diff --git a/doc/languages-frameworks/dotnet.section.md b/doc/languages-frameworks/dotnet.section.md new file mode 100644 index 000000000000..c56f4728bed8 --- /dev/null +++ b/doc/languages-frameworks/dotnet.section.md @@ -0,0 +1,75 @@ +# Dotnet + +## Local Development Workflow + +For local development, it's recommended to use nix-shell to create a dotnet environment: + +``` +# shell.nix +with import {}; + +mkShell { + name = "dotnet-env"; + buildInputs = [ + dotnet-sdk_3 + ]; +} +``` + +### Using many sdks in a workflow + +It's very likely that more than one sdk will be needed on a given project. Dotnet provides several different frameworks (E.g dotnetcore, aspnetcore, etc.) as well as many versions for a given framework. Normally, dotnet is able to fetch a framework and install it relative to the executable. However, this would mean writing to the nix store in nixpkgs, which is read-only. To support the many-sdk use case, one can compose an environment using `dotnetCorePackages.combinePackages`: + +``` +with import {}; + +mkShell { + name = "dotnet-env"; + buildInputs = [ + (with dotnetCorePackages; combinePackages [ + sdk_3_1 + sdk_3_0 + sdk_2_1 + ]) + ]; +} +``` + +This will produce a dotnet installation that has the dotnet 3.1, 3.0, and 2.1 sdk. The first sdk listed will have it's cli utility present in the resulting environment. Example info output: + +``` +$ dotnet --info +.NET Core SDK (reflecting any global.json): + Version: 3.1.101 + Commit: b377529961 + +... + +.NET Core SDKs installed: + 2.1.803 [/nix/store/iiv98i2jdi226dgh4jzkkj2ww7f8jgpd-dotnet-core-combined/sdk] + 3.0.102 [/nix/store/iiv98i2jdi226dgh4jzkkj2ww7f8jgpd-dotnet-core-combined/sdk] + 3.1.101 [/nix/store/iiv98i2jdi226dgh4jzkkj2ww7f8jgpd-dotnet-core-combined/sdk] + +.NET Core runtimes installed: + Microsoft.AspNetCore.All 2.1.15 [/nix/store/iiv98i2jdi226dgh4jzkkj2ww7f8jgpd-dotnet-core-combined/shared/Microsoft.AspNetCore.All] + Microsoft.AspNetCore.App 2.1.15 [/nix/store/iiv98i2jdi226dgh4jzkkj2ww7f8jgpd-dotnet-core-combined/shared/Microsoft.AspNetCore.App] + Microsoft.AspNetCore.App 3.0.2 [/nix/store/iiv98i2jdi226dgh4jzkkj2ww7f8jgpd-dotnet-core-combined/shared/Microsoft.AspNetCore.App] + Microsoft.AspNetCore.App 3.1.1 [/nix/store/iiv98i2jdi226dgh4jzkkj2ww7f8jgpd-dotnet-core-combined/shared/Microsoft.AspNetCore.App] + Microsoft.NETCore.App 2.1.15 [/nix/store/iiv98i2jdi226dgh4jzkkj2ww7f8jgpd-dotnet-core-combined/shared/Microsoft.NETCore.App] + Microsoft.NETCore.App 3.0.2 [/nix/store/iiv98i2jdi226dgh4jzkkj2ww7f8jgpd-dotnet-core-combined/shared/Microsoft.NETCore.App] + Microsoft.NETCore.App 3.1.1 [/nix/store/iiv98i2jdi226dgh4jzkkj2ww7f8jgpd-dotnet-core-combined/shared/Microsoft.NETCore.App] +``` + +## dotnet-sdk vs dotnetCorePackages.sdk + +The `dotnetCorePackages.sdk_X_Y` is preferred over the old dotnet-sdk as both major and minor version are very important for a dotnet environment. If a given minor version isn't present (or was changed), then this will likely break your ability to build a project. + +## dotnetCorePackages.sdk vs dotnetCorePackages.netcore vs dotnetCorePackages.aspnetcore + +The `dotnetCorePackages.sdk` contains both a runtime and the full sdk of a given version. The `netcore` and `aspnetcore` packages are meant to serve as minimal runtimes to deploy alongside already built applications. + +## Packaging a Dotnet Application + +Ideally, we would like to build against the sdk, then only have the dotnet runtime available in the runtime closure. + +TODO: Create closure-friendly way to package dotnet applications diff --git a/maintainers/maintainer-list.nix b/maintainers/maintainer-list.nix index 8d5447654eef..de6adbf69d51 100644 --- a/maintainers/maintainer-list.nix +++ b/maintainers/maintainer-list.nix @@ -4304,6 +4304,12 @@ email = "wheatdoge@gmail.com"; name = "Tim Liou"; }; + m1cr0man = { + email = "lucas+nix@m1cr0man.com"; + github = "m1cr0man"; + githubId = 3044438; + name = "Lucas Savva"; + }; m3tti = { email = "mathaeus.peter.sander@gmail.com"; name = "Mathaeus Sander"; diff --git a/nixos/doc/manual/release-notes/rl-2003.xml b/nixos/doc/manual/release-notes/rl-2003.xml index fc301aecbb97..eac50b705a88 100644 --- a/nixos/doc/manual/release-notes/rl-2003.xml +++ b/nixos/doc/manual/release-notes/rl-2003.xml @@ -615,6 +615,12 @@ auth required pam_succeed_if.so uid >= 1000 quiet release notes. + + + The gcc-snapshot-package has been removed. It's marked as broken for >2 years and used to point + to a fairly old snapshot from the gcc7-branch. + + @@ -654,6 +660,21 @@ auth required pam_succeed_if.so uid >= 1000 quiet PRETTY_NAME in /etc/os-release now uses the short rather than full version string. + + + + The ACME module has switched from simp-le to lego + which allows us to support DNS-01 challenges and wildcard certificates. The following options have been added: + security.acme.acceptTerms, + security.acme.certs.<name>.dnsProvider, + security.acme.certs.<name>.credentialsFile, + security.acme.certs.<name>.dnsPropagationCheck. + As well as this, the options security.acme.acceptTerms and either + security.acme.email or security.acme.certs.<name>.email + must be set in order to use the ACME module. + Certificates will be regenerated anew on the next renewal date. The credentials for simp-le are + preserved and thus it is possible to roll back to previous versions without breaking certificate + generation. diff --git a/nixos/lib/make-ext4-fs.nix b/nixos/lib/make-ext4-fs.nix index f46d3990c06b..627ac324cf57 100644 --- a/nixos/lib/make-ext4-fs.nix +++ b/nixos/lib/make-ext4-fs.nix @@ -64,7 +64,7 @@ pkgs.stdenv.mkDerivation { echo "copying files to image..." cptofs -t ext4 -i $img ./files/* / - + export EXT2FS_NO_MTAB_OK=yes # I have ended up with corrupted images sometimes, I suspect that happens when the build machine's disk gets full during the build. if ! fsck.ext4 -n -f $img; then echo "--- Fsck failed for EXT4 image of $bytes bytes (numInodes=$numInodes, numDataBlocks=$numDataBlocks) ---" @@ -72,21 +72,8 @@ pkgs.stdenv.mkDerivation { return 1 fi - ( - # Resizes **snugly** to its actual limits (or closer to) - free=$(dumpe2fs $img | grep '^Free blocks:') - blocksize=$(dumpe2fs $img | grep '^Block size:') - blocks=$(dumpe2fs $img | grep '^Block count:') - blocks=$((''${blocks##*:})) # format the number. - blocksize=$((''${blocksize##*:})) # format the number. - # System can't boot with 0 blocks free. - # Add 16MiB of free space - fudge=$(( 16 * 1024 * 1024 / blocksize )) - size=$(( blocks - ''${free##*:} + fudge )) - - echo "Resizing from $blocks blocks to $size blocks. (~ $((size*blocksize/1024/1024))MiB)" - EXT2FS_NO_MTAB_OK=yes resize2fs $img -f $size - ) + echo "Resizing to minimum allowed size" + resize2fs -M $img # And a final fsck, because of the previous truncating. fsck.ext4 -n -f $img diff --git a/nixos/lib/testing.nix b/nixos/lib/testing.nix index ae8ecd6270ce..c82abd1f9900 100644 --- a/nixos/lib/testing.nix +++ b/nixos/lib/testing.nix @@ -19,7 +19,11 @@ in rec { inherit pkgs; - testDriver = stdenv.mkDerivation { + testDriver = lib.warn '' + Perl VM tests are deprecated and will be removed for 20.09. + Please update your tests to use the python test driver. + See https://github.com/NixOS/nixpkgs/pull/71684 for details. + '' stdenv.mkDerivation { name = "nixos-test-driver"; buildInputs = [ makeWrapper perl ]; diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix index 878b77969af1..541a17af6e96 100644 --- a/nixos/modules/module-list.nix +++ b/nixos/modules/module-list.nix @@ -229,6 +229,8 @@ ./services/backup/restic.nix ./services/backup/restic-rest-server.nix ./services/backup/rsnapshot.nix + ./services/backup/sanoid.nix + ./services/backup/syncoid.nix ./services/backup/tarsnap.nix ./services/backup/tsm.nix ./services/backup/zfs-replication.nix @@ -401,6 +403,7 @@ ./services/mail/rspamd.nix ./services/mail/rss2email.nix ./services/mail/roundcube.nix + ./services/mail/sympa.nix ./services/mail/nullmailer.nix ./services/misc/airsonic.nix ./services/misc/apache-kafka.nix @@ -814,6 +817,7 @@ ./services/web-apps/dokuwiki.nix ./services/web-apps/frab.nix ./services/web-apps/gotify-server.nix + ./services/web-apps/grocy.nix ./services/web-apps/icingaweb2/icingaweb2.nix ./services/web-apps/icingaweb2/module-monitoring.nix ./services/web-apps/ihatemoney diff --git a/nixos/modules/programs/zsh/zsh.nix b/nixos/modules/programs/zsh/zsh.nix index c66c29ed45fb..4fbdba47b1df 100644 --- a/nixos/modules/programs/zsh/zsh.nix +++ b/nixos/modules/programs/zsh/zsh.nix @@ -15,6 +15,24 @@ let (filterAttrs (k: v: v != null) cfg.shellAliases) ); + zshStartupNotes = '' + # Note that generated /etc/zprofile and /etc/zshrc files do a lot of + # non-standard setup to make zsh usable with no configuration by default. + # + # Which means that unless you explicitly meticulously override everything + # generated, interactions between your ~/.zshrc and these files are likely + # to be rather surprising. + # + # Note however, that you can disable loading of the generated /etc/zprofile + # and /etc/zshrc (you can't disable loading of /etc/zshenv, but it is + # designed to not set anything surprising) by setting `no_global_rcs` option + # in ~/.zshenv: + # + # echo setopt no_global_rcs >> ~/.zshenv + # + # See "STARTUP/SHUTDOWN FILES" section of zsh(1) for more info. + ''; + in { @@ -69,6 +87,10 @@ in promptInit = mkOption { default = '' + # Note that to manually override this in ~/.zshrc you should run `prompt off` + # before setting your PS1 and etc. Otherwise this will likely to interact with + # your ~/.zshrc configuration in unexpected ways as the default prompt sets + # a lot of different prompt variables. autoload -U promptinit && promptinit && prompt walters && setopt prompt_sp ''; description = '' @@ -100,7 +122,8 @@ in ]; example = [ "EXTENDED_HISTORY" "RM_STAR_WAIT" ]; description = '' - Configure zsh options. + Configure zsh options. See + zshoptions1. ''; }; @@ -147,6 +170,14 @@ in . ${config.system.build.setEnvironment} fi + HELPDIR="${pkgs.zsh}/share/zsh/$ZSH_VERSION/help" + + # Tell zsh how to find installed completions. + for p in ''${(z)NIX_PROFILES}; do + fpath+=($p/share/zsh/site-functions $p/share/zsh/$ZSH_VERSION/functions $p/share/zsh/vendor-completions) + done + + # Setup custom shell init stuff. ${cfge.shellInit} ${cfg.shellInit} @@ -161,11 +192,14 @@ in '' # /etc/zprofile: DO NOT EDIT -- this file has been generated automatically. # This file is read for login shells. + # + ${zshStartupNotes} # Only execute this file once per shell. if [ -n "$__ETC_ZPROFILE_SOURCED" ]; then return; fi __ETC_ZPROFILE_SOURCED=1 + # Setup custom login shell init stuff. ${cfge.loginShellInit} ${cfg.loginShellInit} @@ -180,38 +214,44 @@ in '' # /etc/zshrc: DO NOT EDIT -- this file has been generated automatically. # This file is read for interactive shells. + # + ${zshStartupNotes} # Only execute this file once per shell. if [ -n "$__ETC_ZSHRC_SOURCED" -o -n "$NOSYSZSHRC" ]; then return; fi __ETC_ZSHRC_SOURCED=1 - . /etc/zinputrc + ${optionalString (cfg.setOptions != []) '' + # Set zsh options. + setopt ${concatStringsSep " " cfg.setOptions} + ''} - # Don't export these, otherwise other shells (bash) will try to use same histfile + # Setup command line history. + # Don't export these, otherwise other shells (bash) will try to use same HISTFILE. SAVEHIST=${toString cfg.histSize} HISTSIZE=${toString cfg.histSize} HISTFILE=${cfg.histFile} - HELPDIR="${pkgs.zsh}/share/zsh/$ZSH_VERSION/help" + # Configure sane keyboard defaults. + . /etc/zinputrc - # Tell zsh how to find installed completions - for p in ''${(z)NIX_PROFILES}; do - fpath+=($p/share/zsh/site-functions $p/share/zsh/$ZSH_VERSION/functions $p/share/zsh/vendor-completions) - done - - ${optionalString cfg.enableGlobalCompInit "autoload -U compinit && compinit"} + ${optionalString cfg.enableGlobalCompInit '' + # Enable autocompletion. + autoload -U compinit && compinit + ''} + # Setup custom interactive shell init stuff. ${cfge.interactiveShellInit} ${cfg.interactiveShellInit} - ${optionalString (cfg.setOptions != []) "setopt ${concatStringsSep " " cfg.setOptions}"} - + # Setup aliases. ${zshAliases} + # Setup prompt. ${cfg.promptInit} - # Need to disable features to support TRAMP + # Disable some features to support TRAMP. if [ "$TERM" = dumb ]; then unsetopt zle prompt_cr prompt_subst unset RPS1 RPROMPT diff --git a/nixos/modules/security/acme.nix b/nixos/modules/security/acme.nix index 890c421b0ea9..7da6666f79c6 100644 --- a/nixos/modules/security/acme.nix +++ b/nixos/modules/security/acme.nix @@ -1,7 +1,5 @@ { config, lib, pkgs, ... }: - with lib; - let cfg = config.security.acme; @@ -9,7 +7,8 @@ let certOpts = { name, ... }: { options = { webroot = mkOption { - type = types.str; + type = types.nullOr types.str; + default = null; example = "/var/lib/acme/acme-challenges"; description = '' Where the webroot of the HTTP vhost is located. @@ -38,7 +37,7 @@ let email = mkOption { type = types.nullOr types.str; - default = null; + default = cfg.email; description = "Contact email address for the CA to be able to reach you."; }; @@ -76,20 +75,6 @@ let ''; }; - plugins = mkOption { - type = types.listOf (types.enum [ - "cert.der" "cert.pem" "chain.pem" "external.sh" - "fullchain.pem" "full.pem" "key.der" "key.pem" "account_key.json" "account_reg.json" - ]); - default = [ "fullchain.pem" "full.pem" "key.pem" "account_key.json" "account_reg.json" ]; - description = '' - Plugins to enable. With default settings simp_le will - store public certificate bundle in fullchain.pem, - private key in key.pem and those two previous - files combined in full.pem in its state directory. - ''; - }; - directory = mkOption { type = types.str; readOnly = true; @@ -111,6 +96,46 @@ let own server roots if needed. ''; }; + + keyType = mkOption { + type = types.str; + default = "ec384"; + description = '' + Key type to use for private keys. + For an up to date list of supported values check the --key-type option + at https://go-acme.github.io/lego/usage/cli/#usage. + ''; + }; + + dnsProvider = mkOption { + type = types.nullOr types.str; + default = null; + example = "route53"; + description = '' + DNS Challenge provider. For a list of supported providers, see the "code" + field of the DNS providers listed at https://go-acme.github.io/lego/dns/. + ''; + }; + + credentialsFile = mkOption { + type = types.path; + description = '' + Path to an EnvironmentFile for the cert's service containing any required and + optional environment variables for your selected dnsProvider. + To find out what values you need to set, consult the documentation at + https://go-acme.github.io/lego/dns/ for the corresponding dnsProvider. + ''; + example = "/var/src/secrets/example.org-route53-api-token"; + }; + + dnsPropagationCheck = mkOption { + type = types.bool; + default = true; + description = '' + Toggles lego DNS propagation check, which is used alongside DNS-01 + challenge to ensure the DNS entries required are available. + ''; + }; }; }; @@ -130,14 +155,21 @@ in (mkRemovedOptionModule [ "security" "acme" "directory"] "ACME Directory is now hardcoded to /var/lib/acme and its permisisons are managed by systemd. See https://github.com/NixOS/nixpkgs/issues/53852 for more info.") (mkRemovedOptionModule [ "security" "acme" "preDelay"] "This option has been removed. If you want to make sure that something executes before certificates are provisioned, add a RequiredBy=acme-\${cert}.service to the service you want to execute before the cert renewal") (mkRemovedOptionModule [ "security" "acme" "activationDelay"] "This option has been removed. If you want to make sure that something executes before certificates are provisioned, add a RequiredBy=acme-\${cert}.service to the service you want to execute before the cert renewal") + (mkChangedOptionModule [ "security" "acme" "validMin"] [ "security" "acme" "validMinDays"] (config: config.security.acme.validMin / (24 * 3600))) ]; options = { security.acme = { - validMin = mkOption { + validMinDays = mkOption { type = types.int; - default = 30 * 24 * 3600; - description = "Minimum remaining validity before renewal in seconds."; + default = 30; + description = "Minimum remaining validity before renewal in days."; + }; + + email = mkOption { + type = types.nullOr types.str; + default = null; + description = "Contact email address for the CA to be able to reach you."; }; renewInterval = mkOption { @@ -173,6 +205,15 @@ in ''; }; + acceptTerms = mkOption { + type = types.bool; + default = false; + description = '' + Accept the CA's terms of service. The default provier is Let's Encrypt, + you can find their ToS at https://letsencrypt.org/repository/ + ''; + }; + certs = mkOption { default = { }; type = with types; attrsOf (submodule certOpts); @@ -204,27 +245,55 @@ in config = mkMerge [ (mkIf (cfg.certs != { }) { + assertions = let + certs = (mapAttrsToList (k: v: v) cfg.certs); + in [ + { + assertion = all (certOpts: certOpts.dnsProvider == null || certOpts.webroot == null) certs; + message = '' + Options `security.acme.certs..dnsProvider` and + `security.acme.certs..webroot` are mutually exclusive. + ''; + } + { + assertion = cfg.email != null || all (certOpts: certOpts.email != null) certs; + message = '' + You must define `security.acme.certs..email` or + `security.acme.email` to register with the CA. + ''; + } + { + assertion = cfg.acceptTerms; + message = '' + You must accept the CA's terms of service before using + the ACME module by setting `security.acme.acceptTerms` + to `true`. For Let's Encrypt's ToS see https://letsencrypt.org/repository/ + ''; + } + ]; + systemd.services = let services = concatLists servicesLists; servicesLists = mapAttrsToList certToServices cfg.certs; certToServices = cert: data: let + # StateDirectory must be relative, and will be created under /var/lib by systemd lpath = "acme/${cert}"; + apath = "/var/lib/${lpath}"; + spath = "/var/lib/acme/.lego"; rights = if data.allowKeysForGroup then "750" else "700"; - cmdline = [ "-v" "-d" data.domain "--default_root" data.webroot "--valid_min" cfg.validMin ] - ++ optionals (data.email != null) [ "--email" data.email ] - ++ concatMap (p: [ "-f" p ]) data.plugins - ++ concatLists (mapAttrsToList (name: root: [ "-d" (if root == null then name else "${name}:${root}")]) data.extraDomains) + globalOpts = [ "-d" data.domain "--email" data.email "--path" "." "--key-type" data.keyType ] + ++ optionals (cfg.acceptTerms) [ "--accept-tos" ] + ++ optionals (data.dnsProvider != null && !data.dnsPropagationCheck) [ "--dns.disable-cp" ] + ++ concatLists (mapAttrsToList (name: root: [ "-d" name ]) data.extraDomains) + ++ (if data.dnsProvider != null then [ "--dns" data.dnsProvider ] else [ "--http" "--http.webroot" data.webroot ]) ++ optionals (cfg.server != null || data.server != null) ["--server" (if data.server == null then cfg.server else data.server)]; + runOpts = escapeShellArgs (globalOpts ++ [ "run" ]); + renewOpts = escapeShellArgs (globalOpts ++ [ "renew" "--days" (toString cfg.validMinDays) ]); acmeService = { description = "Renew ACME Certificate for ${cert}"; after = [ "network.target" "network-online.target" ]; wants = [ "network-online.target" ]; - # simp_le uses requests, which uses certifi under the hood, - # which doesn't respect the system trust store. - # At least in the acme test, we provision a fake CA, impersonating the LE endpoint. - # REQUESTS_CA_BUNDLE is a way to teach python requests to use something else - environment.REQUESTS_CA_BUNDLE = "/etc/ssl/certs/ca-certificates.crt"; serviceConfig = { Type = "oneshot"; # With RemainAfterExit the service is considered active even @@ -233,18 +302,37 @@ in # the permissions of the StateDirectory get adjusted # according to the specified group RemainAfterExit = true; - SuccessExitStatus = [ "0" "1" ]; User = data.user; Group = data.group; PrivateTmp = true; - StateDirectory = lpath; + StateDirectory = "acme/.lego ${lpath}"; StateDirectoryMode = rights; - WorkingDirectory = "/var/lib/${lpath}"; - ExecStart = "${pkgs.simp_le}/bin/simp_le ${escapeShellArgs cmdline}"; + WorkingDirectory = spath; + # Only try loading the credentialsFile if the dns challenge is enabled + EnvironmentFile = if data.dnsProvider != null then data.credentialsFile else null; + ExecStart = pkgs.writeScript "acme-start" '' + #!${pkgs.runtimeShell} -e + ${pkgs.lego}/bin/lego ${renewOpts} || ${pkgs.lego}/bin/lego ${runOpts} + ''; ExecStartPost = let + keyName = builtins.replaceStrings ["*"] ["_"] data.domain; script = pkgs.writeScript "acme-post-start" '' #!${pkgs.runtimeShell} -e + cd ${apath} + + # Test that existing cert is older than new cert + KEY=${spath}/certificates/${keyName}.key + if [ -e $KEY -a $KEY -nt key.pem ]; then + cp -p ${spath}/certificates/${keyName}.key key.pem + cp -p ${spath}/certificates/${keyName}.crt cert.pem + cp -p ${spath}/certificates/${keyName}.issuer.crt chain.pem + cat cert.pem chain.pem > fullchain.pem + cat key.pem cert.pem chain.pem > full.pem + chmod ${rights} *.pem + chown '${data.user}:${data.group}' *.pem + fi + ${data.postRun} ''; in @@ -276,17 +364,17 @@ in -out $workdir/server.crt # Copy key to destination - cp $workdir/server.key /var/lib/${lpath}/key.pem + cp $workdir/server.key ${apath}/key.pem # Create fullchain.pem (same format as "simp_le ... -f fullchain.pem" creates) - cat $workdir/{server.crt,ca.crt} > "/var/lib/${lpath}/fullchain.pem" + cat $workdir/{server.crt,ca.crt} > "${apath}/fullchain.pem" # Create full.pem for e.g. lighttpd - cat $workdir/{server.key,server.crt,ca.crt} > "/var/lib/${lpath}/full.pem" + cat $workdir/{server.key,server.crt,ca.crt} > "${apath}/full.pem" # Give key acme permissions - chown '${data.user}:${data.group}' "/var/lib/${lpath}/"{key,fullchain,full}.pem - chmod ${rights} "/var/lib/${lpath}/"{key,fullchain,full}.pem + chown '${data.user}:${data.group}' "${apath}/"{key,fullchain,full}.pem + chmod ${rights} "${apath}/"{key,fullchain,full}.pem ''; serviceConfig = { Type = "oneshot"; @@ -297,7 +385,7 @@ in }; unitConfig = { # Do not create self-signed key when key already exists - ConditionPathExists = "!/var/lib/${lpath}/key.pem"; + ConditionPathExists = "!${apath}/key.pem"; }; }; in ( @@ -309,8 +397,7 @@ in servicesAttr; systemd.tmpfiles.rules = - flip mapAttrsToList cfg.certs - (cert: data: "d ${data.webroot}/.well-known/acme-challenge - ${data.user} ${data.group}"); + map (data: "d ${data.webroot}/.well-known/acme-challenge - ${data.user} ${data.group}") (filter (data: data.webroot != null) (attrValues cfg.certs)); systemd.timers = flip mapAttrs' cfg.certs (cert: data: nameValuePair ("acme-${cert}") @@ -334,7 +421,7 @@ in ]; meta = { - maintainers = with lib.maintainers; [ abbradar fpletz globin ]; + maintainers = with lib.maintainers; [ abbradar fpletz globin m1cr0man ]; doc = ./acme.xml; }; } diff --git a/nixos/modules/security/acme.xml b/nixos/modules/security/acme.xml index 9d0a1995e0ff..2b29c1174845 100644 --- a/nixos/modules/security/acme.xml +++ b/nixos/modules/security/acme.xml @@ -7,7 +7,7 @@ NixOS supports automatic domain validation & certificate retrieval and renewal using the ACME protocol. This is currently only implemented by and - for Let's Encrypt. The alternative ACME client simp_le is + for Let's Encrypt. The alternative ACME client lego is used under the hood.
diff --git a/nixos/modules/security/sudo.nix b/nixos/modules/security/sudo.nix index d899806ef058..e3e43177def3 100644 --- a/nixos/modules/security/sudo.nix +++ b/nixos/modules/security/sudo.nix @@ -71,23 +71,25 @@ in this is the case when configuration options are merged. ''; default = []; - example = [ - # Allow execution of any command by all users in group sudo, - # requiring a password. - { groups = [ "sudo" ]; commands = [ "ALL" ]; } + example = literalExample '' + [ + # Allow execution of any command by all users in group sudo, + # requiring a password. + { groups = [ "sudo" ]; commands = [ "ALL" ]; } - # Allow execution of "/home/root/secret.sh" by user `backup`, `database` - # and the group with GID `1006` without a password. - { users = [ "backup" "database" ]; groups = [ 1006 ]; - commands = [ { command = "/home/root/secret.sh"; options = [ "SETENV" "NOPASSWD" ]; } ]; } + # Allow execution of "/home/root/secret.sh" by user `backup`, `database` + # and the group with GID `1006` without a password. + { users = [ "backup" "database" ]; groups = [ 1006 ]; + commands = [ { command = "/home/root/secret.sh"; options = [ "SETENV" "NOPASSWD" ]; } ]; } - # Allow all users of group `bar` to run two executables as user `foo` - # with arguments being pre-set. - { groups = [ "bar" ]; runAs = "foo"; - commands = - [ "/home/baz/cmd1.sh hello-sudo" - { command = ''/home/baz/cmd2.sh ""''; options = [ "SETENV" ]; } ]; } - ]; + # Allow all users of group `bar` to run two executables as user `foo` + # with arguments being pre-set. + { groups = [ "bar" ]; runAs = "foo"; + commands = + [ "/home/baz/cmd1.sh hello-sudo" + { command = '''/home/baz/cmd2.sh ""'''; options = [ "SETENV" ]; } ]; } + ] + ''; type = with types; listOf (submodule { options = { users = mkOption { diff --git a/nixos/modules/services/audio/mopidy.nix b/nixos/modules/services/audio/mopidy.nix index a534b692f177..d30c227db429 100644 --- a/nixos/modules/services/audio/mopidy.nix +++ b/nixos/modules/services/audio/mopidy.nix @@ -13,11 +13,11 @@ let mopidyEnv = buildEnv { name = "mopidy-with-extensions-${mopidy.version}"; paths = closePropagation cfg.extensionPackages; - pathsToLink = [ "/${python.sitePackages}" ]; + pathsToLink = [ "/${python3.sitePackages}" ]; buildInputs = [ makeWrapper ]; postBuild = '' makeWrapper ${mopidy}/bin/mopidy $out/bin/mopidy \ - --prefix PYTHONPATH : $out/${python.sitePackages} + --prefix PYTHONPATH : $out/${python3.sitePackages} ''; }; in { diff --git a/nixos/modules/services/backup/sanoid.nix b/nixos/modules/services/backup/sanoid.nix new file mode 100644 index 000000000000..0472fb4ba1e7 --- /dev/null +++ b/nixos/modules/services/backup/sanoid.nix @@ -0,0 +1,213 @@ +{ config, lib, pkgs, ... }: + +with lib; + +let + cfg = config.services.sanoid; + + datasetSettingsType = with types; + (attrsOf (nullOr (oneOf [ str int bool (listOf str) ]))) // { + description = "dataset/template options"; + }; + + # Default values from https://github.com/jimsalterjrs/sanoid/blob/master/sanoid.defaults.conf + + commonOptions = { + hourly = mkOption { + description = "Number of hourly snapshots."; + type = types.ints.unsigned; + default = 48; + }; + + daily = mkOption { + description = "Number of daily snapshots."; + type = types.ints.unsigned; + default = 90; + }; + + monthly = mkOption { + description = "Number of monthly snapshots."; + type = types.ints.unsigned; + default = 6; + }; + + yearly = mkOption { + description = "Number of yearly snapshots."; + type = types.ints.unsigned; + default = 0; + }; + + autoprune = mkOption { + description = "Whether to automatically prune old snapshots."; + type = types.bool; + default = true; + }; + + autosnap = mkOption { + description = "Whether to automatically take snapshots."; + type = types.bool; + default = true; + }; + + settings = mkOption { + description = '' + Free-form settings for this template/dataset. See + + for allowed values. + ''; + type = datasetSettingsType; + }; + }; + + commonConfig = config: { + settings = { + hourly = mkDefault config.hourly; + daily = mkDefault config.daily; + monthly = mkDefault config.monthly; + yearly = mkDefault config.yearly; + autoprune = mkDefault config.autoprune; + autosnap = mkDefault config.autosnap; + }; + }; + + datasetOptions = { + useTemplate = mkOption { + description = "Names of the templates to use for this dataset."; + type = (types.listOf (types.enum (attrNames cfg.templates))) // { + description = "list of template names"; + }; + default = []; + }; + + recursive = mkOption { + description = "Whether to recursively snapshot dataset children."; + type = types.bool; + default = false; + }; + + processChildrenOnly = mkOption { + description = "Whether to only snapshot child datasets if recursing."; + type = types.bool; + default = false; + }; + }; + + datasetConfig = config: { + settings = { + use_template = mkDefault config.useTemplate; + recursive = mkDefault config.recursive; + process_children_only = mkDefault config.processChildrenOnly; + }; + }; + + # Extract pool names from configured datasets + pools = unique (map (d: head (builtins.match "([^/]+).*" d)) (attrNames cfg.datasets)); + + configFile = let + mkValueString = v: + if builtins.isList v then concatStringsSep "," v + else generators.mkValueStringDefault {} v; + + mkKeyValue = k: v: if v == null then "" + else generators.mkKeyValueDefault { inherit mkValueString; } "=" k v; + in generators.toINI { inherit mkKeyValue; } cfg.settings; + + configDir = pkgs.writeTextDir "sanoid.conf" configFile; + +in { + + # Interface + + options.services.sanoid = { + enable = mkEnableOption "Sanoid ZFS snapshotting service"; + + interval = mkOption { + type = types.str; + default = "hourly"; + example = "daily"; + description = '' + Run sanoid at this interval. The default is to run hourly. + + The format is described in + systemd.time + 7. + ''; + }; + + datasets = mkOption { + type = types.attrsOf (types.submodule ({ config, ... }: { + options = commonOptions // datasetOptions; + config = mkMerge [ (commonConfig config) (datasetConfig config) ]; + })); + default = {}; + description = "Datasets to snapshot."; + }; + + templates = mkOption { + type = types.attrsOf (types.submodule ({ config, ... }: { + options = commonOptions; + config = commonConfig config; + })); + default = {}; + description = "Templates for datasets."; + }; + + settings = mkOption { + type = types.attrsOf datasetSettingsType; + description = '' + Free-form settings written directly to the config file. See + + for allowed values. + ''; + }; + + extraArgs = mkOption { + type = types.listOf types.str; + default = []; + example = [ "--verbose" "--readonly" "--debug" ]; + description = '' + Extra arguments to pass to sanoid. See + + for allowed options. + ''; + }; + }; + + # Implementation + + config = mkIf cfg.enable { + services.sanoid.settings = mkMerge [ + (mapAttrs' (d: v: nameValuePair ("template_" + d) v.settings) cfg.templates) + (mapAttrs (d: v: v.settings) cfg.datasets) + ]; + + systemd.services.sanoid = { + description = "Sanoid snapshot service"; + serviceConfig = { + ExecStartPre = map (pool: lib.escapeShellArgs [ + "+/run/booted-system/sw/bin/zfs" "allow" + "sanoid" "snapshot,mount,destroy" pool + ]) pools; + ExecStart = lib.escapeShellArgs ([ + "${pkgs.sanoid}/bin/sanoid" + "--cron" + "--configdir" configDir + ] ++ cfg.extraArgs); + ExecStopPost = map (pool: lib.escapeShellArgs [ + "+/run/booted-system/sw/bin/zfs" "unallow" "sanoid" pool + ]) pools; + User = "sanoid"; + Group = "sanoid"; + DynamicUser = true; + RuntimeDirectory = "sanoid"; + CacheDirectory = "sanoid"; + }; + # Prevents missing snapshots during DST changes + environment.TZ = "UTC"; + after = [ "zfs.target" ]; + startAt = cfg.interval; + }; + }; + + meta.maintainers = with maintainers; [ lopsided98 ]; + } diff --git a/nixos/modules/services/backup/syncoid.nix b/nixos/modules/services/backup/syncoid.nix new file mode 100644 index 000000000000..53787a0182af --- /dev/null +++ b/nixos/modules/services/backup/syncoid.nix @@ -0,0 +1,168 @@ +{ config, lib, pkgs, ... }: + +with lib; + +let + cfg = config.services.syncoid; +in { + + # Interface + + options.services.syncoid = { + enable = mkEnableOption "Syncoid ZFS synchronization service"; + + interval = mkOption { + type = types.str; + default = "hourly"; + example = "*-*-* *:15:00"; + description = '' + Run syncoid at this interval. The default is to run hourly. + + The format is described in + systemd.time + 7. + ''; + }; + + user = mkOption { + type = types.str; + default = "root"; + example = "backup"; + description = '' + The user for the service. Sudo or ZFS privilege delegation must be + configured to use a user other than root. + ''; + }; + + sshKey = mkOption { + type = types.nullOr types.path; + # Prevent key from being copied to store + apply = mapNullable toString; + default = null; + description = '' + SSH private key file to use to login to the remote system. Can be + overridden in individual commands. + ''; + }; + + commonArgs = mkOption { + type = types.listOf types.str; + default = []; + example = [ "--no-sync-snap" ]; + description = '' + Arguments to add to every syncoid command, unless disabled for that + command. See + + for available options. + ''; + }; + + commands = mkOption { + type = types.attrsOf (types.submodule ({ name, ... }: { + options = { + source = mkOption { + type = types.str; + example = "pool/dataset"; + description = '' + Source ZFS dataset. Can be either local or remote. Defaults to + the attribute name. + ''; + }; + + target = mkOption { + type = types.str; + example = "user@server:pool/dataset"; + description = '' + Target ZFS dataset. Can be either local + (pool/dataset) or remote + (user@server:pool/dataset). + ''; + }; + + recursive = mkOption { + type = types.bool; + default = false; + description = '' + Whether to also transfer child datasets. + ''; + }; + + sshKey = mkOption { + type = types.nullOr types.path; + # Prevent key from being copied to store + apply = mapNullable toString; + description = '' + SSH private key file to use to login to the remote system. + Defaults to option. + ''; + }; + + sendOptions = mkOption { + type = types.separatedString " "; + default = ""; + example = "Lc e"; + description = '' + Advanced options to pass to zfs send. Options are specified + without their leading dashes and separated by spaces. + ''; + }; + + recvOptions = mkOption { + type = types.separatedString " "; + default = ""; + example = "ux recordsize o compression=lz4"; + description = '' + Advanced options to pass to zfs recv. Options are specified + without their leading dashes and separated by spaces. + ''; + }; + + useCommonArgs = mkOption { + type = types.bool; + default = true; + description = '' + Whether to add the configured common arguments to this command. + ''; + }; + + extraArgs = mkOption { + type = types.listOf types.str; + default = []; + example = [ "--sshport 2222" ]; + description = "Extra syncoid arguments for this command."; + }; + }; + config = { + source = mkDefault name; + sshKey = mkDefault cfg.sshKey; + }; + })); + default = {}; + example."pool/test".target = "root@target:pool/test"; + description = "Syncoid commands to run."; + }; + }; + + # Implementation + + config = mkIf cfg.enable { + systemd.services.syncoid = { + description = "Syncoid ZFS synchronization service"; + script = concatMapStringsSep "\n" (c: lib.escapeShellArgs + ([ "${pkgs.sanoid}/bin/syncoid" ] + ++ (optionals c.useCommonArgs cfg.commonArgs) + ++ (optional c.recursive "-r") + ++ (optionals (c.sshKey != null) [ "--sshkey" c.sshKey ]) + ++ c.extraArgs + ++ [ "--sendoptions" c.sendOptions + "--recvoptions" c.recvOptions + c.source c.target + ])) (attrValues cfg.commands); + after = [ "zfs.target" ]; + serviceConfig.User = cfg.user; + startAt = cfg.interval; + }; + }; + + meta.maintainers = with maintainers; [ lopsided98 ]; + } diff --git a/nixos/modules/services/mail/sympa.nix b/nixos/modules/services/mail/sympa.nix new file mode 100644 index 000000000000..c3ae9d4255b0 --- /dev/null +++ b/nixos/modules/services/mail/sympa.nix @@ -0,0 +1,596 @@ +{ config, lib, pkgs, ... }: + +with lib; + +let + cfg = config.services.sympa; + dataDir = "/var/lib/sympa"; + user = "sympa"; + group = "sympa"; + pkg = pkgs.sympa; + fqdns = attrNames cfg.domains; + usingNginx = cfg.web.enable && cfg.web.server == "nginx"; + mysqlLocal = cfg.database.createLocally && cfg.database.type == "MySQL"; + pgsqlLocal = cfg.database.createLocally && cfg.database.type == "PostgreSQL"; + + sympaSubServices = [ + "sympa-archive.service" + "sympa-bounce.service" + "sympa-bulk.service" + "sympa-task.service" + ]; + + # common for all services including wwsympa + commonServiceConfig = { + StateDirectory = "sympa"; + ProtectHome = true; + ProtectSystem = "full"; + ProtectKernelTunables = true; + ProtectKernelModules = true; + ProtectControlGroups = true; + }; + + # wwsympa has its own service config + sympaServiceConfig = srv: { + Type = "simple"; + Restart = "always"; + ExecStart = "${pkg}/bin/${srv}.pl --foreground"; + PIDFile = "/run/sympa/${srv}.pid"; + User = user; + Group = group; + + # avoid duplicating log messageges in journal + StandardError = "null"; + } // commonServiceConfig; + + configVal = value: + if isBool value then + if value then "on" else "off" + else toString value; + configGenerator = c: concatStrings (flip mapAttrsToList c (key: val: "${key}\t${configVal val}\n")); + + mainConfig = pkgs.writeText "sympa.conf" (configGenerator cfg.settings); + robotConfig = fqdn: domain: pkgs.writeText "${fqdn}-robot.conf" (configGenerator domain.settings); + + transport = pkgs.writeText "transport.sympa" (concatStringsSep "\n" (flip map fqdns (domain: '' + ${domain} error:User unknown in recipient table + sympa@${domain} sympa:sympa@${domain} + listmaster@${domain} sympa:listmaster@${domain} + bounce@${domain} sympabounce:sympa@${domain} + abuse-feedback-report@${domain} sympabounce:sympa@${domain} + ''))); + + virtual = pkgs.writeText "virtual.sympa" (concatStringsSep "\n" (flip map fqdns (domain: '' + sympa-request@${domain} postmaster@localhost + sympa-owner@${domain} postmaster@localhost + ''))); + + listAliases = pkgs.writeText "list_aliases.tt2" '' + #--- [% list.name %]@[% list.domain %]: list transport map created at [% date %] + [% list.name %]@[% list.domain %] sympa:[% list.name %]@[% list.domain %] + [% list.name %]-request@[% list.domain %] sympa:[% list.name %]-request@[% list.domain %] + [% list.name %]-editor@[% list.domain %] sympa:[% list.name %]-editor@[% list.domain %] + #[% list.name %]-subscribe@[% list.domain %] sympa:[% list.name %]-subscribe@[%list.domain %] + [% list.name %]-unsubscribe@[% list.domain %] sympa:[% list.name %]-unsubscribe@[% list.domain %] + [% list.name %][% return_path_suffix %]@[% list.domain %] sympabounce:[% list.name %]@[% list.domain %] + ''; + + enabledFiles = filterAttrs (n: v: v.enable) cfg.settingsFile; +in +{ + + ###### interface + options.services.sympa = with types; { + + enable = mkEnableOption "Sympa mailing list manager"; + + lang = mkOption { + type = str; + default = "en_US"; + example = "cs"; + description = '' + Default Sympa language. + See + for available options. + ''; + }; + + listMasters = mkOption { + type = listOf str; + example = [ "postmaster@sympa.example.org" ]; + description = '' + The list of the email addresses of the listmasters + (users authorized to perform global server commands). + ''; + }; + + mainDomain = mkOption { + type = nullOr str; + default = null; + example = "lists.example.org"; + description = '' + Main domain to be used in sympa.conf. + If null, one of the is chosen for you. + ''; + }; + + domains = mkOption { + type = attrsOf (submodule ({ name, config, ... }: { + options = { + webHost = mkOption { + type = nullOr str; + default = null; + example = "archive.example.org"; + description = '' + Domain part of the web interface URL (no web interface for this domain if null). + DNS record of type A (or AAAA or CNAME) has to exist with this value. + ''; + }; + webLocation = mkOption { + type = str; + default = "/"; + example = "/sympa"; + description = "URL path part of the web interface."; + }; + settings = mkOption { + type = attrsOf (oneOf [ str int bool ]); + default = {}; + example = { + default_max_list_members = 3; + }; + description = '' + The robot.conf configuration file as key value set. + See + for list of configuration parameters. + ''; + }; + }; + + config.settings = mkIf (cfg.web.enable && config.webHost != null) { + wwsympa_url = mkDefault "https://${config.webHost}${strings.removeSuffix "/" config.webLocation}"; + }; + })); + + description = '' + Email domains handled by this instance. There have + to be MX records for keys of this attribute set. + ''; + example = literalExample '' + { + "lists.example.org" = { + webHost = "lists.example.org"; + webLocation = "/"; + }; + "sympa.example.com" = { + webHost = "example.com"; + webLocation = "/sympa"; + }; + } + ''; + }; + + database = { + type = mkOption { + type = enum [ "SQLite" "PostgreSQL" "MySQL" ]; + default = "SQLite"; + example = "MySQL"; + description = "Database engine to use."; + }; + + host = mkOption { + type = nullOr str; + default = null; + description = '' + Database host address. + + For MySQL, use localhost to connect using Unix domain socket. + + For PostgreSQL, use path to directory (e.g. /run/postgresql) + to connect using Unix domain socket located in this directory. + + Use null to fall back on Sympa default, or when using + . + ''; + }; + + port = mkOption { + type = nullOr port; + default = null; + description = "Database port. Use null for default port."; + }; + + name = mkOption { + type = str; + default = if cfg.database.type == "SQLite" then "${dataDir}/sympa.sqlite" else "sympa"; + defaultText = ''if database.type == "SQLite" then "${dataDir}/sympa.sqlite" else "sympa"''; + description = '' + Database name. When using SQLite this must be an absolute + path to the database file. + ''; + }; + + user = mkOption { + type = nullOr str; + default = user; + description = "Database user. The system user name is used as a default."; + }; + + passwordFile = mkOption { + type = nullOr path; + default = null; + example = "/run/keys/sympa-dbpassword"; + description = '' + A file containing the password for . + ''; + }; + + createLocally = mkOption { + type = bool; + default = true; + description = "Whether to create a local database automatically."; + }; + }; + + web = { + enable = mkOption { + type = bool; + default = true; + description = "Whether to enable Sympa web interface."; + }; + + server = mkOption { + type = enum [ "nginx" "none" ]; + default = "nginx"; + description = '' + The webserver used for the Sympa web interface. Set it to `none` if you want to configure it yourself. + Further nginx configuration can be done by adapting + . + ''; + }; + + https = mkOption { + type = bool; + default = true; + description = '' + Whether to use HTTPS. When nginx integration is enabled, this option forces SSL and enables ACME. + Please note that Sympa web interface always uses https links even when this option is disabled. + ''; + }; + + fcgiProcs = mkOption { + type = ints.positive; + default = 2; + description = "Number of FastCGI processes to fork."; + }; + }; + + mta = { + type = mkOption { + type = enum [ "postfix" "none" ]; + default = "postfix"; + description = '' + Mail transfer agent (MTA) integration. Use none if you want to configure it yourself. + + The postfix integration sets up local Postfix instance that will pass incoming + messages from configured domains to Sympa. You still need to configure at least outgoing message + handling using e.g. . + ''; + }; + }; + + settings = mkOption { + type = attrsOf (oneOf [ str int bool ]); + default = {}; + example = literalExample '' + { + default_home = "lists"; + viewlogs_page_size = 50; + } + ''; + description = '' + The sympa.conf configuration file as key value set. + See + for list of configuration parameters. + ''; + }; + + settingsFile = mkOption { + type = attrsOf (submodule ({ name, config, ... }: { + options = { + enable = mkOption { + type = bool; + default = true; + description = "Whether this file should be generated. This option allows specific files to be disabled."; + }; + text = mkOption { + default = null; + type = nullOr lines; + description = "Text of the file."; + }; + source = mkOption { + type = path; + description = "Path of the source file."; + }; + }; + + config.source = mkIf (config.text != null) (mkDefault (pkgs.writeText "sympa-${baseNameOf name}" config.text)); + })); + default = {}; + example = literalExample '' + { + "list_data/lists.example.org/help" = { + text = "subject This list provides help to users"; + }; + } + ''; + description = "Set of files to be linked in ${dataDir}."; + }; + }; + + ###### implementation + + config = mkIf cfg.enable { + + services.sympa.settings = (mapAttrs (_: v: mkDefault v) { + domain = if cfg.mainDomain != null then cfg.mainDomain else head fqdns; + listmaster = concatStringsSep "," cfg.listMasters; + lang = cfg.lang; + + home = "${dataDir}/list_data"; + arc_path = "${dataDir}/arc"; + bounce_path = "${dataDir}/bounce"; + + sendmail = "${pkgs.system-sendmail}/bin/sendmail"; + + db_type = cfg.database.type; + db_name = cfg.database.name; + } + // (optionalAttrs (cfg.database.host != null) { + db_host = cfg.database.host; + }) + // (optionalAttrs mysqlLocal { + db_host = "localhost"; # use unix domain socket + }) + // (optionalAttrs pgsqlLocal { + db_host = "/run/postgresql"; # use unix domain socket + }) + // (optionalAttrs (cfg.database.port != null) { + db_port = cfg.database.port; + }) + // (optionalAttrs (cfg.database.user != null) { + db_user = cfg.database.user; + }) + // (optionalAttrs (cfg.mta.type == "postfix") { + sendmail_aliases = "${dataDir}/sympa_transport"; + aliases_program = "${pkgs.postfix}/bin/postmap"; + aliases_db_type = "hash"; + }) + // (optionalAttrs cfg.web.enable { + static_content_path = "${dataDir}/static_content"; + css_path = "${dataDir}/static_content/css"; + pictures_path = "${dataDir}/static_content/pictures"; + mhonarc = "${pkgs.perlPackages.MHonArc}/bin/mhonarc"; + })); + + services.sympa.settingsFile = { + "virtual.sympa" = mkDefault { source = virtual; }; + "transport.sympa" = mkDefault { source = transport; }; + "etc/list_aliases.tt2" = mkDefault { source = listAliases; }; + } + // (flip mapAttrs' cfg.domains (fqdn: domain: + nameValuePair "etc/${fqdn}/robot.conf" (mkDefault { source = robotConfig fqdn domain; }))); + + environment = { + systemPackages = [ pkg ]; + }; + + users.users.${user} = { + description = "Sympa mailing list manager user"; + group = group; + home = dataDir; + createHome = false; + isSystemUser = true; + }; + + users.groups.${group} = {}; + + assertions = [ + { assertion = cfg.database.createLocally -> cfg.database.user == user; + message = "services.sympa.database.user must be set to ${user} if services.sympa.database.createLocally is set to true"; + } + { assertion = cfg.database.createLocally -> cfg.database.passwordFile == null; + message = "a password cannot be specified if services.sympa.database.createLocally is set to true"; + } + ]; + + systemd.tmpfiles.rules = [ + "d ${dataDir} 0711 ${user} ${group} - -" + "d ${dataDir}/etc 0700 ${user} ${group} - -" + "d ${dataDir}/spool 0700 ${user} ${group} - -" + "d ${dataDir}/list_data 0700 ${user} ${group} - -" + "d ${dataDir}/arc 0700 ${user} ${group} - -" + "d ${dataDir}/bounce 0700 ${user} ${group} - -" + "f ${dataDir}/sympa_transport 0600 ${user} ${group} - -" + + # force-copy static_content so it's up to date with package + # set permissions for wwsympa which needs write access (...) + "R ${dataDir}/static_content - - - - -" + "C ${dataDir}/static_content 0711 ${user} ${group} - ${pkg}/static_content" + "e ${dataDir}/static_content/* 0711 ${user} ${group} - -" + + "d /run/sympa 0755 ${user} ${group} - -" + ] + ++ (flip concatMap fqdns (fqdn: [ + "d ${dataDir}/etc/${fqdn} 0700 ${user} ${group} - -" + "d ${dataDir}/list_data/${fqdn} 0700 ${user} ${group} - -" + ])) + #++ (flip mapAttrsToList enabledFiles (k: v: + # "L+ ${dataDir}/${k} - - - - ${v.source}" + #)) + ++ (concatLists (flip mapAttrsToList enabledFiles (k: v: [ + # sympa doesn't handle symlinks well (e.g. fails to create locks) + # force-copy instead + "R ${dataDir}/${k} - - - - -" + "C ${dataDir}/${k} 0700 ${user} ${group} - ${v.source}" + ]))); + + systemd.services.sympa = { + description = "Sympa mailing list manager"; + + wantedBy = [ "multi-user.target" ]; + after = [ "network-online.target" ]; + wants = sympaSubServices; + before = sympaSubServices; + serviceConfig = sympaServiceConfig "sympa_msg"; + + preStart = '' + umask 0077 + + cp -f ${mainConfig} ${dataDir}/etc/sympa.conf + ${optionalString (cfg.database.passwordFile != null) '' + chmod u+w ${dataDir}/etc/sympa.conf + echo -n "db_passwd " >> ${dataDir}/etc/sympa.conf + cat ${cfg.database.passwordFile} >> ${dataDir}/etc/sympa.conf + ''} + + ${optionalString (cfg.mta.type == "postfix") '' + ${pkgs.postfix}/bin/postmap hash:${dataDir}/virtual.sympa + ${pkgs.postfix}/bin/postmap hash:${dataDir}/transport.sympa + ''} + ${pkg}/bin/sympa_newaliases.pl + ${pkg}/bin/sympa.pl --health_check + ''; + }; + systemd.services.sympa-archive = { + description = "Sympa mailing list manager (archiving)"; + bindsTo = [ "sympa.service" ]; + serviceConfig = sympaServiceConfig "archived"; + }; + systemd.services.sympa-bounce = { + description = "Sympa mailing list manager (bounce processing)"; + bindsTo = [ "sympa.service" ]; + serviceConfig = sympaServiceConfig "bounced"; + }; + systemd.services.sympa-bulk = { + description = "Sympa mailing list manager (message distribution)"; + bindsTo = [ "sympa.service" ]; + serviceConfig = sympaServiceConfig "bulk"; + }; + systemd.services.sympa-task = { + description = "Sympa mailing list manager (task management)"; + bindsTo = [ "sympa.service" ]; + serviceConfig = sympaServiceConfig "task_manager"; + }; + + systemd.services.wwsympa = mkIf usingNginx { + wantedBy = [ "multi-user.target" ]; + after = [ "sympa.service" ]; + serviceConfig = { + Type = "forking"; + PIDFile = "/run/sympa/wwsympa.pid"; + Restart = "always"; + ExecStart = ''${pkgs.spawn_fcgi}/bin/spawn-fcgi \ + -u ${user} \ + -g ${group} \ + -U nginx \ + -M 0600 \ + -F ${toString cfg.web.fcgiProcs} \ + -P /run/sympa/wwsympa.pid \ + -s /run/sympa/wwsympa.socket \ + -- ${pkg}/bin/wwsympa.fcgi + ''; + + } // commonServiceConfig; + }; + + services.nginx.enable = mkIf usingNginx true; + services.nginx.virtualHosts = mkIf usingNginx (let + vHosts = unique (remove null (mapAttrsToList (_k: v: v.webHost) cfg.domains)); + hostLocations = host: map (v: v.webLocation) (filter (v: v.webHost == host) (attrValues cfg.domains)); + httpsOpts = optionalAttrs cfg.web.https { forceSSL = mkDefault true; enableACME = mkDefault true; }; + in + genAttrs vHosts (host: { + locations = genAttrs (hostLocations host) (loc: { + extraConfig = '' + include ${config.services.nginx.package}/conf/fastcgi_params; + + fastcgi_pass unix:/run/sympa/wwsympa.socket; + fastcgi_split_path_info ^(${loc})(.*)$; + + fastcgi_param PATH_INFO $fastcgi_path_info; + fastcgi_param SCRIPT_FILENAME ${pkg}/bin/wwsympa.fcgi; + ''; + }) // { + "/static-sympa/".alias = "${dataDir}/static_content/"; + }; + } // httpsOpts)); + + services.postfix = mkIf (cfg.mta.type == "postfix") { + enable = true; + recipientDelimiter = "+"; + config = { + virtual_alias_maps = [ "hash:${dataDir}/virtual.sympa" ]; + virtual_mailbox_maps = [ + "hash:${dataDir}/transport.sympa" + "hash:${dataDir}/sympa_transport" + "hash:${dataDir}/virtual.sympa" + ]; + virtual_mailbox_domains = [ "hash:${dataDir}/transport.sympa" ]; + transport_maps = [ + "hash:${dataDir}/transport.sympa" + "hash:${dataDir}/sympa_transport" + ]; + }; + masterConfig = { + "sympa" = { + type = "unix"; + privileged = true; + chroot = false; + command = "pipe"; + args = [ + "flags=hqRu" + "user=${user}" + "argv=${pkg}/bin/queue" + "\${nexthop}" + ]; + }; + "sympabounce" = { + type = "unix"; + privileged = true; + chroot = false; + command = "pipe"; + args = [ + "flags=hqRu" + "user=${user}" + "argv=${pkg}/bin/bouncequeue" + "\${nexthop}" + ]; + }; + }; + }; + + services.mysql = optionalAttrs mysqlLocal { + enable = true; + package = mkDefault pkgs.mariadb; + ensureDatabases = [ cfg.database.name ]; + ensureUsers = [ + { name = cfg.database.user; + ensurePermissions = { "${cfg.database.name}.*" = "ALL PRIVILEGES"; }; + } + ]; + }; + + services.postgresql = optionalAttrs pgsqlLocal { + enable = true; + ensureDatabases = [ cfg.database.name ]; + ensureUsers = [ + { name = cfg.database.user; + ensurePermissions = { "DATABASE ${cfg.database.name}" = "ALL PRIVILEGES"; }; + } + ]; + }; + + }; + + meta.maintainers = with maintainers; [ mmilata sorki ]; +} diff --git a/nixos/modules/services/networking/minidlna.nix b/nixos/modules/services/networking/minidlna.nix index 3ddea3c9757b..c580ba47dad3 100644 --- a/nixos/modules/services/networking/minidlna.nix +++ b/nixos/modules/services/networking/minidlna.nix @@ -95,6 +95,22 @@ in ''; }; + services.minidlna.announceInterval = mkOption { + type = types.int; + default = 895; + description = + '' + The interval between announces (in seconds). + + By default miniDLNA will announce its presence on the network + approximately every 15 minutes. + + Many people prefer shorter announce intervals (e.g. 60 seconds) + on their home networks, especially when DLNA clients are + started on demand. + ''; + }; + services.minidlna.config = mkOption { type = types.lines; description = @@ -144,6 +160,7 @@ in ${concatMapStrings (dir: '' media_dir=${dir} '') cfg.mediaDirs} + notify_interval=${toString cfg.announceInterval} ${cfg.extraConfig} ''; diff --git a/nixos/modules/services/web-apps/grocy.nix b/nixos/modules/services/web-apps/grocy.nix new file mode 100644 index 000000000000..568bdfd0c429 --- /dev/null +++ b/nixos/modules/services/web-apps/grocy.nix @@ -0,0 +1,172 @@ +{ config, lib, pkgs, ... }: + +with lib; + +let + cfg = config.services.grocy; +in { + options.services.grocy = { + enable = mkEnableOption "grocy"; + + hostName = mkOption { + type = types.str; + description = '' + FQDN for the grocy instance. + ''; + }; + + nginx.enableSSL = mkOption { + type = types.bool; + default = true; + description = '' + Whether or not to enable SSL (with ACME and let's encrypt) + for the grocy vhost. + ''; + }; + + phpfpm.settings = mkOption { + type = with types; attrsOf (oneOf [ int str bool ]); + default = { + "pm" = "dynamic"; + "php_admin_value[error_log]" = "stderr"; + "php_admin_flag[log_errors]" = true; + "listen.owner" = "nginx"; + "catch_workers_output" = true; + "pm.max_children" = "32"; + "pm.start_servers" = "2"; + "pm.min_spare_servers" = "2"; + "pm.max_spare_servers" = "4"; + "pm.max_requests" = "500"; + }; + + description = '' + Options for grocy's PHPFPM pool. + ''; + }; + + dataDir = mkOption { + type = types.str; + default = "/var/lib/grocy"; + description = '' + Home directory of the grocy user which contains + the application's state. + ''; + }; + + settings = { + currency = mkOption { + type = types.str; + default = "USD"; + example = "EUR"; + description = '' + ISO 4217 code for the currency to display. + ''; + }; + + culture = mkOption { + type = types.enum [ "de" "en" "da" "en_GB" "es" "fr" "hu" "it" "nl" "no" "pl" "pt_BR" "ru" "sk_SK" "sv_SE" "tr" ]; + default = "en"; + description = '' + Display language of the frontend. + ''; + }; + + calendar = { + showWeekNumber = mkOption { + default = true; + type = types.bool; + description = '' + Show the number of the weeks in the calendar views. + ''; + }; + firstDayOfWeek = mkOption { + default = null; + type = types.nullOr (types.enum (range 0 6)); + description = '' + Which day of the week (0=Sunday, 1=Monday etc.) should be the + first day. + ''; + }; + }; + }; + }; + + config = mkIf cfg.enable { + environment.etc."grocy/config.php".text = '' + + + Grocy + + Grocy is a web-based self-hosted groceries + & household management solution for your home. + + +
+ Basic usage + + A very basic configuration may look like this: +{ pkgs, ... }: +{ + services.grocy = { + enable = true; + hostName = "grocy.tld"; + }; +} + This configures a simple vhost using nginx + which listens to grocy.tld with fully configured ACME/LE (this can be + disabled by setting services.grocy.nginx.enableSSL + to false). After the initial setup the credentials admin:admin + can be used to login. + + + The application's state is persisted at /var/lib/grocy/grocy.db in a + sqlite3 database. The migration is applied when requesting the /-route + of the application. + +
+ +
+ Settings + + The configuration for grocy is located at /etc/grocy/config.php. + By default, the following settings can be defined in the NixOS-configuration: +{ pkgs, ... }: +{ + services.grocy.settings = { + # The default currency in the system for invoices etc. + # Please note that exchange rates aren't taken into account, this + # is just the setting for what's shown in the frontend. + currency = "EUR"; + + # The display language (and locale configuration) for grocy. + culture = "de"; + + calendar = { + # Whether or not to show the week-numbers + # in the calendar. + showWeekNumber = true; + + # Index of the first day to be shown in the calendar (0=Sunday, 1=Monday, + # 2=Tuesday and so on). + firstDayOfWeek = 2; + }; + }; +} + + + If you want to alter the configuration file on your own, you can do this manually with + an expression like this: +{ lib, ... }: +{ + environment.etc."grocy/config.php".text = lib.mkAfter '' + // Arbitrary PHP code in grocy's configuration file + ''; +} + +
+ + diff --git a/nixos/modules/system/boot/loader/grub/memtest.nix b/nixos/modules/system/boot/loader/grub/memtest.nix index 94e5a14174b0..71e50dd0577e 100644 --- a/nixos/modules/system/boot/loader/grub/memtest.nix +++ b/nixos/modules/system/boot/loader/grub/memtest.nix @@ -1,4 +1,4 @@ -# This module adds Memtest86+ to the GRUB boot menu. +# This module adds Memtest86+/Memtest86 to the GRUB boot menu. { config, lib, pkgs, ... }: @@ -6,6 +6,7 @@ with lib; let memtest86 = pkgs.memtest86plus; + efiSupport = config.boot.loader.grub.efiSupport; cfg = config.boot.loader.grub.memtest86; in @@ -18,8 +19,11 @@ in default = false; type = types.bool; description = '' - Make Memtest86+, a memory testing program, available from the - GRUB boot menu. + Make Memtest86+ (or MemTest86 if EFI support is enabled), + a memory testing program, available from the + GRUB boot menu. MemTest86 is an unfree program, so + this requires allowUnfree to be set to + true. ''; }; @@ -75,19 +79,38 @@ in }; }; - config = mkIf cfg.enable { + config = mkMerge [ + (mkIf (cfg.enable && efiSupport) { + assertions = [ + { + assertion = cfg.params == []; + message = "Parameters are not available for MemTest86"; + } + ]; - boot.loader.grub.extraEntries = - if config.boot.loader.grub.version == 2 then - '' - menuentry "Memtest86+" { - linux16 @bootRoot@/memtest.bin ${toString cfg.params} - } - '' - else - throw "Memtest86+ is not supported with GRUB 1."; + boot.loader.grub.extraFiles = { + "memtest86.efi" = "${pkgs.memtest86-efi}/BOOTX64.efi"; + }; - boot.loader.grub.extraFiles."memtest.bin" = "${memtest86}/memtest.bin"; + boot.loader.grub.extraEntries = '' + menuentry "Memtest86" { + chainloader /memtest86.efi + } + ''; + }) - }; + (mkIf (cfg.enable && !efiSupport) { + boot.loader.grub.extraEntries = + if config.boot.loader.grub.version == 2 then + '' + menuentry "Memtest86+" { + linux16 @bootRoot@/memtest.bin ${toString cfg.params} + } + '' + else + throw "Memtest86+ is not supported with GRUB 1."; + + boot.loader.grub.extraFiles."memtest.bin" = "${memtest86}/memtest.bin"; + }) + ]; } diff --git a/nixos/modules/virtualisation/hyperv-guest.nix b/nixos/modules/virtualisation/hyperv-guest.nix index 0f1f052880c5..adc2810a9939 100644 --- a/nixos/modules/virtualisation/hyperv-guest.nix +++ b/nixos/modules/virtualisation/hyperv-guest.nix @@ -32,7 +32,7 @@ in { ]; kernelParams = [ - "video=hyperv_fb:${cfg.videoMode}" + "video=hyperv_fb:${cfg.videoMode} elevator=noop" ]; }; diff --git a/nixos/release-combined.nix b/nixos/release-combined.nix index b46731863cab..641699818769 100644 --- a/nixos/release-combined.nix +++ b/nixos/release-combined.nix @@ -95,14 +95,12 @@ in rec { (all nixos.tests.env) (all nixos.tests.ipv6) (all nixos.tests.i3wm) - # 2018-06-06: keymap tests temporarily removed from tested job - # since non-deterministic failure are blocking the channel (#41538) - #(all nixos.tests.keymap.azerty) - #(all nixos.tests.keymap.colemak) - #(all nixos.tests.keymap.dvorak) - #(all nixos.tests.keymap.dvp) - #(all nixos.tests.keymap.neo) - #(all nixos.tests.keymap.qwertz) + (except ["aarch64-linux"] nixos.tests.keymap.azerty) + (except ["aarch64-linux"] nixos.tests.keymap.colemak) + (except ["aarch64-linux"] nixos.tests.keymap.dvorak) + (except ["aarch64-linux"] nixos.tests.keymap.dvp) + (except ["aarch64-linux"] nixos.tests.keymap.neo) + (except ["aarch64-linux"] nixos.tests.keymap.qwertz) (all nixos.tests.plasma5) (all nixos.tests.lightdm) (all nixos.tests.login) diff --git a/nixos/tests/acme.nix b/nixos/tests/acme.nix index 6bd315ff1eaa..732f41a4905d 100644 --- a/nixos/tests/acme.nix +++ b/nixos/tests/acme.nix @@ -1,17 +1,50 @@ let commonConfig = ./common/letsencrypt/common.nix; + + dnsScript = {writeScript, dnsAddress, bash, curl}: writeScript "dns-hook.sh" '' + #!${bash}/bin/bash + set -euo pipefail + echo '[INFO]' "[$2]" 'dns-hook.sh' $* + if [ "$1" = "present" ]; then + ${curl}/bin/curl --data '{"host": "'"$2"'", "value": "'"$3"'"}' http://${dnsAddress}:8055/set-txt + else + ${curl}/bin/curl --data '{"host": "'"$2"'"}' http://${dnsAddress}:8055/clear-txt + fi + ''; + in import ./make-test-python.nix { name = "acme"; nodes = rec { - letsencrypt = ./common/letsencrypt; + letsencrypt = { nodes, lib, ... }: { + imports = [ ./common/letsencrypt ]; + networking.nameservers = lib.mkForce [ + nodes.dnsserver.config.networking.primaryIPAddress + ]; + }; - acmeStandalone = { config, pkgs, ... }: { + dnsserver = { nodes, pkgs, ... }: { + networking.firewall.allowedTCPPorts = [ 8055 53 ]; + networking.firewall.allowedUDPPorts = [ 53 ]; + systemd.services.pebble-challtestsrv = { + enable = true; + description = "Pebble ACME challenge test server"; + wantedBy = [ "network.target" ]; + serviceConfig = { + ExecStart = "${pkgs.pebble}/bin/pebble-challtestsrv -dns01 ':53' -defaultIPv6 '' -defaultIPv4 '${nodes.webserver.config.networking.primaryIPAddress}'"; + # Required to bind on privileged ports. + User = "root"; + Group = "root"; + }; + }; + }; + + acmeStandalone = { nodes, lib, config, pkgs, ... }: { imports = [ commonConfig ]; + networking.nameservers = lib.mkForce [ + nodes.dnsserver.config.networking.primaryIPAddress + ]; networking.firewall.allowedTCPPorts = [ 80 ]; - networking.extraHosts = '' - ${config.networking.primaryIPAddress} standalone.com - ''; security.acme = { server = "https://acme-v02.api.letsencrypt.org/dir"; certs."standalone.com" = { @@ -29,14 +62,12 @@ in import ./make-test-python.nix { }; }; - webserver = { config, pkgs, ... }: { + webserver = { nodes, config, pkgs, lib, ... }: { imports = [ commonConfig ]; networking.firewall.allowedTCPPorts = [ 80 443 ]; - - networking.extraHosts = '' - ${config.networking.primaryIPAddress} a.example.com - ${config.networking.primaryIPAddress} b.example.com - ''; + networking.nameservers = lib.mkForce [ + nodes.dnsserver.config.networking.primaryIPAddress + ]; # A target remains active. Use this to probe the fact that # a service fired eventhough it is not RemainAfterExit @@ -61,14 +92,11 @@ in import ./make-test-python.nix { nesting.clone = [ ({pkgs, ...}: { - - networking.extraHosts = '' - ${config.networking.primaryIPAddress} b.example.com - ''; systemd.targets."acme-finished-b.example.com" = {}; systemd.services."acme-b.example.com" = { wants = [ "acme-finished-b.example.com.target" ]; before = [ "acme-finished-b.example.com.target" ]; + after = [ "nginx.service" ]; }; services.nginx.virtualHosts."b.example.com" = { enableACME = true; @@ -79,15 +107,48 @@ in import ./make-test-python.nix { ''; }; }) + ({pkgs, config, nodes, lib, ...}: { + security.acme.certs."example.com" = { + domain = "*.example.com"; + dnsProvider = "exec"; + dnsPropagationCheck = false; + credentialsFile = with pkgs; writeText "wildcard.env" '' + EXEC_PATH=${dnsScript { inherit writeScript bash curl; dnsAddress = nodes.dnsserver.config.networking.primaryIPAddress; }} + ''; + user = config.services.nginx.user; + group = config.services.nginx.group; + }; + systemd.targets."acme-finished-example.com" = {}; + systemd.services."acme-example.com" = { + wants = [ "acme-finished-example.com.target" ]; + before = [ "acme-finished-example.com.target" "nginx.service" ]; + wantedBy = [ "nginx.service" ]; + }; + services.nginx.virtualHosts."c.example.com" = { + forceSSL = true; + sslCertificate = config.security.acme.certs."example.com".directory + "/cert.pem"; + sslTrustedCertificate = config.security.acme.certs."example.com".directory + "/full.pem"; + sslCertificateKey = config.security.acme.certs."example.com".directory + "/key.pem"; + locations."/".root = pkgs.runCommand "docroot" {} '' + mkdir -p "$out" + echo hello world > "$out/index.html" + ''; + }; + }) ]; }; - client = commonConfig; + client = {nodes, lib, ...}: { + imports = [ commonConfig ]; + networking.nameservers = lib.mkForce [ + nodes.dnsserver.config.networking.primaryIPAddress + ]; + }; }; testScript = {nodes, ...}: let - newServerSystem = nodes.webserver2.config.system.build.toplevel; + newServerSystem = nodes.webserver.config.system.build.toplevel; switchToNewServer = "${newServerSystem}/bin/switch-to-configuration test"; in # Note, wait_for_unit does not work for oneshot services that do not have RemainAfterExit=true, @@ -97,6 +158,17 @@ in import ./make-test-python.nix { # can use them to probe that a oneshot fired. It is a bit ugly, but it is the best we can do '' client.start() + dnsserver.start() + + letsencrypt.wait_for_unit("default.target") + dnsserver.wait_for_unit("pebble-challtestsrv.service") + client.succeed( + 'curl --data \'{"host": "acme-v02.api.letsencrypt.org", "addresses": ["${nodes.letsencrypt.config.networking.primaryIPAddress}"]}\' http://${nodes.dnsserver.config.networking.primaryIPAddress}:8055/add-a' + ) + client.succeed( + 'curl --data \'{"host": "standalone.com", "addresses": ["${nodes.acmeStandalone.config.networking.primaryIPAddress}"]}\' http://${nodes.dnsserver.config.networking.primaryIPAddress}:8055/add-a' + ) + letsencrypt.start() acmeStandalone.start() @@ -129,5 +201,17 @@ in import ./make-test-python.nix { client.succeed( "curl --cacert /tmp/ca.crt https://b.example.com/ | grep -qF 'hello world'" ) + + with subtest("Can request wildcard certificates using DNS-01 challenge"): + webserver.succeed( + "${switchToNewServer}" + ) + webserver.succeed( + "/run/current-system/fine-tune/child-2/bin/switch-to-configuration test" + ) + webserver.wait_for_unit("acme-finished-example.com.target") + client.succeed( + "curl --cacert /tmp/ca.crt https://c.example.com/ | grep -qF 'hello world'" + ) ''; } diff --git a/nixos/tests/all-tests.nix b/nixos/tests/all-tests.nix index bdac56169fdf..b773cf3364fa 100644 --- a/nixos/tests/all-tests.nix +++ b/nixos/tests/all-tests.nix @@ -96,6 +96,7 @@ in freeswitch = handleTest ./freeswitch.nix {}; fsck = handleTest ./fsck.nix {}; gotify-server = handleTest ./gotify-server.nix {}; + grocy = handleTest ./grocy.nix {}; gitea = handleTest ./gitea.nix {}; gitlab = handleTest ./gitlab.nix {}; gitolite = handleTest ./gitolite.nix {}; @@ -256,6 +257,7 @@ in runInMachine = handleTest ./run-in-machine.nix {}; rxe = handleTest ./rxe.nix {}; samba = handleTest ./samba.nix {}; + sanoid = handleTest ./sanoid.nix {}; sddm = handleTest ./sddm.nix {}; shiori = handleTest ./shiori.nix {}; signal-desktop = handleTest ./signal-desktop.nix {}; @@ -269,6 +271,7 @@ in strongswan-swanctl = handleTest ./strongswan-swanctl.nix {}; sudo = handleTest ./sudo.nix {}; switchTest = handleTest ./switch-test.nix {}; + sympa = handleTest ./sympa.nix {}; syncthing-init = handleTest ./syncthing-init.nix {}; syncthing-relay = handleTest ./syncthing-relay.nix {}; systemd = handleTest ./systemd.nix {}; diff --git a/nixos/tests/common/letsencrypt/common.nix b/nixos/tests/common/letsencrypt/common.nix index c530de817bf2..bd559c8dacc5 100644 --- a/nixos/tests/common/letsencrypt/common.nix +++ b/nixos/tests/common/letsencrypt/common.nix @@ -5,5 +5,8 @@ in { nodes.letsencrypt.config.networking.primaryIPAddress ]; + security.acme.acceptTerms = true; + security.acme.email = "webmaster@example.com"; + security.pki.certificateFiles = [ letsencrypt-ca ]; } diff --git a/nixos/tests/corerad.nix b/nixos/tests/corerad.nix index 950c9abc8994..741fa448f680 100644 --- a/nixos/tests/corerad.nix +++ b/nixos/tests/corerad.nix @@ -17,7 +17,7 @@ import ./make-test-python.nix ( configFile = pkgs.writeText "corerad.toml" '' [[interfaces]] name = "eth1" - send_advertisements = true + advertise = true [[interfaces.prefix]] prefix = "::/64" ''; diff --git a/nixos/tests/grocy.nix b/nixos/tests/grocy.nix new file mode 100644 index 000000000000..7fa479ed2c42 --- /dev/null +++ b/nixos/tests/grocy.nix @@ -0,0 +1,47 @@ +import ./make-test-python.nix ({ pkgs, ... }: { + name = "grocy"; + meta = with pkgs.stdenv.lib.maintainers; { + maintainers = [ ma27 ]; + }; + + machine = { pkgs, ... }: { + services.grocy = { + enable = true; + hostName = "localhost"; + nginx.enableSSL = false; + }; + environment.systemPackages = [ pkgs.jq ]; + }; + + testScript = '' + machine.start() + machine.wait_for_open_port(80) + machine.wait_for_unit("multi-user.target") + + machine.succeed("curl -sSf http://localhost") + + machine.succeed( + "curl -c cookies -sSf -X POST http://localhost/login -d 'username=admin&password=admin'" + ) + + cookie = machine.succeed( + "grep -v '^#' cookies | awk '{ print $7 }' | sed -e '/^$/d' | perl -pe 'chomp'" + ) + + machine.succeed( + f"curl -sSf -X POST http://localhost/api/objects/tasks -b 'grocy_session={cookie}' " + + '-d \'{"assigned_to_user_id":1,"name":"Test Task","due_date":"1970-01-01"}\''' + + " --header 'Content-Type: application/json'" + ) + + task_name = machine.succeed( + f"curl -sSf http://localhost/api/tasks -b 'grocy_session={cookie}' --header 'Accept: application/json' | jq '.[].name' | xargs echo | perl -pe 'chomp'" + ) + + assert task_name == "Test Task" + + machine.succeed("curl -sSfI http://localhost/api/tasks 2>&1 | grep '401 Unauthorized'") + + machine.shutdown() + ''; +}) diff --git a/nixos/tests/sanoid.nix b/nixos/tests/sanoid.nix new file mode 100644 index 000000000000..284b38932cce --- /dev/null +++ b/nixos/tests/sanoid.nix @@ -0,0 +1,90 @@ +import ./make-test-python.nix ({ pkgs, ... }: let + inherit (import ./ssh-keys.nix pkgs) + snakeOilPrivateKey snakeOilPublicKey; + + commonConfig = { pkgs, ... }: { + virtualisation.emptyDiskImages = [ 2048 ]; + boot.supportedFilesystems = [ "zfs" ]; + environment.systemPackages = [ pkgs.parted ]; + }; +in { + name = "sanoid"; + meta = with pkgs.stdenv.lib.maintainers; { + maintainers = [ lopsided98 ]; + }; + + nodes = { + source = { ... }: { + imports = [ commonConfig ]; + networking.hostId = "daa82e91"; + + programs.ssh.extraConfig = '' + UserKnownHostsFile=/dev/null + StrictHostKeyChecking=no + ''; + + services.sanoid = { + enable = true; + templates.test = { + hourly = 12; + daily = 1; + monthly = 1; + yearly = 1; + + autosnap = true; + }; + datasets."pool/test".useTemplate = [ "test" ]; + }; + + services.syncoid = { + enable = true; + sshKey = "/root/.ssh/id_ecdsa"; + commonArgs = [ "--no-sync-snap" ]; + commands."pool/test".target = "root@target:pool/test"; + }; + }; + target = { ... }: { + imports = [ commonConfig ]; + networking.hostId = "dcf39d36"; + + services.openssh.enable = true; + users.users.root.openssh.authorizedKeys.keys = [ snakeOilPublicKey ]; + }; + }; + + testScript = '' + source.succeed( + "mkdir /tmp/mnt", + "parted --script /dev/vdb -- mklabel msdos mkpart primary 1024M -1s", + "udevadm settle", + "zpool create pool /dev/vdb1", + "zfs create -o mountpoint=legacy pool/test", + "mount -t zfs pool/test /tmp/mnt", + "udevadm settle", + ) + target.succeed( + "parted --script /dev/vdb -- mklabel msdos mkpart primary 1024M -1s", + "udevadm settle", + "zpool create pool /dev/vdb1", + "udevadm settle", + ) + + source.succeed("mkdir -m 700 /root/.ssh") + source.succeed( + "cat '${snakeOilPrivateKey}' > /root/.ssh/id_ecdsa" + ) + source.succeed("chmod 600 /root/.ssh/id_ecdsa") + + source.succeed("touch /tmp/mnt/test.txt") + source.systemctl("start --wait sanoid.service") + + target.wait_for_open_port(22) + source.systemctl("start --wait syncoid.service") + target.succeed( + "mkdir /tmp/mnt", + "zfs set mountpoint=legacy pool/test", + "mount -t zfs pool/test /tmp/mnt", + ) + target.succeed("cat /tmp/mnt/test.txt") + ''; +}) diff --git a/nixos/tests/sympa.nix b/nixos/tests/sympa.nix new file mode 100644 index 000000000000..280691f7cb40 --- /dev/null +++ b/nixos/tests/sympa.nix @@ -0,0 +1,36 @@ +import ./make-test-python.nix ({ pkgs, lib, ... }: { + name = "sympa"; + meta.maintainers = with lib.maintainers; [ mmilata ]; + + machine = + { ... }: + { + virtualisation.memorySize = 1024; + + services.sympa = { + enable = true; + domains = { + "lists.example.org" = { + webHost = "localhost"; + }; + }; + listMasters = [ "joe@example.org" ]; + web.enable = true; + web.https = false; + database = { + type = "PostgreSQL"; + createLocally = true; + }; + }; + }; + + testScript = '' + start_all() + + machine.wait_for_unit("sympa.service") + machine.wait_for_unit("wwsympa.service") + assert "Mailing lists service" in machine.succeed( + "curl --insecure -L http://localhost/" + ) + ''; +}) diff --git a/pkgs/applications/audio/kid3/default.nix b/pkgs/applications/audio/kid3/default.nix index 5571b12f3ef6..dcd305abdee6 100644 --- a/pkgs/applications/audio/kid3/default.nix +++ b/pkgs/applications/audio/kid3/default.nix @@ -9,11 +9,11 @@ stdenv.mkDerivation rec { pname = "kid3"; - version = "3.8.1"; + version = "3.8.2"; src = fetchurl { url = "mirror://sourceforge/project/kid3/kid3/${version}/${pname}-${version}.tar.gz"; - sha256 = "1d2lr500dx7gnxw2vrvpbhadpn313ly3zyp178864z26dnfkjv8x"; + sha256 = "051y77swpi9isx275gwzl4fn3igd2dmixbszv9m3h0h9lqhcjrvr"; }; nativeBuildInputs = [ wrapQtAppsHook ]; diff --git a/pkgs/applications/audio/mopidy/default.nix b/pkgs/applications/audio/mopidy/default.nix index 2df54fa7fb46..c1c8bb964e46 100644 --- a/pkgs/applications/audio/mopidy/default.nix +++ b/pkgs/applications/audio/mopidy/default.nix @@ -1,16 +1,16 @@ -{ stdenv, fetchFromGitHub, pythonPackages, wrapGAppsHook +{ stdenv, fetchFromGitHub, python3Packages, wrapGAppsHook , gst_all_1, glib-networking, gobject-introspection }: -pythonPackages.buildPythonApplication rec { +python3Packages.buildPythonApplication rec { pname = "mopidy"; - version = "2.3.1"; + version = "3.0.1"; src = fetchFromGitHub { owner = "mopidy"; repo = "mopidy"; rev = "v${version}"; - sha256 = "1qdflxr0an6l2m3j90h55bzyj7rjlkkwmxx945hwv8xi472rcgdj"; + sha256 = "0fpjprjw143ixak68iwxjpscdjgyb7rsr1cxj7fsdrw6hc83nq4z"; }; nativeBuildInputs = [ wrapGAppsHook ]; @@ -20,7 +20,7 @@ pythonPackages.buildPythonApplication rec { glib-networking gobject-introspection ]; - propagatedBuildInputs = with pythonPackages; [ + propagatedBuildInputs = with python3Packages; [ gst-python pygobject3 pykka tornado_4 requests setuptools ] ++ stdenv.lib.optional (!stdenv.isDarwin) dbus-python; diff --git a/pkgs/applications/audio/mopidy/iris.nix b/pkgs/applications/audio/mopidy/iris.nix index 88cdde2ceb2a..6d9147a7f5d9 100644 --- a/pkgs/applications/audio/mopidy/iris.nix +++ b/pkgs/applications/audio/mopidy/iris.nix @@ -1,18 +1,17 @@ -{ stdenv, pythonPackages, mopidy, mopidy-local-images }: +{ stdenv, python3Packages, mopidy, mopidy-local-images }: -pythonPackages.buildPythonApplication rec { +python3Packages.buildPythonApplication rec { pname = "Mopidy-Iris"; - version = "3.43.0"; + version = "3.44.0"; - src = pythonPackages.fetchPypi { + src = python3Packages.fetchPypi { inherit pname version; - sha256 = "1qg9xyjf27dp0810h4kdliyfb8r3kvi37lq8r93d01xwfphdzs05"; + sha256 = "0gap0cyw6sfb4487i1x220rr9fbsz6xyw68l15ar0vfll0zv0760"; }; propagatedBuildInputs = [ mopidy - mopidy-local-images - ] ++ (with pythonPackages; [ + ] ++ (with python3Packages; [ configobj requests tornado_4 diff --git a/pkgs/applications/audio/mopidy/spotify.nix b/pkgs/applications/audio/mopidy/spotify.nix index 483852455aa7..a01bf6c80d3d 100644 --- a/pkgs/applications/audio/mopidy/spotify.nix +++ b/pkgs/applications/audio/mopidy/spotify.nix @@ -1,15 +1,15 @@ -{ stdenv, fetchurl, pythonPackages, mopidy }: +{ stdenv, fetchurl, python3Packages, mopidy }: -pythonPackages.buildPythonApplication rec { +python3Packages.buildPythonApplication rec { pname = "mopidy-spotify"; - version = "3.1.0"; + version = "4.0.1"; src = fetchurl { url = "https://github.com/mopidy/mopidy-spotify/archive/v${version}.tar.gz"; - sha256 = "1mh87w4j0ypvsrnax7kkjgfxfpnw3l290jvfzg56b8qlwf20khjl"; + sha256 = "1ac8r8050i5r3ag1hlblbcyskqjqz7wgamndbzsmw52qi6hxk44f"; }; - propagatedBuildInputs = [ mopidy pythonPackages.pyspotify ]; + propagatedBuildInputs = [ mopidy python3Packages.pyspotify ]; doCheck = false; diff --git a/pkgs/applications/editors/okteta/default.nix b/pkgs/applications/editors/okteta/default.nix index 5c7ddfb34d46..fa63ee90adc9 100644 --- a/pkgs/applications/editors/okteta/default.nix +++ b/pkgs/applications/editors/okteta/default.nix @@ -4,11 +4,11 @@ stdenv.mkDerivation rec { pname = "okteta"; - version = "0.26.2"; + version = "0.26.3"; src = fetchurl { url = "mirror://kde/stable/okteta/${version}/src/${pname}-${version}.tar.xz"; - sha256 = "0k38hd9wq6jvzy0225y61rzr7lgwbac1haalhsrfpmyjy6d833dv"; + sha256 = "1454844s76skk18gpcf56y9pkmffs7p4z09ggmy37ifzf7yk1p19"; }; nativeBuildInputs = [ qtscript extra-cmake-modules kdoctools ]; diff --git a/pkgs/applications/misc/calibre/default.nix b/pkgs/applications/misc/calibre/default.nix index fd86f21dff0d..fc7575ea92ce 100644 --- a/pkgs/applications/misc/calibre/default.nix +++ b/pkgs/applications/misc/calibre/default.nix @@ -93,12 +93,13 @@ mkDerivation rec { netifaces pillow python - pyqt5_with_qtwebkit + pyqt5 sip regex msgpack beautifulsoup4 html2text + pyqtwebengine # the following are distributed with calibre, but we use upstream instead odfpy ] diff --git a/pkgs/applications/misc/gmtp/default.nix b/pkgs/applications/misc/gmtp/default.nix index c8bbcf2aa7f3..db2193dbd3d7 100644 --- a/pkgs/applications/misc/gmtp/default.nix +++ b/pkgs/applications/misc/gmtp/default.nix @@ -26,7 +26,7 @@ stdenv.mkDerivation { description = "A simple MP3 and Media player client for UNIX and UNIX like systems."; homepage = https://gmtp.sourceforge.io; platforms = stdenv.lib.platforms.linux; - maintainers = [ stdenv.lib.maintainers.pbogdan ]; + maintainers = [ ]; license = stdenv.lib.licenses.bsd3; }; } diff --git a/pkgs/applications/misc/syncthingtray/default.nix b/pkgs/applications/misc/syncthingtray/default.nix index 907a2e046dfe..610409af7a7b 100644 --- a/pkgs/applications/misc/syncthingtray/default.nix +++ b/pkgs/applications/misc/syncthingtray/default.nix @@ -20,14 +20,14 @@ }: mkDerivation rec { - version = "0.10.5"; + version = "0.10.6"; pname = "syncthingtray"; src = fetchFromGitHub { owner = "Martchus"; repo = "syncthingtray"; rev = "v${version}"; - sha256 = "177ywk1dfdfwz7kvlxx3an1q4vv2c27d7qivy0463a3hvkacybxn"; + sha256 = "1lh1qsdy5081jrs27ba0mfh90ya1fj9h6j5k0cdsfap9mcxyjd9g"; }; buildInputs = [ qtbase cpp-utilities qtutilities ] diff --git a/pkgs/applications/networking/browsers/conkeror/default.nix b/pkgs/applications/networking/browsers/conkeror/default.nix deleted file mode 100644 index ffc6bde79a16..000000000000 --- a/pkgs/applications/networking/browsers/conkeror/default.nix +++ /dev/null @@ -1,39 +0,0 @@ -{ stdenv, fetchgit, unzip, firefox-esr-52, makeWrapper }: - -stdenv.mkDerivation rec { - pkgname = "conkeror"; - version = "1.0.4"; - name = "${pkgname}-${version}"; - - src = fetchgit { - url = git://repo.or.cz/conkeror.git; - rev = "refs/tags/${version}"; - sha256 = "10c57wqybp9kcjpkb01wxq0h3vafcdb1g5kb4k8sb2zajg59afv8"; - }; - - buildInputs = [ unzip makeWrapper ]; - - installPhase = '' - mkdir -p $out/libexec/conkeror - cp -r * $out/libexec/conkeror - - makeWrapper ${firefox-esr-52}/bin/firefox $out/bin/conkeror \ - --add-flags "-app $out/libexec/conkeror/application.ini" - ''; - - meta = with stdenv.lib; { - description = "A keyboard-oriented, customizable, extensible web browser"; - longDescription = '' - Conkeror is a keyboard-oriented, highly-customizable, highly-extensible - web browser based on Mozilla XULRunner, written mainly in JavaScript, - and inspired by exceptional software such as Emacs and vi. Conkeror - features a sophisticated keyboard system, allowing users to run commands - and interact with content in powerful and novel ways. It is - self-documenting, featuring a powerful interactive help system. - ''; - homepage = http://conkeror.org/; - license = with licenses; [ mpl11 gpl2 lgpl21 ]; - maintainers = with maintainers; [ astsmtl ]; - platforms = platforms.linux; - }; -} diff --git a/pkgs/applications/networking/browsers/firefox/common.nix b/pkgs/applications/networking/browsers/firefox/common.nix index 740d05ba0468..8ba899457b3d 100644 --- a/pkgs/applications/networking/browsers/firefox/common.nix +++ b/pkgs/applications/networking/browsers/firefox/common.nix @@ -1,8 +1,6 @@ { pname, ffversion, meta, updateScript ? null , src, unpackPhase ? null, patches ? [] -, extraNativeBuildInputs ? [], extraConfigureFlags ? [], extraMakeFlags ? [] -, isIceCatLike ? false, icversion ? null -, isTorBrowserLike ? false, tbversion ? null }: +, extraNativeBuildInputs ? [], extraConfigureFlags ? [], extraMakeFlags ? [] }: { lib, stdenv, pkgconfig, pango, perl, python2, python3, zip, libIDL , libjpeg, zlib, dbus, dbus-glib, bzip2, xorg @@ -27,16 +25,14 @@ ## privacy-related options -, privacySupport ? isTorBrowserLike || isIceCatLike +, privacySupport ? false # WARNING: NEVER set any of the options below to `true` by default. # Set to `!privacySupport` or `false`. # webrtcSupport breaks the aarch64 build on version >= 60, fixed in 63. # https://bugzilla.mozilla.org/show_bug.cgi?id=1434589 -, webrtcSupport ? !privacySupport && (!stdenv.isAarch64 || !( - lib.versionAtLeast ffversion "60" && lib.versionOlder ffversion "63" - )) +, webrtcSupport ? !privacySupport , geolocationSupport ? !privacySupport , googleAPISupport ? geolocationSupport , crashreporterSupport ? false @@ -79,7 +75,7 @@ let default-toolkit = if stdenv.isDarwin then "cairo-cocoa" else "cairo-gtk${if gtk3Support then "3${lib.optionalString waylandSupport "-wayland"}" else "2"}"; - binaryName = if isIceCatLike then "icecat" else "firefox"; + binaryName = "firefox"; binaryNameCapitalized = lib.toUpper (lib.substring 0 1 binaryName) + lib.substring 1 (-1) binaryName; browserName = if stdenv.isDarwin then binaryNameCapitalized else binaryName; @@ -87,21 +83,17 @@ let execdir = if stdenv.isDarwin then "/Applications/${binaryNameCapitalized}.app/Contents/MacOS" else "/bin"; +in - browserVersion = if isIceCatLike then icversion - else if isTorBrowserLike then tbversion - else ffversion; +stdenv.mkDerivation ({ + name = "${pname}-unwrapped-${ffversion}"; + version = ffversion; - browserPatches = [ + inherit src unpackPhase meta; + + patches = [ ./env_var_for_system_dir.patch - ] - ++ lib.optional (lib.versionAtLeast ffversion "63" && lib.versionOlder ffversion "68.3.0") - (fetchpatch { # https://bugzilla.mozilla.org/show_bug.cgi?id=1500436#c29 - name = "write_error-parallel_make.diff"; - url = "https://hg.mozilla.org/mozilla-central/raw-diff/562655fe/python/mozbuild/mozbuild/action/node.py"; - sha256 = "11d7rgzinb4mwl7yzhidjkajynmxgmffr4l9isgskfapyax9p88y"; - }) - ++ lib.optionals (stdenv.isAarch64 && lib.versionAtLeast ffversion "66" && lib.versionOlder ffversion "67") [ + ] ++ lib.optionals (stdenv.isAarch64) [ (fetchpatch { url = "https://raw.githubusercontent.com/archlinuxarm/PKGBUILDs/09c7fa0dc1d87922e3b464c0fa084df1227fca79/extra/firefox/arm.patch"; sha256 = "1vbpih23imhv5r3g21m3m541z08n9n9j1nvmqax76bmyhn7mxp32"; @@ -117,15 +109,6 @@ let }) ++ patches; -in - -stdenv.mkDerivation (rec { - name = "${pname}-unwrapped-${version}"; - version = browserVersion; - - inherit src unpackPhase meta; - - patches = browserPatches; # Ignore trivial whitespace changes in patches, this fixes compatibility of # ./env_var_for_system_dir.patch with Firefox >=65 without having to track @@ -141,16 +124,14 @@ stdenv.mkDerivation (rec { xorg.libXext sqlite unzip makeWrapper libevent libstartup_notification libvpx /* cairo */ icu libpng jemalloc glib + nasm + # >= 66 requires nasm for the AV1 lib dav1d + # yasm can potentially be removed in future versions + # https://bugzilla.mozilla.org/show_bug.cgi?id=1501796 + # https://groups.google.com/forum/#!msg/mozilla.dev.platform/o-8levmLU80/SM_zQvfzCQAJ + nspr nss ] - ++ lib.optionals (!isTorBrowserLike) [ nspr nss ] - ++ lib.optional (lib.versionOlder ffversion "53") libXdamage - ++ lib.optional (lib.versionOlder ffversion "61") hunspell - # >= 66 requires nasm for the AV1 lib dav1d - # yasm can potentially be removed in future versions - # https://bugzilla.mozilla.org/show_bug.cgi?id=1501796 - # https://groups.google.com/forum/#!msg/mozilla.dev.platform/o-8levmLU80/SM_zQvfzCQAJ - ++ lib.optional (lib.versionAtLeast ffversion "66") nasm ++ lib.optional alsaSupport alsaLib ++ lib.optional pulseaudioSupport libpulseaudio # only headers are needed ++ lib.optional gtk3Support gtk3 @@ -162,27 +143,33 @@ stdenv.mkDerivation (rec { NIX_CFLAGS_COMPILE = toString ([ "-I${glib.dev}/include/gio-unix-2.0" - ] - ++ lib.optionals (!isTorBrowserLike) [ "-I${nss.dev}/include/nss" ] - ++ lib.optional (pname == "firefox-esr" && lib.versionAtLeast ffversion "68" - && lib.versionOlder ffversion "69") + ++ lib.optional (pname == "firefox-esr" && lib.versionOlder ffversion "69") "-Wno-error=format-security"); - postPatch = lib.optionalString (lib.versionAtLeast ffversion "63.0" && !isTorBrowserLike) '' + postPatch = '' substituteInPlace third_party/prio/prio/rand.c --replace 'nspr/prinit.h' 'prinit.h' - '' + lib.optionalString (lib.versionAtLeast ffversion "68") '' rm -rf obj-x86_64-pc-linux-gnu ''; nativeBuildInputs = - [ autoconf213 which gnused pkgconfig perl python2 cargo rustc ] + [ + autoconf213 + cargo + gnused + llvmPackages.llvm # llvm-objdump + nodejs + perl + pkgconfig + python2 + python3 + rust-cbindgen + rustc + which + ] ++ lib.optional gtk3Support wrapGAppsHook ++ lib.optionals stdenv.isDarwin [ xcbuild rsync ] - ++ lib.optional (lib.versionAtLeast ffversion "61.0") python3 - ++ lib.optionals (lib.versionAtLeast ffversion "63.0") [ rust-cbindgen nodejs ] - ++ lib.optionals (lib.versionAtLeast ffversion "67.0") [ llvmPackages.llvm ] # llvm-objdump is required in version >=67.0 ++ extraNativeBuildInputs; preConfigure = '' @@ -190,14 +177,8 @@ stdenv.mkDerivation (rec { rm -f configure rm -f js/src/configure rm -f .mozconfig* - '' + (if lib.versionAtLeast ffversion "58" - # this will run autoconf213 - then '' + # this will run autoconf213 configureScript="$(realpath ./mach) configure" - '' else '' - make -f client.mk configure-files - configureScript="$(realpath ./configure)" - '') + lib.optionalString (lib.versionAtLeast ffversion "53") '' export MOZCONFIG=$(pwd)/mozconfig # Set C flags for Rust's bindgen program. Unlike ordinary C @@ -214,23 +195,16 @@ stdenv.mkDerivation (rec { $NIX_CFLAGS_COMPILE" echo "ac_add_options BINDGEN_CFLAGS='$BINDGEN_CFLAGS'" >> $MOZCONFIG - '' + lib.optionalString googleAPISupport '' + '' + (lib.optionalString googleAPISupport '' # Google API key used by Chromium and Firefox. # Note: These are for NixOS/nixpkgs use ONLY. For your own distribution, # please get your own set of keys. echo "AIzaSyDGi15Zwl11UNe6Y-5XW_upsfyw31qwZPI" > $TMPDIR/ga # 60.5+ & 66+ did split the google API key arguments: https://bugzilla.mozilla.org/show_bug.cgi?id=1531176 - ${if (lib.versionAtLeast ffversion "60.6" && lib.versionOlder ffversion "61") || (lib.versionAtLeast ffversion "66") then '' - configureFlagsArray+=("--with-google-location-service-api-keyfile=$TMPDIR/ga") - configureFlagsArray+=("--with-google-safebrowsing-api-keyfile=$TMPDIR/ga") - '' else '' - configureFlagsArray+=("--with-google-api-keyfile=$TMPDIR/ga") - ''} - '' + lib.optionalString (lib.versionOlder ffversion "58") '' - cd obj-* - '' - # AS=as in the environment causes build failure https://bugzilla.mozilla.org/show_bug.cgi?id=1497286 - + lib.optionalString (lib.versionAtLeast ffversion "64") '' + configureFlagsArray+=("--with-google-location-service-api-keyfile=$TMPDIR/ga") + configureFlagsArray+=("--with-google-safebrowsing-api-keyfile=$TMPDIR/ga") + '') + '' + # AS=as in the environment causes build failure https://bugzilla.mozilla.org/show_bug.cgi?id=1497286 unset AS ''; @@ -255,32 +229,15 @@ stdenv.mkDerivation (rec { "--enable-jemalloc" "--disable-gconf" "--enable-default-toolkit=${default-toolkit}" - ] - ++ lib.optional (lib.versionOlder ffversion "64") "--disable-maintenance-service" - ++ lib.optional (stdenv.isDarwin && lib.versionAtLeast ffversion "61") "--disable-xcode-checks" - ++ lib.optional (lib.versionOlder ffversion "61") "--enable-system-hunspell" - ++ lib.optionals (lib.versionAtLeast ffversion "56") [ "--with-libclang-path=${llvmPackages.libclang}/lib" "--with-clang-path=${llvmPackages.clang}/bin/clang" - ] - ++ lib.optionals (lib.versionAtLeast ffversion "57" && lib.versionOlder ffversion "69") [ - "--enable-webrender=build" - ] - - # TorBrowser patches these - ++ lib.optionals (!isTorBrowserLike) [ "--with-system-nspr" "--with-system-nss" ] - - # and wants these - ++ lib.optionals isTorBrowserLike ([ - "--with-tor-browser-version=${tbversion}" - "--with-distribution-id=org.torproject" - "--enable-signmar" - "--enable-verify-mar" - "--enable-bundled-fonts" - ]) + ++ lib.optional (stdenv.isDarwin) "--disable-xcode-checks" + ++ lib.optionals (lib.versionOlder ffversion "69") [ + "--enable-webrender=build" + ] ++ flag alsaSupport "alsa" ++ flag pulseaudioSupport "pulseaudio" @@ -290,11 +247,6 @@ stdenv.mkDerivation (rec { ++ flag crashreporterSupport "crashreporter" ++ lib.optional drmSupport "--enable-eme=widevine" - ++ lib.optionals (lib.versionOlder ffversion "60") ([] - ++ flag geolocationSupport "mozril-geoloc" - ++ flag safeBrowsingSupport "safe-browsing" - ) - ++ (if debugBuild then [ "--enable-debug" "--enable-profiling" ] else [ "--disable-debug" "--enable-release" "--enable-optimize" @@ -302,29 +254,16 @@ stdenv.mkDerivation (rec { ++ lib.optional enableOfficialBranding "--enable-official-branding" ++ extraConfigureFlags; - # Before 58 we have to run `make -f client.mk configure-files` at - # the top level, and then run `./configure` in the obj-* dir (see - # above), but in 58 we have to instead run `./mach configure` at the - # top level and then run `make` in obj-*. (We can also run the - # `make` at the top level in 58, but then we would have to `cd` to - # `make install` anyway. This is ugly, but simple.) - postConfigure = lib.optionalString (lib.versionAtLeast ffversion "58") '' + postConfigure = '' cd obj-* ''; - preBuild = lib.optionalString isTorBrowserLike '' - buildFlagsArray=("MOZ_APP_DISPLAYNAME=Tor Browser") - ''; - makeFlags = lib.optionals enableOfficialBranding [ "MOZILLA_OFFICIAL=1" "BUILD_OFFICIAL=1" ] ++ extraMakeFlags; - RUSTFLAGS = if (lib.versionAtLeast ffversion "67"/*somewhere betwween ESRs*/) - then null else "--cap-lints warn"; - enableParallelBuilding = true; doCheck = false; # "--disable-tests" above @@ -355,10 +294,9 @@ stdenv.mkDerivation (rec { ''; passthru = { - inherit version updateScript; + inherit updateScript; + version = ffversion; isFirefox3Like = true; - inherit isIceCatLike; - inherit isTorBrowserLike; gtk = gtk2; inherit nspr; inherit ffmpegSupport; @@ -366,12 +304,12 @@ stdenv.mkDerivation (rec { inherit execdir; inherit browserName; } // lib.optionalAttrs gtk3Support { inherit gtk3; }; - } // # the build system verifies checksums of the bundled rust sources # ./third_party/rust is be patched by our libtool fixup code in stdenv # unfortunately we can't just set this to `false` when we do not want it. # See https://github.com/NixOS/nixpkgs/issues/77289 for more details + lib.optionalAttrs (lib.versionAtLeast ffversion "72") { # Ideally we would figure out how to tell the build system to not # care about changed hashes as we are already doing that when we diff --git a/pkgs/applications/networking/browsers/firefox/packages.nix b/pkgs/applications/networking/browsers/firefox/packages.nix index 833b97ba86f1..c61483c67721 100644 --- a/pkgs/applications/networking/browsers/firefox/packages.nix +++ b/pkgs/applications/networking/browsers/firefox/packages.nix @@ -1,4 +1,4 @@ -{ lib, callPackage, fetchurl, fetchFromGitHub, overrideCC, gccStdenv, gcc6 }: +{ config, lib, callPackage, fetchurl, fetchFromGitHub, overrideCC, gccStdenv, gcc6 }: let @@ -40,64 +40,6 @@ rec { }; }; - # Do not remove. This is the last version of Firefox that supports - # the old plugins. While this package is unsafe to use for browsing - # the web, there are many old useful plugins targeting offline - # activities (e.g. ebook readers, syncronous translation, etc) that - # will probably never be ported to WebExtensions API. - firefox-esr-52 = (common rec { - pname = "firefox-esr"; - ffversion = "52.9.0esr"; - src = fetchurl { - url = "mirror://mozilla/firefox/releases/${ffversion}/source/firefox-${ffversion}.source.tar.xz"; - sha512 = "bfca42668ca78a12a9fb56368f4aae5334b1f7a71966fbba4c32b9c5e6597aac79a6e340ac3966779d2d5563eb47c054ab33cc40bfb7306172138ccbd3adb2b9"; - }; - - patches = [ - # this one is actually an omnipresent bug - # https://bugzilla.mozilla.org/show_bug.cgi?id=1444519 - ./fix-pa-context-connect-retval.patch - ]; - - meta = firefox.meta // { - description = "A web browser built from Firefox Extended Support Release source tree"; - knownVulnerabilities = [ "Support ended in August 2018." ]; - }; - }).override { - stdenv = overrideCC gccStdenv gcc6; # gcc7 fails with "undefined reference to `__divmoddi4'" - gtk3Support = false; - }; - - firefox-esr-60 = common rec { - pname = "firefox-esr"; - ffversion = "60.9.0esr"; - - src = fetchurl { - url = "mirror://mozilla/firefox/releases/${ffversion}/source/firefox-${ffversion}.source.tar.xz"; - sha512 = "4baea5c9c4eff257834bbaee6d7786f69f7e6bacd24ca13c2705226f4a0d88315ab38c650b2c5e9c76b698f2debc7cea1e5a99cb4dc24e03c48a24df5143a3cf"; - }; - - patches = [ - ./no-buildconfig-ffx65.patch - - # this one is actually an omnipresent bug - # https://bugzilla.mozilla.org/show_bug.cgi?id=1444519 - ./fix-pa-context-connect-retval.patch - - missing-documentation-patch - ]; - - meta = firefox.meta // { - description = "A web browser built from Firefox Extended Support Release source tree"; - knownVulnerabilities = [ "Support ended around October 2019." ]; - }; - updateScript = callPackage ./update.nix { - attrPath = "firefox-esr-60-unwrapped"; - versionSuffix = "esr"; - versionKey = "ffversion"; - }; - }; - firefox-esr-68 = common rec { pname = "firefox-esr"; ffversion = "68.4.2esr"; @@ -119,86 +61,23 @@ rec { versionKey = "ffversion"; }; }; +} // lib.optionalAttrs (config.allowAliases or true) { + #### ALIASES + #### remove after 20.03 branchoff -} // (let + firefox-esr-52 = throw '' + firefoxPackages.firefox-esr-52 was removed as it's an unsupported ESR with + open security issues. If you need it because you need to run some plugins + not having been ported to WebExtensions API, import it from an older + nixpkgs checkout still containing it. + ''; + firefox-esr-60 = throw "firefoxPackages.firefox-esr-60 was removed as it's an unsupported ESR with open security issues."; - iccommon = args: common (args // { - pname = "icecat"; - isIceCatLike = true; - - meta = (args.meta or {}) // { - description = "The GNU version of the Firefox web browser"; - longDescription = '' - GNUzilla is the GNU version of the Mozilla suite, and GNU - IceCat is the GNU version of the Firefox web browser. - - Notable differences from mainline Firefox: - - - entirely free software, no non-free plugins, addons, - artwork, - - no telemetry, no "studies", - - sane privacy and security defaults (for instance, unlike - Firefox, IceCat does _zero_ network requests on startup by - default, which means that with IceCat you won't need to - unplug your Ethernet cable each time you want to create a - new browser profile without announcing that action to a - bunch of data-hungry corporations), - - all essential privacy and security settings can be - configured directly from the main screen, - - optional first party isolation (like TorBrowser), - - comes with HTTPS Everywhere (like TorBrowser), Tor Browser - Button (like TorBrowser Bundle), LibreJS, and SpyBlock - plugins out of the box. - - This package can be installed together with Firefox and - TorBrowser, it will use distinct binary names and profile - directories. - ''; - homepage = "https://www.gnu.org/software/gnuzilla/"; - platforms = lib.platforms.unix; - license = with lib.licenses; [ mpl20 gpl3Plus ]; - }; - }); - -in { - - icecat = iccommon rec { - ffversion = "60.3.0"; - icversion = "${ffversion}-gnu1"; - - src = fetchurl { - url = "mirror://gnu/gnuzilla/${ffversion}/icecat-${icversion}.tar.bz2"; - sha256 = "0icnl64nxcyf7dprpdpygxhabsvyhps8c3ixysj9bcdlj9q34ib1"; - }; - - patches = [ - ./no-buildconfig.patch - missing-documentation-patch - ]; - meta.knownVulnerabilities = [ "Support ended around October 2019." ]; - }; - - # Similarly to firefox-esr-52 above. - icecat-52 = iccommon rec { - ffversion = "52.6.0"; - icversion = "${ffversion}-gnu1"; - - src = fetchurl { - url = "mirror://gnu/gnuzilla/${ffversion}/icecat-${icversion}.tar.bz2"; - sha256 = "09fn54glqg1aa93hnz5zdcy07cps09dbni2b4200azh6nang630a"; - }; - - patches = [ - # this one is actually an omnipresent bug - # https://bugzilla.mozilla.org/show_bug.cgi?id=1444519 - ./fix-pa-context-connect-retval.patch - ]; - - meta.knownVulnerabilities = [ "Support ended in August 2018." ]; - }; + icecat = throw "firefoxPackages.icecat was removed as even its latest upstream version is based on an unsupported ESR release with open security issues."; + icecat-52 = throw "firefoxPackages.icecat was removed as even its latest upstream version is based on an unsupported ESR release with open security issues."; tor-browser-7-5 = throw "firefoxPackages.tor-browser-7-5 was removed because it was out of date and inadequately maintained. Please use tor-browser-bundle-bin instead. See #77452."; tor-browser-8-5 = throw "firefoxPackages.tor-browser-8-5 was removed because it was out of date and inadequately maintained. Please use tor-browser-bundle-bin instead. See #77452."; tor-browser = throw "firefoxPackages.tor-browser was removed because it was out of date and inadequately maintained. Please use tor-browser-bundle-bin instead. See #77452."; -}) +} diff --git a/pkgs/applications/networking/browsers/firefox/wrapper.nix b/pkgs/applications/networking/browsers/firefox/wrapper.nix index 4901d694f49f..2b44263096b2 100644 --- a/pkgs/applications/networking/browsers/firefox/wrapper.nix +++ b/pkgs/applications/networking/browsers/firefox/wrapper.nix @@ -155,9 +155,9 @@ let install -D -t $out/share/applications $desktopItem/share/applications/* - mkdir -p $out/lib/mozilla + mkdir -p $out/lib/mozilla/native-messaging-hosts for ext in ${toString nativeMessagingHosts}; do - lndir -silent $ext/lib/mozilla $out/lib/mozilla + ln -sLt $out/lib/mozilla/native-messaging-hosts $ext/lib/mozilla/native-messaging-hosts/* done # For manpages, in case the program supplies them diff --git a/pkgs/applications/networking/browsers/opera/default.nix b/pkgs/applications/networking/browsers/opera/default.nix index b92c3d58741a..f5eea57b483d 100644 --- a/pkgs/applications/networking/browsers/opera/default.nix +++ b/pkgs/applications/networking/browsers/opera/default.nix @@ -47,11 +47,11 @@ let in stdenv.mkDerivation rec { pname = "opera"; - version = "66.0.3515.36"; + version = "66.0.3515.72"; src = fetchurl { url = "${mirror}/${version}/linux/${pname}-stable_${version}_amd64.deb"; - sha256 = "1kmd8dxdid593a98a13n8k22hi1whvichda6qam2bqcz99rsczdd"; + sha256 = "1mw4sfjf9ijbgghkbkg45b6kzbd0qa0mxb88ajrjnxf4g26brhra"; }; unpackCmd = "${dpkg}/bin/dpkg-deb -x $curSrc ."; diff --git a/pkgs/applications/networking/browsers/palemoon/default.nix b/pkgs/applications/networking/browsers/palemoon/default.nix index 76417d482b53..1065f3499726 100644 --- a/pkgs/applications/networking/browsers/palemoon/default.nix +++ b/pkgs/applications/networking/browsers/palemoon/default.nix @@ -13,13 +13,13 @@ let in stdenv.mkDerivation rec { pname = "palemoon"; - version = "28.8.1"; + version = "28.8.2.1"; src = fetchFromGitHub { owner = "MoonchildProductions"; repo = "UXP"; rev = "PM${version}_Release"; - sha256 = "055bmfgasxf7azjqry06bbgwx6ryrdc1zrcq8b217b6zb1in037x"; + sha256 = "1m7dfgy5vjw1ndjsh0aksvsp0ii2kj7gxn0sp3h0xgwi0yq7lwyb"; }; desktopItem = makeDesktopItem { diff --git a/pkgs/applications/networking/p2p/tribler/default.nix b/pkgs/applications/networking/p2p/tribler/default.nix index 683507f8b19a..8bd536624086 100644 --- a/pkgs/applications/networking/p2p/tribler/default.nix +++ b/pkgs/applications/networking/p2p/tribler/default.nix @@ -3,11 +3,11 @@ stdenv.mkDerivation rec { pname = "tribler"; - version = "7.4.0-exp1"; + version = "7.4.1"; src = fetchurl { url = "https://github.com/Tribler/tribler/releases/download/v${version}/Tribler-v${version}.tar.xz"; - sha256 = "18ziisg0v2gdxnprbhqsryz92yk270waj0la7m2h326k5qql3qkf"; + sha256 = "1s9hzr0n00d3hb1z2srq75j7mbml6csylb14hzy9psw27q2c0fqs"; }; nativeBuildInputs = [ diff --git a/pkgs/applications/office/scribus/unstable.nix b/pkgs/applications/office/scribus/unstable.nix index 2a602b094ba2..faff45c8884a 100644 --- a/pkgs/applications/office/scribus/unstable.nix +++ b/pkgs/applications/office/scribus/unstable.nix @@ -1,12 +1,41 @@ -{ stdenv, fetchurl, fetchpatch, mkDerivation, pkgconfig, cmake, qtbase, cairo, pixman, -boost, cups, fontconfig, freetype, hunspell, libjpeg, libtiff, libxml2, lcms2, -podofo, poppler, poppler_data, python2, qtimageformats, qttools, harfbuzzFull }: +{ boost +, cairo +, cmake +, cups +, fetchpatch +, fetchurl +, fontconfig +, freetype +, harfbuzzFull +, hunspell +, lcms2 +, libjpeg +, libtiff +, libxml2 +, mkDerivation +, pixman +, pkgconfig +, podofo +, poppler +, poppler_data +, python2 +, qtbase +, qtimageformats +, qttools +, stdenv +}: let - pythonEnv = python2.withPackages(ps: [ps.tkinter ps.pillow]); + pythonEnv = python2.withPackages ( + ps: [ + ps.pillow + ps.tkinter + ] + ); in mkDerivation rec { pname = "scribus"; + version = "1.5.5"; src = fetchurl { @@ -16,31 +45,72 @@ mkDerivation rec { patches = [ # fix build with Poppler 0.82 - (fetchpatch { - url = "https://github.com/scribusproject/scribus/commit/6db15ec1af791377b28981601f8c296006de3c6f.patch"; - sha256 = "1y6g3avmsmiyaj8xry1syaz8sfznsavh6l2rp13pj2bwsxfcf939"; - }) + ( + fetchpatch { + url = "https://github.com/scribusproject/scribus/commit/6db15ec1af791377b28981601f8c296006de3c6f.patch"; + sha256 = "1y6g3avmsmiyaj8xry1syaz8sfznsavh6l2rp13pj2bwsxfcf939"; + } + ) # fix build with Poppler 0.83 - (fetchpatch { - url = "https://github.com/scribusproject/scribus/commit/b51c2bab4d57d685f96d427d6816bdd4ecfb4674.patch"; - sha256 = "031yy9ylzksczfnpcc4glfccz025sn47zg6fqqzjnqqrc16bgdlx"; - }) + ( + fetchpatch { + url = "https://github.com/scribusproject/scribus/commit/b51c2bab4d57d685f96d427d6816bdd4ecfb4674.patch"; + sha256 = "031yy9ylzksczfnpcc4glfccz025sn47zg6fqqzjnqqrc16bgdlx"; + } + ) + # fix build with Poppler 0.84 + # TODO: Remove patches with scribus version > 1.5.5 as it should be fixed upstream in next version + ( + fetchpatch { + url = "https://github.com/scribusproject/scribus/commit/3742559924136c2471ab15081c5b600dd5feaeb0.patch"; + sha256 = "1d72h7jbajy9w83bnxmhn1ca947hpfxnfbmq30g5ljlj824c7y9y"; + } + ) ]; enableParallelBuilding = true; - nativeBuildInputs = [ pkgconfig cmake ]; - buildInputs = [ - qtbase cairo pixman boost cups fontconfig - freetype hunspell libjpeg libtiff libxml2 lcms2 podofo poppler - poppler_data pythonEnv qtimageformats qttools harfbuzzFull + nativeBuildInputs = [ + cmake + pkgconfig ]; - meta = { - maintainers = [ stdenv.lib.maintainers.erictapen ]; - platforms = stdenv.lib.platforms.linux; + buildInputs = [ + boost + cairo + cups + fontconfig + freetype + harfbuzzFull + hunspell + lcms2 + libjpeg + libtiff + libxml2 + pixman + podofo + poppler + poppler_data + pythonEnv + qtbase + qtimageformats + qttools + ]; + + meta = with stdenv.lib; { + maintainers = with maintainers; [ + erictapen + kiwi + ]; + platforms = platforms.linux; description = "Desktop Publishing (DTP) and Layout program for Linux"; - homepage = http://www.scribus.net; - license = stdenv.lib.licenses.gpl2; + homepage = "http://www.scribus.net"; + # There are a lot of licenses... https://github.com/scribusproject/scribus/blob/20508d69ca4fc7030477db8dee79fd1e012b52d2/COPYING#L15-L19 + license = with licenses; [ + bsd3 + gpl2 + mit + publicDomain + ]; }; } diff --git a/pkgs/applications/science/electronics/pcb/default.nix b/pkgs/applications/science/electronics/pcb/default.nix index ec47a37140fd..636c494c3409 100644 --- a/pkgs/applications/science/electronics/pcb/default.nix +++ b/pkgs/applications/science/electronics/pcb/default.nix @@ -21,11 +21,11 @@ stdenv.mkDerivation rec { pname = "pcb"; - version = "4.2.1"; + version = "4.2.2"; src = fetchurl { url = "mirror://sourceforge/pcb/${pname}-${version}.tar.gz"; - sha256 = "1i9zvcj0vgwp2g2hkmvafdq0k39klj90jsdanqx9xl7gl70345cq"; + sha256 = "0pbfyfadbia1jf9ywkf02j8mfdh8c3mj390c2jdqnl70vcdszvhw"; }; nativeBuildInputs = [ diff --git a/pkgs/applications/science/logic/verifast/default.nix b/pkgs/applications/science/logic/verifast/default.nix index 3e3e26708618..c5e8078eff2a 100644 --- a/pkgs/applications/science/logic/verifast/default.nix +++ b/pkgs/applications/science/logic/verifast/default.nix @@ -20,11 +20,11 @@ let in stdenv.mkDerivation rec { pname = "verifast"; - version = "18.02"; + version = "19.12"; src = fetchurl { url = "https://github.com/verifast/verifast/releases/download/${version}/${pname}-${version}-linux.tar.gz"; - sha256 = "19050be23b6d5e471690421fee59f84c58b29e38379fb86b8f3713a206a4423e"; + sha256 = "169kshjq4cf4i9v92azv0xaflrnik5686w7fwcgdhd6qkbzflzl6"; }; dontStrip = true; diff --git a/pkgs/applications/science/logic/workcraft/default.nix b/pkgs/applications/science/logic/workcraft/default.nix index 2f972c92b521..c0d6d541d6bd 100644 --- a/pkgs/applications/science/logic/workcraft/default.nix +++ b/pkgs/applications/science/logic/workcraft/default.nix @@ -2,11 +2,11 @@ stdenv.mkDerivation rec { pname = "workcraft"; - version = "3.1.9"; + version = "3.2.5"; src = fetchurl { url = "https://github.com/workcraft/workcraft/releases/download/v${version}/workcraft-v${version}-linux.tar.gz"; - sha256 = "0d1mi8jffwr7irp215j9rfpa3nmwxrx6mv13bh7vn0qf6i0aw0xi"; + sha256 = "11dk00b17yhk7cv8zms4nlffc0qwgsapimzr8csb89qmgabd7rj3"; }; buildInputs = [ makeWrapper ]; diff --git a/pkgs/applications/version-management/git-repo/default.nix b/pkgs/applications/version-management/git-repo/default.nix index fe591c1b2f20..642afa350c6c 100644 --- a/pkgs/applications/version-management/git-repo/default.nix +++ b/pkgs/applications/version-management/git-repo/default.nix @@ -4,13 +4,13 @@ stdenv.mkDerivation rec { pname = "git-repo"; - version = "1.13.9.3"; + version = "1.13.9.4"; src = fetchFromGitHub { owner = "android"; repo = "tools_repo"; rev = "v${version}"; - sha256 = "0xrgq6v1bh9zgrgg2r9z4zndzch08p0z5y3sppffyrb19mib055k"; + sha256 = "0kkb3s472zvmz5xign25rgv7amdzhjb1wvchqxaf80g4913rw583"; }; patches = [ ./import-ssl-module.patch ]; diff --git a/pkgs/applications/version-management/gitkraken/default.nix b/pkgs/applications/version-management/gitkraken/default.nix index 2272e66faf58..73d376396a66 100644 --- a/pkgs/applications/version-management/gitkraken/default.nix +++ b/pkgs/applications/version-management/gitkraken/default.nix @@ -1,8 +1,8 @@ { stdenv, libXcomposite, libgnome-keyring, makeWrapper, udev, curl, alsaLib , libXfixes, atk, gtk3, libXrender, pango, gnome3, cairo, freetype, fontconfig , libX11, libXi, libxcb, libXext, libXcursor, glib, libXScrnSaver, libxkbfile, libXtst -, nss, nspr, cups, fetchurl, expat, gdk-pixbuf, libXdamage, libXrandr, dbus -, dpkg, makeDesktopItem, openssl, wrapGAppsHook, at-spi2-atk, libuuid +, nss, nspr, cups, fetchzip, expat, gdk-pixbuf, libXdamage, libXrandr, dbus +, makeDesktopItem, openssl, wrapGAppsHook, at-spi2-atk, at-spi2-core, libuuid , e2fsprogs, krb5 }: @@ -13,13 +13,16 @@ let in stdenv.mkDerivation rec { pname = "gitkraken"; - version = "6.4.1"; + version = "6.5.1"; - src = fetchurl { - url = "https://release.axocdn.com/linux/GitKraken-v${version}.deb"; - sha256 = "1w8iwpbr6nwzhhf63fvr7pd66yjx3jgjy4gx5y02qxa3ip5psq5b"; + src = fetchzip { + url = "https://release.axocdn.com/linux/GitKraken-v${version}.tar.gz"; + sha256 = "0dwjwismv4rfw58801g2ay51h9qrffcxgbl910frd4i530w0y44p"; }; + dontBuild = true; + dontConfigure = true; + libPath = makeLibraryPath [ stdenv.cc.cc.lib curlWithGnuTls @@ -54,6 +57,7 @@ stdenv.mkDerivation rec { libgnome-keyring openssl at-spi2-atk + at-spi2-core libuuid e2fsprogs krb5 @@ -69,27 +73,27 @@ stdenv.mkDerivation rec { comment = "Graphical Git client from Axosoft"; }; - nativeBuildInputs = [ dpkg makeWrapper wrapGAppsHook ]; + nativeBuildInputs = [ makeWrapper wrapGAppsHook ]; buildInputs = [ gtk3 gnome3.adwaita-icon-theme ]; - unpackCmd = '' - mkdir out - dpkg -x $curSrc out - ''; - installPhase = '' runHook preInstall - mkdir $out - pushd usr - pushd share - substituteInPlace applications/gitkraken.desktop \ - --replace /usr/share/gitkraken $out/bin - popd - rm -rf bin/gitkraken share/lintian - cp -av share bin $out/ - popd + mkdir -p $out/share/gitkraken/ + cp -R $src/* $out/share/gitkraken/ + + mkdir -p $out/bin ln -s $out/share/gitkraken/gitkraken $out/bin/gitkraken + + mkdir -p $out/share/applications + cp ${desktopItem}/share/applications/* $out/share/applications/ + + substituteInPlace $out/share/applications/gitkraken.desktop \ + --replace $out/usr/share/gitkraken $out/bin + + mkdir -p $out/share/pixmaps + cp gitkraken.png $out/share/pixmaps/gitkraken.png + runHook postInstall ''; diff --git a/pkgs/applications/video/handbrake/default.nix b/pkgs/applications/video/handbrake/default.nix index 59a8c2377ce9..ab7080206632 100644 --- a/pkgs/applications/video/handbrake/default.nix +++ b/pkgs/applications/video/handbrake/default.nix @@ -49,11 +49,11 @@ assert stdenv.isDarwin -> AudioToolbox != null && Foundation != null stdenv.mkDerivation rec { pname = "handbrake"; - version = "1.3.0"; + version = "1.3.1"; src = fetchurl { - url = ''https://download2.handbrake.fr/${version}/HandBrake-${version}-source.tar.bz2''; - sha256 = "15hxncswmaj62hb40fxixsa6d519zb712z9xbdq979q4rasjxa59"; + url = ''https://download.handbrake.fr/releases/${version}/HandBrake-${version}-source.tar.bz2''; + sha256 = "09rcrq0kjs1lc1as7w3glbpbfvzldwpx3xv0pfmkn4pl7acxw1f0"; }; nativeBuildInputs = [ @@ -102,8 +102,6 @@ stdenv.mkDerivation rec { # NOTE: 2018-12-27: Check NixOS HandBrake test if changing NIX_LDFLAGS = toString [ "-lx265" - # NOTE: The -ldl flag was fixed upstream for a release after 1.3.0 - "-ldl" ]; preBuild = '' diff --git a/pkgs/applications/video/manim/default.nix b/pkgs/applications/video/manim/default.nix new file mode 100644 index 000000000000..0d263f402b33 --- /dev/null +++ b/pkgs/applications/video/manim/default.nix @@ -0,0 +1,64 @@ +{ lib, buildPythonApplication, fetchFromGitHub, pythonOlder, file, fetchpatch +, cairo, ffmpeg, sox, xdg_utils, texlive +, colour, numpy, pillow, progressbar, scipy, tqdm, opencv , pycairo, pydub +, pbr, fetchPypi +}: +buildPythonApplication rec { + pname = "manim"; + version = "0.1.10"; + + src = fetchPypi { + pname = "manimlib"; + inherit version; + sha256 = "0vg9b3rwypq5zir74pi0pmj47yqlcg7hrvscwrpjzjbqq2yihn49"; + }; + + patches = [ ./remove-dependency-constraints.patch ]; + + nativeBuildInputs = [ pbr ]; + + propagatedBuildInputs = [ + colour + numpy + pillow + progressbar + scipy + tqdm + opencv + pycairo + pydub + + cairo sox ffmpeg xdg_utils + ]; + + # Test with texlive to see whether it works but don't propagate + # because it's huge and optional + # TODO: Use smaller TexLive distribution + # Doesn't need everything but it's hard to figure out what it needs + checkInputs = [ cairo sox ffmpeg xdg_utils texlive.combined.scheme-full ]; + + # Simple test and complex test with LaTeX + checkPhase = '' + for scene in SquareToCircle OpeningManimExample + do + python3 manim.py example_scenes.py $scene -l + tail -n 20 files/Tex/*.log # Print potential LaTeX erorrs + ${file}/bin/file videos/example_scenes/480p15/$scene.mp4 \ + | tee | grep -F "ISO Media, MP4 Base Media v1 [IS0 14496-12:2003]" + done + ''; + + disabled = pythonOlder "3.7"; + + meta = { + description = "Animation engine for explanatory math videos"; + longDescription = '' + Manim is an animation engine for explanatory math videos. It's used to + create precise animations programmatically, as seen in the videos of + 3Blue1Brown on YouTube. + ''; + homepage = https://github.com/3b1b/manim; + license = lib.licenses.mit; + maintainers = with lib.maintainers; [ johnazoidberg ]; + }; +} diff --git a/pkgs/applications/video/manim/remove-dependency-constraints.patch b/pkgs/applications/video/manim/remove-dependency-constraints.patch new file mode 100644 index 000000000000..4a7da45d0f57 --- /dev/null +++ b/pkgs/applications/video/manim/remove-dependency-constraints.patch @@ -0,0 +1,26 @@ +diff --git i/requirements.txt w/requirements.txt +index 556122ad..11fd49d5 100644 +--- i/requirements.txt ++++ w/requirements.txt +@@ -1,11 +1,10 @@ +-argparse==1.4.0 +-colour==0.1.5 +-numpy==1.15.0 +-Pillow==5.2.0 +-progressbar==2.5 +-scipy==1.1.0 +-tqdm==4.24.0 +-opencv-python==3.4.2.17 +-pycairo==1.17.1; sys_platform == 'linux' +-pycairo>=1.18.0; sys_platform == 'win32' +-pydub==0.23.0 ++colour ++numpy ++Pillow ++progressbar ++scipy ++tqdm ++pycairo ++pycairo>=1.18.1; sys_platform == 'win32' ++pydub ++pyreadline==2.1; sys_platform == 'win32' diff --git a/pkgs/data/misc/osinfo-db/default.nix b/pkgs/data/misc/osinfo-db/default.nix index 31f7eb7efdb8..96fd9ad33f16 100644 --- a/pkgs/data/misc/osinfo-db/default.nix +++ b/pkgs/data/misc/osinfo-db/default.nix @@ -2,11 +2,11 @@ stdenv.mkDerivation rec { pname = "osinfo-db"; - version = "20191125"; + version = "20200203"; src = fetchurl { url = "https://releases.pagure.org/libosinfo/${pname}-${version}.tar.xz"; - sha256 = "102mdykp5pjv7lw7saig640vb5a8ivy4ji8sa68q2wzfwg1yix78"; + sha256 = "1zjq1dhlci00j17dij7s3l30hybzmaykpk5b6bd5xbllp745njn5"; }; nativeBuildInputs = [ osinfo-db-tools intltool libxml2 ]; diff --git a/pkgs/data/themes/ant-theme/default.nix b/pkgs/data/themes/ant-theme/default.nix index 8ff869bc7aaa..c60fb4d33558 100644 --- a/pkgs/data/themes/ant-theme/default.nix +++ b/pkgs/data/themes/ant-theme/default.nix @@ -32,8 +32,6 @@ stdenv.mkDerivation rec { homepage = https://github.com/EliverLara/Ant; license = licenses.gpl3; platforms = platforms.all; - maintainers = [ - maintainers.pbogdan - ]; + maintainers = [ ]; }; } diff --git a/pkgs/development/compilers/adoptopenjdk-bin/sources.json b/pkgs/development/compilers/adoptopenjdk-bin/sources.json index e40ed72c46c1..760608027904 100644 --- a/pkgs/development/compilers/adoptopenjdk-bin/sources.json +++ b/pkgs/development/compilers/adoptopenjdk-bin/sources.json @@ -4,30 +4,30 @@ "jdk": { "hotspot": { "aarch64": { - "build": "11", - "sha256": "10e33e1862638e11a9158947b3d7b461727d8e396e378b171be1eb4dfe12f1ed", - "url": "https://github.com/AdoptOpenJDK/openjdk11-binaries/releases/download/jdk-11.0.4%2B11/OpenJDK11U-jdk_aarch64_linux_hotspot_11.0.4_11.tar.gz", - "version": "11.0.4" + "build": "10", + "sha256": "04b77f6754aed68528f39750c5cfd6a439190206aff216aa081d62a0e1a794fa", + "url": "https://github.com/AdoptOpenJDK/openjdk11-binaries/releases/download/jdk-11.0.6%2B10/OpenJDK11U-jdk_aarch64_linux_hotspot_11.0.6_10.tar.gz", + "version": "11.0.6" }, "armv6l": { "build": "10", - "sha256": "c6b1fda3f8807028cbfcc34a4ded2e8a5a6b6239d2bcc1f06673ea6b1530df94", - "url": "https://github.com/AdoptOpenJDK/openjdk11-binaries/releases/download/jdk-11.0.5%2B10/OpenJDK11U-jdk_arm_linux_hotspot_11.0.5_10.tar.gz", - "version": "11.0.5" + "sha256": "ab5b76203e54fe7a5221535f6f407efa43153de029a746f60af3cffb7cb5080b", + "url": "https://github.com/AdoptOpenJDK/openjdk11-binaries/releases/download/jdk-11.0.6%2B10/OpenJDK11U-jdk_arm_linux_hotspot_11.0.6_10.tar.gz", + "version": "11.0.6" }, "armv7l": { "build": "10", - "sha256": "c6b1fda3f8807028cbfcc34a4ded2e8a5a6b6239d2bcc1f06673ea6b1530df94", - "url": "https://github.com/AdoptOpenJDK/openjdk11-binaries/releases/download/jdk-11.0.5%2B10/OpenJDK11U-jdk_arm_linux_hotspot_11.0.5_10.tar.gz", - "version": "11.0.5" + "sha256": "ab5b76203e54fe7a5221535f6f407efa43153de029a746f60af3cffb7cb5080b", + "url": "https://github.com/AdoptOpenJDK/openjdk11-binaries/releases/download/jdk-11.0.6%2B10/OpenJDK11U-jdk_arm_linux_hotspot_11.0.6_10.tar.gz", + "version": "11.0.6" }, "packageType": "jdk", "vmType": "hotspot", "x86_64": { "build": "10", - "sha256": "6dd0c9c8a740e6c19149e98034fba8e368fd9aa16ab417aa636854d40db1a161", - "url": "https://github.com/AdoptOpenJDK/openjdk11-binaries/releases/download/jdk-11.0.5%2B10/OpenJDK11U-jdk_x64_linux_hotspot_11.0.5_10.tar.gz", - "version": "11.0.5" + "sha256": "330d19a2eaa07ed02757d7a785a77bab49f5ee710ea03b4ee2fa220ddd0feffc", + "url": "https://github.com/AdoptOpenJDK/openjdk11-binaries/releases/download/jdk-11.0.6%2B10/OpenJDK11U-jdk_x64_linux_hotspot_11.0.6_10.tar.gz", + "version": "11.0.6" } }, "openj9": { @@ -35,27 +35,27 @@ "vmType": "openj9", "x86_64": { "build": "10", - "sha256": "6ead0515aecb24c6a8f5f3800a070b7d20a66c8f26cba5dad137824da590a532", - "url": "https://github.com/AdoptOpenJDK/openjdk11-binaries/releases/download/jdk-11.0.5%2B10_openj9-0.17.0/OpenJDK11U-jdk_x64_linux_openj9_11.0.5_10_openj9-0.17.0.tar.gz", - "version": "11.0.5" + "sha256": "1530172ee98edd129954fcdca1bf725f7b30c8bfc3cdc381c88de96b7d19e690", + "url": "https://github.com/AdoptOpenJDK/openjdk11-binaries/releases/download/jdk-11.0.6%2B10_openj9-0.18.1/OpenJDK11U-jdk_x64_linux_openj9_11.0.6_10_openj9-0.18.1.tar.gz", + "version": "11.0.6" } } }, "jre": { "hotspot": { "aarch64": { - "build": "11", - "sha256": "5f7b5c110fc0f344a549cb11784a6d76838061a2b6f654f7841f60e0cd286c6a", - "url": "https://github.com/AdoptOpenJDK/openjdk11-binaries/releases/download/jdk-11.0.4%2B11/OpenJDK11U-jre_aarch64_linux_hotspot_11.0.4_11.tar.gz", - "version": "11.0.4" + "build": "10", + "sha256": "7ed04ed9ed7271528e7f03490f1fd7dfbbc2d391414bd6fe4dd80ec3bad76d30", + "url": "https://github.com/AdoptOpenJDK/openjdk11-binaries/releases/download/jdk-11.0.6%2B10/OpenJDK11U-jre_aarch64_linux_hotspot_11.0.6_10.tar.gz", + "version": "11.0.6" }, "packageType": "jre", "vmType": "hotspot", "x86_64": { "build": "10", - "sha256": "2f08c469c9a8adea1b6ee3444ba2a8242a7e99d87976a077faf037a9eb7f884b", - "url": "https://github.com/AdoptOpenJDK/openjdk11-binaries/releases/download/jdk-11.0.5%2B10/OpenJDK11U-jre_x64_linux_hotspot_11.0.5_10.tar.gz", - "version": "11.0.5" + "sha256": "c5a4e69e2be0e3e5f5bb7c759960b20650967d0f571baad4a7f15b2c03bda352", + "url": "https://github.com/AdoptOpenJDK/openjdk11-binaries/releases/download/jdk-11.0.6%2B10/OpenJDK11U-jre_x64_linux_hotspot_11.0.6_10.tar.gz", + "version": "11.0.6" } }, "openj9": { @@ -63,9 +63,9 @@ "vmType": "openj9", "x86_64": { "build": "10", - "sha256": "2b68ea68d41281238a9dbe494cec762bd97fe34cf4fb6ba44ee1ce66bcec9d38", - "url": "https://github.com/AdoptOpenJDK/openjdk11-binaries/releases/download/jdk-11.0.5%2B10_openj9-0.17.0/OpenJDK11U-jre_x64_linux_openj9_11.0.5_10_openj9-0.17.0.tar.gz", - "version": "11.0.5" + "sha256": "056e4b5f7166f5daa44f36b06c735913bda52831d2e77fa2ac371505c66d10c1", + "url": "https://github.com/AdoptOpenJDK/openjdk11-binaries/releases/download/jdk-11.0.6%2B10_openj9-0.18.1/OpenJDK11U-jre_x64_linux_openj9_11.0.6_10_openj9-0.18.1.tar.gz", + "version": "11.0.6" } } } @@ -77,9 +77,9 @@ "vmType": "hotspot", "x86_64": { "build": "10", - "sha256": "0825d0d3177832320b697944cd8e7b2e7fe3893fafe8bfcf33ee3631aa5ca96b", - "url": "https://github.com/AdoptOpenJDK/openjdk11-binaries/releases/download/jdk-11.0.5%2B10/OpenJDK11U-jdk_x64_mac_hotspot_11.0.5_10.tar.gz", - "version": "11.0.5" + "sha256": "b87102274d983bf6bb0aa6c2c623301d0ff5eb7f61043ffd04abb00f962c2dcd", + "url": "https://github.com/AdoptOpenJDK/openjdk11-binaries/releases/download/jdk-11.0.6%2B10/OpenJDK11U-jdk_x64_mac_hotspot_11.0.6_10.tar.gz", + "version": "11.0.6" } }, "openj9": { @@ -87,9 +87,9 @@ "vmType": "openj9", "x86_64": { "build": "10", - "sha256": "97dc8234b73e233316b5dfdca75af9a0d54aa23b1309b1a68fd0a5d2fa928e05", - "url": "https://github.com/AdoptOpenJDK/openjdk11-binaries/releases/download/jdk-11.0.5%2B10.1_openj9-0.17.0/OpenJDK11U-jdk_x64_mac_openj9_11.0.5_10_openj9-0.17.0.tar.gz", - "version": "11.0.5" + "sha256": "9a5c5b3bb51a82e666c46b2d1bbafa8c2bbc3aae50194858c8f96c5d43a96f64", + "url": "https://github.com/AdoptOpenJDK/openjdk11-binaries/releases/download/jdk-11.0.6%2B10_openj9-0.18.1/OpenJDK11U-jdk_x64_mac_openj9_11.0.6_10_openj9-0.18.1.tar.gz", + "version": "11.0.6" } } }, @@ -99,9 +99,9 @@ "vmType": "hotspot", "x86_64": { "build": "10", - "sha256": "dfd212023321ebb41bce8cced15b4668001e86ecff6bffdd4f2591ccaae41566", - "url": "https://github.com/AdoptOpenJDK/openjdk11-binaries/releases/download/jdk-11.0.5%2B10/OpenJDK11U-jre_x64_mac_hotspot_11.0.5_10.tar.gz", - "version": "11.0.5" + "sha256": "ab3c2038a32c62843500109d2efb8f5dacdfa1de3cbb713c8226f26dc603cc33", + "url": "https://github.com/AdoptOpenJDK/openjdk11-binaries/releases/download/jdk-11.0.6%2B10/OpenJDK11U-jre_x64_mac_hotspot_11.0.6_10.tar.gz", + "version": "11.0.6" } }, "openj9": { @@ -109,9 +109,9 @@ "vmType": "openj9", "x86_64": { "build": "10", - "sha256": "ea6bd0be4562e766c035b997447c059d10d5d2e58ca464c57f9078858da1c967", - "url": "https://github.com/AdoptOpenJDK/openjdk11-binaries/releases/download/jdk-11.0.5%2B10.1_openj9-0.17.0/OpenJDK11U-jre_x64_mac_openj9_11.0.5_10_openj9-0.17.0.tar.gz", - "version": "11.0.5" + "sha256": "130850133d9701393352c2ce13ab541b4f900ff1f5ddf8257cda624968aada9f", + "url": "https://github.com/AdoptOpenJDK/openjdk11-binaries/releases/download/jdk-11.0.6%2B10_openj9-0.18.1/OpenJDK11U-jre_x64_mac_openj9_11.0.6_10_openj9-0.18.1.tar.gz", + "version": "11.0.6" } } } @@ -127,23 +127,35 @@ "url": "https://github.com/AdoptOpenJDK/openjdk8-binaries/releases/download/jdk8u232-b09/OpenJDK8U-jdk_aarch64_linux_hotspot_8u232b09.tar.gz", "version": "8.0.232" }, + "armv6l": { + "build": "9", + "sha256": "fdd9f61f1b2df74242da54ee3b3231b0123782a917e9673351276da439c7cab1", + "url": "https://github.com/AdoptOpenJDK/openjdk8-binaries/releases/download/jdk8u232-b09/OpenJDK8U-jdk_arm_linux_hotspot_8u232b09.tar.gz", + "version": "8.0.232" + }, + "armv7l": { + "build": "9", + "sha256": "fdd9f61f1b2df74242da54ee3b3231b0123782a917e9673351276da439c7cab1", + "url": "https://github.com/AdoptOpenJDK/openjdk8-binaries/releases/download/jdk8u232-b09/OpenJDK8U-jdk_arm_linux_hotspot_8u232b09.tar.gz", + "version": "8.0.232" + }, "packageType": "jdk", "vmType": "hotspot", "x86_64": { - "build": "9", - "sha256": "7b7884f2eb2ba2d47f4c0bf3bb1a2a95b73a3a7734bd47ebf9798483a7bcc423", - "url": "https://github.com/AdoptOpenJDK/openjdk8-binaries/releases/download/jdk8u232-b09/OpenJDK8U-jdk_x64_linux_hotspot_8u232b09.tar.gz", - "version": "8.0.232" + "build": "8", + "sha256": "f39b523c724d0e0047d238eb2bb17a9565a60574cf651206c867ee5fc000ab43", + "url": "https://github.com/AdoptOpenJDK/openjdk8-binaries/releases/download/jdk8u242-b08/OpenJDK8U-jdk_x64_linux_hotspot_8u242b08.tar.gz", + "version": "8.0.242" } }, "openj9": { "packageType": "jdk", "vmType": "openj9", "x86_64": { - "build": "9", - "sha256": "abea758c7e102f3c4a3be8757ee0ce039a70e2d498c160400dfb83c6f7004dbf", - "url": "https://github.com/AdoptOpenJDK/openjdk8-binaries/releases/download/jdk8u232-b09_openj9-0.17.0/OpenJDK8U-jdk_x64_linux_openj9_8u232b09_openj9-0.17.0.tar.gz", - "version": "8.0.232" + "build": "8", + "sha256": "ca785af638b24f9d4df896f5a9f557cc9f1e5fa5e2b1174d6b906e3fd5474c2e", + "url": "https://github.com/AdoptOpenJDK/openjdk8-binaries/releases/download/jdk8u242-b08_openj9-0.18.1/OpenJDK8U-jdk_x64_linux_openj9_8u242b08_openj9-0.18.1.tar.gz", + "version": "8.0.242" } } }, @@ -155,23 +167,35 @@ "url": "https://github.com/AdoptOpenJDK/openjdk8-binaries/releases/download/jdk8u232-b09/OpenJDK8U-jre_aarch64_linux_hotspot_8u232b09.tar.gz", "version": "8.0.232" }, + "armv6l": { + "build": "9", + "sha256": "8ab786fc2fa0a282f5cf57f6040f1976c32c3c5e480e900ce5925de6543f6688", + "url": "https://github.com/AdoptOpenJDK/openjdk8-binaries/releases/download/jdk8u232-b09/OpenJDK8U-jre_arm_linux_hotspot_8u232b09.tar.gz", + "version": "8.0.232" + }, + "armv7l": { + "build": "9", + "sha256": "8ab786fc2fa0a282f5cf57f6040f1976c32c3c5e480e900ce5925de6543f6688", + "url": "https://github.com/AdoptOpenJDK/openjdk8-binaries/releases/download/jdk8u232-b09/OpenJDK8U-jre_arm_linux_hotspot_8u232b09.tar.gz", + "version": "8.0.232" + }, "packageType": "jre", "vmType": "hotspot", "x86_64": { - "build": "9", - "sha256": "bd06b84a1fc10e0a555431bc49a84e86df45de0be93c8ee4d09d13513219843b", - "url": "https://github.com/AdoptOpenJDK/openjdk8-binaries/releases/download/jdk8u232-b09/OpenJDK8U-jre_x64_linux_hotspot_8u232b09.tar.gz", - "version": "8.0.232" + "build": "8", + "sha256": "5edfaefdbb0469d8b24d61c8aef80c076611053b1738029c0232b9a632fe2708", + "url": "https://github.com/AdoptOpenJDK/openjdk8-binaries/releases/download/jdk8u242-b08/OpenJDK8U-jre_x64_linux_hotspot_8u242b08.tar.gz", + "version": "8.0.242" } }, "openj9": { "packageType": "jre", "vmType": "openj9", "x86_64": { - "build": "9", - "sha256": "30bdfdb38901d4807d96a72a33b83f7a4f40255e11a88853c1e8732acc4644a7", - "url": "https://github.com/AdoptOpenJDK/openjdk8-binaries/releases/download/jdk8u232-b09_openj9-0.17.0/OpenJDK8U-jre_x64_linux_openj9_8u232b09_openj9-0.17.0.tar.gz", - "version": "8.0.232" + "build": "8", + "sha256": "985d3134b64c6196d4c9ddbc87af0c62b0e643cef71b29f3d25a8c7811811745", + "url": "https://github.com/AdoptOpenJDK/openjdk8-binaries/releases/download/jdk8u242-b08_openj9-0.18.1/OpenJDK8U-jre_x64_linux_openj9_8u242b08_openj9-0.18.1.tar.gz", + "version": "8.0.242" } } } @@ -182,20 +206,20 @@ "packageType": "jdk", "vmType": "hotspot", "x86_64": { - "build": "9", - "sha256": "c237b2c2c32c893e4ee60cdac8c4bcc34ca731a5445986c03b95cf79918e40c3", - "url": "https://github.com/AdoptOpenJDK/openjdk8-binaries/releases/download/jdk8u232-b09/OpenJDK8U-jdk_x64_mac_hotspot_8u232b09.tar.gz", - "version": "8.0.232" + "build": "8", + "sha256": "06675b7d65bce0313ee1f2e888dd44267e8afeced75e0b39b5ad1f5fdff54e0b", + "url": "https://github.com/AdoptOpenJDK/openjdk8-binaries/releases/download/jdk8u242-b08/OpenJDK8U-jdk_x64_mac_hotspot_8u242b08.tar.gz", + "version": "8.0.242" } }, "openj9": { "packageType": "jdk", "vmType": "openj9", "x86_64": { - "build": "9", - "sha256": "168079dcc20f62ac4409800c78d23a63ba7c665e58cd7ac8bde21ebbbb2b6d48", - "url": "https://github.com/AdoptOpenJDK/openjdk8-binaries/releases/download/jdk8u232-b09.1_openj9-0.17.0/OpenJDK8U-jdk_x64_mac_openj9_8u232b09_openj9-0.17.0.tar.gz", - "version": "8.0.232" + "build": "8", + "sha256": "665dc9c8239b7270b007ab9dd7522570e2686e327d89caf57a6aa6e5c6450078", + "url": "https://github.com/AdoptOpenJDK/openjdk8-binaries/releases/download/jdk8u242-b08_openj9-0.18.1/OpenJDK8U-jdk_x64_mac_openj9_8u242b08_openj9-0.18.1.tar.gz", + "version": "8.0.242" } } }, @@ -204,20 +228,20 @@ "packageType": "jre", "vmType": "hotspot", "x86_64": { - "build": "9", - "sha256": "5ec5f11dbc81ab65641b765e1ef2f924736c0d1cc797cb95b078598d9d863afd", - "url": "https://github.com/AdoptOpenJDK/openjdk8-binaries/releases/download/jdk8u232-b09/OpenJDK8U-jre_x64_mac_hotspot_8u232b09.tar.gz", - "version": "8.0.232" + "build": "8", + "sha256": "fae3777e3441dc7384c339a9054aa7efc40cd2c501625a535c2d4648367ccca3", + "url": "https://github.com/AdoptOpenJDK/openjdk8-binaries/releases/download/jdk8u242-b08/OpenJDK8U-jre_x64_mac_hotspot_8u242b08.tar.gz", + "version": "8.0.242" } }, "openj9": { "packageType": "jre", "vmType": "openj9", "x86_64": { - "build": "9", - "sha256": "60b70aa16c8ca38b96c305003f3d9871897555d0b4039b8e1f8db9ceeab16d53", - "url": "https://github.com/AdoptOpenJDK/openjdk8-binaries/releases/download/jdk8u232-b09.1_openj9-0.17.0/OpenJDK8U-jre_x64_mac_openj9_8u232b09_openj9-0.17.0.tar.gz", - "version": "8.0.232" + "build": "8", + "sha256": "d4a924558ddda0aed671a67f71714b71c25871a7659fd4c505851cf5ee866de5", + "url": "https://github.com/AdoptOpenJDK/openjdk8-binaries/releases/download/jdk8u242-b08_openj9-0.18.1/OpenJDK8U-jre_x64_mac_openj9_8u242b08_openj9-0.18.1.tar.gz", + "version": "8.0.242" } } } diff --git a/pkgs/development/compilers/bluespec/default.nix b/pkgs/development/compilers/bluespec/default.nix new file mode 100644 index 000000000000..5f6b44a58928 --- /dev/null +++ b/pkgs/development/compilers/bluespec/default.nix @@ -0,0 +1,94 @@ +{ stdenv +, fetchFromGitHub +, fetchpatch +, autoconf +, automake +, fontconfig +, gmp +, gperf +, haskell +, libX11 +, libpoly +, perl +, pkgconfig +, verilog +, xorg +, zlib +}: + +let + # yices wants a libgmp.a and fails otherwise + gmpStatic = gmp.override { withStatic = true; }; + + # Compiling PreludeBSV fails with more recent GHC versions + # > imperative statement (not BVI context) + # https://github.com/B-Lang-org/bsc/issues/20#issuecomment-583724030 + ghcWithPackages = haskell.packages.ghc844.ghc.withPackages (g: (with g; [old-time regex-compat syb])); +in stdenv.mkDerivation rec { + pname = "bluespec"; + version = "unstable-2020.02.09"; + + src = fetchFromGitHub { + owner = "B-Lang-org"; + repo = "bsc"; + rev = "05c8afb08078e437c635b9c708124b428ac51b3d"; + sha256 = "06yhpkz7wga1a0p9031cfjqbzw7205bj2jxgdghhfzmllaiphniy"; + fetchSubmodules = true; + }; + + enableParallelBuilding = true; + + buildInputs = [ + zlib + gmpStatic gperf libpoly # yices + libX11 # tcltk + xorg.libXft + fontconfig + ]; + + nativeBuildInputs = [ + automake autoconf + perl + pkgconfig + ghcWithPackages + ]; + + checkInputs = [ + verilog + ]; + + patches = [ + # drop stp support https://github.com/B-Lang-org/bsc/pull/31 + (fetchpatch { + url = "https://github.com/flokli/bsc/commit/0bd48ecc2561541dc1368918863c0b2f4915006f.patch"; + sha256 = "0bam9anld33zfi9d4gs502g94w49zhl5iqmbs2d1p5i19aqpy38l"; + }) + ]; + + preBuild = '' + patchShebangs \ + src/Verilog/copy_module.pl \ + src/comp/update-build-version.sh \ + src/comp/update-build-system.sh \ + src/comp/wrapper.sh + ''; + + makeFlags = [ + "NOGIT=1" # https://github.com/B-Lang-org/bsc/issues/12 + "LDCONFIG=ldconfig" # https://github.com/B-Lang-org/bsc/pull/43 + ]; + + installPhase = "mv inst $out"; + + doCheck = true; + + meta = { + description = "Toolchain for the Bluespec Hardware Definition Language"; + homepage = "https://github.com/B-Lang-org/bsc"; + license = stdenv.lib.licenses.bsd3; + platforms = [ "x86_64-linux" ]; + # darwin fails at https://github.com/B-Lang-org/bsc/pull/35#issuecomment-583731562 + # aarch64 fails, as GHC fails with "ghc: could not execute: opt" + maintainers = with stdenv.lib.maintainers; [ flokli thoughtpolice ]; + }; +} diff --git a/pkgs/development/compilers/gcc/4.9/default.nix b/pkgs/development/compilers/gcc/4.9/default.nix index b287a8551f3c..270d118f97eb 100644 --- a/pkgs/development/compilers/gcc/4.9/default.nix +++ b/pkgs/development/compilers/gcc/4.9/default.nix @@ -303,7 +303,7 @@ stdenv.mkDerivation ({ compiler used in the GNU system including the GNU/Linux variant. ''; - maintainers = with stdenv.lib.maintainers; [ peti ]; + maintainers = with stdenv.lib.maintainers; [ peti veprbl ]; platforms = stdenv.lib.platforms.linux ++ diff --git a/pkgs/development/compilers/gcc/snapshot/default.nix b/pkgs/development/compilers/gcc/snapshot/default.nix deleted file mode 100644 index 0441296ef179..000000000000 --- a/pkgs/development/compilers/gcc/snapshot/default.nix +++ /dev/null @@ -1,252 +0,0 @@ -{ stdenv, targetPackages, fetchurl, fetchpatch, noSysDirs -, langC ? true, langCC ? true, langFortran ? false -, langObjC ? stdenv.targetPlatform.isDarwin -, langObjCpp ? stdenv.targetPlatform.isDarwin -, langGo ? false -, profiledCompiler ? false -, staticCompiler ? false -, enableShared ? true -, enableLTO ? true -, texinfo ? null -, perl ? null # optional, for texi2pod (then pod2man) -, gmp, mpfr, libmpc, gettext, which -, libelf # optional, for link-time optimizations (LTO) -, isl ? null # optional, for the Graphite optimization framework. -, zlib ? null -, enableMultilib ? false -, enablePlugin ? stdenv.hostPlatform == stdenv.buildPlatform # Whether to support user-supplied plug-ins -, name ? "gcc" -, libcCross ? null -, threadsCross ? null # for MinGW -, crossStageStatic ? false -, # Strip kills static libs of other archs (hence no cross) - stripped ? stdenv.hostPlatform == stdenv.buildPlatform - && stdenv.targetPlatform == stdenv.hostPlatform -, gnused ? null -, cloog # unused; just for compat with gcc4, as we override the parameter on some places -, flex ? null -, buildPackages -}: - -# LTO needs libelf and zlib. -assert libelf != null -> zlib != null; - -# Make sure we get GNU sed. -assert stdenv.hostPlatform.isDarwin -> gnused != null; - -# The go frontend is written in c++ -assert langGo -> langCC; - -# threadsCross is just for MinGW -assert threadsCross != null -> stdenv.targetPlatform.isWindows; - -with stdenv.lib; -with builtins; - -let majorVersion = "7"; - version = "${majorVersion}-20170409"; - - inherit (stdenv) buildPlatform hostPlatform targetPlatform; - - patches = - [ ] - ++ optional (targetPlatform != hostPlatform) ../libstdc++-target.patch - ++ optional noSysDirs ../no-sys-dirs.patch - ++ optional langFortran ../gfortran-driving.patch - ++ optional (!crossStageStatic && targetPlatform.isMinGW) (fetchpatch { - url = "https://raw.githubusercontent.com/lhmouse/MINGW-packages/${import ../common/mfcgthreads-patches-repo.nix}/mingw-w64-gcc-git/9000-gcc-${majorVersion}-branch-Added-mcf-thread-model-support-from-mcfgthread.patch"; - sha256 = "1nyjnshpq5gbcbbpfv27hy4ajvycmgkpiabkjlxnnrnq1d99k1ay"; - }); - - /* Cross-gcc settings (build == host != target) */ - crossMingw = targetPlatform != hostPlatform && targetPlatform.libc == "msvcrt"; - stageNameAddon = if crossStageStatic then "stage-static" else "stage-final"; - crossNameAddon = optionalString (targetPlatform != hostPlatform) "${targetPlatform.config}-${stageNameAddon}-"; - -in - -stdenv.mkDerivation ({ - pname = "${crossNameAddon}${name}${if stripped then "" else "-debug"}"; - inherit version; - - builder = ../builder.sh; - - src = fetchurl { - url = "mirror://gcc/snapshots/${version}/gcc-${version}.tar.bz2"; - sha256 = "19197rw1xrpkb8h10lfgn6zj7yj52x95hdmr0x5lg8i4v3i23b67"; - }; - - inherit patches; - - outputs = [ "out" "lib" "man" "info" ]; - setOutputFlags = false; - NIX_NO_SELF_RPATH = true; - - libc_dev = stdenv.cc.libc_dev; - - hardeningDisable = [ "format" "pie" ]; - - postPatch = - if targetPlatform != hostPlatform || stdenv.cc.libc != null then - # On NixOS, use the right path to the dynamic linker instead of - # `/lib/ld*.so'. - let - libc = if libcCross != null then libcCross else stdenv.cc.libc; - in - '' echo "fixing the \`GLIBC_DYNAMIC_LINKER' and \`UCLIBC_DYNAMIC_LINKER' macros..." - for header in "gcc/config/"*-gnu.h "gcc/config/"*"/"*.h - do - grep -q LIBC_DYNAMIC_LINKER "$header" || continue - echo " fixing \`$header'..." - sed -i "$header" \ - -e 's|define[[:blank:]]*\([UCG]\+\)LIBC_DYNAMIC_LINKER\([0-9]*\)[[:blank:]]"\([^\"]\+\)"$|define \1LIBC_DYNAMIC_LINKER\2 "${libc.out}\3"|g' - done - '' - else null; - - inherit noSysDirs staticCompiler crossStageStatic - libcCross crossMingw; - - depsBuildBuild = [ buildPackages.stdenv.cc ]; - nativeBuildInputs = [ texinfo which gettext ] - ++ (optional (perl != null) perl); - - # For building runtime libs - depsBuildTarget = - if hostPlatform == buildPlatform then [ - targetPackages.stdenv.cc.bintools # newly-built gcc will be used - ] else assert targetPlatform == hostPlatform; [ # build != host == target - stdenv.cc - ]; - - buildInputs = [ - gmp mpfr libmpc libelf flex - targetPackages.stdenv.cc.bintools # For linking code at run-time - ] ++ (optional (isl != null) isl) - ++ (optional (zlib != null) zlib) - # The builder relies on GNU sed (for instance, Darwin's `sed' fails with - # "-i may not be used with stdin"), and `stdenvNative' doesn't provide it. - ++ (optional hostPlatform.isDarwin gnused) - ; - - depsTargetTarget = optional (!crossStageStatic && threadsCross != null) threadsCross; - - NIX_LDFLAGS = stdenv.lib.optionalString hostPlatform.isSunOS "-lm -ldl"; - - preConfigure = import ../common/pre-configure.nix { - inherit (stdenv) lib; - inherit version hostPlatform langGo; - }; - - dontDisableStatic = true; - - # TODO(@Ericson2314): Always pass "--target" and always prefix. - configurePlatforms = [ "build" "host" ] ++ stdenv.lib.optional (targetPlatform != hostPlatform) "target"; - - configureFlags = import ../common/configure-flags.nix { - inherit - stdenv - targetPackages - crossStageStatic libcCross - version - - gmp mpfr libmpc libelf isl - - enableLTO - enableMultilib - enablePlugin - enableShared - - langC - langCC - langFortran - langGo - langObjC - langObjCpp - ; - }; - - targetConfig = if targetPlatform != hostPlatform then targetPlatform.config else null; - - buildFlags = optional - (targetPlatform == hostPlatform && hostPlatform == buildPlatform) - (if profiledCompiler then "profiledbootstrap" else "bootstrap"); - - dontStrip = !stripped; - NIX_STRIP_DEBUG = !stripped; - - installTargets = - if stripped - then "install-strip" - else "install"; - - # https://gcc.gnu.org/install/specific.html#x86-64-x-solaris210 - ${if hostPlatform.system == "x86_64-solaris" then "CC" else null} = "gcc -m64"; - - # Setting $CPATH and $LIBRARY_PATH to make sure both `gcc' and `xgcc' find the - # library headers and binaries, regarless of the language being compiled. - # - # Likewise, the LTO code doesn't find zlib. - # - # Cross-compiling, we need gcc not to read ./specs in order to build the g++ - # compiler (after the specs for the cross-gcc are created). Having - # LIBRARY_PATH= makes gcc read the specs from ., and the build breaks. - - CPATH = optionals (targetPlatform == hostPlatform) (makeSearchPathOutput "dev" "include" ([] - ++ optional (zlib != null) zlib - )); - - LIBRARY_PATH = optionals (targetPlatform == hostPlatform) (makeLibraryPath (optional (zlib != null) zlib)); - - inherit - (import ../common/extra-target-flags.nix { - inherit stdenv crossStageStatic libcCross threadsCross; - }) - EXTRA_TARGET_FLAGS - EXTRA_TARGET_LDFLAGS - ; - - passthru = { - inherit langC langCC langObjC langObjCpp langFortran langGo version; - isGNU = true; - }; - - enableParallelBuilding = true; - inherit enableMultilib; - - inherit (stdenv) is64bit; - - meta = { - homepage = https://gcc.gnu.org/; - license = stdenv.lib.licenses.gpl3Plus; # runtime support libraries are typically LGPLv3+ - description = "GNU Compiler Collection, version ${version}" - + (if stripped then "" else " (with debugging info)"); - - longDescription = '' - The GNU Compiler Collection includes compiler front ends for C, C++, - Objective-C, Fortran, OpenMP for C/C++/Fortran, and Ada, as well as - libraries for these languages (libstdc++, libgomp,...). - - GCC development is a part of the GNU Project, aiming to improve the - compiler used in the GNU system including the GNU/Linux variant. - ''; - - maintainers = with stdenv.lib.maintainers; [ ]; - - platforms = - stdenv.lib.platforms.linux ++ - stdenv.lib.platforms.freebsd ++ - stdenv.lib.platforms.illumos ++ - stdenv.lib.platforms.darwin; - - broken = true; - }; -} - -// optionalAttrs (targetPlatform != hostPlatform && targetPlatform.libc == "msvcrt" && crossStageStatic) { - makeFlags = [ "all-gcc" "all-target-libgcc" ]; - installTargets = "install-gcc install-target-libgcc"; -} - -// optionalAttrs (enableMultilib) { dontMoveLib64 = true; } -) diff --git a/pkgs/development/interpreters/octave/default.nix b/pkgs/development/interpreters/octave/default.nix index eb9827969e12..f0f80f758548 100644 --- a/pkgs/development/interpreters/octave/default.nix +++ b/pkgs/development/interpreters/octave/default.nix @@ -18,11 +18,11 @@ let in stdenv.mkDerivation rec { - version = "5.1.0"; + version = "5.2.0"; pname = "octave"; src = fetchurl { url = "mirror://gnu/octave/${pname}-${version}.tar.gz"; - sha256 = "15blrldzwyxma16rnd4n01gnsrriii0dwmyca6m7qz62r8j12sz3"; + sha256 = "1qcmcpsq1lfka19fxzvxjwjhg113c39a9a0x8plkhvwdqyrn5sig"; }; buildInputs = [ gfortran readline ncurses perl flex texinfo qhull @@ -77,7 +77,7 @@ stdenv.mkDerivation rec { }; meta = { - homepage = http://octave.org/; + homepage = "https://www.gnu.org/software/octave/"; license = stdenv.lib.licenses.gpl3Plus; maintainers = with stdenv.lib.maintainers; [raskin]; description = "Scientific Pragramming Language"; diff --git a/pkgs/development/interpreters/octave/hg.nix b/pkgs/development/interpreters/octave/hg.nix deleted file mode 100644 index a34834af48cb..000000000000 --- a/pkgs/development/interpreters/octave/hg.nix +++ /dev/null @@ -1,75 +0,0 @@ -args@{ stdenv, openblas, ghostscript ? null, texinfo - - , # These are arguments that shouldn't be passed to the - # octave package. - texlive, tex ? texlive.combined.scheme-small - , epstool, pstoedit, transfig - , lib, fetchhg, callPackage - , autoconf, automake, libtool - , bison, librsvg, icoutils, gperf - - , # These are options that can be passed in addition to the ones - # octave usually takes. - # - rev is the HG revision. Use "tip" for the bleeding edge. - # - docs can be set to false to skip building documentation. - rev ? "23269", docs ? true - - , # All remaining arguments will be passed to the octave package. - ... - }: - -with stdenv.lib; -let - octaveArgs = removeAttrs args - [ "texlive" "tex" - "epstool" "pstoedit" "transfig" - "lib" "fetchhg" "callPackage" - "autoconf" "automake" "libtool" - "bison" "librsvg" "icoutils" "gperf" - "rev" "docs" - ]; - octave = callPackage ./default.nix octaveArgs; - - # List of hashes for known HG revisions. - sha256s = { - "23269" = "87f560e873ad1454fdbcdd8aca65f9f0b1e605bdc00aebbdc4f9d862ca72ff1d"; - }; - -in lib.overrideDerivation octave (attrs: rec { - version = "4.3.0pre${rev}"; - name = "octave-${version}"; - - src = fetchhg { - url = http://www.octave.org/hg/octave; - inherit rev; - - sha256 = - if builtins.hasAttr rev sha256s - then builtins.getAttr rev sha256s - else null; - - fetchSubrepos = true; - }; - - # Octave's test for including this flag seems to be broken in 4.3. - F77_INTEGER_8_FLAG = optional openblas.blas64 "-fdefault-integer-8"; - - # This enables texinfo to find the files it needs. - TEXINPUTS = ".:build-aux:${texinfo}/texmf-dist/tex/generic/epsf:"; - - disableDocs = !docs || ghostscript == null; - - nativeBuildInputs = attrs.nativeBuildInputs - ++ [ autoconf automake libtool bison librsvg icoutils gperf ] - ++ optionals (!disableDocs) [ tex epstool pstoedit transfig ]; - - # Run bootstrap before any other patches, as other patches may refer - # to files that are generated by the bootstrap. - prePatch = '' - patchShebangs bootstrap - ./bootstrap - '' + attrs.prePatch; - - configureFlags = attrs.configureFlags ++ - optional disableDocs "--disable-docs"; -}) diff --git a/pkgs/development/libraries/aws-c-event-stream/default.nix b/pkgs/development/libraries/aws-c-event-stream/default.nix index ccc4abb85fdb..cc26c29c9d1d 100644 --- a/pkgs/development/libraries/aws-c-event-stream/default.nix +++ b/pkgs/development/libraries/aws-c-event-stream/default.nix @@ -16,6 +16,7 @@ stdenv.mkDerivation rec { buildInputs = [ aws-c-common aws-checksums ] ++ lib.optional stdenv.hostPlatform.isMusl libexecinfo; cmakeFlags = [ + "-DBUILD_SHARED_LIBS:BOOL=ON" "-DCMAKE_MODULE_PATH=${aws-c-common}/lib/cmake" ]; diff --git a/pkgs/development/libraries/aws-checksums/default.nix b/pkgs/development/libraries/aws-checksums/default.nix index 99cefde8937f..886383bf9610 100644 --- a/pkgs/development/libraries/aws-checksums/default.nix +++ b/pkgs/development/libraries/aws-checksums/default.nix @@ -13,6 +13,8 @@ stdenv.mkDerivation rec { nativeBuildInputs = [ cmake ]; + cmakeFlags = [ "-DBUILD_SHARED_LIBS:BOOL=ON" ]; + meta = with lib; { description = "HW accelerated CRC32c and CRC32"; homepage = https://github.com/awslabs/aws-checksums; diff --git a/pkgs/development/libraries/grpc/default.nix b/pkgs/development/libraries/grpc/default.nix index dfec171f1dbc..815d3becf6f8 100644 --- a/pkgs/development/libraries/grpc/default.nix +++ b/pkgs/development/libraries/grpc/default.nix @@ -1,13 +1,13 @@ { stdenv, fetchFromGitHub, fetchpatch, cmake, zlib, c-ares, pkgconfig, openssl, protobuf, gflags }: stdenv.mkDerivation rec { - version = "1.26.0"; # N.B: if you change this, change pythonPackages.grpcio and pythonPackages.grpcio-tools to a matching version too + version = "1.27.1"; # N.B: if you change this, change pythonPackages.grpcio and pythonPackages.grpcio-tools to a matching version too pname = "grpc"; src = fetchFromGitHub { owner = "grpc"; repo = "grpc"; rev = "v${version}"; - sha256 = "1fxydarl00vbhd9q153qn4ax1yc6xrd8wij6bfy9j8chipw1bgir"; + sha256 = "1yvmqxv6pwzbxw3si47x3anvl2pp3qy1acspmz4v60pd188c1fnc"; fetchSubmodules = true; }; patches = [ diff --git a/pkgs/development/libraries/libcdio-paranoia/default.nix b/pkgs/development/libraries/libcdio-paranoia/default.nix index 48e632ba52d8..a539586f067f 100644 --- a/pkgs/development/libraries/libcdio-paranoia/default.nix +++ b/pkgs/development/libraries/libcdio-paranoia/default.nix @@ -30,6 +30,6 @@ stdenv.mkDerivation { license = licenses.gpl3; homepage = https://github.com/rocky/libcdio-paranoia; platforms = platforms.linux ++ platforms.darwin; - maintainers = [ maintainers.pbogdan ]; + maintainers = [ ]; }; } diff --git a/pkgs/development/libraries/libdap/default.nix b/pkgs/development/libraries/libdap/default.nix index df2e4c367bfb..baf938944201 100644 --- a/pkgs/development/libraries/libdap/default.nix +++ b/pkgs/development/libraries/libdap/default.nix @@ -1,7 +1,7 @@ { stdenv, fetchurl, bison, libuuid, curl, libxml2, flex }: stdenv.mkDerivation rec { - version = "3.20.4"; + version = "3.20.5"; pname = "libdap"; nativeBuildInputs = [ bison flex ]; @@ -9,7 +9,7 @@ stdenv.mkDerivation rec { src = fetchurl { url = "https://www.opendap.org/pub/source/${pname}-${version}.tar.gz"; - sha256 = "0x44igs389b49nb2psd656wpvmbx9bwmla2l5ahfa09vxb314s5i"; + sha256 = "17j6ca2qsp69a91lm11mwbs4l8q13xqcdz60l94avl5krymrqg47"; }; meta = with stdenv.lib; { diff --git a/pkgs/development/libraries/libexif/default.nix b/pkgs/development/libraries/libexif/default.nix index 833ccf5dca5d..cd35dc4c1db6 100644 --- a/pkgs/development/libraries/libexif/default.nix +++ b/pkgs/development/libraries/libexif/default.nix @@ -25,6 +25,11 @@ stdenv.mkDerivation rec { sha256 = "01aqvz63glwq6wg0wr7ykqqghb4abgq77ghvhizbzadg1k4h7drx"; excludes = [ "NEWS" ]; }) + (fetchpatch { + name = "CVE-2019-9278.patch"; + url = "https://github.com/libexif/libexif/commit/75aa73267fdb1e0ebfbc00369e7312bac43d0566.patch"; + sha256 = "10ikg33mips5zq9as7l9xqnyzbg1wwr4sw17517nzf4hafjpasrj"; + }) ]; buildInputs = [ gettext ]; diff --git a/pkgs/development/libraries/libgpiod/default.nix b/pkgs/development/libraries/libgpiod/default.nix index 782c0a8857a4..772027de0fb3 100644 --- a/pkgs/development/libraries/libgpiod/default.nix +++ b/pkgs/development/libraries/libgpiod/default.nix @@ -2,11 +2,11 @@ stdenv.mkDerivation rec { pname = "libgpiod"; - version = "1.4.1"; + version = "1.4.2"; src = fetchurl { url = "https://git.kernel.org/pub/scm/libs/libgpiod/libgpiod.git/snapshot/libgpiod-${version}.tar.gz"; - sha256 = "0x8ar31b0cp47dgmamxf6a54ixwrjgvs81zra8l9ws4szrzgrnbw"; + sha256 = "0r0hdindy6pi1va3mhk2lg5dis0qbi535k790w76dxfx1hyavk70"; }; buildInputs = [ kmod ]; diff --git a/pkgs/development/libraries/libphonenumber/default.nix b/pkgs/development/libraries/libphonenumber/default.nix index c864ccc70acd..918c663dfb46 100644 --- a/pkgs/development/libraries/libphonenumber/default.nix +++ b/pkgs/development/libraries/libphonenumber/default.nix @@ -2,13 +2,13 @@ stdenv.mkDerivation rec { pname = "phonenumber"; - version = "8.10.20"; + version = "8.11.3"; src = fetchFromGitHub { owner = "googlei18n"; repo = "libphonenumber"; rev = "v${version}"; - sha256 = "12xszrd4mrjabhzsp0xvy2qx2rxl36y5a00xfsh0w7bc299rq13v"; + sha256 = "06y3mh1d1mks6d0ynxp3980g712nkf8l5nyljpybsk326b246hg9"; }; nativeBuildInputs = [ diff --git a/pkgs/development/libraries/libsolv/default.nix b/pkgs/development/libraries/libsolv/default.nix index 73b1604f2eed..b4dd8ccbfb55 100644 --- a/pkgs/development/libraries/libsolv/default.nix +++ b/pkgs/development/libraries/libsolv/default.nix @@ -1,14 +1,14 @@ { stdenv, fetchFromGitHub, cmake, ninja, zlib, expat, rpm, db }: stdenv.mkDerivation rec { - version = "0.7.10"; + version = "0.7.11"; pname = "libsolv"; src = fetchFromGitHub { owner = "openSUSE"; repo = "libsolv"; rev = version; - sha256 = "1qih2j2vng32hk5c0v16gcr7nfq218hrync7xbn33aham8cxfrfa"; + sha256 = "1jq08qgj05cr9zk5paj3qvma7y2ixvkqlvbszcgmfvx0yq4gl1af"; }; cmakeFlags = [ diff --git a/pkgs/development/libraries/poppler/default.nix b/pkgs/development/libraries/poppler/default.nix index eb8ad5e1a796..d21b4705b978 100644 --- a/pkgs/development/libraries/poppler/default.nix +++ b/pkgs/development/libraries/poppler/default.nix @@ -12,7 +12,7 @@ let in stdenv.mkDerivation rec { name = "poppler-${suffix}-${version}"; - version = "0.84.0"; # beware: updates often break cups-filters build, check texlive too! + version = "0.84.0"; # beware: updates often break cups-filters build, check texlive and scribusUnstable too! src = fetchurl { url = "${meta.homepage}/poppler-${version}.tar.xz"; diff --git a/pkgs/development/libraries/ti-rpc/default.nix b/pkgs/development/libraries/ti-rpc/default.nix index d67d76185745..43f1e8b83fec 100644 --- a/pkgs/development/libraries/ti-rpc/default.nix +++ b/pkgs/development/libraries/ti-rpc/default.nix @@ -1,11 +1,11 @@ { fetchurl, stdenv, autoreconfHook, libkrb5 }: stdenv.mkDerivation rec { - name = "libtirpc-1.1.4"; + name = "libtirpc-1.2.5"; src = fetchurl { url = "mirror://sourceforge/libtirpc/${name}.tar.bz2"; - sha256 = "07anqypf7c719x9y683qz65cxllmzlgmlab2hlahrqcj4bq2k99c"; + sha256 = "1jl6a5kkw2vrp4gb6pmvf72rqimywvwfb9f7iz2xjg4wgq63bdpk"; }; outputs = [ "out" "dev" ]; diff --git a/pkgs/development/libraries/unixODBCDrivers/default.nix b/pkgs/development/libraries/unixODBCDrivers/default.nix index 6cfaef5ef993..da15ece559a6 100644 --- a/pkgs/development/libraries/unixODBCDrivers/default.nix +++ b/pkgs/development/libraries/unixODBCDrivers/default.nix @@ -137,12 +137,12 @@ version = "${versionMajor}.${versionMinor}.${versionAdditional}-1"; versionMajor = "17"; - versionMinor = "4"; + versionMinor = "5"; versionAdditional = "1.1"; src = fetchurl { url = "https://packages.microsoft.com/debian/9/prod/pool/main/m/msodbcsql17/msodbcsql${versionMajor}_${version}_amd64.deb"; - sha256 = "0jb16irr7qlgd2zshg0vyia7zqipd0pcvwfcr6z807pss1mnzj8w"; + sha256 = "0ysrl01z5ca72qw8n8kwwcl432cgiyw4pibfwg5nifx0kd7i7z4z"; }; nativeBuildInputs = [ dpkg patchelf ]; diff --git a/pkgs/development/ocaml-modules/apron/default.nix b/pkgs/development/ocaml-modules/apron/default.nix index 0e73c6a73d31..b462e10979aa 100644 --- a/pkgs/development/ocaml-modules/apron/default.nix +++ b/pkgs/development/ocaml-modules/apron/default.nix @@ -1,18 +1,20 @@ -{ stdenv, fetchzip, perl, gmp, mpfr, ppl, ocaml, findlib, camlidl, mlgmpidl }: +{ stdenv, fetchFromGitHub, perl, gmp, mpfr, ppl, ocaml, findlib, camlidl, mlgmpidl }: stdenv.mkDerivation rec { name = "ocaml${ocaml.version}-apron-${version}"; - version = "20160125"; - src = fetchzip { - url = "http://apron.gforge.inria.fr/apron-${version}.tar.gz"; - sha256 = "1a7b7b9wsd0gdvm41lgg6ayb85wxc2a3ggcrghy4qiphs4b9v4m4"; + version = "0.9.12"; + src = fetchFromGitHub { + owner = "antoinemine"; + repo = "apron"; + rev = "v${version}"; + sha256 = "0bciv4wz52p57q0aggmvixvqrsd1slflfyrm1z6fy5c44f4fmjjn"; }; buildInputs = [ perl gmp mpfr ppl ocaml findlib camlidl ]; propagatedBuildInputs = [ mlgmpidl ]; prefixKey = "-prefix "; - createFindlibDestdir = true; + preBuild = "mkdir -p $out/lib/ocaml/${ocaml.version}/site-lib/stublibs"; meta = { license = stdenv.lib.licenses.lgpl21; diff --git a/pkgs/development/python-modules/augeas/default.nix b/pkgs/development/python-modules/augeas/default.nix index 12a3529f8645..45a05ac85e74 100644 --- a/pkgs/development/python-modules/augeas/default.nix +++ b/pkgs/development/python-modules/augeas/default.nix @@ -1,13 +1,13 @@ { stdenv, lib, buildPythonPackage, fetchFromGitHub, augeas, cffi }: buildPythonPackage rec { pname = "augeas"; - version = "1.0.3"; + version = "1.1.0"; src = fetchFromGitHub { owner = "hercules-team"; repo = "python-augeas"; rev = "v${version}"; - sha256 = "1fb904ym8g8hkd82zlibzk6wrldnfd5v5d0rkynsy1zlhcylq4f6"; + sha256 = "12q52ilcx059rn544x3712xq6myn99niz131l0fs3xx67456pajh"; }; # TODO: not very nice! diff --git a/pkgs/development/python-modules/azure-mgmt-policyinsights/default.nix b/pkgs/development/python-modules/azure-mgmt-policyinsights/default.nix index 4df00abc806b..37c7e46cbf3a 100644 --- a/pkgs/development/python-modules/azure-mgmt-policyinsights/default.nix +++ b/pkgs/development/python-modules/azure-mgmt-policyinsights/default.nix @@ -10,12 +10,12 @@ buildPythonPackage rec { pname = "azure-mgmt-policyinsights"; - version = "0.3.1"; + version = "0.4.0"; src = fetchPypi { inherit pname version; extension = "zip"; - sha256 = "b27f5ac367b69e225ab02fa2d1ea20cbbfe948ff43b0af4698cd8cbde0063908"; + sha256 = "1b69rz9wm0jvc54vx3b7h633x8gags51xwxrkp6myar40jggxw6g"; }; propagatedBuildInputs = [ diff --git a/pkgs/development/python-modules/cmd2/default.nix b/pkgs/development/python-modules/cmd2/default.nix index 6cc91f4b74cb..ca1056928574 100644 --- a/pkgs/development/python-modules/cmd2/default.nix +++ b/pkgs/development/python-modules/cmd2/default.nix @@ -6,11 +6,11 @@ }: buildPythonPackage rec { pname = "cmd2"; - version = "0.9.23"; + version = "0.9.25"; src = fetchPypi { inherit pname version; - sha256 = "17ic6lxzz9yrwxh3l1skcqgr59c47w5fidj5qmrk1l26rkrjxlca"; + sha256 = "0w5jh2lanqxsva9fr9p07mmbd5w4v6zmhf6lr0awksvhjx77lhdc"; }; LC_ALL="en_US.UTF-8"; diff --git a/pkgs/development/python-modules/django-storages/default.nix b/pkgs/development/python-modules/django-storages/default.nix index 5756d0ab5e61..dbf4e64db5a5 100644 --- a/pkgs/development/python-modules/django-storages/default.nix +++ b/pkgs/development/python-modules/django-storages/default.nix @@ -4,11 +4,11 @@ buildPythonPackage rec { pname = "django-storages"; - version = "1.8"; + version = "1.9.1"; src = fetchPypi { inherit pname version; - sha256 = "000abaayhymh4rxmk19hwhlyibc62rs0qdfczkhf4wb3p9san8lk"; + sha256 = "148y2hyx1l4pfbqpq8hgq95fw8bhfbblwd3m5xwnhw6frcirk7m5"; }; propagatedBuildInputs = [ django ]; diff --git a/pkgs/development/python-modules/feedgen/default.nix b/pkgs/development/python-modules/feedgen/default.nix index d59f0a702aa7..4c1eb10c6b12 100644 --- a/pkgs/development/python-modules/feedgen/default.nix +++ b/pkgs/development/python-modules/feedgen/default.nix @@ -2,11 +2,11 @@ buildPythonPackage rec { pname = "feedgen"; - version = "0.8.0"; + version = "0.9.0"; src = fetchPypi { inherit pname version; - sha256 = "0551ixbcz2gaala4gi3i8gici3haijj7dhvjsz1a61s050276m96"; + sha256 = "0jl0b87l7v6c0f1nx6k81skjhdj5i11kmchdjls00mynpvdip0cf"; }; propagatedBuildInputs = [ dateutil lxml ]; diff --git a/pkgs/development/python-modules/flower/default.nix b/pkgs/development/python-modules/flower/default.nix new file mode 100644 index 000000000000..74273e629454 --- /dev/null +++ b/pkgs/development/python-modules/flower/default.nix @@ -0,0 +1,22 @@ +{ lib, buildPythonPackage, fetchPypi, Babel, celery, importlib-metadata, pytz, tornado, mock }: + +buildPythonPackage rec { + pname = "flower"; + version = "0.9.3"; + + src = fetchPypi { + inherit pname version; + sha256 = "7f45acb297ab7cf3dd40140816143a2588f6938dbd70b8c46b59c7d8d1e93d55"; + }; + + propagatedBuildInputs = [ Babel celery importlib-metadata pytz tornado ]; + + checkInputs = [ mock ]; + + meta = with lib; { + description = "Celery Flower"; + homepage = "https://github.com/mher/flower"; + license = licenses.bsdOriginal; + maintainers = [ maintainers.arnoldfarkas ]; + }; +} diff --git a/pkgs/development/python-modules/geopy/2.nix b/pkgs/development/python-modules/geopy/2.nix index 49876872724b..484c049da358 100644 --- a/pkgs/development/python-modules/geopy/2.nix +++ b/pkgs/development/python-modules/geopy/2.nix @@ -7,7 +7,7 @@ buildPythonPackage rec { pname = "geopy"; - version = "1.20.0"; + version = "1.21.0"; disabled = !isPy27; # only Python 2.7 doCheck = false; # Needs network access @@ -16,7 +16,7 @@ buildPythonPackage rec { src = fetchPypi { inherit pname version; - sha256 = "9419bc90ee6231590c4ae7acf1cf126cefbd0736942da7a6a1436946e80830e2"; + sha256 = "1p1sgy2p59j0297bp7c82b45bx4d3i1p4kvbgf89c9i0llyb80nw"; }; meta = with stdenv.lib; { diff --git a/pkgs/development/python-modules/grpcio-tools/default.nix b/pkgs/development/python-modules/grpcio-tools/default.nix index 8b84af187296..7965e200130d 100644 --- a/pkgs/development/python-modules/grpcio-tools/default.nix +++ b/pkgs/development/python-modules/grpcio-tools/default.nix @@ -2,11 +2,11 @@ buildPythonPackage rec { pname = "grpcio-tools"; - version = "1.26.0"; + version = "1.27.1"; src = fetchPypi { inherit pname version; - sha256 = "5580b86cf49936c9c74f0def44d3582a7a1bb720eba8a14805c3a61efa790c70"; + sha256 = "e29aa3f7a47d37f8a15605e97bec580baa6bb7ead7114b8d2f20d7b28da30c5c"; }; enableParallelBuilding = true; diff --git a/pkgs/development/python-modules/hstspreload/default.nix b/pkgs/development/python-modules/hstspreload/default.nix index 918ed268afa5..545f0d001794 100644 --- a/pkgs/development/python-modules/hstspreload/default.nix +++ b/pkgs/development/python-modules/hstspreload/default.nix @@ -6,14 +6,14 @@ buildPythonPackage rec { pname = "hstspreload"; - version = "2020.1.17"; + version = "2020.2.5"; disabled = isPy27; src = fetchFromGitHub { owner = "sethmlarson"; repo = pname; rev = version; - sha256 = "08qcisiscnx74pwavh3ai3lg92zfrikwzr06p700kwk1gp8xhf3v"; + sha256 = "1jz4qma04vkiczlj0fd9ahjf6c3yxvycvhp48c3n3l4aw4gfsbiz"; }; # tests require network connection diff --git a/pkgs/development/python-modules/ijson/default.nix b/pkgs/development/python-modules/ijson/default.nix index 8729de427d96..9374d8939c39 100644 --- a/pkgs/development/python-modules/ijson/default.nix +++ b/pkgs/development/python-modules/ijson/default.nix @@ -2,18 +2,18 @@ buildPythonPackage rec { pname = "ijson"; - version = "2.5.1"; + version = "2.6.1"; src = fetchPypi { inherit pname version; - sha256 = "19ec46a2f7991004e5202ecee56c569616b8a7f95686ad7fd0a9ec81cac00269"; + sha256 = "1l034zq23315icym2n0zppa5lwpdll3mvavmyjbiryxb4c5wdsvm"; }; doCheck = false; # something about yajl meta = with stdenv.lib; { description = "Iterative JSON parser with a standard Python iterator interface"; - homepage = "https://github.com/isagalaev/ijson"; + homepage = "https://github.com/ICRAR/ijson"; license = licenses.bsd3; maintainers = with maintainers; [ rvl ]; }; diff --git a/pkgs/development/python-modules/jieba/default.nix b/pkgs/development/python-modules/jieba/default.nix index 75520384ff35..2e64360c5c28 100644 --- a/pkgs/development/python-modules/jieba/default.nix +++ b/pkgs/development/python-modules/jieba/default.nix @@ -2,14 +2,14 @@ buildPythonPackage rec { pname = "jieba"; - version = "0.40"; + version = "0.42.1"; # no tests in PyPI tarball src = fetchFromGitHub { owner = "fxsjy"; repo = pname; rev = "v${version}"; - sha256 = "1nasyxva9m3k9fb9g627ppphp3697jdplbb2bavqx71sa7mqim2m"; + sha256 = "028vmd6sj6wn9l1ilw7qfmlpyiysnlzdgdlhwxs6j4fvq0gyrwxk"; }; checkInputs = [ glibcLocales ]; diff --git a/pkgs/development/python-modules/kconfiglib/default.nix b/pkgs/development/python-modules/kconfiglib/default.nix index b4d647c60755..8685fb8a3fa9 100644 --- a/pkgs/development/python-modules/kconfiglib/default.nix +++ b/pkgs/development/python-modules/kconfiglib/default.nix @@ -2,11 +2,11 @@ buildPythonPackage rec { pname = "kconfiglib"; - version = "13.7.0"; + version = "14.1.0"; src = fetchPypi { inherit pname version; - sha256 = "0dkfprrsds64d2jbqnwdzb4why84jaj968s3ccmyqg5385nr9fwd"; + sha256 = "0g690bk789hsry34y4ahvly5c8w8imca90ss4njfqf7m2qicrlmy"; }; # doesnt work out of the box but might be possible diff --git a/pkgs/development/python-modules/localzone/default.nix b/pkgs/development/python-modules/localzone/default.nix new file mode 100644 index 000000000000..9c968fa37229 --- /dev/null +++ b/pkgs/development/python-modules/localzone/default.nix @@ -0,0 +1,34 @@ +{ stdenv +, buildPythonPackage +, fetchFromGitHub +, dnspython +, sphinx +, pytest +}: + +buildPythonPackage rec { + pname = "localzone"; + version = "0.9.5"; + + src = fetchFromGitHub { + owner = "ags-slc"; + repo = pname; + rev = "v${version}"; + sha256 = "1zziqyhbg8vg901b4hjzzab0paag5cng48vk9xf1hchxk5naf58n"; + }; + + propagatedBuildInputs = [ dnspython sphinx ]; + + checkInputs = [ pytest ]; + + checkPhase = '' + pytest + ''; + + meta = with stdenv.lib; { + description = "A simple DNS library for managing zone files"; + homepage = https://localzone.iomaestro.com; + license = licenses.bsd3; + maintainers = with maintainers; [ flyfloh ]; + }; +} diff --git a/pkgs/development/python-modules/m3u8/default.nix b/pkgs/development/python-modules/m3u8/default.nix index e558b893dfda..5763f3beb65d 100644 --- a/pkgs/development/python-modules/m3u8/default.nix +++ b/pkgs/development/python-modules/m3u8/default.nix @@ -2,13 +2,13 @@ buildPythonPackage rec { pname = "m3u8"; - version = "0.5.2"; + version = "0.5.4"; src = fetchFromGitHub { owner = "globocom"; repo = pname; rev = version; - sha256 = "0p6wmwv1nfa5pyakq5d55w9v142z5ja3db3s3qr44kx895d9lhng"; + sha256 = "1a2c7vqcysxkaffk40zg8d60l9hpjk0dw221fy9cg72i8jxq1gmm"; }; checkInputs = [ bottle pytest pytestcov ]; diff --git a/pkgs/development/python-modules/nbconflux/default.nix b/pkgs/development/python-modules/nbconflux/default.nix new file mode 100644 index 000000000000..2ca203e65acc --- /dev/null +++ b/pkgs/development/python-modules/nbconflux/default.nix @@ -0,0 +1,28 @@ +{ lib, buildPythonPackage, fetchFromGitHub, nbconvert, pytest, requests, responses }: + +buildPythonPackage rec { + pname = "nbconflux"; + version = "0.7.0"; + + src = fetchFromGitHub { + owner = "Valassis-Digital-Media"; + repo = "nbconflux"; + rev = version; + sha256 = "1708qkb275d6f7b4b5zmqx3i0jh56nrx2n9rwwp5nbaah5p2wwlh"; + }; + + propagatedBuildInputs = [ nbconvert requests ]; + + checkInputs = [ pytest responses ]; + + checkPhase = '' + pytest tests + ''; + + meta = with lib; { + description = "Converts Jupyter Notebooks to Atlassian Confluence (R) pages using nbconvert"; + homepage = "https://github.com/Valassis-Digital-Media/nbconflux"; + license = licenses.bsd3; + maintainers = [ maintainers.arnoldfarkas ]; + }; +} diff --git a/pkgs/development/python-modules/nuitka/default.nix b/pkgs/development/python-modules/nuitka/default.nix index 0413d224bcd6..edaed742538a 100644 --- a/pkgs/development/python-modules/nuitka/default.nix +++ b/pkgs/development/python-modules/nuitka/default.nix @@ -12,13 +12,13 @@ let # Therefore we create a separate env for it. scons = pkgs.python27.withPackages(ps: [ pkgs.scons ]); in buildPythonPackage rec { - version = "0.6.6"; + version = "0.6.7"; pname = "Nuitka"; # Latest version is not yet on PyPi src = fetchurl { url = "https://github.com/kayhayen/Nuitka/archive/${version}.tar.gz"; - sha256 = "1ia37072qdbgdvh9qxkrhi3mlqn3kcn0qm5xjz6f68sis6ni9kw2"; + sha256 = "09mrm7iz2wdrd7y2csbcidg6bkskjignx2pnifh4i8zlh0vm61bg"; }; checkInputs = [ vmprof pyqt4 ]; diff --git a/pkgs/development/python-modules/nwdiag/default.nix b/pkgs/development/python-modules/nwdiag/default.nix index 7e34f3897bc5..ff66cb9450b2 100644 --- a/pkgs/development/python-modules/nwdiag/default.nix +++ b/pkgs/development/python-modules/nwdiag/default.nix @@ -1,19 +1,19 @@ { stdenv, fetchurl, buildPythonPackage, pep8, nose, unittest2, docutils -, blockdiag +, blockdiag, setuptools }: buildPythonPackage rec { pname = "nwdiag"; - version = "1.0.4"; + version = "2.0.0"; src = fetchurl { url = "mirror://pypi/n/nwdiag/${pname}-${version}.tar.gz"; - sha256 = "002565875559789a2dfc5f578c07abdf44269c3f7cdf78d4809bdc4bdc2213fa"; + sha256 = "1qkl1lq7cblr6fra2rjw3zlcccragp8384hpm4n7dkc5c3yzmmsw"; }; buildInputs = [ pep8 nose unittest2 docutils ]; - propagatedBuildInputs = [ blockdiag ]; + propagatedBuildInputs = [ blockdiag setuptools ]; # tests fail doCheck = false; diff --git a/pkgs/development/python-modules/persim/default.nix b/pkgs/development/python-modules/persim/default.nix index d5e656c7b8fc..471552cdcc91 100644 --- a/pkgs/development/python-modules/persim/default.nix +++ b/pkgs/development/python-modules/persim/default.nix @@ -11,11 +11,11 @@ buildPythonPackage rec { pname = "persim"; - version = "0.1.1"; + version = "0.1.2"; src = fetchPypi { inherit pname version; - sha256 = "932bb0489d4dc158e4f007ec609c61e4700003d882d8e7bdac218b70d14ce9cf"; + sha256 = "0vz6s49ar7mhg4pj4jcbwb79s8acqj6jc70va5w79pjxb5pw8k2n"; }; propagatedBuildInputs = [ diff --git a/pkgs/development/python-modules/phonenumbers/default.nix b/pkgs/development/python-modules/phonenumbers/default.nix index c0e86dd37514..6b219ed0dd17 100644 --- a/pkgs/development/python-modules/phonenumbers/default.nix +++ b/pkgs/development/python-modules/phonenumbers/default.nix @@ -2,11 +2,11 @@ buildPythonPackage rec { pname = "phonenumbers"; - version = "8.11.2"; + version = "8.11.3"; src = fetchPypi { inherit pname version; - sha256 = "0j73mr3d3rf2r4nkaxbvl7323xima0l95pjagjzgk2piqwa3nbd2"; + sha256 = "1rh0860ml00kw5c4b4r31wz5s8cmd5mpxx5slypdgljk4ralyg6p"; }; meta = { diff --git a/pkgs/development/python-modules/pikepdf/default.nix b/pkgs/development/python-modules/pikepdf/default.nix index ec99edcc0c10..64629314bfe9 100644 --- a/pkgs/development/python-modules/pikepdf/default.nix +++ b/pkgs/development/python-modules/pikepdf/default.nix @@ -22,12 +22,12 @@ buildPythonPackage rec { pname = "pikepdf"; - version = "1.8.2"; + version = "1.10.0"; disabled = ! isPy3k; src = fetchPypi { inherit pname version; - sha256 = "1n3fd7i1br1s4f90yismgfcq9ix5kcqfacr7yy0hhhrabkf2sm37"; + sha256 = "1qa4sam1kvglwqwk573mjpsy8cy89yamr4val0g80hq1ribc56ah"; }; buildInputs = [ diff --git a/pkgs/development/python-modules/pyTelegramBotAPI/default.nix b/pkgs/development/python-modules/pyTelegramBotAPI/default.nix index cb91196fc7e6..e07db8ec7267 100644 --- a/pkgs/development/python-modules/pyTelegramBotAPI/default.nix +++ b/pkgs/development/python-modules/pyTelegramBotAPI/default.nix @@ -2,11 +2,11 @@ buildPythonPackage rec { pname = "pyTelegramBotAPI"; - version = "3.6.6"; + version = "3.6.7"; src = fetchPypi { inherit pname version; - sha256 = "00vycd7jvfnzmvmmhkjx9vf40vkcrwv7adas5i81r2jhjy7sks54"; + sha256 = "0spn3gjbppyl4b7kqnc8g30qss72dcb1d6ap2bizyam5wn591z8f"; }; propagatedBuildInputs = [ requests ]; diff --git a/pkgs/development/python-modules/pycollada/default.nix b/pkgs/development/python-modules/pycollada/default.nix index fd3eb1b4c187..0803d6589306 100644 --- a/pkgs/development/python-modules/pycollada/default.nix +++ b/pkgs/development/python-modules/pycollada/default.nix @@ -2,11 +2,11 @@ buildPythonPackage rec { pname = "pycollada"; - version = "0.7"; + version = "0.7.1"; src = fetchPypi { inherit pname version; - sha256 = "0b2vz9fp9asw57m3p9zjlz9gddanrhpxbdfimg98ik654kp2vj7r"; + sha256 = "1rp4wlvfywgk3v6l3hnhjx61x9yqawvvivpq4dig2jj71k3mpsyj"; }; propagatedBuildInputs = [ numpy dateutil ]; diff --git a/pkgs/development/python-modules/pydantic/default.nix b/pkgs/development/python-modules/pydantic/default.nix index 088c6636fdca..4e0623e5cc1e 100644 --- a/pkgs/development/python-modules/pydantic/default.nix +++ b/pkgs/development/python-modules/pydantic/default.nix @@ -12,14 +12,14 @@ buildPythonPackage rec { pname = "pydantic"; - version = "1.3"; + version = "1.4"; disabled = !isPy3k; src = fetchFromGitHub { owner = "samuelcolvin"; repo = pname; rev = "v${version}"; - sha256 = "0s85nzlsyj97j54zsgv569hkzv617z0vqsifsxkkyiimgbvnx7g8"; + sha256 = "1zmnwyvvrj6nb2r1wh63yb6dzqaxw8m4njzqycjdq9911c5gwg6z"; }; propagatedBuildInputs = [ diff --git a/pkgs/development/python-modules/pykka/default.nix b/pkgs/development/python-modules/pykka/default.nix index c07f1b46cbe1..8482b1e1bc80 100644 --- a/pkgs/development/python-modules/pykka/default.nix +++ b/pkgs/development/python-modules/pykka/default.nix @@ -5,12 +5,12 @@ buildPythonPackage rec { pname = "pykka"; - version = "1.2.0"; + version = "2.0.1"; src = fetchgit { url = "https://github.com/jodal/pykka.git"; rev = "refs/tags/v${version}"; - sha256 = "0qlfw1054ap0cha1m6dbnq51kjxqxaf338g7jwnwy33b3gr8x0hg"; + sha256 = "011rvv3vzj9rpwaq6vfpz9hfwm6gx1jmad4iri6z12g8nnlpydhs"; }; # There are no tests diff --git a/pkgs/development/python-modules/pylint-django/default.nix b/pkgs/development/python-modules/pylint-django/default.nix index 04010098807c..ef47699053cb 100644 --- a/pkgs/development/python-modules/pylint-django/default.nix +++ b/pkgs/development/python-modules/pylint-django/default.nix @@ -10,14 +10,14 @@ buildPythonPackage rec { pname = "pylint-django"; - version = "2.0.12"; + version = "2.0.13"; disabled = !isPy3k; src = fetchFromGitHub { owner = "PyCQA"; repo = pname; rev = "v${version}"; - sha256 = "0ha06wpqqn5fp5dapgjhsdx3ahh3y62l7k2f3czlrdjmmivgdp9y"; + sha256 = "16xfn8zs5khdfh5pdsv3wjjhywzc1qhx7mxi5kpbcvmd6an9qi7s"; }; propagatedBuildInputs = [ diff --git a/pkgs/development/python-modules/pynamecheap/default.nix b/pkgs/development/python-modules/pynamecheap/default.nix new file mode 100644 index 000000000000..571206a71678 --- /dev/null +++ b/pkgs/development/python-modules/pynamecheap/default.nix @@ -0,0 +1,28 @@ +{ lib +, buildPythonPackage +, fetchFromGitHub +, requests +}: + +buildPythonPackage rec { + pname = "PyNamecheap"; + version = "0.0.3"; + + propagatedBuildInputs = [ requests ]; + + # Tests require access to api.sandbox.namecheap.com + doCheck = false; + + src = fetchFromGitHub { + owner = "Bemmu"; + repo = pname; + rev = "v${version}"; + sha256 = "1g1cd2yc6rpdsc5ax7s93y5nfkf91gcvbgcaqyl9ida6srd9hr97"; + }; + + meta = with lib; { + description = "Namecheap API client in Python."; + homepage = https://github.com/Bemmu/PyNamecheap; + license = licenses.mit; + }; +} diff --git a/pkgs/development/python-modules/pysaml2/default.nix b/pkgs/development/python-modules/pysaml2/default.nix index 8c0513b0b513..81324920c431 100644 --- a/pkgs/development/python-modules/pysaml2/default.nix +++ b/pkgs/development/python-modules/pysaml2/default.nix @@ -1,5 +1,6 @@ { stdenv , buildPythonPackage +, isPy3k , fetchFromGitHub , substituteAll , xmlsec @@ -9,14 +10,16 @@ buildPythonPackage rec { pname = "pysaml2"; - version = "4.9.0"; + version = "5.0.0"; + + disabled = !isPy3k; # No tests in PyPI tarball src = fetchFromGitHub { owner = "IdentityPython"; repo = pname; rev = "v${version}"; - sha256 = "1ww1l34zn25vxifs8nr0bg7gkhbpy5g45mj0jj4d8hzimahb1brx"; + sha256 = "0hwhxz45h8l1b0615hf855z7valfcmm0nb7k31bcj84v68zp5rjs"; }; patches = [ diff --git a/pkgs/development/python-modules/python-dotenv/default.nix b/pkgs/development/python-modules/python-dotenv/default.nix index f43d8d0575b9..d663bfd8bc95 100644 --- a/pkgs/development/python-modules/python-dotenv/default.nix +++ b/pkgs/development/python-modules/python-dotenv/default.nix @@ -8,11 +8,11 @@ buildPythonPackage rec { pname = "python-dotenv"; - version = "0.10.4"; + version = "0.10.5"; src = fetchPypi { inherit pname version; - sha256 = "16s2x5ghrhz9ljm6h3y0pbwh97558vbs7l0yiicag4s0xyn0nzq0"; + sha256 = "1p6xk0f1yj1s4n8wjs9m8xqilc5bcwvfzsy9nv5lrmkhr78bym7j"; }; propagatedBuildInputs = [ click ] ++ lib.optionals isPy27 [ typing ]; diff --git a/pkgs/development/python-modules/rq/default.nix b/pkgs/development/python-modules/rq/default.nix index 8c91579d241a..0fe7a942245b 100644 --- a/pkgs/development/python-modules/rq/default.nix +++ b/pkgs/development/python-modules/rq/default.nix @@ -2,11 +2,11 @@ buildPythonPackage rec { pname = "rq"; - version = "1.1.0"; + version = "1.2.2"; src = fetchPypi { inherit pname version; - sha256 = "1fs03g1n1l8k03zwhkhckhsrnnsm3645sqby2nwh5gfij2kcc9sg"; + sha256 = "0dk664lzjhj0rk4ffpv29mbcr7vh41ph1sx7ngszk3744gh1nshp"; }; # test require a running redis rerver, which is something we can't do yet diff --git a/pkgs/development/python-modules/simplekml/default.nix b/pkgs/development/python-modules/simplekml/default.nix index d97c1b0c9638..be149e7edea4 100644 --- a/pkgs/development/python-modules/simplekml/default.nix +++ b/pkgs/development/python-modules/simplekml/default.nix @@ -2,14 +2,14 @@ buildPythonPackage rec { pname = "simplekml"; - version = "1.3.1"; + version = "1.3.3"; src = fetchPypi { inherit pname version; - sha256 = "30c121368ce1d73405721730bf766721e580cae6fbb7424884c734c89ec62ad7"; + sha256 = "08l24gfql83yjcdqb51nnnvckbnfb7bl89am4q9zr0fslrbcn3vf"; }; - doCheck = false; # no tests are defined in 1.3.1 + doCheck = false; # no tests are defined in 1.3.3 meta = with lib; { description = "Generate KML with as little effort as possible"; diff --git a/pkgs/development/python-modules/softlayer/default.nix b/pkgs/development/python-modules/softlayer/default.nix new file mode 100644 index 000000000000..6548c3637a8f --- /dev/null +++ b/pkgs/development/python-modules/softlayer/default.nix @@ -0,0 +1,41 @@ +{ lib +, buildPythonPackage +, fetchFromGitHub +, ptable +, click +, requests +, prompt_toolkit +, pygments +, urllib3 +, pytest +, pytestcov +, mock +, sphinx +, testtools +}: + +buildPythonPackage rec { + pname = "softlayer-python"; + version = "5.8.4"; + + propagatedBuildInputs = [ ptable click requests prompt_toolkit pygments urllib3 ]; + + checkInputs = [ pytest pytestcov mock sphinx testtools ptable click requests prompt_toolkit pygments urllib3 ]; + + checkPhase = '' + pytest + ''; + + src = fetchFromGitHub { + owner = "softlayer"; + repo = pname; + rev = "v${version}"; + sha256 = "10kzi7kvvifr21a46q2xqsibs0bx5ys22nfym0bg605ka37vcz88"; + }; + + meta = with lib; { + description = "A set of Python libraries that assist in calling the SoftLayer API."; + homepage = https://github.com/softlayer/softlayer-python; + license = licenses.mit; + }; +} diff --git a/pkgs/development/python-modules/sphinxcontrib-tikz/default.nix b/pkgs/development/python-modules/sphinxcontrib-tikz/default.nix index 15585679a293..747fa1cb2434 100644 --- a/pkgs/development/python-modules/sphinxcontrib-tikz/default.nix +++ b/pkgs/development/python-modules/sphinxcontrib-tikz/default.nix @@ -9,11 +9,11 @@ buildPythonPackage rec { pname = "sphinxcontrib-tikz"; - version = "0.4.6"; + version = "0.4.8"; src = fetchPypi { inherit pname version; - sha256 = "4f362b11e3c2bd17d5f0f07fec03917c16fc5bbcda6fe31ee137c547ed6b03a3"; + sha256 = "1rvm0l40iz1z03d09irkqdwzi9gs6pn0203hylaqbix5c7gabwhy"; }; patches = [ diff --git a/pkgs/development/python-modules/spotipy/default.nix b/pkgs/development/python-modules/spotipy/default.nix index e728739c294d..aebe38fc69a4 100644 --- a/pkgs/development/python-modules/spotipy/default.nix +++ b/pkgs/development/python-modules/spotipy/default.nix @@ -2,11 +2,11 @@ buildPythonPackage rec { pname = "spotipy"; - version = "2.6.1"; + version = "2.7.1"; src = fetchPypi { inherit pname version; - sha256 = "1jpj9ljc5g89jbnzwnmgz5s6jdrsgd6g9s09igvbw3pppi9070h0"; + sha256 = "1i4gpmvjk608fxz1kwfb3dnmm4dydr0bir0zw9k2nng7n8b6knvr"; }; propagatedBuildInputs = [ requests ]; diff --git a/pkgs/development/python-modules/transip/default.nix b/pkgs/development/python-modules/transip/default.nix new file mode 100644 index 000000000000..977ff17ececd --- /dev/null +++ b/pkgs/development/python-modules/transip/default.nix @@ -0,0 +1,39 @@ +{ stdenv +, buildPythonPackage +, fetchFromGitHub +, requests +, cryptography +, suds-jurko +, pytest +}: + +buildPythonPackage rec { + pname = "transip-api"; + version = "2.0.0"; + + src = fetchFromGitHub { + owner = "benkonrath"; + repo = pname; + rev = "v${version}"; + sha256 = "153x8ph7cp432flaqiy2zgp060ddychcqcrssxkcmjvbm86xrz17"; + }; + + checkInputs = [ pytest ]; + + # Constructor Tests require network access + checkPhase = '' + pytest --deselect=tests/service_tests/test_domain.py::TestDomainService::test_constructor \ + --deselect tests/service_tests/test_vps.py::TestVPSService::testConstructor \ + --deselect tests/service_tests/test_webhosting.py::TestWebhostingService::testConstructor + ''; + + + propagatedBuildInputs = [ requests cryptography suds-jurko ]; + + meta = with stdenv.lib; { + description = "TransIP API Connector"; + homepage = https://github.com/benkonrath/transip-api; + license = licenses.mit; + maintainers = with maintainers; [ flyfloh ]; + }; +} diff --git a/pkgs/development/python-modules/ua-parser/default.nix b/pkgs/development/python-modules/ua-parser/default.nix index cd004c59d4a4..9249a1ce044e 100644 --- a/pkgs/development/python-modules/ua-parser/default.nix +++ b/pkgs/development/python-modules/ua-parser/default.nix @@ -2,11 +2,11 @@ buildPythonPackage rec { pname = "ua-parser"; - version = "0.8.0"; + version = "0.9.0"; src = fetchPypi { inherit pname version; - sha256 = "97bbcfc9321a3151d96bb5d62e54270247b0e3be0590a6f2ff12329851718dcb"; + sha256 = "1qpw1jdm8bp09jwjp8r38rr7rd2jy4k2if798cax3wylphm285xy"; }; buildInputs = [ pyyaml ]; diff --git a/pkgs/development/python-modules/uproot-methods/default.nix b/pkgs/development/python-modules/uproot-methods/default.nix index 7bb8d4a16ea2..7e7994392747 100644 --- a/pkgs/development/python-modules/uproot-methods/default.nix +++ b/pkgs/development/python-modules/uproot-methods/default.nix @@ -6,12 +6,12 @@ }: buildPythonPackage rec { - version = "0.7.2"; + version = "0.7.3"; pname = "uproot-methods"; src = fetchPypi { inherit pname version; - sha256 = "4382983e4e6c5e1aeb3013d04334907f87f62b0d7c19a29968e5a0aac1653ae1"; + sha256 = "01x7raa2l75g96y6fsi6h2fjpjm0swlnw0j9vn8mlahridycrjss"; }; propagatedBuildInputs = [ numpy awkward ]; diff --git a/pkgs/development/python-modules/uproot/default.nix b/pkgs/development/python-modules/uproot/default.nix index f5f20ad86d3f..481f7a9e7b25 100644 --- a/pkgs/development/python-modules/uproot/default.nix +++ b/pkgs/development/python-modules/uproot/default.nix @@ -16,11 +16,11 @@ buildPythonPackage rec { pname = "uproot"; - version = "3.11.1"; + version = "3.11.2"; src = fetchPypi { inherit pname version; - sha256 = "1m6yjvdbffyk32gmfki7h01frlg9vhqf8g734m4gxyyf8m8g60zd"; + sha256 = "1bn8z640408s4h04ymy0y79fm5ss2mx99mkgdbw68a80x0p6982h"; }; nativeBuildInputs = [ pytestrunner ]; diff --git a/pkgs/development/python-modules/user-agents/default.nix b/pkgs/development/python-modules/user-agents/default.nix index a5dc414b2606..827ef72d2eb8 100644 --- a/pkgs/development/python-modules/user-agents/default.nix +++ b/pkgs/development/python-modules/user-agents/default.nix @@ -2,14 +2,14 @@ buildPythonPackage rec { pname = "user-agents"; - version = "2.0"; + version = "2.1.0"; # PyPI is missing devices.json src = fetchFromGitHub { owner = "selwin"; repo = "python-user-agents"; rev = "v${version}"; - sha256 = "0ix2yajqdnfj433j50dls90mkmqz8m4fiywxg097zwkkc95wm8s4"; + sha256 = "04bndajsfnpymxfiggnj7g38cmlvca3ry5k2611x8ibp38x53yhc"; }; propagatedBuildInputs = [ ua-parser ]; diff --git a/pkgs/development/tools/buildkit/default.nix b/pkgs/development/tools/buildkit/default.nix index 29b07fbfd0f6..5d8d22fbfbb6 100644 --- a/pkgs/development/tools/buildkit/default.nix +++ b/pkgs/development/tools/buildkit/default.nix @@ -2,23 +2,24 @@ buildGoPackage rec { pname = "buildkit"; - version = "0.4.0"; - rev = "v${version}"; + version = "0.6.3"; goPackagePath = "github.com/moby/buildkit"; subPackages = [ "cmd/buildctl" ] ++ stdenv.lib.optionals stdenv.isLinux [ "cmd/buildkitd" ]; src = fetchFromGitHub { - inherit rev; owner = "moby"; repo = "buildkit"; - sha256 = "0gkwcjqbcskn63y79jwa26hxkps452z4bgz8lrryaskzbdpvhh3d"; + rev = "v${version}"; + sha256 = "032jq74n9mkw22s4ba9blfmi0hqvk587m5v23xz3sxx2rkg0wlbn"; }; + buildFlagsArray = [ "-ldflags=-s -w -X ${goPackagePath}/version.Version=${version}" ]; + meta = with stdenv.lib; { description = "Concurrent, cache-efficient, and Dockerfile-agnostic builder toolkit"; homepage = https://github.com/moby/buildkit; license = licenses.asl20; - maintainers = with maintainers; [ vdemeester ]; + maintainers = with maintainers; [ vdemeester marsam ]; }; } diff --git a/pkgs/development/tools/kcli/default.nix b/pkgs/development/tools/kcli/default.nix index a3944ff41269..bbcb10a354cf 100644 --- a/pkgs/development/tools/kcli/default.nix +++ b/pkgs/development/tools/kcli/default.nix @@ -2,13 +2,13 @@ buildGoModule rec { pname = "kcli"; - version = "1.8.2"; + version = "1.8.3"; src = fetchFromGitHub { owner = "cswank"; repo = "kcli"; rev = version; - sha256 = "1m9967f9wk1113ap2qmqinqg7gvpmg5y2g1ji0q818qbandzlh23"; + sha256 = "0whijr2r2j5bvfy8jgmpxsa0zvwk5kfjlpnkw4za5k35q7bjffls"; }; modSha256 = "1wcqh3306q9wxb6pnl8cpk73vmy36bjv2gil03j7j4pajs1f2lwn"; diff --git a/pkgs/development/tools/misc/babeltrace/default.nix b/pkgs/development/tools/misc/babeltrace/default.nix index 19ed711f1f4c..d9350d5f020e 100644 --- a/pkgs/development/tools/misc/babeltrace/default.nix +++ b/pkgs/development/tools/misc/babeltrace/default.nix @@ -1,11 +1,11 @@ { stdenv, fetchurl, pkgconfig, glib, libuuid, popt, elfutils }: stdenv.mkDerivation rec { - name = "babeltrace-1.5.7"; + name = "babeltrace-1.5.8"; src = fetchurl { url = "https://www.efficios.com/files/babeltrace/${name}.tar.bz2"; - sha256 = "0yw05cnk5w8b5nbznycglyn4h3hq56a1n8rlb9k9rlzz4ph32lr1"; + sha256 = "1hkg3phnamxfrhwzmiiirbhdgckzfkqwhajl0lmr1wfps7j47wcz"; }; nativeBuildInputs = [ pkgconfig ]; diff --git a/pkgs/development/tools/ocaml/ocamlformat/default.nix b/pkgs/development/tools/ocaml/ocamlformat/default.nix index b70fcc4fbf99..7738139a65a7 100644 --- a/pkgs/development/tools/ocaml/ocamlformat/default.nix +++ b/pkgs/development/tools/ocaml/ocamlformat/default.nix @@ -7,8 +7,8 @@ with ocamlPackages; buildDunePackage rec { minimumOCamlVersion = "4.06"; src = fetchurl { - url = "https://github.com/ocaml-ppx/ocamlformat/releases/download/${version}/ocamlformat-${version}.tbz"; - sha256 = "09y6sfkqfrgxbmphz5q8w7mdlj8fjsrkiapcx86f94dnwz6j3ajf"; + url = "https://github.com/ocaml-ppx/ocamlformat/releases/download/${version}/ocamlformat-${version}-2.tbz"; + sha256 = "0ki2flqi3xkhw9mfridivb6laxm7gml8rj9qz42vqmy9yx76jjxq"; }; buildInputs = [ diff --git a/pkgs/development/tools/scaff/default.nix b/pkgs/development/tools/scaff/default.nix new file mode 100644 index 000000000000..d2f3733fbc5c --- /dev/null +++ b/pkgs/development/tools/scaff/default.nix @@ -0,0 +1,26 @@ +{ lib, rustPlatform, fetchFromGitLab, pkgconfig, openssl }: + +rustPlatform.buildRustPackage rec { + pname = "scaff"; + version = "0.1.1"; + + src = fetchFromGitLab { + owner = "jD91mZM2"; + repo = pname; + rev = version; + + sha256 = "1s5v50205l2h33pccyafrjv3a6lpb62inhm8z81hkvx53bqifvd7"; + }; + + cargoSha256 = "17rnzwlgrpr6isbajaccxa83msvvskxyqrc4cirgjmc7aqa0ilbh"; + + nativeBuildInputs = [ pkgconfig ]; + buildInputs = [ openssl ]; + + meta = with lib; { + description = "Painless and powerful scaffolding of projects"; + license = licenses.mit; + maintainers = with maintainers; [ jD91mZM2 ]; + platforms = platforms.unix; + }; +} diff --git a/pkgs/games/dwarf-fortress/game.json b/pkgs/games/dwarf-fortress/game.json index 213ee2779315..daef15575d51 100644 --- a/pkgs/games/dwarf-fortress/game.json +++ b/pkgs/games/dwarf-fortress/game.json @@ -93,5 +93,19 @@ "win32": "07mqhm64c1ddjc3vpyhf9qf14lp19xwz3pgg4c2pvcwy4yyrys22", "win32_s": "07acbxai8g04yxg7n68nyx4jwcqqkgjn7n96q2lzxdvc988kiivz", "legacy32_s": "1gxmc3rsl9glai3wb4wzsda3qyhdimd8s5kbr5m753n8lmzasafx" + }, + "0.47.02": { + "linux": "1zbsygbfiqxxs767qxkxjp3ayywi5q0d8xlrqlbd0l8a3ccg5avw", + "linux32": "1ddc9s4n408j8gidgign51bgv2wgy5z4cy74jzx00pvnhsfp2mpy", + "osx": "1mwy88yxip1wys1kxpfsbg7wlvfrkc4lg04gqw0d266a88dj7a30", + "osx32": "08ssnzl52gqqgcqhl0ynyikbxz76825kpcg1d6yx8g7ifjndf19n", + "win": "08g7fy18y8q32l0158314bny0qg57xz37qj9fri9r4xbhci67ldk", + "win_s": "0x56s1md62yk661aqcdgnz8k0zir0zr8qwan5vrqc0q9yh069yl1", + "win32": "0ww64mymbilb235n93d7w4c9axq3ww2mxa0f7bl4x8yrxwc8k942", + "win32_s": "0r801vip807v88icf47i3s82v7lshx67q4ilzfjirqfslh1x00bs", + "legacy": "14f4d6r7swfjnlaalg4l5916ihj6wvhlsgjp7cygamzp4c2wgng8", + "legacy_s": "1jxf52kaijf4crwxj30a4f6z7rzs6xa91y6vn5s8jr0cvbr5pz64", + "legacy32": "0j7shqdv3gimacj03cil2y0fmr0j0fp57cwmdjwnxwx3m96k3xwm", + "legacy32_s": "1wc7pcp9dwz0q1na3i5pbqknya595qdkmr7hsmgh2kk8rsp3g9g2" } } diff --git a/pkgs/games/dwarf-fortress/game.nix b/pkgs/games/dwarf-fortress/game.nix index d3a265294243..e3a66a508ea1 100644 --- a/pkgs/games/dwarf-fortress/game.nix +++ b/pkgs/games/dwarf-fortress/game.nix @@ -96,6 +96,6 @@ stdenv.mkDerivation { inherit homepage; license = licenses.unfreeRedistributable; platforms = attrNames platforms; - maintainers = with maintainers; [ a1russell robbinch roconnor the-kenny abbradar numinit ]; + maintainers = with maintainers; [ a1russell robbinch roconnor the-kenny abbradar numinit shazow ]; }; } diff --git a/pkgs/games/dwarf-fortress/themes/default.nix b/pkgs/games/dwarf-fortress/themes/default.nix index feb4782d7c32..6241df7590d9 100644 --- a/pkgs/games/dwarf-fortress/themes/default.nix +++ b/pkgs/games/dwarf-fortress/themes/default.nix @@ -12,7 +12,7 @@ listToAttrs (map (v: { sha256 = v.sha256; meta = with lib; { platforms = platforms.all; - maintainers = [ maintainers.matthewbauer ]; + maintainers = [ maintainers.matthewbauer maintainers.shazow ]; license = licenses.free; }; }; diff --git a/pkgs/games/dwarf-fortress/themes/themes.json b/pkgs/games/dwarf-fortress/themes/themes.json index 174c203c2abf..48f47c4fbb9e 100644 --- a/pkgs/games/dwarf-fortress/themes/themes.json +++ b/pkgs/games/dwarf-fortress/themes/themes.json @@ -1,18 +1,18 @@ [ { "name": "afro-graphics", - "version": "44.11a", - "sha256": "0hxh1qbwj6m780m522cfwjx0qkmiz3328xqwf13vkhlvgbz3azrk" + "version": "47.02", + "sha256": "0np4jc05905q3bjplbrfi09q4rq3pjbf2vmbrmazfagj2mp8m7z5" }, { "name": "autoreiv", - "version": "44.03", - "sha256": "03w9dp42718p5gnswynw3p9wz85y61gkzz60jf71arw1zhf23wm0" + "version": "47.01", + "sha256": "1c2xchlfq7ajpcq8qgrzkw5yfgm0k3fiwq6n7l4724dlbim3rjp2" }, { "name": "cla", - "version": "0.47.xx-v26", - "sha256": "04i17rl3gwpfnylvd554nsdi246yb3ih7wdmxmjy9177l14cp0kk" + "version": "0.47.xx-v26.3", + "sha256": "0ca81r3821jja4pqib75qxcsgg3s0wxzyq1jb4jc0495cvzxw7qa" }, { "name": "dfgraphics", @@ -21,18 +21,18 @@ }, { "name": "gemset", - "version": "44.10a", - "sha256": "14q69dyqzhxsfv1a4vh17fx7r7mylfimmjrydz6ygdypblgc9zm6" + "version": "47.02", + "sha256": "0gz6cfx9kyldh5dxicyw0yl9lq4qw51vvlpzl767ml0bx3w38bwy" }, { "name": "ironhand", - "version": "47.01", - "sha256": "0ndf5gy1c0f8h745gg2j9ljwarq4kqi28anvgxcaj73j9cv6jsgw" + "version": "47.02", + "sha256": "0j612xxz8g91zslw3a6yls3bzzmz0xdi2n0zx9zkmpzcl67f39ry" }, { "name": "jolly-bastion", - "version": "44.11", - "sha256": "0nziz6c94c9l28m8pp14fzbbnh7if1dnzrfl160ckv7arqpjv5r9" + "version": "47.02", + "sha256": "1df2hvm72lklmhhphcwsqm1m3dnaqxd8qvpygg5x71cfgkjd41ic" }, { "name": "mayday", @@ -41,37 +41,37 @@ }, { "name": "obsidian", - "version": "44.11", - "sha256": "12ij21c47gfws5brxwxhjpcr82q4ghxd1h4k6b0n2zs35071rfrp" + "version": "47.02", + "sha256": "03b26z557099k0l44lizagh17pz1y6apy496ivzv426xy0mzz684" }, { "name": "phoebus", - "version": "47.01", - "sha256": "1rf47p6a4f6scpzlmy9q3v1pakdjs06f9aingajpaia44lmjdfn6" + "version": "47.02a", + "sha256": "16zllnkrxi2365rd5m392xv72a9wvai0l3pz8xwkb8nlws8f58lb" }, { "name": "rally-ho", - "version": "44.11", - "sha256": "0v8aixvhhjlfxycbnldk35s757299a8mlgx4ba5qgnl8y2gg7f35" + "version": "47.02", + "sha256": "0xw2psmfjrgab0267scc7frgl9h1ypc0mbymn8z3x06m5wc3hbdh" }, { "name": "spacefox", - "version": "47.01", - "sha256": "1zbn5z8a40if1yr8kq9v5gnydygqx26jw22jfqqf3hrqfqn4mcb8" + "version": "47.02", + "sha256": "180fp2s489m2arc2z11j1qjnpcadjjkyami13yr3zd0v7msg64h8" }, { "name": "taffer", - "version": "44.10a", - "sha256": "0gp8hmv55bp34db0caksdpd3kn2glh7sz03gyxknzdymh1cpy0qv" + "version": "47.01b", + "sha256": "0b5hnli3gg32r7yvb3x1fqrmpxlk33j1hila2wiihybkkfnvxy5f" }, { "name": "tergel", - "version": "44.03", - "sha256": "1kgk0cav5b6v7mca36gm84b2p556ibd8yy4rwbfc4i6i3hlsdw07" + "version": "47.01", + "sha256": "142sd1i11vvirn68rp4gqzl67ww597df1lc57ycnpnz0n3q39kxy" }, { "name": "wanderlust", - "version": "44.10", - "sha256": "016acv0ab2wj4rn9slhbf626977zas6q4372f7avaf99ihcmwi85" + "version": "47.02", + "sha256": "0c36nxry189qdyinjk03wwm3j7q9q7b2sabkv7glx8yz2i61j5q9" } ] diff --git a/pkgs/games/dwarf-fortress/unfuck.nix b/pkgs/games/dwarf-fortress/unfuck.nix index 0bbc2b649e25..e9d172f212df 100644 --- a/pkgs/games/dwarf-fortress/unfuck.nix +++ b/pkgs/games/dwarf-fortress/unfuck.nix @@ -36,6 +36,10 @@ let unfuckRelease = "0.47.01"; sha256 = "11xvb3qh4crdf59pwfwpi73rzm3ysd1r1xp2k1jp7527jmqapk4k"; }; + "0.47.02" = { + unfuckRelease = "0.47.01"; + sha256 = "11xvb3qh4crdf59pwfwpi73rzm3ysd1r1xp2k1jp7527jmqapk4k"; + }; }; release = if hasAttr dfVersion unfuck-releases diff --git a/pkgs/games/dwarf-fortress/update.sh b/pkgs/games/dwarf-fortress/update.sh index 3db68122d358..e36badc4199e 100755 --- a/pkgs/games/dwarf-fortress/update.sh +++ b/pkgs/games/dwarf-fortress/update.sh @@ -8,8 +8,8 @@ systems='linux linux32 osx osx32 if [ $# -eq 0 ]; then versions="$(curl http://www.bay12games.com/dwarves/ \ - | grep 'DOWNLOAD DWARF FORTRESS' \ - | sed 's/.*DOWNLOAD DWARF FORTRESS \([0-9.]*\) .*/\1/')" + | grep 'DWARF FORTRESS CLASSIC ' \ + | sed 's/.*DWARF FORTRESS CLASSIC \([0-9.]*\) .*/\1/')" else versions="$@" fi diff --git a/pkgs/games/openmw/default.nix b/pkgs/games/openmw/default.nix index d9c992199c40..a7e386398d23 100644 --- a/pkgs/games/openmw/default.nix +++ b/pkgs/games/openmw/default.nix @@ -1,4 +1,4 @@ -{ stdenv, mkDerivation, fetchFromGitHub, qtbase, openscenegraph, mygui, bullet, ffmpeg +{ stdenv, mkDerivationWith, fetchFromGitHub, qtbase, openscenegraph, mygui, bullet, ffmpeg , boost, cmake, SDL2, unshield, openal, libXt, pkgconfig }: let @@ -10,7 +10,7 @@ let sha256 = "0admnllxic6dcpic0h100927yw766ab55dix002vvdx36i6994jb"; }; }); -in mkDerivation rec { +in mkDerivationWith stdenv.mkDerivation rec { version = "0.45.0"; pname = "openmw"; diff --git a/pkgs/games/openmw/tes3mp.nix b/pkgs/games/openmw/tes3mp.nix index 4bbddfbb1dfb..9570acfdbaaf 100644 --- a/pkgs/games/openmw/tes3mp.nix +++ b/pkgs/games/openmw/tes3mp.nix @@ -71,7 +71,7 @@ in openmw.overrideAttrs (oldAttrs: rec { description = "Multiplayer for TES3:Morrowind based on OpenMW"; homepage = https://tes3mp.com/; license = licenses.gpl3; - platforms = platforms.linux; + platforms = [ "x86_64-linux" "i686-linux" ]; maintainers = with maintainers; [ gnidorah ]; }; }) diff --git a/pkgs/misc/cups/drivers/hll2340dw/default.nix b/pkgs/misc/cups/drivers/hll2340dw/default.nix new file mode 100644 index 000000000000..653f72a0b610 --- /dev/null +++ b/pkgs/misc/cups/drivers/hll2340dw/default.nix @@ -0,0 +1,68 @@ +{stdenv, fetchurl, cups, dpkg, gnused, makeWrapper, ghostscript, file, a2ps, coreutils, gawk, perl, gnugrep, which}: + +let + version = "3.2.0-1"; + lprdeb = fetchurl { + url = "https://download.brother.com/welcome/dlf101912/hll2340dlpr-${version}.i386.deb"; + sha256 = "c0ae98b49b462cd8fbef445550f2177ce9d8bf627c904e182daa8cbaf8781e50"; + }; + + cupsdeb = fetchurl { + url = "https://download.brother.com/welcome/dlf101913/hll2340dcupswrapper-${version}.i386.deb"; + sha256 = "8aa24a6a825e3a4d5b51778cb46fe63032ec5a731ace22f9ef2b0ffcc2033cc9"; + }; + +in +stdenv.mkDerivation { + name = "cups-brother-hll2340dw"; + + nativeBuildInputs = [ makeWrapper ]; + buildInputs = [ cups ghostscript dpkg a2ps ]; + + dontUnpack = true; + + installPhase = '' + mkdir -p $out + dpkg-deb -x ${cupsdeb} $out + dpkg-deb -x ${lprdeb} $out + + substituteInPlace $out/opt/brother/Printers/HLL2340D/lpd/filter_HLL2340D \ + --replace /opt "$out/opt" \ + --replace /usr/bin/perl ${perl}/bin/perl \ + --replace "BR_PRT_PATH =~" "BR_PRT_PATH = \"$out/opt/brother/Printers/HLL2340D/\"; #" \ + --replace "PRINTER =~" "PRINTER = \"HLL2340D\"; #" + + patchelf --set-interpreter $(cat $NIX_CC/nix-support/dynamic-linker) \ + $out/opt/brother/Printers/HLL2340D/lpd/brprintconflsr3 + patchelf --set-interpreter $(cat $NIX_CC/nix-support/dynamic-linker) \ + $out/opt/brother/Printers/HLL2340D/lpd/rawtobr3 + + for f in \ + $out/opt/brother/Printers/HLL2340D/cupswrapper/brother_lpdwrapper_HLL2340D \ + $out/opt/brother/Printers/HLL2340D/cupswrapper/paperconfigml1 \ + ; do + wrapProgram $f \ + --prefix PATH : ${stdenv.lib.makeBinPath [ + coreutils ghostscript gnugrep gnused + ]} + done + + mkdir -p $out/lib/cups/filter/ + ln -s $out/opt/brother/Printers/HLL2340D/lpd/filter_HLL2340D $out/lib/cups/filter/brother_lpdwrapper_HLL2340D + + mkdir -p $out/share/cups/model + ln -s $out/opt/brother/Printers/HLL2340D/cupswrapper/brother-HLL2340D-cups-en.ppd $out/share/cups/model/ + + wrapProgram $out/opt/brother/Printers/HLL2340D/lpd/filter_HLL2340D \ + --prefix PATH ":" ${ stdenv.lib.makeBinPath [ ghostscript a2ps file gnused gnugrep coreutils which ] } + ''; + + meta = with stdenv.lib; { + homepage = http://www.brother.com/; + description = "Brother hl-l2340dw printer driver"; + license = licenses.unfree; + platforms = platforms.linux; + downloadPage = "https://support.brother.com/g/b/downloadlist.aspx?c=us&lang=es&prod=hll2340dw_us_eu_as&os=128&flang=English"; + maintainers = [ maintainers.qknight ]; + }; +} diff --git a/pkgs/misc/emulators/dolphin-emu/master.nix b/pkgs/misc/emulators/dolphin-emu/master.nix index cec88918282e..e6e19e812428 100644 --- a/pkgs/misc/emulators/dolphin-emu/master.nix +++ b/pkgs/misc/emulators/dolphin-emu/master.nix @@ -21,13 +21,13 @@ let }; in stdenv.mkDerivation rec { pname = "dolphin-emu"; - version = "5.0-11109"; + version = "5.0-11608"; src = fetchFromGitHub { owner = "dolphin-emu"; repo = "dolphin"; - rev = "93d7b3d15962a3393cf2971e14c4acf54d90cecd"; - sha256 = "1kkx3agdsc0qmf3yymlzq315nypm34qvq04qpjqycpfhmpx8gdnq"; + rev = "69ee15e5ef369d51681540e6714f02554e3bd8a6"; + sha256 = "1svi9mnddhjcv64xh3y9l68k3rix7wimq8b0mqf5hp7qrda07lx8"; }; enableParallelBuilding = true; diff --git a/pkgs/servers/atlassian/jira.nix b/pkgs/servers/atlassian/jira.nix index e5bc253f83df..a4eed02af711 100644 --- a/pkgs/servers/atlassian/jira.nix +++ b/pkgs/servers/atlassian/jira.nix @@ -5,11 +5,11 @@ stdenv.mkDerivation rec { pname = "atlassian-jira"; - version = "8.6.0"; + version = "8.7.0"; src = fetchurl { url = "https://product-downloads.atlassian.com/software/jira/downloads/atlassian-jira-software-${version}.tar.gz"; - sha256 = "091vcr0hvrrm9zjqs67ai5mkx7b8ybpwqpdxy7jw5z3994rdx3xw"; + sha256 = "0k3z4j5pp0xx8qq5clr3069449w5k43gzag60jv3dzq35586yvdi"; }; buildPhase = '' diff --git a/pkgs/servers/grocy/config-locations.patch b/pkgs/servers/grocy/config-locations.patch new file mode 100644 index 000000000000..475be78ec20e --- /dev/null +++ b/pkgs/servers/grocy/config-locations.patch @@ -0,0 +1,61 @@ +diff --git a/app.php b/app.php +index 5f91e4d..09c6010 100644 +--- a/app.php ++++ b/app.php +@@ -23,7 +23,7 @@ else + require_once __DIR__ . '/vendor/autoload.php'; + + // Load config files +-require_once GROCY_DATAPATH . '/config.php'; ++require_once getenv('GROCY_CONFIG_FILE'); + require_once __DIR__ . '/config-dist.php'; // For not in own config defined values we use the default ones + + // Definitions for dev/demo/prerelease mode +@@ -49,7 +49,7 @@ $appContainer = new \Slim\Container([ + ], + 'view' => function($container) + { +- return new \Slim\Views\Blade(__DIR__ . '/views', GROCY_DATAPATH . '/viewcache'); ++ return new \Slim\Views\Blade(__DIR__ . '/views', getenv('GROCY_CACHE_DIR')); + }, + 'LoginControllerInstance' => function($container) + { +diff --git a/services/DatabaseService.php b/services/DatabaseService.php +index 0bcf9b8..ec45e93 100644 +--- a/services/DatabaseService.php ++++ b/services/DatabaseService.php +@@ -13,7 +13,7 @@ class DatabaseService + return GROCY_DATAPATH . '/grocy_' . GROCY_CULTURE . '.db'; + } + +- return GROCY_DATAPATH . '/grocy.db'; ++ return getenv('GROCY_DB_FILE'); + } + + private $DbConnectionRaw; +diff --git a/services/FilesService.php b/services/FilesService.php +index 7933b73..f52657e 100644 +--- a/services/FilesService.php ++++ b/services/FilesService.php +@@ -12,7 +12,7 @@ class FilesService extends BaseService + { + parent::__construct(); + +- $this->StoragePath = GROCY_DATAPATH . '/storage'; ++ $this->StoragePath = getenv('GROCY_STORAGE_DIR'); + + if (!file_exists($this->StoragePath)) + { +diff --git a/services/StockService.php b/services/StockService.php +index d7482ef..d1399a7 100644 +--- a/services/StockService.php ++++ b/services/StockService.php +@@ -933,7 +933,7 @@ class StockService extends BaseService + throw new \Exception('No barcode lookup plugin defined'); + } + +- $path = GROCY_DATAPATH . "/plugins/$pluginName.php"; ++ $path = getenv('GROCY_PLUGIN_DIR'); + if (file_exists($path)) + { + require_once $path; diff --git a/pkgs/servers/grocy/default.nix b/pkgs/servers/grocy/default.nix new file mode 100644 index 000000000000..7af59f6904c5 --- /dev/null +++ b/pkgs/servers/grocy/default.nix @@ -0,0 +1,32 @@ +{ stdenv, fetchurl, unzip }: + +stdenv.mkDerivation rec { + pname = "grocy"; + version = "2.6.0"; + + src = fetchurl { + url = "https://github.com/grocy/grocy/releases/download/v${version}/grocy_${version}.zip"; + sha256 = "1d4hy495in7p0i4fnhai1yqhjhmblv1g30siggmqpjrzdiiw3bak"; + }; + + nativeBuildInputs = [ unzip ]; + unpackPhase = '' + unzip ${src} -d . + ''; + + patches = [ ./config-locations.patch ]; + + dontBuild = true; + + installPhase = '' + mkdir -p $out/ + cp -R . $out/ + ''; + + meta = with stdenv.lib; { + license = licenses.mit; + maintainers = with maintainers; [ ma27 ]; + description = "ERP beyond your fridge - grocy is a web-based self-hosted groceries & household management solution for your home"; + homepage = "https://grocy.info/"; + }; +} diff --git a/pkgs/servers/mail/sympa/default.nix b/pkgs/servers/mail/sympa/default.nix new file mode 100644 index 000000000000..46cbcc61f94c --- /dev/null +++ b/pkgs/servers/mail/sympa/default.nix @@ -0,0 +1,116 @@ +{ stdenv, perl, fetchFromGitHub, autoreconfHook +}: + +let + dataDir = "/var/lib/sympa"; + runtimeDir = "/run/sympa"; + perlEnv = perl.withPackages (p: with p; [ + ArchiveZip + CGI + CGIFast + ClassSingleton + DateTime + DBI + DateTimeFormatMail + DateTimeTimeZone + DigestMD5 + Encode + FCGI + FileCopyRecursive + FileNFSLock + FilePath + HTMLParser + HTMLFormatter + HTMLTree + HTMLStripScriptsParser + IO + IOStringy + LWP + libintl_perl + + MHonArc + MIMEBase64 + MIMECharset + MIMETools + MIMEEncWords + MIMELiteHTML + MailTools + NetCIDR + ScalarListUtils + SysSyslog + TermProgressBar + TemplateToolkit + URI + UnicodeLineBreak + XMLLibXML + + ### Features + Clone + CryptEksblowfish + + DBDPg + DBDSQLite + DBDmysql + + DataPassword + EncodeLocale + IOSocketSSL + MailDKIM + NetDNS + NetLDAP + NetSMTP + SOAPLite + ]); +in +stdenv.mkDerivation rec { + pname = "sympa"; + version = "6.2.52"; + + src = fetchFromGitHub { + owner = "sympa-community"; + repo = pname; + rev = version; + sha256 = "071kx6ryifs2f6fhfky9g297frzp5584kn444af1vb2imzydsbnh"; + }; + + configureFlags = [ + "--without-initdir" + "--without-unitsdir" + "--without-smrshdir" + + "--with-lockdir=${runtimeDir}" + "--with-piddir=${runtimeDir}" + "--with-confdir=${dataDir}/etc" + "--sysconfdir=${dataDir}/etc" + "--with-spooldir=${dataDir}/spool" + "--with-expldir=${dataDir}/list_data" + ]; + nativeBuildInputs = [ autoreconfHook ]; + buildInputs = [ perlEnv ]; + patches = [ ./make-docs.patch ]; + + prePatch = '' + patchShebangs po/sympa/add-lang.pl + ''; + + preInstall = '' + mkdir "$TMP/bin" + for i in chown chgrp chmod; do + echo '#!${stdenv.shell}' >> "$TMP/bin/$i" + chmod +x "$TMP/bin/$i" + done + PATH="$TMP/bin:$PATH" + ''; + + postInstall = '' + rm -rf "$TMP/bin" + ''; + + meta = with stdenv.lib; { + description = "Open source mailing list manager"; + homepage = "https://www.sympa.org"; + license = licenses.gpl2; + maintainers = with maintainers; [ sorki mmilata ]; + platforms = platforms.all; + }; +} diff --git a/pkgs/servers/mail/sympa/make-docs.patch b/pkgs/servers/mail/sympa/make-docs.patch new file mode 100644 index 000000000000..adefeafdeef7 --- /dev/null +++ b/pkgs/servers/mail/sympa/make-docs.patch @@ -0,0 +1,11 @@ +diff -ur sympa-6.2.44-orig/doc/Makefile.am sympa-6.2.44/doc/Makefile.am +--- sympa-6.2.44-orig/doc/Makefile.am 2019-08-29 01:57:43.512539087 +0200 ++++ sympa-6.2.44/doc/Makefile.am 2019-08-29 01:58:24.393531358 +0200 +@@ -83,6 +83,4 @@ + --lax --release="$(VERSION)" $< $@ + + .podpl.pod: +- $(AM_V_GEN)PERL5LIB=$(top_builddir)/src/lib:$(top_srcdir)/src/lib; \ +- export PERL5LIB; \ +- $(PERL) $< --top_srcdir=$(top_srcdir) > $*.pod ++ $(AM_V_GEN)$(PERL) -I$(top_builddir)/src/lib -I$(top_srcdir)/src/lib $< --top_srcdir=$(top_srcdir) > $*.pod diff --git a/pkgs/servers/memcached/default.nix b/pkgs/servers/memcached/default.nix index 004822b906ca..681439bb9411 100644 --- a/pkgs/servers/memcached/default.nix +++ b/pkgs/servers/memcached/default.nix @@ -1,4 +1,4 @@ -{stdenv, fetchurl, cyrus_sasl, libevent}: +{stdenv, fetchurl, fetchpatch, cyrus_sasl, libevent}: stdenv.mkDerivation rec { version = "1.5.21"; @@ -9,6 +9,16 @@ stdenv.mkDerivation rec { sha256 = "1x4jzrz09aq4nllkarn7d5x77gsys5l3nvfj8c7j4nvmvc30rlg3"; }; + patches = [ + # Fixes compilation error on Darwin due to redeclaration of + # htonll. The fix should appear in 1.5.23. + # https://github.com/memcached/memcached/issues/598 + (fetchpatch { + url = "https://github.com/memcached/memcached/commit/95c67710aaf5cfe188d94b510faef8c66d6f5604.diff"; + sha256 = "0ab5l24p4n4fpx78ilmg7jvs9nl84pdza90jbpbx3ns5n23pqbfs"; + }) + ]; + configureFlags = [ "ac_cv_c_endian=${if stdenv.hostPlatform.isBigEndian then "big" else "little"}" ]; diff --git a/pkgs/test/nixos-functions/default.nix b/pkgs/test/nixos-functions/default.nix index 6dee0a27a79a..6a4f3164f929 100644 --- a/pkgs/test/nixos-functions/default.nix +++ b/pkgs/test/nixos-functions/default.nix @@ -33,7 +33,7 @@ in lib.optionalAttrs stdenv.hostPlatform.isLinux ( environment.systemPackages = [ pkgs.hello ]; }; testScript = '' - $machine->succeed("hello"); + machine.succeed("hello") ''; }); diff --git a/pkgs/tools/admin/azure-cli/default.nix b/pkgs/tools/admin/azure-cli/default.nix index cc793f8300dc..9a6b512ce1fc 100644 --- a/pkgs/tools/admin/azure-cli/default.nix +++ b/pkgs/tools/admin/azure-cli/default.nix @@ -1,12 +1,12 @@ { stdenv, lib, python, fetchFromGitHub, installShellFiles }: let - version = "2.0.80"; + version = "2.0.81"; src = fetchFromGitHub { owner = "Azure"; repo = "azure-cli"; rev = "azure-cli-${version}"; - sha256 = "05j74cfxjpi3w79w0i5av3h2m81bavbsc581vvh773ixivndds1k"; + sha256 = "1fpdc59qqkx9s5aip62jzcky92fhlbvc97hi1x047sldh9ibp02n"; }; # put packages that needs to be overriden in the py package scope diff --git a/pkgs/tools/admin/azure-cli/python-packages.nix b/pkgs/tools/admin/azure-cli/python-packages.nix index 4d129e9c9dc1..f0bebeed679d 100644 --- a/pkgs/tools/admin/azure-cli/python-packages.nix +++ b/pkgs/tools/admin/azure-cli/python-packages.nix @@ -111,6 +111,9 @@ let ''; }; + azure-mgmt-policyinsights = overrideAzureMgmtPackage super.azure-mgmt-policyinsights "0.4.0" "zip" + "1b69rz9wm0jvc54vx3b7h633x8gags51xwxrkp6myar40jggxw6g"; + azure-mgmt-recoveryservicesbackup = overrideAzureMgmtPackage super.azure-mgmt-recoveryservicesbackup "0.5.0" "zip" "0jhq8fi3dn2cncyv2rrgr4kldd254f30zgwf6p85rdgvg2p9k4hl"; @@ -123,14 +126,14 @@ let azure-mgmt-consumption = overrideAzureMgmtPackage super.azure-mgmt-consumption "2.0.0" "zip" "12ai4qps73ivawh0yzvgb148ksx02r30pqlvfihx497j62gsi1cs"; - azure-mgmt-containerservice = overrideAzureMgmtPackage super.azure-mgmt-containerservice "8.0.0" "zip" - "0akpm12xj453dp84dfdpi06phr4q0hknr5l7bz96zbc8iand78wg"; + azure-mgmt-containerservice = overrideAzureMgmtPackage super.azure-mgmt-containerservice "8.1.0" "zip" + "07vpzhvi2946v5dn9cb2hkd1b9vj5c6zl32958bg2bxsjg9vvyi1"; azure-mgmt-cosmosdb = overrideAzureMgmtPackage super.azure-mgmt-cosmosdb "0.11.0" "zip" "05j0s2ng6ck35lw85cbjf5cm6canc71c41aagr68cmiqj1li6v1z"; - azure-mgmt-deploymentmanager = overrideAzureMgmtPackage super.azure-mgmt-deploymentmanager "0.1.0" "zip" - "0gvh17bhfcpvr6w0nd06v482m8lqxchlk256w68agi2qnqw6v2ir"; + azure-mgmt-deploymentmanager = overrideAzureMgmtPackage super.azure-mgmt-deploymentmanager "0.2.0" "zip" + "0c6pyr36n9snx879vas5r6l25db6nlp2z96xn759mz4kg4i45qs6"; azure-mgmt-imagebuilder = overrideAzureMgmtPackage super.azure-mgmt-imagebuilder "0.2.1" "zip" "0mwlvy4x5nr3hsz7wdpdhpzwarzzwz4225bfpd68hr0pcjgzspky"; @@ -138,8 +141,8 @@ let azure-mgmt-iothub = overrideAzureMgmtPackage super.azure-mgmt-iothub "0.8.2" "zip" "0w3w1d156rnkwjdarv3qvycklxr3z2j7lry7a3jfgj3ykzny12rq"; - azure-mgmt-iotcentral = overrideAzureMgmtPackage super.azure-mgmt-iotcentral "1.0.0" "zip" - "1s1x0pzynz0sd0l4k1kvkph9i1y03y9qd6afbw0nafcr3znqib4s"; + azure-mgmt-iotcentral = overrideAzureMgmtPackage super.azure-mgmt-iotcentral "2.0.0" "zip" + "1fql0j28d2r6slgabb7b438gdga513iskqh4al6c7dsmj1yzdzwa"; azure-mgmt-kusto = overrideAzureMgmtPackage super.azure-mgmt-kusto "0.3.0" "zip" "1pmcdgimd66h964a3d5m2j2fbydshcwhrk87wblhwhfl3xwbgf4y"; @@ -162,8 +165,8 @@ let azure-mgmt-msi = overrideAzureMgmtPackage super.azure-mgmt-msi "0.2.0" "zip" "0rvik03njz940x2hvqg6iiq8k0d88gyygsr86w8s0sa12sdbq8l6"; - azure-mgmt-web = overrideAzureMgmtPackage super.azure-mgmt-web "0.42.0" "zip" - "0vp40i9aaw5ycz7s7qqir6jq7327f7zg9j9i8g31qkfl1h1c7pdn"; + azure-mgmt-web = overrideAzureMgmtPackage super.azure-mgmt-web "0.44.0" "zip" + "05dqakhfi301k2jnvccxdkigqvwnf9xz858pqg9vsri3dq69f1rw"; azure-mgmt-redis = overrideAzureMgmtPackage super.azure-mgmt-redis "7.0.0rc1" "zip" "086wk31wsl8dx14qpd0g1bly8i9a8fix007djlj9cybva2f2bk6k"; @@ -192,11 +195,11 @@ let azure-mgmt-keyvault = overrideAzureMgmtPackage super.azure-mgmt-keyvault "1.1.0" "zip" "16a0d3j5dilbp7pd7gbwf8jr46vzbjim1p9alcmisi12m4km7885"; - azure-mgmt-cdn = overrideAzureMgmtPackage super.azure-mgmt-cdn "3.1.0" "zip" - "1qvnksmvsg8cw1ac6vbdxjdqsm7s1sak27k8xy24hm7c9a8y1nqc"; + azure-mgmt-cdn = overrideAzureMgmtPackage super.azure-mgmt-cdn "4.0.0" "zip" + "0aphqh4mvrc1yiyis8zvks0d19d1m3lqylr9jc8fj73iw84rwgm5"; - azure-mgmt-containerregistry = overrideAzureMgmtPackage super.azure-mgmt-containerregistry "3.0.0rc7" "zip" - "1bzfpbz186dhnxn0blgr20xxnk67gkr8ysn2b3f1r41bq9hz97xp"; + azure-mgmt-containerregistry = overrideAzureMgmtPackage super.azure-mgmt-containerregistry "3.0.0rc8" "zip" + "1j2xyfid0qg95lywwsz8520r7gd8m0a487n03jxnckr91vd890v1"; azure-mgmt-monitor = overrideAzureMgmtPackage super.azure-mgmt-monitor "0.7.0" "zip" "1pprvk5255b6brbw73g0g13zygwa7a2px5x08wy3153rqlzan5l2"; @@ -213,8 +216,8 @@ let azure-mgmt-storage = overrideAzureMgmtPackage super.azure-mgmt-storage "7.1.0" "zip" "03yjvw1dwkwsadsv60i625mr9zpdryy7ywvh7p8fg60djszh1p5l"; - azure-mgmt-servicefabric = overrideAzureMgmtPackage super.azure-mgmt-servicefabric "0.2.0" "zip" - "1bcq6fcgrsvmk6q7v8mxzn1180jm2qijdqkqbv1m117zp1wj5gxj"; + azure-mgmt-servicefabric = overrideAzureMgmtPackage super.azure-mgmt-servicefabric "0.4.0" "zip" + "1x18grkjf2p2r1ihlwv607sna9yjvsr2jwnkjc55askrgrwx5jx2"; azure-mgmt-hdinsight = overrideAzureMgmtPackage super.azure-mgmt-hdinsight "1.3.0" "zip" "1r7isr7hzq2dv1idwwa9xxxgk8wh0ncka45r4rdcsl1p7kd2kqam"; diff --git a/pkgs/tools/admin/lexicon/default.nix b/pkgs/tools/admin/lexicon/default.nix new file mode 100644 index 000000000000..4f6db4169a15 --- /dev/null +++ b/pkgs/tools/admin/lexicon/default.nix @@ -0,0 +1,31 @@ +{ lib +, python3Packages +, fetchFromGitHub +}: + +python3Packages.buildPythonApplication rec { + pname = "lexicon"; + version = "3.3.17"; + + propagatedBuildInputs = with python3Packages; [ requests tldextract future cryptography pyyaml boto3 zeep xmltodict beautifulsoup4 dnspython pynamecheap softlayer transip localzone ]; + + checkInputs = with python3Packages; [ pytest pytestcov pytest_xdist vcrpy mock ]; + + checkPhase = '' + pytest --ignore=lexicon/tests/providers/test_auto.py + ''; + + src = fetchFromGitHub { + owner = "AnalogJ"; + repo = pname; + rev = "v${version}"; + sha256 = "1wrsw759am6yp2m9b34iv82m371df3ssp2vhdjr18ys3xk7dvj89"; + }; + + meta = with lib; { + description = "Manipulate DNS records on various DNS providers in a standardized way."; + homepage = https://github.com/AnalogJ/lexicon; + maintainers = with maintainers; [ flyfloh ]; + license = licenses.mit; + }; +} diff --git a/pkgs/tools/backup/sanoid/default.nix b/pkgs/tools/backup/sanoid/default.nix new file mode 100644 index 000000000000..569a07a459be --- /dev/null +++ b/pkgs/tools/backup/sanoid/default.nix @@ -0,0 +1,75 @@ +{ lib, stdenv, fetchFromGitHub, fetchpatch, makeWrapper, coreutils, zfs +, perlPackages, procps, which, openssh, sudo, mbuffer, pv, lzop, gzip, pigz }: + +with lib; + +stdenv.mkDerivation rec { + pname = "sanoid"; + version = "2.0.3"; + + src = fetchFromGitHub { + owner = "jimsalterjrs"; + repo = pname; + rev = "v${version}"; + sha256 = "1wmymzqg503nmhw8hrblfs67is1l3ljbk2fjvrqwyb01b7mbn80x"; + }; + + patches = [ + # Make sanoid look for programs in PATH + (fetchpatch { + url = "https://github.com/jimsalterjrs/sanoid/commit/dc2371775afe08af799d3097d47b48182d1716eb.patch"; + sha256 = "16hlwcbcb8h3ar1ywd2bzr3h3whgbcfk6walmp8z6j74wbx81aav"; + }) + # Make findoid look for programs in PATH + (fetchpatch { + url = "https://github.com/jimsalterjrs/sanoid/commit/44bcd21f269e17765acd1ad0d45161902a205c7b.patch"; + sha256 = "0zqyl8q5sfscqcc07acw68ysnlnh3nb57cigjfwbccsm0zwlwham"; + }) + # Add --cache-dir option + (fetchpatch { + url = "https://github.com/jimsalterjrs/sanoid/commit/a1f5e4c0c006e16a5047a16fc65c9b3663adb81e.patch"; + sha256 = "1bb4g2zxrbvf7fvcgzzxsr1cvxzrxg5dzh89sx3h7qlrd6grqhdy"; + }) + # Add --run-dir option + (fetchpatch { + url = "https://github.com/jimsalterjrs/sanoid/commit/59a07f92b4920952cc9137b03c1533656f48b121.patch"; + sha256 = "11v4jhc36v839gppzvhvzp5jd22904k8xqdhhpx6ghl75yyh4f4s"; + }) + ]; + + nativeBuildInputs = [ makeWrapper ]; + buildInputs = with perlPackages; [ perl ConfigIniFiles CaptureTiny ]; + + installPhase = '' + mkdir -p "$out/bin" + mkdir -p "$out/etc/sanoid" + cp sanoid.defaults.conf "$out/etc/sanoid/sanoid.defaults.conf" + # Hardcode path to default config + substitute sanoid "$out/bin/sanoid" \ + --replace "\$args{'configdir'}/sanoid.defaults.conf" "$out/etc/sanoid/sanoid.defaults.conf" + chmod +x "$out/bin/sanoid" + # Prefer ZFS userspace tools from /run/booted-system/sw/bin to avoid + # incompatibilities with the ZFS kernel module. + wrapProgram "$out/bin/sanoid" \ + --prefix PERL5LIB : "$PERL5LIB" \ + --prefix PATH : "${makeBinPath [ procps "/run/booted-system/sw" zfs ]}" + + install -m755 syncoid "$out/bin/syncoid" + wrapProgram "$out/bin/syncoid" \ + --prefix PERL5LIB : "$PERL5LIB" \ + --prefix PATH : "${makeBinPath [ openssh procps which pv mbuffer lzop gzip pigz "/run/booted-system/sw" zfs ]}" + + install -m755 findoid "$out/bin/findoid" + wrapProgram "$out/bin/findoid" \ + --prefix PERL5LIB : "$PERL5LIB" \ + --prefix PATH : "${makeBinPath [ "/run/booted-system/sw" zfs ]}" + ''; + + meta = { + description = "A policy-driven snapshot management tool for ZFS filesystems"; + homepage = "https://github.com/jimsalterjrs/sanoid"; + license = licenses.gpl3; + maintainers = with maintainers; [ lopsided98 ]; + platforms = platforms.all; + }; +} diff --git a/pkgs/tools/bluetooth/bluez-alsa/default.nix b/pkgs/tools/bluetooth/bluez-alsa/default.nix index 097b7ae00d78..7db28b581e28 100644 --- a/pkgs/tools/bluetooth/bluez-alsa/default.nix +++ b/pkgs/tools/bluetooth/bluez-alsa/default.nix @@ -1,5 +1,5 @@ { stdenv, fetchFromGitHub, pkgconfig, autoreconfHook -, alsaLib, bluez, glib, sbc +, alsaLib, bluez, glib, sbc, dbus # optional, but useful utils , readline, libbsd, ncurses @@ -13,32 +13,31 @@ with stdenv.lib; stdenv.mkDerivation rec { pname = "bluez-alsa"; - version = "1.4.0"; + version = "2.0.0"; src = fetchFromGitHub { owner = "Arkq"; repo = "bluez-alsa"; rev = "v${version}"; - sha256 = "12kc2896rbir8viywd6bjwcklkwf46j4svh9viryn6kmk084nb49"; + sha256 = "08mppgnjf1j2733bk9yf0cny6rfxxwiys0s62lz2zd2lpdl6d9lz"; }; nativeBuildInputs = [ pkgconfig autoreconfHook ]; buildInputs = [ - alsaLib bluez glib sbc + alsaLib bluez glib sbc dbus readline libbsd ncurses ] ++ optional aacSupport fdk_aac; configureFlags = [ "--with-alsaplugindir=\$out/lib/alsa-lib" + "--with-dbusconfdir=\$out/etc/dbus-1" "--enable-rfcomm" "--enable-hcitop" ] ++ optional aacSupport "--enable-aac"; - doCheck = false; # fails 1 of 3 tests, needs access to ALSA - meta = { description = "Bluez 5 Bluetooth Audio ALSA Backend"; longDescription = '' @@ -63,7 +62,7 @@ stdenv.mkDerivation rec { homepage = src.meta.homepage; license = licenses.mit; platforms = platforms.linux; - maintainers = [ maintainers.oxij ]; + maintainers = [ maintainers.oxij maintainers.lheckemann ]; }; } diff --git a/pkgs/tools/filesystems/reiserfsprogs/default.nix b/pkgs/tools/filesystems/reiserfsprogs/default.nix index a89ea0657500..10962f10a8f5 100644 --- a/pkgs/tools/filesystems/reiserfsprogs/default.nix +++ b/pkgs/tools/filesystems/reiserfsprogs/default.nix @@ -14,7 +14,7 @@ stdenv.mkDerivation rec { nativeBuildInputs = [ autoreconfHook ]; buildInputs = [ libuuid ]; - NIX_CFLAGS_COMPILE = "-std=gnu90"; + NIX_CFLAGS_COMPILE = [ "-std=gnu90" "-D_GNU_SOURCE" ]; meta = { inherit version; diff --git a/pkgs/tools/graphics/wdisplays/default.nix b/pkgs/tools/graphics/wdisplays/default.nix index 9b003868bd00..baa05be821bc 100644 --- a/pkgs/tools/graphics/wdisplays/default.nix +++ b/pkgs/tools/graphics/wdisplays/default.nix @@ -1,7 +1,7 @@ { stdenv, fetchFromGitHub, meson, ninja, pkgconfig, gtk3, epoxy, wayland }: stdenv.mkDerivation { - pname = "wdisplays"; - version = "2019-10-26-unstable"; + pname = "wdisplays-unstable"; + version = "2020-01-12"; nativeBuildInputs = [ meson ninja pkgconfig ]; @@ -10,14 +10,14 @@ stdenv.mkDerivation { src = fetchFromGitHub { owner = "cyclopsian"; repo = "wdisplays"; - rev = "22669edadb8ff3478bdb51ddc140ef6e61e3d9ef"; - sha256 = "127k5i98km6mh8yw4vf8n44b29kc3n0169xpkdh7yr0rhv6n9cdl"; + rev = "ba331cab535318888a562f5a2731d2523b310dac"; + sha256 = "0fk3l78hirxdi74iqmq6mxi9daqnxdkbb5a2wfshmr11ic9xixpm"; }; meta = let inherit (stdenv) lib; in { description = "A graphical application for configuring displays in Wayland compositors"; homepage = "https://github.com/cyclopsian/wdisplays"; - maintainers = [ lib.maintainers.lheckemann ]; + maintainers = with lib.maintainers; [ lheckemann ma27 ]; license = lib.licenses.mit; platforms = lib.platforms.linux; }; diff --git a/pkgs/tools/misc/fzf/default.nix b/pkgs/tools/misc/fzf/default.nix index 960373e7e5fc..0694d5931eff 100644 --- a/pkgs/tools/misc/fzf/default.nix +++ b/pkgs/tools/misc/fzf/default.nix @@ -19,32 +19,34 @@ buildGoModule rec { buildInputs = [ ncurses ]; + # The vim plugin expects a relative path to the binary; patch it to abspath. patchPhase = '' - sed -i -e "s|expand(':h:h')|'$bin'|" plugin/fzf.vim + sed -i -e "s|expand(':h:h')|'$out'|" plugin/fzf.vim - # Original and output files can't be the same - if cmp -s $src/plugin/fzf.vim plugin/fzf.vim; then - echo "Vim plugin patch not applied properly. Aborting" && \ - exit 1 + if ! grep -q $out plugin/fzf.vim; then + echo "Failed to replace vim base_dir path with $out" + exit 1 fi ''; + doCheck = true; + preInstall = '' mkdir -p $out/share/fish/{vendor_functions.d,vendor_conf.d} - cp $src/shell/key-bindings.fish $out/share/fish/vendor_functions.d/fzf_key_bindings.fish + cp shell/key-bindings.fish $out/share/fish/vendor_functions.d/fzf_key_bindings.fish cp ${fishHook} $out/share/fish/vendor_conf.d/load-fzf-key-bindings.fish ''; postInstall = '' - cp $src/bin/fzf-tmux $out/bin + cp bin/fzf-tmux $out/bin mkdir -p $man/share/man - cp -r $src/man/man1 $man/share/man + cp -r man/man1 $man/share/man mkdir -p $out/share/vim-plugins/${pname} - cp -r $src/plugin $out/share/vim-plugins/${pname} + cp -r plugin $out/share/vim-plugins/${pname} - cp -R $src/shell $out/share/fzf + cp -R shell $out/share/fzf cat <