diff options
| author | Frederik Rietdijk <fridh@fridh.nl> | 2020-04-22 17:20:20 +0200 |
|---|---|---|
| committer | Frederik Rietdijk <fridh@fridh.nl> | 2020-04-22 17:20:20 +0200 |
| commit | 8374a2a0eee41361d4af9d32460e4956dcbea61c (patch) | |
| tree | 0a4788ab72ad7968aad65dd0668147d065ea9951 | |
| parent | 23be4a8b4de7790f48998d245a3ff5fe549e0f2b (diff) | |
| parent | 95f82e2a45266cdca661389705da7c672c7a9cbc (diff) | |
| download | nixlib-8374a2a0eee41361d4af9d32460e4956dcbea61c.tar nixlib-8374a2a0eee41361d4af9d32460e4956dcbea61c.tar.gz nixlib-8374a2a0eee41361d4af9d32460e4956dcbea61c.tar.bz2 nixlib-8374a2a0eee41361d4af9d32460e4956dcbea61c.tar.lz nixlib-8374a2a0eee41361d4af9d32460e4956dcbea61c.tar.xz nixlib-8374a2a0eee41361d4af9d32460e4956dcbea61c.tar.zst nixlib-8374a2a0eee41361d4af9d32460e4956dcbea61c.zip | |
Merge master into staging-next
90 files changed, 2852 insertions, 1345 deletions
diff --git a/maintainers/team-list.nix b/maintainers/team-list.nix index 7efff7f45eca..caee548d719c 100644 --- a/maintainers/team-list.nix +++ b/maintainers/team-list.nix @@ -33,10 +33,11 @@ with lib.maintainers; { podman = { members = [ + adisbladis saschagrunert vdemeester zowoq ]; - scope = "Maintain podman related packages."; + scope = "Maintain Podman related packages and modules."; }; } diff --git a/nixos/doc/manual/release-notes/rl-2003.xml b/nixos/doc/manual/release-notes/rl-2003.xml index b0940391b56b..393a9286ca4f 100644 --- a/nixos/doc/manual/release-notes/rl-2003.xml +++ b/nixos/doc/manual/release-notes/rl-2003.xml @@ -935,8 +935,8 @@ services.dnsmasq.servers = [ "127.0.0.1#43" ]; </listitem> <listitem> <para> - Haskell <varname>env</varname> and <varname>shellFor</varname> dev shell environments now organized dependencies the same way as regular builds. - In particular, rather than receiving all the different lists of dependencies master together as one big lists, and then partitioning into Haskell and non-Hakell dependencies, they work from the original many different dependency parameters and don't need to algorithmically partition anything. + Haskell <varname>env</varname> and <varname>shellFor</varname> dev shell environments now organize dependencies the same way as regular builds. + In particular, rather than receiving all the different lists of dependencies mashed together as one big list, and then partitioning into Haskell and non-Hakell dependencies, they work from the original many different dependency parameters and don't need to algorithmically partition anything. </para> <para> This means that if you incorrectly categorize a dependency, e.g. non-Haskell library dependency as a <varname>buildDepends</varname> or run-time Haskell dependency as a <varname>setupDepends</varname>, whereas things would have worked before they may not work now. @@ -1145,9 +1145,11 @@ systemd.services.nginx.serviceConfig.User = lib.mkForce "root"; As well as this, the options <literal>security.acme.acceptTerms</literal> and either <literal>security.acme.email</literal> or <literal>security.acme.certs.<name>.email</literal> must be set in order to use the ACME module. - Certificates will be regenerated anew on the next renewal date. The credentials for simp-le are - preserved and thus it is possible to roll back to previous versions without breaking certificate - generation. + Certificates will be regenerated on activation, no account or certificate will be migrated from simp-le. + In particular private keys will not be preserved. However, the credentials for simp-le are preserved and + thus it is possible to roll back to previous versions without breaking certificate generation. + Note also that in contrary to simp-le a new private key is recreated at each renewal by default, which can + have consequences if you embed your public key in apps. </para> </listitem> <listitem> diff --git a/nixos/doc/manual/release-notes/rl-2009.xml b/nixos/doc/manual/release-notes/rl-2009.xml index 0f22f4331f4d..3e29c19af8fb 100644 --- a/nixos/doc/manual/release-notes/rl-2009.xml +++ b/nixos/doc/manual/release-notes/rl-2009.xml @@ -40,6 +40,11 @@ make use of these new options instead. </para> </listitem> + <listitem> + <para> + There is a new module for Podman(<varname>virtualisation.podman</varname>), a drop-in replacement for the Docker command line. + </para> + </listitem> </itemizedlist> </section> @@ -269,6 +274,13 @@ environment.systemPackages = [ <itemizedlist> <listitem> <para> + <option>services.journald.rateLimitBurst</option> was updated from + <literal>1000</literal> to <literal>10000</literal> to follow the new + upstream systemd default. + </para> + </listitem> + <listitem> + <para> The <package>notmuch</package> package move its emacs-related binaries and emacs lisp files to a separate output. They're not part of the default <literal>out</literal> output anymore - if you relied on the diff --git a/nixos/modules/installer/cd-dvd/installation-cd-graphical-gnome.nix b/nixos/modules/installer/cd-dvd/installation-cd-graphical-gnome.nix index 84394a1ecae5..3707c4b7ec62 100644 --- a/nixos/modules/installer/cd-dvd/installation-cd-graphical-gnome.nix +++ b/nixos/modules/installer/cd-dvd/installation-cd-graphical-gnome.nix @@ -11,9 +11,6 @@ with lib; services.xserver.desktopManager.gnome3.enable = true; - # Wayland can be problematic for some hardware like Nvidia graphics cards. - services.xserver.displayManager.defaultSession = "gnome-xorg"; - services.xserver.displayManager.gdm = { enable = true; # autoSuspend makes the machine automatically suspend after inactivity. diff --git a/nixos/modules/misc/version.nix b/nixos/modules/misc/version.nix index ae98fba15805..a6fffb76f6e8 100644 --- a/nixos/modules/misc/version.nix +++ b/nixos/modules/misc/version.nix @@ -109,8 +109,8 @@ in PRETTY_NAME="NixOS ${cfg.release} (${cfg.codeName})" LOGO="nix-snowflake" HOME_URL="https://nixos.org/" - DOCUMENTATION_URL="https://nixos.org/nixos/manual/index.html" - SUPPORT_URL="https://nixos.org/nixos/support.html" + DOCUMENTATION_URL="https://nixos.org/learn.html" + SUPPORT_URL="https://nixos.org/community.html" BUG_REPORT_URL="https://github.com/NixOS/nixpkgs/issues" ''; diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix index df08ac2959ed..7244a7e0a894 100644 --- a/nixos/modules/module-list.nix +++ b/nixos/modules/module-list.nix @@ -984,6 +984,7 @@ ./virtualisation/anbox.nix ./virtualisation/container-config.nix ./virtualisation/containers.nix + ./virtualisation/nixos-containers.nix ./virtualisation/cri-o.nix ./virtualisation/docker.nix ./virtualisation/docker-containers.nix @@ -997,6 +998,7 @@ ./virtualisation/kvmgt.nix ./virtualisation/openvswitch.nix ./virtualisation/parallels-guest.nix + ./virtualisation/podman.nix ./virtualisation/qemu-guest-agent.nix ./virtualisation/railcar.nix ./virtualisation/rkt.nix diff --git a/nixos/modules/services/networking/tailscale.nix b/nixos/modules/services/networking/tailscale.nix index 513c42b40117..4d6aeb75ebd1 100644 --- a/nixos/modules/services/networking/tailscale.nix +++ b/nixos/modules/services/networking/tailscale.nix @@ -37,7 +37,10 @@ in { RuntimeDirectoryMode = 755; StateDirectory = "tailscale"; - StateDirectoryMode = 700; + StateDirectoryMode = 750; + + CacheDirectory = "tailscale"; + CacheDirectoryMode = 750; Restart = "on-failure"; }; diff --git a/nixos/modules/services/security/oauth2_proxy.nix b/nixos/modules/services/security/oauth2_proxy.nix index 2abb9ec32aca..46caadee2042 100644 --- a/nixos/modules/services/security/oauth2_proxy.nix +++ b/nixos/modules/services/security/oauth2_proxy.nix @@ -12,7 +12,7 @@ let # command-line to launch oauth2_proxy. providerSpecificOptions = { azure = cfg: { - azure.tenant = cfg.azure.tenant; + azure-tenant = cfg.azure.tenant; resource = cfg.azure.resource; }; @@ -44,6 +44,7 @@ let pass-access-token = passAccessToken; pass-basic-auth = passBasicAuth; pass-host-header = passHostHeader; + reverse-proxy = reverseProxy; proxy-prefix = proxyPrefix; profile-url = profileURL; redeem-url = redeemURL; @@ -65,8 +66,8 @@ let } // lib.optionalAttrs (cfg.htpasswd.file != null) { display-htpasswd-file = cfg.htpasswd.displayForm; } // lib.optionalAttrs tls.enable { - tls-cert = tls.certificate; - tls-key = tls.key; + tls-cert-file = tls.certificate; + tls-key-file = tls.key; https-address = tls.httpsAddress; } // (getProviderOptions cfg cfg.provider) // cfg.extraConfig; @@ -98,14 +99,21 @@ in ############################################## # PROVIDER configuration + # Taken from: https://github.com/pusher/oauth2_proxy/blob/master/providers/providers.go provider = mkOption { type = types.enum [ "google" - "github" "azure" + "facebook" + "github" + "keycloak" "gitlab" "linkedin" - "myusa" + "login.gov" + "bitbucket" + "nextcloud" + "digitalocean" + "oidc" ]; default = "google"; description = '' @@ -433,6 +441,17 @@ in ''; }; + reverseProxy = mkOption { + type = types.bool; + default = false; + description = '' + In case when running behind a reverse proxy, controls whether headers + like <literal>X-Real-Ip</literal> are accepted. Usage behind a reverse + proxy will require this flag to be set to avoid logging the reverse + proxy IP address. + ''; + }; + proxyPrefix = mkOption { type = types.str; default = "/oauth2"; diff --git a/nixos/modules/services/web-servers/apache-httpd/default.nix b/nixos/modules/services/web-servers/apache-httpd/default.nix index 832c8b30ee9d..5e55baa203a0 100644 --- a/nixos/modules/services/web-servers/apache-httpd/default.nix +++ b/nixos/modules/services/web-servers/apache-httpd/default.nix @@ -12,7 +12,7 @@ let httpdConf = cfg.configFile; - php = cfg.phpPackage.override { apacheHttpd = pkg.dev; /* otherwise it only gets .out */ }; + php = cfg.phpPackage.override { apacheHttpd = pkg; }; phpMajorVersion = lib.versions.major (lib.getVersion php); @@ -338,6 +338,7 @@ let } '' cat ${php}/etc/php.ini > $out + cat ${php}/lib/custom-php.ini > $out echo "$options" >> $out ''; diff --git a/nixos/modules/services/web-servers/phpfpm/default.nix b/nixos/modules/services/web-servers/phpfpm/default.nix index 3db19c781d03..d090885a8ca5 100644 --- a/nixos/modules/services/web-servers/phpfpm/default.nix +++ b/nixos/modules/services/web-servers/phpfpm/default.nix @@ -209,14 +209,14 @@ in { user = "php"; group = "php"; phpPackage = pkgs.php; - settings = ''' + settings = { "pm" = "dynamic"; "pm.max_children" = 75; "pm.start_servers" = 10; "pm.min_spare_servers" = 5; "pm.max_spare_servers" = 20; "pm.max_requests" = 500; - '''; + }; } }''; description = '' diff --git a/nixos/modules/system/boot/systemd.nix b/nixos/modules/system/boot/systemd.nix index 518d875841bd..f955746f78a0 100644 --- a/nixos/modules/system/boot/systemd.nix +++ b/nixos/modules/system/boot/systemd.nix @@ -597,7 +597,7 @@ in }; services.journald.rateLimitBurst = mkOption { - default = 1000; + default = 10000; type = types.int; description = '' Configures the rate limiting burst limit (number of messages per diff --git a/nixos/modules/virtualisation/containers.nix b/nixos/modules/virtualisation/containers.nix index 2db5c117aa7f..e6127e284869 100644 --- a/nixos/modules/virtualisation/containers.nix +++ b/nixos/modules/virtualisation/containers.nix @@ -1,838 +1,150 @@ { config, lib, pkgs, ... }: - -with lib; - let - - # The container's init script, a small wrapper around the regular - # NixOS stage-2 init script. - containerInit = (cfg: - let - renderExtraVeth = (name: cfg: - '' - echo "Bringing ${name} up" - ip link set dev ${name} up - ${optionalString (cfg.localAddress != null) '' - echo "Setting ip for ${name}" - ip addr add ${cfg.localAddress} dev ${name} - ''} - ${optionalString (cfg.localAddress6 != null) '' - echo "Setting ip6 for ${name}" - ip -6 addr add ${cfg.localAddress6} dev ${name} - ''} - ${optionalString (cfg.hostAddress != null) '' - echo "Setting route to host for ${name}" - ip route add ${cfg.hostAddress} dev ${name} - ''} - ${optionalString (cfg.hostAddress6 != null) '' - echo "Setting route6 to host for ${name}" - ip -6 route add ${cfg.hostAddress6} dev ${name} - ''} - '' - ); - in - pkgs.writeScript "container-init" - '' - #! ${pkgs.runtimeShell} -e - - # Initialise the container side of the veth pair. - if [ -n "$HOST_ADDRESS" ] || [ -n "$HOST_ADDRESS6" ] || - [ -n "$LOCAL_ADDRESS" ] || [ -n "$LOCAL_ADDRESS6" ] || - [ -n "$HOST_BRIDGE" ]; then - ip link set host0 name eth0 - ip link set dev eth0 up - - if [ -n "$LOCAL_ADDRESS" ]; then - ip addr add $LOCAL_ADDRESS dev eth0 - fi - if [ -n "$LOCAL_ADDRESS6" ]; then - ip -6 addr add $LOCAL_ADDRESS6 dev eth0 - fi - if [ -n "$HOST_ADDRESS" ]; then - ip route add $HOST_ADDRESS dev eth0 - ip route add default via $HOST_ADDRESS - fi - if [ -n "$HOST_ADDRESS6" ]; then - ip -6 route add $HOST_ADDRESS6 dev eth0 - ip -6 route add default via $HOST_ADDRESS6 - fi - - ${concatStringsSep "\n" (mapAttrsToList renderExtraVeth cfg.extraVeths)} - fi - - # Start the regular stage 1 script. - exec "$1" - '' - ); - - nspawnExtraVethArgs = (name: cfg: "--network-veth-extra=${name}"); - - startScript = cfg: - '' - mkdir -p -m 0755 "$root/etc" "$root/var/lib" - mkdir -p -m 0700 "$root/var/lib/private" "$root/root" /run/containers - if ! [ -e "$root/etc/os-release" ]; then - touch "$root/etc/os-release" - fi - - if ! [ -e "$root/etc/machine-id" ]; then - touch "$root/etc/machine-id" - fi - - mkdir -p -m 0755 \ - "/nix/var/nix/profiles/per-container/$INSTANCE" \ - "/nix/var/nix/gcroots/per-container/$INSTANCE" - - cp --remove-destination /etc/resolv.conf "$root/etc/resolv.conf" - - if [ "$PRIVATE_NETWORK" = 1 ]; then - extraFlags+=" --private-network" - fi - - if [ -n "$HOST_ADDRESS" ] || [ -n "$LOCAL_ADDRESS" ] || - [ -n "$HOST_ADDRESS6" ] || [ -n "$LOCAL_ADDRESS6" ]; then - extraFlags+=" --network-veth" - fi - - if [ -n "$HOST_PORT" ]; then - OIFS=$IFS - IFS="," - for i in $HOST_PORT - do - extraFlags+=" --port=$i" - done - IFS=$OIFS - fi - - if [ -n "$HOST_BRIDGE" ]; then - extraFlags+=" --network-bridge=$HOST_BRIDGE" - fi - - extraFlags+=" ${concatStringsSep " " (mapAttrsToList nspawnExtraVethArgs cfg.extraVeths)}" - - for iface in $INTERFACES; do - extraFlags+=" --network-interface=$iface" - done - - for iface in $MACVLANS; do - extraFlags+=" --network-macvlan=$iface" - done - - # If the host is 64-bit and the container is 32-bit, add a - # --personality flag. - ${optionalString (config.nixpkgs.localSystem.system == "x86_64-linux") '' - if [ "$(< ''${SYSTEM_PATH:-/nix/var/nix/profiles/per-container/$INSTANCE/system}/system)" = i686-linux ]; then - extraFlags+=" --personality=x86" - fi - ''} - - # Run systemd-nspawn without startup notification (we'll - # wait for the container systemd to signal readiness). - exec ${config.systemd.package}/bin/systemd-nspawn \ - --keep-unit \ - -M "$INSTANCE" -D "$root" $extraFlags \ - $EXTRA_NSPAWN_FLAGS \ - --notify-ready=yes \ - --bind-ro=/nix/store \ - --bind-ro=/nix/var/nix/db \ - --bind-ro=/nix/var/nix/daemon-socket \ - --bind="/nix/var/nix/profiles/per-container/$INSTANCE:/nix/var/nix/profiles" \ - --bind="/nix/var/nix/gcroots/per-container/$INSTANCE:/nix/var/nix/gcroots" \ - ${optionalString (!cfg.ephemeral) "--link-journal=try-guest"} \ - --setenv PRIVATE_NETWORK="$PRIVATE_NETWORK" \ - --setenv HOST_BRIDGE="$HOST_BRIDGE" \ - --setenv HOST_ADDRESS="$HOST_ADDRESS" \ - --setenv LOCAL_ADDRESS="$LOCAL_ADDRESS" \ - --setenv HOST_ADDRESS6="$HOST_ADDRESS6" \ - --setenv LOCAL_ADDRESS6="$LOCAL_ADDRESS6" \ - --setenv HOST_PORT="$HOST_PORT" \ - --setenv PATH="$PATH" \ - ${optionalString cfg.ephemeral "--ephemeral"} \ - ${if cfg.additionalCapabilities != null && cfg.additionalCapabilities != [] then - ''--capability="${concatStringsSep "," cfg.additionalCapabilities}"'' else "" - } \ - ${if cfg.tmpfs != null && cfg.tmpfs != [] then - ''--tmpfs=${concatStringsSep " --tmpfs=" cfg.tmpfs}'' else "" - } \ - ${containerInit cfg} "''${SYSTEM_PATH:-/nix/var/nix/profiles/system}/init" - ''; - - preStartScript = cfg: - '' - # Clean up existing machined registration and interfaces. - machinectl terminate "$INSTANCE" 2> /dev/null || true - - if [ -n "$HOST_ADDRESS" ] || [ -n "$LOCAL_ADDRESS" ] || - [ -n "$HOST_ADDRESS6" ] || [ -n "$LOCAL_ADDRESS6" ]; then - ip link del dev "ve-$INSTANCE" 2> /dev/null || true - ip link del dev "vb-$INSTANCE" 2> /dev/null || true - fi - - ${concatStringsSep "\n" ( - mapAttrsToList (name: cfg: - ''ip link del dev ${name} 2> /dev/null || true '' - ) cfg.extraVeths - )} - ''; - - postStartScript = (cfg: - let - ipcall = cfg: ipcmd: variable: attribute: - if cfg.${attribute} == null then - '' - if [ -n "${variable}" ]; then - ${ipcmd} add ${variable} dev $ifaceHost - fi - '' - else - ''${ipcmd} add ${cfg.${attribute}} dev $ifaceHost''; - renderExtraVeth = name: cfg: - if cfg.hostBridge != null then - '' - # Add ${name} to bridge ${cfg.hostBridge} - ip link set dev ${name} master ${cfg.hostBridge} up - '' - else - '' - echo "Bring ${name} up" - ip link set dev ${name} up - # Set IPs and routes for ${name} - ${optionalString (cfg.hostAddress != null) '' - ip addr add ${cfg.hostAddress} dev ${name} - ''} - ${optionalString (cfg.hostAddress6 != null) '' - ip -6 addr add ${cfg.hostAddress6} dev ${name} - ''} - ${optionalString (cfg.localAddress != null) '' - ip route add ${cfg.localAddress} dev ${name} - ''} - ${optionalString (cfg.localAddress6 != null) '' - ip -6 route add ${cfg.localAddress6} dev ${name} - ''} - ''; - in - '' - if [ -n "$HOST_ADDRESS" ] || [ -n "$LOCAL_ADDRESS" ] || - [ -n "$HOST_ADDRESS6" ] || [ -n "$LOCAL_ADDRESS6" ]; then - if [ -z "$HOST_BRIDGE" ]; then - ifaceHost=ve-$INSTANCE - ip link set dev $ifaceHost up - - ${ipcall cfg "ip addr" "$HOST_ADDRESS" "hostAddress"} - ${ipcall cfg "ip -6 addr" "$HOST_ADDRESS6" "hostAddress6"} - ${ipcall cfg "ip route" "$LOCAL_ADDRESS" "localAddress"} - ${ipcall cfg "ip -6 route" "$LOCAL_ADDRESS6" "localAddress6"} - fi - ${concatStringsSep "\n" (mapAttrsToList renderExtraVeth cfg.extraVeths)} - fi - '' - ); - - serviceDirectives = cfg: { - ExecReload = pkgs.writeScript "reload-container" - '' - #! ${pkgs.runtimeShell} -e - ${pkgs.nixos-container}/bin/nixos-container run "$INSTANCE" -- \ - bash --login -c "''${SYSTEM_PATH:-/nix/var/nix/profiles/system}/bin/switch-to-configuration test" - ''; - - SyslogIdentifier = "container %i"; - - EnvironmentFile = "-/etc/containers/%i.conf"; - - Type = "notify"; - - RuntimeDirectory = lib.optional cfg.ephemeral "containers/%i"; - - # Note that on reboot, systemd-nspawn returns 133, so this - # unit will be restarted. On poweroff, it returns 0, so the - # unit won't be restarted. - RestartForceExitStatus = "133"; - SuccessExitStatus = "133"; - - # Some containers take long to start - # especially when you automatically start many at once - TimeoutStartSec = cfg.timeoutStartSec; - - Restart = "on-failure"; - - Slice = "machine.slice"; - Delegate = true; - - # Hack: we don't want to kill systemd-nspawn, since we call - # "machinectl poweroff" in preStop to shut down the - # container cleanly. But systemd requires sending a signal - # (at least if we want remaining processes to be killed - # after the timeout). So send an ignored signal. - KillMode = "mixed"; - KillSignal = "WINCH"; - - DevicePolicy = "closed"; - DeviceAllow = map (d: "${d.node} ${d.modifier}") cfg.allowedDevices; + cfg = config.virtualisation.containers; + + inherit (lib) mkOption types; + + # Once https://github.com/NixOS/nixpkgs/pull/75584 is merged we can use the TOML generator + toTOML = name: value: pkgs.runCommandNoCC name { + nativeBuildInputs = [ pkgs.remarshal ]; + value = builtins.toJSON value; + passAsFile = [ "value" ]; + } '' + json2toml "$valuePath" "$out" + ''; + + # Copy configuration files to avoid having the entire sources in the system closure + copyFile = filePath: pkgs.runCommandNoCC (builtins.unsafeDiscardStringContext (builtins.baseNameOf filePath)) {} '' + cp ${filePath} $out + ''; +in +{ + meta = { + maintainers = [] ++ lib.teams.podman.members; }; + options.virtualisation.containers = { - system = config.nixpkgs.localSystem.system; - - bindMountOpts = { name, ... }: { - - options = { - mountPoint = mkOption { - example = "/mnt/usb"; - type = types.str; - description = "Mount point on the container file system."; - }; - hostPath = mkOption { - default = null; - example = "/home/alice"; - type = types.nullOr types.str; - description = "Location of the host path to be mounted."; - }; - isReadOnly = mkOption { - default = true; + enable = + mkOption { type = types.bool; - description = "Determine whether the mounted path will be accessed in read-only mode."; + default = false; + description = '' + This option enables the common libpod container configuration module. + ''; }; - }; - - config = { - mountPoint = mkDefault name; - }; - - }; - allowedDeviceOpts = { ... }: { - options = { - node = mkOption { - example = "/dev/net/tun"; - type = types.str; - description = "Path to device node"; - }; - modifier = mkOption { - example = "rw"; - type = types.str; + registries = { + search = mkOption { + type = types.listOf types.str; + default = [ "docker.io" "quay.io" ]; description = '' - Device node access modifier. Takes a combination - <literal>r</literal> (read), <literal>w</literal> (write), and - <literal>m</literal> (mknod). See the - <literal>systemd.resource-control(5)</literal> man page for more - information.''; + List of repositories to search. + ''; }; - }; - }; - - mkBindFlag = d: - let flagPrefix = if d.isReadOnly then " --bind-ro=" else " --bind="; - mountstr = if d.hostPath != null then "${d.hostPath}:${d.mountPoint}" else "${d.mountPoint}"; - in flagPrefix + mountstr ; - - mkBindFlags = bs: concatMapStrings mkBindFlag (lib.attrValues bs); + insecure = mkOption { + default = []; + type = types.listOf types.str; + description = '' + List of insecure repositories. + ''; + }; - networkOptions = { - hostBridge = mkOption { - type = types.nullOr types.str; - default = null; - example = "br0"; - description = '' - Put the host-side of the veth-pair into the named bridge. - Only one of hostAddress* or hostBridge can be given. - ''; + block = mkOption { + default = []; + type = types.listOf types.str; + description = '' + List of blocked repositories. + ''; + }; }; - forwardPorts = mkOption { - type = types.listOf (types.submodule { - options = { - protocol = mkOption { - type = types.str; - default = "tcp"; - description = "The protocol specifier for port forwarding between host and container"; - }; - hostPort = mkOption { - type = types.int; - description = "Source port of the external interface on host"; - }; - containerPort = mkOption { - type = types.nullOr types.int; - default = null; - description = "Target port of container"; + policy = mkOption { + default = {}; + type = types.attrs; + example = lib.literalExample '' + { + default = [ { type = "insecureAcceptAnything"; } ]; + transports = { + docker-daemon = { + "" = [ { type = "insecureAcceptAnything"; } ]; + }; }; - }; - }); - default = []; - example = [ { protocol = "tcp"; hostPort = 8080; containerPort = 80; } ]; - description = '' - List of forwarded ports from host to container. Each forwarded port - is specified by protocol, hostPort and containerPort. By default, - protocol is tcp and hostPort and containerPort are assumed to be - the same if containerPort is not explicitly given. + } ''; - }; - - - hostAddress = mkOption { - type = types.nullOr types.str; - default = null; - example = "10.231.136.1"; description = '' - The IPv4 address assigned to the host interface. - (Not used when hostBridge is set.) + Signature verification policy file. + If this option is empty the default policy file from + <literal>skopeo</literal> will be used. ''; }; - hostAddress6 = mkOption { - type = types.nullOr types.str; - default = null; - example = "fc00::1"; + users = mkOption { + default = []; + type = types.listOf types.str; description = '' - The IPv6 address assigned to the host interface. - (Not used when hostBridge is set.) + List of users to set up subuid/subgid mappings for. + This is a requirement for running rootless containers. ''; }; - localAddress = mkOption { - type = types.nullOr types.str; - default = null; - example = "10.231.136.2"; - description = '' - The IPv4 address assigned to the interface in the container. - If a hostBridge is used, this should be given with netmask to access - the whole network. Otherwise the default netmask is /32 and routing is - set up from localAddress to hostAddress and back. - ''; - }; + libpod = mkOption { + default = {}; + description = "Libpod configuration"; + type = types.submodule { + options = { - localAddress6 = mkOption { - type = types.nullOr types.str; - default = null; - example = "fc00::2"; - description = '' - The IPv6 address assigned to the interface in the container. - If a hostBridge is used, this should be given with netmask to access - the whole network. Otherwise the default netmask is /128 and routing is - set up from localAddress6 to hostAddress6 and back. - ''; + extraConfig = mkOption { + type = types.lines; + default = ""; + description = '' + Extra configuration that should be put in the libpod.conf + configuration file + ''; + + }; + }; + }; }; }; - dummyConfig = - { - extraVeths = {}; - additionalCapabilities = []; - ephemeral = false; - timeoutStartSec = "15s"; - allowedDevices = []; - hostAddress = null; - hostAddress6 = null; - localAddress = null; - localAddress6 = null; - tmpfs = null; - }; + config = lib.mkIf cfg.enable { -in + environment.etc."containers/libpod.conf".text = '' + cni_plugin_dir = ["${pkgs.cni-plugins}/bin/"] + cni_config_dir = "/etc/cni/net.d/" -{ - options = { + '' + cfg.libpod.extraConfig; - boot.isContainer = mkOption { - type = types.bool; - default = false; - description = '' - Whether this NixOS machine is a lightweight container running - in another NixOS system. - ''; - }; - - boot.enableContainers = mkOption { - type = types.bool; - default = !config.boot.isContainer; - description = '' - Whether to enable support for NixOS containers. - ''; + environment.etc."containers/registries.conf".source = toTOML "registries.conf" { + registries = lib.mapAttrs (n: v: { registries = v; }) cfg.registries; }; - containers = mkOption { - type = types.attrsOf (types.submodule ( - { config, options, name, ... }: - { - options = { - - config = mkOption { - description = '' - A specification of the desired configuration of this - container, as a NixOS module. - ''; - type = let - confPkgs = if config.pkgs == null then pkgs else config.pkgs; - in lib.mkOptionType { - name = "Toplevel NixOS config"; - merge = loc: defs: (import (confPkgs.path + "/nixos/lib/eval-config.nix") { - inherit system; - pkgs = confPkgs; - baseModules = import (confPkgs.path + "/nixos/modules/module-list.nix"); - inherit (confPkgs) lib; - modules = - let - extraConfig = { - _file = "module at ${__curPos.file}:${toString __curPos.line}"; - config = { - boot.isContainer = true; - networking.hostName = mkDefault name; - networking.useDHCP = false; - assertions = [ - { - assertion = config.privateNetwork -> stringLength name < 12; - message = '' - Container name `${name}` is too long: When `privateNetwork` is enabled, container names can - not be longer than 11 characters, because the container's interface name is derived from it. - This might be fixed in the future. See https://github.com/NixOS/nixpkgs/issues/38509 - ''; - } - ]; - }; - }; - in [ extraConfig ] ++ (map (x: x.value) defs); - prefix = [ "containers" name ]; - }).config; - }; - }; - - path = mkOption { - type = types.path; - example = "/nix/var/nix/profiles/containers/webserver"; - description = '' - As an alternative to specifying - <option>config</option>, you can specify the path to - the evaluated NixOS system configuration, typically a - symlink to a system profile. - ''; - }; - - additionalCapabilities = mkOption { - type = types.listOf types.str; - default = []; - example = [ "CAP_NET_ADMIN" "CAP_MKNOD" ]; - description = '' - Grant additional capabilities to the container. See the - capabilities(7) and systemd-nspawn(1) man pages for more - information. - ''; - }; - - pkgs = mkOption { - type = types.nullOr types.attrs; - default = null; - example = literalExample "pkgs"; - description = '' - Customise which nixpkgs to use for this container. - ''; - }; - - ephemeral = mkOption { - type = types.bool; - default = false; - description = '' - Runs container in ephemeral mode with the empty root filesystem at boot. - This way container will be bootstrapped from scratch on each boot - and will be cleaned up on shutdown leaving no traces behind. - Useful for completely stateless, reproducible containers. - - Note that this option might require to do some adjustments to the container configuration, - e.g. you might want to set - <varname>systemd.network.networks.$interface.dhcpConfig.ClientIdentifier</varname> to "mac" - if you use <varname>macvlans</varname> option. - This way dhcp client identifier will be stable between the container restarts. - - Note that the container journal will not be linked to the host if this option is enabled. - ''; - }; - - enableTun = mkOption { - type = types.bool; - default = false; - description = '' - Allows the container to create and setup tunnel interfaces - by granting the <literal>NET_ADMIN</literal> capability and - enabling access to <literal>/dev/net/tun</literal>. - ''; - }; - - privateNetwork = mkOption { - type = types.bool; - default = false; - description = '' - Whether to give the container its own private virtual - Ethernet interface. The interface is called - <literal>eth0</literal>, and is hooked up to the interface - <literal>ve-<replaceable>container-name</replaceable></literal> - on the host. If this option is not set, then the - container shares the network interfaces of the host, - and can bind to any port on any interface. - ''; - }; - - interfaces = mkOption { - type = types.listOf types.str; - default = []; - example = [ "eth1" "eth2" ]; - description = '' - The list of interfaces to be moved into the container. - ''; - }; - - macvlans = mkOption { - type = types.listOf types.str; - default = []; - example = [ "eth1" "eth2" ]; - description = '' - The list of host interfaces from which macvlans will be - created. For each interface specified, a macvlan interface - will be created and moved to the container. - ''; - }; - - extraVeths = mkOption { - type = with types; attrsOf (submodule { options = networkOptions; }); - default = {}; - description = '' - Extra veth-pairs to be created for the container - ''; - }; - - autoStart = mkOption { - type = types.bool; - default = false; - description = '' - Whether the container is automatically started at boot-time. - ''; - }; - - timeoutStartSec = mkOption { - type = types.str; - default = "1min"; - description = '' - Time for the container to start. In case of a timeout, - the container processes get killed. - See <citerefentry><refentrytitle>systemd.time</refentrytitle> - <manvolnum>7</manvolnum></citerefentry> - for more information about the format. - ''; - }; - - bindMounts = mkOption { - type = with types; loaOf (submodule bindMountOpts); - default = {}; - example = literalExample '' - { "/home" = { hostPath = "/home/alice"; - isReadOnly = false; }; - } - ''; - - description = - '' - An extra list of directories that is bound to the container. - ''; - }; - - allowedDevices = mkOption { - type = with types; listOf (submodule allowedDeviceOpts); - default = []; - example = [ { node = "/dev/net/tun"; modifier = "rw"; } ]; - description = '' - A list of device nodes to which the containers has access to. - ''; - }; - - tmpfs = mkOption { - type = types.listOf types.str; - default = []; - example = [ "/var" ]; - description = '' - Mounts a set of tmpfs file systems into the container. - Multiple paths can be specified. - Valid items must conform to the --tmpfs argument - of systemd-nspawn. See systemd-nspawn(1) for details. - ''; - }; - - extraFlags = mkOption { - type = types.listOf types.str; - default = []; - example = [ "--drop-capability=CAP_SYS_CHROOT" ]; - description = '' - Extra flags passed to the systemd-nspawn command. - See systemd-nspawn(1) for details. - ''; - }; - - } // networkOptions; - - config = mkMerge - [ - (mkIf options.config.isDefined { - path = config.config.system.build.toplevel; - }) + users.extraUsers = builtins.listToAttrs ( + ( + builtins.foldl' ( + acc: user: { + values = acc.values ++ [ + { + name = user; + value = { + subUidRanges = [ { startUid = acc.offset; count = 65536; } ]; + subGidRanges = [ { startGid = acc.offset; count = 65536; } ]; + }; + } ]; - })); - - default = {}; - example = literalExample - '' - { webserver = - { path = "/nix/var/nix/profiles/webserver"; - }; - database = - { config = - { config, pkgs, ... }: - { services.postgresql.enable = true; - services.postgresql.package = pkgs.postgresql_9_6; - - system.stateVersion = "17.03"; - }; - }; + offset = acc.offset + 65536; } - ''; - description = '' - A set of NixOS system configurations to be run as lightweight - containers. Each container appears as a service - <literal>container-<replaceable>name</replaceable></literal> - on the host system, allowing it to be started and stopped via - <command>systemctl</command>. - ''; - }; + ) + { values = []; offset = 100000; } (lib.unique cfg.users) + ).values + ); + environment.etc."containers/policy.json".source = + if cfg.policy != {} then pkgs.writeText "policy.json" (builtins.toJSON cfg.policy) + else copyFile "${pkgs.skopeo.src}/default-policy.json"; }; - - config = mkIf (config.boot.enableContainers) (let - - unit = { - description = "Container '%i'"; - - unitConfig.RequiresMountsFor = "/var/lib/containers/%i"; - - path = [ pkgs.iproute ]; - - environment = { - root = "/var/lib/containers/%i"; - INSTANCE = "%i"; - }; - - preStart = preStartScript dummyConfig; - - script = startScript dummyConfig; - - postStart = postStartScript dummyConfig; - - preStop = "machinectl poweroff $INSTANCE"; - - restartIfChanged = false; - - serviceConfig = serviceDirectives dummyConfig; - }; - in { - systemd.targets.multi-user.wants = [ "machines.target" ]; - - systemd.services = listToAttrs (filter (x: x.value != null) ( - # The generic container template used by imperative containers - [{ name = "container@"; value = unit; }] - # declarative containers - ++ (mapAttrsToList (name: cfg: nameValuePair "container@${name}" (let - containerConfig = cfg // ( - if cfg.enableTun then - { - allowedDevices = cfg.allowedDevices - ++ [ { node = "/dev/net/tun"; modifier = "rw"; } ]; - additionalCapabilities = cfg.additionalCapabilities - ++ [ "CAP_NET_ADMIN" ]; - } - else {}); - in - recursiveUpdate unit { - preStart = preStartScript containerConfig; - script = startScript containerConfig; - postStart = postStartScript containerConfig; - serviceConfig = serviceDirectives containerConfig; - unitConfig.RequiresMountsFor = lib.optional (!containerConfig.ephemeral) "/var/lib/containers/%i"; - environment.root = if containerConfig.ephemeral then "/run/containers/%i" else "/var/lib/containers/%i"; - } // ( - if containerConfig.autoStart then - { - wantedBy = [ "machines.target" ]; - wants = [ "network.target" ]; - after = [ "network.target" ]; - restartTriggers = [ - containerConfig.path - config.environment.etc."containers/${name}.conf".source - ]; - restartIfChanged = true; - } - else {}) - )) config.containers) - )); - - # Generate a configuration file in /etc/containers for each - # container so that container@.target can get the container - # configuration. - environment.etc = - let mkPortStr = p: p.protocol + ":" + (toString p.hostPort) + ":" + (if p.containerPort == null then toString p.hostPort else toString p.containerPort); - in mapAttrs' (name: cfg: nameValuePair "containers/${name}.conf" - { text = - '' - SYSTEM_PATH=${cfg.path} - ${optionalString cfg.privateNetwork '' - PRIVATE_NETWORK=1 - ${optionalString (cfg.hostBridge != null) '' - HOST_BRIDGE=${cfg.hostBridge} - ''} - ${optionalString (length cfg.forwardPorts > 0) '' - HOST_PORT=${concatStringsSep "," (map mkPortStr cfg.forwardPorts)} - ''} - ${optionalString (cfg.hostAddress != null) '' - HOST_ADDRESS=${cfg.hostAddress} - ''} - ${optionalString (cfg.hostAddress6 != null) '' - HOST_ADDRESS6=${cfg.hostAddress6} - ''} - ${optionalString (cfg.localAddress != null) '' - LOCAL_ADDRESS=${cfg.localAddress} - ''} - ${optionalString (cfg.localAddress6 != null) '' - LOCAL_ADDRESS6=${cfg.localAddress6} - ''} - ''} - INTERFACES="${toString cfg.interfaces}" - MACVLANS="${toString cfg.macvlans}" - ${optionalString cfg.autoStart '' - AUTO_START=1 - ''} - EXTRA_NSPAWN_FLAGS="${mkBindFlags cfg.bindMounts + - optionalString (cfg.extraFlags != []) - (" " + concatStringsSep " " cfg.extraFlags)}" - ''; - }) config.containers; - - # Generate /etc/hosts entries for the containers. - networking.extraHosts = concatStrings (mapAttrsToList (name: cfg: optionalString (cfg.localAddress != null) - '' - ${head (splitString "/" cfg.localAddress)} ${name}.containers - '') config.containers); - - networking.dhcpcd.denyInterfaces = [ "ve-*" "vb-*" ]; - - services.udev.extraRules = optionalString config.networking.networkmanager.enable '' - # Don't manage interfaces created by nixos-container. - ENV{INTERFACE}=="v[eb]-*", ENV{NM_UNMANAGED}="1" - ''; - - environment.systemPackages = [ pkgs.nixos-container ]; - - boot.kernelModules = [ - "bridge" - "macvlan" - "tap" - "tun" - ]; - }); } diff --git a/nixos/modules/virtualisation/cri-o.nix b/nixos/modules/virtualisation/cri-o.nix index 14a435f6c8bb..7882b7fc19de 100644 --- a/nixos/modules/virtualisation/cri-o.nix +++ b/nixos/modules/virtualisation/cri-o.nix @@ -62,9 +62,7 @@ in log_level = "${cfg.logLevel}" manage_network_ns_lifecycle = true ''; - environment.etc."containers/policy.json".text = '' - {"default": [{"type": "insecureAcceptAnything"}]} - ''; + environment.etc."cni/net.d/20-cri-o-bridge.conf".text = '' { "cniVersion": "0.3.1", @@ -83,6 +81,9 @@ in } ''; + # Enable common container configuration, this will create policy.json + virtualisation.containers.enable = true; + systemd.services.crio = { description = "Container Runtime Interface for OCI (CRI-O)"; documentation = [ "https://github.com/cri-o/cri-o" ]; diff --git a/nixos/modules/virtualisation/nixos-containers.nix b/nixos/modules/virtualisation/nixos-containers.nix new file mode 100644 index 000000000000..4f5be91939db --- /dev/null +++ b/nixos/modules/virtualisation/nixos-containers.nix @@ -0,0 +1,844 @@ +{ config, lib, pkgs, ... }: + +with lib; + +let + + # The container's init script, a small wrapper around the regular + # NixOS stage-2 init script. + containerInit = (cfg: + let + renderExtraVeth = (name: cfg: + '' + echo "Bringing ${name} up" + ip link set dev ${name} up + ${optionalString (cfg.localAddress != null) '' + echo "Setting ip for ${name}" + ip addr add ${cfg.localAddress} dev ${name} + ''} + ${optionalString (cfg.localAddress6 != null) '' + echo "Setting ip6 for ${name}" + ip -6 addr add ${cfg.localAddress6} dev ${name} + ''} + ${optionalString (cfg.hostAddress != null) '' + echo "Setting route to host for ${name}" + ip route add ${cfg.hostAddress} dev ${name} + ''} + ${optionalString (cfg.hostAddress6 != null) '' + echo "Setting route6 to host for ${name}" + ip -6 route add ${cfg.hostAddress6} dev ${name} + ''} + '' + ); + in + pkgs.writeScript "container-init" + '' + #! ${pkgs.runtimeShell} -e + + # Initialise the container side of the veth pair. + if [ -n "$HOST_ADDRESS" ] || [ -n "$HOST_ADDRESS6" ] || + [ -n "$LOCAL_ADDRESS" ] || [ -n "$LOCAL_ADDRESS6" ] || + [ -n "$HOST_BRIDGE" ]; then + ip link set host0 name eth0 + ip link set dev eth0 up + + if [ -n "$LOCAL_ADDRESS" ]; then + ip addr add $LOCAL_ADDRESS dev eth0 + fi + if [ -n "$LOCAL_ADDRESS6" ]; then + ip -6 addr add $LOCAL_ADDRESS6 dev eth0 + fi + if [ -n "$HOST_ADDRESS" ]; then + ip route add $HOST_ADDRESS dev eth0 + ip route add default via $HOST_ADDRESS + fi + if [ -n "$HOST_ADDRESS6" ]; then + ip -6 route add $HOST_ADDRESS6 dev eth0 + ip -6 route add default via $HOST_ADDRESS6 + fi + + ${concatStringsSep "\n" (mapAttrsToList renderExtraVeth cfg.extraVeths)} + fi + + # Start the regular stage 1 script. + exec "$1" + '' + ); + + nspawnExtraVethArgs = (name: cfg: "--network-veth-extra=${name}"); + + startScript = cfg: + '' + mkdir -p -m 0755 "$root/etc" "$root/var/lib" + mkdir -p -m 0700 "$root/var/lib/private" "$root/root" /run/containers + if ! [ -e "$root/etc/os-release" ]; then + touch "$root/etc/os-release" + fi + + if ! [ -e "$root/etc/machine-id" ]; then + touch "$root/etc/machine-id" + fi + + mkdir -p -m 0755 \ + "/nix/var/nix/profiles/per-container/$INSTANCE" \ + "/nix/var/nix/gcroots/per-container/$INSTANCE" + + cp --remove-destination /etc/resolv.conf "$root/etc/resolv.conf" + + if [ "$PRIVATE_NETWORK" = 1 ]; then + extraFlags+=" --private-network" + fi + + if [ -n "$HOST_ADDRESS" ] || [ -n "$LOCAL_ADDRESS" ] || + [ -n "$HOST_ADDRESS6" ] || [ -n "$LOCAL_ADDRESS6" ]; then + extraFlags+=" --network-veth" + fi + + if [ -n "$HOST_PORT" ]; then + OIFS=$IFS + IFS="," + for i in $HOST_PORT + do + extraFlags+=" --port=$i" + done + IFS=$OIFS + fi + + if [ -n "$HOST_BRIDGE" ]; then + extraFlags+=" --network-bridge=$HOST_BRIDGE" + fi + + extraFlags+=" ${concatStringsSep " " (mapAttrsToList nspawnExtraVethArgs cfg.extraVeths)}" + + for iface in $INTERFACES; do + extraFlags+=" --network-interface=$iface" + done + + for iface in $MACVLANS; do + extraFlags+=" --network-macvlan=$iface" + done + + # If the host is 64-bit and the container is 32-bit, add a + # --personality flag. + ${optionalString (config.nixpkgs.localSystem.system == "x86_64-linux") '' + if [ "$(< ''${SYSTEM_PATH:-/nix/var/nix/profiles/per-container/$INSTANCE/system}/system)" = i686-linux ]; then + extraFlags+=" --personality=x86" + fi + ''} + + # Run systemd-nspawn without startup notification (we'll + # wait for the container systemd to signal readiness). + exec ${config.systemd.package}/bin/systemd-nspawn \ + --keep-unit \ + -M "$INSTANCE" -D "$root" $extraFlags \ + $EXTRA_NSPAWN_FLAGS \ + --notify-ready=yes \ + --bind-ro=/nix/store \ + --bind-ro=/nix/var/nix/db \ + --bind-ro=/nix/var/nix/daemon-socket \ + --bind="/nix/var/nix/profiles/per-container/$INSTANCE:/nix/var/nix/profiles" \ + --bind="/nix/var/nix/gcroots/per-container/$INSTANCE:/nix/var/nix/gcroots" \ + ${optionalString (!cfg.ephemeral) "--link-journal=try-guest"} \ + --setenv PRIVATE_NETWORK="$PRIVATE_NETWORK" \ + --setenv HOST_BRIDGE="$HOST_BRIDGE" \ + --setenv HOST_ADDRESS="$HOST_ADDRESS" \ + --setenv LOCAL_ADDRESS="$LOCAL_ADDRESS" \ + --setenv HOST_ADDRESS6="$HOST_ADDRESS6" \ + --setenv LOCAL_ADDRESS6="$LOCAL_ADDRESS6" \ + --setenv HOST_PORT="$HOST_PORT" \ + --setenv PATH="$PATH" \ + ${optionalString cfg.ephemeral "--ephemeral"} \ + ${if cfg.additionalCapabilities != null && cfg.additionalCapabilities != [] then + ''--capability="${concatStringsSep "," cfg.additionalCapabilities}"'' else "" + } \ + ${if cfg.tmpfs != null && cfg.tmpfs != [] then + ''--tmpfs=${concatStringsSep " --tmpfs=" cfg.tmpfs}'' else "" + } \ + ${containerInit cfg} "''${SYSTEM_PATH:-/nix/var/nix/profiles/system}/init" + ''; + + preStartScript = cfg: + '' + # Clean up existing machined registration and interfaces. + machinectl terminate "$INSTANCE" 2> /dev/null || true + + if [ -n "$HOST_ADDRESS" ] || [ -n "$LOCAL_ADDRESS" ] || + [ -n "$HOST_ADDRESS6" ] || [ -n "$LOCAL_ADDRESS6" ]; then + ip link del dev "ve-$INSTANCE" 2> /dev/null || true + ip link del dev "vb-$INSTANCE" 2> /dev/null || true + fi + + ${concatStringsSep "\n" ( + mapAttrsToList (name: cfg: + ''ip link del dev ${name} 2> /dev/null || true '' + ) cfg.extraVeths + )} + ''; + + postStartScript = (cfg: + let + ipcall = cfg: ipcmd: variable: attribute: + if cfg.${attribute} == null then + '' + if [ -n "${variable}" ]; then + ${ipcmd} add ${variable} dev $ifaceHost + fi + '' + else + ''${ipcmd} add ${cfg.${attribute}} dev $ifaceHost''; + renderExtraVeth = name: cfg: + if cfg.hostBridge != null then + '' + # Add ${name} to bridge ${cfg.hostBridge} + ip link set dev ${name} master ${cfg.hostBridge} up + '' + else + '' + echo "Bring ${name} up" + ip link set dev ${name} up + # Set IPs and routes for ${name} + ${optionalString (cfg.hostAddress != null) '' + ip addr add ${cfg.hostAddress} dev ${name} + ''} + ${optionalString (cfg.hostAddress6 != null) '' + ip -6 addr add ${cfg.hostAddress6} dev ${name} + ''} + ${optionalString (cfg.localAddress != null) '' + ip route add ${cfg.localAddress} dev ${name} + ''} + ${optionalString (cfg.localAddress6 != null) '' + ip -6 route add ${cfg.localAddress6} dev ${name} + ''} + ''; + in + '' + if [ -n "$HOST_ADDRESS" ] || [ -n "$LOCAL_ADDRESS" ] || + [ -n "$HOST_ADDRESS6" ] || [ -n "$LOCAL_ADDRESS6" ]; then + if [ -z "$HOST_BRIDGE" ]; then + ifaceHost=ve-$INSTANCE + ip link set dev $ifaceHost up + + ${ipcall cfg "ip addr" "$HOST_ADDRESS" "hostAddress"} + ${ipcall cfg "ip -6 addr" "$HOST_ADDRESS6" "hostAddress6"} + ${ipcall cfg "ip route" "$LOCAL_ADDRESS" "localAddress"} + ${ipcall cfg "ip -6 route" "$LOCAL_ADDRESS6" "localAddress6"} + fi + ${concatStringsSep "\n" (mapAttrsToList renderExtraVeth cfg.extraVeths)} + fi + '' + ); + + serviceDirectives = cfg: { + ExecReload = pkgs.writeScript "reload-container" + '' + #! ${pkgs.runtimeShell} -e + ${pkgs.nixos-container}/bin/nixos-container run "$INSTANCE" -- \ + bash --login -c "''${SYSTEM_PATH:-/nix/var/nix/profiles/system}/bin/switch-to-configuration test" + ''; + + SyslogIdentifier = "container %i"; + + EnvironmentFile = "-/etc/containers/%i.conf"; + + Type = "notify"; + + RuntimeDirectory = lib.optional cfg.ephemeral "containers/%i"; + + # Note that on reboot, systemd-nspawn returns 133, so this + # unit will be restarted. On poweroff, it returns 0, so the + # unit won't be restarted. + RestartForceExitStatus = "133"; + SuccessExitStatus = "133"; + + # Some containers take long to start + # especially when you automatically start many at once + TimeoutStartSec = cfg.timeoutStartSec; + + Restart = "on-failure"; + + Slice = "machine.slice"; + Delegate = true; + + # Hack: we don't want to kill systemd-nspawn, since we call + # "machinectl poweroff" in preStop to shut down the + # container cleanly. But systemd requires sending a signal + # (at least if we want remaining processes to be killed + # after the timeout). So send an ignored signal. + KillMode = "mixed"; + KillSignal = "WINCH"; + + DevicePolicy = "closed"; + DeviceAllow = map (d: "${d.node} ${d.modifier}") cfg.allowedDevices; + }; + + + system = config.nixpkgs.localSystem.system; + + bindMountOpts = { name, ... }: { + + options = { + mountPoint = mkOption { + example = "/mnt/usb"; + type = types.str; + description = "Mount point on the container file system."; + }; + hostPath = mkOption { + default = null; + example = "/home/alice"; + type = types.nullOr types.str; + description = "Location of the host path to be mounted."; + }; + isReadOnly = mkOption { + default = true; + type = types.bool; + description = "Determine whether the mounted path will be accessed in read-only mode."; + }; + }; + + config = { + mountPoint = mkDefault name; + }; + + }; + + allowedDeviceOpts = { ... }: { + options = { + node = mkOption { + example = "/dev/net/tun"; + type = types.str; + description = "Path to device node"; + }; + modifier = mkOption { + example = "rw"; + type = types.str; + description = '' + Device node access modifier. Takes a combination + <literal>r</literal> (read), <literal>w</literal> (write), and + <literal>m</literal> (mknod). See the + <literal>systemd.resource-control(5)</literal> man page for more + information.''; + }; + }; + }; + + + mkBindFlag = d: + let flagPrefix = if d.isReadOnly then " --bind-ro=" else " --bind="; + mountstr = if d.hostPath != null then "${d.hostPath}:${d.mountPoint}" else "${d.mountPoint}"; + in flagPrefix + mountstr ; + + mkBindFlags = bs: concatMapStrings mkBindFlag (lib.attrValues bs); + + networkOptions = { + hostBridge = mkOption { + type = types.nullOr types.str; + default = null; + example = "br0"; + description = '' + Put the host-side of the veth-pair into the named bridge. + Only one of hostAddress* or hostBridge can be given. + ''; + }; + + forwardPorts = mkOption { + type = types.listOf (types.submodule { + options = { + protocol = mkOption { + type = types.str; + default = "tcp"; + description = "The protocol specifier for port forwarding between host and container"; + }; + hostPort = mkOption { + type = types.int; + description = "Source port of the external interface on host"; + }; + containerPort = mkOption { + type = types.nullOr types.int; + default = null; + description = "Target port of container"; + }; + }; + }); + default = []; + example = [ { protocol = "tcp"; hostPort = 8080; containerPort = 80; } ]; + description = '' + List of forwarded ports from host to container. Each forwarded port + is specified by protocol, hostPort and containerPort. By default, + protocol is tcp and hostPort and containerPort are assumed to be + the same if containerPort is not explicitly given. + ''; + }; + + + hostAddress = mkOption { + type = types.nullOr types.str; + default = null; + example = "10.231.136.1"; + description = '' + The IPv4 address assigned to the host interface. + (Not used when hostBridge is set.) + ''; + }; + + hostAddress6 = mkOption { + type = types.nullOr types.str; + default = null; + example = "fc00::1"; + description = '' + The IPv6 address assigned to the host interface. + (Not used when hostBridge is set.) + ''; + }; + + localAddress = mkOption { + type = types.nullOr types.str; + default = null; + example = "10.231.136.2"; + description = '' + The IPv4 address assigned to the interface in the container. + If a hostBridge is used, this should be given with netmask to access + the whole network. Otherwise the default netmask is /32 and routing is + set up from localAddress to hostAddress and back. + ''; + }; + + localAddress6 = mkOption { + type = types.nullOr types.str; + default = null; + example = "fc00::2"; + description = '' + The IPv6 address assigned to the interface in the container. + If a hostBridge is used, this should be given with netmask to access + the whole network. Otherwise the default netmask is /128 and routing is + set up from localAddress6 to hostAddress6 and back. + ''; + }; + + }; + + dummyConfig = + { + extraVeths = {}; + additionalCapabilities = []; + ephemeral = false; + timeoutStartSec = "15s"; + allowedDevices = []; + hostAddress = null; + hostAddress6 = null; + localAddress = null; + localAddress6 = null; + tmpfs = null; + }; + +in + +{ + options = { + + boot.isContainer = mkOption { + type = types.bool; + default = false; + description = '' + Whether this NixOS machine is a lightweight container running + in another NixOS system. If set to true, support for nested + containers is disabled by default, but can be reenabled by + setting <config>boot.enableContainers</config> to true. + ''; + }; + + boot.enableContainers = mkOption { + type = types.bool; + default = !config.boot.isContainer; + description = '' + Whether to enable support for NixOS containers. Defaults to true + (at no cost if containers are not actually used), but only if the + system is not itself a lightweight container of a host. + To enable support for nested containers, this option has to be + explicitly set to true (in the outer container). + ''; + }; + + containers = mkOption { + type = types.attrsOf (types.submodule ( + { config, options, name, ... }: + { + options = { + + config = mkOption { + description = '' + A specification of the desired configuration of this + container, as a NixOS module. + ''; + type = let + confPkgs = if config.pkgs == null then pkgs else config.pkgs; + in lib.mkOptionType { + name = "Toplevel NixOS config"; + merge = loc: defs: (import (confPkgs.path + "/nixos/lib/eval-config.nix") { + inherit system; + pkgs = confPkgs; + baseModules = import (confPkgs.path + "/nixos/modules/module-list.nix"); + inherit (confPkgs) lib; + modules = + let + extraConfig = { + _file = "module at ${__curPos.file}:${toString __curPos.line}"; + config = { + boot.isContainer = true; + networking.hostName = mkDefault name; + networking.useDHCP = false; + assertions = [ + { + assertion = config.privateNetwork -> stringLength name < 12; + message = '' + Container name `${name}` is too long: When `privateNetwork` is enabled, container names can + not be longer than 11 characters, because the container's interface name is derived from it. + This might be fixed in the future. See https://github.com/NixOS/nixpkgs/issues/38509 + ''; + } + ]; + }; + }; + in [ extraConfig ] ++ (map (x: x.value) defs); + prefix = [ "containers" name ]; + }).config; + }; + }; + + path = mkOption { + type = types.path; + example = "/nix/var/nix/profiles/containers/webserver"; + description = '' + As an alternative to specifying + <option>config</option>, you can specify the path to + the evaluated NixOS system configuration, typically a + symlink to a system profile. + ''; + }; + + additionalCapabilities = mkOption { + type = types.listOf types.str; + default = []; + example = [ "CAP_NET_ADMIN" "CAP_MKNOD" ]; + description = '' + Grant additional capabilities to the container. See the + capabilities(7) and systemd-nspawn(1) man pages for more + information. + ''; + }; + + pkgs = mkOption { + type = types.nullOr types.attrs; + default = null; + example = literalExample "pkgs"; + description = '' + Customise which nixpkgs to use for this container. + ''; + }; + + ephemeral = mkOption { + type = types.bool; + default = false; + description = '' + Runs container in ephemeral mode with the empty root filesystem at boot. + This way container will be bootstrapped from scratch on each boot + and will be cleaned up on shutdown leaving no traces behind. + Useful for completely stateless, reproducible containers. + + Note that this option might require to do some adjustments to the container configuration, + e.g. you might want to set + <varname>systemd.network.networks.$interface.dhcpConfig.ClientIdentifier</varname> to "mac" + if you use <varname>macvlans</varname> option. + This way dhcp client identifier will be stable between the container restarts. + + Note that the container journal will not be linked to the host if this option is enabled. + ''; + }; + + enableTun = mkOption { + type = types.bool; + default = false; + description = '' + Allows the container to create and setup tunnel interfaces + by granting the <literal>NET_ADMIN</literal> capability and + enabling access to <literal>/dev/net/tun</literal>. + ''; + }; + + privateNetwork = mkOption { + type = types.bool; + default = false; + description = '' + Whether to give the container its own private virtual + Ethernet interface. The interface is called + <literal>eth0</literal>, and is hooked up to the interface + <literal>ve-<replaceable>container-name</replaceable></literal> + on the host. If this option is not set, then the + container shares the network interfaces of the host, + and can bind to any port on any interface. + ''; + }; + + interfaces = mkOption { + type = types.listOf types.str; + default = []; + example = [ "eth1" "eth2" ]; + description = '' + The list of interfaces to be moved into the container. + ''; + }; + + macvlans = mkOption { + type = types.listOf types.str; + default = []; + example = [ "eth1" "eth2" ]; + description = '' + The list of host interfaces from which macvlans will be + created. For each interface specified, a macvlan interface + will be created and moved to the container. + ''; + }; + + extraVeths = mkOption { + type = with types; attrsOf (submodule { options = networkOptions; }); + default = {}; + description = '' + Extra veth-pairs to be created for the container. + ''; + }; + + autoStart = mkOption { + type = types.bool; + default = false; + description = '' + Whether the container is automatically started at boot-time. + ''; + }; + + timeoutStartSec = mkOption { + type = types.str; + default = "1min"; + description = '' + Time for the container to start. In case of a timeout, + the container processes get killed. + See <citerefentry><refentrytitle>systemd.time</refentrytitle> + <manvolnum>7</manvolnum></citerefentry> + for more information about the format. + ''; + }; + + bindMounts = mkOption { + type = with types; loaOf (submodule bindMountOpts); + default = {}; + example = literalExample '' + { "/home" = { hostPath = "/home/alice"; + isReadOnly = false; }; + } + ''; + + description = + '' + An extra list of directories that is bound to the container. + ''; + }; + + allowedDevices = mkOption { + type = with types; listOf (submodule allowedDeviceOpts); + default = []; + example = [ { node = "/dev/net/tun"; modifier = "rw"; } ]; + description = '' + A list of device nodes to which the containers has access to. + ''; + }; + + tmpfs = mkOption { + type = types.listOf types.str; + default = []; + example = [ "/var" ]; + description = '' + Mounts a set of tmpfs file systems into the container. + Multiple paths can be specified. + Valid items must conform to the --tmpfs argument + of systemd-nspawn. See systemd-nspawn(1) for details. + ''; + }; + + extraFlags = mkOption { + type = types.listOf types.str; + default = []; + example = [ "--drop-capability=CAP_SYS_CHROOT" ]; + description = '' + Extra flags passed to the systemd-nspawn command. + See systemd-nspawn(1) for details. + ''; + }; + + } // networkOptions; + + config = mkMerge + [ + (mkIf options.config.isDefined { + path = config.config.system.build.toplevel; + }) + ]; + })); + + default = {}; + example = literalExample + '' + { webserver = + { path = "/nix/var/nix/profiles/webserver"; + }; + database = + { config = + { config, pkgs, ... }: + { services.postgresql.enable = true; + services.postgresql.package = pkgs.postgresql_9_6; + + system.stateVersion = "17.03"; + }; + }; + } + ''; + description = '' + A set of NixOS system configurations to be run as lightweight + containers. Each container appears as a service + <literal>container-<replaceable>name</replaceable></literal> + on the host system, allowing it to be started and stopped via + <command>systemctl</command>. + ''; + }; + + }; + + + config = mkIf (config.boot.enableContainers) (let + + unit = { + description = "Container '%i'"; + + unitConfig.RequiresMountsFor = "/var/lib/containers/%i"; + + path = [ pkgs.iproute ]; + + environment = { + root = "/var/lib/containers/%i"; + INSTANCE = "%i"; + }; + + preStart = preStartScript dummyConfig; + + script = startScript dummyConfig; + + postStart = postStartScript dummyConfig; + + preStop = "machinectl poweroff $INSTANCE"; + + restartIfChanged = false; + + serviceConfig = serviceDirectives dummyConfig; + }; + in { + systemd.targets.multi-user.wants = [ "machines.target" ]; + + systemd.services = listToAttrs (filter (x: x.value != null) ( + # The generic container template used by imperative containers + [{ name = "container@"; value = unit; }] + # declarative containers + ++ (mapAttrsToList (name: cfg: nameValuePair "container@${name}" (let + containerConfig = cfg // ( + if cfg.enableTun then + { + allowedDevices = cfg.allowedDevices + ++ [ { node = "/dev/net/tun"; modifier = "rw"; } ]; + additionalCapabilities = cfg.additionalCapabilities + ++ [ "CAP_NET_ADMIN" ]; + } + else {}); + in + recursiveUpdate unit { + preStart = preStartScript containerConfig; + script = startScript containerConfig; + postStart = postStartScript containerConfig; + serviceConfig = serviceDirectives containerConfig; + unitConfig.RequiresMountsFor = lib.optional (!containerConfig.ephemeral) "/var/lib/containers/%i"; + environment.root = if containerConfig.ephemeral then "/run/containers/%i" else "/var/lib/containers/%i"; + } // ( + if containerConfig.autoStart then + { + wantedBy = [ "machines.target" ]; + wants = [ "network.target" ]; + after = [ "network.target" ]; + restartTriggers = [ + containerConfig.path + config.environment.etc."containers/${name}.conf".source + ]; + restartIfChanged = true; + } + else {}) + )) config.containers) + )); + + # Generate a configuration file in /etc/containers for each + # container so that container@.target can get the container + # configuration. + environment.etc = + let mkPortStr = p: p.protocol + ":" + (toString p.hostPort) + ":" + (if p.containerPort == null then toString p.hostPort else toString p.containerPort); + in mapAttrs' (name: cfg: nameValuePair "containers/${name}.conf" + { text = + '' + SYSTEM_PATH=${cfg.path} + ${optionalString cfg.privateNetwork '' + PRIVATE_NETWORK=1 + ${optionalString (cfg.hostBridge != null) '' + HOST_BRIDGE=${cfg.hostBridge} + ''} + ${optionalString (length cfg.forwardPorts > 0) '' + HOST_PORT=${concatStringsSep "," (map mkPortStr cfg.forwardPorts)} + ''} + ${optionalString (cfg.hostAddress != null) '' + HOST_ADDRESS=${cfg.hostAddress} + ''} + ${optionalString (cfg.hostAddress6 != null) '' + HOST_ADDRESS6=${cfg.hostAddress6} + ''} + ${optionalString (cfg.localAddress != null) '' + LOCAL_ADDRESS=${cfg.localAddress} + ''} + ${optionalString (cfg.localAddress6 != null) '' + LOCAL_ADDRESS6=${cfg.localAddress6} + ''} + ''} + INTERFACES="${toString cfg.interfaces}" + MACVLANS="${toString cfg.macvlans}" + ${optionalString cfg.autoStart '' + AUTO_START=1 + ''} + EXTRA_NSPAWN_FLAGS="${mkBindFlags cfg.bindMounts + + optionalString (cfg.extraFlags != []) + (" " + concatStringsSep " " cfg.extraFlags)}" + ''; + }) config.containers; + + # Generate /etc/hosts entries for the containers. + networking.extraHosts = concatStrings (mapAttrsToList (name: cfg: optionalString (cfg.localAddress != null) + '' + ${head (splitString "/" cfg.localAddress)} ${name}.containers + '') config.containers); + + networking.dhcpcd.denyInterfaces = [ "ve-*" "vb-*" ]; + + services.udev.extraRules = optionalString config.networking.networkmanager.enable '' + # Don't manage interfaces created by nixos-container. + ENV{INTERFACE}=="v[eb]-*", ENV{NM_UNMANAGED}="1" + ''; + + environment.systemPackages = [ pkgs.nixos-container ]; + + boot.kernelModules = [ + "bridge" + "macvlan" + "tap" + "tun" + ]; + }); +} diff --git a/nixos/modules/virtualisation/podman.nix b/nixos/modules/virtualisation/podman.nix new file mode 100644 index 000000000000..2ec45fa18a46 --- /dev/null +++ b/nixos/modules/virtualisation/podman.nix @@ -0,0 +1,80 @@ +{ config, lib, pkgs, ... }: +let + cfg = config.virtualisation.podman; + + inherit (lib) mkOption types; + + # Provides a fake "docker" binary mapping to podman + dockerCompat = pkgs.runCommandNoCC "${pkgs.podman.pname}-docker-compat-${pkgs.podman.version}" { + outputs = [ "out" "bin" "man" ]; + inherit (pkgs.podman) meta; + } '' + mkdir $out + + mkdir -p $bin/bin + ln -s ${pkgs.podman.bin}/bin/podman $bin/bin/docker + + mkdir -p $man/share/man/man1 + for f in ${pkgs.podman.man}/share/man/man1/*; do + basename=$(basename $f | sed s/podman/docker/g) + ln -s $f $man/share/man/man1/$basename + done + ''; + + # Copy configuration files to avoid having the entire sources in the system closure + copyFile = filePath: pkgs.runCommandNoCC (builtins.unsafeDiscardStringContext (builtins.baseNameOf filePath)) {} '' + cp ${filePath} $out + ''; + +in +{ + meta = { + maintainers = lib.teams.podman.members; + }; + + options.virtualisation.podman = { + + enable = + mkOption { + type = types.bool; + default = false; + description = '' + This option enables Podman, a daemonless container engine for + developing, managing, and running OCI Containers on your Linux System. + + It is a drop-in replacement for the <command>docker</command> command. + ''; + }; + + dockerCompat = mkOption { + type = types.bool; + default = false; + description = '' + Create an alias mapping <command>docker</command> to <command>podman</command>. + ''; + }; + + }; + + config = lib.mkIf cfg.enable { + + environment.systemPackages = [ + pkgs.podman # Docker compat + pkgs.runc # Default container runtime + pkgs.crun # Default container runtime (cgroups v2) + pkgs.conmon # Container runtime monitor + pkgs.slirp4netns # User-mode networking for unprivileged namespaces + pkgs.fuse-overlayfs # CoW for images, much faster than default vfs + pkgs.utillinux # nsenter + pkgs.cni-plugins # Networking plugins + pkgs.iptables + ] + ++ lib.optional cfg.dockerCompat dockerCompat; + + environment.etc."cni/net.d/87-podman-bridge.conflist".source = copyFile "${pkgs.podman.src}/cni/87-podman-bridge.conflist"; + + virtualisation.containers.enable = true; + + }; + +} diff --git a/nixos/release-combined.nix b/nixos/release-combined.nix index f4f99e71a90c..2f5dd28e8bb5 100644 --- a/nixos/release-combined.nix +++ b/nixos/release-combined.nix @@ -115,6 +115,7 @@ in rec { (onFullSupported "nixos.tests.openssh") (onFullSupported "nixos.tests.pantheon") (onFullSupported "nixos.tests.php.fpm") + (onFullSupported "nixos.tests.php.httpd") (onFullSupported "nixos.tests.php.pcre") (onFullSupported "nixos.tests.plasma5") (onFullSupported "nixos.tests.predictable-interface-names.predictableNetworkd") diff --git a/nixos/tests/all-tests.nix b/nixos/tests/all-tests.nix index 30229a3a5b2f..cbfdf3ad9c20 100644 --- a/nixos/tests/all-tests.nix +++ b/nixos/tests/all-tests.nix @@ -248,6 +248,7 @@ in php = handleTest ./php {}; plasma5 = handleTest ./plasma5.nix {}; plotinus = handleTest ./plotinus.nix {}; + podman = handleTest ./podman.nix {}; postgis = handleTest ./postgis.nix {}; postgresql = handleTest ./postgresql.nix {}; postgresql-wal-receiver = handleTest ./postgresql-wal-receiver.nix {}; @@ -299,6 +300,7 @@ in systemd-timesyncd = handleTest ./systemd-timesyncd.nix {}; systemd-networkd-vrf = handleTest ./systemd-networkd-vrf.nix {}; systemd-networkd = handleTest ./systemd-networkd.nix {}; + systemd-networkd-dhcpserver = handleTest ./systemd-networkd-dhcpserver.nix {}; systemd-nspawn = handleTest ./systemd-nspawn.nix {}; pdns-recursor = handleTest ./pdns-recursor.nix {}; taskserver = handleTest ./taskserver.nix {}; diff --git a/nixos/tests/php/default.nix b/nixos/tests/php/default.nix index 9ab14f722d08..ee7a3b56a3ef 100644 --- a/nixos/tests/php/default.nix +++ b/nixos/tests/php/default.nix @@ -3,5 +3,6 @@ pkgs ? import ../../.. { inherit system config; } }: { fpm = import ./fpm.nix { inherit system pkgs; }; + httpd = import ./httpd.nix { inherit system pkgs; }; pcre = import ./pcre.nix { inherit system pkgs; }; } diff --git a/nixos/tests/php/fpm.nix b/nixos/tests/php/fpm.nix index e93a31834185..1e4ced24b6c3 100644 --- a/nixos/tests/php/fpm.nix +++ b/nixos/tests/php/fpm.nix @@ -43,13 +43,11 @@ import ../make-test-python.nix ({pkgs, ...}: { machine.wait_for_unit("phpfpm-foobar.service") # Check so we get an evaluated PHP back - assert "PHP Version ${pkgs.php.version}" in machine.succeed("curl -vvv -s http://127.0.0.1:80/") + response = machine.succeed("curl -vvv -s http://127.0.0.1:80/") + assert "PHP Version ${pkgs.php.version}" in response, "PHP version not detected" # Check so we have database and some other extensions loaded - assert "json" in machine.succeed("curl -vvv -s http://127.0.0.1:80/") - assert "opcache" in machine.succeed("curl -vvv -s http://127.0.0.1:80/") - assert "pdo_mysql" in machine.succeed("curl -vvv -s http://127.0.0.1:80/") - assert "pdo_pgsql" in machine.succeed("curl -vvv -s http://127.0.0.1:80/") - assert "pdo_sqlite" in machine.succeed("curl -vvv -s http://127.0.0.1:80/") + for ext in ["json", "opcache", "pdo_mysql", "pdo_pgsql", "pdo_sqlite"]: + assert ext in response, f"Missing {ext} extension" ''; }) diff --git a/nixos/tests/php/httpd.nix b/nixos/tests/php/httpd.nix new file mode 100644 index 000000000000..fc3ff986734e --- /dev/null +++ b/nixos/tests/php/httpd.nix @@ -0,0 +1,31 @@ +import ../make-test-python.nix ({pkgs, ...}: { + name = "php-httpd-test"; + meta.maintainers = with pkgs.stdenv.lib.maintainers; [ etu ]; + + machine = { config, lib, pkgs, ... }: { + services.httpd = { + enable = true; + adminAddr = "admin@phpfpm"; + virtualHosts."phpfpm" = let + testdir = pkgs.writeTextDir "web/index.php" "<?php phpinfo();"; + in { + documentRoot = "${testdir}/web"; + locations."/" = { + index = "index.php index.html"; + }; + }; + enablePHP = true; + }; + }; + testScript = { ... }: '' + machine.wait_for_unit("httpd.service") + + # Check so we get an evaluated PHP back + response = machine.succeed("curl -vvv -s http://127.0.0.1:80/") + assert "PHP Version ${pkgs.php.version}" in response, "PHP version not detected" + + # Check so we have database and some other extensions loaded + for ext in ["json", "opcache", "pdo_mysql", "pdo_pgsql", "pdo_sqlite"]: + assert ext in response, f"Missing {ext} extension" + ''; +}) diff --git a/nixos/tests/php/pcre.nix b/nixos/tests/php/pcre.nix index 56a87778579f..016dca81d522 100644 --- a/nixos/tests/php/pcre.nix +++ b/nixos/tests/php/pcre.nix @@ -30,8 +30,8 @@ in import ../make-test-python.nix ({ ...}: { '' machine.wait_for_unit("httpd.service") # Ensure php evaluation by matching on the var_dump syntax - assert 'string(${toString (builtins.stringLength testString)}) "${testString}"' in machine.succeed( - "curl -vvv -s http://127.0.0.1:80/index.php" - ) + response = machine.succeed("curl -vvv -s http://127.0.0.1:80/index.php") + expected = 'string(${toString (builtins.stringLength testString)}) "${testString}"' + assert expected in response, "Does not appear to be able to use subgroups." ''; }) diff --git a/nixos/tests/podman.nix b/nixos/tests/podman.nix new file mode 100644 index 000000000000..ccfe8334a160 --- /dev/null +++ b/nixos/tests/podman.nix @@ -0,0 +1,30 @@ +# This test runs podman and checks if simple container starts + +import ./make-test-python.nix ( + { pkgs, lib, ... }: { + name = "podman"; + meta = { + maintainers = lib.teams.podman.members; + }; + + nodes = { + podman = + { pkgs, ... }: + { + virtualisation.podman.enable = true; + }; + }; + + testScript = '' + start_all() + + podman.wait_for_unit("sockets.target") + podman.succeed("tar cv --files-from /dev/null | podman import - scratchimg") + podman.succeed( + "podman run -d --name=sleeping -v /nix/store:/nix/store -v /run/current-system/sw/bin:/bin scratchimg /bin/sleep 10" + ) + podman.succeed("podman ps | grep sleeping") + podman.succeed("podman stop sleeping") + ''; + } +) diff --git a/nixos/tests/redmine.nix b/nixos/tests/redmine.nix index 73eb684f33a9..3866a1f528c0 100644 --- a/nixos/tests/redmine.nix +++ b/nixos/tests/redmine.nix @@ -3,74 +3,42 @@ pkgs ? import ../.. { inherit system config; } }: -with import ../lib/testing.nix { inherit system pkgs; }; +with import ../lib/testing-python.nix { inherit system pkgs; }; with pkgs.lib; let - mysqlTest = package: makeTest { - machine = - { config, pkgs, ... }: - { services.redmine.enable = true; - services.redmine.package = package; - services.redmine.database.type = "mysql2"; - services.redmine.plugins = { + redmineTest = { name, type }: makeTest { + name = "redmine-${name}"; + machine = { config, pkgs, ... }: { + services.redmine = { + enable = true; + package = pkgs.redmine; + database.type = type; + plugins = { redmine_env_auth = pkgs.fetchurl { url = "https://github.com/Intera/redmine_env_auth/archive/0.7.zip"; sha256 = "1xb8lyarc7mpi86yflnlgyllh9hfwb9z304f19dx409gqpia99sc"; }; }; - services.redmine.themes = { + themes = { dkuk-redmine_alex_skin = pkgs.fetchurl { url = "https://bitbucket.org/dkuk/redmine_alex_skin/get/1842ef675ef3.zip"; sha256 = "0hrin9lzyi50k4w2bd2b30vrf1i4fi1c0gyas5801wn8i7kpm9yl"; }; }; }; + }; testScript = '' - startAll; - $machine->waitForUnit('redmine.service'); - $machine->waitForOpenPort('3000'); - $machine->succeed("curl --fail http://localhost:3000/"); + start_all() + machine.wait_for_unit("redmine.service") + machine.wait_for_open_port(3000) + machine.succeed("curl --fail http://localhost:3000/") ''; - }; - - pgsqlTest = package: makeTest { - machine = - { config, pkgs, ... }: - { services.redmine.enable = true; - services.redmine.package = package; - services.redmine.database.type = "postgresql"; - services.redmine.plugins = { - redmine_env_auth = pkgs.fetchurl { - url = "https://github.com/Intera/redmine_env_auth/archive/0.7.zip"; - sha256 = "1xb8lyarc7mpi86yflnlgyllh9hfwb9z304f19dx409gqpia99sc"; - }; - }; - services.redmine.themes = { - dkuk-redmine_alex_skin = pkgs.fetchurl { - url = "https://bitbucket.org/dkuk/redmine_alex_skin/get/1842ef675ef3.zip"; - sha256 = "0hrin9lzyi50k4w2bd2b30vrf1i4fi1c0gyas5801wn8i7kpm9yl"; - }; - }; - }; - - testScript = '' - startAll; - $machine->waitForUnit('redmine.service'); - $machine->waitForOpenPort('3000'); - $machine->succeed("curl --fail http://localhost:3000/"); - ''; - }; -in -{ - mysql = mysqlTest pkgs.redmine // { - name = "mysql"; - meta.maintainers = [ maintainers.aanderse ]; - }; - - pgsql = pgsqlTest pkgs.redmine // { - name = "pgsql"; + } // { meta.maintainers = [ maintainers.aanderse ]; }; +in { + mysql = redmineTest { name = "mysql"; type = "mysql2"; }; + pgsql = redmineTest { name = "pgsql"; type = "postgresql"; }; } diff --git a/nixos/tests/systemd-networkd-dhcpserver.nix b/nixos/tests/systemd-networkd-dhcpserver.nix new file mode 100644 index 000000000000..f1a2662f8cb4 --- /dev/null +++ b/nixos/tests/systemd-networkd-dhcpserver.nix @@ -0,0 +1,58 @@ +# This test predominantly tests systemd-networkd DHCP server, by +# setting up a DHCP server and client, and ensuring they are mutually +# reachable via the DHCP allocated address. +import ./make-test-python.nix ({pkgs, ...}: { + name = "systemd-networkd-dhcpserver"; + meta = with pkgs.stdenv.lib.maintainers; { + maintainers = [ tomfitzhenry ]; + }; + nodes = { + router = { config, pkgs, ... }: { + virtualisation.vlans = [ 1 ]; + systemd.services.systemd-networkd.environment.SYSTEMD_LOG_LEVEL = "debug"; + networking = { + useNetworkd = true; + useDHCP = false; + firewall.enable = false; + }; + systemd.network = { + networks = { + # systemd-networkd will load the first network unit file + # that matches, ordered lexiographically by filename. + # /etc/systemd/network/{40-eth1,99-main}.network already + # exists. This network unit must be loaded for the test, + # however, hence why this network is named such. + "01-eth1" = { + name = "eth1"; + networkConfig = { + DHCPServer = true; + Address = "10.0.0.1/24"; + }; + dhcpServerConfig = { + PoolOffset = 100; + PoolSize = 1; + }; + }; + }; + }; + }; + + client = { config, pkgs, ... }: { + virtualisation.vlans = [ 1 ]; + systemd.services.systemd-networkd.environment.SYSTEMD_LOG_LEVEL = "debug"; + networking = { + useNetworkd = true; + useDHCP = false; + firewall.enable = false; + interfaces.eth1.useDHCP = true; + }; + }; + }; + testScript = { ... }: '' + start_all() + router.wait_for_unit("systemd-networkd-wait-online.service") + client.wait_for_unit("systemd-networkd-wait-online.service") + client.wait_until_succeeds("ping -c 5 10.0.0.1") + router.wait_until_succeeds("ping -c 5 10.0.0.100") + ''; +}) diff --git a/pkgs/applications/editors/android-studio/common.nix b/pkgs/applications/editors/android-studio/common.nix index 0625431462cb..1a6904b21768 100644 --- a/pkgs/applications/editors/android-studio/common.nix +++ b/pkgs/applications/editors/android-studio/common.nix @@ -39,6 +39,7 @@ , nss , pciutils , pkgsi686Linux +, ps , setxkbmap , stdenv , systemd @@ -89,6 +90,7 @@ let # Runtime stuff git + ps ]}" \ --prefix LD_LIBRARY_PATH : "${stdenv.lib.makeLibraryPath [ diff --git a/pkgs/applications/misc/pwsafe/default.nix b/pkgs/applications/misc/pwsafe/default.nix index 91845abc8b21..43197c6bf276 100644 --- a/pkgs/applications/misc/pwsafe/default.nix +++ b/pkgs/applications/misc/pwsafe/default.nix @@ -1,25 +1,25 @@ { stdenv, fetchFromGitHub, cmake, pkgconfig, zip, gettext, perl -, wxGTK30, libXext, libXi, libXt, libXtst, xercesc +, wxGTK31, libXext, libXi, libXt, libXtst, xercesc , qrencode, libuuid, libyubikey, yubikey-personalization , curl, openssl, file }: stdenv.mkDerivation rec { pname = "pwsafe"; - version = "1.09.0"; + version = "3.52.0"; src = fetchFromGitHub { owner = pname; repo = pname; rev = "${version}"; - sha256 = "0dmazm95d53wq74qvsjvhl7r6fr4dv11nzf8sgdy47nyxv06xs1b"; + sha256 = "1ka7xsl63v0559fzf3pwc1iqr37gwr4vq5iaxa2hzar2g28hsxvh"; }; nativeBuildInputs = [ cmake gettext perl pkgconfig zip ]; buildInputs = [ - libXext libXi libXt libXtst wxGTK30 + libXext libXi libXt libXtst wxGTK31 curl qrencode libuuid openssl xercesc libyubikey yubikey-personalization file diff --git a/pkgs/applications/networking/browsers/chromium/upstream-info.nix b/pkgs/applications/networking/browsers/chromium/upstream-info.nix index cf542faa8a1e..77505b47d857 100644 --- a/pkgs/applications/networking/browsers/chromium/upstream-info.nix +++ b/pkgs/applications/networking/browsers/chromium/upstream-info.nix @@ -11,8 +11,8 @@ version = "84.0.4115.5"; }; stable = { - sha256 = "0hsxxw7fm1p8g53msqb644v8vr4cpvjmpln444c2268rm43yik17"; - sha256bin64 = "0ap7flrw3h885454fa2r7psa4sh8567ql7v7x96q11gh9gjrdvp3"; - version = "81.0.4044.113"; + sha256 = "0ahqh3vmzbpai4xwn7qybgw9phc8ssjdvfc7384mxqk9swqgv7qg"; + sha256bin64 = "0gpgim244594m35qwf625blwdqgjbp4qr846wq75a9a9zqwqs05w"; + version = "81.0.4044.122"; }; } diff --git a/pkgs/applications/networking/mailreaders/mblaze/default.nix b/pkgs/applications/networking/mailreaders/mblaze/default.nix index 82550cf43ccf..fc9001e59e32 100644 --- a/pkgs/applications/networking/mailreaders/mblaze/default.nix +++ b/pkgs/applications/networking/mailreaders/mblaze/default.nix @@ -1,10 +1,10 @@ -{ stdenv, fetchFromGitHub, fetchpatch, libiconv }: +{ stdenv, lib, fetchFromGitHub, fetchpatch, libiconv, ruby ? null }: stdenv.mkDerivation rec { pname = "mblaze"; version = "0.5.1"; - buildInputs = stdenv.lib.optionals stdenv.isDarwin [ libiconv ]; + buildInputs = [ ruby ] ++ lib.optionals stdenv.isDarwin [ libiconv ]; src = fetchFromGitHub { owner = "chneukirchen"; @@ -24,9 +24,11 @@ stdenv.mkDerivation rec { postInstall = '' install -Dm644 -t $out/share/zsh/site-functions contrib/_mblaze + '' + lib.optionalString (ruby != null) '' + install -Dt $out/bin contrib/msuck contrib/mblow ''; - meta = with stdenv.lib; { + meta = with lib; { homepage = "https://github.com/chneukirchen/mblaze"; description = "Unix utilities to deal with Maildir"; license = licenses.cc0; diff --git a/pkgs/applications/networking/mumble/default.nix b/pkgs/applications/networking/mumble/default.nix index 4408994ba8f0..633d6e63dce9 100644 --- a/pkgs/applications/networking/mumble/default.nix +++ b/pkgs/applications/networking/mumble/default.nix @@ -6,6 +6,7 @@ , speechdSupport ? false, speechd ? null , pulseSupport ? false, libpulseaudio ? null , iceSupport ? false, zeroc-ice ? null +, nixosTests }: assert jackSupport -> libjack2 != null; @@ -63,6 +64,8 @@ let enableParallelBuilding = true; + passthru.tests.connectivity = nixosTests.mumble; + meta = { description = "Low-latency, high quality voice chat software"; homepage = "https://mumble.info"; diff --git a/pkgs/applications/networking/newsreaders/quiterss/default.nix b/pkgs/applications/networking/newsreaders/quiterss/default.nix index 6fa4dc19799c..1cc4be8cb27a 100644 --- a/pkgs/applications/networking/newsreaders/quiterss/default.nix +++ b/pkgs/applications/networking/newsreaders/quiterss/default.nix @@ -1,19 +1,19 @@ -{ stdenv, fetchFromGitHub, qmake, pkgconfig, wrapQtAppsHook +{ stdenv, fetchFromGitHub, qmake, pkg-config, wrapQtAppsHook , qtbase, qttools, qtwebkit, sqlite }: stdenv.mkDerivation rec { pname = "quiterss"; - version = "0.19.3"; + version = "0.19.4"; src = fetchFromGitHub { owner = "QuiteRSS"; repo = "quiterss"; rev = version; - sha256 = "06m5mhzxvv8q2adaqcrar3sx2c1hc89h2i0qfjxmirfc5z67hdw2"; + sha256 = "1cgvl67vhn5y7bj5gbjbgk26bhb0196bgrgsp3r5fmrislarj8s6"; }; - nativeBuildInputs = [ qmake pkgconfig wrapQtAppsHook ]; + nativeBuildInputs = [ qmake pkg-config wrapQtAppsHook ]; buildInputs = [ qtbase qttools qtwebkit sqlite.dev ]; meta = with stdenv.lib; { @@ -23,6 +23,7 @@ stdenv.mkDerivation rec { written on Qt/C++ ''; homepage = "https://quiterss.org"; + changelog = "https://github.com/QuiteRSS/quiterss/blob/${version}/CHANGELOG"; license = licenses.gpl3; platforms = platforms.linux; maintainers = with maintainers; [ primeos ]; diff --git a/pkgs/applications/networking/syncthing/default.nix b/pkgs/applications/networking/syncthing/default.nix index 31cf76be5efc..94fec82fdf72 100644 --- a/pkgs/applications/networking/syncthing/default.nix +++ b/pkgs/applications/networking/syncthing/default.nix @@ -1,4 +1,4 @@ -{ buildGoModule, stdenv, lib, procps, fetchFromGitHub }: +{ buildGoModule, stdenv, lib, procps, fetchFromGitHub, nixosTests }: let common = { stname, target, postInstall ? "" }: @@ -35,6 +35,11 @@ let inherit postInstall; + passthru.tests = with nixosTests; { + init = syncthing-init; + relay = syncthing-relay; + }; + meta = with lib; { homepage = "https://www.syncthing.net/"; description = "Open Source Continuous File Synchronization"; diff --git a/pkgs/applications/version-management/git-and-tools/thicket/default.nix b/pkgs/applications/version-management/git-and-tools/thicket/default.nix index 42819043d58b..4a02baa465c6 100644 --- a/pkgs/applications/version-management/git-and-tools/thicket/default.nix +++ b/pkgs/applications/version-management/git-and-tools/thicket/default.nix @@ -1,9 +1,12 @@ { lib , fetchFromGitHub -, crystal +, crystal_0_33 }: -crystal.buildCrystalPackage rec { +let + crystal = crystal_0_33; + +in crystal.buildCrystalPackage rec { pname = "thicket"; version = "0.1.3"; @@ -14,13 +17,18 @@ crystal.buildCrystalPackage rec { sha256 = "0hkmmssiwipx373d0zw9a2yn72gqzqzcvwkqbs522m5adz6qmkzw"; }; + format = "shards"; + shardsFile = ./shards.nix; crystalBinaries.thicket.src = "src/thicket.cr"; + # there is one test that tries to clone a repo + doCheck = false; + meta = with lib; { description = "A better one-line git log"; homepage = "https://github.com/taylorthurlow/thicket"; license = licenses.mit; maintainers = with maintainers; [ filalex77 ]; }; -} \ No newline at end of file +} diff --git a/pkgs/applications/video/kodi/default.nix b/pkgs/applications/video/kodi/default.nix index 6d02bcefb084..c83705ac4160 100644 --- a/pkgs/applications/video/kodi/default.nix +++ b/pkgs/applications/video/kodi/default.nix @@ -192,7 +192,9 @@ in stdenv.mkDerivation { ++ lib.optional usbSupport libusb ++ lib.optional vdpauSupport libvdpau ++ lib.optionals useWayland [ - wayland waylandpp wayland-protocols + wayland + waylandpp.dev + wayland-protocols # Not sure why ".dev" is needed here, but CMake doesn't find libxkbcommon otherwise libxkbcommon.dev ] @@ -213,7 +215,7 @@ in stdenv.mkDerivation { # for TexturePacker giflib zlib libpng libjpeg lzo - ] ++ lib.optionals useWayland [ wayland-protocols ]; + ] ++ lib.optionals useWayland [ wayland-protocols waylandpp.bin ]; depsBuildBuild = [ buildPackages.stdenv.cc diff --git a/pkgs/applications/window-managers/i3/default.nix b/pkgs/applications/window-managers/i3/default.nix index fd964215d455..eec7d88dbc72 100644 --- a/pkgs/applications/window-managers/i3/default.nix +++ b/pkgs/applications/window-managers/i3/default.nix @@ -5,11 +5,11 @@ stdenv.mkDerivation rec { pname = "i3"; - version = "4.18"; + version = "4.18.1"; src = fetchurl { url = "https://i3wm.org/downloads/${pname}-${version}.tar.bz2"; - sha256 = "0dv5g8ycfmijxfjyw8hzsxaf80v09lb73zh7x2vszy78h3amifqz"; + sha256 = "0z709cianlzw0x0qwq4361347354xd9ckj1v7vjvhb1zh3x91gws"; }; nativeBuildInputs = [ which pkgconfig makeWrapper ]; diff --git a/pkgs/build-support/src-only/default.nix b/pkgs/build-support/src-only/default.nix index c2f7cfb93998..a93b36480908 100644 --- a/pkgs/build-support/src-only/default.nix +++ b/pkgs/build-support/src-only/default.nix @@ -1,4 +1,4 @@ -{ stdenv, name, src, patches ? [], buildInputs ? [] }: +{stdenv, name, src, patches ? [], buildInputs ? [], ...}: stdenv.mkDerivation { inherit src buildInputs patches name; installPhase = "cp -r . $out"; diff --git a/pkgs/development/compilers/crystal/build-package.nix b/pkgs/development/compilers/crystal/build-package.nix index 8ffa89a11b4a..856c6e58bc18 100644 --- a/pkgs/development/compilers/crystal/build-package.nix +++ b/pkgs/development/compilers/crystal/build-package.nix @@ -1,53 +1,109 @@ -{ stdenv, lib, crystal, linkFarm, fetchFromGitHub }: -{ # Generate shards.nix with `nix-shell -p crystal2nix --run crystal2nix` in the projects root - shardsFile ? null +{ stdenv, lib, crystal, shards, git, pkgconfig, which, linkFarm, fetchFromGitHub, installShellFiles }: + +{ # Some projects do not include a lock file, so you can pass one + lockFile ? null + # Generate shards.nix with `nix-shell -p crystal2nix --run crystal2nix` in the projects root +, shardsFile ? null + # We support different builders. To make things more straight forward, make it + # user selectable instead of trying to autodetect +, format ? "make" +, installManPages ? true # Specify binaries to build in the form { foo.src = "src/foo.cr"; } # The default `crystal build` options can be overridden with { foo.options = [ "--no-debug" ]; } -, crystalBinaries ? {} -, ... -}@args: +, crystalBinaries ? { }, ... }@args: + +assert (builtins.elem format [ "make" "crystal" "shards" ]); + let - mkDerivationArgs = builtins.removeAttrs args [ "shardsFile" "crystalBinaries" ]; + mkDerivationArgs = builtins.removeAttrs args [ + "format" + "installManPages" + "lockFile" + "shardsFile" + "crystalBinaries" + ]; crystalLib = linkFarm "crystal-lib" (lib.mapAttrsToList (name: value: { inherit name; path = fetchFromGitHub value; }) (import shardsFile)); - defaultOptions = [ "--release" "--progress" "--no-debug" "--verbose" ]; + # we previously had --no-debug here but that is not recommended by upstream + defaultOptions = [ "--release" "--progress" "--verbose" ]; + buildDirectly = shardsFile == null || crystalBinaries != { }; in stdenv.mkDerivation (mkDerivationArgs // { - configurePhase = args.configurePhase or '' - runHook preConfigure - ${lib.optionalString (shardsFile != null) "ln -s ${crystalLib} lib"} - runHook postConfigure - ''; + configurePhase = args.configurePhase or lib.concatStringsSep "\n" ([ + "runHook preConfigure" + ] ++ lib.optional (lockFile != null) "ln -s ${lockFile} ./shard.lock" + ++ lib.optional (shardsFile != null) "ln -s ${crystalLib} lib" + ++ [ "runHook postConfigure "]); - buildInputs = args.buildInputs or [] ++ [ crystal ]; - - buildPhase = args.buildPhase or '' - runHook preBuild - ${lib.concatStringsSep "\n" (lib.mapAttrsToList (bin: attrs: '' - crystal ${lib.escapeShellArgs ([ - "build" - "-o" bin - (attrs.src or (throw "No source file for crystal binary ${bin} provided")) - ] ++ attrs.options or defaultOptions)} - '') crystalBinaries)} - runHook postBuild - ''; + CRFLAGS = lib.concatStringsSep " " defaultOptions; + + PREFIX = placeholder "out"; + + buildInputs = args.buildInputs or [ ] ++ [ crystal ] + ++ lib.optional (format != "crystal") shards; + + nativeBuildInputs = args.nativeBuildInputs or [ ] ++ [ git installShellFiles pkgconfig which ]; + + buildPhase = args.buildPhase or (lib.concatStringsSep "\n" ([ + "runHook preBuild" + ] ++ lib.optional (format == "make") + ''make ''${buildTargets:-build} $makeFlags'' + ++ lib.optionals (format == "crystal") (lib.mapAttrsToList (bin: attrs: '' + crystal ${lib.escapeShellArgs (["build" "-o" bin + (attrs.src or (throw "No source file for crystal binary ${bin} provided")) + ] ++ (attrs.options or defaultOptions))} + '') crystalBinaries) + ++ lib.optional (format == "shards") + "shards build --local --production ${lib.concatStringsSep " " defaultOptions}" + ++ [ "runHook postBuild" ])); + + installPhase = args.installPhase or (lib.concatStringsSep "\n" ([ + "runHook preInstall" + ] ++ lib.optional (format == "make") + ''make ''${installTargets:-install} $installFlags'' + ++ lib.optionals (format == "crystal") (map (bin: '' + install -Dm555 ${lib.escapeShellArgs [ bin "${placeholder "out"}/bin/${bin}" ]} + '') (lib.attrNames crystalBinaries)) + ++ lib.optional (format == "shards") + ''install -Dm555 bin/* -t $out/bin'' + ++ [ + '' + for f in README* *.md LICENSE; do + test -f $f && install -Dm444 $f -t $out/share/doc/${args.pname} + done + '' + ] ++ (lib.optional installManPages '' + if [ -d man ]; then + installManPage man/*.? + fi + '') ++ [ + "runHook postInstall" + ])); + + doCheck = args.doCheck or true; + + checkPhase = args.checkPhase or (lib.concatStringsSep "\n" ([ + "runHook preCheck" + ] ++ lib.optional (format == "make") + ''make ''${checkTarget:-test} $checkFlags'' + ++ lib.optional (format != "make") + ''crystal ''${checkTarget:-spec} $checkFlags'' + ++ [ "runHook postCheck" ])); + + doInstallCheck = args.doInstallCheck or true; - installPhase = args.installPhase or '' - runHook preInstall - mkdir -p "$out/bin" - ${lib.concatMapStringsSep "\n" (bin: '' - mv ${lib.escapeShellArgs [ bin "${placeholder "out"}/bin/${bin}" ]} - '') (lib.attrNames crystalBinaries)} - runHook postInstall + installCheckPhase = args.installCheckPhase or '' + for f in $out/bin/*; do + $f --help + done ''; - meta = args.meta or {} // { + meta = args.meta or { } // { platforms = args.meta.platforms or crystal.meta.platforms; }; }) diff --git a/pkgs/development/compilers/crystal/crystal2nix.nix b/pkgs/development/compilers/crystal/crystal2nix.nix index ac69b9b3d965..5fc40cd23741 100644 --- a/pkgs/development/compilers/crystal/crystal2nix.nix +++ b/pkgs/development/compilers/crystal/crystal2nix.nix @@ -1,4 +1,5 @@ { lib, crystal, nix-prefetch-git }: + crystal.buildCrystalPackage { pname = "crystal2nix"; version = "unstable-2018-07-31"; @@ -6,11 +7,16 @@ crystal.buildCrystalPackage { nixPrefetchGit = "${lib.getBin nix-prefetch-git}/bin/nix-prefetch-git"; unpackPhase = "substituteAll ${./crystal2nix.cr} crystal2nix.cr"; + format = "crystal"; + crystalBinaries.crystal2nix.src = "crystal2nix.cr"; + # it will blow up without a shard.yml file + doInstallCheck = false; + meta = with lib; { description = "Utility to convert Crystal's shard.lock files to a Nix file"; license = licenses.mit; - maintainers = [ maintainers.manveru ]; + maintainers = with maintainers; [ manveru ]; }; } diff --git a/pkgs/development/compilers/ldc/binary.nix b/pkgs/development/compilers/ldc/binary.nix deleted file mode 100644 index 56d40be86194..000000000000 --- a/pkgs/development/compilers/ldc/binary.nix +++ /dev/null @@ -1,41 +0,0 @@ -{ stdenv, fetchurl, curl, tzdata, autoPatchelfHook, fixDarwinDylibNames, libxml2 -, version, hashes }: -with stdenv; -let - OS = if hostPlatform.isDarwin then "osx" else hostPlatform.parsed.kernel.name; - ARCH = toString hostPlatform.parsed.cpu.name; -in mkDerivation { - pname = "ldc-bootstrap"; - inherit version; - - src = fetchurl rec { - name = "ldc2-${version}-${OS}-${ARCH}.tar.xz"; - url = "https://github.com/ldc-developers/ldc/releases/download/v${version}/${name}"; - sha256 = hashes."${OS}-${ARCH}" or (throw "missing bootstrap sha256 for ${OS}-${ARCH}"); - }; - - dontConfigure = true; - dontBuild = true; - - nativeBuildInputs = [ fixDarwinDylibNames autoPatchelfHook ]; - - buildInputs = lib.optionals stdenv.hostPlatform.isLinux [ libxml2 stdenv.cc.cc ]; - - propagatedBuildInputs = [ curl tzdata ]; - - installPhase = '' - mkdir -p $out - - mv bin etc import lib LICENSE README $out/ - ''; - - meta = with lib; { - inherit version; - description = "The LLVM-based D Compiler"; - homepage = "https://github.com/ldc-developers/ldc"; - # from https://github.com/ldc-developers/ldc/blob/master/LICENSE - license = with licenses; [ bsd3 boost mit ncsa gpl2Plus ]; - maintainers = with maintainers; [ ThomasMader lionello ]; - platforms = [ "x86_64-linux" "x86_64-darwin" "aarch64-linux" ]; - }; -} diff --git a/pkgs/development/compilers/ldc/bootstrap.nix b/pkgs/development/compilers/ldc/bootstrap.nix deleted file mode 100644 index fde4c8426848..000000000000 --- a/pkgs/development/compilers/ldc/bootstrap.nix +++ /dev/null @@ -1,10 +0,0 @@ -{ callPackage }: -callPackage ./binary.nix { - version = "1.19.0"; - hashes = { - # Get these from `nix-prefetch-url https://github.com/ldc-developers/ldc/releases/download/v1.19.0/ldc2-1.19.0-osx-x86_64.tar.xz` etc.. - osx-x86_64 = "1bp3xkh9zp64dzq8isanib1gacb3nfbl70qv15qygwk1zan6zgy7"; - linux-x86_64 = "146grr2lwarfk13wgkpyb77xb6b3as1is2rf4s2hipqjmc8biy1h"; - linux-aarch64 = "1fv6jshfvi15m7masgxq1hgp216qjd5amizrqdf26vhrq3a08li3"; - }; -} diff --git a/pkgs/development/compilers/ldc/default.nix b/pkgs/development/compilers/ldc/default.nix index 5a4baabcf8d8..19fe2981c833 100644 --- a/pkgs/development/compilers/ldc/default.nix +++ b/pkgs/development/compilers/ldc/default.nix @@ -1,5 +1,173 @@ -import ./generic.nix { - version = "1.20.1"; - ldcSha256 = "1bqsgab22v02pc3c9gcyf15y7aimadv24d68icaw5lpgnvzxy89b"; +{ stdenv, fetchurl, cmake, ninja, llvm_5, llvm_8, curl, tzdata +, libconfig, lit, gdb, unzip, darwin, bash +, callPackage, makeWrapper, runCommand, targetPackages +, bootstrapVersion ? false +, version ? "1.17.0" +, ldcSha256 ? "1aag5jfrng6p4ms0fs90hjbv9bcj3hj8h52r68c3cm6racdajbva" +}: + +let + bootstrapLdc = if !bootstrapVersion then + # LDC 0.17.x is the last version which doesn't need a working D compiler to + # build so we use that version to bootstrap the actual build. + callPackage ./default.nix { + bootstrapVersion = true; + version = "0.17.6"; + ldcSha256 = "0qf5kbxddgmg3kqzi0kf4bgv8vdrnv16y07hcpm0cwv9mc3qr2w6"; + } + else + ""; + + pathConfig = runCommand "ldc-lib-paths" {} '' + mkdir $out + echo ${tzdata}/share/zoneinfo/ > $out/TZDatabaseDirFile + echo ${curl.out}/lib/libcurl${stdenv.hostPlatform.extensions.sharedLibrary} > $out/LibcurlPathFile + ''; +in + +stdenv.mkDerivation rec { + pname = "ldc"; + inherit version; + + enableParallelBuilding = true; + + src = fetchurl { + url = "https://github.com/ldc-developers/ldc/releases/download/v${version}/ldc-${version}-src.tar.gz"; + sha256 = ldcSha256; + }; + + # https://issues.dlang.org/show_bug.cgi?id=19553 + hardeningDisable = [ "fortify" ]; + + postUnpack = '' + patchShebangs . + '' + + + stdenv.lib.optionalString (!bootstrapVersion) '' + rm ldc-${version}-src/tests/d2/dmd-testsuite/fail_compilation/mixin_gc.d + rm ldc-${version}-src/tests/d2/dmd-testsuite/runnable/xtest46_gc.d + rm ldc-${version}-src/tests/d2/dmd-testsuite/runnable/testptrref_gc.d + + # test depends on current year + rm ldc-${version}-src/tests/d2/dmd-testsuite/compilable/ddocYear.d + '' + + + stdenv.lib.optionalString (!bootstrapVersion && stdenv.hostPlatform.isDarwin) '' + # https://github.com/NixOS/nixpkgs/issues/34817 + rm -r ldc-${version}-src/tests/plugins/addFuncEntryCall + ''; + + postPatch = '' + # Setting SHELL=$SHELL when dmd testsuite is run doesn't work on Linux somehow + substituteInPlace tests/d2/dmd-testsuite/Makefile --replace "SHELL=/bin/bash" "SHELL=${bash}/bin/bash" + '' + + + stdenv.lib.optionalString (!bootstrapVersion && stdenv.hostPlatform.isLinux) '' + substituteInPlace runtime/phobos/std/socket.d --replace "assert(ih.addrList[0] == 0x7F_00_00_01);" "" + '' + + + stdenv.lib.optionalString (!bootstrapVersion && stdenv.hostPlatform.isDarwin) '' + substituteInPlace runtime/phobos/std/socket.d --replace "foreach (name; names)" "names = []; foreach (name; names)" + '' + + + stdenv.lib.optionalString (bootstrapVersion && stdenv.hostPlatform.isDarwin) '' + # Was not able to compile on darwin due to "__inline_isnanl" + # being undefined. + # TODO Remove with version > 0.17.6 + substituteInPlace dmd2/root/port.c --replace __inline_isnanl __inline_isnan + ''; + + nativeBuildInputs = [ cmake ninja makeWrapper unzip ] + ++ stdenv.lib.optionals (!bootstrapVersion) [ + bootstrapLdc lit lit.python + ] + ++ stdenv.lib.optional (!bootstrapVersion && stdenv.hostPlatform.isDarwin) + # https://github.com/NixOS/nixpkgs/issues/57120 + # https://github.com/NixOS/nixpkgs/pull/59197#issuecomment-481972515 + llvm_5 + ++ stdenv.lib.optional (!bootstrapVersion && !stdenv.hostPlatform.isDarwin) + llvm_8 + ++ stdenv.lib.optional (!bootstrapVersion && !stdenv.hostPlatform.isDarwin) + # https://github.com/NixOS/nixpkgs/pull/36378#issuecomment-385034818 + gdb + ++ stdenv.lib.optionals (bootstrapVersion) [ + libconfig llvm_5 + ] + ++ stdenv.lib.optional stdenv.hostPlatform.isDarwin + darwin.apple_sdk.frameworks.Foundation; + + + buildInputs = [ curl tzdata ]; + + cmakeFlags = stdenv.lib.optionals (!bootstrapVersion) [ + "-DD_FLAGS=-d-version=TZDatabaseDir;-d-version=LibcurlPath;-J${pathConfig}" + "-DCMAKE_BUILD_TYPE=Release" + ]; + + postConfigure = '' + export DMD=$PWD/bin/ldmd2 + ''; + + makeFlags = [ "DMD=$DMD" ]; + + fixNames = stdenv.lib.optionalString stdenv.hostPlatform.isDarwin '' + fixDarwinDylibNames() { + local flags=() + + for fn in "$@"; do + flags+=(-change "$(basename "$fn")" "$fn") + done + + for fn in "$@"; do + if [ -L "$fn" ]; then continue; fi + echo "$fn: fixing dylib" + install_name_tool -id "$fn" "''${flags[@]}" "$fn" + done + } + + fixDarwinDylibNames $(find "$(pwd)/lib" -name "*.dylib") + export DYLD_LIBRARY_PATH=$(pwd)/lib + ''; + + # https://github.com/ldc-developers/ldc/issues/2497#issuecomment-459633746 + additionalExceptions = stdenv.lib.optionalString stdenv.hostPlatform.isDarwin + "|druntime-test-shared"; + + doCheck = !bootstrapVersion; + + checkPhase = stdenv.lib.optionalString doCheck '' + # Build default lib test runners + ninja -j$NIX_BUILD_CORES all-test-runners + + ${fixNames} + + # Run dmd testsuite + export DMD_TESTSUITE_MAKE_ARGS="-j$NIX_BUILD_CORES DMD=$DMD CC=$CXX" + ctest -V -R "dmd-testsuite" + + # Build and run LDC D unittests. + ctest --output-on-failure -R "ldc2-unittest" + + # Run LIT testsuite. + ctest -V -R "lit-tests" + + # Run default lib unittests + ctest -j$NIX_BUILD_CORES --output-on-failure -E "ldc2-unittest|lit-tests|dmd-testsuite${additionalExceptions}" + ''; + + postInstall = '' + wrapProgram $out/bin/ldc2 \ + --prefix PATH ":" "${targetPackages.stdenv.cc}/bin" \ + --set-default CC "${targetPackages.stdenv.cc}/bin/cc" + ''; + + meta = with stdenv.lib; { + description = "The LLVM-based D compiler"; + homepage = "https://github.com/ldc-developers/ldc"; + # from https://github.com/ldc-developers/ldc/blob/master/LICENSE + license = with licenses; [ bsd3 boost mit ncsa gpl2Plus ]; + maintainers = with maintainers; [ ThomasMader ]; + platforms = [ "x86_64-linux" "i686-linux" "x86_64-darwin" ]; + }; } diff --git a/pkgs/development/compilers/ldc/generic.nix b/pkgs/development/compilers/ldc/generic.nix deleted file mode 100644 index c93d423945cb..000000000000 --- a/pkgs/development/compilers/ldc/generic.nix +++ /dev/null @@ -1,143 +0,0 @@ -{ version, ldcSha256 }: -{ stdenv, fetchurl, cmake, ninja, llvm_5, llvm_8, curl, tzdata -, libconfig, lit, gdb, unzip, darwin, bash -, callPackage, makeWrapper, runCommand, targetPackages -, ldcBootstrap ? callPackage ./bootstrap.nix { } -}: - -let - pathConfig = runCommand "ldc-lib-paths" {} '' - mkdir $out - echo ${tzdata}/share/zoneinfo/ > $out/TZDatabaseDirFile - echo ${curl.out}/lib/libcurl${stdenv.hostPlatform.extensions.sharedLibrary} > $out/LibcurlPathFile - ''; - -in - -stdenv.mkDerivation rec { - pname = "ldc"; - inherit version; - - enableParallelBuilding = true; - - src = fetchurl { - url = "https://github.com/ldc-developers/ldc/releases/download/v${version}/ldc-${version}-src.tar.gz"; - sha256 = ldcSha256; - }; - - # https://issues.dlang.org/show_bug.cgi?id=19553 - hardeningDisable = [ "fortify" ]; - - postUnpack = '' - patchShebangs . - '' - + '' - rm ldc-${version}-src/tests/d2/dmd-testsuite/fail_compilation/mixin_gc.d - rm ldc-${version}-src/tests/d2/dmd-testsuite/runnable/xtest46_gc.d - rm ldc-${version}-src/tests/d2/dmd-testsuite/runnable/testptrref_gc.d - - # test depends on current year - rm ldc-${version}-src/tests/d2/dmd-testsuite/compilable/ddocYear.d - '' - + stdenv.lib.optionalString stdenv.hostPlatform.isDarwin '' - # https://github.com/NixOS/nixpkgs/issues/34817 - rm -r ldc-${version}-src/tests/plugins/addFuncEntryCall - ''; - - postPatch = '' - # Setting SHELL=$SHELL when dmd testsuite is run doesn't work on Linux somehow - substituteInPlace tests/d2/dmd-testsuite/Makefile --replace "SHELL=/bin/bash" "SHELL=${bash}/bin/bash" - '' - + stdenv.lib.optionalString stdenv.hostPlatform.isLinux '' - substituteInPlace runtime/phobos/std/socket.d --replace "assert(ih.addrList[0] == 0x7F_00_00_01);" "" - '' - + stdenv.lib.optionalString stdenv.hostPlatform.isDarwin '' - substituteInPlace runtime/phobos/std/socket.d --replace "foreach (name; names)" "names = []; foreach (name; names)" - ''; - - nativeBuildInputs = [ - cmake ninja makeWrapper unzip ldcBootstrap lit lit.python - ] - ++ stdenv.lib.optionals stdenv.hostPlatform.isDarwin [ - darwin.apple_sdk.frameworks.Foundation - # https://github.com/NixOS/nixpkgs/issues/57120 - # https://github.com/NixOS/nixpkgs/pull/59197#issuecomment-481972515 - llvm_5 - ] - ++ stdenv.lib.optionals (!stdenv.hostPlatform.isDarwin) [ - llvm_8 - # https://github.com/NixOS/nixpkgs/pull/36378#issuecomment-385034818 - gdb - ]; - - buildInputs = [ curl tzdata ]; - - cmakeFlags = [ - "-DD_FLAGS=-d-version=TZDatabaseDir;-d-version=LibcurlPath;-J${pathConfig}" - "-DCMAKE_BUILD_TYPE=Release" - ]; - - postConfigure = '' - export DMD=$PWD/bin/ldmd2 - ''; - - makeFlags = [ "DMD=$DMD" ]; - - fixNames = stdenv.lib.optionalString stdenv.hostPlatform.isDarwin '' - fixDarwinDylibNames() { - local flags=() - - for fn in "$@"; do - flags+=(-change "$(basename "$fn")" "$fn") - done - - for fn in "$@"; do - if [ -L "$fn" ]; then continue; fi - echo "$fn: fixing dylib" - install_name_tool -id "$fn" "''${flags[@]}" "$fn" - done - } - - fixDarwinDylibNames $(find "$(pwd)/lib" -name "*.dylib") - export DYLD_LIBRARY_PATH=$(pwd)/lib - ''; - - # https://github.com/ldc-developers/ldc/issues/2497#issuecomment-459633746 - additionalExceptions = stdenv.lib.optionalString stdenv.hostPlatform.isDarwin - "|druntime-test-shared"; - - checkPhase = '' - # Build default lib test runners - ninja -j$NIX_BUILD_CORES all-test-runners - - ${fixNames} - - # Run dmd testsuite - export DMD_TESTSUITE_MAKE_ARGS="-j$NIX_BUILD_CORES DMD=$DMD" - ctest -V -R "dmd-testsuite" - - # Build and run LDC D unittests. - ctest --output-on-failure -R "ldc2-unittest" - - # Run LIT testsuite. - ctest -V -R "lit-tests" - - # Run default lib unittests - ctest -j$NIX_BUILD_CORES --output-on-failure -E "ldc2-unittest|lit-tests|dmd-testsuite${additionalExceptions}" - ''; - - postInstall = '' - wrapProgram $out/bin/ldc2 \ - --prefix PATH ":" "${targetPackages.stdenv.cc}/bin" \ - --set-default CC "${targetPackages.stdenv.cc}/bin/cc" - ''; - - meta = with stdenv.lib; { - description = "The LLVM-based D compiler"; - homepage = "https://github.com/ldc-developers/ldc"; - # from https://github.com/ldc-developers/ldc/blob/master/LICENSE - license = with licenses; [ bsd3 boost mit ncsa gpl2Plus ]; - maintainers = with maintainers; [ ThomasMader lionello ]; - platforms = [ "x86_64-linux" "i686-linux" "x86_64-darwin" ]; - }; -} diff --git a/pkgs/development/compilers/mint/default.nix b/pkgs/development/compilers/mint/default.nix index 7f5af5e834b0..d1d103c047fb 100644 --- a/pkgs/development/compilers/mint/default.nix +++ b/pkgs/development/compilers/mint/default.nix @@ -1,27 +1,36 @@ -{ lib, fetchFromGitHub, crystal, zlib, openssl, duktape, which, libyaml }: -crystal.buildCrystalPackage rec { - version = "0.7.1"; +{ lib, fetchFromGitHub, crystal_0_33, openssl }: + +let crystal = crystal_0_33; +in crystal.buildCrystalPackage rec { + version = "0.9.0"; pname = "mint"; + src = fetchFromGitHub { owner = "mint-lang"; repo = "mint"; rev = version; - sha256 = "18cg96kl4dn89bj6fm3080zzyd1r7rsfi17agdjjayd2v9fgs95l"; + sha256 = "0y1qr616x7s0pjgih6s1n4wiwb8kn8l1knnzmib6j4jmqax0jhz0"; }; - buildInputs = [ openssl ]; + postPatch = '' + export HOME=$TMP + ''; + + format = "shards"; # Update with # nix-shell -p crystal2nix --run crystal2nix # with mint's shard.lock file in the current directory shardsFile = ./shards.nix; - crystalBinaries.mint.src = "src/mint.cr"; - meta = { + buildInputs = [ openssl ]; + + meta = with lib; { description = "A refreshing language for the front-end web"; homepage = "https://mint-lang.com/"; - license = lib.licenses.bsd3; - maintainers = with lib.maintainers; [ manveru ]; + license = licenses.bsd3; + maintainers = with maintainers; [ manveru ]; platforms = [ "x86_64-linux" "i686-linux" "x86_64-darwin" ]; + broken = lib.versionOlder crystal.version "0.33"; }; } diff --git a/pkgs/development/compilers/mint/shards.nix b/pkgs/development/compilers/mint/shards.nix index b3583ac2cbaa..8e2b6b6ad4df 100644 --- a/pkgs/development/compilers/mint/shards.nix +++ b/pkgs/development/compilers/mint/shards.nix @@ -2,26 +2,26 @@ admiral = { owner = "jwaldrip"; repo = "admiral.cr"; - rev = "v1.7.3"; - sha256 = "0b98qjy43wsrc08am7lkhcdsxc7gplf9hcmbvd4p3dw4g107rk91"; + rev = "v1.9.0"; + sha256 = "0y8gsh1qz42bc9jawcrn0i49mzzfvf8znmivd8lybapf0f53fblz"; }; ameba = { - owner = "veelenga"; + owner = "crystal-ameba"; repo = "ameba"; - rev = "v0.10.1"; - sha256 = "0dcw7px7g0c5pxpdlirhirqzhcc7gdwdfiwb9kgm4x1k74ghjgxq"; + rev = "v0.12.0"; + sha256 = "0g68yijbm2j4ig536fwq49d1z7x2iv9kp4g3gjklf5zn1sbqhm12"; }; baked_file_system = { owner = "schovi"; repo = "baked_file_system"; - rev = "v0.9.7"; - sha256 = "1fi6zag1a6h4xwrfizy01dls3hhraqw0cmpwj7rjv1qcddjgig5z"; + rev = "v0.9.8"; + sha256 = "12l375jllg1lxvfh610dz0a39p803xw6q9fxlmnc6hy55i0gm0y3"; }; diff = { owner = "MakeNowJust"; repo = "crystal-diff"; - rev = "51962dc36f9bbb1b926d557f7cb8993a6c73cc63"; - sha256 = "1nwnsxm8srfw8jg0yfi2v19x6j3dadx62hq0xpxra40qcqz9dbnp"; + rev = "v1.1.0"; + sha256 = "1q5q2d5mp1r8c6k5v4755sb3b6awiz85d1j280djzhbd0pggk3z7"; }; dotenv = { owner = "gdotdesign"; @@ -32,14 +32,14 @@ exception_page = { owner = "crystal-loot"; repo = "exception_page"; - rev = "v0.1.2"; - sha256 = "0j5ishhyriq9p339yaawrmawl9wgmp1paniq30a8d6a0568h3avq"; + rev = "v0.1.4"; + sha256 = "0bsp2m89sl0bg9d5szbs1nxyk7yk58rkk24aibr39hhb5zi70pqi"; }; kemal = { owner = "kemalcr"; repo = "kemal"; - rev = "v0.25.1"; - sha256 = "1334i905xj6vlmp8acyybwwlaxsgmf90b59da7brzpnf28wci782"; + rev = "v0.26.1"; + sha256 = "169pwkjmk7x6j8i0rf5rpyk1y0hl7jaf9h6yrq4ha2ag9yq9i8fr"; }; kilt = { owner = "jeromegn"; diff --git a/pkgs/development/libraries/appstream-glib/default.nix b/pkgs/development/libraries/appstream-glib/default.nix index ceb4c238a7b0..5b777dff3ea2 100644 --- a/pkgs/development/libraries/appstream-glib/default.nix +++ b/pkgs/development/libraries/appstream-glib/default.nix @@ -23,7 +23,7 @@ , pngquant }: stdenv.mkDerivation rec { - name = "appstream-glib-0.7.16"; + name = "appstream-glib-0.7.17"; outputs = [ "out" "dev" "man" "installedTests" ]; outputBin = "dev"; @@ -32,7 +32,7 @@ stdenv.mkDerivation rec { owner = "hughsie"; repo = "appstream-glib"; rev = stdenv.lib.replaceStrings [ "." "-" ] [ "_" "_" ] name; - sha256 = "05x2pmsq18fcpgfvx0y54qdlryy5c9k3sxk6kgank8frkzhgnm9r"; + sha256 = "06pm8l58y0ladimyckbvlslr5bjj9rwb70rgjmn09l41pdpipy2i"; }; nativeBuildInputs = [ diff --git a/pkgs/development/libraries/icu/65.nix b/pkgs/development/libraries/icu/65.nix new file mode 100644 index 000000000000..c5074eea114d --- /dev/null +++ b/pkgs/development/libraries/icu/65.nix @@ -0,0 +1,4 @@ +import ./base.nix { + version = "65.1"; + sha256 = "0j6r6qqnhfr5iqkx53k63ifkm93kv1kkb7h2mlgd1mnnndk79qsk"; +} diff --git a/pkgs/development/libraries/icu/66.nix b/pkgs/development/libraries/icu/66.nix new file mode 100644 index 000000000000..5dfad945d291 --- /dev/null +++ b/pkgs/development/libraries/icu/66.nix @@ -0,0 +1,4 @@ +import ./base.nix { + version = "66.1"; + sha256 = "0bharwzc9nzkbrcf405z2nb3h7q0711z450arz0mjmdrk8hg58sj"; +} diff --git a/pkgs/development/libraries/icu/base.nix b/pkgs/development/libraries/icu/base.nix index 96b00027e207..81f75ad526a7 100644 --- a/pkgs/development/libraries/icu/base.nix +++ b/pkgs/development/libraries/icu/base.nix @@ -9,8 +9,7 @@ let baseAttrs = { src = fetchurl { - url = "http://download.icu-project.org/files/${pname}/${version}/${pname}-" - + (stdenv.lib.replaceChars ["."] ["_"] version) + "-src.tgz"; + url = "https://github.com/unicode-org/icu/releases/download/release-${lib.replaceChars [ "." ] [ "-" ] version}/icu4c-${lib.replaceChars [ "." ] [ "_" ] version}-src.tgz"; inherit sha256; }; diff --git a/pkgs/development/libraries/waylandpp/default.nix b/pkgs/development/libraries/waylandpp/default.nix index 59fac7bfe4a1..07de374c962a 100644 --- a/pkgs/development/libraries/waylandpp/default.nix +++ b/pkgs/development/libraries/waylandpp/default.nix @@ -1,21 +1,39 @@ -{ stdenv, fetchFromGitHub, cmake, pkgconfig, pugixml, wayland, libGL, libffi, buildPackages }: +{ stdenv +, fetchFromGitHub +, cmake +, pkgconfig +, pugixml +, wayland +, libGL +, libffi +, buildPackages +, docSupport ? true +, doxygen ? null +}: +assert docSupport -> doxygen != null; + +with stdenv.lib; stdenv.mkDerivation rec { pname = "waylandpp"; - version = "0.2.5"; + version = "0.2.7"; src = fetchFromGitHub { owner = "NilsBrause"; repo = pname; rev = version; - sha256 = "16h57hzd688664qcyznzhjp3hxipdkzgv46x82yhkww24av8b55n"; + sha256 = "1r4m0xhvwpcqxrqvp3hz1bzlkxqj2jiymd5r6hj8xjzz536hyprz"; }; cmakeFlags = stdenv.lib.optional (stdenv.hostPlatform != stdenv.buildPlatform) "-DWAYLAND_SCANNERPP=${buildPackages.waylandpp}/bin/wayland-scanner++"; - nativeBuildInputs = [ cmake pkgconfig ]; + nativeBuildInputs = [ cmake pkgconfig ] ++ optional docSupport doxygen; buildInputs = [ pugixml wayland libGL libffi ]; + outputs = [ "bin" "dev" "lib" "out" ] ++ optionals docSupport [ "doc" "devman" ]; + + cmakeFlags = [ "-DCMAKE_INSTALL_DATADIR=${placeholder "dev"}" ]; + meta = with stdenv.lib; { description = "Wayland C++ binding"; homepage = "https://github.com/NilsBrause/waylandpp/"; diff --git a/pkgs/development/python-modules/dotnetcore2/default.nix b/pkgs/development/python-modules/dotnetcore2/default.nix index 4d3edf0906a0..eeb962a845fd 100644 --- a/pkgs/development/python-modules/dotnetcore2/default.nix +++ b/pkgs/development/python-modules/dotnetcore2/default.nix @@ -7,7 +7,7 @@ buildPythonPackage rec { pname = "dotnetcore2"; - version = "2.1.11"; + version = "2.1.13"; format = "wheel"; disabled = isPy27; @@ -15,7 +15,7 @@ buildPythonPackage rec { inherit pname version format; python = "py3"; platform = "manylinux1_x86_64"; - sha256 = "0qhp94bjz4icz2f0fnhgck875chiqzy4lvsp6lwhj5jd0zsv2bb3"; + sha256 = "1fbg3pn7g0a6pg0gb5vaapcc3cdp6wfnliim57fn3cnzmx5d8p6i"; }; nativeBuildInputs = [ unzip ]; @@ -35,13 +35,9 @@ buildPythonPackage rec { ) ]; - # unfortunately the noraml pip install fails because the manylinux1 format check fails with NixOS - installPhase = '' - mkdir -p $out/${python.sitePackages}/${pname} - # copy metadata - cp -r dotnetcore2-2* $out/${python.sitePackages} - # copy non-dotnetcore related files - cp -r dotnetcore2/{__init__.py,runtime.py} $out/${python.sitePackages}/${pname} + # prevent exposing a broken dotnet executable + postInstall = '' + rm -r $out/${python.sitePackages}/${pname}/bin ''; # no tests, ensure it's one useful function works diff --git a/pkgs/development/python-modules/goobook/default.nix b/pkgs/development/python-modules/goobook/default.nix index f8daf66c1564..ac658b1940f4 100644 --- a/pkgs/development/python-modules/goobook/default.nix +++ b/pkgs/development/python-modules/goobook/default.nix @@ -12,6 +12,9 @@ buildPythonPackage rec { sha256 = "089a95s6g9izsy1fzpz48p6pz0wpngcbbrvsillm1n53492gfhjg"; }; + # Required for a breaking change in google-api-python-client 1.8.1: + patches = [ ./fix-build.patch ]; + propagatedBuildInputs = [ google_api_python_client simplejson oauth2client setuptools ]; diff --git a/pkgs/development/python-modules/goobook/fix-build.patch b/pkgs/development/python-modules/goobook/fix-build.patch new file mode 100644 index 000000000000..1121dbfdcb32 --- /dev/null +++ b/pkgs/development/python-modules/goobook/fix-build.patch @@ -0,0 +1,32 @@ +From 8de09b82c5ac900317043e1c1025f431516b6788 Mon Sep 17 00:00:00 2001 +From: Michael Weiss <dev.primeos@gmail.com> +Date: Tue, 21 Apr 2020 21:41:04 +0200 +Subject: [PATCH] Switch from the alias apiclient to googleapiclient + +This fixes the package after a breaking change / bug in +google-api-python-client 1.8.1 (see [0] and a lot of duplicate issues). + +The module apiclient is just an alias for googleapiclient [1]. + +[0]: https://github.com/googleapis/google-api-python-client/issues/870 +[1]: https://github.com/googleapis/google-api-python-client/blob/v1.8.1/apiclient/__init__.py +--- + goobook/goobook.py | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/goobook/goobook.py b/goobook/goobook.py +index 5bcb0b3..a2e25e9 100755 +--- a/goobook/goobook.py ++++ b/goobook/goobook.py +@@ -31,7 +31,7 @@ import sys + import time + + import httplib2 +-from apiclient.discovery import build ++from googleapiclient.discovery import build + + from goobook.storage import Storage, storageify, unstorageify + +-- +2.26.1 + diff --git a/pkgs/development/python-modules/google-api-python-client/default.nix b/pkgs/development/python-modules/google-api-python-client/default.nix index 2d7ae43f7f1e..ac7bcb5cd524 100644 --- a/pkgs/development/python-modules/google-api-python-client/default.nix +++ b/pkgs/development/python-modules/google-api-python-client/default.nix @@ -4,11 +4,11 @@ buildPythonPackage rec { pname = "google-api-python-client"; - version = "1.8.0"; + version = "1.8.2"; src = fetchPypi { inherit pname version; - sha256 = "003rgr15r9j080f3n5y2x6ymxsfv652m3r7j83p7sbrd9shl4nqg"; + sha256 = "09g7v6yrf8p0kgmjnzy9d0fx9p1zngk2pmprf0bx19j1zc9jqj5z"; }; # No tests included in archive diff --git a/pkgs/development/python-modules/matrix-nio/default.nix b/pkgs/development/python-modules/matrix-nio/default.nix index 9320efc91a23..ff4f6198aa5e 100644 --- a/pkgs/development/python-modules/matrix-nio/default.nix +++ b/pkgs/development/python-modules/matrix-nio/default.nix @@ -20,13 +20,13 @@ buildPythonPackage rec { pname = "nio"; - version = "0.9.0"; + version = "0.10.0"; src = fetchFromGitHub { owner = "poljar"; repo = "matrix-nio"; rev = version; - sha256 = "0gqhk9d06w1in6dj7aqy45skzyg8018nmclqd5r0m5nnw8yns6gz"; + sha256 = "04ryf9lrm0820hqij46hav6mgplabnyl9dfj46iwvxasn06fh2j8"; }; nativeBuildInputs = [ @@ -56,6 +56,6 @@ buildPythonPackage rec { description = "A Python Matrix client library, designed according to sans I/O principles"; homepage = "https://github.com/poljar/matrix-nio"; license = licenses.isc; - maintainers = with maintainers; [ tilpner emily ]; + maintainers = with maintainers; [ tilpner emily symphorien ]; }; } diff --git a/pkgs/development/python-modules/pulsectl/default.nix b/pkgs/development/python-modules/pulsectl/default.nix new file mode 100644 index 000000000000..dec80abda151 --- /dev/null +++ b/pkgs/development/python-modules/pulsectl/default.nix @@ -0,0 +1,31 @@ +{ lib, buildPythonPackage, fetchPypi, libpulseaudio, glibc, substituteAll, stdenv, pulseaudio, python }: + +buildPythonPackage rec { + pname = "pulsectl"; + version = "20.4.3"; + + src = fetchPypi { + inherit pname version; + sha256 = "1m5fz740r4rk2i8qsnblsn16hai7givqxbx21swhpflan1yzvzzm"; + }; + + patches = [ + (substituteAll { + src = ./library-paths.patch; + libpulse = "${libpulseaudio.out}/lib/libpulse${stdenv.hostPlatform.extensions.sharedLibrary}"; + librt = "${glibc.out}/lib/librt${stdenv.hostPlatform.extensions.sharedLibrary}"; + }) + ]; + + checkInputs = [ pulseaudio ]; + checkPhase = '' + ${python.interpreter} -m unittest pulsectl.tests.all + ''; + + meta = with lib; { + description = "Python high-level interface and ctypes-based bindings for PulseAudio (libpulse)"; + homepage = "https://pypi.python.org/pypi/pulsectl/"; + license = licenses.mit; + maintainers = with maintainers; [ hexa ]; + }; +} diff --git a/pkgs/development/python-modules/pulsectl/library-paths.patch b/pkgs/development/python-modules/pulsectl/library-paths.patch new file mode 100644 index 000000000000..5840e515258d --- /dev/null +++ b/pkgs/development/python-modules/pulsectl/library-paths.patch @@ -0,0 +1,22 @@ +diff --git a/pulsectl/_pulsectl.py b/pulsectl/_pulsectl.py +index 4422ddf..3fb2f39 100644 +--- a/pulsectl/_pulsectl.py ++++ b/pulsectl/_pulsectl.py +@@ -31,7 +31,7 @@ else: + if not hasattr(mono_time, 'ts'): + class timespec(Structure): + _fields_ = [('tv_sec', c_long), ('tv_nsec', c_long)] +- librt = CDLL('librt.so.1', use_errno=True) ++ librt = CDLL('@librt@', use_errno=True) + mono_time.get = librt.clock_gettime + mono_time.get.argtypes = [c_int, POINTER(timespec)] + mono_time.ts = timespec +@@ -625,7 +625,7 @@ class LibPulse(object): + + + def __init__(self): +- p = CDLL(ctypes.util.find_library('libpulse') or 'libpulse.so.0') ++ p = CDLL('@libpulse@') + + self.funcs = dict() + for k, spec in self.func_defs.items(): diff --git a/pkgs/development/python-modules/pylatexenc/default.nix b/pkgs/development/python-modules/pylatexenc/default.nix index 146aed9a3ecf..d4f14f3be014 100644 --- a/pkgs/development/python-modules/pylatexenc/default.nix +++ b/pkgs/development/python-modules/pylatexenc/default.nix @@ -1,30 +1,28 @@ { lib , buildPythonPackage , fetchFromGitHub -, pytest +, pytestCheckHook }: buildPythonPackage rec { pname = "pylatexenc"; - version = "2.1"; + version = "2.2"; src = fetchFromGitHub { owner = "phfaist"; - repo = pname; + repo = "pylatexenc"; rev = "v${version}"; - sha256 = "0wnl00y5dl56aw9j4y21kqapraaravbycwfxdmjsbgl11nk4llx9"; + sha256 = "0icwd7iipz3sv4jdh9iam7h4xslvdqg16rwsmczrna3mmjbwccdk"; }; pythonImportsCheck = [ "pylatexenc" ]; - checkInputs = [ pytest ]; - checkPhase = '' - pytest - ''; + dontUseSetuptoolsCheck = true; + checkInputs = [ pytestCheckHook ]; meta = with lib; { description = "Simple LaTeX parser providing latex-to-unicode and unicode-to-latex conversion"; homepage = "https://pylatexenc.readthedocs.io"; - downloadPage = "https;//www.github.com/phfaist/pylatexenc"; + downloadPage = "https://www.github.com/phfaist/pylatexenc/releases"; license = licenses.mit; maintainers = with maintainers; [ drewrisinger ]; }; diff --git a/pkgs/development/python-modules/pyroma/default.nix b/pkgs/development/python-modules/pyroma/default.nix new file mode 100644 index 000000000000..4ec06506b38b --- /dev/null +++ b/pkgs/development/python-modules/pyroma/default.nix @@ -0,0 +1,21 @@ +{ stdenv, buildPythonPackage, fetchPypi +, docutils, pygments, setuptools +}: + +buildPythonPackage rec { + pname = "pyroma"; + version = "2.6"; + + src = fetchPypi { + inherit pname version; + sha256 = "00j1j81kiipi5yppmk385cbfccf2ih0xyapl7pw6nqhrf8vh1764"; + }; + + propagatedBuildInputs = [ docutils pygments setuptools ]; + + meta = with stdenv.lib; { + description = "Test your project's packaging friendliness"; + homepage = "https://github.com/regebro/pyroma"; + license = licenses.mit; + }; +} diff --git a/pkgs/development/python-modules/pytest/4.nix b/pkgs/development/python-modules/pytest/4.nix index be2ef93e6ee5..d77e52ab7f6d 100644 --- a/pkgs/development/python-modules/pytest/4.nix +++ b/pkgs/development/python-modules/pytest/4.nix @@ -6,11 +6,6 @@ buildPythonPackage rec { version = "4.6.8"; pname = "pytest"; - preCheck = '' - # don't test bash builtins - rm testing/test_argcomplete.py - ''; - src = fetchPypi { inherit pname version; sha256 = "6192875be8af57b694b7c4904e909680102befcb99e610ef3d9f786952f795aa"; @@ -25,7 +20,14 @@ buildPythonPackage rec { doCheck = !isPyPy; # https://github.com/pytest-dev/pytest/issues/3460 checkPhase = '' runHook preCheck - $out/bin/py.test -x testing/ -k "not test_collect_pyargs_with_testpaths" + + # don't test bash builtins + rm testing/test_argcomplete.py + + # determinism - this test writes non deterministic bytecode + rm -rf testing/test_assertrewrite.py + + PYTHONDONTWRITEBYTECODE=1 $out/bin/py.test -x testing/ -k "not test_collect_pyargs_with_testpaths" runHook postCheck ''; diff --git a/pkgs/development/python-modules/simpleaudio/default.nix b/pkgs/development/python-modules/simpleaudio/default.nix new file mode 100644 index 000000000000..948716a9b7cb --- /dev/null +++ b/pkgs/development/python-modules/simpleaudio/default.nix @@ -0,0 +1,24 @@ +{ alsaLib, buildPythonPackage, fetchFromGitHub, isPy27, lib }: + +buildPythonPackage rec { + pname = "simpleaudio"; + version = "1.0.4"; + disabled = isPy27; + + src = fetchFromGitHub { + owner = "hamiltron"; + repo = "py-simple-audio"; + rev = version; + sha256 = "12nypzb1m14yip4zrbzin5jc5awyp1d5md5y40g5anj4phb4hx1i"; + }; + + buildInputs = [ alsaLib ]; + + meta = with lib; { + homepage = "https://github.com/hamiltron/py-simple-audio"; + description = + "A simple audio playback Python extension - cross-platform, asynchronous, dependency-free"; + license = licenses.mit; + maintainers = with maintainers; [ lucus16 ]; + }; +} diff --git a/pkgs/development/tools/ameba/default.nix b/pkgs/development/tools/ameba/default.nix index 2f3ebcbed0a6..a2d829f85c28 100644 --- a/pkgs/development/tools/ameba/default.nix +++ b/pkgs/development/tools/ameba/default.nix @@ -1,38 +1,16 @@ -{ stdenv, lib, fetchFromGitHub, crystal, shards }: +{ stdenv, lib, fetchFromGitHub, crystal }: -stdenv.mkDerivation rec { +crystal.buildCrystalPackage rec { pname = "ameba"; - version = "0.12.0"; + version = "0.12.1"; src = fetchFromGitHub { - owner = "crystal-ameba"; - repo = "ameba"; - rev = "v${version}"; - sha256 = "0g68yijbm2j4ig536fwq49d1z7x2iv9kp4g3gjklf5zn1sbqhm12"; + owner = "crystal-ameba"; + repo = "ameba"; + rev = "v${version}"; + sha256 = "0c2j2qki0czkpsqxv75qg95pk9f0w4rqa5ln07rs4bj9dk2lrr3l"; }; - nativeBuildInputs = [ crystal shards ]; - - buildPhase = '' - runHook preBuild - shards build --release - runHook postBuild - ''; - - installPhase = '' - runHook preInstall - install -Dm755 -t $out/bin bin/ameba - runHook postInstall - ''; - - doCheck = true; - - checkPhase = '' - runHook preCheck - crystal spec - runHook postCheck - ''; - meta = with stdenv.lib; { description = "A static code analysis tool for Crystal"; homepage = "https://crystal-ameba.github.io"; diff --git a/pkgs/development/tools/build-managers/shards/default.nix b/pkgs/development/tools/build-managers/shards/default.nix index 4ad78778a916..53bc057fc131 100644 --- a/pkgs/development/tools/build-managers/shards/default.nix +++ b/pkgs/development/tools/build-managers/shards/default.nix @@ -1,22 +1,29 @@ -{ stdenv, fetchFromGitHub, crystal, pcre, libyaml, which }: +{ stdenv, fetchFromGitHub, crystal }: crystal.buildCrystalPackage rec { pname = "shards"; version = "0.10.0"; src = fetchFromGitHub { - owner = "crystal-lang"; - repo = "shards"; - rev = "v${version}"; + owner = "crystal-lang"; + repo = "shards"; + rev = "v${version}"; sha256 = "1bjy3hcdqq8769bx73f3pwn26rnkj23dngyfbw4iv32bw23x1d49"; }; + # we cannot use `make` here as it would introduce a dependency on itself + format = "crystal"; + shardsFile = ./shards.nix; + crystalBinaries.shards.src = "./src/shards.cr"; + # tries to execute git which fails spectacularly + doCheck = false; + meta = with stdenv.lib; { description = "Dependency manager for the Crystal language"; - license = licenses.asl20; + license = licenses.asl20; maintainers = with maintainers; [ peterhoeg ]; inherit (crystal.meta) homepage platforms; }; diff --git a/pkgs/development/tools/continuous-integration/gitlab-runner/default.nix b/pkgs/development/tools/continuous-integration/gitlab-runner/default.nix index 1d94408bd21b..b18bea0c907f 100644 --- a/pkgs/development/tools/continuous-integration/gitlab-runner/default.nix +++ b/pkgs/development/tools/continuous-integration/gitlab-runner/default.nix @@ -1,16 +1,16 @@ { lib, buildGoPackage, fetchFromGitLab, fetchurl }: let - version = "12.9.0"; + version = "12.10.0"; # Gitlab runner embeds some docker images these are prebuilt for arm and x86_64 docker_x86_64 = fetchurl { url = "https://gitlab-runner-downloads.s3.amazonaws.com/v${version}/helper-images/prebuilt-x86_64.tar.xz"; - sha256 = "0kd4zc9rgzsl6imk9vi2yqpaxrgy8ywcz2vvpsfzrhhmm2yx3qh0"; + sha256 = "1a2cfr72b15h3ymxf69a0inb4amfxivdhfaj711wgyvcf5ymnbsv"; }; docker_arm = fetchurl { url = "https://gitlab-runner-downloads.s3.amazonaws.com/v${version}/helper-images/prebuilt-arm.tar.xz"; - sha256 = "13xwcvw6m3p5ffas5mr55jkqks9s3f7qg1b928vcxkx57j06kb22"; + sha256 = "18if2xbkldpn0bwfyk6bgbdl9rdg4rjxc0im6lclwcgpbmslwx5r"; }; in buildGoPackage rec { @@ -29,7 +29,7 @@ buildGoPackage rec { owner = "gitlab-org"; repo = "gitlab-runner"; rev = "v${version}"; - sha256 = "0p9i4z0xsq5rl6gkqjpwpz6hb57vi6wl969gncrsfskjjc1kcifq"; + sha256 = "0bsd3dk2fi21klqwzw8c181gv61qxbd32lj6mhkj9liz4flarhmv"; }; patches = [ ./fix-shell-path.patch ]; diff --git a/pkgs/development/tools/database/ephemeralpg/default.nix b/pkgs/development/tools/database/ephemeralpg/default.nix index 87b23d10f496..53f3c1df628d 100644 --- a/pkgs/development/tools/database/ephemeralpg/default.nix +++ b/pkgs/development/tools/database/ephemeralpg/default.nix @@ -1,10 +1,10 @@ { stdenv, fetchurl, postgresql, getopt, makeWrapper }: stdenv.mkDerivation rec { pname = "ephemeralpg"; - version = "2.9"; + version = "3.0"; src = fetchurl { url = "http://ephemeralpg.org/code/${pname}-${version}.tar.gz"; - sha256 = "1ghp3kya4lxvfwz3c022cx9vqf55jbf9sjw60bxjcb5sszklyc89"; + sha256 = "1j0g7g114ma7y7sadbng5p1ss1zsm9zpicm77qspym6565733vvh"; }; buildInputs = [ makeWrapper ]; installPhase = '' diff --git a/pkgs/development/tools/icr/default.nix b/pkgs/development/tools/icr/default.nix index 3a39d0ddf6bd..50a349d8ff71 100644 --- a/pkgs/development/tools/icr/default.nix +++ b/pkgs/development/tools/icr/default.nix @@ -1,28 +1,30 @@ -{ stdenv, fetchFromGitHub, crystal, shards, which -, openssl, readline, libyaml }: +{ stdenv, lib, fetchFromGitHub, crystal, shards, makeWrapper, pkgconfig, which +, openssl, readline, libyaml, zlib }: -stdenv.mkDerivation rec { +crystal.buildCrystalPackage rec { pname = "icr"; - version = "0.6.0"; + version = "0.8.0"; src = fetchFromGitHub { - owner = "crystal-community"; - repo = pname; - rev = "v${version}"; - sha256 = "0kkdqrxk4f4bqbb84mgjrk9r0fz1hsz95apvjsc49gav4c8xx3mb"; + owner = "crystal-community"; + repo = pname; + rev = "v${version}"; + sha256 = "1bz2bhs6csyg2rhrlknlvaiilq3vq8plxjh1hdxmbrfi3n6c7k5a"; }; - postPatch = '' - substituteInPlace Makefile \ - --replace /usr/local $out - ''; + shardsFile = ./shards.nix; + + buildInputs = [ libyaml openssl readline zlib ]; - buildInputs = [ crystal libyaml openssl readline ]; + nativeBuildInputs = [ makeWrapper pkgconfig which ]; - nativeBuildInputs = [ shards which ]; + # tests are failing due to our sandbox + doCheck = false; - doCheck = true; - checkTarget = "test"; + postFixup = '' + wrapProgram $out/bin/icr \ + --prefix PATH : ${lib.makeBinPath [ crystal shards makeWrapper which ]} + ''; meta = with stdenv.lib; { description = "Interactive console for the Crystal programming language"; diff --git a/pkgs/development/tools/icr/shards.nix b/pkgs/development/tools/icr/shards.nix new file mode 100644 index 000000000000..1dddd5a42c39 --- /dev/null +++ b/pkgs/development/tools/icr/shards.nix @@ -0,0 +1,8 @@ +{ + readline = { + owner = "crystal-lang"; + repo = "crystal-readline"; + rev = "0fb7d186da8e1b157998d98d1c96e99699b791eb"; + sha256 = "1rk27vw3ssldgnfgprwvz2gag02v4g6d6yg56b3sk9w3fn8jyyi8"; + }; +} diff --git a/pkgs/development/tools/ocaml/merlin/default.nix b/pkgs/development/tools/ocaml/merlin/default.nix index ed3d5efc789d..fa78e47951f3 100644 --- a/pkgs/development/tools/ocaml/merlin/default.nix +++ b/pkgs/development/tools/ocaml/merlin/default.nix @@ -2,13 +2,13 @@ buildDunePackage rec { pname = "merlin"; - version = "3.3.3"; + version = "3.3.4"; minimumOCamlVersion = "4.02.1"; src = fetchurl { url = "https://github.com/ocaml/merlin/releases/download/v${version}/merlin-v${version}.tbz"; - sha256 = "05dfkbpbb7nvs4g6y0iw7a9f73ygvhs9l45l2g56y7zagvs9x43j"; + sha256 = "12wxric6n3rmsn0w16xm8vjd8p5aw24cj76zw2x87qfwwgmy1kdd"; }; buildInputs = [ yojson ]; diff --git a/pkgs/development/tools/scry/default.nix b/pkgs/development/tools/scry/default.nix index 7bd3fa38332d..ed823896ad0f 100644 --- a/pkgs/development/tools/scry/default.nix +++ b/pkgs/development/tools/scry/default.nix @@ -1,6 +1,8 @@ -{ lib, fetchFromGitHub, crystal }: +{ lib, fetchFromGitHub, crystal_0_31, coreutils, shards, makeWrapper, which }: -crystal.buildCrystalPackage rec { +let crystal = crystal_0_31; + +in crystal.buildCrystalPackage rec { pname = "scry"; version = "0.8.1"; @@ -11,9 +13,27 @@ crystal.buildCrystalPackage rec { sha256 = "0ii4k9l3dgm1c9lllc8ni9dar59lrxik0v9iz7gk3d6v62wwnq79"; }; + # we are already testing for this, so we can ignore the failures + postPatch = '' + rm spec/scry/executable_spec.cr + ''; + + format = "crystal"; + + nativeBuildInputs = [ makeWrapper ]; + shardsFile = ./shards.nix; + crystalBinaries.scry.src = "src/scry.cr"; + postFixup = '' + wrapProgram $out/bin/scry \ + --prefix PATH : ${lib.makeBinPath [ crystal coreutils ]} + ''; + + # the binary doesn't take any arguments, so this will hang + doInstallCheck = false; + meta = with lib; { description = "Code analysis server for the Crystal programming language"; homepage = "https://github.com/crystal-lang-tools/scry"; diff --git a/pkgs/development/web/lucky-cli/default.nix b/pkgs/development/web/lucky-cli/default.nix new file mode 100644 index 000000000000..76f40de4ed13 --- /dev/null +++ b/pkgs/development/web/lucky-cli/default.nix @@ -0,0 +1,42 @@ +{ lib, fetchFromGitHub, crystal, makeWrapper, openssl }: + +crystal.buildCrystalPackage rec { + pname = "lucky-cli"; + version = "0.20.0"; + + src = fetchFromGitHub { + owner = "luckyframework"; + repo = "lucky_cli"; + rev = "v${version}"; + sha256 = "0n7fgnsivf39bkxpf7xgg9dqkam08axdn1j45wl1n0r4qmfkjs94"; + }; + + # the integration tests will try to clone a remote repos + postPatch = '' + rm -rf spec/integration + ''; + + format = "crystal"; + + lockFile = ./shard.lock; + shardsFile = ./shards.nix; + + crystalBinaries.lucky.src = "src/lucky.cr"; + + buildInputs = [ openssl ]; + + nativeBuildInputs = [ makeWrapper ]; + + postInstall = '' + wrapProgram $out/bin/lucky \ + --prefix PATH : ${lib.makeBinPath [ crystal ]} + ''; + + meta = with lib; { + description = + "A Crystal library for creating and running tasks. Also generates Lucky projects"; + license = licenses.mit; + maintainers = with maintainers; [ peterhoeg ]; + platforms = platforms.unix; + }; +} diff --git a/pkgs/development/web/lucky-cli/shard.lock b/pkgs/development/web/lucky-cli/shard.lock new file mode 100644 index 000000000000..6564e86624f7 --- /dev/null +++ b/pkgs/development/web/lucky-cli/shard.lock @@ -0,0 +1,5 @@ +version: 1.0 +shards: + teeplate: + github: luckyframework/teeplate + version: 0.8.1 diff --git a/pkgs/development/web/lucky-cli/shards.nix b/pkgs/development/web/lucky-cli/shards.nix new file mode 100644 index 000000000000..0fa5aec9e06d --- /dev/null +++ b/pkgs/development/web/lucky-cli/shards.nix @@ -0,0 +1,8 @@ +{ + teeplate = { + owner = "luckyframework"; + repo = "teeplate"; + rev = "v0.8.1"; + sha256 = "022jmmg3d2wq2xnhc63afldm9vrcr8xqn43s9i39d7qflrzrfc7v"; + }; +} diff --git a/pkgs/development/web/shopify-themekit/default.nix b/pkgs/development/web/shopify-themekit/default.nix new file mode 100644 index 000000000000..b8bc3deaca18 --- /dev/null +++ b/pkgs/development/web/shopify-themekit/default.nix @@ -0,0 +1,25 @@ +{ stdenv, buildGoPackage, fetchFromGitHub }: + +buildGoPackage rec { + pname = "shopify-themekit"; + version = "1.0.3"; + + goPackagePath = "github.com/Shopify/themekit/"; + + goDeps = ./shopify-themekit_deps.nix; + + src = fetchFromGitHub { + owner = "Shopify"; + repo = "themekit"; + rev = "v${version}"; + sha256 = "1780h33mf2h2lv6mr4xx3shfvsabr7w138yb59vvdgvjng9wjkg0"; + }; + + meta = with stdenv.lib; { + description = "A command line tool for shopify themes"; + homepage = "https://shopify.github.io/themekit/"; + license = licenses.mit; + maintainers = with maintainers; [ maintainers."1000101" ]; + platforms = platforms.all; + }; +} \ No newline at end of file diff --git a/pkgs/development/web/shopify-themekit/shopify-themekit_deps.nix b/pkgs/development/web/shopify-themekit/shopify-themekit_deps.nix new file mode 100644 index 000000000000..8a70c7cecd92 --- /dev/null +++ b/pkgs/development/web/shopify-themekit/shopify-themekit_deps.nix @@ -0,0 +1,300 @@ +# file generated from go.mod using vgo2nix (https://github.com/adisbladis/vgo2nix) +[ + { + goPackagePath = "github.com/VividCortex/ewma"; + fetch = { + type = "git"; + url = "https://github.com/VividCortex/ewma"; + rev = "v1.1.1"; + sha256 = "14v2dy5gqchjn7k0sd6cx59ms42v681r6xz7cb1kspp4b28a74rw"; + }; + } + { + goPackagePath = "github.com/aws/aws-sdk-go"; + fetch = { + type = "git"; + url = "https://github.com/aws/aws-sdk-go"; + rev = "1c16cd01d785"; + sha256 = "129iizv2rny2frg36057hayynpsdav53nhj41dia3mi2r6zyalny"; + }; + } + { + goPackagePath = "github.com/caarlos0/env"; + fetch = { + type = "git"; + url = "https://github.com/caarlos0/env"; + rev = "d0de832ed2fb"; + sha256 = "013shh38rs2jv4a2hsbix0hlanjr2a539akmkqkwwg0il9h3qmq2"; + }; + } + { + goPackagePath = "github.com/davecgh/go-spew"; + fetch = { + type = "git"; + url = "https://github.com/davecgh/go-spew"; + rev = "v1.1.1"; + sha256 = "0hka6hmyvp701adzag2g26cxdj47g21x6jz4sc6jjz1mn59d474y"; + }; + } + { + goPackagePath = "github.com/fatih/color"; + fetch = { + type = "git"; + url = "https://github.com/fatih/color"; + rev = "v1.7.0"; + sha256 = "0v8msvg38r8d1iiq2i5r4xyfx0invhc941kjrsg5gzwvagv55inv"; + }; + } + { + goPackagePath = "github.com/fsnotify/fsnotify"; + fetch = { + type = "git"; + url = "https://github.com/fsnotify/fsnotify"; + rev = "v1.4.7"; + sha256 = "07va9crci0ijlivbb7q57d2rz9h27zgn2fsm60spjsqpdbvyrx4g"; + }; + } + { + goPackagePath = "github.com/go-ini/ini"; + fetch = { + type = "git"; + url = "https://github.com/go-ini/ini"; + rev = "v1.25.4"; + sha256 = "0b6cql5ripbiyrm18d6bfd1rfjnwcbskppw3d0vb80l0wy72d0c6"; + }; + } + { + goPackagePath = "github.com/hashicorp/go-version"; + fetch = { + type = "git"; + url = "https://github.com/hashicorp/go-version"; + rev = "270f2f71b1ee"; + sha256 = "1d43wlp932nqbwkca4bhw8l4x6cg25jyh8l1s3814vddscfpfz2v"; + }; + } + { + goPackagePath = "github.com/imdario/mergo"; + fetch = { + type = "git"; + url = "https://github.com/imdario/mergo"; + rev = "v0.3.6"; + sha256 = "1lbzy8p8wv439sqgf0n21q52flf2wbamp6qa1jkyv6an0nc952q7"; + }; + } + { + goPackagePath = "github.com/inconshreveable/go-update"; + fetch = { + type = "git"; + url = "https://github.com/inconshreveable/go-update"; + rev = "8152e7eb6ccf"; + sha256 = "07czhspakpi7al004rm669cmf4h5l0vnygsm11280nkfn2zxqdi3"; + }; + } + { + goPackagePath = "github.com/inconshreveable/mousetrap"; + fetch = { + type = "git"; + url = "https://github.com/inconshreveable/mousetrap"; + rev = "v1.0.0"; + sha256 = "1mn0kg48xkd74brf48qf5hzp0bc6g8cf5a77w895rl3qnlpfw152"; + }; + } + { + goPackagePath = "github.com/jmespath/go-jmespath"; + fetch = { + type = "git"; + url = "https://github.com/jmespath/go-jmespath"; + rev = "0b12d6b521d8"; + sha256 = "1vv6hph8j6xgv7gwl9vvhlsaaqsm22sxxqmgmldi4v11783pc1ld"; + }; + } + { + goPackagePath = "github.com/joho/godotenv"; + fetch = { + type = "git"; + url = "https://github.com/joho/godotenv"; + rev = "v1.3.0"; + sha256 = "0ri8if0pc3x6jg4c3i8wr58xyfpxkwmcjk3rp8gb398a1aa3gpjm"; + }; + } + { + goPackagePath = "github.com/mattn/go-colorable"; + fetch = { + type = "git"; + url = "https://github.com/mattn/go-colorable"; + rev = "efa589957cd0"; + sha256 = "0kshi4hvm0ayrsxqxy0599iv81kryhd2fn9lwjyczpj593cq069r"; + }; + } + { + goPackagePath = "github.com/mattn/go-isatty"; + fetch = { + type = "git"; + url = "https://github.com/mattn/go-isatty"; + rev = "v0.0.4"; + sha256 = "0zs92j2cqaw9j8qx1sdxpv3ap0rgbs0vrvi72m40mg8aa36gd39w"; + }; + } + { + goPackagePath = "github.com/pmezard/go-difflib"; + fetch = { + type = "git"; + url = "https://github.com/pmezard/go-difflib"; + rev = "v1.0.0"; + sha256 = "0c1cn55m4rypmscgf0rrb88pn58j3ysvc2d0432dp3c6fqg6cnzw"; + }; + } + { + goPackagePath = "github.com/radovskyb/watcher"; + fetch = { + type = "git"; + url = "https://github.com/radovskyb/watcher"; + rev = "v1.0.6"; + sha256 = "1xlbrfgm6ha161szdjq2rab53plkdhmh5h86lpbk5g7fmq881945"; + }; + } + { + goPackagePath = "github.com/ryanuber/go-glob"; + fetch = { + type = "git"; + url = "https://github.com/ryanuber/go-glob"; + rev = "572520ed46db"; + sha256 = "0dzbpqp1h7gjmlm4irnh6lpbfz5zjc721jidibyvmxj7xcx3wp5d"; + }; + } + { + goPackagePath = "github.com/shibukawa/configdir"; + fetch = { + type = "git"; + url = "https://github.com/shibukawa/configdir"; + rev = "e180dbdc8da0"; + sha256 = "0vbma9jkwh0ifz8dk2ssgmy7aiaify63lpa0lah7i4dkkxr94c9z"; + }; + } + { + goPackagePath = "github.com/skratchdot/open-golang"; + fetch = { + type = "git"; + url = "https://github.com/skratchdot/open-golang"; + rev = "75fb7ed4208c"; + sha256 = "1b67imqbsdvg19vif1q1dfmapxy3v2anagacbql95fwnnw0v8jga"; + }; + } + { + goPackagePath = "github.com/spf13/cobra"; + fetch = { + type = "git"; + url = "https://github.com/spf13/cobra"; + rev = "7c4570c3ebeb"; + sha256 = "16amh0prlzqrrbg5j629sg0f688nfzfgn9sair8jyybqampr3wc7"; + }; + } + { + goPackagePath = "github.com/spf13/pflag"; + fetch = { + type = "git"; + url = "https://github.com/spf13/pflag"; + rev = "v1.0.2"; + sha256 = "005598piihl3l83a71ahj10cpq9pbhjck4xishx1b4dzc02r9xr2"; + }; + } + { + goPackagePath = "github.com/stretchr/objx"; + fetch = { + type = "git"; + url = "https://github.com/stretchr/objx"; + rev = "v0.1.1"; + sha256 = "0iph0qmpyqg4kwv8jsx6a56a7hhqq8swrazv40ycxk9rzr0s8yls"; + }; + } + { + goPackagePath = "github.com/stretchr/testify"; + fetch = { + type = "git"; + url = "https://github.com/stretchr/testify"; + rev = "v1.2.2"; + sha256 = "0dlszlshlxbmmfxj5hlwgv3r22x0y1af45gn1vd198nvvs3pnvfs"; + }; + } + { + goPackagePath = "github.com/vbauerster/mpb"; + fetch = { + type = "git"; + url = "https://github.com/vbauerster/mpb"; + rev = "v3.3.2"; + sha256 = "18m66b80iv9z768c15dqsx5mnjq6iaa6b5lckpdqnynqzkkvw8kk"; + }; + } + { + goPackagePath = "golang.org/x/crypto"; + fetch = { + type = "git"; + url = "https://go.googlesource.com/crypto"; + rev = "a1f597ede03a"; + sha256 = "0yiczljll72ip2vkxgd6052rhpaba37a68vf6si3v8s8s3g870lc"; + }; + } + { + goPackagePath = "golang.org/x/lint"; + fetch = { + type = "git"; + url = "https://go.googlesource.com/lint"; + rev = "d0100b6bd8b3"; + sha256 = "0b0amr9x4ji66iv9ayfx7zrfx52k1m5g66qfcxkgj80qrb1y2yn7"; + }; + } + { + goPackagePath = "golang.org/x/net"; + fetch = { + type = "git"; + url = "https://go.googlesource.com/net"; + rev = "1272bf9dcd53"; + sha256 = "1500gryd7jli7yjn4c927ppyllry8lxcmnsmpn7zxfd1k14q7nyv"; + }; + } + { + goPackagePath = "golang.org/x/sync"; + fetch = { + type = "git"; + url = "https://go.googlesource.com/sync"; + rev = "1d60e4601c6f"; + sha256 = "046jlanz2lkxq1r57x9bl6s4cvfqaic6p2xybsj8mq1120jv4rs6"; + }; + } + { + goPackagePath = "golang.org/x/sys"; + fetch = { + type = "git"; + url = "https://go.googlesource.com/sys"; + rev = "6c81ef8f67ca"; + sha256 = "1iqrral339vxb635ip5jjzn84aa86kb629kbp1w29qwyfzbs0yqi"; + }; + } + { + goPackagePath = "golang.org/x/text"; + fetch = { + type = "git"; + url = "https://go.googlesource.com/text"; + rev = "v0.3.0"; + sha256 = "0r6x6zjzhr8ksqlpiwm5gdd7s209kwk5p4lw54xjvz10cs3qlq19"; + }; + } + { + goPackagePath = "golang.org/x/tools"; + fetch = { + type = "git"; + url = "https://go.googlesource.com/tools"; + rev = "3f1ed9edd1b4"; + sha256 = "00d2h0df03gv57valad4wr3g2rc8dcn8w3ci783x9wzzc86y4giw"; + }; + } + { + goPackagePath = "gopkg.in/yaml.v1"; + fetch = { + type = "git"; + url = "https://gopkg.in/yaml.v1"; + rev = "9f9df34309c0"; + sha256 = "1r8d346szqa9x8q03wiycik5qy3d6w8qq4hs99z1p64q5lm0g7gm"; + }; + } +] diff --git a/pkgs/misc/cbeams/default.nix b/pkgs/misc/cbeams/default.nix new file mode 100644 index 000000000000..ec045ebf3efd --- /dev/null +++ b/pkgs/misc/cbeams/default.nix @@ -0,0 +1,21 @@ +{ lib, buildPythonApplication, fetchPypi, isPy3k, blessings, docopt }: + +buildPythonApplication rec { + pname = "cbeams"; + version = "1.0.3"; + disabled = !isPy3k; + + src = fetchPypi { + inherit pname version; + sha256 = "1agcjg6kmcyvk834xd2j60mi349qi9iw3dc2vwpd7pqwq1daq3gi"; + }; + + propagatedBuildInputs = [ blessings docopt ]; + + meta = with lib; { + homepage = "https://github.com/tartley/cbeams"; + description = "Command-line program to draw animated colored circles in the terminal"; + license = licenses.bsd3; + maintainers = with maintainers; [ geistesk ]; + }; +} diff --git a/pkgs/misc/emulators/pcsx2/default.nix b/pkgs/misc/emulators/pcsx2/default.nix index 6f28c5777ca1..3faba2ee467c 100644 --- a/pkgs/misc/emulators/pcsx2/default.nix +++ b/pkgs/misc/emulators/pcsx2/default.nix @@ -5,13 +5,13 @@ stdenv.mkDerivation rec { pname = "pcsx2"; - version = "unstable-2020-01-05"; + version = "1.6.0-rc"; src = fetchFromGitHub { owner = "PCSX2"; repo = "pcsx2"; - rev = "9c12937351c51b921e1f28d44b019bc52e747c51"; - sha256 = "0y1f5v99a6njmf6hyvl4z5xnrm7351rkyw2fn4f09hqn92r7zmi5"; + rev = "v${version}"; + sha256 = "1mdv1dgwawb4k6bs1jh6j2jaaxg168fbssm1lwnlk5di0gz31h23"; }; postPatch = "sed '1i#include \"x86intrin.h\"' -i common/src/x86emitter/cpudetect.cpp"; diff --git a/pkgs/misc/uboot/default.nix b/pkgs/misc/uboot/default.nix index 06da268ff533..321891892b7b 100644 --- a/pkgs/misc/uboot/default.nix +++ b/pkgs/misc/uboot/default.nix @@ -1,15 +1,27 @@ -{ stdenv, lib, fetchurl, fetchpatch, fetchFromGitHub, bc, bison, dtc, flex -, openssl, swig, meson-tools, armTrustedFirmwareAllwinner -, armTrustedFirmwareRK3328, armTrustedFirmwareRK3399 +{ stdenv +, lib +, fetchurl +, fetchpatch +, fetchFromGitHub +, bc +, bison +, dtc +, flex +, openssl +, swig +, meson-tools +, armTrustedFirmwareAllwinner +, armTrustedFirmwareRK3328 +, armTrustedFirmwareRK3399 , armTrustedFirmwareS905 , buildPackages }: let - defaultVersion = "2020.01"; + defaultVersion = "2020.04"; defaultSrc = fetchurl { url = "ftp://ftp.denx.de/pub/u-boot/u-boot-${defaultVersion}.tar.bz2"; - sha256 = "1w9ml4jl15q6ixpdqzspxjnl7d3rgxd7f99ms1xv5c8869h3qida"; + sha256 = "0wjkasnz87q86hx93inspdjfjsinmxi87bcvj30c773x0fpjlwzy"; }; buildUBoot = { version ? null diff --git a/pkgs/servers/mpd/default.nix b/pkgs/servers/mpd/default.nix index 4f97e3fc7838..d5a3b9de3c0a 100644 --- a/pkgs/servers/mpd/default.nix +++ b/pkgs/servers/mpd/default.nix @@ -18,6 +18,7 @@ , mpd_clientlib # Tag support , libid3tag +, nixosTests }: let @@ -128,6 +129,8 @@ let ++ lib.optional (builtins.elem "systemd" features_) "-Dsystemd_system_unit_dir=etc/systemd/system"; + passthru.tests.nixos = nixosTests.mpd; + meta = with stdenv.lib; { description = "A flexible, powerful daemon for playing music"; homepage = "https://www.musicpd.org/"; diff --git a/pkgs/servers/oauth2_proxy/default.nix b/pkgs/servers/oauth2_proxy/default.nix index d0a571988202..225c221b319e 100644 --- a/pkgs/servers/oauth2_proxy/default.nix +++ b/pkgs/servers/oauth2_proxy/default.nix @@ -2,23 +2,28 @@ buildGoPackage rec { pname = "oauth2_proxy"; - version = "3.2.0"; - + version = "5.1.0"; + goPackagePath = "github.com/pusher/${pname}"; src = fetchFromGitHub { repo = pname; owner = "pusher"; - sha256 = "0k73ggyh12g2vzjq91i9d3bxbqfvh5k6njzza1lvkzasgp07wisg"; + sha256 = "190k1v2c1f6vp9waqs01rlzm0jc3vrmsq1w1n0c2q2nfqx76y2wz"; rev = "v${version}"; }; goDeps = ./deps.nix; + doCheck = true; + + # Taken from https://github.com/oauth2-proxy/oauth2-proxy/blob/master/Makefile + buildFlagsArray = ("-ldflags=-X main.VERSION=${version}"); + meta = with lib; { - description = "A reverse proxy that provides authentication with Google, Github or other provider"; + description = "A reverse proxy that provides authentication with Google, Github, or other providers"; homepage = "https://github.com/pusher/oauth2_proxy/"; license = licenses.mit; - maintainers = [ maintainers.yorickvp ]; + maintainers = with maintainers; [ yorickvp knl ]; }; } diff --git a/pkgs/servers/oauth2_proxy/deps.nix b/pkgs/servers/oauth2_proxy/deps.nix index dd10ab286689..611a07c2fda0 100644 --- a/pkgs/servers/oauth2_proxy/deps.nix +++ b/pkgs/servers/oauth2_proxy/deps.nix @@ -1,183 +1,615 @@ -# file generated from Gopkg.lock using dep2nix (https://github.com/nixcloud/dep2nix) +# file generated from go.mod using vgo2nix (https://github.com/adisbladis/vgo2nix) [ { - goPackagePath = "cloud.google.com/go"; + goPackagePath = "cloud.google.com/go"; fetch = { type = "git"; url = "https://code.googlesource.com/gocloud"; - rev = "2d3a6656c17a60b0815b7e06ab0be04eacb6e613"; - sha256 = "0fi3qj9fvc4bxbrwa1m5sxsb8yhvawiwigaddvmmizjykxbq5csq"; + rev = "v0.38.0"; + sha256 = "0n6n13b7lri2fmc4bn4ifszyawj31dpbzvyv0xafsf81440z8cyh"; }; } { - goPackagePath = "github.com/BurntSushi/toml"; + goPackagePath = "github.com/BurntSushi/toml"; fetch = { type = "git"; url = "https://github.com/BurntSushi/toml"; - rev = "b26d9c308763d68093482582cea63d69be07a0f0"; - sha256 = "0k7v2i1d2d6si8gswn83qb84czhhia53v2wdy33yz9ppdidxk0ry"; + rev = "v0.3.1"; + sha256 = "1fjdwwfzyzllgiwydknf1pwjvy49qxfsczqx5gz3y0izs7as99j6"; }; } { - goPackagePath = "github.com/bitly/go-simplejson"; + goPackagePath = "github.com/alicebob/gopher-json"; + fetch = { + type = "git"; + url = "https://github.com/alicebob/gopher-json"; + rev = "5a6b3ba71ee6"; + sha256 = "0hx6n722zq51p852lv56k39yjy09lw6mnr2c3x0p23rfyyrakj2p"; + }; + } + { + goPackagePath = "github.com/alicebob/miniredis"; + fetch = { + type = "git"; + url = "https://github.com/alicebob/miniredis"; + rev = "v2.11.2"; + sha256 = "1fc6w9n1jznwj8ks2svxmjrv87pk3spjf5z3kcxpgpynp13pd55n"; + }; + } + { + goPackagePath = "github.com/bitly/go-simplejson"; fetch = { type = "git"; url = "https://github.com/bitly/go-simplejson"; - rev = "aabad6e819789e569bd6aabf444c935aa9ba1e44"; + rev = "v0.5.0"; sha256 = "0n9f9dz1jn1jx86d48569nznpjn9fmq3knn7r65xpy7jhih284jj"; }; } { - goPackagePath = "github.com/coreos/go-oidc"; + goPackagePath = "github.com/bmizerany/assert"; + fetch = { + type = "git"; + url = "https://github.com/bmizerany/assert"; + rev = "b7ed37b82869"; + sha256 = "18hy1wyl9zdi7sgxafrn3m7fadh6in0rhhb8l0cvkxqzdl0jcw2s"; + }; + } + { + goPackagePath = "github.com/census-instrumentation/opencensus-proto"; + fetch = { + type = "git"; + url = "https://github.com/census-instrumentation/opencensus-proto"; + rev = "v0.2.1"; + sha256 = "19fcx3sc99i5dsklny6r073z5j20vlwn2xqm6di1q3b1xwchzqfj"; + }; + } + { + goPackagePath = "github.com/chzyer/logex"; + fetch = { + type = "git"; + url = "https://github.com/chzyer/logex"; + rev = "v1.1.10"; + sha256 = "08pbjj3wx9acavlwyr055isa8a5hnmllgdv5k6ra60l5y1brmlq4"; + }; + } + { + goPackagePath = "github.com/chzyer/readline"; + fetch = { + type = "git"; + url = "https://github.com/chzyer/readline"; + rev = "2972be24d48e"; + sha256 = "104q8dazj8yf6b089jjr82fy9h1g80zyyzvp3g8b44a7d8ngjj6r"; + }; + } + { + goPackagePath = "github.com/chzyer/test"; + fetch = { + type = "git"; + url = "https://github.com/chzyer/test"; + rev = "a1ea475d72b1"; + sha256 = "0rns2aqk22i9xsgyap0pq8wi4cfaxsri4d9q6xxhhyma8jjsnj2k"; + }; + } + { + goPackagePath = "github.com/client9/misspell"; + fetch = { + type = "git"; + url = "https://github.com/client9/misspell"; + rev = "v0.3.4"; + sha256 = "1vwf33wsc4la25zk9nylpbp9px3svlmldkm0bha4hp56jws4q9cs"; + }; + } + { + goPackagePath = "github.com/coreos/go-oidc"; fetch = { type = "git"; url = "https://github.com/coreos/go-oidc"; - rev = "77e7f2010a464ade7338597afe650dfcffbe2ca8"; - sha256 = "0mh8fa7al9gfzx4k7rd623bpy14s06s96iz6lbf6psi5q2bnbs2r"; + rev = "v2.2.1"; + sha256 = "11m6slbpi33ynffml7812piq4anhjlf1qszjlsf26f5y7x3qh8n5"; }; } { - goPackagePath = "github.com/davecgh/go-spew"; + goPackagePath = "github.com/davecgh/go-spew"; fetch = { type = "git"; url = "https://github.com/davecgh/go-spew"; - rev = "346938d642f2ec3594ed81d874461961cd0faa76"; + rev = "v1.1.0"; sha256 = "0d4jfmak5p6lb7n2r6yvf5p1zcw0l8j74kn55ghvr7zr7b7axm6c"; }; } { - goPackagePath = "github.com/dgrijalva/jwt-go"; + goPackagePath = "github.com/dgrijalva/jwt-go"; fetch = { type = "git"; url = "https://github.com/dgrijalva/jwt-go"; - rev = "06ea1031745cb8b3dab3f6a236daf2b0aa468b7e"; + rev = "v3.2.0"; sha256 = "08m27vlms74pfy5z79w67f9lk9zkx6a9jd68k3c4msxy75ry36mp"; }; } { - goPackagePath = "github.com/golang/protobuf"; + goPackagePath = "github.com/envoyproxy/go-control-plane"; + fetch = { + type = "git"; + url = "https://github.com/envoyproxy/go-control-plane"; + rev = "5f8ba28d4473"; + sha256 = "1f1s764rd41vd9vgk3r14h1m6fz6pdvxj6fd83q58gxifbc4q5w4"; + }; + } + { + goPackagePath = "github.com/envoyproxy/protoc-gen-validate"; + fetch = { + type = "git"; + url = "https://github.com/envoyproxy/protoc-gen-validate"; + rev = "v0.1.0"; + sha256 = "0kxd3wwh3xwqk0r684hsy281xq4y71cd11d4q2hspcjbnlbwh7cy"; + }; + } + { + goPackagePath = "github.com/fsnotify/fsnotify"; + fetch = { + type = "git"; + url = "https://github.com/fsnotify/fsnotify"; + rev = "v1.4.7"; + sha256 = "07va9crci0ijlivbb7q57d2rz9h27zgn2fsm60spjsqpdbvyrx4g"; + }; + } + { + goPackagePath = "github.com/go-redis/redis"; + fetch = { + type = "git"; + url = "https://github.com/go-redis/redis"; + rev = "v6.15.7"; + sha256 = "0fc0sfispyzn652ny05wn6bz18a60n6ryk23ki8j97xx3l24nq2g"; + }; + } + { + goPackagePath = "github.com/golang/glog"; + fetch = { + type = "git"; + url = "https://github.com/golang/glog"; + rev = "23def4e6c14b"; + sha256 = "0jb2834rw5sykfr937fxi8hxi2zy80sj2bdn9b3jb4b26ksqng30"; + }; + } + { + goPackagePath = "github.com/golang/mock"; + fetch = { + type = "git"; + url = "https://github.com/golang/mock"; + rev = "v1.2.0"; + sha256 = "12ddj2g8ab87id6n2n67vnbhq6p8dvgsq1pzpqfriym4dk8w54fg"; + }; + } + { + goPackagePath = "github.com/golang/protobuf"; fetch = { type = "git"; url = "https://github.com/golang/protobuf"; - rev = "1e59b77b52bf8e4b449a57e6f79f21226d571845"; - sha256 = "19bkh81wnp6njg3931wky6hsnnl2d1ig20vfjxpv450sd3k6yys8"; + rev = "v1.3.2"; + sha256 = "1k1wb4zr0qbwgpvz9q5ws9zhlal8hq7dmq62pwxxriksayl6hzym"; + }; + } + { + goPackagePath = "github.com/gomodule/redigo"; + fetch = { + type = "git"; + url = "https://github.com/gomodule/redigo"; + rev = "v2.0.0"; + sha256 = "1kg7s8027b4g1sfw0v3nh30c15j407kv684s53gg281r807dnfpk"; + }; + } + { + goPackagePath = "github.com/google/btree"; + fetch = { + type = "git"; + url = "https://github.com/google/btree"; + rev = "4030bb1f1f0c"; + sha256 = "0ba430m9fbnagacp57krgidsyrgp3ycw5r7dj71brgp5r52g82p6"; + }; + } + { + goPackagePath = "github.com/google/go-cmp"; + fetch = { + type = "git"; + url = "https://github.com/google/go-cmp"; + rev = "v0.3.0"; + sha256 = "1hyxx3434zshl2m9ja78gwlkg1rx9yl6diqa7dnjb31xz5x4gbjj"; + }; + } + { + goPackagePath = "github.com/google/martian"; + fetch = { + type = "git"; + url = "https://github.com/google/martian"; + rev = "v2.1.0"; + sha256 = "197hil6vrjk50b9wvwyzf61csid83whsjj6ik8mc9r2lryxlyyrp"; + }; + } + { + goPackagePath = "github.com/google/pprof"; + fetch = { + type = "git"; + url = "https://github.com/google/pprof"; + rev = "3ea8567a2e57"; + sha256 = "09rhjn3ms0a72dw0yzbp237p7yhqma772zspddn6mgkh3gi3kn4c"; + }; + } + { + goPackagePath = "github.com/googleapis/gax-go"; + fetch = { + type = "git"; + url = "https://github.com/googleapis/gax-go"; + rev = "v2.0.5"; + sha256 = "1lxawwngv6miaqd25s3ba0didfzylbwisd2nz7r4gmbmin6jsjrx"; + }; + } + { + goPackagePath = "github.com/hashicorp/golang-lru"; + fetch = { + type = "git"; + url = "https://github.com/hashicorp/golang-lru"; + rev = "v0.5.1"; + sha256 = "13f870cvk161bzjj6x41l45r5x9i1z9r2ymwmvm7768kg08zznpy"; + }; + } + { + goPackagePath = "github.com/hpcloud/tail"; + fetch = { + type = "git"; + url = "https://github.com/hpcloud/tail"; + rev = "v1.0.0"; + sha256 = "1njpzc0pi1acg5zx9y6vj9xi6ksbsc5d387rd6904hy6rh2m6kn0"; + }; + } + { + goPackagePath = "github.com/jstemmer/go-junit-report"; + fetch = { + type = "git"; + url = "https://github.com/jstemmer/go-junit-report"; + rev = "af01ea7f8024"; + sha256 = "1lp3n94ris12hac02wi31f3whs88lcrzwgdg43a5j6cafg9p1d0s"; + }; + } + { + goPackagePath = "github.com/kr/pretty"; + fetch = { + type = "git"; + url = "https://github.com/kr/pretty"; + rev = "v0.2.0"; + sha256 = "1ywbfzz1h3a3qd8rpkiqwi1dm4w8ls9ijb4x1b7567grns9f0vnp"; }; } { - goPackagePath = "github.com/mbland/hmacauth"; + goPackagePath = "github.com/kr/pty"; + fetch = { + type = "git"; + url = "https://github.com/kr/pty"; + rev = "v1.1.1"; + sha256 = "0383f0mb9kqjvncqrfpidsf8y6ns5zlrc91c6a74xpyxjwvzl2y6"; + }; + } + { + goPackagePath = "github.com/kr/text"; + fetch = { + type = "git"; + url = "https://github.com/kr/text"; + rev = "v0.1.0"; + sha256 = "1gm5bsl01apvc84bw06hasawyqm4q84vx1pm32wr9jnd7a8vjgj1"; + }; + } + { + goPackagePath = "github.com/mbland/hmacauth"; fetch = { type = "git"; url = "https://github.com/mbland/hmacauth"; - rev = "107c17adcc5eccc9935cd67d9bc2feaf5255d2cb"; - sha256 = "1zd9r8znhkxyl997lhjk8nrlxlfv5s1hn7ql87wrcyvlsszx3mzh"; + rev = "44256dfd4bfa"; + sha256 = "1d5pbjgc5j8pi3frsjp5gqg7j12bxdbl55nhy01cv4c96hay2ij1"; }; } { - goPackagePath = "github.com/mreiferson/go-options"; + goPackagePath = "github.com/mreiferson/go-options"; fetch = { type = "git"; url = "https://github.com/mreiferson/go-options"; - rev = "20ba7d382d05facb01e02eb777af0c5f229c5c95"; - sha256 = "1vdz3wqkj885a0jkggaygl4k6k8b94fpspywr26snm4xnb8vgxsf"; + rev = "v1.0.0"; + sha256 = "1pxs9ybrh196qy14ijn4zn51h2z28lj31y6vxrz2xxhgvpmfmxyl"; + }; + } + { + goPackagePath = "github.com/onsi/ginkgo"; + fetch = { + type = "git"; + url = "https://github.com/onsi/ginkgo"; + rev = "v1.12.0"; + sha256 = "0ly246i0ax53l6dn9f1zlhkd9gs03hvbk7aazxay2dd5fxzh9n65"; }; } { - goPackagePath = "github.com/pmezard/go-difflib"; + goPackagePath = "github.com/onsi/gomega"; + fetch = { + type = "git"; + url = "https://github.com/onsi/gomega"; + rev = "v1.9.0"; + sha256 = "0l69r6nbnz6b3j9zrqn8aql88jjv1pqykzkvqdbhfprss9b2dy46"; + }; + } + { + goPackagePath = "github.com/pmezard/go-difflib"; fetch = { type = "git"; url = "https://github.com/pmezard/go-difflib"; - rev = "792786c7400a136282c1664665ae0a8db921c6c2"; + rev = "v1.0.0"; sha256 = "0c1cn55m4rypmscgf0rrb88pn58j3ysvc2d0432dp3c6fqg6cnzw"; }; } { - goPackagePath = "github.com/pquerna/cachecontrol"; + goPackagePath = "github.com/pquerna/cachecontrol"; fetch = { type = "git"; url = "https://github.com/pquerna/cachecontrol"; - rev = "0dec1b30a0215bb68605dfc568e8855066c9202d"; - sha256 = "14yyfhrv60rvb983rqm7s916nwvn9kcmbvnrcna2md0s3mkzs3yh"; + rev = "1555304b9b35"; + sha256 = "0nr3p9pms6jmr2s44vy2s22q1d3v6xns2kzsvkq2gg1rkx6c1hc9"; }; } { - goPackagePath = "github.com/stretchr/testify"; + goPackagePath = "github.com/prometheus/client_model"; + fetch = { + type = "git"; + url = "https://github.com/prometheus/client_model"; + rev = "14fe0d1b01d4"; + sha256 = "0zdmk6rbbx39cvfz0r59v2jg5sg9yd02b4pds5n5llgvivi99550"; + }; + } + { + goPackagePath = "github.com/stretchr/objx"; + fetch = { + type = "git"; + url = "https://github.com/stretchr/objx"; + rev = "v0.1.0"; + sha256 = "19ynspzjdynbi85xw06mh8ad5j0qa1vryvxjgvbnyrr8rbm4vd8w"; + }; + } + { + goPackagePath = "github.com/stretchr/testify"; fetch = { type = "git"; url = "https://github.com/stretchr/testify"; - rev = "69483b4bd14f5845b5a1e55bca19e954e827f1d0"; - sha256 = "11lzrwkdzdd8yyag92akncc008h2f9d1bpc489mxiwp0jrmz4ivb"; + rev = "v1.5.1"; + sha256 = "09r89m1wy4cjv2nps1ykp00qjpi0531r07q3s34hr7m6njk4srkl"; }; } { - goPackagePath = "github.com/yhat/wsutil"; + goPackagePath = "github.com/yhat/wsutil"; fetch = { type = "git"; url = "https://github.com/yhat/wsutil"; - rev = "1d66fa95c997864ba4d8479f56609620fe542928"; + rev = "1d66fa95c997"; sha256 = "1agh4ss6y1laps8pg4mdl844ivmw2wrb7rnpfyag4gai4693i7bv"; }; } { - goPackagePath = "golang.org/x/crypto"; + goPackagePath = "github.com/yuin/gopher-lua"; + fetch = { + type = "git"; + url = "https://github.com/yuin/gopher-lua"; + rev = "ab39c6098bdb"; + sha256 = "13b0rrpv3988qw8rq6z7npajn1my059ybhafi5mxff9jw09k9sja"; + }; + } + { + goPackagePath = "go.opencensus.io"; + fetch = { + type = "git"; + url = "https://github.com/census-instrumentation/opencensus-go"; + rev = "v0.21.0"; + sha256 = "14s0a12xdzjvad0dgksgv8m3hh7nc585abvjkvyk6r67a29lxj6x"; + }; + } + { + goPackagePath = "golang.org/x/crypto"; fetch = { type = "git"; url = "https://go.googlesource.com/crypto"; - rev = "9f005a07e0d31d45e6656d241bb5c0f2efd4bc94"; - sha256 = "1mhmr6ljzl3iafsz4qy8vval7rmr828wh59dlqqqjqx6sqmcs1dv"; + rev = "2aa609cf4a9d"; + sha256 = "1yvis6fqbsd7f356aqyi18f76vnwj3bry6mxqnkvshq4cwrf92il"; + }; + } + { + goPackagePath = "golang.org/x/exp"; + fetch = { + type = "git"; + url = "https://go.googlesource.com/exp"; + rev = "509febef88a4"; + sha256 = "02isrh39z8znrp5znplzy0dip2gnrl3jm1355raliyvhnhg04j6q"; + }; + } + { + goPackagePath = "golang.org/x/lint"; + fetch = { + type = "git"; + url = "https://go.googlesource.com/lint"; + rev = "959b441ac422"; + sha256 = "1mgcv5f00pkzsbwnq2y7vqvd1b4lr5a3s47cphh2qv4indfk7pck"; }; } { - goPackagePath = "golang.org/x/net"; + goPackagePath = "golang.org/x/net"; fetch = { type = "git"; url = "https://go.googlesource.com/net"; - rev = "9dfe39835686865bff950a07b394c12a98ddc811"; - sha256 = "0z8mnl4mi88syafrgqys2ak2gg3yrbna25hpz88y3anl8x4jhg1a"; + rev = "0de0cce0169b"; + sha256 = "1db7s5kbzyh2zd5lpv05n7hp8wbwdvgk0wpiwrlnig94mkr0y5aq"; }; } { - goPackagePath = "golang.org/x/oauth2"; + goPackagePath = "golang.org/x/oauth2"; fetch = { type = "git"; url = "https://go.googlesource.com/oauth2"; - rev = "9ff8ebcc8e241d46f52ecc5bff0e5a2f2dbef402"; - sha256 = "035v5w1nad6r1l22cj6f73zzr6qi4jgq71yjywf2c6rvsa5147r2"; + rev = "bf48bf16ab8d"; + sha256 = "1sirdib60zwmh93kf9qrx51r8544k1p9rs5mk0797wibz3m4mrdg"; }; } { - goPackagePath = "google.golang.org/api"; + goPackagePath = "golang.org/x/sync"; + fetch = { + type = "git"; + url = "https://go.googlesource.com/sync"; + rev = "112230192c58"; + sha256 = "05i2k43j2d0llq768hg5pf3hb2yhfzp9la1w5wp0rsnnzblr0lfn"; + }; + } + { + goPackagePath = "golang.org/x/sys"; + fetch = { + type = "git"; + url = "https://go.googlesource.com/sys"; + rev = "bd437916bb0e"; + sha256 = "1i8x26frmlin55k69k936zd1rp5sqnq14y5ms4rkxbfzhasdm2rx"; + }; + } + { + goPackagePath = "golang.org/x/text"; + fetch = { + type = "git"; + url = "https://go.googlesource.com/text"; + rev = "v0.3.2"; + sha256 = "0flv9idw0jm5nm8lx25xqanbkqgfiym6619w575p7nrdh0riqwqh"; + }; + } + { + goPackagePath = "golang.org/x/time"; + fetch = { + type = "git"; + url = "https://go.googlesource.com/time"; + rev = "85acf8d2951c"; + sha256 = "0yqnxsrarjk4qkda8kcxzmk7y90kkkxzx9iwryzrk7bzs87ky3xc"; + }; + } + { + goPackagePath = "golang.org/x/tools"; + fetch = { + type = "git"; + url = "https://go.googlesource.com/tools"; + rev = "2c0ae7006135"; + sha256 = "1lsi2ssxajclj3bciz2a41v1vjv768ja3v6wnbyhxy8xphwkp4fk"; + }; + } + { + goPackagePath = "golang.org/x/xerrors"; + fetch = { + type = "git"; + url = "https://go.googlesource.com/xerrors"; + rev = "a985d3407aa7"; + sha256 = "00wzr5w8aadipgc3rkk8f11i41znskfj9ix5nhhaxyg7isrslgcj"; + }; + } + { + goPackagePath = "google.golang.org/api"; fetch = { type = "git"; url = "https://code.googlesource.com/google-api-go-client"; - rev = "8791354e7ab150705ede13637a18c1fcc16b62e8"; - sha256 = "0ps7y4m9787wvkqwrwqyb4nmmibhrihmg7xqh7sba2cyj397wngm"; + rev = "v0.19.0"; + sha256 = "0rbwijzl91xmbr9kqhiwx4fydm7r6ci6rxsi9jsy8zap9zy120f6"; }; } { - goPackagePath = "google.golang.org/appengine"; + goPackagePath = "google.golang.org/appengine"; fetch = { type = "git"; url = "https://github.com/golang/appengine"; - rev = "150dc57a1b433e64154302bdc40b6bb8aefa313a"; - sha256 = "0w3knznv39k8bm85ri62f83czcrxknql7dv6p9hk1a5jx3xljgxq"; + rev = "v1.5.0"; + sha256 = "0l7mkdnwhidv8m686x432vmx8z5nqcrr9f46ddgvrxbh4wvyfcll"; }; } { - goPackagePath = "gopkg.in/fsnotify/fsnotify.v1"; + goPackagePath = "google.golang.org/genproto"; fetch = { type = "git"; - url = "https://github.com/fsnotify/fsnotify"; - rev = "836bfd95fecc0f1511dd66bdbf2b5b61ab8b00b6"; - sha256 = "0470dznkcbabncskgr8hfilpj5w24ygg455pyggbfbssmfv1m9gg"; + url = "https://github.com/google/go-genproto"; + rev = "24fa4b261c55"; + sha256 = "109zhaqlfd8zkbr1hk6zqbs6vcxfrk64scjwh2nswph05gr0m84d"; + }; + } + { + goPackagePath = "google.golang.org/grpc"; + fetch = { + type = "git"; + url = "https://github.com/grpc/grpc-go"; + rev = "v1.27.0"; + sha256 = "1ijrmgrxyabfn51nm3p9l81iaasq5fg237wnr6mdc4dzsfcg8kd7"; + }; + } + { + goPackagePath = "gopkg.in/check.v1"; + fetch = { + type = "git"; + url = "https://gopkg.in/check.v1"; + rev = "20d25e280405"; + sha256 = "0k1m83ji9l1a7ng8a7v40psbymxasmssbrrhpdv2wl4rhs0nc3np"; + }; + } + { + goPackagePath = "gopkg.in/fsnotify.v1"; + fetch = { + type = "git"; + url = "https://gopkg.in/fsnotify.v1"; + rev = "v1.4.7"; + sha256 = "07va9crci0ijlivbb7q57d2rz9h27zgn2fsm60spjsqpdbvyrx4g"; + }; + } + { + goPackagePath = "gopkg.in/fsnotify/fsnotify.v1"; + fetch = { + type = "git"; + url = "https://gopkg.in/fsnotify/fsnotify.v1"; + rev = "v1.4.7"; + sha256 = "07va9crci0ijlivbb7q57d2rz9h27zgn2fsm60spjsqpdbvyrx4g"; + }; + } + { + goPackagePath = "gopkg.in/natefinch/lumberjack.v2"; + fetch = { + type = "git"; + url = "https://gopkg.in/natefinch/lumberjack.v2"; + rev = "v2.0.0"; + sha256 = "1m2sxypk7p805jvc68padvylyx5v7cwkh5klnnxxr0340kgspf08"; + }; + } + { + goPackagePath = "gopkg.in/square/go-jose.v2"; + fetch = { + type = "git"; + url = "https://gopkg.in/square/go-jose.v2"; + rev = "v2.4.1"; + sha256 = "1y0angxwryishwd1z0q7fp2xwjjhpw70kqh4ml4ly40akfhf1f5a"; + }; + } + { + goPackagePath = "gopkg.in/tomb.v1"; + fetch = { + type = "git"; + url = "https://gopkg.in/tomb.v1"; + rev = "dd632973f1e7"; + sha256 = "1lqmq1ag7s4b3gc3ddvr792c5xb5k6sfn0cchr3i2s7f1c231zjv"; + }; + } + { + goPackagePath = "gopkg.in/yaml.v2"; + fetch = { + type = "git"; + url = "https://gopkg.in/yaml.v2"; + rev = "v2.2.4"; + sha256 = "11bwj757wi8kdrcnlgfqb8vv2d2xdhlghmyagd19i62khrkchsg2"; }; } { - goPackagePath = "gopkg.in/square/go-jose.v2"; + goPackagePath = "honnef.co/go/tools"; fetch = { type = "git"; - url = "https://github.com/square/go-jose"; - rev = "f8f38de21b4dcd69d0413faf231983f5fd6634b1"; - sha256 = "1bjrs3xq3m2ckfds0l4wqf81311ymm9agipmkllbvkadac156dsa"; + url = "https://github.com/dominikh/go-tools"; + rev = "ea95bdfd59fc"; + sha256 = "1763nw7pwpzkvzfnm63dgzcgbq9hwmq5l1nffchnhh77vgkaq4ic"; }; } -] \ No newline at end of file +] diff --git a/pkgs/shells/fish/default.nix b/pkgs/shells/fish/default.nix index 0ea8dce44059..bea56bd8c5a5 100644 --- a/pkgs/shells/fish/default.nix +++ b/pkgs/shells/fish/default.nix @@ -6,7 +6,7 @@ , fetchpatch , writeText - + , nixosTests , useOperatingSystemEtc ? true }: @@ -179,6 +179,7 @@ let passthru = { shellPath = "/bin/fish"; + tests.nixos = nixosTests.fish; }; }; diff --git a/pkgs/shells/oil/default.nix b/pkgs/shells/oil/default.nix index 9e2aa3454d2c..019a66c77eb7 100644 --- a/pkgs/shells/oil/default.nix +++ b/pkgs/shells/oil/default.nix @@ -1,12 +1,12 @@ -{ stdenv, lib, fetchurl, fetchpatch, readline }: +{ stdenv, lib, fetchurl, readline }: stdenv.mkDerivation rec { pname = "oil"; - version = "0.7.0"; + version = "0.8.pre4"; src = fetchurl { url = "https://www.oilshell.org/download/oil-${version}.tar.xz"; - sha256 = "12c9s462879adb6mwd3fqafk0dnqsm16s18rhym6cmzfzy8v8zm3"; + sha256 = "07kj86hrvlz9f1gh3qv4hdaz3qnb4a2qf0dnxhd2r0qilrkjanxh"; }; postPatch = '' diff --git a/pkgs/tools/archivers/p7zip/default.nix b/pkgs/tools/archivers/p7zip/default.nix index f44791ce021b..e41d9a2eb2d5 100644 --- a/pkgs/tools/archivers/p7zip/default.nix +++ b/pkgs/tools/archivers/p7zip/default.nix @@ -24,6 +24,11 @@ stdenv.mkDerivation rec { substituteInPlace makefile.machine \ --replace 'CC=gcc' 'CC=${stdenv.cc.targetPrefix}gcc' \ --replace 'CXX=g++' 'CXX=${stdenv.cc.targetPrefix}g++' + '' + '' + # Remove non-free RAR source code + # (see DOC/License.txt, https://fedoraproject.org/wiki/Licensing:Unrar) + rm -r CPP/7zip/Compress/Rar* + find . -name makefile'*' -exec sed -i '/Rar/d' {} + ''; preConfigure = '' @@ -42,9 +47,9 @@ stdenv.mkDerivation rec { meta = { homepage = "http://p7zip.sourceforge.net/"; description = "A port of the 7-zip archiver"; - # license = stdenv.lib.licenses.lgpl21Plus; + "unRAR restriction" platforms = stdenv.lib.platforms.unix; maintainers = [ stdenv.lib.maintainers.raskin ]; + # RAR code is under non-free UnRAR license, but we remove it license = stdenv.lib.licenses.lgpl2Plus; }; } diff --git a/pkgs/tools/graphics/spirv-cross/default.nix b/pkgs/tools/graphics/spirv-cross/default.nix new file mode 100644 index 000000000000..57b447b1ad79 --- /dev/null +++ b/pkgs/tools/graphics/spirv-cross/default.nix @@ -0,0 +1,23 @@ +{ stdenv, fetchFromGitHub, cmake, python3 }: + +stdenv.mkDerivation rec { + pname = "spirv-cross"; + version = "2020-04-03"; + + src = fetchFromGitHub { + owner = "KhronosGroup"; + repo = "SPIRV-Cross"; + rev = version; + sha256 = "0489s29kqgq20clxqg22y299yxz23p0yjh87yhka705hm9skx4sa"; + }; + + nativeBuildInputs = [ cmake python3 ]; + + meta = with stdenv.lib; { + description = "A tool designed for parsing and converting SPIR-V to other shader languages"; + homepage = "https://github.com/KhronosGroup/SPIRV-Cross"; + platforms = platforms.linux; + license = licenses.asl20; + maintainers = with maintainers; [ Flakebi ]; + }; +} diff --git a/pkgs/tools/networking/cjdns/default.nix b/pkgs/tools/networking/cjdns/default.nix index 452181754b17..9a74344d2936 100644 --- a/pkgs/tools/networking/cjdns/default.nix +++ b/pkgs/tools/networking/cjdns/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchFromGitHub, nodejs, which, python27, utillinux }: +{ stdenv, fetchFromGitHub, nodejs, which, python27, utillinux, nixosTests }: let version = "20.6"; in stdenv.mkDerivation { @@ -29,6 +29,8 @@ stdenv.mkDerivation { cp -R contrib tools node_build node_modules $out/share/cjdns/ ''; + passthru.tests.basic = nixosTests.cjdns; + meta = with stdenv.lib; { homepage = "https://github.com/cjdelisle/cjdns"; description = "Encrypted networking for regular people"; diff --git a/pkgs/tools/networking/yggdrasil/default.nix b/pkgs/tools/networking/yggdrasil/default.nix index 91b080153279..d8c8c429ef98 100644 --- a/pkgs/tools/networking/yggdrasil/default.nix +++ b/pkgs/tools/networking/yggdrasil/default.nix @@ -1,4 +1,4 @@ -{ lib, buildGoModule, fetchFromGitHub }: +{ lib, buildGoModule, fetchFromGitHub, nixosTests }: buildGoModule rec { pname = "yggdrasil"; @@ -27,6 +27,8 @@ buildGoModule rec { -s -w ''; + passthru.tests.basic = nixosTests.yggdrasil; + meta = with lib; { description = "An experiment in scalable routing as an encrypted IPv6 overlay network"; diff --git a/pkgs/tools/system/tre-command/default.nix b/pkgs/tools/system/tre-command/default.nix index 0cbe87ccd377..bc0fa7ea988d 100644 --- a/pkgs/tools/system/tre-command/default.nix +++ b/pkgs/tools/system/tre-command/default.nix @@ -2,7 +2,7 @@ rustPlatform.buildRustPackage rec { pname = "tre"; - version = "0.2.2"; + version = "0.2.3"; src = fetchFromGitHub { owner = "dduan"; @@ -11,7 +11,7 @@ rustPlatform.buildRustPackage rec { sha256 = "1fazw2wn738iknbv54gv7qll7d4q2gy9bq1s3f3cv21cdv6bqral"; }; - cargoSha256 = "1m3ccp5ncafkifg8sxyxczsg3ja1gvq8wmgni68bgzm2lwxh2qgw"; + cargoSha256 = "16bvnwgjf3kj99d77j1pkldbasxfwy55sj9sv9vf2z6llfmzfabd"; meta = with stdenv.lib; { description = "Tree command, improved"; diff --git a/pkgs/tools/typesetting/sile/default.nix b/pkgs/tools/typesetting/sile/default.nix index 5bb4c5b7fb2f..a8969fd45985 100644 --- a/pkgs/tools/typesetting/sile/default.nix +++ b/pkgs/tools/typesetting/sile/default.nix @@ -13,11 +13,11 @@ in stdenv.mkDerivation rec { pname = "sile"; - version = "0.10.3"; + version = "0.10.4"; src = fetchurl { url = "https://github.com/sile-typesetter/sile/releases/download/v${version}/${pname}-${version}.tar.bz2"; - sha256 = "d89d5ce7d2bf46fb062e5299ffd8b5d821dc3cb3462a0e7c1109edeee111d856"; + sha256 = "08j2vv6spnzz8bsh62wbdv1pjiziiba71cadscsy5hw6pklzndni"; }; configureFlags = [ "--with-system-luarocks" ]; diff --git a/pkgs/tools/virtualization/cri-tools/default.nix b/pkgs/tools/virtualization/cri-tools/default.nix index 2aa23f04fe48..8c57fdeed005 100644 --- a/pkgs/tools/virtualization/cri-tools/default.nix +++ b/pkgs/tools/virtualization/cri-tools/default.nix @@ -2,12 +2,12 @@ buildGoPackage rec { pname = "cri-tools"; - version = "1.17.0"; + version = "1.18.0"; src = fetchFromGitHub { owner = "kubernetes-sigs"; repo = pname; rev = "v${version}"; - sha256 = "0h9gry56graif761lmcy91q9fzwvmwb15wcx8245927yfg5j0zgh"; + sha256 = "06sxjhjpd893fn945c1s4adri2bf7s50ddvcw5pnwb6qndzfljw6"; }; goPackagePath = "github.com/kubernetes-sigs/cri-tools"; diff --git a/pkgs/top-level/aliases.nix b/pkgs/top-level/aliases.nix index 4b2b36eb352c..9ad282149aa6 100644 --- a/pkgs/top-level/aliases.nix +++ b/pkgs/top-level/aliases.nix @@ -216,7 +216,6 @@ mapAliases ({ keymon = throw "keymon has been removed from nixpkgs, as it's abandoned and archived."; # 2019-12-10 kvm = qemu_kvm; # added 2018-04-25 latinmodern-math = lmmath; - ldc2 = ldc; # added 2020-04-18 letsencrypt = certbot; # added 2016-05-16 libaudit = audit; # added 2018-04-25 libcanberra_gtk2 = libcanberra-gtk2; # added 2018-02-25 diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 772d302ae1ba..e09819318aa0 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -3991,6 +3991,8 @@ in httplab = callPackage ../tools/networking/httplab { }; + lucky-cli = callPackage ../development/web/lucky-cli { }; + partclone = callPackage ../tools/backup/partclone { }; partimage = callPackage ../tools/backup/partimage { }; @@ -6532,6 +6534,8 @@ in shocco = callPackage ../tools/text/shocco { }; + shopify-themekit = callPackage ../development/web/shopify-themekit { }; + shorewall = callPackage ../tools/networking/shorewall { }; shotwell = callPackage ../applications/graphics/shotwell { }; @@ -8114,9 +8118,7 @@ in crystal crystal2nix; - icr = callPackage ../development/tools/icr { - openssl = openssl_1_0_2; - }; + icr = callPackage ../development/tools/icr { }; scry = callPackage ../development/tools/scry {}; @@ -12222,6 +12224,16 @@ in } // (stdenv.lib.optionalAttrs (stdenv.hostPlatform.isi686 && stdenv.cc.isGNU) { stdenv = gcc6Stdenv; # with gcc-7: undefined reference to `__divmoddi4' })); + icu65 = callPackage ../development/libraries/icu/65.nix ({ + nativeBuildRoot = buildPackages.icu65.override { buildRootOnly = true; }; + } // (stdenv.lib.optionalAttrs (stdenv.hostPlatform.isi686 && stdenv.cc.isGNU) { + stdenv = gcc6Stdenv; # with gcc-7: undefined reference to `__divmoddi4' + })); + icu66 = callPackage ../development/libraries/icu/66.nix ({ + nativeBuildRoot = buildPackages.icu66.override { buildRootOnly = true; }; + } // (stdenv.lib.optionalAttrs (stdenv.hostPlatform.isi686 && stdenv.cc.isGNU) { + stdenv = gcc6Stdenv; # with gcc-7: undefined reference to `__divmoddi4' + })); icu = icu64; @@ -14547,6 +14559,8 @@ in spice-up = callPackage ../applications/office/spice-up { }; + spirv-cross = callPackage ../tools/graphics/spirv-cross { }; + sratom = callPackage ../development/libraries/audio/sratom { }; srm = callPackage ../tools/security/srm { }; diff --git a/pkgs/top-level/python-packages.nix b/pkgs/top-level/python-packages.nix index cb5cbb5375a7..ea246c3f86a5 100644 --- a/pkgs/top-level/python-packages.nix +++ b/pkgs/top-level/python-packages.nix @@ -560,6 +560,8 @@ in { catalogue = callPackage ../development/python-modules/catalogue { }; + cbeams = callPackage ../misc/cbeams { }; + cdecimal = callPackage ../development/python-modules/cdecimal { }; cfn-flip = callPackage ../development/python-modules/cfn-flip { }; @@ -1063,6 +1065,8 @@ in { proglog = callPackage ../development/python-modules/proglog { }; + pulsectl = callPackage ../development/python-modules/pulsectl { }; + pure-python-adb-homeassistant = callPackage ../development/python-modules/pure-python-adb-homeassistant { }; purl = callPackage ../development/python-modules/purl { }; @@ -1463,6 +1467,8 @@ in { shellingham = callPackage ../development/python-modules/shellingham {}; + simpleaudio = callPackage ../development/python-modules/simpleaudio { }; + simpleeval = callPackage ../development/python-modules/simpleeval { }; simple-salesforce = callPackage ../development/python-modules/simple-salesforce { }; @@ -3266,6 +3272,8 @@ in { peewee = callPackage ../development/python-modules/peewee { }; + pyroma = callPackage ../development/python-modules/pyroma { }; + pyroute2 = callPackage ../development/python-modules/pyroute2 { }; pyspf = callPackage ../development/python-modules/pyspf { }; |