diff options
| author | Tuomas Tynkkynen <tuomas@tuxera.com> | 2018-02-03 02:50:21 +0200 |
|---|---|---|
| committer | Tuomas Tynkkynen <tuomas@tuxera.com> | 2018-02-03 02:50:21 +0200 |
| commit | 10c8e6d0c590d6c83aa2efee7f701983440cca78 (patch) | |
| tree | b79325512b90438381604e1487ce0c1b63771f2f /pkgs/servers | |
| parent | 2fb4606f38deefa76da5d853645739f2faa315de (diff) | |
| parent | c70c9649eaca0409b7104a02193cd81ee8e5103a (diff) | |
| download | nixlib-10c8e6d0c590d6c83aa2efee7f701983440cca78.tar nixlib-10c8e6d0c590d6c83aa2efee7f701983440cca78.tar.gz nixlib-10c8e6d0c590d6c83aa2efee7f701983440cca78.tar.bz2 nixlib-10c8e6d0c590d6c83aa2efee7f701983440cca78.tar.lz nixlib-10c8e6d0c590d6c83aa2efee7f701983440cca78.tar.xz nixlib-10c8e6d0c590d6c83aa2efee7f701983440cca78.tar.zst nixlib-10c8e6d0c590d6c83aa2efee7f701983440cca78.zip | |
Merge remote-tracking branch 'upstream/master' into staging
Diffstat (limited to 'pkgs/servers')
| -rw-r--r-- | pkgs/servers/dns/knot-dns/default.nix | 4 | ||||
| -rw-r--r-- | pkgs/servers/dns/knot-resolver/default.nix | 71 | ||||
| -rw-r--r-- | pkgs/servers/home-assistant/default.nix | 72 | ||||
| -rw-r--r-- | pkgs/servers/home-assistant/frontend.nix | 11 | ||||
| -rw-r--r-- | pkgs/servers/mail/dovecot/default.nix | 12 | ||||
| -rw-r--r-- | pkgs/servers/mail/dovecot/plugins/antispam/default.nix | 34 | ||||
| -rw-r--r-- | pkgs/servers/mail/postfix/default.nix | 2 | ||||
| -rw-r--r-- | pkgs/servers/mpd/clientlib.nix | 5 | ||||
| -rw-r--r-- | pkgs/servers/teleport/default.nix | 41 |
9 files changed, 182 insertions, 70 deletions
diff --git a/pkgs/servers/dns/knot-dns/default.nix b/pkgs/servers/dns/knot-dns/default.nix index d3fffe12da4d..478fcb9aad7b 100644 --- a/pkgs/servers/dns/knot-dns/default.nix +++ b/pkgs/servers/dns/knot-dns/default.nix @@ -7,11 +7,11 @@ let inherit (stdenv.lib) optional optionals; in # Note: ATM only the libraries have been tested in nixpkgs. stdenv.mkDerivation rec { name = "knot-dns-${version}"; - version = "2.6.3"; + version = "2.6.4"; src = fetchurl { url = "http://secure.nic.cz/files/knot-dns/knot-${version}.tar.xz"; - sha256 = "2fb27a4006865fc12873cbadc5b4a870ec65d3293a284972c031522282987790"; + sha256 = "1d0d37b5047ecd554d927519d5565c29c1ba9b501c100eb5f3a5af184d75386a"; }; outputs = [ "bin" "out" "dev" ]; diff --git a/pkgs/servers/dns/knot-resolver/default.nix b/pkgs/servers/dns/knot-resolver/default.nix index 7a5aa8da550a..2ec12b81f84b 100644 --- a/pkgs/servers/dns/knot-resolver/default.nix +++ b/pkgs/servers/dns/knot-resolver/default.nix @@ -1,63 +1,55 @@ -{ stdenv, fetchurl, pkgconfig, hexdump, which +{ stdenv, fetchurl, runCommand, pkgconfig, hexdump, which , knot-dns, luajit, libuv, lmdb, gnutls, nettle , cmocka, systemd, dns-root-data, makeWrapper , extraFeatures ? false /* catch-all if defaults aren't enough */ , hiredis, libmemcached, luajitPackages }: +let # un-indented, over the whole file -let - inherit (stdenv.lib) optional optionals optionalString; -in -stdenv.mkDerivation rec { +result = if extraFeatures then wrapped-full else unwrapped; + +inherit (stdenv.lib) optional optionals optionalString concatStringsSep; + +unwrapped = stdenv.mkDerivation rec { name = "knot-resolver-${version}"; - version = "1.5.3"; + version = "2.0.0"; src = fetchurl { url = "http://secure.nic.cz/files/knot-resolver/${name}.tar.xz"; - sha256 = "03sb05zz6qn966apcprdqhmirkz7kjdbx8hswbvgamk1s2xd7v6f"; + sha256 = "b40d9dbef05031464dfff57712f476e7cddc0fda26b41daf660c5a33ea203ce0"; }; outputs = [ "out" "dev" ]; configurePhase = ":"; - nativeBuildInputs = [ pkgconfig which makeWrapper hexdump ]; + nativeBuildInputs = [ pkgconfig which hexdump ]; # http://knot-resolver.readthedocs.io/en/latest/build.html#requirements buildInputs = [ knot-dns luajit libuv gnutls nettle lmdb ] - ++ optional doInstallCheck cmocka + ++ optional doCheck cmocka ++ optional stdenv.isLinux systemd # sd_notify - ++ optionals extraFeatures [ - hiredis libmemcached # additional cache backends - ]; - ## optional dependencies; TODO: libedit, dnstap, http2 module? + ## optional dependencies; TODO: libedit, dnstap + ; - makeFlags = [ "PREFIX=$(out)" "ROOTHINTS=${dns-root-data}/root.hints" ]; + makeFlags = [ + "PREFIX=$(out)" + "ROOTHINTS=${dns-root-data}/root.hints" + "KEYFILE_DEFAULT=${dns-root-data}/root.ds" + ]; CFLAGS = [ "-O2" "-DNDEBUG" ]; enableParallelBuilding = true; doCheck = true; - doInstallCheck = true; + doInstallCheck = false; # FIXME preInstallCheck = '' patchShebangs tests/config/runtest.sh ''; postInstall = '' - rm "$out"/etc/kresd/root.hints # using system-wide instead - '' - # optional: to allow auto-bootstrapping root trust anchor via https - + (with luajitPackages; '' - wrapProgram "$out/sbin/kresd" \ - --set LUA_PATH '${ - stdenv.lib.concatStringsSep ";" - (map getLuaPath [ luasec luasocket ]) - }' \ - --set LUA_CPATH '${ - stdenv.lib.concatStringsSep ";" - (map getLuaCPath [ luasec luasocket ]) - }' - ''); + rm "$out"/etc/knot-resolver/root.hints # using system-wide instead + ''; meta = with stdenv.lib; { description = "Caching validating DNS resolver, from .cz domain registry"; @@ -67,5 +59,24 @@ stdenv.mkDerivation rec { platforms = filter (p: p != "aarch64-linux") platforms.unix; maintainers = [ maintainers.vcunat /* upstream developer */ ]; }; -} +}; + +wrapped-full = with luajitPackages; let + luaPkgs = [ luasec luasocket ]; # TODO: cqueues and others for http2 module + in runCommand unwrapped.name + { + nativeBuildInputs = [ makeWrapper ]; + preferLocalBuild = true; + allowSubstitutes = false; + } + '' + mkdir -p "$out/sbin" "$out/share" + makeWrapper '${unwrapped}/sbin/kresd' "$out"/sbin/kresd \ + --set LUA_PATH '${concatStringsSep ";" (map getLuaPath luaPkgs)}' \ + --set LUA_CPATH '${concatStringsSep ";" (map getLuaCPath luaPkgs)}' + ln -sr '${unwrapped}/share/man' "$out"/share/ + ln -sr "$out"/{sbin,bin} + ''; + +in result diff --git a/pkgs/servers/home-assistant/default.nix b/pkgs/servers/home-assistant/default.nix new file mode 100644 index 000000000000..9ec314e5c737 --- /dev/null +++ b/pkgs/servers/home-assistant/default.nix @@ -0,0 +1,72 @@ +{ stdenv, fetchFromGitHub, python3 +, extraPackages ? ps: [] +, skipPip ? true }: + +let + + py = python3.override { + packageOverrides = self: super: { + yarl = super.yarl.overridePythonAttrs (oldAttrs: rec { + version = "0.18.0"; + src = oldAttrs.src.override { + inherit version; + sha256 = "11j8symkxh0ngvpddqpj85qmk6p70p20jca3alxc181gk3vx785s"; + }; + }); + aiohttp = super.aiohttp.overridePythonAttrs (oldAttrs: rec { + version = "2.3.7"; + src = oldAttrs.src.override { + inherit version; + sha256 = "0fzfpx5ny7559xrxaawnylq20dvrkjiag0ypcd13frwwivrlsagy"; + }; + }); + hass-frontend = super.callPackage ./frontend.nix { }; + }; + }; + + # Ensure that we are using a consistent package set + extraBuildInputs = extraPackages py.pkgs; + +in with py.pkgs; buildPythonApplication rec { + pname = "homeassistant"; + version = "0.62.1"; + + diabled = !isPy3k; + + # PyPI tarball is missing tests/ directory + src = fetchFromGitHub { + owner = "home-assistant"; + repo = "home-assistant"; + rev = version; + sha256 = "0151prwk2ci6bih0mdmc3r328nrvazn9jwk0w26wmd4cpvnb5h26"; + }; + + propagatedBuildInputs = [ + # From setup.py + requests pyyaml pytz pip jinja2 voluptuous typing aiohttp yarl async-timeout chardet astral certifi + # From the components that are part of the default configuration.yaml + sqlalchemy aiohttp-cors hass-frontend user-agents distro mutagen xmltodict netdisco + ] ++ extraBuildInputs; + + checkInputs = [ + pytest requests-mock pydispatcher pytest-aiohttp + ]; + + checkPhase = '' + # The components' dependencies are not included, so they cannot be tested + py.test --ignore tests/components + # Some basic components should be tested however + py.test \ + tests/components/{group,http} \ + tests/components/test_{api,configurator,demo,discovery,frontend,init,introduction,logger,script,shell_command,system_log,websocket_api}.py + ''; + + makeWrapperArgs = [] ++ stdenv.lib.optional skipPip [ "--add-flags --skip-pip" ]; + + meta = with stdenv.lib; { + homepage = https://home-assistant.io/; + description = "Open-source home automation platform running on Python 3"; + license = licenses.asl20; + maintainers = with maintainers; [ f-breidenstein dotlambda ]; + }; +} diff --git a/pkgs/servers/home-assistant/frontend.nix b/pkgs/servers/home-assistant/frontend.nix new file mode 100644 index 000000000000..6e1a789012f3 --- /dev/null +++ b/pkgs/servers/home-assistant/frontend.nix @@ -0,0 +1,11 @@ +{ stdenv, fetchPypi, buildPythonPackage }: + +buildPythonPackage rec { + pname = "home-assistant-frontend"; + version = "20180130.0"; + + src = fetchPypi { + inherit pname version; + sha256 = "0b9klisl7hh30rml8qlrp9gpz33z9b825pd1vxbck48k0s98z1zi"; + }; +} diff --git a/pkgs/servers/mail/dovecot/default.nix b/pkgs/servers/mail/dovecot/default.nix index e995763a4a2d..6b2adf572175 100644 --- a/pkgs/servers/mail/dovecot/default.nix +++ b/pkgs/servers/mail/dovecot/default.nix @@ -1,4 +1,4 @@ -{ stdenv, lib, fetchurl, perl, pkgconfig, systemd, openssl +{ stdenv, lib, fetchurl, fetchpatch, perl, pkgconfig, systemd, openssl , bzip2, zlib, lz4, inotify-tools, pam, libcap , clucene_core_2, icu, openldap, libsodium, libstemmer # Auth modules @@ -47,6 +47,16 @@ stdenv.mkDerivation rec { # so we can symlink plugins from several packages there. # The symlinking needs to be done in NixOS. ./2.2.x-module_dir.patch + (fetchpatch { + name = "CVE-2017-14132_part1.patch"; + url = https://github.com/dovecot/core/commit/1a29ed2f96da1be22fa5a4d96c7583aa81b8b060.patch; + sha256 = "1pcfzxr8xlwbpa7z19grp7mlvdnan6ln8zw74dj4pdmynmlk4aw9"; + }) + (fetchpatch { + name = "CVE-2017-14132_part2.patch"; + url = https://github.com/dovecot/core/commit/a9b135760aea6d1790d447d351c56b78889dac22.patch; + sha256 = "0082iid5rvjmh003xi9s09jld2rb31hbvni0yai1h1ggbmd5zf8l"; + }) ]; configureFlags = [ diff --git a/pkgs/servers/mail/dovecot/plugins/antispam/default.nix b/pkgs/servers/mail/dovecot/plugins/antispam/default.nix deleted file mode 100644 index 1a1ba1ad4486..000000000000 --- a/pkgs/servers/mail/dovecot/plugins/antispam/default.nix +++ /dev/null @@ -1,34 +0,0 @@ -{ stdenv, fetchhg, autoconf, automake, dovecot, openssl }: - -stdenv.mkDerivation { - name = "dovecot-antispam-20130429"; - - src = fetchhg { - url = "http://hg.dovecot.org/dovecot-antispam-plugin/"; - rev = "5ebc6aae4d7c"; - sha256 = "181i79c9sf3a80mgmycfq1f77z7fpn3j2s0qiddrj16h3yklf4gv"; - }; - - buildInputs = [ dovecot openssl ]; - nativeBuildInputs = [ autoconf automake ]; - - preConfigure = '' - ./autogen.sh - # Ugly hack; any ideas? - sed "s,^dovecot_moduledir=.*,dovecot_moduledir=$out/lib/dovecot," ${dovecot}/lib/dovecot/dovecot-config > dovecot-config - ''; - - configureFlags = [ - "--with-dovecot=." - ]; - - enableParallelBuilding = true; - - meta = with stdenv.lib; { - homepage = http://wiki2.dovecot.org/Plugins/Antispam; - description = "An antispam plugin for the Dovecot IMAP server"; - license = licenses.gpl2; - maintainers = with maintainers; [ abbradar ]; - platforms = platforms.linux; - }; -} diff --git a/pkgs/servers/mail/postfix/default.nix b/pkgs/servers/mail/postfix/default.nix index bf1c16acfeb8..f8b36e816e0e 100644 --- a/pkgs/servers/mail/postfix/default.nix +++ b/pkgs/servers/mail/postfix/default.nix @@ -90,7 +90,7 @@ in stdenv.mkDerivation rec { meta = { homepage = http://www.postfix.org/; description = "A fast, easy to administer, and secure mail server"; - license = lib.licenses.bsdOriginal; + license = with lib.licenses; [ ipl10 epl20 ]; platforms = lib.platforms.linux; maintainers = [ lib.maintainers.rickynils ]; }; diff --git a/pkgs/servers/mpd/clientlib.nix b/pkgs/servers/mpd/clientlib.nix index 269b20dbebba..dab63a5bad83 100644 --- a/pkgs/servers/mpd/clientlib.nix +++ b/pkgs/servers/mpd/clientlib.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchFromGitHub, meson, ninja }: +{ stdenv, fetchFromGitHub, meson, ninja, fixDarwinDylibNames }: stdenv.mkDerivation rec { version = "2.13"; @@ -11,7 +11,8 @@ stdenv.mkDerivation rec { sha256 = "1g1n6rk8kn87mbjqxxj0vi7haj8xx21xmqlzbrx2fvyp5357zvsq"; }; - nativeBuildInputs = [ meson ninja ]; + nativeBuildInputs = [ meson ninja ] + ++ stdenv.lib.optional stdenv.isDarwin fixDarwinDylibNames; meta = with stdenv.lib; { description = "Client library for MPD (music player daemon)"; diff --git a/pkgs/servers/teleport/default.nix b/pkgs/servers/teleport/default.nix new file mode 100644 index 000000000000..0c6a197b1da5 --- /dev/null +++ b/pkgs/servers/teleport/default.nix @@ -0,0 +1,41 @@ +# This file was generated by https://github.com/kamilchm/go2nix v2.0-dev +{ stdenv, buildGoPackage, zip, fetchFromGitHub }: + +buildGoPackage rec { + name = "teleport-${version}"; + version = "2.4.0"; + + # This repo has a private submodule "e" which fetchgit cannot handle without failing. + src = fetchFromGitHub { + owner = "gravitational"; + repo = "teleport"; + rev = "v${version}"; + sha256 = "1x4xnqjyb87pzmn2c59fwmzfx1f2k0xhqn2xgki3722qmj2ss846"; + }; + + goPackagePath = "github.com/gravitational/teleport"; + subPackages = [ "tool/tctl" "tool/teleport" "tool/tsh" ]; + buildInputs = [ zip ]; + postBuild = '' + pushd . + cd $NIX_BUILD_TOP/go/src/github.com/gravitational/teleport + mkdir -p build + echo "making webassets" + make build/webassets.zip + cat build/webassets.zip >> $NIX_BUILD_TOP/go/bin/teleport + rm -fr build/webassets.zip + cd $NIX_BUILD_TOP/go/bin + zip -q -A teleport + popd + ''; + + dontStrip = true; + + meta = { + description = "A SSH CA management suite"; + homepage = "https://gravitational.com/teleport/"; + license = stdenv.lib.licenses.asl20; + maintainers = [ stdenv.lib.maintainers.tomberek ]; + platforms = stdenv.lib.platforms.linux; + }; +} |