From 58374fbaf31f3e248072bb7be7311055b72520a1 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Andr=C3=A9-Patrick=20Bubel?= <code@andre-bubel.de>
Date: Tue, 12 Sep 2017 13:57:37 +0200
Subject: [PATCH 01/23] Test opening encrypted filesystem with keyfile

Checks for regression of missing cryptsetup, when no luks device without
keyfile is configured
---
 nixos/tests/installer.nix | 41 +++++++++++++++++++++++++++++++++++++++
 1 file changed, 41 insertions(+)

diff --git a/nixos/tests/installer.nix b/nixos/tests/installer.nix
index c1dae2a34fa3..670e4ce1aeaf 100644
--- a/nixos/tests/installer.nix
+++ b/nixos/tests/installer.nix
@@ -430,6 +430,47 @@ in {
       '';
     };
 
+  # Test whether opening encrypted filesystem with keyfile
+  # Checks for regression of missing cryptsetup, when no luks device without
+  # keyfile is configured
+  filesystemEncryptedWithKeyfile = makeInstallerTest "filesystemEncryptedWithKeyfile"
+    { createPartitions = ''
+       $machine->succeed(
+          "parted /dev/vda mklabel msdos",
+          "parted /dev/vda -- mkpart primary ext2 1M 50MB", # /boot
+          "parted /dev/vda -- mkpart primary linux-swap 50M 1024M",
+          "parted /dev/vda -- mkpart primary 1024M 1280M", # LUKS with keyfile
+          "parted /dev/vda -- mkpart primary 1280M -1s",
+          "udevadm settle",
+          "mkswap /dev/vda2 -L swap",
+          "swapon -L swap",
+          "mkfs.ext3 -L nixos /dev/vda4",
+          "mount LABEL=nixos /mnt",
+          "mkfs.ext3 -L boot /dev/vda1",
+          "mkdir -p /mnt/boot",
+          "mount LABEL=boot /mnt/boot",
+          "modprobe dm_mod dm_crypt",
+          "echo -n supersecret > /mnt/keyfile",
+          "cryptsetup luksFormat -q /dev/vda3 --key-file /mnt/keyfile",
+          "cryptsetup luksOpen --key-file /mnt/keyfile /dev/vda3 crypt",
+          "mkfs.ext3 -L test /dev/mapper/crypt",
+          "cryptsetup luksClose crypt",
+          "mkdir -p /mnt/test"
+        );
+      '';
+      extraConfig = ''
+        fileSystems."/test" =
+        { device = "/dev/disk/by-label/test";
+          fsType = "ext3";
+          encrypted.enable = true;
+          encrypted.blkDev = "/dev/vda3";
+          encrypted.label = "crypt";
+          encrypted.keyFile = "/mnt-root/keyfile";
+        };
+      '';
+    };
+
+
   swraid = makeInstallerTest "swraid"
     { createPartitions =
         ''

From aac784f356b593ff487a203e490dc70a82c377c2 Mon Sep 17 00:00:00 2001
From: Tim Steinbach <tim@nequissimus.com>
Date: Tue, 14 Nov 2017 08:39:19 -0500
Subject: [PATCH 02/23] minikube: Use localkube

---
 .../networking/cluster/minikube/default.nix   |  4 ++++
 .../cluster/minikube/localkube.patch          | 20 +++++++++++++++++++
 2 files changed, 24 insertions(+)
 create mode 100644 pkgs/applications/networking/cluster/minikube/localkube.patch

diff --git a/pkgs/applications/networking/cluster/minikube/default.nix b/pkgs/applications/networking/cluster/minikube/default.nix
index 00ee3a3771eb..e8138713bae5 100644
--- a/pkgs/applications/networking/cluster/minikube/default.nix
+++ b/pkgs/applications/networking/cluster/minikube/default.nix
@@ -34,6 +34,10 @@ in buildGoPackage rec {
     sha256 = "1f7kjn26y7knmab5avj8spb40ny1y0jix5j5p0dqfjvg9climl0h";
   };
 
+  patches = [
+    ./localkube.patch
+  ];
+
   # kubernetes is here only to shut up a loud warning when generating the completions below. minikube checks very eagerly
   # that kubectl is on the $PATH, even if it doesn't use it at all to generate the completions
   buildInputs = [ go-bindata makeWrapper kubernetes gpgme ];
diff --git a/pkgs/applications/networking/cluster/minikube/localkube.patch b/pkgs/applications/networking/cluster/minikube/localkube.patch
new file mode 100644
index 000000000000..08ec85813a3e
--- /dev/null
+++ b/pkgs/applications/networking/cluster/minikube/localkube.patch
@@ -0,0 +1,20 @@
+diff --git a/pkg/minikube/bootstrapper/localkube/localkube.go b/pkg/minikube/bootstrapper/localkube/localkube.go
+index 1c4b5000..c9f120d4 100644
+--- a/pkg/minikube/bootstrapper/localkube/localkube.go
++++ b/pkg/minikube/bootstrapper/localkube/localkube.go
+@@ -113,14 +113,9 @@ func (lk *LocalkubeBootstrapper) UpdateCluster(config bootstrapper.KubernetesCon
+
+ 	copyableFiles := []assets.CopyableFile{}
+ 	var localkubeFile assets.CopyableFile
+-	var err error
+
+ 	//add url/file/bundled localkube to file list
+-	lCacher := localkubeCacher{config}
+-	localkubeFile, err = lCacher.fetchLocalkubeFromURI()
+-	if err != nil {
+-		return errors.Wrap(err, "Error updating localkube from uri")
+-	}
++	localkubeFile = assets.NewBinDataAsset("out/localkube", "/", "localkube", "0777")
+ 	copyableFiles = append(copyableFiles, localkubeFile)
+
+ 	// user added files

From 170f5c7543bc2489c5a4580955220b38eed9f6ec Mon Sep 17 00:00:00 2001
From: Tim Steinbach <tim@nequissimus.com>
Date: Sat, 18 Nov 2017 17:33:40 -0500
Subject: [PATCH 03/23] linux-beagleboard: 4.9.59-r73 -> 4.9.61-r76

---
 pkgs/os-specific/linux/kernel/linux-beagleboard.nix | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/pkgs/os-specific/linux/kernel/linux-beagleboard.nix b/pkgs/os-specific/linux/kernel/linux-beagleboard.nix
index b0d9f04efc84..33885a082d63 100644
--- a/pkgs/os-specific/linux/kernel/linux-beagleboard.nix
+++ b/pkgs/os-specific/linux/kernel/linux-beagleboard.nix
@@ -1,8 +1,8 @@
 { stdenv, hostPlatform, fetchFromGitHub, perl, buildLinux, ... } @ args:
 
 let
-  modDirVersion = "4.9.59";
-  tag = "r73";
+  modDirVersion = "4.9.61";
+  tag = "r76";
 in
 import ./generic.nix (args // rec {
   version = "${modDirVersion}-ti-${tag}";
@@ -12,7 +12,7 @@ import ./generic.nix (args // rec {
     owner = "beagleboard";
     repo = "linux";
     rev = "${version}";
-    sha256 = "1kzbbaqmzgvfls1v9jir2ck9vcdd774mq474vhr5x6dqjnnb5kg9";
+    sha256 = "0hcz4fwjyic42mrn8qsvzm4jq1g5k51awjj3d2das7k8frjalaby";
   };
 
   kernelPatches = args.kernelPatches;

From 86e161ff474c97021f146e048593596905e04b96 Mon Sep 17 00:00:00 2001
From: Ruben Maher <r@rkm.id.au>
Date: Sun, 19 Nov 2017 09:45:52 +1030
Subject: [PATCH 04/23] nixos/matrix-synapse: make home directory configurable

---
 .../modules/services/misc/matrix-synapse.nix  | 26 ++++++++++++-------
 1 file changed, 17 insertions(+), 9 deletions(-)

diff --git a/nixos/modules/services/misc/matrix-synapse.nix b/nixos/modules/services/misc/matrix-synapse.nix
index a3ec0ea59f8f..9b25d2d15bcc 100644
--- a/nixos/modules/services/misc/matrix-synapse.nix
+++ b/nixos/modules/services/misc/matrix-synapse.nix
@@ -44,7 +44,7 @@ database: {
 }
 event_cache_size: "${cfg.event_cache_size}"
 verbose: ${cfg.verbose}
-log_file: "/var/log/matrix-synapse/homeserver.log"
+log_file: "${cfg.dataDir}/homeserver.log"
 log_config: "${logConfigFile}"
 rc_messages_per_second: ${cfg.rc_messages_per_second}
 rc_message_burst_count: ${cfg.rc_message_burst_count}
@@ -53,8 +53,8 @@ federation_rc_sleep_limit: ${cfg.federation_rc_sleep_limit}
 federation_rc_sleep_delay: ${cfg.federation_rc_sleep_delay}
 federation_rc_reject_limit: ${cfg.federation_rc_reject_limit}
 federation_rc_concurrent: ${cfg.federation_rc_concurrent}
-media_store_path: "/var/lib/matrix-synapse/media"
-uploads_path: "/var/lib/matrix-synapse/uploads"
+media_store_path: "${cfg.dataDir}/media"
+uploads_path: "${cfg.dataDir}/uploads"
 max_upload_size: "${cfg.max_upload_size}"
 max_image_pixels: "${cfg.max_image_pixels}"
 dynamic_thumbnails: ${boolToString cfg.dynamic_thumbnails}
@@ -86,7 +86,7 @@ ${optionalString (cfg.macaroon_secret_key != null) ''
 expire_access_token: ${boolToString cfg.expire_access_token}
 enable_metrics: ${boolToString cfg.enable_metrics}
 report_stats: ${boolToString cfg.report_stats}
-signing_key_path: "/var/lib/matrix-synapse/homeserver.signing.key"
+signing_key_path: "${cfg.dataDir}/homeserver.signing.key"
 key_refresh_interval: "${cfg.key_refresh_interval}"
 perspectives:
   servers: {
@@ -348,7 +348,7 @@ in {
       database_args = mkOption {
         type = types.attrs;
         default = {
-          database = "/var/lib/matrix-synapse/homeserver.db";
+          database = "${cfg.dataDir}/homeserver.db";
         };
         description = ''
           Arguments to pass to the engine.
@@ -586,6 +586,14 @@ in {
           A yaml python logging config file
         '';
       };
+      dataDir = mkOption {
+        type = types.str;
+        default = "/var/lib/matrix-synapse";
+        description = ''
+          The directory where matrix-synapse stores its stateful data such as
+          certificates, media and uploads.
+        '';
+      };
     };
   };
 
@@ -593,7 +601,7 @@ in {
     users.extraUsers = [
       { name = "matrix-synapse";
         group = "matrix-synapse";
-        home = "/var/lib/matrix-synapse";
+        home = cfg.dataDir;
         createHome = true;
         shell = "${pkgs.bash}/bin/bash";
         uid = config.ids.uids.matrix-synapse;
@@ -611,16 +619,16 @@ in {
       preStart = ''
         ${cfg.package}/bin/homeserver \
           --config-path ${configFile} \
-          --keys-directory /var/lib/matrix-synapse \
+          --keys-directory ${cfg.dataDir} \
           --generate-keys
       '';
       serviceConfig = {
         Type = "simple";
         User = "matrix-synapse";
         Group = "matrix-synapse";
-        WorkingDirectory = "/var/lib/matrix-synapse";
+        WorkingDirectory = cfg.dataDir;
         PermissionsStartOnly = true;
-        ExecStart = "${cfg.package}/bin/homeserver --config-path ${configFile} --keys-directory /var/lib/matrix-synapse";
+        ExecStart = "${cfg.package}/bin/homeserver --config-path ${configFile} --keys-directory ${cfg.dataDir}";
         Restart = "on-failure";
       };
     };

From c32cf001b330ba70f0d3a8956bc4b0e702740fda Mon Sep 17 00:00:00 2001
From: Jon Banafato <jon@jonafato.com>
Date: Sun, 19 Nov 2017 12:07:44 -0500
Subject: [PATCH 05/23] corebird: 1.7.2 -> 1.7.3

New corebird release supporting 280 character tweet limits and 50
character name limits.
---
 pkgs/applications/networking/corebird/default.nix | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/pkgs/applications/networking/corebird/default.nix b/pkgs/applications/networking/corebird/default.nix
index 94ae656159d8..affcbcc4b3c0 100644
--- a/pkgs/applications/networking/corebird/default.nix
+++ b/pkgs/applications/networking/corebird/default.nix
@@ -3,14 +3,14 @@
 , glib_networking }:
 
 stdenv.mkDerivation rec {
-  version = "1.7.2";
+  version = "1.7.3";
   name = "corebird-${version}";
 
   src = fetchFromGitHub {
     owner = "baedert";
     repo = "corebird";
     rev = version;
-    sha256 = "0mydxxga4h1663xchb3543rk3k8frlmlyy5wz20zh38fpdlkhyf1";
+    sha256 = "1xay22v5j239ppl6ydbj842zpm5v2mg5mcgpy5cjrhhmnbg79fgk";
   };
 
   preConfigure = ''

From 1dd0379ba8a8f3f3fc64e3c8ca67967328e7db18 Mon Sep 17 00:00:00 2001
From: Gleb Peregud <gleber.p@gmail.com>
Date: Sun, 12 Nov 2017 20:18:10 +0100
Subject: [PATCH 06/23] nixos/tests: Add a test for config.users.mutableUsers.

It's in preparation to add an assertion for #4990.
---
 nixos/tests/mutable-users.nix | 39 +++++++++++++++++++++++++++++++++++
 1 file changed, 39 insertions(+)
 create mode 100644 nixos/tests/mutable-users.nix

diff --git a/nixos/tests/mutable-users.nix b/nixos/tests/mutable-users.nix
new file mode 100644
index 000000000000..4f11a4b83669
--- /dev/null
+++ b/nixos/tests/mutable-users.nix
@@ -0,0 +1,39 @@
+# Mutable users tests.
+
+import ./make-test.nix ({ pkgs, ...} : {
+  name = "mutable-users";
+  meta = with pkgs.stdenv.lib.maintainers; {
+    maintainers = [ gleber ];
+  };
+
+  nodes = {
+    machine = { config, lib, pkgs, ... }: {
+      users.mutableUsers = false;
+    };
+    mutable = { config, lib, pkgs, ... }: {
+      users.mutableUsers = true;
+    };
+  };
+
+  testScript = {nodes, ...}: let
+    immutableSystem = nodes.machine.config.system.build.toplevel;
+    mutableSystem = nodes.mutable.config.system.build.toplevel;
+  in ''
+    $machine->start();
+    $machine->waitForUnit("default.target");
+
+    # Machine starts in immutable mode. Add a user and test if reactivating
+    # configuration removes the user.
+    $machine->fail("cat /etc/passwd | grep ^foobar:");
+    $machine->succeed("sudo useradd foobar");
+    $machine->succeed("cat /etc/passwd | grep ^foobar:");
+    $machine->succeed("${immutableSystem}/bin/switch-to-configuration test");
+    $machine->fail("cat /etc/passwd | grep ^foobar:");
+
+    # In immutable mode passwd is not wrapped, while in mutable mode it is
+    # wrapped.
+    $machine->succeed('which passwd | grep /run/current-system/');
+    $machine->succeed("${mutableSystem}/bin/switch-to-configuration test");
+    $machine->succeed('which passwd | grep /run/wrappers/');
+  '';
+})

From cea83021825e6f562a8a5fb33d87a30b9a5b62e2 Mon Sep 17 00:00:00 2001
From: Gleb Peregud <gleber.p@gmail.com>
Date: Sun, 19 Nov 2017 19:20:50 +0100
Subject: [PATCH 07/23] nixos/release: include mutableUsers test to release
 tests.

---
 nixos/release-combined.nix | 1 +
 nixos/release.nix          | 1 +
 2 files changed, 2 insertions(+)

diff --git a/nixos/release-combined.nix b/nixos/release-combined.nix
index 125e6b7050bc..8736e2a5b954 100644
--- a/nixos/release-combined.nix
+++ b/nixos/release-combined.nix
@@ -95,6 +95,7 @@ in rec {
         #(all nixos.tests.lightdm)
         (all nixos.tests.login)
         (all nixos.tests.misc)
+        (all nixos.tests.mutableUsers)
         (all nixos.tests.nat.firewall)
         (all nixos.tests.nat.standalone)
         (all nixos.tests.networking.scripted.loopback)
diff --git a/nixos/release.nix b/nixos/release.nix
index 28eb76d888e4..ba22a3e837eb 100644
--- a/nixos/release.nix
+++ b/nixos/release.nix
@@ -290,6 +290,7 @@ in rec {
   tests.mongodb = callTest tests/mongodb.nix {};
   tests.mumble = callTest tests/mumble.nix {};
   tests.munin = callTest tests/munin.nix {};
+  tests.mutableUsers = callTest tests/mutable-users.nix {};
   tests.mysql = callTest tests/mysql.nix {};
   tests.mysqlBackup = callTest tests/mysql-backup.nix {};
   tests.mysqlReplication = callTest tests/mysql-replication.nix {};

From 2f6148c7433c08c7b32e772f7557fd08d39f48ab Mon Sep 17 00:00:00 2001
From: Gleb Peregud <gleber.p@gmail.com>
Date: Sat, 18 Nov 2017 23:33:24 +0100
Subject: [PATCH 08/23] nixos/system: make switch-to-configuration script pure.

Fixes #28443

Fixed few invocations to `systemctl` to have an absolute path. Additionally add
LOCALE_ARCHIVE so that perl stops spewing warning messages.
---
 .../activation/switch-to-configuration.pl     | 13 +++++++---
 nixos/modules/system/activation/top-level.nix |  2 +-
 nixos/tests/switch-test.nix                   | 25 +++++++++++++++++++
 3 files changed, 36 insertions(+), 4 deletions(-)
 create mode 100644 nixos/tests/switch-test.nix

diff --git a/nixos/modules/system/activation/switch-to-configuration.pl b/nixos/modules/system/activation/switch-to-configuration.pl
index 29cc60b00324..87a4ab2a586d 100644
--- a/nixos/modules/system/activation/switch-to-configuration.pl
+++ b/nixos/modules/system/activation/switch-to-configuration.pl
@@ -16,6 +16,10 @@ my $reloadListFile = "/run/systemd/reload-list";
 
 my $action = shift @ARGV;
 
+if ("@localeArchive@" ne "") {
+    $ENV{LOCALE_ARCHIVE} = "@localeArchive@";
+}
+
 if (!defined $action || ($action ne "switch" && $action ne "boot" && $action ne "test" && $action ne "dry-activate")) {
     print STDERR <<EOF;
 Usage: $0 [switch|boot|test]
@@ -65,7 +69,8 @@ $SIG{PIPE} = "IGNORE";
 sub getActiveUnits {
     # FIXME: use D-Bus or whatever to query this, since parsing the
     # output of list-units is likely to break.
-    my $lines = `LANG= systemctl list-units --full --no-legend`;
+    # Use current version of systemctl binary before daemon is reexeced.
+    my $lines = `LANG= /run/current-system/sw/bin/systemctl list-units --full --no-legend`;
     my $res = {};
     foreach my $line (split '\n', $lines) {
         chomp $line;
@@ -262,7 +267,8 @@ while (my ($unit, $state) = each %{$activePrev}) {
 
 sub pathToUnitName {
     my ($path) = @_;
-    open my $cmd, "-|", "@systemd@/bin/systemd-escape", "--suffix=mount", "-p", $path
+    # Use current version of systemctl binary before daemon is reexeced.
+    open my $cmd, "-|", "/run/current-system/sw/bin/systemd-escape", "--suffix=mount", "-p", $path
         or die "Unable to escape $path!\n";
     my $escaped = join "", <$cmd>;
     chomp $escaped;
@@ -364,7 +370,8 @@ syslog(LOG_NOTICE, "switching to system configuration $out");
 if (scalar (keys %unitsToStop) > 0) {
     print STDERR "stopping the following units: ", join(", ", @unitsToStopFiltered), "\n"
         if scalar @unitsToStopFiltered;
-    system("systemctl", "stop", "--", sort(keys %unitsToStop)); # FIXME: ignore errors?
+    # Use current version of systemctl binary before daemon is reexeced.
+    system("/run/current-system/sw/bin/systemctl", "stop", "--", sort(keys %unitsToStop)); # FIXME: ignore errors?
 }
 
 print STDERR "NOT restarting the following changed units: ", join(", ", sort(keys %unitsToSkip)), "\n"
diff --git a/nixos/modules/system/activation/top-level.nix b/nixos/modules/system/activation/top-level.nix
index 67cb2264e3f3..0c50241f2edf 100644
--- a/nixos/modules/system/activation/top-level.nix
+++ b/nixos/modules/system/activation/top-level.nix
@@ -26,7 +26,6 @@ let
      cloner false config.nesting.children
   ++ cloner true config.nesting.clone;
 
-
   systemBuilder =
     let
       kernelPath = "${config.boot.kernelPackages.kernel}/" +
@@ -83,6 +82,7 @@ let
       done
 
       mkdir $out/bin
+      export localeArchive="${config.i18n.glibcLocales}/lib/locale/locale-archive"
       substituteAll ${./switch-to-configuration.pl} $out/bin/switch-to-configuration
       chmod +x $out/bin/switch-to-configuration
 
diff --git a/nixos/tests/switch-test.nix b/nixos/tests/switch-test.nix
new file mode 100644
index 000000000000..46f2563af8d9
--- /dev/null
+++ b/nixos/tests/switch-test.nix
@@ -0,0 +1,25 @@
+# Test configuration switching.
+
+import ./make-test.nix ({ pkgs, ...} : {
+  name = "switch-test";
+  meta = with pkgs.stdenv.lib.maintainers; {
+    maintainers = [ gleber ];
+  };
+
+  nodes = {
+    machine = { config, lib, pkgs, ... }: {
+      users.mutableUsers = false;
+    };
+    other = { config, lib, pkgs, ... }: {
+      users.mutableUsers = true;
+    };
+  };
+
+  testScript = {nodes, ...}: let
+    originalSystem = nodes.machine.config.system.build.toplevel;
+    otherSystem = nodes.other.config.system.build.toplevel;
+  in ''
+    $machine->succeed("env -i ${originalSystem}/bin/switch-to-configuration test | tee /dev/stderr");
+    $machine->succeed("env -i ${otherSystem}/bin/switch-to-configuration test | tee /dev/stderr");
+  '';
+})

From f8fb6a679e060ae84e9e4ffdb7cb99c51d7f4003 Mon Sep 17 00:00:00 2001
From: Gleb Peregud <gleber.p@gmail.com>
Date: Sun, 19 Nov 2017 19:50:08 +0100
Subject: [PATCH 09/23] nixos/release: add nixos/tests/switch-test.nix to
 tested job

---
 nixos/release-combined.nix | 1 +
 nixos/release.nix          | 1 +
 2 files changed, 2 insertions(+)

diff --git a/nixos/release-combined.nix b/nixos/release-combined.nix
index 125e6b7050bc..e12da703f8d7 100644
--- a/nixos/release-combined.nix
+++ b/nixos/release-combined.nix
@@ -114,6 +114,7 @@ in rec {
         (all nixos.tests.sddm.default)
         (all nixos.tests.simple)
         (all nixos.tests.slim)
+        (all nixos.tests.switchTest)
         (all nixos.tests.udisks2)
         (all nixos.tests.xfce)
 
diff --git a/nixos/release.nix b/nixos/release.nix
index 28eb76d888e4..cad3f96828a1 100644
--- a/nixos/release.nix
+++ b/nixos/release.nix
@@ -327,6 +327,7 @@ in rec {
   tests.slim = callTest tests/slim.nix {};
   tests.smokeping = callTest tests/smokeping.nix {};
   tests.snapper = callTest tests/snapper.nix {};
+  tests.switchTest = callTest tests/switch-test.nix {};
   tests.taskserver = callTest tests/taskserver.nix {};
   tests.tomcat = callTest tests/tomcat.nix {};
   tests.udisks2 = callTest tests/udisks2.nix {};

From bf338ab9ee252b63dfcaa89db9ab7908dcb433a3 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Bj=C3=B8rn=20Forsman?= <bjorn.forsman@gmail.com>
Date: Sun, 19 Nov 2017 22:49:36 +0100
Subject: [PATCH 10/23] nixos: run parted with --script option (2nd)

Ref. 0ff4bb5f875afe8eb208bbabb3f52dc29539d2bc
("nixos: run parted with --script option")
---
 nixos/tests/installer.nix | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/nixos/tests/installer.nix b/nixos/tests/installer.nix
index 8c04b606e481..1fe78feceaaa 100644
--- a/nixos/tests/installer.nix
+++ b/nixos/tests/installer.nix
@@ -307,11 +307,11 @@ in {
     { createPartitions =
         ''
           $machine->succeed(
-              "parted /dev/vda mklabel gpt",
-              "parted -s /dev/vda -- mkpart ESP fat32 1M 50MiB", # /boot
-              "parted -s /dev/vda -- set 1 boot on",
-              "parted -s /dev/vda -- mkpart primary linux-swap 50MiB 1024MiB",
-              "parted -s /dev/vda -- mkpart primary ext2 1024MiB -1MiB", # /
+              "parted --script /dev/vda mklabel gpt",
+              "parted --script /dev/vda -- mkpart ESP fat32 1M 50MiB", # /boot
+              "parted --script /dev/vda -- set 1 boot on",
+              "parted --script /dev/vda -- mkpart primary linux-swap 50MiB 1024MiB",
+              "parted --script /dev/vda -- mkpart primary ext2 1024MiB -1MiB", # /
               "udevadm settle",
               "mkswap /dev/vda2 -L swap",
               "swapon -L swap",

From aedba5c2af3e545ed717e4c66a4bbbaacf9cf44a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Bj=C3=B8rn=20Forsman?= <bjorn.forsman@gmail.com>
Date: Sun, 19 Nov 2017 22:54:35 +0100
Subject: [PATCH 11/23] nixos: run parted with --script option (3rd)

Doh, should have included this in previous commit.

Ref. 0ff4bb5f875afe8eb208bbabb3f52dc29539d2bc
("nixos: run parted with --script option").
---
 nixos/tests/installer.nix | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/nixos/tests/installer.nix b/nixos/tests/installer.nix
index 1fe78feceaaa..6c7fd6c575bf 100644
--- a/nixos/tests/installer.nix
+++ b/nixos/tests/installer.nix
@@ -467,11 +467,11 @@ in {
   filesystemEncryptedWithKeyfile = makeInstallerTest "filesystemEncryptedWithKeyfile"
     { createPartitions = ''
        $machine->succeed(
-          "parted /dev/vda mklabel msdos",
-          "parted /dev/vda -- mkpart primary ext2 1M 50MB", # /boot
-          "parted /dev/vda -- mkpart primary linux-swap 50M 1024M",
-          "parted /dev/vda -- mkpart primary 1024M 1280M", # LUKS with keyfile
-          "parted /dev/vda -- mkpart primary 1280M -1s",
+          "parted --script /dev/vda mklabel msdos",
+          "parted --script /dev/vda -- mkpart primary ext2 1M 50MB", # /boot
+          "parted --script /dev/vda -- mkpart primary linux-swap 50M 1024M",
+          "parted --script /dev/vda -- mkpart primary 1024M 1280M", # LUKS with keyfile
+          "parted --script /dev/vda -- mkpart primary 1280M -1s",
           "udevadm settle",
           "mkswap /dev/vda2 -L swap",
           "swapon -L swap",

From 50777e5702dd8c8b962f973b02a62695d2fa20f4 Mon Sep 17 00:00:00 2001
From: Ruben Maher <ruben@maher.fyi>
Date: Mon, 20 Nov 2017 09:29:45 +1030
Subject: [PATCH 12/23] nixos/matrix-synapse: remove unused log_file config

---
 nixos/modules/services/misc/matrix-synapse.nix | 1 -
 1 file changed, 1 deletion(-)

diff --git a/nixos/modules/services/misc/matrix-synapse.nix b/nixos/modules/services/misc/matrix-synapse.nix
index 9b25d2d15bcc..11463cf4500a 100644
--- a/nixos/modules/services/misc/matrix-synapse.nix
+++ b/nixos/modules/services/misc/matrix-synapse.nix
@@ -44,7 +44,6 @@ database: {
 }
 event_cache_size: "${cfg.event_cache_size}"
 verbose: ${cfg.verbose}
-log_file: "${cfg.dataDir}/homeserver.log"
 log_config: "${logConfigFile}"
 rc_messages_per_second: ${cfg.rc_messages_per_second}
 rc_message_burst_count: ${cfg.rc_message_burst_count}

From 1be0330c813c0e764f9a3db59653c3b9539665c3 Mon Sep 17 00:00:00 2001
From: Andreas Rammhold <andreas@rammhold.de>
Date: Mon, 20 Nov 2017 00:12:32 +0100
Subject: [PATCH 13/23] XMLLibXML: 2.0129 -> 2.0132 fixes failing tests &
 CVE-2017-10672

Issue is described in the cpan RT [1]. Patch was submitted via a GitHub PR
[2].

[1] https://rt.cpan.org/Public/Bug/Display.html?id=122958
[2] https://github.com/shlomif/perl-XML-LibXML/pull/8
---
 pkgs/top-level/perl-packages.nix | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/pkgs/top-level/perl-packages.nix b/pkgs/top-level/perl-packages.nix
index dc369d54782a..cf66739242a6 100644
--- a/pkgs/top-level/perl-packages.nix
+++ b/pkgs/top-level/perl-packages.nix
@@ -15879,10 +15879,10 @@ let self = _self // overrides; _self = with self; {
   };
 
   XMLLibXML = buildPerlPackage rec {
-    name = "XML-LibXML-2.0129";
+    name = "XML-LibXML-2.0132";
     src = fetchurl {
       url = "mirror://cpan/authors/id/S/SH/SHLOMIF/${name}.tar.gz";
-      sha256 = "0rmk6vysfgcn8434wyydd56midgshly37wx7c50ch038l2djd82w";
+      sha256 = "0xnl281hb590i287fxpl947f1s4zl9dnvc4ajvsqi89w23im453j";
     };
     SKIP_SAX_INSTALL = 1;
     buildInputs = [ pkgs.libxml2 ];
@@ -15890,7 +15890,7 @@ let self = _self // overrides; _self = with self; {
 
     # https://rt.cpan.org/Public/Bug/Display.html?id=122958
     preCheck = ''
-      rm t/32xpc_variables.t t/48_reader_undef_warning_on_empty_str_rt106830.t
+      rm t/32xpc_variables.t
     '';
   };
 

From fd565ced04c14eee3446dcbcf93682d9bf8785ca Mon Sep 17 00:00:00 2001
From: Peter Hoeg <peter@hoeg.com>
Date: Mon, 20 Nov 2017 07:26:14 +0800
Subject: [PATCH 14/23] mime_types: rename to mime-types

---
 pkgs/top-level/all-packages.nix | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix
index 7f75d4ef9338..619e08e22ca9 100644
--- a/pkgs/top-level/all-packages.nix
+++ b/pkgs/top-level/all-packages.nix
@@ -13542,7 +13542,7 @@ with pkgs;
 
   shaderc = callPackage ../development/compilers/shaderc { };
 
-  mime_types = callPackage ../data/misc/mime-types { };
+  mime-types = callPackage ../data/misc/mime-types { };
 
   shared_mime_info = callPackage ../data/misc/shared-mime-info { };
 

From f16bd1c72d32bba164d5bee395e576999c4647e3 Mon Sep 17 00:00:00 2001
From: Peter Hoeg <peter@hoeg.com>
Date: Sat, 18 Nov 2017 17:15:20 +0800
Subject: [PATCH 15/23] neomutt: use mime.types from dedicated mime-types
 derivation

The mime.types file shipped with neomutt is pretty basic so we use the one put
together by Gentoo from a dedicated mime-types derivation as it vastly improves
the handling of attachments.
---
 .../networking/mailreaders/neomutt/default.nix             | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/pkgs/applications/networking/mailreaders/neomutt/default.nix b/pkgs/applications/networking/mailreaders/neomutt/default.nix
index e0e2a42c4b5b..f72fdba52f8b 100644
--- a/pkgs/applications/networking/mailreaders/neomutt/default.nix
+++ b/pkgs/applications/networking/mailreaders/neomutt/default.nix
@@ -1,6 +1,6 @@
 { stdenv, fetchFromGitHub, which, autoreconfHook, makeWrapper, writeScript,
 ncurses, perl , cyrus_sasl, gss, gpgme, kerberos, libidn, notmuch, openssl,
-lmdb, libxslt, docbook_xsl, docbook_xml_dtd_42 }:
+lmdb, libxslt, docbook_xsl, docbook_xml_dtd_42, mime-types }:
 
 let
   muttWrapper = writeScript "mutt" ''
@@ -28,6 +28,7 @@ in stdenv.mkDerivation rec {
   buildInputs = [
     cyrus_sasl gss gpgme kerberos libidn ncurses
     notmuch openssl perl lmdb
+    mime-types
   ];
 
   nativeBuildInputs = [
@@ -44,8 +45,9 @@ in stdenv.mkDerivation rec {
     done
 
     # allow neomutt to map attachments to their proper mime.types if specified wrongly
+    # and use a far more comprehensive list than the one shipped with neomutt
     substituteInPlace sendlib.c \
-      --replace /etc/mime.types $out/etc/mime.types
+      --replace /etc/mime.types ${mime-types}/etc/mime.types
   '';
 
   configureFlags = [
@@ -72,7 +74,6 @@ in stdenv.mkDerivation rec {
 
   postInstall = ''
     cp ${muttWrapper} $out/bin/mutt
-    mv $out/share/doc/neomutt/mime.types $out/etc
     wrapProgram "$out/bin/neomutt" --prefix PATH : "$out/lib/neomutt"
   '';
 

From df08fbdf69201e37be45d24cff08aea7b397c026 Mon Sep 17 00:00:00 2001
From: Nick Novitski <code@nicknovitski.com>
Date: Sun, 19 Nov 2017 16:34:02 -0800
Subject: [PATCH 16/23] silver-searcher: move bash completion to
 etc/bash-completion.d/

---
 pkgs/tools/text/silver-searcher/default.nix | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/pkgs/tools/text/silver-searcher/default.nix b/pkgs/tools/text/silver-searcher/default.nix
index 156a8bd8f646..51f78cd0d53d 100644
--- a/pkgs/tools/text/silver-searcher/default.nix
+++ b/pkgs/tools/text/silver-searcher/default.nix
@@ -16,6 +16,12 @@ stdenv.mkDerivation rec {
   nativeBuildInputs = [ autoreconfHook pkgconfig ];
   buildInputs = [ pcre zlib lzma ];
 
+  postInstall = ''
+    mkdir -p $out/etc/bash_completion.d
+    mv $out/share/the_silver_searcher/completions/ag.bashcomp.sh $out/etc/bash_completion.d
+    rm -r $out/share/the_silver_searcher
+  '';
+
   meta = with stdenv.lib; {
     homepage = https://github.com/ggreer/the_silver_searcher/;
     description = "A code-searching tool similar to ack, but faster";

From 09683a0a1952e44295c4ebee5d14a2e26b07ea0d Mon Sep 17 00:00:00 2001
From: adisbladis <adis@blad.is>
Date: Mon, 20 Nov 2017 14:48:40 +0800
Subject: [PATCH 17/23] gstreamer.gst-plugins-bad: Patch openjpeg version

---
 pkgs/development/libraries/gstreamer/bad/default.nix | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/pkgs/development/libraries/gstreamer/bad/default.nix b/pkgs/development/libraries/gstreamer/bad/default.nix
index 2e0e711ce71d..c68c7a50cc48 100644
--- a/pkgs/development/libraries/gstreamer/bad/default.nix
+++ b/pkgs/development/libraries/gstreamer/bad/default.nix
@@ -15,6 +15,12 @@ assert gtkSupport -> gtk3 != null;
 
 let
   inherit (stdenv.lib) optional optionalString;
+
+  # OpenJPEG version is hardcoded in package source
+  openJpegVersion = with stdenv;
+    lib.concatStringsSep "." (lib.lists.take 2
+      (lib.splitString "." (lib.getVersion openjpeg)));
+
 in
 stdenv.mkDerivation rec {
   name = "gst-plugins-bad-1.12.2";
@@ -32,6 +38,10 @@ stdenv.mkDerivation rec {
     platforms   = platforms.linux;
   };
 
+  patchPhase = ''
+    sed -i 's/openjpeg-2.1/openjpeg-${openJpegVersion}/' ext/openjpeg/*
+  '';
+
   src = fetchurl {
     url = "${meta.homepage}/src/gst-plugins-bad/${name}.tar.xz";
     sha256 = "0dwyq03g2m0p16dwx8q5qvjn5x9ia72h21sf87mp97gmwkfpwb4w";

From cce47a6bf5013b2cb146e70fdb2adadbadcdb118 Mon Sep 17 00:00:00 2001
From: Averell Dalton <averell@rxd4.com>
Date: Mon, 20 Nov 2017 06:57:36 +0100
Subject: [PATCH 18/23] nextcloud-client: fix build after qt updates

Probably necessary after restructuring/updates in #31462
---
 .../networking/nextcloud-client/default.nix          |  7 +++++--
 .../networking/nextcloud-client/find-sql.patch       | 12 ++++++++++++
 pkgs/top-level/all-packages.nix                      |  2 +-
 3 files changed, 18 insertions(+), 3 deletions(-)
 create mode 100644 pkgs/applications/networking/nextcloud-client/find-sql.patch

diff --git a/pkgs/applications/networking/nextcloud-client/default.nix b/pkgs/applications/networking/nextcloud-client/default.nix
index 081f765a3e87..652de194a5e7 100644
--- a/pkgs/applications/networking/nextcloud-client/default.nix
+++ b/pkgs/applications/networking/nextcloud-client/default.nix
@@ -1,4 +1,4 @@
-{ stdenv, fetchgit, cmake, pkgconfig, qtbase, qtwebkit, qtkeychain, sqlite
+{ stdenv, fetchgit, cmake, pkgconfig, qtbase, qtwebkit, qtkeychain, qttools, sqlite
 , inotify-tools, withGnomeKeyring ? false, makeWrapper, libgnome_keyring }:
 
 stdenv.mkDerivation rec {
@@ -12,9 +12,12 @@ stdenv.mkDerivation rec {
     fetchSubmodules = true;
   };
 
+  patches = [ ./find-sql.patch ];
+  patchFlags = "-d client -p1";
+
   nativeBuildInputs = [ pkgconfig cmake ];
 
-  buildInputs = [ qtbase qtwebkit qtkeychain sqlite ]
+  buildInputs = [ qtbase qtwebkit qtkeychain qttools sqlite ]
     ++ stdenv.lib.optional stdenv.isLinux inotify-tools
     ++ stdenv.lib.optional withGnomeKeyring makeWrapper;
 
diff --git a/pkgs/applications/networking/nextcloud-client/find-sql.patch b/pkgs/applications/networking/nextcloud-client/find-sql.patch
new file mode 100644
index 000000000000..baf6a4fbf491
--- /dev/null
+++ b/pkgs/applications/networking/nextcloud-client/find-sql.patch
@@ -0,0 +1,12 @@
+diff --git a/cmake/modules/QtVersionAbstraction.cmake b/cmake/modules/QtVersionAbstraction.cmake
+index 5bd853c84..93ddf3cf8 100644
+--- a/cmake/modules/QtVersionAbstraction.cmake
++++ b/cmake/modules/QtVersionAbstraction.cmake
+@@ -17,6 +17,7 @@ if( Qt5Core_FOUND )
+     message(STATUS "Found Qt5 core, checking for further dependencies...")
+     find_package(Qt5Network REQUIRED)
+     find_package(Qt5Xml REQUIRED)
++    find_package(Qt5Sql REQUIRED)
+     find_package(Qt5Concurrent REQUIRED)
+     if(UNIT_TESTING)
+         find_package(Qt5Test REQUIRED)
diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix
index 619e08e22ca9..a3ba2de58d85 100644
--- a/pkgs/top-level/all-packages.nix
+++ b/pkgs/top-level/all-packages.nix
@@ -3561,7 +3561,7 @@ with pkgs;
 
   nextcloud = callPackage ../servers/nextcloud { };
 
-  nextcloud-client = libsForQt56.callPackage ../applications/networking/nextcloud-client { };
+  nextcloud-client = libsForQt5.callPackage ../applications/networking/nextcloud-client { };
 
   nextcloud-news-updater = callPackage ../servers/nextcloud/news-updater.nix { };
 

From ce59d9bece7ab739780dc8548504c2163c3171b6 Mon Sep 17 00:00:00 2001
From: adisbladis <adis@blad.is>
Date: Mon, 20 Nov 2017 15:27:03 +0800
Subject: [PATCH 19/23] mupdf: Patch openjpeg version

---
 pkgs/applications/misc/mupdf/default.nix | 20 ++++++++++++++++----
 1 file changed, 16 insertions(+), 4 deletions(-)

diff --git a/pkgs/applications/misc/mupdf/default.nix b/pkgs/applications/misc/mupdf/default.nix
index b50d99466f89..ca6093644599 100644
--- a/pkgs/applications/misc/mupdf/default.nix
+++ b/pkgs/applications/misc/mupdf/default.nix
@@ -4,7 +4,15 @@
 , enableCurl ? true, curl, openssl
 }:
 
-stdenv.mkDerivation rec {
+let
+
+  # OpenJPEG version is hardcoded in package source
+  openJpegVersion = with stdenv;
+    lib.concatStringsSep "." (lib.lists.take 2
+      (lib.splitString "." (lib.getVersion openjpeg)));
+
+
+in stdenv.mkDerivation rec {
   version = "1.11";
   name = "mupdf-${version}";
 
@@ -16,9 +24,9 @@ stdenv.mkDerivation rec {
   patches = [
     # Compatibility with new openjpeg
     (fetchpatch {
-      name = "mupdf-1.11-openjpeg-2.1.1.patch";
-      url = "https://git.archlinux.org/svntogit/community.git/plain/trunk/0001-mupdf-openjpeg.patch?h=packages/mupdf&id=3d997e7ff2ac20c44856ede22760ba6fbca81a5c";
-      sha256 = "1vr12kpzmmfr8pp3scwfhrm5laqwd58xm6vx971c4y8bxy60b2ig";
+      name = "mupdf-1.11-openjpeg-version.patch";
+      url = "https://git.archlinux.org/svntogit/community.git/plain/trunk/0001-mupdf-openjpeg.patch?h=packages/mupdf&id=c19349f42838e4dca02e564b97e0a5ab3e1b943f";
+      sha256 = "0sx7jq84sr8bj6sg2ahg9cdgqz8dh4w6r0ah2yil8vrsznn4la8r";
     })
 
     (fetchurl {
@@ -58,6 +66,10 @@ stdenv.mkDerivation rec {
     })
   ];
 
+  postPatch = ''
+    sed -i "s/__OPENJPEG__VERSION__/${openJpegVersion}/" source/fitz/load-jpx.c
+  '';
+
   makeFlags = [ "prefix=$(out)" ];
   nativeBuildInputs = [ pkgconfig ];
   buildInputs = [ freetype harfbuzz openjpeg jbig2dec libjpeg ]

From 7c749ba7059efcafe7b596dabbf1a9160c728a82 Mon Sep 17 00:00:00 2001
From: Vincent Laporte <Vincent.Laporte@gmail.com>
Date: Thu, 16 Nov 2017 20:35:32 +0000
Subject: [PATCH 20/23] ocamlPackages.ocaml_gettext: 0.8.7 -> 0.8.8

---
 pkgs/development/ocaml-modules/ocaml-gettext/default.nix | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/pkgs/development/ocaml-modules/ocaml-gettext/default.nix b/pkgs/development/ocaml-modules/ocaml-gettext/default.nix
index a2bbe6960cf7..014525ef2b4e 100644
--- a/pkgs/development/ocaml-modules/ocaml-gettext/default.nix
+++ b/pkgs/development/ocaml-modules/ocaml-gettext/default.nix
@@ -2,11 +2,11 @@
 
 stdenv.mkDerivation rec {
   name = "ocaml${ocaml.version}-gettext-${version}";
-  version = "0.3.7";
+  version = "0.3.8";
 
   src = fetchurl {
-    url = "https://forge.ocamlcore.org/frs/download.php/1678/ocaml-gettext-${version}.tar.gz";
-    sha256 = "1zhvzc9x3j57xf2mzg5rshgp14cb4dsqbnj52jjv1qnja97plyjp";
+    url = "https://forge.ocamlcore.org/frs/download.php/1731/ocaml-gettext-${version}.tar.gz";
+    sha256 = "05wnpxwzzpn2qinah2wb5wzfh5iz8gyf8jyihdbjxc8mk4hf70qv";
   };
 
   propagatedBuildInputs = [ gettext fileutils camomile ];

From c890abba5773e25ab10a7824b2f9c3c5436e62f5 Mon Sep 17 00:00:00 2001
From: Vincent Laporte <Vincent.Laporte@gmail.com>
Date: Mon, 20 Nov 2017 06:49:49 +0000
Subject: [PATCH 21/23] ocamlPackages.rope: 0.5 -> 0.6

---
 .../ocaml-modules/rope/default.nix            | 38 +++++++++++++------
 1 file changed, 27 insertions(+), 11 deletions(-)

diff --git a/pkgs/development/ocaml-modules/rope/default.nix b/pkgs/development/ocaml-modules/rope/default.nix
index a62c321a4e83..dfb8c56c23e8 100644
--- a/pkgs/development/ocaml-modules/rope/default.nix
+++ b/pkgs/development/ocaml-modules/rope/default.nix
@@ -1,18 +1,34 @@
-{ stdenv, fetchzip, ocaml, findlib, ocamlbuild, benchmark }:
+{ stdenv, fetchurl, ocaml, findlib, ocamlbuild, jbuilder, benchmark }:
 
-let version = "0.5"; in
+let param =
+  if stdenv.lib.versionAtLeast ocaml.version "4.03"
+  then {
+    version = "0.6";
+    url = " https://github.com/Chris00/ocaml-rope/releases/download/0.6/rope-0.6.tbz";
+    sha256 = "06pkbnkad2ck50jn59ggwv154yd9vb01abblihvam6p27m4za1pc";
+    buildInputs = [ jbuilder ];
+    extra = {
+      unpackCmd = "tar -xjf $curSrc";
+      buildPhase = "jbuilder build -p rope";
+      inherit (jbuilder) installPhase;
+    };
+  } else {
+    version = "0.5";
+    url = "https://forge.ocamlcore.org/frs/download.php/1156/rope-0.5.tar.gz";
+    sha256 = "05fr2f5ch2rqhyaj06rv5218sbg99p1m9pq5sklk04hpslxig21f";
+    buildInputs = [ ocamlbuild ];
+    extra = { createFindlibDestdir = true; };
+  };
+in
 
-stdenv.mkDerivation {
-  name = "ocaml${ocaml.version}-rope-${version}";
+stdenv.mkDerivation ({
+  name = "ocaml${ocaml.version}-rope-${param.version}";
 
-  src = fetchzip {
-    url = "https://forge.ocamlcore.org/frs/download.php/1156/rope-${version}.tar.gz";
-    sha256 = "1i8kzg19jrapl30mq8m91vy09z0r0dl4bnpw24ga96w8pxqf9qhd";
+  src = fetchurl {
+    inherit (param) url sha256;
   };
 
-  buildInputs = [ ocaml findlib ocamlbuild benchmark ];
-
-  createFindlibDestdir = true;
+  buildInputs = [ ocaml findlib benchmark ] ++ param.buildInputs;
 
   meta = {
     homepage = http://rope.forge.ocamlcore.org/;
@@ -21,4 +37,4 @@ stdenv.mkDerivation {
     license = stdenv.lib.licenses.lgpl21;
     maintainers = with stdenv.lib.maintainers; [ volth ];
   };
-}
+} // param.extra)

From eacab6a15ea74284bc6ee3ff8d91cb29dcb0d94e Mon Sep 17 00:00:00 2001
From: Peter Hoeg <peter@hoeg.com>
Date: Mon, 20 Nov 2017 15:32:53 +0800
Subject: [PATCH 22/23] shairplay: init at 2016-01-01

---
 pkgs/servers/shairplay/default.nix | 35 ++++++++++++++++++++++++++++++
 pkgs/top-level/all-packages.nix    |  2 ++
 2 files changed, 37 insertions(+)
 create mode 100644 pkgs/servers/shairplay/default.nix

diff --git a/pkgs/servers/shairplay/default.nix b/pkgs/servers/shairplay/default.nix
new file mode 100644
index 000000000000..33e2f39280ad
--- /dev/null
+++ b/pkgs/servers/shairplay/default.nix
@@ -0,0 +1,35 @@
+{ stdenv, fetchFromGitHub, autoreconfHook, pkgconfig
+, avahi, libao }:
+
+stdenv.mkDerivation rec {
+  name = "shairplay-${version}";
+  version = "2016-01-01";
+
+  src = fetchFromGitHub {
+    owner  = "juhovh";
+    repo   = "shairplay";
+    rev    = "ce80e005908f41d0e6fde1c4a21e9cb8ee54007b";
+    sha256 = "10b4bmqgf4rf1wszvj066mc42p90968vqrmyqyrdal4k6f8by1r6";
+  };
+
+  nativeBuildInputs = [ autoreconfHook pkgconfig ];
+
+  buildInputs = [ avahi libao ];
+
+  enableParallelBuilding = true;
+
+  # the build will fail without complaining about a reference to /tmp
+  preFixup = ''
+    patchelf \
+      --set-rpath "${stdenv.lib.makeLibraryPath buildInputs}:$out/lib" \
+      $out/bin/shairplay
+  '';
+
+  meta = with stdenv.lib; {
+    inherit (src.meta) homepage;
+    description = "Apple airplay and raop protocol server";
+    license     = licenses.mit;
+    maintainers = with maintainers; [ peterhoeg ];
+    platforms   = platforms.unix;
+  };
+}
diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix
index a3ba2de58d85..c4f7b8a0100a 100644
--- a/pkgs/top-level/all-packages.nix
+++ b/pkgs/top-level/all-packages.nix
@@ -11988,6 +11988,8 @@ with pkgs;
 
   sambaFull = samba4Full;
 
+  shairplay = callPackage ../servers/shairplay { };
+
   shairport-sync = callPackage ../servers/shairport-sync { };
 
   serfdom = callPackage ../servers/serf { };

From 36e67d2beb9d34fb0198999f08630094d7398d9e Mon Sep 17 00:00:00 2001
From: Orivej Desh <orivej@gmx.fr>
Date: Mon, 20 Nov 2017 09:14:36 +0000
Subject: [PATCH 23/23] silver-searcher: patch bash completions location

---
 pkgs/tools/text/silver-searcher/bash-completion.patch | 5 +++++
 pkgs/tools/text/silver-searcher/default.nix           | 8 ++------
 2 files changed, 7 insertions(+), 6 deletions(-)
 create mode 100644 pkgs/tools/text/silver-searcher/bash-completion.patch

diff --git a/pkgs/tools/text/silver-searcher/bash-completion.patch b/pkgs/tools/text/silver-searcher/bash-completion.patch
new file mode 100644
index 000000000000..30e8c72389b7
--- /dev/null
+++ b/pkgs/tools/text/silver-searcher/bash-completion.patch
@@ -0,0 +1,5 @@
+--- a/Makefile.am
++++ b/Makefile.am
+@@ -9 +9 @@
+-bashcompdir = $(pkgdatadir)/completions
++bashcompdir = $(datadir)/bash-completion/completions
diff --git a/pkgs/tools/text/silver-searcher/default.nix b/pkgs/tools/text/silver-searcher/default.nix
index 51f78cd0d53d..fe890c2916d0 100644
--- a/pkgs/tools/text/silver-searcher/default.nix
+++ b/pkgs/tools/text/silver-searcher/default.nix
@@ -11,17 +11,13 @@ stdenv.mkDerivation rec {
     sha256 = "0wcw4kyivb10m9b173183jrj46a0gisd35yqxi1mr9hw5l5dhkpa";
   };
 
+  patches = [ ./bash-completion.patch ];
+
   NIX_LDFLAGS = stdenv.lib.optionalString stdenv.isLinux "-lgcc_s";
 
   nativeBuildInputs = [ autoreconfHook pkgconfig ];
   buildInputs = [ pcre zlib lzma ];
 
-  postInstall = ''
-    mkdir -p $out/etc/bash_completion.d
-    mv $out/share/the_silver_searcher/completions/ag.bashcomp.sh $out/etc/bash_completion.d
-    rm -r $out/share/the_silver_searcher
-  '';
-
   meta = with stdenv.lib; {
     homepage = https://github.com/ggreer/the_silver_searcher/;
     description = "A code-searching tool similar to ack, but faster";