nordic-dev.net/nixpkgs
nordic-dev.net/nixpkgs
2
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-11-22 23:13:19 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'master' into staging-next

Browse Source
This commit is contained in:
Vladimír Čunát 2023-04-06 11:54:07 +02:00
commit 6afd316cbc
No known key found for this signature in database
GPG Key ID: E747DF1F9575A3AA
31 changed files with 534 additions and 58 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
maintainers/team-list.nix
View File

@ -288,7 +288,6 @@ with lib.maintainers; {
golang = {
members = [
c00w
kalbasit
mic92
zowoq

2
nixos/doc/manual/release-notes/rl-2305.section.md
View File

@ -75,6 +75,8 @@ In addition to numerous new and upgraded packages, this release has the followin
- [v2rayA](https://v2raya.org), a Linux web GUI client of Project V which supports V2Ray, Xray, SS, SSR, Trojan and Pingtunnel. Available as [services.v2raya](options.html#opt-services.v2raya.enable).
- [wstunnel](https://github.com/erebe/wstunnel), a proxy tunnelling arbitrary TCP or UDP traffic through a WebSocket connection. Instances may be configured via [services.wstunnel](options.html#opt-services.wstunnel.enable).
- [ulogd](https://www.netfilter.org/projects/ulogd/index.html), a userspace logging daemon for netfilter/iptables related logging. Available as [services.ulogd](options.html#opt-services.ulogd.enable).
- [jellyseerr](https://github.com/Fallenbagel/jellyseerr), a web-based requests manager for Jellyfin, forked from Overseerr. Available as [services.jellyseerr](#opt-services.jellyseerr.enable).

1
nixos/modules/module-list.nix
View File

@ -1040,6 +1040,7 @@
./services/networking/wg-quick.nix
./services/networking/wireguard.nix
./services/networking/wpa_supplicant.nix
./services/networking/wstunnel.nix
./services/networking/x2goserver.nix
./services/networking/xandikos.nix
./services/networking/xinetd.nix

429
nixos/modules/services/networking/wstunnel.nix Normal file
View File

@ -0,0 +1,429 @@
{ config, lib, options, pkgs, utils, ... }:
with lib;
let
cfg = config.services.wstunnel;
attrsToArgs = attrs: utils.escapeSystemdExecArgs (
mapAttrsToList
(name: value: if value == true then "--${name}" else "--${name}=${value}")
attrs
);
hostPortSubmodule = {
options = {
host = mkOption {
description = mdDoc "The hostname.";
type = types.str;
};
port = mkOption {
description = mdDoc "The port.";
type = types.port;
};
};
};
localRemoteSubmodule = {
options = {
local = mkOption {
description = mdDoc "Local address and port to listen on.";
type = types.submodule hostPortSubmodule;
example = {
host = "127.0.0.1";
port = 51820;
};
};
remote = mkOption {
description = mdDoc "Address and port on remote to forward traffic to.";
type = types.submodule hostPortSubmodule;
example = {
host = "127.0.0.1";
port = 51820;
};
};
};
};
hostPortToString = { host, port }: "${host}:${builtins.toString port}";
localRemoteToString = { local, remote }: utils.escapeSystemdExecArg "${hostPortToString local}:${hostPortToString remote}";
commonOptions = {
enable = mkOption {
description = mdDoc "Whether to enable this `wstunnel` instance.";
type = types.bool;
default = true;
};
package = mkPackageOptionMD pkgs "wstunnel" {};
autoStart = mkOption {
description = mdDoc "Whether this tunnel server should be started automatically.";
type = types.bool;
default = true;
};
extraArgs = mkOption {
description = mdDoc "Extra command line arguments to pass to `wstunnel`. Attributes of the form `argName = true;` will be translated to `--argName`, and `argName = \"value\"` to `--argName=value`.";
type = with types; attrsOf (either str bool);
default = {};
example = {
"someNewOption" = true;
"someNewOptionWithValue" = "someValue";
};
};
verboseLogging = mkOption {
description = mdDoc "Enable verbose logging.";
type = types.bool;
default = false;
};
environmentFile = mkOption {
description = mdDoc "Environment file to be passed to the systemd service. Useful for passing secrets to the service to prevent them from being world-readable in the Nix store. Note however that the secrets are passed to `wstunnel` through the command line, which makes them locally readable for all users of the system at runtime.";
type = types.nullOr types.path;
default = null;
example = "/var/lib/secrets/wstunnelSecrets";
};
};
serverSubmodule = { config, ...}: {
options = commonOptions // {
listen = mkOption {
description = mdDoc "Address and port to listen on. Setting the port to a value below 1024 will also give the process the required `CAP_NET_BIND_SERVICE` capability.";
type = types.submodule hostPortSubmodule;
default = {
address = "0.0.0.0";
port = if config.enableHTTPS then 443 else 80;
};
defaultText = literalExpression ''
{
address = "0.0.0.0";
port = if enableHTTPS then 443 else 80;
}
'';
};
restrictTo = mkOption {
description = mdDoc "Accepted traffic will be forwarded only to this service. Set to `null` to allow forwarding to arbitrary addresses.";
type = types.nullOr (types.submodule hostPortSubmodule);
example = {
host = "127.0.0.1";
port = 51820;
};
};
enableHTTPS = mkOption {
description = mdDoc "Use HTTPS for the tunnel server.";
type = types.bool;
default = true;
};
tlsCertificate = mkOption {
description = mdDoc "TLS certificate to use instead of the hardcoded one in case of HTTPS connections. Use together with `tlsKey`.";
type = types.nullOr types.path;
default = null;
example = "/var/lib/secrets/cert.pem";
};
tlsKey = mkOption {
description = mdDoc "TLS key to use instead of the hardcoded on in case of HTTPS connections. Use together with `tlsCertificate`.";
type = types.nullOr types.path;
default = null;
example = "/var/lib/secrets/key.pem";
};
useACMEHost = mkOption {
description = mdDoc "Use a certificate generated by the NixOS ACME module for the given host. Note that this will not generate a new certificate - you will need to do so with `security.acme.certs`.";
type = types.nullOr types.str;
default = null;
example = "example.com";
};
};
};
clientSubmodule = { config, ... }: {
options = commonOptions // {
connectTo = mkOption {
description = mdDoc "Server address and port to connect to.";
type = types.submodule hostPortSubmodule;
example = {
host = "example.com";
};
};
enableHTTPS = mkOption {
description = mdDoc "Enable HTTPS when connecting to the server.";
type = types.bool;
default = true;
};
localToRemote = mkOption {
description = mdDoc "Local hosts and ports to listen on, plus the hosts and ports on remote to forward traffic to. Setting a local port to a value less than 1024 will additionally give the process the required CAP_NET_BIND_SERVICE capability.";
type = types.listOf (types.submodule localRemoteSubmodule);
default = [];
example = [ {
local = {
host = "127.0.0.1";
port = 8080;
};
remote = {
host = "127.0.0.1";
port = 8080;
};
} ];
};
dynamicToRemote = mkOption {
description = mdDoc "Host and port for the SOCKS5 proxy to dynamically forward traffic to. Leave this at `null` to disable the SOCKS5 proxy. Setting the port to a value less than 1024 will additionally give the service the required CAP_NET_BIND_SERVICE capability.";
type = types.nullOr (types.submodule hostPortSubmodule);
default = null;
example = {
host = "127.0.0.1";
port = 1080;
};
};
udp = mkOption {
description = mdDoc "Whether to forward UDP instead of TCP traffic.";
type = types.bool;
default = false;
};
udpTimeout = mkOption {
description = mdDoc "When using UDP forwarding, timeout in seconds after which the tunnel connection is closed. `-1` means no timeout.";
type = types.int;
default = 30;
};
httpProxy = mkOption {
description = mdDoc ''
Proxy to use to connect to the wstunnel server (`USER:PASS@HOST:PORT`).
::: {.warning}
Passwords specified here will be world-readable in the Nix store! To pass a password to the service, point the `environmentFile` option to a file containing `PROXY_PASSWORD=<your-password-here>` and set this option to `<user>:$PROXY_PASSWORD@<host>:<port>`. Note however that this will also locally leak the passwords at runtime via e.g. /proc/<pid>/cmdline.
:::
'';
type = types.nullOr types.str;
default = null;
};
soMark = mkOption {
description = mdDoc "Mark network packets with the SO_MARK sockoption with the specified value. Setting this option will also enable the required `CAP_NET_ADMIN` capability for the systemd service.";
type = types.nullOr types.int;
default = null;
};
upgradePathPrefix = mkOption {
description = mdDoc "Use a specific HTTP path prefix that will show up in the upgrade request to the `wstunnel` server. Useful when running `wstunnel` behind a reverse proxy.";
type = types.nullOr types.str;
default = null;
example = "wstunnel";
};
hostHeader = mkOption {
description = mdDoc "Use this as the HTTP host header instead of the real hostname. Useful for circumventing hostname-based firewalls.";
type = types.nullOr types.str;
default = null;
};
tlsSNI = mkOption {
description = mdDoc "Use this as the SNI while connecting via TLS. Useful for circumventing hostname-based firewalls.";
type = types.nullOr types.str;
default = null;
};
tlsVerifyCertificate = mkOption {
description = mdDoc "Whether to verify the TLS certificate of the server. It might be useful to set this to `false` when working with the `tlsSNI` option.";
type = types.bool;
default = true;
};
# The original argument name `websocketPingFrequency` is a misnomer, as the frequency is the inverse of the interval.
websocketPingInterval = mkOption {
description = mdDoc "Do a heartbeat ping every N seconds to keep up the websocket connection.";
type = types.nullOr types.ints.unsigned;
default = null;
};
upgradeCredentials = mkOption {
description = mdDoc ''
Use these credentials to authenticate during the HTTP upgrade request (Basic authorization type, `USER:[PASS]`).
::: {.warning}
Passwords specified here will be world-readable in the Nix store! To pass a password to the service, point the `environmentFile` option to a file containing `HTTP_PASSWORD=<your-password-here>` and set this option to `<user>:$HTTP_PASSWORD`. Note however that this will also locally leak the passwords at runtime via e.g. /proc/<pid>/cmdline.
:::
'';
type = types.nullOr types.str;
default = null;
};
customHeaders = mkOption {
description = mdDoc "Custom HTTP headers to send during the upgrade request.";
type = types.attrsOf types.str;
default = {};
example = {
"X-Some-Header" = "some-value";
};
};
};
};
generateServerUnit = name: serverCfg: {
name = "wstunnel-server-${name}";
value = {
description = "wstunnel server - ${name}";
requires = [ "network.target" "network-online.target" ];
after = [ "network.target" "network-online.target" ];
wantedBy = optional serverCfg.autoStart "multi-user.target";
serviceConfig = let
certConfig = config.security.acme.certs."${serverCfg.useACMEHost}";
in {
Type = "simple";
ExecStart = with serverCfg; let
resolvedTlsCertificate = if useACMEHost != null
then "${certConfig.directory}/fullchain.pem"
else tlsCertificate;
resolvedTlsKey = if useACMEHost != null
then "${certConfig.directory}/key.pem"
else tlsKey;
in ''
${package}/bin/wstunnel \
--server \
${optionalString (restrictTo != null) "--restrictTo=${utils.escapeSystemdExecArg (hostPortToString restrictTo)}"} \
${optionalString (resolvedTlsCertificate != null) "--tlsCertificate=${utils.escapeSystemdExecArg resolvedTlsCertificate}"} \
${optionalString (resolvedTlsKey != null) "--tlsKey=${utils.escapeSystemdExecArg resolvedTlsKey}"} \
${optionalString verboseLogging "--verbose"} \
${attrsToArgs extraArgs} \
${utils.escapeSystemdExecArg "${if enableHTTPS then "wss" else "ws"}://${hostPortToString listen}"}
'';
EnvironmentFile = optional (serverCfg.environmentFile != null) serverCfg.environmentFile;
DynamicUser = true;
SupplementaryGroups = optional (serverCfg.useACMEHost != null) certConfig.group;
PrivateTmp = true;
AmbientCapabilities = optional (serverCfg.listen.port < 1024) [ "CAP_NET_BIND_SERVICE" ];
NoNewPrivileges = true;
RestrictNamespaces = "uts ipc pid user cgroup";
ProtectSystem = "strict";
ProtectHome = true;
ProtectKernelTunables = true;
ProtectKernelModules = true;
ProtectControlGroups = true;
PrivateDevices = true;
RestrictSUIDSGID = true;
};
};
};
generateClientUnit = name: clientCfg: {
name = "wstunnel-client-${name}";
value = {
description = "wstunnel client - ${name}";
requires = [ "network.target" "network-online.target" ];
after = [ "network.target" "network-online.target" ];
wantedBy = optional clientCfg.autoStart "multi-user.target";
serviceConfig = {
Type = "simple";
ExecStart = with clientCfg; ''
${package}/bin/wstunnel \
${concatStringsSep " " (builtins.map (x: "--localToRemote=${localRemoteToString x}") localToRemote)} \
${concatStringsSep " " (mapAttrsToList (n: v: "--customHeaders=\"${n}: ${v}\"") customHeaders)} \
${optionalString (dynamicToRemote != null) "--dynamicToRemote=${utils.escapeSystemdExecArg (hostPortToString dynamicToRemote)}"} \
${optionalString udp "--udp"} \
${optionalString (httpProxy != null) "--httpProxy=${httpProxy}"} \
${optionalString (soMark != null) "--soMark=${toString soMark}"} \
${optionalString (upgradePathPrefix != null) "--upgradePathPrefix=${upgradePathPrefix}"} \
${optionalString (hostHeader != null) "--hostHeader=${hostHeader}"} \
${optionalString (tlsSNI != null) "--tlsSNI=${tlsSNI}"} \
${optionalString tlsVerifyCertificate "--tlsVerifyCertificate"} \
${optionalString (websocketPingInterval != null) "--websocketPingFrequency=${toString websocketPingInterval}"} \
${optionalString (upgradeCredentials != null) "--upgradeCredentials=${upgradeCredentials}"} \
--udpTimeoutSec=${toString udpTimeout} \
${optionalString verboseLogging "--verbose"} \
${attrsToArgs extraArgs} \
${utils.escapeSystemdExecArg "${if enableHTTPS then "wss" else "ws"}://${hostPortToString connectTo}"}
'';
EnvironmentFile = optional (clientCfg.environmentFile != null) clientCfg.environmentFile;
DynamicUser = true;
PrivateTmp = true;
AmbientCapabilities = (optional (clientCfg.soMark != null) [ "CAP_NET_ADMIN" ]) ++ (optional ((clientCfg.dynamicToRemote.port or 1024) < 1024 || (any (x: x.local.port < 1024) clientCfg.localToRemote)) [ "CAP_NET_BIND_SERVICE" ]);
NoNewPrivileges = true;
RestrictNamespaces = "uts ipc pid user cgroup";
ProtectSystem = "strict";
ProtectHome = true;
ProtectKernelTunables = true;
ProtectKernelModules = true;
ProtectControlGroups = true;
PrivateDevices = true;
RestrictSUIDSGID = true;
};
};
};
in {
options.services.wstunnel = {
enable = mkEnableOption (mdDoc "wstunnel");
servers = mkOption {
description = mdDoc "`wstunnel` servers to set up.";
type = types.attrsOf (types.submodule serverSubmodule);
default = {};
example = {
"wg-tunnel" = {
listen.port = 8080;
enableHTTPS = true;
tlsCertificate = "/var/lib/secrets/fullchain.pem";
tlsKey = "/var/lib/secrets/key.pem";
restrictTo = {
host = "127.0.0.1";
port = 51820;
};
};
};
};
clients = mkOption {
description = mdDoc "`wstunnel` clients to set up.";
type = types.attrsOf (types.submodule clientSubmodule);
default = {};
example = {
"wg-tunnel" = {
connectTo = {
host = "example.com";
port = 8080;
};
enableHTTPS = true;
localToRemote = {
local = {
host = "127.0.0.1";
port = 51820;
};
remote = {
host = "127.0.0.1";
port = 51820;
};
};
udp = true;
};
};
};
};
config = mkIf cfg.enable {
systemd.services = (mapAttrs' generateServerUnit (filterAttrs (n: v: v.enable) cfg.servers)) // (mapAttrs' generateClientUnit (filterAttrs (n: v: v.enable) cfg.clients));
assertions = (mapAttrsToList (name: serverCfg: {
assertion = !(serverCfg.useACMEHost != null && (serverCfg.tlsCertificate != null || serverCfg.tlsKey != null));
message = ''
Options services.wstunnel.servers."${name}".useACMEHost and services.wstunnel.servers."${name}".{tlsCertificate, tlsKey} are mutually exclusive.
'';
}) cfg.servers) ++
(mapAttrsToList (name: serverCfg: {
assertion = !((serverCfg.tlsCertificate != null || serverCfg.tlsKey != null) && !(serverCfg.tlsCertificate != null && serverCfg.tlsKey != null));
message = ''
services.wstunnel.servers."${name}".tlsCertificate and services.wstunnel.servers."${name}".tlsKey need to be set together.
'';
}) cfg.servers) ++
(mapAttrsToList (name: clientCfg: {
assertion = !(clientCfg.localToRemote == [] && clientCfg.dynamicToRemote == null);
message = ''
Either one of services.wstunnel.clients."${name}".localToRemote or services.wstunnel.clients."${name}".dynamicToRemote must be set.
'';
}) cfg.clients);
};
meta.maintainers = with maintainers; [ alyaeanyx ];
}

16
pkgs/applications/misc/tuba/default.nix
View File

@ -6,16 +6,17 @@
, ninja
, python3
, pkg-config
, wrapGAppsHook
, wrapGAppsHook4
, desktop-file-utils
, gtk4
, libadwaita
, json-glib
, glib
, glib-networking
, gtksourceview5
, libxml2
, libgee
, libsoup
, libsoup_3
, libsecret
, gst_all_1
, nix-update-script
@ -23,12 +24,12 @@
stdenv.mkDerivation rec {
pname = "tuba";
version = "0.1.0";
version = "0.2.0";
src = fetchFromGitHub {
owner = "GeopJr";
repo = "Tuba";
rev = "v${version}";
hash = "sha256-dkURVzbDBrE4bBUvf2fPqvgLKE07tn7jl3OudZpEWUo=";
hash = "sha256-LPhGGIHvN/hc71PL50TBw1Q0ysubdtJaEiUEI29HRrE=";
};
nativeBuildInputs = [
@ -37,17 +38,18 @@ stdenv.mkDerivation rec {
pkg-config
vala
python3
wrapGAppsHook
wrapGAppsHook4
desktop-file-utils
];
buildInputs = [
glib
glib-networking
gtksourceview5
json-glib
libxml2
libgee
libsoup
libsoup_3
gtk4
libadwaita
libsecret
@ -68,7 +70,9 @@ stdenv.mkDerivation rec {
meta = with lib; {
description = "Browse the Fediverse";
homepage = "https://tuba.geopjr.dev/";
mainProgram = "dev.geopjr.Tuba";
license = licenses.gpl3Only;
changelog = "https://github.com/GeopJr/Tuba/releases/tag/v${version}";
maintainers = with maintainers; [ chuangzhu ];
};
}

6
pkgs/applications/office/treesheets/default.nix
View File

@ -12,13 +12,13 @@
stdenv.mkDerivation rec {
pname = "treesheets";
version = "unstable-2023-03-18";
version = "unstable-2023-04-04";
src = fetchFromGitHub {
owner = "aardappel";
repo = "treesheets";
rev = "fd73698ba15b36cfd1f1726e51558405a56c6cd2";
sha256 = "kGpze5aBbBjhLTU9jV2xX44iO82skgbxVKc0lHndezw=";
rev = "a7d0065763c0bf0cfc2b410b17cb1fce33619616";
sha256 = "wDAheXzObiqFkZ2ZVQAzMVZT5mzIEzxh6jNwPiPoWis=";
};
nativeBuildInputs = [

4
pkgs/data/icons/numix-icon-theme-square/default.nix
View File

@ -2,13 +2,13 @@
stdenvNoCC.mkDerivation rec {
pname = "numix-icon-theme-square";
version = "23.03.19";
version = "23.04.05";
src = fetchFromGitHub {
owner = "numixproject";
repo = pname;
rev = version;
sha256 = "sha256-Hdwby8U9D+k4AjKyDeWhCfGr7z7ETNQPr1lnwweAp7g=";
sha256 = "sha256-fyb0qHmZev7kH8/q6mk2WPT30Szx1/jLIweq12eAIaw=";
};
nativeBuildInputs = [ gtk3 ];

6
pkgs/development/ocaml-modules/atdgen/codec-runtime.nix
View File

@ -2,11 +2,13 @@
buildDunePackage rec {
pname = "atdgen-codec-runtime";
version = "2.10.0";
version = "2.11.0";
duneVersion = "3";
src = fetchurl {
url = "https://github.com/ahrefs/atd/releases/download/${version}/atdts-${version}.tbz";
sha256 = "sha256-d9J0CaTp2sQbnKLp6mCDbGwYAIsioVer7ftaLSSFCZg=";
hash = "sha256-TTTuSxNKydPmTmztUapLoxntBIrAo8aWYIJ/G5cok1Y=";
};
meta = {

2
pkgs/development/ocaml-modules/atdgen/default.nix
View File

@ -6,6 +6,8 @@ buildDunePackage {
pname = "atdgen";
inherit (atdgen-codec-runtime) version src;
duneVersion = "3";
buildInputs = [ atd re ];
propagatedBuildInputs = [ atdgen-runtime ];

1
pkgs/development/ocaml-modules/atdgen/runtime.nix
View File

@ -5,6 +5,7 @@ buildDunePackage rec {
inherit (atdgen-codec-runtime) version src;
minimalOCamlVersion = "4.08";
duneVersion = "3";
propagatedBuildInputs = [ biniou yojson ];

1
pkgs/development/ocaml-modules/elpi/default.nix
View File

@ -35,6 +35,7 @@ buildDunePackage rec {
./atd_2_10.patch;
minimalOCamlVersion = "4.04";
duneVersion = "3";
# atdgen is both a library and executable
nativeBuildInputs = [ perl ]

4
pkgs/development/python-modules/asyncwhois/default.nix
View File

@ -11,7 +11,7 @@
buildPythonPackage rec {
pname = "asyncwhois";
version = "1.0.4";
version = "1.0.5";
format = "setuptools";
disabled = pythonOlder "3.7";
@ -20,7 +20,7 @@ buildPythonPackage rec {
owner = "pogzyb";
repo = pname;
rev = "refs/tags/v${version}";
hash = "sha256-ygpmm0CF+L871CpHZEmzdJQvin1uYZMb7kkilrom1YU=";
hash = "sha256-ILKnJlPT8BuZK06xk7fWYXcdn9SRL5zA3+B6CfJwvKM=";
};
propagatedBuildInputs = [

8
pkgs/development/python-modules/jiwer/default.nix
View File

@ -2,6 +2,7 @@
, buildPythonPackage
, fetchFromGitHub
, poetry-core
, pythonRelaxDepsHook
, rapidfuzz
, click
}:
@ -20,6 +21,7 @@ buildPythonPackage rec {
nativeBuildInputs = [
poetry-core
pythonRelaxDepsHook
];
propagatedBuildInputs = [
@ -27,10 +29,14 @@ buildPythonPackage rec {
click
];
pythonRelaxDeps = [
"rapidfuzz"
];
pythonImportsCheck = [ "jiwer" ];
meta = with lib; {
description = "JiWER is a simple and fast python package to evaluate an automatic speech recognition system";
description = "A simple and fast python package to evaluate an automatic speech recognition system";
homepage = "https://github.com/jitsi/jiwer";
license = licenses.asl20;
maintainers = with maintainers; [ GaetanLepage ];

12
pkgs/development/python-modules/lsprotocol/default.nix
View File

@ -13,7 +13,7 @@
buildPythonPackage rec {
pname = "lsprotocol";
version = "2022.0.0a10";
version = "2023.0.0a1";
format = "pyproject";
disabled = pythonOlder "3.7";
@ -22,7 +22,7 @@ buildPythonPackage rec {
owner = "microsoft";
repo = pname;
rev = "refs/tags/${version}";
hash = "sha256-IAFNEWpBRVAGcJNIV1bog9K2nANRw/qJfCJ9+Wu/yJc=";
hash = "sha256-gfsqn9NtO7meMks4dUhrTYVlr69Ffh339GD9FvCJvJM=";
};
nativeBuildInputs = [
@ -44,6 +44,14 @@ buildPythonPackage rec {
pyhamcrest
];
preBuild = ''
cd packages/python
'';
preCheck = ''
cd ../../
'';
checkPhase = ''
runHook preCheck

6
pkgs/development/python-modules/mitmproxy-wireguard/default.nix
View File

@ -11,7 +11,7 @@
buildPythonPackage rec {
pname = "mitmproxy-wireguard";
version = "0.1.21";
version = "0.1.23";
format = "pyproject";
disabled = pythonOlder "3.7";
@ -20,7 +20,7 @@ buildPythonPackage rec {
owner = "decathorpe";
repo = "mitmproxy_wireguard";
rev = "refs/tags/${version}";
hash = "sha256-479JCAxc6bK5X8nKKyzLvmuxPYPj5M19sZiO9vaK0DM=";
hash = "sha256-z9ucTBLLRXc1lcHA0r1wUleoP8X7yIlHrtdZdLD9qJk=";
};
buildInputs = lib.optionals stdenv.isDarwin [
@ -38,7 +38,7 @@ buildPythonPackage rec {
cargoDeps = rustPlatform.fetchCargoTarball {
inherit src;
name = "${pname}-${version}";
hash = "sha256-3reDkpnLTS32MZvvbRzDJovzUPAZmn2WRThmmeHGVXY=";
hash = "sha256-qgyAaUpyuWVYMxUA4Gg8inlUMlSLo++16+nVvmDMhTQ=";
};
# Module has no tests, only a test client

4
pkgs/development/python-modules/pontos/default.nix
View File

@ -17,7 +17,7 @@
buildPythonPackage rec {
pname = "pontos";
version = "23.3.6";
version = "23.4.0";
format = "pyproject";
disabled = pythonOlder "3.9";
@ -26,7 +26,7 @@ buildPythonPackage rec {
owner = "greenbone";
repo = pname;
rev = "refs/tags/v${version}";
hash = "sha256-cs+UeE5QRL/yzFABpMQ4masbLHwG++Ipu5GidXJ1Y0E=";
hash = "sha256-nMuf8k7o7cCpvk9IUp7lz6jM7rqCxHq4uT51R1w8jtM=";
};
nativeBuildInputs = [

4
pkgs/development/skaware-packages/execline/default.nix
View File

@ -2,7 +2,7 @@
with skawarePackages;
let
version = "2.9.1.0";
version = "2.9.3.0";
# Maintainer of manpages uses following versioning scheme: for every
# upstream $version he tags manpages release as ${version}.1, and,
@ -19,7 +19,7 @@ in buildPackage {
inherit version;
pname = "execline";
sha256 = "tdaOAh+gxGeQidJlEQpsgfTswUEGe/aG3MtL/QYcBAQ=";
sha256 = "yAJ/pwki0RfN7ozCDSd+ONA/2WDm0TbYzsMmA9TsI40=";
description = "A small scripting language, to be used in place of a shell in non-interactive scripts";

4
pkgs/development/skaware-packages/mdevd/default.nix
View File

@ -4,8 +4,8 @@ with skawarePackages;
buildPackage {
pname = "mdevd";
version = "0.1.6.1";
sha256 = "XAHk55QW22zZk++KkBRii48fC2xkMnWYhIhRL6pUBLE=";
version = "0.1.6.2";
sha256 = "rC/PkATweQRZLFiU4sQB4VuwJ+zze8uOpmHip5k0R74=";
description = "mdev-compatible Linux hotplug manager daemon";
platforms = lib.platforms.linux;

4
pkgs/development/skaware-packages/nsss/default.nix
View File

@ -4,8 +4,8 @@ with skawarePackages;
buildPackage {
pname = "nsss";
version = "0.2.0.2";
sha256 = "e6XqmitSjoNhJ1DkiRzZulbVxE9TCrxCRTqLk5Cmwuw=";
version = "0.2.0.3";
sha256 = "seOX7VsydhGnwsjB3GDpH+81PFT+rUZPiHcgvAkUFI4=";
description = "An implementation of a subset of the pwd.h, group.h and shadow.h family of functions.";

4
pkgs/development/skaware-packages/s6-linux-init/default.nix
View File

@ -4,8 +4,8 @@ with skawarePackages;
buildPackage {
pname = "s6-linux-init";
version = "1.0.8.1";
sha256 = "KdBjEZRQGQJEju0MRoQNYNgOs7uXr8MwtNEVYUSPx8w=";
version = "1.1.1.0";
sha256 = "rUg/NTJleQB+Wn48ufH9EXfq9x7FwRxHzXhKBClWqO4=";
description = "A set of minimalistic tools used to create a s6-based init system, including a /sbin/init binary, on a Linux kernel";
platforms = lib.platforms.linux;

5
pkgs/development/skaware-packages/s6-linux-utils/default.nix
View File

@ -4,8 +4,8 @@ with skawarePackages;
buildPackage {
pname = "s6-linux-utils";
version = "2.6.0.1";
sha256 = "/YUZIdSrthHrry0Nby2VNAlS5+fc1b/FQRUSCuDeGeQ=";
version = "2.6.1.2";
sha256 = "2GPcXXgt535GUEFFGI+1fbsLZiUGF6Z9NB6wy0qdnNk=";
description = "A set of minimalistic Linux-specific system utilities";
platforms = lib.platforms.linux;
@ -25,6 +25,7 @@ buildPackage {
postInstall = ''
# remove all s6 executables from build directory
rm $(find -name "s6-*" -type f -mindepth 1 -maxdepth 1 -executable) rngseed
rm libs6ps.a.xyzzy
mv doc $doc/share/doc/s6-linux-utils/html
'';

4
pkgs/development/skaware-packages/s6-networking/default.nix
View File

@ -19,8 +19,8 @@ assert sslSupportEnabled -> sslLibs ? ${sslSupport};
buildPackage {
pname = "s6-networking";
version = "2.5.1.2";
sha256 = "0HLetnpMpNfFEmQMXzOnZse4VDZJSXJ9NgBzjGdp8UY=";
version = "2.5.1.3";
sha256 = "oJ5DyVn/ngyqj/QAJgjnPA9X+H8EqNnCTmya/v5F6Xc=";
description = "A suite of small networking utilities for Unix systems";

4
pkgs/development/skaware-packages/s6-portable-utils/default.nix
View File

@ -4,8 +4,8 @@ with skawarePackages;
buildPackage {
pname = "s6-portable-utils";
version = "2.2.5.1";
sha256 = "RXMd0uZ0QNEk55sIRDGh66jC0SN/Fyi2l35TOv93ra4=";
version = "2.3.0.2";
sha256 = "hxQmkTTwEmUNqsBA5WRjct6lZYucDYmnygO7Kr7E0eg=";
description = "A set of tiny general Unix utilities optimized for simplicity and small size";

4
pkgs/development/skaware-packages/s6-rc/default.nix
View File

@ -4,8 +4,8 @@ with skawarePackages;
buildPackage {
pname = "s6-rc";
version = "0.5.3.3";
sha256 = "M5jxDAYy45vWnkirVtVv3mtIx/AgDq0Dom+ygwkIZSo=";
version = "0.5.4.1";
sha256 = "1yaMq3xUIzBc+VmKM9T82rijFZUrPsgPechbjLdhWPY=";
description = "A service manager for s6-based systems";
platforms = lib.platforms.unix;

4
pkgs/development/skaware-packages/s6/default.nix
View File

@ -4,8 +4,8 @@ with skawarePackages;
buildPackage {
pname = "s6";
version = "2.11.2.0";
sha256 = "n7Q2kOYBjZRzO03BjMaSbwJFRQik3YYGDJtLnSDcgDc=";
version = "2.11.3.2";
sha256 = "fBYTitLw/74O0q6N0M7K2p98eH7dM6aQhNIZEQaT33Q=";
description = "skarnet.org's small & secure supervision software suite";

4
pkgs/development/skaware-packages/skalibs/default.nix
View File

@ -4,8 +4,8 @@ with skawarePackages;
buildPackage {
pname = "skalibs";
version = "2.13.0.0";
sha256 = "uHW/PfPw9QCYTMr+RampWt1+QCaznujaYg8JYGvnT8w=";
version = "2.13.1.1";
sha256 = "snKhq3mff6xEubT7Ws54qWFrL+SIIVl1S4CIxNgZnjM=";
description = "A set of general-purpose C programming libraries";

11
pkgs/development/tools/argc/default.nix
View File

@ -2,21 +2,24 @@
rustPlatform.buildRustPackage rec {
pname = "argc";
version = "0.15.1";
version = "1.0.0";
src = fetchFromGitHub {
owner = "sigoden";
repo = pname;
rev = "v${version}";
sha256 = "sha256-hN8M12evYxqNSsQKm0oRf3/b7WUf8k8pWa+0vRHstv4=";
hash = "sha256-lZtAhsEfMzj8Irl7LQPzjBNiKKy8091p2XoB5wSPhKM=";
};
cargoSha256 = "sha256-JCFBA9LuNILJs4flzD/bGpv/R2vxMlA0aFTVdGKKs5I=";
cargoHash = "sha256-L0FX4RuJ5n76CCWVpGQryX7usXGBN55W9+y83s9JJug=";
nativeBuildInputs = [ installShellFiles ];
postInstall = ''
installShellCompletion completions/argc.{bash,fish,zsh}
installShellCompletion --cmd argc \
--bash <($out/bin/argc --argc-completions bash) \
--fish <($out/bin/argc --argc-completions fish) \
--zsh <($out/bin/argc --argc-completions zsh)
'';
meta = with lib; {

6
pkgs/development/tools/cloud-nuke/default.nix
View File

@ -2,16 +2,16 @@
buildGoModule rec {
pname = "cloud-nuke";
version = "0.27.1";
version = "0.29.0";
src = fetchFromGitHub {
owner = "gruntwork-io";
repo = pname;
rev = "v${version}";
hash = "sha256-HzQKbG2Bzh3JcvRn6dUlL+n9IeDj/EhC7ir9HcmS96w=";
hash = "sha256-v+YUd9dPp3KO1lsGDrDEEdrXNM53M0TOCF643pjq3tA=";
};
vendorHash = "sha256-++LBd8FDZzZlwlCvwc1foBm8yx62YcJr0enJZxb9ZI0=";
vendorHash = "sha256-shn/0xUQO9cm54wYJBWNOsP1NalYKOTJ5Kf4i6KCfx4=";
ldflags = [ "-s" "-w" "-X main.VERSION=${version}" ];

13
pkgs/development/tools/tracy/0001-remove-unifiedtypeidentifiers-framework Normal file
View File

@ -0,0 +1,13 @@
diff --git a/profiler/build/unix/legacy.mk b/profiler/build/unix/legacy.mk
index 24765f1a..8baffb68 100644
--- a/profiler/build/unix/legacy.mk
+++ b/profiler/build/unix/legacy.mk
@@ -16,7 +16,7 @@ else
UNAME := $(shell uname -s)
ifeq ($(UNAME),Darwin)
SRC3 += ../../../nfd/nfd_cocoa.m
- LIBS += -framework CoreFoundation -framework AppKit -framework UniformTypeIdentifiers
+ LIBS += -framework CoreFoundation -framework AppKit
else
ifdef TRACY_GTK_FILESELECTOR
SRC += ../../../nfd/nfd_gtk.cpp

14
pkgs/development/tools/tracy/default.nix
View File

@ -1,25 +1,29 @@
{ stdenv, lib, darwin, fetchFromGitHub
, tbb, gtk3, glfw, pkg-config, freetype, Carbon, AppKit, capstone, dbus
, tbb, glfw, pkg-config, freetype, Carbon, AppKit, capstone, dbus, hicolor-icon-theme
}:
let
disableLTO = stdenv.cc.isClang && stdenv.isDarwin; # workaround issue #19098
in stdenv.mkDerivation rec {
pname = "tracy";
version = "0.9";
version = "0.9.1";
src = fetchFromGitHub {
owner = "wolfpld";
repo = "tracy";
rev = "v${version}";
sha256 = "sha256-cdVkY1dSag37JdbsoJp2/0QHO5G+zsftqwBVqRpMiew=";
sha256 = "sha256-K1lQNRS8+ju9HyKNVXtHqslrPWcPgazzTitvwkIO3P4";
};
patches = [ ]
++ lib.optionals (stdenv.isDarwin && !(lib.versionAtLeast stdenv.hostPlatform.darwinMinVersion "11")) [ ./0001-remove-unifiedtypeidentifiers-framework ];
nativeBuildInputs = [ pkg-config ];
buildInputs = [ glfw capstone ]
++ lib.optionals stdenv.isDarwin [ Carbon AppKit freetype ]
++ lib.optionals stdenv.isLinux [ gtk3 tbb dbus ];
++ lib.optionals (stdenv.isDarwin && lib.versionAtLeast stdenv.hostPlatform.darwinMinVersion "11") [ darwin.apple_sdk.frameworks.UniformTypeIdentifiers ]
++ lib.optionals stdenv.isLinux [ tbb dbus hicolor-icon-theme freetype ];
env.NIX_CFLAGS_COMPILE = toString ([ ]
# Apple's compiler finds a format string security error on
@ -32,7 +36,7 @@ in stdenv.mkDerivation rec {
NIX_CFLAGS_LINK = lib.optional disableLTO "-fno-lto";
buildPhase = ''
make -j $NIX_BUILD_CORES -C profiler/build/unix release
make -j $NIX_BUILD_CORES -C profiler/build/unix release LEGACY=1
make -j $NIX_BUILD_CORES -C import-chrome/build/unix/ release
make -j $NIX_BUILD_CORES -C capture/build/unix/ release
make -j $NIX_BUILD_CORES -C update/build/unix/ release

4
pkgs/tools/misc/wakatime/default.nix
View File

@ -2,13 +2,13 @@
buildGoModule rec {
pname = "wakatime";
version = "1.70.0";
version = "1.70.1";
src = fetchFromGitHub {
owner = "wakatime";
repo = "wakatime-cli";
rev = "v${version}";
hash = "sha256-JURz3xPZIqrPreh+kT+o62cOhw55anUH4kqaT3t0tM0=";
hash = "sha256-PZIO8ULvSdsOeRLGPrsRyoql8Z4Xq7z4q/AErw239BI=";
};
vendorHash = "sha256-SlYYrlRDBvhNm2BxemK9HzzsqM/RGH/sDQXpoGEY8rw=";