swendel/nixpkgs
1
0
Fork 0
mirror of https://github.com/SebastianWendel/nixpkgs.git synced 2024-09-20 12:29:02 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'master' into staging-next

Browse source
This commit is contained in:
Jan Tojnar 2019-12-25 05:15:06 +01:00
parent d244b77850 760be1f4b2
commit ca39dd3a8a
No known key found for this signature in database
GPG key ID: 7FAB2A15F7A607A4
492 changed files with 22222 additions and 7240 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
.github/PULL_REQUEST_TEMPLATE.md vendored
View file

@ -12,7 +12,7 @@
- [ ] macOS - [ ] macOS
- [ ] other Linux distributions - [ ] other Linux distributions
- [ ] Tested via one or more NixOS test(s) if existing and applicable for the change (look inside [nixos/tests](https://github.com/NixOS/nixpkgs/blob/master/nixos/tests)) - [ ] Tested via one or more NixOS test(s) if existing and applicable for the change (look inside [nixos/tests](https://github.com/NixOS/nixpkgs/blob/master/nixos/tests))
- [ ] Tested compilation of all pkgs that depend on this change using `nix-shell -p nix-review --run "nix-review wip"` - [ ] Tested compilation of all pkgs that depend on this change using `nix-shell -p nixpkgs-review --run "nixpkgs-review wip"`
- [ ] Tested execution of all binary files (usually in `./result/bin/`) - [ ] Tested execution of all binary files (usually in `./result/bin/`)
- [ ] Determined the impact on package closure size (by running `nix path-info -S` before and after) - [ ] Determined the impact on package closure size (by running `nix path-info -S` before and after)
- [ ] Ensured that relevant documentation is up to date - [ ] Ensured that relevant documentation is up to date

4
doc/contributing/reviewing-contributions.xml
View file

@ -141,10 +141,10 @@
</listitem> </listitem>
<listitem> <listitem>
<para> <para>
The <link xlink:href="https://github.com/Mic92/nix-review">nix-review</link> tool can be used to review a pull request content in a single command. <varname>PRNUMBER</varname> should be replaced by the number at the end of the pull request title. You can also provide the full github pull request url. The <link xlink:href="https://github.com/Mic92/nixpkgs-review">nixpkgs-review</link> tool can be used to review a pull request content in a single command. <varname>PRNUMBER</varname> should be replaced by the number at the end of the pull request title. You can also provide the full github pull request url.
</para> </para>
<screen> <screen>
<prompt>$ </prompt>nix-shell -p nix-review --run "nix-review pr PRNUMBER" <prompt>$ </prompt>nix-shell -p nixpkgs-review --run "nixpkgs-review pr PRNUMBER"
</screen> </screen>
</listitem> </listitem>
</itemizedlist> </itemizedlist>

22
doc/contributing/submitting-changes.xml
View file

@ -317,25 +317,25 @@ Additional information.
</section> </section>
<section xml:id="submitting-changes-tested-compilation"> <section xml:id="submitting-changes-tested-compilation">
<title>Tested compilation of all pkgs that depend on this change using <command>nix-review</command></title> <title>Tested compilation of all pkgs that depend on this change using <command>nixpkgs-review</command></title>
<para> <para>
If you are updating a package's version, you can use nix-review to make sure all packages that depend on the updated package still compile correctly. The <command>nix-review</command> utility can look for and build all dependencies either based on uncommited changes with the <literal>wip</literal> option or specifying a github pull request number. If you are updating a package's version, you can use nixpkgs-review to make sure all packages that depend on the updated package still compile correctly. The <command>nixpkgs-review</command> utility can look for and build all dependencies either based on uncommited changes with the <literal>wip</literal> option or specifying a github pull request number.
</para> </para>
<para> <para>
review changes from pull request number 12345: review changes from pull request number 12345:
<screen>nix run nixpkgs.nix-review -c nix-review pr 12345</screen> <screen>nix run nixpkgs.nixpkgs-review -c nixpkgs-review pr 12345</screen>
</para> </para>
<para> <para>
review uncommitted changes: review uncommitted changes:
<screen>nix run nixpkgs.nix-review -c nix-review wip</screen> <screen>nix run nixpkgs.nixpkgs-review -c nixpkgs-review wip</screen>
</para> </para>
<para> <para>
review changes from last commit: review changes from last commit:
<screen>nix run nixpkgs.nix-review -c nix-review rev HEAD</screen> <screen>nix run nixpkgs.nixpkgs-review -c nixpkgs-review rev HEAD</screen>
</para> </para>
</section> </section>
@ -408,7 +408,7 @@ Additional information.
<section xml:id="submitting-changes-master-branch"> <section xml:id="submitting-changes-master-branch">
<title>Master branch</title> <title>Master branch</title>
<para> <para>
The <literal>master</literal> branch is the main development branch. The <literal>master</literal> branch is the main development branch.
It should only see non-breaking commits that do not cause mass rebuilds. It should only see non-breaking commits that do not cause mass rebuilds.
</para> </para>
</section> </section>
@ -416,8 +416,8 @@ Additional information.
<section xml:id="submitting-changes-staging-branch"> <section xml:id="submitting-changes-staging-branch">
<title>Staging branch</title> <title>Staging branch</title>
<para> <para>
The <literal>staging</literal> branch is a development branch where mass-rebuilds go. The <literal>staging</literal> branch is a development branch where mass-rebuilds go.
It should only see non-breaking mass-rebuild commits. It should only see non-breaking mass-rebuild commits.
That means it is not to be used for testing, and changes must have been well tested already. That means it is not to be used for testing, and changes must have been well tested already.
If the branch is already in a broken state, please refrain from adding extra new breakages. If the branch is already in a broken state, please refrain from adding extra new breakages.
</para> </para>
@ -426,10 +426,10 @@ Additional information.
<section xml:id="submitting-changes-staging-next-branch"> <section xml:id="submitting-changes-staging-next-branch">
<title>Staging-next branch</title> <title>Staging-next branch</title>
<para> <para>
The <literal>staging-next</literal> branch is for stabilizing mass-rebuilds submitted to the <literal>staging</literal> branch prior to merging them into <literal>master</literal>. The <literal>staging-next</literal> branch is for stabilizing mass-rebuilds submitted to the <literal>staging</literal> branch prior to merging them into <literal>master</literal>.
Mass-rebuilds should go via the <literal>staging</literal> branch. Mass-rebuilds should go via the <literal>staging</literal> branch.
It should only see non-breaking commits that are fixing issues blocking it from being merged into the <literal>master </literal> branch. It should only see non-breaking commits that are fixing issues blocking it from being merged into the <literal>master </literal> branch.
</para> </para>
<para> <para>
If the branch is already in a broken state, please refrain from adding extra new breakages. Stabilize it for a few days and then merge into master. If the branch is already in a broken state, please refrain from adding extra new breakages. Stabilize it for a few days and then merge into master.
</para> </para>

91
doc/languages-frameworks/texlive.xml
View file

@ -59,6 +59,97 @@ nix-repl> texlive.collection-<TAB>
</itemizedlist> </itemizedlist>
</section> </section>
<section xml:id="sec-language-texlive-custom-packages">
<title>Custom packages</title>
<para>
You may find that you need to use an external TeX package. A derivation for such package has to provide contents of the "texmf" directory in its output and provide the <varname>tlType</varname> attribute. Here is a (very verbose) example:
<programlisting><![CDATA[
with import <nixpkgs> {};
let
foiltex_run = stdenvNoCC.mkDerivation {
pname = "latex-foiltex";
version = "2.1.4b";
passthru.tlType = "run";
srcs = [
(fetchurl {
url = "http://mirrors.ctan.org/macros/latex/contrib/foiltex/foiltex.dtx";
sha256 = "07frz0krpz7kkcwlayrwrj2a2pixmv0icbngyw92srp9fp23cqpz";
})
(fetchurl {
url = "http://mirrors.ctan.org/macros/latex/contrib/foiltex/foiltex.ins";
sha256 = "09wkyidxk3n3zvqxfs61wlypmbhi1pxmjdi1kns9n2ky8ykbff99";
})
];
unpackPhase = ''
runHook preUnpack
for _src in $srcs; do
cp "$_src" $(stripHash "$_src")
done
runHook postUnpack
'';
nativeBuildInputs = [ texlive.combined.scheme-small ];
dontConfigure = true;
buildPhase = ''
runHook preBuild
# Generate the style files
latex foiltex.ins
runHook postBuild
'';
installPhase = ''
runHook preInstall
path="$out/tex/latex/foiltex"
mkdir -p "$path"
cp *.{cls,def,clo} "$path/"
runHook postInstall
'';
meta = with lib; {
description = "A LaTeX2e class for overhead transparencies";
license = licenses.unfreeRedistributable;
maintainers = with maintainers; [ veprbl ];
platforms = platforms.all;
};
};
foiltex = { pkgs = [ foiltex_run ]; };
latex_with_foiltex = texlive.combine {
inherit (texlive) scheme-small;
inherit foiltex;
};
in
runCommand "test.pdf" {
nativeBuildInputs = [ latex_with_foiltex ];
} ''
cat >test.tex <<EOF
\documentclass{foils}
\title{Presentation title}
\date{}
\begin{document}
\maketitle
\end{document}
EOF
pdflatex test.tex
cp test.pdf $out
''
]]></programlisting>
</para>
</section>
<section xml:id="sec-language-texlive-known-problems"> <section xml:id="sec-language-texlive-known-problems">
<title>Known problems</title> <title>Known problems</title>

41
maintainers/maintainer-list.nix
View file

@ -316,6 +316,7 @@
alexbakker = { alexbakker = {
email = "ab@alexbakker.me"; email = "ab@alexbakker.me";
github = "alexbakker"; github = "alexbakker";
githubId = 2387841;
name = "Alexander Bakker"; name = "Alexander Bakker";
}; };
alexchapman = { alexchapman = {
@ -1432,7 +1433,7 @@
craigem = { craigem = {
email = "craige@mcwhirter.io"; email = "craige@mcwhirter.io";
github = "craigem"; github = "craigem";
githubId = "6470493"; githubId = 6470493;
name = "Craige McWhirter"; name = "Craige McWhirter";
}; };
cransom = { cransom = {
@ -1478,7 +1479,7 @@
}; };
cypherpunk2140 = { cypherpunk2140 = {
email = "stefan.mihaila@pm.me"; email = "stefan.mihaila@pm.me";
github = "cypherpunk2140"; github = "stefan-mihaila";
githubId = 2217136; githubId = 2217136;
name = "Ștefan D. Mihăilă"; name = "Ștefan D. Mihăilă";
keys = [ keys = [
@ -2087,6 +2088,12 @@
githubId = 1365692; githubId = 1365692;
name = "Will Fancher"; name = "Will Fancher";
}; };
elyhaka = {
email = "elyhaka@protonmail.com";
github = "Elyhaka";
githubId = 57923898;
name = "Elyhaka";
};
emmanuelrosa = { emmanuelrosa = {
email = "emmanuel_rosa@aol.com"; email = "emmanuel_rosa@aol.com";
github = "emmanuelrosa"; github = "emmanuelrosa";
@ -2338,7 +2345,7 @@
Flakebi = { Flakebi = {
email = "flakebi@t-online.de"; email = "flakebi@t-online.de";
github = "Flakebi"; github = "Flakebi";
githubId = "Flakebi"; githubId = 6499211;
name = "Sebastian Neubauer"; name = "Sebastian Neubauer";
keys = [{ keys = [{
longkeyid = "rsa4096/0xECC755EE583C1672"; longkeyid = "rsa4096/0xECC755EE583C1672";
@ -3035,7 +3042,8 @@
jacg = { jacg = {
name = "Jacek Generowicz"; name = "Jacek Generowicz";
email = "jacg@my-post-office.net"; email = "jacg@my-post-office.net";
githubId = "2570854"; github = "jacg";
githubId = 2570854;
}; };
jasoncarr = { jasoncarr = {
email = "jcarr250@gmail.com"; email = "jcarr250@gmail.com";
@ -3138,6 +3146,7 @@
jdanek = { jdanek = {
email = "jdanek@redhat.com"; email = "jdanek@redhat.com";
github = "jdanekrh"; github = "jdanekrh";
githubId = 17877663;
keys = [{ keys = [{
longkeyid = "ed25519/0x69275CADF15D872E"; longkeyid = "ed25519/0x69275CADF15D872E";
fingerprint = "D4A6 F051 AD58 2E7C BCED 5439 6927 5CAD F15D 872E"; fingerprint = "D4A6 F051 AD58 2E7C BCED 5439 6927 5CAD F15D 872E";
@ -3308,6 +3317,7 @@
joesalisbury = { joesalisbury = {
email = "salisbury.joseph@gmail.com"; email = "salisbury.joseph@gmail.com";
github = "JosephSalisbury"; github = "JosephSalisbury";
githubId = 297653;
name = "Joe Salisbury"; name = "Joe Salisbury";
}; };
johanot = { johanot = {
@ -3590,6 +3600,7 @@
kim0 = { kim0 = {
email = "email.ahmedkamal@googlemail.com"; email = "email.ahmedkamal@googlemail.com";
github = "kim0"; github = "kim0";
githubId = 59667;
name = "Ahmed Kamal"; name = "Ahmed Kamal";
}; };
kimburgess = { kimburgess = {
@ -3613,6 +3624,7 @@
kirikaza = { kirikaza = {
email = "k@kirikaza.ru"; email = "k@kirikaza.ru";
github = "kirikaza"; github = "kirikaza";
githubId = 804677;
name = "Kirill Kazakov"; name = "Kirill Kazakov";
}; };
kisonecat = { kisonecat = {
@ -3745,6 +3757,7 @@
ktor = { ktor = {
email = "kruszewsky@gmail.com"; email = "kruszewsky@gmail.com";
github = "ktor"; github = "ktor";
githubId = 99639;
name = "Pawel Kruszewski"; name = "Pawel Kruszewski";
}; };
ktosiek = { ktosiek = {
@ -3801,8 +3814,15 @@
}; };
lattfein = { lattfein = {
email = "lattfein@gmail.com"; email = "lattfein@gmail.com";
github = "lattfein"; # Their GitHub account was deleted.
githubId = 53550838; #
# See: https://github.com/NixOS/nixpkgs/pull/69007 where this
# was added but is now owned by a ghost.
#
# Possibly the username lattfein (currently github ID 56827487) is
# owned by the same person, but we should confirm before adding
# the GitHub name or ID back.
# github = "lattfein";
name = "Koki Yasuno"; name = "Koki Yasuno";
}; };
layus = { layus = {
@ -3908,6 +3928,7 @@
lightbulbjim = { lightbulbjim = {
email = "chris@killred.net"; email = "chris@killred.net";
github = "lightbulbjim"; github = "lightbulbjim";
githubId = 4312404;
name = "Chris Rendle-Short"; name = "Chris Rendle-Short";
}; };
lightdiscord = { lightdiscord = {
@ -6850,7 +6871,7 @@
thefenriswolf = { thefenriswolf = {
email = "stefan.rohrbacher97@gmail.com"; email = "stefan.rohrbacher97@gmail.com";
github = "thefenriswolf"; github = "thefenriswolf";
githubId = "8547242"; githubId = 8547242;
name = "Stefan Rohrbacher"; name = "Stefan Rohrbacher";
}; };
thesola10 = { thesola10 = {
@ -7732,6 +7753,12 @@
githubId = 1986844; githubId = 1986844;
name = "Daniel Wheeler"; name = "Daniel Wheeler";
}; };
misuzu = {
email = "bakalolka@gmail.com";
github = "misuzu";
githubId = 248143;
name = "misuzu";
};
zokrezyl = { zokrezyl = {
email = "zokrezyl@gmail.com"; email = "zokrezyl@gmail.com";
github = "zokrezyl"; github = "zokrezyl";

2
maintainers/scripts/update.nix
View file

@ -105,7 +105,7 @@ let
to run all update scripts for all packages that lists \`garbas\` as a maintainer to run all update scripts for all packages that lists \`garbas\` as a maintainer
and have \`updateScript\` defined, or: and have \`updateScript\` defined, or:
% nix-shell maintainers/scripts/update.nix --argstr package garbas % nix-shell maintainers/scripts/update.nix --argstr package gnome3.nautilus
to run update script for specific package, or to run update script for specific package, or

19
nixos/doc/manual/development/writing-nixos-tests.xml
View file

@ -419,4 +419,23 @@ machine.wait_for_unit("xautolock.service", "x-session-user")
<literal>wait_for_unit</literal>, <literal>start_job</literal> and <literal>wait_for_unit</literal>, <literal>start_job</literal> and
<literal>stop_job</literal>. <literal>stop_job</literal>.
</para> </para>
<para>
For faster dev cycles it's also possible to disable the code-linters (this shouldn't
be commited though):
<programlisting>
import ./make-test-python.nix {
skipLint = true;
machine =
{ config, pkgs, ... }:
{ <replaceable>configuration…</replaceable>
};
testScript =
''
<replaceable>Python code…</replaceable>
'';
}
</programlisting>
</para>
</section> </section>

95
nixos/doc/manual/release-notes/rl-2003.xml
View file

@ -140,18 +140,18 @@ services.xserver.displayManager.defaultSession = "xfce+icewm";
</listitem> </listitem>
<listitem> <listitem>
<para> <para>
The <literal>99-main.network</literal> file was removed. Maching all The <literal>99-main.network</literal> file was removed. Maching all
network interfaces caused many breakages, see network interfaces caused many breakages, see
<link xlink:href="https://github.com/NixOS/nixpkgs/pull/18962">#18962</link> <link xlink:href="https://github.com/NixOS/nixpkgs/pull/18962">#18962</link>
and <link xlink:href="https://github.com/NixOS/nixpkgs/pull/71106">#71106</link>. and <link xlink:href="https://github.com/NixOS/nixpkgs/pull/71106">#71106</link>.
</para> </para>
<para> <para>
We already don't support the global <link linkend="opt-networking.useDHCP">networking.useDHCP</link>, We already don't support the global <link linkend="opt-networking.useDHCP">networking.useDHCP</link>,
<link linkend="opt-networking.defaultGateway">networking.defaultGateway</link> and <link linkend="opt-networking.defaultGateway">networking.defaultGateway</link> and
<link linkend="opt-networking.defaultGateway6">networking.defaultGateway6</link> options <link linkend="opt-networking.defaultGateway6">networking.defaultGateway6</link> options
if <link linkend="opt-networking.useNetworkd">networking.useNetworkd</link> is enabled, if <link linkend="opt-networking.useNetworkd">networking.useNetworkd</link> is enabled,
but direct users to configure the per-device but direct users to configure the per-device
<link linkend="opt-networking.interfaces">networking.interfaces.&lt;name&gt;.…</link> options. <link linkend="opt-networking.interfaces">networking.interfaces.&lt;name&gt;.…</link> options.
</para> </para>
</listitem> </listitem>
<listitem> <listitem>
@ -264,6 +264,69 @@ services.xserver.displayManager.defaultSession = "xfce+icewm";
in container config. in container config.
</para> </para>
</listitem> </listitem>
<listitem>
<para>
Virtual console options have been reorganized and can be found under
a single top-level attribute: <literal>console</literal>.
The full set of changes is as follows:
</para>
<itemizedlist>
<listitem>
<para>
<literal>i18n.consoleFont</literal> renamed to
<link linkend="opt-console.font">console.font</link>
</para>
</listitem>
<listitem>
<para>
<literal>i18n.consoleKeyMap</literal> renamed to
<link linkend="opt-console.keyMap">console.keyMap</link>
</para>
</listitem>
<listitem>
<para>
<literal>i18n.consoleColors</literal> renamed to
<link linkend="opt-console.colors">console.colors</link>
</para>
</listitem>
<listitem>
<para>
<literal>i18n.consolePackages</literal> renamed to
<link linkend="opt-console.packages">console.packages</link>
</para>
</listitem>
<listitem>
<para>
<literal>i18n.consoleUseXkbConfig</literal> renamed to
<link linkend="opt-console.useXkbConfig">console.useXkbConfig</link>
</para>
</listitem>
<listitem>
<para>
<literal>boot.earlyVconsoleSetup</literal> renamed to
<link linkend="opt-console.earlySetup">console.earlySetup</link>
</para>
</listitem>
<listitem>
<para>
<literal>boot.extraTTYs</literal> renamed to
<link linkend="opt-console.extraTTYs">console.extraTTYs</link>
</para>
</listitem>
</itemizedlist>
</listitem>
<listitem>
<para>
The <link linkend="opt-services.awstats">awstats</link> module has been rewritten
to serve stats via static html pages, updated on a timer, over <link linkend="opt-services.nginx.virtualHosts">nginx</link>,
instead of dynamic cgi pages over <link linkend="opt-services.httpd">apache</link>.
</para>
<para>
Minor changes will be required to migrate existing configurations. Details of the
required changes can seen by looking through the <link linkend="opt-services.awstats">awstats</link>
module.
</para>
</listitem>
</itemizedlist> </itemizedlist>
</section> </section>
@ -278,6 +341,18 @@ services.xserver.displayManager.defaultSession = "xfce+icewm";
<listitem> <listitem>
<para>SD images are now compressed by default using <literal>bzip2</literal>.</para> <para>SD images are now compressed by default using <literal>bzip2</literal>.</para>
</listitem> </listitem>
<listitem>
<para>
The nginx web server previously started its master process as root
privileged, then ran worker processes as a less privileged identity user.
This was changed to start all of nginx as a less privileged user (defined by
<literal>services.nginx.user</literal> and
<literal>services.nginx.group</literal>). As a consequence, all files that
are needed for nginx to run (included configuration fragments, SSL
certificates and keys, etc.) must now be readable by this less privileged
user/group.
</para>
</listitem>
<listitem> <listitem>
<para> <para>
OpenSSH has been upgraded from 7.9 to 8.1, improving security and adding features OpenSSH has been upgraded from 7.9 to 8.1, improving security and adding features

10
nixos/lib/testing-python.nix
View file

@ -95,6 +95,8 @@ in rec {
, makeCoverageReport ? false , makeCoverageReport ? false
, enableOCR ? false , enableOCR ? false
, name ? "unnamed" , name ? "unnamed"
# Skip linting (mainly intended for faster dev cycles)
, skipLint ? false
, ... , ...
} @ t: } @ t:
@ -133,7 +135,7 @@ in rec {
# Generate onvenience wrappers for running the test driver # Generate onvenience wrappers for running the test driver
# interactively with the specified network, and for starting the # interactively with the specified network, and for starting the
# VMs from the command line. # VMs from the command line.
driver = runCommand testDriverName driver = let warn = if skipLint then lib.warn "Linting is disabled!" else lib.id; in warn (runCommand testDriverName
{ buildInputs = [ makeWrapper]; { buildInputs = [ makeWrapper];
testScript = testScript'; testScript = testScript';
preferLocalBuild = true; preferLocalBuild = true;
@ -143,7 +145,9 @@ in rec {
mkdir -p $out/bin mkdir -p $out/bin
echo -n "$testScript" > $out/test-script echo -n "$testScript" > $out/test-script
${python3Packages.black}/bin/black --check --diff $out/test-script ${lib.optionalString (!skipLint) ''
${python3Packages.black}/bin/black --check --diff $out/test-script
''}
ln -s ${testDriver}/bin/nixos-test-driver $out/bin/ ln -s ${testDriver}/bin/nixos-test-driver $out/bin/
vms=($(for i in ${toString vms}; do echo $i/bin/run-*-vm; done)) vms=($(for i in ${toString vms}; do echo $i/bin/run-*-vm; done))
@ -160,7 +164,7 @@ in rec {
--set tests 'start_all(); join_all();' \ --set tests 'start_all(); join_all();' \
--set VLANS '${toString vlans}' \ --set VLANS '${toString vlans}' \
${lib.optionalString (builtins.length vms == 1) "--set USE_SERIAL 1"} ${lib.optionalString (builtins.length vms == 1) "--set USE_SERIAL 1"}
''; # " ''); # "
passMeta = drv: drv // lib.optionalAttrs (t ? meta) { passMeta = drv: drv // lib.optionalAttrs (t ? meta) {
meta = (drv.meta or {}) // t.meta; meta = (drv.meta or {}) // t.meta;

203
nixos/modules/config/console.nix Normal file
View file

@ -0,0 +1,203 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.console;
makeColor = i: concatMapStringsSep "," (x: "0x" + substring (2*i) 2 x);
isUnicode = hasSuffix "UTF-8" (toUpper config.i18n.defaultLocale);
optimizedKeymap = pkgs.runCommand "keymap" {
nativeBuildInputs = [ pkgs.buildPackages.kbd ];
LOADKEYS_KEYMAP_PATH = "${consoleEnv}/share/keymaps/**";
preferLocalBuild = true;
} ''
loadkeys -b ${optionalString isUnicode "-u"} "${cfg.keyMap}" > $out
'';
# Sadly, systemd-vconsole-setup doesn't support binary keymaps.
vconsoleConf = pkgs.writeText "vconsole.conf" ''
KEYMAP=${cfg.keyMap}
FONT=${cfg.font}
'';
consoleEnv = pkgs.buildEnv {
name = "console-env";
paths = [ pkgs.kbd ] ++ cfg.packages;
pathsToLink = [
"/share/consolefonts"
"/share/consoletrans"
"/share/keymaps"
"/share/unimaps"
];
};
setVconsole = !config.boot.isContainer;
in
{
###### interface
options.console = {
font = mkOption {
type = types.str;
default = "Lat2-Terminus16";
example = "LatArCyrHeb-16";
description = ''
The font used for the virtual consoles. Leave empty to use
whatever the <command>setfont</command> program considers the
default font.
'';
};
keyMap = mkOption {
type = with types; either str path;
default = "us";
example = "fr";
description = ''
The keyboard mapping table for the virtual consoles.
'';
};
colors = mkOption {
type = types.listOf types.str;
default = [];
example = [
"002b36" "dc322f" "859900" "b58900"
"268bd2" "d33682" "2aa198" "eee8d5"
"002b36" "cb4b16" "586e75" "657b83"
"839496" "6c71c4" "93a1a1" "fdf6e3"
];
description = ''
The 16 colors palette used by the virtual consoles.
Leave empty to use the default colors.
Colors must be in hexadecimal format and listed in
order from color 0 to color 15.
'';
};
packages = mkOption {
type = types.listOf types.package;
default = with pkgs.kbdKeymaps; [ dvp neo ];
defaultText = ''with pkgs.kbdKeymaps; [ dvp neo ]'';
description = ''
List of additional packages that provide console fonts, keymaps and
other resources for virtual consoles use.
'';
};
extraTTYs = mkOption {
default = [];
type = types.listOf types.str;
example = ["tty8" "tty9"];
description = ''
TTY (virtual console) devices, in addition to the consoles on
which mingetty and syslogd run, that must be initialised.
Only useful if you have some program that you want to run on
some fixed console. For example, the NixOS installation CD
opens the manual in a web browser on console 7, so it sets
<option>console.extraTTYs</option> to <literal>["tty7"]</literal>.
'';
};
useXkbConfig = mkOption {
type = types.bool;
default = false;
description = ''
If set, configure the virtual console keymap from the xserver
keyboard settings.
'';
};
earlySetup = mkOption {
default = false;
type = types.bool;
description = ''
Enable setting virtual console options as early as possible (in initrd).
'';
};
};
###### implementation
config = mkMerge [
{ console.keyMap = with config.services.xserver;
mkIf cfg.useXkbConfig
(pkgs.runCommand "xkb-console-keymap" { preferLocalBuild = true; } ''
'${pkgs.ckbcomp}/bin/ckbcomp' -model '${xkbModel}' -layout '${layout}' \
-option '${xkbOptions}' -variant '${xkbVariant}' > "$out"
'');
}
(mkIf (!setVconsole) {
systemd.services.systemd-vconsole-setup.enable = false;
})
(mkIf setVconsole (mkMerge [
{ environment.systemPackages = [ pkgs.kbd ];
# Let systemd-vconsole-setup.service do the work of setting up the
# virtual consoles.
environment.etc."vconsole.conf".source = vconsoleConf;
# Provide kbd with additional packages.
environment.etc.kbd.source = "${consoleEnv}/share";
boot.initrd.preLVMCommands = mkBefore ''
kbd_mode ${if isUnicode then "-u" else "-a"} -C /dev/console
printf "\033%%${if isUnicode then "G" else "@"}" >> /dev/console
loadkmap < ${optimizedKeymap}
${optionalString cfg.earlySetup ''
setfont -C /dev/console $extraUtils/share/consolefonts/font.psf
''}
'';
systemd.services.systemd-vconsole-setup =
{ before = [ "display-manager.service" ];
after = [ "systemd-udev-settle.service" ];
restartTriggers = [ vconsoleConf consoleEnv ];
};
}
(mkIf (cfg.colors != []) {
boot.kernelParams = [
"vt.default_red=${makeColor 0 cfg.colors}"
"vt.default_grn=${makeColor 1 cfg.colors}"
"vt.default_blu=${makeColor 2 cfg.colors}"
];
})
(mkIf cfg.earlySetup {
boot.initrd.extraUtilsCommands = ''
mkdir -p $out/share/consolefonts
${if substring 0 1 cfg.font == "/" then ''
font="${cfg.font}"
'' else ''
font="$(echo ${consoleEnv}/share/consolefonts/${cfg.font}.*)"
''}
if [[ $font == *.gz ]]; then
gzip -cd $font > $out/share/consolefonts/font.psf
else
cp -L $font $out/share/consolefonts/font.psf
fi
'';
})
]))
];
imports = [
(mkRenamedOptionModule [ "i18n" "consoleFont" ] [ "console" "font" ])
(mkRenamedOptionModule [ "i18n" "consoleKeyMap" ] [ "console" "keyMap" ])
(mkRenamedOptionModule [ "i18n" "consoleColors" ] [ "console" "colors" ])
(mkRenamedOptionModule [ "i18n" "consolePackages" ] [ "console" "packages" ])
(mkRenamedOptionModule [ "i18n" "consoleUseXkbConfig" ] [ "console" "useXkbConfig" ])
(mkRenamedOptionModule [ "boot" "earlyVconsoleSetup" ] [ "console" "earlySetup" ])
(mkRenamedOptionModule [ "boot" "extraTTYs" ] [ "console" "extraTTYs" ])
];
}

63
nixos/modules/config/i18n.nix
View file

@ -58,62 +58,6 @@ with lib;
''; '';
}; };
consolePackages = mkOption {
type = types.listOf types.package;
default = with pkgs.kbdKeymaps; [ dvp neo ];
defaultText = ''with pkgs.kbdKeymaps; [ dvp neo ]'';
description = ''
List of additional packages that provide console fonts, keymaps and
other resources.
'';
};
consoleFont = mkOption {
type = types.str;
default = "Lat2-Terminus16";
example = "LatArCyrHeb-16";
description = ''
The font used for the virtual consoles. Leave empty to use
whatever the <command>setfont</command> program considers the
default font.
'';
};
consoleUseXkbConfig = mkOption {
type = types.bool;
default = false;
description = ''
If set, configure the console keymap from the xserver keyboard
settings.
'';
};
consoleKeyMap = mkOption {
type = with types; either str path;
default = "us";
example = "fr";
description = ''
The keyboard mapping table for the virtual consoles.
'';
};
consoleColors = mkOption {
type = types.listOf types.str;
default = [];
example = [
"002b36" "dc322f" "859900" "b58900"
"268bd2" "d33682" "2aa198" "eee8d5"
"002b36" "cb4b16" "586e75" "657b83"
"839496" "6c71c4" "93a1a1" "fdf6e3"
];
description = ''
The 16 colors palette used by the virtual consoles.
Leave empty to use the default colors.
Colors must be in hexadecimal format and listed in
order from color 0 to color 15.
'';
};
}; };
}; };
@ -123,13 +67,6 @@ with lib;
config = { config = {
i18n.consoleKeyMap = with config.services.xserver;
mkIf config.i18n.consoleUseXkbConfig
(pkgs.runCommand "xkb-console-keymap" { preferLocalBuild = true; } ''
'${pkgs.ckbcomp}/bin/ckbcomp' -model '${xkbModel}' -layout '${layout}' \
-option '${xkbOptions}' -variant '${xkbVariant}' > "$out"
'');
environment.systemPackages = environment.systemPackages =
optional (config.i18n.supportedLocales != []) config.i18n.glibcLocales; optional (config.i18n.supportedLocales != []) config.i18n.glibcLocales;

3
nixos/modules/installer/tools/nixos-generate-config.pl
View file

@ -335,6 +335,9 @@ if (@swaps) {
next unless -e $swapFilename; next unless -e $swapFilename;
my $dev = findStableDevPath $swapFilename; my $dev = findStableDevPath $swapFilename;
if ($swapType =~ "partition") { if ($swapType =~ "partition") {
# zram devices are more likely created by configuration.nix, so
# ignore them here
next if ($swapFilename =~ /^\/dev\/zram/);
push @swapDevices, "{ device = \"$dev\"; }"; push @swapDevices, "{ device = \"$dev\"; }";
} elsif ($swapType =~ "file") { } elsif ($swapType =~ "file") {
# swap *files* are more likely specified in configuration.nix, so # swap *files* are more likely specified in configuration.nix, so

5
nixos/modules/module-list.nix
View file

@ -11,6 +11,7 @@
./config/xdg/mime.nix ./config/xdg/mime.nix
./config/xdg/portal.nix ./config/xdg/portal.nix
./config/appstream.nix ./config/appstream.nix
./config/console.nix
./config/xdg/sounds.nix ./config/xdg/sounds.nix
./config/gtk/gtk-icon-cache.nix ./config/gtk/gtk-icon-cache.nix
./config/gnu.nix ./config/gnu.nix
@ -557,6 +558,7 @@
./services/network-filesystems/yandex-disk.nix ./services/network-filesystems/yandex-disk.nix
./services/network-filesystems/xtreemfs.nix ./services/network-filesystems/xtreemfs.nix
./services/network-filesystems/ceph.nix ./services/network-filesystems/ceph.nix
./services/networking/3proxy.nix
./services/networking/amuled.nix ./services/networking/amuled.nix
./services/networking/aria2.nix ./services/networking/aria2.nix
./services/networking/asterisk.nix ./services/networking/asterisk.nix
@ -693,6 +695,7 @@
./services/networking/sniproxy.nix ./services/networking/sniproxy.nix
./services/networking/smokeping.nix ./services/networking/smokeping.nix
./services/networking/softether.nix ./services/networking/softether.nix
./services/networking/spacecookie.nix
./services/networking/spiped.nix ./services/networking/spiped.nix
./services/networking/squid.nix ./services/networking/squid.nix
./services/networking/sslh.nix ./services/networking/sslh.nix
@ -813,6 +816,7 @@
./services/web-apps/restya-board.nix ./services/web-apps/restya-board.nix
./services/web-apps/tt-rss.nix ./services/web-apps/tt-rss.nix
./services/web-apps/trac.nix ./services/web-apps/trac.nix
./services/web-apps/trilium.nix
./services/web-apps/selfoss.nix ./services/web-apps/selfoss.nix
./services/web-apps/shiori.nix ./services/web-apps/shiori.nix
./services/web-apps/virtlyst.nix ./services/web-apps/virtlyst.nix
@ -938,7 +942,6 @@
./tasks/filesystems/vfat.nix ./tasks/filesystems/vfat.nix
./tasks/filesystems/xfs.nix ./tasks/filesystems/xfs.nix
./tasks/filesystems/zfs.nix ./tasks/filesystems/zfs.nix
./tasks/kbd.nix
./tasks/lvm.nix ./tasks/lvm.nix
./tasks/network-interfaces.nix ./tasks/network-interfaces.nix
./tasks/network-interfaces-systemd.nix ./tasks/network-interfaces-systemd.nix

2
nixos/modules/programs/nm-applet.nix
View file

@ -10,5 +10,7 @@
partOf = [ "graphical-session.target" ]; partOf = [ "graphical-session.target" ];
serviceConfig.ExecStart = "${pkgs.networkmanagerapplet}/bin/nm-applet"; serviceConfig.ExecStart = "${pkgs.networkmanagerapplet}/bin/nm-applet";
}; };
services.dbus.packages = [ pkgs.gcr ];
}; };
} }

67
nixos/modules/programs/sway.nix
View file

@ -4,27 +4,32 @@ with lib;
let let
cfg = config.programs.sway; cfg = config.programs.sway;
swayPackage = pkgs.sway;
swayWrapped = pkgs.writeShellScriptBin "sway" '' wrapperOptions = types.submodule {
set -o errexit options =
let
mkWrapperFeature = default: description: mkOption {
type = types.bool;
inherit default;
example = !default;
description = "Whether to make use of the ${description}";
};
in {
base = mkWrapperFeature true ''
base wrapper to execute extra session commands and prepend a
dbus-run-session to the sway command.
'';
gtk = mkWrapperFeature false ''
wrapGAppsHook wrapper to execute sway with required environment
variables for GTK applications.
'';
};
};
if [ ! "$_SWAY_WRAPPER_ALREADY_EXECUTED" ]; then swayPackage = pkgs.sway.override {
export _SWAY_WRAPPER_ALREADY_EXECUTED=1 extraSessionCommands = cfg.extraSessionCommands;
${cfg.extraSessionCommands} withBaseWrapper = cfg.wrapperFeatures.base;
fi withGtkWrapper = cfg.wrapperFeatures.gtk;
if [ "$DBUS_SESSION_BUS_ADDRESS" ]; then
export DBUS_SESSION_BUS_ADDRESS
exec ${swayPackage}/bin/sway "$@"
else
exec ${pkgs.dbus}/bin/dbus-run-session ${swayPackage}/bin/sway "$@"
fi
'';
swayJoined = pkgs.symlinkJoin {
name = "sway-joined";
paths = [ swayWrapped swayPackage ];
passthru.providedSessions = [ "sway" ];
}; };
in { in {
options.programs.sway = { options.programs.sway = {
@ -36,6 +41,15 @@ in {
Please have a look at the "extraSessionCommands" example for running Please have a look at the "extraSessionCommands" example for running
programs natively under Wayland''; programs natively under Wayland'';
wrapperFeatures = mkOption {
type = wrapperOptions;
default = { };
example = { gtk = true; };
description = ''
Attribute set of features to enable in the wrapper.
'';
};
extraSessionCommands = mkOption { extraSessionCommands = mkOption {
type = types.lines; type = types.lines;
default = ""; default = "";
@ -56,7 +70,7 @@ in {
extraPackages = mkOption { extraPackages = mkOption {
type = with types; listOf package; type = with types; listOf package;
default = with pkgs; [ default = with pkgs; [
swaylock swayidle swaybg swaylock swayidle
xwayland rxvt_unicode dmenu xwayland rxvt_unicode dmenu
]; ];
defaultText = literalExample '' defaultText = literalExample ''
@ -76,8 +90,17 @@ in {
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {
assertions = [
{
assertion = cfg.extraSessionCommands != "" -> cfg.wrapperFeatures.base;
message = ''
The extraSessionCommands for Sway will not be run if
wrapperFeatures.base is disabled.
'';
}
];
environment = { environment = {
systemPackages = [ swayJoined ] ++ cfg.extraPackages; systemPackages = [ swayPackage ] ++ cfg.extraPackages;
etc = { etc = {
"sway/config".source = mkOptionDefault "${swayPackage}/etc/sway/config"; "sway/config".source = mkOptionDefault "${swayPackage}/etc/sway/config";
#"sway/security.d".source = mkOptionDefault "${swayPackage}/etc/sway/security.d/"; #"sway/security.d".source = mkOptionDefault "${swayPackage}/etc/sway/security.d/";
@ -89,7 +112,7 @@ in {
fonts.enableDefaultFonts = mkDefault true; fonts.enableDefaultFonts = mkDefault true;
programs.dconf.enable = mkDefault true; programs.dconf.enable = mkDefault true;
# To make a Sway session available if a display manager like SDDM is enabled: # To make a Sway session available if a display manager like SDDM is enabled:
services.xserver.displayManager.sessionPackages = [ swayJoined ]; services.xserver.displayManager.sessionPackages = [ swayPackage ];
}; };
meta.maintainers = with lib.maintainers; [ gnidorah primeos colemickens ]; meta.maintainers = with lib.maintainers; [ gnidorah primeos colemickens ];

2
nixos/modules/rename.nix
View file

@ -25,6 +25,8 @@ with lib;
(mkRemovedOptionModule [ "services.beegfsEnable" ] "The BeeGFS module has been removed") (mkRemovedOptionModule [ "services.beegfsEnable" ] "The BeeGFS module has been removed")
(mkRemovedOptionModule [ "services.beegfs" ] "The BeeGFS module has been removed") (mkRemovedOptionModule [ "services.beegfs" ] "The BeeGFS module has been removed")
(mkRemovedOptionModule [ "services.osquery" ] "The osquery module has been removed") (mkRemovedOptionModule [ "services.osquery" ] "The osquery module has been removed")
(mkRemovedOptionModule [ "services.fourStore" ] "The fourStore module has been removed")
(mkRemovedOptionModule [ "services.fourStoreEndpoint" ] "The fourStoreEndpoint module has been removed")
# Do NOT add any option renames here, see top of the file # Do NOT add any option renames here, see top of the file
]; ];

4
nixos/modules/security/acme.nix
View file

@ -241,9 +241,9 @@ in
StateDirectoryMode = rights; StateDirectoryMode = rights;
WorkingDirectory = "/var/lib/${lpath}"; WorkingDirectory = "/var/lib/${lpath}";
ExecStart = "${pkgs.simp_le}/bin/simp_le ${escapeShellArgs cmdline}"; ExecStart = "${pkgs.simp_le}/bin/simp_le ${escapeShellArgs cmdline}";
ExecStopPost = ExecStartPost =
let let
script = pkgs.writeScript "acme-post-stop" '' script = pkgs.writeScript "acme-post-start" ''
#!${pkgs.runtimeShell} -e #!${pkgs.runtimeShell} -e
${data.postRun} ${data.postRun}
''; '';

25
nixos/modules/services/desktops/pantheon/contractor.nix
View file

@ -6,35 +6,12 @@ with lib;
{ {
meta.maintainers = pkgs.pantheon.maintainers;
###### interface
options = {
services.pantheon.contractor = {
enable = mkEnableOption "contractor, a desktop-wide extension service used by pantheon";
};
};
###### implementation ###### implementation
config = mkIf config.services.pantheon.contractor.enable { config = mkIf config.services.pantheon.contractor.enable {
environment.systemPackages = with pkgs.pantheon; [
contractor
extra-elementary-contracts
];
services.dbus.packages = [ pkgs.pantheon.contractor ];
environment.pathsToLink = [
"/share/contractor"
];
}; };

31
nixos/modules/services/desktops/pantheon/files.nix
View file

@ -6,33 +6,8 @@ with lib;
{ {
meta.maintainers = pkgs.pantheon.maintainers; imports = [
(mkRemovedOptionModule [ "services" "pantheon" "files" "enable" ] "Use `environment.systemPackages [ pkgs.pantheon.elementary-files ];`")
###### interface ];
options = {
services.pantheon.files = {
enable = mkEnableOption "pantheon files daemon";
};
};
###### implementation
config = mkIf config.services.pantheon.files.enable {
environment.systemPackages = [
pkgs.pantheon.elementary-files
];
services.dbus.packages = [
pkgs.pantheon.elementary-files
];
};
} }

299
nixos/modules/services/logging/awstats.nix
View file

@ -4,31 +4,116 @@ with lib;
let let
cfg = config.services.awstats; cfg = config.services.awstats;
httpd = config.services.httpd;
package = pkgs.awstats; package = pkgs.awstats;
in configOpts = {name, config, ...}: {
options = {
type = mkOption{
type = types.enum [ "mail" "web" ];
default = "web";
example = "mail";
description = ''
The type of log being collected.
'';
};
domain = mkOption {
type = types.str;
default = name;
description = "The domain name to collect stats for.";
example = "example.com";
};
{ logFile = mkOption {
options.services.awstats = { type = types.str;
enable = mkOption { example = "/var/spool/nginx/logs/access.log";
type = types.bool; description = ''
default = cfg.service.enable; The log file to be scanned.
description = ''
Enable the awstats program (but not service). For mail, set this to
Currently only simple httpd (Apache) configs are supported, <literal>
and awstats plugins may not work correctly. journalctl $OLD_CURSOR -u postfix.service | ''${pkgs.perl}/bin/perl ''${pkgs.awstats.out}/share/awstats/tools/maillogconvert.pl standard |
''; </literal>
'';
};
logFormat = mkOption {
type = types.str;
default = "1";
description = ''
The log format being used.
For mail, set this to
<literal>
%time2 %email %email_r %host %host_r %method %url %code %bytesd
</literal>
'';
};
hostAliases = mkOption {
type = types.listOf types.str;
default = [];
example = "[ \"www.example.org\" ]";
description = ''
List of aliases the site has.
'';
};
extraConfig = mkOption {
type = types.attrsOf types.str;
default = {};
example = literalExample ''
{
"ValidHTTPCodes" = "404";
}
'';
};
webService = {
enable = mkEnableOption "awstats web service";
hostname = mkOption {
type = types.str;
default = config.domain;
description = "The hostname the web service appears under.";
};
urlPrefix = mkOption {
type = types.str;
default = "/awstats";
description = "The URL prefix under which the awstats pages appear.";
};
};
}; };
vardir = mkOption { };
webServices = filterAttrs (name: value: value.webService.enable) cfg.configs;
in
{
imports = [
(mkRemovedOptionModule [ "services" "awstats" "service" "enable" ] "Please enable per domain with `services.awstats.configs.<name>.webService.enable`")
(mkRemovedOptionModule [ "services" "awstats" "service" "urlPrefix" ] "Please set per domain with `services.awstats.configs.<name>.webService.urlPrefix`")
(mkRenamedOptionModule [ "services" "awstats" "vardir" ] [ "services" "awstats" "dataDir" ])
];
options.services.awstats = {
enable = mkEnableOption "awstats";
dataDir = mkOption {
type = types.path; type = types.path;
default = "/var/lib/awstats"; default = "/var/lib/awstats";
description = "The directory where variable awstats data will be stored."; description = "The directory where awstats data will be stored.";
}; };
extraConfig = mkOption { configs = mkOption {
type = types.lines; type = types.attrsOf (types.submodule configOpts);
default = ""; default = {};
description = "Extra configuration to be appendend to awstats.conf."; example = literalExample ''
{
"mysite" = {
domain = "example.com";
logFile = "/var/spool/nginx/logs/access.log";
};
}
'';
description = "Attribute set of domains to collect stats for.";
}; };
updateAt = mkOption { updateAt = mkOption {
@ -42,75 +127,129 @@ in
<manvolnum>7</manvolnum></citerefentry>) <manvolnum>7</manvolnum></citerefentry>)
''; '';
}; };
service = {
enable = mkOption {
type = types.bool;
default = false;
description = ''Enable the awstats web service. This switches on httpd.'';
};
urlPrefix = mkOption {
type = types.str;
default = "/awstats";
description = "The URL prefix under which the awstats service appears.";
};
};
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {
environment.systemPackages = [ package.bin ]; environment.systemPackages = [ package.bin ];
/* TODO:
- heed config.services.httpd.logPerVirtualHost, etc. environment.etc = mapAttrs' (name: opts:
- Can't AllowToUpdateStatsFromBrowser, as CGI scripts don't have permission nameValuePair "awstats/awstats.${name}.conf" {
to read the logs, and our httpd config apparently doesn't an option for that. source = pkgs.runCommand "awstats.${name}.conf"
*/
environment.etc."awstats/awstats.conf".source = pkgs.runCommand "awstats.conf"
{ preferLocalBuild = true; } { preferLocalBuild = true; }
( let (''
logFormat = sed \
if httpd.logFormat == "combined" then "1" else ''
if httpd.logFormat == "common" then "4" else # set up mail stats
throw "awstats service doesn't support Apache log format `${httpd.logFormat}`"; + optionalString (opts.type == "mail")
in ''
-e 's|^\(LogType\)=.*$|\1=M|' \
-e 's|^\(LevelForBrowsersDetection\)=.*$|\1=0|' \
-e 's|^\(LevelForOSDetection\)=.*$|\1=0|' \
-e 's|^\(LevelForRefererAnalyze\)=.*$|\1=0|' \
-e 's|^\(LevelForRobotsDetection\)=.*$|\1=0|' \
-e 's|^\(LevelForSearchEnginesDetection\)=.*$|\1=0|' \
-e 's|^\(LevelForFileTypesDetection\)=.*$|\1=0|' \
-e 's|^\(LevelForWormsDetection\)=.*$|\1=0|' \
-e 's|^\(ShowMenu\)=.*$|\1=1|' \
-e 's|^\(ShowSummary\)=.*$|\1=HB|' \
-e 's|^\(ShowMonthStats\)=.*$|\1=HB|' \
-e 's|^\(ShowDaysOfMonthStats\)=.*$|\1=HB|' \
-e 's|^\(ShowDaysOfWeekStats\)=.*$|\1=HB|' \
-e 's|^\(ShowHoursStats\)=.*$|\1=HB|' \
-e 's|^\(ShowDomainsStats\)=.*$|\1=0|' \
-e 's|^\(ShowHostsStats\)=.*$|\1=HB|' \
-e 's|^\(ShowAuthenticatedUsers\)=.*$|\1=0|' \
-e 's|^\(ShowRobotsStats\)=.*$|\1=0|' \
-e 's|^\(ShowEMailSenders\)=.*$|\1=HBML|' \
-e 's|^\(ShowEMailReceivers\)=.*$|\1=HBML|' \
-e 's|^\(ShowSessionsStats\)=.*$|\1=0|' \
-e 's|^\(ShowPagesStats\)=.*$|\1=0|' \
-e 's|^\(ShowFileTypesStats\)=.*$|\1=0|' \
-e 's|^\(ShowFileSizesStats\)=.*$|\1=0|' \
-e 's|^\(ShowBrowsersStats\)=.*$|\1=0|' \
-e 's|^\(ShowOSStats\)=.*$|\1=0|' \
-e 's|^\(ShowOriginStats\)=.*$|\1=0|' \
-e 's|^\(ShowKeyphrasesStats\)=.*$|\1=0|' \
-e 's|^\(ShowKeywordsStats\)=.*$|\1=0|' \
-e 's|^\(ShowMiscStats\)=.*$|\1=0|' \
-e 's|^\(ShowHTTPErrorsStats\)=.*$|\1=0|' \
-e 's|^\(ShowSMTPErrorsStats\)=.*$|\1=1|' \
''
+
# common options
''
-e 's|^\(DirData\)=.*$|\1="${cfg.dataDir}/${name}"|' \
-e 's|^\(DirIcons\)=.*$|\1="icons"|' \
-e 's|^\(CreateDirDataIfNotExists\)=.*$|\1=1|' \
-e 's|^\(SiteDomain\)=.*$|\1="${name}"|' \
-e 's|^\(LogFile\)=.*$|\1="${opts.logFile}"|' \
-e 's|^\(LogFormat\)=.*$|\1="${opts.logFormat}"|' \
''
+
# extra config
concatStringsSep "\n" (mapAttrsToList (n: v: ''
-e 's|^\(${n}\)=.*$|\1="${v}"|' \
'') opts.extraConfig)
+
''
< '${package.out}/wwwroot/cgi-bin/awstats.model.conf' > "$out"
'');
}) cfg.configs;
# create data directory with the correct permissions
systemd.tmpfiles.rules =
[ "d '${cfg.dataDir}' 755 root root - -" ] ++
mapAttrsToList (name: opts: "d '${cfg.dataDir}/${name}' 755 root root - -") cfg.configs ++
[ "Z '${cfg.dataDir}' 755 root root - -" ];
# nginx options
services.nginx.virtualHosts = mapAttrs'(name: opts: {
name = opts.webService.hostname;
value = {
locations = {
"${opts.webService.urlPrefix}/css/" = {
alias = "${package.out}/wwwroot/css/";
};
"${opts.webService.urlPrefix}/icons/" = {
alias = "${package.out}/wwwroot/icon/";
};
"${opts.webService.urlPrefix}/" = {
alias = "${cfg.dataDir}/${name}/";
extraConfig = ''
autoindex on;
'';
};
};
};
}) webServices;
# update awstats
systemd.services = mkIf (cfg.updateAt != null) (mapAttrs' (name: opts:
nameValuePair "awstats-${name}-update" {
description = "update awstats for ${name}";
script = optionalString (opts.type == "mail")
'' ''
sed \ if [[ -f "${cfg.dataDir}/${name}-cursor" ]]; then
-e 's|^\(DirData\)=.*$|\1="${cfg.vardir}"|' \ CURSOR="$(cat "${cfg.dataDir}/${name}-cursor" | tr -d '\n')"
-e 's|^\(DirIcons\)=.*$|\1="icons"|' \ if [[ -n "$CURSOR" ]]; then
-e 's|^\(CreateDirDataIfNotExists\)=.*$|\1=1|' \ echo "Using cursor: $CURSOR"
-e 's|^\(SiteDomain\)=.*$|\1="${httpd.hostName}"|' \ export OLD_CURSOR="--cursor $CURSOR"
-e 's|^\(LogFile\)=.*$|\1="${httpd.logDir}/access_log"|' \ fi
-e 's|^\(LogFormat\)=.*$|\1=${logFormat}|' \ fi
< '${package.out}/wwwroot/cgi-bin/awstats.model.conf' > "$out" NEW_CURSOR="$(journalctl $OLD_CURSOR -u postfix.service --show-cursor | tail -n 1 | tr -d '\n' | sed -e 's#^-- cursor: \(.*\)#\1#')"
echo '${cfg.extraConfig}' >> "$out" echo "New cursor: $NEW_CURSOR"
''); ${package.bin}/bin/awstats -update -config=${name}
if [ -n "$NEW_CURSOR" ]; then
systemd.tmpfiles.rules = optionals cfg.service.enable [ echo -n "$NEW_CURSOR" > ${cfg.dataDir}/${name}-cursor
"d '${cfg.vardir}' - ${httpd.user} ${httpd.group} - -" fi
"Z '${cfg.vardir}' - ${httpd.user} ${httpd.group} - -" '' + ''
]; ${package.out}/share/awstats/tools/awstats_buildstaticpages.pl \
-config=${name} -update -dir=${cfg.dataDir}/${name} \
# The httpd sub-service showing awstats. -awstatsprog=${package.bin}/bin/awstats
services.httpd = optionalAttrs cfg.service.enable { '';
enable = true; startAt = cfg.updateAt;
extraConfig = '' }) cfg.configs);
Alias ${cfg.service.urlPrefix}/classes "${package.out}/wwwroot/classes/"
Alias ${cfg.service.urlPrefix}/css "${package.out}/wwwroot/css/"
Alias ${cfg.service.urlPrefix}/icons "${package.out}/wwwroot/icon/"
ScriptAlias ${cfg.service.urlPrefix}/ "${package.out}/wwwroot/cgi-bin/"
<Directory "${package.out}/wwwroot">
Options None
Require all granted
</Directory>
'';
};
systemd.services.awstats-update = mkIf (cfg.updateAt != null) {
description = "awstats log collector";
script = "exec '${package.bin}/bin/awstats' -update -config=awstats.conf";
startAt = cfg.updateAt;
};
}; };
} }

424
nixos/modules/services/networking/3proxy.nix Normal file
View file

@ -0,0 +1,424 @@
{ config, lib, pkgs, ... }:
with lib;
let
pkg = pkgs._3proxy;
cfg = config.services._3proxy;
optionalList = list: if list == [ ] then "*" else concatMapStringsSep "," toString list;
in {
options.services._3proxy = {
enable = mkEnableOption "3proxy";
confFile = mkOption {
type = types.path;
example = "/var/lib/3proxy/3proxy.conf";
description = ''
Ignore all other 3proxy options and load configuration from this file.
'';
};
usersFile = mkOption {
type = types.nullOr types.path;
default = null;
example = "/var/lib/3proxy/3proxy.passwd";
description = ''
Load users and passwords from this file.
Example users file with plain-text passwords:
<literal>
test1:CL:password1
test2:CL:password2
</literal>
Example users file with md5-crypted passwords:
<literal>
test1:CR:$1$tFkisVd2$1GA8JXkRmTXdLDytM/i3a1
test2:CR:$1$rkpibm5J$Aq1.9VtYAn0JrqZ8M.1ME.
</literal>
You can generate md5-crypted passwords via https://unix4lyfe.org/crypt/
Note that htpasswd tool generates incompatible md5-crypted passwords.
Consult <link xlink:href="https://github.com/z3APA3A/3proxy/wiki/How-To-(incomplete)#USERS">documentation</link> for more information.
'';
};
services = mkOption {
type = types.listOf (types.submodule {
options = {
type = mkOption {
type = types.enum [
"proxy"
"socks"
"pop3p"
"ftppr"
"admin"
"dnspr"
"tcppm"
"udppm"
];
example = "proxy";
description = ''
Service type. The following values are valid:
<itemizedlist>
<listitem><para>
<literal>"proxy"</literal>: HTTP/HTTPS proxy (default port 3128).
</para></listitem>
<listitem><para>
<literal>"socks"</literal>: SOCKS 4/4.5/5 proxy (default port 1080).
</para></listitem>
<listitem><para>
<literal>"pop3p"</literal>: POP3 proxy (default port 110).
</para></listitem>
<listitem><para>
<literal>"ftppr"</literal>: FTP proxy (default port 21).
</para></listitem>
<listitem><para>
<literal>"admin"</literal>: Web interface (default port 80).
</para></listitem>
<listitem><para>
<literal>"dnspr"</literal>: Caching DNS proxy (default port 53).
</para></listitem>
<listitem><para>
<literal>"tcppm"</literal>: TCP portmapper.
</para></listitem>
<listitem><para>
<literal>"udppm"</literal>: UDP portmapper.
</para></listitem>
</itemizedlist>
'';
};
bindAddress = mkOption {
type = types.str;
default = "[::]";
example = "127.0.0.1";
description = ''
Address used for service.
'';
};
bindPort = mkOption {
type = types.nullOr types.int;
default = null;
example = 3128;
description = ''
Override default port used for service.
'';
};
maxConnections = mkOption {
type = types.int;
default = 100;
example = 1000;
description = ''
Maximum number of simulationeous connections to this service.
'';
};
auth = mkOption {
type = types.listOf (types.enum [ "none" "iponly" "strong" ]);
example = [ "iponly" "strong" ];
description = ''
Authentication type. The following values are valid:
<itemizedlist>
<listitem><para>
<literal>"none"</literal>: disables both authentication and authorization. You can not use ACLs.
</para></listitem>
<listitem><para>
<literal>"iponly"</literal>: specifies no authentication. ACLs authorization is used.
</para></listitem>
<listitem><para>
<literal>"strong"</literal>: authentication by username/password. If user is not registered his access is denied regardless of ACLs.
</para></listitem>
</itemizedlist>
Double authentication is possible, e.g.
<literal>
{
auth = [ "iponly" "strong" ];
acl = [
{
rule = "allow";
targets = [ "192.168.0.0/16" ];
}
{
rule = "allow"
users = [ "user1" "user2" ];
}
];
}
</literal>
In this example strong username authentication is not required to access 192.168.0.0/16.
'';
};
acl = mkOption {
type = types.listOf (types.submodule {
options = {
rule = mkOption {
type = types.enum [ "allow" "deny" ];
example = "allow";
description = ''
ACL rule. The following values are valid:
<itemizedlist>
<listitem><para>
<literal>"allow"</literal>: connections allowed.
</para></listitem>
<listitem><para>
<literal>"deny"</literal>: connections not allowed.
</para></listitem>
</itemizedlist>
'';
};
users = mkOption {
type = types.listOf types.str;
default = [ ];
example = [ "user1" "user2" "user3" ];
description = ''
List of users, use empty list for any.
'';
};
sources = mkOption {
type = types.listOf types.str;
default = [ ];
example = [ "127.0.0.1" "192.168.1.0/24" ];
description = ''
List of source IP range, use empty list for any.
'';
};
targets = mkOption {
type = types.listOf types.str;
default = [ ];
example = [ "127.0.0.1" "192.168.1.0/24" ];
description = ''
List of target IP ranges, use empty list for any.
May also contain host names instead of addresses.
It's possible to use wildmask in the begginning and in the the end of hostname, e.g. *badsite.com or *badcontent*.
Hostname is only checked if hostname presents in request.
'';
};
targetPorts = mkOption {
type = types.listOf types.int;
default = [ ];
example = [ 80 443 ];
description = ''
List of target ports, use empty list for any.
'';
};
};
});
default = [ ];
example = literalExample ''
[
{
rule = "allow";
users = [ "user1" ];
}
{
rule = "allow";
sources = [ "192.168.1.0/24" ];
}
{
rule = "deny";
}
]
'';
description = ''
Use this option to limit user access to resources.
'';
};
extraArguments = mkOption {
type = types.nullOr types.str;
default = null;
example = "-46";
description = ''
Extra arguments for service.
Consult "Options" section in <link xlink:href="https://github.com/z3APA3A/3proxy/wiki/3proxy.cfg">documentation</link> for available arguments.
'';
};
extraConfig = mkOption {
type = types.nullOr types.lines;
default = null;
description = ''
Extra configuration for service. Use this to configure things like bandwidth limiter or ACL-based redirection.
Consult <link xlink:href="https://github.com/z3APA3A/3proxy/wiki/3proxy.cfg">documentation</link> for available options.
'';
};
};
});
default = [ ];
example = literalExample ''
[
{
type = "proxy";
bindAddress = "192.168.1.24";
bindPort = 3128;
auth = [ "none" ];
}
{
type = "proxy";
bindAddress = "10.10.1.20";
bindPort = 3128;
auth = [ "iponly" ];
}
{
type = "socks";
bindAddress = "172.17.0.1";
bindPort = 1080;
auth = [ "strong" ];
}
]
'';
description = ''
Use this option to define 3proxy services.
'';
};
denyPrivate = mkOption {
type = types.bool;
default = true;
description = ''
Whether to deny access to private IP ranges including loopback.
'';
};
privateRanges = mkOption {
type = types.listOf types.str;
default = [
"0.0.0.0/8"
"127.0.0.0/8"
"10.0.0.0/8"
"100.64.0.0/10"
"172.16.0.0/12"
"192.168.0.0/16"
"::"
"::1"
"fc00::/7"
];
example = [
"0.0.0.0/8"
"127.0.0.0/8"
"10.0.0.0/8"
"100.64.0.0/10"
"172.16.0.0/12"
"192.168.0.0/16"
"::"
"::1"
"fc00::/7"
];
description = ''
What IP ranges to deny access when denyPrivate is set tu true.
'';
};
resolution = mkOption {
type = types.submodule {
options = {
nserver = mkOption {
type = types.listOf types.str;
default = [ ];
example = [ "127.0.0.53" "192.168.1.3:5353/tcp" ];
description = ''
List of nameservers to use.
Up to 5 nservers may be specified. If no nserver is configured,
default system name resolution functions are used.
'';
};
nscache = mkOption {
type = types.int;
default = 65535;
example = 65535;
description = "Set name cache size for IPv4.";
};
nscache6 = mkOption {
type = types.int;
default = 65535;
example = 65535;
description = "Set name cache size for IPv6.";
};
nsrecord = mkOption {
type = types.attrsOf types.str;
default = { };
example = {
"files.local" = "192.168.1.12";
"site.local" = "192.168.1.43";
};
description = "Adds static nsrecords.";
};
};
};
default = { };
description = ''
Use this option to configure name resolution and DNS caching.
'';
};
extraConfig = mkOption {
type = types.nullOr types.lines;
default = null;
description = ''
Extra configuration, appended to the 3proxy configuration file.
Consult <link xlink:href="https://github.com/z3APA3A/3proxy/wiki/3proxy.cfg">documentation</link> for available options.
'';
};
};
config = mkIf cfg.enable {
services._3proxy.confFile = mkDefault (pkgs.writeText "3proxy.conf" ''
# log to stdout
log
${concatMapStringsSep "\n" (x: "nserver " + x) cfg.resolution.nserver}
nscache ${toString cfg.resolution.nscache}
nscache6 ${toString cfg.resolution.nscache6}
${concatMapStringsSep "\n" (x: "nsrecord " + x)
(mapAttrsToList (name: value: "${name} ${value}")
cfg.resolution.nsrecord)}
${optionalString (cfg.usersFile != null)
''users $"${cfg.usersFile}"''
}
${concatMapStringsSep "\n" (service: ''
auth ${concatStringsSep " " service.auth}
${optionalString (cfg.denyPrivate)
"deny * * ${optionalList cfg.privateRanges}"}
${concatMapStringsSep "\n" (acl:
"${acl.rule} ${
concatMapStringsSep " " optionalList [
acl.users
acl.sources
acl.targets
acl.targetPorts
]
}") service.acl}
maxconn ${toString service.maxConnections}
${optionalString (service.extraConfig != null) service.extraConfig}
${service.type} -i${toString service.bindAddress} ${
optionalString (service.bindPort != null)
"-p${toString service.bindPort}"
} ${
optionalString (service.extraArguments != null) service.extraArguments
}
flush
'') cfg.services}
${optionalString (cfg.extraConfig != null) cfg.extraConfig}
'');
systemd.services."3proxy" = {
description = "Tiny free proxy server";
documentation = [ "https://github.com/z3APA3A/3proxy/wiki" ];
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
serviceConfig = {
DynamicUser = true;
StateDirectory = "3proxy";
ExecStart = "${pkg}/bin/3proxy ${cfg.confFile}";
Restart = "on-failure";
};
};
};
meta.maintainers = with maintainers; [ misuzu ];
}

83
nixos/modules/services/networking/spacecookie.nix Normal file
View file

@ -0,0 +1,83 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.spacecookie;
configFile = pkgs.writeText "spacecookie.json" (lib.generators.toJSON {} {
inherit (cfg) hostname port root;
});
in {
options = {
services.spacecookie = {
enable = mkEnableOption "spacecookie";
hostname = mkOption {
type = types.str;
default = "localhost";
description = "The hostname the service is reachable via. Clients will use this hostname for further requests after loading the initial gopher menu.";
};
port = mkOption {
type = types.port;
default = 70;
description = "Port the gopher service should be exposed on.";
};
root = mkOption {
type = types.path;
default = "/srv/gopher";
description = "The root directory spacecookie serves via gopher.";
};
};
};
config = mkIf cfg.enable {
systemd.sockets.spacecookie = {
description = "Socket for the Spacecookie Gopher Server";
wantedBy = [ "sockets.target" ];
listenStreams = [ "[::]:${toString cfg.port}" ];
socketConfig = {
BindIPv6Only = "both";
};
};
systemd.services.spacecookie = {
description = "Spacecookie Gopher Server";
wantedBy = [ "multi-user.target" ];
requires = [ "spacecookie.socket" ];
serviceConfig = {
Type = "notify";
ExecStart = "${pkgs.haskellPackages.spacecookie}/bin/spacecookie ${configFile}";
FileDescriptorStoreMax = 1;
DynamicUser = true;
ProtectSystem = "strict";
ProtectHome = true;
PrivateTmp = true;
PrivateDevices = true;
PrivateMounts = true;
PrivateUsers = true;
ProtectKernelTunables = true;
ProtectKernelModules = true;
ProtectControlGroups = true;
CapabilityBoundingSet = "";
NoNewPrivileges = true;
LockPersonality = true;
RestrictRealtime = true;
# AF_UNIX for communication with systemd
# AF_INET replaced by BindIPv6Only=both
RestrictAddressFamilies = "AF_UNIX AF_INET6";
};
};
};
}

4
nixos/modules/services/web-apps/restya-board.nix
View file

@ -116,7 +116,7 @@ in
}; };
passwordFile = mkOption { passwordFile = mkOption {
type = types.nullOr types.str; type = types.nullOr types.path;
default = null; default = null;
description = '' description = ''
The database user's password. 'null' if no password is set. The database user's password. 'null' if no password is set.
@ -285,7 +285,7 @@ in
sed -i "s/^.*'R_DB_PASSWORD'.*$/define('R_DB_PASSWORD', 'restya');/g" "${runDir}/server/php/config.inc.php" sed -i "s/^.*'R_DB_PASSWORD'.*$/define('R_DB_PASSWORD', 'restya');/g" "${runDir}/server/php/config.inc.php"
'' else '' '' else ''
sed -i "s/^.*'R_DB_HOST'.*$/define('R_DB_HOST', '${cfg.database.host}');/g" "${runDir}/server/php/config.inc.php" sed -i "s/^.*'R_DB_HOST'.*$/define('R_DB_HOST', '${cfg.database.host}');/g" "${runDir}/server/php/config.inc.php"
sed -i "s/^.*'R_DB_PASSWORD'.*$/define('R_DB_PASSWORD', '$(<${cfg.database.dbPassFile})');/g" "${runDir}/server/php/config.inc.php" sed -i "s/^.*'R_DB_PASSWORD'.*$/define('R_DB_PASSWORD', ${if cfg.database.passwordFile == null then "''" else "'file_get_contents(${cfg.database.passwordFile})'"});/g" "${runDir}/server/php/config.inc.php
''} ''}
sed -i "s/^.*'R_DB_PORT'.*$/define('R_DB_PORT', '${toString cfg.database.port}');/g" "${runDir}/server/php/config.inc.php" sed -i "s/^.*'R_DB_PORT'.*$/define('R_DB_PORT', '${toString cfg.database.port}');/g" "${runDir}/server/php/config.inc.php"
sed -i "s/^.*'R_DB_NAME'.*$/define('R_DB_NAME', '${cfg.database.name}');/g" "${runDir}/server/php/config.inc.php" sed -i "s/^.*'R_DB_NAME'.*$/define('R_DB_NAME', '${cfg.database.name}');/g" "${runDir}/server/php/config.inc.php"

137
nixos/modules/services/web-apps/trilium.nix Normal file
View file

@ -0,0 +1,137 @@
{ config, lib, pkgs, ... }:
let
cfg = config.services.trilium-server;
configIni = pkgs.writeText "trilium-config.ini" ''
[General]
# Instance name can be used to distinguish between different instances
instanceName=${cfg.instanceName}
# Disable automatically generating desktop icon
noDesktopIcon=true
[Network]
# host setting is relevant only for web deployments - set the host on which the server will listen
host=${cfg.host}
# port setting is relevant only for web deployments, desktop builds run on random free port
port=${toString cfg.port}
# true for TLS/SSL/HTTPS (secure), false for HTTP (unsecure).
https=false
'';
in
{
options.services.trilium-server = with lib; {
enable = mkEnableOption "trilium-server";
dataDir = mkOption {
type = types.str;
default = "/var/lib/trilium";
description = ''
The directory storing the nodes database and the configuration.
'';
};
instanceName = mkOption {
type = types.str;
default = "Trilium";
description = ''
Instance name used to distinguish between different instances
'';
};
host = mkOption {
type = types.str;
default = "127.0.0.1";
description = ''
The host address to bind to (defaults to localhost).
'';
};
port = mkOption {
type = types.int;
default = 8080;
description = ''
The port number to bind to.
'';
};
nginx = mkOption {
default = {};
description = ''
Configuration for nginx reverse proxy.
'';
type = types.submodule {
options = {
enable = mkOption {
type = types.bool;
default = false;
description = ''
Configure the nginx reverse proxy settings.
'';
};
hostName = mkOption {
type = types.str;
description = ''
The hostname use to setup the virtualhost configuration
'';
};
};
};
};
};
config = lib.mkIf cfg.enable (lib.mkMerge [
{
meta.maintainers = with lib.maintainers; [ kampka ];
users.groups.trilium = {};
users.users.trilium = {
description = "Trilium User";
group = "trilium";
home = cfg.dataDir;
isSystemUser = true;
};
systemd.services.trilium-server = {
wantedBy = [ "multi-user.target" ];
environment.TRILIUM_DATA_DIR = cfg.dataDir;
serviceConfig = {
ExecStart = "${pkgs.trilium-server}/bin/trilium-server";
User = "trilium";
Group = "trilium";
PrivateTmp = "true";
};
};
systemd.tmpfiles.rules = [
"d ${cfg.dataDir} 0750 trilium trilium - -"
"L+ ${cfg.dataDir}/config.ini - - - - ${configIni}"
];
}
(lib.mkIf cfg.nginx.enable {
services.nginx = {
enable = true;
virtualHosts."${cfg.nginx.hostName}" = {
locations."/" = {
proxyPass = "http://${cfg.host}:${toString cfg.port}/";
extraConfig = ''
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
'';
};
extraConfig = ''
client_max_body_size 0;
'';
};
};
})
]);
}

31
nixos/modules/services/web-servers/nginx/default.nix
View file

@ -47,7 +47,7 @@ let
'')); ''));
configFile = pkgs.writers.writeNginxConfig "nginx.conf" '' configFile = pkgs.writers.writeNginxConfig "nginx.conf" ''
user ${cfg.user} ${cfg.group}; pid /run/nginx/nginx.pid;
error_log ${cfg.logError}; error_log ${cfg.logError};
daemon off; daemon off;
@ -366,12 +366,7 @@ in
preStart = mkOption { preStart = mkOption {
type = types.lines; type = types.lines;
default = '' default = "";
test -d ${cfg.stateDir}/logs || mkdir -m 750 -p ${cfg.stateDir}/logs
test `stat -c %a ${cfg.stateDir}` = "750" || chmod 750 ${cfg.stateDir}
test `stat -c %a ${cfg.stateDir}/logs` = "750" || chmod 750 ${cfg.stateDir}/logs
chown -R ${cfg.user}:${cfg.group} ${cfg.stateDir}
'';
description = " description = "
Shell commands executed before the service's nginx is started. Shell commands executed before the service's nginx is started.
"; ";
@ -673,23 +668,35 @@ in
} }
]; ];
systemd.tmpfiles.rules = [
"d '${cfg.stateDir}' 0750 ${cfg.user} ${cfg.group} - -"
"d '${cfg.stateDir}/logs' 0750 ${cfg.user} ${cfg.group} - -"
];
systemd.services.nginx = { systemd.services.nginx = {
description = "Nginx Web Server"; description = "Nginx Web Server";
wantedBy = [ "multi-user.target" ]; wantedBy = [ "multi-user.target" ];
wants = concatLists (map (vhostConfig: ["acme-${vhostConfig.serverName}.service" "acme-selfsigned-${vhostConfig.serverName}.service"]) acmeEnabledVhosts); wants = concatLists (map (vhostConfig: ["acme-${vhostConfig.serverName}.service" "acme-selfsigned-${vhostConfig.serverName}.service"]) acmeEnabledVhosts);
after = [ "network.target" ] ++ map (vhostConfig: "acme-selfsigned-${vhostConfig.serverName}.service") acmeEnabledVhosts; after = [ "network.target" ] ++ map (vhostConfig: "acme-selfsigned-${vhostConfig.serverName}.service") acmeEnabledVhosts;
stopIfChanged = false; stopIfChanged = false;
preStart = preStart = ''
''
${cfg.preStart} ${cfg.preStart}
${cfg.package}/bin/nginx -c ${configPath} -p ${cfg.stateDir} -t ${cfg.package}/bin/nginx -c '${configPath}' -p '${cfg.stateDir}' -t
''; '';
serviceConfig = { serviceConfig = {
ExecStart = "${cfg.package}/bin/nginx -c ${configPath} -p ${cfg.stateDir}"; ExecStart = "${cfg.package}/bin/nginx -c '${configPath}' -p '${cfg.stateDir}'";
ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID"; ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID";
Restart = "always"; Restart = "always";
RestartSec = "10s"; RestartSec = "10s";
StartLimitInterval = "1min"; StartLimitInterval = "1min";
# User and group
User = cfg.user;
Group = cfg.group;
# Runtime directory and mode
RuntimeDirectory = "nginx";
RuntimeDirectoryMode = "0750";
# Capabilities
AmbientCapabilities = [ "CAP_NET_BIND_SERVICE" "CAP_SYS_RESOURCE" ];
}; };
}; };

2
nixos/modules/services/web-servers/nginx/location-options.nix
View file

@ -67,7 +67,7 @@ with lib;
return = mkOption { return = mkOption {
type = types.nullOr types.str; type = types.nullOr types.str;
default = null; default = null;
example = "301 http://example.com$request_uri;"; example = "301 http://example.com$request_uri";
description = '' description = ''
Adds a return directive, for e.g. redirections. Adds a return directive, for e.g. redirections.
''; '';

55
nixos/modules/services/x11/desktop-managers/cde.nix Normal file
View file

@ -0,0 +1,55 @@
{ config, lib, pkgs, ... }:
with lib;
let
xcfg = config.services.xserver;
cfg = xcfg.desktopManager.cde;
in {
options.services.xserver.desktopManager.cde = {
enable = mkEnableOption "Common Desktop Environment";
};
config = mkIf (xcfg.enable && cfg.enable) {
services.rpcbind.enable = true;
services.xinetd.enable = true;
services.xinetd.services = [
{
name = "cmsd";
protocol = "udp";
user = "root";
server = "${pkgs.cdesktopenv}/opt/dt/bin/rpc.cmsd";
extraConfig = ''
type = RPC UNLISTED
rpc_number = 100068
rpc_version = 2-5
only_from = 127.0.0.1/0
'';
}
];
users.groups.mail = {};
security.wrappers = {
dtmail = {
source = "${pkgs.cdesktopenv}/bin/dtmail";
group = "mail";
setgid = true;
};
};
system.activationScripts.setup-cde = ''
mkdir -p /var/dt/{tmp,appconfig/appmanager}
chmod a+w+t /var/dt/{tmp,appconfig/appmanager}
'';
services.xserver.desktopManager.session = [
{ name = "CDE";
start = ''
exec ${pkgs.cdesktopenv}/opt/dt/bin/Xsession
'';
}];
};
meta.maintainers = [ maintainers.gnidorah ];
}

2
nixos/modules/services/x11/desktop-managers/default.nix
View file

@ -20,7 +20,7 @@ in
imports = [ imports = [
./none.nix ./xterm.nix ./xfce.nix ./plasma5.nix ./lumina.nix ./none.nix ./xterm.nix ./xfce.nix ./plasma5.nix ./lumina.nix
./lxqt.nix ./enlightenment.nix ./gnome3.nix ./kodi.nix ./maxx.nix ./lxqt.nix ./enlightenment.nix ./gnome3.nix ./kodi.nix ./maxx.nix
./mate.nix ./pantheon.nix ./surf-display.nix ./mate.nix ./pantheon.nix ./surf-display.nix ./cde.nix
]; ];
options = { options = {

1
nixos/modules/services/x11/desktop-managers/mate.nix
View file

@ -98,7 +98,6 @@ in
services.gnome3.at-spi2-core.enable = true; services.gnome3.at-spi2-core.enable = true;
services.gnome3.gnome-keyring.enable = true; services.gnome3.gnome-keyring.enable = true;
services.gnome3.gnome-settings-daemon.enable = true;
services.udev.packages = [ pkgs.mate.mate-settings-daemon ]; services.udev.packages = [ pkgs.mate.mate-settings-daemon ];
services.gvfs.enable = true; services.gvfs.enable = true;
services.upower.enable = config.powerManagement.enable; services.upower.enable = config.powerManagement.enable;

321
nixos/modules/services/x11/desktop-managers/pantheon.nix
View file

@ -5,6 +5,7 @@ with lib;
let let
cfg = config.services.xserver.desktopManager.pantheon; cfg = config.services.xserver.desktopManager.pantheon;
serviceCfg = config.services.pantheon;
nixos-gsettings-desktop-schemas = pkgs.pantheon.elementary-gsettings-schemas.override { nixos-gsettings-desktop-schemas = pkgs.pantheon.elementary-gsettings-schemas.override {
extraGSettingsOverridePackages = cfg.extraGSettingsOverridePackages; extraGSettingsOverridePackages = cfg.extraGSettingsOverridePackages;
@ -19,6 +20,16 @@ in
options = { options = {
services.pantheon = {
contractor = {
enable = mkEnableOption "contractor, a desktop-wide extension service used by Pantheon";
};
apps.enable = mkEnableOption "Pantheon default applications";
};
services.xserver.desktopManager.pantheon = { services.xserver.desktopManager.pantheon = {
enable = mkOption { enable = mkOption {
type = types.bool; type = types.bool;
@ -41,6 +52,18 @@ in
]; ];
}; };
extraWingpanelIndicators = mkOption {
default = null;
type = with types; nullOr (listOf package);
description = "Indicators to add to Wingpanel.";
};
extraSwitchboardPlugs = mkOption {
default = null;
type = with types; nullOr (listOf package);
description = "Plugs to add to Switchboard.";
};
extraGSettingsOverrides = mkOption { extraGSettingsOverrides = mkOption {
default = ""; default = "";
type = types.lines; type = types.lines;
@ -67,124 +90,88 @@ in
}; };
config = mkIf cfg.enable { config = mkMerge [
(mkIf cfg.enable {
services.xserver.displayManager.sessionPackages = [ pkgs.pantheon.elementary-session-settings ]; services.xserver.displayManager.sessionPackages = [ pkgs.pantheon.elementary-session-settings ];
# Ensure lightdm is used when Pantheon is enabled # Ensure lightdm is used when Pantheon is enabled
# Without it screen locking will be nonfunctional because of the use of lightlocker # Without it screen locking will be nonfunctional because of the use of lightlocker
warnings = optional (config.services.xserver.displayManager.lightdm.enable != true)
''
Using Pantheon without LightDM as a displayManager will break screenlocking from the UI.
'';
warnings = optional (config.services.xserver.displayManager.lightdm.enable != true) services.xserver.displayManager.lightdm.greeters.pantheon.enable = mkDefault true;
''
Using Pantheon without LightDM as a displayManager will break screenlocking from the UI. # Without this, elementary LightDM greeter will pre-select non-existent `default` session
# https://github.com/elementary/greeter/issues/368
services.xserver.displayManager.defaultSession = "pantheon";
services.xserver.displayManager.sessionCommands = ''
if test "$XDG_CURRENT_DESKTOP" = "Pantheon"; then
${concatMapStrings (p: ''
if [ -d "${p}/share/gsettings-schemas/${p.name}" ]; then
export XDG_DATA_DIRS=$XDG_DATA_DIRS''${XDG_DATA_DIRS:+:}${p}/share/gsettings-schemas/${p.name}
fi
if [ -d "${p}/lib/girepository-1.0" ]; then
export GI_TYPELIB_PATH=$GI_TYPELIB_PATH''${GI_TYPELIB_PATH:+:}${p}/lib/girepository-1.0
export LD_LIBRARY_PATH=$LD_LIBRARY_PATH''${LD_LIBRARY_PATH:+:}${p}/lib
fi
'') cfg.sessionPath}
fi
''; '';
services.xserver.displayManager.lightdm.greeters.pantheon.enable = mkDefault true; # Default services
hardware.bluetooth.enable = mkDefault true;
hardware.pulseaudio.enable = mkDefault true;
security.polkit.enable = true;
services.accounts-daemon.enable = true;
services.bamf.enable = true;
services.colord.enable = mkDefault true;
services.tumbler.enable = mkDefault true;
services.system-config-printer.enable = (mkIf config.services.printing.enable (mkDefault true));
services.dbus.packages = with pkgs.pantheon; [
switchboard-plug-power
elementary-default-settings # accountsservice extensions
];
services.pantheon.apps.enable = mkDefault true;
services.pantheon.contractor.enable = mkDefault true;
services.gnome3.at-spi2-core.enable = true;
services.gnome3.evolution-data-server.enable = true;
services.gnome3.glib-networking.enable = true;
services.gnome3.gnome-keyring.enable = true;
services.gvfs.enable = true;
services.gnome3.rygel.enable = mkDefault true;
services.gsignond.enable = mkDefault true;
services.gsignond.plugins = with pkgs.gsignondPlugins; [ lastfm mail oauth ];
services.udisks2.enable = true;
services.upower.enable = config.powerManagement.enable;
services.xserver.libinput.enable = mkDefault true;
services.xserver.updateDbusEnvironment = true;
services.zeitgeist.enable = mkDefault true;
services.geoclue2.enable = mkDefault true;
# pantheon has pantheon-agent-geoclue2
services.geoclue2.enableDemoAgent = false;
services.geoclue2.appConfig."io.elementary.desktop.agent-geoclue2" = {
isAllowed = true;
isSystem = true;
};
# Use gnome-settings-daemon fork
services.udev.packages = [
pkgs.pantheon.elementary-settings-daemon
];
systemd.packages = [
pkgs.pantheon.elementary-settings-daemon
];
programs.dconf.enable = true;
networking.networkmanager.enable = mkDefault true;
# Without this, Elementary LightDM greeter will pre-select non-existent `default` session # Global environment
# https://github.com/elementary/greeter/issues/368 environment.systemPackages = with pkgs; [
services.xserver.displayManager.defaultSession = "pantheon";
services.xserver.displayManager.sessionCommands = ''
if test "$XDG_CURRENT_DESKTOP" = "Pantheon"; then
${concatMapStrings (p: ''
if [ -d "${p}/share/gsettings-schemas/${p.name}" ]; then
export XDG_DATA_DIRS=$XDG_DATA_DIRS''${XDG_DATA_DIRS:+:}${p}/share/gsettings-schemas/${p.name}
fi
if [ -d "${p}/lib/girepository-1.0" ]; then
export GI_TYPELIB_PATH=$GI_TYPELIB_PATH''${GI_TYPELIB_PATH:+:}${p}/lib/girepository-1.0
export LD_LIBRARY_PATH=$LD_LIBRARY_PATH''${LD_LIBRARY_PATH:+:}${p}/lib
fi
'') cfg.sessionPath}
fi
'';
hardware.bluetooth.enable = mkDefault true;
hardware.pulseaudio.enable = mkDefault true;
security.polkit.enable = true;
services.accounts-daemon.enable = true;
services.bamf.enable = true;
services.colord.enable = mkDefault true;
services.pantheon.files.enable = mkDefault true;
services.tumbler.enable = mkDefault true;
services.system-config-printer.enable = (mkIf config.services.printing.enable (mkDefault true));
services.dbus.packages = with pkgs.pantheon; [
switchboard-plug-power
elementary-default-settings
];
services.pantheon.contractor.enable = mkDefault true;
services.gnome3.at-spi2-core.enable = true;
services.gnome3.evolution-data-server.enable = true;
services.gnome3.glib-networking.enable = true;
# TODO: gnome-keyring's xdg autostarts will still be in the environment (from elementary-session-settings) if disabled forcefully
services.gnome3.gnome-keyring.enable = true;
services.gnome3.gnome-settings-daemon.enable = true;
services.udev.packages = [ pkgs.pantheon.elementary-settings-daemon ];
services.gvfs.enable = true;
services.gnome3.rygel.enable = mkDefault true;
services.gsignond.enable = mkDefault true;
services.gsignond.plugins = with pkgs.gsignondPlugins; [ lastfm mail oauth ];
services.udisks2.enable = true;
services.upower.enable = config.powerManagement.enable;
services.xserver.libinput.enable = mkDefault true;
services.xserver.updateDbusEnvironment = true;
services.zeitgeist.enable = mkDefault true;
services.geoclue2.enable = mkDefault true;
# pantheon has pantheon-agent-geoclue2
services.geoclue2.enableDemoAgent = false;
services.geoclue2.appConfig."io.elementary.desktop.agent-geoclue2" = {
isAllowed = true;
isSystem = true;
};
programs.dconf.enable = true;
programs.evince.enable = mkDefault true;
programs.file-roller.enable = mkDefault true;
# Otherwise you can't store NetworkManager Secrets with
# "Store the password only for this user"
programs.nm-applet.enable = true;
# Shell integration for VTE terminals
programs.bash.vteIntegration = mkDefault true;
programs.zsh.vteIntegration = mkDefault true;
# Harmonize Qt5 applications under Pantheon
qt5.enable = true;
qt5.platformTheme = "gnome";
qt5.style = "adwaita";
networking.networkmanager.enable = mkDefault true;
# Override GSettings schemas
environment.sessionVariables.NIX_GSETTINGS_OVERRIDES_DIR = "${nixos-gsettings-desktop-schemas}/share/gsettings-schemas/nixos-gsettings-overrides/glib-2.0/schemas";
environment.sessionVariables.GNOME_SESSION_DEBUG = mkIf cfg.debug "1";
# Settings from elementary-default-settings
environment.sessionVariables.GTK_CSD = "1";
environment.sessionVariables.GTK3_MODULES = [ "pantheon-filechooser-module" ];
environment.etc."gtk-3.0/settings.ini".source = "${pkgs.pantheon.elementary-default-settings}/etc/gtk-3.0/settings.ini";
environment.pathsToLink = [
# FIXME: modules should link subdirs of `/share` rather than relying on this
"/share"
];
environment.systemPackages =
pkgs.pantheon.artwork ++ pkgs.pantheon.desktop ++ pkgs.pantheon.services ++ cfg.sessionPath
++ (with pkgs; gnome3.removePackagesByName
([
gnome3.geary
gnome3.epiphany
gnome3.gnome-font-viewer
] ++ pantheon.apps) config.environment.pantheon.excludePackages)
++ (with pkgs;
[
adwaita-qt
desktop-file-utils desktop-file-utils
glib glib
glib-networking
gnome-menus gnome-menus
gnome3.adwaita-icon-theme gnome3.adwaita-icon-theme
gtk3.out gtk3.out
@ -196,19 +183,111 @@ in
shared-mime-info shared-mime-info
sound-theme-freedesktop sound-theme-freedesktop
xdg-user-dirs xdg-user-dirs
]); ] ++ (with pkgs.pantheon; [
# Artwork
elementary-gtk-theme
elementary-icon-theme
elementary-sound-theme
elementary-wallpapers
fonts.fonts = with pkgs; [ # Desktop
open-sans elementary-default-settings
roboto-mono elementary-session-settings
pantheon.elementary-redacted-script # needed by screenshot-tool elementary-shortcut-overlay
]; gala
(switchboard-with-plugs.override {
plugs = cfg.extraSwitchboardPlugs;
})
(wingpanel-with-indicators.override {
indicators = cfg.extraWingpanelIndicators;
})
fonts.fontconfig.defaultFonts = { # Services
monospace = [ "Roboto Mono" ]; cerbere
sansSerif = [ "Open Sans" ]; elementary-capnet-assist
}; elementary-dpms-helper
elementary-settings-daemon
pantheon-agent-geoclue2
pantheon-agent-polkit
]) ++ (gnome3.removePackagesByName [
gnome3.geary
gnome3.epiphany
gnome3.gnome-font-viewer
] config.environment.pantheon.excludePackages);
}; programs.evince.enable = mkDefault true;
programs.file-roller.enable = mkDefault true;
# Settings from elementary-default-settings
environment.sessionVariables.GTK_CSD = "1";
environment.sessionVariables.GTK3_MODULES = [ "pantheon-filechooser-module" ];
environment.etc."gtk-3.0/settings.ini".source = "${pkgs.pantheon.elementary-default-settings}/etc/gtk-3.0/settings.ini";
# Override GSettings schemas
environment.sessionVariables.NIX_GSETTINGS_OVERRIDES_DIR = "${nixos-gsettings-desktop-schemas}/share/gsettings-schemas/nixos-gsettings-overrides/glib-2.0/schemas";
environment.sessionVariables.GNOME_SESSION_DEBUG = mkIf cfg.debug "1";
environment.pathsToLink = [
# FIXME: modules should link subdirs of `/share` rather than relying on this
"/share"
];
# Otherwise you can't store NetworkManager Secrets with
# "Store the password only for this user"
programs.nm-applet.enable = true;
# Shell integration for VTE terminals
programs.bash.vteIntegration = mkDefault true;
programs.zsh.vteIntegration = mkDefault true;
# Harmonize Qt5 applications under Pantheon
qt5.enable = true;
qt5.platformTheme = "gnome";
qt5.style = "adwaita";
# Default Fonts
fonts.fonts = with pkgs; [
open-sans
roboto-mono
];
fonts.fontconfig.defaultFonts = {
monospace = [ "Roboto Mono" ];
sansSerif = [ "Open Sans" ];
};
})
(mkIf serviceCfg.apps.enable {
environment.systemPackages = (with pkgs.pantheon; pkgs.gnome3.removePackagesByName [
elementary-calculator
elementary-calendar
elementary-camera
elementary-code
elementary-files
elementary-music
elementary-photos
elementary-screenshot-tool
elementary-terminal
elementary-videos
] config.environment.pantheon.excludePackages);
# needed by screenshot-tool
fonts.fonts = [
pkgs.pantheon.elementary-redacted-script
];
})
(mkIf serviceCfg.contractor.enable {
environment.systemPackages = with pkgs.pantheon; [
contractor
extra-elementary-contracts
];
environment.pathsToLink = [
"/share/contractor"
];
})
];
} }

2
nixos/modules/services/x11/imwheel.nix
View file

@ -10,7 +10,7 @@ in
extraOptions = mkOption { extraOptions = mkOption {
type = types.listOf types.str; type = types.listOf types.str;
default = [ "--buttons 45" ]; default = [ "--buttons=45" ];
example = [ "--debug" ]; example = [ "--debug" ];
description = '' description = ''
Additional command-line arguments to pass to Additional command-line arguments to pass to

2
nixos/modules/system/boot/systemd-nspawn.nix
View file

@ -126,7 +126,7 @@ in {
systemd.services."systemd-nspawn@".serviceConfig.ExecStart = [ systemd.services."systemd-nspawn@".serviceConfig.ExecStart = [
"" # deliberately empty. signals systemd to override the ExecStart "" # deliberately empty. signals systemd to override the ExecStart
# Only difference between upstream is that we do not pass the -U flag # Only difference between upstream is that we do not pass the -U flag
"${pkgs.systemd}/bin/systemd-nspawn --quiet --keep-unit --boot --link-journal=try-guest --network-veth --settings=override --machine=%i" "${config.systemd.package}/bin/systemd-nspawn --quiet --keep-unit --boot --link-journal=try-guest --network-veth --settings=override --machine=%i"
]; ];
} }
]; ];

127
nixos/modules/tasks/kbd.nix
View file

@ -1,127 +0,0 @@
{ config, lib, pkgs, ... }:
with lib;
let
makeColor = n: value: "COLOR_${toString n}=${value}";
makeColorCS =
let positions = [ "0" "1" "2" "3" "4" "5" "6" "7" "8" "9" "A" "B" "C" "D" "E" "F" ];
in n: value: "\\033]P${elemAt positions (n - 1)}${value}";
colors = concatImapStringsSep "\n" makeColor config.i18n.consoleColors;
isUnicode = hasSuffix "UTF-8" (toUpper config.i18n.defaultLocale);
optimizedKeymap = pkgs.runCommand "keymap" {
nativeBuildInputs = [ pkgs.buildPackages.kbd ];
LOADKEYS_KEYMAP_PATH = "${kbdEnv}/share/keymaps/**";
preferLocalBuild = true;
} ''
loadkeys -b ${optionalString isUnicode "-u"} "${config.i18n.consoleKeyMap}" > $out
'';
# Sadly, systemd-vconsole-setup doesn't support binary keymaps.
vconsoleConf = pkgs.writeText "vconsole.conf" ''
KEYMAP=${config.i18n.consoleKeyMap}
FONT=${config.i18n.consoleFont}
${colors}
'';
kbdEnv = pkgs.buildEnv {
name = "kbd-env";
paths = [ pkgs.kbd ] ++ config.i18n.consolePackages;
pathsToLink = [ "/share/consolefonts" "/share/consoletrans" "/share/keymaps" "/share/unimaps" ];
};
setVconsole = !config.boot.isContainer;
in
{
###### interface
options = {
# most options are defined in i18n.nix
# FIXME: still needed?
boot.extraTTYs = mkOption {
default = [];
type = types.listOf types.str;
example = ["tty8" "tty9"];
description = ''
Tty (virtual console) devices, in addition to the consoles on
which mingetty and syslogd run, that must be initialised.
Only useful if you have some program that you want to run on
some fixed console. For example, the NixOS installation CD
opens the manual in a web browser on console 7, so it sets
<option>boot.extraTTYs</option> to <literal>["tty7"]</literal>.
'';
};
boot.earlyVconsoleSetup = mkOption {
default = false;
type = types.bool;
description = ''
Enable setting font as early as possible (in initrd).
'';
};
};
###### implementation
config = mkMerge [
(mkIf (!setVconsole) {
systemd.services.systemd-vconsole-setup.enable = false;
})
(mkIf setVconsole (mkMerge [
{ environment.systemPackages = [ pkgs.kbd ];
# Let systemd-vconsole-setup.service do the work of setting up the
# virtual consoles.
environment.etc."vconsole.conf".source = vconsoleConf;
# Provide kbd with additional packages.
environment.etc.kbd.source = "${kbdEnv}/share";
boot.initrd.preLVMCommands = mkBefore ''
kbd_mode ${if isUnicode then "-u" else "-a"} -C /dev/console
printf "\033%%${if isUnicode then "G" else "@"}" >> /dev/console
loadkmap < ${optimizedKeymap}
${optionalString config.boot.earlyVconsoleSetup ''
setfont -C /dev/console $extraUtils/share/consolefonts/font.psf
''}
${concatImapStringsSep "\n" (n: color: ''
printf "${makeColorCS n color}" >> /dev/console
'') config.i18n.consoleColors}
'';
systemd.services.systemd-vconsole-setup =
{ before = [ "display-manager.service" ];
after = [ "systemd-udev-settle.service" ];
restartTriggers = [ vconsoleConf kbdEnv ];
};
}
(mkIf config.boot.earlyVconsoleSetup {
boot.initrd.extraUtilsCommands = ''
mkdir -p $out/share/consolefonts
${if substring 0 1 config.i18n.consoleFont == "/" then ''
font="${config.i18n.consoleFont}"
'' else ''
font="$(echo ${kbdEnv}/share/consolefonts/${config.i18n.consoleFont}.*)"
''}
if [[ $font == *.gz ]]; then
gzip -cd $font > $out/share/consolefonts/font.psf
else
cp -L $font $out/share/consolefonts/font.psf
fi
'';
})
]))
];
}

2
nixos/modules/virtualisation/lxc.nix
View file

@ -58,7 +58,7 @@ in
'' ''
This is the config file for managing unprivileged user network This is the config file for managing unprivileged user network
administration access in LXC. See <citerefentry> administration access in LXC. See <citerefentry>
<refentrytitle>lxc-user-net</refentrytitle><manvolnum>5</manvolnum> <refentrytitle>lxc-usernet</refentrytitle><manvolnum>5</manvolnum>
</citerefentry>. </citerefentry>.
''; '';
}; };

162
nixos/tests/3proxy.nix Normal file
View file

@ -0,0 +1,162 @@
import ./make-test.nix ({ pkgs, ...} : {
name = "3proxy";
meta = with pkgs.stdenv.lib.maintainers; {
maintainers = [ misuzu ];
};
nodes = {
peer0 = { lib, ... }: {
networking.useDHCP = false;
networking.interfaces.eth1 = {
ipv4.addresses = [
{
address = "192.168.0.1";
prefixLength = 24;
}
{
address = "216.58.211.111";
prefixLength = 24;
}
];
};
};
peer1 = { lib, ... }: {
networking.useDHCP = false;
networking.interfaces.eth1 = {
ipv4.addresses = [
{
address = "192.168.0.2";
prefixLength = 24;
}
{
address = "216.58.211.112";
prefixLength = 24;
}
];
};
# test that binding to [::] is working when ipv6 is disabled
networking.enableIPv6 = false;
services._3proxy = {
enable = true;
services = [
{
type = "admin";
bindPort = 9999;
auth = [ "none" ];
}
{
type = "proxy";
bindPort = 3128;
auth = [ "none" ];
}
];
};
networking.firewall.allowedTCPPorts = [ 3128 9999 ];
};
peer2 = { lib, ... }: {
networking.useDHCP = false;
networking.interfaces.eth1 = {
ipv4.addresses = [
{
address = "192.168.0.3";
prefixLength = 24;
}
{
address = "216.58.211.113";
prefixLength = 24;
}
];
};
services._3proxy = {
enable = true;
services = [
{
type = "admin";
bindPort = 9999;
auth = [ "none" ];
}
{
type = "proxy";
bindPort = 3128;
auth = [ "iponly" ];
acl = [
{
rule = "allow";
}
];
}
];
};
networking.firewall.allowedTCPPorts = [ 3128 9999 ];
};
peer3 = { lib, ... }: {
networking.useDHCP = false;
networking.interfaces.eth1 = {
ipv4.addresses = [
{
address = "192.168.0.4";
prefixLength = 24;
}
{
address = "216.58.211.114";
prefixLength = 24;
}
];
};
services._3proxy = {
enable = true;
usersFile = pkgs.writeText "3proxy.passwd" ''
admin:CR:$1$.GUV4Wvk$WnEVQtaqutD9.beO5ar1W/
'';
services = [
{
type = "admin";
bindPort = 9999;
auth = [ "none" ];
}
{
type = "proxy";
bindPort = 3128;
auth = [ "strong" ];
acl = [
{
rule = "allow";
}
];
}
];
};
networking.firewall.allowedTCPPorts = [ 3128 9999 ];
};
};
testScript = ''
startAll;
$peer1->waitForUnit("3proxy.service");
# test none auth
$peer0->succeed("${pkgs.wget}/bin/wget -e use_proxy=yes -e http_proxy=http://192.168.0.2:3128 -S -O /dev/null http://216.58.211.112:9999");
$peer0->succeed("${pkgs.wget}/bin/wget -e use_proxy=yes -e http_proxy=http://192.168.0.2:3128 -S -O /dev/null http://192.168.0.2:9999");
$peer0->succeed("${pkgs.wget}/bin/wget -e use_proxy=yes -e http_proxy=http://192.168.0.2:3128 -S -O /dev/null http://127.0.0.1:9999");
$peer2->waitForUnit("3proxy.service");
# test iponly auth
$peer0->succeed("${pkgs.wget}/bin/wget -e use_proxy=yes -e http_proxy=http://192.168.0.3:3128 -S -O /dev/null http://216.58.211.113:9999");
$peer0->fail("${pkgs.wget}/bin/wget -e use_proxy=yes -e http_proxy=http://192.168.0.3:3128 -S -O /dev/null http://192.168.0.3:9999");
$peer0->fail("${pkgs.wget}/bin/wget -e use_proxy=yes -e http_proxy=http://192.168.0.3:3128 -S -O /dev/null http://127.0.0.1:9999");
$peer3->waitForUnit("3proxy.service");
# test strong auth
$peer0->succeed("${pkgs.wget}/bin/wget -e use_proxy=yes -e http_proxy=http://admin:bigsecret\@192.168.0.4:3128 -S -O /dev/null http://216.58.211.114:9999");
$peer0->fail("${pkgs.wget}/bin/wget -e use_proxy=yes -e http_proxy=http://admin:bigsecret\@192.168.0.4:3128 -S -O /dev/null http://192.168.0.4:9999");
$peer0->fail("${pkgs.wget}/bin/wget -e use_proxy=yes -e http_proxy=http://192.168.0.4:3128 -S -O /dev/null http://216.58.211.114:9999");
$peer0->fail("${pkgs.wget}/bin/wget -e use_proxy=yes -e http_proxy=http://192.168.0.4:3128 -S -O /dev/null http://192.168.0.4:9999");
$peer0->fail("${pkgs.wget}/bin/wget -e use_proxy=yes -e http_proxy=http://192.168.0.4:3128 -S -O /dev/null http://127.0.0.1:9999");
'';
})

3
nixos/tests/all-tests.nix
View file

@ -21,6 +21,7 @@ let
else {}; else {};
in in
{ {
_3proxy = handleTest ./3proxy.nix {};
acme = handleTestOn ["x86_64-linux"] ./acme.nix {}; acme = handleTestOn ["x86_64-linux"] ./acme.nix {};
atd = handleTest ./atd.nix {}; atd = handleTest ./atd.nix {};
automysqlbackup = handleTest ./automysqlbackup.nix {}; automysqlbackup = handleTest ./automysqlbackup.nix {};
@ -256,6 +257,7 @@ in
smokeping = handleTest ./smokeping.nix {}; smokeping = handleTest ./smokeping.nix {};
snapper = handleTest ./snapper.nix {}; snapper = handleTest ./snapper.nix {};
solr = handleTest ./solr.nix {}; solr = handleTest ./solr.nix {};
spacecookie = handleTest ./spacecookie.nix {};
sonarr = handleTest ./sonarr.nix {}; sonarr = handleTest ./sonarr.nix {};
strongswan-swanctl = handleTest ./strongswan-swanctl.nix {}; strongswan-swanctl = handleTest ./strongswan-swanctl.nix {};
sudo = handleTest ./sudo.nix {}; sudo = handleTest ./sudo.nix {};
@ -277,6 +279,7 @@ in
tor = handleTest ./tor.nix {}; tor = handleTest ./tor.nix {};
transmission = handleTest ./transmission.nix {}; transmission = handleTest ./transmission.nix {};
trac = handleTest ./trac.nix {}; trac = handleTest ./trac.nix {};
trilium-server = handleTestOn ["x86_64-linux"] ./trilium-server.nix {};
trezord = handleTest ./trezord.nix {}; trezord = handleTest ./trezord.nix {};
trickster = handleTest ./trickster.nix {}; trickster = handleTest ./trickster.nix {};
udisks2 = handleTest ./udisks2.nix {}; udisks2 = handleTest ./udisks2.nix {};

28
nixos/tests/hydra/default.nix
View file

@ -34,7 +34,7 @@ let
}; };
tests = pkgs.lib.flip pkgs.lib.mapAttrs hydraPkgs (name: nix: tests = pkgs.lib.flip pkgs.lib.mapAttrs hydraPkgs (name: nix:
callTest (import ../make-test.nix ({ pkgs, lib, ... }: callTest (import ../make-test-python.nix ({ pkgs, lib, ... }:
{ {
name = "hydra-with-${name}"; name = "hydra-with-${name}";
meta = with pkgs.stdenv.lib.maintainers; { meta = with pkgs.stdenv.lib.maintainers; {
@ -73,26 +73,30 @@ let
testScript = '' testScript = ''
# let the system boot up # let the system boot up
$machine->waitForUnit("multi-user.target"); machine.wait_for_unit("multi-user.target")
# test whether the database is running # test whether the database is running
$machine->waitForUnit("postgresql.service"); machine.wait_for_unit("postgresql.service")
# test whether the actual hydra daemons are running # test whether the actual hydra daemons are running
$machine->waitForUnit("hydra-init.service"); machine.wait_for_unit("hydra-init.service")
$machine->requireActiveUnit("hydra-queue-runner.service"); machine.require_unit_state("hydra-queue-runner.service")
$machine->requireActiveUnit("hydra-evaluator.service"); machine.require_unit_state("hydra-evaluator.service")
$machine->requireActiveUnit("hydra-notify.service"); machine.require_unit_state("hydra-notify.service")
$machine->succeed("hydra-create-user admin --role admin --password admin"); machine.succeed("hydra-create-user admin --role admin --password admin")
# create a project with a trivial job # create a project with a trivial job
$machine->waitForOpenPort(3000); machine.wait_for_open_port(3000)
# make sure the build as been successfully built # make sure the build as been successfully built
$machine->succeed("create-trivial-project.sh"); machine.succeed("create-trivial-project.sh")
$machine->waitUntilSucceeds('curl -L -s http://localhost:3000/build/1 -H "Accept: application/json" | jq .buildstatus | xargs test 0 -eq'); machine.wait_until_succeeds(
'curl -L -s http://localhost:3000/build/1 -H "Accept: application/json" | jq .buildstatus | xargs test 0 -eq'
)
$machine->waitUntilSucceeds('journalctl -eu hydra-notify.service -o cat | grep -q "sending mail notification to hydra@localhost"'); machine.wait_until_succeeds(
'journalctl -eu hydra-notify.service -o cat | grep -q "sending mail notification to hydra@localhost"'
)
''; '';
}))); })));

28
nixos/tests/mutable-users.nix
View file

@ -1,6 +1,6 @@
# Mutable users tests. # Mutable users tests.
import ./make-test.nix ({ pkgs, ...} : { import ./make-test-python.nix ({ pkgs, ...} : {
name = "mutable-users"; name = "mutable-users";
meta = with pkgs.stdenv.lib.maintainers; { meta = with pkgs.stdenv.lib.maintainers; {
maintainers = [ gleber ]; maintainers = [ gleber ];
@ -19,21 +19,27 @@ import ./make-test.nix ({ pkgs, ...} : {
immutableSystem = nodes.machine.config.system.build.toplevel; immutableSystem = nodes.machine.config.system.build.toplevel;
mutableSystem = nodes.mutable.config.system.build.toplevel; mutableSystem = nodes.mutable.config.system.build.toplevel;
in '' in ''
$machine->start(); machine.start()
$machine->waitForUnit("default.target"); machine.wait_for_unit("default.target")
# Machine starts in immutable mode. Add a user and test if reactivating # Machine starts in immutable mode. Add a user and test if reactivating
# configuration removes the user. # configuration removes the user.
$machine->fail("cat /etc/passwd | grep ^foobar:"); with subtest("Machine in immutable mode"):
$machine->succeed("sudo useradd foobar"); assert "foobar" not in machine.succeed("cat /etc/passwd")
$machine->succeed("cat /etc/passwd | grep ^foobar:"); machine.succeed("sudo useradd foobar")
$machine->succeed("${immutableSystem}/bin/switch-to-configuration test"); assert "foobar" in machine.succeed("cat /etc/passwd")
$machine->fail("cat /etc/passwd | grep ^foobar:"); machine.succeed(
"${immutableSystem}/bin/switch-to-configuration test"
)
assert "foobar" not in machine.succeed("cat /etc/passwd")
# In immutable mode passwd is not wrapped, while in mutable mode it is # In immutable mode passwd is not wrapped, while in mutable mode it is
# wrapped. # wrapped.
$machine->succeed('which passwd | grep /run/current-system/'); with subtest("Password is wrapped in mutable mode"):
$machine->succeed("${mutableSystem}/bin/switch-to-configuration test"); assert "/run/current-system/" in machine.succeed("which passwd")
$machine->succeed('which passwd | grep /run/wrappers/'); machine.succeed(
"${mutableSystem}/bin/switch-to-configuration test"
)
assert "/run/wrappers/" in machine.succeed("which passwd")
''; '';
}) })

17
nixos/tests/mxisd.nix
View file

@ -1,4 +1,4 @@
import ./make-test.nix ({ pkgs, ... } : { import ./make-test-python.nix ({ pkgs, ... } : {
name = "mxisd"; name = "mxisd";
meta = with pkgs.stdenv.lib.maintainers; { meta = with pkgs.stdenv.lib.maintainers; {
@ -19,13 +19,12 @@ import ./make-test.nix ({ pkgs, ... } : {
}; };
testScript = '' testScript = ''
startAll; start_all()
$server_mxisd->waitForUnit("mxisd.service"); server_mxisd.wait_for_unit("mxisd.service")
$server_mxisd->waitForOpenPort(8090); server_mxisd.wait_for_open_port(8090)
$server_mxisd->succeed("curl -Ssf \"http://127.0.0.1:8090/_matrix/identity/api/v1\""); server_mxisd.succeed("curl -Ssf 'http://127.0.0.1:8090/_matrix/identity/api/v1'")
$server_ma1sd->waitForUnit("mxisd.service"); server_ma1sd.wait_for_unit("mxisd.service")
$server_ma1sd->waitForOpenPort(8090); server_ma1sd.wait_for_open_port(8090)
$server_ma1sd->succeed("curl -Ssf \"http://127.0.0.1:8090/_matrix/identity/api/v1\"") server_ma1sd.succeed("curl -Ssf 'http://127.0.0.1:8090/_matrix/identity/api/v1'")
''; '';
}) })

36
nixos/tests/nesting.nix
View file

@ -1,4 +1,4 @@
import ./make-test.nix { import ./make-test-python.nix {
name = "nesting"; name = "nesting";
nodes = { nodes = {
clone = { pkgs, ... }: { clone = { pkgs, ... }: {
@ -19,24 +19,26 @@ import ./make-test.nix {
}; };
}; };
testScript = '' testScript = ''
$clone->waitForUnit("default.target"); clone.wait_for_unit("default.target")
$clone->succeed("cowsay hey"); clone.succeed("cowsay hey")
$clone->fail("hello"); clone.fail("hello")
# Nested clones do inherit from parent with subtest("Nested clones do inherit from parent"):
$clone->succeed("/run/current-system/fine-tune/child-1/bin/switch-to-configuration test"); clone.succeed(
$clone->succeed("cowsay hey"); "/run/current-system/fine-tune/child-1/bin/switch-to-configuration test"
$clone->succeed("hello"); )
clone.succeed("cowsay hey")
clone.succeed("hello")
children.wait_for_unit("default.target")
children.succeed("cowsay hey")
children.fail("hello")
$children->waitForUnit("default.target"); with subtest("Nested children do not inherit from parent"):
$children->succeed("cowsay hey"); children.succeed(
$children->fail("hello"); "/run/current-system/fine-tune/child-1/bin/switch-to-configuration test"
)
# Nested children do not inherit from parent children.fail("cowsay hey")
$children->succeed("/run/current-system/fine-tune/child-1/bin/switch-to-configuration test"); children.succeed("hello")
$children->fail("cowsay hey");
$children->succeed("hello");
''; '';
} }

429
nixos/tests/networking.nix
View file

@ -4,7 +4,7 @@
# bool: whether to use networkd in the tests # bool: whether to use networkd in the tests
, networkd }: , networkd }:
with import ../lib/testing.nix { inherit system pkgs; }; with import ../lib/testing-python.nix { inherit system pkgs; };
with pkgs.lib; with pkgs.lib;
let let
@ -75,10 +75,11 @@ let
machine.networking.useDHCP = false; machine.networking.useDHCP = false;
machine.networking.useNetworkd = networkd; machine.networking.useNetworkd = networkd;
testScript = '' testScript = ''
startAll; start_all()
$machine->waitForUnit("network.target"); machine.wait_for_unit("network.target")
$machine->succeed("ip addr show lo | grep -q 'inet 127.0.0.1/8 '"); loopback_addresses = machine.succeed("ip addr show lo")
$machine->succeed("ip addr show lo | grep -q 'inet6 ::1/128 '"); assert "inet 127.0.0.1/8" in loopback_addresses
assert "inet6 ::1/128" in loopback_addresses
''; '';
}; };
static = { static = {
@ -102,35 +103,35 @@ let
}; };
testScript = { ... }: testScript = { ... }:
'' ''
startAll; start_all()
$client->waitForUnit("network.target"); client.wait_for_unit("network.target")
$router->waitForUnit("network-online.target"); router.wait_for_unit("network-online.target")
# Make sure dhcpcd is not started with subtest("Make sure dhcpcd is not started"):
$client->fail("systemctl status dhcpcd.service"); client.fail("systemctl status dhcpcd.service")
# Test vlan 1 with subtest("Test vlan 1"):
$client->waitUntilSucceeds("ping -c 1 192.168.1.1"); client.wait_until_succeeds("ping -c 1 192.168.1.1")
$client->waitUntilSucceeds("ping -c 1 192.168.1.2"); client.wait_until_succeeds("ping -c 1 192.168.1.2")
$client->waitUntilSucceeds("ping -c 1 192.168.1.3"); client.wait_until_succeeds("ping -c 1 192.168.1.3")
$client->waitUntilSucceeds("ping -c 1 192.168.1.10"); client.wait_until_succeeds("ping -c 1 192.168.1.10")
$router->waitUntilSucceeds("ping -c 1 192.168.1.1"); router.wait_until_succeeds("ping -c 1 192.168.1.1")
$router->waitUntilSucceeds("ping -c 1 192.168.1.2"); router.wait_until_succeeds("ping -c 1 192.168.1.2")
$router->waitUntilSucceeds("ping -c 1 192.168.1.3"); router.wait_until_succeeds("ping -c 1 192.168.1.3")
$router->waitUntilSucceeds("ping -c 1 192.168.1.10"); router.wait_until_succeeds("ping -c 1 192.168.1.10")
# Test vlan 2 with subtest("Test vlan 2"):
$client->waitUntilSucceeds("ping -c 1 192.168.2.1"); client.wait_until_succeeds("ping -c 1 192.168.2.1")
$client->waitUntilSucceeds("ping -c 1 192.168.2.2"); client.wait_until_succeeds("ping -c 1 192.168.2.2")
$router->waitUntilSucceeds("ping -c 1 192.168.2.1"); router.wait_until_succeeds("ping -c 1 192.168.2.1")
$router->waitUntilSucceeds("ping -c 1 192.168.2.2"); router.wait_until_succeeds("ping -c 1 192.168.2.2")
# Test default gateway with subtest("Test default gateway"):
$router->waitUntilSucceeds("ping -c 1 192.168.3.1"); router.wait_until_succeeds("ping -c 1 192.168.3.1")
$client->waitUntilSucceeds("ping -c 1 192.168.3.1"); client.wait_until_succeeds("ping -c 1 192.168.3.1")
''; '';
}; };
dhcpSimple = { dhcpSimple = {
@ -155,38 +156,38 @@ let
}; };
testScript = { ... }: testScript = { ... }:
'' ''
startAll; start_all()
$client->waitForUnit("network.target"); client.wait_for_unit("network.target")
$router->waitForUnit("network-online.target"); router.wait_for_unit("network-online.target")
# Wait until we have an ip address on each interface with subtest("Wait until we have an ip address on each interface"):
$client->waitUntilSucceeds("ip addr show dev eth1 | grep -q '192.168.1'"); client.wait_until_succeeds("ip addr show dev eth1 | grep -q '192.168.1'")
$client->waitUntilSucceeds("ip addr show dev eth1 | grep -q 'fd00:1234:5678:1:'"); client.wait_until_succeeds("ip addr show dev eth1 | grep -q 'fd00:1234:5678:1:'")
$client->waitUntilSucceeds("ip addr show dev eth2 | grep -q '192.168.2'"); client.wait_until_succeeds("ip addr show dev eth2 | grep -q '192.168.2'")
$client->waitUntilSucceeds("ip addr show dev eth2 | grep -q 'fd00:1234:5678:2:'"); client.wait_until_succeeds("ip addr show dev eth2 | grep -q 'fd00:1234:5678:2:'")
# Test vlan 1 with subtest("Test vlan 1"):
$client->waitUntilSucceeds("ping -c 1 192.168.1.1"); client.wait_until_succeeds("ping -c 1 192.168.1.1")
$client->waitUntilSucceeds("ping -c 1 192.168.1.2"); client.wait_until_succeeds("ping -c 1 192.168.1.2")
$client->waitUntilSucceeds("ping -c 1 fd00:1234:5678:1::1"); client.wait_until_succeeds("ping -c 1 fd00:1234:5678:1::1")
$client->waitUntilSucceeds("ping -c 1 fd00:1234:5678:1::2"); client.wait_until_succeeds("ping -c 1 fd00:1234:5678:1::2")
$router->waitUntilSucceeds("ping -c 1 192.168.1.1"); router.wait_until_succeeds("ping -c 1 192.168.1.1")
$router->waitUntilSucceeds("ping -c 1 192.168.1.2"); router.wait_until_succeeds("ping -c 1 192.168.1.2")
$router->waitUntilSucceeds("ping -c 1 fd00:1234:5678:1::1"); router.wait_until_succeeds("ping -c 1 fd00:1234:5678:1::1")
$router->waitUntilSucceeds("ping -c 1 fd00:1234:5678:1::2"); router.wait_until_succeeds("ping -c 1 fd00:1234:5678:1::2")
# Test vlan 2 with subtest("Test vlan 2"):
$client->waitUntilSucceeds("ping -c 1 192.168.2.1"); client.wait_until_succeeds("ping -c 1 192.168.2.1")
$client->waitUntilSucceeds("ping -c 1 192.168.2.2"); client.wait_until_succeeds("ping -c 1 192.168.2.2")
$client->waitUntilSucceeds("ping -c 1 fd00:1234:5678:2::1"); client.wait_until_succeeds("ping -c 1 fd00:1234:5678:2::1")
$client->waitUntilSucceeds("ping -c 1 fd00:1234:5678:2::2"); client.wait_until_succeeds("ping -c 1 fd00:1234:5678:2::2")
$router->waitUntilSucceeds("ping -c 1 192.168.2.1"); router.wait_until_succeeds("ping -c 1 192.168.2.1")
$router->waitUntilSucceeds("ping -c 1 192.168.2.2"); router.wait_until_succeeds("ping -c 1 192.168.2.2")
$router->waitUntilSucceeds("ping -c 1 fd00:1234:5678:2::1"); router.wait_until_succeeds("ping -c 1 fd00:1234:5678:2::1")
$router->waitUntilSucceeds("ping -c 1 fd00:1234:5678:2::2"); router.wait_until_succeeds("ping -c 1 fd00:1234:5678:2::2")
''; '';
}; };
dhcpOneIf = { dhcpOneIf = {
@ -206,28 +207,28 @@ let
}; };
testScript = { ... }: testScript = { ... }:
'' ''
startAll; start_all()
# Wait for networking to come up with subtest("Wait for networking to come up"):
$client->waitForUnit("network.target"); client.wait_for_unit("network.target")
$router->waitForUnit("network.target"); router.wait_for_unit("network.target")
# Wait until we have an ip address on each interface with subtest("Wait until we have an ip address on each interface"):
$client->waitUntilSucceeds("ip addr show dev eth1 | grep -q '192.168.1'"); client.wait_until_succeeds("ip addr show dev eth1 | grep -q '192.168.1'")
# Test vlan 1 with subtest("Test vlan 1"):
$client->waitUntilSucceeds("ping -c 1 192.168.1.1"); client.wait_until_succeeds("ping -c 1 192.168.1.1")
$client->waitUntilSucceeds("ping -c 1 192.168.1.2"); client.wait_until_succeeds("ping -c 1 192.168.1.2")
$router->waitUntilSucceeds("ping -c 1 192.168.1.1"); router.wait_until_succeeds("ping -c 1 192.168.1.1")
$router->waitUntilSucceeds("ping -c 1 192.168.1.2"); router.wait_until_succeeds("ping -c 1 192.168.1.2")
# Test vlan 2 with subtest("Test vlan 2"):
$client->waitUntilSucceeds("ping -c 1 192.168.2.1"); client.wait_until_succeeds("ping -c 1 192.168.2.1")
$client->fail("ping -c 1 192.168.2.2"); client.fail("ping -c 1 192.168.2.2")
$router->waitUntilSucceeds("ping -c 1 192.168.2.1"); router.wait_until_succeeds("ping -c 1 192.168.2.1")
$router->fail("ping -c 1 192.168.2.2"); router.fail("ping -c 1 192.168.2.2")
''; '';
}; };
bond = let bond = let
@ -252,18 +253,18 @@ let
nodes.client2 = node "192.168.1.2"; nodes.client2 = node "192.168.1.2";
testScript = { ... }: testScript = { ... }:
'' ''
startAll; start_all()
# Wait for networking to come up with subtest("Wait for networking to come up"):
$client1->waitForUnit("network.target"); client1.wait_for_unit("network.target")
$client2->waitForUnit("network.target"); client2.wait_for_unit("network.target")
# Test bonding with subtest("Test bonding"):
$client1->waitUntilSucceeds("ping -c 2 192.168.1.1"); client1.wait_until_succeeds("ping -c 2 192.168.1.1")
$client1->waitUntilSucceeds("ping -c 2 192.168.1.2"); client1.wait_until_succeeds("ping -c 2 192.168.1.2")
$client2->waitUntilSucceeds("ping -c 2 192.168.1.1"); client2.wait_until_succeeds("ping -c 2 192.168.1.1")
$client2->waitUntilSucceeds("ping -c 2 192.168.1.2"); client2.wait_until_succeeds("ping -c 2 192.168.1.2")
''; '';
}; };
bridge = let bridge = let
@ -294,25 +295,24 @@ let
}; };
testScript = { ... }: testScript = { ... }:
'' ''
startAll; start_all()
# Wait for networking to come up with subtest("Wait for networking to come up"):
$client1->waitForUnit("network.target"); for machine in client1, client2, router:
$client2->waitForUnit("network.target"); machine.wait_for_unit("network.target")
$router->waitForUnit("network.target");
# Test bridging with subtest("Test bridging"):
$client1->waitUntilSucceeds("ping -c 1 192.168.1.1"); client1.wait_until_succeeds("ping -c 1 192.168.1.1")
$client1->waitUntilSucceeds("ping -c 1 192.168.1.2"); client1.wait_until_succeeds("ping -c 1 192.168.1.2")
$client1->waitUntilSucceeds("ping -c 1 192.168.1.3"); client1.wait_until_succeeds("ping -c 1 192.168.1.3")
$client2->waitUntilSucceeds("ping -c 1 192.168.1.1"); client2.wait_until_succeeds("ping -c 1 192.168.1.1")
$client2->waitUntilSucceeds("ping -c 1 192.168.1.2"); client2.wait_until_succeeds("ping -c 1 192.168.1.2")
$client2->waitUntilSucceeds("ping -c 1 192.168.1.3"); client2.wait_until_succeeds("ping -c 1 192.168.1.3")
$router->waitUntilSucceeds("ping -c 1 192.168.1.1"); router.wait_until_succeeds("ping -c 1 192.168.1.1")
$router->waitUntilSucceeds("ping -c 1 192.168.1.2"); router.wait_until_succeeds("ping -c 1 192.168.1.2")
$router->waitUntilSucceeds("ping -c 1 192.168.1.3"); router.wait_until_succeeds("ping -c 1 192.168.1.3")
''; '';
}; };
macvlan = { macvlan = {
@ -340,35 +340,35 @@ let
}; };
testScript = { ... }: testScript = { ... }:
'' ''
startAll; start_all()
# Wait for networking to come up with subtest("Wait for networking to come up"):
$client->waitForUnit("network.target"); client.wait_for_unit("network.target")
$router->waitForUnit("network.target"); router.wait_for_unit("network.target")
# Wait until we have an ip address on each interface with subtest("Wait until we have an ip address on each interface"):
$client->waitUntilSucceeds("ip addr show dev eth1 | grep -q '192.168.1'"); client.wait_until_succeeds("ip addr show dev eth1 | grep -q '192.168.1'")
$client->waitUntilSucceeds("ip addr show dev macvlan | grep -q '192.168.1'"); client.wait_until_succeeds("ip addr show dev macvlan | grep -q '192.168.1'")
# Print lots of diagnostic information with subtest("Print lots of diagnostic information"):
$router->log('**********************************************'); router.log("**********************************************")
$router->succeed("ip addr >&2"); router.succeed("ip addr >&2")
$router->succeed("ip route >&2"); router.succeed("ip route >&2")
$router->execute("iptables-save >&2"); router.execute("iptables-save >&2")
$client->log('=============================================='); client.log("==============================================")
$client->succeed("ip addr >&2"); client.succeed("ip addr >&2")
$client->succeed("ip route >&2"); client.succeed("ip route >&2")
$client->execute("iptables-save >&2"); client.execute("iptables-save >&2")
$client->log('##############################################'); client.log("##############################################")
# Test macvlan creates routable ips with subtest("Test macvlan creates routable ips"):
$client->waitUntilSucceeds("ping -c 1 192.168.1.1"); client.wait_until_succeeds("ping -c 1 192.168.1.1")
$client->waitUntilSucceeds("ping -c 1 192.168.1.2"); client.wait_until_succeeds("ping -c 1 192.168.1.2")
$client->waitUntilSucceeds("ping -c 1 192.168.1.3"); client.wait_until_succeeds("ping -c 1 192.168.1.3")
$router->waitUntilSucceeds("ping -c 1 192.168.1.1"); router.wait_until_succeeds("ping -c 1 192.168.1.1")
$router->waitUntilSucceeds("ping -c 1 192.168.1.2"); router.wait_until_succeeds("ping -c 1 192.168.1.2")
$router->waitUntilSucceeds("ping -c 1 192.168.1.3"); router.wait_until_succeeds("ping -c 1 192.168.1.3")
''; '';
}; };
sit = let sit = let
@ -395,22 +395,22 @@ let
nodes.client2 = node { address4 = "192.168.1.2"; remote = "192.168.1.1"; address6 = "fc00::2"; }; nodes.client2 = node { address4 = "192.168.1.2"; remote = "192.168.1.1"; address6 = "fc00::2"; };
testScript = { ... }: testScript = { ... }:
'' ''
startAll; start_all()
# Wait for networking to be configured with subtest("Wait for networking to be configured"):
$client1->waitForUnit("network.target"); client1.wait_for_unit("network.target")
$client2->waitForUnit("network.target"); client2.wait_for_unit("network.target")
# Print diagnostic information # Print diagnostic information
$client1->succeed("ip addr >&2"); client1.succeed("ip addr >&2")
$client2->succeed("ip addr >&2"); client2.succeed("ip addr >&2")
# Test ipv6 with subtest("Test ipv6"):
$client1->waitUntilSucceeds("ping -c 1 fc00::1"); client1.wait_until_succeeds("ping -c 1 fc00::1")
$client1->waitUntilSucceeds("ping -c 1 fc00::2"); client1.wait_until_succeeds("ping -c 1 fc00::2")
$client2->waitUntilSucceeds("ping -c 1 fc00::1"); client2.wait_until_succeeds("ping -c 1 fc00::1")
$client2->waitUntilSucceeds("ping -c 1 fc00::2"); client2.wait_until_succeeds("ping -c 1 fc00::2")
''; '';
}; };
vlan = let vlan = let
@ -435,15 +435,15 @@ let
nodes.client2 = node "192.168.1.2"; nodes.client2 = node "192.168.1.2";
testScript = { ... }: testScript = { ... }:
'' ''
startAll; start_all()
# Wait for networking to be configured with subtest("Wait for networking to be configured"):
$client1->waitForUnit("network.target"); client1.wait_for_unit("network.target")
$client2->waitForUnit("network.target"); client2.wait_for_unit("network.target")
# Test vlan is setup with subtest("Test vlan is setup"):
$client1->succeed("ip addr show dev vlan >&2"); client1.succeed("ip addr show dev vlan >&2")
$client2->succeed("ip addr show dev vlan >&2"); client2.succeed("ip addr show dev vlan >&2")
''; '';
}; };
virtual = { virtual = {
@ -464,33 +464,38 @@ let
}; };
testScript = '' testScript = ''
my $targetList = <<'END'; targetList = """
tap0: tap persist user 0 tap0: tap persist user 0
tun0: tun persist user 0 tun0: tun persist user 0
END """.strip()
# Wait for networking to come up with subtest("Wait for networking to come up"):
$machine->start; machine.start()
$machine->waitForUnit("network-online.target"); machine.wait_for_unit("network-online.target")
# Test interfaces set up with subtest("Test interfaces set up"):
my $list = $machine->succeed("ip tuntap list | sort"); list = machine.succeed("ip tuntap list | sort").strip()
"$list" eq "$targetList" or die( assert (
"The list of virtual interfaces does not match the expected one:\n", list == targetList
"Result:\n", "$list\n", ), """
"Expected:\n", "$targetList\n" The list of virtual interfaces does not match the expected one:
); Result:
{}
Expected:
{}
""".format(
list, targetList
)
# Test interfaces clean up with subtest("Test interfaces clean up"):
$machine->succeed("systemctl stop network-addresses-tap0"); machine.succeed("systemctl stop network-addresses-tap0")
$machine->sleep(10); machine.sleep(10)
$machine->succeed("systemctl stop network-addresses-tun0"); machine.succeed("systemctl stop network-addresses-tun0")
$machine->sleep(10); machine.sleep(10)
my $residue = $machine->succeed("ip tuntap list"); residue = machine.succeed("ip tuntap list")
$residue eq "" or die( assert (
"Some virtual interface has not been properly cleaned:\n", residue is ""
"$residue\n" ), "Some virtual interface has not been properly cleaned:\n{}".format(residue)
);
''; '';
}; };
privacy = { privacy = {
@ -522,7 +527,7 @@ let
''; '';
}; };
}; };
nodes.clientWithPrivacy = { pkgs, ... }: with pkgs.lib; { nodes.client_with_privacy = { pkgs, ... }: with pkgs.lib; {
virtualisation.vlans = [ 1 ]; virtualisation.vlans = [ 1 ];
networking = { networking = {
useNetworkd = networkd; useNetworkd = networkd;
@ -550,25 +555,31 @@ let
}; };
testScript = { ... }: testScript = { ... }:
'' ''
startAll; start_all()
$client->waitForUnit("network.target"); client.wait_for_unit("network.target")
$clientWithPrivacy->waitForUnit("network.target"); client_with_privacy.wait_for_unit("network.target")
$router->waitForUnit("network-online.target"); router.wait_for_unit("network-online.target")
# Wait until we have an ip address with subtest("Wait until we have an ip address"):
$clientWithPrivacy->waitUntilSucceeds("ip addr show dev eth1 | grep -q 'fd00:1234:5678:1:'"); client_with_privacy.wait_until_succeeds(
$client->waitUntilSucceeds("ip addr show dev eth1 | grep -q 'fd00:1234:5678:1:'"); "ip addr show dev eth1 | grep -q 'fd00:1234:5678:1:'"
)
client.wait_until_succeeds("ip addr show dev eth1 | grep -q 'fd00:1234:5678:1:'")
# Test vlan 1 with subtest("Test vlan 1"):
$clientWithPrivacy->waitUntilSucceeds("ping -c 1 fd00:1234:5678:1::1"); client_with_privacy.wait_until_succeeds("ping -c 1 fd00:1234:5678:1::1")
$client->waitUntilSucceeds("ping -c 1 fd00:1234:5678:1::1"); client.wait_until_succeeds("ping -c 1 fd00:1234:5678:1::1")
# Test address used is temporary with subtest("Test address used is temporary"):
$clientWithPrivacy->waitUntilSucceeds("! ip route get fd00:1234:5678:1::1 | grep -q ':[a-f0-9]*ff:fe[a-f0-9]*:'"); client_with_privacy.wait_until_succeeds(
"! ip route get fd00:1234:5678:1::1 | grep -q ':[a-f0-9]*ff:fe[a-f0-9]*:'"
)
# Test address used is EUI-64 with subtest("Test address used is EUI-64"):
$client->waitUntilSucceeds("ip route get fd00:1234:5678:1::1 | grep -q ':[a-f0-9]*ff:fe[a-f0-9]*:'"); client.wait_until_succeeds(
"ip route get fd00:1234:5678:1::1 | grep -q ':[a-f0-9]*ff:fe[a-f0-9]*:'"
)
''; '';
}; };
routes = { routes = {
@ -591,47 +602,57 @@ let
}; };
testScript = '' testScript = ''
my $targetIPv4Table = <<'END'; targetIPv4Table = """
10.0.0.0/16 proto static scope link mtu 1500 10.0.0.0/16 proto static scope link mtu 1500
192.168.1.0/24 proto kernel scope link src 192.168.1.2 192.168.1.0/24 proto kernel scope link src 192.168.1.2
192.168.2.0/24 via 192.168.1.1 proto static 192.168.2.0/24 via 192.168.1.1 proto static
END """.strip()
my $targetIPv6Table = <<'END'; targetIPv6Table = """
2001:1470:fffd:2097::/64 proto kernel metric 256 pref medium 2001:1470:fffd:2097::/64 proto kernel metric 256 pref medium
2001:1470:fffd:2098::/64 via fdfd:b3f0::1 proto static metric 1024 pref medium 2001:1470:fffd:2098::/64 via fdfd:b3f0::1 proto static metric 1024 pref medium
fdfd:b3f0::/48 proto static metric 1024 pref medium fdfd:b3f0::/48 proto static metric 1024 pref medium
END """.strip()
$machine->start; machine.start()
$machine->waitForUnit("network.target"); machine.wait_for_unit("network.target")
# test routing tables with subtest("test routing tables"):
my $ipv4Table = $machine->succeed("ip -4 route list dev eth0 | head -n3"); ipv4Table = machine.succeed("ip -4 route list dev eth0 | head -n3").strip()
my $ipv6Table = $machine->succeed("ip -6 route list dev eth0 | head -n3"); ipv6Table = machine.succeed("ip -6 route list dev eth0 | head -n3").strip()
"$ipv4Table" eq "$targetIPv4Table" or die( assert (
"The IPv4 routing table does not match the expected one:\n", ipv4Table == targetIPv4Table
"Result:\n", "$ipv4Table\n", ), """
"Expected:\n", "$targetIPv4Table\n" The IPv4 routing table does not match the expected one:
); Result:
"$ipv6Table" eq "$targetIPv6Table" or die( {}
"The IPv6 routing table does not match the expected one:\n", Expected:
"Result:\n", "$ipv6Table\n", {}
"Expected:\n", "$targetIPv6Table\n" """.format(
); ipv4Table, targetIPv4Table
)
assert (
ipv6Table == targetIPv6Table
), """
The IPv6 routing table does not match the expected one:
Result:
{}
Expected:
{}
""".format(
ipv6Table, targetIPv6Table
)
# test clean-up of the tables with subtest("test clean-up of the tables"):
$machine->succeed("systemctl stop network-addresses-eth0"); machine.succeed("systemctl stop network-addresses-eth0")
my $ipv4Residue = $machine->succeed("ip -4 route list dev eth0 | head -n-3"); ipv4Residue = machine.succeed("ip -4 route list dev eth0 | head -n-3").strip()
my $ipv6Residue = $machine->succeed("ip -6 route list dev eth0 | head -n-3"); ipv6Residue = machine.succeed("ip -6 route list dev eth0 | head -n-3").strip()
$ipv4Residue eq "" or die( assert (
"The IPv4 routing table has not been properly cleaned:\n", ipv4Residue is ""
"$ipv4Residue\n" ), "The IPv4 routing table has not been properly cleaned:\n{}".format(ipv4Residue)
); assert (
$ipv6Residue eq "" or die( ipv6Residue is ""
"The IPv6 routing table has not been properly cleaned:\n", ), "The IPv6 routing table has not been properly cleaned:\n{}".format(ipv6Residue)
"$ipv6Residue\n"
);
''; '';
}; };
}; };

10
nixos/tests/nghttpx.nix
View file

@ -1,7 +1,7 @@
let let
nginxRoot = "/run/nginx"; nginxRoot = "/run/nginx";
in in
import ./make-test.nix ({...}: { import ./make-test-python.nix ({...}: {
name = "nghttpx"; name = "nghttpx";
nodes = { nodes = {
webserver = { webserver = {
@ -52,10 +52,10 @@ in
}; };
testScript = '' testScript = ''
startAll; start_all()
$webserver->waitForOpenPort("80"); webserver.wait_for_open_port("80")
$proxy->waitForOpenPort("80"); proxy.wait_for_open_port("80")
$client->waitUntilSucceeds("curl -s --fail http://proxy/hello-world.txt"); client.wait_until_succeeds("curl -s --fail http://proxy/hello-world.txt")
''; '';
}) })

32
nixos/tests/novacomd.nix
View file

@ -1,4 +1,4 @@
import ./make-test.nix ({ pkgs, ...} : { import ./make-test-python.nix ({ pkgs, ...} : {
name = "novacomd"; name = "novacomd";
meta = with pkgs.stdenv.lib.maintainers; { meta = with pkgs.stdenv.lib.maintainers; {
maintainers = [ dtzWill ]; maintainers = [ dtzWill ];
@ -9,26 +9,20 @@ import ./make-test.nix ({ pkgs, ...} : {
}; };
testScript = '' testScript = ''
$machine->waitForUnit("multi-user.target"); machine.wait_for_unit("novacomd.service")
# multi-user.target wants novacomd.service, but let's make sure with subtest("Make sure the daemon is really listening"):
$machine->waitForUnit("novacomd.service"); machine.wait_for_open_port(6968)
machine.succeed("novacom -l")
# Check status and try connecting with novacom with subtest("Stop the daemon, double-check novacom fails if daemon isn't working"):
$machine->succeed("systemctl status novacomd.service >&2"); machine.stop_job("novacomd")
# to prevent non-deterministic failure, machine.fail("novacom -l")
# make sure the daemon is really listening
$machine->waitForOpenPort(6968);
$machine->succeed("novacom -l");
# Stop the daemon, double-check novacom fails if daemon isn't working with subtest("Make sure the daemon starts back up again"):
$machine->stopJob("novacomd"); machine.start_job("novacomd")
$machine->fail("novacom -l"); # make sure the daemon is really listening
machine.wait_for_open_port(6968)
# And back again for good measure machine.succeed("novacom -l")
$machine->startJob("novacomd");
# make sure the daemon is really listening
$machine->waitForOpenPort(6968);
$machine->succeed("novacom -l");
''; '';
}) })

18
nixos/tests/nzbget.nix
View file

@ -1,4 +1,4 @@
import ./make-test.nix ({ pkgs, ...} : { import ./make-test-python.nix ({ pkgs, ...} : {
name = "nzbget"; name = "nzbget";
meta = with pkgs.stdenv.lib.maintainers; { meta = with pkgs.stdenv.lib.maintainers; {
maintainers = [ aanderse flokli ]; maintainers = [ aanderse flokli ];
@ -15,12 +15,16 @@ import ./make-test.nix ({ pkgs, ...} : {
}; };
testScript = '' testScript = ''
startAll; start_all()
$server->waitForUnit("nzbget.service"); server.wait_for_unit("nzbget.service")
$server->waitForUnit("network.target"); server.wait_for_unit("network.target")
$server->waitForOpenPort(6789); server.wait_for_open_port(6789)
$server->succeed("curl -s -u nzbget:tegbzn6789 http://127.0.0.1:6789 | grep -q 'This file is part of nzbget'"); assert "This file is part of nzbget" in server.succeed(
$server->succeed("${pkgs.nzbget}/bin/nzbget -n -o ControlIP=127.0.0.1 -o ControlPort=6789 -o ControlPassword=tegbzn6789 -V"); "curl -s -u nzbget:tegbzn6789 http://127.0.0.1:6789"
)
server.succeed(
"${pkgs.nzbget}/bin/nzbget -n -o Control_iP=127.0.0.1 -o Control_port=6789 -o Control_password=tegbzn6789 -V"
)
''; '';
}) })

52
nixos/tests/orangefs.nix
View file

@ -1,4 +1,4 @@
import ./make-test.nix ({ ... } : import ./make-test-python.nix ({ ... } :
let let
server = { pkgs, ... } : { server = { pkgs, ... } : {
@ -52,37 +52,31 @@ in {
testScript = '' testScript = ''
# format storage # format storage
foreach my $server (($server1,$server2)) for server in server1, server2:
{ server.start()
$server->start(); server.wait_for_unit("multi-user.target")
$server->waitForUnit("multi-user.target"); server.succeed("mkdir -p /data/storage /data/meta")
$server->succeed("mkdir -p /data/storage /data/meta"); server.succeed("chown orangefs:orangefs /data/storage /data/meta")
$server->succeed("chown orangefs:orangefs /data/storage /data/meta"); server.succeed("chmod 0770 /data/storage /data/meta")
$server->succeed("chmod 0770 /data/storage /data/meta"); server.succeed(
$server->succeed("sudo -g orangefs -u orangefs pvfs2-server -f /etc/orangefs/server.conf"); "sudo -g orangefs -u orangefs pvfs2-server -f /etc/orangefs/server.conf"
} )
# start services after storage is formated on all machines # start services after storage is formated on all machines
foreach my $server (($server1,$server2)) for server in server1, server2:
{ server.succeed("systemctl start orangefs-server.service")
$server->succeed("systemctl start orangefs-server.service");
}
# Check if clients can reach and mount the FS with subtest("clients can reach and mount the FS"):
foreach my $client (($client1,$client2)) for client in client1, client2:
{ client.start()
$client->start(); client.wait_for_unit("orangefs-client.service")
$client->waitForUnit("orangefs-client.service"); # Both servers need to be reachable
# Both servers need to be reachable client.succeed("pvfs2-check-server -h server1 -f orangefs -n tcp -p 3334")
$client->succeed("pvfs2-check-server -h server1 -f orangefs -n tcp -p 3334"); client.succeed("pvfs2-check-server -h server2 -f orangefs -n tcp -p 3334")
$client->succeed("pvfs2-check-server -h server2 -f orangefs -n tcp -p 3334"); client.wait_for_unit("orangefs.mount")
$client->waitForUnit("orangefs.mount");
}
# R/W test between clients
$client1->succeed("echo test > /orangefs/file1");
$client2->succeed("grep test /orangefs/file1");
with subtest("R/W test between clients"):
client1.succeed("echo test > /orangefs/file1")
client2.succeed("grep test /orangefs/file1")
''; '';
}) })

14
nixos/tests/osrm-backend.nix
View file

@ -1,4 +1,4 @@
import ./make-test.nix ({ pkgs, lib, ... }: import ./make-test-python.nix ({ pkgs, lib, ... }:
let let
port = 5000; port = 5000;
in { in {
@ -45,9 +45,13 @@ in {
testScript = let testScript = let
query = "http://localhost:${toString port}/route/v1/driving/7.41720,43.73304;7.42463,43.73886?steps=true"; query = "http://localhost:${toString port}/route/v1/driving/7.41720,43.73304;7.42463,43.73886?steps=true";
in '' in ''
$machine->waitForUnit("osrm.service"); machine.wait_for_unit("osrm.service")
$machine->waitForOpenPort(${toString port}); machine.wait_for_open_port(${toString port})
$machine->succeed("curl --silent '${query}' | jq .waypoints[0].name | grep -F 'Boulevard Rainier III'"); assert "Boulevard Rainier III" in machine.succeed(
$machine->succeed("curl --silent '${query}' | jq .waypoints[1].name | grep -F 'Avenue de la Costa'"); "curl --silent '${query}' | jq .waypoints[0].name"
)
assert "Avenue de la Costa" in machine.succeed(
"curl --silent '${query}' | jq .waypoints[1].name"
)
''; '';
}) })

77
nixos/tests/overlayfs.nix
View file

@ -1,4 +1,4 @@
import ./make-test.nix ({ pkgs, ... }: { import ./make-test-python.nix ({ pkgs, ... }: {
name = "overlayfs"; name = "overlayfs";
meta.maintainers = with pkgs.stdenv.lib.maintainers; [ bachp ]; meta.maintainers = with pkgs.stdenv.lib.maintainers; [ bachp ];
@ -9,49 +9,42 @@ import ./make-test.nix ({ pkgs, ... }: {
}; };
testScript = '' testScript = ''
$machine->succeed("ls /dev"); machine.succeed("ls /dev")
$machine->succeed("mkdir -p /tmp/mnt"); machine.succeed("mkdir -p /tmp/mnt")
# Test ext4 + overlayfs # Test ext4 + overlayfs
$machine->succeed( machine.succeed(
"""
"mkfs.ext4 -F -L overlay-ext4 /dev/vdb", mkfs.ext4 -F -L overlay-ext4 /dev/vdb
"mount -t ext4 /dev/vdb /tmp/mnt", mount -t ext4 /dev/vdb /tmp/mnt
mkdir -p /tmp/mnt/upper /tmp/mnt/lower /tmp/mnt/work /tmp/mnt/merged
"mkdir -p /tmp/mnt/upper /tmp/mnt/lower /tmp/mnt/work /tmp/mnt/merged", # Setup some existing files
echo 'Replace' > /tmp/mnt/lower/replace.txt
# Setup some existing files echo 'Append' > /tmp/mnt/lower/append.txt
"echo 'Replace' > /tmp/mnt/lower/replace.txt", echo 'Overwrite' > /tmp/mnt/lower/overwrite.txt
"echo 'Append' > /tmp/mnt/lower/append.txt", mount -t overlay overlay -o lowerdir=/tmp/mnt/lower,upperdir=/tmp/mnt/upper,workdir=/tmp/mnt/work /tmp/mnt/merged
"echo 'Overwrite' > /tmp/mnt/lower/overwrite.txt", # Test new
echo 'New' > /tmp/mnt/merged/new.txt
"mount -t overlay overlay -o lowerdir=/tmp/mnt/lower,upperdir=/tmp/mnt/upper,workdir=/tmp/mnt/work /tmp/mnt/merged", [[ "\$(cat /tmp/mnt/merged/new.txt)" == "New" ]]
# Test replace
# Test new [[ "\$(cat /tmp/mnt/merged/replace.txt)" == "Replace" ]]
"echo 'New' > /tmp/mnt/merged/new.txt", echo 'Replaced' > /tmp/mnt/merged/replace-tmp.txt
"[[ \"\$(cat /tmp/mnt/merged/new.txt)\" == \"New\" ]]", mv /tmp/mnt/merged/replace-tmp.txt /tmp/mnt/merged/replace.txt
[[ "\$(cat /tmp/mnt/merged/replace.txt)" == "Replaced" ]]
# Test replace # Overwrite
"[[ \"\$(cat /tmp/mnt/merged/replace.txt)\" == \"Replace\" ]]", [[ "\$(cat /tmp/mnt/merged/overwrite.txt)" == "Overwrite" ]]
"echo 'Replaced' > /tmp/mnt/merged/replace-tmp.txt", echo 'Overwritten' > /tmp/mnt/merged/overwrite.txt
"mv /tmp/mnt/merged/replace-tmp.txt /tmp/mnt/merged/replace.txt", [[ "\$(cat /tmp/mnt/merged/overwrite.txt)" == "Overwritten" ]]
"[[ \"\$(cat /tmp/mnt/merged/replace.txt)\" == \"Replaced\" ]]", # Test append
[[ "\$(cat /tmp/mnt/merged/append.txt)" == "Append" ]]
# Overwrite echo 'ed' >> /tmp/mnt/merged/append.txt
"[[ \"\$(cat /tmp/mnt/merged/overwrite.txt)\" == \"Overwrite\" ]]", #"cat /tmp/mnt/merged/append.txt && exit 1
"echo 'Overwritten' > /tmp/mnt/merged/overwrite.txt", [[ "\$(cat /tmp/mnt/merged/append.txt)" == "Append\ned" ]]
"[[ \"\$(cat /tmp/mnt/merged/overwrite.txt)\" == \"Overwritten\" ]]", umount /tmp/mnt/merged
umount /tmp/mnt
# Test append udevadm settle
"[[ \"\$(cat /tmp/mnt/merged/append.txt)\" == \"Append\" ]]", """
"echo 'ed' >> /tmp/mnt/merged/append.txt", )
#"cat /tmp/mnt/merged/append.txt && exit 1",
"[[ \"\$(cat /tmp/mnt/merged/append.txt)\" == \"Append\ned\" ]]",
"umount /tmp/mnt/merged",
"umount /tmp/mnt",
"udevadm settle"
);
''; '';
}) })

159
nixos/tests/rspamd.nix
View file

@ -3,20 +3,20 @@
pkgs ? import ../.. { inherit system config; } pkgs ? import ../.. { inherit system config; }
}: }:
with import ../lib/testing.nix { inherit system pkgs; }; with import ../lib/testing-python.nix { inherit system pkgs; };
with pkgs.lib; with pkgs.lib;
let let
initMachine = '' initMachine = ''
startAll start_all()
$machine->waitForUnit("rspamd.service"); machine.wait_for_unit("rspamd.service")
$machine->succeed("id \"rspamd\" >/dev/null"); machine.succeed("id rspamd >/dev/null")
''; '';
checkSocket = socket: user: group: mode: '' checkSocket = socket: user: group: mode: ''
$machine->succeed("ls ${socket} >/dev/null"); machine.succeed("ls ${socket} >/dev/null")
$machine->succeed("[[ \"\$(stat -c %U ${socket})\" == \"${user}\" ]]"); machine.succeed('[[ "$(stat -c %U ${socket})" == "${user}" ]]')
$machine->succeed("[[ \"\$(stat -c %G ${socket})\" == \"${group}\" ]]"); machine.succeed('[[ "$(stat -c %G ${socket})" == "${group}" ]]')
$machine->succeed("[[ \"\$(stat -c %a ${socket})\" == \"${mode}\" ]]"); machine.succeed('[[ "$(stat -c %a ${socket})" == "${mode}" ]]')
''; '';
simple = name: enableIPv6: makeTest { simple = name: enableIPv6: makeTest {
name = "rspamd-${name}"; name = "rspamd-${name}";
@ -25,22 +25,23 @@ let
networking.enableIPv6 = enableIPv6; networking.enableIPv6 = enableIPv6;
}; };
testScript = '' testScript = ''
startAll start_all()
$machine->waitForUnit("multi-user.target"); machine.wait_for_unit("multi-user.target")
$machine->waitForOpenPort(11334); machine.wait_for_open_port(11334)
$machine->waitForUnit("rspamd.service"); machine.wait_for_unit("rspamd.service")
$machine->succeed("id \"rspamd\" >/dev/null"); machine.succeed("id rspamd >/dev/null")
${checkSocket "/run/rspamd/rspamd.sock" "rspamd" "rspamd" "660" } ${checkSocket "/run/rspamd/rspamd.sock" "rspamd" "rspamd" "660" }
sleep 10; machine.sleep(10)
$machine->log($machine->succeed("cat /etc/rspamd/rspamd.conf")); machine.log(machine.succeed("cat /etc/rspamd/rspamd.conf"))
$machine->log($machine->succeed("grep 'CONFDIR/worker-controller.inc' /etc/rspamd/rspamd.conf")); machine.log(
$machine->log($machine->succeed("grep 'CONFDIR/worker-normal.inc' /etc/rspamd/rspamd.conf")); machine.succeed("grep 'CONFDIR/worker-controller.inc' /etc/rspamd/rspamd.conf")
$machine->log($machine->succeed("systemctl cat rspamd.service")); )
$machine->log($machine->succeed("curl http://localhost:11334/auth")); machine.log(machine.succeed("grep 'CONFDIR/worker-normal.inc' /etc/rspamd/rspamd.conf"))
$machine->log($machine->succeed("curl http://127.0.0.1:11334/auth")); machine.log(machine.succeed("systemctl cat rspamd.service"))
${optionalString enableIPv6 '' machine.log(machine.succeed("curl http://localhost:11334/auth"))
$machine->log($machine->succeed("curl http://[::1]:11334/auth")); machine.log(machine.succeed("curl http://127.0.0.1:11334/auth"))
''} ${optionalString enableIPv6 ''machine.log(machine.succeed("curl http://[::1]:11334/auth"))''}
# would not reformat
''; '';
}; };
in in
@ -69,14 +70,18 @@ in
testScript = '' testScript = ''
${initMachine} ${initMachine}
$machine->waitForFile("/run/rspamd.sock"); machine.wait_for_file("/run/rspamd.sock")
${checkSocket "/run/rspamd.sock" "root" "root" "600" } ${checkSocket "/run/rspamd.sock" "root" "root" "600" }
${checkSocket "/run/rspamd-worker.sock" "root" "root" "666" } ${checkSocket "/run/rspamd-worker.sock" "root" "root" "666" }
$machine->log($machine->succeed("cat /etc/rspamd/rspamd.conf")); machine.log(machine.succeed("cat /etc/rspamd/rspamd.conf"))
$machine->log($machine->succeed("grep 'CONFDIR/worker-controller.inc' /etc/rspamd/rspamd.conf")); machine.log(
$machine->log($machine->succeed("grep 'CONFDIR/worker-normal.inc' /etc/rspamd/rspamd.conf")); machine.succeed("grep 'CONFDIR/worker-controller.inc' /etc/rspamd/rspamd.conf")
$machine->log($machine->succeed("rspamc -h /run/rspamd-worker.sock stat")); )
$machine->log($machine->succeed("curl --unix-socket /run/rspamd-worker.sock http://localhost/ping")); machine.log(machine.succeed("grep 'CONFDIR/worker-normal.inc' /etc/rspamd/rspamd.conf"))
machine.log(machine.succeed("rspamc -h /run/rspamd-worker.sock stat"))
machine.log(
machine.succeed("curl --unix-socket /run/rspamd-worker.sock http://localhost/ping")
)
''; '';
}; };
@ -111,18 +116,32 @@ in
testScript = '' testScript = ''
${initMachine} ${initMachine}
$machine->waitForFile("/run/rspamd.sock"); machine.wait_for_file("/run/rspamd.sock")
${checkSocket "/run/rspamd.sock" "root" "root" "600" } ${checkSocket "/run/rspamd.sock" "root" "root" "600" }
${checkSocket "/run/rspamd-worker.sock" "root" "root" "666" } ${checkSocket "/run/rspamd-worker.sock" "root" "root" "666" }
$machine->log($machine->succeed("cat /etc/rspamd/rspamd.conf")); machine.log(machine.succeed("cat /etc/rspamd/rspamd.conf"))
$machine->log($machine->succeed("grep 'CONFDIR/worker-controller.inc' /etc/rspamd/rspamd.conf")); machine.log(
$machine->log($machine->succeed("grep 'CONFDIR/worker-normal.inc' /etc/rspamd/rspamd.conf")); machine.succeed("grep 'CONFDIR/worker-controller.inc' /etc/rspamd/rspamd.conf")
$machine->log($machine->succeed("grep 'LOCAL_CONFDIR/override.d/worker-controller2.inc' /etc/rspamd/rspamd.conf")); )
$machine->log($machine->succeed("grep 'verysecretpassword' /etc/rspamd/override.d/worker-controller2.inc")); machine.log(machine.succeed("grep 'CONFDIR/worker-normal.inc' /etc/rspamd/rspamd.conf"))
$machine->waitUntilSucceeds("journalctl -u rspamd | grep -i 'starting controller process' >&2"); machine.log(
$machine->log($machine->succeed("rspamc -h /run/rspamd-worker.sock stat")); machine.succeed(
$machine->log($machine->succeed("curl --unix-socket /run/rspamd-worker.sock http://localhost/ping")); "grep 'LOCAL_CONFDIR/override.d/worker-controller2.inc' /etc/rspamd/rspamd.conf"
$machine->log($machine->succeed("curl http://localhost:11335/ping")); )
)
machine.log(
machine.succeed(
"grep 'verysecretpassword' /etc/rspamd/override.d/worker-controller2.inc"
)
)
machine.wait_until_succeeds(
"journalctl -u rspamd | grep -i 'starting controller process' >&2"
)
machine.log(machine.succeed("rspamc -h /run/rspamd-worker.sock stat"))
machine.log(
machine.succeed("curl --unix-socket /run/rspamd-worker.sock http://localhost/ping")
)
machine.log(machine.succeed("curl http://localhost:11335/ping"))
''; '';
}; };
customLuaRules = makeTest { customLuaRules = makeTest {
@ -199,22 +218,34 @@ in
}; };
testScript = '' testScript = ''
${initMachine} ${initMachine}
$machine->waitForOpenPort(11334); machine.wait_for_open_port(11334)
$machine->log($machine->succeed("cat /etc/rspamd/rspamd.conf")); machine.log(machine.succeed("cat /etc/rspamd/rspamd.conf"))
$machine->log($machine->succeed("cat /etc/rspamd/rspamd.local.lua")); machine.log(machine.succeed("cat /etc/rspamd/rspamd.local.lua"))
$machine->log($machine->succeed("cat /etc/rspamd/local.d/groups.conf")); machine.log(machine.succeed("cat /etc/rspamd/local.d/groups.conf"))
# Verify that redis.conf was not written # Verify that redis.conf was not written
$machine->fail("cat /etc/rspamd/local.d/redis.conf >&2"); machine.fail("cat /etc/rspamd/local.d/redis.conf >&2")
# Verify that antivirus.conf was not written # Verify that antivirus.conf was not written
$machine->fail("cat /etc/rspamd/local.d/antivirus.conf >&2"); machine.fail("cat /etc/rspamd/local.d/antivirus.conf >&2")
${checkSocket "/run/rspamd/rspamd.sock" "rspamd" "rspamd" "660" } ${checkSocket "/run/rspamd/rspamd.sock" "rspamd" "rspamd" "660" }
$machine->log($machine->succeed("curl --unix-socket /run/rspamd/rspamd.sock http://localhost/ping")); machine.log(
$machine->log($machine->succeed("rspamc -h 127.0.0.1:11334 stat")); machine.succeed("curl --unix-socket /run/rspamd/rspamd.sock http://localhost/ping")
$machine->log($machine->succeed("cat /etc/tests/no-muh.eml | rspamc -h 127.0.0.1:11334")); )
$machine->log($machine->succeed("cat /etc/tests/muh.eml | rspamc -h 127.0.0.1:11334 symbols")); machine.log(machine.succeed("rspamc -h 127.0.0.1:11334 stat"))
$machine->waitUntilSucceeds("journalctl -u rspamd | grep -i muh >&2"); machine.log(machine.succeed("cat /etc/tests/no-muh.eml | rspamc -h 127.0.0.1:11334"))
$machine->log($machine->fail("cat /etc/tests/no-muh.eml | rspamc -h 127.0.0.1:11334 symbols | grep NO_MUH")); machine.log(
$machine->log($machine->succeed("cat /etc/tests/muh.eml | rspamc -h 127.0.0.1:11334 symbols | grep NO_MUH")); machine.succeed("cat /etc/tests/muh.eml | rspamc -h 127.0.0.1:11334 symbols")
)
machine.wait_until_succeeds("journalctl -u rspamd | grep -i muh >&2")
machine.log(
machine.fail(
"cat /etc/tests/no-muh.eml | rspamc -h 127.0.0.1:11334 symbols | grep NO_MUH"
)
)
machine.log(
machine.succeed(
"cat /etc/tests/muh.eml | rspamc -h 127.0.0.1:11334 symbols | grep NO_MUH"
)
)
''; '';
}; };
postfixIntegration = makeTest { postfixIntegration = makeTest {
@ -250,16 +281,24 @@ in
}; };
testScript = '' testScript = ''
${initMachine} ${initMachine}
$machine->waitForOpenPort(11334); machine.wait_for_open_port(11334)
$machine->waitForOpenPort(25); machine.wait_for_open_port(25)
${checkSocket "/run/rspamd/rspamd-milter.sock" "rspamd" "postfix" "660" } ${checkSocket "/run/rspamd/rspamd-milter.sock" "rspamd" "postfix" "660" }
$machine->log($machine->succeed("rspamc -h 127.0.0.1:11334 stat")); machine.log(machine.succeed("rspamc -h 127.0.0.1:11334 stat"))
$machine->log($machine->succeed("msmtp --host=localhost -t --read-envelope-from < /etc/tests/example.eml")); machine.log(
$machine->log($machine->fail("msmtp --host=localhost -t --read-envelope-from < /etc/tests/gtube.eml")); machine.succeed(
"msmtp --host=localhost -t --read-envelope-from < /etc/tests/example.eml"
)
)
machine.log(
machine.fail(
"msmtp --host=localhost -t --read-envelope-from < /etc/tests/gtube.eml"
)
)
$machine->waitUntilFails('[ "$(postqueue -p)" != "Mail queue is empty" ]'); machine.wait_until_fails('[ "$(postqueue -p)" != "Mail queue is empty" ]')
$machine->fail("journalctl -u postfix | grep -i error >&2"); machine.fail("journalctl -u postfix | grep -i error >&2")
$machine->fail("journalctl -u postfix | grep -i warning >&2"); machine.fail("journalctl -u postfix | grep -i warning >&2")
''; '';
}; };
} }

2
nixos/tests/slurm.nix
View file

@ -119,7 +119,7 @@ in {
with subtest("can_start_slurmctld"): with subtest("can_start_slurmctld"):
control.succeed("systemctl restart slurmctld") control.succeed("systemctl restart slurmctld")
control.waitForUnit("slurmctld.service") control.wait_for_unit("slurmctld.service")
with subtest("can_start_slurmd"): with subtest("can_start_slurmd"):
for node in [node1, node2, node3]: for node in [node1, node2, node3]:

51
nixos/tests/spacecookie.nix Normal file
View file

@ -0,0 +1,51 @@
let
gopherRoot = "/tmp/gopher";
gopherHost = "gopherd";
fileContent = "Hello Gopher!";
fileName = "file.txt";
in
import ./make-test-python.nix ({...}: {
name = "spacecookie";
nodes = {
${gopherHost} = {
networking.firewall.allowedTCPPorts = [ 70 ];
systemd.services.spacecookie = {
preStart = ''
mkdir -p ${gopherRoot}/directory
echo "${fileContent}" > ${gopherRoot}/${fileName}
'';
};
services.spacecookie = {
enable = true;
root = gopherRoot;
hostname = gopherHost;
};
};
client = {};
};
testScript = ''
start_all()
${gopherHost}.wait_for_open_port(70)
${gopherHost}.wait_for_unit("spacecookie.service")
client.wait_for_unit("network.target")
fileResponse = client.succeed("curl -s gopher://${gopherHost}//${fileName}")
# the file response should return our created file exactly
if not (fileResponse == "${fileContent}\n"):
raise Exception("Unexpected file response")
# sanity check on the directory listing: we serve a directory and a file
# via gopher, so the directory listing should have exactly two entries,
# one with gopher file type 0 (file) and one with file type 1 (directory).
dirResponse = client.succeed("curl -s gopher://${gopherHost}")
dirEntries = [l[0] for l in dirResponse.split("\n") if len(l) > 0]
dirEntries.sort()
if not (["0", "1"] == dirEntries):
raise Exception("Unexpected directory response")
'';
})

53
nixos/tests/trilium-server.nix Normal file
View file

@ -0,0 +1,53 @@
import ./make-test-python.nix ({ ... }: {
name = "trilium-server";
nodes = {
default = {
services.trilium-server.enable = true;
};
configured = {
services.trilium-server = {
enable = true;
dataDir = "/data/trilium";
};
};
nginx = {
services.trilium-server = {
enable = true;
nginx.enable = true;
nginx.hostName = "trilium.example.com";
};
};
};
testScript =
''
start_all()
with subtest("by default works without configuration"):
default.wait_for_unit("trilium-server.service")
with subtest("by default available on port 8080"):
default.wait_for_unit("trilium-server.service")
default.wait_for_open_port(8080)
# we output to /dev/null here to avoid a python UTF-8 decode error
# but the check will still fail if the service doesn't respond
default.succeed("curl --fail -o /dev/null 127.0.0.1:8080")
with subtest("by default creates empty document"):
default.wait_for_unit("trilium-server.service")
default.succeed("test -f /var/lib/trilium/document.db")
with subtest("configured with custom data store"):
configured.wait_for_unit("trilium-server.service")
configured.succeed("test -f /data/trilium/document.db")
with subtest("nginx with custom host name"):
nginx.wait_for_unit("trilium-server.service")
nginx.wait_for_unit("nginx.service")
nginx.succeed(
"curl --resolve 'trilium.example.com:80:127.0.0.1' http://trilium.example.com/"
)
'';
})

28
pkgs/applications/audio/lsp-plugins/default.nix
View file

@ -1,40 +1,28 @@
{ stdenv, fetchFromGitHub, pkgconfig, makeWrapper { stdenv, fetchFromGitHub, pkgconfig, makeWrapper
, libsndfile, jack2Full , libsndfile, jack2Full
, libGLU, libGL, lv2, cairo , libGLU, libGL, lv2, cairo
, ladspaH, php, expat }: , ladspaH, php }:
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
pname = "lsp-plugins"; pname = "lsp-plugins";
version = "1.1.10"; version = "1.1.13";
src = fetchFromGitHub { src = fetchFromGitHub {
owner = "sadko4u"; owner = "sadko4u";
repo = pname; repo = pname;
rev = "${pname}-${version}"; rev = "${pname}-${version}";
sha256 = "09gmwzh1gq1q2lxn8fc1bpdh02h8vr7r0i040c1nx256wgfsarqb"; sha256 = "00mhrr873kgcnqy3q0yi1r5zacfcvz7fqpzsmfhw5d095jm970al";
}; };
nativeBuildInputs = [ pkgconfig php expat ]; nativeBuildInputs = [ pkgconfig php makeWrapper ];
buildInputs = [ jack2Full libsndfile libGLU libGL lv2 cairo ladspaH makeWrapper ]; buildInputs = [ jack2Full libsndfile libGLU libGL lv2 cairo ladspaH ];
makeFlags = [ makeFlags = [
"BIN_PATH=$(out)/bin" "PREFIX=${placeholder ''out''}"
"LIB_PATH=$(out)/lib"
"DOC_PATH=$(out)/share/doc"
]; ];
NIX_CFLAGS_COMPILE = [ "-DLSP_NO_EXPERIMENTAL" ]; NIX_CFLAGS_COMPILE = [ "-DLSP_NO_EXPERIMENTAL" ];
patchPhase = ''
runHook prePatch
substituteInPlace Makefile --replace "/usr/lib" "$out/lib"
substituteInPlace ./include/container/jack/main.h --replace "/usr/lib" "$out/lib"
substituteInPlace ./include/container/vst/main.h --replace "/usr/lib" "$out/lib"
# for https://github.com/sadko4u/lsp-plugins/issues/7#issuecomment-426561549 :
sed -i '/X11__NET_WM_WINDOW_TYPE_DOCK;/d' ./src/ui/ws/x11/X11Window.cpp
runHook postPatch
'';
doCheck = true; doCheck = true;
checkPhase = '' checkPhase = ''
@ -45,7 +33,7 @@ stdenv.mkDerivation rec {
runHook postCheck runHook postCheck
''; '';
buildFlags = "release"; buildFlags = [ "release" ];
meta = with stdenv.lib; meta = with stdenv.lib;
{ description = "Collection of open-source audio plugins"; { description = "Collection of open-source audio plugins";
@ -154,6 +142,6 @@ stdenv.mkDerivation rec {
homepage = https://lsp-plug.in; homepage = https://lsp-plug.in;
maintainers = with maintainers; [ magnetophon ]; maintainers = with maintainers; [ magnetophon ];
license = licenses.gpl2; license = licenses.gpl2;
platforms = [ "x86_64-linux" ]; platforms = platforms.linux;
}; };
} }

4
pkgs/applications/audio/mixxx/default.nix
View file

@ -8,13 +8,13 @@
mkDerivation rec { mkDerivation rec {
pname = "mixxx"; pname = "mixxx";
version = "2.2.2"; version = "2.2.3";
src = fetchFromGitHub { src = fetchFromGitHub {
owner = "mixxxdj"; owner = "mixxxdj";
repo = "mixxx"; repo = "mixxx";
rev = "release-${version}"; rev = "release-${version}";
sha256 = "0dmkvcsgq7abxqd4wms8c4w0mr5c53z7n5r8jgzp4swz9nmfjpfg"; sha256 = "1h7q25fv62c5m74d4cn1m6mpanmqpbl2wqbch4qvn488jb2jw1dv";
}; };
buildInputs = [ buildInputs = [

4
pkgs/applications/audio/openmpt123/default.nix
View file

@ -2,14 +2,14 @@
, usePulseAudio ? config.pulseaudio or false, libpulseaudio }: , usePulseAudio ? config.pulseaudio or false, libpulseaudio }:
let let
version = "0.4.9"; version = "0.4.10";
in stdenv.mkDerivation { in stdenv.mkDerivation {
pname = "openmpt123"; pname = "openmpt123";
inherit version; inherit version;
src = fetchurl { src = fetchurl {
url = "https://lib.openmpt.org/files/libopenmpt/src/libopenmpt-${version}+release.autotools.tar.gz"; url = "https://lib.openmpt.org/files/libopenmpt/src/libopenmpt-${version}+release.autotools.tar.gz";
sha256 = "02kjwwh9d9i4rnfzqzr18pvcklc46yrs9mvdmjqx7kxg3c28hkqm"; sha256 = "12i5iwxb5g27amqgqr6iiy63w49nwil5vyypnbj91ahy97ah8a3a";
}; };
enableParallelBuilding = true; enableParallelBuilding = true;

4
pkgs/applications/audio/qmmp/default.nix
View file

@ -29,11 +29,11 @@
# handle that. # handle that.
mkDerivation rec { mkDerivation rec {
name = "qmmp-1.3.4"; name = "qmmp-1.3.5";
src = fetchurl { src = fetchurl {
url = "http://qmmp.ylsoftware.com/files/${name}.tar.bz2"; url = "http://qmmp.ylsoftware.com/files/${name}.tar.bz2";
sha256 = "0j9vgm6216w7arwl919p9rps0a9r6s4415spl3qkpifhwlk90zg0"; sha256 = "0h7kcqzhfvk610937pwrhizcdgd4n7ncl1vayv6sj3va1x7pv6xm";
}; };
nativeBuildInputs = [ cmake pkgconfig ]; nativeBuildInputs = [ cmake pkgconfig ];

8
pkgs/applications/audio/spotify-tui/default.nix
View file

@ -2,18 +2,18 @@
rustPlatform.buildRustPackage rec { rustPlatform.buildRustPackage rec {
pname = "spotify-tui"; pname = "spotify-tui";
version = "0.10.0"; version = "0.11.0";
src = fetchFromGitHub { src = fetchFromGitHub {
owner = "Rigellute"; owner = "Rigellute";
repo = "spotify-tui"; repo = "spotify-tui";
rev = "v${version}"; rev = "v${version}";
sha256 = "10wrlfi50lsf6qjsi9qklw2mk2fbf0jib7f841v842l9k9zw0hrg"; sha256 = "1pshwn486msn418dilk57rl9471aas0dif765nx1p9xgkrjpb7wa";
}; };
cargoSha256 = "140m3pryvbc96xvl5ymz68msrx93rmvvy0y8skvc40yxwl401inc"; cargoSha256 = "0020igycgikkbd649hv6xlpn13dij4g7yc43fic9z710p6nsxqaq";
nativeBuildInputs = [ pkgconfig python3 ]; nativeBuildInputs = [ pkgconfig ] ++ stdenv.lib.optionals stdenv.isLinux [ python3 ];
buildInputs = [ openssl ] buildInputs = [ openssl ]
++ stdenv.lib.optional stdenv.isLinux libxcb ++ stdenv.lib.optional stdenv.isLinux libxcb
++ stdenv.lib.optionals stdenv.isDarwin [ AppKit Security ]; ++ stdenv.lib.optionals stdenv.isDarwin [ AppKit Security ];

7
pkgs/applications/audio/vocal/default.nix
View file

@ -58,6 +58,13 @@ stdenv.mkDerivation rec {
webkitgtk webkitgtk
]; ];
passthru = {
updateScript = pantheon.updateScript {
attrPath = pname;
};
};
meta = with stdenv.lib; { meta = with stdenv.lib; {
description = "The podcast client for the modern free desktop"; description = "The podcast client for the modern free desktop";
longDescription = '' longDescription = ''

4
pkgs/applications/backup/deja-dup/default.nix
View file

@ -33,14 +33,14 @@
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
pname = "deja-dup"; pname = "deja-dup";
version = "40.4"; version = "40.6";
src = fetchFromGitLab { src = fetchFromGitLab {
domain = "gitlab.gnome.org"; domain = "gitlab.gnome.org";
owner = "World"; owner = "World";
repo = pname; repo = pname;
rev = version; rev = version;
sha256 = "0x9z8z1mh1sxi28ilml3pvbc0g6ghcbyiy002rziwwlarxnbwkky"; sha256 = "1d4g34g660wv42a4k2511bxrh90z0vdl3v7ahg0m45phijg9n2n1";
}; };
patches = [ patches = [

4
pkgs/applications/blockchains/bitcoin-abc.nix
View file

@ -7,13 +7,13 @@ with stdenv.lib;
mkDerivation rec { mkDerivation rec {
name = "bitcoin" + (toString (optional (!withGui) "d")) + "-abc-" + version; name = "bitcoin" + (toString (optional (!withGui) "d")) + "-abc-" + version;
version = "0.20.7"; version = "0.20.8";
src = fetchFromGitHub { src = fetchFromGitHub {
owner = "bitcoin-ABC"; owner = "bitcoin-ABC";
repo = "bitcoin-abc"; repo = "bitcoin-abc";
rev = "v${version}"; rev = "v${version}";
sha256 = "1d17ry9906zmwj2n3mh77b6rqmdg0dgm7b7ybh8d7q2ml0196ilj"; sha256 = "0srjc11i7azqn3flipjwzm67w20ji24yslkmchy1a834fyb1gmx1";
}; };
patches = [ ./fix-bitcoin-qt-build.patch ]; patches = [ ./fix-bitcoin-qt-build.patch ];

4
pkgs/applications/blockchains/clightning.nix
View file

@ -4,11 +4,11 @@
with stdenv.lib; with stdenv.lib;
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
pname = "clightning"; pname = "clightning";
version = "0.7.3"; version = "0.8.0";
src = fetchurl { src = fetchurl {
url = "https://github.com/ElementsProject/lightning/releases/download/v${version}/clightning-v${version}.zip"; url = "https://github.com/ElementsProject/lightning/releases/download/v${version}/clightning-v${version}.zip";
sha256 = "ef2193940146d1b8ff0cc03602842c4d81db9ca6a5e73927e4f8932715e931a4"; sha256 = "053e43bbe71564e9be8b2b56346a88986646ef6849a0af67cece01858b93306a";
}; };
enableParallelBuilding = true; enableParallelBuilding = true;

4
pkgs/applications/blockchains/ledger-live-desktop/default.nix
View file

@ -2,12 +2,12 @@
let let
pname = "ledger-live-desktop"; pname = "ledger-live-desktop";
version = "1.18.2"; version = "1.19.2";
name = "${pname}-${version}"; name = "${pname}-${version}";
src = fetchurl { src = fetchurl {
url = "https://github.com/LedgerHQ/${pname}/releases/download/v${version}/${pname}-${version}-linux-x86_64.AppImage"; url = "https://github.com/LedgerHQ/${pname}/releases/download/v${version}/${pname}-${version}-linux-x86_64.AppImage";
sha256 = "1giy8xg1yfv7b7gh98dmfc05wh54xqpd53nanacwcc7lakzizqnn"; sha256 = "1qgk0gwn7ijz00zfwf9rfl755lhgsig9xa6c3icj6l6wyzybz0z6";
}; };
appimageContents = appimageTools.extractType2 { appimageContents = appimageTools.extractType2 {

2
pkgs/applications/blockchains/polkadot/default.nix
View file

@ -16,7 +16,7 @@ rustPlatform.buildRustPackage rec {
sha256 = "0v7g03rbml2afw0splmyjh9nqpjg0ldjw09hyc0jqd3qlhgxiiyj"; sha256 = "0v7g03rbml2afw0splmyjh9nqpjg0ldjw09hyc0jqd3qlhgxiiyj";
}; };
cargoSha256 = "19xcxpbkrbygghz9qi52vzviksxg28m7ibvl359vlhqv1cjxmpsq"; cargoSha256 = "0gc3w0cwdyk8f7cgpp9sfawczk3n6wd7q0nhfvk87sry71b8vvwq";
buildInputs = [ pkgconfig openssl openssl.dev ]; buildInputs = [ pkgconfig openssl openssl.dev ];

6
pkgs/applications/display-managers/lightdm/default.nix
View file

@ -85,6 +85,12 @@ stdenv.mkDerivation rec {
sha256 = "1zyx1qqajrmqcf9hbsapd39gmdanswd9l78rq7q6rdy4692il3yn"; sha256 = "1zyx1qqajrmqcf9hbsapd39gmdanswd9l78rq7q6rdy4692il3yn";
}) })
# https://github.com/canonical/lightdm/pull/104
(fetchpatch {
url = "https://github.com/canonical/lightdm/commit/03f218981733e50d810767f9d04e42ee156f7feb.patch";
sha256 = "07w18m2gpk29z6ym4y3lzsmg5dk3ffn39sq6lac26ap7narf4ma7";
})
# Hardcode plymouth to fix transitions. # Hardcode plymouth to fix transitions.
# For some reason it can't find `plymouth` # For some reason it can't find `plymouth`
# even when it's in PATH in environment.systemPackages. # even when it's in PATH in environment.systemPackages.

2
pkgs/applications/editors/android-studio/common.nix
View file

@ -22,6 +22,7 @@
, freetype , freetype
, libpulseaudio , libpulseaudio
, libGL , libGL
, libuuid
, libX11 , libX11
, libxcb , libxcb
, libXcomposite , libXcomposite
@ -115,6 +116,7 @@ let
dbus dbus
expat expat
libpulseaudio libpulseaudio
libuuid
libX11 libX11
libxcb libxcb
libXcomposite libXcomposite

19
pkgs/applications/editors/eclipse/default.nix
View file

@ -13,11 +13,10 @@ assert stdenv ? glibc;
let let
platform_major = "4"; platform_major = "4";
platform_minor = "13"; platform_minor = "14";
year = "2019"; year = "2019";
month = "09"; month = "12";
timestamp = "201909161045"; timestamp = "201912100610";
in rec { in rec {
buildEclipse = import ./build-eclipse.nix { buildEclipse = import ./build-eclipse.nix {
@ -30,11 +29,11 @@ in rec {
eclipse-cpp = buildEclipse { eclipse-cpp = buildEclipse {
name = "eclipse-cpp-${platform_major}.${platform_minor}"; name = "eclipse-cpp-${platform_major}.${platform_minor}";
description = "Eclipse IDE for C/C++ Developers, Oxygen release"; description = "Eclipse IDE for C/C++ Developers";
src = src =
fetchurl { fetchurl {
url = "https://www.eclipse.org/downloads/download.php?r=1&nf=1&file=/technology/epp/downloads/release/${year}-${month}/R/eclipse-cpp-${year}-${month}-R-linux-gtk-x86_64.tar.gz"; url = "https://www.eclipse.org/downloads/download.php?r=1&nf=1&file=/technology/epp/downloads/release/${year}-${month}/R/eclipse-cpp-${year}-${month}-R-linux-gtk-x86_64.tar.gz";
sha512 = "0s9wvxd1bahlcdw7l6cyfi59p78j6gym3a3mn1z6dm6swxgyb2wjjl7hx8bkg0zs8x31bwllpdq22y2vcm6j57h40v53l3xkhy73m8v"; sha512 = "28h8z45j7zlcbvvabzsniwqls1lns21isx69y6l207a869rknp9vzg6506q6zalj9b49j8c7ynkn379xgbzp07i6zw3dzk3pqp2rgam";
}; };
}; };
@ -46,7 +45,7 @@ in rec {
src = src =
fetchurl { fetchurl {
url = "https://www.eclipse.org/downloads/download.php?r=1&nf=1&file=/technology/epp/downloads/release/${year}-${month}/R/eclipse-modeling-${year}-${month}-R-linux-gtk-x86_64.tar.gz"; url = "https://www.eclipse.org/downloads/download.php?r=1&nf=1&file=/technology/epp/downloads/release/${year}-${month}/R/eclipse-modeling-${year}-${month}-R-linux-gtk-x86_64.tar.gz";
sha512 = "09nc7ipv67h0gr7lkxsbxrgj9gn48348asn03ylcvflyrcxghqs8n11a75rwvdj98igdzpw922saicx5lqq5g2flfqiga97lwwhfiz5"; sha512 = "1g1zsz3c2kx4vs1mjpcisbk81lk4hsr1z2fw46lih825c53vwf59snp8d97c8yw2i25y0ml48nc1nskib6qnif8m2h6rpah7kgmi8ay";
}; };
}; };
@ -58,7 +57,7 @@ in rec {
src = src =
fetchurl { fetchurl {
url = "https://www.eclipse.org/downloads/download.php?r=1&nf=1&file=/eclipse/downloads/drops${platform_major}/R-${platform_major}.${platform_minor}-${timestamp}/eclipse-platform-${platform_major}.${platform_minor}-linux-gtk-x86_64.tar.gz"; url = "https://www.eclipse.org/downloads/download.php?r=1&nf=1&file=/eclipse/downloads/drops${platform_major}/R-${platform_major}.${platform_minor}-${timestamp}/eclipse-platform-${platform_major}.${platform_minor}-linux-gtk-x86_64.tar.gz";
sha512 = "2c40wwrc2ip32n0m5cs8ds0g7cs7018acw8gjkd23msa4pr9x9511c3dj6rbnn1hwzf9yjq6vnjmib5qarxd3vly76jwxhf867l1f7v"; sha512 = "05nsldw937l1g9fj964njivgkf2ipk1rh1jg5w8svdhpp3v1pp3iinfm2mz9kk8namwfkx8krsvsxcgvqyzgrkhf42wqh53vqrjf70h";
}; };
}; };
@ -88,7 +87,7 @@ in rec {
src = src =
fetchurl { fetchurl {
url = "https://www.eclipse.org/downloads/download.php?r=1&nf=1&file=/eclipse/downloads/drops${platform_major}/R-${platform_major}.${platform_minor}-${timestamp}/eclipse-SDK-${platform_major}.${platform_minor}-linux-gtk-x86_64.tar.gz"; url = "https://www.eclipse.org/downloads/download.php?r=1&nf=1&file=/eclipse/downloads/drops${platform_major}/R-${platform_major}.${platform_minor}-${timestamp}/eclipse-SDK-${platform_major}.${platform_minor}-linux-gtk-x86_64.tar.gz";
sha512 = "2vm646d1crzzzysll3p5pjfljfjzxx4qd37dqcp6xjm91zg8iskli688h0lgla0rmbwz5kj509jp22m4rxkp3cbgd006dd0jr3icdls"; sha512 = "0dcbxzjqc27v1faz16yxqcm6zrbna4kkd32xy7paadiwn125y6ijx8zvda4kc7bih6v5b9ch2i0z5ndra1lcjcc88z6cklh0vngjkh1";
}; };
}; };
@ -100,7 +99,7 @@ in rec {
src = src =
fetchurl { fetchurl {
url = "https://www.eclipse.org/downloads/download.php?r=1&nf=1&file=/technology/epp/downloads/release/${year}-${month}/R/eclipse-java-${year}-${month}-R-linux-gtk-x86_64.tar.gz"; url = "https://www.eclipse.org/downloads/download.php?r=1&nf=1&file=/technology/epp/downloads/release/${year}-${month}/R/eclipse-java-${year}-${month}-R-linux-gtk-x86_64.tar.gz";
sha512 = "3zyxqd8iwrfgjjg91dfi4bda61rd2717hy53swmbygi48zaaam70swx997yp5qzxwjp3macdslfk6sqhq2qlcdwcdl6dmkry018jh7b"; sha512 = "21lhgv3z23mn8q0gffgxlfwhyxb348zjnzv716zsys7h7kj5vigl45q9mz0qrl11524rxx7jwi901jjd4l258w9kp7wzlq0d5n1r39m";
}; };
}; };

12
pkgs/applications/editors/eclipse/plugins.nix
View file

@ -254,12 +254,12 @@ rec {
cdt = buildEclipseUpdateSite rec { cdt = buildEclipseUpdateSite rec {
name = "cdt-${version}"; name = "cdt-${version}";
version = "9.9.0"; version = "9.10.0";
src = fetchzip { src = fetchzip {
stripRoot = false; stripRoot = false;
url = "https://www.eclipse.org/downloads/download.php?r=1&nf=1&file=/tools/cdt/releases/9.9/${name}/${name}.zip"; url = "https://www.eclipse.org/downloads/download.php?r=1&nf=1&file=/tools/cdt/releases/9.10/${name}/${name}.zip";
sha256 = "1vgx7ggilfwmx0bjrhk7mwlwg1c8lb141ilj3vzwxivlffihy054"; sha256 = "0rjm91j0h1aq9lq4sdwgp9b2yp4w9lr13n82z32dw3gz3nby1mvi";
}; };
meta = with stdenv.lib; { meta = with stdenv.lib; {
@ -474,12 +474,12 @@ rec {
jdt = buildEclipseUpdateSite rec { jdt = buildEclipseUpdateSite rec {
name = "jdt-${version}"; name = "jdt-${version}";
version = "4.13"; version = "4.14";
src = fetchzip { src = fetchzip {
stripRoot = false; stripRoot = false;
url = https://www.eclipse.org/downloads/download.php?r=1&nf=1&file=/eclipse/downloads/drops4/R-4.13-201909161045/org.eclipse.jdt-4.13.zip; url = https://www.eclipse.org/downloads/download.php?r=1&nf=1&file=/eclipse/downloads/drops4/R-4.14-201912100610/org.eclipse.jdt-4.14.zip;
sha256 = "0sfpxph0cszcx1cihzzjn60qid8sxgl2xyr9x46fld4ian5a7vbr"; sha256 = "16c5v59mkb0cyfhf2475ds1ajma65bhqfxjr6v59hianqxq9h9la";
}; };
meta = with stdenv.lib; { meta = with stdenv.lib; {

2
pkgs/applications/editors/emacs-modes/manual-packages.nix
View file

@ -117,6 +117,8 @@
structured-haskell-mode = self.shm; structured-haskell-mode = self.shm;
sv-kalender = callPackage ./sv-kalender { };
thingatpt-plus = callPackage ./thingatpt-plus { }; thingatpt-plus = callPackage ./thingatpt-plus { };
tramp = callPackage ./tramp { }; tramp = callPackage ./tramp { };

22
pkgs/applications/editors/emacs-modes/sv-kalender/default.nix Normal file
View file

@ -0,0 +1,22 @@
{ fetchurl, stdenv, trivialBuild }:
trivialBuild {
pname = "sv-kalender";
version = "1.9";
src = fetchurl {
url = "http://bigwalter.net/daniel/elisp/sv-kalender.el";
sha256 = "0kilp0nyhj67qscy13s0g07kygz2qwmddklhan020sk7z7jv3lpi";
postFetch = ''
echo "(provide 'sv-kalender)" >> $out
'';
};
meta = with stdenv.lib; {
description = "Swedish calendar for Emacs";
homepage = "http://bigwalter.net/daniel/elisp/sv-kalender.el";
platforms = platforms.all;
license = licenses.gpl3Plus;
maintainers = [ maintainer.rycee ];
};
}

10
pkgs/applications/editors/quilter/default.nix
View file

@ -4,13 +4,13 @@
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
pname = "quilter"; pname = "quilter";
version = "2.0.3"; version = "2.0.4";
src = fetchFromGitHub { src = fetchFromGitHub {
owner = "lainsce"; owner = "lainsce";
repo = pname; repo = pname;
rev = version; rev = version;
sha256 = "13l8z3bchha4ax14s48pcqdxh8gnj4mlvv06lk9dwk9fplc93821"; sha256 = "1vbckx4c2bklzxpqz332sjcyrx1xl1j0cp8778fvpl7x7mlnz460";
}; };
nativeBuildInputs = [ nativeBuildInputs = [
@ -39,6 +39,12 @@ stdenv.mkDerivation rec {
patchShebangs meson/post_install.py patchShebangs meson/post_install.py
''; '';
passthru = {
updateScript = pantheon.updateScript {
attrPath = pname;
};
};
meta = with stdenv.lib; { meta = with stdenv.lib; {
description = "Focus on your writing - designed for elementary OS"; description = "Focus on your writing - designed for elementary OS";
homepage = https://github.com/lainsce/quilter; homepage = https://github.com/lainsce/quilter;

4
pkgs/applications/editors/thonny/default.nix
View file

@ -4,13 +4,13 @@ with python3.pkgs;
buildPythonApplication rec { buildPythonApplication rec {
pname = "thonny"; pname = "thonny";
version = "3.2.3"; version = "3.2.4";
src = fetchFromGitHub { src = fetchFromGitHub {
owner = pname; owner = pname;
repo = pname; repo = pname;
rev = "v${version}"; rev = "v${version}";
sha256 = "0wgjwjh6296vs8awl4rylb5nshj9q9kzxv7j4vlmiabll06mx6gi"; sha256 = "1hfpjw4fac0kq3n9jqwfzbys6h35qjbh5rpc4jzhlln200h6zvwj";
}; };
propagatedBuildInputs = with python3.pkgs; [ propagatedBuildInputs = with python3.pkgs; [

4
pkgs/applications/gis/openorienteering-mapper/default.nix
View file

@ -4,7 +4,7 @@
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
pname = "OpenOrienteering-Mapper"; pname = "OpenOrienteering-Mapper";
version = "0.9.0"; version = "0.9.1";
buildInputs = [ gdal qtbase qttools qtlocation qtimageformats buildInputs = [ gdal qtbase qttools qtlocation qtimageformats
qtsensors clipper zlib proj doxygen cups]; qtsensors clipper zlib proj doxygen cups];
@ -15,7 +15,7 @@ stdenv.mkDerivation rec {
owner = "OpenOrienteering"; owner = "OpenOrienteering";
repo = "mapper"; repo = "mapper";
rev = "v${version}"; rev = "v${version}";
sha256 = "0wnxj2xf529941dwss6ygb1krfx18lzl6rf67060b0zndc7n6l8f"; sha256 = "1fyhvf2y89hj7wj89kxccx3dqcja6ndy3w4rx1vmzrp246jpz7wb";
}; };
cmakeFlags = cmakeFlags =

4
pkgs/applications/gis/qgis/unwrapped.nix
View file

@ -10,7 +10,7 @@ let
[ qscintilla-qt5 gdal jinja2 numpy psycopg2 [ qscintilla-qt5 gdal jinja2 numpy psycopg2
chardet dateutil pyyaml pytz requests urllib3 pygments pyqt5 sip owslib six ]; chardet dateutil pyyaml pytz requests urllib3 pygments pyqt5 sip owslib six ];
in mkDerivation rec { in mkDerivation rec {
version = "3.10.0"; version = "3.10.1";
pname = "qgis"; pname = "qgis";
name = "${pname}-unwrapped-${version}"; name = "${pname}-unwrapped-${version}";
@ -18,7 +18,7 @@ in mkDerivation rec {
owner = "qgis"; owner = "qgis";
repo = "QGIS"; repo = "QGIS";
rev = "final-${lib.replaceStrings ["."] ["_"] version}"; rev = "final-${lib.replaceStrings ["."] ["_"] version}";
sha256 = "0qq4dznxxbpj8b4ypkz7dixc0b0v6rmf3c5hs4m3ka3rzck8jsqc"; sha256 = "0xq0nnp7zdqaihqvh5rsi1129g23vnk5ijkpxfzaggafgmhf5hgz";
}; };
passthru = { passthru = {

4
pkgs/applications/graphics/avocode/default.nix
View file

@ -5,11 +5,11 @@
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
pname = "avocode"; pname = "avocode";
version = "4.0.1"; version = "4.2.1";
src = fetchurl { src = fetchurl {
url = "https://media.avocode.com/download/avocode-app/${version}/avocode-${version}-linux.zip"; url = "https://media.avocode.com/download/avocode-app/${version}/avocode-${version}-linux.zip";
sha256 = "13jwxwvwb9nnjxcnh9vfi22n4c00bhdypl84wrpdg5xw9325zhvy"; sha256 = "06g12gqri1sgfklla6jfpi7wm2qjazakcjs2w2rhrphnl50r6ca7";
}; };
libPath = stdenv.lib.makeLibraryPath (with xorg; [ libPath = stdenv.lib.makeLibraryPath (with xorg; [

4
pkgs/applications/graphics/drawio/default.nix
View file

@ -11,11 +11,11 @@
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
pname = "drawio"; pname = "drawio";
version = "12.3.2"; version = "12.4.2";
src = fetchurl { src = fetchurl {
url = "https://github.com/jgraph/drawio-desktop/releases/download/v${version}/draw.io-x86_64-${version}.rpm"; url = "https://github.com/jgraph/drawio-desktop/releases/download/v${version}/draw.io-x86_64-${version}.rpm";
sha256 = "1hh4616dbq0fqldlph7vyl8vkibwc3xpcv9r1m2v949kn84yi2j3"; sha256 = "1mngn90cn9hixa0xkhk7mb02gjp480wnipjy2jzkq8kwpai1gm1m";
}; };
nativeBuildInputs = [ nativeBuildInputs = [

7
pkgs/applications/graphics/fondo/default.nix
View file

@ -63,6 +63,13 @@ stdenv.mkDerivation rec {
patchShebangs meson/post_install.py patchShebangs meson/post_install.py
''; '';
passthru = {
updateScript = pantheon.updateScript {
attrPath = pname;
};
};
meta = with stdenv.lib; { meta = with stdenv.lib; {
description = "Find the most beautiful wallpapers for your desktop"; description = "Find the most beautiful wallpapers for your desktop";
homepage = https://github.com/calo001/fondo; homepage = https://github.com/calo001/fondo;

6
pkgs/applications/graphics/ideogram/default.nix
View file

@ -50,6 +50,12 @@ stdenv.mkDerivation rec {
patchShebangs meson/post_install.py patchShebangs meson/post_install.py
''; '';
passthru = {
updateScript = pantheon.updateScript {
attrPath = pname;
};
};
meta = with stdenv.lib; { meta = with stdenv.lib; {
description = "Insert emoji anywhere, even in non-native apps - designed for elementary OS"; description = "Insert emoji anywhere, even in non-native apps - designed for elementary OS";
homepage = https://github.com/cassidyjames/ideogram; homepage = https://github.com/cassidyjames/ideogram;

4
pkgs/applications/graphics/k3d/default.nix
View file

@ -1,7 +1,7 @@
{ stdenv, fetchFromGitHub, fetchpatch, ftgl, glew, asciidoc { stdenv, fetchFromGitHub, fetchpatch, ftgl, glew, asciidoc
, cmake, ninja, libGLU, libGL, zlib, python, expat, libxml2, libsigcxx, libuuid, freetype , cmake, ninja, libGLU, libGL, zlib, python, expat, libxml2, libsigcxx, libuuid, freetype
, libpng, boost, doxygen, cairomm, pkgconfig, libjpeg, libtiff , libpng, boost, doxygen, cairomm, pkgconfig, libjpeg, libtiff
, gettext, intltool, perl, gtkmm2, glibmm, gtkglext, pangox_compat, libXmu }: , gettext, intltool, perl, gtkmm2, glibmm, gtkglext, libXmu }:
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
version = "0.8.0.6"; version = "0.8.0.6";
@ -34,7 +34,7 @@ stdenv.mkDerivation rec {
buildInputs = [ buildInputs = [
libGLU libGL zlib python expat libxml2 libsigcxx libuuid freetype libpng libGLU libGL zlib python expat libxml2 libsigcxx libuuid freetype libpng
boost cairomm libjpeg libtiff boost cairomm libjpeg libtiff
ftgl glew gtkmm2 glibmm gtkglext pangox_compat libXmu ftgl glew gtkmm2 glibmm gtkglext libXmu
]; ];
#doCheck = false; #doCheck = false;

4
pkgs/applications/graphics/runwayml/default.nix
View file

@ -6,12 +6,12 @@
let let
pname = "runwayml"; pname = "runwayml";
version = "0.9.0"; version = "0.10.11";
name = "${pname}-${version}"; name = "${pname}-${version}";
src = fetchurl { src = fetchurl {
url = "https://runway-releases.s3.amazonaws.com/Runway%20${version}.AppImage"; url = "https://runway-releases.s3.amazonaws.com/Runway%20${version}.AppImage";
sha256 = "0rg7ipp7kx0l4qgcymfg5d3saz0c6d2j0c6rf28rwqgbm92gbjjq"; sha256 = "0f3icgpwj1sk9bkycqw65c8bhrzzpw5yzacw52siv4j1gl4casnl";
name="${pname}-${version}.AppImage"; name="${pname}-${version}.AppImage";
}; };

2
pkgs/applications/misc/alacritty/default.nix
View file

@ -101,7 +101,7 @@ in buildRustPackage rec {
gzip -c extra/alacritty.man > "$out/share/man/man1/alacritty.1.gz" gzip -c extra/alacritty.man > "$out/share/man/man1/alacritty.1.gz"
install -dm 755 "$terminfo/share/terminfo/a/" install -dm 755 "$terminfo/share/terminfo/a/"
tic -x -o "$terminfo/share/terminfo" extra/alacritty.info tic -xe alacritty,alacritty-direct -o "$terminfo/share/terminfo" extra/alacritty.info
mkdir -p $out/nix-support mkdir -p $out/nix-support
echo "$terminfo" >> $out/nix-support/propagated-user-env-packages echo "$terminfo" >> $out/nix-support/propagated-user-env-packages

6
pkgs/applications/misc/appeditor/default.nix
View file

@ -50,6 +50,12 @@ stdenv.mkDerivation rec {
patchShebangs meson/post_install.py patchShebangs meson/post_install.py
''; '';
passthru = {
updateScript = pantheon.updateScript {
attrPath = pname;
};
};
meta = with stdenv.lib; { meta = with stdenv.lib; {
description = "Edit the Pantheon desktop application menu"; description = "Edit the Pantheon desktop application menu";
homepage = https://github.com/donadigo/appeditor; homepage = https://github.com/donadigo/appeditor;

4
pkgs/applications/misc/blender/default.nix
View file

@ -16,11 +16,11 @@ let python = python3Packages.python; in
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
pname = "blender"; pname = "blender";
version = "2.81"; version = "2.81a";
src = fetchurl { src = fetchurl {
url = "https://download.blender.org/source/${pname}-${version}.tar.xz"; url = "https://download.blender.org/source/${pname}-${version}.tar.xz";
sha256 = "1prp0f2152f1sz23jlc86vndfvmplb7qhllikkirq7hgpykrshna"; sha256 = "1zl0ar95qkxsrbqw9miz2hrjijlqjl06vg3clfk9rm7krr2l3b2j";
}; };
nativeBuildInputs = [ cmake ] ++ optional cudaSupport addOpenGLRunpath; nativeBuildInputs = [ cmake ] ++ optional cudaSupport addOpenGLRunpath;

19
pkgs/applications/misc/cipher/default.nix
View file

@ -10,18 +10,17 @@
, glib , glib
, gtk3 , gtk3
, libgee , libgee
, xdg_utils
, wrapGAppsHook }: , wrapGAppsHook }:
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
pname = "cipher"; pname = "cipher";
version = "2.0.0"; version = "2.5.0";
src = fetchFromGitHub { src = fetchFromGitHub {
owner = "arshubham"; owner = "arshubham";
repo = "cipher"; repo = "cipher";
rev = version; rev = version;
sha256 = "0n5aigcyxnl4k52mdmavbxx6afc1ixymn3k3l2ryhyzi5q31x0x3"; sha256 = "00azc5ck17zkdypfza6x1viknwhimd9fqgk2ybff3mx6aphmla7a";
}; };
nativeBuildInputs = [ nativeBuildInputs = [
@ -42,12 +41,18 @@ stdenv.mkDerivation rec {
]; ];
postPatch = '' postPatch = ''
substituteInPlace data/com.github.arshubham.cipher.desktop.in \ substituteInPlace data/com.github.arshubham.cipher.desktop.in \
--replace xdg-open ${xdg_utils}/bin/xdg-open --replace "gio" "${glib.bin}/bin/gio"
chmod +x post_install.py chmod +x meson/post_install.py
patchShebangs post_install.py patchShebangs meson/post_install.py
''; '';
passthru = {
updateScript = pantheon.updateScript {
attrPath = pname;
};
};
meta = with stdenv.lib; { meta = with stdenv.lib; {
description = "A simple application for encoding and decoding text, designed for elementary OS"; description = "A simple application for encoding and decoding text, designed for elementary OS";
homepage = "https://github.com/arshubham/cipher"; homepage = "https://github.com/arshubham/cipher";

4
pkgs/applications/misc/coursera-dl/default.nix
View file

@ -5,13 +5,13 @@ let
in pythonPackages.buildPythonApplication rec { in pythonPackages.buildPythonApplication rec {
pname = "coursera-dl"; pname = "coursera-dl";
version = "0.11.4"; version = "0.11.5";
src = fetchFromGitHub { src = fetchFromGitHub {
owner = "coursera-dl"; owner = "coursera-dl";
repo = "coursera-dl"; repo = "coursera-dl";
rev = version; rev = version;
sha256 = "0dn7a6s98dwba62r0dyabq8pryzga4b2wpx88i9bmp7ja1b1f92f"; sha256 = "0akgwzrsx094jj30n4bd2ilwgva4qxx38v3bgm69iqfxi8c2bqbk";
}; };
nativeBuildInputs = with pythonPackages; [ pandoc ]; nativeBuildInputs = with pythonPackages; [ pandoc ];

4
pkgs/applications/misc/dbeaver/default.nix
View file

@ -7,7 +7,7 @@
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
pname = "dbeaver-ce"; pname = "dbeaver-ce";
version = "6.3.0"; version = "6.3.1";
desktopItem = makeDesktopItem { desktopItem = makeDesktopItem {
name = "dbeaver"; name = "dbeaver";
@ -30,7 +30,7 @@ stdenv.mkDerivation rec {
src = fetchurl { src = fetchurl {
url = "https://dbeaver.io/files/${version}/dbeaver-ce-${version}-linux.gtk.x86_64.tar.gz"; url = "https://dbeaver.io/files/${version}/dbeaver-ce-${version}-linux.gtk.x86_64.tar.gz";
sha256 = "07j2r2kfjhfv8zzzzp5qj3ppx4vv7llpx4lwip6bnjfkh80ny22a"; sha256 = "0w7nsxm66gbwwql1zk7zh6zvvsjcn78qm0miv0w8nj1qk24zr494";
}; };
installPhase = '' installPhase = ''

4
pkgs/applications/misc/diffpdf/default.nix
View file

@ -1,6 +1,6 @@
{ stdenv, fetchurl, fetchpatch, qmake, qttools, qtbase, poppler }: { stdenv, mkDerivation, fetchurl, fetchpatch, qmake, qttools, qtbase, poppler }:
stdenv.mkDerivation rec { mkDerivation rec {
version = "2.1.3"; version = "2.1.3";
pname = "diffpdf"; pname = "diffpdf";

6
pkgs/applications/misc/formatter/default.nix
View file

@ -61,6 +61,12 @@ stdenv.mkDerivation rec {
patchShebangs meson/post_install.py patchShebangs meson/post_install.py
''; '';
passthru = {
updateScript = pantheon.updateScript {
attrPath = pname;
};
};
meta = with stdenv.lib; { meta = with stdenv.lib; {
description = "A simple formatter designed for elementary OS"; description = "A simple formatter designed for elementary OS";
homepage = "https://github.com/Djaler/Formatter"; homepage = "https://github.com/Djaler/Formatter";

4
pkgs/applications/misc/gallery-dl/default.nix
View file

@ -2,11 +2,11 @@
python3Packages.buildPythonApplication rec { python3Packages.buildPythonApplication rec {
pname = "gallery_dl"; pname = "gallery_dl";
version = "1.11.1"; version = "1.12.1";
src = python3Packages.fetchPypi { src = python3Packages.fetchPypi {
inherit pname version; inherit pname version;
sha256 = "08py1f48ylw83712h8313rxz55igbszxcwr2yxkchpr4233avzph"; sha256 = "0y1bzqcacik030zjchgmzrwpfb49mi68wdivli9ydb64w1zql9im";
}; };
doCheck = false; doCheck = false;

6
pkgs/applications/misc/gollum/Gemfile.lock
View file

@ -29,17 +29,17 @@ GEM
sanitize (~> 2.1.1, >= 2.1.1) sanitize (~> 2.1.1, >= 2.1.1)
stringex (~> 2.6) stringex (~> 2.6)
twitter-text (= 1.14.7) twitter-text (= 1.14.7)
json (2.2.0) json (2.3.0)
kramdown (1.9.0) kramdown (1.9.0)
mime-types (3.3) mime-types (3.3)
mime-types-data (~> 3.2015) mime-types-data (~> 3.2015)
mime-types-data (3.2019.1009) mime-types-data (3.2019.1009)
mini_portile2 (2.4.0) mini_portile2 (2.4.0)
mustache (0.99.8) mustache (0.99.8)
nokogiri (1.10.5) nokogiri (1.10.7)
mini_portile2 (~> 2.4.0) mini_portile2 (~> 2.4.0)
posix-spawn (0.3.13) posix-spawn (0.3.13)
rack (1.6.11) rack (1.6.12)
rack-protection (1.5.5) rack-protection (1.5.5)
rack rack
rouge (2.2.1) rouge (2.2.1)

12
pkgs/applications/misc/gollum/gemset.nix
View file

@ -89,10 +89,10 @@
platforms = []; platforms = [];
source = { source = {
remotes = ["https://rubygems.org"]; remotes = ["https://rubygems.org"];
sha256 = "0sx97bm9by389rbzv8r1f43h06xcz8vwi3h5jv074gvparql7lcx"; sha256 = "0nrmw2r4nfxlfgprfgki3hjifgrcrs3l5zvm3ca3gb4743yr25mn";
type = "gem"; type = "gem";
}; };
version = "2.2.0"; version = "2.3.0";
}; };
kramdown = { kramdown = {
groups = ["default"]; groups = ["default"];
@ -151,10 +151,10 @@
platforms = []; platforms = [];
source = { source = {
remotes = ["https://rubygems.org"]; remotes = ["https://rubygems.org"];
sha256 = "185g3dwba73jqxjr94bd2zk6fil6n9hmcfnfyzh3p1w47vm296r7"; sha256 = "0r0qpgf80h764k176yr63gqbs2z0xbsp8vlvs2a79d5r9vs83kln";
type = "gem"; type = "gem";
}; };
version = "1.10.5"; version = "1.10.7";
}; };
posix-spawn = { posix-spawn = {
groups = ["default"]; groups = ["default"];
@ -171,10 +171,10 @@
platforms = []; platforms = [];
source = { source = {
remotes = ["https://rubygems.org"]; remotes = ["https://rubygems.org"];
sha256 = "1g9926ln2lw12lfxm4ylq1h6nl0rafl10za3xvjzc87qvnqic87f"; sha256 = "1riq0z408dwvqcqrpq05bp2w879l4sjxzb4cbrbx55kpi6h2g1cj";
type = "gem"; type = "gem";
}; };
version = "1.6.11"; version = "1.6.12";
}; };
rack-protection = { rack-protection = {
dependencies = ["rack"]; dependencies = ["rack"];

4
pkgs/applications/misc/hstr/default.nix
View file

@ -3,13 +3,13 @@
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
pname = "hstr"; pname = "hstr";
version = "2.0"; version = "2.2";
src = fetchFromGitHub { src = fetchFromGitHub {
owner = "dvorka"; owner = "dvorka";
repo = "hstr"; repo = "hstr";
rev = version; rev = version;
sha256 = "1y9vsfbg07gbic0daqy569d9pb9i1d07fym3q7a0a99hbng85s20"; sha256 = "07fkilqlkpygvf9kvxyvl58g3lfq0bwwdp3wczy4hk8qlbhmgihn";
}; };
nativeBuildInputs = [ autoreconfHook pkgconfig ]; nativeBuildInputs = [ autoreconfHook pkgconfig ];

4
pkgs/applications/misc/kitty/default.nix
View file

@ -21,14 +21,14 @@
with python3Packages; with python3Packages;
buildPythonApplication rec { buildPythonApplication rec {
pname = "kitty"; pname = "kitty";
version = "0.15.0"; version = "0.15.1";
format = "other"; format = "other";
src = fetchFromGitHub { src = fetchFromGitHub {
owner = "kovidgoyal"; owner = "kovidgoyal";
repo = "kitty"; repo = "kitty";
rev = "v${version}"; rev = "v${version}";
sha256 = "1gh8lcyqpkwvmjxwiq5d43sd43bg3c49fyy2x8drqdzj34gc49qg"; sha256 = "0y25w8123rjd6f5875mk8yv7mdr75mgswl3sh6zixm7b9r771s9p";
}; };
buildInputs = [ buildInputs = [

4
pkgs/applications/misc/kitty/no-werror.patch
View file

@ -3,9 +3,9 @@
@@ -217,7 +217,7 @@ def init_env( @@ -217,7 +217,7 @@ def init_env(
cflags = os.environ.get( cflags = os.environ.get(
'OVERRIDE_CFLAGS', ( 'OVERRIDE_CFLAGS', (
'-Wextra {} -Wno-missing-field-initializers -Wall -Wstrict-prototypes -std={}11' '-Wextra {} -Wno-missing-field-initializers -Wall -Wstrict-prototypes -std=c11'
- ' -pedantic-errors -Werror {} {} -fwrapv {} {} -pipe {} -fvisibility=hidden' - ' -pedantic-errors -Werror {} {} -fwrapv {} {} -pipe {} -fvisibility=hidden'
+ ' {} {} -fwrapv {} {} -pipe {} -fvisibility=hidden' + ' {} {} -fwrapv {} {} -pipe {} -fvisibility=hidden'
).format( ).format(
float_conversion, std, float_conversion,
optimize, optimize,

6
pkgs/applications/misc/lutris/chrootenv.nix
View file

@ -5,7 +5,7 @@
let let
qt5Deps = pkgs: with pkgs.qt5; [ qtbase qtmultimedia ]; qt5Deps = pkgs: with pkgs.qt5; [ qtbase qtmultimedia ];
gnome3Deps = pkgs: with pkgs.gnome3; [ zenity gtksourceview gnome-desktop libgnome-keyring webkitgtk ]; gnome3Deps = pkgs: with pkgs; [ gnome3.zenity gtksourceview gnome3.gnome-desktop gnome3.libgnome-keyring webkitgtk ];
xorgDeps = pkgs: with pkgs.xorg; [ xorgDeps = pkgs: with pkgs.xorg; [
libX11 libXrender libXrandr libxcb libXmu libpthreadstubs libXext libXdmcp libX11 libXrender libXrandr libxcb libXmu libpthreadstubs libXext libXdmcp
libXxf86vm libXinerama libSM libXv libXaw libXi libXcursor libXcomposite libXxf86vm libXinerama libSM libXv libXaw libXi libXcursor libXcomposite
@ -23,7 +23,7 @@ in buildFHSUserEnv {
allegro dumb allegro dumb
# Desmume # Desmume
lua agg soundtouch openal desktop-file-utils pangox_compat atk lua agg soundtouch openal desktop-file-utils atk
# DGen // TODO: libarchive is broken # DGen // TODO: libarchive is broken
@ -92,7 +92,7 @@ in buildFHSUserEnv {
multiPkgs = pkgs: with pkgs; [ multiPkgs = pkgs: with pkgs; [
# Common # Common
libsndfile libtheora libogg libvorbis libopus libGLU libpcap libpulseaudio libsndfile libtheora libogg libvorbis libopus libGLU libpcap libpulseaudio
libao libusb libevdev libudev libgcrypt libxml2 libusb libpng libmpeg2 libv4l libao libusb libevdev udev libgcrypt libxml2 libusb libpng libmpeg2 libv4l
libjpeg libxkbcommon libass libcdio libjack2 libsamplerate libzip libmad libaio libjpeg libxkbcommon libass libcdio libjack2 libsamplerate libzip libmad libaio
libcap libtiff libva libgphoto2 libxslt libtxc_dxtn libsndfile giflib zlib glib libcap libtiff libva libgphoto2 libxslt libtxc_dxtn libsndfile giflib zlib glib
alsaLib zziplib bash dbus keyutils zip cabextract freetype unzip coreutils alsaLib zziplib bash dbus keyutils zip cabextract freetype unzip coreutils

6
pkgs/applications/misc/notejot/default.nix
View file

@ -34,6 +34,12 @@ stdenv.mkDerivation rec {
patchShebangs meson/post_install.py patchShebangs meson/post_install.py
''; '';
passthru = {
updateScript = pantheon.updateScript {
attrPath = pname;
};
};
meta = with stdenv.lib; { meta = with stdenv.lib; {
description = "Stupidly-simple sticky notes applet"; description = "Stupidly-simple sticky notes applet";
homepage = https://github.com/lainsce/notejot; homepage = https://github.com/lainsce/notejot;

11
pkgs/applications/misc/qtpass/default.nix
View file

@ -1,5 +1,6 @@
{ lib, mkDerivation, fetchFromGitHub { lib, mkDerivation, fetchFromGitHub
, git, gnupg, pass, pwgen, qrencode , git, gnupg, pass, pwgen, qrencode
, fetchpatch
, qtbase, qtsvg, qttools, qmake , qtbase, qtsvg, qttools, qmake
}: }:
@ -25,6 +26,16 @@ mkDerivation rec {
enableParallelBuilding = true; enableParallelBuilding = true;
patches = [
# Fix path to pass-otp plugin `/usr/lib/password-store/extensions/otp.bash` being hardcoded.
# TODO: Remove when https://github.com/IJHack/QtPass/pull/499 is merged and available.
(fetchpatch {
name = "qtpass-Dont-hardcode-pass-otp-usr-lib-path.patch";
url = "https://github.com/IJHack/QtPass/commit/2ca9f0ec5a8d709c97a2433c5cd814040c82d4f3.patch";
sha256 = "0ljlvqxvarrz2a4j71i66aflrxi84zirb6cg9kvygnvhvm1zbc7d";
})
];
qmakeFlags = [ qmakeFlags = [
# setup hook only sets QMAKE_LRELEASE, set QMAKE_LUPDATE too: # setup hook only sets QMAKE_LRELEASE, set QMAKE_LUPDATE too:
"QMAKE_LUPDATE=${qttools.dev}/bin/lupdate" "QMAKE_LUPDATE=${qttools.dev}/bin/lupdate"

2
pkgs/applications/misc/rsclock/default.nix
View file

@ -11,7 +11,7 @@ rustPlatform.buildRustPackage rec {
sha256 = "1i93qkz6d8sbk78i4rvx099hnn4lklp4cjvanpm9ssv8na4rqvh2"; sha256 = "1i93qkz6d8sbk78i4rvx099hnn4lklp4cjvanpm9ssv8na4rqvh2";
}; };
cargoSha256 = "0zg5q2p9snpfyxl0gx87ix1f46afrfm5jq0m6c7s8qw2x9hpvxzr"; cargoSha256 = "03mhlp5hi3nlybb9dkwf1gxgsg056mjq2zsxnb5qh8pdxw7fmdxk";
meta = with stdenv.lib; { meta = with stdenv.lib; {
description = "A simple terminal clock written in Rust"; description = "A simple terminal clock written in Rust";

6
pkgs/applications/misc/sequeler/default.nix
View file

@ -29,6 +29,12 @@ in stdenv.mkDerivation rec {
patchShebangs build-aux/meson_post_install.py patchShebangs build-aux/meson_post_install.py
''; '';
passthru = {
updateScript = pantheon.updateScript {
attrPath = pname;
};
};
meta = with stdenv.lib; { meta = with stdenv.lib; {
description = "Friendly SQL Client"; description = "Friendly SQL Client";
longDescription = '' longDescription = ''

6
pkgs/applications/misc/tootle/default.nix
View file

@ -62,6 +62,12 @@ stdenv.mkDerivation rec {
patchShebangs meson/post_install.py patchShebangs meson/post_install.py
''; '';
passthru = {
updateScript = pantheon.updateScript {
attrPath = pname;
};
};
meta = with stdenv.lib; { meta = with stdenv.lib; {
description = "Simple Mastodon client designed for elementary OS"; description = "Simple Mastodon client designed for elementary OS";
homepage = https://github.com/bleakgrey/tootle; homepage = https://github.com/bleakgrey/tootle;

17
pkgs/applications/misc/wofi/default.nix
View file

@ -1,25 +1,18 @@
{ stdenv, lib, fetchhg, pkg-config, wayland, gtk3 }: { stdenv, lib, fetchhg, pkg-config, meson, ninja, wayland, gtk3 }:
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
pname = "wofi"; pname = "wofi";
version = "2019-10-28"; version = "1.0";
src = fetchhg { src = fetchhg {
url = "https://hg.sr.ht/~scoopta/wofi"; url = "https://hg.sr.ht/~scoopta/wofi";
rev = "3fac708b2b541bb9927ec1b2389c4eb294e1b35b"; rev = "v${version}";
sha256 = "0sp9hqm1lv9wyxj8z7vazs25nvl6yznd5vfhmwb51axwkr79s2ym"; sha256 = "147yarm26nl0zc0a2rs7qi4jd7bz48vvyaygsif1qsv8fx0xiqqf";
}; };
nativeBuildInputs = [ pkg-config ]; nativeBuildInputs = [ pkg-config meson ninja ];
buildInputs = [ wayland gtk3 ]; buildInputs = [ wayland gtk3 ];
sourceRoot = "hg-archive/Release";
installPhase = ''
mkdir -p $out/bin
cp wofi $out/bin/
'';
meta = with lib; { meta = with lib; {
description = "A launcher/menu program for wlroots based wayland compositors such as sway"; description = "A launcher/menu program for wlroots based wayland compositors such as sway";
homepage = "https://hg.sr.ht/~scoopta/wofi"; homepage = "https://hg.sr.ht/~scoopta/wofi";

26
pkgs/applications/networking/3proxy/default.nix Normal file
View file

@ -0,0 +1,26 @@
{ stdenv, fetchFromGitHub, coreutils }:
stdenv.mkDerivation rec {
pname = "3proxy";
version = "0.8.13";
src = fetchFromGitHub {
owner = "z3APA3A";
repo = pname;
rev = version;
sha256 = "1k5rqldiyakhwhplazlhswkgy3psdkpxhn85605ncwaqx49qy8vk";
};
makeFlags = [
"INSTALL=${coreutils}/bin/install"
"prefix=$(out)"
];
preConfigure = ''
ln -s Makefile.Linux Makefile
'';
meta = with stdenv.lib; {
description = "Tiny free proxy server";
homepage = "https://github.com/z3APA3A/3proxy";
license = licenses.gpl2;
platforms = platforms.linux;
maintainers = [ maintainers.misuzu ];
};
}

Some files were not shown because too many files have changed in this diff Show more