Commit Graph

25943 Commits

Author SHA1 Message Date
Sandro
5332b2b4d3
Merge pull request #213168 from LeSuisse/rustls-ffi-init
rustls-ffi: init at 0.9.2 and make possible to build Apache mod_tls with it
2023-03-31 11:25:24 +02:00
K900
fd5d1c8eab
Merge pull request #223841 from wahjava/update-tailscale
tailscale: 1.38.2 -> 1.38.3
2023-03-31 11:18:57 +03:00
happysalada
8b5ca66432 chatgpt-retrieval-plugin: init at unstable-2023-03-28 2023-03-30 22:29:54 -04:00
Pascal Bach
7563cb6256
Merge pull request #223855 from r-ryantm/auto-update/minio
minio: 2023-03-13T19-46-17Z -> 2023-03-24T21-41-23Z
2023-03-30 22:49:36 +02:00
Weijia Wang
fc80e3446c
Merge pull request #223836 from r-ryantm/auto-update/wishlist
wishlist: 0.9.0 -> 0.10.0
2023-03-30 23:08:01 +03:00
Sandro
89b5be094b
Merge pull request #223785 from dotlambda/nextcloud-previewgenerator-init
nextcloudPackages.apps.previewgenerator: init at 5.2.1
2023-03-30 16:12:05 +02:00
Félix Baylac Jacqué
9ebbbb4fc0 Pleroma: use libxcrypt-legacy
4e300e071b disabled the "weak cyphers"
on libxcrypt. For some reason, this is breaking the crypt hex library.

Using lybxcrypt-legacy, which re-enables these weak cyphers.

Upstream removed the crypt dependency and is drafting a new release.
We'll drop altogether this libxcrypt dependency soon enough anyways.

Fixes #223518
2023-03-30 13:49:58 +02:00
R. Ryantm
ed520fb76a minio: 2023-03-13T19-46-17Z -> 2023-03-24T21-41-23Z 2023-03-30 03:46:51 +00:00
Ashish SHUKLA
033dbb172d
tailscale: 1.38.2 -> 1.38.3 2023-03-30 07:39:25 +05:30
R. Ryantm
f34264640d wishlist: 0.9.0 -> 0.10.0 2023-03-30 01:47:51 +00:00
Robert Schütz
9e87f7dbde nextcloud-notify_push: 0.6.1 -> 0.6.2
Diff: https://github.com/nextcloud/notify_push/compare/v0.6.1...v0.6.2
2023-03-29 15:50:11 -07:00
Robert Schütz
9c3a588fa0 nextcloudPackages.apps.previewgenerator: init at 5.2.1 2023-03-29 13:23:42 -07:00
Robert Schütz
b7405ea851
Merge pull request #223582 from SuperSandro2000/nextcloud-notify_push-bump
nextcloud-notify_push: 0.6.0 -> 0.6.1
2023-03-29 13:17:59 -07:00
Mario Rodas
3e8f1573e9
Merge pull request #223420 from noisersup/ferretdb-0.9.4
ferretdb: 0.9.3 -> 0.9.4
2023-03-29 08:00:53 -05:00
Luke Granger-Brown
74ffb03af0
Merge pull request #223678 from r-ryantm/auto-update/pomerium
pomerium: 0.21.2 -> 0.21.3
2023-03-29 13:25:55 +01:00
Sandro
c2ae278eb8
Merge pull request #221851 from Ma27/postgresql-jit-support
postgresql: implement opt-in JIT support
2023-03-29 13:29:30 +02:00
Stanisław Pitucha
dcd028c9e0
Merge pull request #222998 from viraptor/livepeer-darwin
livepeer: mark not broken on darwin
2023-03-29 22:23:41 +11:00
Izorkin
e57d014454 mastodon: update ruby package 2023-03-29 12:41:21 +02:00
Maximilian Bosch
9f2b4357c1
postgresql: save rebuilds of existing packages
...by using `+ lib.optionalString ...` rather than a substitution. That
way the phases don't have additional trailing white-spaces in the
non-JIT case which cause rebuilds.
2023-03-29 08:39:47 +02:00
Maximilian Bosch
a5a715bb24
postgresql_jit: fix darwin build
So, patchelf works on ELF files and these don't exist on Darwin. I'm not
aware of any other way to eliminate all references of the executable's
body while preserving library paths in the header. This still works, the
only problem is that darwin has a dependency on llvm.dev, so it's
runtime closure is larger.
2023-03-29 08:39:47 +02:00
Maximilian Bosch
43dbeae02d
postgresql: pass through JIT-enabled variant of non-JIT postgres and vice versa
This is useful if your postgresql version is dependant on
`system.stateVersion` and not pinned down manually. Then it's not
necessary to find out which version exactly is in use and define
`package` manually, but just stay with what NixOS provides as default:

    $ nix-instantiate -A postgresql
    /nix/store/82fzmb77mz2b787dgj7mn4a8i4f6l6sn-postgresql-14.7.drv
    $ nix-instantiate -A postgresql_jit
    /nix/store/qsjkb72fcrrfpsszrwbsi9q9wgp39m50-postgresql-14.7.drv
    $ nix-instantiate -A postgresql.withJIT
    /nix/store/qsjkb72fcrrfpsszrwbsi9q9wgp39m50-postgresql-14.7.drv
    $ nix-instantiate -A postgresql.withJIT.withoutJIT
    /nix/store/82fzmb77mz2b787dgj7mn4a8i4f6l6sn-postgresql-14.7.drv

I.e. you can use postgresql with JIT (for complex queries only[1]) like
this:

    services.postgresql = {
      enable = true;
      enableJIT = true;
    };

Performing a new override instead of re-using the `_jit`-variants for
that has the nice property that overlays for the original package apply
to the JIT-enabled variant, i.e.

    with import ./. {
      overlays = [
        (self: super: {
          postgresql = super.postgresql.overrideAttrs (_: { fnord = "snens"; });
        })
      ];
    };
    postgresql.withJIT.fnord

still gives the string `snens` whereas `postgresql_jit` doesn't have the
attribute `fnord` in its derivation.

[1] https://www.postgresql.org/docs/current/runtime-config-query.html#GUC-JIT-ABOVE-COST
2023-03-29 08:39:46 +02:00
Maximilian Bosch
2282fa73a1
postgresql: implement opt-in JIT support
Closes #150801

Note: I decided against resuming directly on #150801 because the
conflict was too big (and resolving it seemed too error-prone to me).
Also the `this`-refactoring could be done in an easier manner, i.e. by
exposing JIT attributes with the correct configuration. More on that
below.

This patch creates variants of the `postgresql*`-packages with JIT[1]
support. Please note that a lot of the work was derived from previous
patches filed by other contributors, namely dasJ, andir and abbradar,
hence the co-authored-by tags below.

Effectively, the following things have changed:

* For JIT variants an LLVM-backed stdenv with clang is now used as
  suggested by dasJ[2]. We need LLVM and CLang[3] anyways to build the
  JIT-part, so no need to mix this up with GCC's stdenv. Also, using the
  `dev`-output of LLVM and clang's stdenv for building (and adding llvm
  libs as build-inputs) seems more cross friendly to me (which will
  become useful when cross-building for JIT-variants will actually be
  supported).

* Plugins inherit the build flags from the Makefiles in
  `$out/lib/pgxs/src` (e.g. `-Werror=unguarded-availability-new`). Since
  some of the flags are clang-specific (and stem from the use of the
  CLang stdenv) and don't work on gcc, the stdenv of `pkgs.postgresql`
  is passed to the plugins. I.e., plugins for non-JIT variants are built
  with a gcc stdenv on Linux and plugins for JIT variants with a clang
  stdenv.

  Since `plv8` hard-codes `gcc` as `$CC` in its Makefile[4], I marked it
  as broken for JIT-variants of postgresql only.

* Added a test-matrix to confirm that JIT works fine on each
  `pkgs.postgresql_*_jit` (thanks Andi for the original test in
  #124804!).

* For each postgresql version, a new attribute
  `postgresql_<version>_jit` (and a corresponding
  `postgresqlPackages<version>JitPackages`) are now exposed for better
  discoverability and prebuilt artifacts in the binary cache.

* In #150801 the `this`-argument was replaced by an internal recursion.
  I decided against this approach because it'd blow up the diff even
  more which makes the readability way harder and also harder to revert
  this if necessary.

  Instead, it is made sure that `this` always points to the correct
  variant of `postgresql` and re-using that in an additional
  `.override {}`-expression is trivial because the JIT-variant is
  exposed in `all-packages.nix`.

* I think the changes are sufficiently big to actually add myself as
  maintainer here.

* Added `libxcrypt` to `buildInputs` for versions <v13. While
  building things with an LLVM stdenv, these versions complained that
  the extern `crypt()` symbol can't be found. Not sure what this is
  exactly about, but since we want to switch to libxcrypt for `crypt()`
  usage anyways[5] I decided to add it. For >=13 it's not relevant
  anymore anyways[6].

* JIT support doesn't work with cross-compilation. It is attempted to
  build LLVM-bytecode (`%.bc` is the corresponding `make(1)`-rule) for
  each sub-directory in `backend/` for the JIT apparently, but with a
  $(CLANG) that can produce binaries for the build, not the host-platform.

  I managed to get a cross-build with JIT support working with
  `depsBuildBuild = [ llvmPackages.clang ] ++ buildInputs`, but
  considering that the resulting LLVM IR isn't platform-independent this
  doesn't give you much. In fact, I tried to test the result in a VM-test,
  but as soon as JIT was used to optimize a query, postgres would
  coredump with `Illegal instruction`.

A common concern of the original approach - with llvm as build input -
was the massive increase of closure size. With the new approach of using
the LLVM stdenv directly and patching out references to the clang drv in
`$out` the effective closure size changes are:

    $ nix path-info -Sh $(nix-build -A postgresql_14)
    /nix/store/kssxxqycwa3c7kmwmykwxqvspxxa6r1w-postgresql-14.7	306.4M
    $ nix path-info -Sh $(nix-build -A postgresql_14_jit)
    /nix/store/xc7qmgqrn4h5yr4vmdwy56gs4bmja9ym-postgresql-14.7	689.2M

Most of the increase in closure-size stems from the `lib`-output of
LLVM

    $ nix path-info -Sh /nix/store/5r97sbs5j6mw7qnbg8nhnq1gad9973ap-llvm-11.1.0-lib
    /nix/store/5r97sbs5j6mw7qnbg8nhnq1gad9973ap-llvm-11.1.0-lib	349.8M

which is why this shouldn't be enabled by default.

While this is quite much because of LLVM, it's still a massive
improvement over the simple approach of adding llvm/clang as
build-inputs and building with `--with-llvm`:

    $ nix path-info -Sh $(nix-build -E '
	with import ./. {};
	postgresql.overrideAttrs ({ configureFlags ? [], buildInputs ? [], ... }: {
	  configureFlags = configureFlags ++ [ "--with-llvm" ];
	  buildInputs = buildInputs ++ [ llvm clang ];
	})' -j0)
    /nix/store/i3bd2r21c6c3428xb4gavjnplfqxn27p-postgresql-14.7	  1.6G

Co-authored-by: Andreas Rammhold <andreas@rammhold.de>
Co-authored-by: Janne Heß <janne@hess.ooo>
Co-authored-by: Nikolay Amiantov <ab@fmap.me>

[1] https://www.postgresql.org/docs/current/jit-reason.html
[2] https://github.com/NixOS/nixpkgs/pull/124804#issuecomment-864616931
    & https://github.com/NixOS/nixpkgs/pull/150801#issuecomment-1467868321
[3] This fails with the following error otherwise:
    ```
    configure: error: clang not found, but required when compiling --with-llvm, specify with CLANG=
    ```
[4] https://github.com/plv8/plv8/blob/v3.1.5/Makefile#L14
[5] https://github.com/NixOS/nixpkgs/pull/181764
[6] c45643d618
2023-03-29 08:39:46 +02:00
R. Ryantm
aa6fd7cb06 pomerium: 0.21.2 -> 0.21.3 2023-03-29 02:57:27 +00:00
Robert Schütz
8373cbec30 nextcloudPackages: update 2023-03-28 18:43:27 -07:00
Martin Weinelt
e911a4d6cd
Merge pull request #223055 from LeSuisse/apache-2.4.56
apacheHttpd: 2.4.55 -> 2.4.56
2023-03-29 01:14:27 +02:00
Weijia Wang
d6fc33dd36
Merge pull request #223546 from r-ryantm/auto-update/jackett
jackett: 0.20.3670 -> 0.20.3689
2023-03-29 01:06:29 +03:00
Weijia Wang
8963d6dd92
Merge pull request #223505 from r-ryantm/auto-update/memcached
memcached: 1.6.18 -> 1.6.19
2023-03-29 01:03:29 +03:00
Weijia Wang
ab64f45609
Merge pull request #222965 from r-ryantm/auto-update/snappymail
snappymail: 2.26.4 -> 2.27.2
2023-03-29 00:08:19 +03:00
Maximilian Bosch
6c928a0729
Merge pull request #223561 from sumnerevans/matrix-synapse-1.80
matrix-synapse: 1.79.0 -> 1.80.0
2023-03-28 19:06:29 +02:00
Thomas Gerbet
ce5b2e3773 apacheHttpd: add option to build experimental mod_tls
https://httpd.apache.org/docs/2.4/mod/mod_tls.html

Note: the attribute has been named `modTlsSupport` instead of
`tlsSupport` to try to limit the confusion with the existing
`sslSupport` attribute.
2023-03-28 18:00:35 +02:00
Weijia Wang
e5a748c2d5
Merge pull request #222707 from r-ryantm/auto-update/redpanda
redpanda: 23.1.1 -> 23.1.3
2023-03-28 17:18:23 +03:00
Sandro Jäckel
282d3a0335
nextcloud-notify_push: 0.6.0 -> 0.6.1
Diff: https://github.com/nextcloud/notify_push/compare/v0.6.0...v0.6.1
2023-03-28 15:13:21 +02:00
Sumner Evans
a991a71d04
matrix-synapse: 1.79.0 -> 1.80.0
Signed-off-by: Sumner Evans <me@sumnerevans.com>
2023-03-28 13:55:24 +02:00
R. Ryantm
ded33fd591 jackett: 0.20.3670 -> 0.20.3689 2023-03-28 10:13:28 +00:00
noisersup
6be98b2a33 ferretdb: 0.9.3 -> 0.9.4 2023-03-28 11:58:16 +02:00
Sandro
edd434bf9b
Merge pull request #222594 from raphaelr/update/honk
honk: 0.9.8 -> 0.9.91
2023-03-28 10:09:30 +02:00
R. Ryantm
49e3f4fe0c memcached: 1.6.18 -> 1.6.19 2023-03-28 06:11:04 +00:00
Bill Ewanick
b81f7d15f1 lemmy: 0.17.1 -> 0.17.2 2023-03-27 21:08:36 -04:00
Sandro
44a4f6fb19
Merge pull request #206843 from Izorkin/fix-wsdd 2023-03-27 23:24:12 +02:00
Ryan Lahfa
f39c23adae
Merge pull request #223268 from stuebinm/netbox-composible-packageOverrides
netbox: workaround to allow composible python packageOverrides
2023-03-27 22:06:39 +02:00
Ryan Lahfa
482c735228
Merge pull request #223388 from 06kellyjac/authelia-move
authelia: move module under security and minor fixes
2023-03-27 21:59:57 +02:00
Carlos Alexandro Becker
403affdafe
domain-exporter: add caarlos0 to maintainer list
Signed-off-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com>
2023-03-27 10:47:03 -03:00
06kellyjac
9b60eef4bd authelia: move module under security and minor fixes
Fixed test access to lib
Added nixos test to passthru
2023-03-27 12:00:07 +01:00
Maximilian Bosch
38bb412652
Merge pull request #223243 from Ma27/bump-prometheus-postgres-exporter
prometheus-postgres-exporter: 0.11.1 -> 0.12.0
2023-03-27 10:28:05 +02:00
Mario Rodas
7a7892cb52
Merge pull request #223299 from figsoda/microbin
microbin: 1.1.0 -> 1.2.1, add figsoda as a maintainer
2023-03-26 22:06:23 -05:00
Sandro
6e0d6e6f5a
Merge pull request #223222 from toastal/prosody-0.12.3
prosody: 0.12.1 → 0.12.3
2023-03-27 02:45:57 +02:00
figsoda
5c7757b10b microbin: 1.1.0 -> 1.2.1, add figsoda as a maintainer
Changelog: https://github.com/szabodanika/microbin/releases/tag/v1.2.1
2023-03-26 16:56:38 -04:00
Vladimír Čunát
31c583a731
Merge #223241: radicale2: Disable weak crypt htpasswd test
...into staging-next
2023-03-26 18:52:20 +02:00
Vladimír Čunát
687609e0ec
Merge #223249: lighttpd: Disable tests for DES and MD5
...into staging-next
2023-03-26 18:51:28 +02:00
github-actions[bot]
665b0409ad
Merge master into staging-next 2023-03-26 16:02:07 +00:00