alioth/nixpkgs
3
0
Fork 0
forked from mirrors/nixpkgs
Code Releases Activity

Merge master into staging-next

Browse source
This commit is contained in:
github-actions[bot] 2023-04-21 18:01:26 +00:00 committed by GitHub
parent aac843d611 89d59988a7
commit ca0f3efdbe
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
56 changed files with 4749 additions and 2448 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

17
maintainers/maintainer-list.nix
View file

@ -101,6 +101,13 @@
github = "0xd61";
githubId = 8351869;
};
_0xMRTT = {
email = "0xMRTT@proton.me";
name = "0xMRTT";
github = "0xMRTT";
githubId = 105598867;
matrix = "@0xmrtt:envs.net";
};
_1000101 = {
email = "b1000101@pm.me";
github = "1000101";
@ -11906,6 +11913,16 @@
githubId = 26949935;
name = "Pierce Bartine";
};
pbek = {
email = "patrizio@bekerle.com";
matrix = "@patrizio:bekerle.com";
github = "pbek";
githubId = 1798101;
name = "Patrizio Bekerle";
keys = [{
fingerprint = "E005 48D5 D6AC 812C AAD2 AFFA 9C42 B05E 5913 60DC";
}];
};
pblkt = {
email = "pebblekite@gmail.com";
github = "pblkt";

92
nixos/modules/config/users-groups.nix
View file

@ -428,6 +428,8 @@ let
uidsAreUnique = idsAreUnique (filterAttrs (n: u: u.uid != null) cfg.users) "uid";
gidsAreUnique = idsAreUnique (filterAttrs (n: g: g.gid != null) cfg.groups) "gid";
sdInitrdUidsAreUnique = idsAreUnique (filterAttrs (n: u: u.uid != null) config.boot.initrd.systemd.users) "uid";
sdInitrdGidsAreUnique = idsAreUnique (filterAttrs (n: g: g.gid != null) config.boot.initrd.systemd.groups) "gid";
spec = pkgs.writeText "users-groups.json" (builtins.toJSON {
inherit (cfg) mutableUsers;
@ -534,6 +536,54 @@ in {
WARNING: enabling this can lock you out of your system. Enable this only if you know what are you doing.
'';
};
# systemd initrd
boot.initrd.systemd.users = mkOption {
visible = false;
description = ''
Users to include in initrd.
'';
default = {};
type = types.attrsOf (types.submodule ({ name, ... }: {
options.uid = mkOption {
visible = false;
type = types.int;
description = ''
ID of the user in initrd.
'';
defaultText = literalExpression "config.users.users.\${name}.uid";
default = cfg.users.${name}.uid;
};
options.group = mkOption {
visible = false;
type = types.singleLineStr;
description = ''
Group the user belongs to in initrd.
'';
defaultText = literalExpression "config.users.users.\${name}.group";
default = cfg.users.${name}.group;
};
}));
};
boot.initrd.systemd.groups = mkOption {
visible = false;
description = ''
Groups to include in initrd.
'';
default = {};
type = types.attrsOf (types.submodule ({ name, ... }: {
options.gid = mkOption {
visible = false;
type = types.int;
description = ''
ID of the group in initrd.
'';
defaultText = literalExpression "config.users.groups.\${name}.gid";
default = cfg.groups.${name}.gid;
};
}));
};
};
@ -639,10 +689,52 @@ in {
"/etc/profiles/per-user/$USER"
];
# systemd initrd
boot.initrd.systemd = lib.mkIf config.boot.initrd.systemd.enable {
contents = {
"/etc/passwd".text = ''
${lib.concatStringsSep "\n" (lib.mapAttrsToList (n: { uid, group }: let
g = config.boot.initrd.systemd.groups.${group};
in "${n}:x:${toString uid}:${toString g.gid}::/var/empty:") config.boot.initrd.systemd.users)}
'';
"/etc/group".text = ''
${lib.concatStringsSep "\n" (lib.mapAttrsToList (n: { gid }: "${n}:x:${toString gid}:") config.boot.initrd.systemd.groups)}
'';
};
users = {
root = {};
nobody = {};
};
groups = {
root = {};
nogroup = {};
systemd-journal = {};
tty = {};
dialout = {};
kmem = {};
input = {};
video = {};
render = {};
sgx = {};
audio = {};
video = {};
lp = {};
disk = {};
cdrom = {};
tape = {};
kvm = {};
};
};
assertions = [
{ assertion = !cfg.enforceIdUniqueness || (uidsAreUnique && gidsAreUnique);
message = "UIDs and GIDs must be unique!";
}
{ assertion = !cfg.enforceIdUniqueness || (sdInitrdUidsAreUnique && sdInitrdGidsAreUnique);
message = "systemd initrd UIDs and GIDs must be unique!";
}
{ # If mutableUsers is false, to prevent users creating a
# configuration that locks them out of the system, ensure that
# there is at least one "privileged" account that has a

11
nixos/modules/services/hardware/udev.nix
View file

@ -16,16 +16,6 @@ let
'';
# networkd link files are used early by udev to set up interfaces early.
# This must be done in stage 1 to avoid race conditions between udev and
# network daemons.
# TODO move this into the initrd-network module when it exists
initrdLinkUnits = pkgs.runCommand "initrd-link-units" {} ''
mkdir -p $out
ln -s ${udev}/lib/systemd/network/*.link $out/
${lib.concatMapStringsSep "\n" (file: "ln -s ${file} $out/") (lib.mapAttrsToList (n: v: "${v.unit}/${n}") (lib.filterAttrs (n: _: hasSuffix ".link" n) config.systemd.network.units))}
'';
extraUdevRules = pkgs.writeTextFile {
name = "extra-udev-rules";
text = cfg.extraRules;
@ -398,7 +388,6 @@ in
systemd = config.boot.initrd.systemd.package;
binPackages = config.boot.initrd.services.udev.binPackages ++ [ config.boot.initrd.systemd.contents."/bin".source ];
};
"/etc/systemd/network".source = initrdLinkUnits;
};
# Insert initrd rules
boot.initrd.services.udev.packages = [

21
nixos/modules/services/system/dbus.nix
View file

@ -14,13 +14,17 @@ let
serviceDirectories = cfg.packages;
};
inherit (lib) mkOption mkIf mkMerge types;
inherit (lib) mkOption mkEnableOption mkIf mkMerge types;
in
{
options = {
boot.initrd.systemd.dbus = {
enable = mkEnableOption (lib.mdDoc "dbus in stage 1") // { visible = false; };
};
services.dbus = {
enable = mkOption {
@ -111,6 +115,21 @@ in
];
}
(mkIf config.boot.initrd.systemd.dbus.enable {
boot.initrd.systemd = {
users.messagebus = { };
groups.messagebus = { };
contents."/etc/dbus-1".source = pkgs.makeDBusConf {
inherit (cfg) apparmor;
suidHelper = "/bin/false";
serviceDirectories = [ pkgs.dbus ];
};
packages = [ pkgs.dbus ];
storePaths = [ "${pkgs.dbus}/bin/dbus-daemon" ];
targets.sockets.wants = [ "dbus.socket" ];
};
})
(mkIf (cfg.implementation == "dbus") {
environment.systemPackages = [
pkgs.dbus

4
nixos/modules/services/web-servers/nginx/default.nix
View file

@ -318,7 +318,7 @@ let
listenString = { addr, port, ssl, extraParameters ? [], ... }:
# UDP listener for QUIC transport protocol.
(optionalString (ssl && vhost.quic) "
(optionalString (ssl && vhost.quic) ("
listen ${addr}:${toString port} quic "
+ optionalString vhost.default "default_server "
+ optionalString vhost.reuseport "reuseport "
@ -326,7 +326,7 @@ let
let inCompatibleParameters = [ "ssl" "proxy_protocol" "http2" ];
isCompatibleParameter = param: !(any (p: p == param) inCompatibleParameters);
in filter isCompatibleParameter extraParameters))
+ ";")
+ ";"))
+ "
listen ${addr}:${toString port} "

6
nixos/modules/system/boot/initrd-network.nix
View file

@ -67,11 +67,15 @@ in
boot.initrd.network.flushBeforeStage2 = mkOption {
type = types.bool;
default = true;
default = !config.boot.initrd.systemd.enable;
defaultText = "!config.boot.initrd.systemd.enable";
description = lib.mdDoc ''
Whether to clear the configuration of the interfaces that were set up in
the initrd right before stage 2 takes over. Stage 2 will do the regular network
configuration based on the NixOS networking options.
The default is false when systemd is enabled in initrd,
because the systemd-networkd documentation suggests it.
'';
};

21
nixos/modules/system/boot/initrd-openvpn.nix
View file

@ -51,7 +51,7 @@ in
# Add openvpn and ip binaries to the initrd
# The shared libraries are required for DNS resolution
boot.initrd.extraUtilsCommands = ''
boot.initrd.extraUtilsCommands = mkIf (!config.boot.initrd.systemd.enable) ''
copy_bin_and_libs ${pkgs.openvpn}/bin/openvpn
copy_bin_and_libs ${pkgs.iproute2}/bin/ip
@ -59,18 +59,33 @@ in
cp -pv ${pkgs.glibc}/lib/libnss_dns.so.2 $out/lib
'';
boot.initrd.systemd.storePaths = [
"${pkgs.openvpn}/bin/openvpn"
"${pkgs.iproute2}/bin/ip"
"${pkgs.glibc}/lib/libresolv.so.2"
"${pkgs.glibc}/lib/libnss_dns.so.2"
];
boot.initrd.secrets = {
"/etc/initrd.ovpn" = cfg.configuration;
};
# openvpn --version would exit with 1 instead of 0
boot.initrd.extraUtilsCommandsTest = ''
boot.initrd.extraUtilsCommandsTest = mkIf (!config.boot.initrd.systemd.enable) ''
$out/bin/openvpn --show-gateway
'';
boot.initrd.network.postCommands = ''
boot.initrd.network.postCommands = mkIf (!config.boot.initrd.systemd.enable) ''
openvpn /etc/initrd.ovpn &
'';
boot.initrd.systemd.services.openvpn = {
wantedBy = [ "initrd.target" ];
path = [ pkgs.iproute2 ];
after = [ "network.target" "initrd-nixos-copy-secrets.service" ];
serviceConfig.ExecStart = "${pkgs.openvpn}/bin/openvpn /etc/initrd.ovpn";
serviceConfig.Type = "notify";
};
};
}

64
nixos/modules/system/boot/initrd-ssh.nix
View file

@ -5,6 +5,10 @@ with lib;
let
cfg = config.boot.initrd.network.ssh;
shell = if cfg.shell == null then "/bin/ash" else cfg.shell;
inherit (config.programs.ssh) package;
enabled = let initrd = config.boot.initrd; in (initrd.network.enable || initrd.systemd.network.enable) && cfg.enable;
in
@ -33,8 +37,9 @@ in
};
shell = mkOption {
type = types.str;
default = "/bin/ash";
type = types.nullOr types.str;
default = null;
defaultText = ''"/bin/ash"'';
description = lib.mdDoc ''
Login shell of the remote user. Can be used to limit actions user can do.
'';
@ -119,9 +124,11 @@ in
sshdCfg = config.services.openssh;
sshdConfig = ''
UsePAM no
Port ${toString cfg.port}
PasswordAuthentication no
AuthorizedKeysFile %h/.ssh/authorized_keys %h/.ssh/authorized_keys2 /etc/ssh/authorized_keys.d/%u
ChallengeResponseAuthentication no
${flip concatMapStrings cfg.hostKeys (path: ''
@ -142,7 +149,7 @@ in
${cfg.extraConfig}
'';
in mkIf (config.boot.initrd.network.enable && cfg.enable) {
in mkIf enabled {
assertions = [
{
assertion = cfg.authorizedKeys != [];
@ -157,14 +164,19 @@ in
for instructions.
'';
}
{
assertion = config.boot.initrd.systemd.enable -> cfg.shell == null;
message = "systemd stage 1 does not support boot.initrd.network.ssh.shell";
}
];
boot.initrd.extraUtilsCommands = ''
copy_bin_and_libs ${pkgs.openssh}/bin/sshd
boot.initrd.extraUtilsCommands = mkIf (!config.boot.initrd.systemd.enable) ''
copy_bin_and_libs ${package}/bin/sshd
cp -pv ${pkgs.glibc.out}/lib/libnss_files.so.* $out/lib
'';
boot.initrd.extraUtilsCommandsTest = ''
boot.initrd.extraUtilsCommandsTest = mkIf (!config.boot.initrd.systemd.enable) ''
# sshd requires a host key to check config, so we pass in the test's
tmpkey="$(mktemp initrd-ssh-testkey.XXXXXXXXXX)"
cp "${../../../tests/initrd-network-ssh/ssh_host_ed25519_key}" "$tmpkey"
@ -176,9 +188,9 @@ in
rm "$tmpkey"
'';
boot.initrd.network.postCommands = ''
echo '${cfg.shell}' > /etc/shells
echo 'root:x:0:0:root:/root:${cfg.shell}' > /etc/passwd
boot.initrd.network.postCommands = mkIf (!config.boot.initrd.systemd.enable) ''
echo '${shell}' > /etc/shells
echo 'root:x:0:0:root:/root:${shell}' > /etc/passwd
echo 'sshd:x:1:1:sshd:/var/empty:/bin/nologin' >> /etc/passwd
echo 'passwd: files' > /etc/nsswitch.conf
@ -204,7 +216,7 @@ in
/bin/sshd -e
'';
boot.initrd.postMountCommands = ''
boot.initrd.postMountCommands = mkIf (!config.boot.initrd.systemd.enable) ''
# Stop sshd cleanly before stage 2.
#
# If you want to keep it around to debug post-mount SSH issues,
@ -217,6 +229,38 @@ in
boot.initrd.secrets = listToAttrs
(map (path: nameValuePair (initrdKeyPath path) path) cfg.hostKeys);
# Systemd initrd stuff
boot.initrd.systemd = mkIf config.boot.initrd.systemd.enable {
users.sshd = { uid = 1; group = "sshd"; };
groups.sshd = { gid = 1; };
contents."/etc/ssh/authorized_keys.d/root".text =
concatStringsSep "\n" config.boot.initrd.network.ssh.authorizedKeys;
contents."/etc/ssh/sshd_config".text = sshdConfig;
storePaths = ["${package}/bin/sshd"];
services.sshd = {
description = "SSH Daemon";
wantedBy = ["initrd.target"];
after = ["network.target" "initrd-nixos-copy-secrets.service"];
# Keys from Nix store are world-readable, which sshd doesn't
# like. If this were a real nix store and not the initrd, we
# neither would nor could do this
preStart = flip concatMapStrings cfg.hostKeys (path: ''
/bin/chmod 0600 "${initrdKeyPath path}"
'');
unitConfig.DefaultDependencies = false;
serviceConfig = {
ExecStart = "${package}/bin/sshd -D -f /etc/ssh/sshd_config";
Type = "simple";
KillMode = "process";
Restart = "on-failure";
};
};
};
};
}

168
nixos/modules/system/boot/networkd.nix
View file

@ -6,8 +6,6 @@ with lib;
let
cfg = config.systemd.network;
check = {
global = {
@ -2941,14 +2939,12 @@ let
+ def.extraConfig;
};
unitFiles = listToAttrs (map (name: {
name = "systemd/network/${name}";
mkUnitFiles = prefix: cfg: listToAttrs (map (name: {
name = "${prefix}systemd/network/${name}";
value.source = "${cfg.units.${name}.unit}/${name}";
}) (attrNames cfg.units));
in
{
options = {
commonOptions = {
systemd.network.enable = mkOption {
default = false;
@ -3051,12 +3047,11 @@ in
};
config = mkMerge [
commonConfig = config: let cfg = config.systemd.network; in mkMerge [
# .link units are honored by udev, no matter if systemd-networkd is enabled or not.
{
systemd.network.units = mapAttrs' (n: v: nameValuePair "${n}.link" (linkToUnit n v)) cfg.links;
environment.etc = unitFiles;
systemd.network.wait-online.extraArgs =
[ "--timeout=${toString cfg.wait-online.timeout}" ]
@ -3066,14 +3061,6 @@ in
(mkIf config.systemd.network.enable {
users.users.systemd-network.group = "systemd-network";
systemd.additionalUpstreamSystemUnits = [
"systemd-networkd-wait-online.service"
"systemd-networkd.service"
"systemd-networkd.socket"
];
systemd.network.units = mapAttrs' (n: v: nameValuePair "${n}.netdev" (netdevToUnit n v)) cfg.netdevs
// mapAttrs' (n: v: nameValuePair "${n}.network" (networkToUnit n v)) cfg.networks;
@ -3082,14 +3069,6 @@ in
# networkd.
systemd.sockets.systemd-networkd.wantedBy = [ "sockets.target" ];
systemd.services.systemd-networkd = {
wantedBy = [ "multi-user.target" ];
aliases = [ "dbus-org.freedesktop.network1.service" ];
restartTriggers = map (x: x.source) (attrValues unitFiles) ++ [
config.environment.etc."systemd/networkd.conf".source
];
};
systemd.services.systemd-networkd-wait-online = {
inherit (cfg.wait-online) enable;
wantedBy = [ "network-online.target" ];
@ -3111,8 +3090,37 @@ in
};
};
})
];
stage2Config = let
cfg = config.systemd.network;
unitFiles = mkUnitFiles "" cfg;
in mkMerge [
(commonConfig config)
{ environment.etc = unitFiles; }
(mkIf config.systemd.network.enable {
users.users.systemd-network.group = "systemd-network";
systemd.additionalUpstreamSystemUnits = [
"systemd-networkd-wait-online.service"
"systemd-networkd.service"
"systemd-networkd.socket"
];
environment.etc."systemd/networkd.conf" = renderConfig cfg.config;
systemd.services.systemd-networkd = {
wantedBy = [ "multi-user.target" ];
restartTriggers = map (x: x.source) (attrValues unitFiles) ++ [
config.environment.etc."systemd/networkd.conf".source
];
aliases = [ "dbus-org.freedesktop.network1.service" ];
};
networking.iproute2 = mkIf (cfg.config.addRouteTablesToIPRoute2 && cfg.config.routeTables != { }) {
enable = mkDefault true;
rttablesExtraConfig = ''
@ -3123,6 +3131,116 @@ in
};
services.resolved.enable = mkDefault true;
})
];
stage1Config = let
cfg = config.boot.initrd.systemd.network;
in mkMerge [
(commonConfig config.boot.initrd)
{
systemd.network.enable = mkDefault config.boot.initrd.network.enable;
systemd.contents = mkUnitFiles "/etc/" cfg;
# Networkd link files are used early by udev to set up interfaces early.
# This must be done in stage 1 to avoid race conditions between udev and
# network daemons.
systemd.network.units = lib.filterAttrs (n: _: hasSuffix ".link" n) config.systemd.network.units;
systemd.storePaths = ["${config.boot.initrd.systemd.package}/lib/systemd/network/99-default.link"];
}
(mkIf cfg.enable {
systemd.package = pkgs.systemdStage1Network;
# For networkctl
systemd.dbus.enable = mkDefault true;
systemd.additionalUpstreamUnits = [
"systemd-networkd-wait-online.service"
"systemd-networkd.service"
"systemd-networkd.socket"
"systemd-network-generator.service"
"network-online.target"
"network-pre.target"
"network.target"
"nss-lookup.target"
"nss-user-lookup.target"
"remote-fs-pre.target"
"remote-fs.target"
];
systemd.users.systemd-network = {};
systemd.groups.systemd-network = {};
systemd.contents."/etc/systemd/networkd.conf" = renderConfig cfg.config;
systemd.services.systemd-networkd.wantedBy = [ "initrd.target" ];
systemd.services.systemd-network-generator.wantedBy = [ "sysinit.target" ];
systemd.storePaths = [
"${config.boot.initrd.systemd.package}/lib/systemd/systemd-networkd"
"${config.boot.initrd.systemd.package}/lib/systemd/systemd-networkd-wait-online"
"${config.boot.initrd.systemd.package}/lib/systemd/systemd-network-generator"
];
kernelModules = [ "af_packet" ];
systemd.services.nixos-flush-networkd = mkIf config.boot.initrd.network.flushBeforeStage2 {
description = "Flush Network Configuration";
wantedBy = ["initrd.target"];
after = ["systemd-networkd.service" "dbus.socket" "dbus.service"];
before = ["shutdown.target" "initrd-switch-root.target"];
conflicts = ["shutdown.target" "initrd-switch-root.target"];
unitConfig.DefaultDependencies = false;
serviceConfig = {
# This service does nothing when starting, but brings down
# interfaces when switching root. This is the easiest way to
# ensure proper ordering while stopping. See systemd.unit(5)
# section on Before= and After=. The important part is that
# we are stopped before units we need, like dbus.service,
# and that we are stopped before starting units like
# initrd-switch-root.target
Type = "oneshot";
RemainAfterExit = true;
ExecStart = "/bin/true";
};
# systemd-networkd doesn't bring down interfaces on its own
# when it exits (see: systemd-networkd(8)), so we have to do
# it ourselves. The networkctl command doesn't have a way to
# bring all interfaces down, so we have to iterate over the
# list and filter out unmanaged interfaces to bring them down
# individually.
preStop = ''
networkctl list --full --no-legend | while read _idx link _type _operational setup _; do
[ "$setup" = unmanaged ] && continue
networkctl down "$link"
done
'';
};
})
];
in
{
options = commonOptions // {
boot.initrd = commonOptions;
};
config = mkMerge [
stage2Config
(mkIf config.boot.initrd.systemd.enable {
assertions = [{
assertion = config.boot.initrd.network.udhcpc.extraArgs == [];
message = ''
boot.initrd.network.udhcpc.extraArgs is not supported when
boot.initrd.systemd.enable is enabled
'';
}];
boot.initrd = stage1Config;
})
];
}

3
nixos/modules/system/boot/stage-1.nix
View file

@ -445,7 +445,8 @@ let
) config.boot.initrd.secrets)
}
(cd "$tmp" && find . -print0 | sort -z | bsdtar --uid 0 --gid 0 -cnf - -T - | bsdtar --null -cf - --format=newc @-) | \
# mindepth 1 so that we don't change the mode of /
(cd "$tmp" && find . -mindepth 1 -print0 | sort -z | bsdtar --uid 0 --gid 0 -cnf - -T - | bsdtar --null -cf - --format=newc @-) | \
${compressorExe} ${lib.escapeShellArgs initialRamdisk.compressorArgs} >> "$1"
'';

4
nixos/modules/system/boot/systemd/initrd-secrets.nix
View file

@ -19,13 +19,13 @@
# drop this service, we'd mount the /run tmpfs over the secret, making it
# invisible in stage 2.
script = ''
for secret in $(cd /.initrd-secrets; find . -type f); do
for secret in $(cd /.initrd-secrets; find . -type f -o -type l); do
mkdir -p "$(dirname "/$secret")"
cp "/.initrd-secrets/$secret" "/$secret"
done
'';
unitConfig = {
serviceConfig = {
Type = "oneshot";
RemainAfterExit = true;
};

17
nixos/modules/system/boot/systemd/initrd.nix
View file

@ -72,15 +72,6 @@ let
"systemd-tmpfiles-setup.service"
"timers.target"
"umount.target"
# TODO: Networking
# "network-online.target"
# "network-pre.target"
# "network.target"
# "nss-lookup.target"
# "nss-user-lookup.target"
# "remote-fs-pre.target"
# "remote-fs.target"
] ++ cfg.additionalUpstreamUnits;
upstreamWants = [
@ -378,7 +369,7 @@ in {
"/etc/systemd/system.conf".text = ''
[Manager]
DefaultEnvironment=PATH=/bin:/sbin ${optionalString (isBool cfg.emergencyAccess && cfg.emergencyAccess) "SYSTEMD_SULOGIN_FORCE=1"}
DefaultEnvironment=PATH=/bin:/sbin
${cfg.extraConfig}
ManagerEnvironment=${lib.concatStringsSep " " (lib.mapAttrsToList (n: v: "${n}=${lib.escapeShellArg v}") cfg.managerEnvironment)}
'';
@ -388,8 +379,10 @@ in {
"/etc/modules-load.d/nixos.conf".text = concatStringsSep "\n" config.boot.initrd.kernelModules;
"/etc/passwd".source = "${pkgs.fakeNss}/etc/passwd";
"/etc/shadow".text = "root:${if isBool cfg.emergencyAccess then "!" else cfg.emergencyAccess}:::::::";
# We can use either ! or * to lock the root account in the
# console, but some software like OpenSSH won't even allow you
# to log in with an SSH key if you use ! so we use * instead
"/etc/shadow".text = "root:${if isBool cfg.emergencyAccess then optionalString (!cfg.emergencyAccess) "*" else cfg.emergencyAccess}:::::::";
"/bin".source = "${initrdBinEnv}/bin";
"/sbin".source = "${initrdBinEnv}/sbin";

302
nixos/modules/tasks/network-interfaces-systemd.nix
View file

@ -28,11 +28,164 @@ let
# TODO: warn the user that any address configured on those interfaces will be useless
++ concatMap (i: attrNames (filterAttrs (_: config: config.type != "internal") i.interfaces)) (attrValues cfg.vswitches);
domains = cfg.search ++ (optional (cfg.domain != null) cfg.domain);
genericNetwork = override:
let gateway = optional (cfg.defaultGateway != null && (cfg.defaultGateway.address or "") != "") cfg.defaultGateway.address
++ optional (cfg.defaultGateway6 != null && (cfg.defaultGateway6.address or "") != "") cfg.defaultGateway6.address;
makeGateway = gateway: {
routeConfig = {
Gateway = gateway;
GatewayOnLink = false;
};
};
in optionalAttrs (gateway != [ ]) {
routes = override (map makeGateway gateway);
} // optionalAttrs (domains != [ ]) {
domains = override domains;
};
genericDhcpNetworks = initrd: mkIf cfg.useDHCP {
networks."99-ethernet-default-dhcp" = {
# We want to match physical ethernet interfaces as commonly
# found on laptops, desktops and servers, to provide an
# "out-of-the-box" setup that works for common cases. This
# heuristic isn't perfect (it could match interfaces with
# custom names that _happen_ to start with en or eth), but
# should be good enough to make the common case easy and can
# be overridden on a case-by-case basis using
# higher-priority networks or by disabling useDHCP.
# Type=ether matches veth interfaces as well, and this is
# more likely to result in interfaces being configured to
# use DHCP when they shouldn't.
# When wait-online.anyInterface is enabled, RequiredForOnline really
# means "sufficient for online", so we can enable it.
# Otherwise, don't block the network coming online because of default networks.
matchConfig.Name = ["en*" "eth*"];
DHCP = "yes";
linkConfig.RequiredForOnline =
lib.mkDefault (if initrd
then config.boot.initrd.systemd.network.wait-online.anyInterface
else config.systemd.network.wait-online.anyInterface);
networkConfig.IPv6PrivacyExtensions = "kernel";
};
networks."99-wireless-client-dhcp" = {
# Like above, but this is much more likely to be correct.
matchConfig.WLANInterfaceType = "station";
DHCP = "yes";
linkConfig.RequiredForOnline =
lib.mkDefault config.systemd.network.wait-online.anyInterface;
networkConfig.IPv6PrivacyExtensions = "kernel";
# We also set the route metric to one more than the default
# of 1024, so that Ethernet is preferred if both are
# available.
dhcpV4Config.RouteMetric = 1025;
ipv6AcceptRAConfig.RouteMetric = 1025;
};
};
interfaceNetworks = mkMerge (forEach interfaces (i: {
netdevs = mkIf i.virtual ({
"40-${i.name}" = {
netdevConfig = {
Name = i.name;
Kind = i.virtualType;
};
"${i.virtualType}Config" = optionalAttrs (i.virtualOwner != null) {
User = i.virtualOwner;
};
};
});
networks."40-${i.name}" = mkMerge [ (genericNetwork id) {
name = mkDefault i.name;
DHCP = mkForce (dhcpStr
(if i.useDHCP != null then i.useDHCP else false));
address = forEach (interfaceIps i)
(ip: "${ip.address}/${toString ip.prefixLength}");
routes = forEach (interfaceRoutes i)
(route: {
# Most of these route options have not been tested.
# Please fix or report any mistakes you may find.
routeConfig =
optionalAttrs (route.address != null && route.prefixLength != null) {
Destination = "${route.address}/${toString route.prefixLength}";
} //
optionalAttrs (route.options ? fastopen_no_cookie) {
FastOpenNoCookie = route.options.fastopen_no_cookie;
} //
optionalAttrs (route.via != null) {
Gateway = route.via;
} //
optionalAttrs (route.type != null) {
Type = route.type;
} //
optionalAttrs (route.options ? onlink) {
GatewayOnLink = true;
} //
optionalAttrs (route.options ? initrwnd) {
InitialAdvertisedReceiveWindow = route.options.initrwnd;
} //
optionalAttrs (route.options ? initcwnd) {
InitialCongestionWindow = route.options.initcwnd;
} //
optionalAttrs (route.options ? pref) {
IPv6Preference = route.options.pref;
} //
optionalAttrs (route.options ? mtu) {
MTUBytes = route.options.mtu;
} //
optionalAttrs (route.options ? metric) {
Metric = route.options.metric;
} //
optionalAttrs (route.options ? src) {
PreferredSource = route.options.src;
} //
optionalAttrs (route.options ? protocol) {
Protocol = route.options.protocol;
} //
optionalAttrs (route.options ? quickack) {
QuickAck = route.options.quickack;
} //
optionalAttrs (route.options ? scope) {
Scope = route.options.scope;
} //
optionalAttrs (route.options ? from) {
Source = route.options.from;
} //
optionalAttrs (route.options ? table) {
Table = route.options.table;
} //
optionalAttrs (route.options ? advmss) {
TCPAdvertisedMaximumSegmentSize = route.options.advmss;
} //
optionalAttrs (route.options ? ttl-propagate) {
TTLPropagate = route.options.ttl-propagate == "enabled";
};
});
networkConfig.IPv6PrivacyExtensions = "kernel";
linkConfig = optionalAttrs (i.macAddress != null) {
MACAddress = i.macAddress;
} // optionalAttrs (i.mtu != null) {
MTUBytes = toString i.mtu;
};
}];
}));
in
{
config = mkMerge [
config = mkIf cfg.useNetworkd {
(mkIf config.boot.initrd.network.enable {
# Note this is if initrd.network.enable, not if
# initrd.systemd.network.enable. By setting the latter and not the
# former, the user retains full control over the configuration.
boot.initrd.systemd.network = mkMerge [(genericDhcpNetworks true) interfaceNetworks];
})
(mkIf cfg.useNetworkd {
assertions = [ {
assertion = cfg.defaultGatewayWindowSize == null;
@ -54,149 +207,11 @@ in
networking.dhcpcd.enable = mkDefault false;
systemd.network =
let
domains = cfg.search ++ (optional (cfg.domain != null) cfg.domain);
genericNetwork = override:
let gateway = optional (cfg.defaultGateway != null && (cfg.defaultGateway.address or "") != "") cfg.defaultGateway.address
++ optional (cfg.defaultGateway6 != null && (cfg.defaultGateway6.address or "") != "") cfg.defaultGateway6.address;
makeGateway = gateway: {
routeConfig = {
Gateway = gateway;
GatewayOnLink = false;
};
};
in optionalAttrs (gateway != [ ]) {
routes = override (map makeGateway gateway);
} // optionalAttrs (domains != [ ]) {
domains = override domains;
};
in mkMerge [ {
mkMerge [ {
enable = true;
}
(mkIf cfg.useDHCP {
networks."99-ethernet-default-dhcp" = lib.mkIf cfg.useDHCP {
# We want to match physical ethernet interfaces as commonly
# found on laptops, desktops and servers, to provide an
# "out-of-the-box" setup that works for common cases. This
# heuristic isn't perfect (it could match interfaces with
# custom names that _happen_ to start with en or eth), but
# should be good enough to make the common case easy and can
# be overridden on a case-by-case basis using
# higher-priority networks or by disabling useDHCP.
# Type=ether matches veth interfaces as well, and this is
# more likely to result in interfaces being configured to
# use DHCP when they shouldn't.
# When wait-online.anyInterface is enabled, RequiredForOnline really
# means "sufficient for online", so we can enable it.
# Otherwise, don't block the network coming online because of default networks.
matchConfig.Name = ["en*" "eth*"];
DHCP = "yes";
linkConfig.RequiredForOnline =
lib.mkDefault config.systemd.network.wait-online.anyInterface;
networkConfig.IPv6PrivacyExtensions = "kernel";
};
networks."99-wireless-client-dhcp" = lib.mkIf cfg.useDHCP {
# Like above, but this is much more likely to be correct.
matchConfig.WLANInterfaceType = "station";
DHCP = "yes";
linkConfig.RequiredForOnline =
lib.mkDefault config.systemd.network.wait-online.anyInterface;
networkConfig.IPv6PrivacyExtensions = "kernel";
# We also set the route metric to one more than the default
# of 1024, so that Ethernet is preferred if both are
# available.
dhcpV4Config.RouteMetric = 1025;
ipv6AcceptRAConfig.RouteMetric = 1025;
};
})
(mkMerge (forEach interfaces (i: {
netdevs = mkIf i.virtual ({
"40-${i.name}" = {
netdevConfig = {
Name = i.name;
Kind = i.virtualType;
};
"${i.virtualType}Config" = optionalAttrs (i.virtualOwner != null) {
User = i.virtualOwner;
};
};
});
networks."40-${i.name}" = mkMerge [ (genericNetwork id) {
name = mkDefault i.name;
DHCP = mkForce (dhcpStr
(if i.useDHCP != null then i.useDHCP else false));
address = forEach (interfaceIps i)
(ip: "${ip.address}/${toString ip.prefixLength}");
routes = forEach (interfaceRoutes i)
(route: {
# Most of these route options have not been tested.
# Please fix or report any mistakes you may find.
routeConfig =
optionalAttrs (route.address != null && route.prefixLength != null) {
Destination = "${route.address}/${toString route.prefixLength}";
} //
optionalAttrs (route.options ? fastopen_no_cookie) {
FastOpenNoCookie = route.options.fastopen_no_cookie;
} //
optionalAttrs (route.via != null) {
Gateway = route.via;
} //
optionalAttrs (route.type != null) {
Type = route.type;
} //
optionalAttrs (route.options ? onlink) {
GatewayOnLink = true;
} //
optionalAttrs (route.options ? initrwnd) {
InitialAdvertisedReceiveWindow = route.options.initrwnd;
} //
optionalAttrs (route.options ? initcwnd) {
InitialCongestionWindow = route.options.initcwnd;
} //
optionalAttrs (route.options ? pref) {
IPv6Preference = route.options.pref;
} //
optionalAttrs (route.options ? mtu) {
MTUBytes = route.options.mtu;
} //
optionalAttrs (route.options ? metric) {
Metric = route.options.metric;
} //
optionalAttrs (route.options ? src) {
PreferredSource = route.options.src;
} //
optionalAttrs (route.options ? protocol) {
Protocol = route.options.protocol;
} //
optionalAttrs (route.options ? quickack) {
QuickAck = route.options.quickack;
} //
optionalAttrs (route.options ? scope) {
Scope = route.options.scope;
} //
optionalAttrs (route.options ? from) {
Source = route.options.from;
} //
optionalAttrs (route.options ? table) {
Table = route.options.table;
} //
optionalAttrs (route.options ? advmss) {
TCPAdvertisedMaximumSegmentSize = route.options.advmss;
} //
optionalAttrs (route.options ? ttl-propagate) {
TTLPropagate = route.options.ttl-propagate == "enabled";
};
});
networkConfig.IPv6PrivacyExtensions = "kernel";
linkConfig = optionalAttrs (i.macAddress != null) {
MACAddress = i.macAddress;
} // optionalAttrs (i.mtu != null) {
MTUBytes = toString i.mtu;
};
}];
})))
(genericDhcpNetworks false)
interfaceNetworks
(mkMerge (flip mapAttrsToList cfg.bridges (name: bridge: {
netdevs."40-${name}" = {
netdevConfig = {
@ -437,6 +452,7 @@ in
bindsTo = [ "systemd-networkd.service" ];
};
};
};
})
];
}

2
nixos/modules/virtualisation/qemu-vm.nix
View file

@ -869,6 +869,8 @@ in
boot.initrd.kernelModules = optionals (cfg.useNixStoreImage && !cfg.writableStore) [ "erofs" ];
boot.loader.supportsInitrdSecrets = mkIf (!cfg.useBootLoader) (mkVMOverride false);
boot.initrd.extraUtilsCommands = lib.mkIf (cfg.useDefaultFilesystems && !config.boot.initrd.systemd.enable)
''
# We need mke2fs in the initrd.

3
nixos/tests/all-tests.nix
View file

@ -680,6 +680,9 @@ in {
systemd-initrd-simple = handleTest ./systemd-initrd-simple.nix {};
systemd-initrd-swraid = handleTest ./systemd-initrd-swraid.nix {};
systemd-initrd-vconsole = handleTest ./systemd-initrd-vconsole.nix {};
systemd-initrd-networkd = handleTest ./systemd-initrd-networkd.nix {};
systemd-initrd-networkd-ssh = handleTest ./systemd-initrd-networkd-ssh.nix {};
systemd-initrd-networkd-openvpn = handleTest ./initrd-network-openvpn { systemdStage1 = true; };
systemd-journal = handleTest ./systemd-journal.nix {};
systemd-machinectl = handleTest ./systemd-machinectl.nix {};
systemd-networkd = handleTest ./systemd-networkd.nix {};

4
nixos/tests/ft2-clone.nix
View file

@ -26,9 +26,7 @@ import ./make-test-python.nix ({ pkgs, ... }: {
machine.wait_for_window(r"Fasttracker")
machine.sleep(5)
# One of the few words that actually get recognized
if "Songlen" not in machine.get_screen_text():
raise Exception("Program did not start successfully")
machine.wait_for_text(r"(Songlen|Repstart|Time|About|Nibbles|Help)")
machine.screenshot("screen")
'';
})

20
nixos/tests/initrd-network-openvpn/default.nix
View file

@ -1,3 +1,9 @@
{ system ? builtins.currentSystem
, config ? {}
, pkgs ? import ../.. { inherit system config; }
, systemdStage1 ? false
}:
import ../make-test-python.nix ({ lib, ...}:
{
@ -22,11 +28,12 @@ import ../make-test-python.nix ({ lib, ...}:
minimalboot =
{ ... }:
{
boot.initrd.systemd.enable = systemdStage1;
boot.initrd.network = {
enable = true;
openvpn = {
enable = true;
configuration = "/dev/null";
configuration = builtins.toFile "initrd.ovpn" "";
};
};
};
@ -39,6 +46,17 @@ import ../make-test-python.nix ({ lib, ...}:
virtualisation.vlans = [ 1 ];
boot.initrd = {
systemd.enable = systemdStage1;
systemd.extraBin.nc = "${pkgs.busybox}/bin/nc";
systemd.services.nc = {
requiredBy = ["initrd.target"];
after = ["network.target"];
serviceConfig = {
ExecStart = "/bin/nc -p 1234 -lke /bin/echo TESTVALUE";
Type = "oneshot";
};
};
# This command does not fork to keep the VM in the state where
# only the initramfs is loaded
preLVMCommands =

4
nixos/tests/initrd-network-ssh/default.nix
View file

@ -22,10 +22,6 @@ import ../make-test-python.nix ({ lib, ... }:
hostKeys = [ ./ssh_host_ed25519_key ];
};
};
boot.initrd.extraUtilsCommands = ''
mkdir -p $out/secrets/etc/ssh
cat "${./ssh_host_ed25519_key}" > $out/secrets/etc/ssh/sh_host_ed25519_key
'';
boot.initrd.preLVMCommands = ''
while true; do
if [ -f fnord ]; then

39
nixos/tests/predictable-interface-names.nix
View file

@ -8,25 +8,48 @@ let
testCombinations = pkgs.lib.cartesianProductOfSets {
predictable = [true false];
withNetworkd = [true false];
systemdStage1 = [true false];
};
in pkgs.lib.listToAttrs (builtins.map ({ predictable, withNetworkd }: {
in pkgs.lib.listToAttrs (builtins.map ({ predictable, withNetworkd, systemdStage1 }: {
name = pkgs.lib.optionalString (!predictable) "un" + "predictable"
+ pkgs.lib.optionalString withNetworkd "Networkd";
+ pkgs.lib.optionalString withNetworkd "Networkd"
+ pkgs.lib.optionalString systemdStage1 "SystemdStage1";
value = makeTest {
name = "${pkgs.lib.optionalString (!predictable) "un"}predictableInterfaceNames${pkgs.lib.optionalString withNetworkd "-with-networkd"}";
name = pkgs.lib.optionalString (!predictable) "un" + "predictableInterfaceNames"
+ pkgs.lib.optionalString withNetworkd "-with-networkd"
+ pkgs.lib.optionalString systemdStage1 "-systemd-stage-1";
meta = {};
nodes.machine = { lib, ... }: {
nodes.machine = { lib, ... }: let
script = ''
ip link
if ${lib.optionalString predictable "!"} ip link show eth0; then
echo Success
else
exit 1
fi
'';
in {
networking.usePredictableInterfaceNames = lib.mkForce predictable;
networking.useNetworkd = withNetworkd;
networking.dhcpcd.enable = !withNetworkd;
networking.useDHCP = !withNetworkd;
# Check if predictable interface names are working in stage-1
boot.initrd.postDeviceCommands = ''
ip link
ip link show eth0 ${if predictable then "&&" else "||"} exit 1
'';
boot.initrd.postDeviceCommands = script;
boot.initrd.systemd = lib.mkIf systemdStage1 {
enable = true;
initrdBin = [ pkgs.iproute2 ];
services.systemd-udev-settle.wantedBy = ["initrd.target"];
services.check-interfaces = {
requiredBy = ["initrd.target"];
after = ["systemd-udev-settle.service"];
serviceConfig.Type = "oneshot";
path = [ pkgs.iproute2 ];
inherit script;
};
};
};
testScript = ''

82
nixos/tests/systemd-initrd-networkd-ssh.nix Normal file
View file

@ -0,0 +1,82 @@
import ./make-test-python.nix ({ lib, ... }: {
name = "systemd-initrd-network-ssh";
meta.maintainers = [ lib.maintainers.elvishjerricco ];
nodes = with lib; {
server = { config, pkgs, ... }: {
environment.systemPackages = [pkgs.cryptsetup];
boot.loader.systemd-boot.enable = true;
boot.loader.timeout = 0;
virtualisation = {
emptyDiskImages = [ 4096 ];
useBootLoader = true;
useEFIBoot = true;
};
specialisation.encrypted-root.configuration = {
virtualisation.bootDevice = "/dev/mapper/root";
boot.initrd.luks.devices = lib.mkVMOverride {
root.device = "/dev/vdc";
};
boot.initrd.systemd.enable = true;
boot.initrd.network = {
enable = true;
ssh = {
enable = true;
authorizedKeys = [ (readFile ./initrd-network-ssh/id_ed25519.pub) ];
port = 22;
# Terrible hack so it works with useBootLoader
hostKeys = [ { outPath = "${./initrd-network-ssh/ssh_host_ed25519_key}"; } ];
};
};
};
};
client = { config, ... }: {
environment.etc = {
knownHosts = {
text = concatStrings [
"server,"
"${
toString (head (splitString " " (toString
(elemAt (splitString "\n" config.networking.extraHosts) 2))))
} "
"${readFile ./initrd-network-ssh/ssh_host_ed25519_key.pub}"
];
};
sshKey = {
source = ./initrd-network-ssh/id_ed25519;
mode = "0600";
};
};
};
};
testScript = ''
start_all()
def ssh_is_up(_) -> bool:
status, _ = client.execute("nc -z server 22")
return status == 0
server.wait_for_unit("multi-user.target")
server.succeed(
"echo somepass | cryptsetup luksFormat --type=luks2 /dev/vdc",
"bootctl set-default nixos-generation-1-specialisation-encrypted-root.conf",
"sync",
)
server.shutdown()
server.start()
client.wait_for_unit("network.target")
with client.nested("waiting for SSH server to come up"):
retry(ssh_is_up)
client.succeed(
"echo somepass | ssh -i /etc/sshKey -o UserKnownHostsFile=/etc/knownHosts server 'systemd-tty-ask-password-agent' & exit"
)
server.wait_for_unit("multi-user.target")
server.succeed("mount | grep '/dev/mapper/root on /'")
'';
})

74
nixos/tests/systemd-initrd-networkd.nix Normal file
View file

@ -0,0 +1,74 @@
import ./make-test-python.nix ({ pkgs, lib, ... }: {
name = "systemd-initrd-network";
meta.maintainers = [ lib.maintainers.elvishjerricco ];
nodes = let
mkFlushTest = flush: script: { ... }: {
boot.initrd.systemd.enable = true;
boot.initrd.network = {
enable = true;
flushBeforeStage2 = flush;
};
systemd.services.check-flush = {
requiredBy = ["multi-user.target"];
before = ["network-pre.target" "multi-user.target"];
unitConfig.DefaultDependencies = false;
serviceConfig.Type = "oneshot";
path = [ pkgs.iproute2 pkgs.iputils pkgs.gnugrep ];
inherit script;
};
};
in {
basic = { ... }: {
boot.initrd.network.enable = true;
boot.initrd.systemd = {
enable = true;
# Enable network-online to fail the test in case of timeout
network.wait-online.timeout = 10;
network.wait-online.anyInterface = true;
targets.network-online.requiredBy = [ "initrd.target" ];
services.systemd-networkd-wait-online.requiredBy =
[ "network-online.target" ];
initrdBin = [ pkgs.iproute2 pkgs.iputils pkgs.gnugrep ];
services.check = {
requiredBy = [ "initrd.target" ];
before = [ "initrd.target" ];
after = [ "network-online.target" ];
serviceConfig.Type = "oneshot";
path = [ pkgs.iproute2 pkgs.iputils pkgs.gnugrep ];
script = ''
ip addr | grep 10.0.2.15 || exit 1
ping -c1 10.0.2.2 || exit 1
'';
};
};
};
doFlush = mkFlushTest true ''
if ip addr | grep 10.0.2.15; then
echo "Network configuration survived switch-root; flushBeforeStage2 failed"
exit 1
fi
'';
dontFlush = mkFlushTest false ''
if ! (ip addr | grep 10.0.2.15); then
echo "Network configuration didn't survive switch-root"
exit 1
fi
'';
};
testScript = ''
start_all()
basic.wait_for_unit("multi-user.target")
doFlush.wait_for_unit("multi-user.target")
dontFlush.wait_for_unit("multi-user.target")
# Make sure the systemd-network user was set correctly in initrd
basic.succeed("[ $(stat -c '%U,%G' /run/systemd/netif/links) = systemd-network,systemd-network ]")
basic.succeed("ip addr show >&2")
basic.succeed("ip route show >&2")
'';
})

2
nixos/tests/systemd-initrd-simple.nix
View file

@ -27,6 +27,8 @@ import ./make-test-python.nix ({ lib, pkgs, ... }: {
machine.succeed("[ -e /dev/pts/ptmx ]") # /dev/pts
machine.succeed("[ -e /run/keys ]") # /run/keys
with subtest("groups work"):
machine.fail("journalctl -b 0 | grep 'systemd-udevd.*Unknown group.*ignoring'")
with subtest("growfs works"):
oldAvail = machine.succeed("df --output=avail / | sed 1d")

4
pkgs/applications/audio/ft2-clone/default.nix
View file

@ -13,13 +13,13 @@
stdenv.mkDerivation rec {
pname = "ft2-clone";
version = "1.65";
version = "1.66";
src = fetchFromGitHub {
owner = "8bitbubsy";
repo = "ft2-clone";
rev = "v${version}";
sha256 = "sha256-Jo1qs0d8/o9FWR7jboWCJ7ntawBGTlm7yPzxxUnZLsI=";
sha256 = "sha256-glLgjZFWvz/bJe9R8KTDu4+778dueC9tw3nVKF3xcps=";
};
# Adapt the linux-only CMakeLists to darwin (more reliable than make-macos.sh)

4
pkgs/applications/editors/orbiton/default.nix
View file

@ -4,13 +4,13 @@
buildGoModule rec {
pname = "orbiton";
version = "2.60.5";
version = "2.60.6";
src = fetchFromGitHub {
owner = "xyproto";
repo = "orbiton";
rev = "v${version}";
hash = "sha256-gCE4mrZXLFteZKUPDsAc1hS1I/WTns9I9oZE5bAF7fU=";
hash = "sha256-uDxdv7HlswGsuM4UewZOO45/P9jIOo4bb0T1RrQqtpg=";
};
vendorHash = null;

12
pkgs/applications/editors/vim/plugins/generated.nix
View file

@ -941,6 +941,18 @@ final: prev:
meta.homepage = "https://github.com/max397574/better-escape.nvim/";
};
bigfile-nvim = buildVimPluginFrom2Nix {
pname = "bigfile.nvim";
version = "2022-12-01";
src = fetchFromGitHub {
owner = "LunarVim";
repo = "bigfile.nvim";
rev = "c1bad34ce742b4f360b67ca23c873fef998240fc";
sha256 = "1jgjj0knyizwyvbv9ddg36hcpwbscy4p5fsqwzybnsjgxd32602j";
};
meta.homepage = "https://github.com/LunarVim/bigfile.nvim";
};
bitbake-vim = buildVimPluginFrom2Nix {
pname = "bitbake.vim";
version = "2021-02-06";

11
pkgs/applications/editors/vim/plugins/overrides.nix
View file

@ -850,18 +850,18 @@ self: super: {
sniprun =
let
version = "1.3.0";
version = "1.3.1";
src = fetchFromGitHub {
owner = "michaelb";
repo = "sniprun";
rev = "v${version}";
hash = "sha256-6UDjrrEtOuB+lrCZVBO4BcZm78qwq8YbQcXAdjNbicY=";
hash = "sha256-grrrqvdqoYTBtlU+HLrSQJsAmMA/+OHbuoVvOwHYPnk=";
};
sniprun-bin = rustPlatform.buildRustPackage {
pname = "sniprun-bin";
inherit version src;
cargoSha256 = "sha256-ghXYUgXqXvK9RySG/hQR5zpLsyk6L9Htb/UYgMPyWUk=";
cargoSha256 = "sha256-hmZXYJFIeKgYyhT6mSrmX+7M9GQQHHzliYHjsBoHgOc=";
nativeBuildInputs = [ makeWrapper ];
@ -882,11 +882,6 @@ self: super: {
substituteInPlace lua/sniprun.lua --replace '@sniprun_bin@' ${sniprun-bin}
'';
postInstall = ''
mkdir $out/doc
ln -s $out/docs/sniprun.txt $out/doc/sniprun.txt
'';
propagatedBuildInputs = [ sniprun-bin ];
};

1
pkgs/applications/editors/vim/plugins/vim-plugin-names
View file

@ -77,6 +77,7 @@ https://github.com/jamespwilliams/bat.vim/,HEAD,
https://github.com/vim-scripts/bats.vim/,,
https://github.com/rbgrouleff/bclose.vim/,,
https://github.com/max397574/better-escape.nvim/,,
https://github.com/LunarVim/bigfile.nvim/,,
https://github.com/sblumentritt/bitbake.vim/,,
https://github.com/APZelos/blamer.nvim/,HEAD,
https://github.com/blueballs-theme/blueballs-neovim/,,

4
pkgs/applications/editors/vscode/extensions/default.nix
View file

@ -1079,8 +1079,8 @@ let
mktplcRef = {
name = "prettier-vscode";
publisher = "esbenp";
version = "9.10.4";
sha256 = "sha256-khtyB0Qbm+iuM1GsAaF32YRv1VBTIy7daeCKdgwCIC8=";
version = "9.12.0";
sha256 = "sha256-b7EaYYJNZQBqhyKJ04tytmD9DDRcvA68HTo5JHTr9Fo=";
};
meta = {
changelog = "https://marketplace.visualstudio.com/items/esbenp.prettier-vscode/changelog";

4
pkgs/applications/graphics/mangareader/default.nix
View file

@ -16,13 +16,13 @@
stdenv.mkDerivation rec {
pname = "mangareader";
version = "2.0.4";
version = "2.1.0";
src = fetchFromGitHub {
owner = "g-fb";
repo = pname;
rev = version;
hash = "sha256-j5b2O5OgDRaaxNssknTTgVscudk1+mFlGQN5KE6CwcU=";
hash = "sha256-YZZcp+HS/P/GxWYyOpO35nByJSzv4HahzzrZSVRcCRs=";
};
nativeBuildInputs = [

8
pkgs/applications/misc/calibre/default.nix
View file

@ -32,11 +32,11 @@
stdenv.mkDerivation rec {
pname = "calibre";
version = "6.15.1";
version = "6.16.0";
src = fetchurl {
url = "https://download.calibre-ebook.com/${version}/${pname}-${version}.tar.xz";
hash = "sha256-t9fG1hBlQmDh0i5ezBoqk9C9oliNNF0peKDz1YH7RBo=";
hash = "sha256-2Lhp9PBZ19svq26PoldJ1H8tmt95MwY0l7+g6mPUvFI=";
};
# https://sources.debian.org/patches/calibre/${version}+dfsg-1
@ -48,8 +48,8 @@ stdenv.mkDerivation rec {
hash = "sha256-uL1mSjgCl5ZRLbSuKxJM6XTfvVwog70F7vgKtQzQNEQ=";
})
(fetchpatch {
name = "0006-Hardening-Qt-code.patch";
url = "https://raw.githubusercontent.com/debian-calibre/calibre/debian/${version}-1/debian/patches/0006-Hardening-Qt-code.patch";
name = "0007-Hardening-Qt-code.patch";
url = "https://raw.githubusercontent.com/debian-calibre/calibre/debian/${version}-1/debian/patches/0007-Hardening-Qt-code.patch";
hash = "sha256-9P1kGrQbWAWDzu5EUiQr7TiCPHRWUA8hxPpEvFpK20k=";
})
]

58
pkgs/applications/misc/elastic/default.nix Normal file
View file

@ -0,0 +1,58 @@
{ lib
, stdenv
, fetchFromGitLab
, meson
, ninja
, pkg-config
, vala
, gtk4
, libgee
, libadwaita
, gtksourceview5
, blueprint-compiler
, wrapGAppsHook4
, appstream-glib
, desktop-file-utils
, template-glib
}:
stdenv.mkDerivation rec {
pname = "elastic";
version = "0.1.3";
src = fetchFromGitLab {
domain = "gitlab.gnome.org";
owner = "World";
repo = "elastic";
rev = version;
hash = "sha256-CZ+EeGbCzkeNx4GD+2+n3jYwz/cQStjMV2+wm/JNsYU=";
};
nativeBuildInputs = [
meson
ninja
vala
pkg-config
wrapGAppsHook4
appstream-glib
desktop-file-utils
blueprint-compiler
];
buildInputs = [
gtk4
libadwaita
libgee
gtksourceview5
template-glib
];
meta = with lib; {
description = "Design spring animations";
homepage = "https://gitlab.gnome.org/World/elastic/";
mainProgram = "app.drey.Elastic";
license = licenses.gpl3Plus;
platforms = platforms.unix;
maintainers = with maintainers; [ _0xMRTT ];
};
}

12
pkgs/applications/networking/instant-messengers/zoom-us/default.nix
View file

@ -48,23 +48,23 @@ let
# and often with different versions. We write them on three lines
# like this (rather than using {}) so that the updater script can
# find where to edit them.
versions.aarch64-darwin = "5.14.2.17213";
versions.x86_64-darwin = "5.14.2.17213";
versions.x86_64-linux = "5.14.2.2046";
versions.aarch64-darwin = "5.14.5.17687";
versions.x86_64-darwin = "5.14.5.17687";
versions.x86_64-linux = "5.14.5.2430";
srcs = {
aarch64-darwin = fetchurl {
url = "https://zoom.us/client/${versions.aarch64-darwin}/zoomusInstallerFull.pkg?archType=arm64";
name = "zoomusInstallerFull.pkg";
hash = "sha256-jXSjfPIQepSeG5B/CLBHiCbRP1ceczHt+Mu3KYLonkU=";
hash = "sha256-cklNvp6q/4yGWpLhDbruGiBHgaQrY5wHwhtsVapRxx4=";
};
x86_64-darwin = fetchurl {
url = "https://zoom.us/client/${versions.x86_64-darwin}/zoomusInstallerFull.pkg";
hash = "sha256-F/k9NE2GVzn5etkPWCMX80kkyRzVznsKo3rgtztcYn8=";
hash = "sha256-1w41TGBqUl8lnl08PglQImSV7JM71khlshacxh1oTJo=";
};
x86_64-linux = fetchurl {
url = "https://zoom.us/client/${versions.x86_64-linux}/zoom_x86_64.pkg.tar.xz";
hash = "sha256-k16JlqabzdNC/UXoPWM2yYzs66rOtJvhExHpjVka5M0=";
hash = "sha256-sf7w9P6Gajm8/D7DHo/u5d4kZwjxeJjAE96BUW/e4KE=";
};
};

4
pkgs/applications/networking/mailreaders/evolution/evolution-ews/default.nix
View file

@ -22,11 +22,11 @@
stdenv.mkDerivation rec {
pname = "evolution-ews";
version = "3.48.0";
version = "3.48.1";
src = fetchurl {
url = "mirror://gnome/sources/${pname}/${lib.versions.majorMinor version}/${pname}-${version}.tar.xz";
sha256 = "FmFlu+oUQbuS8qk0jZp97EiCoNMTGc0lZlcdpnd+8t4=";
sha256 = "vqakEdZAHXOqTh3oHUN5LwPAQ54DBZxVSn+YTEptmtg=";
};
patches = [

4
pkgs/applications/networking/mailreaders/evolution/evolution/default.nix
View file

@ -44,11 +44,11 @@
stdenv.mkDerivation rec {
pname = "evolution";
version = "3.48.0";
version = "3.48.1";
src = fetchurl {
url = "mirror://gnome/sources/evolution/${lib.versions.majorMinor version}/${pname}-${version}.tar.xz";
sha256 = "LYRygZWJ6S78zk8tw70STpPTedMwCXj2mpZTxZKmDvY=";
sha256 = "tJpa3u3JGx0yVPAw9affjiYYLjNAzvd3Ecob9FU+5lA=";
};
nativeBuildInputs = [

20
pkgs/applications/networking/p2p/torrential/default.nix
View file

@ -1,4 +1,5 @@
{ lib, stdenv
{ stdenv
, lib
, fetchFromGitHub
, nix-update-script
, desktop-file-utils
@ -7,11 +8,11 @@
, pkg-config
, python3
, vala
, wrapGAppsHook
, wrapGAppsHook4
, curl
, dht
, glib
, gtk3
, gtk4
, libb64
, libevent
, libgee
@ -25,13 +26,13 @@
stdenv.mkDerivation rec {
pname = "torrential";
version = "2.0.1";
version = "3.0.0";
src = fetchFromGitHub {
owner = "davidmhewitt";
repo = "torrential";
rev = version;
sha256 = "sha256-W9Is6l8y5XSlPER2BLlf+cyMPPdEQuaP4xM59VhfDE0=";
sha256 = "sha256-uHc/VNtbhetmGyuhynZH1TvxJscVX17eWO6dzX6Ft3A=";
};
nativeBuildInputs = [
@ -41,14 +42,14 @@ stdenv.mkDerivation rec {
pkg-config
python3
vala
wrapGAppsHook
wrapGAppsHook4
];
buildInputs = [
curl
dht
glib
gtk3
gtk4
libb64
libevent
libgee
@ -57,12 +58,15 @@ stdenv.mkDerivation rec {
libutp
miniupnpc
openssl
pantheon.granite
pantheon.granite7
];
postPatch = ''
chmod +x meson/post_install.py
patchShebangs meson/post_install.py
substituteInPlace meson/post_install.py \
--replace "gtk-update-icon-cache" "gtk4-update-icon-cache"
'';
passthru = {

2
pkgs/applications/office/qownnotes/default.nix
View file

@ -60,7 +60,7 @@ stdenv.mkDerivation {
changelog = "https://www.qownnotes.org/changelog.html";
downloadPage = "https://github.com/pbek/QOwnNotes/releases/tag/v${version}";
license = licenses.gpl2Only;
maintainers = with maintainers; [ totoroot ];
maintainers = with maintainers; [ pbek totoroot ];
platforms = platforms.unix;
};
}

40
pkgs/applications/terminal-emulators/kitty/default.nix
View file

@ -23,21 +23,22 @@
, nixosTests
, go
, buildGoModule
, nix-update-script
}:
with python3Packages;
buildPythonApplication rec {
pname = "kitty";
version = "0.27.1";
version = "0.28.1";
format = "other";
src = fetchFromGitHub {
owner = "kovidgoyal";
repo = "kitty";
rev = "refs/tags/v${version}";
hash = "sha256-/K/5T15kULTQP1FCLnyrKfhlQjIStayutaxLjmHjHes=";
hash = "sha256-pAo+bT10rdQOf9j3imKWCCMFGm8KntUeTQUrEE1wYZc=";
};
vendorHash = "sha256-JLPPNOsoq+ErLhELsX3z3YehYfgp7OGXEXlP3IVcM5k=";
vendorHash = "sha256-vq19exqsEtXhN20mgC5GCpYGm8s9AC6nlfCfG1lUiI8=";
buildInputs = [
harfbuzz
@ -99,16 +100,16 @@ buildPythonApplication rec {
CGO_ENABLED = 0;
GOFLAGS = "-trimpath";
configurePhase = let
goModules = (buildGoModule {
pname = "kitty-go-modules";
inherit src vendorHash version;
}).go-modules;
in ''
go-modules = (buildGoModule {
pname = "kitty-go-modules";
inherit src vendorHash version;
}).go-modules;
configurePhase = ''
export GOCACHE=$TMPDIR/go-cache
export GOPATH="$TMPDIR/go"
export GOPROXY=off
cp -r --reflink=auto ${goModules} vendor
cp -r --reflink=auto ${go-modules} vendor
'';
buildPhase = let
@ -161,6 +162,8 @@ buildPythonApplication rec {
--replace test_ssh_connection_data dont_test_ssh_connection_data
substituteInPlace kitty_tests/fonts.py \
--replace 'class Rendering(BaseTest)' 'class Rendering'
# theme collection test starts an http server
rm tools/themes/collection_test.go
'';
checkPhase = ''
@ -216,19 +219,10 @@ buildPythonApplication rec {
runHook postInstall
'';
# Patch shebangs that Nix can't automatically patch
preFixup =
let
pathComponent = if stdenv.isDarwin then "Applications/kitty.app/Contents/Resources" else "lib";
in
''
substituteInPlace $out/${pathComponent}/kitty/shell-integration/ssh/askpass.py \
--replace '/usr/bin/env -S ' $out/bin/
substituteInPlace $shell_integration/ssh/askpass.py \
--replace '/usr/bin/env -S ' $out/bin/
'';
passthru.tests.test = nixosTests.terminal-emulators.kitty;
passthru = {
updateScript = nix-update-script {};
tests.test = nixosTests.terminal-emulators.kitty;
};
meta = with lib; {
homepage = "https://github.com/kovidgoyal/kitty";

4
pkgs/build-support/kernel/make-initrd-ng.nix
View file

@ -78,14 +78,14 @@ in
STRIP = if strip then "${pkgsBuildHost.binutils.targetPrefix}strip" else null;
}) ''
mkdir ./root
mkdir -p ./root/var/empty
make-initrd-ng "$contentsPath" ./root
mkdir "$out"
(cd root && find * .[^.*] -exec touch -h -d '@1' '{}' +)
for PREP in $prepend; do
cat $PREP >> $out/initrd
done
(cd root && find * .[^.*] -print0 | sort -z | cpio -o -H newc -R +0:+0 --reproducible --null | eval -- $compress >> "$out/initrd")
(cd root && find . -print0 | sort -z | cpio -o -H newc -R +0:+0 --reproducible --null | eval -- $compress >> "$out/initrd")
if [ -n "$makeUInitrd" ]; then
mkimage -A "$uInitrdArch" -O linux -T ramdisk -C "$uInitrdCompression" -d "$out/initrd" $out/initrd.img

4
pkgs/desktops/gnome/apps/cheese/default.nix
View file

@ -33,13 +33,13 @@
stdenv.mkDerivation rec {
pname = "cheese";
version = "44.0";
version = "44.0.1";
outputs = [ "out" "man" "devdoc" ];
src = fetchurl {
url = "mirror://gnome/sources/cheese/${lib.versions.major version}/${pname}-${version}.tar.xz";
sha256 = "3yf/abII9Nz7fYb/YgqT+ThP3G/hBaP0rpO0OO+r9Fw=";
sha256 = "2SJAEnLN1BXCknA+UsazZEZqCyDuHbMgJRZEwoNgb9Q=";
};
nativeBuildInputs = [

4
pkgs/desktops/gnome/core/evolution-data-server/default.nix
View file

@ -50,13 +50,13 @@
stdenv.mkDerivation rec {
pname = "evolution-data-server";
version = "3.48.0";
version = "3.48.1";
outputs = [ "out" "dev" ];
src = fetchurl {
url = "mirror://gnome/sources/evolution-data-server/${lib.versions.majorMinor version}/${pname}-${version}.tar.xz";
sha256 = "DyX3MzHt9TkJvkD0ErKoaTknAydRdhYwPzIt4VcIPDU=";
sha256 = "XOYsHmfyeJNCp/SgNbEC905i7YX2DoGlt/PgQWVATf8=";
};
patches = [

10
pkgs/desktops/gnome/core/evolution-data-server/hardcode-gsettings.patch
View file

@ -128,10 +128,10 @@ index e85a56b..59d3fe2 100644
g_object_unref (settings);
diff --git a/src/addressbook/libedata-book/e-book-meta-backend.c b/src/addressbook/libedata-book/e-book-meta-backend.c
index 127dcd1..5fa62f6 100644
index 4aaabee..dd6ce6d 100644
--- a/src/addressbook/libedata-book/e-book-meta-backend.c
+++ b/src/addressbook/libedata-book/e-book-meta-backend.c
@@ -136,7 +136,18 @@ ebmb_is_power_saver_enabled (void)
@@ -143,7 +143,18 @@ ebmb_is_power_saver_enabled (void)
GSettings *settings;
gboolean enabled = FALSE;
@ -201,10 +201,10 @@ index 5087de1..5c24b87 100644
watcher->priv->default_zone = e_cal_util_copy_timezone (zone);
watcher->priv->timers_enabled = TRUE;
diff --git a/src/calendar/libedata-cal/e-cal-meta-backend.c b/src/calendar/libedata-cal/e-cal-meta-backend.c
index 94a875f..1d2ed92 100644
index cd91f07..79ede04 100644
--- a/src/calendar/libedata-cal/e-cal-meta-backend.c
+++ b/src/calendar/libedata-cal/e-cal-meta-backend.c
@@ -149,7 +149,18 @@ ecmb_is_power_saver_enabled (void)
@@ -156,7 +156,18 @@ ecmb_is_power_saver_enabled (void)
GSettings *settings;
gboolean enabled = FALSE;
@ -298,7 +298,7 @@ index e61160c..b6553a4 100644
G_CALLBACK (mi_user_headers_settings_changed_cb), NULL);
G_UNLOCK (mi_user_headers);
diff --git a/src/camel/providers/imapx/camel-imapx-server.c b/src/camel/providers/imapx/camel-imapx-server.c
index 95918a0..a7fc669 100644
index ce4a58c..2906228 100644
--- a/src/camel/providers/imapx/camel-imapx-server.c
+++ b/src/camel/providers/imapx/camel-imapx-server.c
@@ -5591,7 +5591,18 @@ camel_imapx_server_skip_old_flags_update (CamelStore *store)

4
pkgs/desktops/gnome/core/gnome-terminal/default.nix
View file

@ -29,14 +29,14 @@
stdenv.mkDerivation rec {
pname = "gnome-terminal";
version = "3.48.0";
version = "3.48.1";
src = fetchFromGitLab {
domain = "gitlab.gnome.org";
owner = "GNOME";
repo = "gnome-terminal";
rev = version;
sha256 = "sha256-Co0RnDprY1eJhXdOzs43nniXzpaFtBpnr13StMDw4+8=";
sha256 = "sha256-1t48JRESjAQubOmyK+QOhlp57iE5Ml0cqgy/2wjrLjE=";
};
nativeBuildInputs = [

4
pkgs/desktops/gnome/core/gucharmap/default.nix
View file

@ -45,7 +45,7 @@ let
};
in stdenv.mkDerivation rec {
pname = "gucharmap";
version = "15.0.3";
version = "15.0.4";
outputs = [ "out" "lib" "dev" "devdoc" ];
@ -54,7 +54,7 @@ in stdenv.mkDerivation rec {
owner = "GNOME";
repo = "gucharmap";
rev = version;
sha256 = "sha256-Rdi48IJdiZy8Dt8hQCkQW2VFWBX1P2CtPPfowCcAEq0=";
sha256 = "sha256-lfWIaAr5FGWvDkNLOPe19hVQiFarbYVXwM78jZc5FFk=";
};
strictDeps = true;

4
pkgs/desktops/gnome/games/aisleriot/default.nix
View file

@ -19,14 +19,14 @@
stdenv.mkDerivation rec {
pname = "aisleriot";
version = "3.22.28";
version = "3.22.29";
src = fetchFromGitLab {
domain = "gitlab.gnome.org";
owner = "GNOME";
repo = "aisleriot";
rev = version;
sha256 = "sha256-/yxItJu8He6Zx7hDK5VaApqm9FJ6uK8KHIDj4adwb2Q=";
sha256 = "sha256-U6PQEGZkin2kAh6pjQK/R9mGlcCWMb1aUwN9yt2nxXM=";
};
nativeBuildInputs = [

4
pkgs/development/compilers/crystal/default.nix
View file

@ -274,8 +274,8 @@ rec {
};
crystal_1_8 = generic {
version = "1.8.0";
sha256 = "sha256-oTvBKrfDkrpJg4gaOVrrKWfsqZC+Z9Lp/jt4ye+Iw/M=";
version = "1.8.1";
sha256 = "sha256-t+1vM1m62UftCvfa90Dg6nqt6Zseh/GP/Gc1VfOa4+c=";
binary = binaryCrystal_1_2;
};

4
pkgs/development/libraries/hwloc/default.nix
View file

@ -8,11 +8,11 @@
stdenv.mkDerivation rec {
pname = "hwloc";
version = "2.9.0";
version = "2.9.1";
src = fetchurl {
url = "https://www.open-mpi.org/software/hwloc/v${lib.versions.majorMinor version}/downloads/hwloc-${version}.tar.bz2";
sha256 = "sha256-IHDpY1lqJCG5r47KQ73sET7hEHqvfMtHXU03Z6iFaIc=";
sha256 = "sha256-fMSTGiD+9Ffgkzrz83W+bq+ncD/eIeE3v7loWxQJWZ4=";
};
configureFlags = [

4
pkgs/development/libraries/intel-gmmlib/default.nix
View file

@ -9,13 +9,13 @@
stdenv.mkDerivation rec {
pname = "intel-gmmlib";
version = "22.3.4";
version = "22.3.5";
src = fetchFromGitHub {
owner = "intel";
repo = "gmmlib";
rev = "intel-gmmlib-${version}";
sha256 = "sha256-V8mimy4yB7BO5YdbUh8byN9K6ylQ3lOLynQbXxiOUok=";
sha256 = "sha256-txh0HGtWc39bWesTfyUjG4n560w8iRLyiHec6JA7FJQ=";
};
nativeBuildInputs = [ cmake ];

4
pkgs/development/libraries/vte/default.nix
View file

@ -30,13 +30,13 @@
stdenv.mkDerivation rec {
pname = "vte";
version = "0.72.0";
version = "0.72.1";
outputs = [ "out" "dev" "devdoc" ];
src = fetchurl {
url = "mirror://gnome/sources/${pname}/${lib.versions.majorMinor version}/${pname}-${version}.tar.xz";
sha256 = "sha256-QP6RTWxw2zQXbJInJbbG6hXV88sqm0TFfiAKX5UKZzY=";
sha256 = "sha256-BVT5+I1Wzi14OY/Mf2m8AOU7u8X2lOCuHcr1KG+J1+Q=";
};
patches = [

14
pkgs/development/libraries/xgboost/default.nix
View file

@ -12,7 +12,7 @@
, llvmPackages
, R
, rPackages
}:
}@inputs:
assert ncclSupport -> cudaSupport;
# Disable regular tests when building the R package
@ -22,6 +22,14 @@ assert ncclSupport -> cudaSupport;
# tests.
assert rLibrary -> doCheck != true;
let
# This ensures xgboost gets the correct libstdc++ when
# built with cuda support. This may be removed once
# #226165 rewrites cudaStdenv
inherit (cudaPackages) backendStdenv;
stdenv = if cudaSupport then backendStdenv else inputs.stdenv;
in
stdenv.mkDerivation rec {
pnameBase = "xgboost";
# prefix with r when building the R library
@ -37,14 +45,14 @@ stdenv.mkDerivation rec {
# in \
# rWrapper.override{ packages = [ xgb ]; }"
pname = lib.optionalString rLibrary "r-" + pnameBase;
version = "1.7.4";
version = "1.7.5";
src = fetchFromGitHub {
owner = "dmlc";
repo = pnameBase;
rev = "v${version}";
fetchSubmodules = true;
hash = "sha256-HGS9w4g2+Aw5foKjHK/XQvSCnFHUswhzAsQf6XkdvOI=";
hash = "sha256-IBqtyz40VVHdncibnZQAe5oDsjb5isWBYQ6pGx/zt38=";
};
nativeBuildInputs = [ cmake ]

5940
pkgs/development/node-packages/node-packages.nix generated
View file

File diff suppressed because it is too large Load diff

4
pkgs/development/python-modules/asana/default.nix
View file

@ -10,7 +10,7 @@
buildPythonPackage rec {
pname = "asana";
version = "3.2.0";
version = "3.2.1";
format = "setuptools";
disabled = pythonOlder "3.7";
@ -19,7 +19,7 @@ buildPythonPackage rec {
owner = "asana";
repo = "python-asana";
rev = "refs/tags/v${version}";
hash = "sha256-qxoGi7UByHEuDKsELEjwzf01/JNEiUgUs88536TGFKo=";
hash = "sha256-hvAyKGoNkX3bs7Mz2h7SnOa5T6J88c0YiTR/L8fgfi8=";
};
propagatedBuildInputs = [

4
pkgs/development/python-modules/azure-mgmt-web/default.nix
View file

@ -11,12 +11,12 @@
buildPythonPackage rec {
pname = "azure-mgmt-web";
version = "7.0.0";
version = "7.1.0";
src = fetchPypi {
inherit pname version;
extension = "zip";
hash = "sha256-WvyNgfiliEt6qawqy8Le8eifhxusMkoZbf6YcyY1SBA=";
hash = "sha256-WxbN5+MNwgRmuRH/vEmlcljH7ylYRyxNz2Ev8aAS8Vw=";
};
propagatedBuildInputs = [

3
pkgs/os-specific/linux/libnvme/default.nix
View file

@ -37,7 +37,7 @@ stdenv.mkDerivation rec {
ninja
perl # for kernel-doc
pkg-config
python3
python3.pythonForBuild
swig
];
@ -46,6 +46,7 @@ stdenv.mkDerivation rec {
json_c
openssl
systemd
python3
];
mesonFlags = [

9
pkgs/servers/http/unit/default.nix
View file

@ -1,8 +1,8 @@
{ lib, stdenv, fetchFromGitHub, nixosTests, which
, pcre2
, withPython3 ? true, python3, ncurses
, withPHP80 ? false, php80
, withPHP81 ? true, php81
, withPHP82 ? false, php82
, withPerl534 ? false, perl534
, withPerl536 ? true, perl536
, withPerldevel ? false, perldevel
@ -26,8 +26,8 @@ let
fpmSupport = false;
};
php80-unit = php80.override phpConfig;
php81-unit = php81.override phpConfig;
php82-unit = php82.override phpConfig;
in stdenv.mkDerivation rec {
version = "1.29.1";
@ -44,8 +44,8 @@ in stdenv.mkDerivation rec {
buildInputs = [ pcre2.dev ]
++ optionals withPython3 [ python3 ncurses ]
++ optional withPHP80 php80-unit
++ optional withPHP81 php81-unit
++ optional withPHP82 php82-unit
++ optional withPerl534 perl534
++ optional withPerl536 perl536
++ optional withPerldevel perldevel
@ -64,13 +64,12 @@ in stdenv.mkDerivation rec {
++ optional withDebug "--debug";
# Optionally add the PHP derivations used so they can be addressed in the configs
usedPhp80 = optionals withPHP80 php80-unit;
usedPhp81 = optionals withPHP81 php81-unit;
postConfigure = ''
${optionalString withPython3 "./configure python --module=python3 --config=python3-config --lib-path=${python3}/lib"}
${optionalString withPHP80 "./configure php --module=php80 --config=${php80-unit.unwrapped.dev}/bin/php-config --lib-path=${php80-unit}/lib"}
${optionalString withPHP81 "./configure php --module=php81 --config=${php81-unit.unwrapped.dev}/bin/php-config --lib-path=${php81-unit}/lib"}
${optionalString withPHP82 "./configure php --module=php81 --config=${php82-unit.unwrapped.dev}/bin/php-config --lib-path=${php82-unit}/lib"}
${optionalString withPerl534 "./configure perl --module=perl534 --perl=${perl534}/bin/perl"}
${optionalString withPerl536 "./configure perl --module=perl536 --perl=${perl536}/bin/perl"}
${optionalString withPerldevel "./configure perl --module=perldev --perl=${perldevel}/bin/perl"}

11
pkgs/tools/compression/dtrx/default.nix
View file

@ -21,15 +21,20 @@
python3Packages.buildPythonApplication rec {
pname = "dtrx";
version = "8.4.0";
version = "8.5.0";
src = fetchFromGitHub {
owner = "dtrx-py";
repo = "dtrx";
rev = "refs/tags/${version}";
sha256 = "sha256-G+W0qY8s30cYSmOEy9Kkx+Wr48n7+6FuzL34GvwdKtg=";
sha256 = "sha256-jx2IHa7Ztg8Dbwgm8mSJQKtNpg0sg5axGssBMTAMDI0=";
};
# https://github.com/dtrx-py/dtrx/issues/45
postPatch = ''
sed -i "s/platform==unsupported/# platform==unsupported/" setup.cfg
'';
postInstall =
let
archivers = lib.makeBinPath (
@ -41,7 +46,7 @@ python3Packages.buildPythonApplication rec {
wrapProgram "$out/bin/dtrx" --prefix PATH : "${archivers}"
'';
buildInputs = [ python3Packages.twine ];
nativeBuildInputs = [ python3Packages.invoke ];
meta = with lib; {
description = "Do The Right Extraction: A tool for taking the hassle out of extracting archives";

14
pkgs/top-level/all-packages.nix
View file

@ -7646,6 +7646,8 @@ with pkgs;
texinfo = texinfo6_7; # Uses @setcontentsaftertitlepage, removed in 6.8.
};
elastic = callPackage ../applications/misc/elastic { };
exfat = callPackage ../tools/filesystems/exfat { };
exfatprogs = callPackage ../tools/filesystems/exfatprogs { };
@ -11526,16 +11528,16 @@ with pkgs;
qovery-cli = callPackage ../tools/admin/qovery-cli { };
qownnotes = darwin.apple_sdk_11_0.callPackage ../applications/office/qownnotes {
inherit (libsForQt5) qmake qtbase qtdeclarative qtsvg qttools qtwayland qtwebsockets qtx11extras qtxmlpatterns wrapQtAppsHook;
qownnotes = libsForQt5.callPackage ../applications/office/qownnotes {
stdenv = if stdenv.isDarwin then darwin.apple_sdk_11_0.stdenv else stdenv;
};
qpdf = callPackage ../development/libraries/qpdf { };
qprint = callPackage ../tools/text/qprint { };
qscintilla = darwin.apple_sdk_11_0.callPackage ../development/libraries/qscintilla {
inherit (libsForQt5) qmake qtbase qtmacextras;
qscintilla = libsForQt5.callPackage ../development/libraries/qscintilla {
stdenv = if stdenv.isDarwin then darwin.apple_sdk_11_0.stdenv else stdenv;
};
qscintilla-qt4 = callPackage ../development/libraries/qscintilla-qt4 { };
@ -33264,8 +33266,8 @@ with pkgs;
quantomatic = callPackage ../applications/science/physics/quantomatic { };
quassel = darwin.apple_sdk_11_0.callPackage ../applications/networking/irc/quassel {
inherit (libsForQt5) kconfigwidgets kcoreaddons knotifications knotifyconfig ktextwidgets kwidgetsaddons kxmlgui phonon qtbase qtscript mkDerivation qca-qt5;
quassel = libsForQt5.callPackage ../applications/networking/irc/quassel {
stdenv = if stdenv.isDarwin then darwin.apple_sdk_11_0.stdenv else stdenv;
};
quasselClient = quassel.override {