From 722d963ef287f2469133f6677b0d3e25ae4e2ede Mon Sep 17 00:00:00 2001 From: Weijia Wang <9713184+wegank@users.noreply.github.com> Date: Fri, 24 Mar 2023 16:29:09 +0200 Subject: [PATCH 01/52] owl-compositor: init at unstable-2021-11-10 --- .../window-managers/owl/default.nix | 87 ++++++++++++++++++ .../window-managers/owl/mac/MainMenu.nib | Bin 0 -> 6088 bytes .../owl/mac/OwlPreferences.nib | Bin 0 -> 2806 bytes pkgs/top-level/all-packages.nix | 2 + 4 files changed, 89 insertions(+) create mode 100644 pkgs/applications/window-managers/owl/default.nix create mode 100644 pkgs/applications/window-managers/owl/mac/MainMenu.nib create mode 100644 pkgs/applications/window-managers/owl/mac/OwlPreferences.nib diff --git a/pkgs/applications/window-managers/owl/default.nix b/pkgs/applications/window-managers/owl/default.nix new file mode 100644 index 000000000000..ac42c38e7aaa --- /dev/null +++ b/pkgs/applications/window-managers/owl/default.nix @@ -0,0 +1,87 @@ +{ lib +, stdenv +, fetchFromGitHub +, gnustep +, libxkbcommon +, makeWrapper +, wayland +, wayland-scanner +, darwin +}: + +assert wayland.withLibraries; + +let + mkDerivation = if stdenv.isDarwin then stdenv.mkDerivation else gnustep.gsmakeDerivation; +in +mkDerivation { + pname = "owl"; + version = "unstable-2021-11-10"; + + src = fetchFromGitHub { + owner = "owl-compositor"; + repo = "owl"; + rev = "91abf02613cd2ddb97be58b5b6703240320233a0"; + hash = "sha256-a+TznasOVEzSNrs66/y91AeMRDEfyd+WO5mO811hLj0="; + }; + + # use pregenerated nib files because generating them requires Xcode + postPatch = lib.optionalString stdenv.isDarwin '' + sed -i "/ibtool/d" configure + mkdir -p build/Owl.app/Contents/Resources/English.lproj + cp ${./mac/MainMenu.nib} build/Owl.app/Contents/Resources/English.lproj/MainMenu.nib + cp ${./mac/OwlPreferences.nib} build/Owl.app/Contents/Resources/English.lproj/OwlPreferences.nib + ''; + + strictDeps = true; + + nativeBuildInputs = [ + makeWrapper + wayland-scanner + ] ++ lib.optionals stdenv.isDarwin [ + darwin.DarwinTools + darwin.bootstrap_cmds + ] ++ lib.optionals (!stdenv.isDarwin) [ + gnustep.make + ]; + + buildInputs = [ + libxkbcommon + wayland + ] ++ lib.optionals stdenv.isDarwin [ + darwin.apple_sdk.frameworks.Cocoa + ] ++ lib.optionals (!stdenv.isDarwin) [ + gnustep.back + gnustep.base + gnustep.gui + ]; + + preConfigure = '' + mkdir -p build + cd build + ''; + + configureScript = "../configure"; + + # error: "Your gnustep-base was configured for the objc-nonfragile-abi but you are not using it now." + env.NIX_CFLAGS_COMPILE = lib.optionalString (!stdenv.isDarwin) "-fobjc-runtime=gnustep-2.0"; + + installPhase = '' + runHook preInstall + + mkdir -p $out/{Applications,bin} + mv Owl.app $out/Applications + makeWrapper $out/{Applications/Owl.app${lib.optionalString stdenv.isDarwin "/Contents/MacOS"},bin}/Owl + + runHook postInstall + ''; + + meta = with lib; { + description = "A portable Wayland compositor in Objective-C"; + homepage = "https://github.com/owl-compositor/owl"; + license = licenses.gpl3Plus; + maintainers = with maintainers; [ wegank ]; + platforms = platforms.unix; + mainProgram = "Owl"; + }; +} diff --git a/pkgs/applications/window-managers/owl/mac/MainMenu.nib b/pkgs/applications/window-managers/owl/mac/MainMenu.nib new file mode 100644 index 0000000000000000000000000000000000000000..ea5c6f8fe3a0da7bc038a401799278b12a3ea0af GIT binary patch literal 6088 zcmd^DYj_mZ86MK6ZVuK}CyQw~NAD^RX8Ux+|mH-QZ%RixMzpvA@U({>bWsv`VwWj5Afe1!| zvXG-9KPCzX4i25n2hR!lypU(a(Aj+Ol8`Tp;wyoCRTN&!hp&h7O(EYB!*3VlJ3{_M zjQli^KNG`0FUVhtkzWP!*CPB)D1R%$--YrILcS|Xe+_8YY_fzSpGxE ze+v08QTn$G=ZH`?2qBperMW_emx*C{4diQu2(H8L^}r42yHNz;P3W5kc|LFp+HS@8 zg=kv_`EHC~j^7n%Z^GD>Xm5wy0eKDNIONTcb;wnf5T=8%yeO+cIsQrg5W5y^VXmX&b)j*rlYN z;C43d^NcqPg?2n+^m2?z*gWIdW@>|z!kAXe@Vumv;Un

*p!cu;|g;&-WSD!KB`8 z!mh=)ns(Y5@Q%Y5%W?*Iy2Eidm>JXO>E{0a1OkEXxYum?+=T}m(R3MZFZbc)X6{j7 z%FeO#f@yVZ8=*R`hxwJTRdA#67B$@KH&Q&_R)jXww|E(25Pg)Fp`@;cAUZwUlR>a> zyqX&*t7t|pJUG*wQdv1wabM-HeQ(x8h}`y(3d1t@Q{G@{gVDn+*k9z(Dx?kHfadCq z6BksGFkRPiO}iJ~EHZ5$is7DGf%5~N_P-o&!Gf8+wvJ?sS_dTU|~b z>D;0OsaT zCDVDofdP(-oS|-OhuMQ*$qL|O zYzTam6~RxjAA$4i$KdCPM;Pk8mW#nCc8q1F$f-hopSYYl$}yZzA48yaODNzeDU2JWsI(@R^1Y7Q=5YHr6>{!I3tkw-@=##lm#u zF<^5sVu*d3W;KGy9`e*CM*_Dt_vd@5r>)w0sy(dHVSvzMygOvd61huB&Ld zzM=((T+OAm*L|ddCf`7li!^!Zl-;XI*qa{cTV&MB8tQskfcejDw>n7T{^- z3=TKp=*z_leGsAW9!wfy_kpL_DsZjZm5@)ed%?4)-IO&e2^4#)b!P-OQ%2p6%0e^g zZaq(T3+b-9eC-8yS1EGY??b&sPL#);N~o!69t^aTfi>qD=pX~?z|Z2m-scRc-3#qm zTj|I1dD`QoeLZQPJ{;>lg7*9l$HAU0SN5!u;BA8RZ6tj@INGL3($@)A-d;EzW%9Pm zajYK0#rDBbJM25Xy%w*useT(KHbc!6>jIx<(F?&Lev}QfuQRl6(qLX&&NjGa( zer2`6M`sYAc!C2A*XNaQGV6a;qN^t;)rQJp`dd#Bo0+PO%5T zQC&JvAF16*YE>i`s^t?pclU93p|19O8&5gWm5d#9D9RSD+J4Iz)b+L|b!(`-FW4^P zeZ*>+1$&fO)keY8CJ<2nv0##V)g>#~67V>C2wY?a zc!C9B3Oz>jx`WRACn^N>^gv*rHIh6y0n5em-6kIx zXKHehWx;BDs8Sl8jt`m`K>O^=Ty;{N^htW>!8>4d$&NEMy~qZ^6YMdtGNs;Ns%4RC>4^WoE|CA-KS-6)koL_m@d$B=xJ*1s zJVtzg_#p8i;-`oY6CWWSCq7C%K|D!(jQBY5)5OmZPZ6IWK1uv6@hRfd#Lp2wPke^> zEb$A(FA|?4eu?;H;#Y{jM*J%AYs6nC{s!?kiC-uF7V)=26}-$zyux! z_5c=;0c^mjQ(rWObJdSo+5tSqTcR&pZTOT#4bcm0)TpV!y08ATYNL2eWPSC~Mdv;Z zt%%L|`#PwNqaR-mJG1x}=Huf|^yy41s%a>STB-7&z8q+WAVh|$AK^9~$hsm`GBwR+36hWL+9Y#7ajd*{dZEzU(p z!suui9SbLpPfy-6K6T$p^jtXo{6h3@IP=#i`dhgF@B5;EgwcE9?EB-<2jSd@Vf4>1 z`Y4P(4x>-P$xoyC&-O;2hYMds(U;-kR}+7kUWqE-rh?$(#qUGukEq|)o&NXQZ@rsjx6gwFXIJnQ7`1I>x7bCQ5HIdV^ zP3_P^Td?JbF6oMHuP7k9OS(mGIAa%fW9Ja!EEI&+GA|wJS9)Yo|3*~w3R&s0D_-Dt z+iF0%`r1Gi1;i;zL}3ZHm^S`*+j{qW&LVdSoSa<}b4JXKLBQLB$8~%!-RVn2?2j=_bK%k5+M3WBoWCGv!+`dYg zqU*_D53_ow?F2$E*7XN@U;2)ig#aRqcaf6+i5;rRWlw2{Z557Va@da8Vhi!#o3oh~ zUD3WMZ3hxN%0*PjPN6hHL%M7DAxbMK3q`pVDfP>6#`&}U60O}b* z#>c7ZQ18{m(nGp|7w9873k9T%&s2F?#GEbSr0kbML0wMlp(>4ihACs2@`|n)GHBIZ zG$}{aX~*$~b(c3F3$_#2SG^ISVY|X<3&FxUtDuB%dy$bl;M|~eid7FCp|&bv3cwPM z$ru?$o~i<*pdDSE$hvga^S&f)b1$N#MhfD$5 z{UQy6vAd=Z=D>$ZT_#vMmv>}QwAWDaP8WvDvWl#CQyT68a6$45tih!U%5~^K6o&C+K zU+V|pPp3?(%!n(Cg0vmP+Txk6LaEzOwyqmyYwnUAm?Kc&R=2%}7;ka9368Obdw3&W zUgS-n2l%%^U*jpzoA||`$N43ohxv~{|G-;7=lM@SUpI7_pMv)&G2b)nT&G08P{PH) zI?;TRH)G=lcIF&we3s){Vf$cZPwFmyD&B8SKExAvzLETM@{b&s4SSSt0)3ZX1o~ui zl(=zZr0wU|Y)-Xzw2p30jdW~j#rw}%M@OT?0&Jz$8H*A?I7a>c4tlR zUkEzg{8VxwIl~w^bs8A=8-pacq2YPH0i0V5r!M$R^X>d}upe%^gR#dM`%}|xO|wl; zF!mf{lc#)L{VlSlL&+$y0!O#Nx1V+xKRY@$r`ooRj^0bS>?P47M#o-$1{g2#GeKW5 zZoJ)?`t2`&eUvrc&Cdq&PJTY<7{37YK1266yvlB6n{KRIj1ni}uv2LKA)&6)82YKA zD4-o^cy4;}T3s|1bP3XnvK@$M1??z1*;|DM}n@Nterxu*}HZ zk)@%z%;^hYiJuGlbn+d(5ziM8D4M{Oy@A^rmVROIP1ZQh&%-`=BW+hB@~cN5FbAW= zSd^GqOPj$7DKyD!yN0sa*4hr7qQvo$w$}AO+FAb_rM!IyMo#kYfrh494;l!k_;Pb@qaeAG{?|W zgb_v}VN9o}U2623XV>=spYHVm(TN`$jh7mFnW2{(dWE4^8oJrgt3X%TsjDop%95*$ zud>rt*@jhi`YJo)MDvN}>9N{8VGDT8X5!(}iQ!-vTLVnbQp{u|Z21ab8f*@)-GNUd z(Gose!r$ukB}!!nw Date: Tue, 4 Apr 2023 13:58:03 +0200 Subject: [PATCH 02/52] CODEOWNERS: add RaitoBezarius to llvm tree --- .github/CODEOWNERS | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index 4654518a0e80..1f6fed0d83a0 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -138,7 +138,7 @@ # C compilers /pkgs/development/compilers/gcc @matthewbauer -/pkgs/development/compilers/llvm @matthewbauer +/pkgs/development/compilers/llvm @matthewbauer @RaitoBezarius # Compatibility stuff /pkgs/top-level/unix-tools.nix @matthewbauer From 479629550084d43fda03ed4f6c41e7c22698d11a Mon Sep 17 00:00:00 2001 From: Fabian Affolter Date: Sat, 15 Apr 2023 19:57:12 +0200 Subject: [PATCH 03/52] python310Packages.crate: 0.30.0 -> 0.31.0 Changelog: https://github.com/crate/crate-python/blob/0.31.0/CHANGES.txt --- pkgs/development/python-modules/crate/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/python-modules/crate/default.nix b/pkgs/development/python-modules/crate/default.nix index 4da552db399b..bdfefe2aa28a 100644 --- a/pkgs/development/python-modules/crate/default.nix +++ b/pkgs/development/python-modules/crate/default.nix @@ -12,14 +12,14 @@ buildPythonPackage rec { pname = "crate"; - version = "0.30.0"; + version = "0.31.0"; format = "setuptools"; disabled = pythonOlder "3.7"; src = fetchPypi { inherit pname version; - hash = "sha256-8xraDCFZbpJZsh3sO5VlSHwnEfH4u4AJZkXA+L4TB60="; + hash = "sha256-HhncnVmUXyHLaLkhIFS89NnKoSY42C1GipOqurIsoZ4="; }; propagatedBuildInputs = [ From 73c5e2a5c5eeff3fc46b54264b0ef1af4a304f69 Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Mon, 17 Apr 2023 00:08:52 +0000 Subject: [PATCH 04/52] sq: 0.25.1 -> 0.33.0 --- pkgs/development/tools/sq/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/development/tools/sq/default.nix b/pkgs/development/tools/sq/default.nix index 39c24732cb30..dd5931f514e1 100644 --- a/pkgs/development/tools/sq/default.nix +++ b/pkgs/development/tools/sq/default.nix @@ -2,16 +2,16 @@ buildGoModule rec { pname = "sq"; - version = "0.25.1"; + version = "0.33.0"; src = fetchFromGitHub { owner = "neilotoole"; repo = pname; rev = "v${version}"; - sha256 = "sha256-FYEgCXXcVhm6vv1QT8UqCBo+/o0dAPwbR3ZNB72MrGI="; + sha256 = "sha256-1I6adQLbVx4Gj9rdocpEPyQagEpaI4a4sHUaSyntyGI="; }; - vendorHash = "sha256-Kcl0/txbq7+xA6826SzSrZx4L02GHcXG5ciKmkrtWLI="; + vendorHash = "sha256-e14qz4KTD2aAl1G5wj2/T0cxocvscj0r+c8So+omA38="; proxyVendor = true; From 9c8a86d52f66d64cb5d268398fd5269a3cbb024b Mon Sep 17 00:00:00 2001 From: Doron Behar Date: Mon, 17 Apr 2023 19:22:18 +0300 Subject: [PATCH 05/52] Revert "uhd: fix cross" This reverts commit ec1631a06f864c5303c86f63862e5bc3c4ee3e67. It was merged too fast, without giving a chance to maintainers to suggest the changes in the upcoming commits. --- pkgs/applications/radio/uhd/default.nix | 1 - 1 file changed, 1 deletion(-) diff --git a/pkgs/applications/radio/uhd/default.nix b/pkgs/applications/radio/uhd/default.nix index 476a954f8181..b810af6e2ea6 100644 --- a/pkgs/applications/radio/uhd/default.nix +++ b/pkgs/applications/radio/uhd/default.nix @@ -93,7 +93,6 @@ stdenv.mkDerivation rec { nativeBuildInputs = [ cmake pkg-config - python3 ] # If both enableLibuhd_Python_api and enableUtils are off, we don't need # pythonEnv in buildInputs as it's a 'build' dependency and not a runtime From 3697ccb4b1444c1cd4259da5bb875308b091488b Mon Sep 17 00:00:00 2001 From: Doron Behar Date: Mon, 17 Apr 2023 19:27:27 +0300 Subject: [PATCH 06/52] uhd: Remove neon.patch not applying anymore --- pkgs/applications/radio/uhd/default.nix | 2 -- pkgs/applications/radio/uhd/neon.patch | 19 ------------------- 2 files changed, 21 deletions(-) delete mode 100644 pkgs/applications/radio/uhd/neon.patch diff --git a/pkgs/applications/radio/uhd/default.nix b/pkgs/applications/radio/uhd/default.nix index b810af6e2ea6..678236ebbefe 100644 --- a/pkgs/applications/radio/uhd/default.nix +++ b/pkgs/applications/radio/uhd/default.nix @@ -121,8 +121,6 @@ stdenv.mkDerivation rec { patches = [ # Disable tests that fail in the sandbox ./no-adapter-tests.patch - ] ++ lib.optionals stdenv.isAarch32 [ - ./neon.patch ]; postPhases = [ "installFirmware" "removeInstalledTests" ] diff --git a/pkgs/applications/radio/uhd/neon.patch b/pkgs/applications/radio/uhd/neon.patch deleted file mode 100644 index 18ec59c1d64b..000000000000 --- a/pkgs/applications/radio/uhd/neon.patch +++ /dev/null @@ -1,19 +0,0 @@ -Description: When building for armhf, enable NEON - NEON is part of the armhf baseline, so this will always be enabled on - armhf. -Author: Paul Tagliamonte -Bug-Debian: https://bugs.debian.org/873608 -Origin: vendor -Last-Update: 2017-08-29 - ---- uhd-3.10.2.0.orig/host/lib/convert/CMakeLists.txt -+++ uhd-3.10.2.0/host/lib/convert/CMakeLists.txt -@@ -67,6 +67,8 @@ IF(HAVE_ARM_NEON_H AND (${CMAKE_SIZEOF_V - ${CMAKE_CURRENT_SOURCE_DIR}/convert_with_neon.cpp - ${CMAKE_CURRENT_SOURCE_DIR}/convert_neon.S - ) -+ -+ SET ( CMAKE_CXX_FLAGS "-mfpu=neon" ) - ENDIF() - - ######################################################################## From be4ae4fbfdbb44c44e74cc01b35739aecd56cf35 Mon Sep 17 00:00:00 2001 From: Doron Behar Date: Mon, 17 Apr 2023 19:30:30 +0300 Subject: [PATCH 07/52] uhd: Remove unused enableSim flag --- pkgs/applications/radio/uhd/default.nix | 1 - 1 file changed, 1 deletion(-) diff --git a/pkgs/applications/radio/uhd/default.nix b/pkgs/applications/radio/uhd/default.nix index 678236ebbefe..0658402dea1b 100644 --- a/pkgs/applications/radio/uhd/default.nix +++ b/pkgs/applications/radio/uhd/default.nix @@ -13,7 +13,6 @@ , python3 , enableExamples ? false , enableUtils ? false -, enableSim ? false , libusb1 , enableDpdk ? false , dpdk From 25665063b9077c9cdc6db1549ebb3d3ae070b892 Mon Sep 17 00:00:00 2001 From: Doron Behar Date: Mon, 17 Apr 2023 19:32:10 +0300 Subject: [PATCH 08/52] uhd: Add a buildPackages pythonEnv for nativeBuildInputs --- pkgs/applications/radio/uhd/default.nix | 21 ++++++++++----------- 1 file changed, 10 insertions(+), 11 deletions(-) diff --git a/pkgs/applications/radio/uhd/default.nix b/pkgs/applications/radio/uhd/default.nix index 0658402dea1b..873c49dd9a7c 100644 --- a/pkgs/applications/radio/uhd/default.nix +++ b/pkgs/applications/radio/uhd/default.nix @@ -11,6 +11,7 @@ # requires numpy , enablePythonApi ? false , python3 +, buildPackages , enableExamples ? false , enableUtils ? false , libusb1 @@ -33,6 +34,11 @@ let onOffBool = b: if b then "ON" else "OFF"; inherit (lib) optionals; + # Later used in pythonEnv generation. Python + mako are always required for the build itself but not necessary for runtime. + pythonEnvArg = (ps: with ps; [ mako ] + ++ optionals (enablePythonApi) [ numpy setuptools ] + ++ optionals (enableUtils) [ requests six ] + ); in stdenv.mkDerivation rec { @@ -83,21 +89,14 @@ stdenv.mkDerivation rec { ++ [ (lib.optionalString stdenv.isAarch32 "-DCMAKE_CXX_FLAGS=-Wno-psabi") ] ; - # Python + mako are always required for the build itself but not necessary for runtime. - pythonEnv = python3.withPackages (ps: with ps; [ mako ] - ++ optionals (enablePythonApi) [ numpy setuptools ] - ++ optionals (enableUtils) [ requests six ] - ); + pythonEnv = python3.withPackages pythonEnvArg; nativeBuildInputs = [ cmake pkg-config - ] - # If both enableLibuhd_Python_api and enableUtils are off, we don't need - # pythonEnv in buildInputs as it's a 'build' dependency and not a runtime - # dependency - ++ optionals (!enablePythonApi && !enableUtils) [ pythonEnv ] - ; + # Present both here and in buildInputs for cross compilation. + (buildPackages.python3.withPackages pythonEnvArg) + ]; buildInputs = [ boost libusb1 From 0f05321d784fdd9e6b3a80aabe292a32d28e96c1 Mon Sep 17 00:00:00 2001 From: Albert Peschar Date: Tue, 18 Apr 2023 17:44:25 +0300 Subject: [PATCH 09/52] zfs: enable keylocation=http:// When ZFS is built with cURL, it allows retrieving encryption keys from URLs automatically. --- nixos/tests/zfs.nix | 26 ++++++++++++++++++++++++-- pkgs/os-specific/linux/zfs/default.nix | 4 ++++ 2 files changed, 28 insertions(+), 2 deletions(-) diff --git a/nixos/tests/zfs.nix b/nixos/tests/zfs.nix index bcb9d9bcfd60..ce2796b67da4 100644 --- a/nixos/tests/zfs.nix +++ b/nixos/tests/zfs.nix @@ -80,6 +80,11 @@ let fsType = "zfs"; options = [ "noauto" ]; }; + virtualisation.fileSystems."/manual/httpkey" = { + device = "manual/httpkey"; + fsType = "zfs"; + options = [ "noauto" ]; + }; }; specialisation.forcepool.configuration = { @@ -92,6 +97,19 @@ let options = [ "noauto" ]; }; }; + + services.nginx = { + enable = true; + virtualHosts = { + localhost = { + locations = { + "/zfskey" = { + return = ''200 "httpkeyabc"''; + }; + }; + }; + }; + }; }; testScript = '' @@ -130,6 +148,8 @@ let "zpool create -O mountpoint=legacy manual /dev/vdd1", "echo otherpass | zfs create " + "-o encryption=aes-256-gcm -o keyformat=passphrase manual/encrypted", + "zfs create -o encryption=aes-256-gcm -o keyformat=passphrase " + + "-o keylocation=http://localhost/zfskey manual/httpkey", "bootctl set-default nixos-generation-1-specialisation-encryption.conf", "sync", "zpool export automatic", @@ -141,10 +161,12 @@ let machine.send_console("password\n") machine.wait_for_unit("multi-user.target") machine.succeed( - "zfs get keystatus manual/encrypted | grep unavailable", + "zfs get -Ho value keystatus manual/encrypted | grep -Fx unavailable", "echo otherpass | zfs load-key manual/encrypted", "systemctl start manual-encrypted.mount", - "umount /automatic /manual/encrypted /manual", + "zfs load-key manual/httpkey", + "systemctl start manual-httpkey.mount", + "umount /automatic /manual/encrypted /manual/httpkey /manual", "zpool destroy automatic", "zpool destroy manual", ) diff --git a/pkgs/os-specific/linux/zfs/default.nix b/pkgs/os-specific/linux/zfs/default.nix index 8655bd2ed323..7476a0c845fe 100644 --- a/pkgs/os-specific/linux/zfs/default.nix +++ b/pkgs/os-specific/linux/zfs/default.nix @@ -10,6 +10,7 @@ , gawk, gnugrep, gnused, systemd , smartmontools, enableMail ? false , sysstat, pkg-config +, curl # Kernel dependencies , kernel ? null @@ -76,6 +77,8 @@ let nfs-utils.override (old: { enablePython = old.enablePython or true && enablePython; }) }/bin/exportfs" substituteInPlace ./lib/libshare/smb.h --replace "/usr/bin/net" "${samba}/bin/net" + # Disable dynamic loading of libcurl + substituteInPlace ./config/user-libfetch.m4 --replace "curl-config --built-shared" "true" substituteInPlace ./config/user-systemd.m4 --replace "/usr/lib/modules-load.d" "$out/etc/modules-load.d" substituteInPlace ./config/zfs-build.m4 --replace "\$sysconfdir/init.d" "$out/etc/init.d" \ --replace "/etc/default" "$out/etc/default" @@ -111,6 +114,7 @@ let ++ optional buildUser pkg-config; buildInputs = optionals buildUser [ zlib libuuid attr libtirpc ] ++ optional buildUser openssl + ++ optional buildUser curl ++ optional (buildUser && enablePython) python3; # for zdb to get the rpath to libgcc_s, needed for pthread_cancel to work From 8eb15c53208cf0e1010c570d21148cfaeceaa111 Mon Sep 17 00:00:00 2001 From: Weijia Wang <9713184+wegank@users.noreply.github.com> Date: Tue, 18 Apr 2023 18:55:47 +0300 Subject: [PATCH 10/52] systemd.services.prlshprint: fix type --- nixos/modules/virtualisation/parallels-guest.nix | 1 - 1 file changed, 1 deletion(-) diff --git a/nixos/modules/virtualisation/parallels-guest.nix b/nixos/modules/virtualisation/parallels-guest.nix index 07a61bf208db..dba8ce02b724 100644 --- a/nixos/modules/virtualisation/parallels-guest.nix +++ b/nixos/modules/virtualisation/parallels-guest.nix @@ -87,7 +87,6 @@ in bindsTo = [ "cups.service" ]; path = [ prl-tools ]; serviceConfig = { - Type = "forking"; ExecStart = "${prl-tools}/bin/prlshprint"; WorkingDirectory = "${prl-tools}/bin"; }; From 0f6857d433fd376d357c2d67afb61072187cecce Mon Sep 17 00:00:00 2001 From: Doron Behar Date: Fri, 14 Apr 2023 20:50:33 +0300 Subject: [PATCH 11/52] mlterm: desktopItem: update attributes to remove warnings Remove deprecated `Application` category and make `comment` different then `name`. --- pkgs/applications/terminal-emulators/mlterm/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/applications/terminal-emulators/mlterm/default.nix b/pkgs/applications/terminal-emulators/mlterm/default.nix index cc26d4eea295..20fe040a76df 100644 --- a/pkgs/applications/terminal-emulators/mlterm/default.nix +++ b/pkgs/applications/terminal-emulators/mlterm/default.nix @@ -95,10 +95,10 @@ stdenv.mkDerivation rec { exec = "mlterm %U"; icon = "mlterm"; type = "Application"; - comment = "Terminal emulator"; + comment = "Multi Lingual TERMinal emulator"; desktopName = "mlterm"; genericName = "Terminal emulator"; - categories = [ "Application" "System" "TerminalEmulator" ]; + categories = [ "System" "TerminalEmulator" ]; startupNotify = false; }; From c5a159637d0c97de30ff490e74bea8d8cea1a27a Mon Sep 17 00:00:00 2001 From: Doron Behar Date: Sat, 15 Apr 2023 01:51:15 +0300 Subject: [PATCH 12/52] mlterm: add doronbehar as maintainer --- pkgs/applications/terminal-emulators/mlterm/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkgs/applications/terminal-emulators/mlterm/default.nix b/pkgs/applications/terminal-emulators/mlterm/default.nix index 20fe040a76df..66148adde2d2 100644 --- a/pkgs/applications/terminal-emulators/mlterm/default.nix +++ b/pkgs/applications/terminal-emulators/mlterm/default.nix @@ -108,7 +108,7 @@ stdenv.mkDerivation rec { description = "Multi Lingual TERMinal emulator"; homepage = "https://mlterm.sourceforge.net/"; license = licenses.bsd3; - maintainers = with maintainers; [ ramkromberg atemu ]; + maintainers = with maintainers; [ ramkromberg atemu doronbehar ]; platforms = platforms.all; }; } From a4f65246a09e08246d1eee2c1fad7f537cfb4bd0 Mon Sep 17 00:00:00 2001 From: Doron Behar Date: Fri, 14 Apr 2023 20:45:58 +0300 Subject: [PATCH 13/52] mlterm: cleanup `Cocoa` unused input --- pkgs/applications/terminal-emulators/mlterm/default.nix | 1 - pkgs/top-level/all-packages.nix | 4 +--- 2 files changed, 1 insertion(+), 4 deletions(-) diff --git a/pkgs/applications/terminal-emulators/mlterm/default.nix b/pkgs/applications/terminal-emulators/mlterm/default.nix index 66148adde2d2..bc93f167e85d 100644 --- a/pkgs/applications/terminal-emulators/mlterm/default.nix +++ b/pkgs/applications/terminal-emulators/mlterm/default.nix @@ -5,7 +5,6 @@ , libssh2 #build-in ssh , fcitx5, fcitx5-gtk, ibus, uim #IME , wrapGAppsHook #color picker in mlconfig -, Cocoa #Darwin }: stdenv.mkDerivation rec { diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index cba86cf44d7f..b89a588ea051 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -2571,9 +2571,7 @@ with pkgs; microcom = callPackage ../applications/terminal-emulators/microcom { }; - mlterm = darwin.apple_sdk_11_0.callPackage ../applications/terminal-emulators/mlterm { - inherit (darwin.apple_sdk_11_0.frameworks) Cocoa; - }; + mlterm = darwin.apple_sdk_11_0.callPackage ../applications/terminal-emulators/mlterm { }; mrxvt = callPackage ../applications/terminal-emulators/mrxvt { }; From 04aa1916154f3a2c02b01e8f1808d030b2d08bf0 Mon Sep 17 00:00:00 2001 From: Sean Buckley Date: Wed, 19 Apr 2023 14:07:33 -0400 Subject: [PATCH 14/52] vmware-horizon-client: use Chroot instead of Bubblewrap When connecting, the client only shows a blank screen if run under bubblewrap --- .../networking/remote/vmware-horizon-client/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/applications/networking/remote/vmware-horizon-client/default.nix b/pkgs/applications/networking/remote/vmware-horizon-client/default.nix index a6cd01390b71..34f7f9b22eb9 100644 --- a/pkgs/applications/networking/remote/vmware-horizon-client/default.nix +++ b/pkgs/applications/networking/remote/vmware-horizon-client/default.nix @@ -1,6 +1,6 @@ { stdenv , lib -, buildFHSEnv +, buildFHSEnvChroot , fetchurl , gsettings-desktop-schemas , makeDesktopItem @@ -57,7 +57,7 @@ let ''; }; - vmwareFHSUserEnv = name: buildFHSEnv { + vmwareFHSUserEnv = name: buildFHSEnvChroot { inherit name; runScript = "${vmwareHorizonClientFiles}/bin/${name}_wrapper"; From 5594826e597bf5752f37bae26a9c1af0b4f12d71 Mon Sep 17 00:00:00 2001 From: Sean Buckley Date: Wed, 19 Apr 2023 14:08:18 -0400 Subject: [PATCH 15/52] vmware-horizon-client: include opensc for smartcard support --- .../networking/remote/vmware-horizon-client/default.nix | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/pkgs/applications/networking/remote/vmware-horizon-client/default.nix b/pkgs/applications/networking/remote/vmware-horizon-client/default.nix index 34f7f9b22eb9..6b6e152efab3 100644 --- a/pkgs/applications/networking/remote/vmware-horizon-client/default.nix +++ b/pkgs/applications/networking/remote/vmware-horizon-client/default.nix @@ -5,6 +5,7 @@ , gsettings-desktop-schemas , makeDesktopItem , makeWrapper +, opensc , writeTextDir , configText ? "" }: @@ -53,6 +54,11 @@ let # This library causes the program to core-dump occasionally. Use ours instead. rm -r $out/lib/vmware/view/crtbora + # This opensc library is required to support smartcard authentication during the + # initial connection to Horizon. + mkdir $out/lib/vmware/view/pkcs11 + ln -s ${opensc}/lib/pkcs11/opensc-pkcs11.so $out/lib/vmware/view/pkcs11/libopenscpkcs11.so + ${lib.concatMapStrings wrapBinCommands bins} ''; }; From 430f1dcdbd362d9c37ba516edbb395570df47339 Mon Sep 17 00:00:00 2001 From: Maximilian Bosch Date: Thu, 20 Apr 2023 11:34:54 +0200 Subject: [PATCH 16/52] nextcloud: remove nextcloud24, 25.0.5 -> 25.0.6, 26.0.0 -> 26.0.1 --- nixos/modules/services/web-apps/nextcloud.nix | 2 +- nixos/tests/nextcloud/default.nix | 2 +- pkgs/servers/nextcloud/default.nix | 23 +- pkgs/servers/nextcloud/packages/24.json | 242 ------------------ pkgs/top-level/all-packages.nix | 4 +- 5 files changed, 18 insertions(+), 255 deletions(-) delete mode 100644 pkgs/servers/nextcloud/packages/24.json diff --git a/nixos/modules/services/web-apps/nextcloud.nix b/nixos/modules/services/web-apps/nextcloud.nix index 76a0172747ff..da1c4b9eae23 100644 --- a/nixos/modules/services/web-apps/nextcloud.nix +++ b/nixos/modules/services/web-apps/nextcloud.nix @@ -204,7 +204,7 @@ in { package = mkOption { type = types.package; description = lib.mdDoc "Which package to use for the Nextcloud instance."; - relatedPackages = [ "nextcloud24" "nextcloud25" "nextcloud26" ]; + relatedPackages = [ "nextcloud25" "nextcloud26" ]; }; phpPackage = mkOption { type = types.package; diff --git a/nixos/tests/nextcloud/default.nix b/nixos/tests/nextcloud/default.nix index 350486e8c733..78fe026b4a84 100644 --- a/nixos/tests/nextcloud/default.nix +++ b/nixos/tests/nextcloud/default.nix @@ -26,4 +26,4 @@ foldl }; }) { } - [ 24 25 26 ] + [ 25 26 ] diff --git a/pkgs/servers/nextcloud/default.nix b/pkgs/servers/nextcloud/default.nix index c6385d6dd744..7c22008e8dbc 100644 --- a/pkgs/servers/nextcloud/default.nix +++ b/pkgs/servers/nextcloud/default.nix @@ -39,19 +39,26 @@ let }; }; in { - nextcloud24 = generic { - version = "24.0.11"; - sha256 = "sha256-ipsg4rulhRnatEW9VwUJLvOEtX5ZiK7MXK3AU8Q9qIo="; - }; + nextcloud24 = throw '' + Nextcloud v24 has been removed from `nixpkgs` as the support for is dropped + by upstream in 2023-04. Please upgrade to at least Nextcloud v25 by declaring + + services.nextcloud.package = pkgs.nextcloud25; + + in your NixOS config. + + WARNING: if you were on Nextcloud 23 you have to upgrade to Nextcloud 24 + first on 22.11 because Nextcloud doesn't support upgrades across multiple major versions! + ''; nextcloud25 = generic { - version = "25.0.5"; - sha256 = "sha256-xtxjLYPGK9V0GvUzXcE7awzeYQZNPNmlHuDmtHeMqaU="; + version = "25.0.6"; + sha256 = "sha256-fYtO3CZ5oNpaIs+S+emMrxqYNlck0AC43fxdiomsjDg="; }; nextcloud26 = generic { - version = "26.0.0"; - sha256 = "sha256-8WMVA2Ou6TZuy1zVJZv2dW7U8HPOp4tfpRXK2noNDD0="; + version = "26.0.1"; + sha256 = "sha256-b5xqEkjXyK9K1HPXOkJWX2rautRTHFz6V7w0l7K2T0g="; }; # tip: get the sha with: diff --git a/pkgs/servers/nextcloud/packages/24.json b/pkgs/servers/nextcloud/packages/24.json deleted file mode 100644 index 83eac3d156f3..000000000000 --- a/pkgs/servers/nextcloud/packages/24.json +++ /dev/null @@ -1,242 +0,0 @@ -{ - "bookmarks": { - "sha256": "1jkbwzig4xd042jcbdbdh4whkpxb87f7ba0c89c78bdgcqzjv1a3", - "url": "https://github.com/nextcloud/bookmarks/releases/download/v11.0.4/bookmarks-11.0.4.tar.gz", - "version": "11.0.4", - "description": "- πŸ“‚ Sort bookmarks into folders\n- 🏷 Add tags and personal notes\n- πŸ” Full-text search\n- πŸ“² Synchronize with all your browsers and devices\n- πŸ‘ͺ Share bookmarks with other users and publicly\n- ☠ Find broken links\n- βš› Generate RSS feeds of your collections\n- πŸ“” Read archived versions of your links in case they are depublished\n- πŸ’¬ Create new bookmarks directly from within Nextcloud Talk\n- πŸ’Ό Built-in Dashboard widgets for frequent and recent links\n\nRequirements:\n - PHP v7.4+\n - PHP extensions:\n - intl: *\n - mbstring: *\n - when using MySQL, use at least v8.0", - "homepage": "https://github.com/nextcloud/bookmarks", - "licenses": [ - "agpl" - ] - }, - "calendar": { - "sha256": "0zzq556727yryxa0zas6agm6azl1898gbjx4wnl8d8m9hczf6xr2", - "url": "https://github.com/nextcloud-releases/calendar/releases/download/v3.5.7/calendar-v3.5.7.tar.gz", - "version": "3.5.7", - "description": "The Calendar app is a user interface for Nextcloud's CalDAV server. Easily sync events from various devices with your Nextcloud and edit them online.\n\n* πŸš€ **Integration with other Nextcloud apps!** Currently Contacts - more to come.\n* 🌐 **WebCal Support!** Want to see your favorite team’s matchdays in your calendar? No problem!\n* πŸ™‹ **Attendees!** Invite people to your events\n* ⌚️ **Free/Busy!** See when your attendees are available to meet\n* ⏰ **Reminders!** Get alarms for events inside your browser and via email\n* πŸ” Search! Find your events at ease\n* β˜‘οΈ Tasks! See tasks with a due date directly in the calendar\n* πŸ™ˆ **We’re not reinventing the wheel!** Based on the great [c-dav library](https://github.com/nextcloud/cdav-library), [ical.js](https://github.com/mozilla-comm/ical.js) and [fullcalendar](https://github.com/fullcalendar/fullcalendar) libraries.", - "homepage": "https://github.com/nextcloud/calendar/", - "licenses": [ - "agpl" - ] - }, - "contacts": { - "sha256": "1r0z0ldywzaw7a87hlsbn1f9pxqndqpxxa6khn70yh02cjrzh03m", - "url": "https://github.com/nextcloud-releases/contacts/releases/download/v4.2.5/contacts-v4.2.5.tar.gz", - "version": "4.2.5", - "description": "The Nextcloud contacts app is a user interface for Nextcloud's CardDAV server. Easily sync contacts from various devices with your Nextcloud and edit them online.\n\n* πŸš€ **Integration with other Nextcloud apps!** Currently Mail and Calendar – more to come.\n* πŸŽ‰ **Never forget a birthday!** You can sync birthdays and other recurring events with your Nextcloud Calendar.\n* πŸ‘₯ **Sharing of Adressbooks!** You want to share your contacts with your friends or coworkers? No problem!\n* πŸ™ˆ **We’re not reinventing the wheel!** Based on the great and open SabreDAV library.", - "homepage": "https://github.com/nextcloud/contacts#readme", - "licenses": [ - "agpl" - ] - }, - "deck": { - "sha256": "1q21vpq9fv6p9harn96fq7cn68qixw3d08s9yf25mnxzpynrwv50", - "url": "https://github.com/nextcloud-releases/deck/releases/download/v1.7.3/deck-v1.7.3.tar.gz", - "version": "1.7.3", - "description": "Deck is a kanban style organization tool aimed at personal planning and project organization for teams integrated with Nextcloud.\n\n\n- πŸ“₯ Add your tasks to cards and put them in order\n- πŸ“„ Write down additional notes in Markdown\n- πŸ”– Assign labels for even better organization\n- πŸ‘₯ Share with your team, friends or family\n- πŸ“Ž Attach files and embed them in your Markdown description\n- πŸ’¬ Discuss with your team using comments\n- ⚑ Keep track of changes in the activity stream\n- πŸš€ Get your project organized", - "homepage": "https://github.com/nextcloud/deck", - "licenses": [ - "agpl" - ] - }, - "files_markdown": { - "sha256": "1dhl83vxk6aznakmvbcx52gl8slhy6jz1vqwiv8nwfjh75aczzxy", - "url": "https://github.com/icewind1991/files_markdown/releases/download/v2.3.6/files_markdown.tar.gz", - "version": "2.3.6", - "description": "Markdown Editor extends the Nextcloud text editor with a live preview for markdown files.\n\nA full list of features can be found [in the README](https://github.com/icewind1991/files_markdown)", - "homepage": "https://github.com/icewind1991/files_markdown", - "licenses": [ - "agpl" - ] - }, - "files_texteditor": { - "sha256": "0rmk14iw34pd81snp3lm01k07wm5j2nh9spcd4j0m43l20b7kxss", - "url": "https://github.com/nextcloud-releases/files_texteditor/releases/download/v2.15.0/files_texteditor.tar.gz", - "version": "2.15.0", - "description": "This application enables Nextcloud users to open, save and edit text files in the web browser. If enabled, an entry called \"Text file\" in the \"New\" button menu at the top of the web browser appears. When clicked, a new text file opens in the browser and the file can be saved into the current Nextcloud directory. Further, when a text file is clicked in the web browser, it will be opened and editable. If the privileges allow, a user can also edit shared files and save these changes back into the web browser.\nMore information is available in the text editor documentation.", - "homepage": "https://github.com/nextcloud/files_texteditor", - "licenses": [ - "agpl" - ] - }, - "forms": { - "sha256": "1payxppd2j0n67kcswb3dkk2a467fahwakxs7wqsfqgqgr9mcbl4", - "url": "https://github.com/nextcloud/forms/releases/download/v2.5.2/forms.tar.gz", - "version": "2.5.2", - "description": "**Simple surveys and questionnaires, self-hosted!**\n\n- **πŸ“ Simple design:** No mass of options, only the essentials. Works well on mobile of course.\n- **πŸ“Š View & export results:** Results are visualized and can also be exported as CSV in the same format used by Google Forms.\n- **πŸ”’ Data under your control!** Unlike in Google Forms, Typeform, Doodle and others, the survey info and responses are kept private on your instance.\n- **πŸ§‘β€πŸ’» Connect to your software:** Easily integrate Forms into your service with our full-fledged [REST-API](https://github.com/nextcloud/forms/blob/main/docs/API.md).\n- **πŸ™‹ Get involved!** We have lots of stuff planned like more question types, collaboration on forms, [and much more](https://github.com/nextcloud/forms/milestones)!", - "homepage": "https://github.com/nextcloud/forms", - "licenses": [ - "agpl" - ] - }, - "groupfolders": { - "sha256": "09lz63n9i040lndzmpm6rdlpviaa8m9skpjw98m18miamdmqbf0d", - "url": "https://github.com/nextcloud-releases/groupfolders/releases/download/v12.0.3/groupfolders-v12.0.3.tar.gz", - "version": "12.0.3", - "description": "Admin configured folders shared with everyone in a group.\n\nFolders can be configured from *Group folders* in the admin settings.\n\nAfter a folder is created, the admin can give access to the folder to one or more groups, control their write/sharing permissions and assign a quota for the folder.\n\nNote: Encrypting the contents of group folders is currently not supported.", - "homepage": "https://github.com/nextcloud/groupfolders", - "licenses": [ - "agpl" - ] - }, - "impersonate": { - "sha256": "1kjibw5rigij51j6vjmx7ykrk61lg98syp7kkr0fzgwzvxrdniah", - "url": "https://github.com/nextcloud-releases/impersonate/releases/download/v1.11.1/impersonate-v1.11.1.tar.gz", - "version": "1.11.1", - "description": "By installing the impersonate app of your Nextcloud you enable administrators to impersonate other users on the Nextcloud server. This is especially useful for debugging issues reported by users.\n\nTo impersonate a user an administrator has to simply follow the following four steps:\n\n1. Login as administrator to Nextcloud.\n2. Open users administration interface.\n3. Select the impersonate button on the affected user.\n4. Confirm the impersonation.\n\nThe administrator is then logged-in as the user, to switch back to the regular user account they simply have to press the logout button.\n\n**Note:**\n\n- This app is not compatible with instances that have encryption enabled.\n- While impersonate actions are logged note that actions performed impersonated will be logged as the impersonated user.\n- Impersonating a user is only possible after their first login.", - "homepage": "https://github.com/nextcloud/impersonate", - "licenses": [ - "agpl" - ] - }, - "keeweb": { - "sha256": "19wzp588p3a87bi7ajn2r8jmsjjzzc1g8bkpwkidv66gi87gv9sr", - "url": "https://github.com/jhass/nextcloud-keeweb/releases/download/v0.6.12/keeweb-0.6.12.tar.gz", - "version": "0.6.12", - "description": "Open Keepass stores inside Nextcloud with Keeweb just by clicking on an *.kdbx file in your Nextcloud.", - "homepage": "https://github.com/jhass/nextcloud-keeweb", - "licenses": [ - "agpl" - ] - }, - "mail": { - "sha256": "1a697wf2lq596dk04acd6qpmx9immh6v8npj0kf43m31kc3hm0rs", - "url": "https://github.com/nextcloud-releases/mail/releases/download/v1.15.3/mail-v1.15.3.tar.gz", - "version": "1.15.3", - "description": "**πŸ’Œ A mail app for Nextcloud**\n\n- **πŸš€ Integration with other Nextcloud apps!** Currently Contacts, Calendar & Files – more to come.\n- **πŸ“₯ Multiple mail accounts!** Personal and company account? No problem, and a nice unified inbox. Connect any IMAP account.\n- **πŸ”’ Send & receive encrypted mails!** Using the great [Mailvelope](https://mailvelope.com) browser extension.\n- **πŸ™ˆ We’re not reinventing the wheel!** Based on the great [Horde](https://horde.org) libraries.\n- **πŸ“¬ Want to host your own mail server?** We do not have to reimplement this as you could set up [Mail-in-a-Box](https://mailinabox.email)!", - "homepage": "https://github.com/nextcloud/mail#readme", - "licenses": [ - "agpl" - ] - }, - "news": { - "sha256": "1zyn6rs24f5dsb4z65dzx2mdkw8gy8n3adk9dgyyd4cjjhhixhsm", - "url": "https://github.com/nextcloud/news/releases/download/21.2.0-beta3/news.tar.gz", - "version": "21.2.0-beta3", - "description": "πŸ“° A RSS/Atom Feed reader App for Nextcloud\n\n- πŸ“² Synchronize your feeds with multiple mobile or desktop [clients](https://nextcloud.github.io/news/clients/)\n- πŸ”„ Automatic updates of your news feeds\n- πŸ†“ Free and open source under AGPLv3, no ads or premium functions\n\n**System Cron is currently required for this app to work**\n\nRequirements can be found [here](https://nextcloud.github.io/news/install/#dependencies)\n\nThe Changelog is available [here](https://github.com/nextcloud/news/blob/master/CHANGELOG.md)\n\nCreate a [bug report](https://github.com/nextcloud/news/issues/new/choose)\n\nCreate a [feature request](https://github.com/nextcloud/news/discussions/new)\n\nReport a [feed issue](https://github.com/nextcloud/news/discussions/new)", - "homepage": "https://github.com/nextcloud/news", - "licenses": [ - "agpl" - ] - }, - "notes": { - "sha256": "0b88xsznfi31la7iyj4b7j1qlb8wvrmq49z9dgdrwja3r81mxnsr", - "url": "https://github.com/nextcloud/notes/releases/download/v4.5.1/notes.tar.gz", - "version": "4.5.1", - "description": "The Notes app is a distraction free notes taking app for [Nextcloud](https://www.nextcloud.com/). It provides categories for better organization and supports formatting using [Markdown](https://en.wikipedia.org/wiki/Markdown) syntax. Notes are saved as files in your Nextcloud, so you can view and edit them with every Nextcloud client. Furthermore, a separate [REST API](https://github.com/nextcloud/notes/blob/master/docs/api/README.md) allows for an easy integration into third-party apps (currently, there are notes apps for [Android](https://github.com/nextcloud/notes-android), [iOS](https://github.com/nextcloud/notes-ios) and the [console](https://git.danielmoch.com/nncli/about) which allow convenient access to your Nextcloud notes). Further features include marking notes as favorites.", - "homepage": "https://github.com/nextcloud/notes", - "licenses": [ - "agpl" - ] - }, - "notify_push": { - "sha256": "1fz6wi5nb4c2w33vp9ry2mk4lmv7aa3axyfxzldf5w4glfzaymzw", - "url": "https://github.com/nextcloud-releases/notify_push/releases/download/v0.6.2/notify_push-v0.6.2.tar.gz", - "version": "0.6.2", - "description": "Push update support for desktop app.\n\nOnce the app is installed, the push binary needs to be setup. You can either use the setup wizard with `occ notify_push:setup` or see the [README](http://github.com/nextcloud/notify_push) for detailed setup instructions", - "homepage": "", - "licenses": [ - "agpl" - ] - }, - "onlyoffice": { - "sha256": "0hscbm7jcnxyg7ib0g16b0sw8nz7rl6qzx90qmki5knhzrf6hf1j", - "url": "https://github.com/ONLYOFFICE/onlyoffice-nextcloud/releases/download/v7.7.0/onlyoffice.tar.gz", - "version": "7.7.0", - "description": "ONLYOFFICE connector allows you to view, edit and collaborate on text documents, spreadsheets and presentations within Nextcloud using ONLYOFFICE Docs. This will create a new Edit in ONLYOFFICE action within the document library for Office documents. This allows multiple users to co-author documents in real time from the familiar web interface and save the changes back to your file storage.", - "homepage": "https://www.onlyoffice.com", - "licenses": [ - "apache" - ] - }, - "polls": { - "sha256": "0qdm0hnljkv0df1s929awyjj1gsp3d6xv9llr52cxv66kkfx086y", - "url": "https://github.com/nextcloud/polls/releases/download/v3.8.4/polls.tar.gz", - "version": "3.8.4", - "description": "A polls app, similar to Doodle/Dudle with the possibility to restrict access (members, certain groups/users, hidden and public).", - "homepage": "https://github.com/nextcloud/polls", - "licenses": [ - "agpl" - ] - }, - "previewgenerator": { - "sha256": "0vwlx3z80i12f9hm0qrm014a0wybjk2j5is7vyn9wcizhr6mpzjv", - "url": "https://github.com/nextcloud-releases/previewgenerator/releases/download/v5.2.2/previewgenerator-v5.2.2.tar.gz", - "version": "5.2.2", - "description": "The Preview Generator app allows admins to pre-generate previews. The app listens to edit events and stores this information. Once a cron job is triggered it will generate start preview generation. This means that you can better utilize your system by pre-generating previews when your system is normally idle and thus putting less load on your machine when the requests are actually served.\n\nThe app does not replace on demand preview generation so if a preview is requested before it is pre-generated it will still be shown.\nThe first time you install this app, before using a cron job, you properly want to generate all previews via:\n**./occ preview:generate-all -vvv**\n\n**Important**: To enable pre-generation of previews you must add **php /var/www/nextcloud/occ preview:pre-generate** to a system cron job that runs at times of your choosing.", - "homepage": "https://github.com/nextcloud/previewgenerator", - "licenses": [ - "agpl" - ] - }, - "registration": { - "sha256": "0m45limwsk8a86fqjxj2w1753hd2vc5icpv0wcbwrlr0mxxdc46f", - "url": "https://github.com/nextcloud-releases/registration/releases/download/v1.5.0/registration-v1.5.0.tar.gz", - "version": "1.5.0", - "description": "User registration\n\nThis app allows users to register a new account.\n\n# Features\n\n- Add users to a given group\n- Allow-list with email domains (including wildcard) to register with\n- Administrator will be notified via email for new user creation or require approval\n- Supports Nextcloud's Client Login Flow v1 and v2 - allowing registration in the mobile Apps and Desktop clients\n\n# Web form registration flow\n\n1. User enters their email address\n2. Verification link is sent to the email address\n3. User clicks on the verification link\n4. User is lead to a form where they can choose their username and password\n5. New account is created and is logged in automatically", - "homepage": "https://github.com/nextcloud/registration", - "licenses": [ - "agpl" - ] - }, - "spreed": { - "sha256": "1r2n312kxx6ymlwrvqsj230x4zsg6im4xrss04zagiflvfljr5da", - "url": "https://github.com/nextcloud-releases/spreed/releases/download/v14.0.10/spreed-v14.0.10.tar.gz", - "version": "14.0.10", - "description": "Chat, video & audio-conferencing using WebRTC\n\n* πŸ’¬ **Chat integration!** Nextcloud Talk comes with a simple text chat. Allowing you to share files from your Nextcloud and mentioning other participants.\n* πŸ‘₯ **Private, group, public and password protected calls!** Just invite somebody, a whole group or send a public link to invite to a call.\n* πŸ’» **Screen sharing!** Share your screen with participants of your call. You just need to use Firefox version 66 (or newer), latest Edge or Chrome 72 (or newer, also possible using Chrome 49 with this [Chrome extension](https://chrome.google.com/webstore/detail/screensharing-for-nextclo/kepnpjhambipllfmgmbapncekcmabkol)).\n* πŸš€ **Integration with other Nextcloud apps** like Files, Contacts and Deck. More to come.\n\nAnd in the works for the [coming versions](https://github.com/nextcloud/spreed/milestones/):\n* βœ‹ [Federated calls](https://github.com/nextcloud/spreed/issues/21), to call people on other Nextclouds", - "homepage": "https://github.com/nextcloud/spreed", - "licenses": [ - "agpl" - ] - }, - "tasks": { - "sha256": "0jm13d6nm7cfsw27yfiq1il9xjlh0qrq8xby2yz9dmggn7lk1dx5", - "url": "https://github.com/nextcloud/tasks/releases/download/v0.14.5/tasks.tar.gz", - "version": "0.14.5", - "description": "Once enabled, a new Tasks menu will appear in your Nextcloud apps menu. From there you can add and delete tasks, edit their title, description, start and due dates and mark them as important. Tasks can be shared between users. Tasks can be synchronized using CalDav (each task list is linked to an Nextcloud calendar, to sync it to your local client: Thunderbird, Evolution, KDE Kontact, iCal … - just add the calendar as a remote calendar in your client). You can download your tasks as ICS files using the download button for each calendar.", - "homepage": "https://github.com/nextcloud/tasks/", - "licenses": [ - "agpl" - ] - }, - "twofactor_nextcloud_notification": { - "sha256": "1zdx7khsa22k6g9zhcxrgr1mykl16064z0scr5jbgq5ms3hh2q9w", - "url": "https://github.com/nextcloud-releases/twofactor_nextcloud_notification/releases/download/v3.4.0/twofactor_nextcloud_notification-v3.4.0.tar.gz", - "version": "3.4.0", - "description": "Allows using any of your logged in devices as second factor", - "homepage": "https://github.com/nextcloud/twofactor_nextcloud_notification", - "licenses": [ - "agpl" - ] - }, - "twofactor_totp": { - "sha256": "189cwq78dqanqxhsl69dahdkh230zhz2r285lvf0b7pg0sxcs0yc", - "url": "https://github.com/nextcloud-releases/twofactor_totp/releases/download/v6.4.1/twofactor_totp-v6.4.1.tar.gz", - "version": "6.4.1", - "description": "A Two-Factor-Auth Provider for TOTP (RFC 6238)", - "homepage": "https://github.com/nextcloud/twofactor_totp#readme", - "licenses": [ - "agpl" - ] - }, - "twofactor_webauthn": { - "sha256": "10f6dm9cxljicmfk9l4ncg6r7c1jy1pvm0b5kvz35q9jgniq0hcs", - "url": "https://github.com/nextcloud-releases/twofactor_webauthn/releases/download/v0.3.3/twofactor_webauthn-v0.3.3.tar.gz", - "version": "0.3.3", - "description": "A two-factor provider for WebAuthn devices", - "homepage": "https://github.com/nextcloud/twofactor_webauthn#readme", - "licenses": [ - "agpl" - ] - }, - "unsplash": { - "sha256": "1xlqpzry2qq0msrq8alg0mywlhjh09m3z5glh4rgwmh3p5b0777c", - "url": "https://github.com/nextcloud/unsplash/releases/download/v2.0.1/unsplash.tar.gz", - "version": "2.0.1", - "description": "Show a new random featured nature photo in your nextcloud. Now with choosable motives!", - "homepage": "https://github.com/nextcloud/unsplash/", - "licenses": [ - "agpl" - ] - } -} diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 93290034e458..f8e53aa3e23b 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -10260,9 +10260,7 @@ with pkgs; inherit (callPackage ../servers/nextcloud {}) nextcloud24 nextcloud25 nextcloud26; - nextcloud24Packages = ( callPackage ../servers/nextcloud/packages { - apps = lib.importJSON ../servers/nextcloud/packages/24.json; - }); + nextcloud24Packages = throw "Nextcloud24 is EOL!"; nextcloud25Packages = ( callPackage ../servers/nextcloud/packages { apps = lib.importJSON ../servers/nextcloud/packages/25.json; }); From 0abc5bcc7ed8db1ef23165c6ade0d65858b415cf Mon Sep 17 00:00:00 2001 From: Maximilian Bosch Date: Thu, 20 Apr 2023 12:10:37 +0200 Subject: [PATCH 17/52] nixos/nextcloud: for nc26 it's not necessary anymore to set `enableBrokenCiphersForSSE` to `false` --- nixos/modules/services/web-apps/nextcloud.md | 4 +++- nixos/modules/services/web-apps/nextcloud.nix | 4 ++++ 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/nixos/modules/services/web-apps/nextcloud.md b/nixos/modules/services/web-apps/nextcloud.md index 7ef3cca281f9..15c1f2da2724 100644 --- a/nixos/modules/services/web-apps/nextcloud.md +++ b/nixos/modules/services/web-apps/nextcloud.md @@ -132,7 +132,9 @@ Auto updates for Nextcloud apps can be enabled using Nextcloud supports [server-side encryption (SSE)](https://docs.nextcloud.com/server/latest/admin_manual/configuration_files/encryption_configuration.html). This is not an end-to-end encryption, but can be used to encrypt files that will be persisted to external storage such as S3. Please note that this won't work anymore when using OpenSSL 3 - for PHP's openssl extension because this is implemented using the legacy cipher RC4. + for PHP's openssl extension and **Nextcloud 25 or older** because this is implemented using the + legacy cipher RC4. For Nextcloud26 this isn't relevant anymore, because Nextcloud has an RC4 implementation + written in native PHP and thus doesn't need `ext-openssl` for that anymore. If [](#opt-system.stateVersion) is *above* `22.05`, this is disabled by default. To turn it on again and for further information please refer to [](#opt-services.nextcloud.enableBrokenCiphersForSSE). diff --git a/nixos/modules/services/web-apps/nextcloud.nix b/nixos/modules/services/web-apps/nextcloud.nix index da1c4b9eae23..2824b7ee2456 100644 --- a/nixos/modules/services/web-apps/nextcloud.nix +++ b/nixos/modules/services/web-apps/nextcloud.nix @@ -712,6 +712,10 @@ in { See on how to achieve this. For more context, here is the implementing pull request: https://github.com/NixOS/nixpkgs/pull/198470 + '') + ++ (optional (cfg.enableBrokenCiphersForSSE && versionAtLeast cfg.package.version "26") '' + Nextcloud26 supports RC4 without requiring legacy OpenSSL, so + `services.nextcloud.enableBrokenCiphersForSSE` can be set to `false`. ''); services.nextcloud.package = with pkgs; From 85462bc753027824c288f90a30cf621088740a0a Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Thu, 20 Apr 2023 10:38:05 +0000 Subject: [PATCH 18/52] minio: 2023-03-24T21-41-23Z -> 2023-04-13T03-08-07Z --- pkgs/servers/minio/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/servers/minio/default.nix b/pkgs/servers/minio/default.nix index e03bd667117e..9d1526103761 100644 --- a/pkgs/servers/minio/default.nix +++ b/pkgs/servers/minio/default.nix @@ -15,16 +15,16 @@ let in buildGoModule rec { pname = "minio"; - version = "2023-03-24T21-41-23Z"; + version = "2023-04-13T03-08-07Z"; src = fetchFromGitHub { owner = "minio"; repo = "minio"; rev = "RELEASE.${version}"; - sha256 = "sha256-n42At76bE0LQUiGeW4a9KeVcqVJ+pD9t2WGlUbwZ0Tg="; + sha256 = "sha256-hwNIQO2ZVPs/pw4AiuXMYF6IH/OeXUZ9NMxIWropXVk="; }; - vendorHash = "sha256-OFHifFSsyKIpiffxgVxF538AFBUrJrrcwkqkYyArY7o="; + vendorHash = "sha256-ZBGrZjqrfcF8EYbJwlnpUsV1nOWYmserVV1PXBMkagg="; doCheck = false; From 26ff9ddecaa2dd7419a438df4a46a27eb484d4be Mon Sep 17 00:00:00 2001 From: Florian Brandes Date: Thu, 20 Apr 2023 13:03:14 +0200 Subject: [PATCH 19/52] gscan2pdf: disable failing test Signed-off-by: Florian Brandes --- pkgs/applications/graphics/gscan2pdf/default.nix | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/pkgs/applications/graphics/gscan2pdf/default.nix b/pkgs/applications/graphics/gscan2pdf/default.nix index d3323a827cec..78f25a0df3ad 100644 --- a/pkgs/applications/graphics/gscan2pdf/default.nix +++ b/pkgs/applications/graphics/gscan2pdf/default.nix @@ -130,6 +130,12 @@ perlPackages.buildPerlPackage rec { # Non-zero wait status: 139 rm t/0601_Dialog_Scan.t + # Disable a test which failed due to convert returning an exit value of 1 + # convert: negative or zero image size `/build/KL5kTVnNCi/YfgegFM53e.pnm' @ error/resize.c/ResizeImage/3743. + # *** unhandled exception in callback: + # *** "convert" unexpectedly returned exit value 1 at t/357_unpaper_rtl.t line 63. + rm t/357_unpaper_rtl.t + xvfb-run -s '-screen 0 800x600x24' \ make test ''; From 4c74dfe77477deb2715d764d635f9801e620a80b Mon Sep 17 00:00:00 2001 From: Martin Weinelt Date: Thu, 20 Apr 2023 14:12:43 +0200 Subject: [PATCH 20/52] evcc: 0.116.2 -> 0.116.3 https://github.com/evcc-io/evcc/releases/tag/0.116.3 --- pkgs/servers/home-automation/evcc/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/servers/home-automation/evcc/default.nix b/pkgs/servers/home-automation/evcc/default.nix index 9ba9a904a987..dcbf21fffe6f 100644 --- a/pkgs/servers/home-automation/evcc/default.nix +++ b/pkgs/servers/home-automation/evcc/default.nix @@ -16,16 +16,16 @@ buildGo120Module rec { pname = "evcc"; - version = "0.116.2"; + version = "0.116.3"; src = fetchFromGitHub { owner = "evcc-io"; repo = pname; rev = version; - hash = "sha256-SZwfXoIJRdkr0jQSizmXGOWZYteqa2IWrJNSTOQ3OQ8="; + hash = "sha256-w4AExQmItvSbUSGBOnoyP4rGnEYsyFUU9Y+lF+0xGVc="; }; - vendorHash = "sha256-V0etgtYoU5a6OexoHmy4rKv2J9qvNlT57utJp1Nxyas="; + vendorHash = "sha256-lu6/tRf9o0n13lVsT9OBxc6Ytz3IVEE16vLZ+pZ4Czk="; npmDeps = fetchNpmDeps { inherit src; From 0a2d0991316db415f26bdde1d6fa8728bb90d48e Mon Sep 17 00:00:00 2001 From: Jon Seager Date: Thu, 20 Apr 2023 14:08:59 +0100 Subject: [PATCH 21/52] wdisplays: fix icon in desktop file --- pkgs/tools/graphics/wdisplays/default.nix | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/pkgs/tools/graphics/wdisplays/default.nix b/pkgs/tools/graphics/wdisplays/default.nix index a0803ff2132a..b05aa13ea601 100644 --- a/pkgs/tools/graphics/wdisplays/default.nix +++ b/pkgs/tools/graphics/wdisplays/default.nix @@ -15,6 +15,10 @@ stdenv.mkDerivation rec { sha256 = "sha256-cOF3+T34zPro58maWUouGG+vlLm2C5NfcH7PZhSvApE="; }; + patchPhase = '' + substituteInPlace ./resources/wdisplays.desktop.in --replace "@app_id@" "wdisplays" + ''; + meta = with lib; { description = "A graphical application for configuring displays in Wayland compositors"; homepage = "https://github.com/luispabon/wdisplays"; From f03ace2716f5bf8853c84d238efe245dec8c5424 Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Thu, 20 Apr 2023 15:27:48 +0000 Subject: [PATCH 22/52] minio-client: 2023-03-23T20-03-04Z -> 2023-04-12T02-21-51Z --- pkgs/tools/networking/minio-client/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/tools/networking/minio-client/default.nix b/pkgs/tools/networking/minio-client/default.nix index 8f22faf27110..64649670fb31 100644 --- a/pkgs/tools/networking/minio-client/default.nix +++ b/pkgs/tools/networking/minio-client/default.nix @@ -2,16 +2,16 @@ buildGoModule rec { pname = "minio-client"; - version = "2023-03-23T20-03-04Z"; + version = "2023-04-12T02-21-51Z"; src = fetchFromGitHub { owner = "minio"; repo = "mc"; rev = "RELEASE.${version}"; - sha256 = "sha256-wiYgLtFemdB7Cc/hJDvBbjvxH4I9QQkOIdyyPzWO8w0="; + sha256 = "sha256-jNgReeR4KNzB1LKbiAOLWiYeJJ61qgf3J9nMy97FVGU="; }; - vendorHash = "sha256-VtBrxsfi2CUGzXSiHKLvr3Iw1myWyf3uPEQEZahjDhw="; + vendorHash = "sha256-d8cC/exdM7OMGE24bN00BVE3jqE1tj6727JiON/aJkc="; subPackages = [ "." ]; From 388490789d9eaf771089660b9411718d62693146 Mon Sep 17 00:00:00 2001 From: Fabian Affolter Date: Thu, 20 Apr 2023 21:57:48 +0200 Subject: [PATCH 23/52] gitleaks: 8.16.2 -> 8.16.3 Changelog: https://github.com/zricethezav/gitleaks/releases/tag/v8.16.3 --- pkgs/tools/security/gitleaks/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/tools/security/gitleaks/default.nix b/pkgs/tools/security/gitleaks/default.nix index 87764f320a14..bffe163dbf2e 100644 --- a/pkgs/tools/security/gitleaks/default.nix +++ b/pkgs/tools/security/gitleaks/default.nix @@ -8,13 +8,13 @@ buildGoModule rec { pname = "gitleaks"; - version = "8.16.2"; + version = "8.16.3"; src = fetchFromGitHub { owner = "zricethezav"; repo = pname; rev = "v${version}"; - hash = "sha256-AR/08O0wUp3clbIF+2Kw0klMQ6UorFkIRsnqfX4Q3SY="; + hash = "sha256-WukTYi7iqagOLpx8KATEittlM6OvIfxDYiNTdsotjTY="; }; vendorHash = "sha256-Ev0/CSpwJDmc+Dvu/bFDzsgsq80rWImJWXNAUqYHgoE="; From 9443aa287214a3ccd49d565912f6604dd6149d84 Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Thu, 20 Apr 2023 21:00:03 +0000 Subject: [PATCH 24/52] blightmud-tts: 5.1.0 -> 5.2.0 --- pkgs/games/blightmud/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/games/blightmud/default.nix b/pkgs/games/blightmud/default.nix index 87eac661c890..d536aa7b8ea6 100644 --- a/pkgs/games/blightmud/default.nix +++ b/pkgs/games/blightmud/default.nix @@ -11,16 +11,16 @@ rustPlatform.buildRustPackage rec { pname = "blightmud"; - version = "5.1.0"; + version = "5.2.0"; src = fetchFromGitHub { owner = pname; repo = pname; rev = "v${version}"; - sha256 = "sha256-0cvMROnblt9c4d6Kbr5iY/Qobf3hOKIhWHvOVQONhO4="; + sha256 = "sha256-sLqkDuohCgHJTMte1WIa2Yu43oWXVvnIpeiDBoQpKY8="; }; - cargoSha256 = "sha256-7jSuadpAZXtlYVw4/NBATTIAFO8M6I11FuxfGFQx51Y="; + cargoHash = "sha256-ffADKoMysYY2vwX3asHnjR2EiND4RJsf/W334PWvkGs="; buildFeatures = lib.optional withTTS "tts"; From 7ad7b570e96a3fd877e5fb08b843d66a30428f12 Mon Sep 17 00:00:00 2001 From: Ilan Joselevich Date: Fri, 21 Apr 2023 01:04:33 +0300 Subject: [PATCH 25/52] nextcloud-client: 3.8.0 -> 3.8.1 Diff: https://github.com/nextcloud/desktop/compare/v3.8.0...v3.8.1 --- pkgs/applications/networking/nextcloud-client/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/applications/networking/nextcloud-client/default.nix b/pkgs/applications/networking/nextcloud-client/default.nix index 373bcc363b59..701fc6f7b834 100644 --- a/pkgs/applications/networking/nextcloud-client/default.nix +++ b/pkgs/applications/networking/nextcloud-client/default.nix @@ -26,7 +26,7 @@ mkDerivation rec { pname = "nextcloud-client"; - version = "3.8.0"; + version = "3.8.1"; outputs = [ "out" "dev" ]; @@ -34,7 +34,7 @@ mkDerivation rec { owner = "nextcloud"; repo = "desktop"; rev = "v${version}"; - sha256 = "sha256-kwSETOz/0/LMypbTmwvMMrGzZdquBjkXfoSrLgTfPiQ="; + sha256 = "sha256-BTve1dq+OiUwh/Kiy20iSAyALolkdOX7FHwxvVAdS4U="; }; patches = [ From 8d82c860a45e20a0d567b20d0d2afa70a32c2414 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabi=C3=A1n=20Heredia=20Montiel?= Date: Thu, 20 Apr 2023 16:10:46 -0600 Subject: [PATCH 26/52] linux: 4.14.312 -> 4.14.313 --- pkgs/os-specific/linux/kernel/linux-4.14.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/os-specific/linux/kernel/linux-4.14.nix b/pkgs/os-specific/linux/kernel/linux-4.14.nix index 555539eafcf4..f13198ce00df 100644 --- a/pkgs/os-specific/linux/kernel/linux-4.14.nix +++ b/pkgs/os-specific/linux/kernel/linux-4.14.nix @@ -3,7 +3,7 @@ with lib; buildLinux (args // rec { - version = "4.14.312"; + version = "4.14.313"; # modDirVersion needs to be x.y.z, will automatically add .0 if needed modDirVersion = versions.pad 3 version; @@ -13,6 +13,6 @@ buildLinux (args // rec { src = fetchurl { url = "mirror://kernel/linux/kernel/v4.x/linux-${version}.tar.xz"; - sha256 = "03bwrnm7z8jxxn681dd5jffrj76l14ngkcccfgbg1p4a0471q436"; + sha256 = "0k2j856niappvkp9m1wxr87xvbwdzdy03mbcj827kmpjd9gdca76"; }; } // (args.argsOverride or {})) From b3b414f3cbfdac8fb780ac54c31940f18475accf Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabi=C3=A1n=20Heredia=20Montiel?= Date: Thu, 20 Apr 2023 16:10:48 -0600 Subject: [PATCH 27/52] linux: 4.19.280 -> 4.19.281 --- pkgs/os-specific/linux/kernel/linux-4.19.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/os-specific/linux/kernel/linux-4.19.nix b/pkgs/os-specific/linux/kernel/linux-4.19.nix index 1cc372fb3dbf..c6a13a9378f6 100644 --- a/pkgs/os-specific/linux/kernel/linux-4.19.nix +++ b/pkgs/os-specific/linux/kernel/linux-4.19.nix @@ -3,7 +3,7 @@ with lib; buildLinux (args // rec { - version = "4.19.280"; + version = "4.19.281"; # modDirVersion needs to be x.y.z, will automatically add .0 if needed modDirVersion = versions.pad 3 version; @@ -13,6 +13,6 @@ buildLinux (args // rec { src = fetchurl { url = "mirror://kernel/linux/kernel/v4.x/linux-${version}.tar.xz"; - sha256 = "1xmg9p3ky75n5q894f522s8nwcmbd5c15nmjr0n96m6xzag3kd7w"; + sha256 = "13nwzsh3h634450k37pxdca5j8vr3qswx7k79bs2999xp2js9pf0"; }; } // (args.argsOverride or {})) From 8c8861f5fbdc088471f7e94661df25f49d86a245 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabi=C3=A1n=20Heredia=20Montiel?= Date: Thu, 20 Apr 2023 16:10:50 -0600 Subject: [PATCH 28/52] linux: 5.10.177 -> 5.10.178 --- pkgs/os-specific/linux/kernel/linux-5.10.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/os-specific/linux/kernel/linux-5.10.nix b/pkgs/os-specific/linux/kernel/linux-5.10.nix index 30b5abf9a496..9a82437cecaa 100644 --- a/pkgs/os-specific/linux/kernel/linux-5.10.nix +++ b/pkgs/os-specific/linux/kernel/linux-5.10.nix @@ -3,7 +3,7 @@ with lib; buildLinux (args // rec { - version = "5.10.177"; + version = "5.10.178"; # modDirVersion needs to be x.y.z, will automatically add .0 if needed modDirVersion = versions.pad 3 version; @@ -13,6 +13,6 @@ buildLinux (args // rec { src = fetchurl { url = "mirror://kernel/linux/kernel/v5.x/linux-${version}.tar.xz"; - sha256 = "0waml6svj07b7f8yb1kzrflqlf61x4kcqbgsr372s484m3z628lz"; + sha256 = "1bx8wws9gvksg1c1af29nm03jjz2f5a5sq9hzc00ymjyf7isvkqs"; }; } // (args.argsOverride or {})) From d300db394abba6089555914684987359be226d27 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabi=C3=A1n=20Heredia=20Montiel?= Date: Thu, 20 Apr 2023 16:10:52 -0600 Subject: [PATCH 29/52] linux: 5.15.107 -> 5.15.108 --- pkgs/os-specific/linux/kernel/linux-5.15.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/os-specific/linux/kernel/linux-5.15.nix b/pkgs/os-specific/linux/kernel/linux-5.15.nix index 65f6d589c7d4..548693211864 100644 --- a/pkgs/os-specific/linux/kernel/linux-5.15.nix +++ b/pkgs/os-specific/linux/kernel/linux-5.15.nix @@ -3,7 +3,7 @@ with lib; buildLinux (args // rec { - version = "5.15.107"; + version = "5.15.108"; # modDirVersion needs to be x.y.z, will automatically add .0 if needed modDirVersion = versions.pad 3 version; @@ -13,6 +13,6 @@ buildLinux (args // rec { src = fetchurl { url = "mirror://kernel/linux/kernel/v5.x/linux-${version}.tar.xz"; - sha256 = "1a5gqpxmzls5mp4a0cw10ldrps4pvbn19nzfri91ys25j1v0wdqr"; + sha256 = "1fj38bvsyr9g89qr8pcjrp0kaq44g301x46gyjibq73gljnnkswb"; }; } // (args.argsOverride or { })) From a99a62f75431477d63ce6fc5400be9a3551a9d5d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabi=C3=A1n=20Heredia=20Montiel?= Date: Thu, 20 Apr 2023 16:10:54 -0600 Subject: [PATCH 30/52] linux: 5.4.240 -> 5.4.241 --- pkgs/os-specific/linux/kernel/linux-5.4.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/os-specific/linux/kernel/linux-5.4.nix b/pkgs/os-specific/linux/kernel/linux-5.4.nix index be2ee59f1584..6ffd5ae0db26 100644 --- a/pkgs/os-specific/linux/kernel/linux-5.4.nix +++ b/pkgs/os-specific/linux/kernel/linux-5.4.nix @@ -3,7 +3,7 @@ with lib; buildLinux (args // rec { - version = "5.4.240"; + version = "5.4.241"; # modDirVersion needs to be x.y.z, will automatically add .0 if needed modDirVersion = versions.pad 3 version; @@ -13,6 +13,6 @@ buildLinux (args // rec { src = fetchurl { url = "mirror://kernel/linux/kernel/v5.x/linux-${version}.tar.xz"; - sha256 = "0ihf0rqhx7dav3k3igk29962sscb1xyniy2gx8chyllprr0z126w"; + sha256 = "0z7api3qcjrd6w7fva7k6fj4zx17mg5ibn28a6qbgy27dyny1h7z"; }; } // (args.argsOverride or {})) From b888e9904b6dadb2db2ad54985af700c0d4b49da Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabi=C3=A1n=20Heredia=20Montiel?= Date: Thu, 20 Apr 2023 16:10:57 -0600 Subject: [PATCH 31/52] linux: 6.1.24 -> 6.1.25 --- pkgs/os-specific/linux/kernel/linux-6.1.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/os-specific/linux/kernel/linux-6.1.nix b/pkgs/os-specific/linux/kernel/linux-6.1.nix index 2e692c70211a..0149c6061175 100644 --- a/pkgs/os-specific/linux/kernel/linux-6.1.nix +++ b/pkgs/os-specific/linux/kernel/linux-6.1.nix @@ -3,7 +3,7 @@ with lib; buildLinux (args // rec { - version = "6.1.24"; + version = "6.1.25"; # modDirVersion needs to be x.y.z, will automatically add .0 if needed modDirVersion = versions.pad 3 version; @@ -13,6 +13,6 @@ buildLinux (args // rec { src = fetchurl { url = "mirror://kernel/linux/kernel/v6.x/linux-${version}.tar.xz"; - sha256 = "0135aj8asplpxqr48hwdmwynx8n8hzhdgh55yl8r0n1kivisgrma"; + sha256 = "149h95r5msvqah868zd36y92ls9h41cr1rb5vzinl20mxdn46wnb"; }; } // (args.argsOverride or { })) From fdcc3c4b954f5ead17d3c47fee77ae0be95d6119 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabi=C3=A1n=20Heredia=20Montiel?= Date: Thu, 20 Apr 2023 16:10:59 -0600 Subject: [PATCH 32/52] linux: 6.2.11 -> 6.2.12 --- pkgs/os-specific/linux/kernel/linux-6.2.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/os-specific/linux/kernel/linux-6.2.nix b/pkgs/os-specific/linux/kernel/linux-6.2.nix index 665350b45307..3141e37b237f 100644 --- a/pkgs/os-specific/linux/kernel/linux-6.2.nix +++ b/pkgs/os-specific/linux/kernel/linux-6.2.nix @@ -3,7 +3,7 @@ with lib; buildLinux (args // rec { - version = "6.2.11"; + version = "6.2.12"; # modDirVersion needs to be x.y.z, will automatically add .0 if needed modDirVersion = versions.pad 3 version; @@ -13,6 +13,6 @@ buildLinux (args // rec { src = fetchurl { url = "mirror://kernel/linux/kernel/v6.x/linux-${version}.tar.xz"; - sha256 = "0iyx03z58pv1d5nrryjx94k3nxwyvm4b3bim6nawg1qbws26f8qd"; + sha256 = "1j6cn1ifmcqfqvxp9h10y8yfxi918yzl3yjbf96gmb9p4ysldqf7"; }; } // (args.argsOverride or { })) From adcc9746aedb0e742ed06b7f3d54ac1640faa561 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabi=C3=A1n=20Heredia=20Montiel?= Date: Thu, 20 Apr 2023 16:11:51 -0600 Subject: [PATCH 33/52] linux-rt_5_15: 5.15.96-rt61 -> 5.15.107-rt62 --- pkgs/os-specific/linux/kernel/linux-rt-5.15.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/os-specific/linux/kernel/linux-rt-5.15.nix b/pkgs/os-specific/linux/kernel/linux-rt-5.15.nix index 834de5057ced..d5d83fb23707 100644 --- a/pkgs/os-specific/linux/kernel/linux-rt-5.15.nix +++ b/pkgs/os-specific/linux/kernel/linux-rt-5.15.nix @@ -6,7 +6,7 @@ , ... } @ args: let - version = "5.15.96-rt61"; # updated by ./update-rt.sh + version = "5.15.107-rt62"; # updated by ./update-rt.sh branch = lib.versions.majorMinor version; kversion = builtins.elemAt (lib.splitString "-" version) 0; in buildLinux (args // { @@ -18,14 +18,14 @@ in buildLinux (args // { src = fetchurl { url = "mirror://kernel/linux/kernel/v5.x/linux-${kversion}.tar.xz"; - sha256 = "167g34xjbqxr5klqp127j2j15pms4jmgs0y7gr8zipiz2i69g39l"; + sha256 = "1a5gqpxmzls5mp4a0cw10ldrps4pvbn19nzfri91ys25j1v0wdqr"; }; kernelPatches = let rt-patch = { name = "rt"; patch = fetchurl { url = "mirror://kernel/linux/kernel/projects/rt/${branch}/older/patch-${version}.patch.xz"; - sha256 = "1s6h80q4sddnsxjx4ilc52j4kvxwbzj638rbh7wwxvknh21vkwvl"; + sha256 = "0w7ksdv3xpzqiwfxc007k496ghklblb7kglswxhn7y1yqn6pgqzs"; }; }; in [ rt-patch ] ++ kernelPatches; From c717b15f18f3a2f6dd28aa0304c6746de3920817 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabi=C3=A1n=20Heredia=20Montiel?= Date: Thu, 20 Apr 2023 16:12:37 -0600 Subject: [PATCH 34/52] linux/hardened/patches/6.1: 6.1.24-hardened1 -> 6.1.24-hardened2 --- pkgs/os-specific/linux/kernel/hardened/patches.json | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/pkgs/os-specific/linux/kernel/hardened/patches.json b/pkgs/os-specific/linux/kernel/hardened/patches.json index dc2cc0b5cbf7..d821d72dae00 100644 --- a/pkgs/os-specific/linux/kernel/hardened/patches.json +++ b/pkgs/os-specific/linux/kernel/hardened/patches.json @@ -51,10 +51,10 @@ }, "6.1": { "patch": { - "extra": "-hardened1", - "name": "linux-hardened-6.1.24-hardened1.patch", - "sha256": "1fzgf50qj2i12v3wm0zg5bx2kpd5zsvk3zwfnzzm0mg9cap5mpla", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/6.1.24-hardened1/linux-hardened-6.1.24-hardened1.patch" + "extra": "-hardened2", + "name": "linux-hardened-6.1.24-hardened2.patch", + "sha256": "1bjcjq0gqvhknryq97qj1a6q3fi71pql23knvs0c42k4vknfih9q", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/6.1.24-hardened2/linux-hardened-6.1.24-hardened2.patch" }, "sha256": "0135aj8asplpxqr48hwdmwynx8n8hzhdgh55yl8r0n1kivisgrma", "version": "6.1.24" From 0c12a37179d4392c98c5ca16f6752d3c91189981 Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Fri, 21 Apr 2023 00:59:20 +0000 Subject: [PATCH 35/52] termscp: 0.11.0 -> 0.11.2 --- pkgs/tools/networking/termscp/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/tools/networking/termscp/default.nix b/pkgs/tools/networking/termscp/default.nix index 9602e197cbfe..e0f0a46bdf5a 100644 --- a/pkgs/tools/networking/termscp/default.nix +++ b/pkgs/tools/networking/termscp/default.nix @@ -13,16 +13,16 @@ rustPlatform.buildRustPackage rec { pname = "termscp"; - version = "0.11.0"; + version = "0.11.2"; src = fetchFromGitHub { owner = "veeso"; repo = pname; rev = "refs/tags/v${version}"; - hash = "sha256-+5ljnCVbaiqqfXCJjMMInoLjLmZjCIoDkQi9pS6VKpc="; + hash = "sha256-bQvoTy48eYK369Ei6B8l6F5/pfQGYiHdz3KsQV7Bi9Y="; }; - cargoHash = "sha256-GoWVDU1XVjbzZlGPEuHucnxcvhf4Rqx/nSEVygD9gCo="; + cargoHash = "sha256-/nadstDHzLOrimL+xK7/ldOozz7ZS1nRQmkIhGHK8p8="; nativeBuildInputs = [ pkg-config From dc24509e1d2709537a4bec00b48fcda2f7f88d77 Mon Sep 17 00:00:00 2001 From: Ted Reed Date: Wed, 19 Apr 2023 15:09:18 -0700 Subject: [PATCH 36/52] emacs.pkgs.jinx: use platform-specific library extension --- .../editors/emacs/elisp-packages/elpa-packages.nix | 8 +++++--- .../editors/emacs/elisp-packages/melpa-packages.nix | 8 +++++--- 2 files changed, 10 insertions(+), 6 deletions(-) diff --git a/pkgs/applications/editors/emacs/elisp-packages/elpa-packages.nix b/pkgs/applications/editors/emacs/elisp-packages/elpa-packages.nix index d1f9dbd3a4a5..08d96268e7aa 100644 --- a/pkgs/applications/editors/emacs/elisp-packages/elpa-packages.nix +++ b/pkgs/applications/editors/emacs/elisp-packages/elpa-packages.nix @@ -106,7 +106,9 @@ self: let }; }); - jinx = super.jinx.overrideAttrs (old: { + jinx = super.jinx.overrideAttrs (old: let + libExt = pkgs.stdenv.targetPlatform.extensions.sharedLibrary; + in { dontUnpack = false; nativeBuildInputs = (old.nativeBuildInputs or [ ]) ++ [ @@ -117,12 +119,12 @@ self: let postBuild = '' NIX_CFLAGS_COMPILE="$($PKG_CONFIG --cflags enchant-2) $NIX_CFLAGS_COMPILE" - $CC -shared -o jinx-mod.so jinx-mod.c -lenchant-2 + $CC -shared -o jinx-mod${libExt} jinx-mod.c -lenchant-2 ''; postInstall = (old.postInstall or "") + "\n" + '' outd=$out/share/emacs/site-lisp/elpa/jinx-* - install -m444 -t $outd jinx-mod.so + install -m444 -t $outd jinx-mod${libExt} rm $outd/jinx-mod.c $outd/emacs-module.h ''; diff --git a/pkgs/applications/editors/emacs/elisp-packages/melpa-packages.nix b/pkgs/applications/editors/emacs/elisp-packages/melpa-packages.nix index 48234dc1189c..d91a3e7d8edb 100644 --- a/pkgs/applications/editors/emacs/elisp-packages/melpa-packages.nix +++ b/pkgs/applications/editors/emacs/elisp-packages/melpa-packages.nix @@ -314,7 +314,9 @@ let ivy-rtags = fix-rtags super.ivy-rtags; - jinx = super.jinx.overrideAttrs (old: { + jinx = super.jinx.overrideAttrs (old: let + libExt = pkgs.stdenv.targetPlatform.extensions.sharedLibrary; + in { nativeBuildInputs = (old.nativeBuildInputs or [ ]) ++ [ pkgs.pkg-config ]; @@ -324,14 +326,14 @@ let postBuild = '' pushd working/jinx NIX_CFLAGS_COMPILE="$($PKG_CONFIG --cflags enchant-2) $NIX_CFLAGS_COMPILE" - $CC -shared -o jinx-mod.so jinx-mod.c -lenchant-2 + $CC -shared -o jinx-mod${libExt} jinx-mod.c -lenchant-2 popd ''; postInstall = (old.postInstall or "") + "\n" + '' pushd source outd=$(echo $out/share/emacs/site-lisp/elpa/jinx-*) - install -m444 --target-directory=$outd jinx-mod.so + install -m444 --target-directory=$outd jinx-mod${libExt} rm $outd/jinx-mod.c $outd/emacs-module.h popd ''; From 8a38fc4be6ee187a851409a27de8324977858832 Mon Sep 17 00:00:00 2001 From: natsukium Date: Wed, 12 Apr 2023 14:26:00 +0900 Subject: [PATCH 37/52] docker-compose-language-service: init at 0.1.3 --- .../default.nix | 30 +++++++++++++++++++ pkgs/top-level/all-packages.nix | 2 ++ 2 files changed, 32 insertions(+) create mode 100644 pkgs/development/tools/language-servers/docker-compose-language-service/default.nix diff --git a/pkgs/development/tools/language-servers/docker-compose-language-service/default.nix b/pkgs/development/tools/language-servers/docker-compose-language-service/default.nix new file mode 100644 index 000000000000..98375eef01ca --- /dev/null +++ b/pkgs/development/tools/language-servers/docker-compose-language-service/default.nix @@ -0,0 +1,30 @@ +{ lib +, buildNpmPackage +, nodejs-16_x +, fetchFromGitHub +}: +let + buildNpmPackage' = buildNpmPackage.override { nodejs = nodejs-16_x; }; +in +buildNpmPackage' rec { + pname = "docker-compose-language-service"; + version = "0.1.3"; + + src = fetchFromGitHub { + owner = "microsoft"; + repo = "compose-language-service"; + rev = "v${version}"; + hash = "sha256-faQvUHzqtCipceGnamVQIlAWCDpo7oX01/zGz9RLjMY="; + }; + + npmDepsHash = "sha256-gWaZMsI1HVIXKZInfgzfH8syzOwU2C6kcKvB2M6KLX4="; + + meta = with lib; { + description = "Language service for Docker Compose documents"; + homepage = "https://github.com/microsoft/compose-language-service"; + changelog = "https://github.com/microsoft/compose-language-service/releases/tag/v${version}"; + license = licenses.mit; + maintainers = with maintainers; [ natsukium ]; + mainProgram = "docker-compose-langserver"; + }; +} diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index a9cae64ed9a9..4c05439d3484 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -17315,6 +17315,8 @@ with pkgs; llvmPackages = llvmPackages_latest; }; + docker-compose-language-service = callPackage ../development/tools/language-servers/docker-compose-language-service { }; + dot-language-server = callPackage ../development/tools/language-servers/dot-language-server { }; fortls = python3.pkgs.callPackage ../development/tools/language-servers/fortls { }; From 2e2f19a70c5e677c908d2790d7c4a9f258bdc735 Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Fri, 21 Apr 2023 06:16:16 +0000 Subject: [PATCH 38/52] ser2net: 4.3.11 -> 4.3.12 --- pkgs/servers/ser2net/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/servers/ser2net/default.nix b/pkgs/servers/ser2net/default.nix index f2486b0635c6..f75e9465acc3 100644 --- a/pkgs/servers/ser2net/default.nix +++ b/pkgs/servers/ser2net/default.nix @@ -10,13 +10,13 @@ stdenv.mkDerivation rec { pname = "ser2net"; - version = "4.3.11"; + version = "4.3.12"; src = fetchFromGitHub { owner = "cminyard"; repo = pname; rev = "v${version}"; - hash = "sha256-5Jo6wwxRwf6JbpG7vEGpEBFA9b0v7DqbfpvgETHHhpY="; + hash = "sha256-jF1tk/JeZ3RGHol+itwtkTF/cn5FHm/vhUgXJzi9J9E="; }; passthru = { From 96face35e46cd1a5573904585d295bb10ad1f71a Mon Sep 17 00:00:00 2001 From: Vincent Laporte Date: Tue, 18 Apr 2023 08:23:29 +0200 Subject: [PATCH 39/52] advi: use Dune 3 Co-authored-by: Ulrik Strid --- pkgs/tools/typesetting/tex/advi/default.nix | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/pkgs/tools/typesetting/tex/advi/default.nix b/pkgs/tools/typesetting/tex/advi/default.nix index 0be4d4a9574c..8fb8702213c3 100644 --- a/pkgs/tools/typesetting/tex/advi/default.nix +++ b/pkgs/tools/typesetting/tex/advi/default.nix @@ -34,8 +34,6 @@ ocamlPackages.buildDunePackage rec { pname = "advi"; version = "2.0.0"; - useDune2 = true; - minimalOCamlVersion = "4.11"; src = fetchurl { @@ -43,6 +41,14 @@ ocamlPackages.buildDunePackage rec { hash = "sha256-c0DQHlvdekJyXCxmR4+Ut/njtoCzmqX6hNazNv8PpBQ="; }; + postPatch = '' + substituteInPlace ./Makefile \ + --replace "\$(DUNE) install \$(DUNEROOT) --display=short" \ + "\$(DUNE) install \$(DUNEROOT) --prefix $out --docdir $out/share/doc --mandir $out/share/man" + ''; + + duneVersion = "3"; + nativeBuildInputs = [ fake-opam kpsexpand makeWrapper texlive.combined.scheme-medium which ]; buildInputs = with ocamlPackages; [ camlimages ghostscriptX graphics ]; From 222cfb501b8731d5592a5dcc5f8b95290f53a222 Mon Sep 17 00:00:00 2001 From: rewine Date: Thu, 12 Jan 2023 17:53:14 +0800 Subject: [PATCH 40/52] deepin.deepin-system-monitor: init at 5.9.32 --- .../apps/deepin-system-monitor/default.nix | 93 +++++++++++++++++++ pkgs/desktops/deepin/default.nix | 1 + 2 files changed, 94 insertions(+) create mode 100644 pkgs/desktops/deepin/apps/deepin-system-monitor/default.nix diff --git a/pkgs/desktops/deepin/apps/deepin-system-monitor/default.nix b/pkgs/desktops/deepin/apps/deepin-system-monitor/default.nix new file mode 100644 index 000000000000..2a499b428898 --- /dev/null +++ b/pkgs/desktops/deepin/apps/deepin-system-monitor/default.nix @@ -0,0 +1,93 @@ +{ stdenv +, lib +, fetchFromGitHub +, cmake +, pkg-config +, qttools +, deepin-gettext-tools +, wrapQtAppsHook +, dtkwidget +, qt5integration +, qt5platform-plugins +, qtbase +, qtsvg +, qtx11extras +, dde-qt-dbus-factory +, dde-dock +, gsettings-qt +, procps +, libpcap +, libnl +, util-linux +, systemd +, polkit +}: + +stdenv.mkDerivation rec { + pname = "deepin-system-monitor"; + version = "5.9.32"; + + src = fetchFromGitHub { + owner = "linuxdeepin"; + repo = pname; + rev = version; + sha256 = "sha256-jze5Pigk4edjojmpNNwaVVfcpk5Aed/S0y9YE0HdC0A"; + }; + + postPatch = '' + substituteInPlace deepin-system-monitor-main/process/process_controller.cpp \ + deepin-system-monitor-main/process/priority_controller.cpp \ + deepin-system-monitor-main/service/service_manager.cpp \ + deepin-system-monitor-main/translations/policy/com.deepin.pkexec.deepin-system-monitor.policy \ + --replace "/usr/bin/kill" "${util-linux}/bin/kill" \ + --replace "/usr/bin/renice" "${util-linux}/bin/renice" \ + --replace '/usr/bin/systemctl' '${lib.getBin systemd}/systemctl' + + substituteInPlace deepin-system-monitor-main/{service/service_manager.cpp,process/{priority_controller.cpp,process_controller.cpp}} \ + --replace "/usr/bin/pkexec" "${lib.getBin polkit}/bin/pkexec" + + for file in $(grep -rl "/usr") + do + substituteInPlace $file \ + --replace "/usr" "$out" + done + ''; + + nativeBuildInputs = [ + cmake + pkg-config + qttools + deepin-gettext-tools + wrapQtAppsHook + ]; + + buildInputs = [ + dtkwidget + qt5integration + qt5platform-plugins + qtbase + qtsvg + qtx11extras + dde-qt-dbus-factory + dde-dock + gsettings-qt + procps + libpcap + libnl + ]; + + cmakeFlags = [ + "-DVERSION=${version}" + "-DUSE_DEEPIN_WAYLAND=OFF" + ]; + + strictDeps = true; + + meta = with lib; { + description = "A more user-friendly system monitor"; + homepage = "https://github.com/linuxdeepin/deepin-system-monitor"; + license = licenses.gpl3Plus; + platforms = platforms.linux; + maintainers = teams.deepin.members; + }; +} diff --git a/pkgs/desktops/deepin/default.nix b/pkgs/desktops/deepin/default.nix index fd9af904d15c..59f051a66215 100644 --- a/pkgs/desktops/deepin/default.nix +++ b/pkgs/desktops/deepin/default.nix @@ -49,6 +49,7 @@ let deepin-music = callPackage ./apps/deepin-music { }; deepin-picker = callPackage ./apps/deepin-picker { }; deepin-shortcut-viewer = callPackage ./apps/deepin-shortcut-viewer { }; + deepin-system-monitor = callPackage ./apps/deepin-system-monitor { }; deepin-terminal = callPackage ./apps/deepin-terminal { }; deepin-reader = callPackage ./apps/deepin-reader { }; deepin-voice-note = callPackage ./apps/deepin-voice-note { }; From c78b94421357e9afc76dd11a08779b606101674e Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Fri, 21 Apr 2023 07:37:02 +0000 Subject: [PATCH 41/52] k3s: 1.26.3+k3s1 -> 1.26.4+k3s1 --- pkgs/applications/networking/cluster/k3s/1_26/default.nix | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/pkgs/applications/networking/cluster/k3s/1_26/default.nix b/pkgs/applications/networking/cluster/k3s/1_26/default.nix index 558e800cedf1..f7dbe7e6839e 100644 --- a/pkgs/applications/networking/cluster/k3s/1_26/default.nix +++ b/pkgs/applications/networking/cluster/k3s/1_26/default.nix @@ -47,10 +47,10 @@ # Those pieces of software we entirely ignore upstream's handling of, and just # make sure they're in the path if desired. let - k3sVersion = "1.26.3+k3s1"; # k3s git tag - k3sCommit = "01ea3ff27be0b04f945179171cec5a8e11a14f7b"; # k3s git commit at the above version - k3sRepoSha256 = "1wpciikmr4l2nw92i3wlz301vxjiyz8rlzkn8jhzcaiifykc565s"; - k3sVendorSha256 = "sha256-1HFLj3zSHV7RvA0fsQ/dPzwnkSRqE9TXXDA4m8OhwZE="; + k3sVersion = "1.26.4+k3s1"; # k3s git tag + k3sCommit = "8d0255af07e95b841952563253d27b0d10bd72f0"; # k3s git commit at the above version + k3sRepoSha256 = "0qlszdnlsvj3hzx2p0wl3zhaw908w8a62z6vlf2g69a3c75f55cs"; + k3sVendorSha256 = "sha256-JXTsZYtTspu/pWMRSS2BcegktawBJ6BK7YEKbz1J/ao="; # nix generated by update.sh # Based on the traefik charts here: https://github.com/k3s-io/k3s/blob/d71ab6317e22dd34673faa307a412a37a16767f6/scripts/download#L29-L32 From 63a73a2e802a723be2919cbaade1644dc8d1c338 Mon Sep 17 00:00:00 2001 From: Joachim Breitner Date: Fri, 21 Apr 2023 10:21:28 +0200 Subject: [PATCH 42/52] lhs2tex: distribute again (#227406) --- pkgs/development/haskell-modules/configuration-common.nix | 3 --- 1 file changed, 3 deletions(-) diff --git a/pkgs/development/haskell-modules/configuration-common.nix b/pkgs/development/haskell-modules/configuration-common.nix index b166dd14de73..1ef33cc5cc8c 100644 --- a/pkgs/development/haskell-modules/configuration-common.nix +++ b/pkgs/development/haskell-modules/configuration-common.nix @@ -745,9 +745,6 @@ self: super: { inline-c-win32 = dontDistribute super.inline-c-win32; Southpaw = dontDistribute super.Southpaw; - # Hydra no longer allows building texlive packages. - lhs2tex = dontDistribute super.lhs2tex; - # https://ghc.haskell.org/trac/ghc/ticket/9825 vimus = overrideCabal (drv: { broken = pkgs.stdenv.isLinux && pkgs.stdenv.isi686; }) super.vimus; From 6cd3397a5ad077418b3f87a2ca2311d247893ac9 Mon Sep 17 00:00:00 2001 From: Pierre Bourdon Date: Fri, 21 Apr 2023 09:44:09 +0200 Subject: [PATCH 43/52] maintainer-list: fix a few changed github usernames --- maintainers/maintainer-list.nix | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/maintainers/maintainer-list.nix b/maintainers/maintainer-list.nix index fa3f2990b9f6..068269395d87 100644 --- a/maintainers/maintainer-list.nix +++ b/maintainers/maintainer-list.nix @@ -3518,7 +3518,7 @@ }; davidcromp = { email = "davidcrompton1192@gmail.com"; - github = "DavidCromp"; + github = "CyborgPotato"; githubId = 10701143; name = "David Crompton"; }; @@ -8417,7 +8417,7 @@ }; kristian-brucaj = { email = "kbrucaj@gmail.com"; - github = "Kristian-Brucaj"; + github = "Flameslice"; githubId = 8893110; name = "Kristian Brucaj"; }; @@ -14367,7 +14367,7 @@ name = "Smitty van Bodegom"; email = "me@smitop.com"; matrix = "@smitop:kde.org"; - github = "Smittyvb"; + github = "syvb"; githubId = 10530973; }; sna = { @@ -17333,7 +17333,7 @@ zseri = { name = "zseri"; email = "zseri.devel@ytrizja.de"; - github = "zseri"; + github = "fogti"; githubId = 1618343; keys = [{ fingerprint = "7AFB C595 0D3A 77BD B00F 947B 229E 63AE 5644 A96D"; From 13bb674e9548760bb707aaeef1b035d86d5e713b Mon Sep 17 00:00:00 2001 From: Pierre Bourdon Date: Fri, 21 Apr 2023 10:26:13 +0200 Subject: [PATCH 44/52] maintainer-list: fix mateodd25's github id --- maintainers/maintainer-list.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/maintainers/maintainer-list.nix b/maintainers/maintainer-list.nix index 068269395d87..eaa7e93f3f05 100644 --- a/maintainers/maintainer-list.nix +++ b/maintainers/maintainer-list.nix @@ -9590,7 +9590,7 @@ mateodd25 = { email = "mateodd@icloud.com"; github = "mateodd25"; - githubId = 854770; + githubId = 7878181; name = "Mateo Diaz"; }; math-42 = { From fae6cd0126e08515175f225d1201280a85f87da1 Mon Sep 17 00:00:00 2001 From: Florian Brandes Date: Sat, 8 Apr 2023 14:27:09 +0200 Subject: [PATCH 45/52] kodiPackages.certifi: add support for system-wide cacert analog to 8d7cc9cac9ecdf95f554c5ea7ca15118baa06c39 Signed-off-by: Florian Brandes Co-authored-by: Sandro --- .../video/kodi/addons/certifi/default.nix | 17 +++- .../video/kodi/addons/certifi/env.patch | 86 +++++++++++++++++++ 2 files changed, 102 insertions(+), 1 deletion(-) create mode 100644 pkgs/applications/video/kodi/addons/certifi/env.patch diff --git a/pkgs/applications/video/kodi/addons/certifi/default.nix b/pkgs/applications/video/kodi/addons/certifi/default.nix index 0e0699752a91..8dd9c5702a2d 100644 --- a/pkgs/applications/video/kodi/addons/certifi/default.nix +++ b/pkgs/applications/video/kodi/addons/certifi/default.nix @@ -1,4 +1,4 @@ -{ lib, buildKodiAddon, fetchzip, addonUpdateScript }: +{ lib, buildKodiAddon, fetchzip, addonUpdateScript, cacert }: buildKodiAddon rec { pname = "certifi"; namespace = "script.module.certifi"; @@ -9,6 +9,21 @@ buildKodiAddon rec { sha256 = "sha256-kIPGEjmnHlgVb11W2RKBlrMy3/+kUOcQZiLCcnHCcno="; }; + patches = [ + # Add support for NIX_SSL_CERT_FILE + ./env.patch + ]; + + postPatch = '' + # Use our system-wide ca-bundle instead of the bundled one + ln -snvf "${cacert}/etc/ssl/certs/ca-bundle.crt" "lib/certifi/cacert.pem" + ''; + + propagatedNativeBuildInputs = [ + # propagate cacerts setup-hook to set up `NIX_SSL_CERT_FILE` + cacert + ]; + passthru = { pythonPath = "lib"; updateScript = addonUpdateScript { diff --git a/pkgs/applications/video/kodi/addons/certifi/env.patch b/pkgs/applications/video/kodi/addons/certifi/env.patch new file mode 100644 index 000000000000..087ab58e4414 --- /dev/null +++ b/pkgs/applications/video/kodi/addons/certifi/env.patch @@ -0,0 +1,86 @@ +diff --git a/lib/certifi/core.py b/lib/certifi/core.py +index de02898..c033d20 100644 +--- a/lib/certifi/core.py ++++ b/lib/certifi/core.py +@@ -4,15 +4,25 @@ certifi.py + + This module returns the installation location of cacert.pem or its contents. + """ ++import os + import sys + + ++def get_cacert_path_from_environ(): ++ path = os.environ.get("NIX_SSL_CERT_FILE", None) ++ ++ if path == "/no-cert-file.crt": ++ return None ++ ++ return path ++ ++ + if sys.version_info >= (3, 11): + + from importlib.resources import as_file, files + + _CACERT_CTX = None +- _CACERT_PATH = None ++ _CACERT_PATH = get_cacert_path_from_environ() + + def where() -> str: + # This is slightly terrible, but we want to delay extracting the file +@@ -39,14 +49,16 @@ if sys.version_info >= (3, 11): + return _CACERT_PATH + + def contents() -> str: +- return files("certifi").joinpath("cacert.pem").read_text(encoding="ascii") ++ if _CACERT_PATH is not None: ++ return open(_CACERT_PATH, encoding="utf-8").read() ++ return files("certifi").joinpath("cacert.pem").read_text(encoding="utf-8") + + elif sys.version_info >= (3, 7): + + from importlib.resources import path as get_path, read_text + + _CACERT_CTX = None +- _CACERT_PATH = None ++ _CACERT_PATH = get_cacert_path_from_environ() + + def where() -> str: + # This is slightly terrible, but we want to delay extracting the +@@ -74,7 +86,9 @@ elif sys.version_info >= (3, 7): + return _CACERT_PATH + + def contents() -> str: +- return read_text("certifi", "cacert.pem", encoding="ascii") ++ if _CACERT_PATH is not None: ++ return open(_CACERT_PATH, encoding="utf-8").read() ++ return read_text("certifi", "cacert.pem", encoding="utf-8") + + else: + import os +@@ -84,6 +98,8 @@ else: + Package = Union[types.ModuleType, str] + Resource = Union[str, "os.PathLike"] + ++ _CACERT_PATH = get_cacert_path_from_environ() ++ + # This fallback will work for Python versions prior to 3.7 that lack the + # importlib.resources module but relies on the existing `where` function + # so won't address issues with environments like PyOxidizer that don't set +@@ -102,7 +118,14 @@ else: + def where() -> str: + f = os.path.dirname(__file__) + ++ if _CACERT_PATH is not None: ++ return _CACERT_PATH ++ + return os.path.join(f, "cacert.pem") + + def contents() -> str: +- return read_text("certifi", "cacert.pem", encoding="ascii") ++ if _CACERT_PATH is not None: ++ with open(_CACERT_PATH, encoding="utf-8") as data: ++ return data.read() ++ ++ return read_text("certifi", "cacert.pem", encoding="utf-8") From 66d6ebe593b7c14b0f071979057347b43bfdf5e3 Mon Sep 17 00:00:00 2001 From: Doron Behar Date: Fri, 14 Apr 2023 22:49:24 +0300 Subject: [PATCH 46/52] mlterm: enable to configure many build features declaratively --- .../terminal-emulators/mlterm/default.nix | 171 ++++++++++++++---- 1 file changed, 137 insertions(+), 34 deletions(-) diff --git a/pkgs/applications/terminal-emulators/mlterm/default.nix b/pkgs/applications/terminal-emulators/mlterm/default.nix index bc93f167e85d..217c6552efdd 100644 --- a/pkgs/applications/terminal-emulators/mlterm/default.nix +++ b/pkgs/applications/terminal-emulators/mlterm/default.nix @@ -1,13 +1,98 @@ -{ stdenv, lib, fetchFromGitHub, pkg-config, autoconf, makeDesktopItem, nixosTests -, libX11, gdk-pixbuf, cairo, libXft, gtk3, vte -, harfbuzz #substituting glyphs with opentype fonts -, fribidi, m17n_lib #bidi and encoding +{ stdenv +, lib +, fetchFromGitHub +, pkg-config +, autoconf +, makeDesktopItem +, nixosTests +, vte +, harfbuzz # can be replaced with libotf +, fribidi +, m17n_lib , libssh2 #build-in ssh -, fcitx5, fcitx5-gtk, ibus, uim #IME +, fcitx5 +, fcitx5-gtk +, ibus +, uim #IME , wrapGAppsHook #color picker in mlconfig +, gdk-pixbuf +, gtk3 +, gtk ? gtk3 +# List of gui libraries to use. According to `./configure --help` ran on +# release 3.9.3, options are: (xlib|win32|fb|quartz|console|wayland|sdl2|beos) +, enableGuis ? { + xlib = enableX11; + fb = stdenv.isLinux; + quartz = stdenv.isDarwin; + wayland = stdenv.isLinux; + sdl2 = true; +} +, libxkbcommon +, wayland # for the "wayland" --with-gui option +, SDL2 # for the "sdl" --with-gui option +# List of typing engines, the default list enables compiling all of the +# available ones, as recorded on release 3.9.3 +, enableTypeEngines ? { + xcore = false; # Considered legacy + xft = enableX11; + cairo = true; +} +, libX11 +, libXft +, cairo +# List of external tools to create, this default list includes all default +# tools, as recorded on release 3.9.3. +, enableTools ? { + mlclient = true; + mlconfig = true; + mlcc = true; + mlterm-menu = true; + # Note that according to upstream's ./configure script, to disable + # mlimgloader you have to disable _all_ tools. See: + # https://github.com/arakiken/mlterm/issues/69 + mlimgloader = true; + registobmp = true; + mlfc = true; +} +# Whether to enable the X window system +, enableX11 ? stdenv.isLinux +# Most of the input methods and other build features are enabled by default, +# the following attribute set can be used to disable some of them. It's parsed +# when we set `configureFlags`. If you find other configure Flags that require +# dependencies, it'd be nice to make that contribution here. +, enableFeatures ? { + uim = !stdenv.isDarwin; + ibus = !stdenv.isDarwin; + fcitx = !stdenv.isDarwin; + m17n = !stdenv.isDarwin; + ssh2 = true; + bidi = true; + # Open Type layout support, (substituting glyphs with opentype fonts) + otl = true; +} +# Configure the Exec directive in the generated .desktop file +, desktopBinary ? ( + if enableGuis.xlib then + "mlterm" + else if enableGuis.wayland then + "mlterm-wl" + else if enableGuis.sdl2 then + "mlterm-sdl2" + else + throw "mlterm: couldn't figure out what desktopBinary to use." + ) }: -stdenv.mkDerivation rec { +let + # Returns a --with-feature=, or `--without-feature` if all attributes are false or don't + # exist. Used later in configureFlags + withFeaturesList = featureName: attrset: let + commaSepList = lib.concatStringsSep "," (builtins.attrNames (lib.filterAttrs (n: v: v) attrset)); + in + lib.withFeatureAs (commaSepList != "") featureName commaSepList + ; +in stdenv.mkDerivation rec { pname = "mlterm"; version = "3.9.3"; @@ -18,25 +103,41 @@ stdenv.mkDerivation rec { sha256 = "sha256-gfs5cdwUUwSBWwJJSaxrQGWJvLkI27RMlk5QvDALEDg="; }; - nativeBuildInputs = [ pkg-config autoconf wrapGAppsHook ]; + nativeBuildInputs = [ + pkg-config + autoconf + ] ++ lib.optionals enableTools.mlconfig [ + wrapGAppsHook + ]; buildInputs = [ - libX11 - gdk-pixbuf.dev - cairo - libXft - gtk3 - harfbuzz - fribidi + gtk vte - + gdk-pixbuf + ] ++ lib.optionals enableTypeEngines.xcore [ + libX11 + ] ++ lib.optionals enableTypeEngines.xft [ + libXft + ] ++ lib.optionals enableTypeEngines.cairo [ + cairo + ] ++ lib.optionals enableGuis.wayland [ + libxkbcommon + wayland + ] ++ lib.optionals enableGuis.sdl2 [ + SDL2 + ] ++ lib.optionals enableFeatures.otl [ + harfbuzz + ] ++ lib.optionals enableFeatures.bidi [ + fribidi + ] ++ lib.optionals enableFeatures.ssh2 [ libssh2 - ] ++ lib.optionals (!stdenv.isDarwin) [ - # Not supported on Darwin + ] ++ lib.optionals enableFeatures.m17n [ m17n_lib - + ] ++ lib.optionals enableFeatures.fcitx [ fcitx5 fcitx5-gtk + ] ++ lib.optionals enableFeatures.ibus [ ibus + ] ++ lib.optionals enableFeatures.uim [ uim ]; @@ -61,20 +162,13 @@ stdenv.mkDerivation rec { ''; configureFlags = [ - "--with-imagelib=gdk-pixbuf" #or mlimgloader depending on your bugs of choice - "--with-type-engines=cairo,xft,xcore" - "--with-gtk=3.0" - "--enable-ind" #indic scripts - "--enable-fribidi" #bidi scripts - "--with-tools=mlclient,mlconfig,mlcc,mlterm-menu,mlimgloader,registobmp,mlfc" - #mlterm-menu and mlconfig depend on enabling gnome.at-spi2-core - #and configuring ~/.mlterm/key correctly. - ] ++ lib.optionals (!stdenv.isDarwin) [ - "--with-x=yes" - "--with-gui=xlib,fb" - "--enable-m17nlib" #character encodings - ] ++ lib.optionals stdenv.isDarwin [ - "--with-gui=quartz" + (withFeaturesList "type-engines" enableTypeEngines) + (withFeaturesList "tools" enableTools) + (withFeaturesList "gui" enableGuis) + (lib.withFeature enableX11 "x") + ] ++ lib.optionals (gtk != null) [ + "--with-gtk=${lib.versions.major gtk.version}.0" + ] ++ (lib.mapAttrsToList (n: v: lib.enableFeature v n) enableFeatures) ++ [ ]; enableParallelBuilding = true; @@ -91,7 +185,7 @@ stdenv.mkDerivation rec { desktopItem = makeDesktopItem { name = "mlterm"; - exec = "mlterm %U"; + exec = "${desktopBinary} %U"; icon = "mlterm"; type = "Application"; comment = "Multi Lingual TERMinal emulator"; @@ -101,7 +195,15 @@ stdenv.mkDerivation rec { startupNotify = false; }; - passthru.tests.test = nixosTests.terminal-emulators.mlterm; + passthru = { + tests.test = nixosTests.terminal-emulators.mlterm; + inherit + enableTypeEngines + enableTools + enableGuis + enableFeatures + ; + }; meta = with lib; { description = "Multi Lingual TERMinal emulator"; @@ -109,5 +211,6 @@ stdenv.mkDerivation rec { license = licenses.bsd3; maintainers = with maintainers; [ ramkromberg atemu doronbehar ]; platforms = platforms.all; + mainProgram = desktopBinary; }; } From 52016d5cf70bdf0950349f64f9176a8113dc8904 Mon Sep 17 00:00:00 2001 From: Doron Behar Date: Tue, 18 Apr 2023 16:45:55 +0300 Subject: [PATCH 47/52] mlterm-wayland: init --- pkgs/top-level/all-packages.nix | 3 +++ 1 file changed, 3 insertions(+) diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index b89a588ea051..daccf835f94d 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -2572,6 +2572,9 @@ with pkgs; microcom = callPackage ../applications/terminal-emulators/microcom { }; mlterm = darwin.apple_sdk_11_0.callPackage ../applications/terminal-emulators/mlterm { }; + mlterm-wayland = mlterm.override { + enableX11 = false; + }; mrxvt = callPackage ../applications/terminal-emulators/mrxvt { }; From 76c7b656bfa9b20a4172f7901285560db4c2c695 Mon Sep 17 00:00:00 2001 From: Raito Bezarius Date: Tue, 20 Dec 2022 21:18:10 +0100 Subject: [PATCH 48/52] nixos/qemu-vm: refactor bootDisk generation using make-disk-image --- nixos/modules/virtualisation/qemu-vm.nix | 294 +++++++++++------------ 1 file changed, 144 insertions(+), 150 deletions(-) diff --git a/nixos/modules/virtualisation/qemu-vm.nix b/nixos/modules/virtualisation/qemu-vm.nix index 1619c0d9410f..2aa8a36a1cfc 100644 --- a/nixos/modules/virtualisation/qemu-vm.nix +++ b/nixos/modules/virtualisation/qemu-vm.nix @@ -55,6 +55,11 @@ let }; + selectPartitionTableLayout = { useEFIBoot, useDefaultFilesystems }: + if useDefaultFilesystems then + if useEFIBoot then "efi" else "legacy" + else "none"; + driveCmdline = idx: { file, driveExtraOpts, deviceExtraOpts, ... }: let drvId = "drive${toString idx}"; @@ -98,7 +103,6 @@ let addDeviceNames = imap1 (idx: drive: drive // { device = driveDeviceName idx; }); - # Shell script to start the VM. startVM = '' @@ -111,8 +115,23 @@ let NIX_DISK_IMAGE=$(readlink -f "''${NIX_DISK_IMAGE:-${toString config.virtualisation.diskImage}}") || test -z "$NIX_DISK_IMAGE" if test -n "$NIX_DISK_IMAGE" && ! test -e "$NIX_DISK_IMAGE"; then - ${qemu}/bin/qemu-img create -f qcow2 "$NIX_DISK_IMAGE" \ - ${toString config.virtualisation.diskSize}M + echo "Disk image do not exist, creating the virtualisation disk image..." + # If we are using a bootloader and default filesystems layout. + # We have to reuse the system image layout as a backing image format (CoW) + # So we can write on the top of it. + + # If we are not using the default FS layout, potentially, we are interested into + # performing operations in postDeviceCommands or at early boot on the raw device. + # We can still boot through QEMU direct kernel boot feature. + + # CoW prevent size to be attributed to an image. + # FIXME: raise this issue to upstream. + ${qemu}/bin/qemu-img create \ + ${concatStringsSep " \\\n" ([ "-f qcow2" ] + ++ optional (cfg.useBootLoader && cfg.useDefaultFilesystems) "-F qcow2 -b ${systemImage}/nixos.qcow2" + ++ optional (!(cfg.useBootLoader && cfg.useDefaultFilesystems)) "-o size=${toString config.virtualisation.diskSize}M" + ++ [ "$NIX_DISK_IMAGE" ])} + echo "Virtualisation disk image created." fi # Create a directory for storing temporary data of the running VM. @@ -158,13 +177,13 @@ let ${qemu}/bin/qemu-img create -f qcow2 -F qcow2 -b ${bootDisk}/disk.img "$TMPDIR/disk.img" fi - NIX_EFI_VARS=$(readlink -f "''${NIX_EFI_VARS:-${cfg.efiVars}}") + NIX_EFI_VARS=$(readlink -f "''${NIX_EFI_VARS:-${config.system.name}-efi-vars.fd}") ${lib.optionalString cfg.useEFIBoot '' # VM needs writable EFI vars if ! test -e "$NIX_EFI_VARS"; then - cp ${bootDisk}/efi-vars.fd "$NIX_EFI_VARS" + cp ${systemImage}/efi-vars.fd "$NIX_EFI_VARS" chmod 0644 "$NIX_EFI_VARS" fi ''} @@ -200,95 +219,29 @@ let regInfo = pkgs.closureInfo { rootPaths = config.virtualisation.additionalPaths; }; - - # Generate a hard disk image containing a /boot partition and GRUB - # in the MBR. Used when the `useBootLoader' option is set. - # Uses `runInLinuxVM` to create the image in a throwaway VM. - # See note [Disk layout with `useBootLoader`]. - # FIXME: use nixos/lib/make-disk-image.nix. - bootDisk = - pkgs.vmTools.runInLinuxVM ( - pkgs.runCommand "nixos-boot-disk" - { preVM = - '' - mkdir $out - diskImage=$out/disk.img - ${qemu}/bin/qemu-img create -f qcow2 $diskImage "120M" - ${lib.optionalString cfg.useEFIBoot '' - efiVars=$out/efi-vars.fd - cp ${cfg.efi.variables} $efiVars - chmod 0644 $efiVars - ''} - ''; - buildInputs = [ pkgs.util-linux ]; - QEMU_OPTS = "-nographic -serial stdio -monitor none" - + lib.optionalString cfg.useEFIBoot ( - " -drive if=pflash,format=raw,unit=0,readonly=on,file=${cfg.efi.firmware}" - + " -drive if=pflash,format=raw,unit=1,file=$efiVars"); - } - '' - # Create a /boot EFI partition with 120M and arbitrary but fixed GUIDs for reproducibility - ${pkgs.gptfdisk}/bin/sgdisk \ - --set-alignment=1 --new=1:34:2047 --change-name=1:BIOSBootPartition --typecode=1:ef02 \ - --set-alignment=512 --largest-new=2 --change-name=2:EFISystem --typecode=2:ef00 \ - --attributes=1:set:1 \ - --attributes=2:set:2 \ - --disk-guid=97FD5997-D90B-4AA3-8D16-C1723AEA73C1 \ - --partition-guid=1:1C06F03B-704E-4657-B9CD-681A087A2FDC \ - --partition-guid=2:970C694F-AFD0-4B99-B750-CDB7A329AB6F \ - --hybrid 2 \ - --recompute-chs /dev/vda - - ${optionalString (config.boot.loader.grub.device != "/dev/vda") - # In this throwaway VM, we only have the /dev/vda disk, but the - # actual VM described by `config` (used by `switch-to-configuration` - # below) may set `boot.loader.grub.device` to a different device - # that's nonexistent in the throwaway VM. - # Create a symlink for that device, so that the `grub-install` - # by `switch-to-configuration` will hit /dev/vda anyway. - '' - ln -s /dev/vda ${config.boot.loader.grub.device} - '' - } - - ${pkgs.dosfstools}/bin/mkfs.fat -F16 /dev/vda2 - export MTOOLS_SKIP_CHECK=1 - ${pkgs.mtools}/bin/mlabel -i /dev/vda2 ::boot - - # Mount /boot; load necessary modules first. - ${pkgs.kmod}/bin/insmod ${pkgs.linux}/lib/modules/*/kernel/fs/nls/nls_cp437.ko.xz || true - ${pkgs.kmod}/bin/insmod ${pkgs.linux}/lib/modules/*/kernel/fs/nls/nls_iso8859-1.ko.xz || true - ${pkgs.kmod}/bin/insmod ${pkgs.linux}/lib/modules/*/kernel/fs/fat/fat.ko.xz || true - ${pkgs.kmod}/bin/insmod ${pkgs.linux}/lib/modules/*/kernel/fs/fat/vfat.ko.xz || true - ${pkgs.kmod}/bin/insmod ${pkgs.linux}/lib/modules/*/kernel/fs/efivarfs/efivarfs.ko.xz || true - mkdir /boot - mount /dev/vda2 /boot - - ${optionalString config.boot.loader.efi.canTouchEfiVariables '' - mount -t efivarfs efivarfs /sys/firmware/efi/efivars - ''} - - # This is needed for GRUB 0.97, which doesn't know about virtio devices. - mkdir /boot/grub - echo '(hd0) /dev/vda' > /boot/grub/device.map - - # This is needed for systemd-boot to find ESP, and udev is not available here to create this - mkdir -p /dev/block - ln -s /dev/vda2 /dev/block/254:2 - - # Set up system profile (normally done by nixos-rebuild / nix-env --set) - mkdir -p /nix/var/nix/profiles - ln -s ${config.system.build.toplevel} /nix/var/nix/profiles/system-1-link - ln -s /nix/var/nix/profiles/system-1-link /nix/var/nix/profiles/system - - # Install bootloader - touch /etc/NIXOS - export NIXOS_INSTALL_BOOTLOADER=1 - ${config.system.build.toplevel}/bin/switch-to-configuration boot - - umount /boot - '' # */ - ); + # System image is akin to a complete NixOS install with + # a boot partition and root partition. + systemImage = import ../../lib/make-disk-image.nix { + inherit pkgs config lib; + additionalPaths = [ regInfo ]; + format = "qcow2"; + onlyNixStore = false; + partitionTableType = selectPartitionTableLayout { inherit (cfg) useDefaultFilesystems useEFIBoot; }; + # Bootloader should be installed on the system image only if we are booting through bootloaders. + # Though, if a user is not using our default filesystems, it is possible to not have any ESP + # or a strange partition table that's incompatible with GRUB configuration. + # As a consequence, this may lead to disk image creation failures. + # To avoid this, we prefer to let the user find out about how to install the bootloader on its ESP/disk. + # Usually, this can be through building your own disk image. + # TODO: If a user is interested into a more fine grained heuristic for `installBootLoader` + # by examining the actual contents of `cfg.fileSystems`, please send a PR. + installBootLoader = cfg.useBootLoader && cfg.useDefaultFilesystems; + touchEFIVars = cfg.useEFIBoot; + diskSize = "auto"; + additionalSpace = "0M"; + copyChannel = false; + OVMF = cfg.efi.OVMF; + }; storeImage = import ../../lib/make-disk-image.nix { inherit pkgs config lib; @@ -297,17 +250,42 @@ let onlyNixStore = true; partitionTableType = "none"; installBootLoader = false; + touchEFIVars = false; diskSize = "auto"; additionalSpace = "0M"; copyChannel = false; }; + bootConfiguration = + if cfg.useDefaultFilesystems + then + if cfg.useBootLoader + then + if cfg.useEFIBoot then "efi_bootloading_with_default_fs" + else "legacy_bootloading_with_default_fs" + else + "direct_boot_with_default_fs" + else + "custom"; + suggestedRootDevice = { + "efi_bootloading_with_default_fs" = "${cfg.bootLoaderDevice}2"; + "legacy_bootloading_with_default_fs" = "${cfg.bootLoaderDevice}1"; + "direct_boot_with_default_fs" = cfg.bootLoaderDevice; + # This will enforce a NixOS module type checking error + # to ask explicitly the user to set a rootDevice. + # As it will look like `rootDevice = lib.mkDefault null;` after + # all "computations". + "custom" = null; + }.${bootConfiguration}; in { imports = [ ../profiles/qemu-guest.nix (mkRenamedOptionModule [ "virtualisation" "pathsInNixDB" ] [ "virtualisation" "additionalPaths" ]) + (mkRemovedOptionModule [ "virtualisation" "bootDevice" ] "This option was renamed to `virtualisation.rootDevice`, as it was incorrectly named and misleading. Take the time to review what you want to do and look at the new options like `virtualisation.{bootLoaderDevice, bootPartition}`, open an issue in case of issues.") + (mkRemovedOptionModule [ "virtualisation" "efiVars" ] "This option was removed, it is possible to provide a template UEFI variable with `virtualisation.efi.variables` ; if this option is important to you, open an issue") + (mkRemovedOptionModule [ "virtualisation" "persistBootDevice" ] "Boot device is always persisted if you use a bootloader through the root disk image ; if this does not work for your usecase, please examine carefully what `virtualisation.{bootLoaderDevice, rootDevice, bootPartition}` options offers you and open an issue explaining your need.`") ]; options = { @@ -362,13 +340,47 @@ in ''; }; - virtualisation.bootDevice = + virtualisation.bootLoaderDevice = mkOption { type = types.path; + default = lookupDriveDeviceName "root" cfg.qemu.drives; + defaultText = literalExpression ''lookupDriveDeviceName "root" cfg.qemu.drives''; example = "/dev/vda"; description = lib.mdDoc '' - The disk to be used for the root filesystem. + The disk to be used for the boot filesystem. + By default, it is the same disk as the root filesystem. + ''; + }; + + virtualisation.bootPartition = + mkOption { + type = types.nullOr types.path; + default = if cfg.useEFIBoot then "${cfg.bootLoaderDevice}1" else null; + defaultText = literalExpression ''if cfg.useEFIBoot then "''${cfg.bootLoaderDevice}1" else null''; + example = "/dev/vda1"; + description = + lib.mdDoc '' + The boot partition to be used to mount /boot filesystem. + In legacy boots, this should be null. + By default, in EFI boot, it is the first partition of the boot device. + ''; + }; + + virtualisation.rootDevice = + mkOption { + type = types.nullOr types.path; + example = "/dev/vda2"; + description = + lib.mdDoc '' + The disk or partition to be used for the root filesystem. + By default (read the source code for more details): + + - under EFI with a bootloader: 2nd partition of the boot disk + - in legacy boot with a bootloader: 1st partition of the boot disk + - in direct boot (i.e. without a bootloader): whole disk + + In case you are not using a default boot device or a default filesystem, you have to set explicitly your root device. ''; }; @@ -749,10 +761,22 @@ in }; virtualisation.efi = { + OVMF = mkOption { + type = types.package; + default = (pkgs.OVMF.override { + secureBoot = cfg.useSecureBoot; + }).fd; + defaultText = ''(pkgs.OVMF.override { + secureBoot = cfg.useSecureBoot; + }).fd''; + description = + lib.mdDoc "OVMF firmware package, defaults to OVMF configured with secure boot if needed."; + }; + firmware = mkOption { type = types.path; - default = pkgs.OVMF.firmware; - defaultText = literalExpression "pkgs.OVMF.firmware"; + default = cfg.efi.OVMF.firmware; + defaultText = literalExpression "cfg.efi.OVMF.firmware"; description = lib.mdDoc '' Firmware binary for EFI implementation, defaults to OVMF. @@ -761,8 +785,8 @@ in variables = mkOption { type = types.path; - default = pkgs.OVMF.variables; - defaultText = literalExpression "pkgs.OVMF.variables"; + default = cfg.efi.OVMF.variables; + defaultText = literalExpression "cfg.efi.OVMF.variables"; description = lib.mdDoc '' Platform-specific flash binary for EFI variables, implementation-dependent to the EFI firmware. @@ -786,18 +810,17 @@ in ''; }; - virtualisation.efiVars = + virtualisation.useSecureBoot = mkOption { - type = types.str; - default = "./${config.system.name}-efi-vars.fd"; - defaultText = literalExpression ''"./''${config.system.name}-efi-vars.fd"''; + type = types.bool; + default = false; description = lib.mdDoc '' - Path to nvram image containing UEFI variables. The will be created - on startup if it does not exist. + Enable Secure Boot support in the EFI firmware. ''; }; + virtualisation.bios = mkOption { type = types.nullOr types.package; @@ -853,30 +876,13 @@ in ${opt.writableStore} = false; ''; - # Note [Disk layout with `useBootLoader`] - # - # If `useBootLoader = true`, we configure 2 drives: - # `/dev/?da` for the root disk, and `/dev/?db` for the boot disk - # which has the `/boot` partition and the boot loader. - # Concretely: - # - # * The second drive's image `disk.img` is created in `bootDisk = ...` - # using a throwaway VM. Note that there the disk is always `/dev/vda`, - # even though in the final VM it will be at `/dev/*b`. - # * The disks are attached in `virtualisation.qemu.drives`. - # Their order makes them appear as devices `a`, `b`, etc. - # * `fileSystems."/boot"` is adjusted to be on device `b`. - # * The disk.img is recreated each time the VM is booted unless - # virtualisation.persistBootDevice is set. - - # If `useBootLoader`, GRUB goes to the second disk, see - # note [Disk layout with `useBootLoader`]. - boot.loader.grub.device = mkVMOverride ( - if cfg.useBootLoader - then driveDeviceName 2 # second disk - else cfg.bootDevice - ); + # In UEFI boot, we use a EFI-only partition table layout, thus GRUB will fail when trying to install + # legacy and UEFI. In order to avoid this, we have to put "nodev" to force UEFI-only installs. + # Otherwise, we set the proper bootloader device for this. + # FIXME: make a sense of this mess wrt to multiple ESP present in the system, probably use boot.efiSysMountpoint? + boot.loader.grub.device = mkVMOverride (if cfg.useEFIBoot then "nodev" else cfg.bootLoaderDevice); boot.loader.grub.gfxmodeBios = with cfg.resolution; "${toString x}x${toString y}"; + virtualisation.rootDevice = mkDefault suggestedRootDevice; boot.initrd.kernelModules = optionals (cfg.useNixStoreImage && !cfg.writableStore) [ "erofs" ]; @@ -890,10 +896,10 @@ in '' # If the disk image appears to be empty, run mke2fs to # initialise. - FSTYPE=$(blkid -o value -s TYPE ${cfg.bootDevice} || true) - PARTTYPE=$(blkid -o value -s PTTYPE ${cfg.bootDevice} || true) + FSTYPE=$(blkid -o value -s TYPE ${cfg.rootDevice} || true) + PARTTYPE=$(blkid -o value -s PTTYPE ${cfg.rootDevice} || true) if test -z "$FSTYPE" -a -z "$PARTTYPE"; then - mke2fs -t ext4 ${cfg.bootDevice} + mke2fs -t ext4 ${cfg.rootDevice} fi ''; @@ -939,8 +945,6 @@ in optional cfg.writableStore "overlay" ++ optional (cfg.qemu.diskInterface == "scsi") "sym53c8xx"; - virtualisation.bootDevice = mkDefault (driveDeviceName 1); - virtualisation.additionalPaths = [ config.system.build.toplevel ]; virtualisation.sharedDirectories = { @@ -997,7 +1001,7 @@ in ]) (mkIf cfg.useEFIBoot [ "-drive if=pflash,format=raw,unit=0,readonly=on,file=${cfg.efi.firmware}" - "-drive if=pflash,format=raw,unit=1,file=$NIX_EFI_VARS" + "-drive if=pflash,format=raw,unit=1,readonly=off,file=$NIX_EFI_VARS" ]) (mkIf (cfg.bios != null) [ "-bios ${cfg.bios}/bios.bin" @@ -1013,23 +1017,14 @@ in file = ''"$NIX_DISK_IMAGE"''; driveExtraOpts.cache = "writeback"; driveExtraOpts.werror = "report"; + deviceExtraOpts.bootindex = "1"; }]) (mkIf cfg.useNixStoreImage [{ name = "nix-store"; file = ''"$TMPDIR"/store.img''; - deviceExtraOpts.bootindex = if cfg.useBootLoader then "3" else "2"; + deviceExtraOpts.bootindex = "2"; driveExtraOpts.format = if cfg.writableStore then "qcow2" else "raw"; }]) - (mkIf cfg.useBootLoader [ - # The order of this list determines the device names, see - # note [Disk layout with `useBootLoader`]. - { - name = "boot"; - file = ''"$TMPDIR"/disk.img''; - driveExtraOpts.media = "disk"; - deviceExtraOpts.bootindex = "1"; - } - ]) (imap0 (idx: _: { file = "$(pwd)/empty${toString idx}.qcow2"; driveExtraOpts.werror = "report"; @@ -1065,7 +1060,7 @@ in device = "tmpfs"; fsType = "tmpfs"; } else { - device = cfg.bootDevice; + device = cfg.rootDevice; fsType = "ext4"; autoFormat = true; }); @@ -1086,9 +1081,8 @@ in options = [ "mode=0755" ]; neededForBoot = true; }; - # see note [Disk layout with `useBootLoader`] - "/boot" = lib.mkIf cfg.useBootLoader { - device = "${lookupDriveDeviceName "boot" cfg.qemu.drives}2"; # 2 for e.g. `vdb2`, as created in `bootDisk` + "/boot" = lib.mkIf (cfg.useBootLoader && cfg.bootPartition != null) { + device = cfg.bootPartition; # 1 for e.g. `vda1`, as created in `systemImage` fsType = "vfat"; noCheck = true; # fsck fails on a r/o filesystem }; From 58f4c3944db804bd28d35ceb4687961683052a91 Mon Sep 17 00:00:00 2001 From: Raito Bezarius Date: Sun, 16 Oct 2022 00:18:03 +0200 Subject: [PATCH 49/52] =?UTF-8?q?nixos/tests(treewide):=20vdb=20=E2=86=92?= =?UTF-8?q?=20vda,=20vdc=20=E2=86=92=20vdb,=20vdd=20=E2=86=92=20vdc,=20?= =?UTF-8?q?=E2=80=A6=20/=20bootDevice=20=E2=86=92=20rootDevice?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- nixos/tests/hibernate.nix | 2 +- nixos/tests/initrd-luks-empty-passphrase.nix | 10 +++++----- nixos/tests/installer.nix | 3 ++- nixos/tests/luks.nix | 8 ++++---- nixos/tests/lvm2/systemd-stage-1.nix | 8 ++++---- nixos/tests/non-default-filesystems.nix | 3 ++- nixos/tests/swap-file-btrfs.nix | 2 +- nixos/tests/swap-partition.nix | 2 +- nixos/tests/systemd-initrd-btrfs-raid.nix | 8 ++++---- nixos/tests/systemd-initrd-luks-fido2.nix | 8 ++++---- nixos/tests/systemd-initrd-luks-keyfile.nix | 6 +++--- nixos/tests/systemd-initrd-luks-password.nix | 12 ++++++------ nixos/tests/systemd-initrd-luks-tpm2.nix | 8 ++++---- nixos/tests/systemd-initrd-swraid.nix | 6 +++--- nixos/tests/zfs.nix | 12 ++++++------ 15 files changed, 50 insertions(+), 48 deletions(-) diff --git a/nixos/tests/hibernate.nix b/nixos/tests/hibernate.nix index cb75322ca5f9..4d0b53e95b32 100644 --- a/nixos/tests/hibernate.nix +++ b/nixos/tests/hibernate.nix @@ -63,7 +63,7 @@ in makeTest { # Small root disk for installer 512 ]; - virtualisation.bootDevice = "/dev/vdb"; + virtualisation.rootDevice = "/dev/vdb"; }; }; diff --git a/nixos/tests/initrd-luks-empty-passphrase.nix b/nixos/tests/initrd-luks-empty-passphrase.nix index 41765a395ec6..d2805f2f1734 100644 --- a/nixos/tests/initrd-luks-empty-passphrase.nix +++ b/nixos/tests/initrd-luks-empty-passphrase.nix @@ -30,26 +30,26 @@ in { specialisation.boot-luks-wrong-keyfile.configuration = { boot.initrd.luks.devices = lib.mkVMOverride { cryptroot = { - device = "/dev/vdc"; + device = "/dev/vdb"; keyFile = "/etc/cryptroot.key"; tryEmptyPassphrase = true; fallbackToPassword = !systemdStage1; }; }; - virtualisation.bootDevice = "/dev/mapper/cryptroot"; + virtualisation.rootDevice = "/dev/mapper/cryptroot"; boot.initrd.secrets."/etc/cryptroot.key" = keyfile; }; specialisation.boot-luks-missing-keyfile.configuration = { boot.initrd.luks.devices = lib.mkVMOverride { cryptroot = { - device = "/dev/vdc"; + device = "/dev/vdb"; keyFile = "/etc/cryptroot.key"; tryEmptyPassphrase = true; fallbackToPassword = !systemdStage1; }; }; - virtualisation.bootDevice = "/dev/mapper/cryptroot"; + virtualisation.rootDevice = "/dev/mapper/cryptroot"; }; }; @@ -76,7 +76,7 @@ in { # Create encrypted volume machine.wait_for_unit("multi-user.target") - machine.succeed("echo "" | cryptsetup luksFormat /dev/vdc --batch-mode") + machine.succeed("echo "" | cryptsetup luksFormat /dev/vdb --batch-mode") machine.succeed("bootctl set-default nixos-generation-1-specialisation-boot-luks-wrong-keyfile.conf") machine.succeed("sync") machine.crash() diff --git a/nixos/tests/installer.nix b/nixos/tests/installer.nix index d441765fe194..f385a99ce652 100644 --- a/nixos/tests/installer.nix +++ b/nixos/tests/installer.nix @@ -316,8 +316,9 @@ let # installer. This ensures the target disk (/dev/vda) is # the same during and after installation. virtualisation.emptyDiskImages = [ 512 ]; - virtualisation.bootDevice = + virtualisation.rootDevice = if grubVersion == 1 then "/dev/disk/by-id/scsi-0QEMU_QEMU_HARDDISK_drive2" else "/dev/vdb"; + virtualisation.bootLoaderDevice = "/dev/vda"; virtualisation.qemu.diskInterface = if grubVersion == 1 then "scsi" else "virtio"; diff --git a/nixos/tests/luks.nix b/nixos/tests/luks.nix index 82f5095cb260..c2b95c6a95fb 100644 --- a/nixos/tests/luks.nix +++ b/nixos/tests/luks.nix @@ -18,10 +18,10 @@ import ./make-test-python.nix ({ lib, pkgs, ... }: { boot-luks.configuration = { boot.initrd.luks.devices = lib.mkVMOverride { # We have two disks and only type one password - key reuse is in place - cryptroot.device = "/dev/vdc"; - cryptroot2.device = "/dev/vdd"; + cryptroot.device = "/dev/vdb"; + cryptroot2.device = "/dev/vdc"; }; - virtualisation.bootDevice = "/dev/mapper/cryptroot"; + virtualisation.rootDevice = "/dev/mapper/cryptroot"; }; boot-luks-custom-keymap.configuration = lib.mkMerge [ boot-luks.configuration @@ -37,8 +37,8 @@ import ./make-test-python.nix ({ lib, pkgs, ... }: { testScript = '' # Create encrypted volume machine.wait_for_unit("multi-user.target") + machine.succeed("echo -n supersecret | cryptsetup luksFormat -q --iter-time=1 /dev/vdb -") machine.succeed("echo -n supersecret | cryptsetup luksFormat -q --iter-time=1 /dev/vdc -") - machine.succeed("echo -n supersecret | cryptsetup luksFormat -q --iter-time=1 /dev/vdd -") # Boot from the encrypted disk machine.succeed("bootctl set-default nixos-generation-1-specialisation-boot-luks.conf") diff --git a/nixos/tests/lvm2/systemd-stage-1.nix b/nixos/tests/lvm2/systemd-stage-1.nix index 617ba77b1796..b711cd22d7f4 100644 --- a/nixos/tests/lvm2/systemd-stage-1.nix +++ b/nixos/tests/lvm2/systemd-stage-1.nix @@ -1,18 +1,18 @@ { kernelPackages ? null, flavour }: let preparationCode = { raid = '' - machine.succeed("vgcreate test_vg /dev/vdc /dev/vdd") + machine.succeed("vgcreate test_vg /dev/vdb /dev/vdc") machine.succeed("lvcreate -L 512M --type raid0 test_vg -n test_lv") ''; thinpool = '' - machine.succeed("vgcreate test_vg /dev/vdc") + machine.succeed("vgcreate test_vg /dev/vdb") machine.succeed("lvcreate -L 512M -T test_vg/test_thin_pool") machine.succeed("lvcreate -n test_lv -V 16G --thinpool test_thin_pool test_vg") ''; vdo = '' - machine.succeed("vgcreate test_vg /dev/vdc") + machine.succeed("vgcreate test_vg /dev/vdb") machine.succeed("lvcreate --type vdo -n test_lv -L 6G -V 12G test_vg/vdo_pool_lv") ''; }.${flavour}; @@ -79,7 +79,7 @@ in import ../make-test-python.nix ({ pkgs, ... }: { kernelPackages = lib.mkIf (kernelPackages != null) kernelPackages; }; - specialisation.boot-lvm.configuration.virtualisation.bootDevice = "/dev/test_vg/test_lv"; + specialisation.boot-lvm.configuration.virtualisation.rootDevice = "/dev/test_vg/test_lv"; }; testScript = '' diff --git a/nixos/tests/non-default-filesystems.nix b/nixos/tests/non-default-filesystems.nix index 7fa75aaad724..d4e8bfbc65e9 100644 --- a/nixos/tests/non-default-filesystems.nix +++ b/nixos/tests/non-default-filesystems.nix @@ -5,9 +5,10 @@ import ./make-test-python.nix ({ lib, pkgs, ... }: nodes.machine = { config, pkgs, lib, ... }: let - disk = config.virtualisation.bootDevice; + disk = config.virtualisation.rootDevice; in { + virtualisation.rootDevice = "/dev/vda"; virtualisation.useDefaultFilesystems = false; boot.initrd.availableKernelModules = [ "btrfs" ]; diff --git a/nixos/tests/swap-file-btrfs.nix b/nixos/tests/swap-file-btrfs.nix index 4f73942b5f32..d9fcd2be1160 100644 --- a/nixos/tests/swap-file-btrfs.nix +++ b/nixos/tests/swap-file-btrfs.nix @@ -9,7 +9,7 @@ import ./make-test-python.nix ({ lib, ... }: { virtualisation.useDefaultFilesystems = false; - virtualisation.bootDevice = "/dev/vda"; + virtualisation.rootDevice = "/dev/vda"; boot.initrd.postDeviceCommands = '' ${pkgs.btrfs-progs}/bin/mkfs.btrfs --label root /dev/vda diff --git a/nixos/tests/swap-partition.nix b/nixos/tests/swap-partition.nix index 2279630b57b8..ddcaeb95453e 100644 --- a/nixos/tests/swap-partition.nix +++ b/nixos/tests/swap-partition.nix @@ -7,7 +7,7 @@ import ./make-test-python.nix ({ lib, pkgs, ... }: { virtualisation.useDefaultFilesystems = false; - virtualisation.bootDevice = "/dev/vda1"; + virtualisation.rootDevice = "/dev/vda1"; boot.initrd.postDeviceCommands = '' if ! test -b /dev/vda1; then diff --git a/nixos/tests/systemd-initrd-btrfs-raid.nix b/nixos/tests/systemd-initrd-btrfs-raid.nix index 40fd2d4dc611..c9cdf0060b1b 100644 --- a/nixos/tests/systemd-initrd-btrfs-raid.nix +++ b/nixos/tests/systemd-initrd-btrfs-raid.nix @@ -21,14 +21,14 @@ import ./make-test-python.nix ({ lib, pkgs, ... }: { fileSystems = lib.mkVMOverride { "/".fsType = lib.mkForce "btrfs"; }; - virtualisation.bootDevice = "/dev/vdc"; + virtualisation.rootDevice = "/dev/vdb"; }; }; testScript = '' # Create RAID - machine.succeed("mkfs.btrfs -d raid0 /dev/vdc /dev/vdd") - machine.succeed("mkdir -p /mnt && mount /dev/vdc /mnt && echo hello > /mnt/test && umount /mnt") + machine.succeed("mkfs.btrfs -d raid0 /dev/vdb /dev/vdc") + machine.succeed("mkdir -p /mnt && mount /dev/vdb /mnt && echo hello > /mnt/test && umount /mnt") # Boot from the RAID machine.succeed("bootctl set-default nixos-generation-1-specialisation-boot-btrfs-raid.conf") @@ -38,7 +38,7 @@ import ./make-test-python.nix ({ lib, pkgs, ... }: { # Ensure we have successfully booted from the RAID assert "(initrd)" in machine.succeed("systemd-analyze") # booted with systemd in stage 1 - assert "/dev/vdc on / type btrfs" in machine.succeed("mount") + assert "/dev/vdb on / type btrfs" in machine.succeed("mount") assert "hello" in machine.succeed("cat /test") assert "Total devices 2" in machine.succeed("btrfs filesystem show") ''; diff --git a/nixos/tests/systemd-initrd-luks-fido2.nix b/nixos/tests/systemd-initrd-luks-fido2.nix index 133e552a3dc9..e80d95f79c7e 100644 --- a/nixos/tests/systemd-initrd-luks-fido2.nix +++ b/nixos/tests/systemd-initrd-luks-fido2.nix @@ -19,19 +19,19 @@ import ./make-test-python.nix ({ lib, pkgs, ... }: { specialisation.boot-luks.configuration = { boot.initrd.luks.devices = lib.mkVMOverride { cryptroot = { - device = "/dev/vdc"; + device = "/dev/vdb"; crypttabExtraOpts = [ "fido2-device=auto" ]; }; }; - virtualisation.bootDevice = "/dev/mapper/cryptroot"; + virtualisation.rootDevice = "/dev/mapper/cryptroot"; }; }; testScript = '' # Create encrypted volume machine.wait_for_unit("multi-user.target") - machine.succeed("echo -n supersecret | cryptsetup luksFormat -q --iter-time=1 /dev/vdc -") - machine.succeed("PASSWORD=supersecret SYSTEMD_LOG_LEVEL=debug systemd-cryptenroll --fido2-device=auto /dev/vdc |& systemd-cat") + machine.succeed("echo -n supersecret | cryptsetup luksFormat -q --iter-time=1 /dev/vdb -") + machine.succeed("PASSWORD=supersecret SYSTEMD_LOG_LEVEL=debug systemd-cryptenroll --fido2-device=auto /dev/vdb |& systemd-cat") # Boot from the encrypted disk machine.succeed("bootctl set-default nixos-generation-1-specialisation-boot-luks.conf") diff --git a/nixos/tests/systemd-initrd-luks-keyfile.nix b/nixos/tests/systemd-initrd-luks-keyfile.nix index 25c0c5bd866d..257243d92a1d 100644 --- a/nixos/tests/systemd-initrd-luks-keyfile.nix +++ b/nixos/tests/systemd-initrd-luks-keyfile.nix @@ -27,11 +27,11 @@ in { specialisation.boot-luks.configuration = { boot.initrd.luks.devices = lib.mkVMOverride { cryptroot = { - device = "/dev/vdc"; + device = "/dev/vdb"; keyFile = "/etc/cryptroot.key"; }; }; - virtualisation.bootDevice = "/dev/mapper/cryptroot"; + virtualisation.rootDevice = "/dev/mapper/cryptroot"; boot.initrd.secrets."/etc/cryptroot.key" = keyfile; }; }; @@ -39,7 +39,7 @@ in { testScript = '' # Create encrypted volume machine.wait_for_unit("multi-user.target") - machine.succeed("cryptsetup luksFormat -q --iter-time=1 -d ${keyfile} /dev/vdc") + machine.succeed("cryptsetup luksFormat -q --iter-time=1 -d ${keyfile} /dev/vdb") # Boot from the encrypted disk machine.succeed("bootctl set-default nixos-generation-1-specialisation-boot-luks.conf") diff --git a/nixos/tests/systemd-initrd-luks-password.nix b/nixos/tests/systemd-initrd-luks-password.nix index 55d0b4324b40..2dd3f304e82a 100644 --- a/nixos/tests/systemd-initrd-luks-password.nix +++ b/nixos/tests/systemd-initrd-luks-password.nix @@ -19,10 +19,10 @@ import ./make-test-python.nix ({ lib, pkgs, ... }: { specialisation.boot-luks.configuration = { boot.initrd.luks.devices = lib.mkVMOverride { # We have two disks and only type one password - key reuse is in place - cryptroot.device = "/dev/vdc"; - cryptroot2.device = "/dev/vdd"; + cryptroot.device = "/dev/vdb"; + cryptroot2.device = "/dev/vdc"; }; - virtualisation.bootDevice = "/dev/mapper/cryptroot"; + virtualisation.rootDevice = "/dev/mapper/cryptroot"; # test mounting device unlocked in initrd after switching root virtualisation.fileSystems."/cryptroot2".device = "/dev/mapper/cryptroot2"; }; @@ -31,9 +31,9 @@ import ./make-test-python.nix ({ lib, pkgs, ... }: { testScript = '' # Create encrypted volume machine.wait_for_unit("multi-user.target") + machine.succeed("echo -n supersecret | cryptsetup luksFormat -q --iter-time=1 /dev/vdb -") machine.succeed("echo -n supersecret | cryptsetup luksFormat -q --iter-time=1 /dev/vdc -") - machine.succeed("echo -n supersecret | cryptsetup luksFormat -q --iter-time=1 /dev/vdd -") - machine.succeed("echo -n supersecret | cryptsetup luksOpen -q /dev/vdd cryptroot2") + machine.succeed("echo -n supersecret | cryptsetup luksOpen -q /dev/vdc cryptroot2") machine.succeed("mkfs.ext4 /dev/mapper/cryptroot2") # Boot from the encrypted disk @@ -47,7 +47,7 @@ import ./make-test-python.nix ({ lib, pkgs, ... }: { machine.send_console("supersecret\n") machine.wait_for_unit("multi-user.target") - assert "/dev/mapper/cryptroot on / type ext4" in machine.succeed("mount") + assert "/dev/mapper/cryptroot on / type ext4" in machine.succeed("mount"), "/dev/mapper/cryptroot do not appear in mountpoints list" assert "/dev/mapper/cryptroot2 on /cryptroot2 type ext4" in machine.succeed("mount") ''; }) diff --git a/nixos/tests/systemd-initrd-luks-tpm2.nix b/nixos/tests/systemd-initrd-luks-tpm2.nix index 085088d2ee25..734ef38579f0 100644 --- a/nixos/tests/systemd-initrd-luks-tpm2.nix +++ b/nixos/tests/systemd-initrd-luks-tpm2.nix @@ -21,11 +21,11 @@ import ./make-test-python.nix ({ lib, pkgs, ... }: { specialisation.boot-luks.configuration = { boot.initrd.luks.devices = lib.mkVMOverride { cryptroot = { - device = "/dev/vdc"; + device = "/dev/vdb"; crypttabExtraOpts = [ "tpm2-device=auto" ]; }; }; - virtualisation.bootDevice = "/dev/mapper/cryptroot"; + virtualisation.rootDevice = "/dev/mapper/cryptroot"; }; }; @@ -55,8 +55,8 @@ import ./make-test-python.nix ({ lib, pkgs, ... }: { # Create encrypted volume machine.wait_for_unit("multi-user.target") - machine.succeed("echo -n supersecret | cryptsetup luksFormat -q --iter-time=1 /dev/vdc -") - machine.succeed("PASSWORD=supersecret SYSTEMD_LOG_LEVEL=debug systemd-cryptenroll --tpm2-pcrs= --tpm2-device=auto /dev/vdc |& systemd-cat") + machine.succeed("echo -n supersecret | cryptsetup luksFormat -q --iter-time=1 /dev/vdb -") + machine.succeed("PASSWORD=supersecret SYSTEMD_LOG_LEVEL=debug systemd-cryptenroll --tpm2-pcrs= --tpm2-device=auto /dev/vdb |& systemd-cat") # Boot from the encrypted disk machine.succeed("bootctl set-default nixos-generation-1-specialisation-boot-luks.conf") diff --git a/nixos/tests/systemd-initrd-swraid.nix b/nixos/tests/systemd-initrd-swraid.nix index 28a0fb3192ae..d201ba99a204 100644 --- a/nixos/tests/systemd-initrd-swraid.nix +++ b/nixos/tests/systemd-initrd-swraid.nix @@ -20,18 +20,18 @@ import ./make-test-python.nix ({ lib, pkgs, ... }: { services.swraid = { enable = true; mdadmConf = '' - ARRAY /dev/md0 devices=/dev/vdc,/dev/vdd + ARRAY /dev/md0 devices=/dev/vdb,/dev/vdc ''; }; kernelModules = [ "raid0" ]; }; - specialisation.boot-swraid.configuration.virtualisation.bootDevice = "/dev/disk/by-label/testraid"; + specialisation.boot-swraid.configuration.virtualisation.rootDevice = "/dev/disk/by-label/testraid"; }; testScript = '' # Create RAID - machine.succeed("mdadm --create --force /dev/md0 -n 2 --level=raid0 /dev/vdc /dev/vdd") + machine.succeed("mdadm --create --force /dev/md0 -n 2 --level=raid0 /dev/vdb /dev/vdc") machine.succeed("mkfs.ext4 -L testraid /dev/md0") machine.succeed("mkdir -p /mnt && mount /dev/md0 /mnt && echo hello > /mnt/test && umount /mnt") diff --git a/nixos/tests/zfs.nix b/nixos/tests/zfs.nix index bcb9d9bcfd60..e86c53befd28 100644 --- a/nixos/tests/zfs.nix +++ b/nixos/tests/zfs.nix @@ -98,15 +98,15 @@ let machine.wait_for_unit("multi-user.target") machine.succeed( "zpool status", + "parted --script /dev/vdb mklabel msdos", + "parted --script /dev/vdb -- mkpart primary 1024M -1s", "parted --script /dev/vdc mklabel msdos", "parted --script /dev/vdc -- mkpart primary 1024M -1s", - "parted --script /dev/vdd mklabel msdos", - "parted --script /dev/vdd -- mkpart primary 1024M -1s", ) with subtest("sharesmb works"): machine.succeed( - "zpool create rpool /dev/vdc1", + "zpool create rpool /dev/vdb1", "zfs create -o mountpoint=legacy rpool/root", # shared datasets cannot have legacy mountpoint "zfs create rpool/shared_smb", @@ -126,8 +126,8 @@ let with subtest("encryption works"): machine.succeed( 'echo password | zpool create -O mountpoint=legacy ' - + "-O encryption=aes-256-gcm -O keyformat=passphrase automatic /dev/vdc1", - "zpool create -O mountpoint=legacy manual /dev/vdd1", + + "-O encryption=aes-256-gcm -O keyformat=passphrase automatic /dev/vdb1", + "zpool create -O mountpoint=legacy manual /dev/vdc1", "echo otherpass | zfs create " + "-o encryption=aes-256-gcm -o keyformat=passphrase manual/encrypted", "bootctl set-default nixos-generation-1-specialisation-encryption.conf", @@ -153,7 +153,7 @@ let machine.succeed( "rm /etc/hostid", "zgenhostid deadcafe", - "zpool create forcepool /dev/vdc1 -O mountpoint=legacy", + "zpool create forcepool /dev/vdb1 -O mountpoint=legacy", "bootctl set-default nixos-generation-1-specialisation-forcepool.conf", "rm /etc/hostid", "sync", From e3a41f3fec8ddfc9e20df2e10f49c464525defa3 Mon Sep 17 00:00:00 2001 From: Raito Bezarius Date: Sun, 26 Mar 2023 00:44:41 +0100 Subject: [PATCH 50/52] nixos/tests/bootspec: assert for boot.json rather than bootspec/boot.json --- nixos/tests/bootspec.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/nixos/tests/bootspec.nix b/nixos/tests/bootspec.nix index 077dff918e0d..f388a15ffa2d 100644 --- a/nixos/tests/bootspec.nix +++ b/nixos/tests/bootspec.nix @@ -108,9 +108,9 @@ in machine.start() machine.wait_for_unit("multi-user.target") - machine.succeed("test -e /run/current-system/bootspec/boot.json") + machine.succeed("test -e /run/current-system/boot.json") - bootspec = json.loads(machine.succeed("jq -r '.v1' /run/current-system/bootspec/boot.json")) + bootspec = json.loads(machine.succeed("jq -r '.v1' /run/current-system/boot.json")) assert all(key in bootspec for key in ('initrd', 'initrdSecrets')), "Bootspec should contain initrd or initrdSecrets field when initrd is enabled" ''; From 614b83a3285ca44650473e73f9777d7c41fe88a1 Mon Sep 17 00:00:00 2001 From: Raito Bezarius Date: Wed, 12 Apr 2023 19:55:43 +0200 Subject: [PATCH 51/52] nixos/virtualisation/qemu-vm: remove persistBootDevice option This option has been introduced in 678eed323ffd90117472cd432ebe85dddaff07f1 without realizing there was this PR inflight, unfortunately, it collide with what this PR does and make it irrelevant. Therefore, I remove it here. --- nixos/modules/virtualisation/qemu-vm.nix | 19 +------------------ nixos/tests/initrd-secrets-changing.nix | 1 - 2 files changed, 1 insertion(+), 19 deletions(-) diff --git a/nixos/modules/virtualisation/qemu-vm.nix b/nixos/modules/virtualisation/qemu-vm.nix index 2aa8a36a1cfc..0a682fff4103 100644 --- a/nixos/modules/virtualisation/qemu-vm.nix +++ b/nixos/modules/virtualisation/qemu-vm.nix @@ -171,12 +171,6 @@ let ${lib.optionalString cfg.useBootLoader '' - if ${if !cfg.persistBootDevice then "true" else "! test -e $TMPDIR/disk.img"}; then - # Create a writable copy/snapshot of the boot disk. - # A writable boot disk can be booted from automatically. - ${qemu}/bin/qemu-img create -f qcow2 -F qcow2 -b ${bootDisk}/disk.img "$TMPDIR/disk.img" - fi - NIX_EFI_VARS=$(readlink -f "''${NIX_EFI_VARS:-${config.system.name}-efi-vars.fd}") ${lib.optionalString cfg.useEFIBoot @@ -285,7 +279,7 @@ in (mkRenamedOptionModule [ "virtualisation" "pathsInNixDB" ] [ "virtualisation" "additionalPaths" ]) (mkRemovedOptionModule [ "virtualisation" "bootDevice" ] "This option was renamed to `virtualisation.rootDevice`, as it was incorrectly named and misleading. Take the time to review what you want to do and look at the new options like `virtualisation.{bootLoaderDevice, bootPartition}`, open an issue in case of issues.") (mkRemovedOptionModule [ "virtualisation" "efiVars" ] "This option was removed, it is possible to provide a template UEFI variable with `virtualisation.efi.variables` ; if this option is important to you, open an issue") - (mkRemovedOptionModule [ "virtualisation" "persistBootDevice" ] "Boot device is always persisted if you use a bootloader through the root disk image ; if this does not work for your usecase, please examine carefully what `virtualisation.{bootLoaderDevice, rootDevice, bootPartition}` options offers you and open an issue explaining your need.`") + (mkRemovedOptionModule [ "virtualisation" "persistBootDevice" ] "Boot device is always persisted if you use a bootloader through the root disk image ; if this does not work for your usecase, please examine carefully what `virtualisation.{bootDevice, rootDevice, bootPartition}` options offer you and open an issue explaining your need.`") ]; options = { @@ -384,17 +378,6 @@ in ''; }; - virtualisation.persistBootDevice = - mkOption { - type = types.bool; - default = false; - description = - lib.mdDoc '' - If useBootLoader is specified, whether to recreate the boot device - on each instantiaton or allow it to persist. - ''; - }; - virtualisation.emptyDiskImages = mkOption { type = types.listOf types.ints.positive; diff --git a/nixos/tests/initrd-secrets-changing.nix b/nixos/tests/initrd-secrets-changing.nix index 775c69d0142d..d6f9ef9ced83 100644 --- a/nixos/tests/initrd-secrets-changing.nix +++ b/nixos/tests/initrd-secrets-changing.nix @@ -15,7 +15,6 @@ testing.makeTest { nodes.machine = { ... }: { virtualisation.useBootLoader = true; - virtualisation.persistBootDevice = true; boot.loader.grub.device = "/dev/vda"; From 76f1b633ba8023ea789347a52dcf1e6c60ec5369 Mon Sep 17 00:00:00 2001 From: Raito Bezarius Date: Wed, 12 Apr 2023 20:00:44 +0200 Subject: [PATCH 52/52] CODEOWNERS: add raitobezarius to qemu-vm.nix I do a lot of work on QEMU VM and make-disk-image and I was bitten by an unnotified change recently, so I want to chime in the future changes of this file. --- .github/CODEOWNERS | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index 96bdccccf517..f3d4781dc531 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -90,6 +90,9 @@ # NixOS integration test driver /nixos/lib/test-driver @tfc +# NixOS QEMU virtualisation +/nixos/virtualisation/qemu-vm.nix @raitobezarius + # Systemd /nixos/modules/system/boot/systemd.nix @NixOS/systemd /nixos/modules/system/boot/systemd @NixOS/systemd