From 7bb10350378b68153234de887a36160c8e0a804c Mon Sep 17 00:00:00 2001 From: Vladyslav M Date: Fri, 11 Dec 2020 22:53:48 +0200 Subject: [PATCH 01/17] pijul: 1.0.0-alpha.17 -> 1.0.0-alpha.21 --- pkgs/applications/version-management/pijul/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/applications/version-management/pijul/default.nix b/pkgs/applications/version-management/pijul/default.nix index 0f7e2bc9486c..b09267fb9395 100644 --- a/pkgs/applications/version-management/pijul/default.nix +++ b/pkgs/applications/version-management/pijul/default.nix @@ -13,14 +13,14 @@ rustPlatform.buildRustPackage rec { pname = "pijul"; - version = "1.0.0-alpha.17"; + version = "1.0.0-alpha.21"; src = fetchCrate { inherit version pname; - sha256 = "03r383fkqx17sb2c0kz71lbn0rdas7nd9yw7ni5fbmrq8rlk9brv"; + sha256 = "0csa2a8ci6b9vgq57hyz2ng0x8pv1p1ilw72z2b8rrpacdrzb633"; }; - cargoSha256 = "0dfmldklklax8nb3pry0h80kih1k1idfjgaxinxkk1iflcm3cwqn"; + cargoSha256 = "05z5iqs63s6cvaq4sjfxhcg5ka3rwn6ikcjs26jyqcbkp2bd9z88"; cargoBuildFlags = stdenv.lib.optional gitImportSupport "--features=git"; From b991ae0e2811231fe265a13abcc8cee7e5ecbb37 Mon Sep 17 00:00:00 2001 From: Atemu Date: Sat, 12 Dec 2020 10:23:30 +0100 Subject: [PATCH 02/17] nfs-utils: pass native rpcsvc-proto to configureFlag It was passing in the targetPlatform's rpcgen binary which exec format errors of course Co-authored-by: Matthew Bauer --- pkgs/os-specific/linux/nfs-utils/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkgs/os-specific/linux/nfs-utils/default.nix b/pkgs/os-specific/linux/nfs-utils/default.nix index 86b0981c5fa3..63a1a0d8f966 100644 --- a/pkgs/os-specific/linux/nfs-utils/default.nix +++ b/pkgs/os-specific/linux/nfs-utils/default.nix @@ -45,7 +45,7 @@ stdenv.mkDerivation rec { "--with-systemd=${placeholder "out"}/etc/systemd/system" "--enable-libmount-mount" "--with-pluginpath=${placeholder "lib"}/lib/libnfsidmap" # this installs libnfsidmap - "--with-rpcgen=${rpcsvc-proto}/bin/rpcgen" + "--with-rpcgen=${buildPackages.rpcsvc-proto}/bin/rpcgen" ]; patches = lib.optionals stdenv.hostPlatform.isMusl [ From 46224b1e19343f01885b06bd0df07dfac8e32fc4 Mon Sep 17 00:00:00 2001 From: Atemu Date: Sat, 12 Dec 2020 07:24:38 +0100 Subject: [PATCH 03/17] cifs-utils: don't check for AC_FUNC_MALLOC when cross compiling Produces "undefined reference to "rpl_malloc"" and fails the build Apparently it's a runtime check (https://github.com/LLNL/ior/issues/4) --- pkgs/os-specific/linux/cifs-utils/default.nix | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/pkgs/os-specific/linux/cifs-utils/default.nix b/pkgs/os-specific/linux/cifs-utils/default.nix index ad136b811df8..11544d946662 100644 --- a/pkgs/os-specific/linux/cifs-utils/default.nix +++ b/pkgs/os-specific/linux/cifs-utils/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchurl, autoreconfHook, docutils, pkgconfig +{ stdenv, lib, fetchurl, autoreconfHook, docutils, pkgconfig , kerberos, keyutils, pam, talloc }: stdenv.mkDerivation rec { @@ -14,6 +14,12 @@ stdenv.mkDerivation rec { buildInputs = [ kerberos keyutils pam talloc ]; + configureFlags = stdenv.lib.optionals (stdenv.hostPlatform != stdenv.buildPlatform) [ + # AC_FUNC_MALLOC is broken on cross builds. + "ac_cv_func_malloc_0_nonnull=yes" + "ac_cv_func_realloc_0_nonnull=yes" + ]; + makeFlags = [ "root_sbindir=$(out)/sbin" ]; meta = with stdenv.lib; { From 499e366d7b71997b860450cdd541724c64c35eea Mon Sep 17 00:00:00 2001 From: Minijackson Date: Sun, 6 Dec 2020 16:04:16 +0100 Subject: [PATCH 04/17] nixos/tinc: add settings and hostSettings for RFC42-style options --- nixos/modules/services/networking/tinc.nix | 237 +++++++++++++++++++-- 1 file changed, 224 insertions(+), 13 deletions(-) diff --git a/nixos/modules/services/networking/tinc.nix b/nixos/modules/services/networking/tinc.nix index 725bd9bf9403..5fc09fc56a01 100644 --- a/nixos/modules/services/networking/tinc.nix +++ b/nixos/modules/services/networking/tinc.nix @@ -1,13 +1,156 @@ { config, lib, pkgs, ... }: with lib; - let - cfg = config.services.tinc; -in + mkValueString = value: + if value == true then "yes" + else if value == false then "no" + else generators.mkValueStringDefault { } value; + toTincConf = generators.toKeyValue { + listsAsDuplicateKeys = true; + mkKeyValue = generators.mkKeyValueDefault { inherit mkValueString; } "="; + }; + + tincConfType = with types; + let + valueType = oneOf [ bool str int ]; + in + attrsOf (either valueType (listOf valueType)); + + addressSubmodule = { + options = { + address = mkOption { + type = types.str; + description = "The external IP address or hostname where the host can be reached."; + }; + + port = mkOption { + type = types.nullOr types.port; + default = null; + description = '' + The port where the host can be reached. + + If no port is specified, the default Port is used. + ''; + }; + }; + }; + + subnetSubmodule = { + options = { + address = mkOption { + type = types.str; + description = '' + The subnet of this host. + + Subnets can either be single MAC, IPv4 or IPv6 addresses, in which case + a subnet consisting of only that single address is assumed, or they can + be a IPv4 or IPv6 network address with a prefix length. + + IPv4 subnets are notated like 192.168.1.0/24, IPv6 subnets are notated + like fec0:0:0:1::/64. MAC addresses are notated like 0:1a:2b:3c:4d:5e. + + Note that subnets like 192.168.1.1/24 are invalid. + ''; + }; + + prefixLength = mkOption { + type = with types; nullOr (addCheck int (n: n >= 0 && n <= 128)); + default = null; + description = '' + The prefix length of the subnet. + + If null, a subnet consisting of only that single address is assumed. + + This conforms to standard CIDR notation as described in RFC1519. + ''; + }; + + weight = mkOption { + type = types.ints.unsigned; + default = 10; + description = '' + Indicates the priority over identical Subnets owned by different nodes. + + Lower values indicate higher priority. Packets will be sent to the + node with the highest priority, unless that node is not reachable, in + which case the node with the next highest priority will be tried, and + so on. + ''; + }; + }; + }; + + hostSubmodule = { config, ... }: { + options = { + addresses = mkOption { + type = types.listOf (types.submodule addressSubmodule); + default = [ ]; + description = '' + The external address where the host can be reached. This will set this + host's option. + + This variable is only required if you want to connect to this host. + ''; + }; + + subnets = mkOption { + type = types.listOf (types.submodule subnetSubmodule); + default = [ ]; + description = '' + The subnets which this tinc daemon will serve. This will set this + host's option. + + Tinc tries to look up which other daemon it should send a packet to by + searching the appropriate subnet. If the packet matches a subnet, it + will be sent to the daemon who has this subnet in his host + configuration file. + ''; + }; + + rsaPublicKey = mkOption { + type = types.str; + default = ""; + description = '' + Legacy RSA public key of the host in PEM format, including start and + end markers. + + This will be appended as-is in the host's configuration file. + + The ed25519 public key can be specified using the + option instead. + ''; + }; + + settings = mkOption { + default = { }; + type = types.submodule { freeformType = tincConfType; }; + description = '' + Configuration for this host. + + See + for supported values. + ''; + }; + }; + + config.settings = { + Address = mkDefault (map + (address: "${address.address} ${toString address.port}") + config.addresses); + + Subnet = mkDefault (map + (subnet: + if subnet.prefixLength == null then "${subnet.address}#${toString subnet.weight}" + else "${subnet.address}/${toString subnet.prefixLength}#${toString subnet.weight}") + config.subnets); + }; + }; + +in { ###### interface @@ -18,7 +161,7 @@ in networks = mkOption { default = { }; - type = with types; attrsOf (submodule { + type = with types; attrsOf (submodule ({ config, ... }: { options = { extraConfig = mkOption { @@ -26,6 +169,9 @@ in type = types.lines; description = '' Extra lines to add to the tinc service configuration file. + + Note that using the declarative + option is preferred. ''; }; @@ -69,6 +215,40 @@ in hosts = mkOption { default = { }; type = types.attrsOf types.lines; + description = '' + The name of the host in the network as well as the configuration for that host. + This name should only contain alphanumerics and underscores. + + Note that using the declarative + option is preferred. + ''; + }; + + hostSettings = mkOption { + default = { }; + example = literalExample '' + { + host1 = { + addresses = [ + { address = "192.168.1.42"; } + { address = "192.168.1.42"; port = 1655; } + ]; + subnets = [ { address = "10.0.0.42"; } ]; + rsaPublicKey = "..."; + settings = { + Ed25519PublicKey = "..."; + }; + }; + host2 = { + subnets = [ { address = "10.0.1.0"; prefixLength = 24; weight = 2; } ]; + rsaPublicKey = "..."; + settings = { + Compression = 10; + }; + }; + } + ''; + type = types.attrsOf (types.submodule hostSubmodule); description = '' The name of the host in the network as well as the configuration for that host. This name should only contain alphanumerics and underscores. @@ -79,7 +259,7 @@ in default = "tun"; type = types.enum [ "tun" "tap" ]; description = '' - The type of virtual interface used for the network connection + The type of virtual interface used for the network connection. ''; }; @@ -118,8 +298,44 @@ in Note that tinc can't run scripts anymore (such as tinc-down or host-up), unless it is setup to be runnable inside chroot environment. ''; }; + + settings = mkOption { + default = { }; + type = types.submodule { freeformType = tincConfType; }; + example = literalExample '' + { + Interface = "custom.interface"; + DirectOnly = true; + Mode = "switch"; + } + ''; + description = '' + Configuration of the Tinc daemon for this network. + + See + for supported values. + ''; + }; }; - }); + + config = { + hosts = mapAttrs + (hostname: host: '' + ${toTincConf host.settings} + ${host.rsaPublicKey} + '') + config.hostSettings; + + settings = { + DeviceType = mkDefault config.interfaceType; + Name = mkDefault (if config.name == null then "$HOST" else config.name); + Ed25519PrivateKeyFile = mkIf (config.ed25519PrivateKeyFile != null) (mkDefault config.ed25519PrivateKeyFile); + PrivateKeyFile = mkIf (config.rsaPrivateKeyFile != null) (mkDefault config.rsaPrivateKeyFile); + ListenAddress = mkIf (config.listenAddress != null) (mkDefault config.listenAddress); + BindToAddress = mkIf (config.bindToAddress != null) (mkDefault config.bindToAddress); + }; + }; + })); description = '' Defines the tinc networks which will be started. @@ -144,13 +360,7 @@ in "tinc/${network}/tinc.conf" = { mode = "0444"; text = '' - Name = ${if data.name == null then "$HOST" else data.name} - DeviceType = ${data.interfaceType} - ${optionalString (data.ed25519PrivateKeyFile != null) "Ed25519PrivateKeyFile = ${data.ed25519PrivateKeyFile}"} - ${optionalString (data.rsaPrivateKeyFile != null) "PrivateKeyFile = ${data.rsaPrivateKeyFile}"} - ${optionalString (data.listenAddress != null) "ListenAddress = ${data.listenAddress}"} - ${optionalString (data.bindToAddress != null) "BindToAddress = ${data.bindToAddress}"} - Interface = tinc.${network} + ${toTincConf ({ Interface = "tinc.${network}"; } // data.settings)} ${data.extraConfig} ''; }; @@ -221,4 +431,5 @@ in }; + meta.maintainers = with maintainers; [ minijackson ]; } From 6cd975094d9ea1bd39a9bd47307008e31fadfebe Mon Sep 17 00:00:00 2001 From: Minijackson Date: Sun, 6 Dec 2020 16:05:21 +0100 Subject: [PATCH 05/17] nixos/tests/tinc: init with simple test --- nixos/tests/all-tests.nix | 1 + nixos/tests/tinc/default.nix | 139 +++++++++++++++++++++++++ nixos/tests/tinc/snakeoil-keys.nix | 157 +++++++++++++++++++++++++++++ 3 files changed, 297 insertions(+) create mode 100644 nixos/tests/tinc/default.nix create mode 100644 nixos/tests/tinc/snakeoil-keys.nix diff --git a/nixos/tests/all-tests.nix b/nixos/tests/all-tests.nix index c58203cc481f..4bfcdd635005 100644 --- a/nixos/tests/all-tests.nix +++ b/nixos/tests/all-tests.nix @@ -370,6 +370,7 @@ in telegraf = handleTest ./telegraf.nix {}; tiddlywiki = handleTest ./tiddlywiki.nix {}; timezone = handleTest ./timezone.nix {}; + tinc = handleTest ./tinc {}; tinydns = handleTest ./tinydns.nix {}; tor = handleTest ./tor.nix {}; # traefik test relies on docker-containers diff --git a/nixos/tests/tinc/default.nix b/nixos/tests/tinc/default.nix new file mode 100644 index 000000000000..31b675ad35c0 --- /dev/null +++ b/nixos/tests/tinc/default.nix @@ -0,0 +1,139 @@ +import ../make-test-python.nix ({ lib, ... }: + let + snakeoil-keys = import ./snakeoil-keys.nix; + + hosts = lib.attrNames snakeoil-keys; + + subnetOf = name: config: + let + subnets = config.services.tinc.networks.myNetwork.hostSettings.${name}.subnets; + in + (builtins.head subnets).address; + + makeTincHost = name: { subnet, extraConfig ? { } }: lib.mkMerge [ + { + subnets = [{ address = subnet; }]; + settings = { + Ed25519PublicKey = snakeoil-keys.${name}.ed25519Public; + }; + rsaPublicKey = snakeoil-keys.${name}.rsaPublic; + } + extraConfig + ]; + + makeTincNode = { config, ... }: name: extraConfig: lib.mkMerge [ + { + services.tinc.networks.myNetwork = { + inherit name; + rsaPrivateKeyFile = + builtins.toFile "rsa.priv" snakeoil-keys.${name}.rsaPrivate; + ed25519PrivateKeyFile = + builtins.toFile "ed25519.priv" snakeoil-keys.${name}.ed25519Private; + + hostSettings = lib.mapAttrs makeTincHost { + static = { + subnet = "10.0.0.11"; + # Only specify the addresses in the node's vlans, Tinc does not + # seem to try each one, unlike the documentation suggests... + extraConfig.addresses = map + (vlan: { address = "192.168.${toString vlan}.11"; port = 655; }) + config.virtualisation.vlans; + }; + dynamic1 = { subnet = "10.0.0.21"; }; + dynamic2 = { subnet = "10.0.0.22"; }; + }; + }; + + networking.useDHCP = false; + + networking.interfaces."tinc.myNetwork" = { + virtual = true; + virtualType = "tun"; + ipv4.addresses = [{ + address = subnetOf name config; + prefixLength = 24; + }]; + }; + + # Prevents race condition between NixOS service and tinc creating the + # interface. + # See: https://github.com/NixOS/nixpkgs/issues/27070 + systemd.services."tinc.myNetwork" = { + after = [ "network-addresses-tinc.myNetwork.service" ]; + requires = [ "network-addresses-tinc.myNetwork.service" ]; + }; + + networking.firewall.allowedTCPPorts = [ 655 ]; + networking.firewall.allowedUDPPorts = [ 655 ]; + } + extraConfig + ]; + + in + { + name = "tinc"; + meta.maintainers = with lib.maintainers; [ minijackson ]; + + nodes = { + + static = { ... } @ args: + makeTincNode args "static" { + virtualisation.vlans = [ 1 2 ]; + + networking.interfaces.eth1.ipv4.addresses = [{ + address = "192.168.1.11"; + prefixLength = 24; + }]; + + networking.interfaces.eth2.ipv4.addresses = [{ + address = "192.168.2.11"; + prefixLength = 24; + }]; + }; + + + dynamic1 = { ... } @ args: + makeTincNode args "dynamic1" { + virtualisation.vlans = [ 1 ]; + }; + + dynamic2 = { ... } @ args: + makeTincNode args "dynamic2" { + virtualisation.vlans = [ 2 ]; + }; + + }; + + testScript = '' + start_all() + + static.wait_for_unit("tinc.myNetwork.service") + dynamic1.wait_for_unit("tinc.myNetwork.service") + dynamic2.wait_for_unit("tinc.myNetwork.service") + + # Static is accessible by the other hosts + dynamic1.succeed("ping -c5 192.168.1.11") + dynamic2.succeed("ping -c5 192.168.2.11") + + # The other hosts are in separate vlans + dynamic1.fail("ping -c5 192.168.2.11") + dynamic2.fail("ping -c5 192.168.1.11") + + # Each host can ping themselves through Tinc + static.succeed("ping -c5 10.0.0.11") + dynamic1.succeed("ping -c5 10.0.0.21") + dynamic2.succeed("ping -c5 10.0.0.22") + + # Static is accessible by the other hosts through Tinc + dynamic1.succeed("ping -c5 10.0.0.11") + dynamic2.succeed("ping -c5 10.0.0.11") + + # Static can access the other hosts through Tinc + static.succeed("ping -c5 10.0.0.21") + static.succeed("ping -c5 10.0.0.22") + + # The other hosts in separate vlans can access each other through Tinc + dynamic1.succeed("ping -c5 10.0.0.22") + dynamic2.succeed("ping -c5 10.0.0.21") + ''; + }) diff --git a/nixos/tests/tinc/snakeoil-keys.nix b/nixos/tests/tinc/snakeoil-keys.nix new file mode 100644 index 000000000000..650e57d61d4a --- /dev/null +++ b/nixos/tests/tinc/snakeoil-keys.nix @@ -0,0 +1,157 @@ +{ + static = { + ed25519Private = '' + -----BEGIN ED25519 PRIVATE KEY----- + IPR+ur5LfVdm6VlR1+FGIkbkL8Enkb9sejBa/JP6tXkg/vHoraIp70srb6jAUFm5 + 3YbCJiBjLW3dy16qM5PovBoWtr5hoqYYA9dFLOys8FBUFFsIGfKhnbk7g25iwxbO + -----END ED25519 PRIVATE KEY----- + ''; + + ed25519Public = "AqV7aeIqKGGQfXxijMLfRAVRBLixnS45G5OoduIc8mD"; + + rsaPrivate = '' + -----BEGIN RSA PRIVATE KEY----- + MIIEpAIBAAKCAQEAxDHl0TIhhT2yH5rT+Q7MLnj+Ir8bbs3uaPqnzcxWzN1EfVP8 + TWt5fSTrF2Dc78Kyu5ZNALrp7tUj0GZAegp1YeYJ28p3qTwCveywtCwbB4dI987S + yJwq95kE9aoyLa+cT99VwSTdb2YowQv2tWj/idxE3oJ+qZjy9tE5mysXm7jmTQDx + +U0XmNe6MHjKXc01Ener41u0ykJLeUfdgJ1zEyM2rQGtaHpIXfMT6kmxCaMcAMLg + YFpI38/1pQGQtROKdGOaUomx2m058bkMsJhTiBjESiLRDElRGxmMJ732crGJP0GR + ChJkaX/CnxHq7R0daZfwoTVHRu6N7WDbFQL5twIDAQABAoIBAQCM/fLTIHyYXRr5 + vXFhxXGUYBz56W6UdWdEiAU5TwR92vFSQ53IIVlARtyvg0ui/b8mMcAKq0hb+03u + gN0LFyL+BKvHCLxvoRGzXTorcJrIET+t3jL6OchjANNgnDvNOytQ9wWQdKaxXLAi + 8y8LdXZWozXW1d6ikKjiGL+WNCSWIcq83ktSJZcohihptU9Un16FYQzdolSC8RtI + XyT7i1ye6hW/wJTJxqZ4taX3EPat85kXS234VGSqg9bb2A1yE+U8Rq37bf8AKldJ + NUQB3JyxnkYGJcqvzDmz139+744VWxDRvXDA5vU29LC6f8bGBvwEttD98QW+pgmB + 1NBU1Uo5AoGBAOzUk6k74h1RarwXaftjh/9Pures0CfNNnrkJApzFCh4bAoHNxq6 + SSXqLcc/vvX2+YaZ72nn5YTo+JLQP6evM9oUaqRMAxa3nzoNCtF8U2r48UWmoUQE + aZCYbD3m7IVWFacCKRVaVTMZMTTicypSnXcbCSIEH8PRs9+L4jkHgql9AoGBANQT + TZECVhIaQnyRiKWlUE8G1QKzXIxjmfyirBe+ftlIG2XMXasAtQ4VRxpnorgqUnIH + BVrIbvRx21zlqwZbrZvyb1jHWRoyi1cqBPijpYBUm5LbV2jgHPhnfhRVqdD4CDKj + NQzIQrNymFaMWAoOQv/DE3g+Txr0fm9Ztu8ZRXZDAoGAHh3SQT0aPfwyhIS9t3gq + vS7YYa8aMVWJTgthAessbxERPB06xq1Vy/qBo8rZb9HeXV2J8n/I0iQGKDVPQvWm + tF7QSOBZrDPhjbJG4+jZesr5c5ADBfFBs1+OtDh/b11JF5nQu6RnHT5g4YbCemlT + GOhZOvgnSfGK3CyfsfzggskCgYEAmpKDK5kPUNxw70hH16v5L9Bj+zbt0qlZ+Ag8 + 9IV1ATuMNJNTBitay6v4iidVM3QtaUzyuytxq5s87qW7FMRHcm2ueH+70ttaMiq/ + OtZT74g7aDuUpy0KEIemHn4dauENYJMSPIHOE+sHW7WpCZNBhBcUHsUTdSsU6GX0 + bqr1tO8CgYBpZdR2OoX/rn8nwjmtBOH38aPnCpaAfdI2Eq2Lg6DjksP6TBt53a+R + m1lk6Kt37BPPZQ85SBr7ywvDgUzfoD7uSmHujF2JUHPsdrg9nx7pNIGlW6DlS9OU + oNXGAJ/6/y6F8uDbToUfrwFq5tKMypEEa32kFtxb9f0XQ5fSgHrBEw== + -----END RSA PRIVATE KEY----- + ''; + + rsaPublic = '' + -----BEGIN RSA PUBLIC KEY----- + MIIBCgKCAQEAxDHl0TIhhT2yH5rT+Q7MLnj+Ir8bbs3uaPqnzcxWzN1EfVP8TWt5 + fSTrF2Dc78Kyu5ZNALrp7tUj0GZAegp1YeYJ28p3qTwCveywtCwbB4dI987SyJwq + 95kE9aoyLa+cT99VwSTdb2YowQv2tWj/idxE3oJ+qZjy9tE5mysXm7jmTQDx+U0X + mNe6MHjKXc01Ener41u0ykJLeUfdgJ1zEyM2rQGtaHpIXfMT6kmxCaMcAMLgYFpI + 38/1pQGQtROKdGOaUomx2m058bkMsJhTiBjESiLRDElRGxmMJ732crGJP0GRChJk + aX/CnxHq7R0daZfwoTVHRu6N7WDbFQL5twIDAQAB + -----END RSA PUBLIC KEY----- + ''; + }; + + dynamic1 = { + ed25519Private = '' + -----BEGIN ED25519 PRIVATE KEY----- + wHNC2IMXfYtL4ehdsCX154HBvlIZYEiTOnXtckWMUtEAiX9fu7peyBkp9q+yOy9c + xsNyssLL78lt0GoweCxlu3Sza2oBQAcwb+6tuv7P/bqzcG005uCwquyCz8LVymXA + -----END ED25519 PRIVATE KEY----- + ''; + + ed25519Public = "t0smNaAEAH8mver77+z/m6MnBNdurAsqrswM/Sls5FA"; + + rsaPrivate = '' + -----BEGIN RSA PRIVATE KEY----- + MIIEpAIBAAKCAQEApukYNGFNWvVlmx75LyOE7MEcd/ViV+yEyk+4cIBXYJ3Ouw+/ + oEuh8ghQfsiUtbUPR6hPYhX2ZV8XGhuU2nAXVQV0sfZ8pdkbHQ6wHUqFcUIQAVvS + Wpm2DvZM8jkbCPP64/x5nukPwQ8VoNnb62rWGzbcj7rOeb7ndMK0TpX5Wwv8F297 + nKTNCEDbK3DLTj3VD+QGnw6AoEt5i44vViAWZBXuHLHWTDC0Nq8GG+9TKODkEwt5 + 4dgN2X9f+WTVAYhZT3SayHLqIFIMQunN89RpWwhHSW+JIRfAfuT1TbP+wA5ptDeI + ktCkJwWyv4hK6l800BJ9GW1nbId5LPa58ipaVwIDAQABAoIBAHcw3WgKVAMwWm57 + n9ZZtwKapInFYYUIEYungj5UaBFGn+pVRLJjUDJWXaUr94YK1e6F8qpIpLufPBAY + wiN7CC5exwaOzlRgxUvqwTkpjkFiu6s8tuqb+baVjD0tKnEqSW+lS/R+2hEzhG5p + JPLoSB0HAFpjPC8UdJSctcWos3if3mvOGkGCKyTkrwaJgECDfD+lZ+NBIAiYLSps + jWLE+XlY1+nfPdLUQ+TRSv3IikJ/CWbvJLl9EE1tKhkY564KytwZrkIdJlc7NyRO + HpzhyMzHu1GLsr+OsBZByNNUxEPU+bzkDQluRXUSIUs9zZoBiCQr3o04qGPTEX9n + pNU60gECgYEA3Uf+c80eqzjDxv+O0YzC+9x6A+yMrV56siGkKRPMlrSqjX7iE2Yg + tUjD25kEvtaFuB3f/7zp3h4O/VLZgXreRtXHvdrfoyyJGHvHIyCGm8sw8CEWsKo4 + 1LgZUzdPJRkXJq1zOgS0r1xsA1UDC4s02Ww2HwNeVWtmLUyCpA+B/ccCgYEAwRk9 + tbe82eq1a85zZiPVXP2qvDH5+Vz9YiMky8xsBnoxmz2siR+NdvWBLcE2VDIY8MK1 + 9a1dz2a7cAHQBrtWtACFVY4zvr69DumApjbQRClDYpJ42tp2VbzlMcUDIoKudRQV + CObhrE4w4yfVizXFyH9+4Tsg5NzVYuGg9fUJ/vECgYEAoRz7KouNqfMhsLF/5hkM + Gt9zw4mm/9ALm8kcwn/U9WHD0FQy/Rbd98BsQmaOavi80cqGvqhoyz2tgkqhbUHt + tzuOPDCxphgWFcqBupTDDYoLLruYzraRvGfyoIFj0coL7jBZ9kNY31l2l5J9LhmE + OE4utbP5Kk6RTagocpWL+x8CgYB48CwcIcWf3kZeDOFtuUeqhB1o3Qwox7rSuhwT + oCaQL/vdtNTY1PAu7zhGxdoXBYFlWS3JfxlgCoGedyQo8zAscJ8RpIx4DNIwAsLW + V0I9TnKry/zxZR30OOh7MV7zQFGvdjJubtwspJQt0QcHt1f2aRO4UOYbMMxcr9+1 + 7BCkoQKBgQDBEtg1hx9zYGg1WN2TBSvh6NShi9S23r6IZ3Up8vz6Z2rcwB3UuhKi + xluI2ZFwM9s+7UOpaGC+hnc1aMHDEguYOPXoIzvebbYAdN4AkrsJ5d0r1GoEe64E + UXxrfuv5LeJ/vkUgWof+U3/jGOVvrjzi5y1xOC0r3kiSpMa85s1dhQ== + -----END RSA PRIVATE KEY----- + ''; + + rsaPublic = '' + -----BEGIN RSA PUBLIC KEY----- + MIIBCgKCAQEApukYNGFNWvVlmx75LyOE7MEcd/ViV+yEyk+4cIBXYJ3Ouw+/oEuh + 8ghQfsiUtbUPR6hPYhX2ZV8XGhuU2nAXVQV0sfZ8pdkbHQ6wHUqFcUIQAVvSWpm2 + DvZM8jkbCPP64/x5nukPwQ8VoNnb62rWGzbcj7rOeb7ndMK0TpX5Wwv8F297nKTN + CEDbK3DLTj3VD+QGnw6AoEt5i44vViAWZBXuHLHWTDC0Nq8GG+9TKODkEwt54dgN + 2X9f+WTVAYhZT3SayHLqIFIMQunN89RpWwhHSW+JIRfAfuT1TbP+wA5ptDeIktCk + JwWyv4hK6l800BJ9GW1nbId5LPa58ipaVwIDAQAB + -----END RSA PUBLIC KEY----- + ''; + }; + + dynamic2 = { + ed25519Private = '' + -----BEGIN ED25519 PRIVATE KEY----- + oUx9JdIstZLMj3ZPD8mP3ITsUscCTIXhNF3VKFUVi/ma5uk50/1vrEohfDraiMxj + gAWthpkhnFzUbp+YlOHE7/Z3h1a/br2/tk8DoZ5PV6ufoV1MaBlGdu+TZgeZou0t + -----END ED25519 PRIVATE KEY----- + ''; + + ed25519Public = "f2dYt2/2q9fLJ/AaW+Tlu7HaVNjWQpRnr/UGoXGqLdL"; + + rsaPrivate = '' + -----BEGIN RSA PRIVATE KEY----- + MIIEpAIBAAKCAQEAtQfijPX3BwOAs2Y0EuNjcBmsI90uYqNAonrFgTtcVwERIVE6 + p6alSEakazhByujBg3jI8oPKC8eO0IJ7x/BWcgxqaw8hsPfJZFnRlwEcU5kK4c+j + UNS+hJOXp0x97T1edLpSFHDK9bZ2necblHKG5MsI4UsxEa+CZ0yoIybwWCDmYuya + PvE7CeNNa+CIOUbtPVoN4p/aBj0vZeerNBBuodNkglKRxj4l9wD9uOx4S9sdK5lu + q/rkxlViBoXRAshT+G2d/u/7/WPoiKB3QJcF33z8UfrlsTRnDDqOMSGisTPSv2LK + 4QLN4hWOGXAYQqZcxTkvvjl62mCDuoy0TM+CKQIDAQABAoIBAFKpMAxXf52nPswr + /dkmFVCpmE2kADsv+iJ21tpkpYxgw1aoRZUp5cyz3P3MaVZio4IJ1A/Ql6B7Vb3l + 5ulr170p6CnMdgDdlAsLbEV8T1foyOxFKHiPPBNDZXsR1WpPnGLGdRY6TqKV12HQ + lmpZRTkRcJOXBufhcTUD7r5mWFaUoZ7so6VxR4L4Tzcgv1Rl4S6jgnHOQdO6lj47 + BaPjpBb+hplJ4wsRm91dQ7JApYq25XZwyxnBwQ2zAwb46wsuFxDPHlSc4wU7qTt6 + x2omm33Xy2cm8L1XQhrassZzldSnAyaLBh9DC3+vFPLODDxdz5M2kpHujYYctRhv + CICMYJUCgYEA7mWVYuw0S8FNjaLx6n9Q1hr9d9vAFDd3NEaegH586xvhYNxf6n+C + 2zZloVLEsX0UnBU/6ZtLAUfxUIqlvDS2r1VjSYG5SNxM6/vyGl17Niu1jC8nzf7M + V1WtDCHhT4ikZCuNkAldtgI7CXVdCVO/fTqVhjk4hDblJo7VsCZSZysCgYEAwmXp + TwlDHapDqA8UxClZuxS8k+2hthny3ihRPCuT34yqAz074zYG97ZBKwIa4Lm1vnkc + mwU7yR2aK7IYeU4ScfWm1mLjkW5iaNV/sG7iTz/RP4mBAs3KSGmuhhz8sFWcXByU + IZyvMJvC+FpgJQJn/Xc8ZmdImvXlZd6k8v4/kfsCgYEA6VzFPB2OH63slb4w42SX + o86t2dtiDigxZxnN5GhtLdSP7borpigF10JLf/y+kCOpvhRLCQk8Bdf/z+C41iAf + yEhktbrnvfvwzHxHhSmHCAMHZ19trodCTiePCrZLkQhoK6o6nAmfEyDh26NoXE3/ + v71OSyLOQRZfgDwHz7PjrBsCgYAe0zojpjxWP+FqjLmmQUhROgCNFGlIDuVMBOic + uexAznVG/ja42KBSNzwuLa9FYy1Gfr3idvn78g24UA1BbvfNyj4iUJv1O6OvK+uL + dom8N0pe4NbsMuWYhel+qqoG7AxXLtDuY4IEGy7XYr1MIQ2MS5PwSQBiUguGE7/k + KBy8cQKBgQCyC9R8VWJxQLqJxZGa9Ful01bSuntB5OLRfEjFCCuGiY/3Vj+mCiQL + GOfMOi2jrcnSNgUm0uevmiFCq9m7QiPiAcSYKXPWhsz/55jJIGcZy8bwyhZ2s2Mg + BGeZgj4RFORidqkt5g/KJz0+Wp6Ks4sLoCvOzkpeXvLzFVyzGkihrw== + -----END RSA PRIVATE KEY----- + ''; + + rsaPublic = '' + -----BEGIN RSA PUBLIC KEY----- + MIIBCgKCAQEAtQfijPX3BwOAs2Y0EuNjcBmsI90uYqNAonrFgTtcVwERIVE6p6al + SEakazhByujBg3jI8oPKC8eO0IJ7x/BWcgxqaw8hsPfJZFnRlwEcU5kK4c+jUNS+ + hJOXp0x97T1edLpSFHDK9bZ2necblHKG5MsI4UsxEa+CZ0yoIybwWCDmYuyaPvE7 + CeNNa+CIOUbtPVoN4p/aBj0vZeerNBBuodNkglKRxj4l9wD9uOx4S9sdK5luq/rk + xlViBoXRAshT+G2d/u/7/WPoiKB3QJcF33z8UfrlsTRnDDqOMSGisTPSv2LK4QLN + 4hWOGXAYQqZcxTkvvjl62mCDuoy0TM+CKQIDAQAB + -----END RSA PUBLIC KEY----- + ''; + }; +} From dda50e73481c2db4af0c9cf783cd3b49e0cf95dd Mon Sep 17 00:00:00 2001 From: Sirio Balmelli Date: Mon, 14 Dec 2020 08:29:41 +0100 Subject: [PATCH 06/17] gopass: fix impurity which breaks gopass after 'nix-store --gc' gopass maintains a ~/.cache/gopass/gpg-binary.loc file which stores an absolute path to the gpg executable, overriding (and ignoring) the environment $PATH. This creates a situation where gopass will work for a period of time after install, but after gpg is upgraded and a 'nix-store --gc' is performed, the cached gpg path will throw an error. A gopass maintainer has declared this a wont-fix in https://github.com/gopasspw/gopass/issues/1662 As a workaround, add a --run clause in the wrapper script that removes this cache file. Once (if) upstream fixes this issue, this cruft can be removed. Signed-off-by: Sirio Balmelli --- pkgs/tools/security/gopass/default.nix | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/pkgs/tools/security/gopass/default.nix b/pkgs/tools/security/gopass/default.nix index 80a9c40ebc2e..ff855cce240c 100644 --- a/pkgs/tools/security/gopass/default.nix +++ b/pkgs/tools/security/gopass/default.nix @@ -46,10 +46,12 @@ buildGoModule rec { ln -s $out/bin/gopass $out/bin/pass ''; + # --run to work around WONTFIX in https://github.com/gopasspw/gopass/issues/1662 postFixup = '' for bin in $out/bin/*; do wrapProgram $bin \ - --prefix PATH : "${wrapperPath}" + --prefix PATH : "${wrapperPath}" \ + --run 'rm -f "''${XDG_CONFIG_HOME:-~/.config}/gopass/gpg-binary.loc"' done ''; From 624e68d8393c89eb783b7f8f73d2dc125964ff55 Mon Sep 17 00:00:00 2001 From: "R. RyanTM" Date: Mon, 14 Dec 2020 17:12:36 +0000 Subject: [PATCH 07/17] python37Packages.setuptools-rust: 0.11.5 -> 0.11.6 --- pkgs/development/python-modules/setuptools-rust/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/python-modules/setuptools-rust/default.nix b/pkgs/development/python-modules/setuptools-rust/default.nix index 84465cd475d0..904056b8bdfb 100644 --- a/pkgs/development/python-modules/setuptools-rust/default.nix +++ b/pkgs/development/python-modules/setuptools-rust/default.nix @@ -10,13 +10,13 @@ buildPythonPackage rec { pname = "setuptools-rust"; - version = "0.11.5"; + version = "0.11.6"; disabled = isPy27; src = fetchPypi { inherit pname version; - sha256 = "04ea21f1bd029046fb87d098be4d7dc74663a58dd1f9fc6edcf8f3e4123ec4a8"; + sha256 = "a5b5954909cbc5d66b914ee6763f81fa2610916041c7266105a469f504a7c4ca"; }; nativeBuildInputs = [ setuptools_scm ]; From 18264172d880872050958ac5c08be9771f69d1d5 Mon Sep 17 00:00:00 2001 From: Tim Steinbach Date: Mon, 14 Dec 2020 13:15:49 -0500 Subject: [PATCH 08/17] python3Packages.botocore: 1.19.31 -> 1.19.35 --- pkgs/development/python-modules/botocore/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/python-modules/botocore/default.nix b/pkgs/development/python-modules/botocore/default.nix index add0f54e29d8..e0ecc77c3063 100644 --- a/pkgs/development/python-modules/botocore/default.nix +++ b/pkgs/development/python-modules/botocore/default.nix @@ -12,11 +12,11 @@ buildPythonPackage rec { pname = "botocore"; - version = "1.19.31"; # N.B: if you change this, change boto3 and awscli to a matching version + version = "1.19.35"; # N.B: if you change this, change boto3 and awscli to a matching version src = fetchPypi { inherit pname version; - sha256 = "0z8pmkr7j2w90qpd25wv0j1z4kqx90j6ch8c8irlyj84wx61skk2"; + sha256 = "08vymgdv3d0394gqgmbzqk00248zhkigfc21vwbhf1lva08ajfk3"; }; propagatedBuildInputs = [ From f1dff1bdeda226fe332e68b4f42ae8e5e419976f Mon Sep 17 00:00:00 2001 From: Tim Steinbach Date: Mon, 14 Dec 2020 13:16:03 -0500 Subject: [PATCH 09/17] python3Packages.boto3: 1.16.31 -> 1.16.35 --- pkgs/development/python-modules/boto3/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/python-modules/boto3/default.nix b/pkgs/development/python-modules/boto3/default.nix index 1688882e57e1..1667c49e1764 100644 --- a/pkgs/development/python-modules/boto3/default.nix +++ b/pkgs/development/python-modules/boto3/default.nix @@ -13,11 +13,11 @@ buildPythonPackage rec { pname = "boto3"; - version = "1.16.31"; # N.B: if you change this, change botocore too + version = "1.16.35"; # N.B: if you change this, change botocore too src = fetchPypi { inherit pname version; - sha256 = "0c9q7njargrhxcl99mdc7xbb29imp8kpyg3d0vwq2crlzxln8y49"; + sha256 = "0ah1jhj68v6d8qm2mk64jjl6zi9qa3ssmj9jv3fmk9kyahahjpm3"; }; propagatedBuildInputs = [ botocore jmespath s3transfer ] ++ lib.optionals (!isPy3k) [ futures ]; From 046f8835dcb9082beb75bb471c28c832e1b067b6 Mon Sep 17 00:00:00 2001 From: Tim Steinbach Date: Mon, 14 Dec 2020 13:17:12 -0500 Subject: [PATCH 10/17] awscli: 1.18.191 -> 1.18.195 --- pkgs/tools/admin/awscli/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/tools/admin/awscli/default.nix b/pkgs/tools/admin/awscli/default.nix index 2a8d5ab5e72b..42ee345cbaf9 100644 --- a/pkgs/tools/admin/awscli/default.nix +++ b/pkgs/tools/admin/awscli/default.nix @@ -28,11 +28,11 @@ let in with py.pkgs; buildPythonApplication rec { pname = "awscli"; - version = "1.18.191"; # N.B: if you change this, change botocore to a matching version too + version = "1.18.195"; # N.B: if you change this, change botocore to a matching version too src = fetchPypi { inherit pname version; - sha256 = "1zsb9w0bpbwq093ydbh4b5r3287b5l9mrdx549vsv0rspmkr0d7c"; + sha256 = "1969rzcqj3k81k0wbvq8fpklx1z9vjh6db7i81mkbqqfkjm9pq2k"; }; postPatch = '' From 3512f7af6fd442c7faf312f934a83820ccc85909 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Dani=C3=ABl=20de=20Kok?= Date: Mon, 14 Dec 2020 20:10:13 +0100 Subject: [PATCH 11/17] python3Packages.setuptools-rust: add meta.changelog --- pkgs/development/python-modules/setuptools-rust/default.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/pkgs/development/python-modules/setuptools-rust/default.nix b/pkgs/development/python-modules/setuptools-rust/default.nix index 904056b8bdfb..5125e166a0ce 100644 --- a/pkgs/development/python-modules/setuptools-rust/default.nix +++ b/pkgs/development/python-modules/setuptools-rust/default.nix @@ -26,6 +26,7 @@ buildPythonPackage rec { meta = with stdenv.lib; { description = "Setuptools plugin for Rust support"; homepage = "https://github.com/PyO3/setuptools-rust"; + changelog = "https://github.com/PyO3/setuptools-rust/releases/tag/v${version}"; license = licenses.mit; maintainers = with maintainers; [ danieldk ]; }; From df4de2fcc469ad898274f685336b97e8f61e93d2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Milan=20P=C3=A4ssler?= Date: Mon, 14 Dec 2020 20:21:47 +0100 Subject: [PATCH 12/17] superTuxKart: 1.1 -> 1.2 --- pkgs/games/super-tux-kart/default.nix | 23 ++++++++++++----------- 1 file changed, 12 insertions(+), 11 deletions(-) diff --git a/pkgs/games/super-tux-kart/default.nix b/pkgs/games/super-tux-kart/default.nix index b3a7966071a7..2c686f5724de 100644 --- a/pkgs/games/super-tux-kart/default.nix +++ b/pkgs/games/super-tux-kart/default.nix @@ -1,14 +1,14 @@ -{ lib, stdenv, fetchFromGitHub, fetchsvn, cmake, pkgconfig, makeWrapper -, openal, freealut, libGLU, libGL, libvorbis, libogg, gettext, curl, freetype, glew -, fribidi, libtool, bluez, libjpeg, libpng, zlib, libX11, libXrandr, harfbuzz +{ lib, stdenv, fetchFromGitHub, fetchsvn, cmake, pkg-config, makeWrapper +, SDL2, glew, openal, libvorbis, libogg, curl, freetype, bluez, libjpeg, libpng, enet, harfbuzz , mcpp, wiiuse, angelscript }: + let dir = "stk-code"; assets = fetchsvn { url = "https://svn.code.sf.net/p/supertuxkart/code/stk-assets"; - rev = "18212"; - sha256 = "1dyj8r5rfifhnhayga8w8irkpa99vw57xjmy74cp8xz8g7zvdzqf"; + rev = "18218"; + sha256 = "11iv3cqzvbjg33zz5i5gkl2syn6mlw9wqv0jc7h36vjnjqjv17xw"; name = "stk-assets"; }; @@ -33,17 +33,19 @@ let "libraqm" # Not packaged to this date "libsquish" + # Not packaged to this date + "sheenbidi" ]; in stdenv.mkDerivation rec { pname = "supertuxkart"; - version = "1.1"; + version = "1.2"; src = fetchFromGitHub { owner = "supertuxkart"; repo = "stk-code"; rev = version; - sha256 = "01vxxl94583ixswzmi4caz8dk64r56pn3zxh7v63zml60yfvxbvp"; + sha256 = "1f98whk0v45jgwcsbdsb1qfambvrnbbgwq0w28kjz4278hinwzq6"; name = dir; }; @@ -53,12 +55,10 @@ in stdenv.mkDerivation rec { find lib -maxdepth 1 -type d | egrep -v "^lib$|${(lib.concatStringsSep "|" bundledLibraries)}" | xargs -n1 -L1 -r -I{} rm -rf {} ''; - nativeBuildInputs = [ cmake gettext libtool pkgconfig makeWrapper ]; + nativeBuildInputs = [ cmake pkg-config makeWrapper ]; buildInputs = [ - libX11 libXrandr - openal freealut libGLU libGL libvorbis libogg zlib freetype glew - curl fribidi bluez libjpeg libpng harfbuzz + SDL2 glew openal libvorbis libogg freetype curl bluez libjpeg libpng enet harfbuzz mcpp wiiuse angelscript ]; @@ -68,6 +68,7 @@ in stdenv.mkDerivation rec { "-DCHECK_ASSETS=OFF" "-DUSE_SYSTEM_WIIUSE=ON" "-DUSE_SYSTEM_ANGELSCRIPT=ON" + "-DOpenGL_GL_PREFERENCE=GLVND" ]; # Obtain the assets directly from the fetched store path, to avoid duplicating assets across multiple engine builds From 50eb65e7523093560f9bc44155a60d13cff0b308 Mon Sep 17 00:00:00 2001 From: Mario Rodas Date: Mon, 14 Dec 2020 04:20:00 +0000 Subject: [PATCH 13/17] ocamlPackages.visitors: 20190711 -> 20200210 --- .../ocaml-modules/visitors/default.nix | 28 +++++++++++-------- 1 file changed, 17 insertions(+), 11 deletions(-) diff --git a/pkgs/development/ocaml-modules/visitors/default.nix b/pkgs/development/ocaml-modules/visitors/default.nix index 35cdfc3a9af4..c8d9436461aa 100644 --- a/pkgs/development/ocaml-modules/visitors/default.nix +++ b/pkgs/development/ocaml-modules/visitors/default.nix @@ -1,23 +1,29 @@ -{ stdenv, fetchurl, ocaml, findlib, ocamlbuild, cppo, ppx_tools, ppx_deriving, result }: +{ lib, buildDunePackage, fetchFromGitLab, ppx_tools, ppx_deriving, result, cppo }: -stdenv.mkDerivation { - name = "ocaml${ocaml.version}-visitors-20190711"; +buildDunePackage rec { + pname = "visitors"; + version = "20200210"; - src = fetchurl { - url = "http://gallium.inria.fr/~fpottier/visitors/visitors-20190711.tar.gz"; - sha256 = "1h794xczfczf573mpwzm4ah9ir1rbbrkqipbh3aflfpdq2mgsbvg"; + useDune2 = true; + + minimumOCamlVersion = "4.02.3"; + + src = fetchFromGitLab { + owner = "fpottier"; + repo = pname; + rev = version; + domain = "gitlab.inria.fr"; + sha256 = "12i099h1hc1walabiwqbinnpgcxkc1wn72913v7v6vvyif21rb5a"; }; - buildInputs = [ ocaml findlib ocamlbuild cppo ]; + buildInputs = [ cppo ]; + propagatedBuildInputs = [ ppx_tools ppx_deriving result ]; - createFindlibDestdir = true; - - meta = with stdenv.lib; { + meta = with lib; { homepage = "https://gitlab.inria.fr/fpottier/visitors"; license = licenses.lgpl21; description = "An OCaml syntax extension (technically, a ppx_deriving plugin) which generates object-oriented visitors for traversing and transforming data structures"; - inherit (ocaml.meta) platforms; maintainers = [ maintainers.marsam ]; }; } From af2ab765157d623533098ddc97662e27bd568c72 Mon Sep 17 00:00:00 2001 From: Rouven Czerwinski Date: Sun, 13 Dec 2020 06:58:59 +0100 Subject: [PATCH 14/17] usbsdmux: init at 0.1.8 Add the usbsdmux utility which is used to control the USB-SD-Mux developed by the Linux Automation GmBH. --- .../tools/misc/usbsdmux/default.nix | 19 +++++++++++++++++++ pkgs/top-level/all-packages.nix | 2 ++ 2 files changed, 21 insertions(+) create mode 100644 pkgs/development/tools/misc/usbsdmux/default.nix diff --git a/pkgs/development/tools/misc/usbsdmux/default.nix b/pkgs/development/tools/misc/usbsdmux/default.nix new file mode 100644 index 000000000000..59b5dc982391 --- /dev/null +++ b/pkgs/development/tools/misc/usbsdmux/default.nix @@ -0,0 +1,19 @@ +{ lib, python3Packages }: + +python3Packages.buildPythonApplication rec { + pname = "usbsdmux"; + version = "0.1.8"; + + src = python3Packages.fetchPypi { + inherit pname version; + sha256 = "0m3d0rs9s5v5hnsjkfybmd8v54gn7rc1dbg5vc48rryhc969pr9f"; + }; + + meta = with lib; { + description = "Control software for the LXA USB-SD-Mux"; + homepage = "https://github.com/linux-automation/usbsdmux"; + license = licenses.lgpl21; + maintainers = with maintainers; [ emantor ]; + platforms = with platforms; linux; + }; +} diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index aeec029d7526..83a4f9db748e 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -3017,6 +3017,8 @@ in usb-modeswitch = callPackage ../development/tools/misc/usb-modeswitch { }; usb-modeswitch-data = callPackage ../development/tools/misc/usb-modeswitch/data.nix { }; + usbsdmux = callPackage ../development/tools/misc/usbsdmux { }; + anthy = callPackage ../tools/inputmethods/anthy { }; evdevremapkeys = callPackage ../tools/inputmethods/evdevremapkeys { }; From 7a6203fffc16227e5a0f4477fff050c32ddd27b0 Mon Sep 17 00:00:00 2001 From: Rouven Czerwinski Date: Sun, 13 Dec 2020 06:19:08 +0100 Subject: [PATCH 15/17] bareboxTools: init at v2020.12.0 This adds the bareboxTools as a package. The buildBarebox function is intentionally modeled like the buildUBoot function, which should allow future expansion to build barebox for NixOS systems. The tools are useful on their own, since they allow flashing of systems via the different USB loader tools shipped in the scripts directory. --- pkgs/misc/barebox/default.nix | 96 +++++++++++++++++++++++++++++++++ pkgs/top-level/all-packages.nix | 5 ++ 2 files changed, 101 insertions(+) create mode 100644 pkgs/misc/barebox/default.nix diff --git a/pkgs/misc/barebox/default.nix b/pkgs/misc/barebox/default.nix new file mode 100644 index 000000000000..78d4228abb3b --- /dev/null +++ b/pkgs/misc/barebox/default.nix @@ -0,0 +1,96 @@ +{ stdenv +, lib +, fetchurl +, bison +, dtc +, flex +, libusb1 +, lzop +, openssl +, pkgconfig +, buildPackages +}: + +let + buildBarebox = { + filesToInstall + , installDir ? "$out" + , defconfig + , extraMeta ? {} + , ... } @ args: stdenv.mkDerivation rec { + pname = "barebox-${defconfig}"; + + version = "2020.12.0"; + + src = fetchurl { + url = "https://www.barebox.org/download/barebox-${version}.tar.bz2"; + sha256 = "06vsd95ihaa2nywpqy6k0c7xwk2pzws4yvbp328yd2pfiigachrv"; + }; + + postPatch = '' + patchShebangs scripts + ''; + + nativeBuildInputs = [ + bison + dtc + flex + openssl + libusb1 + lzop + pkgconfig + ]; + depsBuildBuild = [ buildPackages.stdenv.cc ]; + + hardeningDisable = [ "all" ]; + + makeFlags = [ + "DTC=dtc" + "CROSS_COMPILE=${stdenv.cc.targetPrefix}" + ]; + + configurePhase = '' + runHook preConfigure + + make ${defconfig} + + runHook postConfigure + ''; + + installPhase = '' + runHook preInstall + + mkdir -p ${installDir} + cp ${lib.concatStringsSep " " filesToInstall} ${installDir} + + runHook postInstall + ''; + + enableParallelBuilding = true; + + dontStrip = true; + + meta = with lib; { + homepage = "https://www.barebox.org"; + description = "The Swiss Army Knive for bare metal"; + license = licenses.gpl2; + maintainers = with maintainers; [ emantor ]; + } // extraMeta; + } // removeAttrs args [ "extraMeta" ]; + +in { + inherit buildBarebox; + + bareboxTools = buildBarebox { + defconfig = "hosttools_defconfig"; + installDir = "$out/bin"; + extraMeta.platforms = lib.platforms.linux; + filesToInstall = [ + "scripts/bareboximd" + "scripts/imx/imx-usb-loader" + "scripts/omap4_usbboot" + "scripts/omap3-usb-loader" + "scripts/kwboot" + ]; + }; +} diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 83a4f9db748e..8fc72554c4f6 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -19280,6 +19280,11 @@ in ubootWandboard ; + # Upstream Barebox: + inherit (callPackage ../misc/barebox {}) + buildbarebox + bareboxTools; + uclibc = callPackage ../os-specific/linux/uclibc { }; uclibcCross = callPackage ../os-specific/linux/uclibc { From 15406f05c915084ee5e78c4aa95ba6a2d0fc9ae2 Mon Sep 17 00:00:00 2001 From: Orivej Desh Date: Mon, 14 Dec 2020 23:41:51 +0000 Subject: [PATCH 16/17] bareboxTools: fix eval --- pkgs/top-level/all-packages.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 8fc72554c4f6..568413d71fcc 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -19282,7 +19282,7 @@ in # Upstream Barebox: inherit (callPackage ../misc/barebox {}) - buildbarebox + buildBarebox bareboxTools; uclibc = callPackage ../os-specific/linux/uclibc { }; From 2f6ac2435767c1052147b1397ebb0c8f1a2c5583 Mon Sep 17 00:00:00 2001 From: Orivej Desh Date: Mon, 14 Dec 2020 21:15:10 +0000 Subject: [PATCH 17/17] linux-rt_latest: 5.9.1-rt20 -> 5.10-rt17 This does not keep 5.9 series because it has known issues and rt upstream has stopped maintaining it in favor of 5.10. "ls -v" sorts by version, making 5.10 the next $prev kernel. --- .../kernel/{linux-rt-5.9.nix => linux-rt-5.10.nix} | 10 +++++++--- pkgs/os-specific/linux/kernel/update-rt.sh | 2 +- pkgs/top-level/all-packages.nix | 6 +++--- 3 files changed, 11 insertions(+), 7 deletions(-) rename pkgs/os-specific/linux/kernel/{linux-rt-5.9.nix => linux-rt-5.10.nix} (75%) diff --git a/pkgs/os-specific/linux/kernel/linux-rt-5.9.nix b/pkgs/os-specific/linux/kernel/linux-rt-5.10.nix similarity index 75% rename from pkgs/os-specific/linux/kernel/linux-rt-5.9.nix rename to pkgs/os-specific/linux/kernel/linux-rt-5.10.nix index 988335d0d3ba..4eec6c431b6c 100644 --- a/pkgs/os-specific/linux/kernel/linux-rt-5.9.nix +++ b/pkgs/os-specific/linux/kernel/linux-rt-5.10.nix @@ -6,22 +6,26 @@ , ... } @ args: let - version = "5.9.1-rt20"; # updated by ./update-rt.sh + version = "5.10-rt17"; # updated by ./update-rt.sh branch = lib.versions.majorMinor version; kversion = builtins.elemAt (lib.splitString "-" version) 0; in buildLinux (args // { inherit version; + # modDirVersion needs a patch number, change X.Y-rtZ to X.Y.0-rtZ. + modDirVersion = if (builtins.match "[^.]*[.][^.]*-.*" version) == null then version + else lib.replaceStrings ["-"] [".0-"] version; + src = fetchurl { url = "mirror://kernel/linux/kernel/v5.x/linux-${kversion}.tar.xz"; - sha256 = "0dn0xz81pphca5dkg6zh8c78p05f63rrr5ihqqsmhc4n73li2jms"; + sha256 = "0hyav21vzz5v1kgb455pcz9ncg5qqzxmp60na290scwq7vj9kpyw"; }; kernelPatches = let rt-patch = { name = "rt"; patch = fetchurl { url = "mirror://kernel/linux/kernel/projects/rt/${branch}/older/patch-${version}.patch.xz"; - sha256 = "0ma3mv475qgg0dri4928gi6z00d7s59pdwj0d6dh0mfzs2xddnyv"; + sha256 = "0baf7363f6h3smr4lgw88dbpf4977j6c1asifyhc8zhd7100ckhn"; }; }; in [ rt-patch ] ++ lib.remove rt-patch kernelPatches; diff --git a/pkgs/os-specific/linux/kernel/update-rt.sh b/pkgs/os-specific/linux/kernel/update-rt.sh index bcfa494d7e7a..4cbd45524a86 100755 --- a/pkgs/os-specific/linux/kernel/update-rt.sh +++ b/pkgs/os-specific/linux/kernel/update-rt.sh @@ -58,7 +58,7 @@ update-if-needed() { msg="$nixattr: $cur -> $new" else msg="$nixattr: init at $new" - prev=$(ls "$(dirname "$0")"/linux-rt-*.nix | tail -1) + prev=$(ls -v "$(dirname "$0")"/linux-rt-*.nix | tail -1) cp "$prev" "$file" cur=$(file-version "$file") fi diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 568413d71fcc..8d833be6196d 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -18384,7 +18384,7 @@ in ]; }; - linux-rt_5_9 = callPackage ../os-specific/linux/kernel/linux-rt-5.9.nix { + linux-rt_5_10 = callPackage ../os-specific/linux/kernel/linux-rt-5.10.nix { kernelPatches = [ kernelPatches.bridge_stp_helper kernelPatches.request_key_helper @@ -18643,9 +18643,9 @@ in # Realtime kernel packages. linuxPackages-rt_5_4 = linuxPackagesFor pkgs.linux-rt_5_4; linuxPackages-rt_5_6 = linuxPackagesFor pkgs.linux-rt_5_6; - linuxPackages-rt_5_9 = linuxPackagesFor pkgs.linux-rt_5_9; + linuxPackages-rt_5_10 = linuxPackagesFor pkgs.linux-rt_5_10; linuxPackages-rt = linuxPackages-rt_5_4; - linuxPackages-rt_latest = linuxPackages-rt_5_9; + linuxPackages-rt_latest = linuxPackages-rt_5_10; linux-rt = linuxPackages-rt.kernel; linux-rt_latest = linuxPackages-rt_latest.kernel;