gador/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge branch 'master' into current

Browse Source
This commit is contained in:
Florian Brandes
2022-12-23 19:13:30 +01:00
parent 375402b6b5 7b560e9728
commit 2dfd06ed29
41 changed files with 721 additions and 480 deletions
Download Patch File Download Diff File Expand all files Collapse all files

43
nixos/doc/manual/from_md/release-notes/rl-2305.section.xml
View File

@@ -98,6 +98,26 @@
<literal>fetch-ec2-metadata.service</literal> <literal>fetch-ec2-metadata.service</literal>
</para> </para>
</listitem> </listitem>
<listitem>
<para>
<literal>minio</literal> removed support for its legacy
filesystem backend in
<link xlink:href="https://github.com/minio/minio/releases/tag/RELEASE.2022-10-29T06-21-33Z">RELEASE.2022-10-29T06-21-33Z</link>.
This means if your storage was created with the old format,
minio will no longer start. Unfortunately minio doesnt
provide a an automatic migration, they only provide
<link xlink:href="https://min.io/docs/minio/windows/operations/install-deploy-manage/migrate-fs-gateway.html">instructions
how to manually convert the node</link>. To facilitate this
migration we keep around the last version that still supports
the old filesystem backend as
<literal>minio_legacy_fs</literal>. Use it via
<literal>services.minio.package = minio_legacy_fs;</literal>
to export your data before switching to the new version. See
the corresponding
<link xlink:href="https://github.com/NixOS/nixpkgs/issues/199318">issue</link>
for more details.
</para>
</listitem>
<listitem> <listitem>
<para> <para>
<literal>services.sourcehut.dispatch</literal> and the <literal>services.sourcehut.dispatch</literal> and the
@@ -268,6 +288,29 @@
remote <literal>PostgreSQL</literal> database. remote <literal>PostgreSQL</literal> database.
</para> </para>
</listitem> </listitem>
<listitem>
<para>
The module <literal>services.headscale</literal> was
refactored to be compliant with
<link xlink:href="https://github.com/NixOS/rfcs/blob/master/rfcs/0042-config-option.md">RFC
0042</link>. To be precise, this means that the following
things have changed:
</para>
<itemizedlist spacing="compact">
<listitem>
<para>
Most settings has been migrated under
<link linkend="opt-services.headscale.settings">services.headscale.settings</link>
which is an attribute-set that will be converted into
headscales YAML config format. This means that the
configuration from
<link xlink:href="https://github.com/juanfont/headscale/blob/main/config-example.yaml">headscales
example configuration</link> can be directly written as
attribute-set in Nix within this option.
</para>
</listitem>
</itemizedlist>
</listitem>
<listitem> <listitem>
<para> <para>
A new <literal>virtualisation.rosetta</literal> module was A new <literal>virtualisation.rosetta</literal> module was

11
nixos/doc/manual/release-notes/rl-2305.section.md
View File

@@ -35,6 +35,8 @@ In addition to numerous new and upgraded packages, this release has the followin
- The EC2 image module no longer fetches instance metadata in stage-1. This results in a significantly smaller initramfs, since network drivers no longer need to be included, and faster boots, since metadata fetching can happen in parallel with startup of other services. - The EC2 image module no longer fetches instance metadata in stage-1. This results in a significantly smaller initramfs, since network drivers no longer need to be included, and faster boots, since metadata fetching can happen in parallel with startup of other services.
This breaks services which rely on metadata being present by the time stage-2 is entered. Anything which reads EC2 metadata from `/etc/ec2-metadata` should now have an `after` dependency on `fetch-ec2-metadata.service` This breaks services which rely on metadata being present by the time stage-2 is entered. Anything which reads EC2 metadata from `/etc/ec2-metadata` should now have an `after` dependency on `fetch-ec2-metadata.service`
- `minio` removed support for its legacy filesystem backend in [RELEASE.2022-10-29T06-21-33Z](https://github.com/minio/minio/releases/tag/RELEASE.2022-10-29T06-21-33Z). This means if your storage was created with the old format, minio will no longer start. Unfortunately minio doesn't provide a an automatic migration, they only provide [instructions how to manually convert the node](https://min.io/docs/minio/windows/operations/install-deploy-manage/migrate-fs-gateway.html). To facilitate this migration we keep around the last version that still supports the old filesystem backend as `minio_legacy_fs`. Use it via `services.minio.package = minio_legacy_fs;` to export your data before switching to the new version. See the corresponding [issue](https://github.com/NixOS/nixpkgs/issues/199318) for more details.
- `services.sourcehut.dispatch` and the corresponding package (`sourcehut.dispatchsrht`) have been removed due to [upstream deprecation](https://sourcehut.org/blog/2022-08-01-dispatch-deprecation-plans/). - `services.sourcehut.dispatch` and the corresponding package (`sourcehut.dispatchsrht`) have been removed due to [upstream deprecation](https://sourcehut.org/blog/2022-08-01-dispatch-deprecation-plans/).
- The [services.snapserver.openFirewall](#opt-services.snapserver.openFirewall) module option default value has been changed from `true` to `false`. You will need to explicitly set this option to `true`, or configure your firewall. - The [services.snapserver.openFirewall](#opt-services.snapserver.openFirewall) module option default value has been changed from `true` to `false`. You will need to explicitly set this option to `true`, or configure your firewall.
@@ -59,7 +61,7 @@ In addition to numerous new and upgraded packages, this release has the followin
<!-- To avoid merge conflicts, consider adding your item at an arbitrary place in the list instead. --> <!-- To avoid merge conflicts, consider adding your item at an arbitrary place in the list instead. -->
- `vim_configurable` has been renamed to `vim-full` to avoid confusion: `vim-full`'s build-time features are configurable, but both `vim` and `vim-full` are *customizable* (in the sense of user configuration, like vimrc). - `vim_configurable` has been renamed to `vim-full` to avoid confusion: `vim-full`'s build-time features are configurable, but both `vim` and `vim-full` are _customizable_ (in the sense of user configuration, like vimrc).
- The module for the application firewall `opensnitch` got the ability to configure rules. Available as [services.opensnitch.rules](#opt-services.opensnitch.rules) - The module for the application firewall `opensnitch` got the ability to configure rules. Available as [services.opensnitch.rules](#opt-services.opensnitch.rules)
@@ -78,6 +80,13 @@ In addition to numerous new and upgraded packages, this release has the followin
- `mastodon` now supports connection to a remote `PostgreSQL` database. - `mastodon` now supports connection to a remote `PostgreSQL` database.
- The module `services.headscale` was refactored to be compliant with [RFC 0042](https://github.com/NixOS/rfcs/blob/master/rfcs/0042-config-option.md). To be precise, this means that the following things have changed:
- Most settings has been migrated under [services.headscale.settings](#opt-services.headscale.settings) which is an attribute-set that
will be converted into headscale's YAML config format. This means that the configuration from
[headscale's example configuration](https://github.com/juanfont/headscale/blob/main/config-example.yaml)
can be directly written as attribute-set in Nix within this option.
- A new `virtualisation.rosetta` module was added to allow running `x86_64` binaries through [Rosetta](https://developer.apple.com/documentation/apple-silicon/about-the-rosetta-translation-environment) inside virtualised NixOS guests on Apple silicon. This feature works by default with the [UTM](https://docs.getutm.app/) virtualisation [package](https://search.nixos.org/packages?channel=unstable&show=utm&from=0&size=1&sort=relevance&type=packages&query=utm). - A new `virtualisation.rosetta` module was added to allow running `x86_64` binaries through [Rosetta](https://developer.apple.com/documentation/apple-silicon/about-the-rosetta-translation-environment) inside virtualised NixOS guests on Apple silicon. This feature works by default with the [UTM](https://docs.getutm.app/) virtualisation [package](https://search.nixos.org/packages?channel=unstable&show=utm&from=0&size=1&sort=relevance&type=packages&query=utm).
- The new option `users.motdFile` allows configuring a Message Of The Day that can be updated dynamically. - The new option `users.motdFile` allows configuring a Message Of The Day that can be updated dynamically.

1
nixos/modules/module-list.nix
View File

@@ -876,7 +876,6 @@
./services/networking/miredo.nix ./services/networking/miredo.nix
./services/networking/mjpg-streamer.nix ./services/networking/mjpg-streamer.nix
./services/networking/mmsd.nix ./services/networking/mmsd.nix
./services/networking/mosquitto.nix
./services/networking/monero.nix ./services/networking/monero.nix
./services/networking/morty.nix ./services/networking/morty.nix
./services/networking/mosquitto.nix ./services/networking/mosquitto.nix

2
nixos/modules/services/misc/nitter.nix
View File

@@ -47,7 +47,7 @@ in
{ {
options = { options = {
services.nitter = { services.nitter = {
enable = mkEnableOption (lib.mdDoc "If enabled, start Nitter."); enable = mkEnableOption (lib.mdDoc "Nitter");
package = mkOption { package = mkOption {
default = pkgs.nitter; default = pkgs.nitter;

251
nixos/modules/services/networking/headscale.nix
View File

@@ -1,6 +1,10 @@
{ config, lib, pkgs, ... }: {
with lib; config,
let lib,
pkgs,
...
}:
with lib; let
cfg = config.services.headscale; cfg = config.services.headscale;
dataDir = "/var/lib/headscale"; dataDir = "/var/lib/headscale";
@@ -8,8 +12,7 @@ let
settingsFormat = pkgs.formats.yaml {}; settingsFormat = pkgs.formats.yaml {};
configFile = settingsFormat.generate "headscale.yaml" cfg.settings; configFile = settingsFormat.generate "headscale.yaml" cfg.settings;
in in {
{
options = { options = {
services.headscale = { services.headscale = {
enable = mkEnableOption (lib.mdDoc "headscale, Open Source coordination server for Tailscale"); enable = mkEnableOption (lib.mdDoc "headscale, Open Source coordination server for Tailscale");
@@ -51,15 +54,6 @@ in
''; '';
}; };
serverUrl = mkOption {
type = types.str;
default = "http://127.0.0.1:8080";
description = lib.mdDoc ''
The url clients will connect to.
'';
example = "https://myheadscale.example.com:443";
};
address = mkOption { address = mkOption {
type = types.str; type = types.str;
default = "127.0.0.1"; default = "127.0.0.1";
@@ -78,7 +72,26 @@ in
example = 443; example = 443;
}; };
privateKeyFile = mkOption { settings = mkOption {
description = lib.mdDoc ''
Overrides to {file}`config.yaml` as a Nix attribute set.
Check the [example config](https://github.com/juanfont/headscale/blob/main/config-example.yaml)
for possible options.
'';
type = types.submodule {
freeformType = settingsFormat.type;
options = {
server_url = mkOption {
type = types.str;
default = "http://127.0.0.1:8080";
description = lib.mdDoc ''
The url clients will connect to.
'';
example = "https://myheadscale.example.com:443";
};
private_key_path = mkOption {
type = types.path; type = types.path;
default = "${dataDir}/private.key"; default = "${dataDir}/private.key";
description = lib.mdDoc '' description = lib.mdDoc ''
@@ -86,6 +99,14 @@ in
''; '';
}; };
noise.private_key_path = mkOption {
type = types.path;
default = "${dataDir}/noise_private.key";
description = lib.mdDoc ''
Path to noise private key file, generated automatically if it does not exist.
'';
};
derp = { derp = {
urls = mkOption { urls = mkOption {
type = types.listOf types.str; type = types.listOf types.str;
@@ -105,8 +126,7 @@ in
''; '';
}; };
auto_update_enable = mkOption {
autoUpdate = mkOption {
type = types.bool; type = types.bool;
default = true; default = true;
description = lib.mdDoc '' description = lib.mdDoc ''
@@ -115,7 +135,7 @@ in
example = false; example = false;
}; };
updateFrequency = mkOption { update_frequency = mkOption {
type = types.str; type = types.str;
default = "24h"; default = "24h";
description = lib.mdDoc '' description = lib.mdDoc ''
@@ -123,10 +143,9 @@ in
''; '';
example = "5m"; example = "5m";
}; };
}; };
ephemeralNodeInactivityTimeout = mkOption { ephemeral_node_inactivity_timeout = mkOption {
type = types.str; type = types.str;
default = "30m"; default = "30m";
description = lib.mdDoc '' description = lib.mdDoc ''
@@ -135,43 +154,42 @@ in
example = "5m"; example = "5m";
}; };
database = { db_type = mkOption {
type = mkOption {
type = types.enum ["sqlite3" "postgres"]; type = types.enum ["sqlite3" "postgres"];
example = "postgres"; example = "postgres";
default = "sqlite3"; default = "sqlite3";
description = lib.mdDoc "Database engine to use."; description = lib.mdDoc "Database engine to use.";
}; };
host = mkOption { db_host = mkOption {
type = types.nullOr types.str; type = types.nullOr types.str;
default = null; default = null;
example = "127.0.0.1"; example = "127.0.0.1";
description = lib.mdDoc "Database host address."; description = lib.mdDoc "Database host address.";
}; };
port = mkOption { db_port = mkOption {
type = types.nullOr types.port; type = types.nullOr types.port;
default = null; default = null;
example = 3306; example = 3306;
description = lib.mdDoc "Database host port."; description = lib.mdDoc "Database host port.";
}; };
name = mkOption { db_name = mkOption {
type = types.nullOr types.str; type = types.nullOr types.str;
default = null; default = null;
example = "headscale"; example = "headscale";
description = lib.mdDoc "Database name."; description = lib.mdDoc "Database name.";
}; };
user = mkOption { db_user = mkOption {
type = types.nullOr types.str; type = types.nullOr types.str;
default = null; default = null;
example = "headscale"; example = "headscale";
description = lib.mdDoc "Database user."; description = lib.mdDoc "Database user.";
}; };
passwordFile = mkOption { db_password_file = mkOption {
type = types.nullOr types.path; type = types.nullOr types.path;
default = null; default = null;
example = "/run/keys/headscale-dbpassword"; example = "/run/keys/headscale-dbpassword";
@@ -181,14 +199,13 @@ in
''; '';
}; };
path = mkOption { db_path = mkOption {
type = types.nullOr types.str; type = types.nullOr types.str;
default = "${dataDir}/db.sqlite"; default = "${dataDir}/db.sqlite";
description = lib.mdDoc "Path to the sqlite3 database file."; description = lib.mdDoc "Path to the sqlite3 database file.";
}; };
};
logLevel = mkOption { log.level = mkOption {
type = types.str; type = types.str;
default = "info"; default = "info";
description = lib.mdDoc '' description = lib.mdDoc ''
@@ -197,7 +214,16 @@ in
example = "debug"; example = "debug";
}; };
dns = { log.format = mkOption {
type = types.str;
default = "text";
description = lib.mdDoc ''
headscale log format.
'';
example = "json";
};
dns_config = {
nameservers = mkOption { nameservers = mkOption {
type = types.listOf types.str; type = types.listOf types.str;
default = ["1.1.1.1"]; default = ["1.1.1.1"];
@@ -206,6 +232,15 @@ in
''; '';
}; };
override_local_dns = mkOption {
type = types.bool;
default = false;
description = lib.mdDoc ''
Whether to use [Override local DNS](https://tailscale.com/kb/1054/dns/).
'';
example = true;
};
domains = mkOption { domains = mkOption {
type = types.listOf types.str; type = types.listOf types.str;
default = []; default = [];
@@ -215,7 +250,7 @@ in
example = ["mydomain.internal"]; example = ["mydomain.internal"];
}; };
magicDns = mkOption { magic_dns = mkOption {
type = types.bool; type = types.bool;
default = true; default = true;
description = lib.mdDoc '' description = lib.mdDoc ''
@@ -225,7 +260,7 @@ in
example = false; example = false;
}; };
baseDomain = mkOption { base_domain = mkOption {
type = types.str; type = types.str;
default = ""; default = "";
description = lib.mdDoc '' description = lib.mdDoc ''
@@ -238,7 +273,7 @@ in
}; };
}; };
openIdConnect = { oidc = {
issuer = mkOption { issuer = mkOption {
type = types.str; type = types.str;
default = ""; default = "";
@@ -248,7 +283,7 @@ in
example = "https://openid.example.com"; example = "https://openid.example.com";
}; };
clientId = mkOption { client_id = mkOption {
type = types.str; type = types.str;
default = ""; default = "";
description = lib.mdDoc '' description = lib.mdDoc ''
@@ -256,7 +291,7 @@ in
''; '';
}; };
clientSecretFile = mkOption { client_secret_file = mkOption {
type = types.nullOr types.path; type = types.nullOr types.path;
default = null; default = null;
description = lib.mdDoc '' description = lib.mdDoc ''
@@ -264,30 +299,28 @@ in
''; '';
}; };
domainMap = mkOption { domain_map = mkOption {
type = types.attrsOf types.str; type = types.attrsOf types.str;
default = {}; default = {};
description = lib.mdDoc '' description = lib.mdDoc ''
Domain map is used to map incoming users (by their email) to Domain map is used to map incomming users (by their email) to
a namespace. The key can be a string, or regex. a namespace. The key can be a string, or regex.
''; '';
example = { example = {
".*" = "default-namespace"; ".*" = "default-namespace";
}; };
}; };
}; };
tls = { tls_letsencrypt_hostname = mkOption {
letsencrypt = {
hostname = mkOption {
type = types.nullOr types.str; type = types.nullOr types.str;
default = ""; default = "";
description = lib.mdDoc '' description = lib.mdDoc ''
Domain name to request a TLS certificate for. Domain name to request a TLS certificate for.
''; '';
}; };
challengeType = mkOption {
tls_letsencrypt_challenge_type = mkOption {
type = types.enum ["TLS-ALPN-01" "HTTP-01"]; type = types.enum ["TLS-ALPN-01" "HTTP-01"];
default = "HTTP-01"; default = "HTTP-01";
description = lib.mdDoc '' description = lib.mdDoc ''
@@ -295,7 +328,8 @@ in
`HTTP-01` or `TLS-ALPN-01`. `HTTP-01` or `TLS-ALPN-01`.
''; '';
}; };
httpListen = mkOption {
tls_letsencrypt_listen = mkOption {
type = types.nullOr types.str; type = types.nullOr types.str;
default = ":http"; default = ":http";
description = lib.mdDoc '' description = lib.mdDoc ''
@@ -304,111 +338,80 @@ in
`:http = port 80`. `:http = port 80`.
''; '';
}; };
};
certFile = mkOption { tls_cert_path = mkOption {
type = types.nullOr types.path; type = types.nullOr types.path;
default = null; default = null;
description = lib.mdDoc '' description = lib.mdDoc ''
Path to already created certificate. Path to already created certificate.
''; '';
}; };
keyFile = mkOption {
tls_key_path = mkOption {
type = types.nullOr types.path; type = types.nullOr types.path;
default = null; default = null;
description = lib.mdDoc '' description = lib.mdDoc ''
Path to key for already created certificate. Path to key for already created certificate.
''; '';
}; };
};
aclPolicyFile = mkOption { acl_policy_path = mkOption {
type = types.nullOr types.path; type = types.nullOr types.path;
default = null; default = null;
description = lib.mdDoc '' description = lib.mdDoc ''
Path to a file containing ACL policies. Path to a file containg ACL policies.
''; '';
}; };
};
settings = mkOption { };
type = settingsFormat.type; };
default = { }; };
description = lib.mdDoc ''
Overrides to {file}`config.yaml` as a Nix attribute set.
This option is ideal for overriding settings not exposed as Nix options.
Check the [example config](https://github.com/juanfont/headscale/blob/main/config-example.yaml)
for possible options.
'';
}; };
imports = [
# TODO address + port = listen_addr
(mkRenamedOptionModule ["services" "headscale" "serverUrl"] ["services" "headscale" "settings" "server_url"])
(mkRenamedOptionModule ["services" "headscale" "privateKeyFile"] ["services" "headscale" "settings" "private_key_path"])
(mkRenamedOptionModule ["services" "headscale" "derp" "urls"] ["services" "headscale" "settings" "derp" "urls"])
(mkRenamedOptionModule ["services" "headscale" "derp" "paths"] ["services" "headscale" "settings" "derp" "paths"])
(mkRenamedOptionModule ["services" "headscale" "derp" "autoUpdate"] ["services" "headscale" "settings" "derp" "auto_update_enable"])
(mkRenamedOptionModule ["services" "headscale" "derp" "updateFrequency"] ["services" "headscale" "settings" "derp" "update_frequency"])
(mkRenamedOptionModule ["services" "headscale" "ephemeralNodeInactivityTimeout"] ["services" "headscale" "settings" "ephemeral_node_inactivity_timeout"])
(mkRenamedOptionModule ["services" "headscale" "database" "type"] ["services" "headscale" "settings" "db_type"])
(mkRenamedOptionModule ["services" "headscale" "database" "path"] ["services" "headscale" "settings" "db_path"])
(mkRenamedOptionModule ["services" "headscale" "database" "host"] ["services" "headscale" "settings" "db_host"])
(mkRenamedOptionModule ["services" "headscale" "database" "port"] ["services" "headscale" "settings" "db_port"])
(mkRenamedOptionModule ["services" "headscale" "database" "name"] ["services" "headscale" "settings" "db_name"])
(mkRenamedOptionModule ["services" "headscale" "database" "user"] ["services" "headscale" "settings" "db_user"])
(mkRenamedOptionModule ["services" "headscale" "database" "passwordFile"] ["services" "headscale" "settings" "db_password_file"])
(mkRenamedOptionModule ["services" "headscale" "logLevel"] ["services" "headscale" "settings" "log" "level"])
(mkRenamedOptionModule ["services" "headscale" "dns" "nameservers"] ["services" "headscale" "settings" "dns_config" "nameservers"])
(mkRenamedOptionModule ["services" "headscale" "dns" "domains"] ["services" "headscale" "settings" "dns_config" "domains"])
(mkRenamedOptionModule ["services" "headscale" "dns" "magicDns"] ["services" "headscale" "settings" "dns_config" "magic_dns"])
(mkRenamedOptionModule ["services" "headscale" "dns" "baseDomain"] ["services" "headscale" "settings" "dns_config" "base_domain"])
(mkRenamedOptionModule ["services" "headscale" "openIdConnect" "issuer"] ["services" "headscale" "settings" "oidc" "issuer"])
(mkRenamedOptionModule ["services" "headscale" "openIdConnect" "clientId"] ["services" "headscale" "settings" "oidc" "client_id"])
(mkRenamedOptionModule ["services" "headscale" "openIdConnect" "clientSecretFile"] ["services" "headscale" "settings" "oidc" "client_secret_file"])
(mkRenamedOptionModule ["services" "headscale" "openIdConnect" "domainMap"] ["services" "headscale" "settings" "oidc" "domain_map"])
(mkRenamedOptionModule ["services" "headscale" "tls" "letsencrypt" "hostname"] ["services" "headscale" "settings" "tls_letsencrypt_hostname"])
(mkRenamedOptionModule ["services" "headscale" "tls" "letsencrypt" "challengeType"] ["services" "headscale" "settings" "tls_letsencrypt_challenge_type"])
(mkRenamedOptionModule ["services" "headscale" "tls" "letsencrypt" "httpListen"] ["services" "headscale" "settings" "tls_letsencrypt_listen"])
(mkRenamedOptionModule ["services" "headscale" "tls" "certFile"] ["services" "headscale" "settings" "tls_cert_path"])
(mkRenamedOptionModule ["services" "headscale" "tls" "keyFile"] ["services" "headscale" "settings" "tls_key_path"])
(mkRenamedOptionModule ["services" "headscale" "aclPolicyFile"] ["services" "headscale" "settings" "acl_policy_path"])
];
};
};
config = mkIf cfg.enable { config = mkIf cfg.enable {
services.headscale.settings = { services.headscale.settings = {
server_url = mkDefault cfg.serverUrl;
listen_addr = mkDefault "${cfg.address}:${toString cfg.port}"; listen_addr = mkDefault "${cfg.address}:${toString cfg.port}";
private_key_path = mkDefault cfg.privateKeyFile;
derp = {
urls = mkDefault cfg.derp.urls;
paths = mkDefault cfg.derp.paths;
auto_update_enable = mkDefault cfg.derp.autoUpdate;
update_frequency = mkDefault cfg.derp.updateFrequency;
};
# Turn off update checks since the origin of our package # Turn off update checks since the origin of our package
# is nixpkgs and not Github. # is nixpkgs and not Github.
disable_check_updates = true; disable_check_updates = true;
ephemeral_node_inactivity_timeout = mkDefault cfg.ephemeralNodeInactivityTimeout;
db_type = mkDefault cfg.database.type;
db_path = mkDefault cfg.database.path;
log_level = mkDefault cfg.logLevel;
dns_config = {
nameservers = mkDefault cfg.dns.nameservers;
domains = mkDefault cfg.dns.domains;
magic_dns = mkDefault cfg.dns.magicDns;
base_domain = mkDefault cfg.dns.baseDomain;
};
unix_socket = "${runDir}/headscale.sock"; unix_socket = "${runDir}/headscale.sock";
# OpenID Connect
oidc = {
issuer = mkDefault cfg.openIdConnect.issuer;
client_id = mkDefault cfg.openIdConnect.clientId;
domain_map = mkDefault cfg.openIdConnect.domainMap;
};
tls_letsencrypt_cache_dir = "${dataDir}/.cache"; tls_letsencrypt_cache_dir = "${dataDir}/.cache";
} // optionalAttrs (cfg.database.host != null) {
db_host = mkDefault cfg.database.host;
} // optionalAttrs (cfg.database.port != null) {
db_port = mkDefault cfg.database.port;
} // optionalAttrs (cfg.database.name != null) {
db_name = mkDefault cfg.database.name;
} // optionalAttrs (cfg.database.user != null) {
db_user = mkDefault cfg.database.user;
} // optionalAttrs (cfg.tls.letsencrypt.hostname != null) {
tls_letsencrypt_hostname = mkDefault cfg.tls.letsencrypt.hostname;
} // optionalAttrs (cfg.tls.letsencrypt.challengeType != null) {
tls_letsencrypt_challenge_type = mkDefault cfg.tls.letsencrypt.challengeType;
} // optionalAttrs (cfg.tls.letsencrypt.httpListen != null) {
tls_letsencrypt_listen = mkDefault cfg.tls.letsencrypt.httpListen;
} // optionalAttrs (cfg.tls.certFile != null) {
tls_cert_path = mkDefault cfg.tls.certFile;
} // optionalAttrs (cfg.tls.keyFile != null) {
tls_key_path = mkDefault cfg.tls.keyFile;
} // optionalAttrs (cfg.aclPolicyFile != null) {
acl_policy_path = mkDefault cfg.aclPolicyFile;
}; };
# Setup the headscale configuration in a known path in /etc to # Setup the headscale configuration in a known path in /etc to
@@ -434,21 +437,19 @@ in
environment.GIN_MODE = "release"; environment.GIN_MODE = "release";
script = '' script = ''
${optionalString (cfg.database.passwordFile != null) '' ${optionalString (cfg.settings.db_password_file != null) ''
export HEADSCALE_DB_PASS="$(head -n1 ${escapeShellArg cfg.database.passwordFile})" export HEADSCALE_DB_PASS="$(head -n1 ${escapeShellArg cfg.settings.db_password_file})"
''} ''}
${optionalString (cfg.openIdConnect.clientSecretFile != null) '' ${optionalString (cfg.settings.oidc.client_secret_file != null) ''
export HEADSCALE_OIDC_CLIENT_SECRET="$(head -n1 ${escapeShellArg cfg.openIdConnect.clientSecretFile})" export HEADSCALE_OIDC_CLIENT_SECRET="$(head -n1 ${escapeShellArg cfg.settings.oidc.client_secret_file})"
''} ''}
exec ${cfg.package}/bin/headscale serve exec ${cfg.package}/bin/headscale serve
''; '';
serviceConfig = serviceConfig = let
let
capabilityBoundingSet = ["CAP_CHOWN"] ++ optional (cfg.port < 1024) "CAP_NET_BIND_SERVICE"; capabilityBoundingSet = ["CAP_CHOWN"] ++ optional (cfg.port < 1024) "CAP_NET_BIND_SERVICE";
in in {
{
Restart = "always"; Restart = "always";
Type = "simple"; Type = "simple";
User = cfg.user; User = cfg.user;
@@ -492,5 +493,5 @@ in
}; };
}; };
meta.maintainers = with maintainers; [ kradalby ]; meta.maintainers = with maintainers; [kradalby misterio77];
} }

1
nixos/tests/all-tests.nix
View File

@@ -257,6 +257,7 @@ in {
haste-server = handleTest ./haste-server.nix {}; haste-server = handleTest ./haste-server.nix {};
haproxy = handleTest ./haproxy.nix {}; haproxy = handleTest ./haproxy.nix {};
hardened = handleTest ./hardened.nix {}; hardened = handleTest ./hardened.nix {};
headscale = handleTest ./headscale.nix {};
healthchecks = handleTest ./web-apps/healthchecks.nix {}; healthchecks = handleTest ./web-apps/healthchecks.nix {};
hbase2 = handleTest ./hbase.nix { package=pkgs.hbase2; }; hbase2 = handleTest ./hbase.nix { package=pkgs.hbase2; };
hbase_2_4 = handleTest ./hbase.nix { package=pkgs.hbase_2_4; }; hbase_2_4 = handleTest ./hbase.nix { package=pkgs.hbase_2_4; };

17
nixos/tests/headscale.nix Normal file
View File

@@ -0,0 +1,17 @@
import ./make-test-python.nix ({ pkgs, lib, ... }: {
name = "headscale";
meta.maintainers = with lib.maintainers; [ misterio77 ];
nodes.machine = { ... }: {
services.headscale.enable = true;
environment.systemPackages = [ pkgs.headscale ];
};
testScript = ''
machine.wait_for_unit("headscale")
machine.wait_for_open_port(8080)
# Test basic funcionality
machine.succeed("headscale namespaces create test")
machine.succeed("headscale preauthkeys -n test create")
'';
})

4
pkgs/applications/editors/vscode/extensions/default.nix
View File

@@ -1483,8 +1483,8 @@ let
mktplcRef = { mktplcRef = {
name = "latex-workshop"; name = "latex-workshop";
publisher = "James-Yu"; publisher = "James-Yu";
version = "9.1.1"; version = "9.2.0";
sha256 = "sha256-Xt/z5r9R090Z9nP1v7k+jYm9EOcjy0GfYiYpc7jNid4="; sha256 = "sha256-AAADJkMXsKvpEHBH8+TNM0x3CGEGVtf/b+tce297rkw=";
}; };
meta = with lib; { meta = with lib; {
changelog = "https://marketplace.visualstudio.com/items/James-Yu.latex-workshop/changelog"; changelog = "https://marketplace.visualstudio.com/items/James-Yu.latex-workshop/changelog";

6
pkgs/applications/misc/hugo/default.nix
View File

@@ -2,16 +2,16 @@
buildGoModule rec { buildGoModule rec {
pname = "hugo"; pname = "hugo";
version = "0.108.0"; version = "0.109.0";
src = fetchFromGitHub { src = fetchFromGitHub {
owner = "gohugoio"; owner = "gohugoio";
repo = pname; repo = pname;
rev = "v${version}"; rev = "v${version}";
sha256 = "sha256-MbpBGqu7IwQCf9DjSfIDi25ZGJYTI6xxSk9wPWxychw="; sha256 = "sha256-Eak4sU8UwzPQ5iuoNX+KrAJdZ6ZvBdDyJx4xeQI4sjY=";
}; };
vendorSha256 = "sha256-qFqSpQExz4u1ngjpt2Li6dk/qz4DCKEY9IcFFCna5is="; vendorSha256 = "sha256-0m5flwvchExP1IDAuE/oTB2eUEbq5KCE8Zvzp5e7yZ8=";
doCheck = false; doCheck = false;

11
pkgs/applications/misc/pdfpc/default.nix
View File

@@ -1,16 +1,16 @@
{ lib, stdenv, fetchFromGitHub, cmake, pkg-config, vala, gtk3, libgee { lib, stdenv, fetchFromGitHub, cmake, pkg-config, vala, gtk3, libgee
, poppler, libpthreadstubs, gstreamer, gst-plugins-base, gst-plugins-good, gst-libav, librsvg, pcre, gobject-introspection, wrapGAppsHook , poppler, libpthreadstubs, gstreamer, gst-plugins-base, gst-plugins-good, gst-libav, gobject-introspection, wrapGAppsHook
, webkitgtk, discount, json-glib }: , qrencode, webkitgtk, discount, json-glib }:
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
pname = "pdfpc"; pname = "pdfpc";
version = "4.5.0"; version = "4.6.0";
src = fetchFromGitHub { src = fetchFromGitHub {
repo = "pdfpc"; repo = "pdfpc";
owner = "pdfpc"; owner = "pdfpc";
rev = "v${version}"; rev = "v${version}";
sha256 = "0bmy51w6ypz927hxwp5g7wapqvzqmsi3w32rch6i3f94kg1152ck"; hash = "sha256-5HFmbVsNajMwo+lBe9kJcJyQGe61N6Oy2CI/WJwmSE4=";
}; };
nativeBuildInputs = [ nativeBuildInputs = [
@@ -22,11 +22,12 @@ stdenv.mkDerivation rec {
buildInputs = [ buildInputs = [
gtk3 libgee poppler gtk3 libgee poppler
libpthreadstubs librsvg pcre libpthreadstubs
gstreamer gstreamer
gst-plugins-base gst-plugins-base
(gst-plugins-good.override { gtkSupport = true; }) (gst-plugins-good.override { gtkSupport = true; })
gst-libav gst-libav
qrencode
webkitgtk webkitgtk
discount discount
json-glib json-glib

8
pkgs/applications/networking/cluster/fluxcd/default.nix
View File

@@ -1,9 +1,9 @@
{ lib, buildGoModule, fetchFromGitHub, fetchzip, installShellFiles, stdenv }: { lib, buildGoModule, fetchFromGitHub, fetchzip, installShellFiles, stdenv }:
let let
version = "0.38.1"; version = "0.38.2";
sha256 = "02np6g7q0v1mg10cvn2w8wsi0s7by810m5zb733jaf6lff9p7md8"; sha256 = "1fr3jg9j0hrnr55wh40d0lli593pid1vqnbgnw9wxqsv6677dh53";
manifestsSha256 = "11amanvfah5mgys5zkdzif1sffsz2jkflb60c9sx4arxz3v138cq"; manifestsSha256 = "1dmp7gdnwbg4jjc3dq1wp2jn3z3g6lm296b1nf24ndcfmjja58cz";
manifests = fetchzip { manifests = fetchzip {
url = url =
@@ -23,7 +23,7 @@ in buildGoModule rec {
inherit sha256; inherit sha256;
}; };
vendorSha256 = "sha256-8/rFdflDK3Pc5dDqSFJghjmJWVZAHiC+/6SDSWYzfVI="; vendorSha256 = "sha256-aPkuP6FVIkMAJi+wwNfgvxXi+PE1mMUXfxz44/R31KI=";
postUnpack = '' postUnpack = ''
cp -r ${manifests} source/cmd/flux/manifests cp -r ${manifests} source/cmd/flux/manifests

14
pkgs/applications/networking/instant-messengers/wire-desktop/default.nix
View File

@@ -23,13 +23,13 @@ let
pname = "wire-desktop"; pname = "wire-desktop";
version = { version = {
x86_64-darwin = "3.29.4477"; x86_64-darwin = "3.30.4506";
x86_64-linux = "3.29.2997"; x86_64-linux = "3.30.3018";
}.${system} or throwSystem; }.${system} or throwSystem;
sha256 = { hash = {
x86_64-darwin = "19snbd53hjfcqgnz24r85a34fr120b1wps4pv4vymnkxjld2wifc"; x86_64-darwin = "sha256-+htDeNIuucB4qzNBNYoSUH1DbfgouZS08G5hxPtIuzY=";
x86_64-linux = "0f5kkp93za4yr6ywdgph8zr6ivrbxq2gbskl8jysxawk1pz92pqf"; x86_64-linux = "sha256-46WjFA+E9M7RfTOM/Xoho+9ooToSgQiZaMlcZ3lJvBQ=";
}.${system} or throwSystem; }.${system} or throwSystem;
meta = with lib; { meta = with lib; {
@@ -66,7 +66,7 @@ let
src = fetchurl { src = fetchurl {
url = "https://wire-app.wire.com/linux/debian/pool/main/" url = "https://wire-app.wire.com/linux/debian/pool/main/"
+ "Wire-${version}_amd64.deb"; + "Wire-${version}_amd64.deb";
inherit sha256; inherit hash;
}; };
desktopItem = makeDesktopItem { desktopItem = makeDesktopItem {
@@ -134,7 +134,7 @@ let
src = fetchurl { src = fetchurl {
url = "https://github.com/wireapp/wire-desktop/releases/download/" url = "https://github.com/wireapp/wire-desktop/releases/download/"
+ "macos%2F${version}/Wire.pkg"; + "macos%2F${version}/Wire.pkg";
inherit sha256; inherit hash;
}; };
buildInputs = [ buildInputs = [

4
pkgs/applications/networking/newsreaders/liferea/default.nix
View File

@@ -24,11 +24,11 @@
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
pname = "liferea"; pname = "liferea";
version = "1.14-RC2"; version = "1.14-RC3";
src = fetchurl { src = fetchurl {
url = "https://github.com/lwindolf/${pname}/releases/download/v${version}/${pname}-${version}.tar.bz2"; url = "https://github.com/lwindolf/${pname}/releases/download/v${version}/${pname}-${version}.tar.bz2";
sha256 = "UTK82s+7bzL+SyT40qDsqX8KTkITTpWtR/0VY/+OpcA="; sha256 = "28xEGjzOKdrTlGF4OBEoDue9VVLrbiVgnoTKICfDp4M=";
}; };
nativeBuildInputs = [ nativeBuildInputs = [

6
pkgs/applications/networking/warp/default.nix
View File

@@ -17,14 +17,14 @@
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
pname = "warp"; pname = "warp";
version = "0.3.1"; version = "0.3.2";
src = fetchFromGitLab { src = fetchFromGitLab {
domain = "gitlab.gnome.org"; domain = "gitlab.gnome.org";
owner = "World"; owner = "World";
repo = pname; repo = pname;
rev = "v${version}"; rev = "v${version}";
hash = "sha256-0zjtaF0RwI7Sj2D5vRaiBJI+Bp/F17VO9ywMRqZyqxI="; hash = "sha256-oKkZC9fi5xPnLTI00MnG2gMjzMZHMNFI77ztbR4KQo4=";
}; };
postPatch = '' postPatch = ''
@@ -34,7 +34,7 @@ stdenv.mkDerivation rec {
cargoDeps = rustPlatform.fetchCargoTarball { cargoDeps = rustPlatform.fetchCargoTarball {
inherit src; inherit src;
name = "${pname}-${version}"; name = "${pname}-${version}";
hash = "sha256-HotArxXfmT6Gw6ZZZQ4X6bTx0EFb6vZLbXxhddmGID8="; hash = "sha256-sbyAyjxpol2SBxoLUsiPGfkP2diBPgJW0vEDHYWgmLU=";
}; };
nativeBuildInputs = [ nativeBuildInputs = [

5
pkgs/applications/terminal-emulators/terminator/default.nix
View File

@@ -14,13 +14,13 @@
python3.pkgs.buildPythonApplication rec { python3.pkgs.buildPythonApplication rec {
pname = "terminator"; pname = "terminator";
version = "2.1.1"; version = "2.1.2";
src = fetchFromGitHub { src = fetchFromGitHub {
owner = "gnome-terminator"; owner = "gnome-terminator";
repo = "terminator"; repo = "terminator";
rev = "v${version}"; rev = "v${version}";
sha256 = "1pfrzna30xv9yri6dsny1j5k35417m4hsg97c455vssywyl9w4jr"; hash = "sha256-dN9+6VGIdIyY52nm2BMONeb+WV7UGL68frjnHRxRzTU=";
}; };
nativeBuildInputs = [ nativeBuildInputs = [
@@ -70,6 +70,7 @@ python3.pkgs.buildPythonApplication rec {
quadkonsole, etc. in that the main focus is arranging terminals in grids quadkonsole, etc. in that the main focus is arranging terminals in grids
(tabs is the most common default method, which Terminator also supports). (tabs is the most common default method, which Terminator also supports).
''; '';
changelog = "https://github.com/gnome-terminator/terminator/releases/tag/v${version}";
homepage = "https://github.com/gnome-terminator/terminator"; homepage = "https://github.com/gnome-terminator/terminator";
license = licenses.gpl2; license = licenses.gpl2;
maintainers = with maintainers; [ bjornfor ]; maintainers = with maintainers; [ bjornfor ];

12
pkgs/applications/version-management/gitflow/default.nix
View File

@@ -1,6 +1,4 @@
{ pkgs, lib, stdenv, fetchFromGitHub }: { lib, stdenv, fetchFromGitHub, makeWrapper, getopt, git, coreutils }:
with pkgs.lib;
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
pname = "gitflow"; pname = "gitflow";
@@ -13,7 +11,7 @@ stdenv.mkDerivation rec {
sha256 = "sha256-kHirHG/bfsU6tKyQ0khNSTyChhzHfzib+HyA3LOtBI8="; sha256 = "sha256-kHirHG/bfsU6tKyQ0khNSTyChhzHfzib+HyA3LOtBI8=";
}; };
nativeBuildInputs = [ pkgs.makeWrapper ]; nativeBuildInputs = [ makeWrapper ];
preBuild = '' preBuild = ''
makeFlagsArray+=(prefix="$out") makeFlagsArray+=(prefix="$out")
@@ -21,9 +19,9 @@ stdenv.mkDerivation rec {
postInstall = '' postInstall = ''
wrapProgram $out/bin/git-flow \ wrapProgram $out/bin/git-flow \
--set FLAGS_GETOPT_CMD ${pkgs.getopt}/bin/getopt \ --set FLAGS_GETOPT_CMD ${getopt}/bin/getopt \
--suffix PATH : ${pkgs.git}/bin \ --suffix PATH : ${git}/bin \
--prefix PATH : ${pkgs.coreutils}/bin --prefix PATH : ${coreutils}/bin
''; '';
meta = with lib; { meta = with lib; {

8
pkgs/build-support/docker/default.nix
View File

@@ -486,7 +486,7 @@ rec {
inherit (stream) imageName; inherit (stream) imageName;
passthru = { inherit (stream) imageTag; }; passthru = { inherit (stream) imageTag; };
nativeBuildInputs = [ pigz ]; nativeBuildInputs = [ pigz ];
} "${stream} | pigz -nT > $out"; } "${stream} | pigz -nTR > $out";
# 1. extract the base image # 1. extract the base image
# 2. create the layer # 2. create the layer
@@ -735,7 +735,7 @@ rec {
chmod -R a-w image chmod -R a-w image
echo "Cooking the image..." echo "Cooking the image..."
tar -C image --hard-dereference --sort=name --mtime="@$SOURCE_DATE_EPOCH" --owner=0 --group=0 --xform s:'^./':: -c . | pigz -nT > $out tar -C image --hard-dereference --sort=name --mtime="@$SOURCE_DATE_EPOCH" --owner=0 --group=0 --xform s:'^./':: -c . | pigz -nTR > $out
echo "Finished." echo "Finished."
''; '';
@@ -775,7 +775,7 @@ rec {
mv repositories image/repositories mv repositories image/repositories
mv manifest.json image/manifest.json mv manifest.json image/manifest.json
# Create tarball and gzip # Create tarball and gzip
tar -C image --hard-dereference --sort=name --mtime="@$SOURCE_DATE_EPOCH" --owner=0 --group=0 --xform s:'^./':: -c . | pigz -nT > $out tar -C image --hard-dereference --sort=name --mtime="@$SOURCE_DATE_EPOCH" --owner=0 --group=0 --xform s:'^./':: -c . | pigz -nTR > $out
''; '';
@@ -1220,5 +1220,5 @@ rec {
inherit (stream) imageName; inherit (stream) imageName;
passthru = { inherit (stream) imageTag; }; passthru = { inherit (stream) imageTag; };
nativeBuildInputs = [ pigz ]; nativeBuildInputs = [ pigz ];
} "${stream} | pigz -nT > $out"; } "${stream} | pigz -nTR > $out";
} }

2
pkgs/build-support/node/build-npm-package/hooks/default.nix
View File

@@ -26,7 +26,7 @@
npmInstallHook = makeSetupHook npmInstallHook = makeSetupHook
{ {
name = "npm-install-hook"; name = "npm-install-hook";
deps = [ makeWrapper ]; deps = [ buildPackages.makeWrapper ];
substitutions = { substitutions = {
hostNode = "${nodejs}/bin/node"; hostNode = "${nodejs}/bin/node";
jq = "${buildPackages.jq}/bin/jq"; jq = "${buildPackages.jq}/bin/jq";

3
pkgs/development/beam-modules/default.nix
View File

@@ -1,6 +1,7 @@
{ lib, pkgs, erlang }: { lib, __splicedPackages, erlang }:
let let
pkgs = __splicedPackages;
inherit (lib) makeExtensible; inherit (lib) makeExtensible;
lib' = pkgs.callPackage ./lib.nix { }; lib' = pkgs.callPackage ./lib.nix { };

5
pkgs/development/beam-modules/lib.nix
View File

@@ -1,5 +1,8 @@
{ pkgs, lib }: { __splicedPackages, lib }:
let
pkgs = __splicedPackages;
in
rec { rec {
/* Similar to callPackageWith/callPackage, but without makeOverridable /* Similar to callPackageWith/callPackage, but without makeOverridable

4
pkgs/development/libraries/gtk/4.x.nix
View File

@@ -63,7 +63,7 @@ in
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
pname = "gtk4"; pname = "gtk4";
version = "4.8.2"; version = "4.8.3";
outputs = [ "out" "dev" ] ++ lib.optionals x11Support [ "devdoc" ]; outputs = [ "out" "dev" ] ++ lib.optionals x11Support [ "devdoc" ];
outputBin = "dev"; outputBin = "dev";
@@ -75,7 +75,7 @@ stdenv.mkDerivation rec {
src = fetchurl { src = fetchurl {
url = "mirror://gnome/sources/gtk/${lib.versions.majorMinor version}/gtk-${version}.tar.xz"; url = "mirror://gnome/sources/gtk/${lib.versions.majorMinor version}/gtk-${version}.tar.xz";
sha256 = "hbehYLbgLq+k59OPBG+HIPq1N9P+c8AchkMzqYOmkqk="; sha256 = "s2L5aNCFtNPZNA1NOMcGN33tnVN05pSitrfmKS48unQ=";
}; };
depsBuildBuild = [ depsBuildBuild = [

4
pkgs/development/libraries/icu/63.nix
View File

@@ -1,4 +1,4 @@
{ stdenv, lib, fetchurl, fetchpatch, fixDarwinDylibNames, nativeBuildRoot }: { stdenv, lib, fetchurl, fetchpatch, fixDarwinDylibNames, nativeBuildRoot, buildRootOnly ? false }:
import ./base.nix { import ./base.nix {
version = "63.1"; version = "63.1";
@@ -11,4 +11,4 @@ import ./base.nix {
}) })
]; ];
patchFlags = [ "-p3" ]; patchFlags = [ "-p3" ];
} { inherit stdenv lib fetchurl fixDarwinDylibNames nativeBuildRoot; } } { inherit stdenv lib fetchurl fixDarwinDylibNames nativeBuildRoot buildRootOnly; }

48
pkgs/development/python-modules/beancount-black/default.nix Normal file
View File

@@ -0,0 +1,48 @@
{ lib
, fetchFromGitHub
, buildPythonPackage
, pythonOlder
, beancount-parser
, click
, poetry-core
, pytestCheckHook
}:
buildPythonPackage rec {
pname = "beancount-black";
version = "0.1.13";
disabled = pythonOlder "3.9";
format = "pyproject";
src = fetchFromGitHub {
owner = "LaunchPlatform";
repo = "beancount-black";
rev = version;
sha256 = "sha256-jhcPR+5+e8d9cbcXC//xuBwmZ14xtXNlYtmH5yNSU0E=";
};
buildInputs = [
poetry-core
];
propagatedBuildInputs = [
beancount-parser
click
];
checkInputs = [
pytestCheckHook
];
pythonImportsCheck = [
"beancount_black"
];
meta = with lib; {
description = "Opinioned code formatter for Beancount";
homepage = "https://github.com/LaunchPlatform/beancount-black/";
license = with licenses; [ mit ];
maintainers = with maintainers; [ ambroisie ];
};
}

46
pkgs/development/python-modules/beancount-parser/default.nix Normal file
View File

@@ -0,0 +1,46 @@
{ lib
, fetchFromGitHub
, buildPythonPackage
, pythonOlder
, lark
, poetry-core
, pytestCheckHook
}:
buildPythonPackage rec {
pname = "beancount-parser";
version = "0.1.21";
disabled = pythonOlder "3.9";
format = "pyproject";
src = fetchFromGitHub {
owner = "LaunchPlatform";
repo = "beancount-parser";
rev = version;
sha256 = "sha256-0uhH75OEjC9iA0XD0VX7CGoRIP/hpM4y+53JnyXgZpA=";
};
buildInputs = [
poetry-core
];
propagatedBuildInputs = [
lark
];
checkInputs = [
pytestCheckHook
];
pythonImportsCheck = [
"beancount_parser"
];
meta = with lib; {
description = "Standalone Lark based Beancount syntax parser";
homepage = "https://github.com/LaunchPlatform/beancount-parser/";
license = with licenses; [ mit ];
maintainers = with maintainers; [ ambroisie ];
};
}

16
pkgs/development/tools/analysis/radare2/default.nix
View File

@@ -30,7 +30,7 @@
let let
# FIXME: Compare revision with # FIXME: Compare revision with
# https://github.com/radareorg/radare2/blob/master/libr/asm/arch/arm/v35arm64/Makefile#L26-L27 # https://github.com/radareorg/radare2/blob/master/libr/arch/p/arm/v35arm64/Makefile#L26-L27
arm64 = fetchFromGitHub { arm64 = fetchFromGitHub {
owner = "radareorg"; owner = "radareorg";
repo = "vector35-arch-arm64"; repo = "vector35-arch-arm64";
@@ -47,21 +47,23 @@ let
in in
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
pname = "radare2"; pname = "radare2";
version = "5.7.8"; version = "5.8.0";
src = fetchFromGitHub { src = fetchFromGitHub {
owner = "radare"; owner = "radare";
repo = "radare2"; repo = "radare2";
rev = version; rev = version;
hash = "sha256-+/9SeILuDCUaYwPhhN6z3vQFicd1Bh8N/yicZTybR5o="; hash = "sha256-9bDwtMNru7tG0L735y+Vrcg7Htk/TV9SVZn7WP4Ap4c=";
}; };
preBuild = '' preBuild = ''
cp -r ${arm64} ../libr/asm/arch/arm/v35arm64/arch-arm64 pushd ../libr/arch/p/arm/v35arm64
chmod -R +w ../libr/asm/arch/arm/v35arm64/arch-arm64 cp -r ${arm64} arch-arm64
chmod -R +w arch-arm64
cp -r ${armv7} ../libr/asm/arch/arm/v35arm64/arch-armv7 cp -r ${armv7} arch-armv7
chmod -R +w ../libr/asm/arch/arm/v35arm64/arch-armv7 chmod -R +w arch-armv7
popd
''; '';
postFixup = lib.optionalString stdenv.isDarwin '' postFixup = lib.optionalString stdenv.isDarwin ''

6
pkgs/development/tools/ruff/default.nix
View File

@@ -7,16 +7,16 @@
rustPlatform.buildRustPackage rec { rustPlatform.buildRustPackage rec {
pname = "ruff"; pname = "ruff";
version = "0.0.191"; version = "0.0.192";
src = fetchFromGitHub { src = fetchFromGitHub {
owner = "charliermarsh"; owner = "charliermarsh";
repo = pname; repo = pname;
rev = "v${version}"; rev = "v${version}";
sha256 = "sha256-tjiXVxUXZvWzEDp/HjzOmMP159nLqGMCxejKITckZXQ="; sha256 = "sha256-EhivXOuXeq+x7fozMdof4Sh9jFXYLqyVK4ysWzUbM4s=";
}; };
cargoSha256 = "sha256-fCcXi1ebMiNrvyqE7dS5euUgNWQ8NkywxzDkJ29kTcI="; cargoSha256 = "sha256-7EoYQ0WvlVp1Cbg/1kkMX0SoC3Ae6lDdwHju0CyFkAg=";
buildInputs = lib.optionals stdenv.isDarwin [ buildInputs = lib.optionals stdenv.isDarwin [
darwin.apple_sdk.frameworks.CoreServices darwin.apple_sdk.frameworks.CoreServices

6
pkgs/development/tools/rust/rust-analyzer/default.nix
View File

@@ -12,14 +12,14 @@
rustPlatform.buildRustPackage rec { rustPlatform.buildRustPackage rec {
pname = "rust-analyzer-unwrapped"; pname = "rust-analyzer-unwrapped";
version = "2022-12-12"; version = "2022-12-19";
cargoSha256 = "sha256-YTakd4qRwXUoxzFWXCj8l9nA3wjJtfVmKbhX9XlaEbE="; cargoSha256 = "sha256-/Ep/YELl1eA6HzZ/a7pi2a1XSlYB36VZJJPLZKnx4J0=";
src = fetchFromGitHub { src = fetchFromGitHub {
owner = "rust-lang"; owner = "rust-lang";
repo = "rust-analyzer"; repo = "rust-analyzer";
rev = version; rev = version;
sha256 = "sha256-QLKX/JhK+jRE61teK+Cr4f2KuAzgYuawStxOgJymqRg="; sha256 = "sha256-sGZNmkUwHt7FmuwDyYjnTAyo8ZMkH9iOdCOyU+2Vcos=";
}; };
cargoBuildFlags = [ "--bin" "rust-analyzer" "--bin" "rust-analyzer-proc-macro-srv" ]; cargoBuildFlags = [ "--bin" "rust-analyzer" "--bin" "rust-analyzer-proc-macro-srv" ];

6
pkgs/os-specific/linux/nftables/default.nix
View File

@@ -9,12 +9,12 @@
}: }:
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
version = "1.0.5"; version = "1.0.6";
pname = "nftables"; pname = "nftables";
src = fetchurl { src = fetchurl {
url = "https://netfilter.org/projects/nftables/files/${pname}-${version}.tar.bz2"; url = "https://netfilter.org/projects/nftables/files/${pname}-${version}.tar.xz";
hash = "sha256-jRtLGDk69DaY0QuqJdK5tjl5ab7srHgWw13QcU5N5Qo="; hash = "sha256-JAdDDd2CmHZw5I3C/anigLqoMHq+wEqxjWCd89sAXkw=";
}; };
nativeBuildInputs = [ nativeBuildInputs = [

6
pkgs/servers/bloat/default.nix
View File

@@ -6,12 +6,12 @@
buildGoModule { buildGoModule {
pname = "bloat"; pname = "bloat";
version = "unstable-2022-10-25"; version = "unstable-2022-12-17";
src = fetchgit { src = fetchgit {
url = "git://git.freesoftwareextremist.com/bloat"; url = "git://git.freesoftwareextremist.com/bloat";
rev = "887ed241d64ba5db3fd3d87194fb5595e5ad7d73"; rev = "5147897c6c8ba3428ea6998f77241182ee8caa24";
sha256 = "sha256-2G7DcK21GBICdQYWRTTMzHmkrgstrEelVlLcYgKlUGM="; sha256 = "sha256-/sSRzAAWO/KtXOD3lQsqaXc+lOuN7MJqbfASueLYBQk=";
}; };
vendorSha256 = null; vendorSha256 = null;

19
pkgs/servers/headscale/default.nix
View File

@@ -1,21 +1,28 @@
{ lib, buildGoModule, fetchFromGitHub, installShellFiles }: {
lib,
buildGoModule,
fetchFromGitHub,
installShellFiles,
}:
buildGoModule rec { buildGoModule rec {
pname = "headscale"; pname = "headscale";
version = "0.16.4"; version = "0.17.1";
src = fetchFromGitHub { src = fetchFromGitHub {
owner = "juanfont"; owner = "juanfont";
repo = "headscale"; repo = "headscale";
rev = "v${version}"; rev = "v${version}";
sha256 = "sha256-j5fbWxRMkYlsgL1QDEDlitKB3FOmDTy17FcuztALISw="; sha256 = "sha256-/NJUtmH67VZERCvExcX4W4T9Rcixc5m28ujNcrQduWg=";
}; };
vendorSha256 = "sha256-RzmnAh81BN4tbzAGzJbb6CMuws8kuPJDw7aPkRRnSS8="; vendorSha256 = "sha256-Y1IK9Tx2sv0v27ZYtSxDP9keHQ7skctDOa+37pNGEC8=";
ldflags = ["-s" "-w" "-X github.com/juanfont/headscale/cmd/headscale/cli.Version=v${version}"]; ldflags = ["-s" "-w" "-X github.com/juanfont/headscale/cmd/headscale/cli.Version=v${version}"];
nativeBuildInputs = [installShellFiles]; nativeBuildInputs = [installShellFiles];
checkFlags = ["-short"];
tags = ["ts2019"];
postInstall = '' postInstall = ''
installShellCompletion --cmd headscale \ installShellCompletion --cmd headscale \
@@ -44,6 +51,6 @@ buildGoModule rec {
Headscale implements this coordination server. Headscale implements this coordination server.
''; '';
license = licenses.bsd3; license = licenses.bsd3;
maintainers = with maintainers; [ nkje jk kradalby ]; maintainers = with maintainers; [nkje jk kradalby misterio77 ghuntley];
}; };
} }

51
pkgs/servers/minio/legacy_fs.nix Normal file
View File

@@ -0,0 +1,51 @@
{ lib, buildGoModule, fetchFromGitHub, nixosTests }:
let
# The web client verifies, that the server version is a valid datetime string:
# https://github.com/minio/minio/blob/3a0e7347cad25c60b2e51ff3194588b34d9e424c/browser/app/js/web.js#L51-L53
#
# Example:
# versionToTimestamp "2021-04-22T15-44-28Z"
# => "2021-04-22T15:44:28Z"
versionToTimestamp = version:
let
splitTS = builtins.elemAt (builtins.split "(.*)(T.*)" version) 1;
in
builtins.concatStringsSep "" [ (builtins.elemAt splitTS 0) (builtins.replaceStrings [ "-" ] [ ":" ] (builtins.elemAt splitTS 1)) ];
in
buildGoModule rec {
pname = "minio";
version = "2022-10-24T18-35-07Z";
src = fetchFromGitHub {
owner = "minio";
repo = "minio";
rev = "RELEASE.${version}";
sha256 = "sha256-sABNzhyfBNU5pWyE/VWHUzuSyKsx0glj01ectJPakV8=";
};
vendorSha256 = "sha256-wB3UiuptT6D0CIUlHC1d5k0rjIxNeh5yAWOmYpyLGmA=";
doCheck = false;
subPackages = [ "." ];
CGO_ENABLED = 0;
tags = [ "kqueue" ];
ldflags = let t = "github.com/minio/minio/cmd"; in [
"-s" "-w" "-X ${t}.Version=${versionToTimestamp version}" "-X ${t}.ReleaseTag=RELEASE.${version}" "-X ${t}.CommitID=${src.rev}"
];
passthru.tests.minio = nixosTests.minio;
meta = with lib; {
homepage = "https://www.minio.io/";
description = "An S3-compatible object storage server";
changelog = "https://github.com/minio/minio/releases/tag/RELEASE.${version}";
maintainers = with maintainers; [ eelco bachp ];
platforms = platforms.unix;
license = licenses.agpl3Plus;
};
}

8
pkgs/servers/monitoring/grafana-agent/default.nix
View File

@@ -2,16 +2,16 @@
buildGoModule rec { buildGoModule rec {
pname = "grafana-agent"; pname = "grafana-agent";
version = "0.29.0"; version = "0.30.1";
src = fetchFromGitHub { src = fetchFromGitHub {
rev = "v${version}"; rev = "v${version}";
owner = "grafana"; owner = "grafana";
repo = "agent"; repo = "agent";
sha256 = "sha256-6CnYoUECT6vcQw2v7GLRzOtlL4tKKpz4VADuz9MxseM="; sha256 = "sha256-QunB14B3HRzB5UL5OZaFsm4WGIOMnByYKblTogVOeHE=";
}; };
vendorSha256 = "sha256-FSxkldMYMmyjVv6UYeZlceygkfKFzZK2udeUNBbpYnc="; vendorSha256 = "sha256-Cl3oygH1RPF+ZdJvkDmr7eyU5daxaZwNE8pQOHK/qP4=";
ldflags = let ldflags = let
prefix = "github.com/grafana/agent/pkg/build"; prefix = "github.com/grafana/agent/pkg/build";
@@ -27,8 +27,8 @@ buildGoModule rec {
tags = [ tags = [
"nonetwork" "nonetwork"
"noebpf"
"nodocker" "nodocker"
"promtail_journal_enabled"
]; ];
subPackages = [ subPackages = [

4
pkgs/tools/misc/cloc/default.nix
View File

@@ -2,13 +2,13 @@
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
pname = "cloc"; pname = "cloc";
version = "1.94"; version = "1.96";
src = fetchFromGitHub { src = fetchFromGitHub {
owner = "AlDanial"; owner = "AlDanial";
repo = "cloc"; repo = "cloc";
rev = "v${version}"; rev = "v${version}";
sha256 = "sha256-m0pTShkwaX77IY1y9pWQnp6AVklYxg3L2JMiE/KfUyA="; sha256 = "sha256-20vL+SX8Tbp6QxErDn76c6sLWnB1IJwHlQX4YAvj+Eg=";
}; };
setSourceRoot = '' setSourceRoot = ''

6
pkgs/tools/security/gopass/default.nix
View File

@@ -13,7 +13,7 @@
buildGoModule rec { buildGoModule rec {
pname = "gopass"; pname = "gopass";
version = "1.15.0"; version = "1.15.2";
nativeBuildInputs = [ installShellFiles makeWrapper ]; nativeBuildInputs = [ installShellFiles makeWrapper ];
@@ -21,10 +21,10 @@ buildGoModule rec {
owner = "gopasspw"; owner = "gopasspw";
repo = pname; repo = pname;
rev = "v${version}"; rev = "v${version}";
hash = "sha256-1nf8nzSOI22z/lvhS8Urq6B6OUMcFFrPZoHIbRINz4c="; hash = "sha256-UvHLbbV75mrWDmlsM382gBhgOpgf5k9NmAQtVbePD04=";
}; };
vendorHash = "sha256-1ILZtvgwn60NIaOy7zRcYA/PFrnLSb7ykAUd/WrGYtQ="; vendorHash = "sha256-2YycEsEsvBKb30LkQx38Rm3nxq5q6KN0Pb1FBXco0PU=";
subPackages = [ "." ]; subPackages = [ "." ];

6
pkgs/tools/security/gopass/git-credential.nix
View File

@@ -7,16 +7,16 @@
buildGoModule rec { buildGoModule rec {
pname = "git-credential-gopass"; pname = "git-credential-gopass";
version = "1.15.0"; version = "1.15.2";
src = fetchFromGitHub { src = fetchFromGitHub {
owner = "gopasspw"; owner = "gopasspw";
repo = pname; repo = pname;
rev = "v${version}"; rev = "v${version}";
hash = "sha256-o1kkS8JlPFIiwm3nQLMuERcb4NC3v8FIG0kYGrGzkbA="; hash = "sha256-HuqN/hl4weUr/PLyCE9dyrXADPHJW2XryQWWCMwgJ8k=";
}; };
vendorHash = "sha256-KPCmYNSMa8F9xtStEyN5xho2/OF1ZqVFmLexHV3wJzM="; vendorHash = "sha256-1pQ+f+m+cff6M0sfydaqGyvXqS6lyi9mfi9Pl4tynhU=";
subPackages = [ "." ]; subPackages = [ "." ];

6
pkgs/tools/security/gopass/hibp.nix
View File

@@ -7,16 +7,16 @@
buildGoModule rec { buildGoModule rec {
pname = "gopass-hibp"; pname = "gopass-hibp";
version = "1.15.0"; version = "1.15.2";
src = fetchFromGitHub { src = fetchFromGitHub {
owner = "gopasspw"; owner = "gopasspw";
repo = pname; repo = pname;
rev = "v${version}"; rev = "v${version}";
hash = "sha256-VBi4Lk1lQb/p2iyY2EbRuizNATu/MJ/PErfUT53enrE="; hash = "sha256-2F1OqVxXrQpwg2M1o8gQzczXI2JKVFCA1K6kGUc+e5U=";
}; };
vendorHash = "sha256-PRSl1JkEb4yuQWeNAfkr8Iq2cYMVngUl9nLXEkHd7GU="; vendorHash = "sha256-3KYEn4+YI5KwAlfokUF5hU801xylWVtmJwocVl6QfhM=";
subPackages = [ "." ]; subPackages = [ "." ];

6
pkgs/tools/security/gopass/jsonapi.nix
View File

@@ -8,16 +8,16 @@
buildGoModule rec { buildGoModule rec {
pname = "gopass-jsonapi"; pname = "gopass-jsonapi";
version = "1.15.0"; version = "1.15.2";
src = fetchFromGitHub { src = fetchFromGitHub {
owner = "gopasspw"; owner = "gopasspw";
repo = pname; repo = pname;
rev = "v${version}"; rev = "v${version}";
hash = "sha256-0pCk82na0lWEaRlHhf/Q2BC3K2/sLBHZzKvCN86TMMI="; hash = "sha256-Y1Ol46/7uct7Xap1mV/sqG82khlylVvk5Hsvj6d9eLU=";
}; };
vendorHash = "sha256-fuazCxWJAnxUsxakN2VT9DWNwRO/s89G1sJXk48uO34="; vendorHash = "sha256-dk6bdJkl9PKBbCjEL1IUHp0EmTZ3ZFVbmnluKVWZ1P4=";
subPackages = [ "." ]; subPackages = [ "." ];

6
pkgs/tools/security/gopass/summon.nix
View File

@@ -7,16 +7,16 @@
buildGoModule rec { buildGoModule rec {
pname = "gopass-summon-provider"; pname = "gopass-summon-provider";
version = "1.15.0"; version = "1.15.2";
src = fetchFromGitHub { src = fetchFromGitHub {
owner = "gopasspw"; owner = "gopasspw";
repo = pname; repo = pname;
rev = "v${version}"; rev = "v${version}";
hash = "sha256-cF9nwFmBpK/Q3ZIkYos8PSQJmRAnqXCrVcfb72TXpdE="; hash = "sha256-tcRdb6zkFO/fhCm9YE7qDPYROuOrsN2BeeX+TtTnaHc=";
}; };
vendorHash = "sha256-KPCmYNSMa8F9xtStEyN5xho2/OF1ZqVFmLexHV3wJzM="; vendorHash = "sha256-1pQ+f+m+cff6M0sfydaqGyvXqS6lyi9mfi9Pl4tynhU=";
subPackages = [ "." ]; subPackages = [ "." ];

11
pkgs/tools/security/iaito/default.nix
View File

@@ -13,21 +13,21 @@
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
pname = "iaito"; pname = "iaito";
version = "5.7.8"; version = "5.8.0";
srcs = [ srcs = [
(fetchFromGitHub rec { (fetchFromGitHub rec {
owner = "radareorg"; owner = "radareorg";
repo = "iaito"; repo = "iaito";
rev = version; rev = version;
hash = "sha256-c36WLpVUnffeY6cXSEHvguo8BHyxaLAluN9hBKsQc0s="; hash = "sha256-LqJu30Bp+JgB+y3MDyPVuFmEoXTpfA7K2pxv1ZCABx0=";
name = repo; name = repo;
}) })
(fetchFromGitHub rec { (fetchFromGitHub rec {
owner = "radareorg"; owner = "radareorg";
repo = "iaito-translations"; repo = "iaito-translations";
rev = "ab923335409fa298c39f0014588d78d926c6f3a2"; rev = "e66b3a962a7fc7dfd730764180011ecffbb206bf";
hash = "sha256-qkIC67a6YRwOa2Sr16Vg6If1TmAiSKUV7hw13Wxwl/w="; hash = "sha256-6NRTZ/ydypsB5TwbivvwOH9TEMAff/LH69hCXTvMPp8=";
name = repo; name = repo;
}) })
]; ];
@@ -56,6 +56,9 @@ stdenv.mkDerivation rec {
radare2 radare2
]; ];
# the radare2 binary package seems to not install all necessary headers.
NIX_CFLAGS_COMPILE = [ "-I" "${radare2.src}/shlr/sdb/include/sdb" ];
postBuild = '' postBuild = ''
pushd ../../../iaito-translations pushd ../../../iaito-translations
make build PREFIX=$out make build PREFIX=$out

8
pkgs/top-level/all-packages.nix
View File

@@ -973,7 +973,8 @@ with pkgs;
makeShellWrapper = makeSetupHook makeShellWrapper = makeSetupHook
{ deps = [ dieHook ]; { deps = [ dieHook ];
substitutions = { substitutions = {
shell = targetPackages.runtimeShell; # targetPackages.runtimeShell only exists when pkgs == targetPackages (when targetPackages is not __raw)
shell = if targetPackages ? runtimeShell then targetPackages.runtimeShell else throw "makeWrapper/makeShellWrapper must be in nativeBuildInputs";
}; };
passthru = { passthru = {
tests = tests.makeWrapper; tests = tests.makeWrapper;
@@ -24129,6 +24130,9 @@ with pkgs;
micronaut = callPackage ../development/tools/micronaut {}; micronaut = callPackage ../development/tools/micronaut {};
minio = callPackage ../servers/minio { }; minio = callPackage ../servers/minio { };
# Keep around to allow people to migrate their data from the old legacy fs format
# https://github.com/minio/minio/releases/tag/RELEASE.2022-10-29T06-21-33Z
minio_legacy_fs = callPackage ../servers/minio/legacy_fs.nix { };
mkchromecast = libsForQt5.callPackage ../applications/networking/mkchromecast { }; mkchromecast = libsForQt5.callPackage ../applications/networking/mkchromecast { };
@@ -33970,6 +33974,8 @@ with pkgs;
beancount = with python3.pkgs; toPythonApplication beancount; beancount = with python3.pkgs; toPythonApplication beancount;
beancount-black = with python3.pkgs; toPythonApplication beancount-black;
beancount-language-server = callPackage ../development/tools/beancount-language-server {}; beancount-language-server = callPackage ../development/tools/beancount-language-server {};
bean-add = callPackage ../applications/office/beancount/bean-add.nix { }; bean-add = callPackage ../applications/office/beancount/bean-add.nix { };

4
pkgs/top-level/python-packages.nix
View File

@@ -1188,6 +1188,10 @@ self: super: with self; {
beancount = callPackage ../development/python-modules/beancount { }; beancount = callPackage ../development/python-modules/beancount { };
beancount-black = callPackage ../development/python-modules/beancount-black { };
beancount-parser = callPackage ../development/python-modules/beancount-parser { };
beancount_docverif = callPackage ../development/python-modules/beancount_docverif { }; beancount_docverif = callPackage ../development/python-modules/beancount_docverif { };
beanstalkc = callPackage ../development/python-modules/beanstalkc { }; beanstalkc = callPackage ../development/python-modules/beanstalkc { };