diff options
54 files changed, 789 insertions, 141 deletions
diff --git a/nixos/doc/manual/release-notes/rl-2311.section.md b/nixos/doc/manual/release-notes/rl-2311.section.md index 688d7036d458..79b2b3a73feb 100644 --- a/nixos/doc/manual/release-notes/rl-2311.section.md +++ b/nixos/doc/manual/release-notes/rl-2311.section.md @@ -493,3 +493,5 @@ The module update takes care of the new config syntax and the data itself (user - The `electron` packages now places its application files in `$out/libexec/electron` instead of `$out/lib/electron`. Packages using electron-builder will fail to build and need to be adjusted by changing `lib` to `libexec`. - `teleport` has been upgraded from major version 12 to major version 14. Please see upstream [upgrade instructions](https://goteleport.com/docs/management/operations/upgrading/) and release notes for versions [13](https://goteleport.com/docs/changelog/#1300-050823) and [14](https://goteleport.com/docs/changelog/#1400-092023). Note that Teleport does not officially support upgrades across more than one major version at a time. If you're running Teleport server components, it is recommended to first upgrade to an intermediate 13.x version by setting `services.teleport.package = pkgs.teleport_13`. Afterwards, this option can be removed to upgrade to the default version (14). + +- The Linux kernel module `msr` (see [`msr(4)`](https://man7.org/linux/man-pages/man4/msr.4.html)), which provides an interface to read and write the model-specific registers (MSRs) of an x86 CPU, can now be configured via `hardware.cpu.x86.msr`. diff --git a/nixos/modules/hardware/cpu/x86-msr.nix b/nixos/modules/hardware/cpu/x86-msr.nix new file mode 100644 index 000000000000..554bec1b7db1 --- /dev/null +++ b/nixos/modules/hardware/cpu/x86-msr.nix @@ -0,0 +1,91 @@ +{ lib +, config +, options +, ... +}: +let + inherit (builtins) hasAttr; + inherit (lib) mkIf mdDoc; + cfg = config.hardware.cpu.x86.msr; + opt = options.hardware.cpu.x86.msr; + defaultGroup = "msr"; + isDefaultGroup = cfg.group == defaultGroup; + set = "to set for devices of the `msr` kernel subsystem."; + + # Generates `foo=bar` parameters to pass to the kernel. + # If `module = baz` is passed, generates `baz.foo=bar`. + # Adds double quotes on demand to handle `foo="bar baz"`. + kernelParam = { module ? null }: name: value: + assert lib.asserts.assertMsg (!lib.strings.hasInfix "=" name) "kernel parameter cannot have '=' in name"; + let + key = (if module == null then "" else module + ".") + name; + valueString = lib.generators.mkValueStringDefault {} value; + quotedValueString = if lib.strings.hasInfix " " valueString + then lib.strings.escape ["\""] valueString + else valueString; + in "${key}=${quotedValueString}"; + msrKernelParam = kernelParam { module = "msr"; }; +in +{ + options.hardware.cpu.x86.msr = with lib.options; with lib.types; { + enable = mkEnableOption (mdDoc "the `msr` (Model-Specific Registers) kernel module and configure `udev` rules for its devices (usually `/dev/cpu/*/msr`)"); + owner = mkOption { + type = str; + default = "root"; + example = "nobody"; + description = mdDoc "Owner ${set}"; + }; + group = mkOption { + type = str; + default = defaultGroup; + example = "nobody"; + description = mdDoc "Group ${set}"; + }; + mode = mkOption { + type = str; + default = "0640"; + example = "0660"; + description = mdDoc "Mode ${set}"; + }; + settings = mkOption { + type = submodule { + freeformType = attrsOf (oneOf [ bool int str ]); + options.allow-writes = mkOption { + type = nullOr (enum ["on" "off"]); + default = null; + description = "Whether to allow writes to MSRs (`\"on\"`) or not (`\"off\"`)."; + }; + }; + default = {}; + description = "Parameters for the `msr` kernel module."; + }; + }; + + config = mkIf cfg.enable { + assertions = [ + { + assertion = hasAttr cfg.owner config.users.users; + message = "Owner '${cfg.owner}' set in `${opt.owner}` is not configured via `${options.users.users}.\"${cfg.owner}\"`."; + } + { + assertion = isDefaultGroup || (hasAttr cfg.group config.users.groups); + message = "Group '${cfg.group}' set in `${opt.group}` is not configured via `${options.users.groups}.\"${cfg.group}\"`."; + } + ]; + + boot = { + kernelModules = [ "msr" ]; + kernelParams = lib.attrsets.mapAttrsToList msrKernelParam (lib.attrsets.filterAttrs (_: value: value != null) cfg.settings); + }; + + users.groups.${cfg.group} = mkIf isDefaultGroup { }; + + services.udev.extraRules = '' + SUBSYSTEM=="msr", OWNER="${cfg.owner}", GROUP="${cfg.group}", MODE="${cfg.mode}" + ''; + }; + + meta = with lib; { + maintainers = with maintainers; [ lorenzleutgeb ]; + }; +} diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix index 395a638033fe..9b6a3a211270 100644 --- a/nixos/modules/module-list.nix +++ b/nixos/modules/module-list.nix @@ -55,6 +55,7 @@ ./hardware/cpu/amd-sev.nix ./hardware/cpu/intel-microcode.nix ./hardware/cpu/intel-sgx.nix + ./hardware/cpu/x86-msr.nix ./hardware/decklink.nix ./hardware/device-tree.nix ./hardware/digitalbitbox.nix @@ -723,6 +724,7 @@ ./services/misc/ripple-data-api.nix ./services/misc/rippled.nix ./services/misc/rmfakecloud.nix + ./services/misc/rkvm.nix ./services/misc/rshim.nix ./services/misc/safeeyes.nix ./services/misc/sdrplay.nix diff --git a/nixos/modules/security/acme/default.nix b/nixos/modules/security/acme/default.nix index 92bed172f452..f8e17bc71ee1 100644 --- a/nixos/modules/security/acme/default.nix +++ b/nixos/modules/security/acme/default.nix @@ -592,7 +592,7 @@ let description = lib.mdDoc '' Key type to use for private keys. For an up to date list of supported values check the --key-type option - at <https://go-acme.github.io/lego/usage/cli/#usage>. + at <https://go-acme.github.io/lego/usage/cli/options/>. ''; }; diff --git a/nixos/modules/services/hardware/throttled.nix b/nixos/modules/services/hardware/throttled.nix index afca24d976e1..9fa495886119 100644 --- a/nixos/modules/services/hardware/throttled.nix +++ b/nixos/modules/services/hardware/throttled.nix @@ -29,8 +29,7 @@ in { # Kernel 5.9 spams warnings whenever userspace writes to CPU MSRs. # See https://github.com/erpalma/throttled/issues/215 - boot.kernelParams = - optional (versionAtLeast config.boot.kernelPackages.kernel.version "5.9") - "msr.allow_writes=on"; + hardware.cpu.x86.msr.settings.allow-writes = + mkIf (versionAtLeast config.boot.kernelPackages.kernel.version "5.9") "on"; }; } diff --git a/nixos/modules/services/hardware/tlp.nix b/nixos/modules/services/hardware/tlp.nix index cad510e571cb..0b7f98ab6a6d 100644 --- a/nixos/modules/services/hardware/tlp.nix +++ b/nixos/modules/services/hardware/tlp.nix @@ -47,7 +47,7 @@ in ###### implementation config = mkIf cfg.enable { - boot.kernelModules = [ "msr" ]; + hardware.cpu.x86.msr.enable = true; warnings = optional (cfg.extraConfig != "") '' Using config.services.tlp.extraConfig is deprecated and will become unsupported in a future release. Use config.services.tlp.settings instead. diff --git a/nixos/modules/services/hardware/undervolt.nix b/nixos/modules/services/hardware/undervolt.nix index 944777475401..258f09bbab09 100644 --- a/nixos/modules/services/hardware/undervolt.nix +++ b/nixos/modules/services/hardware/undervolt.nix @@ -159,7 +159,7 @@ in }; config = mkIf cfg.enable { - boot.kernelModules = [ "msr" ]; + hardware.cpu.x86.msr.enable = true; environment.systemPackages = [ cfg.package ]; diff --git a/nixos/modules/services/misc/rkvm.nix b/nixos/modules/services/misc/rkvm.nix new file mode 100644 index 000000000000..582e8511ed96 --- /dev/null +++ b/nixos/modules/services/misc/rkvm.nix @@ -0,0 +1,164 @@ +{ options, config, pkgs, lib, ... }: + +with lib; +let + opt = options.services.rkvm; + cfg = config.services.rkvm; + toml = pkgs.formats.toml { }; +in +{ + meta.maintainers = with maintainers; [ ckie ]; + + options.services.rkvm = { + enable = mkOption { + default = cfg.server.enable || cfg.client.enable; + defaultText = literalExpression "config.${opt.server.enable} || config.${opt.client.enable}"; + type = types.bool; + description = mdDoc '' + Whether to enable rkvm, a Virtual KVM switch for Linux machines. + ''; + }; + + package = mkPackageOption pkgs "rkvm" { }; + + server = { + enable = mkEnableOption "the rkvm server daemon (input transmitter)"; + + settings = mkOption { + type = types.submodule + { + freeformType = toml.type; + options = { + listen = mkOption { + type = types.str; + default = "0.0.0.0:5258"; + description = mdDoc '' + An internet socket address to listen on, either IPv4 or IPv6. + ''; + }; + + switch-keys = mkOption { + type = types.listOf types.str; + default = [ "left-alt" "left-ctrl" ]; + description = mdDoc '' + A key list specifying a host switch combination. + + _A list of key names is available in <https://github.com/htrefil/rkvm/blob/master/switch-keys.md>._ + ''; + }; + + certificate = mkOption { + type = types.path; + default = "/etc/rkvm/certificate.pem"; + description = mdDoc '' + TLS certificate path. + + ::: {.note} + This should be generated with {command}`rkvm-certificate-gen`. + ::: + ''; + }; + + key = mkOption { + type = types.path; + default = "/etc/rkvm/key.pem"; + description = mdDoc '' + TLS key path. + + ::: {.note} + This should be generated with {command}`rkvm-certificate-gen`. + ::: + ''; + }; + + password = mkOption { + type = types.str; + description = mdDoc '' + Shared secret token to authenticate the client. + Make sure this matches your client's config. + ''; + }; + }; + }; + + default = { }; + description = mdDoc "Structured server daemon configuration"; + }; + }; + + client = { + enable = mkEnableOption "the rkvm client daemon (input receiver)"; + + settings = mkOption { + type = types.submodule + { + freeformType = toml.type; + options = { + server = mkOption { + type = types.str; + example = "192.168.0.123:5258"; + description = mdDoc '' + An RKVM server's internet socket address, either IPv4 or IPv6. + ''; + }; + + certificate = mkOption { + type = types.path; + default = "/etc/rkvm/certificate.pem"; + description = mdDoc '' + TLS ceritficate path. + + ::: {.note} + This should be generated with {command}`rkvm-certificate-gen`. + ::: + ''; + }; + + password = mkOption { + type = types.str; + description = mdDoc '' + Shared secret token to authenticate the client. + Make sure this matches your server's config. + ''; + }; + }; + }; + + default = {}; + description = mdDoc "Structured client daemon configuration"; + }; + }; + + }; + + config = mkIf cfg.enable { + environment.systemPackages = [ cfg.package ]; + + systemd.services = + let + mkBase = component: { + description = "RKVM ${component}"; + wantedBy = [ "multi-user.target" ]; + after = { + server = [ "network.target" ]; + client = [ "network-online.target" ]; + }.${component}; + wants = { + server = [ ]; + client = [ "network-online.target" ]; + }.${component}; + serviceConfig = { + ExecStart = "${cfg.package}/bin/rkvm-${component} ${toml.generate "rkvm-${component}.toml" cfg.${component}.settings}"; + Restart = "always"; + RestartSec = 5; + Type = "simple"; + }; + }; + in + { + rkvm-server = mkIf cfg.server.enable (mkBase "server"); + rkvm-client = mkIf cfg.client.enable (mkBase "client"); + }; + }; + +} diff --git a/nixos/modules/services/misc/xmrig.nix b/nixos/modules/services/misc/xmrig.nix index d2aa3df45d53..05e63c773205 100644 --- a/nixos/modules/services/misc/xmrig.nix +++ b/nixos/modules/services/misc/xmrig.nix @@ -52,7 +52,7 @@ with lib; }; config = mkIf cfg.enable { - boot.kernelModules = [ "msr" ]; + hardware.cpu.x86.msr.enable = true; systemd.services.xmrig = { wantedBy = [ "multi-user.target" ]; diff --git a/nixos/modules/system/boot/systemd/repart.nix b/nixos/modules/system/boot/systemd/repart.nix index 2431c68ea17b..5ac2ace56ba0 100644 --- a/nixos/modules/system/boot/systemd/repart.nix +++ b/nixos/modules/system/boot/systemd/repart.nix @@ -74,6 +74,15 @@ in }; config = lib.mkIf (cfg.enable || initrdCfg.enable) { + assertions = [ + { + assertion = initrdCfg.enable -> config.boot.initrd.systemd.enable; + message = '' + 'boot.initrd.systemd.repart.enable' requires 'boot.initrd.systemd.enable' to be enabled. + ''; + } + ]; + boot.initrd.systemd = lib.mkIf initrdCfg.enable { additionalUpstreamUnits = [ "systemd-repart.service" diff --git a/nixos/modules/virtualisation/lxc-container.nix b/nixos/modules/virtualisation/lxc-container.nix index c40c7bee1886..1034c699629d 100644 --- a/nixos/modules/virtualisation/lxc-container.nix +++ b/nixos/modules/virtualisation/lxc-container.nix @@ -66,7 +66,7 @@ in { system.build.installBootLoader = pkgs.writeScript "install-lxd-sbin-init.sh" '' #!${pkgs.runtimeShell} - ln -fs "$1/init" /sbin/init + ${pkgs.coreutils}/bin/ln -fs "$1/init" /sbin/init ''; systemd.additionalUpstreamSystemUnits = lib.mkIf cfg.nestedContainer ["systemd-udev-trigger.service"]; diff --git a/nixos/release-combined.nix b/nixos/release-combined.nix index 6c5c98afa4d0..20bcb6802881 100644 --- a/nixos/release-combined.nix +++ b/nixos/release-combined.nix @@ -79,6 +79,7 @@ in rec { (onFullSupported "nixos.tests.firewall") (onFullSupported "nixos.tests.fontconfig-default-fonts") + (onFullSupported "nixos.tests.gitlab") (onFullSupported "nixos.tests.gnome") (onFullSupported "nixos.tests.gnome-xorg") (onSystems ["x86_64-linux"] "nixos.tests.hibernate") diff --git a/nixos/tests/all-tests.nix b/nixos/tests/all-tests.nix index ef98efd7dbca..1c8ee32428ea 100644 --- a/nixos/tests/all-tests.nix +++ b/nixos/tests/all-tests.nix @@ -699,6 +699,7 @@ in { restartByActivationScript = handleTest ./restart-by-activation-script.nix {}; restic = handleTest ./restic.nix {}; retroarch = handleTest ./retroarch.nix {}; + rkvm = handleTest ./rkvm {}; robustirc-bridge = handleTest ./robustirc-bridge.nix {}; roundcube = handleTest ./roundcube.nix {}; rshim = handleTest ./rshim.nix {}; diff --git a/nixos/tests/rkvm/cert.pem b/nixos/tests/rkvm/cert.pem new file mode 100644 index 000000000000..933efe520578 --- /dev/null +++ b/nixos/tests/rkvm/cert.pem @@ -0,0 +1,18 @@ +-----BEGIN CERTIFICATE----- +MIIC3jCCAcagAwIBAgIUWW1hb9xdRtxAhA42jkS89goW9LUwDQYJKoZIhvcNAQEL +BQAwDzENMAsGA1UEAwwEcmt2bTAeFw0yMzA4MjIxOTI1NDlaFw0zMzA4MTkxOTI1 +NDlaMA8xDTALBgNVBAMMBHJrdm0wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK +AoIBAQCuBsh0+LDXN4b2o/PJjzuiZ9Yv9Pz1Oho9WRiXtNIuHTRdBCcht/iu3PGF +ICIX+H3dqQOziGSCTAQGJD2p+1ik8d+boJbpa0oxXuHuomsMAT3mib3GpipQoBLP +KaEbWEsvQbr3RMx8WOtG4dmRQFzSVVtmAXyM0pNyisd4eUCplyIl9gsRJIvsO/0M +OkgOZW9XLfKiAWlZoyXEkBmPAshg3EkwQtmwxPA/NgWbAOW3zJKSChxnnGYiuIIu +R/wJ8OQXHP6boQLQGUhCWBKa1uK1gEBmV3Pj6uK8RzTkQq6/47F5sPa6VfqQYdyl +TCs9bSqHXZjqMBoiSp22uH6+Lh9RAgMBAAGjMjAwMA8GA1UdEQQIMAaHBAoAAAEw +HQYDVR0OBBYEFEh9HEsnY3dfNKVyPWDbwfR0qHopMA0GCSqGSIb3DQEBCwUAA4IB +AQB/r+K20JqegUZ/kepPxIU95YY81aUUoxvLbu4EAgh8o46Fgm75qrTZPg4TaIZa +wtVejekrF+p3QVf0ErUblh/iCjTZPSzCmKHZt8cc9OwTH7bt3bx7heknzLDyIa5z +szAL+6241UggQ5n5NUGn5+xZHA7TMe47xAZPaRMlCQ/tp5pWFjH6WSSQSP5t4Ag9 +ObhY+uudFjmWi3QIBTr3iIscbWx7tD8cjus7PzM7+kszSDRV04xb6Ox8JzW9MKIN +GwgwVgs3zCuyqBmTGnR1og3aMk6VtlyZUYE78uuc+fMBxqoBZ0mykeOp0Tbzgtf7 +gPkYcQ6vonoQhuTXYj/NrY+b +-----END CERTIFICATE----- diff --git a/nixos/tests/rkvm/default.nix b/nixos/tests/rkvm/default.nix new file mode 100644 index 000000000000..22425948d8bf --- /dev/null +++ b/nixos/tests/rkvm/default.nix @@ -0,0 +1,104 @@ +import ../make-test-python.nix ({ pkgs, ... }: +let + # Generated with + # + # nix shell .#rkvm --command "rkvm-certificate-gen --ip-addresses 10.0.0.1 cert.pem key.pem" + # + snakeoil-cert = ./cert.pem; + snakeoil-key = ./key.pem; +in +{ + name = "rkvm"; + + nodes = { + server = { pkgs, ... }: { + imports = [ ../common/user-account.nix ]; + + virtualisation.vlans = [ 1 ]; + + networking = { + useNetworkd = true; + useDHCP = false; + firewall.enable = false; + }; + + systemd.network.networks."01-eth1" = { + name = "eth1"; + networkConfig.Address = "10.0.0.1/24"; + }; + + services.getty.autologinUser = "alice"; + + services.rkvm.server = { + enable = true; + settings = { + certificate = snakeoil-cert; + key = snakeoil-key; + password = "snakeoil"; + switch-keys = [ "left-alt" "right-alt" ]; + }; + }; + }; + + client = { pkgs, ... }: { + imports = [ ../common/user-account.nix ]; + + virtualisation.vlans = [ 1 ]; + + networking = { + useNetworkd = true; + useDHCP = false; + firewall.enable = false; + }; + + systemd.network.networks."01-eth1" = { + name = "eth1"; + networkConfig.Address = "10.0.0.2/24"; + }; + + services.getty.autologinUser = "alice"; + + services.rkvm.client = { + enable = true; + settings = { + server = "10.0.0.1:5258"; + certificate = snakeoil-cert; + key = snakeoil-key; + password = "snakeoil"; + }; + }; + }; + }; + + testScript = '' + server.wait_for_unit("getty@tty1.service") + server.wait_until_succeeds("pgrep -f 'agetty.*tty1'") + server.wait_for_unit("rkvm-server") + server.wait_for_open_port(5258) + + client.wait_for_unit("getty@tty1.service") + client.wait_until_succeeds("pgrep -f 'agetty.*tty1'") + client.wait_for_unit("rkvm-client") + + server.sleep(1) + + # Switch to client + server.send_key("alt-alt_r", delay=0.2) + server.send_chars("echo 'hello client' > /tmp/test.txt\n") + + # Switch to server + server.send_key("alt-alt_r", delay=0.2) + server.send_chars("echo 'hello server' > /tmp/test.txt\n") + + server.sleep(1) + + client.systemctl("stop rkvm-client.service") + server.systemctl("stop rkvm-server.service") + + server_file = server.succeed("cat /tmp/test.txt") + assert server_file.strip() == "hello server" + + client_file = client.succeed("cat /tmp/test.txt") + assert client_file.strip() == "hello client" + ''; +}) diff --git a/nixos/tests/rkvm/key.pem b/nixos/tests/rkvm/key.pem new file mode 100644 index 000000000000..7197decff8d3 --- /dev/null +++ b/nixos/tests/rkvm/key.pem @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCuBsh0+LDXN4b2 +o/PJjzuiZ9Yv9Pz1Oho9WRiXtNIuHTRdBCcht/iu3PGFICIX+H3dqQOziGSCTAQG +JD2p+1ik8d+boJbpa0oxXuHuomsMAT3mib3GpipQoBLPKaEbWEsvQbr3RMx8WOtG +4dmRQFzSVVtmAXyM0pNyisd4eUCplyIl9gsRJIvsO/0MOkgOZW9XLfKiAWlZoyXE +kBmPAshg3EkwQtmwxPA/NgWbAOW3zJKSChxnnGYiuIIuR/wJ8OQXHP6boQLQGUhC +WBKa1uK1gEBmV3Pj6uK8RzTkQq6/47F5sPa6VfqQYdylTCs9bSqHXZjqMBoiSp22 +uH6+Lh9RAgMBAAECggEABo2V1dBu5E51zsAiFCMdypdLZEyUNphvWC5h3oXowONz +pH8ICYfXyEnkma/kk2+ALy0dSRDn6/94dVIUX7Fpx0hJCcoJyhSysK+TJWfIonqX +ffYOMeFG8vicIgs+GFKs/hoPtB5LREbFkUqRj/EoWE6Y3aX3roaCwTZC8vaUk0OK +54gExcNXRwQtFmfM9BiPT76F2J641NVsddgKumrryMi605CgZ57OFfSYEena6T3t +JbQ1TKB3SH1LvSQIspyp56E3bjh8bcwSh72g88YxWZI9yarOesmyU+fXnmVqcBc+ +CiJDX3Te1C2GIkBiH3HZJo4P88aXrkJ7J8nub/812QKBgQDfCHjBy5uWzzbDnqZc +cllIyUqMHq1iY2/btdZQbz83maZhQhH2UL4Zvoa7qgMX7Ou5jn1xpDaMeXNaajGK +Fz66nmqQEUFX1i+2md2J8TeKD37yUJRdlrMiAc+RNp5wiOH9EI18g2m6h/nj3s/P +MdNyxsz+wqOiJT0sZatarKiFhQKBgQDHv+lPy4OPH1MeSv5vmv3Pa41O/CeiPy+T +gi6nEZayVRVog3zF9T6gNIHrZ1fdIppWPiPXv9fmC3s/IVEftLG6YC+MAfigYhiz +Iceoal0iJJ8DglzOhlKgHEnxEwENCz8aJxjpvbxHHcpvgXdBSEVfHvVqDkAFTsvF +JA5YTmqGXQKBgQCL6uqm2S7gq1o12p+PO4VbrjwAL3aiVLNl6Gtsxn2oSdIhDavr +FLhNukMYFA4gwlcXb5au5k/6TG7bd+dgNDj8Jkm/27NcgVgpe9mJojQvfo0rQvXw +yIvUd8JZ3SQEgTsU4X+Bb4eyp39TPwKrfxyh0qnj4QN6w1XfNmELX2nRaQKBgEq6 +a0ik9JTovSnKGKIcM/QTYow4HYO/a8cdnuJ13BDfb+DnwBg3BbTdr/UndmGOfnrh +SHuAk/7GMNePWVApQ4xcS61vV1p5GJB7hLxm/my1kp+3d4z0B5lKvAbqeywsFvFr +yxA3IWbhqEhLARh1Ny684EdLCXxy3Bzmvk8fFw8pAoGAGkt9pJC2wkk9fnJIHq+f +h/WnEO0YrGzYnVA+RyCNKrimRd+GylGHJ/Ev6PRZvMwyGE7RCB+fHVrrEcEJAcxL +SaOg5NA8cwrG+UpTQqi4gt6tCW87afVCyL6dC/E8giJlzI0LY9DnFGoVqYL0qJvm +Sj4SU0fyLsW/csOLd5T+Bf8= +-----END PRIVATE KEY----- diff --git a/pkgs/applications/editors/emacs/elisp-packages/manual-packages/lsp-bridge/default.nix b/pkgs/applications/editors/emacs/elisp-packages/manual-packages/lsp-bridge/default.nix index ae7eb76ee719..2ddd3e0bda3f 100644 --- a/pkgs/applications/editors/emacs/elisp-packages/manual-packages/lsp-bridge/default.nix +++ b/pkgs/applications/editors/emacs/elisp-packages/manual-packages/lsp-bridge/default.nix @@ -5,7 +5,6 @@ , substituteAll , acm , markdown-mode -, posframe , git , go , gopls @@ -17,23 +16,25 @@ }: let - rev = "6f93deb32ebb3799dfedd896a17a0428a9b461bb"; + rev = "0b30d95c6de95b150d93ecee325b95e04ff09e46"; python = python3.withPackages (ps: with ps; [ epc orjson + paramiko + rapidfuzz sexpdata six ]); in melpaBuild { pname = "lsp-bridge"; - version = "20230607.135"; # 1:35 UTC + version = "20231021.309"; # 3:09 UTC src = fetchFromGitHub { owner = "manateelazycat"; repo = "lsp-bridge"; inherit rev; - hash = "sha256-4AKKsU+yuLA9qv6mhYPpjBJ8wrbGPMuzN98JXcVPAHg="; + hash = "sha256-hR7bZh0ElJ8F9ToJ4dkazF19T8PE01MTcxKrjeaEp4o="; }; commit = rev; @@ -50,7 +51,6 @@ melpaBuild { packageRequires = [ acm markdown-mode - posframe ]; checkInputs = [ diff --git a/pkgs/applications/editors/emacs/elisp-packages/manual-packages/lsp-bridge/hardcode-dependencies.patch b/pkgs/applications/editors/emacs/elisp-packages/manual-packages/lsp-bridge/hardcode-dependencies.patch index 765a6c717770..2fa57207ec38 100644 --- a/pkgs/applications/editors/emacs/elisp-packages/manual-packages/lsp-bridge/hardcode-dependencies.patch +++ b/pkgs/applications/editors/emacs/elisp-packages/manual-packages/lsp-bridge/hardcode-dependencies.patch @@ -1,18 +1,24 @@ diff --git a/lsp-bridge.el b/lsp-bridge.el -index 3a7ff0b..ea5e496 100644 +index 278c27e..f0c67c2 100644 --- a/lsp-bridge.el +++ b/lsp-bridge.el -@@ -326,13 +326,7 @@ Setting this to nil or 0 will turn off the indicator." +@@ -340,19 +340,7 @@ Setting this to nil or 0 will turn off the indicator." "Name of LSP-Bridge buffer." :type 'string) -(defcustom lsp-bridge-python-command (cond ((memq system-type '(cygwin windows-nt ms-dos)) -- (if (executable-find "pypy3.exe") -- "pypy3.exe" -- "python3.exe")) -- (t (if (executable-find "pypy3") -- "pypy3" -- "python3"))) +- (cond ((executable-find "pypy3.exe") +- "pypy3.exe") +- ((executable-find "python3.exe") +- "python3.exe") +- ((executable-find "python.exe") +- "python.exe"))) +- (t (cond ((executable-find "pypy3") +- "pypy3") +- ((executable-find "python3") +- "python3") +- ((executable-find "python") +- "python")))) +(defcustom lsp-bridge-python-command "@python@" "The Python interpreter used to run lsp_bridge.py." :type 'string) diff --git a/pkgs/applications/misc/remnote/default.nix b/pkgs/applications/misc/remnote/default.nix index 42d5535f5535..5ffc383f14f8 100644 --- a/pkgs/applications/misc/remnote/default.nix +++ b/pkgs/applications/misc/remnote/default.nix @@ -6,11 +6,11 @@ stdenv.mkDerivation (finalAttrs: let in { pname = "remnote"; - version = "1.12.43"; + version = "1.12.64"; src = fetchurl { url = "https://download.remnote.io/remnote-desktop/RemNote-${version}.AppImage"; - hash = "sha256-3GNp+0ZUZbUcBkE8DbIEDRYlWfG3HDTTS6wK3u42jJg="; + hash = "sha256-Pvz3bBpv4wN2NXxuKNNraCuOqvvtYOyg5PTSwMpL3cw="; }; appexec = appimageTools.wrapType2 { inherit pname version src; diff --git a/pkgs/applications/networking/cluster/terraform-providers/providers.json b/pkgs/applications/networking/cluster/terraform-providers/providers.json index efd18b33da1e..b0c4515b2909 100644 --- a/pkgs/applications/networking/cluster/terraform-providers/providers.json +++ b/pkgs/applications/networking/cluster/terraform-providers/providers.json @@ -961,6 +961,15 @@ "spdx": "Apache-2.0", "vendorHash": "sha256-Tj+NefCIacwpPS9rNPPxV2lLeKsXJMZhf9Xo+Rzz6gI=" }, + "proxmox": { + "hash": "sha256-ikXLLNoAjrnGGGI3fHTKFXm8YwqNazE/U39JTjOBsW4=", + "homepage": "https://registry.terraform.io/providers/Telmate/proxmox", + "owner": "Telmate", + "repo": "terraform-provider-proxmox", + "rev": "v2.9.14", + "spdx": "MIT", + "vendorHash": "sha256-um4iOwYO6ASv9wpu5Jua9anUZBKly4yVgI224Fk2dOM=" + }, "rabbitmq": { "hash": "sha256-ArteHTNNUxgiBJamnR1bJFDrvNnqjbJ6D3mj1XlpVUA=", "homepage": "https://registry.terraform.io/providers/cyrilgdn/rabbitmq", diff --git a/pkgs/applications/networking/mailreaders/thunderbird/packages.nix b/pkgs/applications/networking/mailreaders/thunderbird/packages.nix index c7ec5525681c..6b164969a398 100644 --- a/pkgs/applications/networking/mailreaders/thunderbird/packages.nix +++ b/pkgs/applications/networking/mailreaders/thunderbird/packages.nix @@ -44,13 +44,13 @@ rec { thunderbird-115 = (buildMozillaMach rec { pname = "thunderbird"; - version = "115.3.2"; + version = "115.3.3"; application = "comm/mail"; applicationName = "Mozilla Thunderbird"; binaryName = pname; src = fetchurl { url = "mirror://mozilla/thunderbird/releases/${version}/source/thunderbird-${version}.source.tar.xz"; - sha512 = "e94bdb940327296754324d8fcb055813247a79d377399b84184e0ff80123240d923aa3745c3076d37f06296c8cc49373db2d8e8a6ac4edeaf63cd56ca4652e35"; + sha512 = "631042a3cdbcbae91d93eb71c0d4f6a1122e8bc7000d75fcc7d3cbdd0e82a4b31abac590c75771e77ab08d5700582b6dedacf62ce8e21a91e9ea81aedf1bbeaa"; }; extraPatches = [ # The file to be patched is different from firefox's `no-buildconfig-ffx90.patch`. diff --git a/pkgs/applications/version-management/gh/default.nix b/pkgs/applications/version-management/gh/default.nix index 22edc08e6555..aee1b2dab070 100644 --- a/pkgs/applications/version-management/gh/default.nix +++ b/pkgs/applications/version-management/gh/default.nix @@ -2,16 +2,16 @@ buildGoModule rec { pname = "gh"; - version = "2.36.0"; + version = "2.37.0"; src = fetchFromGitHub { owner = "cli"; repo = "cli"; rev = "v${version}"; - hash = "sha256-ya+Iuhe+vXNqt6mfpZ3h8jq++82AGMj+Zd4ozGFjuqY="; + hash = "sha256-EAvBPUm2U31gzpfyjEPClT1lbBYiITXpdc+T3nUMOeg="; }; - vendorHash = "sha256-tJDn3pyX5iTIa61OQXbErdBprqxu1N2LXqyJtpDQnBE="; + vendorHash = "sha256-G3cpR5S+upk3js5anZHXxcRayTEGMqnBpmtp4HO0pjQ="; nativeBuildInputs = [ installShellFiles ]; diff --git a/pkgs/applications/video/manim/conftest- b/pkgs/applications/video/manim/conftest- new file mode 100644 index 000000000000..e69de29bb2d1 --- /dev/null +++ b/pkgs/applications/video/manim/conftest- diff --git a/pkgs/applications/video/manim/default.nix b/pkgs/applications/video/manim/default.nix index c4443af00dbe..9c7b0edb3bdf 100644 --- a/pkgs/applications/video/manim/default.nix +++ b/pkgs/applications/video/manim/default.nix @@ -68,27 +68,29 @@ let in python.pkgs.buildPythonApplication rec { pname = "manim"; - format = "pyproject"; - version = "0.16.0.post0"; + pyproject = true; + version = "0.17.3"; disabled = python3.pythonOlder "3.8"; src = fetchFromGitHub { owner = "ManimCommunity"; repo = pname; rev = "refs/tags/v${version}"; - sha256 = "sha256-iXiPnI6lTP51P1X3iLp75ArRP66o8WAANBLoStPrz4M="; + sha256 = "sha256-TU/b5nwk5Xc9wmFKAIMeBwC4YBy7HauGeGV9/n4Y64c="; }; nativeBuildInputs = with python.pkgs; [ poetry-core ]; + patches = [ + ./pytest-report-header.patch + ]; + postPatch = '' substituteInPlace pyproject.toml \ --replace "--no-cov-on-fail --cov=manim --cov-report xml --cov-report term" "" \ --replace 'cloup = "^0.13.0"' 'cloup = "*"' \ - --replace 'mapbox-earcut = "^0.12.10"' 'mapbox-earcut = "*"' \ - --replace 'click = ">=7.2<=9.0"' 'click = ">=7.2,<=9.0"' # https://github.com/ManimCommunity/manim/pull/2954 ''; buildInputs = [ cairo ]; @@ -119,6 +121,7 @@ in python.pkgs.buildPythonApplication rec { screeninfo skia-pathops srt + svgelements tqdm watchdog ]; diff --git a/pkgs/applications/video/manim/pytest-report-header.patch b/pkgs/applications/video/manim/pytest-report-header.patch new file mode 100644 index 000000000000..953ede5dde94 --- /dev/null +++ b/pkgs/applications/video/manim/pytest-report-header.patch @@ -0,0 +1,21 @@ +diff --git a/conftest.py b/conftest.py +index da37e19b..d9f850d8 100644 +--- a/conftest.py ++++ b/conftest.py +@@ -32,16 +32,3 @@ def temp_media_dir(tmpdir, monkeypatch, request): + with tempconfig({"media_dir": str(tmpdir)}): + assert config.media_dir == str(tmpdir) + yield tmpdir +- +- +-def pytest_report_header(config): +- ctx = moderngl.create_standalone_context() +- info = ctx.info +- ctx.release() +- return ( +- "\nOpenGL information", +- "------------------", +- f"vendor: {info['GL_VENDOR'].strip()}", +- f"renderer: {info['GL_RENDERER'].strip()}", +- f"version: {info['GL_VERSION'].strip()}\n", +- ) diff --git a/pkgs/applications/video/ustreamer/default.nix b/pkgs/applications/video/ustreamer/default.nix index 59da5b324425..777a1ce0c7f1 100644 --- a/pkgs/applications/video/ustreamer/default.nix +++ b/pkgs/applications/video/ustreamer/default.nix @@ -2,13 +2,13 @@ stdenv.mkDerivation rec { pname = "ustreamer"; - version = "5.41"; + version = "5.42"; src = fetchFromGitHub { owner = "pikvm"; repo = "ustreamer"; rev = "v${version}"; - hash = "sha256-N70wBKiKfOhlAR9qOSkc6dlO44lJXHWiUYb8nwXMKxo="; + hash = "sha256-V4ScXzZwh3fWCWmeGeb1hce+INYBmf3wtemwNch5FjY="; }; buildInputs = [ libbsd libevent libjpeg ]; diff --git a/pkgs/applications/video/vdr/markad/default.nix b/pkgs/applications/video/vdr/markad/default.nix index 3ced362b946d..23f966544e8b 100644 --- a/pkgs/applications/video/vdr/markad/default.nix +++ b/pkgs/applications/video/vdr/markad/default.nix @@ -19,12 +19,12 @@ }: stdenv.mkDerivation rec { pname = "vdr-markad"; - version = "3.3.3"; + version = "3.3.5"; src = fetchFromGitHub { repo = "vdr-plugin-markad"; owner = "kfb77"; - sha256 = "sha256-wU8hfNss0Lxvf9CqFhDAPOxIVaG/9vNR620xpEJkxWI="; + sha256 = "sha256-5D4nlGZfmPaNaLx2PoqLRqlbcukpM6DHpCtqmee+cww="; rev = "V${version}"; }; diff --git a/pkgs/build-support/expand-response-params/default.nix b/pkgs/build-support/expand-response-params/default.nix index 9371b7702362..7ce15e98c8d9 100644 --- a/pkgs/build-support/expand-response-params/default.nix +++ b/pkgs/build-support/expand-response-params/default.nix @@ -1,5 +1,12 @@ { stdenv }: +# A "response file" is a sequence of arguments that is passed via a +# file, rather than via argv[]. + +# For more information see: +# https://gcc.gnu.org/wiki/Response_Files +# https://www.intel.com/content/www/us/en/docs/dpcpp-cpp-compiler/developer-guide-reference/2023-0/use-response-files.html + stdenv.mkDerivation { name = "expand-response-params"; src = ./expand-response-params.c; diff --git a/pkgs/by-name/kc/kconfig-frontends/package.nix b/pkgs/by-name/kc/kconfig-frontends/package.nix new file mode 100644 index 000000000000..954ca475a75d --- /dev/null +++ b/pkgs/by-name/kc/kconfig-frontends/package.nix @@ -0,0 +1,66 @@ +{ lib +, stdenv +, fetchurl +, bash +, bison +, flex +, gperf +, ncurses +, pkg-config +, python3 +}: + +stdenv.mkDerivation (finalAttrs: { + pname = "kconfig-frontends"; + version = "4.11.0.1"; + + src = fetchurl { + url = "https://bitbucket.org/nuttx/tools/downloads/kconfig-frontends-${finalAttrs.version}.tar.bz2"; + hash = "sha256-yxg4z+Lwl7oJyt4n1HUncg1bKeK3FcCpbDPQtqELqxM="; + }; + + patches = [ + # This patch is a fixed file, there is no need to normalize it + (fetchurl { + url = "https://bitbucket.org/nuttx/tools/downloads/gperf3.1_kconfig_id_lookup.patch"; + hash = "sha256-cqAWjRnMA/fJ8wnEfUxoPEW0hIJY/mprE6/TQMY6NPI="; + }) + ]; + + outputs = [ "out" "lib" "dev" "doc" ]; + + nativeBuildInputs = [ + bison + flex + gperf + pkg-config + ]; + + buildInputs = [ + bash + ncurses + python3 + ]; + + strictDeps = true; + + configureFlags = [ + "--enable-frontends=conf,mconf,nconf" + ]; + + env.NIX_CFLAGS_COMPILE = lib.optionalString stdenv.cc.isClang "-Wno-error=format-security"; + + meta = { + description = "Out of Linux tree packaging of the kconfig infrastructure"; + longDescription = '' + Configuration language and system for the Linux kernel and other + projects. Features simple syntax and grammar, limited yet adequate option + types, simple organization of options, and direct and reverse + dependencies. + ''; + homepage = "https://bitbucket.org/nuttx/tools/"; + license = lib.licenses.gpl2Plus; + maintainers = with lib.maintainers; [ AndersonTorres ]; + platforms = lib.platforms.unix; + }; +}) diff --git a/pkgs/by-name/na/namespace-cli/package.nix b/pkgs/by-name/na/namespace-cli/package.nix new file mode 100644 index 000000000000..b7b99c4a58eb --- /dev/null +++ b/pkgs/by-name/na/namespace-cli/package.nix @@ -0,0 +1,35 @@ +{ lib +, fetchFromGitHub +, buildGoModule +}: + +buildGoModule rec { + pname = "namespace-cli"; + version = "0.0.301"; + + src = fetchFromGitHub { + owner = "namespacelabs"; + repo = "foundation"; + rev = "v${version}"; + hash = "sha256-e2le7yIzgb3dReniU7grR814xDWhGgckuyzx4omeRYI="; + }; + + vendorHash = "sha256-jYkEXoCxqlxLF7oRc7H+/pMwkphOEwt2qUFkg+JOKVA="; + + subPackages = ["cmd/nsc" "cmd/ns" "cmd/docker-credential-nsc"]; + + ldflags = [ + "-s" + "-w" + "-X namespacelabs.dev/foundation/internal/cli/version.Tag=v${version}" + ]; + + meta = with lib; { + mainProgram = "nsc"; + maintainers = with maintainers; [ techknowlogick ]; + license = licenses.asl20; + changelog = "https://github.com/namespacelabs/foundation/releases/tag/v${version}"; + homepage = "https://github.com/namespacelabs/foundation"; + description = "A command line interface for the Namespaces platform"; + }; +} diff --git a/pkgs/by-name/ux/uxn/package.nix b/pkgs/by-name/ux/uxn/package.nix index f858733d12b9..a0c13b8ebb36 100644 --- a/pkgs/by-name/ux/uxn/package.nix +++ b/pkgs/by-name/ux/uxn/package.nix @@ -7,13 +7,13 @@ stdenv.mkDerivation (finalAttrs: { pname = "uxn"; - version = "unstable-2023-09-06"; + version = "unstable-2023-09-29"; src = fetchFromSourcehut { owner = "~rabbits"; repo = "uxn"; - rev = "d7f96acb93742744fec32ba667a4b4438dcf90cf"; - hash = "sha256-kaYT61qDSPtpNd0M3IHxR8EzhnsB5uNH075+Xag1Vv8="; + rev = "c71842aa8472f26c0ea7fbf92624659313c038ba"; + hash = "sha256-Lo1AkK81Hv8A0jBfpR4lxlBJcWkh9LttURiXVoibKSs="; }; outputs = [ "out" "projects" ]; diff --git a/pkgs/desktops/mate/libmateweather/default.nix b/pkgs/desktops/mate/libmateweather/default.nix index 5ae845b104f4..b65a91e00442 100644 --- a/pkgs/desktops/mate/libmateweather/default.nix +++ b/pkgs/desktops/mate/libmateweather/default.nix @@ -4,6 +4,7 @@ , pkg-config , gettext , glib +, glib-networking , libxml2 , gtk3 , libsoup @@ -13,11 +14,11 @@ stdenv.mkDerivation rec { pname = "libmateweather"; - version = "1.26.1"; + version = "1.26.2"; src = fetchurl { url = "https://pub.mate-desktop.org/releases/${lib.versions.majorMinor version}/${pname}-${version}.tar.xz"; - sha256 = "wgCZD0uOnU0OLG99MaWHY3TD0qNsa4y1kEQAQ6hg7zo="; + sha256 = "ylCoFYZlXPU6j5Z2a5zpCk0H7Q/hYr1eFdra3QBgx/Y="; }; strictDeps = true; @@ -30,11 +31,16 @@ stdenv.mkDerivation rec { ]; buildInputs = [ - gtk3 libsoup tzdata ]; + propagatedBuildInputs = [ + glib + glib-networking # for obtaining IWIN forecast data + gtk3 + ]; + configureFlags = [ "--with-zoneinfo-dir=${tzdata}/share/zoneinfo" "--enable-locations-compression" diff --git a/pkgs/desktops/mate/mate-indicator-applet/default.nix b/pkgs/desktops/mate/mate-indicator-applet/default.nix index 7d0d1eec009f..b6445151f594 100644 --- a/pkgs/desktops/mate/mate-indicator-applet/default.nix +++ b/pkgs/desktops/mate/mate-indicator-applet/default.nix @@ -4,7 +4,7 @@ , pkg-config , gettext , gtk3 -, libindicator-gtk3 +, libayatana-indicator , mate , hicolor-icon-theme , wrapGAppsHook @@ -20,6 +20,12 @@ stdenv.mkDerivation rec { sha256 = "144fh9f3lag2cqnmb6zxlh8k83ya8kha6rmd7r8gg3z5w3nzpyz4"; }; + postPatch = '' + # Find installed Unity & Ayatana (new-style) indicators + substituteInPlace src/applet-main.c \ + --replace '/usr/share' '/run/current-system/sw/share' + ''; + nativeBuildInputs = [ pkg-config gettext @@ -28,11 +34,13 @@ stdenv.mkDerivation rec { buildInputs = [ gtk3 - libindicator-gtk3 + libayatana-indicator mate.mate-panel hicolor-icon-theme ]; + configureFlags = [ "--with-ayatana-indicators" ]; + enableParallelBuilding = true; passthru.updateScript = mateUpdateScript { inherit pname; }; diff --git a/pkgs/desktops/pantheon/apps/switchboard-plugs/network/default.nix b/pkgs/desktops/pantheon/apps/switchboard-plugs/network/default.nix index 74f5592e8ee6..9024b823542b 100644 --- a/pkgs/desktops/pantheon/apps/switchboard-plugs/network/default.nix +++ b/pkgs/desktops/pantheon/apps/switchboard-plugs/network/default.nix @@ -18,13 +18,13 @@ stdenv.mkDerivation rec { pname = "switchboard-plug-network"; - version = "2.4.4"; + version = "unstable-2023-09-05"; # 2.4.4 does not support networkmanager 1.44 src = fetchFromGitHub { owner = "elementary"; repo = pname; - rev = version; - sha256 = "sha256-g62+DF84eEI+TvUr1OkeqLnCLz/b7e+xwuTNZS0WJQA="; + rev = "3b69132788ff8734a481d498b49207e05a4f7d70"; + hash = "sha256-XWiihU/FK6oeWQWRYsc/IxqafuvwA89ZE3o/WzaxudE="; }; patches = [ diff --git a/pkgs/development/compilers/gcc/common/libgcc-buildstuff.nix b/pkgs/development/compilers/gcc/common/libgcc-buildstuff.nix index e7dc570a560c..fc88e61c6560 100644 --- a/pkgs/development/compilers/gcc/common/libgcc-buildstuff.nix +++ b/pkgs/development/compilers/gcc/common/libgcc-buildstuff.nix @@ -31,7 +31,22 @@ let # SHLIB_LC = lib.optionalString stdenv.targetPlatform.isPower "-mnewlib"; -in '' - echo 'libgcc.a: ${crtstuff-ofiles}' >> libgcc/Makefile.in - echo 'SHLIB_LC=${SHLIB_LC}' >> libgcc/Makefile.in - '' +in +'' + echo 'libgcc.a: ${crtstuff-ofiles}' >> libgcc/Makefile.in + echo 'SHLIB_LC=${SHLIB_LC}' >> libgcc/Makefile.in +'' + + # Meanwhile, crt{i,n}.S are not present on certain platforms + # (e.g. LoongArch64), resulting in the following error: + # + # No rule to make target '../../../gcc-xx.x.x/libgcc/config/loongarch/crti.S', needed by 'crti.o'. Stop. + # + # For LoongArch64, a hacky workaround is to simply touch them, + # as the platform forces .init_array support. + # + # https://www.openwall.com/lists/musl/2022/11/09/3 + # + + lib.optionalString stdenv.targetPlatform.isLoongArch64 '' + touch libgcc/config/loongarch/crt{i,n}.S +'' diff --git a/pkgs/development/python-modules/agate-sql/default.nix b/pkgs/development/python-modules/agate-sql/default.nix index 2b5863d19837..a6c515d1d1cc 100644 --- a/pkgs/development/python-modules/agate-sql/default.nix +++ b/pkgs/development/python-modules/agate-sql/default.nix @@ -11,13 +11,13 @@ buildPythonPackage rec { pname = "agate-sql"; - version = "0.5.9"; + version = "0.7.0"; disabled = isPy27; src = fetchPypi { inherit pname version; - hash = "sha256-MLZCoypbZxFhq++ejsNjUvLniiTOhJBU7axpRti53cY="; + hash = "sha256-uyHkkc3KzuYulOtod9KkHQmszVh2mrrCOLwvQt6JTMk="; }; propagatedBuildInputs = [ agate sqlalchemy ]; @@ -27,8 +27,6 @@ buildPythonPackage rec { pythonImportsCheck = [ "agatesql" ]; meta = with lib; { - # https://github.com/wireservice/agate-sql/commit/74af1badd85408909ea72cb6ca8c0b223d178c6f - broken = lib.versionAtLeast sqlalchemy.version "2.0"; description = "Adds SQL read/write support to agate."; homepage = "https://github.com/wireservice/agate-sql"; license = with licenses; [ mit ]; diff --git a/pkgs/development/python-modules/huggingface-hub/default.nix b/pkgs/development/python-modules/huggingface-hub/default.nix index dd7c1eec6725..aa11d109dbc3 100644 --- a/pkgs/development/python-modules/huggingface-hub/default.nix +++ b/pkgs/development/python-modules/huggingface-hub/default.nix @@ -13,7 +13,7 @@ buildPythonPackage rec { pname = "huggingface-hub"; - version = "0.17.3"; + version = "0.18.0"; format = "setuptools"; disabled = pythonOlder "3.8"; @@ -22,7 +22,7 @@ buildPythonPackage rec { owner = "huggingface"; repo = "huggingface_hub"; rev = "refs/tags/v${version}"; - hash = "sha256-zoZIxp9+4FVPLCiikKussC34rwWBQzWMDlZx9S7NnqQ="; + hash = "sha256-/KbD3TNSbQ9ueXYFLoXnIRIoi/y3l0w72GZ1+JC8ULk="; }; propagatedBuildInputs = [ diff --git a/pkgs/development/python-modules/lxml-stubs/default.nix b/pkgs/development/python-modules/lxml-stubs/default.nix new file mode 100644 index 000000000000..8df03f526896 --- /dev/null +++ b/pkgs/development/python-modules/lxml-stubs/default.nix @@ -0,0 +1,39 @@ +{ lib +, buildPythonPackage +, fetchFromGitHub +, setuptools +, pytestCheckHook +, pytest-mypy-plugins +, lxml +}: + +buildPythonPackage rec { + pname = "lxml-stubs"; + version = "0.4.0"; + pyproject = true; + + src = fetchFromGitHub { + owner = "lxml"; + repo = "lxml-stubs"; + rev = version; + hash = "sha256-RRH/taLtgaXOl0G/ve2Ad7Xy8WRDUG2/k26EFMv1PRM="; + }; + + nativeBuildInputs = [ + setuptools + ]; + propagatedBuildInputs = [ + lxml + ]; + nativeCheckInputs = [ + pytestCheckHook + pytest-mypy-plugins + ]; + + meta = with lib; { + description = "Type stubs for the lxml package"; + homepage = "https://github.com/lxml/lxml-stubs"; + license = licenses.asl20; + maintainers = with maintainers; [ doronbehar ]; + }; +} diff --git a/pkgs/development/python-modules/moderngl_window/default.nix b/pkgs/development/python-modules/moderngl_window/default.nix index 31d76131c2ba..f4e1d6a04de5 100644 --- a/pkgs/development/python-modules/moderngl_window/default.nix +++ b/pkgs/development/python-modules/moderngl_window/default.nix @@ -2,6 +2,7 @@ , stdenv , buildPythonPackage , fetchFromGitHub +, setuptools , glfw , moderngl , numpy @@ -19,18 +20,22 @@ buildPythonPackage rec { pname = "moderngl-window"; - version = "2.4.4"; - format = "setuptools"; + version = "2.4.5"; + pyproject = true; - disabled = pythonOlder "3.7"; + disabled = pythonOlder "3.8"; src = fetchFromGitHub { owner = "moderngl"; repo = "moderngl_window"; rev = "refs/tags/${version}"; - hash = "sha256-mg3j5ZoMwdk39L5xjcoEJo9buqssM1VLJtndSFsuCB0="; + hash = "sha256-OfvIxezeZyuv5LLbe+4o1X2UCGnXT2DNvAF7t2Isw6Y="; }; + nativeBuildInputs = [ + setuptools + ]; + propagatedBuildInputs = [ numpy moderngl @@ -75,6 +80,6 @@ buildPythonPackage rec { license = licenses.mit; maintainers = with maintainers; [ c0deaddict ]; platforms = platforms.mesaPlatforms; - broken = versionAtLeast pillow.version "2" || stdenv.isDarwin; + broken = stdenv.isDarwin; }; } diff --git a/pkgs/development/python-modules/wled/default.nix b/pkgs/development/python-modules/wled/default.nix index 3e9e35edeea8..c1a5f51956d1 100644 --- a/pkgs/development/python-modules/wled/default.nix +++ b/pkgs/development/python-modules/wled/default.nix @@ -15,18 +15,25 @@ buildPythonPackage rec { pname = "wled"; - version = "0.16.0"; + version = "0.17.0"; format = "pyproject"; - disabled = pythonOlder "3.8"; + disabled = pythonOlder "3.11"; src = fetchFromGitHub { owner = "frenck"; repo = "python-wled"; rev = "refs/tags/v${version}"; - hash = "sha256-esINtvctvgl8AqNwCDVnGU+3j/UzEHqY8H1Rws1kQfs="; + hash = "sha256-y32zynkVsn5vWw+BZ6ZRf9zemGOWJMN4yfNQZ0bRpos="; }; + postPatch = '' + # Upstream doesn't set a version for the pyproject.toml + substituteInPlace pyproject.toml \ + --replace "0.0.0" "${version}" \ + --replace "--cov" "" + ''; + nativeBuildInputs = [ poetry-core ]; @@ -45,13 +52,6 @@ buildPythonPackage rec { pytestCheckHook ]; - postPatch = '' - # Upstream doesn't set a version for the pyproject.toml - substituteInPlace pyproject.toml \ - --replace "0.0.0" "${version}" \ - --replace "--cov" "" - ''; - pythonImportsCheck = [ "wled" ]; diff --git a/pkgs/development/tools/misc/kconfig-frontends/default.nix b/pkgs/development/tools/misc/kconfig-frontends/default.nix deleted file mode 100644 index 8b38246d67d5..000000000000 --- a/pkgs/development/tools/misc/kconfig-frontends/default.nix +++ /dev/null @@ -1,36 +0,0 @@ -{ lib, stdenv, fetchurl, pkg-config, bison, flex, gperf, ncurses, python3, bash }: - -stdenv.mkDerivation rec { - pname = "kconfig-frontends"; - version = "4.11.0.1"; - - src = fetchurl { - sha256 = "1xircdw3k7aaz29snf96q2fby1cs48bidz5l1kkj0a5gbivw31i3"; - url = "http://ymorin.is-a-geek.org/download/kconfig-frontends/kconfig-frontends-${version}.tar.xz"; - }; - - nativeBuildInputs = [ bison flex gperf pkg-config ]; - buildInputs = [ bash ncurses python3 ]; - - strictDeps = true; - - configureFlags = [ - "--enable-frontends=conf,mconf,nconf" - ]; - - env.NIX_CFLAGS_COMPILE = lib.optionalString stdenv.cc.isClang "-Wno-error=format-security"; - - meta = with lib; { - description = "Out of Linux tree packaging of the kconfig infrastructure"; - longDescription = '' - Configuration language and system for the Linux kernel and other - projects. Features simple syntax and grammar, limited yet adequate option - types, simple organization of options, and direct and reverse - dependencies. - ''; - homepage = "http://ymorin.is-a-geek.org/projects/kconfig-frontends"; - license = licenses.gpl2; - platforms = platforms.unix; - maintainers = with maintainers; [ mbe ]; - }; -} diff --git a/pkgs/os-specific/darwin/sketchybar/default.nix b/pkgs/os-specific/darwin/sketchybar/default.nix index 8dd2fb77cb98..60eb45558469 100644 --- a/pkgs/os-specific/darwin/sketchybar/default.nix +++ b/pkgs/os-specific/darwin/sketchybar/default.nix @@ -21,13 +21,13 @@ let in stdenv.mkDerivation (finalAttrs: { pname = "sketchybar"; - version = "2.17.0"; + version = "2.17.1"; src = fetchFromGitHub { owner = "FelixKratz"; repo = "SketchyBar"; rev = "v${finalAttrs.version}"; - hash = "sha256-FntWC180wpUyxP5iYdo/p2LbP0dbv1y6CXersfBT5b4="; + hash = "sha256-QilZurp4QkwOo4jbYXMs4SesqyXXsEgF8dDwt/Kv94s="; }; buildInputs = [ diff --git a/pkgs/servers/akkoma/admin-fe/default.nix b/pkgs/servers/akkoma/admin-fe/default.nix index 40c267b00ef6..f1a874b348bb 100644 --- a/pkgs/servers/akkoma/admin-fe/default.nix +++ b/pkgs/servers/akkoma/admin-fe/default.nix @@ -1,7 +1,7 @@ { lib , stdenv , fetchFromGitea, fetchYarnDeps -, fixup_yarn_lock, yarn, nodejs +, prefetch-yarn-deps, yarn, nodejs , python3, pkg-config, libsass }: @@ -25,7 +25,7 @@ stdenv.mkDerivation rec { }; nativeBuildInputs = [ - fixup_yarn_lock + prefetch-yarn-deps yarn nodejs pkg-config @@ -43,7 +43,7 @@ stdenv.mkDerivation rec { export HOME="$(mktemp -d)" yarn config --offline set yarn-offline-mirror ${lib.escapeShellArg offlineCache} - fixup_yarn_lock yarn.lock + fixup-yarn-lock yarn.lock yarn install --offline --frozen-lockfile --ignore-platform --ignore-scripts --no-progress --non-interactive patchShebangs node_modules/cross-env diff --git a/pkgs/servers/akkoma/akkoma-fe/default.nix b/pkgs/servers/akkoma/akkoma-fe/default.nix index 07b4ea245b9e..9024ad98c625 100644 --- a/pkgs/servers/akkoma/akkoma-fe/default.nix +++ b/pkgs/servers/akkoma/akkoma-fe/default.nix @@ -1,7 +1,7 @@ { lib , stdenv , fetchFromGitea, fetchYarnDeps -, fixup_yarn_lock, yarn, nodejs +, prefetch-yarn-deps, yarn, nodejs , jpegoptim, oxipng, nodePackages }: @@ -23,7 +23,7 @@ stdenv.mkDerivation rec { }; nativeBuildInputs = [ - fixup_yarn_lock + prefetch-yarn-deps yarn nodejs jpegoptim @@ -43,7 +43,7 @@ stdenv.mkDerivation rec { export HOME="$(mktemp -d)" yarn config --offline set yarn-offline-mirror ${lib.escapeShellArg offlineCache} - fixup_yarn_lock yarn.lock + fixup-yarn-lock yarn.lock yarn install --offline --frozen-lockfile --ignore-platform --ignore-scripts --no-progress --non-interactive diff --git a/pkgs/servers/dns/knot-dns/default.nix b/pkgs/servers/dns/knot-dns/default.nix index 7582ccdb954d..afba49779c0f 100644 --- a/pkgs/servers/dns/knot-dns/default.nix +++ b/pkgs/servers/dns/knot-dns/default.nix @@ -7,11 +7,11 @@ stdenv.mkDerivation rec { pname = "knot-dns"; - version = "3.3.1"; + version = "3.3.2"; src = fetchurl { url = "https://secure.nic.cz/files/knot-dns/knot-${version}.tar.xz"; - sha256 = "f3f4b1d49ec9b81113b14a38354b823bd4a470356ed7e8e555595b6fd1ac80c9"; + sha256 = "0d65d4b59f5df69b78c6295ade0a2ea7931831de7ef5eeee3e00f8a20af679e4"; }; outputs = [ "bin" "out" "dev" ]; diff --git a/pkgs/servers/web-apps/moodle/default.nix b/pkgs/servers/web-apps/moodle/default.nix index 0ab0d0f7db29..293a0a0c7259 100644 --- a/pkgs/servers/web-apps/moodle/default.nix +++ b/pkgs/servers/web-apps/moodle/default.nix @@ -1,7 +1,7 @@ { lib, stdenv, fetchurl, writeText, plugins ? [ ], nixosTests }: let - version = "4.1.4"; + version = "4.3"; versionParts = lib.take 2 (lib.splitVersion version); # 4.2 -> 402, 3.11 -> 311 @@ -15,7 +15,7 @@ in stdenv.mkDerivation rec { src = fetchurl { url = "https://download.moodle.org/download.php/direct/stable${stableVersion}/${pname}-${version}.tgz"; - hash = "sha256-mfJV5KHOG401N8gHFWYygsRRVnlWyn0SojD1H5KAvPQ="; + hash = "sha256-zLBFUyadpsqGeEhBCPrh3KKWn6f3zCy64YxTBMLIGsk="; }; phpConfig = writeText "config.php" '' diff --git a/pkgs/tools/misc/rkvm/default.nix b/pkgs/tools/misc/rkvm/default.nix new file mode 100644 index 000000000000..688c774209c6 --- /dev/null +++ b/pkgs/tools/misc/rkvm/default.nix @@ -0,0 +1,47 @@ +{ lib +, fetchFromGitHub +, rustPlatform +, pkg-config +, libevdev +, openssl +, makeWrapper +, nixosTests +}: + +rustPlatform.buildRustPackage rec { + pname = "rkvm"; + version = "0.5.1"; + + src = fetchFromGitHub { + owner = "htrefil"; + repo = pname; + rev = version; + hash = "sha256-3IdwBMN+VZBrcoT5vF7pF6xoNWZBn4k/jRJqADlpM7k="; + }; + + cargoHash = "sha256-/SZKJI4gMkike2m8UVzbwfMqj697A8zbJEKAnnbSx3s="; + + nativeBuildInputs = [ pkg-config rustPlatform.bindgenHook makeWrapper ]; + buildInputs = [ libevdev ]; + + postInstall = '' + install -Dm444 -t "$out/lib/systemd/system" systemd/rkvm-*.service + install -Dm444 example/server.toml "$out/etc/rkvm/server.example.toml" + install -Dm444 example/client.toml "$out/etc/rkvm/client.example.toml" + + wrapProgram $out/bin/rkvm-certificate-gen --prefix PATH : ${lib.makeBinPath [ openssl ]} + ''; + + passthru.tests = { + inherit (nixosTests) rkvm; + }; + + meta = with lib; { + description = "Virtual KVM switch for Linux machines"; + homepage = "https://github.com/htrefil/rkvm"; + changelog = "https://github.com/htrefil/rkvm/releases/tag/${version}"; + license = licenses.mit; + platforms = platforms.linux; + maintainers = with maintainers; [ ckie ]; + }; +} diff --git a/pkgs/tools/security/exploitdb/default.nix b/pkgs/tools/security/exploitdb/default.nix index 0762a437dfbe..014b39f87c92 100644 --- a/pkgs/tools/security/exploitdb/default.nix +++ b/pkgs/tools/security/exploitdb/default.nix @@ -6,13 +6,13 @@ stdenv.mkDerivation rec { pname = "exploitdb"; - version = "2023-10-20"; + version = "2023-10-21"; src = fetchFromGitLab { owner = "exploit-database"; repo = pname; rev = "refs/tags/${version}"; - hash = "sha256-v9myewSoa0U/1EjmBejHj7M2iL8k8xNpFzi74IN4dS0="; + hash = "sha256-Un8Wnctd8943JXA9GlKlaR2b6mP8BfcYLHSjxpysg3U="; }; nativeBuildInputs = [ diff --git a/pkgs/tools/security/vault-ssh-plus/default.nix b/pkgs/tools/security/vault-ssh-plus/default.nix index 44be0d6e014d..a1c77e5d0a29 100644 --- a/pkgs/tools/security/vault-ssh-plus/default.nix +++ b/pkgs/tools/security/vault-ssh-plus/default.nix @@ -8,16 +8,16 @@ }: buildGoModule rec { pname = "vault-ssh-plus"; - version = "0.7.2"; + version = "0.7.3"; src = fetchFromGitHub { owner = "isometry"; repo = pname; rev = "v${version}"; - hash = "sha256-t987QIMXrG+p+mmRnVrYnhvsmkqCFe/qe1AEtzKArnY="; + hash = "sha256-IRmFC5WsLmHfPjS/jW5V7dNF5rNvmsh3YKwW7rGII24="; }; - vendorHash = "sha256-VUsy4z1kIK6TDb5RYNwgDsoqjO6bsTNrXVMO7IXkjO4="; + vendorHash = "sha256-cuU7rEpJrwrbiXLajdv4h6GePbpZclweyB9qZ3SIjP0="; nativeBuildInputs = [ makeWrapper ]; diff --git a/pkgs/tools/system/netdata/default.nix b/pkgs/tools/system/netdata/default.nix index 8ca73a4faf8c..aaa597d4c786 100644 --- a/pkgs/tools/system/netdata/default.nix +++ b/pkgs/tools/system/netdata/default.nix @@ -18,7 +18,7 @@ stdenv.mkDerivation rec { # Don't forget to update go.d.plugin.nix as well - version = "1.42.4"; + version = "1.43.0"; pname = "netdata"; src = fetchFromGitHub { @@ -26,8 +26,8 @@ stdenv.mkDerivation rec { repo = "netdata"; rev = "v${version}"; hash = if withCloudUi - then "sha256-MaU9sOQD+Y03M+yoSWt1GuV+DrBlD7+r/Qm2JJ9s8EU=" - else "sha256-41QntBt0MoO1hAsDb8LhHgvvNMzt9R1ZdgiPaR7NrPU="; + then "sha256-hrwuJLO9/K5QT3j8d5RYHcpBHChpKvwajaCoUfikw88=" + else "sha256-+bX6pVpW6N1ms04k63sJg0E9XMOai5K9IjEQPeVCzs8="; fetchSubmodules = true; # Remove v2 dashboard distributed under NCUL1. Make sure an empty diff --git a/pkgs/tools/system/netdata/go.d.plugin.nix b/pkgs/tools/system/netdata/go.d.plugin.nix index 4fcb7a6d43ce..2114374bc61b 100644 --- a/pkgs/tools/system/netdata/go.d.plugin.nix +++ b/pkgs/tools/system/netdata/go.d.plugin.nix @@ -1,17 +1,17 @@ -{ lib, fetchFromGitHub, buildGoModule, nixosTests }: +{ lib, fetchFromGitHub, buildGo121Module, nixosTests }: -buildGoModule rec { +buildGo121Module rec { pname = "netdata-go-plugins"; - version = "0.56.1"; + version = "0.56.3"; src = fetchFromGitHub { owner = "netdata"; repo = "go.d.plugin"; rev = "v${version}"; - hash = "sha256-OA//50j7MWCNyQ85DzSkk0kI8XonBOMpEmsIJ7QLbHY="; + hash = "sha256-T7UB7qrcMTqIFRzBxbXmSqtcEFgZd0/z4EYuH/ydVi4="; }; - vendorHash = "sha256-1ir6paAz4NyJDPivBrHyiTrNwJMJ00Q4/sWBLBnwqPM="; + vendorHash = "sha256-N0p03urHC3d17VQ4TIs7mAemW9ZSpQw20EwwD6lSLLc="; doCheck = false; diff --git a/pkgs/tools/text/vale/default.nix b/pkgs/tools/text/vale/default.nix index 7ac57de731a5..d4ed3ba55a95 100644 --- a/pkgs/tools/text/vale/default.nix +++ b/pkgs/tools/text/vale/default.nix @@ -2,7 +2,7 @@ buildGoModule rec { pname = "vale"; - version = "2.29.1"; + version = "2.29.6"; subPackages = [ "cmd/vale" ]; outputs = [ "out" "data" ]; @@ -11,10 +11,10 @@ buildGoModule rec { owner = "errata-ai"; repo = "vale"; rev = "v${version}"; - hash = "sha256-bvj0K7d23E5QKree+PLfA9AgKFqL6YDtlmh/nEtrPbE="; + hash = "sha256-0btFCTpVB50097yQEggpm1rmm4aciTgfdLAkczQ1mj4="; }; - vendorHash = "sha256-YUazrbTeioRV+L6Ku+oJRJzp16WCLPzlAH6F25TT6Dg="; + vendorHash = "sha256-EbhLz4agDWAlALfBcGUbVNz+teUvgroxzaSN8T19AJY="; postInstall = '' mkdir -p $data/share/vale diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index d5c4d140455a..6e8ae9d5d3e2 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -12787,6 +12787,8 @@ with pkgs; rkflashtool = callPackage ../tools/misc/rkflashtool { }; + rkvm = callPackage ../tools/misc/rkvm { }; + rkrlv2 = callPackage ../applications/audio/rkrlv2 { }; rmlint = callPackage ../tools/misc/rmlint { @@ -19513,10 +19515,6 @@ with pkgs; kcc = libsForQt5.callPackage ../applications/graphics/kcc { }; - kconfig-frontends = callPackage ../development/tools/misc/kconfig-frontends { - gperf = gperf_3_0; - }; - kcgi = callPackage ../development/web/kcgi { }; kcov = callPackage ../development/tools/analysis/kcov { }; diff --git a/pkgs/top-level/python-packages.nix b/pkgs/top-level/python-packages.nix index 3a3215993ec5..2fc131d29f2d 100644 --- a/pkgs/top-level/python-packages.nix +++ b/pkgs/top-level/python-packages.nix @@ -6452,6 +6452,8 @@ self: super: with self; { inherit (pkgs) libxml2 libxslt zlib; }; + lxml-stubs = callPackage ../development/python-modules/lxml-stubs { }; + lyricwikia = callPackage ../development/python-modules/lyricwikia { }; lz4 = callPackage ../development/python-modules/lz4 { }; |