1
0
Fork 1
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-11-22 21:50:55 +00:00

Merge remote-tracking branch 'nixpkgs/staging-next' into staging

This commit is contained in:
Alyssa Ross 2021-11-13 15:30:01 +00:00
commit 26b89bcd16
No known key found for this signature in database
GPG key ID: F9DBED4859B271C0
404 changed files with 6990 additions and 1034 deletions

View file

@ -15,6 +15,6 @@ jobs:
# we don't limit this action to only NixOS repo since the checks are cheap and useful developer feedback
steps:
- uses: actions/checkout@v2
- uses: cachix/install-nix-action@v14
- uses: cachix/install-nix-action@v15
# explicit list of supportedSystems is needed until aarch64-darwin becomes part of the trunk jobset
- run: nix-build pkgs/top-level/release.nix -A tarball.nixpkgs-basic-release-checks --arg supportedSystems '[ "aarch64-darwin" "aarch64-linux" "x86_64-linux" "x86_64-darwin" ]'

View file

@ -28,7 +28,7 @@ jobs:
# pull_request_target checks out the base branch by default
ref: refs/pull/${{ github.event.pull_request.number }}/merge
if: env.PR_DIFF
- uses: cachix/install-nix-action@v14
- uses: cachix/install-nix-action@v15
if: env.PR_DIFF
with:
# nixpkgs commit is pinned so that it doesn't break

View file

@ -18,7 +18,7 @@ jobs:
with:
# pull_request_target checks out the base branch by default
ref: refs/pull/${{ github.event.pull_request.number }}/merge
- uses: cachix/install-nix-action@v14
- uses: cachix/install-nix-action@v15
with:
# explicitly enable sandbox
extra_nix_config: sandbox = true

View file

@ -18,7 +18,7 @@ jobs:
with:
# pull_request_target checks out the base branch by default
ref: refs/pull/${{ github.event.pull_request.number }}/merge
- uses: cachix/install-nix-action@v14
- uses: cachix/install-nix-action@v15
with:
# explicitly enable sandbox
extra_nix_config: sandbox = true

View file

@ -19,7 +19,7 @@ jobs:
with:
# pull_request_target checks out the base branch by default
ref: refs/pull/${{ github.event.pull_request.number }}/merge
- uses: cachix/install-nix-action@v14
- uses: cachix/install-nix-action@v15
- name: Check DocBook files generated from Markdown are consistent
run: |
nixos/doc/manual/md-to-db.sh

View file

@ -2537,6 +2537,13 @@
githubId = 86075850;
name = "Danil Danevich";
};
darkonion0 = {
name = "Alexandre Peruggia";
email = "darkgenius1@protonmail.com";
matrix = "@alexoo:matrix.org";
github = "DarkOnion0";
githubId = 68606322;
};
das-g = {
email = "nixpkgs@raphael.dasgupta.ch";
github = "das-g";
@ -7206,6 +7213,16 @@
githubId = 95194;
name = "Mauricio Scheffer";
};
max-niederman = {
email = "max@maxniederman.com";
github = "max-niederman";
githubId = 19580458;
name = "Max Niederman";
keys = [{
longkeyid = "rsa3072/0x9AED881481D8444E";
fingerprint = "1DE4 424D BF77 1192 5DC4 CF5E 9AED 8814 81D8 444E";
}];
};
maxdamantus = {
email = "maxdamantus@gmail.com";
github = "Maxdamantus";

View file

@ -485,6 +485,8 @@
./services/mail/roundcube.nix
./services/mail/sympa.nix
./services/mail/nullmailer.nix
./services/matrix/mjolnir.nix
./services/matrix/pantalaimon.nix
./services/misc/ananicy.nix
./services/misc/airsonic.nix
./services/misc/ankisyncd.nix
@ -1016,6 +1018,7 @@
./services/web-apps/pgpkeyserver-lite.nix
./services/web-apps/matomo.nix
./services/web-apps/moinmoin.nix
./services/web-apps/openwebrx.nix
./services/web-apps/restya-board.nix
./services/web-apps/sogo.nix
./services/web-apps/rss-bridge.nix

View file

@ -0,0 +1,240 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.mjolnir;
yamlConfig = {
inherit (cfg) dataPath managementRoom protectedRooms;
accessToken = "@ACCESS_TOKEN@"; # will be replaced in "generateConfig"
homeserverUrl =
if cfg.pantalaimon.enable then
"http://${cfg.pantalaimon.options.listenAddress}:${toString cfg.pantalaimon.options.listenPort}"
else
cfg.homeserverUrl;
pantalaimon = {
inherit (cfg.pantalaimon) username;
use = cfg.pantalaimon.enable;
password = "@PANTALAIMON_PASSWORD@"; # will be replaced in "generateConfig"
};
};
moduleConfigFile = pkgs.writeText "module-config.yaml" (
generators.toYAML { } (filterAttrs (_: v: v != null)
(fold recursiveUpdate { } [ yamlConfig cfg.settings ])));
# these config files will be merged one after the other to build the final config
configFiles = [
"${pkgs.mjolnir}/share/mjolnir/config/default.yaml"
moduleConfigFile
];
# this will generate the default.yaml file with all configFiles as inputs and
# replace all secret strings using replace-secret
generateConfig = pkgs.writeShellScript "mjolnir-generate-config" (
let
yqEvalStr = concatImapStringsSep " * " (pos: _: "select(fileIndex == ${toString (pos - 1)})") configFiles;
yqEvalArgs = concatStringsSep " " configFiles;
in
''
set -euo pipefail
umask 077
# mjolnir will try to load a config from "./config/default.yaml" in the working directory
# -> let's place the generated config there
mkdir -p ${cfg.dataPath}/config
# merge all config files into one, overriding settings of the previous one with the next config
# e.g. "eval-all 'select(fileIndex == 0) * select(fileIndex == 1)' filea.yaml fileb.yaml" will merge filea.yaml with fileb.yaml
${pkgs.yq-go}/bin/yq eval-all -P '${yqEvalStr}' ${yqEvalArgs} > ${cfg.dataPath}/config/default.yaml
${optionalString (cfg.accessTokenFile != null) ''
${pkgs.replace-secret}/bin/replace-secret '@ACCESS_TOKEN@' '${cfg.accessTokenFile}' ${cfg.dataPath}/config/default.yaml
''}
${optionalString (cfg.pantalaimon.passwordFile != null) ''
${pkgs.replace-secret}/bin/replace-secret '@PANTALAIMON_PASSWORD@' '${cfg.pantalaimon.passwordFile}' ${cfg.dataPath}/config/default.yaml
''}
''
);
in
{
options.services.mjolnir = {
enable = mkEnableOption "Mjolnir, a moderation tool for Matrix";
homeserverUrl = mkOption {
type = types.str;
default = "https://matrix.org";
description = ''
Where the homeserver is located (client-server URL).
If <literal>pantalaimon.enable</literal> is <literal>true</literal>, this option will become the homeserver to which <literal>pantalaimon</literal> connects.
The listen address of <literal>pantalaimon</literal> will then become the <literal>homeserverUrl</literal> of <literal>mjolnir</literal>.
'';
};
accessTokenFile = mkOption {
type = with types; nullOr path;
default = null;
description = ''
File containing the matrix access token for the <literal>mjolnir</literal> user.
'';
};
pantalaimon = mkOption {
description = ''
<literal>pantalaimon</literal> options (enables E2E Encryption support).
This will create a <literal>pantalaimon</literal> instance with the name "mjolnir".
'';
default = { };
type = types.submodule {
options = {
enable = mkEnableOption ''
If true, accessToken is ignored and the username/password below will be
used instead. The access token of the bot will be stored in the dataPath.
'';
username = mkOption {
type = types.str;
description = "The username to login with.";
};
passwordFile = mkOption {
type = with types; nullOr path;
default = null;
description = ''
File containing the matrix password for the <literal>mjolnir</literal> user.
'';
};
options = mkOption {
type = types.submodule (import ./pantalaimon-options.nix);
default = { };
description = ''
passthrough additional options to the <literal>pantalaimon</literal> service.
'';
};
};
};
};
dataPath = mkOption {
type = types.path;
default = "/var/lib/mjolnir";
description = ''
The directory the bot should store various bits of information in.
'';
};
managementRoom = mkOption {
type = types.str;
default = "#moderators:example.org";
description = ''
The room ID where people can use the bot. The bot has no access controls, so
anyone in this room can use the bot - secure your room!
This should be a room alias or room ID - not a matrix.to URL.
Note: <literal>mjolnir</literal> is fairly verbose - expect a lot of messages from it.
'';
};
protectedRooms = mkOption {
type = types.listOf types.str;
default = [ ];
example = literalExpression ''
[
"https://matrix.to/#/#yourroom:example.org"
"https://matrix.to/#/#anotherroom:example.org"
]
'';
description = ''
A list of rooms to protect (matrix.to URLs).
'';
};
settings = mkOption {
default = { };
type = (pkgs.formats.yaml { }).type;
example = literalExpression ''
{
autojoinOnlyIfManager = true;
automaticallyRedactForReasons = [ "spam" "advertising" ];
}
'';
description = ''
Additional settings (see <link xlink:href="https://github.com/matrix-org/mjolnir/blob/main/config/default.yaml">mjolnir default config</link> for available settings). These settings will override settings made by the module config.
'';
};
};
config = mkIf config.services.mjolnir.enable {
assertions = [
{
assertion = !(cfg.pantalaimon.enable && cfg.pantalaimon.passwordFile == null);
message = "Specify pantalaimon.passwordFile";
}
{
assertion = !(cfg.pantalaimon.enable && cfg.accessTokenFile != null);
message = "Do not specify accessTokenFile when using pantalaimon";
}
{
assertion = !(!cfg.pantalaimon.enable && cfg.accessTokenFile == null);
message = "Specify accessTokenFile when not using pantalaimon";
}
];
services.pantalaimon-headless.instances."mjolnir" = mkIf cfg.pantalaimon.enable
{
homeserver = cfg.homeserverUrl;
} // cfg.pantalaimon.options;
systemd.services.mjolnir = {
description = "mjolnir - a moderation tool for Matrix";
wants = [ "network-online.target" ] ++ optionals (cfg.pantalaimon.enable) [ "pantalaimon-mjolnir.service" ];
after = [ "network-online.target" ] ++ optionals (cfg.pantalaimon.enable) [ "pantalaimon-mjolnir.service" ];
wantedBy = [ "multi-user.target" ];
serviceConfig = {
ExecStart = ''${pkgs.mjolnir}/bin/mjolnir'';
ExecStartPre = [ generateConfig ];
WorkingDirectory = cfg.dataPath;
StateDirectory = "mjolnir";
StateDirectoryMode = "0700";
ProtectSystem = "strict";
ProtectHome = true;
PrivateTmp = true;
NoNewPrivileges = true;
PrivateDevices = true;
User = "mjolnir";
Restart = "on-failure";
/* TODO: wait for #102397 to be resolved. Then load secrets from $CREDENTIALS_DIRECTORY+"/NAME"
DynamicUser = true;
LoadCredential = [] ++
optionals (cfg.accessTokenFile != null) [
"access_token:${cfg.accessTokenFile}"
] ++
optionals (cfg.pantalaimon.passwordFile != null) [
"pantalaimon_password:${cfg.pantalaimon.passwordFile}"
];
*/
};
};
users = {
users.mjolnir = {
group = "mjolnir";
isSystemUser = true;
};
groups.mjolnir = { };
};
};
meta = {
doc = ./mjolnir.xml;
maintainers = with maintainers; [ jojosch ];
};
}

View file

@ -0,0 +1,134 @@
<chapter xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0"
xml:id="module-services-mjolnir">
<title>Mjolnir (Matrix Moderation Tool)</title>
<para>
This chapter will show you how to set up your own, self-hosted
<link xlink:href="https://github.com/matrix-org/mjolnir">Mjolnir</link>
instance.
</para>
<para>
As an all-in-one moderation tool, it can protect your server from
malicious invites, spam messages, and whatever else you don't want.
In addition to server-level protection, Mjolnir is great for communities
wanting to protect their rooms without having to use their personal
accounts for moderation.
</para>
<para>
The bot by default includes support for bans, redactions, anti-spam,
server ACLs, room directory changes, room alias transfers, account
deactivation, room shutdown, and more.
</para>
<para>
See the <link xlink:href="https://github.com/matrix-org/mjolnir#readme">README</link>
page and the <link xlink:href="https://github.com/matrix-org/mjolnir/blob/main/docs/moderators.md">Moderator's guide</link>
for additional instructions on how to setup and use Mjolnir.
</para>
<para>
For <link linkend="opt-services.mjolnir.settings">additional settings</link>
see <link xlink:href="https://github.com/matrix-org/mjolnir/blob/main/config/default.yaml">the default configuration</link>.
</para>
<section xml:id="module-services-mjolnir-setup">
<title>Mjolnir Setup</title>
<para>
First create a new Room which will be used as a management room for Mjolnir. In
this room, Mjolnir will log possible errors and debugging information. You'll
need to set this Room-ID in <link linkend="opt-services.mjolnir.managementRoom">services.mjolnir.managementRoom</link>.
</para>
<para>
Next, create a new user for Mjolnir on your homeserver, if not present already.
</para>
<para>
The Mjolnir Matrix user expects to be free of any rate limiting.
See <link xlink:href="https://github.com/matrix-org/synapse/issues/6286">Synapse #6286</link>
for an example on how to achieve this.
</para>
<para>
If you want Mjolnir to be able to deactivate users, move room aliases, shutdown rooms, etc.
you'll need to make the Mjolnir user a Matrix server admin.
</para>
<para>
Now invite the Mjolnir user to the management room.
</para>
<para>
It is recommended to use <link xlink:href="https://github.com/matrix-org/pantalaimon">Pantalaimon</link>,
so your management room can be encrypted. This also applies if you are looking to moderate an encrypted room.
</para>
<para>
To enable the Pantalaimon E2E Proxy for mjolnir, enable
<link linkend="opt-services.mjolnir.pantalaimon.enable">services.mjolnir.pantalaimon</link>. This will
autoconfigure a new Pantalaimon instance, which will connect to the homeserver
set in <link linkend="opt-services.mjolnir.homeserverUrl">services.mjolnir.homeserverUrl</link> and Mjolnir itself
will be configured to connect to the new Pantalaimon instance.
</para>
<programlisting>
{
services.mjolnir = {
enable = true;
<link linkend="opt-services.mjolnir.homeserverUrl">homeserverUrl</link> = "https://matrix.domain.tld";
<link linkend="opt-services.mjolnir.pantalaimon">pantalaimon</link> = {
<link linkend="opt-services.mjolnir.pantalaimon.enable">enable</link> = true;
<link linkend="opt-services.mjolnir.pantalaimon.username">username</link> = "mjolnir";
<link linkend="opt-services.mjolnir.pantalaimon.passwordFile">passwordFile</link> = "/run/secrets/mjolnir-password";
};
<link linkend="opt-services.mjolnir.protectedRooms">protectedRooms</link> = [
"https://matrix.to/#/!xxx:domain.tld"
];
<link linkend="opt-services.mjolnir.managementRoom">managementRoom</link> = "!yyy:domain.tld";
};
}
</programlisting>
<section xml:id="module-services-mjolnir-setup-ems">
<title>Element Matrix Services (EMS)</title>
<para>
If you are using a managed <link xlink:href="https://ems.element.io/">"Element Matrix Services (EMS)"</link>
server, you will need to consent to the terms and conditions. Upon startup, an error
log entry with a URL to the consent page will be generated.
</para>
</section>
</section>
<section xml:id="module-services-mjolnir-matrix-synapse-antispam">
<title>Synapse Antispam Module</title>
<para>
A Synapse module is also available to apply the same rulesets the bot
uses across an entire homeserver.
</para>
<para>
To use the Antispam Module, add <package>matrix-synapse-plugins.matrix-synapse-mjolnir-antispam</package>
to the Synapse plugin list and enable the <literal>mjolnir.AntiSpam</literal> module.
</para>
<programlisting>
{
services.matrix-synapse = {
plugins = with pkgs; [
matrix-synapse-plugins.matrix-synapse-mjolnir-antispam
];
extraConfig = ''
modules:
- module: mjolnir.AntiSpam
config:
# Prevent servers/users in the ban lists from inviting users on this
# server to rooms. Default true.
block_invites: true
# Flag messages sent by servers/users in the ban lists as spam. Currently
# this means that spammy messages will appear as empty to users. Default
# false.
block_messages: false
# Remove users from the user directory search by filtering matrix IDs and
# display names by the entries in the user ban list. Default false.
block_usernames: false
# The room IDs of the ban lists to honour. Unlike other parts of Mjolnir,
# this list cannot be room aliases or permalinks. This server is expected
# to already be joined to the room - Mjolnir will not automatically join
# these rooms.
ban_lists:
- "!roomid:example.org"
'';
};
}
</programlisting>
</section>
</chapter>

View file

@ -0,0 +1,70 @@
{ config, lib, name, ... }:
with lib;
{
options = {
dataPath = mkOption {
type = types.path;
default = "/var/lib/pantalaimon-${name}";
description = ''
The directory where <literal>pantalaimon</literal> should store its state such as the database file.
'';
};
logLevel = mkOption {
type = types.enum [ "info" "warning" "error" "debug" ];
default = "warning";
description = ''
Set the log level of the daemon.
'';
};
homeserver = mkOption {
type = types.str;
example = "https://matrix.org";
description = ''
The URI of the homeserver that the <literal>pantalaimon</literal> proxy should
forward requests to, without the matrix API path but including
the http(s) schema.
'';
};
ssl = mkOption {
type = types.bool;
default = true;
description = ''
Whether or not SSL verification should be enabled for outgoing
connections to the homeserver.
'';
};
listenAddress = mkOption {
type = types.str;
default = "localhost";
description = ''
The address where the daemon will listen to client connections
for this homeserver.
'';
};
listenPort = mkOption {
type = types.port;
default = 8009;
description = ''
The port where the daemon will listen to client connections for
this homeserver. Note that the listen address/port combination
needs to be unique between different homeservers.
'';
};
extraSettings = mkOption {
type = types.attrs;
default = { };
description = ''
Extra configuration options. See
<link xlink:href="https://github.com/matrix-org/pantalaimon/blob/master/docs/man/pantalaimon.5.md">pantalaimon(5)</link>
for available options.
'';
};
};
}

View file

@ -0,0 +1,70 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.pantalaimon-headless;
iniFmt = pkgs.formats.ini { };
mkConfigFile = name: instanceConfig: iniFmt.generate "pantalaimon.conf" {
Default = {
LogLevel = instanceConfig.logLevel;
Notifications = false;
};
${name} = (recursiveUpdate
{
Homeserver = instanceConfig.homeserver;
ListenAddress = instanceConfig.listenAddress;
ListenPort = instanceConfig.listenPort;
SSL = instanceConfig.ssl;
# Set some settings to prevent user interaction for headless operation
IgnoreVerification = true;
UseKeyring = false;
}
instanceConfig.extraSettings
);
};
mkPantalaimonService = name: instanceConfig:
nameValuePair "pantalaimon-${name}" {
description = "pantalaimon instance ${name} - E2EE aware proxy daemon for matrix clients";
wants = [ "network-online.target" ];
after = [ "network-online.target" ];
wantedBy = [ "multi-user.target" ];
serviceConfig = {
ExecStart = ''${pkgs.pantalaimon-headless}/bin/pantalaimon --config ${mkConfigFile name instanceConfig} --data-path ${instanceConfig.dataPath}'';
Restart = "on-failure";
DynamicUser = true;
NoNewPrivileges = true;
PrivateDevices = true;
PrivateTmp = true;
ProtectHome = true;
ProtectSystem = "strict";
StateDirectory = "pantalaimon-${name}";
};
};
in
{
options.services.pantalaimon-headless.instances = mkOption {
default = { };
type = types.attrsOf (types.submodule (import ./pantalaimon-options.nix));
description = ''
Declarative instance config.
Note: to use pantalaimon interactively, e.g. for a Matrix client which does not
support End-to-end encryption (like <literal>fractal</literal>), refer to the home-manager module.
'';
};
config = mkIf (config.services.pantalaimon-headless.instances != { })
{
systemd.services = mapAttrs' mkPantalaimonService config.services.pantalaimon-headless.instances;
};
meta = {
maintainers = with maintainers; [ jojosch ];
};
}

View file

@ -0,0 +1,33 @@
{ config, lib, pkgs, ... }:
let
cfg = config.services.openwebrx;
in
{
options.services.openwebrx = with lib; {
enable = mkEnableOption "OpenWebRX Web interface for Software-Defined Radios on http://localhost:8073";
package = mkOption {
type = types.package;
default = pkgs.openwebrx;
description = "OpenWebRX package to use for the service";
};
};
config = lib.mkIf cfg.enable {
systemd.services.openwebrx = {
wantedBy = [ "multi-user.target" ];
path = with pkgs; [
csdr
alsaUtils
netcat
];
serviceConfig = {
ExecStart = "${cfg.package}/bin/openwebrx";
Restart = "always";
DynamicUser = true;
# openwebrx uses /var/lib/openwebrx by default
StateDirectory = [ "openwebrx" ];
};
};
};
}

View file

@ -61,7 +61,7 @@ in
description = "Templates for LXD";
type = types.attrsOf (types.submodule (templateSubmodule));
default = {};
example = literalExample ''
example = literalExpression ''
{
# create /etc/hostname on container creation
"hostname" = {

View file

@ -261,6 +261,7 @@ in
miniflux = handleTest ./miniflux.nix {};
minio = handleTest ./minio.nix {};
misc = handleTest ./misc.nix {};
mjolnir = handleTest ./matrix/mjolnir.nix {};
mod_perl = handleTest ./mod_perl.nix {};
moinmoin = handleTest ./moinmoin.nix {};
mongodb = handleTest ./mongodb.nix {};
@ -341,6 +342,7 @@ in
packagekit = handleTest ./packagekit.nix {};
pam-oath-login = handleTest ./pam-oath-login.nix {};
pam-u2f = handleTest ./pam-u2f.nix {};
pantalaimon = handleTest ./matrix/pantalaimon.nix {};
pantheon = handleTest ./pantheon.nix {};
paperless-ng = handleTest ./paperless-ng.nix {};
parsedmarc = handleTest ./parsedmarc {};

View file

@ -0,0 +1,165 @@
import ../make-test-python.nix (
{ pkgs, ... }:
let
# Set up SSL certs for Synapse to be happy.
runWithOpenSSL = file: cmd: pkgs.runCommand file
{
buildInputs = [ pkgs.openssl ];
}
cmd;
ca_key = runWithOpenSSL "ca-key.pem" "openssl genrsa -out $out 2048";
ca_pem = runWithOpenSSL "ca.pem" ''
openssl req \
-x509 -new -nodes -key ${ca_key} \
-days 10000 -out $out -subj "/CN=snakeoil-ca"
'';
key = runWithOpenSSL "matrix_key.pem" "openssl genrsa -out $out 2048";
csr = runWithOpenSSL "matrix.csr" ''
openssl req \
-new -key ${key} \
-out $out -subj "/CN=localhost" \
'';
cert = runWithOpenSSL "matrix_cert.pem" ''
openssl x509 \
-req -in ${csr} \
-CA ${ca_pem} -CAkey ${ca_key} \
-CAcreateserial -out $out \
-days 365
'';
in
{
name = "mjolnir";
meta = with pkgs.lib; {
maintainers = teams.matrix.members;
};
nodes = {
homeserver = { pkgs, ... }: {
services.matrix-synapse = {
enable = true;
database_type = "sqlite3";
tls_certificate_path = "${cert}";
tls_private_key_path = "${key}";
enable_registration = true;
registration_shared_secret = "supersecret-registration";
listeners = [
# The default but tls=false
{
"bind_address" = "";
"port" = 8448;
"resources" = [
{ "compress" = true; "names" = [ "client" "webclient" ]; }
{ "compress" = false; "names" = [ "federation" ]; }
];
"tls" = false;
"type" = "http";
"x_forwarded" = false;
}
];
};
networking.firewall.allowedTCPPorts = [ 8448 ];
environment.systemPackages = [
(pkgs.writeShellScriptBin "register_mjolnir_user" ''
exec ${pkgs.matrix-synapse}/bin/register_new_matrix_user \
-u mjolnir \
-p mjolnir-password \
--admin \
--shared-secret supersecret-registration \
http://localhost:8448
''
)
(pkgs.writeShellScriptBin "register_moderator_user" ''
exec ${pkgs.matrix-synapse}/bin/register_new_matrix_user \
-u moderator \
-p moderator-password \
--no-admin \
--shared-secret supersecret-registration \
http://localhost:8448
''
)
];
};
mjolnir = { pkgs, ... }: {
services.mjolnir = {
enable = true;
homeserverUrl = "http://homeserver:8448";
pantalaimon = {
enable = true;
username = "mjolnir";
passwordFile = pkgs.writeText "password.txt" "mjolnir-password";
};
managementRoom = "#moderators:homeserver";
};
};
client = { pkgs, ... }: {
environment.systemPackages = [
(pkgs.writers.writePython3Bin "create_management_room_and_invite_mjolnir"
{ libraries = [ pkgs.python3Packages.matrix-nio ]; } ''
import asyncio
from nio import (
AsyncClient,
EnableEncryptionBuilder
)
async def main() -> None:
client = AsyncClient("http://homeserver:8448", "moderator")
await client.login("moderator-password")
room = await client.room_create(
name="Moderators",
alias="moderators",
initial_state=[EnableEncryptionBuilder().as_dict()],
)
await client.join(room.room_id)
await client.room_invite(room.room_id, "@mjolnir:homeserver")
asyncio.run(main())
''
)
];
};
};
testScript = ''
with subtest("start homeserver"):
homeserver.start()
homeserver.wait_for_unit("matrix-synapse.service")
homeserver.wait_until_succeeds("curl --fail -L http://localhost:8448/")
with subtest("register users"):
# register mjolnir user
homeserver.succeed("register_mjolnir_user")
# register moderator user
homeserver.succeed("register_moderator_user")
with subtest("start mjolnir"):
mjolnir.start()
# wait for pantalaimon to be ready
mjolnir.wait_for_unit("pantalaimon-mjolnir.service")
mjolnir.wait_for_unit("mjolnir.service")
mjolnir.wait_until_succeeds("curl --fail -L http://localhost:8009/")
with subtest("ensure mjolnir can be invited to the management room"):
client.start()
client.wait_until_succeeds("curl --fail -L http://homeserver:8448/")
client.succeed("create_management_room_and_invite_mjolnir")
mjolnir.wait_for_console_text("Startup complete. Now monitoring rooms")
'';
}
)

View file

@ -0,0 +1,65 @@
import ../make-test-python.nix (
{ pkgs, ... }:
let
pantalaimonInstanceName = "testing";
# Set up SSL certs for Synapse to be happy.
runWithOpenSSL = file: cmd: pkgs.runCommand file
{
buildInputs = [ pkgs.openssl ];
}
cmd;
ca_key = runWithOpenSSL "ca-key.pem" "openssl genrsa -out $out 2048";
ca_pem = runWithOpenSSL "ca.pem" ''
openssl req \
-x509 -new -nodes -key ${ca_key} \
-days 10000 -out $out -subj "/CN=snakeoil-ca"
'';
key = runWithOpenSSL "matrix_key.pem" "openssl genrsa -out $out 2048";
csr = runWithOpenSSL "matrix.csr" ''
openssl req \
-new -key ${key} \
-out $out -subj "/CN=localhost" \
'';
cert = runWithOpenSSL "matrix_cert.pem" ''
openssl x509 \
-req -in ${csr} \
-CA ${ca_pem} -CAkey ${ca_key} \
-CAcreateserial -out $out \
-days 365
'';
in
{
name = "pantalaimon";
meta = with pkgs.lib; {
maintainers = teams.matrix.members;
};
machine = { pkgs, ... }: {
services.pantalaimon-headless.instances.${pantalaimonInstanceName} = {
homeserver = "https://localhost:8448";
listenAddress = "0.0.0.0";
listenPort = 8888;
logLevel = "debug";
ssl = false;
};
services.matrix-synapse = {
enable = true;
database_type = "sqlite3";
tls_certificate_path = "${cert}";
tls_private_key_path = "${key}";
};
};
testScript = ''
start_all()
machine.wait_for_unit("pantalaimon-${pantalaimonInstanceName}.service")
machine.wait_for_unit("matrix-synapse.service")
machine.wait_until_succeeds(
"curl --fail -L http://localhost:8888/"
)
'';
}
)

View file

@ -10,14 +10,14 @@ let
# If an update breaks things, one of those might have valuable info:
# https://aur.archlinux.org/packages/spotify/
# https://community.spotify.com/t5/Desktop-Linux
version = "1.1.68.632.g2b11de83";
version = "1.1.72.439.gc253025e";
# To get the latest stable revision:
# curl -H 'X-Ubuntu-Series: 16' 'https://api.snapcraft.io/api/v1/snaps/details/spotify?channel=stable' | jq '.download_url,.version,.last_updated'
# To get general information:
# curl -H 'Snap-Device-Series: 16' 'https://api.snapcraft.io/v2/snaps/info/spotify' | jq '.'
# More examples of api usage:
# https://github.com/canonical-websites/snapcraft.io/blob/master/webapp/publisher/snaps/views.py
rev = "53";
rev = "56";
deps = [
alsa-lib
@ -80,7 +80,7 @@ stdenv.mkDerivation {
# https://community.spotify.com/t5/Desktop-Linux/Redistribute-Spotify-on-Linux-Distributions/td-p/1695334
src = fetchurl {
url = "https://api.snapcraft.io/api/v1/snaps/download/pOBIoZ2LrCB3rDohMxoYGnbN14EHOgD7_${rev}.snap";
sha512 = "ed991691c99fe97ed9ff5d0f5cc9a8883c176fa3b3054293c37d545abbb895c6260afdf1c8c0828d62c36ea7ab384e166b6151effb4614c93e4fa712319a08a3";
sha512 = "b2bd3d49a18dfebaa4660f9c39d11d57fb80a4ef15ec7b7973e3cc07be74f74aebd2d8c66360d79fe778244c533ed02f9dfca4085f99aae0e5faae7c003ba4ef";
};
nativeBuildInputs = [ makeWrapper wrapGAppsHook squashfsTools ];

View file

@ -11,11 +11,11 @@
stdenv.mkDerivation rec {
pname = "drawio";
version = "14.5.1";
version = "15.7.3";
src = fetchurl {
url = "https://github.com/jgraph/drawio-desktop/releases/download/v${version}/drawio-x86_64-${version}.rpm";
hash = "sha256-ZrEoeeEhHQOLm/L3KA43Ru5fruIPK35CCUsllwpPB58=";
sha256 = "3565bcceccb57daee222270164e85b696b8d261ab88b65699912da51946a1c36";
};
nativeBuildInputs = [
@ -91,7 +91,7 @@ stdenv.mkDerivation rec {
homepage = "https://about.draw.io/";
license = licenses.asl20;
changelog = "https://github.com/jgraph/drawio-desktop/releases/tag/v${version}";
maintainers = with maintainers; [ ];
maintainers = with maintainers; [ darkonion0 ];
platforms = [ "x86_64-linux" ];
};
}

View file

@ -19,6 +19,7 @@
, libXau
, libXdmcp
, libXrandr
, libbsd
, libffi
, libjpeg
# , librealsense
@ -88,6 +89,7 @@ stdenv.mkDerivation rec {
libXau
libXdmcp
libXrandr
libbsd
libjpeg
libffi
# librealsense.dev - see below

View file

@ -5,8 +5,9 @@
, desktop-file-utils
, glib
, gobject-introspection
, gtk3
, libhandy
, gtk4
, itstool
, libadwaita
, librsvg
, meson
, ninja
@ -17,7 +18,7 @@
python3.pkgs.buildPythonApplication rec {
pname = "metadata-cleaner";
version = "1.0.7";
version = "2.0.1";
format = "other";
@ -25,14 +26,15 @@ python3.pkgs.buildPythonApplication rec {
owner = "rmnvgr";
repo = "metadata-cleaner";
rev = "v${version}";
sha256 = "sha256-HlP/QahVFCAct06pKanjozFqeyTdHoHanIemq5ID2CQ=";
sha256 = "sha256-iTKs3DEZSzqRARXJKPPygvCS5JNUMbQBkfjacwd168Y=";
};
nativeBuildInputs = [
appstream
desktop-file-utils
glib
gtk3
gtk4
itstool
meson
ninja
pkg-config
@ -41,8 +43,8 @@ python3.pkgs.buildPythonApplication rec {
buildInputs = [
gobject-introspection
gtk3
libhandy
gtk4
libadwaita
librsvg
poppler_gi
];

View file

@ -1,6 +1,7 @@
{ lib
, autoreconfHook
, fetchFromGitHub
, fetchpatch
, gettext
, ncurses
, readline
@ -19,6 +20,31 @@ stdenv.mkDerivation rec {
sha256 = "173d2p22irwiabvr4z6qvr6zpr6ysfkhmadjlyhyiwd7z62larvy";
};
patches = [
# Pull upstream fix for -fno-common toolchains
(fetchpatch {
name = "fno-common.patch";
url = "https://github.com/baszoetekouw/pinfo/commit/16dba5978146b6d3a540ac7c8f415eda49280847.patch";
sha256 = "148fm32chvq8x9ayq9cnhgszh10g5v0cv0xph67fa7sp341p09wy";
})
# Fix pending upstream inclusion for build on ncurses-6.3:
# https://github.com/baszoetekouw/pinfo/pull/27
(fetchpatch {
name = "ncurses-6.3.patch";
url = "https://github.com/baszoetekouw/pinfo/commit/fc67ceacd81f0c74fcab85447c23a532ae482827.patch";
sha256 = "08phmng8vgfqjjazys05acpd5gh110malhw3sx29dg86nsrg2khs";
})
# Fix pending upstream inclusion for build on gcc-11:
# https://github.com/baszoetekouw/pinfo/pull/27
(fetchpatch {
name = "gcc-11.patch";
url = "https://github.com/baszoetekouw/pinfo/commit/ab604fdb67296dad27f3a25f3c9aabdd2fb8c3fa.patch";
sha256 = "09g8msgan2x48hxcbm7l6j3av6n8i0bsd4g0vf5xd8bxwzynb13m";
})
];
nativeBuildInputs = [
autoreconfHook
];

View file

@ -2,13 +2,13 @@
let
pname = "lens";
version = "5.1.3";
build = "${version}-latest.20210722.1";
version = "5.2.6";
build = "${version}-latest.20211104.1";
name = "${pname}-${version}";
src = fetchurl {
url = "https://api.k8slens.dev/binaries/Lens-${build}.x86_64.AppImage";
sha256 = "1iwwyqpn1x1m8n22f99snlhcbcr65i4przx697hlbpmnm40dw7q9";
sha256 = "1lkxzgwrgafraimpnciv89fs6r399275vb73drxlg5z83acacf5z";
name="${pname}.AppImage";
};

View file

@ -0,0 +1,28 @@
{ lib, buildGoModule, fetchFromGitHub }:
buildGoModule rec {
pname = "levant";
version = "0.3.0";
src = fetchFromGitHub {
owner = "hashicorp";
repo = "levant";
rev = "v${version}";
sha256 = "9M7a4i+DPKb1H9jOEVAvhvYxGwtj3dK/40n4GSy4Rqo=";
};
vendorSha256 = "5JlrgmIfhX0rPR72sUkFcofw/iIbIaca359GN9C9dhU=";
runVend = true;
# The tests try to connect to a Nomad cluster.
doCheck = false;
meta = with lib; {
description = "An open source templating and deployment tool for HashiCorp Nomad jobs";
homepage = "https://github.com/hashicorp/levant";
license = licenses.mpl20;
maintainers = with maintainers; [ max-niederman ];
platforms = platforms.unix;
};
}

View file

@ -2,7 +2,7 @@
"name": "element-desktop",
"productName": "Element",
"main": "lib/electron-main.js",
"version": "1.9.3",
"version": "1.9.4",
"description": "A feature-rich client for Matrix.org",
"author": "Element",
"repository": {
@ -54,7 +54,7 @@
"@types/minimist": "^1.2.1",
"@typescript-eslint/eslint-plugin": "^4.17.0",
"@typescript-eslint/parser": "^4.17.0",
"allchange": "^1.0.2",
"allchange": "^1.0.5",
"asar": "^2.0.1",
"chokidar": "^3.5.2",
"electron": "13.5",

View file

@ -1,6 +1,6 @@
{
"version": "1.9.3",
"desktopSrcHash": "Pb9iiCYtmuD6DzdvgY8c6pCFdVAxIIUZTWLCa7y5RMI=",
"desktopYarnHash": "0iwbszhaxaxggymixljzjb2gqrsij67fwakxhd3yj9g1zds49ghh",
"webHash": "06lpb8i7fyimm06y6h3ngh19bx416if9lvs2ah2112vx28hs14zp"
"version": "1.9.4",
"desktopSrcHash": "sTY55DWeEKV3Ma5DTr4W6K6BjrE019aY8LRk/5f8pPM=",
"desktopYarnHash": "0axz0d5qryd0k89lrziah1r6j1154c1cibf1qsjk1azlri3k4298",
"webHash": "141iz2jcvwyv3fpi63ddi697qzkk6jg100d0lz6iam98m8m35g24"
}

View file

@ -2,13 +2,13 @@
stdenv.mkDerivation {
pname = "matrix-commander";
version = "unstable-2021-05-26";
version = "unstable-2021-08-05";
src = fetchFromGitHub {
owner = "8go";
repo = "matrix-commander";
rev = "06b4738bc74ee86fb3ac88c04b8230abf82e7421";
sha256 = "1skpq3xfnz11m298qnsw68xv391p5qg47flagzsk86pnzi841vc1";
rev = "7ab3fd9a0ef4eb19d882cb3701d2025b4d41b63a";
sha256 = "sha256-WWf7GbJxGlqIdsS1d0T1DO0WN2RBepHGgJrl/nt7UIg=";
};
buildInputs = [

View file

@ -1,7 +1,7 @@
{ lib, stdenv, buildPythonApplication, fetchFromGitHub, pythonOlder,
attrs, aiohttp, appdirs, click, keyring, Logbook, peewee, janus,
prompt-toolkit, matrix-nio, dbus-python, pydbus, notify2, pygobject3,
setuptools, installShellFiles,
setuptools, installShellFiles, nixosTests,
pytest, faker, pytest-aiohttp, aioresponses,
@ -63,6 +63,10 @@ buildPythonApplication rec {
installManPage docs/man/*.[1-9]
'';
passthru.tests = {
inherit (nixosTests) pantalaimon;
};
meta = with lib; {
description = "An end-to-end encryption aware Matrix reverse proxy daemon";
homepage = "https://github.com/matrix-org/pantalaimon";

View file

@ -45,14 +45,14 @@ let
pname = "slack";
x86_64-darwin-version = "4.20.0";
x86_64-darwin-sha256 = "1argl690i4dgz5ih02zg9v4zrlzm282wmibnc6p7xy5jisd5g79w";
x86_64-darwin-version = "4.21.1";
x86_64-darwin-sha256 = "1xhhll7mbz3f98xd2pzhyv3a49sam2v9fmvglmsvnkrmqppzsr4g";
x86_64-linux-version = "4.20.0";
x86_64-linux-sha256 = "1r8w8s3y74lh4klsmzq2d3f0h721b3a2b53nx8v7b0s6j8w0g0mh";
x86_64-linux-version = "4.21.1";
x86_64-linux-sha256 = "0mmpvrg2gfjarhrh0cy6axmhbx8v8rkn51gyp9xhr9ll9zrjpvjq";
aarch64-darwin-version = "4.20.0";
aarch64-darwin-sha256 = "1argl690i4dgz5ih02zg9v4zrlzm282wmibnc6p7xy5jisd5g79w";
aarch64-darwin-version = "4.21.1";
aarch64-darwin-sha256 = "1rkixwg0b0nqp7wzvm24qskc9q3cl43fqfbkv6i2qkrrhpyr3zqw";
version = {
x86_64-darwin = x86_64-darwin-version;

View file

@ -1,7 +1,30 @@
{ lib, fetchpatch, python3Packages }:
{ lib
, fetchpatch
, fetchFromGitHub
, python3
}:
with lib;
with python3Packages;
let
py = python3.override {
packageOverrides = self: super: {
# Support for later tweepy releases is missing
# https://github.com/louipc/turses/issues/12
tweepy = super.tweepy.overridePythonAttrs (oldAttrs: rec {
version = "3.10.0";
src = fetchFromGitHub {
owner = "tweepy";
repo = "tweepy";
rev = "v${version}";
sha256 = "0k4bdlwjna6f1k19jki4xqgckrinkkw8b9wihzymr1l04rwd05nw";
};
doCheck = false;
});
};
};
in
with py.pkgs;
buildPythonPackage rec {
pname = "turses";
@ -12,8 +35,18 @@ buildPythonPackage rec {
sha256 = "15mkhm3b5ka42h8qph0mhh8izfc1200v7651c62k7ldcs50ib9j6";
};
checkInputs = [ mock pytest coverage tox ];
propagatedBuildInputs = [ urwid tweepy future ];
propagatedBuildInputs = with py.pkgs; [
urwid
tweepy
future
];
checkInputs = with py.pkgs; [
mock
pytest
coverage
tox
];
LC_ALL = "en_US.UTF-8";
@ -29,6 +62,17 @@ buildPythonPackage rec {
})
];
postPatch = ''
substituteInPlace setup.py \
--replace "urwid==1.3.0" "urwid" \
--replace "future==0.14.3" "future" \
--replace "tweepy==3.3.0" "tweepy"
substituteInPlace tests/test_config.py \
--replace "config.generate_config_file.assert_called_once()" "assert config.generate_config_file.call_count == 1"
substituteInPlace tests/test_meta.py \
--replace "self.observer.update.assert_called_once()" "assert self.observer.update.call_count == 1"
'';
checkPhase = ''
TMP_TURSES=`echo turses-$RANDOM`
mkdir $TMP_TURSES
@ -36,18 +80,10 @@ buildPythonPackage rec {
rm -rf $TMP_TURSES
'';
postPatch = ''
sed -i -e 's|urwid==1.3.0|urwid==${getVersion urwid}|' setup.py
sed -i -e "s|future==0.14.3|future==${getVersion future}|" setup.py
sed -i -e "s|tweepy==3.3.0|tweepy==${getVersion tweepy}|" setup.py
sed -i -e "s|config.generate_config_file.assert_called_once()|assert config.generate_config_file.call_count == 1|" tests/test_config.py
sed -i -e "s|self.observer.update.assert_called_once()|assert self.observer.update.call_count == 1|" tests/test_meta.py
'';
meta = with lib; {
homepage = "https://github.com/louipc/turses";
description = "A Twitter client for the console";
license = licenses.gpl3;
homepage = "https://github.com/louipc/turses";
license = licenses.gpl3Only;
maintainers = with maintainers; [ ];
platforms = platforms.unix;
};

View file

@ -0,0 +1,38 @@
{ stdenv, lib, fetchFromGitHub
, autoreconfHook, pkg-config, fftwFloat, libsamplerate
}:
stdenv.mkDerivation rec {
pname = "csdr";
version = "0.17.1";
src = fetchFromGitHub {
owner = "jketterl";
repo = pname;
rev = version;
sha256 = "1vip5a3xgskcwba3xi66zfr986xrsch9na7my818cm8vw345y57b";
};
patchPhase = ''
substituteInPlace configure.ac \
--replace -Wformat=0 ""
'';
nativeBuildInputs = [
autoreconfHook
pkg-config
];
buildInputs = [
fftwFloat
libsamplerate
];
meta = with lib; {
homepage = "https://github.com/jketterl/csdr";
description = "A simple DSP library and command-line tool for Software Defined Radio";
license = licenses.gpl3Only;
platforms = platforms.unix;
maintainers = with maintainers; [ astro ];
};
}

View file

@ -0,0 +1,92 @@
{ stdenv, lib, buildPythonPackage, buildPythonApplication, fetchFromGitHub
, pkg-config, cmake, setuptools
, rtl-sdr, soapysdr-with-plugins, csdr, direwolf
}:
let
js8py = buildPythonPackage rec {
pname = "js8py";
version = "0.1.1";
src = fetchFromGitHub {
owner = "jketterl";
repo = pname;
rev = version;
sha256 = "1j80zclg1cl5clqd00qqa16prz7cyc32bvxqz2mh540cirygq24w";
};
pythonImportsCheck = [ "js8py" "test" ];
meta = with lib; {
homepage = "https://github.com/jketterl/js8py";
description = "A library to decode the output of the js8 binary of JS8Call";
license = licenses.gpl3Only;
maintainers = with maintainers; [ astro ];
};
};
owrx_connector = stdenv.mkDerivation rec {
pname = "owrx_connector";
version = "0.5.0";
src = fetchFromGitHub {
owner = "jketterl";
repo = pname;
rev = version;
sha256 = "0gz4nf2frrkx1mpjfjpz2j919fkc99g5lxd8lhva3lgqyisvf4yj";
};
nativeBuildInputs = [
cmake
pkg-config
];
buildInputs = [
rtl-sdr
soapysdr-with-plugins
];
meta = with lib; {
homepage = "https://github.com/jketterl/owrx_connector";
description = "A set of connectors that are used by OpenWebRX to interface with SDR hardware";
license = licenses.gpl3Only;
platforms = platforms.unix;
maintainers = with maintainers; [ astro ];
};
};
in
buildPythonApplication rec {
pname = "openwebrx";
version = "1.1.0";
src = fetchFromGitHub {
owner = "jketterl";
repo = pname;
rev = version;
sha256 = "0maxs07yx235xknvkbmhi2zds3vfkd66l6wz6kspz3jzl4c0v1f9";
};
propagatedBuildInputs = [
setuptools
csdr
js8py
soapysdr-with-plugins
owrx_connector
direwolf
];
pythonImportsCheck = [ "csdr" "owrx" "test" ];
passthru = {
inherit js8py owrx_connector;
};
meta = with lib; {
homepage = "https://github.com/jketterl/openwebrx";
description = "A simple DSP library and command-line tool for Software Defined Radio";
license = licenses.gpl3Only;
maintainers = with maintainers; [ astro ];
};
}

View file

@ -2,14 +2,14 @@
stdenv.mkDerivation {
pname = "redprl";
version = "unstable-2017-03-28";
version = "unstable-2019-11-04";
src = fetchFromGitHub {
owner = "RedPRL";
repo = "sml-redprl";
rev = "bdf027de732e4a8d10f9f954389dfff0c822f18b";
rev = "c72190de76f7ed1cfbe1d2046c96e99ac5022b0c";
fetchSubmodules = true;
sha256 = "0cihwnd78d3ksxp6mppifm7xpi3fsii5mixvicajy87ggw8z305c";
sha256 = "sha256-xrQT5o0bsIN+mCYUOz9iY4+j3HGROb1I6R2ADcLy8n4=";
};
buildInputs = [ mlton ];

View file

@ -1,4 +1,4 @@
{ at-spi2-core, cmake, dbus, dbus-glib, docbook_xsl, libepoxy, fetchpatch, fetchFromGitHub
{ at-spi2-core, cmake, dbus, dbus-glib, docbook_xsl, libepoxy, fetchFromGitHub
, glib, gtk3, harfbuzz, libXdmcp, libXtst, libpthreadstubs
, libselinux, libsepol, libtasn1, libxkbcommon, libxslt, p11-kit, pcre2
, pkg-config, lib, stdenv, util-linuxMinimal, vte, wrapGAppsHook, xmlto
@ -6,25 +6,15 @@
stdenv.mkDerivation rec {
pname = "roxterm";
version = "3.7.5";
version = "3.11.1";
src = fetchFromGitHub {
owner = "realh";
repo = "roxterm";
rev = version;
sha256 = "042hchvgk9jzz035zsgnfhh8105zvspbzz6b78waylsdlgqn0pp1";
sha256 = "1n7588bl83sp51jwjq97f526c7fkh0kq90idw3nayb4zmi530irx";
};
patches = [
# This is the commit directly after v3.7.5. It is needed to get roxterm to
# build correctly. It can be removed when v3.7.6 (or v3.8.0) has been
# released.
(fetchpatch {
url = "https://github.com/realh/roxterm/commit/f7c38fd48bd1810e16d82794bdfb61a9760a2fe1.patch";
sha256 = "1v77b7ilgf8zy1npxxcyc06mq6lck6bi6lw4aksnq3mi61n5znmx";
})
];
nativeBuildInputs = [ cmake pkg-config wrapGAppsHook libxslt ];
buildInputs =

View file

@ -2,16 +2,16 @@
rustPlatform.buildRustPackage rec {
pname = "glitter";
version = "1.5.1";
version = "1.5.2";
src = fetchFromGitHub {
owner = "milo123459";
repo = pname;
rev = "v${version}";
sha256 = "sha256-AVHMDDvrSLg0OwoG4I5/W2ttWgBwzOG7553gr9bCDFs=";
sha256 = "sha256-p+Oee0xUqd+vBjpjKI33wR21zBen29xu2gdmMCiH1zk=";
};
cargoSha256 = "sha256-vBzy4gnlJMQwvVieuWuiVOm/HAr6rHkHcLmzY7eklT4=";
cargoSha256 = "sha256-qmlnmj7+w+RVYj7DKiwm0JowGNlyOsbAGBwfXgRcLHE=";
# tests require it to be in a git repository
preCheck = ''

View file

@ -2,11 +2,11 @@
stdenv.mkDerivation rec {
pname = "freetube";
version = "0.15.0";
version = "0.15.1";
src = fetchurl {
url = "https://github.com/FreeTubeApp/FreeTube/releases/download/v${version}-beta/freetube_${version}_amd64.AppImage";
sha256 = "sha256-52cVY3SBT048tErydk3l27yBvM/FMVpEMf5miAeInDM=";
sha256 = "sha256-7jmKD6HjsTqW/SRmD4xI3uQJnwmyDgjJZRJX9XygZyU=";
};
appimageContents = appimageTools.extractType2 {

View file

@ -1,4 +1,4 @@
{ pkgs, buildPackages, lib, gawk, gnused, gixy }:
{ pkgs, buildPackages, lib, stdenv, libiconv, gawk, gnused, gixy }:
with lib;
rec {
@ -150,10 +150,13 @@ rec {
rustcArgs ? [],
strip ? true
}:
let
darwinArgs = lib.optionals stdenv.isDarwin [ "-L${lib.getLib libiconv}/lib" ];
in
makeBinWriter {
compileScript = ''
cp "$contentPath" tmp.rs
PATH=${makeBinPath [pkgs.gcc]} ${lib.getBin rustc}/bin/rustc ${lib.escapeShellArgs rustcArgs} -o "$out" tmp.rs
PATH=${makeBinPath [pkgs.gcc]} ${lib.getBin rustc}/bin/rustc ${lib.escapeShellArgs rustcArgs} ${lib.escapeShellArgs darwinArgs} -o "$out" tmp.rs
'';
inherit strip;
} name;

View file

@ -2,24 +2,30 @@
, fetchFromGitHub
, glib
, lib
, writeScriptBin
}:
let
# make install will use dconf to find desktop background file uri.
# consider adding an args to allow specify pictures manually.
# https://github.com/daniruiz/flat-remix-gnome/blob/20211113/Makefile#L38
fake-dconf = writeScriptBin "dconf" "echo -n";
in
stdenv.mkDerivation rec {
pname = "flat-remix-gnome";
version = "20211028";
version = "20211113";
src = fetchFromGitHub {
owner = "daniruiz";
repo = pname;
rev = version;
hash = "sha256-sHJj81MmU9s5sUq5gaIT3leezuG0aVvgTD70Kho9Z0c=";
hash = "sha256-A9aiaS4CXRpr4+Y8+tyvWYRbR9STFS9TuplGksPfqtU=";
};
nativeBuildInputs = [ glib ];
nativeBuildInputs = [ glib fake-dconf ];
makeFlags = [ "PREFIX=$(out)" ];
preInstall = ''
# make install will back up this file, it will fail if the file doesn't exist.
# https://github.com/daniruiz/flat-remix-gnome/blob/20211028/Makefile#L54
# https://github.com/daniruiz/flat-remix-gnome/blob/20211113/Makefile#L56
mkdir -p $out/share/gnome-shell/
touch $out/share/gnome-shell/gnome-shell-theme.gresource
'';

View file

@ -73,6 +73,6 @@ stdenv.mkDerivation rec {
license = lib.licenses.asl20;
maintainers = with lib.maintainers; [ thoughtpolice ];
platforms = lib.platforms.unix;
badPlatforms = [ "aarch64-linux" ];
badPlatforms = [ "aarch64-linux" "aarch64-darwin" ];
};
}

View file

@ -102,7 +102,7 @@ index e5db28645..65eb818a1 100644
- "libcrypto.dylib" ;; default system libcrypto, which may have insufficient crypto
- "/usr/lib/libcrypto.dylib"))
- (:cygwin (:or "cygcrypto-1.1.dll" "cygcrypto-1.0.0.dll")))
+ (t "@openssl@/lib/libcrypto.so"))
+ (t "@libcrypto@"))
(cffi:define-foreign-library libssl
- (:windows (:or #+(and windows x86-64) "libssl-1_1-x64.dll"
@ -145,7 +145,7 @@ index e5db28645..65eb818a1 100644
- "libssl.so"))
- (:cygwin (:or "cygssl-1.1.dll" "cygssl-1.0.0.dll"))
- (t (:default "libssl3")))
+ (t "@openssl@/lib/libssl.so"))
+ (t "@libssl@"))
(unless (member :cl+ssl-foreign-libs-already-loaded
*features*)

View file

@ -1,5 +1,5 @@
{ lib, stdenv, callPackage, fetchFromGitHub, runCommandLocal, makeWrapper, substituteAll
, sbcl, bash, which, perl, nettools
, sbcl, bash, which, perl, hostname
, openssl, glucose, minisat, abc-verifier, z3, python
, certifyBooks ? true
} @ args:
@ -36,7 +36,8 @@ in stdenv.mkDerivation rec {
patches = [(substituteAll {
src = ./0001-Fix-some-paths-for-Nix-build.patch;
libipasir = "${libipasir}/lib/${libipasir.libname}";
openssl = openssl.out;
libssl = "${openssl.out}/lib/libssl${stdenv.hostPlatform.extensions.sharedLibrary}";
libcrypto = "${openssl.out}/lib/libcrypto${stdenv.hostPlatform.extensions.sharedLibrary}";
})];
buildInputs = [
@ -44,7 +45,7 @@ in stdenv.mkDerivation rec {
sbcl
] ++ lib.optionals certifyBooks [
# To build community books, we need Perl and a couple of utilities:
which perl nettools makeWrapper
which perl hostname makeWrapper
# Some of the books require one or more of these external tools:
openssl.out glucose minisat abc-verifier libipasir
z3 (python.withPackages (ps: [ ps.z3 ]))

View file

@ -67,9 +67,13 @@ stdenv.mkDerivation rec {
PATH=${python3.withPackages (pp: [ pp.pygobject3 pp.tappy ])}/bin:$PATH patchShebangs tests/introspection.py
'';
postFixup = ''
wrapProgram "${placeholder "installedTests"}/libexec/installed-tests/graphene-1.0/introspection.py" \
--prefix GI_TYPELIB_PATH : "$out/lib/girepository-1.0"
postFixup = let
introspectionPy = "${placeholder "installedTests"}/libexec/installed-tests/graphene-1.0/introspection.py";
in ''
if [ -x '${introspectionPy}' ] ; then
wrapProgram '${introspectionPy}' \
--prefix GI_TYPELIB_PATH : "$out/lib/girepository-1.0"
fi
'';
passthru = {

View file

@ -11,6 +11,9 @@ stdenv.mkDerivation rec {
sha256 = "190s4r2n3jsivl4j2m288j3rqmgjj6gl308hi9mzwyhcfn17q8br";
};
# Avoid requesting an unreasonable intrinsic
patches = lib.optional stdenv.cc.isClang ./vc_0_7_clang_fix.patch;
nativeBuildInputs = [ cmake ];
postPatch = ''

View file

@ -0,0 +1,28 @@
diff -ur a/sse/intrinsics.h b/sse/intrinsics.h
--- a/sse/intrinsics.h 2021-11-12 22:09:50.000000000 -0500
+++ b/sse/intrinsics.h 2021-11-12 22:14:08.000000000 -0500
@@ -498,16 +498,6 @@
case 0:
f = _mm_cvtss_f32(v);
break;
-#if defined VC_IMPL_SSE4_1 && !defined VC_MSVC
- default:
-#ifdef VC_GCC
- f = __builtin_ia32_vec_ext_v4sf(static_cast<__v4sf>(v), (i));
-#else
- // MSVC fails to compile this because it can't optimize i to an immediate
- _MM_EXTRACT_FLOAT(f, v, i);
-#endif
- break;
-#else
case 1:
f = _mm_cvtss_f32(_mm_castsi128_ps(_mm_srli_si128(_mm_castps_si128(v), 4)));
break;
@@ -517,7 +507,6 @@
case 3:
f = _mm_cvtss_f32(_mm_castsi128_ps(_mm_srli_si128(_mm_castps_si128(v), 12)));
break;
-#endif
}
return f;
}

View file

@ -17,6 +17,7 @@
, "@webassemblyjs/wasm-strip"
, "@webassemblyjs/wasm-text-gen"
, "@webassemblyjs/wast-refmt"
, "alex"
, "alloy"
, "asar"
, "autoprefixer"

File diff suppressed because it is too large Load diff

View file

@ -1,40 +1,40 @@
{ lib, fetchFromGitHub, fetchpatch, buildDunePackage
, base64, bos, core, lwt_react, ocamlgraph, rresult, tyxml
{ lib
, ocaml
, fetchFromGitHub
, buildDunePackage
, base64
, bos
, core
, lwt_react
, ocamlgraph
, ppx_sexp_conv
, rresult
, sexplib
, tyxml
}:
buildDunePackage rec {
pname = "bistro";
version = "0.5.0";
version = "unstable-2021-07-13";
useDune2 = true;
src = fetchFromGitHub {
owner = "pveber";
repo = pname;
rev = "v${version}";
sha256 = "114gq48cpj2mvycypa9lfyqqb26wa2gkdfwkcqhnx7m6sdwv9a38";
rev = "4ce8d98f34f15ebf63ececccc9c763fec2b5fa6d";
sha256 = "sha256:16vxcdsj4dmswgm6igshs3hirz8jrg8l5b2xgcnxxgvsrc9sxljs";
};
patches = [
# The following patch adds support for core.v0.13
(fetchpatch {
url = "https://github.com/pveber/bistro/commit/0931db43a146ad7829dff5120161a775f732a878.patch";
sha256 = "06y0sxbbab1mssc1xfjjv12lpv4rny5iqv9qkdqyzrvzpl1bdvnd";
})
# The following patch adds support for core.v0.14
(fetchpatch {
url = "https://github.com/pveber/bistro/commit/afbdcb2af7777ef7711c7f3c45dff605350a27b2.patch";
sha256 = "0ix6lx9qjnn3vqp0164c6l5an8b4rq69h2mxrg89piyk2g1yv0zg";
})
];
# Fix build with ppxlib 0.23
postPatch = ''
substituteInPlace ppx/ppx_bistro.ml \
substituteInPlace ppx/bistro_script.ml \
--replace 'Parser.parse_expression' 'Ocaml_common.Parser.parse_expression'
'';
propagatedBuildInputs = [ base64 bos core lwt_react ocamlgraph rresult tyxml ];
propagatedBuildInputs = [
base64 bos core lwt_react ocamlgraph ppx_sexp_conv rresult sexplib tyxml
];
minimalOCamlVersion = "4.12";
@ -43,5 +43,7 @@ buildDunePackage rec {
description = "Build and execute typed scientific workflows";
maintainers = [ lib.maintainers.vbgl ];
license = lib.licenses.gpl2;
# ppx-related build failure; see https://github.com/pveber/bistro/issues/49:
broken = lib.versionAtLeast ocaml.version "4.13";
};
}

View file

@ -2,7 +2,6 @@
, buildPythonPackage
, isPy27
, fetchPypi
, nose
, setuptools-scm
, six
, dnspython

View file

@ -1,4 +1,4 @@
{ lib, stdenv, buildPythonPackage, fetchPypi, fetchpatch, pythonOlder, python
{ lib, stdenv, buildPythonPackage, fetchPypi, fetchpatch, pythonOlder
, fonttools, defcon, lxml, fs, unicodedata2, zopfli, brotlipy, fontpens
, brotli, fontmath, mutatormath, booleanoperations
, ufoprocessor, ufonormalizer, psautohint, tqdm

View file

@ -1,6 +1,5 @@
{ lib
, aiohttp
, async-timeout
, buildPythonPackage
, fetchFromGitHub
, poetry

View file

@ -10,7 +10,6 @@
, pytest-aiohttp
, pytest-asyncio
, pytestCheckHook
, pythonAtLeast
, voluptuous
}:

View file

@ -6,7 +6,6 @@
, poetry-core
, pytest-aiohttp
, pytestCheckHook
, pythonAtLeast
, zeroconf
}:

View file

@ -1,4 +1,4 @@
{ lib, fetchpatch, buildPythonPackage, fetchPypi
{ lib, buildPythonPackage, fetchPypi
, aiohttp, pytest, pytest-cov, pytest-aiohttp
}:

View file

@ -3,7 +3,6 @@
, buildPythonPackage
, fetchFromGitHub
, pythonOlder
, pytestCheckHook
}:
buildPythonPackage rec {

View file

@ -5,7 +5,6 @@
, pytestCheckHook
, python-dateutil
, pythonOlder
, setuptools-scm
, urllib3
}:

View file

@ -1,5 +1,4 @@
{ lib
, fetchpatch
, buildPythonPackage
, fetchFromGitHub
, future

View file

@ -1,7 +1,6 @@
{ lib
, buildPythonPackage
, fetchPypi
, ansible-base
, jsonschema
, jxmlease
, ncclient

View file

@ -1,4 +1,4 @@
{ lib, buildPythonPackage, fetchFromGitHub, isPy37, pyperclip }:
{ lib, buildPythonPackage, fetchFromGitHub, pyperclip }:
buildPythonPackage rec {
version = "0.2.6";

View file

@ -1,5 +1,4 @@
{ lib, buildPythonPackage, fetchFromGitHub, fetchpatch
, sqlite, isPyPy }:
{ lib, buildPythonPackage, fetchFromGitHub, sqlite, isPyPy }:
buildPythonPackage rec {
pname = "apsw";

View file

@ -1,4 +1,4 @@
{ lib, pkgs, buildPythonPackage, fetchPypi, isPy3k
{ lib, buildPythonPackage, fetchPypi, isPy3k
, numpy
}:

View file

@ -1,5 +1,5 @@
{ lib, buildPythonPackage, fetchPypi, isPy27
, nose, chai, simplejson, backports_functools_lru_cache
, simplejson, backports_functools_lru_cache
, python-dateutil, pytz, pytest-mock, sphinx, dateparser, pytest-cov
, pytestCheckHook
}:

View file

@ -1,4 +1,4 @@
{ lib, buildPythonPackage, fetchPypi, isPy27, pytestCheckHook, fetchpatch }:
{ lib, buildPythonPackage, fetchPypi, pytestCheckHook }:
buildPythonPackage rec {
pname = "astor";

View file

@ -1,7 +1,6 @@
{ lib
, buildPythonPackage
, fetchPypi
, fetchpatch
, pythonOlder
, pytestCheckHook
, pytest-asyncio

View file

@ -4,7 +4,6 @@
, fetchPypi
, async_generator
, paho-mqtt
, pytestCheckHook
}:
buildPythonPackage rec {

View file

@ -1,6 +1,5 @@
{ lib
, argon2_cffi
, attrs
, buildPythonPackage
, cbor
, cbor2

View file

@ -1,5 +1,4 @@
{ lib, buildPythonPackage, fetchPypi, isPy27
, azure-core
{ lib, buildPythonPackage, fetchPypi, azure-core
, msrest
}:

View file

@ -1,6 +1,5 @@
{ buildPythonPackage
, lib
, python
, fetchPypi
, six
, requests

View file

@ -1,6 +1,5 @@
{ buildPythonPackage
, fetchPypi
, isPy38
, lib
# pythonPackages

View file

@ -1,8 +1,6 @@
{ lib
, buildPythonPackage
, fetchPypi
, python
, isPy3k
, azure-common
, azure-core
, msrest

View file

@ -2,7 +2,6 @@
, aiohttp
, azure-common
, azure-core
, azure-nspkg
, cryptography
, msrest
, pytestCheckHook

View file

@ -1,8 +1,6 @@
{ lib
, buildPythonPackage
, fetchPypi
, python
, isPy3k
, msrest
, azure-common
}:

View file

@ -5,8 +5,6 @@
, azure-common
, azure-mgmt-core
, azure-mgmt-nspkg
, python
, isPy3k
}:
buildPythonPackage rec {

View file

@ -5,8 +5,6 @@
, azure-common
, azure-mgmt-core
, azure-mgmt-nspkg
, python
, isPy3k
}:
buildPythonPackage rec {

View file

@ -1,8 +1,6 @@
{ lib
, buildPythonPackage
, fetchPypi
, python
, isPy3k
, msrestazure
, azure-common
, azure-mgmt-core

View file

@ -1,9 +1,7 @@
{ pkgs
, buildPythonPackage
, fetchPypi
, python
, azure-core
, isPy3k
}:
buildPythonPackage rec {

View file

@ -1,8 +1,6 @@
{ lib
, buildPythonPackage
, fetchPypi
, python
, isPy3k
, msrestazure
, azure-common
, azure-mgmt-datalake-nspkg

View file

@ -1,9 +1,6 @@
{ lib
, buildPythonPackage
, fetchPypi
, python
, isPy3k
, pythonNamespacesHook
, msrestazure
, azure-common
, azure-mgmt-datalake-nspkg

View file

@ -1,7 +1,6 @@
{ lib
, buildPythonPackage
, fetchPypi
, python
, isPy3k
, msrest
, msrestazure

View file

@ -1,7 +1,6 @@
{ lib
, buildPythonPackage
, fetchPypi
, python
, isPy3k
, msrest
, msrestazure

View file

@ -1,8 +1,6 @@
{ lib
, buildPythonPackage
, fetchPypi
, python
, isPy3k
, msrest
, msrestazure
, azure-common

View file

@ -1,7 +1,6 @@
{ lib
, buildPythonPackage
, fetchPypi
, python
, msrest
, msrestazure
, azure-common

View file

@ -1,8 +1,6 @@
{ lib
, buildPythonPackage
, fetchPypi
, python
, isPy3k
, msrest
, msrestazure
, azure-common

View file

@ -1,8 +1,6 @@
{ lib
, buildPythonPackage
, fetchPypi
, python
, isPy3k
, msrest
, msrestazure
, azure-common

View file

@ -1,7 +1,6 @@
{ lib
, buildPythonPackage
, fetchPypi
, python
, isPy3k
, msrest
, msrestazure

View file

@ -1,8 +1,6 @@
{ lib
, buildPythonPackage
, fetchPypi
, python
, isPy3k
, msrest
, msrestazure
, azure-common

View file

@ -2,7 +2,6 @@
, buildPythonPackage
, fetchPypi
, azure-common
, azure-mgmt-common
, azure-mgmt-core
, msrest
, msrestazure

View file

@ -2,8 +2,6 @@
, buildPythonPackage
, fetchPypi
, azure-nspkg
, python
, isPy3k
}:
buildPythonPackage rec {

View file

@ -1,7 +1,6 @@
{ lib
, buildPythonPackage
, fetchPypi
, python
, msrest
, msrestazure
, azure-common

View file

@ -1,8 +1,6 @@
{ lib
, buildPythonPackage
, fetchPypi
, python
, isPy3k
, msrestazure
, azure-common
, azure-mgmt-core

View file

@ -1,8 +1,6 @@
{ lib
, buildPythonPackage
, fetchPypi
, python
, isPy3k
, msrest
, msrestazure
, azure-common

View file

@ -1,8 +1,6 @@
{ lib
, buildPythonPackage
, fetchPypi
, python
, isPy3k
, msrest
, msrestazure
, azure-common

View file

@ -1,7 +1,6 @@
{ lib
, buildPythonPackage
, fetchPypi
, python
, azure-mgmt-common
, azure-mgmt-core
, isPy3k

View file

@ -1,8 +1,6 @@
{ lib
, buildPythonPackage
, fetchPypi
, python
, isPy3k
}:
buildPythonPackage rec {

View file

@ -7,7 +7,6 @@
, azure-core
, cryptography
, msrest
, futures ? null
}:
buildPythonPackage rec {

View file

@ -1,7 +1,6 @@
{ pkgs
, buildPythonPackage
, fetchPypi
, python
, azure-common
, cryptography
, futures ? null

View file

@ -1,4 +1,4 @@
{ lib, buildPythonPackage, fetchPypi, fetchFromGitHub
{ lib, buildPythonPackage, fetchFromGitHub
, wheel, pytestCheckHook, pytest-runner, pythonAtLeast }:
buildPythonPackage rec {

View file

@ -1,7 +1,6 @@
{ lib
, buildPythonPackage
, fetchFromGitHub
, coverage
, gettext
, mock
, pytestCheckHook

View file

@ -1,7 +1,6 @@
{ lib
, buildPythonPackage
, fetchFromGitHub
, python
, scikit-learn
, scipy
, pytest

View file

@ -1,6 +1,5 @@
{ lib
, buildPythonPackage
, pythonOlder
, fetchFromGitHub
, aiohttp
, semver

View file

@ -1,4 +1,4 @@
{ lib, buildPythonPackage, fetchPypi, fetchpatch, six
{ lib, buildPythonPackage, fetchPypi, six
, wcwidth, pytest, mock, glibcLocales
}:

View file

@ -1,6 +1,5 @@
{ lib
, buildPythonPackage
, pythonOlder
, fetchFromGitHub
, python-dateutil
, python-slugify

Some files were not shown because too many files have changed in this diff Show more