JakeHillion/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge staging-next into staging

Browse Source
This commit is contained in:
Frederik Rietdijk 2020-04-03 21:55:10 +02:00
commit edaa972160
363 changed files with 6652 additions and 4226 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
.github/CODEOWNERS vendored
View File

@ -82,8 +82,8 @@
/pkgs/development/r-modules @peti /pkgs/development/r-modules @peti
# Ruby # Ruby
/pkgs/development/interpreters/ruby @alyssais @zimbatm /pkgs/development/interpreters/ruby @alyssais
/pkgs/development/ruby-modules @alyssais @zimbatm /pkgs/development/ruby-modules @alyssais
# Rust # Rust
/pkgs/development/compilers/rust @Mic92 @LnL7 /pkgs/development/compilers/rust @Mic92 @LnL7

7
doc/languages-frameworks/vim.section.md
View File

@ -261,12 +261,7 @@ deoplete-fish = super.deoplete-fish.overrideAttrs(old: {
Sometimes plugins require an override that must be changed when the plugin is updated. This can cause issues when Vim plugins are auto-updated but the associated override isn't updated. For these plugins, the override should be written so that it specifies all information required to install the plugin, and running `./update.py` doesn't change the derivation for the plugin. Manually updating the override is required to update these types of plugins. An example of such a plugin is `LanguageClient-neovim`. Sometimes plugins require an override that must be changed when the plugin is updated. This can cause issues when Vim plugins are auto-updated but the associated override isn't updated. For these plugins, the override should be written so that it specifies all information required to install the plugin, and running `./update.py` doesn't change the derivation for the plugin. Manually updating the override is required to update these types of plugins. An example of such a plugin is `LanguageClient-neovim`.
To add a new plugin: To add a new plugin, run `./update.py --add "[owner]/[name]"`. **NOTE**: This script automatically commits to your git repository. Be sure to check out a fresh branch before running.
1. run `./update.py` and create a commit named "vimPlugins: Update",
2. add the new plugin to [vim-plugin-names](/pkgs/misc/vim-plugins/vim-plugin-names) and add overrides if required to [overrides.nix](/pkgs/misc/vim-plugins/overrides.nix),
3. run `./update.py` again and create a commit named "vimPlugins.[name]: init at [version]" (where `name` and `version` can be found in [generated.nix](/pkgs/misc/vim-plugins/generated.nix)), and
4. create a pull request.
## Important repositories ## Important repositories

2
doc/preface.chapter.md
View File

@ -37,7 +37,7 @@ security updates. More up to date packages and modules are available via the
Both `nixos-unstable` and `nixpkgs` follow the `master` branch of the Nixpkgs Both `nixos-unstable` and `nixpkgs` follow the `master` branch of the Nixpkgs
repository, although both do lag the `master` branch by generally repository, although both do lag the `master` branch by generally
[a couple of days](https://howoldis.herokuapp.com/). Updates to a channel are [a couple of days](https://status.nixos.org/). Updates to a channel are
distributed as soon as all tests for that channel pass, e.g. distributed as soon as all tests for that channel pass, e.g.
[this table](https://hydra.nixos.org/job/nixpkgs/trunk/unstable#tabs-constituents) [this table](https://hydra.nixos.org/job/nixpkgs/trunk/unstable#tabs-constituents)
shows the status of tests for the `nixpkgs` channel. shows the status of tests for the `nixpkgs` channel.

2
flake.nix
View File

@ -25,7 +25,7 @@
import ./nixos/lib/eval-config.nix (args // { import ./nixos/lib/eval-config.nix (args // {
modules = modules ++ modules = modules ++
[ { system.nixos.versionSuffix = [ { system.nixos.versionSuffix =
".${lib.substring 0 8 self.lastModified}.${self.shortRev or "dirty"}"; ".${lib.substring 0 8 (self.lastModifiedDate or self.lastModified)}.${self.shortRev or "dirty"}";
system.nixos.revision = lib.mkIf (self ? rev) self.rev; system.nixos.revision = lib.mkIf (self ? rev) self.rev;
} }
]; ];

4
lib/attrsets.nix
View File

@ -4,7 +4,7 @@
let let
inherit (builtins) head tail length; inherit (builtins) head tail length;
inherit (lib.trivial) and; inherit (lib.trivial) and;
inherit (lib.strings) concatStringsSep; inherit (lib.strings) concatStringsSep sanitizeDerivationName;
inherit (lib.lists) fold concatMap concatLists; inherit (lib.lists) fold concatMap concatLists;
in in
@ -310,7 +310,7 @@ rec {
path' = builtins.storePath path; path' = builtins.storePath path;
res = res =
{ type = "derivation"; { type = "derivation";
name = builtins.unsafeDiscardStringContext (builtins.substring 33 (-1) (baseNameOf path')); name = sanitizeDerivationName (builtins.substring 33 (-1) (baseNameOf path'));
outPath = path'; outPath = path';
outputs = [ "out" ]; outputs = [ "out" ];
out = res; out = res;

5
lib/licenses.nix
View File

@ -682,6 +682,11 @@ lib.mapAttrs (n: v: v // { shortName = n; }) {
# channel and NixOS images. # channel and NixOS images.
}; };
unicode-dfs-2016 = spdx {
spdxId = "Unicode-DFS-2016";
fullName = "Unicode License Agreement - Data Files and Software (2016)";
};
unlicense = spdx { unlicense = spdx {
spdxId = "Unlicense"; spdxId = "Unlicense";
fullName = "The Unlicense"; fullName = "The Unlicense";

32
lib/strings.nix
View File

@ -678,4 +678,36 @@ rec {
=> "1.0" => "1.0"
*/ */
fileContents = file: removeSuffix "\n" (builtins.readFile file); fileContents = file: removeSuffix "\n" (builtins.readFile file);
/* Creates a valid derivation name from a potentially invalid one.
Type: sanitizeDerivationName :: String -> String
Example:
sanitizeDerivationName "../hello.bar # foo"
=> "-hello.bar-foo"
sanitizeDerivationName ""
=> "unknown"
sanitizeDerivationName pkgs.hello
=> "-nix-store-2g75chlbpxlrqn15zlby2dfh8hr9qwbk-hello-2.10"
*/
sanitizeDerivationName = string: lib.pipe string [
# Get rid of string context. This is safe under the assumption that the
# resulting string is only used as a derivation name
builtins.unsafeDiscardStringContext
# Strip all leading "."
(x: builtins.elemAt (builtins.match "\\.*(.*)" x) 0)
# Split out all invalid characters
# https://github.com/NixOS/nix/blob/2.3.2/src/libstore/store-api.cc#L85-L112
# https://github.com/NixOS/nix/blob/2242be83c61788b9c0736a92bb0b5c7bbfc40803/nix-rust/src/store/path.rs#L100-L125
(builtins.split "[^[:alnum:]+._?=-]+")
# Replace invalid character ranges with a "-"
(concatMapStrings (s: if lib.isList s then "-" else s))
# Limit to 211 characters (minus 4 chars for ".drv")
(x: substring (lib.max (stringLength x - 207) 0) (-1) x)
# If the result is empty, replace it with "unknown"
(x: if stringLength x == 0 then "unknown" else x)
];
} }

42
lib/tests/misc.nix
View File

@ -3,6 +3,23 @@
# if the resulting list is empty, all tests passed # if the resulting list is empty, all tests passed
with import ../default.nix; with import ../default.nix;
let
testSanitizeDerivationName = { name, expected }:
let
drv = derivation {
name = strings.sanitizeDerivationName name;
builder = "x";
system = "x";
};
in {
# Evaluate the derivation so an invalid name would be caught
expr = builtins.seq drv.drvPath drv.name;
inherit expected;
};
in
runTests { runTests {
@ -490,4 +507,29 @@ runTests {
expected = "'-X' 'PUT' '--data' '{\"id\":0}' '--retry' '3' '--url' 'https://example.com/foo' '--url' 'https://example.com/bar' '--verbose'"; expected = "'-X' 'PUT' '--data' '{\"id\":0}' '--retry' '3' '--url' 'https://example.com/foo' '--url' 'https://example.com/bar' '--verbose'";
}; };
testSanitizeDerivationNameLeadingDots = testSanitizeDerivationName {
name = "..foo";
expected = "foo";
};
testSanitizeDerivationNameAscii = testSanitizeDerivationName {
name = " !\"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\\]^_`abcdefghijklmnopqrstuvwxyz{|}~";
expected = "-+--.-0123456789-=-?-ABCDEFGHIJKLMNOPQRSTUVWXYZ-_-abcdefghijklmnopqrstuvwxyz-";
};
testSanitizeDerivationNameTooLong = testSanitizeDerivationName {
name = "This string is loooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooong";
expected = "loooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooong";
};
testSanitizeDerivationNameTooLongWithInvalid = testSanitizeDerivationName {
name = "Hello there aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa &&&&&&&&";
expected = "there-aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa-";
};
testSanitizeDerivationNameEmpty = testSanitizeDerivationName {
name = "";
expected = "unknown";
};
} }

18
maintainers/maintainer-list.nix
View File

@ -2839,6 +2839,12 @@
githubId = 12064730; githubId = 12064730;
name = "Alex Ivanov"; name = "Alex Ivanov";
}; };
gnxlxnxx = {
email = "gnxlxnxx@web.de";
github = "gnxlxnxx";
githubId = 25820499;
name = "Roman Kretschmer";
};
goibhniu = { goibhniu = {
email = "cillian.deroiste@gmail.com"; email = "cillian.deroiste@gmail.com";
github = "cillianderoiste"; github = "cillianderoiste";
@ -3235,6 +3241,12 @@
fingerprint = "7311 2700 AB4F 4CDF C68C F6A5 79C3 C47D C652 EA54"; fingerprint = "7311 2700 AB4F 4CDF C68C F6A5 79C3 C47D C652 EA54";
}]; }];
}; };
ivar = {
email = "ivar.scholten@protonmail.com";
github = "IvarWithoutBones";
githubId = 41924494;
Name = "Ivar";
};
ivegotasthma = { ivegotasthma = {
email = "ivegotasthma@protonmail.com"; email = "ivegotasthma@protonmail.com";
github = "ivegotasthma"; github = "ivegotasthma";
@ -7336,6 +7348,12 @@
githubId = 378734; githubId = 378734;
name = "TG Θ"; name = "TG Θ";
}; };
th0rgal = {
email = "thomas.marchand@tuta.io";
github = "Th0rgal";
githubId = 41830259;
name = "Thomas Marchand";
};
thall = { thall = {
email = "niclas.thall@gmail.com"; email = "niclas.thall@gmail.com";
github = "thall"; github = "thall";

15
nixos/doc/manual/release-notes/rl-2003.xml
View File

@ -757,6 +757,12 @@ auth required pam_succeed_if.so uid >= 1000 quiet
</warning> </warning>
</para> </para>
</listitem> </listitem>
<listitem>
<para>
The TokuDB storage engine will be disabled in <package>mariadb</package> 10.5. It is recommended to switch
to RocksDB. See also <link xlink:href="https://mariadb.com/kb/en/tokudb/">TokuDB</link>.
</para>
</listitem>
</itemizedlist> </itemizedlist>
</section> </section>
@ -888,6 +894,15 @@ auth required pam_succeed_if.so uid >= 1000 quiet
<listitem> <listitem>
<para> <para>
<package>mongodb</package> has been updated to version <literal>3.4.24</literal>. <package>mongodb</package> has been updated to version <literal>3.4.24</literal>.
<warning>
<para>
Please note that <package>mongodb</package> has been relicensed under their own
<link xlink:href="https://www.mongodb.com/licensing/server-side-public-license/faq"><literal>
sspl</literal></link>-license. Since it's not entirely free and not OSI-approved,
it's listed as non-free. This means that Hydra doesn't provide prebuilt
<package>mongodb</package>-packages and needs to be built locally.
</para>
</warning>
</para> </para>
</listitem> </listitem>
</itemizedlist> </itemizedlist>

2
nixos/lib/make-options-doc/default.nix
View File

@ -86,7 +86,7 @@ let
optionsList = lib.sort optionLess optionsListDesc; optionsList = lib.sort optionLess optionsListDesc;
# Convert the list of options into an XML file. # Convert the list of options into an XML file.
optionsXML = pkgs.writeText "options.xml" (builtins.toXML optionsList); optionsXML = builtins.toFile "options.xml" (builtins.toXML optionsList);
optionsNix = builtins.listToAttrs (map (o: { name = o.name; value = removeAttrs o ["name" "visible" "internal"]; }) optionsList); optionsNix = builtins.listToAttrs (map (o: { name = o.name; value = removeAttrs o ["name" "visible" "internal"]; }) optionsList);

4
nixos/modules/config/vte.nix
View File

@ -16,6 +16,10 @@ in
{ {
meta = {
maintainers = teams.gnome.members;
};
options = { options = {
programs.bash.vteIntegration = mkOption { programs.bash.vteIntegration = mkOption {

4
nixos/modules/config/xdg/autostart.nix
View File

@ -2,6 +2,10 @@
with lib; with lib;
{ {
meta = {
maintainers = teams.freedesktop.members;
};
options = { options = {
xdg.autostart.enable = mkOption { xdg.autostart.enable = mkOption {
type = types.bool; type = types.bool;

4
nixos/modules/config/xdg/icons.nix
View File

@ -2,6 +2,10 @@
with lib; with lib;
{ {
meta = {
maintainers = teams.freedesktop.members;
};
options = { options = {
xdg.icons.enable = mkOption { xdg.icons.enable = mkOption {
type = types.bool; type = types.bool;

4
nixos/modules/config/xdg/menus.nix
View File

@ -2,6 +2,10 @@
with lib; with lib;
{ {
meta = {
maintainers = teams.freedesktop.members;
};
options = { options = {
xdg.menus.enable = mkOption { xdg.menus.enable = mkOption {
type = types.bool; type = types.bool;

4
nixos/modules/config/xdg/mime.nix
View File

@ -2,6 +2,10 @@
with lib; with lib;
{ {
meta = {
maintainers = teams.freedesktop.members;
};
options = { options = {
xdg.mime.enable = mkOption { xdg.mime.enable = mkOption {
type = types.bool; type = types.bool;

4
nixos/modules/config/xdg/portal.nix
View File

@ -7,6 +7,10 @@ with lib;
(mkRenamedOptionModule [ "services" "flatpak" "extraPortals" ] [ "xdg" "portal" "extraPortals" ]) (mkRenamedOptionModule [ "services" "flatpak" "extraPortals" ] [ "xdg" "portal" "extraPortals" ])
]; ];
meta = {
maintainers = teams.freedesktop.members;
};
options.xdg.portal = { options.xdg.portal = {
enable = enable =
mkEnableOption "<link xlink:href='https://github.com/flatpak/xdg-desktop-portal'>xdg desktop integration</link>"//{ mkEnableOption "<link xlink:href='https://github.com/flatpak/xdg-desktop-portal'>xdg desktop integration</link>"//{

4
nixos/modules/config/xdg/sounds.nix
View File

@ -2,6 +2,10 @@
with lib; with lib;
{ {
meta = {
maintainers = teams.freedesktop.members;
};
options = { options = {
xdg.sounds.enable = mkOption { xdg.sounds.enable = mkOption {
type = types.bool; type = types.bool;

7
nixos/modules/hardware/sensor/iio.nix
View File

@ -8,7 +8,12 @@ with lib;
options = { options = {
hardware.sensor.iio = { hardware.sensor.iio = {
enable = mkOption { enable = mkOption {
description = "Enable this option to support IIO sensors."; description = ''
Enable this option to support IIO sensors.
IIO sensors are used for orientation and ambient light
sensors on some mobile devices.
'';
type = types.bool; type = types.bool;
default = false; default = false;
}; };

4
nixos/modules/i18n/input-method/ibus.nix
View File

@ -75,5 +75,9 @@ in
QT_IM_MODULE = "ibus"; QT_IM_MODULE = "ibus";
XMODIFIERS = "@im=ibus"; XMODIFIERS = "@im=ibus";
}; };
xdg.portal.extraPortals = mkIf xdg.portal.enable [
ibusPackage
];
}; };
} }

5
nixos/modules/module-list.nix
View File

@ -295,7 +295,6 @@
./services/desktops/deepin/deepin.nix ./services/desktops/deepin/deepin.nix
./services/desktops/dleyna-renderer.nix ./services/desktops/dleyna-renderer.nix
./services/desktops/dleyna-server.nix ./services/desktops/dleyna-server.nix
./services/desktops/pantheon/contractor.nix
./services/desktops/pantheon/files.nix ./services/desktops/pantheon/files.nix
./services/desktops/flatpak.nix ./services/desktops/flatpak.nix
./services/desktops/geoclue2.nix ./services/desktops/geoclue2.nix
@ -396,7 +395,6 @@
./services/mail/mailcatcher.nix ./services/mail/mailcatcher.nix
./services/mail/mailhog.nix ./services/mail/mailhog.nix
./services/mail/mailman.nix ./services/mail/mailman.nix
./services/mail/magic-wormhole-mailbox-server.nix
./services/mail/mlmmj.nix ./services/mail/mlmmj.nix
./services/mail/offlineimap.nix ./services/mail/offlineimap.nix
./services/mail/opendkim.nix ./services/mail/opendkim.nix
@ -645,6 +643,7 @@
./services/networking/lldpd.nix ./services/networking/lldpd.nix
./services/networking/logmein-hamachi.nix ./services/networking/logmein-hamachi.nix
./services/networking/mailpile.nix ./services/networking/mailpile.nix
./services/networking/magic-wormhole-mailbox-server.nix
./services/networking/matterbridge.nix ./services/networking/matterbridge.nix
./services/networking/mjpg-streamer.nix ./services/networking/mjpg-streamer.nix
./services/networking/minidlna.nix ./services/networking/minidlna.nix
@ -655,6 +654,7 @@
./services/networking/miredo.nix ./services/networking/miredo.nix
./services/networking/mstpd.nix ./services/networking/mstpd.nix
./services/networking/mtprotoproxy.nix ./services/networking/mtprotoproxy.nix
./services/networking/mullvad-vpn.nix
./services/networking/murmur.nix ./services/networking/murmur.nix
./services/networking/mxisd.nix ./services/networking/mxisd.nix
./services/networking/namecoind.nix ./services/networking/namecoind.nix
@ -683,6 +683,7 @@
./services/networking/ostinato.nix ./services/networking/ostinato.nix
./services/networking/owamp.nix ./services/networking/owamp.nix
./services/networking/pdnsd.nix ./services/networking/pdnsd.nix
./services/networking/pixiecore.nix
./services/networking/polipo.nix ./services/networking/polipo.nix
./services/networking/powerdns.nix ./services/networking/powerdns.nix
./services/networking/pdns-recursor.nix ./services/networking/pdns-recursor.nix

5
nixos/modules/profiles/hardened.nix
View File

@ -14,12 +14,17 @@ with lib;
nix.allowedUsers = mkDefault [ "@users" ]; nix.allowedUsers = mkDefault [ "@users" ];
environment.memoryAllocator.provider = mkDefault "scudo";
environment.variables.SCUDO_OPTIONS = mkDefault "ZeroContents=1";
security.hideProcessInformation = mkDefault true; security.hideProcessInformation = mkDefault true;
security.lockKernelModules = mkDefault true; security.lockKernelModules = mkDefault true;
security.allowUserNamespaces = mkDefault false; security.allowUserNamespaces = mkDefault false;
nix.useSandbox = mkDefault false;
security.protectKernelImage = mkDefault true; security.protectKernelImage = mkDefault true;
security.allowSimultaneousMultithreading = mkDefault false; security.allowSimultaneousMultithreading = mkDefault false;

4
nixos/modules/programs/geary.nix
View File

@ -6,6 +6,10 @@ let
cfg = config.programs.geary; cfg = config.programs.geary;
in { in {
meta = {
maintainers = teams.gnome.members;
};
options = { options = {
programs.geary.enable = mkEnableOption "Geary, a Mail client for GNOME 3"; programs.geary.enable = mkEnableOption "Geary, a Mail client for GNOME 3";
}; };

4
nixos/modules/programs/gnome-disks.nix
View File

@ -6,6 +6,10 @@ with lib;
{ {
meta = {
maintainers = teams.gnome.members;
};
# Added 2019-08-09 # Added 2019-08-09
imports = [ imports = [
(mkRenamedOptionModule (mkRenamedOptionModule

4
nixos/modules/programs/gnome-documents.nix
View File

@ -6,6 +6,10 @@ with lib;
{ {
meta = {
maintainers = teams.gnome.members;
};
# Added 2019-08-09 # Added 2019-08-09
imports = [ imports = [
(mkRenamedOptionModule (mkRenamedOptionModule

6
nixos/modules/programs/gnome-terminal.nix
View File

@ -12,6 +12,10 @@ in
{ {
meta = {
maintainers = teams.gnome.members;
};
# Added 2019-08-19 # Added 2019-08-19
imports = [ imports = [
(mkRenamedOptionModule (mkRenamedOptionModule
@ -20,9 +24,7 @@ in
]; ];
options = { options = {
programs.gnome-terminal.enable = mkEnableOption "GNOME Terminal"; programs.gnome-terminal.enable = mkEnableOption "GNOME Terminal";
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {

4
nixos/modules/programs/nm-applet.nix
View File

@ -1,6 +1,10 @@
{ config, lib, pkgs, ... }: { config, lib, pkgs, ... }:
{ {
meta = {
maintainers = lib.teams.freedesktop.members;
};
options.programs.nm-applet.enable = lib.mkEnableOption "nm-applet"; options.programs.nm-applet.enable = lib.mkEnableOption "nm-applet";
config = lib.mkIf config.programs.nm-applet.enable { config = lib.mkIf config.programs.nm-applet.enable {

6
nixos/modules/services/amqp/activemq/default.nix
View File

@ -63,9 +63,11 @@ in {
javaProperties = mkOption { javaProperties = mkOption {
type = types.attrs; type = types.attrs;
default = { }; default = { };
example = { example = literalExample ''
{
"java.net.preferIPv4Stack" = "true"; "java.net.preferIPv4Stack" = "true";
}; }
'';
apply = attrs: { apply = attrs: {
"activemq.base" = "${cfg.baseDir}"; "activemq.base" = "${cfg.baseDir}";
"activemq.data" = "${cfg.baseDir}/data"; "activemq.data" = "${cfg.baseDir}/data";

28
nixos/modules/services/backup/borgbackup.nix
View File

@ -189,6 +189,7 @@ let
in { in {
meta.maintainers = with maintainers; [ dotlambda ]; meta.maintainers = with maintainers; [ dotlambda ];
meta.doc = ./borgbackup.xml;
###### interface ###### interface
@ -197,10 +198,11 @@ in {
Deduplicating backups using BorgBackup. Deduplicating backups using BorgBackup.
Adding a job will cause a borg-job-NAME wrapper to be added Adding a job will cause a borg-job-NAME wrapper to be added
to your system path, so that you can perform maintenance easily. to your system path, so that you can perform maintenance easily.
See also the chapter about BorgBackup in the NixOS manual.
''; '';
default = { }; default = { };
example = literalExample '' example = literalExample ''
{ { # for a local backup
rootBackup = { rootBackup = {
paths = "/"; paths = "/";
exclude = [ "/nix" ]; exclude = [ "/nix" ];
@ -213,6 +215,23 @@ in {
startAt = "weekly"; startAt = "weekly";
}; };
} }
{ # Root backing each day up to a remote backup server. We assume that you have
# * created a password less key: ssh-keygen -N "" -t ed25519 -f /path/to/ssh_key
# best practices are: use -t ed25519, /path/to = /run/keys
# * the passphrase is in the file /run/keys/borgbackup_passphrase
# * you have initialized the repository manually
paths = [ "/etc" "/home" ];
exclude = [ "/nix" "'**/.cache'" ];
doInit = false;
repo = "user3@arep.repo.borgbase.com:repo";
encryption = {
mode = "repokey-blake2";
passCommand = "cat /path/to/passphrase";
};
environment = { BORG_RSH = "ssh -i /path/to/ssh_key"; };
compression = "auto,lzma";
startAt = "daily";
};
''; '';
type = types.attrsOf (types.submodule (let globalConfig = config; in type = types.attrsOf (types.submodule (let globalConfig = config; in
{ name, config, ... }: { { name, config, ... }: {
@ -268,6 +287,8 @@ in {
<manvolnum>7</manvolnum></citerefentry>. <manvolnum>7</manvolnum></citerefentry>.
If you do not want the backup to start If you do not want the backup to start
automatically, use <literal>[ ]</literal>. automatically, use <literal>[ ]</literal>.
It will generate a systemd service borgbackup-job-NAME.
You may trigger it manually via systemctl restart borgbackup-job-NAME.
''; '';
}; };
@ -303,6 +324,10 @@ in {
you to specify a <option>passCommand</option> you to specify a <option>passCommand</option>
or a <option>passphrase</option>. or a <option>passphrase</option>.
''; '';
example = ''
encryption.mode = "repokey-blake2" ;
encryption.passphrase = "mySecretPassphrase" ;
'';
}; };
encryption.passCommand = mkOption { encryption.passCommand = mkOption {
@ -538,6 +563,7 @@ in {
description = '' description = ''
Serve BorgBackup repositories to given public SSH keys, Serve BorgBackup repositories to given public SSH keys,
restricting their access to the repository only. restricting their access to the repository only.
See also the chapter about BorgBackup in the NixOS manual.
Also, clients do not need to specify the absolute path when accessing the repository, Also, clients do not need to specify the absolute path when accessing the repository,
i.e. <literal>user@machine:.</literal> is enough. (Note colon and dot.) i.e. <literal>user@machine:.</literal> is enough. (Note colon and dot.)
''; '';

227
nixos/modules/services/backup/borgbackup.xml Normal file
View File

@ -0,0 +1,227 @@
<chapter xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0"
xml:id="module-borgbase">
<title>BorgBackup</title>
<para>
<emphasis>Source:</emphasis>
<filename>modules/services/backup/borgbackup.nix</filename>
</para>
<para>
<emphasis>Upstream documentation:</emphasis>
<link xlink:href="https://borgbackup.readthedocs.io/"/>
</para>
<para>
<link xlink:href="https://www.borgbackup.org/">BorgBackup</link> (short: Borg)
is a deduplicating backup program. Optionally, it supports compression and
authenticated encryption.
</para>
<para>
The main goal of Borg is to provide an efficient and secure way to backup
data. The data deduplication technique used makes Borg suitable for daily
backups since only changes are stored. The authenticated encryption technique
makes it suitable for backups to not fully trusted targets.
</para>
<section xml:id="module-services-backup-borgbackup-configuring">
<title>Configuring</title>
<para>
A complete list of options for the Borgbase module may be found
<link linkend="opt-services.borgbackup.jobs">here</link>.
</para>
</section>
<section xml:id="opt-services-backup-borgbackup-local-directory">
<title>Basic usage for a local backup</title>
<para>
A very basic configuration for backing up to a locally accessible directory
is:
<programlisting>
{
opt.services.borgbackup.jobs = {
{ rootBackup = {
paths = "/";
exclude = [ "/nix" "/path/to/local/repo" ];
repo = "/path/to/local/repo";
doInit = true;
encryption = {
mode = "repokey";
passphrase = "secret";
};
compression = "auto,lzma";
startAt = "weekly";
};
}
};
}</programlisting>
</para>
<warning>
<para>
If you do not want the passphrase to be stored in the world-readable
Nix store, use passCommand. You find an example below.
</para>
</warning>
</section>
<section xml:id="opt-services-backup-create-server">
<title>Create a borg backup server</title>
<para>You should use a different SSH key for each repository you write to,
because the specified keys are restricted to running borg serve and can only
access this single repository. You need the output of the generate pub file.
</para>
<para>
<programlisting>
# sudo ssh-keygen -N '' -t ed25519 -f /run/keys/id_ed25519_my_borg_repo
# cat /run/keys/id_ed25519_my_borg_repo
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID78zmOyA+5uPG4Ot0hfAy+sLDPU1L4AiIoRYEIVbbQ/ root@nixos</programlisting>
</para>
<para>
Add the following snippet to your NixOS configuration:
<programlisting>
{
services.borgbackup.repos = {
my_borg_repo = {
authorizedKeys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID78zmOyA+5uPG4Ot0hfAy+sLDPU1L4AiIoRYEIVbbQ/ root@nixos"
] ;
path = "/var/lib/my_borg_repo" ;
};
};
}</programlisting>
</para>
</section>
<section xml:id="opt-services-backup-borgbackup-remote-server">
<title>Backup to the borg repository server</title>
<para>The following NixOS snippet creates an hourly backup to the service
(on the host nixos) as created in the section above. We assume
that you have stored a secret passphrasse in the file
<code>/run/keys/borgbackup_passphrase</code>, which should be only
accessible by root
</para>
<para>
<programlisting>
{
services.borgbackup.jobs = {
backupToLocalServer = {
paths = [ "/etc/nixos" ];
doInit = true;
repo = "borg@nixos:." ;
encryption = {
mode = "repokey-blake2";
passCommand = "cat /run/keys/borgbackup_passphrase";
};
environment = { BORG_RSH = "ssh -i /run/keys/id_ed25519_my_borg_repo"; };
compression = "auto,lzma";
startAt = "hourly";
};
};
};</programlisting>
</para>
<para>The following few commands (run as root) let you test your backup.
<programlisting>
> nixos-rebuild switch
...restarting the following units: polkit.service
> systemctl restart borgbackup-job-backupToLocalServer
> sleep 10
> systemctl restart borgbackup-job-backupToLocalServer
> export BORG_PASSPHRASE=topSecrect
> borg list --rsh='ssh -i /run/keys/id_ed25519_my_borg_repo' borg@nixos:.
nixos-backupToLocalServer-2020-03-30T21:46:17 Mon, 2020-03-30 21:46:19 [84feb97710954931ca384182f5f3cb90665f35cef214760abd7350fb064786ac]
nixos-backupToLocalServer-2020-03-30T21:46:30 Mon, 2020-03-30 21:46:32 [e77321694ecd160ca2228611747c6ad1be177d6e0d894538898de7a2621b6e68]</programlisting>
</para>
</section>
<section xml:id="opt-services-backup-borgbackup-borgbase">
<title>Backup to a hosting service</title>
<para>
Several companies offer <link
xlink:href="https://www.borgbackup.org/support/commercial.html">(paid)
hosting services</link> for Borg repositories.
</para>
<para>
To backup your home directory to borgbase you have to:
</para>
<itemizedlist>
<listitem>
<para>
Generate a SSH key without a password, to access the remote server. E.g.
</para>
<para>
<programlisting>sudo ssh-keygen -N '' -t ed25519 -f /run/keys/id_ed25519_borgbase</programlisting>
</para>
</listitem>
<listitem>
<para>
Create the repository on the server by following the instructions for your
hosting server.
</para>
</listitem>
<listitem>
<para>
Initialize the repository on the server. Eg.
<programlisting>
sudo borg init --encryption=repokey-blake2 \
-rsh "ssh -i /run/keys/id_ed25519_borgbase" \
zzz2aaaaa@zzz2aaaaa.repo.borgbase.com:repo</programlisting>
</para>
</listitem>
<listitem>
<para>Add it to your NixOS configuration, e.g.
<programlisting>
{
services.borgbackup.jobs = {
my_Remote_Backup = {
paths = [ "/" ];
exclude = [ "/nix" "'**/.cache'" ];
repo = "zzz2aaaaa@zzz2aaaaa.repo.borgbase.com:repo";
encryption = {
mode = "repokey-blake2";
passCommand = "cat /run/keys/borgbackup_passphrase";
};
BORG_RSH = "ssh -i /run/keys/id_ed25519_borgbase";
compression = "auto,lzma";
startAt = "daily";
};
};
}}</programlisting>
</para>
</listitem>
</itemizedlist>
</section>
<section xml:id="opt-services-backup-borgbackup-vorta">
<title>Vorta backup client for the desktop</title>
<para>
Vorta is a backup client for macOS and Linux desktops. It integrates the
mighty BorgBackup with your desktop environment to protect your data from
disk failure, ransomware and theft.
</para>
<para>
It is available as a flatpak package. To enable it you must set the
following two configuration items.
</para>
<para>
<programlisting>
services.flatpak.enable = true ;
# next line is needed to avoid the Error
# Error deploying: GDBus.Error:org.freedesktop.DBus.Error.ServiceUnknown:
services.accounts-daemon.enable = true;
</programlisting>
</para>
<para>As a normal user you must first install, then run vorta using the
following commands:
<programlisting>
flatpak remote-add --if-not-exists flathub https://flathub.org/repo/flathub.flatpakrepo
flatpak install flathub com.borgbase.Vorta
flatpak run --branch=stable --arch=x86_64 --command=vorta com.borgbase.Vorta
</programlisting>
After running <code>flatpak install</code> you can start Vorta also via
the KDE application menu.
</para>
<para>
Details about using Vorta can be found under <link
xlink:href="https://vorta.borgbase.com/usage">https://vorta.borgbase.com
</link>.
</para>
</section>
</chapter>

6
nixos/modules/services/backup/syncoid.nix
View File

@ -138,7 +138,11 @@ in {
}; };
})); }));
default = {}; default = {};
example."pool/test".target = "root@target:pool/test"; example = literalExample ''
{
"pool/test".target = "root@target:pool/test";
}
'';
description = "Syncoid commands to run."; description = "Syncoid commands to run.";
}; };
}; };

24
nixos/modules/services/cluster/hadoop/default.nix
View File

@ -7,33 +7,41 @@ with lib;
options.services.hadoop = { options.services.hadoop = {
coreSite = mkOption { coreSite = mkOption {
default = {}; default = {};
example = { example = literalExample ''
{
"fs.defaultFS" = "hdfs://localhost"; "fs.defaultFS" = "hdfs://localhost";
}; }
'';
description = "Hadoop core-site.xml definition"; description = "Hadoop core-site.xml definition";
}; };
hdfsSite = mkOption { hdfsSite = mkOption {
default = {}; default = {};
example = { example = literalExample ''
{
"dfs.nameservices" = "namenode1"; "dfs.nameservices" = "namenode1";
}; }
'';
description = "Hadoop hdfs-site.xml definition"; description = "Hadoop hdfs-site.xml definition";
}; };
mapredSite = mkOption { mapredSite = mkOption {
default = {}; default = {};
example = { example = literalExample ''
{
"mapreduce.map.cpu.vcores" = "1"; "mapreduce.map.cpu.vcores" = "1";
}; }
'';
description = "Hadoop mapred-site.xml definition"; description = "Hadoop mapred-site.xml definition";
}; };
yarnSite = mkOption { yarnSite = mkOption {
default = {}; default = {};
example = { example = literalExample ''
{
"yarn.resourcemanager.ha.id" = "resourcemanager1"; "yarn.resourcemanager.ha.id" = "resourcemanager1";
}; }
'';
description = "Hadoop yarn-site.xml definition"; description = "Hadoop yarn-site.xml definition";
}; };

4
nixos/modules/services/continuous-integration/buildkite-agents.nix
View File

@ -208,8 +208,12 @@ in
description = "Buildkite agent user"; description = "Buildkite agent user";
extraGroups = [ "keys" ]; extraGroups = [ "keys" ];
isSystemUser = true; isSystemUser = true;
group = "buildkite-agent-${name}";
}; };
}); });
config.users.groups = mapAgents (name: cfg: {
"buildkite-agent-${name}" = {};
});
config.systemd.services = mapAgents (name: cfg: { config.systemd.services = mapAgents (name: cfg: {
"buildkite-agent-${name}" = "buildkite-agent-${name}" =

99
nixos/modules/services/databases/postgresql.xml
View File

@ -7,12 +7,10 @@
<!-- FIXME: render nicely --> <!-- FIXME: render nicely -->
<!-- FIXME: source can be added automatically --> <!-- FIXME: source can be added automatically -->
<para> <para>
<emphasis>Source:</emphasis> <emphasis>Source:</emphasis> <filename>modules/services/databases/postgresql.nix</filename>
<filename>modules/services/databases/postgresql.nix</filename>
</para> </para>
<para> <para>
<emphasis>Upstream documentation:</emphasis> <emphasis>Upstream documentation:</emphasis> <link xlink:href="http://www.postgresql.org/docs/"/>
<link xlink:href="http://www.postgresql.org/docs/"/>
</para> </para>
<!-- FIXME: more stuff, like maintainer? --> <!-- FIXME: more stuff, like maintainer? -->
<para> <para>
@ -23,18 +21,12 @@
<title>Configuring</title> <title>Configuring</title>
<para> <para>
To enable PostgreSQL, add the following to your To enable PostgreSQL, add the following to your <filename>configuration.nix</filename>:
<filename>configuration.nix</filename>:
<programlisting> <programlisting>
<xref linkend="opt-services.postgresql.enable"/> = true; <xref linkend="opt-services.postgresql.enable"/> = true;
<xref linkend="opt-services.postgresql.package"/> = pkgs.postgresql_11; <xref linkend="opt-services.postgresql.package"/> = pkgs.postgresql_11;
</programlisting> </programlisting>
Note that you are required to specify the desired version of PostgreSQL Note that you are required to specify the desired version of PostgreSQL (e.g. <literal>pkgs.postgresql_11</literal>). Since upgrading your PostgreSQL version requires a database dump and reload (see below), NixOS cannot provide a default value for <xref linkend="opt-services.postgresql.package"/> such as the most recent release of PostgreSQL.
(e.g. <literal>pkgs.postgresql_11</literal>). Since upgrading your
PostgreSQL version requires a database dump and reload (see below), NixOS
cannot provide a default value for
<xref linkend="opt-services.postgresql.package"/> such as the most recent
release of PostgreSQL.
</para> </para>
<!-- <!--
@ -51,9 +43,7 @@ Type "help" for help.
--> -->
<para> <para>
By default, PostgreSQL stores its databases in By default, PostgreSQL stores its databases in <filename>/var/lib/postgresql/$psqlSchema</filename>. You can override this using <xref linkend="opt-services.postgresql.dataDir"/>, e.g.
<filename>/var/lib/postgresql/$psqlSchema</filename>. You can override this using
<xref linkend="opt-services.postgresql.dataDir"/>, e.g.
<programlisting> <programlisting>
<xref linkend="opt-services.postgresql.dataDir"/> = "/data/postgresql"; <xref linkend="opt-services.postgresql.dataDir"/> = "/data/postgresql";
</programlisting> </programlisting>
@ -63,25 +53,83 @@ Type "help" for help.
<title>Upgrading</title> <title>Upgrading</title>
<para> <para>
FIXME: document dump/upgrade/load cycle. Major PostgreSQL upgrade requires PostgreSQL downtime and a few imperative steps to be called. To simplify this process, use the following NixOS module:
<programlisting>
containers.temp-pg.config.services.postgresql = {
enable = true;
package = pkgs.postgresql_12;
## set a custom new dataDir
# dataDir = "/some/data/dir";
};
environment.systemPackages =
let newpg = config.containers.temp-pg.config.services.postgresql;
in [
(pkgs.writeScriptBin "upgrade-pg-cluster" ''
set -x
export OLDDATA="${config.services.postgresql.dataDir}"
export NEWDATA="${newpg.dataDir}"
export OLDBIN="${config.services.postgresql.package}/bin"
export NEWBIN="${newpg.package}/bin"
install -d -m 0700 -o postgres -g postgres "$NEWDATA"
cd "$NEWDATA"
sudo -u postgres $NEWBIN/initdb -D "$NEWDATA"
systemctl stop postgresql # old one
sudo -u postgres $NEWBIN/pg_upgrade \
--old-datadir "$OLDDATA" --new-datadir "$NEWDATA" \
--old-bindir $OLDBIN --new-bindir $NEWBIN \
"$@"
'')
];
</programlisting>
</para> </para>
<para>
The upgrade process is:
</para>
<orderedlist>
<listitem>
<para>
Rebuild nixos configuration with the configuration above added to your <filename>configuration.nix</filename>. Alternatively, add that into separate file and reference it in <literal>imports</literal> list.
</para>
</listitem>
<listitem>
<para>
Login as root (<literal>sudo su -</literal>)
</para>
</listitem>
<listitem>
<para>
Run <literal>upgrade-pg-cluster</literal>. It will stop old postgresql, initialize new one and migrate old one to new one. You may supply arguments like <literal>--jobs 4</literal> and <literal>--link</literal> to speedup migration process. See <link xlink:href="https://www.postgresql.org/docs/current/pgupgrade.html" /> for details.
</para>
</listitem>
<listitem>
<para>
Change postgresql package in NixOS configuration to the one you were upgrading to, and change <literal>dataDir</literal> to the one you have migrated to. Rebuild NixOS. This should start new postgres using upgraded data directory.
</para>
</listitem>
<listitem>
<para>
After upgrade you may want to <literal>ANALYZE</literal> new db.
</para>
</listitem>
</orderedlist>
</section> </section>
<section xml:id="module-services-postgres-options"> <section xml:id="module-services-postgres-options">
<title>Options</title> <title>Options</title>
<para> <para>
A complete list of options for the PostgreSQL module may be found A complete list of options for the PostgreSQL module may be found <link linkend="opt-services.postgresql.enable">here</link>.
<link linkend="opt-services.postgresql.enable">here</link>.
</para> </para>
</section> </section>
<section xml:id="module-services-postgres-plugins"> <section xml:id="module-services-postgres-plugins">
<title>Plugins</title> <title>Plugins</title>
<para> <para>
Plugins collection for each PostgreSQL version can be accessed with Plugins collection for each PostgreSQL version can be accessed with <literal>.pkgs</literal>. For example, for <literal>pkgs.postgresql_11</literal> package, its plugin collection is accessed by <literal>pkgs.postgresql_11.pkgs</literal>:
<literal>.pkgs</literal>. For example, for
<literal>pkgs.postgresql_11</literal> package, its plugin collection is
accessed by <literal>pkgs.postgresql_11.pkgs</literal>:
<screen> <screen>
<prompt>$ </prompt>nix repl '&lt;nixpkgs&gt;' <prompt>$ </prompt>nix repl '&lt;nixpkgs&gt;'
@ -98,6 +146,7 @@ postgresql_11.pkgs.pg_partman postgresql_11.pkgs.pgroonga
... ...
</screen> </screen>
</para> </para>
<para> <para>
To add plugins via NixOS configuration, set <literal>services.postgresql.extraPlugins</literal>: To add plugins via NixOS configuration, set <literal>services.postgresql.extraPlugins</literal>:
<programlisting> <programlisting>
@ -108,10 +157,9 @@ postgresql_11.pkgs.pg_partman postgresql_11.pkgs.pgroonga
]; ];
</programlisting> </programlisting>
</para> </para>
<para> <para>
You can build custom PostgreSQL-with-plugins (to be used outside of NixOS) using You can build custom PostgreSQL-with-plugins (to be used outside of NixOS) using function <literal>.withPackages</literal>. For example, creating a custom PostgreSQL package in an overlay can look like:
function <literal>.withPackages</literal>. For example, creating a custom
PostgreSQL package in an overlay can look like:
<programlisting> <programlisting>
self: super: { self: super: {
postgresql_custom = self.postgresql_11.withPackages (ps: [ postgresql_custom = self.postgresql_11.withPackages (ps: [
@ -121,6 +169,7 @@ self: super: {
} }
</programlisting> </programlisting>
</para> </para>
<para> <para>
Here's a recipe on how to override a particular plugin through an overlay: Here's a recipe on how to override a particular plugin through an overlay:
<programlisting> <programlisting>

4
nixos/modules/services/desktops/accountsservice.nix
View File

@ -6,6 +6,10 @@ with lib;
{ {
meta = {
maintainers = teams.freedesktop.members;
};
###### interface ###### interface
options = { options = {

4
nixos/modules/services/desktops/bamf.nix
View File

@ -5,6 +5,10 @@
with lib; with lib;
{ {
meta = {
maintainers = with maintainers; [ worldofpeace ];
};
###### interface ###### interface
options = { options = {

4
nixos/modules/services/desktops/gnome3/at-spi2-core.nix
View File

@ -6,6 +6,10 @@ with lib;
{ {
meta = {
maintainers = teams.gnome.members;
};
###### interface ###### interface
options = { options = {

4
nixos/modules/services/desktops/gnome3/chrome-gnome-shell.nix
View File

@ -4,6 +4,10 @@
with lib; with lib;
{ {
meta = {
maintainers = teams.gnome.members;
};
###### interface ###### interface
options = { options = {
services.gnome3.chrome-gnome-shell.enable = mkEnableOption '' services.gnome3.chrome-gnome-shell.enable = mkEnableOption ''

4
nixos/modules/services/desktops/gnome3/evolution-data-server.nix
View File

@ -6,6 +6,10 @@ with lib;
{ {
meta = {
maintainers = teams.gnome.members;
};
###### interface ###### interface
options = { options = {

4
nixos/modules/services/desktops/gnome3/glib-networking.nix
View File

@ -6,6 +6,10 @@ with lib;
{ {
meta = {
maintainers = teams.gnome.members;
};
###### interface ###### interface
options = { options = {

4
nixos/modules/services/desktops/gnome3/gnome-initial-setup.nix
View File

@ -44,6 +44,10 @@ in
{ {
meta = {
maintainers = teams.gnome.members;
};
###### interface ###### interface
options = { options = {

4
nixos/modules/services/desktops/gnome3/gnome-keyring.nix
View File

@ -6,6 +6,10 @@ with lib;
{ {
meta = {
maintainers = teams.gnome.members;
};
###### interface ###### interface
options = { options = {

4
nixos/modules/services/desktops/gnome3/gnome-online-accounts.nix
View File

@ -6,6 +6,10 @@ with lib;
{ {
meta = {
maintainers = teams.gnome.members;
};
###### interface ###### interface
options = { options = {

4
nixos/modules/services/desktops/gnome3/gnome-online-miners.nix
View File

@ -6,6 +6,10 @@ with lib;
{ {
meta = {
maintainers = teams.gnome.members;
};
###### interface ###### interface
options = { options = {

4
nixos/modules/services/desktops/gnome3/gnome-remote-desktop.nix
View File

@ -4,6 +4,10 @@
with lib; with lib;
{ {
meta = {
maintainers = teams.gnome.members;
};
###### interface ###### interface
options = { options = {
services.gnome3.gnome-remote-desktop = { services.gnome3.gnome-remote-desktop = {

4
nixos/modules/services/desktops/gnome3/gnome-settings-daemon.nix
View File

@ -12,6 +12,10 @@ in
{ {
meta = {
maintainers = teams.gnome.members;
};
imports = [ imports = [
(mkRemovedOptionModule (mkRemovedOptionModule
["services" "gnome3" "gnome-settings-daemon" "package"] ["services" "gnome3" "gnome-settings-daemon" "package"]

4
nixos/modules/services/desktops/gnome3/gnome-user-share.nix
View File

@ -6,6 +6,10 @@ with lib;
{ {
meta = {
maintainers = teams.gnome.members;
};
###### interface ###### interface
options = { options = {

4
nixos/modules/services/desktops/gnome3/rygel.nix
View File

@ -4,6 +4,10 @@
with lib; with lib;
{ {
meta = {
maintainers = teams.gnome.members;
};
###### interface ###### interface
options = { options = {
services.gnome3.rygel = { services.gnome3.rygel = {

4
nixos/modules/services/desktops/gnome3/sushi.nix
View File

@ -6,6 +6,10 @@ with lib;
{ {
meta = {
maintainers = teams.gnome.members;
};
###### interface ###### interface
options = { options = {

5
nixos/modules/services/desktops/gnome3/tracker-miners.nix
View File

@ -6,6 +6,10 @@ with lib;
{ {
meta = {
maintainers = teams.gnome.members;
};
###### interface ###### interface
options = { options = {
@ -25,7 +29,6 @@ with lib;
}; };
###### implementation ###### implementation
config = mkIf config.services.gnome3.tracker-miners.enable { config = mkIf config.services.gnome3.tracker-miners.enable {

4
nixos/modules/services/desktops/gnome3/tracker.nix
View File

@ -6,6 +6,10 @@ with lib;
{ {
meta = {
maintainers = teams.gnome.members;
};
###### interface ###### interface
options = { options = {

4
nixos/modules/services/desktops/gvfs.nix
View File

@ -12,6 +12,10 @@ in
{ {
meta = {
maintainers = teams.gnome.members;
};
# Added 2019-08-19 # Added 2019-08-19
imports = [ imports = [
(mkRenamedOptionModule (mkRenamedOptionModule

18
nixos/modules/services/desktops/pantheon/contractor.nix
View File

@ -1,18 +0,0 @@
# Contractor
{ config, pkgs, lib, ... }:
with lib;
{
###### implementation
config = mkIf config.services.pantheon.contractor.enable {
};
}

6
nixos/modules/services/desktops/pipewire.nix
View File

@ -8,6 +8,11 @@ let
packages = with pkgs; [ pipewire ]; packages = with pkgs; [ pipewire ];
in { in {
meta = {
maintainers = teams.freedesktop.members;
};
###### interface ###### interface
options = { options = {
services.pipewire = { services.pipewire = {
@ -33,5 +38,4 @@ in {
systemd.user.sockets.pipewire.wantedBy = lib.mkIf cfg.socketActivation [ "sockets.target" ]; systemd.user.sockets.pipewire.wantedBy = lib.mkIf cfg.socketActivation [ "sockets.target" ];
}; };
meta.maintainers = with lib.maintainers; [ jtojnar ];
} }

4
nixos/modules/services/desktops/telepathy.nix
View File

@ -6,6 +6,10 @@ with lib;
{ {
meta = {
maintainers = teams.gnome.members;
};
###### interface ###### interface
options = { options = {

4
nixos/modules/services/desktops/tumbler.nix
View File

@ -18,6 +18,10 @@ in
"") "")
]; ];
meta = {
maintainers = with maintainers; [ worldofpeace ];
};
###### interface ###### interface
options = { options = {

5
nixos/modules/services/desktops/zeitgeist.nix
View File

@ -5,6 +5,11 @@
with lib; with lib;
{ {
meta = {
maintainers = with maintainers; [ worldofpeace ];
};
###### interface ###### interface
options = { options = {

12
nixos/modules/services/mail/sympa.nix
View File

@ -25,8 +25,6 @@ let
StateDirectory = "sympa"; StateDirectory = "sympa";
ProtectHome = true; ProtectHome = true;
ProtectSystem = "full"; ProtectSystem = "full";
ProtectKernelTunables = true;
ProtectKernelModules = true;
ProtectControlGroups = true; ProtectControlGroups = true;
}; };
@ -415,7 +413,7 @@ in
# force-copy static_content so it's up to date with package # force-copy static_content so it's up to date with package
# set permissions for wwsympa which needs write access (...) # set permissions for wwsympa which needs write access (...)
"R ${dataDir}/static_content - - - - -" "R ${dataDir}/static_content - - - - -"
"C ${dataDir}/static_content 0711 ${user} ${group} - ${pkg}/static_content" "C ${dataDir}/static_content 0711 ${user} ${group} - ${pkg}/var/lib/sympa/static_content"
"e ${dataDir}/static_content/* 0711 ${user} ${group} - -" "e ${dataDir}/static_content/* 0711 ${user} ${group} - -"
"d /run/sympa 0755 ${user} ${group} - -" "d /run/sympa 0755 ${user} ${group} - -"
@ -497,7 +495,7 @@ in
-F ${toString cfg.web.fcgiProcs} \ -F ${toString cfg.web.fcgiProcs} \
-P /run/sympa/wwsympa.pid \ -P /run/sympa/wwsympa.pid \
-s /run/sympa/wwsympa.socket \ -s /run/sympa/wwsympa.socket \
-- ${pkg}/bin/wwsympa.fcgi -- ${pkg}/lib/sympa/cgi/wwsympa.fcgi
''; '';
} // commonServiceConfig; } // commonServiceConfig;
@ -518,7 +516,7 @@ in
fastcgi_split_path_info ^(${loc})(.*)$; fastcgi_split_path_info ^(${loc})(.*)$;
fastcgi_param PATH_INFO $fastcgi_path_info; fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param SCRIPT_FILENAME ${pkg}/bin/wwsympa.fcgi; fastcgi_param SCRIPT_FILENAME ${pkg}/lib/sympa/cgi/wwsympa.fcgi;
''; '';
}) // { }) // {
"/static-sympa/".alias = "${dataDir}/static_content/"; "/static-sympa/".alias = "${dataDir}/static_content/";
@ -550,7 +548,7 @@ in
args = [ args = [
"flags=hqRu" "flags=hqRu"
"user=${user}" "user=${user}"
"argv=${pkg}/bin/queue" "argv=${pkg}/libexec/queue"
"\${nexthop}" "\${nexthop}"
]; ];
}; };
@ -562,7 +560,7 @@ in
args = [ args = [
"flags=hqRu" "flags=hqRu"
"user=${user}" "user=${user}"
"argv=${pkg}/bin/bouncequeue" "argv=${pkg}/libexec/bouncequeue"
"\${nexthop}" "\${nexthop}"
]; ];
}; };

58
nixos/modules/services/misc/nix-daemon.nix
View File

@ -376,6 +376,59 @@ in
If enabled (the default), checks that Nix can parse the generated nix.conf. If enabled (the default), checks that Nix can parse the generated nix.conf.
''; '';
}; };
registry = mkOption {
type = types.attrsOf (types.submodule (
let
inputAttrs = types.attrsOf (types.oneOf [types.str types.int types.bool types.package]);
in
{ config, name, ... }:
{ options = {
from = mkOption {
type = inputAttrs;
example = { type = "indirect"; id = "nixpkgs"; };
description = "The flake reference to be rewritten.";
};
to = mkOption {
type = inputAttrs;
example = { type = "github"; owner = "my-org"; repo = "my-nixpkgs"; };
description = "The flake reference to which <option>from></option> is to be rewritten.";
};
flake = mkOption {
type = types.unspecified;
default = null;
example = literalExample "nixpkgs";
description = ''
The flake input to which <option>from></option> is to be rewritten.
'';
};
exact = mkOption {
type = types.bool;
default = true;
description = ''
Whether the <option>from</option> reference needs to match exactly. If set,
a <option>from</option> reference like <literal>nixpkgs</literal> does not
match with a reference like <literal>nixpkgs/nixos-20.03</literal>.
'';
};
};
config = {
from = mkDefault { type = "indirect"; id = name; };
to = mkIf (config.flake != null)
({ type = "path";
path = config.flake.outPath;
} // lib.filterAttrs
(n: v: n == "lastModified" || n == "rev" || n == "revCount" || n == "narHash")
config.flake);
};
}
));
default = {};
description = ''
A system-wide flake registry.
'';
};
}; };
}; };
@ -390,6 +443,11 @@ in
environment.etc."nix/nix.conf".source = nixConf; environment.etc."nix/nix.conf".source = nixConf;
environment.etc."nix/registry.json".text = builtins.toJSON {
version = 2;
flakes = mapAttrsToList (n: v: { inherit (v) from to exact; }) cfg.registry;
};
# List of machines for distributed Nix builds in the format # List of machines for distributed Nix builds in the format
# expected by build-remote.pl. # expected by build-remote.pl.
environment.etc."nix/machines" = environment.etc."nix/machines" =

5
nixos/modules/services/network-filesystems/netatalk.nix
View File

@ -98,13 +98,14 @@ in
Set of AFP volumes to export. Set of AFP volumes to export.
See <literal>man apf.conf</literal> for more information. See <literal>man apf.conf</literal> for more information.
''; '';
example = example = literalExample ''
{ srv = { srv =
{ path = "/srv"; { path = "/srv";
"read only" = true; "read only" = true;
"hosts allow" = "10.1.0.0/16 10.2.1.100 2001:0db8:1234::/48"; "hosts allow" = "10.1.0.0/16 10.2.1.100 2001:0db8:1234::/48";
}; };
}; }
'';
}; };
extmap = mkOption { extmap = mkOption {

5
nixos/modules/services/network-filesystems/rsyncd.nix
View File

@ -74,13 +74,14 @@ in
See <command>man rsyncd.conf</command> for options. See <command>man rsyncd.conf</command> for options.
''; '';
type = types.attrsOf (types.attrsOf types.str); type = types.attrsOf (types.attrsOf types.str);
example = example = literalExample ''
{ srv = { srv =
{ path = "/srv"; { path = "/srv";
"read only" = "yes"; "read only" = "yes";
comment = "Public rsync share."; comment = "Public rsync share.";
}; };
}; }
'';
}; };
user = mkOption { user = mkOption {

5
nixos/modules/services/network-filesystems/samba.nix
View File

@ -189,7 +189,7 @@ in
See <command>man smb.conf</command> for options. See <command>man smb.conf</command> for options.
''; '';
type = types.attrsOf (types.attrsOf types.unspecified); type = types.attrsOf (types.attrsOf types.unspecified);
example = example = literalExample ''
{ public = { public =
{ path = "/srv/public"; { path = "/srv/public";
"read only" = true; "read only" = true;
@ -197,7 +197,8 @@ in
"guest ok" = "yes"; "guest ok" = "yes";
comment = "Public samba share."; comment = "Public samba share.";
}; };
}; }
'';
}; };
}; };

6
nixos/modules/services/networking/3proxy.nix
View File

@ -334,10 +334,12 @@ in {
nsrecord = mkOption { nsrecord = mkOption {
type = types.attrsOf types.str; type = types.attrsOf types.str;
default = { }; default = { };
example = { example = literalExample ''
{
"files.local" = "192.168.1.12"; "files.local" = "192.168.1.12";
"site.local" = "192.168.1.43"; "site.local" = "192.168.1.43";
}; }
'';
description = "Adds static nsrecords."; description = "Adds static nsrecords.";
}; };
}; };

6
nixos/modules/services/networking/dnscache.nix
View File

@ -61,10 +61,12 @@ in {
Table of {hostname: server} pairs to use as authoritative servers for hosts (and subhosts). Table of {hostname: server} pairs to use as authoritative servers for hosts (and subhosts).
If entry for @ is not specified predefined list of root servers is used. If entry for @ is not specified predefined list of root servers is used.
''; '';
example = { example = literalExample ''
{
"@" = ["8.8.8.8" "8.8.4.4"]; "@" = ["8.8.8.8" "8.8.4.4"];
"example.com" = ["192.168.100.100"]; "example.com" = ["192.168.100.100"];
}; }
'';
}; };
forwardOnly = mkOption { forwardOnly = mkOption {

0
nixos/modules/services/mail/magic-wormhole-mailbox-server.nix → nixos/modules/services/networking/magic-wormhole-mailbox-server.nix
View File

43
nixos/modules/services/networking/mullvad-vpn.nix Normal file
View File

@ -0,0 +1,43 @@
{ config, lib, pkgs, ... }:
let
cfg = config.services.mullvad-vpn;
in
with lib;
{
options.services.mullvad-vpn.enable = mkOption {
type = types.bool;
default = false;
description = ''
This option enables Mullvad VPN daemon.
'';
};
config = mkIf cfg.enable {
boot.kernelModules = [ "tun" ];
systemd.services.mullvad-daemon = {
description = "Mullvad VPN daemon";
wantedBy = [ "multi-user.target" ];
wants = [ "network.target" ];
after = [
"network-online.target"
"NetworkManager.service"
"systemd-resolved.service"
];
path = [
pkgs.iproute
# Needed for ping
"/run/wrappers"
];
serviceConfig = {
StartLimitBurst = 5;
StartLimitIntervalSec = 20;
ExecStart = "${pkgs.mullvad-vpn}/bin/mullvad-daemon -v --disable-stdout-timestamps";
Restart = "always";
RestartSec = 1;
};
};
};
meta.maintainers = [ maintainers.xfix ];
}

6
nixos/modules/services/networking/ndppd.nix
View File

@ -142,7 +142,11 @@ in {
messages, and respond to them according to a set of rules. messages, and respond to them according to a set of rules.
''; '';
default = {}; default = {};
example = { eth0.rules."1111::/64" = {}; }; example = literalExample ''
{
eth0.rules."1111::/64" = {};
}
'';
}; };
}; };

4
nixos/modules/services/networking/networkmanager.nix
View File

@ -131,6 +131,10 @@ let
in { in {
meta = {
maintainers = teams.freedesktop.members;
};
###### interface ###### interface
options = { options = {

134
nixos/modules/services/networking/pixiecore.nix Normal file
View File

@ -0,0 +1,134 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.pixiecore;
in
{
meta.maintainers = with maintainers; [ bbigras danderson ];
options = {
services.pixiecore = {
enable = mkEnableOption "Pixiecore";
openFirewall = mkOption {
type = types.bool;
default = false;
description = ''
Open ports (67, 69 UDP and 4011, 'port', 'statusPort' TCP) in the firewall for Pixiecore.
'';
};
mode = mkOption {
description = "Which mode to use";
default = "boot";
type = types.enum [ "api" "boot" ];
};
debug = mkOption {
type = types.bool;
default = false;
description = "Log more things that aren't directly related to booting a recognized client";
};
dhcpNoBind = mkOption {
type = types.bool;
default = false;
description = "Handle DHCP traffic without binding to the DHCP server port";
};
kernel = mkOption {
type = types.str or types.path;
default = "";
description = "Kernel path. Ignored unless mode is set to 'boot'";
};
initrd = mkOption {
type = types.str or types.path;
default = "";
description = "Initrd path. Ignored unless mode is set to 'boot'";
};
cmdLine = mkOption {
type = types.str;
default = "";
description = "Kernel commandline arguments. Ignored unless mode is set to 'boot'";
};
listen = mkOption {
type = types.str;
default = "0.0.0.0";
description = "IPv4 address to listen on";
};
port = mkOption {
type = types.port;
default = 80;
description = "Port to listen on for HTTP";
};
statusPort = mkOption {
type = types.port;
default = 80;
description = "HTTP port for status information (can be the same as --port)";
};
apiServer = mkOption {
type = types.str;
example = "localhost:8080";
description = "host:port to connect to the API. Ignored unless mode is set to 'api'";
};
extraArguments = mkOption {
type = types.listOf types.str;
default = [];
description = "Additional command line arguments to pass to Pixiecore";
};
};
};
config = mkIf cfg.enable {
users.groups.pixiecore = {};
users.users.pixiecore = {
description = "Pixiecore daemon user";
group = "pixiecore";
};
networking.firewall = mkIf cfg.openFirewall {
allowedTCPPorts = [ 4011 cfg.port cfg.statusPort ];
allowedUDPPorts = [ 67 69 ];
};
systemd.services.pixiecore = {
description = "Pixiecore server";
after = [ "network.target"];
wants = [ "network.target"];
wantedBy = [ "multi-user.target"];
serviceConfig = {
User = "pixiecore";
Restart = "always";
AmbientCapabilities = [ "cap_net_bind_service" ] ++ optional cfg.dhcpNoBind "cap_net_raw";
ExecStart =
let
argString =
if cfg.mode == "boot"
then [ "boot" cfg.kernel ]
++ optional (cfg.initrd != "") cfg.initrd
++ optional (cfg.cmdLine != "") "--cmdline=${lib.escapeShellArg cfg.cmdLine}"
else [ "api" cfg.apiServer ];
in
''
${pkgs.pixiecore}/bin/pixiecore \
${lib.escapeShellArgs argString} \
${optionalString cfg.debug "--debug"} \
${optionalString cfg.dhcpNoBind "--dhcp-no-bind"} \
--listen-addr ${lib.escapeShellArg cfg.listen} \
--port ${toString cfg.port} \
--status-port ${toString cfg.statusPort} \
${escapeShellArgs cfg.extraArguments}
'';
};
};
};
}

8
nixos/modules/services/networking/strongswan.nix
View File

@ -4,7 +4,7 @@ let
inherit (builtins) toFile; inherit (builtins) toFile;
inherit (lib) concatMapStringsSep concatStringsSep mapAttrsToList inherit (lib) concatMapStringsSep concatStringsSep mapAttrsToList
mkIf mkEnableOption mkOption types; mkIf mkEnableOption mkOption types literalExample;
cfg = config.services.strongswan; cfg = config.services.strongswan;
@ -79,7 +79,8 @@ in
connections = mkOption { connections = mkOption {
type = types.attrsOf (types.attrsOf types.str); type = types.attrsOf (types.attrsOf types.str);
default = {}; default = {};
example = { example = literalExample ''
{
"%default" = { "%default" = {
keyexchange = "ikev2"; keyexchange = "ikev2";
keyingtries = "1"; keyingtries = "1";
@ -91,7 +92,8 @@ in
leftsubnet = "10.1.0.0/16"; leftsubnet = "10.1.0.0/16";
right = "%any"; right = "%any";
}; };
}; }
'';
description = '' description = ''
A set of connections and their options for the conn xxx A set of connections and their options for the conn xxx
sections of the <filename>ipsec.conf</filename> file. sections of the <filename>ipsec.conf</filename> file.

6
nixos/modules/services/networking/syncthing.nix
View File

@ -169,12 +169,14 @@ in {
description = '' description = ''
folders which should be shared by syncthing. folders which should be shared by syncthing.
''; '';
example = { example = literalExample ''
{
"/home/user/sync" = { "/home/user/sync" = {
id = "syncme"; id = "syncme";
devices = [ "bigbox" ]; devices = [ "bigbox" ];
}; };
}; }
'';
type = types.attrsOf (types.submodule ({ name, ... }: { type = types.attrsOf (types.submodule ({ name, ... }: {
options = { options = {

2
nixos/modules/services/networking/wg-quick.nix
View File

@ -302,7 +302,7 @@ in {
###### implementation ###### implementation
config = mkIf (cfg.interfaces != {}) { config = mkIf (cfg.interfaces != {}) {
boot.extraModulePackages = [ kernel.wireguard ]; boot.extraModulePackages = optional (versionOlder kernel.kernel.version "5.6") kernel.wireguard;
environment.systemPackages = [ pkgs.wireguard-tools ]; environment.systemPackages = [ pkgs.wireguard-tools ];
# This is forced to false for now because the default "--validmark" rpfilter we apply on reverse path filtering # This is forced to false for now because the default "--validmark" rpfilter we apply on reverse path filtering
# breaks the wg-quick routing because wireguard packets leave with a fwmark from wireguard. # breaks the wg-quick routing because wireguard packets leave with a fwmark from wireguard.

2
nixos/modules/services/web-apps/moinmoin.nix
View File

@ -299,5 +299,5 @@ in
]))); ])));
}; };
meta.maintainers = with lib.maintainers; [ b42 ]; meta.maintainers = with lib.maintainers; [ mmilata ];
} }

6
nixos/modules/services/web-apps/youtrack.nix
View File

@ -46,9 +46,11 @@ in
https://www.jetbrains.com/help/youtrack/standalone/YouTrack-Java-Start-Parameters.html https://www.jetbrains.com/help/youtrack/standalone/YouTrack-Java-Start-Parameters.html
for more information. for more information.
''; '';
example = { example = literalExample ''
{
"jetbrains.youtrack.overrideRootPassword" = "tortuga"; "jetbrains.youtrack.overrideRootPassword" = "tortuga";
}; }
'';
type = types.attrsOf types.str; type = types.attrsOf types.str;
}; };

4
nixos/modules/services/x11/desktop-managers/gnome3.nix
View File

@ -57,6 +57,10 @@ in
{ {
meta = {
maintainers = teams.gnome.members;
};
options = { options = {
services.gnome3 = { services.gnome3 = {

4
nixos/modules/services/x11/desktop-managers/xfce.nix
View File

@ -8,6 +8,10 @@ in
{ {
meta = {
maintainers = with maintainers; [ worldofpeace ];
};
imports = [ imports = [
# added 2019-08-18 # added 2019-08-18
# needed to preserve some semblance of UI familarity # needed to preserve some semblance of UI familarity

5
nixos/modules/services/x11/display-managers/account-service-util.nix
View File

@ -3,6 +3,7 @@
, gobject-introspection , gobject-introspection
, python3 , python3
, wrapGAppsHook , wrapGAppsHook
, lib
}: }:
python3.pkgs.buildPythonApplication { python3.pkgs.buildPythonApplication {
@ -36,4 +37,8 @@ python3.pkgs.buildPythonApplication {
cp $src $out/bin/set-session cp $src $out/bin/set-session
chmod +x $out/bin/set-session chmod +x $out/bin/set-session
''; '';
meta = with lib; {
maintainers = with maintainers; [ worldofpeace ];
};
} }

8
nixos/modules/services/x11/display-managers/default.nix
View File

@ -54,14 +54,6 @@ let
exec &> >(tee ~/.xsession-errors) exec &> >(tee ~/.xsession-errors)
''} ''}
# Start PulseAudio if enabled.
${optionalString (config.hardware.pulseaudio.enable) ''
# Publish access credentials in the root window.
if ${config.hardware.pulseaudio.package.out}/bin/pulseaudio --dump-modules | grep module-x11-publish &> /dev/null; then
${config.hardware.pulseaudio.package.out}/bin/pactl load-module module-x11-publish "display=$DISPLAY"
fi
''}
# Tell systemd about our $DISPLAY and $XAUTHORITY. # Tell systemd about our $DISPLAY and $XAUTHORITY.
# This is needed by the ssh-agent unit. # This is needed by the ssh-agent unit.
# #

4
nixos/modules/services/x11/display-managers/gdm.nix
View File

@ -38,6 +38,10 @@ in
{ {
meta = {
maintainers = teams.gnome.members;
};
###### interface ###### interface
options = { options = {

4
nixos/modules/services/x11/display-managers/lightdm-greeters/pantheon.nix
View File

@ -10,6 +10,10 @@ let
in in
{ {
meta = {
maintainers = with maintainers; [ worldofpeace ];
};
options = { options = {
services.xserver.displayManager.lightdm.greeters.pantheon = { services.xserver.displayManager.lightdm.greeters.pantheon = {

4
nixos/modules/services/x11/display-managers/lightdm.nix
View File

@ -69,6 +69,10 @@ let
in in
{ {
meta = {
maintainers = with maintainers; [ worldofpeace ];
};
# Note: the order in which lightdm greeter modules are imported # Note: the order in which lightdm greeter modules are imported
# here determines the default: later modules (if enable) are # here determines the default: later modules (if enable) are
# preferred. # preferred.

1
nixos/modules/tasks/filesystems/zfs.nix
View File

@ -433,6 +433,7 @@ in
services.zfs.zed.settings = { services.zfs.zed.settings = {
ZED_EMAIL_PROG = mkDefault "${pkgs.mailutils}/bin/mail"; ZED_EMAIL_PROG = mkDefault "${pkgs.mailutils}/bin/mail";
PATH = lib.makeBinPath [ packages.zfsUser pkgs.utillinux pkgs.gawk pkgs.gnused pkgs.gnugrep pkgs.coreutils pkgs.curl ];
}; };
environment.etc = genAttrs environment.etc = genAttrs

6
nixos/modules/virtualisation/containers.nix
View File

@ -609,9 +609,11 @@ in
bindMounts = mkOption { bindMounts = mkOption {
type = with types; loaOf (submodule bindMountOpts); type = with types; loaOf (submodule bindMountOpts);
default = {}; default = {};
example = { "/home" = { hostPath = "/home/alice"; example = literalExample ''
{ "/home" = { hostPath = "/home/alice";
isReadOnly = false; }; isReadOnly = false; };
}; }
'';
description = description =
'' ''

2
nixos/tests/os-prober.nix
View File

@ -51,6 +51,8 @@ let
hashed-mirrors = hashed-mirrors =
connect-timeout = 1 connect-timeout = 1
''; '';
# save some memory
documentation.enable = false;
}; };
# /etc/nixos/configuration.nix for the vm # /etc/nixos/configuration.nix for the vm
configFile = pkgs.writeText "configuration.nix" '' configFile = pkgs.writeText "configuration.nix" ''

15
pkgs/applications/audio/cantata/default.nix
View File

@ -1,5 +1,5 @@
{ mkDerivation, lib, fetchFromGitHub, cmake, pkgconfig, vlc { mkDerivation, lib, fetchFromGitHub, cmake, pkgconfig
, qtbase, qtmultimedia, qtsvg, qttools , qtbase, qtsvg, qttools
# Cantata doesn't build with cdparanoia enabled so we disable that # Cantata doesn't build with cdparanoia enabled so we disable that
# default for now until I (or someone else) figure it out. # default for now until I (or someone else) figure it out.
@ -9,12 +9,14 @@
, withMusicbrainz ? false, libmusicbrainz5 , withMusicbrainz ? false, libmusicbrainz5
, withTaglib ? true, taglib, taglib_extras , withTaglib ? true, taglib, taglib_extras
, withHttpStream ? true, qtmultimedia
, withReplaygain ? true, ffmpeg, speex, mpg123 , withReplaygain ? true, ffmpeg, speex, mpg123
, withMtp ? true, libmtp , withMtp ? true, libmtp
, withOnlineServices ? true , withOnlineServices ? true
, withDevices ? true, udisks2 , withDevices ? true, udisks2
, withDynamic ? true , withDynamic ? true
, withHttpServer ? true , withHttpServer ? true
, withLibVlc ? false, vlc
, withStreams ? true , withStreams ? true
}: }:
@ -26,6 +28,7 @@ assert withMtp -> withTaglib;
assert withMusicbrainz -> withCdda && withTaglib; assert withMusicbrainz -> withCdda && withTaglib;
assert withOnlineServices -> withTaglib; assert withOnlineServices -> withTaglib;
assert withReplaygain -> withTaglib; assert withReplaygain -> withTaglib;
assert withLibVlc -> withHttpStream;
let let
version = "2.4.1"; version = "2.4.1";
@ -45,15 +48,17 @@ in mkDerivation {
sha256 = "0ix7xp352bziwz31mw79y7wxxmdn6060p8ry2px243ni1lz1qx1c"; sha256 = "0ix7xp352bziwz31mw79y7wxxmdn6060p8ry2px243ni1lz1qx1c";
}; };
buildInputs = [ vlc qtbase qtmultimedia qtsvg ] buildInputs = [ qtbase qtsvg ]
++ lib.optionals withTaglib [ taglib taglib_extras ] ++ lib.optionals withTaglib [ taglib taglib_extras ]
++ lib.optionals withReplaygain [ ffmpeg speex mpg123 ] ++ lib.optionals withReplaygain [ ffmpeg speex mpg123 ]
++ lib.optional withHttpStream qtmultimedia
++ lib.optional withCdda cdparanoia ++ lib.optional withCdda cdparanoia
++ lib.optional withCddb libcddb ++ lib.optional withCddb libcddb
++ lib.optional withLame lame ++ lib.optional withLame lame
++ lib.optional withMtp libmtp ++ lib.optional withMtp libmtp
++ lib.optional withMusicbrainz libmusicbrainz5 ++ lib.optional withMusicbrainz libmusicbrainz5
++ lib.optional withUdisks udisks2; ++ lib.optional withUdisks udisks2
++ lib.optional withLibVlc vlc;
nativeBuildInputs = [ cmake pkgconfig qttools ]; nativeBuildInputs = [ cmake pkgconfig qttools ];
@ -62,6 +67,7 @@ in mkDerivation {
cmakeFlags = lib.flatten [ cmakeFlags = lib.flatten [
(fstats withTaglib [ "TAGLIB" "TAGLIB_EXTRAS" ]) (fstats withTaglib [ "TAGLIB" "TAGLIB_EXTRAS" ])
(fstats withReplaygain [ "FFMPEG" "MPG123" "SPEEXDSP" ]) (fstats withReplaygain [ "FFMPEG" "MPG123" "SPEEXDSP" ])
(fstat withHttpStream "HTTP_STREAM_PLAYBACK")
(fstat withCdda "CDPARANOIA") (fstat withCdda "CDPARANOIA")
(fstat withCddb "CDDB") (fstat withCddb "CDDB")
(fstat withLame "LAME") (fstat withLame "LAME")
@ -71,6 +77,7 @@ in mkDerivation {
(fstat withDynamic "DYNAMIC") (fstat withDynamic "DYNAMIC")
(fstat withDevices "DEVICES_SUPPORT") (fstat withDevices "DEVICES_SUPPORT")
(fstat withHttpServer "HTTP_SERVER") (fstat withHttpServer "HTTP_SERVER")
(fstat withLibVlc "LIBVLC")
(fstat withStreams "STREAMS") (fstat withStreams "STREAMS")
(fstat withUdisks "UDISKS2") (fstat withUdisks "UDISKS2")
"-DENABLE_HTTPS_SUPPORT=ON" "-DENABLE_HTTPS_SUPPORT=ON"

4
pkgs/applications/audio/ft2-clone/default.nix
View File

@ -7,13 +7,13 @@
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
pname = "ft2-clone"; pname = "ft2-clone";
version = "1.09"; version = "1.15";
src = fetchFromGitHub { src = fetchFromGitHub {
owner = "8bitbubsy"; owner = "8bitbubsy";
repo = "ft2-clone"; repo = "ft2-clone";
rev = "v${version}"; rev = "v${version}";
sha256 = "18my7fywaf66rq8phsly8lglxzpglran8rj27fvwgpni8098ic7d"; sha256 = "19xgdaij71gpvq216zjlp60zmfdl2a8kf8sc3bpk8a4d4xh4n151";
}; };
nativeBuildInputs = [ cmake ]; nativeBuildInputs = [ cmake ];

4
pkgs/applications/audio/lollypop/default.nix
View File

@ -23,7 +23,7 @@
python3.pkgs.buildPythonApplication rec { python3.pkgs.buildPythonApplication rec {
pname = "lollypop"; pname = "lollypop";
version = "1.2.23"; version = "1.2.32";
format = "other"; format = "other";
doCheck = false; doCheck = false;
@ -32,7 +32,7 @@ python3.pkgs.buildPythonApplication rec {
url = "https://gitlab.gnome.org/World/lollypop"; url = "https://gitlab.gnome.org/World/lollypop";
rev = "refs/tags/${version}"; rev = "refs/tags/${version}";
fetchSubmodules = true; fetchSubmodules = true;
sha256 = "059z7ri5qwkmfh2kvv8rq5wp80mz75423wc5hnm33wb9sgdd5x47"; sha256 = "03x6qihd349pq5lmgahb77sys60g16v5v6qkdlzf8k88451k8p7n";
}; };
nativeBuildInputs = [ nativeBuildInputs = [

7
pkgs/applications/audio/ncspot/default.nix
View File

@ -2,13 +2,15 @@
, withALSA ? true, alsaLib ? null , withALSA ? true, alsaLib ? null
, withPulseAudio ? false, libpulseaudio ? null , withPulseAudio ? false, libpulseaudio ? null
, withPortAudio ? false, portaudio ? null , withPortAudio ? false, portaudio ? null
, withMPRIS ? false, dbus ? null
}: }:
let let
features = [ "cursive/pancurses-backend" ] features = [ "cursive/pancurses-backend" ]
++ lib.optional withALSA "alsa_backend" ++ lib.optional withALSA "alsa_backend"
++ lib.optional withPulseAudio "pulseaudio_backend" ++ lib.optional withPulseAudio "pulseaudio_backend"
++ lib.optional withPortAudio "portaudio_backend"; ++ lib.optional withPortAudio "portaudio_backend"
++ lib.optional withMPRIS "mpris";
in in
rustPlatform.buildRustPackage rec { rustPlatform.buildRustPackage rec {
pname = "ncspot"; pname = "ncspot";
@ -30,7 +32,8 @@ rustPlatform.buildRustPackage rec {
buildInputs = [ ncurses openssl ] buildInputs = [ ncurses openssl ]
++ lib.optional withALSA alsaLib ++ lib.optional withALSA alsaLib
++ lib.optional withPulseAudio libpulseaudio ++ lib.optional withPulseAudio libpulseaudio
++ lib.optional withPortAudio portaudio; ++ lib.optional withPortAudio portaudio
++ lib.optional withMPRIS dbus;
doCheck = false; doCheck = false;

33
pkgs/applications/audio/picard/default.nix
View File

@ -1,7 +1,15 @@
{ stdenv, python3Packages, fetchFromGitHub, gettext, chromaprint, qt5 }: { stdenv, python3Packages, fetchFromGitHub, gettext, chromaprint, qt5
, enablePlayback ? true
, gst_all_1
}:
let let
pythonPackages = python3Packages; pythonPackages = python3Packages;
pyqt5 = if enablePlayback then
pythonPackages.pyqt5_with_qtmultimedia
else
pythonPackages.pyqt5
;
in pythonPackages.buildPythonApplication rec { in pythonPackages.buildPythonApplication rec {
pname = "picard"; pname = "picard";
version = "2.3.1"; version = "2.3.1";
@ -13,7 +21,16 @@ in pythonPackages.buildPythonApplication rec {
sha256 = "0xalg4dvaqb396h4s6gzxnplgv1lcvsczmmrlhyrj0kfj10amhsj"; sha256 = "0xalg4dvaqb396h4s6gzxnplgv1lcvsczmmrlhyrj0kfj10amhsj";
}; };
nativeBuildInputs = [ gettext qt5.wrapQtAppsHook qt5.qtbase ]; nativeBuildInputs = [ gettext qt5.wrapQtAppsHook qt5.qtbase ]
++ stdenv.lib.optionals (pyqt5.multimediaEnabled) [
qt5.qtmultimedia.bin
gst_all_1.gstreamer
gst_all_1.gst-vaapi
gst_all_1.gst-libav
gst_all_1.gst-plugins-base
gst_all_1.gst-plugins-good
]
;
propagatedBuildInputs = with pythonPackages; [ propagatedBuildInputs = with pythonPackages; [
pyqt5 pyqt5
@ -27,10 +44,14 @@ in pythonPackages.buildPythonApplication rec {
substituteInPlace setup.cfg --replace "" "'" substituteInPlace setup.cfg --replace "" "'"
''; '';
installPhase = '' # In order to spare double wrapping, we use:
python setup.py install --prefix="$out" preFixup = ''
wrapQtApp $out/bin/picard makeWrapperArgs+=("''${qtWrapperArgs[@]}")
''; ''
+ stdenv.lib.optionalString (pyqt5.multimediaEnabled) ''
makeWrapperArgs+=(--prefix GST_PLUGIN_SYSTEM_PATH_1_0 : "$GST_PLUGIN_SYSTEM_PATH_1_0")
''
;
meta = with stdenv.lib; { meta = with stdenv.lib; {
homepage = "https://picard.musicbrainz.org/"; homepage = "https://picard.musicbrainz.org/";

4
pkgs/applications/audio/pt2-clone/default.nix
View File

@ -7,13 +7,13 @@
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
pname = "pt2-clone"; pname = "pt2-clone";
version = "1.06"; version = "1.07";
src = fetchFromGitHub { src = fetchFromGitHub {
owner = "8bitbubsy"; owner = "8bitbubsy";
repo = "pt2-clone"; repo = "pt2-clone";
rev = "v${version}"; rev = "v${version}";
sha256 = "00zifwiprd3i60z4pf4471jxbc33vh9p30ib0lnzwpgjz5pnxqnr"; sha256 = "0g2bp9n05ng2fvqw86pb941zamcqnfz1l066wvh5j3av1w22khi8";
}; };
nativeBuildInputs = [ cmake ]; nativeBuildInputs = [ cmake ];

4
pkgs/applications/audio/pulseeffects/default.nix
View File

@ -46,13 +46,13 @@ let
]; ];
in stdenv.mkDerivation rec { in stdenv.mkDerivation rec {
pname = "pulseeffects"; pname = "pulseeffects";
version = "4.7.1"; version = "4.7.2";
src = fetchFromGitHub { src = fetchFromGitHub {
owner = "wwmm"; owner = "wwmm";
repo = "pulseeffects"; repo = "pulseeffects";
rev = "v${version}"; rev = "v${version}";
sha256 = "1r1hk5zp2cgrwyqkvp8kg2dkbihdyx3ydzhmirkwya8jag9pwadd"; sha256 = "1yga25da5bpg12zkikp6dn4wqhn9f7r10awvjzfcz8s6w9xlz6rx";
}; };
nativeBuildInputs = [ nativeBuildInputs = [

4
pkgs/applications/blockchains/bitcoin-abc.nix
View File

@ -7,13 +7,13 @@ with stdenv.lib;
mkDerivation rec { mkDerivation rec {
name = "bitcoin" + (toString (optional (!withGui) "d")) + "-abc-" + version; name = "bitcoin" + (toString (optional (!withGui) "d")) + "-abc-" + version;
version = "0.21.1"; version = "0.21.3";
src = fetchFromGitHub { src = fetchFromGitHub {
owner = "bitcoin-ABC"; owner = "bitcoin-ABC";
repo = "bitcoin-abc"; repo = "bitcoin-abc";
rev = "v${version}"; rev = "v${version}";
sha256 = "1aswgmzqk3vhxhp5k0m0awk22lf5ayaqg2cmlqy12jvfmpka9lrj"; sha256 = "1pzdgghbsss2qjfgl42lvkbs5yc5q6jnzqnp24lljmrh341g2zn4";
}; };
patches = [ ./fix-bitcoin-qt-build.patch ]; patches = [ ./fix-bitcoin-qt-build.patch ];

6
pkgs/applications/blockchains/go-ethereum.nix
View File

@ -2,16 +2,16 @@
buildGoModule rec { buildGoModule rec {
pname = "go-ethereum"; pname = "go-ethereum";
version = "1.9.11"; version = "1.9.12";
src = fetchFromGitHub { src = fetchFromGitHub {
owner = "ethereum"; owner = "ethereum";
repo = pname; repo = pname;
rev = "v${version}"; rev = "v${version}";
sha256 = "0xhkdxn5ajzi05252is5whqank81xy94jp1l5z2a44rajv8rh9vs"; sha256 = "143imiphyzk3009cfnqj7q013pb1wva13zq63byfj3d204b58cg6";
}; };
modSha256 = "0jcj0knkhyndndyv1j9xhgbg5psagvyd27ailna3x9ikjlb8f7gg"; modSha256 = "15a8if5gx361nrqgv201jy8saq1ir1g18rpqzdmavg4ic75si5x1";
subPackages = [ subPackages = [
"cmd/abigen" "cmd/abigen"

4
pkgs/applications/blockchains/tessera.nix
View File

@ -2,11 +2,11 @@
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
pname = "tessera"; pname = "tessera";
version = "0.10.2"; version = "0.10.4";
src = fetchurl { src = fetchurl {
url = "https://oss.sonatype.org/service/local/repositories/releases/content/com/jpmorgan/quorum/${pname}-app/${version}/${pname}-app-${version}-app.jar"; url = "https://oss.sonatype.org/service/local/repositories/releases/content/com/jpmorgan/quorum/${pname}-app/${version}/${pname}-app-${version}-app.jar";
sha256 = "1zn8w7q0q5man0407kb82lw4mlvyiy9whq2f6izf2b5415f9s0m4"; sha256 = "1sqj0mc80922yavx9hlwnl1kpmavpza2g2aycz1qd0zv0s31z9wj";
}; };
nativeBuildInputs = [ makeWrapper ]; nativeBuildInputs = [ makeWrapper ];

6
pkgs/applications/editors/android-studio/default.nix
View File

@ -8,9 +8,9 @@ let
inherit (gnome2) GConf gnome_vfs; inherit (gnome2) GConf gnome_vfs;
}; };
stableVersion = { stableVersion = {
version = "3.6.1.0"; # "Android Studio 3.6.1" version = "3.6.2.0"; # "Android Studio 3.6.2"
build = "192.6241897"; build = "192.6308749";
sha256Hash = "1mwzk18224bl8hbw9cdxwzgj5cfain4y70q64cpj4p0snffxqm77"; sha256Hash = "04r4iwlmns1lf3wfd32cqmndbdz9rf7hfbi5r6qmvpi8j83fghvr";
}; };
betaVersion = { betaVersion = {
version = "4.0.0.12"; # "Android Studio 4.0 Beta 3" version = "4.0.0.12"; # "Android Studio 4.0 Beta 3"

21
pkgs/applications/editors/uberwriter/default.nix → pkgs/applications/editors/apostrophe/default.nix
View File

@ -1,4 +1,4 @@
{ stdenv, fetchFromGitHub, meson, ninja, cmake { stdenv, fetchFromGitLab, meson, ninja, cmake
, wrapGAppsHook, pkgconfig, desktop-file-utils , wrapGAppsHook, pkgconfig, desktop-file-utils
, appstream-glib, pythonPackages, glib, gobject-introspection , appstream-glib, pythonPackages, glib, gobject-introspection
, gtk3, webkitgtk, glib-networking, gnome3, gspell, texlive , gtk3, webkitgtk, glib-networking, gnome3, gspell, texlive
@ -10,14 +10,15 @@ let
texliveDist = texlive.combined.scheme-medium; texliveDist = texlive.combined.scheme-medium;
in stdenv.mkDerivation rec { in stdenv.mkDerivation rec {
pname = "uberwriter"; pname = "apostrophe";
version = "unstable-2020-01-24"; version = "unstable-2020-03-29";
src = fetchFromGitHub { src = fetchFromGitLab {
owner = pname; owner = "somas";
repo = pname; repo = pname;
rev = "0647b413407eb8789a25c353602c4ac979dc342a"; domain = "gitlab.gnome.org";
sha256 = "19z52fpbf0p7dzx7q0r5pk3nn0c8z69g1hv6db0cqp61cqv5z95q"; rev = "219fa8976e3b8a6f0cea15cfefe4e336423f2bdb";
sha256 = "192n5qs3x6rx62mqxd6wajwm453pns8kjyz5v3xc891an6bm1kqx";
}; };
nativeBuildInputs = [ meson ninja cmake pkgconfig desktop-file-utils nativeBuildInputs = [ meson ninja cmake pkgconfig desktop-file-utils
@ -30,10 +31,10 @@ in stdenv.mkDerivation rec {
postPatch = '' postPatch = ''
patchShebangs --build build-aux/meson_post_install.py patchShebangs --build build-aux/meson_post_install.py
substituteInPlace uberwriter/config.py --replace "/usr/share/uberwriter" "$out/share/uberwriter" substituteInPlace ${pname}/config.py --replace "/usr/share/${pname}" "$out/share/${pname}"
# get rid of unused distributed dependencies # get rid of unused distributed dependencies
rm -r uberwriter/{pylocales,pressagio} rm -r ${pname}/pylocales
''; '';
preFixup = '' preFixup = ''
@ -46,7 +47,7 @@ in stdenv.mkDerivation rec {
''; '';
meta = with stdenv.lib; { meta = with stdenv.lib; {
homepage = http://uberwriter.github.io/uberwriter/; homepage = "https://gitlab.gnome.org/somas/apostrophe";
description = "A distraction free Markdown editor for GNU/Linux"; description = "A distraction free Markdown editor for GNU/Linux";
license = licenses.gpl3; license = licenses.gpl3;
platforms = platforms.linux; platforms = platforms.linux;

28
pkgs/applications/editors/qxmledit/default.nix Normal file
View File

@ -0,0 +1,28 @@
{ stdenv, fetchFromGitHub,
qmake, qtbase, qtxmlpatterns, qtsvg, qtscxml, qtquick1, libGLU }:
stdenv.mkDerivation rec {
name = "qxmledit-${version}" ;
version = "0.9.15" ;
src = fetchFromGitHub ( stdenv.lib.importJSON ./qxmledit.json ) ;
nativeBuildInputs = [ qmake ] ;
buildInputs = [ qtbase qtxmlpatterns qtsvg qtscxml qtquick1 libGLU ] ;
qmakeFlags = [ "CONFIG+=release" ] ;
outputs = [ "out" "doc" ] ;
preConfigure = ''
export QXMLEDIT_INST_DATA_DIR="$out/share/data"
export QXMLEDIT_INST_TRANSLATIONS_DIR="$out/share/i18n"
export QXMLEDIT_INST_INCLUDE_DIR="$out/include"
export QXMLEDIT_INST_DIR="$out/bin"
export QXMLEDIT_INST_LIB_DIR="$out/lib"
export QXMLEDIT_INST_DOC_DIR="$doc"
'';
meta = with stdenv.lib; {
description = "Simple XML editor based on qt libraries" ;
homepage = https://sourceforge.net/projects/qxmledit;
license = licenses.lgpl2;
platforms = platforms.all;
} ;
}

6
pkgs/applications/editors/qxmledit/qxmledit.json Normal file
View File

@ -0,0 +1,6 @@
{
"owner": "lbellonda",
"repo": "qxmledit",
"rev": "6136dca50ceb3b4447c91a7a18dcf84785ea11d1",
"sha256": "1wcnphalwf0a5gz9r44jgk8wcv1w2qipbwjkbzkra2kxanxns834"
}

4
pkgs/applications/editors/texworks/default.nix
View File

@ -5,13 +5,13 @@
mkDerivation rec { mkDerivation rec {
pname = "texworks"; pname = "texworks";
version = "0.6.4"; version = "0.6.5";
src = fetchFromGitHub { src = fetchFromGitHub {
owner = "TeXworks"; owner = "TeXworks";
repo = "texworks"; repo = "texworks";
rev = "release-${version}"; rev = "release-${version}";
sha256 = "0d7f23c6c1wj4aii4h5w9piv01qfb69zrd79dvxwydrk99i8gnl4"; sha256 = "1lw1p4iyzxypvjhnav11g6rwf6gx7kyzwy2iprvv8zzpqcdkjp2z";
}; };
nativeBuildInputs = [ cmake pkg-config ]; nativeBuildInputs = [ cmake pkg-config ];

12
pkgs/applications/editors/vscode/generic.nix
View File

@ -25,7 +25,7 @@ in
comment = "Code Editing. Redefined."; comment = "Code Editing. Redefined.";
genericName = "Text Editor"; genericName = "Text Editor";
exec = executableName; exec = executableName;
icon = "@out@/share/pixmaps/code.png"; icon = "code";
startupNotify = "true"; startupNotify = "true";
categories = "Utility;TextEditor;Development;IDE;"; categories = "Utility;TextEditor;Development;IDE;";
mimeType = "text/plain;inode/directory;"; mimeType = "text/plain;inode/directory;";
@ -37,7 +37,7 @@ in
[Desktop Action new-empty-window] [Desktop Action new-empty-window]
Name=New Empty Window Name=New Empty Window
Exec=${executableName} --new-window %F Exec=${executableName} --new-window %F
Icon=@out@/share/pixmaps/code.png Icon=code
''; '';
}; };
@ -47,7 +47,7 @@ in
comment = "Code Editing. Redefined."; comment = "Code Editing. Redefined.";
genericName = "Text Editor"; genericName = "Text Editor";
exec = executableName + " --open-url %U"; exec = executableName + " --open-url %U";
icon = "@out@/share/pixmaps/code.png"; icon = "code";
startupNotify = "true"; startupNotify = "true";
categories = "Utility;TextEditor;Development;IDE;"; categories = "Utility;TextEditor;Development;IDE;";
mimeType = "x-scheme-handler/vscode;"; mimeType = "x-scheme-handler/vscode;";
@ -83,10 +83,8 @@ in
ln -s $out/lib/vscode/bin/${executableName} $out/bin ln -s $out/lib/vscode/bin/${executableName} $out/bin
mkdir -p $out/share/applications mkdir -p $out/share/applications
substitute $desktopItem/share/applications/${executableName}.desktop $out/share/applications/${executableName}.desktop \ ln -s $desktopItem/share/applications/${executableName}.desktop $out/share/applications/${executableName}.desktop
--subst-var out ln -s $urlHandlerDesktopItem/share/applications/${executableName}-url-handler.desktop $out/share/applications/${executableName}-url-handler.desktop
substitute $urlHandlerDesktopItem/share/applications/${executableName}-url-handler.desktop $out/share/applications/${executableName}-url-handler.desktop \
--subst-var out
mkdir -p $out/share/pixmaps mkdir -p $out/share/pixmaps
cp $out/lib/vscode/resources/app/resources/linux/code.png $out/share/pixmaps/code.png cp $out/lib/vscode/resources/app/resources/linux/code.png $out/share/pixmaps/code.png

Some files were not shown because too many files have changed in this diff Show More