
export QXMLEDIT_INST_DATA_DIR="$out/share/data"
export QXMLEDIT_INST_TRANSLATIONS_DIR="$out/share/i18n"
export QXMLEDIT_INST_INCLUDE_DIR="$out/include"
export QXMLEDIT_INST_DIR="$out/bin"
export QXMLEDIT_INST_LIB_DIR="$out/lib"
export QXMLEDIT_INST_DOC_DIR="$doc"
'';
meta = with stdenv.lib; {
description = "Simple XML editor based on qt libraries" ;
homepage = https://sourceforge.net/projects/qxmledit;
license = licenses.lgpl2;
platforms = platforms.all;
} ;
}

View File

@ -0,0 +1,6 @@
{
"owner": "lbellonda",
"repo": "qxmledit",
"rev": "6136dca50ceb3b4447c91a7a18dcf84785ea11d1",
"sha256": "1wcnphalwf0a5gz9r44jgk8wcv1w2qipbwjkbzkra2kxanxns834"
}

View File

@ -5,13 +5,13 @@
mkDerivation rec {
pname = "texworks";
version = "0.6.4";
version = "0.6.5";
src = fetchFromGitHub {
owner = "TeXworks";
repo = "texworks";
rev = "release-${version}";
sha256 = "0d7f23c6c1wj4aii4h5w9piv01qfb69zrd79dvxwydrk99i8gnl4";
sha256 = "1lw1p4iyzxypvjhnav11g6rwf6gx7kyzwy2iprvv8zzpqcdkjp2z";
};
nativeBuildInputs = [ cmake pkg-config ];

View File

@ -25,7 +25,7 @@ in
comment = "Code Editing. Redefined.";
genericName = "Text Editor";
exec = executableName;
icon = "@out@/share/pixmaps/code.png";
icon = "code";
startupNotify = "true";
categories = "Utility;TextEditor;Development;IDE;";
mimeType = "text/plain;inode/directory;";
@ -37,7 +37,7 @@ in
[Desktop Action new-empty-window]
Name=New Empty Window
Exec=${executableName} --new-window %F
Icon=@out@/share/pixmaps/code.png
Icon=code
'';
};
@ -47,7 +47,7 @@ in
comment = "Code Editing. Redefined.";
genericName = "Text Editor";
exec = executableName + " --open-url %U";
icon = "@out@/share/pixmaps/code.png";
icon = "code";
startupNotify = "true";
categories = "Utility;TextEditor;Development;IDE;";
mimeType = "x-scheme-handler/vscode;";
@ -83,10 +83,8 @@ in
ln -s $out/lib/vscode/bin/${executableName} $out/bin
mkdir -p $out/share/applications
substitute $desktopItem/share/applications/${executableName}.desktop $out/share/applications/${executableName}.desktop \
--subst-var out
substitute $urlHandlerDesktopItem/share/applications/${executableName}-url-handler.desktop $out/share/applications/${executableName}-url-handler.desktop \
--subst-var out
ln -s $desktopItem/share/applications/${executableName}.desktop $out/share/applications/${executableName}.desktop
ln -s $urlHandlerDesktopItem/share/applications/${executableName}-url-handler.desktop $out/share/applications/${executableName}-url-handler.desktop
mkdir -p $out/share/pixmaps
cp $out/lib/vscode/resources/app/resources/linux/code.png $out/share/pixmaps/code.png

Some files were not shown because too many files have changed in this diff Show More