gador/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge branch 'master' into current

Browse Source
This commit is contained in:
Florian Brandes
2022-12-23 19:13:30 +01:00
parent 375402b6b5 7b560e9728
commit 2dfd06ed29
41 changed files with 721 additions and 480 deletions
Download Patch File Download Diff File Expand all files Collapse all files

43
nixos/doc/manual/from_md/release-notes/rl-2305.section.xml
View File

@@ -98,6 +98,26 @@
<literal>fetch-ec2-metadata.service</literal>
</para>
</listitem>
<listitem>
<para>
<literal>minio</literal> removed support for its legacy
filesystem backend in
<link xlink:href="https://github.com/minio/minio/releases/tag/RELEASE.2022-10-29T06-21-33Z">RELEASE.2022-10-29T06-21-33Z</link>.
This means if your storage was created with the old format,
minio will no longer start. Unfortunately minio doesnt
provide a an automatic migration, they only provide
<link xlink:href="https://min.io/docs/minio/windows/operations/install-deploy-manage/migrate-fs-gateway.html">instructions
how to manually convert the node</link>. To facilitate this
migration we keep around the last version that still supports
the old filesystem backend as
<literal>minio_legacy_fs</literal>. Use it via
<literal>services.minio.package = minio_legacy_fs;</literal>
to export your data before switching to the new version. See
the corresponding
<link xlink:href="https://github.com/NixOS/nixpkgs/issues/199318">issue</link>
for more details.
</para>
</listitem>
<listitem>
<para>
<literal>services.sourcehut.dispatch</literal> and the
@@ -268,6 +288,29 @@
remote <literal>PostgreSQL</literal> database.
</para>
</listitem>
<listitem>
<para>
The module <literal>services.headscale</literal> was
refactored to be compliant with
<link xlink:href="https://github.com/NixOS/rfcs/blob/master/rfcs/0042-config-option.md">RFC
0042</link>. To be precise, this means that the following
things have changed:
</para>
<itemizedlist spacing="compact">
<listitem>
<para>
Most settings has been migrated under
<link linkend="opt-services.headscale.settings">services.headscale.settings</link>
which is an attribute-set that will be converted into
headscales YAML config format. This means that the
configuration from
<link xlink:href="https://github.com/juanfont/headscale/blob/main/config-example.yaml">headscales
example configuration</link> can be directly written as
attribute-set in Nix within this option.
</para>
</listitem>
</itemizedlist>
</listitem>
<listitem>
<para>
A new <literal>virtualisation.rosetta</literal> module was

11
nixos/doc/manual/release-notes/rl-2305.section.md
View File

@@ -35,6 +35,8 @@ In addition to numerous new and upgraded packages, this release has the followin
- The EC2 image module no longer fetches instance metadata in stage-1. This results in a significantly smaller initramfs, since network drivers no longer need to be included, and faster boots, since metadata fetching can happen in parallel with startup of other services.
This breaks services which rely on metadata being present by the time stage-2 is entered. Anything which reads EC2 metadata from `/etc/ec2-metadata` should now have an `after` dependency on `fetch-ec2-metadata.service`
- `minio` removed support for its legacy filesystem backend in [RELEASE.2022-10-29T06-21-33Z](https://github.com/minio/minio/releases/tag/RELEASE.2022-10-29T06-21-33Z). This means if your storage was created with the old format, minio will no longer start. Unfortunately minio doesn't provide a an automatic migration, they only provide [instructions how to manually convert the node](https://min.io/docs/minio/windows/operations/install-deploy-manage/migrate-fs-gateway.html). To facilitate this migration we keep around the last version that still supports the old filesystem backend as `minio_legacy_fs`. Use it via `services.minio.package = minio_legacy_fs;` to export your data before switching to the new version. See the corresponding [issue](https://github.com/NixOS/nixpkgs/issues/199318) for more details.
- `services.sourcehut.dispatch` and the corresponding package (`sourcehut.dispatchsrht`) have been removed due to [upstream deprecation](https://sourcehut.org/blog/2022-08-01-dispatch-deprecation-plans/).
- The [services.snapserver.openFirewall](#opt-services.snapserver.openFirewall) module option default value has been changed from `true` to `false`. You will need to explicitly set this option to `true`, or configure your firewall.
@@ -59,7 +61,7 @@ In addition to numerous new and upgraded packages, this release has the followin
<!-- To avoid merge conflicts, consider adding your item at an arbitrary place in the list instead. -->
- `vim_configurable` has been renamed to `vim-full` to avoid confusion: `vim-full`'s build-time features are configurable, but both `vim` and `vim-full` are *customizable* (in the sense of user configuration, like vimrc).
- `vim_configurable` has been renamed to `vim-full` to avoid confusion: `vim-full`'s build-time features are configurable, but both `vim` and `vim-full` are _customizable_ (in the sense of user configuration, like vimrc).
- The module for the application firewall `opensnitch` got the ability to configure rules. Available as [services.opensnitch.rules](#opt-services.opensnitch.rules)
@@ -78,6 +80,13 @@ In addition to numerous new and upgraded packages, this release has the followin
- `mastodon` now supports connection to a remote `PostgreSQL` database.
- The module `services.headscale` was refactored to be compliant with [RFC 0042](https://github.com/NixOS/rfcs/blob/master/rfcs/0042-config-option.md). To be precise, this means that the following things have changed:
- Most settings has been migrated under [services.headscale.settings](#opt-services.headscale.settings) which is an attribute-set that
will be converted into headscale's YAML config format. This means that the configuration from
[headscale's example configuration](https://github.com/juanfont/headscale/blob/main/config-example.yaml)
can be directly written as attribute-set in Nix within this option.
- A new `virtualisation.rosetta` module was added to allow running `x86_64` binaries through [Rosetta](https://developer.apple.com/documentation/apple-silicon/about-the-rosetta-translation-environment) inside virtualised NixOS guests on Apple silicon. This feature works by default with the [UTM](https://docs.getutm.app/) virtualisation [package](https://search.nixos.org/packages?channel=unstable&show=utm&from=0&size=1&sort=relevance&type=packages&query=utm).
- The new option `users.motdFile` allows configuring a Message Of The Day that can be updated dynamically.

1
nixos/modules/module-list.nix
View File

@@ -876,7 +876,6 @@
./services/networking/miredo.nix
./services/networking/mjpg-streamer.nix
./services/networking/mmsd.nix
./services/networking/mosquitto.nix
./services/networking/monero.nix
./services/networking/morty.nix
./services/networking/mosquitto.nix

2
nixos/modules/services/misc/nitter.nix
View File

@@ -47,7 +47,7 @@ in
{
options = {
services.nitter = {
enable = mkEnableOption (lib.mdDoc "If enabled, start Nitter.");
enable = mkEnableOption (lib.mdDoc "Nitter");
package = mkOption {
default = pkgs.nitter;

281
nixos/modules/services/networking/headscale.nix
View File

@@ -1,15 +1,18 @@
{ config, lib, pkgs, ... }:
with lib;
let
{
config,
lib,
pkgs,
...
}:
with lib; let
cfg = config.services.headscale;
dataDir = "/var/lib/headscale";
runDir = "/run/headscale";
settingsFormat = pkgs.formats.yaml { };
settingsFormat = pkgs.formats.yaml {};
configFile = settingsFormat.generate "headscale.yaml" cfg.settings;
in
{
in {
options = {
services.headscale = {
enable = mkEnableOption (lib.mdDoc "headscale, Open Source coordination server for Tailscale");
@@ -51,15 +54,6 @@ in
'';
};
serverUrl = mkOption {
type = types.str;
default = "http://127.0.0.1:8080";
description = lib.mdDoc ''
The url clients will connect to.
'';
example = "https://myheadscale.example.com:443";
};
address = mkOption {
type = types.str;
default = "127.0.0.1";
@@ -78,7 +72,26 @@ in
example = 443;
};
privateKeyFile = mkOption {
settings = mkOption {
description = lib.mdDoc ''
Overrides to {file}`config.yaml` as a Nix attribute set.
Check the [example config](https://github.com/juanfont/headscale/blob/main/config-example.yaml)
for possible options.
'';
type = types.submodule {
freeformType = settingsFormat.type;
options = {
server_url = mkOption {
type = types.str;
default = "http://127.0.0.1:8080";
description = lib.mdDoc ''
The url clients will connect to.
'';
example = "https://myheadscale.example.com:443";
};
private_key_path = mkOption {
type = types.path;
default = "${dataDir}/private.key";
description = lib.mdDoc ''
@@ -86,10 +99,18 @@ in
'';
};
noise.private_key_path = mkOption {
type = types.path;
default = "${dataDir}/noise_private.key";
description = lib.mdDoc ''
Path to noise private key file, generated automatically if it does not exist.
'';
};
derp = {
urls = mkOption {
type = types.listOf types.str;
default = [ "https://controlplane.tailscale.com/derpmap/default" ];
default = ["https://controlplane.tailscale.com/derpmap/default"];
description = lib.mdDoc ''
List of urls containing DERP maps.
See [How Tailscale works](https://tailscale.com/blog/how-tailscale-works/) for more information on DERP maps.
@@ -98,15 +119,14 @@ in
paths = mkOption {
type = types.listOf types.path;
default = [ ];
default = [];
description = lib.mdDoc ''
List of file paths containing DERP maps.
See [How Tailscale works](https://tailscale.com/blog/how-tailscale-works/) for more information on DERP maps.
'';
};
autoUpdate = mkOption {
auto_update_enable = mkOption {
type = types.bool;
default = true;
description = lib.mdDoc ''
@@ -115,7 +135,7 @@ in
example = false;
};
updateFrequency = mkOption {
update_frequency = mkOption {
type = types.str;
default = "24h";
description = lib.mdDoc ''
@@ -123,10 +143,9 @@ in
'';
example = "5m";
};
};
ephemeralNodeInactivityTimeout = mkOption {
ephemeral_node_inactivity_timeout = mkOption {
type = types.str;
default = "30m";
description = lib.mdDoc ''
@@ -135,43 +154,42 @@ in
example = "5m";
};
database = {
type = mkOption {
type = types.enum [ "sqlite3" "postgres" ];
db_type = mkOption {
type = types.enum ["sqlite3" "postgres"];
example = "postgres";
default = "sqlite3";
description = lib.mdDoc "Database engine to use.";
};
host = mkOption {
db_host = mkOption {
type = types.nullOr types.str;
default = null;
example = "127.0.0.1";
description = lib.mdDoc "Database host address.";
};
port = mkOption {
db_port = mkOption {
type = types.nullOr types.port;
default = null;
example = 3306;
description = lib.mdDoc "Database host port.";
};
name = mkOption {
db_name = mkOption {
type = types.nullOr types.str;
default = null;
example = "headscale";
description = lib.mdDoc "Database name.";
};
user = mkOption {
db_user = mkOption {
type = types.nullOr types.str;
default = null;
example = "headscale";
description = lib.mdDoc "Database user.";
};
passwordFile = mkOption {
db_password_file = mkOption {
type = types.nullOr types.path;
default = null;
example = "/run/keys/headscale-dbpassword";
@@ -181,14 +199,13 @@ in
'';
};
path = mkOption {
db_path = mkOption {
type = types.nullOr types.str;
default = "${dataDir}/db.sqlite";
description = lib.mdDoc "Path to the sqlite3 database file.";
};
};
logLevel = mkOption {
log.level = mkOption {
type = types.str;
default = "info";
description = lib.mdDoc ''
@@ -197,25 +214,43 @@ in
example = "debug";
};
dns = {
log.format = mkOption {
type = types.str;
default = "text";
description = lib.mdDoc ''
headscale log format.
'';
example = "json";
};
dns_config = {
nameservers = mkOption {
type = types.listOf types.str;
default = [ "1.1.1.1" ];
default = ["1.1.1.1"];
description = lib.mdDoc ''
List of nameservers to pass to Tailscale clients.
'';
};
override_local_dns = mkOption {
type = types.bool;
default = false;
description = lib.mdDoc ''
Whether to use [Override local DNS](https://tailscale.com/kb/1054/dns/).
'';
example = true;
};
domains = mkOption {
type = types.listOf types.str;
default = [ ];
default = [];
description = lib.mdDoc ''
Search domains to inject to Tailscale clients.
'';
example = [ "mydomain.internal" ];
example = ["mydomain.internal"];
};
magicDns = mkOption {
magic_dns = mkOption {
type = types.bool;
default = true;
description = lib.mdDoc ''
@@ -225,7 +260,7 @@ in
example = false;
};
baseDomain = mkOption {
base_domain = mkOption {
type = types.str;
default = "";
description = lib.mdDoc ''
@@ -238,7 +273,7 @@ in
};
};
openIdConnect = {
oidc = {
issuer = mkOption {
type = types.str;
default = "";
@@ -248,7 +283,7 @@ in
example = "https://openid.example.com";
};
clientId = mkOption {
client_id = mkOption {
type = types.str;
default = "";
description = lib.mdDoc ''
@@ -256,7 +291,7 @@ in
'';
};
clientSecretFile = mkOption {
client_secret_file = mkOption {
type = types.nullOr types.path;
default = null;
description = lib.mdDoc ''
@@ -264,38 +299,37 @@ in
'';
};
domainMap = mkOption {
domain_map = mkOption {
type = types.attrsOf types.str;
default = { };
default = {};
description = lib.mdDoc ''
Domain map is used to map incoming users (by their email) to
Domain map is used to map incomming users (by their email) to
a namespace. The key can be a string, or regex.
'';
example = {
".*" = "default-namespace";
};
};
};
tls = {
letsencrypt = {
hostname = mkOption {
tls_letsencrypt_hostname = mkOption {
type = types.nullOr types.str;
default = "";
description = lib.mdDoc ''
Domain name to request a TLS certificate for.
'';
};
challengeType = mkOption {
type = types.enum [ "TLS-ALPN-01" "HTTP-01" ];
tls_letsencrypt_challenge_type = mkOption {
type = types.enum ["TLS-ALPN-01" "HTTP-01"];
default = "HTTP-01";
description = lib.mdDoc ''
Type of ACME challenge to use, currently supported types:
`HTTP-01` or `TLS-ALPN-01`.
'';
};
httpListen = mkOption {
tls_letsencrypt_listen = mkOption {
type = types.nullOr types.str;
default = ":http";
description = lib.mdDoc ''
@@ -304,111 +338,80 @@ in
`:http = port 80`.
'';
};
};
certFile = mkOption {
tls_cert_path = mkOption {
type = types.nullOr types.path;
default = null;
description = lib.mdDoc ''
Path to already created certificate.
'';
};
keyFile = mkOption {
tls_key_path = mkOption {
type = types.nullOr types.path;
default = null;
description = lib.mdDoc ''
Path to key for already created certificate.
'';
};
};
aclPolicyFile = mkOption {
acl_policy_path = mkOption {
type = types.nullOr types.path;
default = null;
description = lib.mdDoc ''
Path to a file containing ACL policies.
Path to a file containg ACL policies.
'';
};
settings = mkOption {
type = settingsFormat.type;
default = { };
description = lib.mdDoc ''
Overrides to {file}`config.yaml` as a Nix attribute set.
This option is ideal for overriding settings not exposed as Nix options.
Check the [example config](https://github.com/juanfont/headscale/blob/main/config-example.yaml)
for possible options.
'';
};
};
};
};
};
imports = [
# TODO address + port = listen_addr
(mkRenamedOptionModule ["services" "headscale" "serverUrl"] ["services" "headscale" "settings" "server_url"])
(mkRenamedOptionModule ["services" "headscale" "privateKeyFile"] ["services" "headscale" "settings" "private_key_path"])
(mkRenamedOptionModule ["services" "headscale" "derp" "urls"] ["services" "headscale" "settings" "derp" "urls"])
(mkRenamedOptionModule ["services" "headscale" "derp" "paths"] ["services" "headscale" "settings" "derp" "paths"])
(mkRenamedOptionModule ["services" "headscale" "derp" "autoUpdate"] ["services" "headscale" "settings" "derp" "auto_update_enable"])
(mkRenamedOptionModule ["services" "headscale" "derp" "updateFrequency"] ["services" "headscale" "settings" "derp" "update_frequency"])
(mkRenamedOptionModule ["services" "headscale" "ephemeralNodeInactivityTimeout"] ["services" "headscale" "settings" "ephemeral_node_inactivity_timeout"])
(mkRenamedOptionModule ["services" "headscale" "database" "type"] ["services" "headscale" "settings" "db_type"])
(mkRenamedOptionModule ["services" "headscale" "database" "path"] ["services" "headscale" "settings" "db_path"])
(mkRenamedOptionModule ["services" "headscale" "database" "host"] ["services" "headscale" "settings" "db_host"])
(mkRenamedOptionModule ["services" "headscale" "database" "port"] ["services" "headscale" "settings" "db_port"])
(mkRenamedOptionModule ["services" "headscale" "database" "name"] ["services" "headscale" "settings" "db_name"])
(mkRenamedOptionModule ["services" "headscale" "database" "user"] ["services" "headscale" "settings" "db_user"])
(mkRenamedOptionModule ["services" "headscale" "database" "passwordFile"] ["services" "headscale" "settings" "db_password_file"])
(mkRenamedOptionModule ["services" "headscale" "logLevel"] ["services" "headscale" "settings" "log" "level"])
(mkRenamedOptionModule ["services" "headscale" "dns" "nameservers"] ["services" "headscale" "settings" "dns_config" "nameservers"])
(mkRenamedOptionModule ["services" "headscale" "dns" "domains"] ["services" "headscale" "settings" "dns_config" "domains"])
(mkRenamedOptionModule ["services" "headscale" "dns" "magicDns"] ["services" "headscale" "settings" "dns_config" "magic_dns"])
(mkRenamedOptionModule ["services" "headscale" "dns" "baseDomain"] ["services" "headscale" "settings" "dns_config" "base_domain"])
(mkRenamedOptionModule ["services" "headscale" "openIdConnect" "issuer"] ["services" "headscale" "settings" "oidc" "issuer"])
(mkRenamedOptionModule ["services" "headscale" "openIdConnect" "clientId"] ["services" "headscale" "settings" "oidc" "client_id"])
(mkRenamedOptionModule ["services" "headscale" "openIdConnect" "clientSecretFile"] ["services" "headscale" "settings" "oidc" "client_secret_file"])
(mkRenamedOptionModule ["services" "headscale" "openIdConnect" "domainMap"] ["services" "headscale" "settings" "oidc" "domain_map"])
(mkRenamedOptionModule ["services" "headscale" "tls" "letsencrypt" "hostname"] ["services" "headscale" "settings" "tls_letsencrypt_hostname"])
(mkRenamedOptionModule ["services" "headscale" "tls" "letsencrypt" "challengeType"] ["services" "headscale" "settings" "tls_letsencrypt_challenge_type"])
(mkRenamedOptionModule ["services" "headscale" "tls" "letsencrypt" "httpListen"] ["services" "headscale" "settings" "tls_letsencrypt_listen"])
(mkRenamedOptionModule ["services" "headscale" "tls" "certFile"] ["services" "headscale" "settings" "tls_cert_path"])
(mkRenamedOptionModule ["services" "headscale" "tls" "keyFile"] ["services" "headscale" "settings" "tls_key_path"])
(mkRenamedOptionModule ["services" "headscale" "aclPolicyFile"] ["services" "headscale" "settings" "acl_policy_path"])
];
};
};
config = mkIf cfg.enable {
services.headscale.settings = {
server_url = mkDefault cfg.serverUrl;
listen_addr = mkDefault "${cfg.address}:${toString cfg.port}";
private_key_path = mkDefault cfg.privateKeyFile;
derp = {
urls = mkDefault cfg.derp.urls;
paths = mkDefault cfg.derp.paths;
auto_update_enable = mkDefault cfg.derp.autoUpdate;
update_frequency = mkDefault cfg.derp.updateFrequency;
};
# Turn off update checks since the origin of our package
# is nixpkgs and not Github.
disable_check_updates = true;
ephemeral_node_inactivity_timeout = mkDefault cfg.ephemeralNodeInactivityTimeout;
db_type = mkDefault cfg.database.type;
db_path = mkDefault cfg.database.path;
log_level = mkDefault cfg.logLevel;
dns_config = {
nameservers = mkDefault cfg.dns.nameservers;
domains = mkDefault cfg.dns.domains;
magic_dns = mkDefault cfg.dns.magicDns;
base_domain = mkDefault cfg.dns.baseDomain;
};
unix_socket = "${runDir}/headscale.sock";
# OpenID Connect
oidc = {
issuer = mkDefault cfg.openIdConnect.issuer;
client_id = mkDefault cfg.openIdConnect.clientId;
domain_map = mkDefault cfg.openIdConnect.domainMap;
};
tls_letsencrypt_cache_dir = "${dataDir}/.cache";
} // optionalAttrs (cfg.database.host != null) {
db_host = mkDefault cfg.database.host;
} // optionalAttrs (cfg.database.port != null) {
db_port = mkDefault cfg.database.port;
} // optionalAttrs (cfg.database.name != null) {
db_name = mkDefault cfg.database.name;
} // optionalAttrs (cfg.database.user != null) {
db_user = mkDefault cfg.database.user;
} // optionalAttrs (cfg.tls.letsencrypt.hostname != null) {
tls_letsencrypt_hostname = mkDefault cfg.tls.letsencrypt.hostname;
} // optionalAttrs (cfg.tls.letsencrypt.challengeType != null) {
tls_letsencrypt_challenge_type = mkDefault cfg.tls.letsencrypt.challengeType;
} // optionalAttrs (cfg.tls.letsencrypt.httpListen != null) {
tls_letsencrypt_listen = mkDefault cfg.tls.letsencrypt.httpListen;
} // optionalAttrs (cfg.tls.certFile != null) {
tls_cert_path = mkDefault cfg.tls.certFile;
} // optionalAttrs (cfg.tls.keyFile != null) {
tls_key_path = mkDefault cfg.tls.keyFile;
} // optionalAttrs (cfg.aclPolicyFile != null) {
acl_policy_path = mkDefault cfg.aclPolicyFile;
};
# Setup the headscale configuration in a known path in /etc to
@@ -416,7 +419,7 @@ in
# for communication.
environment.etc."headscale/config.yaml".source = configFile;
users.groups.headscale = mkIf (cfg.group == "headscale") { };
users.groups.headscale = mkIf (cfg.group == "headscale") {};
users.users.headscale = mkIf (cfg.user == "headscale") {
description = "headscale user";
@@ -427,28 +430,26 @@ in
systemd.services.headscale = {
description = "headscale coordination server for Tailscale";
after = [ "network-online.target" ];
wantedBy = [ "multi-user.target" ];
restartTriggers = [ configFile ];
after = ["network-online.target"];
wantedBy = ["multi-user.target"];
restartTriggers = [configFile];
environment.GIN_MODE = "release";
script = ''
${optionalString (cfg.database.passwordFile != null) ''
export HEADSCALE_DB_PASS="$(head -n1 ${escapeShellArg cfg.database.passwordFile})"
${optionalString (cfg.settings.db_password_file != null) ''
export HEADSCALE_DB_PASS="$(head -n1 ${escapeShellArg cfg.settings.db_password_file})"
''}
${optionalString (cfg.openIdConnect.clientSecretFile != null) ''
export HEADSCALE_OIDC_CLIENT_SECRET="$(head -n1 ${escapeShellArg cfg.openIdConnect.clientSecretFile})"
${optionalString (cfg.settings.oidc.client_secret_file != null) ''
export HEADSCALE_OIDC_CLIENT_SECRET="$(head -n1 ${escapeShellArg cfg.settings.oidc.client_secret_file})"
''}
exec ${cfg.package}/bin/headscale serve
'';
serviceConfig =
let
capabilityBoundingSet = [ "CAP_CHOWN" ] ++ optional (cfg.port < 1024) "CAP_NET_BIND_SERVICE";
in
{
serviceConfig = let
capabilityBoundingSet = ["CAP_CHOWN"] ++ optional (cfg.port < 1024) "CAP_NET_BIND_SERVICE";
in {
Restart = "always";
Type = "simple";
User = cfg.user;
@@ -485,12 +486,12 @@ in
NoNewPrivileges = true;
LockPersonality = true;
RestrictRealtime = true;
SystemCallFilter = [ "@system-service" "~@privileged" "@chown" ];
SystemCallFilter = ["@system-service" "~@privileged" "@chown"];
SystemCallArchitectures = "native";
RestrictAddressFamilies = "AF_INET AF_INET6 AF_UNIX";
};
};
};
meta.maintainers = with maintainers; [ kradalby ];
meta.maintainers = with maintainers; [kradalby misterio77];
}

1
nixos/tests/all-tests.nix
View File

@@ -257,6 +257,7 @@ in {
haste-server = handleTest ./haste-server.nix {};
haproxy = handleTest ./haproxy.nix {};
hardened = handleTest ./hardened.nix {};
headscale = handleTest ./headscale.nix {};
healthchecks = handleTest ./web-apps/healthchecks.nix {};
hbase2 = handleTest ./hbase.nix { package=pkgs.hbase2; };
hbase_2_4 = handleTest ./hbase.nix { package=pkgs.hbase_2_4; };

17
nixos/tests/headscale.nix Normal file
View File

@@ -0,0 +1,17 @@
import ./make-test-python.nix ({ pkgs, lib, ... }: {
name = "headscale";
meta.maintainers = with lib.maintainers; [ misterio77 ];
nodes.machine = { ... }: {
services.headscale.enable = true;
environment.systemPackages = [ pkgs.headscale ];
};
testScript = ''
machine.wait_for_unit("headscale")
machine.wait_for_open_port(8080)
# Test basic funcionality
machine.succeed("headscale namespaces create test")
machine.succeed("headscale preauthkeys -n test create")
'';
})

4
pkgs/applications/editors/vscode/extensions/default.nix
View File

@@ -1483,8 +1483,8 @@ let
mktplcRef = {
name = "latex-workshop";
publisher = "James-Yu";
version = "9.1.1";
sha256 = "sha256-Xt/z5r9R090Z9nP1v7k+jYm9EOcjy0GfYiYpc7jNid4=";
version = "9.2.0";
sha256 = "sha256-AAADJkMXsKvpEHBH8+TNM0x3CGEGVtf/b+tce297rkw=";
};
meta = with lib; {
changelog = "https://marketplace.visualstudio.com/items/James-Yu.latex-workshop/changelog";

6
pkgs/applications/misc/hugo/default.nix
View File

@@ -2,16 +2,16 @@
buildGoModule rec {
pname = "hugo";
version = "0.108.0";
version = "0.109.0";
src = fetchFromGitHub {
owner = "gohugoio";
repo = pname;
rev = "v${version}";
sha256 = "sha256-MbpBGqu7IwQCf9DjSfIDi25ZGJYTI6xxSk9wPWxychw=";
sha256 = "sha256-Eak4sU8UwzPQ5iuoNX+KrAJdZ6ZvBdDyJx4xeQI4sjY=";
};
vendorSha256 = "sha256-qFqSpQExz4u1ngjpt2Li6dk/qz4DCKEY9IcFFCna5is=";
vendorSha256 = "sha256-0m5flwvchExP1IDAuE/oTB2eUEbq5KCE8Zvzp5e7yZ8=";
doCheck = false;

11
pkgs/applications/misc/pdfpc/default.nix
View File

@@ -1,16 +1,16 @@
{ lib, stdenv, fetchFromGitHub, cmake, pkg-config, vala, gtk3, libgee
, poppler, libpthreadstubs, gstreamer, gst-plugins-base, gst-plugins-good, gst-libav, librsvg, pcre, gobject-introspection, wrapGAppsHook
, webkitgtk, discount, json-glib }:
, poppler, libpthreadstubs, gstreamer, gst-plugins-base, gst-plugins-good, gst-libav, gobject-introspection, wrapGAppsHook
, qrencode, webkitgtk, discount, json-glib }:
stdenv.mkDerivation rec {
pname = "pdfpc";
version = "4.5.0";
version = "4.6.0";
src = fetchFromGitHub {
repo = "pdfpc";
owner = "pdfpc";
rev = "v${version}";
sha256 = "0bmy51w6ypz927hxwp5g7wapqvzqmsi3w32rch6i3f94kg1152ck";
hash = "sha256-5HFmbVsNajMwo+lBe9kJcJyQGe61N6Oy2CI/WJwmSE4=";
};
nativeBuildInputs = [
@@ -22,11 +22,12 @@ stdenv.mkDerivation rec {
buildInputs = [
gtk3 libgee poppler
libpthreadstubs librsvg pcre
libpthreadstubs
gstreamer
gst-plugins-base
(gst-plugins-good.override { gtkSupport = true; })
gst-libav
qrencode
webkitgtk
discount
json-glib

8
pkgs/applications/networking/cluster/fluxcd/default.nix
View File

@@ -1,9 +1,9 @@
{ lib, buildGoModule, fetchFromGitHub, fetchzip, installShellFiles, stdenv }:
let
version = "0.38.1";
sha256 = "02np6g7q0v1mg10cvn2w8wsi0s7by810m5zb733jaf6lff9p7md8";
manifestsSha256 = "11amanvfah5mgys5zkdzif1sffsz2jkflb60c9sx4arxz3v138cq";
version = "0.38.2";
sha256 = "1fr3jg9j0hrnr55wh40d0lli593pid1vqnbgnw9wxqsv6677dh53";
manifestsSha256 = "1dmp7gdnwbg4jjc3dq1wp2jn3z3g6lm296b1nf24ndcfmjja58cz";
manifests = fetchzip {
url =
@@ -23,7 +23,7 @@ in buildGoModule rec {
inherit sha256;
};
vendorSha256 = "sha256-8/rFdflDK3Pc5dDqSFJghjmJWVZAHiC+/6SDSWYzfVI=";
vendorSha256 = "sha256-aPkuP6FVIkMAJi+wwNfgvxXi+PE1mMUXfxz44/R31KI=";
postUnpack = ''
cp -r ${manifests} source/cmd/flux/manifests

14
pkgs/applications/networking/instant-messengers/wire-desktop/default.nix
View File

@@ -23,13 +23,13 @@ let
pname = "wire-desktop";
version = {
x86_64-darwin = "3.29.4477";
x86_64-linux = "3.29.2997";
x86_64-darwin = "3.30.4506";
x86_64-linux = "3.30.3018";
}.${system} or throwSystem;
sha256 = {
x86_64-darwin = "19snbd53hjfcqgnz24r85a34fr120b1wps4pv4vymnkxjld2wifc";
x86_64-linux = "0f5kkp93za4yr6ywdgph8zr6ivrbxq2gbskl8jysxawk1pz92pqf";
hash = {
x86_64-darwin = "sha256-+htDeNIuucB4qzNBNYoSUH1DbfgouZS08G5hxPtIuzY=";
x86_64-linux = "sha256-46WjFA+E9M7RfTOM/Xoho+9ooToSgQiZaMlcZ3lJvBQ=";
}.${system} or throwSystem;
meta = with lib; {
@@ -66,7 +66,7 @@ let
src = fetchurl {
url = "https://wire-app.wire.com/linux/debian/pool/main/"
+ "Wire-${version}_amd64.deb";
inherit sha256;
inherit hash;
};
desktopItem = makeDesktopItem {
@@ -134,7 +134,7 @@ let
src = fetchurl {
url = "https://github.com/wireapp/wire-desktop/releases/download/"
+ "macos%2F${version}/Wire.pkg";
inherit sha256;
inherit hash;
};
buildInputs = [

4
pkgs/applications/networking/newsreaders/liferea/default.nix
View File

@@ -24,11 +24,11 @@
stdenv.mkDerivation rec {
pname = "liferea";
version = "1.14-RC2";
version = "1.14-RC3";
src = fetchurl {
url = "https://github.com/lwindolf/${pname}/releases/download/v${version}/${pname}-${version}.tar.bz2";
sha256 = "UTK82s+7bzL+SyT40qDsqX8KTkITTpWtR/0VY/+OpcA=";
sha256 = "28xEGjzOKdrTlGF4OBEoDue9VVLrbiVgnoTKICfDp4M=";
};
nativeBuildInputs = [

6
pkgs/applications/networking/warp/default.nix
View File

@@ -17,14 +17,14 @@
stdenv.mkDerivation rec {
pname = "warp";
version = "0.3.1";
version = "0.3.2";
src = fetchFromGitLab {
domain = "gitlab.gnome.org";
owner = "World";
repo = pname;
rev = "v${version}";
hash = "sha256-0zjtaF0RwI7Sj2D5vRaiBJI+Bp/F17VO9ywMRqZyqxI=";
hash = "sha256-oKkZC9fi5xPnLTI00MnG2gMjzMZHMNFI77ztbR4KQo4=";
};
postPatch = ''
@@ -34,7 +34,7 @@ stdenv.mkDerivation rec {
cargoDeps = rustPlatform.fetchCargoTarball {
inherit src;
name = "${pname}-${version}";
hash = "sha256-HotArxXfmT6Gw6ZZZQ4X6bTx0EFb6vZLbXxhddmGID8=";
hash = "sha256-sbyAyjxpol2SBxoLUsiPGfkP2diBPgJW0vEDHYWgmLU=";
};
nativeBuildInputs = [

5
pkgs/applications/terminal-emulators/terminator/default.nix
View File

@@ -14,13 +14,13 @@
python3.pkgs.buildPythonApplication rec {
pname = "terminator";
version = "2.1.1";
version = "2.1.2";
src = fetchFromGitHub {
owner = "gnome-terminator";
repo = "terminator";
rev = "v${version}";
sha256 = "1pfrzna30xv9yri6dsny1j5k35417m4hsg97c455vssywyl9w4jr";
hash = "sha256-dN9+6VGIdIyY52nm2BMONeb+WV7UGL68frjnHRxRzTU=";
};
nativeBuildInputs = [
@@ -70,6 +70,7 @@ python3.pkgs.buildPythonApplication rec {
quadkonsole, etc. in that the main focus is arranging terminals in grids
(tabs is the most common default method, which Terminator also supports).
'';
changelog = "https://github.com/gnome-terminator/terminator/releases/tag/v${version}";
homepage = "https://github.com/gnome-terminator/terminator";
license = licenses.gpl2;
maintainers = with maintainers; [ bjornfor ];

12
pkgs/applications/version-management/gitflow/default.nix
View File

@@ -1,6 +1,4 @@
{ pkgs, lib, stdenv, fetchFromGitHub }:
with pkgs.lib;
{ lib, stdenv, fetchFromGitHub, makeWrapper, getopt, git, coreutils }:
stdenv.mkDerivation rec {
pname = "gitflow";
@@ -13,7 +11,7 @@ stdenv.mkDerivation rec {
sha256 = "sha256-kHirHG/bfsU6tKyQ0khNSTyChhzHfzib+HyA3LOtBI8=";
};
nativeBuildInputs = [ pkgs.makeWrapper ];
nativeBuildInputs = [ makeWrapper ];
preBuild = ''
makeFlagsArray+=(prefix="$out")
@@ -21,9 +19,9 @@ stdenv.mkDerivation rec {
postInstall = ''
wrapProgram $out/bin/git-flow \
--set FLAGS_GETOPT_CMD ${pkgs.getopt}/bin/getopt \
--suffix PATH : ${pkgs.git}/bin \
--prefix PATH : ${pkgs.coreutils}/bin
--set FLAGS_GETOPT_CMD ${getopt}/bin/getopt \
--suffix PATH : ${git}/bin \
--prefix PATH : ${coreutils}/bin
'';
meta = with lib; {

8
pkgs/build-support/docker/default.nix
View File

@@ -486,7 +486,7 @@ rec {
inherit (stream) imageName;
passthru = { inherit (stream) imageTag; };
nativeBuildInputs = [ pigz ];
} "${stream} | pigz -nT > $out";
} "${stream} | pigz -nTR > $out";
# 1. extract the base image
# 2. create the layer
@@ -735,7 +735,7 @@ rec {
chmod -R a-w image
echo "Cooking the image..."
tar -C image --hard-dereference --sort=name --mtime="@$SOURCE_DATE_EPOCH" --owner=0 --group=0 --xform s:'^./':: -c . | pigz -nT > $out
tar -C image --hard-dereference --sort=name --mtime="@$SOURCE_DATE_EPOCH" --owner=0 --group=0 --xform s:'^./':: -c . | pigz -nTR > $out
echo "Finished."
'';
@@ -775,7 +775,7 @@ rec {
mv repositories image/repositories
mv manifest.json image/manifest.json
# Create tarball and gzip
tar -C image --hard-dereference --sort=name --mtime="@$SOURCE_DATE_EPOCH" --owner=0 --group=0 --xform s:'^./':: -c . | pigz -nT > $out
tar -C image --hard-dereference --sort=name --mtime="@$SOURCE_DATE_EPOCH" --owner=0 --group=0 --xform s:'^./':: -c . | pigz -nTR > $out
'';
@@ -1220,5 +1220,5 @@ rec {
inherit (stream) imageName;
passthru = { inherit (stream) imageTag; };
nativeBuildInputs = [ pigz ];
} "${stream} | pigz -nT > $out";
} "${stream} | pigz -nTR > $out";
}

2
pkgs/build-support/node/build-npm-package/hooks/default.nix
View File

@@ -26,7 +26,7 @@
npmInstallHook = makeSetupHook
{
name = "npm-install-hook";
deps = [ makeWrapper ];
deps = [ buildPackages.makeWrapper ];
substitutions = {
hostNode = "${nodejs}/bin/node";
jq = "${buildPackages.jq}/bin/jq";

3
pkgs/development/beam-modules/default.nix
View File

@@ -1,6 +1,7 @@
{ lib, pkgs, erlang }:
{ lib, __splicedPackages, erlang }:
let
pkgs = __splicedPackages;
inherit (lib) makeExtensible;
lib' = pkgs.callPackage ./lib.nix { };

5
pkgs/development/beam-modules/lib.nix
View File

@@ -1,5 +1,8 @@
{ pkgs, lib }:
{ __splicedPackages, lib }:
let
pkgs = __splicedPackages;
in
rec {
/* Similar to callPackageWith/callPackage, but without makeOverridable

4
pkgs/development/libraries/gtk/4.x.nix
View File

@@ -63,7 +63,7 @@ in
stdenv.mkDerivation rec {
pname = "gtk4";
version = "4.8.2";
version = "4.8.3";
outputs = [ "out" "dev" ] ++ lib.optionals x11Support [ "devdoc" ];
outputBin = "dev";
@@ -75,7 +75,7 @@ stdenv.mkDerivation rec {
src = fetchurl {
url = "mirror://gnome/sources/gtk/${lib.versions.majorMinor version}/gtk-${version}.tar.xz";
sha256 = "hbehYLbgLq+k59OPBG+HIPq1N9P+c8AchkMzqYOmkqk=";
sha256 = "s2L5aNCFtNPZNA1NOMcGN33tnVN05pSitrfmKS48unQ=";
};
depsBuildBuild = [

4
pkgs/development/libraries/icu/63.nix
View File

@@ -1,4 +1,4 @@
{ stdenv, lib, fetchurl, fetchpatch, fixDarwinDylibNames, nativeBuildRoot }:
{ stdenv, lib, fetchurl, fetchpatch, fixDarwinDylibNames, nativeBuildRoot, buildRootOnly ? false }:
import ./base.nix {
version = "63.1";
@@ -11,4 +11,4 @@ import ./base.nix {
})
];
patchFlags = [ "-p3" ];
} { inherit stdenv lib fetchurl fixDarwinDylibNames nativeBuildRoot; }
} { inherit stdenv lib fetchurl fixDarwinDylibNames nativeBuildRoot buildRootOnly; }

48
pkgs/development/python-modules/beancount-black/default.nix Normal file
View File

@@ -0,0 +1,48 @@
{ lib
, fetchFromGitHub
, buildPythonPackage
, pythonOlder
, beancount-parser
, click
, poetry-core
, pytestCheckHook
}:
buildPythonPackage rec {
pname = "beancount-black";
version = "0.1.13";
disabled = pythonOlder "3.9";
format = "pyproject";
src = fetchFromGitHub {
owner = "LaunchPlatform";
repo = "beancount-black";
rev = version;
sha256 = "sha256-jhcPR+5+e8d9cbcXC//xuBwmZ14xtXNlYtmH5yNSU0E=";
};
buildInputs = [
poetry-core
];
propagatedBuildInputs = [
beancount-parser
click
];
checkInputs = [
pytestCheckHook
];
pythonImportsCheck = [
"beancount_black"
];
meta = with lib; {
description = "Opinioned code formatter for Beancount";
homepage = "https://github.com/LaunchPlatform/beancount-black/";
license = with licenses; [ mit ];
maintainers = with maintainers; [ ambroisie ];
};
}

46
pkgs/development/python-modules/beancount-parser/default.nix Normal file
View File

@@ -0,0 +1,46 @@
{ lib
, fetchFromGitHub
, buildPythonPackage
, pythonOlder
, lark
, poetry-core
, pytestCheckHook
}:
buildPythonPackage rec {
pname = "beancount-parser";
version = "0.1.21";
disabled = pythonOlder "3.9";
format = "pyproject";
src = fetchFromGitHub {
owner = "LaunchPlatform";
repo = "beancount-parser";
rev = version;
sha256 = "sha256-0uhH75OEjC9iA0XD0VX7CGoRIP/hpM4y+53JnyXgZpA=";
};
buildInputs = [
poetry-core
];
propagatedBuildInputs = [
lark
];
checkInputs = [
pytestCheckHook
];
pythonImportsCheck = [
"beancount_parser"
];
meta = with lib; {
description = "Standalone Lark based Beancount syntax parser";
homepage = "https://github.com/LaunchPlatform/beancount-parser/";
license = with licenses; [ mit ];
maintainers = with maintainers; [ ambroisie ];
};
}

16
pkgs/development/tools/analysis/radare2/default.nix
View File

@@ -30,7 +30,7 @@
let
# FIXME: Compare revision with
# https://github.com/radareorg/radare2/blob/master/libr/asm/arch/arm/v35arm64/Makefile#L26-L27
# https://github.com/radareorg/radare2/blob/master/libr/arch/p/arm/v35arm64/Makefile#L26-L27
arm64 = fetchFromGitHub {
owner = "radareorg";
repo = "vector35-arch-arm64";
@@ -47,21 +47,23 @@ let
in
stdenv.mkDerivation rec {
pname = "radare2";
version = "5.7.8";
version = "5.8.0";
src = fetchFromGitHub {
owner = "radare";
repo = "radare2";
rev = version;
hash = "sha256-+/9SeILuDCUaYwPhhN6z3vQFicd1Bh8N/yicZTybR5o=";
hash = "sha256-9bDwtMNru7tG0L735y+Vrcg7Htk/TV9SVZn7WP4Ap4c=";
};
preBuild = ''
cp -r ${arm64} ../libr/asm/arch/arm/v35arm64/arch-arm64
chmod -R +w ../libr/asm/arch/arm/v35arm64/arch-arm64
pushd ../libr/arch/p/arm/v35arm64
cp -r ${arm64} arch-arm64
chmod -R +w arch-arm64
cp -r ${armv7} ../libr/asm/arch/arm/v35arm64/arch-armv7
chmod -R +w ../libr/asm/arch/arm/v35arm64/arch-armv7
cp -r ${armv7} arch-armv7
chmod -R +w arch-armv7
popd
'';
postFixup = lib.optionalString stdenv.isDarwin ''

6
pkgs/development/tools/ruff/default.nix
View File

@@ -7,16 +7,16 @@
rustPlatform.buildRustPackage rec {
pname = "ruff";
version = "0.0.191";
version = "0.0.192";
src = fetchFromGitHub {
owner = "charliermarsh";
repo = pname;
rev = "v${version}";
sha256 = "sha256-tjiXVxUXZvWzEDp/HjzOmMP159nLqGMCxejKITckZXQ=";
sha256 = "sha256-EhivXOuXeq+x7fozMdof4Sh9jFXYLqyVK4ysWzUbM4s=";
};
cargoSha256 = "sha256-fCcXi1ebMiNrvyqE7dS5euUgNWQ8NkywxzDkJ29kTcI=";
cargoSha256 = "sha256-7EoYQ0WvlVp1Cbg/1kkMX0SoC3Ae6lDdwHju0CyFkAg=";
buildInputs = lib.optionals stdenv.isDarwin [
darwin.apple_sdk.frameworks.CoreServices

6
pkgs/development/tools/rust/rust-analyzer/default.nix
View File

@@ -12,14 +12,14 @@
rustPlatform.buildRustPackage rec {
pname = "rust-analyzer-unwrapped";
version = "2022-12-12";
cargoSha256 = "sha256-YTakd4qRwXUoxzFWXCj8l9nA3wjJtfVmKbhX9XlaEbE=";
version = "2022-12-19";
cargoSha256 = "sha256-/Ep/YELl1eA6HzZ/a7pi2a1XSlYB36VZJJPLZKnx4J0=";
src = fetchFromGitHub {
owner = "rust-lang";
repo = "rust-analyzer";
rev = version;
sha256 = "sha256-QLKX/JhK+jRE61teK+Cr4f2KuAzgYuawStxOgJymqRg=";
sha256 = "sha256-sGZNmkUwHt7FmuwDyYjnTAyo8ZMkH9iOdCOyU+2Vcos=";
};
cargoBuildFlags = [ "--bin" "rust-analyzer" "--bin" "rust-analyzer-proc-macro-srv" ];

6
pkgs/os-specific/linux/nftables/default.nix
View File

@@ -9,12 +9,12 @@
}:
stdenv.mkDerivation rec {
version = "1.0.5";
version = "1.0.6";
pname = "nftables";
src = fetchurl {
url = "https://netfilter.org/projects/nftables/files/${pname}-${version}.tar.bz2";
hash = "sha256-jRtLGDk69DaY0QuqJdK5tjl5ab7srHgWw13QcU5N5Qo=";
url = "https://netfilter.org/projects/nftables/files/${pname}-${version}.tar.xz";
hash = "sha256-JAdDDd2CmHZw5I3C/anigLqoMHq+wEqxjWCd89sAXkw=";
};
nativeBuildInputs = [

6
pkgs/servers/bloat/default.nix
View File

@@ -6,12 +6,12 @@
buildGoModule {
pname = "bloat";
version = "unstable-2022-10-25";
version = "unstable-2022-12-17";
src = fetchgit {
url = "git://git.freesoftwareextremist.com/bloat";
rev = "887ed241d64ba5db3fd3d87194fb5595e5ad7d73";
sha256 = "sha256-2G7DcK21GBICdQYWRTTMzHmkrgstrEelVlLcYgKlUGM=";
rev = "5147897c6c8ba3428ea6998f77241182ee8caa24";
sha256 = "sha256-/sSRzAAWO/KtXOD3lQsqaXc+lOuN7MJqbfASueLYBQk=";
};
vendorSha256 = null;

23
pkgs/servers/headscale/default.nix
View File

@@ -1,21 +1,28 @@
{ lib, buildGoModule, fetchFromGitHub, installShellFiles }:
{
lib,
buildGoModule,
fetchFromGitHub,
installShellFiles,
}:
buildGoModule rec {
pname = "headscale";
version = "0.16.4";
version = "0.17.1";
src = fetchFromGitHub {
owner = "juanfont";
repo = "headscale";
rev = "v${version}";
sha256 = "sha256-j5fbWxRMkYlsgL1QDEDlitKB3FOmDTy17FcuztALISw=";
sha256 = "sha256-/NJUtmH67VZERCvExcX4W4T9Rcixc5m28ujNcrQduWg=";
};
vendorSha256 = "sha256-RzmnAh81BN4tbzAGzJbb6CMuws8kuPJDw7aPkRRnSS8=";
vendorSha256 = "sha256-Y1IK9Tx2sv0v27ZYtSxDP9keHQ7skctDOa+37pNGEC8=";
ldflags = [ "-s" "-w" "-X github.com/juanfont/headscale/cmd/headscale/cli.Version=v${version}" ];
ldflags = ["-s" "-w" "-X github.com/juanfont/headscale/cmd/headscale/cli.Version=v${version}"];
nativeBuildInputs = [ installShellFiles ];
nativeBuildInputs = [installShellFiles];
checkFlags = ["-short"];
tags = ["ts2019"];
postInstall = ''
installShellCompletion --cmd headscale \
@@ -44,6 +51,6 @@ buildGoModule rec {
Headscale implements this coordination server.
'';
license = licenses.bsd3;
maintainers = with maintainers; [ nkje jk kradalby ];
maintainers = with maintainers; [nkje jk kradalby misterio77 ghuntley];
};
}

51
pkgs/servers/minio/legacy_fs.nix Normal file
View File

@@ -0,0 +1,51 @@
{ lib, buildGoModule, fetchFromGitHub, nixosTests }:
let
# The web client verifies, that the server version is a valid datetime string:
# https://github.com/minio/minio/blob/3a0e7347cad25c60b2e51ff3194588b34d9e424c/browser/app/js/web.js#L51-L53
#
# Example:
# versionToTimestamp "2021-04-22T15-44-28Z"
# => "2021-04-22T15:44:28Z"
versionToTimestamp = version:
let
splitTS = builtins.elemAt (builtins.split "(.*)(T.*)" version) 1;
in
builtins.concatStringsSep "" [ (builtins.elemAt splitTS 0) (builtins.replaceStrings [ "-" ] [ ":" ] (builtins.elemAt splitTS 1)) ];
in
buildGoModule rec {
pname = "minio";
version = "2022-10-24T18-35-07Z";
src = fetchFromGitHub {
owner = "minio";
repo = "minio";
rev = "RELEASE.${version}";
sha256 = "sha256-sABNzhyfBNU5pWyE/VWHUzuSyKsx0glj01ectJPakV8=";
};
vendorSha256 = "sha256-wB3UiuptT6D0CIUlHC1d5k0rjIxNeh5yAWOmYpyLGmA=";
doCheck = false;
subPackages = [ "." ];
CGO_ENABLED = 0;
tags = [ "kqueue" ];
ldflags = let t = "github.com/minio/minio/cmd"; in [
"-s" "-w" "-X ${t}.Version=${versionToTimestamp version}" "-X ${t}.ReleaseTag=RELEASE.${version}" "-X ${t}.CommitID=${src.rev}"
];
passthru.tests.minio = nixosTests.minio;
meta = with lib; {
homepage = "https://www.minio.io/";
description = "An S3-compatible object storage server";
changelog = "https://github.com/minio/minio/releases/tag/RELEASE.${version}";
maintainers = with maintainers; [ eelco bachp ];
platforms = platforms.unix;
license = licenses.agpl3Plus;
};
}

8
pkgs/servers/monitoring/grafana-agent/default.nix
View File

@@ -2,16 +2,16 @@
buildGoModule rec {
pname = "grafana-agent";
version = "0.29.0";
version = "0.30.1";
src = fetchFromGitHub {
rev = "v${version}";
owner = "grafana";
repo = "agent";
sha256 = "sha256-6CnYoUECT6vcQw2v7GLRzOtlL4tKKpz4VADuz9MxseM=";
sha256 = "sha256-QunB14B3HRzB5UL5OZaFsm4WGIOMnByYKblTogVOeHE=";
};
vendorSha256 = "sha256-FSxkldMYMmyjVv6UYeZlceygkfKFzZK2udeUNBbpYnc=";
vendorSha256 = "sha256-Cl3oygH1RPF+ZdJvkDmr7eyU5daxaZwNE8pQOHK/qP4=";
ldflags = let
prefix = "github.com/grafana/agent/pkg/build";
@@ -27,8 +27,8 @@ buildGoModule rec {
tags = [
"nonetwork"
"noebpf"
"nodocker"
"promtail_journal_enabled"
];
subPackages = [

4
pkgs/tools/misc/cloc/default.nix
View File

@@ -2,13 +2,13 @@
stdenv.mkDerivation rec {
pname = "cloc";
version = "1.94";
version = "1.96";
src = fetchFromGitHub {
owner = "AlDanial";
repo = "cloc";
rev = "v${version}";
sha256 = "sha256-m0pTShkwaX77IY1y9pWQnp6AVklYxg3L2JMiE/KfUyA=";
sha256 = "sha256-20vL+SX8Tbp6QxErDn76c6sLWnB1IJwHlQX4YAvj+Eg=";
};
setSourceRoot = ''

6
pkgs/tools/security/gopass/default.nix
View File

@@ -13,7 +13,7 @@
buildGoModule rec {
pname = "gopass";
version = "1.15.0";
version = "1.15.2";
nativeBuildInputs = [ installShellFiles makeWrapper ];
@@ -21,10 +21,10 @@ buildGoModule rec {
owner = "gopasspw";
repo = pname;
rev = "v${version}";
hash = "sha256-1nf8nzSOI22z/lvhS8Urq6B6OUMcFFrPZoHIbRINz4c=";
hash = "sha256-UvHLbbV75mrWDmlsM382gBhgOpgf5k9NmAQtVbePD04=";
};
vendorHash = "sha256-1ILZtvgwn60NIaOy7zRcYA/PFrnLSb7ykAUd/WrGYtQ=";
vendorHash = "sha256-2YycEsEsvBKb30LkQx38Rm3nxq5q6KN0Pb1FBXco0PU=";
subPackages = [ "." ];

6
pkgs/tools/security/gopass/git-credential.nix
View File

@@ -7,16 +7,16 @@
buildGoModule rec {
pname = "git-credential-gopass";
version = "1.15.0";
version = "1.15.2";
src = fetchFromGitHub {
owner = "gopasspw";
repo = pname;
rev = "v${version}";
hash = "sha256-o1kkS8JlPFIiwm3nQLMuERcb4NC3v8FIG0kYGrGzkbA=";
hash = "sha256-HuqN/hl4weUr/PLyCE9dyrXADPHJW2XryQWWCMwgJ8k=";
};
vendorHash = "sha256-KPCmYNSMa8F9xtStEyN5xho2/OF1ZqVFmLexHV3wJzM=";
vendorHash = "sha256-1pQ+f+m+cff6M0sfydaqGyvXqS6lyi9mfi9Pl4tynhU=";
subPackages = [ "." ];

6
pkgs/tools/security/gopass/hibp.nix
View File

@@ -7,16 +7,16 @@
buildGoModule rec {
pname = "gopass-hibp";
version = "1.15.0";
version = "1.15.2";
src = fetchFromGitHub {
owner = "gopasspw";
repo = pname;
rev = "v${version}";
hash = "sha256-VBi4Lk1lQb/p2iyY2EbRuizNATu/MJ/PErfUT53enrE=";
hash = "sha256-2F1OqVxXrQpwg2M1o8gQzczXI2JKVFCA1K6kGUc+e5U=";
};
vendorHash = "sha256-PRSl1JkEb4yuQWeNAfkr8Iq2cYMVngUl9nLXEkHd7GU=";
vendorHash = "sha256-3KYEn4+YI5KwAlfokUF5hU801xylWVtmJwocVl6QfhM=";
subPackages = [ "." ];

6
pkgs/tools/security/gopass/jsonapi.nix
View File

@@ -8,16 +8,16 @@
buildGoModule rec {
pname = "gopass-jsonapi";
version = "1.15.0";
version = "1.15.2";
src = fetchFromGitHub {
owner = "gopasspw";
repo = pname;
rev = "v${version}";
hash = "sha256-0pCk82na0lWEaRlHhf/Q2BC3K2/sLBHZzKvCN86TMMI=";
hash = "sha256-Y1Ol46/7uct7Xap1mV/sqG82khlylVvk5Hsvj6d9eLU=";
};
vendorHash = "sha256-fuazCxWJAnxUsxakN2VT9DWNwRO/s89G1sJXk48uO34=";
vendorHash = "sha256-dk6bdJkl9PKBbCjEL1IUHp0EmTZ3ZFVbmnluKVWZ1P4=";
subPackages = [ "." ];

6
pkgs/tools/security/gopass/summon.nix
View File

@@ -7,16 +7,16 @@
buildGoModule rec {
pname = "gopass-summon-provider";
version = "1.15.0";
version = "1.15.2";
src = fetchFromGitHub {
owner = "gopasspw";
repo = pname;
rev = "v${version}";
hash = "sha256-cF9nwFmBpK/Q3ZIkYos8PSQJmRAnqXCrVcfb72TXpdE=";
hash = "sha256-tcRdb6zkFO/fhCm9YE7qDPYROuOrsN2BeeX+TtTnaHc=";
};
vendorHash = "sha256-KPCmYNSMa8F9xtStEyN5xho2/OF1ZqVFmLexHV3wJzM=";
vendorHash = "sha256-1pQ+f+m+cff6M0sfydaqGyvXqS6lyi9mfi9Pl4tynhU=";
subPackages = [ "." ];

11
pkgs/tools/security/iaito/default.nix
View File

@@ -13,21 +13,21 @@
stdenv.mkDerivation rec {
pname = "iaito";
version = "5.7.8";
version = "5.8.0";
srcs = [
(fetchFromGitHub rec {
owner = "radareorg";
repo = "iaito";
rev = version;
hash = "sha256-c36WLpVUnffeY6cXSEHvguo8BHyxaLAluN9hBKsQc0s=";
hash = "sha256-LqJu30Bp+JgB+y3MDyPVuFmEoXTpfA7K2pxv1ZCABx0=";
name = repo;
})
(fetchFromGitHub rec {
owner = "radareorg";
repo = "iaito-translations";
rev = "ab923335409fa298c39f0014588d78d926c6f3a2";
hash = "sha256-qkIC67a6YRwOa2Sr16Vg6If1TmAiSKUV7hw13Wxwl/w=";
rev = "e66b3a962a7fc7dfd730764180011ecffbb206bf";
hash = "sha256-6NRTZ/ydypsB5TwbivvwOH9TEMAff/LH69hCXTvMPp8=";
name = repo;
})
];
@@ -56,6 +56,9 @@ stdenv.mkDerivation rec {
radare2
];
# the radare2 binary package seems to not install all necessary headers.
NIX_CFLAGS_COMPILE = [ "-I" "${radare2.src}/shlr/sdb/include/sdb" ];
postBuild = ''
pushd ../../../iaito-translations
make build PREFIX=$out

8
pkgs/top-level/all-packages.nix
View File

@@ -973,7 +973,8 @@ with pkgs;
makeShellWrapper = makeSetupHook
{ deps = [ dieHook ];
substitutions = {
shell = targetPackages.runtimeShell;
# targetPackages.runtimeShell only exists when pkgs == targetPackages (when targetPackages is not __raw)
shell = if targetPackages ? runtimeShell then targetPackages.runtimeShell else throw "makeWrapper/makeShellWrapper must be in nativeBuildInputs";
};
passthru = {
tests = tests.makeWrapper;
@@ -24129,6 +24130,9 @@ with pkgs;
micronaut = callPackage ../development/tools/micronaut {};
minio = callPackage ../servers/minio { };
# Keep around to allow people to migrate their data from the old legacy fs format
# https://github.com/minio/minio/releases/tag/RELEASE.2022-10-29T06-21-33Z
minio_legacy_fs = callPackage ../servers/minio/legacy_fs.nix { };
mkchromecast = libsForQt5.callPackage ../applications/networking/mkchromecast { };
@@ -33970,6 +33974,8 @@ with pkgs;
beancount = with python3.pkgs; toPythonApplication beancount;
beancount-black = with python3.pkgs; toPythonApplication beancount-black;
beancount-language-server = callPackage ../development/tools/beancount-language-server {};
bean-add = callPackage ../applications/office/beancount/bean-add.nix { };

4
pkgs/top-level/python-packages.nix
View File

@@ -1188,6 +1188,10 @@ self: super: with self; {
beancount = callPackage ../development/python-modules/beancount { };
beancount-black = callPackage ../development/python-modules/beancount-black { };
beancount-parser = callPackage ../development/python-modules/beancount-parser { };
beancount_docverif = callPackage ../development/python-modules/beancount_docverif { };
beanstalkc = callPackage ../development/python-modules/beanstalkc { };