mirror of
https://github.com/SebastianWendel/nixpkgs.git
synced 2024-09-20 20:39:04 +02:00
Merge master into staging-next
This commit is contained in:
commit
ca03e913ca
|
@ -1273,6 +1273,12 @@
|
|||
githubId = 1217745;
|
||||
name = "Aldwin Vlasblom";
|
||||
};
|
||||
aveltras = {
|
||||
email = "romain.viallard@outlook.fr";
|
||||
github = "aveltras";
|
||||
githubId = 790607;
|
||||
name = "Romain Viallard";
|
||||
};
|
||||
avery = {
|
||||
email = "averyl+nixos@protonmail.com";
|
||||
github = "AveryLychee";
|
||||
|
@ -11462,6 +11468,12 @@
|
|||
githubId = 107703;
|
||||
name = "Samuel Rivas";
|
||||
};
|
||||
samw = {
|
||||
email = "sam@wlcx.cc";
|
||||
github = "wlcx";
|
||||
githubId = 3065381;
|
||||
name = "Sam Willcocks";
|
||||
};
|
||||
samyak = {
|
||||
name = "Samyak Sarnayak";
|
||||
email = "samyak201@gmail.com";
|
||||
|
|
|
@ -124,6 +124,13 @@
|
|||
<link xlink:href="options.html#opt-virtualisation.appvm.enable">virtualisation.appvm</link>.
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
<link xlink:href="https://github.com/mozilla-services/syncstorage-rs">syncstorage-rs</link>,
|
||||
a self-hostable sync server for Firefox. Available as
|
||||
<link xlink:href="options.html#opt-services.firefox-syncserver.enable">services.firefox-syncserver</link>.
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
<link xlink:href="https://dragonflydb.io/">dragonflydb</link>,
|
||||
|
|
|
@ -55,6 +55,7 @@ In addition to numerous new and upgraded packages, this release has the followin
|
|||
## New Services {#sec-release-22.11-new-services}
|
||||
|
||||
- [appvm](https://github.com/jollheef/appvm), Nix based app VMs. Available as [virtualisation.appvm](options.html#opt-virtualisation.appvm.enable).
|
||||
- [syncstorage-rs](https://github.com/mozilla-services/syncstorage-rs), a self-hostable sync server for Firefox. Available as [services.firefox-syncserver](options.html#opt-services.firefox-syncserver.enable).
|
||||
|
||||
- [dragonflydb](https://dragonflydb.io/), a modern replacement for Redis and Memcached. Available as [services.dragonflydb](#opt-services.dragonflydb.enable).
|
||||
|
||||
|
|
|
@ -783,6 +783,7 @@
|
|||
./services/networking/expressvpn.nix
|
||||
./services/networking/fakeroute.nix
|
||||
./services/networking/ferm.nix
|
||||
./services/networking/firefox-syncserver.nix
|
||||
./services/networking/fireqos.nix
|
||||
./services/networking/firewall.nix
|
||||
./services/networking/flannel.nix
|
||||
|
|
55
nixos/modules/services/networking/firefox-syncserver.md
Normal file
55
nixos/modules/services/networking/firefox-syncserver.md
Normal file
|
@ -0,0 +1,55 @@
|
|||
# Firefox Sync server {#module-services-firefox-syncserver}
|
||||
|
||||
A storage server for Firefox Sync that you can easily host yourself.
|
||||
|
||||
## Quickstart {#module-services-firefox-syncserver-quickstart}
|
||||
|
||||
The absolute minimal configuration for the sync server looks like this:
|
||||
|
||||
```nix
|
||||
services.mysql.package = pkgs.mariadb;
|
||||
|
||||
services.firefox-syncserver = {
|
||||
enable = true;
|
||||
secrets = builtins.toFile "sync-secrets" ''
|
||||
SYNC_MASTER_SECRET=this-secret-is-actually-leaked-to-/nix/store
|
||||
'';
|
||||
singleNode = {
|
||||
enable = true;
|
||||
hostname = "localhost";
|
||||
url = "http://localhost:5000";
|
||||
};
|
||||
};
|
||||
```
|
||||
|
||||
This will start a sync server that is only accessible locally. Once the services is
|
||||
running you can navigate to `about:config` in your Firefox profile and set
|
||||
`identity.sync.tokenserver.uri` to `http://localhost:5000/1.0/sync/1.5`. Your browser
|
||||
will now use your local sync server for data storage.
|
||||
|
||||
::: {.warning}
|
||||
This configuration should never be used in production. It is not encrypted and
|
||||
stores its secrets in a world-readable location.
|
||||
:::
|
||||
|
||||
## More detailed setup {#module-services-firefox-syncserver-configuration}
|
||||
|
||||
The `firefox-syncserver` service provides a number of options to make setting up
|
||||
small deployment easier. These are grouped under the `singleNode` element of the
|
||||
option tree and allow simple configuration of the most important parameters.
|
||||
|
||||
Single node setup is split into two kinds of options: those that affect the sync
|
||||
server itself, and those that affect its surroundings. Options that affect the
|
||||
sync server are `capacity`, which configures how many accounts may be active on
|
||||
this instance, and `url`, which holds the URL under which the sync server can be
|
||||
accessed. The `url` can be configured automatically when using nginx.
|
||||
|
||||
Options that affect the surroundings of the sync server are `enableNginx`,
|
||||
`enableTLS` and `hostnam`. If `enableNginx` is set the sync server module will
|
||||
automatically add an nginx virtual host to the system using `hostname` as the
|
||||
domain and set `url` accordingly. If `enableTLS` is set the module will also
|
||||
enable ACME certificates on the new virtual host and force all connections to
|
||||
be made via TLS.
|
||||
|
||||
For actual deployment it is also recommended to store the `secrets` file in a
|
||||
secure location.
|
328
nixos/modules/services/networking/firefox-syncserver.nix
Normal file
328
nixos/modules/services/networking/firefox-syncserver.nix
Normal file
|
@ -0,0 +1,328 @@
|
|||
{ config, pkgs, lib, options, ... }:
|
||||
|
||||
let
|
||||
cfg = config.services.firefox-syncserver;
|
||||
opt = options.services.firefox-syncserver;
|
||||
defaultDatabase = "firefox_syncserver";
|
||||
defaultUser = "firefox-syncserver";
|
||||
|
||||
dbIsLocal = cfg.database.host == "localhost";
|
||||
dbURL = "mysql://${cfg.database.user}@${cfg.database.host}/${cfg.database.name}";
|
||||
|
||||
format = pkgs.formats.toml {};
|
||||
settings = {
|
||||
database_url = dbURL;
|
||||
human_logs = true;
|
||||
tokenserver = {
|
||||
node_type = "mysql";
|
||||
database_url = dbURL;
|
||||
fxa_email_domain = "api.accounts.firefox.com";
|
||||
fxa_oauth_server_url = "https://oauth.accounts.firefox.com/v1";
|
||||
run_migrations = true;
|
||||
} // lib.optionalAttrs cfg.singleNode.enable {
|
||||
# Single-node mode is likely to be used on small instances with little
|
||||
# capacity. The default value (0.1) can only ever release capacity when
|
||||
# accounts are removed if the total capacity is 10 or larger to begin
|
||||
# with.
|
||||
# https://github.com/mozilla-services/syncstorage-rs/issues/1313#issuecomment-1145293375
|
||||
node_capacity_release_rate = 1;
|
||||
};
|
||||
};
|
||||
configFile = format.generate "syncstorage.toml" (lib.recursiveUpdate settings cfg.settings);
|
||||
in
|
||||
|
||||
{
|
||||
options = {
|
||||
services.firefox-syncserver = {
|
||||
enable = lib.mkEnableOption ''
|
||||
the Firefox Sync storage service.
|
||||
|
||||
Out of the box this will not be very useful unless you also configure at least
|
||||
one service and one nodes by inserting them into the mysql database manually, e.g.
|
||||
by running
|
||||
|
||||
<programlisting>
|
||||
INSERT INTO `services` (`id`, `service`, `pattern`) VALUES ('1', 'sync-1.5', '{node}/1.5/{uid}');
|
||||
INSERT INTO `nodes` (`id`, `service`, `node`, `available`, `current_load`,
|
||||
`capacity`, `downed`, `backoff`)
|
||||
VALUES ('1', '1', 'https://mydomain.tld', '1', '0', '10', '0', '0');
|
||||
</programlisting>
|
||||
|
||||
<option>${opt.singleNode.enable}</option> does this automatically when enabled
|
||||
'';
|
||||
|
||||
package = lib.mkOption {
|
||||
type = lib.types.package;
|
||||
default = pkgs.syncstorage-rs;
|
||||
defaultText = lib.literalExpression "pkgs.syncstorage-rs";
|
||||
description = ''
|
||||
Package to use.
|
||||
'';
|
||||
};
|
||||
|
||||
database.name = lib.mkOption {
|
||||
# the mysql module does not allow `-quoting without resorting to shell
|
||||
# escaping, so we restrict db names for forward compaitiblity should this
|
||||
# behavior ever change.
|
||||
type = lib.types.strMatching "[a-z_][a-z0-9_]*";
|
||||
default = defaultDatabase;
|
||||
description = ''
|
||||
Database to use for storage. Will be created automatically if it does not exist
|
||||
and <literal>config.${opt.database.createLocally}</literal> is set.
|
||||
'';
|
||||
};
|
||||
|
||||
database.user = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
default = defaultUser;
|
||||
description = ''
|
||||
Username for database connections.
|
||||
'';
|
||||
};
|
||||
|
||||
database.host = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
default = "localhost";
|
||||
description = ''
|
||||
Database host name. <literal>localhost</literal> is treated specially and inserts
|
||||
systemd dependencies, other hostnames or IP addresses of the local machine do not.
|
||||
'';
|
||||
};
|
||||
|
||||
database.createLocally = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
default = true;
|
||||
description = ''
|
||||
Whether to create database and user on the local machine if they do not exist.
|
||||
This includes enabling unix domain socket authentication for the configured user.
|
||||
'';
|
||||
};
|
||||
|
||||
logLevel = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
default = "error";
|
||||
description = ''
|
||||
Log level to run with. This can be a simple log level like <literal>error</literal>
|
||||
or <literal>trace</literal>, or a more complicated logging expression.
|
||||
'';
|
||||
};
|
||||
|
||||
secrets = lib.mkOption {
|
||||
type = lib.types.path;
|
||||
description = ''
|
||||
A file containing the various secrets. Should be in the format expected by systemd's
|
||||
<literal>EnvironmentFile</literal> directory. Two secrets are currently available:
|
||||
<literal>SYNC_MASTER_SECRET</literal> and
|
||||
<literal>SYNC_TOKENSERVER__FXA_METRICS_HASH_SECRET</literal>.
|
||||
'';
|
||||
};
|
||||
|
||||
singleNode = {
|
||||
enable = lib.mkEnableOption "auto-configuration for a simple single-node setup";
|
||||
|
||||
enableTLS = lib.mkEnableOption "automatic TLS setup";
|
||||
|
||||
enableNginx = lib.mkEnableOption "nginx virtualhost definitions";
|
||||
|
||||
hostname = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
description = ''
|
||||
Host name to use for this service.
|
||||
'';
|
||||
};
|
||||
|
||||
capacity = lib.mkOption {
|
||||
type = lib.types.ints.unsigned;
|
||||
default = 10;
|
||||
description = ''
|
||||
How many sync accounts are allowed on this server. Setting this value
|
||||
equal to or less than the number of currently active accounts will
|
||||
effectively deny service to accounts not yet registered here.
|
||||
'';
|
||||
};
|
||||
|
||||
url = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
default = "${if cfg.singleNode.enableTLS then "https" else "http"}://${cfg.singleNode.hostname}";
|
||||
defaultText = lib.literalExpression ''
|
||||
''${if cfg.singleNode.enableTLS then "https" else "http"}://''${config.${opt.singleNode.hostname}}
|
||||
'';
|
||||
description = ''
|
||||
URL of the host. If you are not using the automatic webserver proxy setup you will have
|
||||
to change this setting or your sync server may not be functional.
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
||||
settings = lib.mkOption {
|
||||
type = lib.types.submodule {
|
||||
freeformType = format.type;
|
||||
|
||||
options = {
|
||||
port = lib.mkOption {
|
||||
type = lib.types.port;
|
||||
default = 5000;
|
||||
description = ''
|
||||
Port to bind to.
|
||||
'';
|
||||
};
|
||||
|
||||
tokenserver.enabled = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
default = true;
|
||||
description = ''
|
||||
Whether to enable the token service as well.
|
||||
'';
|
||||
};
|
||||
};
|
||||
};
|
||||
default = { };
|
||||
description = ''
|
||||
Settings for the sync server. These take priority over values computed
|
||||
from NixOS options.
|
||||
|
||||
See the doc comments on the <literal>Settings</literal> structs in
|
||||
<link xlink:href="https://github.com/mozilla-services/syncstorage-rs/blob/master/syncstorage/src/settings.rs" />
|
||||
and
|
||||
<link xlink:href="https://github.com/mozilla-services/syncstorage-rs/blob/master/syncstorage/src/tokenserver/settings.rs" />
|
||||
for available options.
|
||||
'';
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
config = lib.mkIf cfg.enable {
|
||||
services.mysql = lib.mkIf cfg.database.createLocally {
|
||||
enable = true;
|
||||
ensureDatabases = [ cfg.database.name ];
|
||||
ensureUsers = [{
|
||||
name = cfg.database.user;
|
||||
ensurePermissions = {
|
||||
"${cfg.database.name}.*" = "all privileges";
|
||||
};
|
||||
}];
|
||||
};
|
||||
|
||||
systemd.services.firefox-syncserver = {
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
requires = lib.mkIf dbIsLocal [ "mysql.service" ];
|
||||
after = lib.mkIf dbIsLocal [ "mysql.service" ];
|
||||
environment.RUST_LOG = cfg.logLevel;
|
||||
serviceConfig = {
|
||||
User = defaultUser;
|
||||
Group = defaultUser;
|
||||
ExecStart = "${cfg.package}/bin/syncstorage --config ${configFile}";
|
||||
Stderr = "journal";
|
||||
EnvironmentFile = lib.mkIf (cfg.secrets != null) "${cfg.secrets}";
|
||||
|
||||
# hardening
|
||||
RemoveIPC = true;
|
||||
CapabilityBoundingSet = [ "" ];
|
||||
DynamicUser = true;
|
||||
NoNewPrivileges = true;
|
||||
PrivateDevices = true;
|
||||
ProtectClock = true;
|
||||
ProtectKernelLogs = true;
|
||||
ProtectControlGroups = true;
|
||||
ProtectKernelModules = true;
|
||||
SystemCallArchitectures = "native";
|
||||
# syncstorage-rs uses python-cffi internally, and python-cffi does not
|
||||
# work with MemoryDenyWriteExecute=true
|
||||
MemoryDenyWriteExecute = false;
|
||||
RestrictNamespaces = true;
|
||||
RestrictSUIDSGID = true;
|
||||
ProtectHostname = true;
|
||||
LockPersonality = true;
|
||||
ProtectKernelTunables = true;
|
||||
RestrictAddressFamilies = [ "AF_INET" "AF_INET6" "AF_UNIX" ];
|
||||
RestrictRealtime = true;
|
||||
ProtectSystem = "strict";
|
||||
ProtectProc = "invisible";
|
||||
ProcSubset = "pid";
|
||||
ProtectHome = true;
|
||||
PrivateUsers = true;
|
||||
PrivateTmp = true;
|
||||
SystemCallFilter = [ "@system-service" "~ @privileged @resources" ];
|
||||
UMask = "0077";
|
||||
};
|
||||
};
|
||||
|
||||
systemd.services.firefox-syncserver-setup = lib.mkIf cfg.singleNode.enable {
|
||||
wantedBy = [ "firefox-syncserver.service" ];
|
||||
requires = [ "firefox-syncserver.service" ] ++ lib.optional dbIsLocal "mysql.service";
|
||||
after = [ "firefox-syncserver.service" ] ++ lib.optional dbIsLocal "mysql.service";
|
||||
path = [ config.services.mysql.package ];
|
||||
script = ''
|
||||
set -euo pipefail
|
||||
shopt -s inherit_errexit
|
||||
|
||||
schema_configured() {
|
||||
mysql ${cfg.database.name} -Ne 'SHOW TABLES' | grep -q services
|
||||
}
|
||||
|
||||
services_configured() {
|
||||
[ 1 != $(mysql ${cfg.database.name} -Ne 'SELECT COUNT(*) < 1 FROM `services`') ]
|
||||
}
|
||||
|
||||
create_services() {
|
||||
mysql ${cfg.database.name} <<"EOF"
|
||||
BEGIN;
|
||||
|
||||
INSERT INTO `services` (`id`, `service`, `pattern`)
|
||||
VALUES (1, 'sync-1.5', '{node}/1.5/{uid}');
|
||||
INSERT INTO `nodes` (`id`, `service`, `node`, `available`, `current_load`,
|
||||
`capacity`, `downed`, `backoff`)
|
||||
VALUES (1, 1, '${cfg.singleNode.url}', ${toString cfg.singleNode.capacity},
|
||||
0, ${toString cfg.singleNode.capacity}, 0, 0);
|
||||
|
||||
COMMIT;
|
||||
EOF
|
||||
}
|
||||
|
||||
update_nodes() {
|
||||
mysql ${cfg.database.name} <<"EOF"
|
||||
UPDATE `nodes`
|
||||
SET `capacity` = ${toString cfg.singleNode.capacity}
|
||||
WHERE `id` = 1;
|
||||
EOF
|
||||
}
|
||||
|
||||
for (( try = 0; try < 60; try++ )); do
|
||||
if ! schema_configured; then
|
||||
sleep 2
|
||||
elif services_configured; then
|
||||
update_nodes
|
||||
exit 0
|
||||
else
|
||||
create_services
|
||||
exit 0
|
||||
fi
|
||||
done
|
||||
|
||||
echo "Single-node setup failed"
|
||||
exit 1
|
||||
'';
|
||||
};
|
||||
|
||||
services.nginx.virtualHosts = lib.mkIf cfg.singleNode.enableNginx {
|
||||
${cfg.singleNode.hostname} = {
|
||||
enableACME = cfg.singleNode.enableTLS;
|
||||
forceSSL = cfg.singleNode.enableTLS;
|
||||
locations."/" = {
|
||||
proxyPass = "http://localhost:${toString cfg.settings.port}";
|
||||
# source mentions that this header should be set
|
||||
extraConfig = ''
|
||||
add_header X-Content-Type-Options nosniff;
|
||||
'';
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
meta = {
|
||||
maintainers = with lib.maintainers; [ pennae ];
|
||||
# Don't edit the docbook xml directly, edit the md and generate it:
|
||||
# `pandoc firefox-syncserver.md -t docbook --top-level-division=chapter --extract-media=media -f markdown+smart > firefox-syncserver.xml`
|
||||
doc = ./firefox-syncserver.xml;
|
||||
};
|
||||
}
|
77
nixos/modules/services/networking/firefox-syncserver.xml
Normal file
77
nixos/modules/services/networking/firefox-syncserver.xml
Normal file
|
@ -0,0 +1,77 @@
|
|||
<chapter xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink" xml:id="module-services-firefox-syncserver">
|
||||
<title>Firefox Sync server</title>
|
||||
<para>
|
||||
A storage server for Firefox Sync that you can easily host yourself.
|
||||
</para>
|
||||
<section xml:id="module-services-firefox-syncserver-quickstart">
|
||||
<title>Quickstart</title>
|
||||
<para>
|
||||
The absolute minimal configuration for the sync server looks like
|
||||
this:
|
||||
</para>
|
||||
<programlisting language="nix">
|
||||
services.mysql.package = pkgs.mariadb;
|
||||
|
||||
services.firefox-syncserver = {
|
||||
enable = true;
|
||||
secrets = builtins.toFile "sync-secrets" ''
|
||||
SYNC_MASTER_SECRET=this-secret-is-actually-leaked-to-/nix/store
|
||||
'';
|
||||
singleNode = {
|
||||
enable = true;
|
||||
hostname = "localhost";
|
||||
url = "http://localhost:5000";
|
||||
};
|
||||
};
|
||||
</programlisting>
|
||||
<para>
|
||||
This will start a sync server that is only accessible locally.
|
||||
Once the services is running you can navigate to
|
||||
<literal>about:config</literal> in your Firefox profile and set
|
||||
<literal>identity.sync.tokenserver.uri</literal> to
|
||||
<literal>http://localhost:5000/1.0/sync/1.5</literal>. Your
|
||||
browser will now use your local sync server for data storage.
|
||||
</para>
|
||||
<warning>
|
||||
<para>
|
||||
This configuration should never be used in production. It is not
|
||||
encrypted and stores its secrets in a world-readable location.
|
||||
</para>
|
||||
</warning>
|
||||
</section>
|
||||
<section xml:id="module-services-firefox-syncserver-configuration">
|
||||
<title>More detailed setup</title>
|
||||
<para>
|
||||
The <literal>firefox-syncserver</literal> service provides a
|
||||
number of options to make setting up small deployment easier.
|
||||
These are grouped under the <literal>singleNode</literal> element
|
||||
of the option tree and allow simple configuration of the most
|
||||
important parameters.
|
||||
</para>
|
||||
<para>
|
||||
Single node setup is split into two kinds of options: those that
|
||||
affect the sync server itself, and those that affect its
|
||||
surroundings. Options that affect the sync server are
|
||||
<literal>capacity</literal>, which configures how many accounts
|
||||
may be active on this instance, and <literal>url</literal>, which
|
||||
holds the URL under which the sync server can be accessed. The
|
||||
<literal>url</literal> can be configured automatically when using
|
||||
nginx.
|
||||
</para>
|
||||
<para>
|
||||
Options that affect the surroundings of the sync server are
|
||||
<literal>enableNginx</literal>, <literal>enableTLS</literal> and
|
||||
<literal>hostnam</literal>. If <literal>enableNginx</literal> is
|
||||
set the sync server module will automatically add an nginx virtual
|
||||
host to the system using <literal>hostname</literal> as the domain
|
||||
and set <literal>url</literal> accordingly. If
|
||||
<literal>enableTLS</literal> is set the module will also enable
|
||||
ACME certificates on the new virtual host and force all
|
||||
connections to be made via TLS.
|
||||
</para>
|
||||
<para>
|
||||
For actual deployment it is also recommended to store the
|
||||
<literal>secrets</literal> file in a secure location.
|
||||
</para>
|
||||
</section>
|
||||
</chapter>
|
|
@ -4,16 +4,23 @@ let
|
|||
keysPath = "/var/lib/yggdrasil/keys.json";
|
||||
|
||||
cfg = config.services.yggdrasil;
|
||||
configProvided = cfg.config != { };
|
||||
settingsProvided = cfg.settings != { };
|
||||
configFileProvided = cfg.configFile != null;
|
||||
|
||||
format = pkgs.formats.json { };
|
||||
in {
|
||||
imports = [
|
||||
(mkRenamedOptionModule
|
||||
[ "services" "yggdrasil" "config" ]
|
||||
[ "services" "yggdrasil" "settings" ])
|
||||
];
|
||||
|
||||
options = with types; {
|
||||
services.yggdrasil = {
|
||||
enable = mkEnableOption "the yggdrasil system service";
|
||||
|
||||
config = mkOption {
|
||||
type = attrs;
|
||||
settings = mkOption {
|
||||
type = format.type;
|
||||
default = {};
|
||||
example = {
|
||||
Peers = [
|
||||
|
@ -138,11 +145,11 @@ in {
|
|||
wantedBy = [ "multi-user.target" ];
|
||||
|
||||
preStart =
|
||||
(if configProvided || configFileProvided || cfg.persistentKeys then
|
||||
(if settingsProvided || configFileProvided || cfg.persistentKeys then
|
||||
"echo "
|
||||
|
||||
+ (lib.optionalString configProvided
|
||||
"'${builtins.toJSON cfg.config}'")
|
||||
+ (lib.optionalString settingsProvided
|
||||
"'${builtins.toJSON cfg.settings}'")
|
||||
+ (lib.optionalString configFileProvided "$(cat ${cfg.configFile})")
|
||||
+ (lib.optionalString cfg.persistentKeys "$(cat ${keysPath})")
|
||||
+ " | ${pkgs.jq}/bin/jq -s add | ${binYggdrasil} -normaliseconf -useconf"
|
||||
|
|
|
@ -42,7 +42,7 @@ in import ./make-test-python.nix ({ pkgs, ...} : {
|
|||
|
||||
services.yggdrasil = {
|
||||
enable = true;
|
||||
config = {
|
||||
settings = {
|
||||
Listen = ["tcp://0.0.0.0:12345"];
|
||||
MulticastInterfaces = [ ];
|
||||
};
|
||||
|
@ -112,7 +112,7 @@ in import ./make-test-python.nix ({ pkgs, ...} : {
|
|||
services.yggdrasil = {
|
||||
enable = true;
|
||||
denyDhcpcdInterfaces = [ "ygg0" ];
|
||||
config = {
|
||||
settings = {
|
||||
IfTAPMode = true;
|
||||
IfName = "ygg0";
|
||||
MulticastInterfaces = [ "eth1" ];
|
||||
|
|
|
@ -34,11 +34,11 @@ let
|
|||
in
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "bisq-desktop";
|
||||
version = "1.9.1";
|
||||
version = "1.9.4";
|
||||
|
||||
src = fetchurl {
|
||||
url = "https://github.com/bisq-network/bisq/releases/download/v${version}/Bisq-64bit-${version}.deb";
|
||||
sha256 = "0gzfcp255z542adk1g6gsmfpp5zpivv6n1f5kzqgwgm5qmr24049";
|
||||
sha256 = "sha256-8CgbJ5gfzIEh5ppwvQxYz1IES7Dd4MZCac0uVLh/YaY=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ makeWrapper copyDesktopItems imagemagick dpkg zip xz ];
|
||||
|
|
|
@ -2,14 +2,14 @@
|
|||
|
||||
rustPlatform.buildRustPackage rec {
|
||||
pname = "lscolors";
|
||||
version = "0.11.1";
|
||||
version = "0.12.0";
|
||||
|
||||
src = fetchCrate {
|
||||
inherit version pname;
|
||||
sha256 = "sha256-RU5DhrfB4XlrI4fHUw0/88Ib6H6xvDlRwUNPPwgVKE0=";
|
||||
sha256 = "sha256-1tLI+M2hpXWsiO/x27ncs8zn8dBDx18AgsSbN/YE2Ic=";
|
||||
};
|
||||
|
||||
cargoSha256 = "sha256-COWvR7B9tXGuPaD311bFzuoqkISDlIOD6GDQdFa6wT4=";
|
||||
cargoSha256 = "sha256-4bFzFztaD9jV3GXpZwCowAhvszedM5ion5/h3D26EY8=";
|
||||
|
||||
# setid is not allowed in the sandbox
|
||||
checkFlags = [ "--skip=tests::style_for_setid" ];
|
||||
|
|
|
@ -0,0 +1,46 @@
|
|||
{ stdenv
|
||||
, lib
|
||||
, dpkg
|
||||
, fetchurl
|
||||
, autoPatchelfHook
|
||||
, glib-networking
|
||||
, openssl
|
||||
, webkitgtk
|
||||
, wrapGAppsHook
|
||||
}:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
name = "cinny-desktop";
|
||||
version = "2.1.1";
|
||||
|
||||
src = fetchurl {
|
||||
url = "https://github.com/cinnyapp/cinny-desktop/releases/download/v${version}/Cinny_desktop-x86_64.deb";
|
||||
sha256 = "sha256-4jd+N3a+u+c+XLwgr8BvvdkVLzo+xTBKFdjiQeu7NJU=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [
|
||||
autoPatchelfHook
|
||||
dpkg
|
||||
];
|
||||
|
||||
buildInputs = [
|
||||
glib-networking
|
||||
openssl
|
||||
webkitgtk
|
||||
wrapGAppsHook
|
||||
];
|
||||
|
||||
unpackCmd = "dpkg-deb -x $curSrc source";
|
||||
|
||||
installPhase = "mv usr $out";
|
||||
|
||||
meta = with lib; {
|
||||
description = "Yet another matrix client for desktop";
|
||||
homepage = "https://github.com/cinnyapp/cinny-desktop";
|
||||
maintainers = [ maintainers.aveltras ];
|
||||
license = licenses.mit;
|
||||
sourceProvenance = with sourceTypes; [ binaryNativeCode ];
|
||||
platforms = platforms.linux;
|
||||
mainProgram = "cinny";
|
||||
};
|
||||
}
|
|
@ -5,16 +5,16 @@
|
|||
|
||||
buildGoModule rec {
|
||||
pname = "rclone";
|
||||
version = "1.59.0";
|
||||
version = "1.59.1";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = pname;
|
||||
repo = pname;
|
||||
rev = "v${version}";
|
||||
sha256 = "sha256-SHUAEjdcqzNiIxSsmYb71JiOhWPoi8Z2nJAReRw2M5k=";
|
||||
sha256 = "sha256-eblCMe9ywJztjsWmngUkB/IE2ePI9Yin2jkxBW0tTbQ=";
|
||||
};
|
||||
|
||||
vendorSha256 = "sha256-ajOUvZ/0D8QL4MY6xO+hZziyUtIB0WQERU6Ov06K9I8=";
|
||||
vendorSha256 = "sha256-MZ5RtB4UGHPlMxyQ0VbX5iPpZw98oUuEhuMBDZcYiw8=";
|
||||
|
||||
subPackages = [ "." ];
|
||||
|
||||
|
|
|
@ -1,14 +1,22 @@
|
|||
{ lib, stdenvNoCC, fetchFromGitHub , gtk3, adwaita-icon-theme, breeze-icons, hicolor-icon-theme }:
|
||||
{ lib
|
||||
, stdenvNoCC
|
||||
, fetchFromGitHub
|
||||
, gtk3
|
||||
, adwaita-icon-theme
|
||||
, breeze-icons
|
||||
, hicolor-icon-theme
|
||||
, gitUpdater
|
||||
}:
|
||||
|
||||
stdenvNoCC.mkDerivation rec {
|
||||
pname = "kora-icon-theme";
|
||||
version = "1.5.2";
|
||||
version = "1.5.3";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "bikass";
|
||||
repo = "kora";
|
||||
rev = "v${version}";
|
||||
sha256 = "sha256-OwuePPn4seHbzv81pnTEP1Q0Tp1ywZIEmw+dx3bDoXw=";
|
||||
sha256 = "sha256-j4W9w/icGjfkbbb0xYF3NfSFsp5RkNCc805E089JaFQ=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [
|
||||
|
@ -27,7 +35,8 @@ stdenvNoCC.mkDerivation rec {
|
|||
runHook preInstall
|
||||
|
||||
mkdir -p $out/share/icons
|
||||
mv kora* $out/share/icons/
|
||||
cp -a kora* $out/share/icons/
|
||||
rm $out/share/icons/kora*/create-new-icon-theme.cache.sh
|
||||
|
||||
for theme in $out/share/icons/*; do
|
||||
gtk-update-icon-cache -f $theme
|
||||
|
@ -36,11 +45,16 @@ stdenvNoCC.mkDerivation rec {
|
|||
runHook postInstall
|
||||
'';
|
||||
|
||||
passthru.updateScript = gitUpdater {
|
||||
inherit pname version;
|
||||
rev-prefix = "v";
|
||||
};
|
||||
|
||||
meta = with lib; {
|
||||
description = "An SVG icon theme in four variants";
|
||||
homepage = "https://github.com/bikass/kora";
|
||||
license = with licenses; [ gpl3Only ];
|
||||
platforms = platforms.linux;
|
||||
maintainers = with maintainers; [ ];
|
||||
maintainers = with maintainers; [ romildo ];
|
||||
};
|
||||
}
|
||||
|
|
|
@ -6,22 +6,22 @@
|
|||
, gtk-engine-murrine
|
||||
, sassc
|
||||
, which
|
||||
, tweaks ? [ ] # can be "nord" "black" "rimless". cannot mix "nord" and "black"
|
||||
, size ? "standard" # can be "standard" "compact"
|
||||
, tweaks ? [ ]
|
||||
, size ? "standard"
|
||||
}:
|
||||
let
|
||||
validSizes = [ "standard" "compact" ];
|
||||
validTweaks = [ "nord" "black" "rimless" ];
|
||||
validTweaks = [ "nord" "dracula" "black" "rimless" "normal" ];
|
||||
|
||||
unknownTweaks = lib.subtractLists validTweaks tweaks;
|
||||
illegalMix = !(lib.elem "nord" tweaks) && !(lib.elem "black" tweaks);
|
||||
illegalMix = !(lib.elem "nord" tweaks) && !(lib.elem "dracula" tweaks);
|
||||
|
||||
assertIllegal = lib.assertMsg illegalMix ''
|
||||
Tweaks "nord" and "black" cannot be mixed. Tweaks: ${toString tweaks}
|
||||
Tweaks "nord" and "dracula" cannot be mixed. Tweaks: ${toString tweaks}
|
||||
'';
|
||||
|
||||
assertSize = lib.assertMsg (lib.elem size validSizes) ''
|
||||
You entered wrong size: ${size}
|
||||
You entered a wrong size: ${size}
|
||||
Valid sizes are: ${toString validSizes}
|
||||
'';
|
||||
|
||||
|
@ -37,13 +37,13 @@ assert assertUnknown;
|
|||
|
||||
stdenvNoCC.mkDerivation rec {
|
||||
pname = "catppuccin-gtk";
|
||||
version = "unstable-2022-02-24";
|
||||
version = "unstable-2022-08-01";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
repo = "gtk";
|
||||
owner = "catppuccin";
|
||||
rev = "359c584f607c021fcc657ce77b81c181ebaff6de";
|
||||
sha256 = "sha256-AVhFw1XTnkU0hoM+UyjT7ZevLkePybBATJUMLqRytpk=";
|
||||
rev = "87a79fd2bf07accc694455df30a32a82b1b31f4f";
|
||||
sha256 = "sha256-dKHTQva0BYkO6VPNfY/pzRn/V1ghX+tYqbnM9hTAMeE=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ gtk3 sassc which ];
|
||||
|
@ -52,25 +52,17 @@ stdenvNoCC.mkDerivation rec {
|
|||
|
||||
propagatedUserEnvPkgs = [ gtk-engine-murrine ];
|
||||
|
||||
patches = [
|
||||
# Allows installing with `-t all`. Works around missing grey assets.
|
||||
# https://github.com/catppuccin/gtk/issues/17
|
||||
./grey-fix.patch
|
||||
];
|
||||
|
||||
postPatch = ''
|
||||
patchShebangs --build scripts/*
|
||||
substituteInPlace Makefile \
|
||||
--replace '$(shell git rev-parse --show-toplevel)' "$PWD"
|
||||
substituteInPlace 'scripts/install.sh' \
|
||||
--replace '$(git rev-parse --show-toplevel)' "$PWD"
|
||||
patchShebangs --build clean-old-theme.sh install.sh
|
||||
'';
|
||||
|
||||
installPhase = ''
|
||||
runHook preInstall
|
||||
|
||||
export HOME=$(mktemp -d)
|
||||
|
||||
mkdir -p $out/share/themes
|
||||
bash scripts/install.sh -d $out/share/themes -t all \
|
||||
bash install.sh -d $out/share/themes -t all \
|
||||
${lib.optionalString (size != "") "-s ${size}"} \
|
||||
${lib.optionalString (tweaks != []) "--tweaks " + builtins.toString tweaks}
|
||||
|
||||
|
@ -78,7 +70,7 @@ stdenvNoCC.mkDerivation rec {
|
|||
'';
|
||||
|
||||
meta = with lib; {
|
||||
description = "Soothing pastel theme for GTK3";
|
||||
description = "Soothing pastel theme for GTK";
|
||||
homepage = "https://github.com/catppuccin/gtk";
|
||||
license = licenses.gpl3Plus;
|
||||
platforms = platforms.linux;
|
||||
|
|
|
@ -1,12 +0,0 @@
|
|||
diff --git a/scripts/install.sh b/scripts/install.sh
|
||||
index d2a2b86..bd05c93 100755
|
||||
--- a/scripts/install.sh
|
||||
+++ b/scripts/install.sh
|
||||
@@ -20,7 +20,7 @@ fi
|
||||
SASSC_OPT="-M -t expanded"
|
||||
|
||||
THEME_NAME=Catppuccin
|
||||
-THEME_VARIANTS=('' '-purple' '-pink' '-red' '-orange' '-yellow' '-green' '-teal' '-grey')
|
||||
+THEME_VARIANTS=('' '-purple' '-pink' '-red' '-orange' '-yellow' '-green' '-teal')
|
||||
COLOR_VARIANTS=('' '-light' '-dark')
|
||||
SIZE_VARIANTS=('' '-compact')
|
|
@ -1,5 +1,3 @@
|
|||
export HARECACHE="$NIX_BUILD_TOP/.harecache"
|
||||
|
||||
addHarepath () {
|
||||
for haredir in third-party stdlib; do
|
||||
if [[ -d "$1/src/hare/$haredir" ]]; then
|
||||
|
|
|
@ -8,8 +8,14 @@
|
|||
, ninja
|
||||
, pkg-config
|
||||
, gcc
|
||||
, mesa
|
||||
, gtk3
|
||||
, glfw
|
||||
, libGLU
|
||||
, curl
|
||||
, cudaSupport ? config.cudaSupport or false, cudaPackages ? {}
|
||||
, enablePython ? false, pythonPackages ? null
|
||||
, enableGUI ? false,
|
||||
}:
|
||||
|
||||
assert cudaSupport -> (cudaPackages?cudatoolkit && cudaPackages.cudatoolkit != null);
|
||||
|
@ -32,7 +38,8 @@ stdenv.mkDerivation rec {
|
|||
libusb1
|
||||
gcc.cc.lib
|
||||
] ++ lib.optional cudaSupport cudaPackages.cudatoolkit
|
||||
++ lib.optionals enablePython (with pythonPackages; [python pybind11 ]);
|
||||
++ lib.optionals enablePython (with pythonPackages; [ python pybind11 ])
|
||||
++ lib.optionals enableGUI [ mesa gtk3 glfw libGLU curl ];
|
||||
|
||||
patches = [
|
||||
# fix build on aarch64-darwin
|
||||
|
@ -53,8 +60,9 @@ stdenv.mkDerivation rec {
|
|||
|
||||
cmakeFlags = [
|
||||
"-DBUILD_EXAMPLES=ON"
|
||||
"-DBUILD_GRAPHICAL_EXAMPLES=OFF"
|
||||
"-DBUILD_GLSL_EXTENSIONS=OFF"
|
||||
"-DBUILD_GRAPHICAL_EXAMPLES=${lib.boolToString enableGUI}"
|
||||
"-DBUILD_GLSL_EXTENSIONS=${lib.boolToString enableGUI}"
|
||||
"-DCHECK_FOR_UPDATES=OFF" # activated by BUILD_GRAPHICAL_EXAMPLES, will make it download and compile libcurl
|
||||
] ++ lib.optionals enablePython [
|
||||
"-DBUILD_PYTHON_BINDINGS:bool=true"
|
||||
"-DXXNIX_PYTHON_SITEPACKAGES=${placeholder "out"}/${pythonPackages.python.sitePackages}"
|
||||
|
@ -72,7 +80,7 @@ stdenv.mkDerivation rec {
|
|||
description = "A cross-platform library for Intel® RealSense™ depth cameras (D400 series and the SR300)";
|
||||
homepage = "https://github.com/IntelRealSense/librealsense";
|
||||
license = licenses.asl20;
|
||||
maintainers = with maintainers; [ brian-dawn ];
|
||||
maintainers = with maintainers; [ brian-dawn pbsds ];
|
||||
platforms = platforms.unix;
|
||||
};
|
||||
}
|
||||
|
|
6
pkgs/development/node-packages/node-packages.nix
generated
6
pkgs/development/node-packages/node-packages.nix
generated
|
@ -118873,10 +118873,10 @@ in
|
|||
pnpm = nodeEnv.buildNodePackage {
|
||||
name = "pnpm";
|
||||
packageName = "pnpm";
|
||||
version = "7.8.0";
|
||||
version = "7.9.1";
|
||||
src = fetchurl {
|
||||
url = "https://registry.npmjs.org/pnpm/-/pnpm-7.8.0.tgz";
|
||||
sha512 = "jzb9/gto4nwuVA2itTRk0PJhuaZcA1NBRB298UzXhqKZQMjtHCS+KLzh7RWk5n3g+KnMg5FHr6Mwg1L62dBz1A==";
|
||||
url = "https://registry.npmjs.org/pnpm/-/pnpm-7.9.1.tgz";
|
||||
sha512 = "5vyV+FwZj5y31UDDsiq9xcVzF+mvS+IPdgAgkZ9rVxYPNKCCVwVn5LsHh9jcfuApiKYVgpyisAMcuSDbe1/C0Q==";
|
||||
};
|
||||
buildInputs = globalBuildInputs;
|
||||
meta = {
|
||||
|
|
|
@ -20,14 +20,14 @@
|
|||
|
||||
buildPythonPackage rec {
|
||||
pname = "asyncssh";
|
||||
version = "2.11.0";
|
||||
version = "2.12.0";
|
||||
format = "setuptools";
|
||||
|
||||
disabled = pythonOlder "3.6";
|
||||
|
||||
src = fetchPypi {
|
||||
inherit pname version;
|
||||
sha256 = "sha256-WcNs53up3ajdV62HV3bnEF3bH6hRvAObs66t6sT2e1Y=";
|
||||
sha256 = "sha256-J0EBMixLlBgjru2OGrbnvlGRaGxtstK9Na/rowUF54A=";
|
||||
};
|
||||
|
||||
propagatedBuildInputs = [
|
||||
|
|
|
@ -8,20 +8,26 @@
|
|||
|
||||
buildPythonPackage rec {
|
||||
pname = "colormath";
|
||||
version = "3.0.0";
|
||||
# Switch to unstable which fixes an deprecation issue with newer numpy
|
||||
# versions, should be included in versions > 3.0
|
||||
# https://github.com/gtaylor/python-colormath/issues/104
|
||||
version = "unstable-2021-04-17";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "gtaylor";
|
||||
rev = "3.0.0";
|
||||
repo = "python-colormath";
|
||||
sha256 = "1nqf5wy8ikx2g684khzvjc4iagkslmbsxxwilbv4jpaznr9lahdl";
|
||||
rev = "4a076831fd5136f685aa7143db81eba27b2cd19a";
|
||||
sha256 = "sha256-eACVPIQFgiGiVmQ/PjUxP/UH/hBOsCywz5PlgpA4dk4=";
|
||||
};
|
||||
|
||||
propagatedBuildInputs = [ networkx numpy ];
|
||||
|
||||
checkInputs = [ nose ];
|
||||
|
||||
checkPhase = "nosetests";
|
||||
|
||||
pythonImportsCheck = [ "colormath" ];
|
||||
|
||||
meta = with lib; {
|
||||
description = "Color math and conversion library";
|
||||
homepage = "https://github.com/gtaylor/python-colormath";
|
||||
|
|
|
@ -25,14 +25,14 @@
|
|||
|
||||
buildPythonPackage rec {
|
||||
pname = "datashader";
|
||||
version = "0.14.1";
|
||||
version = "0.14.2";
|
||||
format = "setuptools";
|
||||
|
||||
disabled = pythonOlder "3.7";
|
||||
|
||||
src = fetchPypi {
|
||||
inherit pname version;
|
||||
hash = "sha256-VGF6351lVCBat68EY9IY9lHk1hDMcjBcrVdPSliFq4Y=";
|
||||
hash = "sha256-q8aOpuJD6aX9m9jPm9PY5vZGBJL6Jpf+pPHbcQVOJLg=";
|
||||
};
|
||||
|
||||
propagatedBuildInputs = [
|
||||
|
|
|
@ -11,7 +11,7 @@
|
|||
|
||||
buildPythonPackage rec {
|
||||
pname = "db-dtypes";
|
||||
version = "1.0.2";
|
||||
version = "1.0.3";
|
||||
format = "setuptools";
|
||||
|
||||
disabled = pythonOlder "3.7";
|
||||
|
@ -20,14 +20,9 @@ buildPythonPackage rec {
|
|||
owner = "googleapis";
|
||||
repo = "python-db-dtypes-pandas";
|
||||
rev = "refs/tags/v${version}";
|
||||
hash = "sha256-LLKhYLzGUQRx4ciWv1TilYvTOO0sj6rdkPlJLPZ8VXA=";
|
||||
hash = "sha256-KkwXmJ9KwmslBPhBApm+bcY7Tu/J2ZK4sszBaMMDcpY=";
|
||||
};
|
||||
|
||||
postPatch = ''
|
||||
substituteInPlace setup.py \
|
||||
--replace 'pyarrow>=3.0.0, <9.0dev' 'pyarrow>=3.0.0, <10.0dev'
|
||||
'';
|
||||
|
||||
propagatedBuildInputs = [
|
||||
numpy
|
||||
packaging
|
||||
|
|
|
@ -28,7 +28,7 @@
|
|||
|
||||
buildPythonPackage rec {
|
||||
pname = "elastic-apm";
|
||||
version = "6.10.2";
|
||||
version = "6.11.0";
|
||||
format = "setuptools";
|
||||
|
||||
disabled = pythonOlder "3.8";
|
||||
|
@ -37,7 +37,7 @@ buildPythonPackage rec {
|
|||
owner = "elastic";
|
||||
repo = "apm-agent-python";
|
||||
rev = "v${version}";
|
||||
hash = "sha256-Ru/yGND7xkpO3QH/cTMu4rxWUXSMsFx5u/V/rHY8k1E=";
|
||||
hash = "sha256-ZmvOyEkXp0PEDHWcuGT91mhXwV2E6SPlrWBY/sNiRmc=";
|
||||
};
|
||||
|
||||
propagatedBuildInputs = [
|
||||
|
|
|
@ -1,4 +1,12 @@
|
|||
{ lib, buildPythonPackage, fetchPypi, nose, version, sha256, format ? "setuptools" }:
|
||||
{ lib
|
||||
, buildPythonPackage
|
||||
, fetchPypi
|
||||
, nose
|
||||
, version
|
||||
, sha256
|
||||
, format ? "setuptools"
|
||||
, extraMeta ? {}
|
||||
}:
|
||||
|
||||
buildPythonPackage rec {
|
||||
inherit version format;
|
||||
|
@ -15,5 +23,5 @@ buildPythonPackage rec {
|
|||
description = "The fastest markdown parser in pure Python";
|
||||
homepage = "https://github.com/lepture/mistune";
|
||||
license = licenses.bsd3;
|
||||
};
|
||||
} // extraMeta;
|
||||
}
|
||||
|
|
|
@ -2,6 +2,9 @@ self: rec {
|
|||
mistune_0_8 = self.callPackage ./common.nix {
|
||||
version = "0.8.4";
|
||||
sha256 = "59a3429db53c50b5c6bcc8a07f8848cb00d7dc8bdb431a4ab41920d201d4756e";
|
||||
extraMeta = {
|
||||
knownVulnerabilities = [ "CVE-2022-34749" ];
|
||||
};
|
||||
};
|
||||
mistune_2_0 = self.callPackage ./common.nix {
|
||||
version = "2.0.4";
|
||||
|
|
|
@ -21,7 +21,7 @@
|
|||
|
||||
buildPythonPackage rec {
|
||||
pname = "openai";
|
||||
version = "0.22.0";
|
||||
version = "0.22.1";
|
||||
|
||||
disabled = pythonOlder "3.7.1";
|
||||
|
||||
|
@ -30,7 +30,7 @@ buildPythonPackage rec {
|
|||
owner = "openai";
|
||||
repo = "openai-python";
|
||||
rev = "v${version}";
|
||||
sha256 = "sha256-4FKFcUiY17hEiOGFP1fPBtcvcM19hFrHXX3ZLxgdJHI=";
|
||||
sha256 = "sha256-QUnsm0ui1BFlLqAlH1bp7uDbhiRigePrAPAkSRjftM4=";
|
||||
};
|
||||
|
||||
propagatedBuildInputs = [
|
||||
|
|
44
pkgs/development/python-modules/sphinx-fortran/default.nix
Normal file
44
pkgs/development/python-modules/sphinx-fortran/default.nix
Normal file
|
@ -0,0 +1,44 @@
|
|||
{ lib
|
||||
, buildPythonPackage
|
||||
, fetchFromGitHub
|
||||
, pytestCheckHook
|
||||
, future
|
||||
, numpy
|
||||
, sphinx
|
||||
, six
|
||||
}:
|
||||
|
||||
buildPythonPackage rec {
|
||||
pname = "sphinx-fortran";
|
||||
version = "unstable-2022-03-02";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "VACUMM";
|
||||
repo = pname;
|
||||
rev = "394ae990b43ed43fcff8beb048632f5e99794264";
|
||||
sha256 = "sha256-IVKu5u9gqs7/9EZrf4ZYd12K6J31u+/B8kk4+8yfohM=";
|
||||
};
|
||||
|
||||
propagatedBuildInputs = [
|
||||
future
|
||||
numpy
|
||||
sphinx
|
||||
six
|
||||
];
|
||||
|
||||
pythonImportsCheck = [ "sphinxfortran" ];
|
||||
|
||||
# Tests are failing because reference files are not updated
|
||||
doCheck = false;
|
||||
|
||||
checkInputs = [
|
||||
pytestCheckHook
|
||||
];
|
||||
|
||||
meta = with lib; {
|
||||
description = "Fortran domain and autodoc extensions to Sphinx";
|
||||
homepage = "http://sphinx-fortran.readthedocs.org/";
|
||||
license = licenses.cecill21;
|
||||
maintainers = with maintainers; [ loicreynier ];
|
||||
};
|
||||
}
|
|
@ -70,7 +70,8 @@ stdenv.mkDerivation rec {
|
|||
homepage = "https://jenkins-ci.org";
|
||||
sourceProvenance = with sourceTypes; [ binaryBytecode ];
|
||||
license = licenses.mit;
|
||||
maintainers = with maintainers; [ coconnor earldouglas nequissimus ];
|
||||
maintainers = with maintainers; [ coconnor earldouglas nequissimus ajs124 ];
|
||||
changelog = "https://www.jenkins.io/changelog-stable/#v${version}";
|
||||
mainProgram = "jenkins-cli";
|
||||
platforms = platforms.all;
|
||||
};
|
||||
|
|
|
@ -2,17 +2,17 @@
|
|||
|
||||
buildGoModule rec {
|
||||
pname = "gopls";
|
||||
version = "0.9.1";
|
||||
version = "0.9.3";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "golang";
|
||||
repo = "tools";
|
||||
rev = "gopls/v${version}";
|
||||
sha256 = "sha256-+9NOQRu7cwEkRMB+HFEVrF7Z8y5UCxdUL005vZFPUHk=";
|
||||
sha256 = "sha256-WpSF3HnSjCqUkD1PVvtYXoWSyjYnasr85AK8wMULPBI=";
|
||||
};
|
||||
|
||||
modRoot = "gopls";
|
||||
vendorSha256 = "sha256-V5HQAKRFtHfJJzdQ8eutCpVmnOWe0yYKKnlGxphulAc=";
|
||||
vendorSha256 = "sha256-8NhZD7ImvsBGw0xi9NR7AB9SdHkwjsA+jV7UTjVF4wM=";
|
||||
|
||||
doCheck = false;
|
||||
|
||||
|
|
37
pkgs/os-specific/darwin/pngpaste/default.nix
Normal file
37
pkgs/os-specific/darwin/pngpaste/default.nix
Normal file
|
@ -0,0 +1,37 @@
|
|||
{ lib, stdenv, fetchFromGitHub, AppKit, Cocoa }:
|
||||
|
||||
let
|
||||
pname = "pngpaste";
|
||||
version = "0.2.3";
|
||||
in stdenv.mkDerivation {
|
||||
inherit pname version;
|
||||
src = fetchFromGitHub {
|
||||
owner = "jcsalterego";
|
||||
repo = pname;
|
||||
rev = version;
|
||||
sha256 = "uvajxSelk1Wfd5is5kmT2fzDShlufBgC0PDCeabEOSE=";
|
||||
};
|
||||
|
||||
buildInputs = [ AppKit Cocoa ];
|
||||
|
||||
installPhase = ''
|
||||
mkdir -p $out/bin
|
||||
cp pngpaste $out/bin
|
||||
'';
|
||||
|
||||
meta = with lib; {
|
||||
description = "Paste image files from clipboard to file on MacOS";
|
||||
longDescription = ''
|
||||
Paste PNG into files on MacOS, much like pbpaste does for text.
|
||||
Supported input formats are PNG, PDF, GIF, TIF, JPEG.
|
||||
Supported output formats are PNG, GIF, JPEG, TIFF. Output
|
||||
formats are determined by the provided filename extension,
|
||||
falling back to PNG.
|
||||
'';
|
||||
homepage = "https://github.com/jcsalterego/pngpaste";
|
||||
changelog = "https://github.com/jcsalterego/pngpaste/raw/${version}/CHANGELOG.md";
|
||||
platforms = platforms.darwin;
|
||||
license = licenses.bsd2;
|
||||
maintainers = with maintainers; [ samw ];
|
||||
};
|
||||
}
|
|
@ -2,7 +2,7 @@
|
|||
, pkg-config, qemu, syslinux, util-linux }:
|
||||
|
||||
let
|
||||
version = "0.6.9";
|
||||
version = "0.7.3";
|
||||
# list of all theoretically available targets
|
||||
targets = [
|
||||
"genode"
|
||||
|
@ -21,14 +21,16 @@ in stdenv.mkDerivation {
|
|||
|
||||
src = fetchurl {
|
||||
url = "https://github.com/Solo5/solo5/releases/download/v${version}/solo5-v${version}.tar.gz";
|
||||
sha256 = "03lvk9mab3yxrmi73wrvvhykqcydjrsda0wj6aasnjm5lx9jycpr";
|
||||
sha256 = "sha256-8LftT22XzmmWxgYez+BAHDX4HOyl5DrwrpuO2+bqqcY=";
|
||||
};
|
||||
|
||||
patches = [ ./test_sleep.patch ];
|
||||
|
||||
hardeningEnable = [ "pie" ];
|
||||
|
||||
configurePhase = ''
|
||||
runHook preConfigure
|
||||
sh configure.sh
|
||||
sh configure.sh --prefix=/
|
||||
runHook postConfigure
|
||||
'';
|
||||
|
||||
|
@ -38,15 +40,7 @@ in stdenv.mkDerivation {
|
|||
runHook preInstall
|
||||
export DESTDIR=$out
|
||||
export PREFIX=$out
|
||||
make install-tools
|
||||
|
||||
# get CONFIG_* vars from Makeconf which also parse in sh
|
||||
grep '^CONFIG_' Makeconf > nix_tmp_targetconf
|
||||
source nix_tmp_targetconf
|
||||
# install opam / pkg-config files for all enabled targets
|
||||
${lib.concatMapStrings (bind: ''
|
||||
[ -n "$CONFIG_${lib.toUpper bind}" ] && make install-opam-${bind}
|
||||
'') targets}
|
||||
make install
|
||||
|
||||
substituteInPlace $out/bin/solo5-virtio-mkimage \
|
||||
--replace "/usr/lib/syslinux" "${syslinux}/share/syslinux" \
|
||||
|
|
22
pkgs/os-specific/solo5/test_sleep.patch
Normal file
22
pkgs/os-specific/solo5/test_sleep.patch
Normal file
|
@ -0,0 +1,22 @@
|
|||
diff --git a/tests/test_time/test_time.c b/tests/test_time/test_time.c
|
||||
index 931500b..cde64ad 100644
|
||||
--- a/tests/test_time/test_time.c
|
||||
+++ b/tests/test_time/test_time.c
|
||||
@@ -110,7 +110,8 @@ int solo5_app_main(const struct solo5_start_info *si __attribute__((unused)))
|
||||
/*
|
||||
* Verify that we did not sleep less than requested (see above).
|
||||
*/
|
||||
- if (delta < NSEC_PER_SEC) {
|
||||
+ const solo5_time_t slack = 100000000ULL;
|
||||
+ if (delta < NSEC_PER_SEC - slack) {
|
||||
printf("[%d] ERROR: slept too little (expected at least %llu ns)\n",
|
||||
iters, (unsigned long long)NSEC_PER_SEC);
|
||||
failed = true;
|
||||
@@ -120,7 +121,6 @@ int solo5_app_main(const struct solo5_start_info *si __attribute__((unused)))
|
||||
* Verify that we did not sleep more than requested, within reason
|
||||
* (scheduling delays, general inaccuracy of the current timing code).
|
||||
*/
|
||||
- const solo5_time_t slack = 100000000ULL;
|
||||
if (delta > (NSEC_PER_SEC + slack)) {
|
||||
printf("[%d] ERROR: slept too much (expected at most %llu ns)\n",
|
||||
iters, (unsigned long long)slack);
|
63
pkgs/servers/syncstorage-rs/default.nix
Normal file
63
pkgs/servers/syncstorage-rs/default.nix
Normal file
|
@ -0,0 +1,63 @@
|
|||
{ fetchFromGitHub
|
||||
, rustPlatform
|
||||
, pkg-config
|
||||
, python3
|
||||
, openssl
|
||||
, cmake
|
||||
, libmysqlclient
|
||||
, makeBinaryWrapper
|
||||
, lib
|
||||
}:
|
||||
|
||||
let
|
||||
pyFxADeps = python3.withPackages (p: [
|
||||
p.setuptools # imports pkg_resources
|
||||
# remainder taken from requirements.txt
|
||||
p.pyfxa
|
||||
p.tokenlib
|
||||
p.cryptography
|
||||
]);
|
||||
in
|
||||
|
||||
rustPlatform.buildRustPackage rec {
|
||||
pname = "syncstorage-rs";
|
||||
version = "0.12.0";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "mozilla-services";
|
||||
repo = pname;
|
||||
rev = version;
|
||||
hash = "sha256-VfIpjpBS7LXe32fxIFp7xmbm40VwxUdHIEm5PnMpd4s=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [
|
||||
cmake
|
||||
makeBinaryWrapper
|
||||
pkg-config
|
||||
python3
|
||||
];
|
||||
|
||||
buildInputs = [
|
||||
libmysqlclient
|
||||
openssl
|
||||
];
|
||||
|
||||
preFixup = ''
|
||||
wrapProgram $out/bin/syncstorage \
|
||||
--prefix PATH : ${lib.makeBinPath [ pyFxADeps ]}
|
||||
'';
|
||||
|
||||
cargoSha256 = "sha256-JXxArKA/2SIYJvjNA1yZHR9xDKt3N2U7HVMP/6M3BxE=";
|
||||
|
||||
buildFeatures = [ "grpcio/openssl" ];
|
||||
|
||||
# almost all tests need a DB to test against
|
||||
doCheck = false;
|
||||
|
||||
meta = {
|
||||
description = "Mozilla Sync Storage built with Rust";
|
||||
homepage = "https://github.com/mozilla-services/syncstorage-rs";
|
||||
license = lib.licenses.mpl20;
|
||||
maintainers = with lib.maintainers; [ pennae ];
|
||||
};
|
||||
}
|
|
@ -1,4 +1,4 @@
|
|||
{ pkgs, stdenv, lib, fetchFromGitHub, dataDir ? "/var/lib/snipe-it" }:
|
||||
{ pkgs, stdenv, lib, fetchFromGitHub, dataDir ? "/var/lib/snipe-it", mariadb }:
|
||||
|
||||
let
|
||||
package = (import ./composition.nix {
|
||||
|
@ -13,6 +13,7 @@ let
|
|||
ln -s ${dataDir}/public/uploads $out/public/uploads
|
||||
ln -s ${dataDir}/bootstrap/cache $out/bootstrap/cache
|
||||
chmod +x $out/artisan
|
||||
substituteInPlace config/database.php --replace "env('DB_DUMP_PATH', '/usr/local/bin')" "env('DB_DUMP_PATH', '${mariadb}/bin')"
|
||||
'';
|
||||
});
|
||||
|
||||
|
|
|
@ -1,14 +1,14 @@
|
|||
{ lib, stdenv, fetchFromGitHub, ncurses }:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
version = "0.9.19";
|
||||
version = "1.0.0";
|
||||
pname = "smenu";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "p-gen";
|
||||
repo = "smenu";
|
||||
rev = "v${version}";
|
||||
sha256 = "sha256-0ZA8Op1IMZMJ7g1waK2uOYOCDfqPfiqnnjopGtBW1w8=";
|
||||
sha256 = "sha256-jmQ5QLsy0T2ytq1xYJkLBlEw5NxVTsAN+wckyV+68zg=";
|
||||
};
|
||||
|
||||
buildInputs = [ ncurses ];
|
||||
|
|
|
@ -5,13 +5,13 @@
|
|||
|
||||
buildGoModule rec {
|
||||
pname = "webanalyze";
|
||||
version = "0.3.6";
|
||||
version = "0.3.7";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "rverton";
|
||||
repo = pname;
|
||||
rev = "v${version}";
|
||||
hash = "sha256-r5HIXh0mKCZmzOOAKThNUPtJLsTYvnVE8FYA6vV5xjg=";
|
||||
hash = "sha256-W7NgV50r/MNSF6+e0IR9C1dcg/k0w67GcTs0NTbhKBc=";
|
||||
};
|
||||
|
||||
vendorSha256 = "sha256-kXtWYGsZUUhBNvkTOah3Z+ta118k6PXfpBx6MLr/pq0=";
|
||||
|
|
|
@ -7,13 +7,13 @@
|
|||
|
||||
rustPlatform.buildRustPackage rec {
|
||||
pname = "systeroid";
|
||||
version = "0.1.1";
|
||||
version = "0.2.0";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "orhun";
|
||||
repo = pname;
|
||||
rev = "v${version}";
|
||||
sha256 = "0xf81wyp5qg67r0vyqg0209pcabx70vvxx4nrg2y7qa0mhvf6p94";
|
||||
sha256 = "sha256-o72tjYc+1dBLAIG75Fyt2UubjeK6j/nufjiz3wn2SdI=";
|
||||
};
|
||||
|
||||
postPatch = ''
|
||||
|
@ -21,7 +21,7 @@ rustPlatform.buildRustPackage rec {
|
|||
--replace '"/usr/share/doc/kernel-doc-*/Documentation/*",' '"${linux-doc}/share/doc/linux-doc/*",'
|
||||
'';
|
||||
|
||||
cargoSha256 = "sha256-D/sSeMR1Zg3OH1fdSVKdxdIcoP4OLp3T8mwQ28O8rfk=";
|
||||
cargoSha256 = "sha256-8DGAiPAq+L1aWleeWEl95+hcgT+PHsxdg118U8IDyOA=";
|
||||
|
||||
buildInputs = [
|
||||
xorg.libxcb
|
||||
|
|
|
@ -3186,6 +3186,8 @@ with pkgs;
|
|||
|
||||
cinny = callPackage ../applications/networking/instant-messengers/cinny { stdenv = stdenvNoCC; };
|
||||
|
||||
cinny-desktop = callPackage ../applications/networking/instant-messengers/cinny-desktop { };
|
||||
|
||||
ckbcomp = callPackage ../tools/X11/ckbcomp { };
|
||||
|
||||
clac = callPackage ../tools/misc/clac {};
|
||||
|
@ -9823,6 +9825,10 @@ with pkgs;
|
|||
libpng = libpng12;
|
||||
};
|
||||
|
||||
pngpaste = callPackage ../os-specific/darwin/pngpaste {
|
||||
inherit (darwin.apple_sdk.frameworks) AppKit Cocoa;
|
||||
};
|
||||
|
||||
pngtools = callPackage ../tools/graphics/pngtools { };
|
||||
|
||||
pngpp = callPackage ../development/libraries/png++ { };
|
||||
|
@ -22793,6 +22799,8 @@ with pkgs;
|
|||
|
||||
sympa = callPackage ../servers/mail/sympa { };
|
||||
|
||||
syncstorage-rs = callPackage ../servers/syncstorage-rs { };
|
||||
|
||||
system-sendmail = lowPrio (callPackage ../servers/mail/system-sendmail { });
|
||||
|
||||
# PulseAudio daemons
|
||||
|
@ -24030,6 +24038,10 @@ with pkgs;
|
|||
cudaSupport = false;
|
||||
};
|
||||
|
||||
librealsense-gui = callPackage ../development/libraries/librealsense {
|
||||
enableGUI = true;
|
||||
};
|
||||
|
||||
libsass = callPackage ../development/libraries/libsass { };
|
||||
|
||||
libsepol = callPackage ../os-specific/linux/libsepol { };
|
||||
|
|
|
@ -10129,6 +10129,8 @@ in {
|
|||
|
||||
sphinx-external-toc = callPackage ../development/python-modules/sphinx-external-toc { };
|
||||
|
||||
sphinx-fortran = callPackage ../development/python-modules/sphinx-fortran { };
|
||||
|
||||
sphinx-jupyterbook-latex = callPackage ../development/python-modules/sphinx-jupyterbook-latex { };
|
||||
|
||||
sphinx-multitoc-numbering = callPackage ../development/python-modules/sphinx-multitoc-numbering { };
|
||||
|
|
Loading…
Reference in a new issue