Merge branch 'nixos-unstable-small' of https://github.com/NixOS/nixpkgs

Conflicts:
	nixpkgs/nixos/modules/services/mail/rss2email.nix
	nixpkgs/pkgs/build-support/go/module.nix

5 files changed, 594 insertions, 0 deletions

diff --git a/nixpkgs/pkgs/by-name/fw/fwupd/add-option-for-installation-sysconfdir.patch b/nixpkgs/pkgs/by-name/fw/fwupd/add-option-for-installation-sysconfdir.patch
new file mode 100644
index 000000000000..062532244d3d
--- /dev/null
+++ b/nixpkgs/pkgs/by-name/fw/fwupd/add-option-for-installation-sysconfdir.patch
@@ -0,0 +1,138 @@
+diff --git a/data/bios-settings.d/meson.build b/data/bios-settings.d/meson.build
+index b0ff5b106..13ac380d0 100644
+--- a/data/bios-settings.d/meson.build
++++ b/data/bios-settings.d/meson.build
+@@ -1,5 +1,5 @@
+ if build_standalone and host_machine.system() == 'linux'
+ install_data('README.md',
+-  install_dir: join_paths(sysconfdir, 'fwupd', 'bios-settings.d')
++  install_dir: join_paths(sysconfdir_install, 'fwupd', 'bios-settings.d')
+ )
+ endif
+diff --git a/data/meson.build b/data/meson.build
+index e13da4adf..6858c240f 100644
+--- a/data/meson.build
++++ b/data/meson.build
+@@ -26,7 +26,7 @@ endif
+
+ if build_standalone
+   install_data(['fwupd.conf'],
+-    install_dir: join_paths(sysconfdir, 'fwupd'),
++    install_dir: join_paths(sysconfdir_install, 'fwupd'),
+     install_mode: 'rw-r-----',
+   )
+   plugin_quirks += files([
+diff --git a/data/pki/meson.build b/data/pki/meson.build
+index 3649fecea..c3462744b 100644
+--- a/data/pki/meson.build
++++ b/data/pki/meson.build
+@@ -12,13 +12,13 @@ install_data([
+     'GPG-KEY-Linux-Foundation-Firmware',
+     'GPG-KEY-Linux-Vendor-Firmware-Service',
+   ],
+-  install_dir: join_paths(sysconfdir, 'pki', 'fwupd')
++  install_dir: join_paths(sysconfdir_install, 'pki', 'fwupd')
+ )
+ install_data([
+     'GPG-KEY-Linux-Foundation-Metadata',
+     'GPG-KEY-Linux-Vendor-Firmware-Service',
+   ],
+-  install_dir: join_paths(sysconfdir, 'pki', 'fwupd-metadata')
++  install_dir: join_paths(sysconfdir_install, 'pki', 'fwupd-metadata')
+ )
+ endif
+
+@@ -26,11 +26,11 @@ if supported_pkcs7
+ install_data([
+     'LVFS-CA.pem',
+   ],
+-  install_dir: join_paths(sysconfdir, 'pki', 'fwupd')
++  install_dir: join_paths(sysconfdir_install, 'pki', 'fwupd')
+ )
+ install_data([
+     'LVFS-CA.pem',
+   ],
+-  install_dir: join_paths(sysconfdir, 'pki', 'fwupd-metadata')
++  install_dir: join_paths(sysconfdir_install, 'pki', 'fwupd-metadata')
+ )
+ endif
+diff --git a/data/remotes.d/meson.build b/data/remotes.d/meson.build
+index c20a1a05e..5354bac7f 100644
+--- a/data/remotes.d/meson.build
++++ b/data/remotes.d/meson.build
+@@ -15,14 +15,14 @@ if build_standalone and get_option('lvfs') != 'false'
+     output: 'lvfs.conf',
+     configuration: con3,
+     install: true,
+-    install_dir: join_paths(sysconfdir, 'fwupd', 'remotes.d'),
++    install_dir: join_paths(sysconfdir_install, 'fwupd', 'remotes.d'),
+   )
+   configure_file(
+     input: 'lvfs-testing.conf',
+     output: 'lvfs-testing.conf',
+     configuration: con3,
+     install: true,
+-    install_dir: join_paths(sysconfdir, 'fwupd', 'remotes.d'),
++    install_dir: join_paths(sysconfdir_install, 'fwupd', 'remotes.d'),
+   )
+   i18n.merge_file(
+     input: 'lvfs.metainfo.xml',
+@@ -56,12 +56,12 @@ configure_file(
+   output: 'vendor.conf',
+   configuration: con2,
+   install: get_option('vendor_metadata'),
+-  install_dir: join_paths(sysconfdir, 'fwupd', 'remotes.d'),
++  install_dir: join_paths(sysconfdir_install, 'fwupd', 'remotes.d'),
+ )
+ configure_file(
+   input: 'vendor-directory.conf',
+   output: 'vendor-directory.conf',
+   configuration: con2,
+   install: true,
+-  install_dir: join_paths(sysconfdir, 'fwupd', 'remotes.d'),
++  install_dir: join_paths(sysconfdir_install, 'fwupd', 'remotes.d'),
+ )
+diff --git a/meson.build b/meson.build
+index ca6ccdf92..0a3097d90 100644
+--- a/meson.build
++++ b/meson.build
+@@ -195,6 +195,12 @@ endif
+ mandir = join_paths(prefix, get_option('mandir'))
+ localedir = join_paths(prefix, get_option('localedir'))
+
++if get_option('sysconfdir_install') != ''
++  sysconfdir_install = join_paths(prefix, get_option('sysconfdir_install'))
++else
++  sysconfdir_install = sysconfdir
++endif
++
+ diffcmd = find_program('diff')
+ gio = dependency('gio-2.0', version: '>= 2.68.0')
+ giounix = dependency('gio-unix-2.0', version: '>= 2.68.0', required: false)
+
+diff --git a/meson_options.txt b/meson_options.txt
+index 877891126..986d0ee31 100644
+--- a/meson_options.txt
++++ b/meson_options.txt
+@@ -1,3 +1,8 @@
++option('sysconfdir_install',
++  type: 'string',
++  value: '',
++  description: 'sysconfdir to use during installation'
++)
+ option('build',
+   type: 'combo',
+   choices: [
+diff --git a/plugins/uefi-capsule/meson.build b/plugins/uefi-capsule/meson.build
+index eb196c21e..c9a29f680 100644
+--- a/plugins/uefi-capsule/meson.build
++++ b/plugins/uefi-capsule/meson.build
+@@ -20,7 +20,7 @@ if host_machine.system() == 'linux'
+     output: '35_fwupd',
+     configuration: con2,
+     install: true,
+-    install_dir: join_paths(sysconfdir, 'grub.d')
++    install_dir: join_paths(sysconfdir_install, 'grub.d')
+   )
+ elif host_machine.system() == 'freebsd'
+   backend_srcs += 'fu-uefi-backend-freebsd.c'
diff --git a/nixpkgs/pkgs/by-name/fw/fwupd/efi-app-path.patch b/nixpkgs/pkgs/by-name/fw/fwupd/efi-app-path.patch
new file mode 100644
index 000000000000..f9e65a10e657
--- /dev/null
+++ b/nixpkgs/pkgs/by-name/fw/fwupd/efi-app-path.patch
@@ -0,0 +1,13 @@
+diff --git a/meson.build b/meson.build
+index b18108c74..7e674b4d2 100644
+--- a/meson.build
++++ b/meson.build
+@@ -404,7 +404,7 @@ endif
+
+ # EFI
+ if build_standalone
+-  efi_app_location = join_paths(libexecdir, 'fwupd', 'efi')
++  efi_app_location = join_paths(dependency('fwupd-efi').get_variable(pkgconfig: 'prefix'), 'libexec', 'fwupd', 'efi')
+   conf.set_quoted('EFI_APP_LOCATION', efi_app_location)
+   if host_cpu == 'x86'
+     EFI_MACHINE_TYPE_NAME = 'ia32'
diff --git a/nixpkgs/pkgs/by-name/fw/fwupd/install-fwupdplugin-to-out.patch b/nixpkgs/pkgs/by-name/fw/fwupd/install-fwupdplugin-to-out.patch
new file mode 100644
index 000000000000..e6269ae840bb
--- /dev/null
+++ b/nixpkgs/pkgs/by-name/fw/fwupd/install-fwupdplugin-to-out.patch
@@ -0,0 +1,14 @@
+diff --git a/meson.build b/meson.build
+index 9ae278b66..7cddf1a0d 100644
+--- a/meson.build
++++ b/meson.build
+@@ -507,7 +507,7 @@ if build_standalone
+ if host_machine.system() == 'windows'
+   libdir_pkg = 'fwupd-@0@'.format(fwupd_version)
+ else
+-  libdir_pkg = join_paths(libdir, 'fwupd-@0@'.format(fwupd_version))
++  libdir_pkg = join_paths(prefix, 'lib', 'fwupd-@0@'.format(fwupd_version))
+ endif
+ conf.set_quoted('FWUPD_LIBDIR_PKG', libdir_pkg)
+ endif
+
diff --git a/nixpkgs/pkgs/by-name/fw/fwupd/installed-tests-path.patch b/nixpkgs/pkgs/by-name/fw/fwupd/installed-tests-path.patch
new file mode 100644
index 000000000000..6186ca230535
--- /dev/null
+++ b/nixpkgs/pkgs/by-name/fw/fwupd/installed-tests-path.patch
@@ -0,0 +1,49 @@
+diff --git a/data/installed-tests/meson.build b/data/installed-tests/meson.build
+index dfce86b1c..5e34c4fa6 100644
+--- a/data/installed-tests/meson.build
++++ b/data/installed-tests/meson.build
+@@ -86,5 +86,5 @@ configure_file(
+   output: 'fwupd-tests.conf',
+   configuration: con2,
+   install: true,
+-  install_dir: join_paths(datadir, 'fwupd', 'remotes.d'),
++  install_dir: join_paths(get_option('installed_test_prefix'), 'etc', 'fwupd', 'remotes.d'),
+ )
+diff --git a/meson.build b/meson.build
+index ca6ccdf92..36b1b47b0 100644
+--- a/meson.build
++++ b/meson.build
+@@ -188,8 +188,8 @@ else
+   datadir = join_paths(prefix, get_option('datadir'))
+   sysconfdir = join_paths(prefix, get_option('sysconfdir'))
+   localstatedir = join_paths(prefix, get_option('localstatedir'))
+-  installed_test_bindir = join_paths(libexecdir, 'installed-tests', meson.project_name())
+-  installed_test_datadir = join_paths(datadir, 'installed-tests', meson.project_name())
++  installed_test_bindir = join_paths(get_option('installed_test_prefix'), 'libexec', 'installed-tests', meson.project_name())
++  installed_test_datadir = join_paths(get_option('installed_test_prefix'), 'share', 'installed-tests', meson.project_name())
+   daemon_dir = join_paths(libexecdir, 'fwupd')
+ endif
+ mandir = join_paths(prefix, get_option('mandir'))
+@@ -497,6 +497,7 @@ gnome = import('gnome')
+ i18n = import('i18n')
+ 
+ conf.set_quoted('FWUPD_PREFIX', prefix)
++conf.set_quoted('FWUPD_INSTALLED_TEST_PREFIX', get_option('installed_test_prefix'))
+ conf.set_quoted('FWUPD_BINDIR', bindir)
+ conf.set_quoted('FWUPD_LIBDIR', libdir)
+ conf.set_quoted('FWUPD_LIBEXECDIR', libexecdir)
+diff --git a/meson_options.txt b/meson_options.txt
+index 877891126..bfc5d1afd 100644
+--- a/meson_options.txt
++++ b/meson_options.txt
+@@ -452,6 +452,10 @@ option('elogind',
+     'false': 'disabled',
+   },
+ )
++option('installed_test_prefix',
++  type: 'string',
++  description: 'Prefix for installed tests'
++)
+ option('tests',
+   type: 'boolean',
+   value: true,
diff --git a/nixpkgs/pkgs/by-name/fw/fwupd/package.nix b/nixpkgs/pkgs/by-name/fw/fwupd/package.nix
new file mode 100644
index 000000000000..532ba9bb2537
--- /dev/null
+++ b/nixpkgs/pkgs/by-name/fw/fwupd/package.nix
@@ -0,0 +1,380 @@
+# Updating? Keep $out/etc synchronized with passthru keys
+
+{ stdenv
+, lib
+, fetchFromGitHub
+, gi-docgen
+, pkg-config
+, gobject-introspection
+, gettext
+, libgudev
+, libdrm
+, polkit
+, libxmlb
+, gusb
+, sqlite
+, libarchive
+, libredirect
+, curl
+, libjcat
+, elfutils
+, valgrind
+, meson
+, libuuid
+, ninja
+, gnutls
+, protobufc
+, python3
+, wrapGAppsNoGuiHook
+, ensureNewerSourcesForZipFilesHook
+, json-glib
+, bash-completion
+, shared-mime-info
+, umockdev
+, vala
+, makeFontsConf
+, freefont_ttf
+, pango
+, tpm2-tss
+, bubblewrap
+, efibootmgr
+, flashrom
+, tpm2-tools
+, fwupd-efi
+, nixosTests
+, runCommand
+, unstableGitUpdater
+, modemmanager
+, libqmi
+, libmbim
+, libcbor
+, xz
+, enableFlashrom ? false
+, enablePassim ? false
+}:
+
+let
+  python = python3.withPackages (p: with p; [
+    jinja2
+    pygobject3
+    setuptools
+  ]);
+
+  isx86 = stdenv.hostPlatform.isx86;
+
+  # Dell isn't supported on Aarch64
+  haveDell = isx86;
+
+  # only redfish for x86_64
+  haveRedfish = stdenv.isx86_64;
+
+  # only use msr if x86 (requires cpuid)
+  haveMSR = isx86;
+
+  # # Currently broken on Aarch64
+  # haveFlashrom = isx86;
+  # Experimental
+  haveFlashrom = isx86 && enableFlashrom;
+
+  runPythonCommand =
+    name:
+    buildCommandPython:
+
+    runCommand
+      name
+      {
+        nativeBuildInputs = [ python3 ];
+        inherit buildCommandPython;
+      }
+      ''
+        exec python3 -c "$buildCommandPython"
+      '';
+
+  test-firmware =
+    let
+      version = "unstable-2022-04-02";
+      src = fetchFromGitHub {
+        name = "fwupd-test-firmware-${version}";
+        owner = "fwupd";
+        repo = "fwupd-test-firmware";
+        rev = "39954e434d63e20e85870dd1074818f48a0c08b7";
+        hash = "sha256-d4qG3fKyxkfN91AplRYqARFz+aRr+R37BpE450bPxi0=";
+        passthru = {
+          inherit src version; # For update script
+          updateScript = unstableGitUpdater {
+            url = "${test-firmware.meta.homepage}.git";
+          };
+        };
+      };
+    in
+    src // {
+      meta = src.meta // {
+        # For update script
+        position =
+          let
+            pos = builtins.unsafeGetAttrPos "updateScript" test-firmware;
+          in
+          pos.file + ":" + toString pos.line;
+      };
+    };
+in
+stdenv.mkDerivation (finalAttrs: {
+  pname = "fwupd";
+  version = "1.9.13";
+
+  # libfwupd goes to lib
+  # daemon, plug-ins and libfwupdplugin go to out
+  # CLI programs go to out
+  outputs = [ "out" "lib" "dev" "devdoc" "man" "installedTests" ];
+
+  src = fetchFromGitHub {
+    owner = "fwupd";
+    repo = "fwupd";
+    rev = finalAttrs.version;
+    hash = "sha256-h2e9MFTb777xbNRlzKWXc5GUdu/BHSkJTaogEE5byjo=";
+  };
+
+  patches = [
+    # Since /etc is the domain of NixOS, not Nix,
+    # we cannot install files there.
+    # Let’s install the files to $prefix/etc
+    # while still reading them from /etc.
+    # NixOS module for fwupd will take take care of copying the files appropriately.
+    ./add-option-for-installation-sysconfdir.patch
+
+    # Install plug-ins and libfwupdplugin to $out output,
+    # they are not really part of the library.
+    ./install-fwupdplugin-to-out.patch
+
+    # Installed tests are installed to different output
+    # we also cannot have fwupd-tests.conf in $out/etc since it would form a cycle.
+    ./installed-tests-path.patch
+
+    # EFI capsule is located in fwupd-efi now.
+    ./efi-app-path.patch
+  ];
+
+  nativeBuildInputs = [
+    # required for firmware zipping
+    ensureNewerSourcesForZipFilesHook
+    meson
+    ninja
+    gi-docgen
+    pkg-config
+    gobject-introspection
+    gettext
+    shared-mime-info
+    valgrind
+    gnutls
+    protobufc # for protoc
+    python
+    wrapGAppsNoGuiHook
+    vala
+  ];
+
+  buildInputs = [
+    polkit
+    libxmlb
+    gusb
+    sqlite
+    libarchive
+    libdrm
+    curl
+    elfutils
+    libgudev
+    libjcat
+    libuuid
+    json-glib
+    umockdev
+    bash-completion
+    pango
+    tpm2-tss
+    fwupd-efi
+    protobufc
+    modemmanager
+    libmbim
+    libcbor
+    libqmi
+    xz # for liblzma
+  ] ++ lib.optionals haveFlashrom [
+    flashrom
+  ];
+
+  mesonFlags = [
+    "-Ddocs=enabled"
+    # We are building the official releases.
+    "-Dsupported_build=enabled"
+    "-Dlaunchd=disabled"
+    "-Dudevdir=lib/udev"
+    "-Dsystemd_root_prefix=${placeholder "out"}"
+    "-Dinstalled_test_prefix=${placeholder "installedTests"}"
+    "--localstatedir=/var"
+    "--sysconfdir=/etc"
+    "-Dsysconfdir_install=${placeholder "out"}/etc"
+    "-Defi_os_dir=nixos"
+    "-Dplugin_modem_manager=enabled"
+    "-Dvendor_metadata=true"
+    # We do not want to place the daemon into lib (cyclic reference)
+    "--libexecdir=${placeholder "out"}/libexec"
+  ] ++ lib.optionals (!enablePassim) [
+    "-Dpassim=disabled"
+  ] ++ lib.optionals (!haveDell) [
+    "-Dplugin_synaptics_mst=disabled"
+  ] ++ lib.optionals (!haveRedfish) [
+    "-Dplugin_redfish=disabled"
+  ] ++ lib.optionals (!haveFlashrom) [
+    "-Dplugin_flashrom=disabled"
+  ] ++ lib.optionals (!haveMSR) [
+    "-Dplugin_msr=disabled"
+  ];
+
+  # TODO: wrapGAppsHook wraps efi capsule even though it is not ELF
+  dontWrapGApps = true;
+
+  doCheck = true;
+
+  # Environment variables
+
+  # Fontconfig error: Cannot load default config file
+  FONTCONFIG_FILE =
+    let
+      fontsConf = makeFontsConf {
+        fontDirectories = [ freefont_ttf ];
+      };
+    in
+    fontsConf;
+
+  # error: “PolicyKit files are missing”
+  # https://github.com/NixOS/nixpkgs/pull/67625#issuecomment-525788428
+  PKG_CONFIG_POLKIT_GOBJECT_1_ACTIONDIR = "/run/current-system/sw/share/polkit-1/actions";
+
+  # Phase hooks
+
+  postPatch = ''
+    patchShebangs \
+      contrib/generate-version-script.py \
+      contrib/generate-man.py \
+      po/test-deps
+
+    # tests fail with: Failed to load SMBIOS: neither SMBIOS or DT found
+    sed -i 's/test(.*)//' plugins/lenovo-thinklmi/meson.build
+    sed -i 's/test(.*)//' plugins/mtd/meson.build
+    # fails on amd cpu
+    sed -i 's/test(.*)//' libfwupdplugin/meson.build
+    # in nixos test tries to chmod 0777 $out/share/installed-tests/fwupd/tests/redfish.conf
+    sed -i "s/get_option('tests')/false/" plugins/redfish/meson.build
+
+    # Device tests use device emulation and need to download emulation data from
+    # the internet, which does not work on our test VMs.
+    # It's probably better to disable these tests for NixOS by setting
+    # the device-tests directory to /dev/null.
+    # For more info on device emulation, see:
+    #   https://github.com/fwupd/fwupd/blob/eeeac4e9ba8a6513428b456a551bffd95d533e50/docs/device-emulation.md
+    substituteInPlace data/installed-tests/meson.build \
+      --replace "join_paths(datadir, 'fwupd', 'device-tests')" "'/dev/null'"
+  '';
+
+  preBuild = ''
+    # jcat-tool at buildtime requires a home directory
+    export HOME="$(mktemp -d)"
+  '';
+
+  preCheck = ''
+    addToSearchPath XDG_DATA_DIRS "${shared-mime-info}/share"
+
+    echo "12345678901234567890123456789012" > machine-id
+    export NIX_REDIRECTS=/etc/machine-id=$(realpath machine-id) \
+    LD_PRELOAD=${libredirect}/lib/libredirect.so
+  '';
+
+  postInstall = ''
+    # These files have weird licenses so they are shipped separately.
+    cp --recursive --dereference "${test-firmware}/installed-tests/tests" "$installedTests/libexec/installed-tests/fwupd"
+  '';
+
+  preFixup =
+    let
+      binPath = [
+        efibootmgr
+        bubblewrap
+        tpm2-tools
+      ];
+    in
+    ''
+      gappsWrapperArgs+=(
+        --prefix XDG_DATA_DIRS : "${shared-mime-info}/share"
+        # See programs reached with fu_common_find_program_in_path in source
+        --prefix PATH : "${lib.makeBinPath binPath}"
+      )
+    '';
+
+  postFixup = ''
+    # Since we had to disable wrapGAppsHook, we need to wrap the executables manually.
+    find -L "$out/bin" "$out/libexec" -type f -executable -print0 \
+      | while IFS= read -r -d ''' file; do
+      if [[ "$file" != *.efi ]]; then
+        echo "Wrapping program $file"
+        wrapGApp "$file"
+      fi
+    done
+
+    # Cannot be in postInstall, otherwise _multioutDocs hook in preFixup will move right back.
+    moveToOutput "share/doc" "$devdoc"
+  '';
+
+  separateDebugInfo = true;
+
+  passthru = {
+    filesInstalledToEtc = [
+      "fwupd/bios-settings.d/README.md"
+      "fwupd/fwupd.conf"
+      "fwupd/remotes.d/lvfs-testing.conf"
+      "fwupd/remotes.d/lvfs.conf"
+      "fwupd/remotes.d/vendor.conf"
+      "fwupd/remotes.d/vendor-directory.conf"
+      "pki/fwupd/GPG-KEY-Linux-Foundation-Firmware"
+      "pki/fwupd/GPG-KEY-Linux-Vendor-Firmware-Service"
+      "pki/fwupd/LVFS-CA.pem"
+      "pki/fwupd-metadata/GPG-KEY-Linux-Foundation-Metadata"
+      "pki/fwupd-metadata/GPG-KEY-Linux-Vendor-Firmware-Service"
+      "pki/fwupd-metadata/LVFS-CA.pem"
+      "grub.d/35_fwupd"
+    ];
+
+    # For updating.
+    inherit test-firmware;
+
+    # For downstream consumers that need the fwupd-efi this was built with.
+    inherit fwupd-efi;
+
+    tests =
+      let
+        listToPy = list: "[${lib.concatMapStringsSep ", " (f: "'${f}'") list}]";
+      in
+      {
+        installedTests = nixosTests.installed-tests.fwupd;
+
+        passthruMatches = runPythonCommand "fwupd-test-passthru-matches" ''
+          import itertools
+          import configparser
+          import os
+          import pathlib
+
+          etc = '${finalAttrs.finalPackage}/etc'
+          package_etc = set(itertools.chain.from_iterable([[os.path.relpath(os.path.join(prefix, file), etc) for file in files] for (prefix, dirs, files) in os.walk(etc)]))
+          passthru_etc = set(${listToPy finalAttrs.passthru.filesInstalledToEtc})
+          assert len(package_etc - passthru_etc) == 0, f'fwupd package contains the following paths in /etc that are not listed in passthru.filesInstalledToEtc: {package_etc - passthru_etc}'
+          assert len(passthru_etc - package_etc) == 0, f'fwupd package lists the following paths in passthru.filesInstalledToEtc that are not contained in /etc: {passthru_etc - package_etc}'
+
+          pathlib.Path(os.getenv('out')).touch()
+        '';
+      };
+  };
+
+  meta = with lib; {
+    homepage = "https://fwupd.org/";
+    maintainers = with maintainers; [ rvdp ];
+    license = licenses.lgpl21Plus;
+    platforms = platforms.linux;
+  };
+})