gador/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge eaa9fd315f into haskell-updates

Browse Source
This commit is contained in:
nixpkgs-ci[bot]
2025-07-30 00:23:55 +00:00
committed by GitHub
parent 44ee819487 eaa9fd315f
commit 73a4a6ac53
179 changed files with 2471 additions and 2215 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
.mailmap
View File

@@ -18,6 +18,7 @@ Jörg Thalheim <joerg@thalheim.io> <Mic92@users.noreply.github.com>
Lin Jian <me@linj.tech> <linj.dev@outlook.com>
Lin Jian <me@linj.tech> <75130626+jian-lin@users.noreply.github.com>
Martin Weinelt <hexa@darmstadt.ccc.de> <mweinelt@users.noreply.github.com>
Martin Häcker <spamfaenger@gmx.de> <spamfaenger@gmx.de>
moni <lythe1107@gmail.com> <lythe1107@icloud.com>
R. RyanTM <ryantm-bot@ryantm.com>
Robert Hensing <robert@roberthensing.nl> <roberth@users.noreply.github.com>

2
doc/release-notes/rl-2511.section.md
View File

@@ -60,6 +60,8 @@
- `go-mockery` has been updated to v3. For migration instructions see the [upstream documentation](https://vektra.github.io/mockery/latest/v3/). If v2 is still required `go-mockery_v2` has been added but will be removed on or before 2029-12-31 in-line with it's [upstream support lifecycle](https://vektra.github.io/mockery/
- NixOS display manager modules now strictly use tty1, where many of them previously used tty7. Options to configure display managers' VT have been dropped. A configuration with a display manager enabled will not start `getty@tty1.service`, even if the system is forced to boot into `multi-user.target` instead of `graphical.target`.
## Other Notable Changes {#sec-nixpkgs-release-25.11-notable-changes}
<!-- To avoid merge conflicts, consider adding your item at an arbitrary place in the list instead. -->

1
maintainers/team-list.nix
View File

@@ -1230,6 +1230,7 @@ with lib.maintainers;
arianvp
elvishjerricco
aanderse
grimmauld
];
githubTeams = [ "systemd" ];
scope = "Maintain systemd for NixOS.";

4
nixos/doc/manual/release-notes/rl-2511.section.md
View File

@@ -23,6 +23,8 @@
- [Fediwall](https://fediwall.social), a web application for live displaying toots from mastodon, inspired by mastowall. Available as [services.fediwall](#opt-services.fediwall.enable).
- [umami](https://github.com/umami-software/umami), a simple, fast, privacy-focused alternative to Google Analytics. Available with [services.umami](#opt-services.umami.enable).
- [FileBrowser](https://filebrowser.org/), a web application for managing and sharing files. Available as [services.filebrowser](#opt-services.filebrowser.enable).
- Options under [networking.getaddrinfo](#opt-networking.getaddrinfo.enable) are now allowed to declaratively configure address selection and sorting behavior of `getaddrinfo` in dual-stack networks.
@@ -40,6 +42,8 @@
- [Chhoto URL](https://github.com/SinTan1729/chhoto-url), a simple, blazingly fast, selfhosted URL shortener with no unnecessary features, written in Rust. Available as [services.chhoto-url](#opt-services.chhoto-url.enable).
- [go-httpbin](https://github.com/mccutchen/go-httpbin), a reasonably complete and well-tested golang port of httpbin, with zero dependencies outside the go stdlib. Available as [services.go-httpbin](#opt-services.go-httpbin.enable).
- [tuwunel](https://matrix-construct.github.io/tuwunel/), a federated chat server implementing the Matrix protocol, forked from Conduwuit. Available as [services.matrix-tuwunel](#opt-services.matrix-tuwunel.enable).
- [Broadcast Box](https://github.com/Glimesh/broadcast-box), a WebRTC broadcast server. Available as [services.broadcast-box](options.html#opt-services.broadcast-box.enable).

3
nixos/lib/systemd-lib.nix
View File

@@ -526,9 +526,6 @@ rec {
ln -s ${cfg.ctrlAltDelUnit} $out/ctrl-alt-del.target
ln -s rescue.target $out/kbrequest.target
mkdir -p $out/getty.target.wants/
ln -s ../autovt@tty1.service $out/getty.target.wants/
ln -s ../remote-fs.target $out/multi-user.target.wants/
''}
''; # */

2
nixos/modules/module-list.nix
View File

@@ -1575,6 +1575,7 @@
./services/web-apps/gerrit.nix
./services/web-apps/glance.nix
./services/web-apps/glitchtip.nix
./services/web-apps/go-httpbin.nix
./services/web-apps/goatcounter.nix
./services/web-apps/gotify-server.nix
./services/web-apps/gotosocial.nix
@@ -1689,6 +1690,7 @@
./services/web-apps/szurubooru.nix
./services/web-apps/trilium.nix
./services/web-apps/tt-rss.nix
./services/web-apps/umami.nix
./services/web-apps/vikunja.nix
./services/web-apps/wakapi.nix
./services/web-apps/weblate.nix

2
nixos/modules/security/sudo.nix
View File

@@ -192,7 +192,7 @@ in
"NOINTERCEPT"
]);
description = ''
Options for running the command. Refer to the [sudo manual](https://www.sudo.ws/docs/man/1.9.15/sudoers.man/#Tag_Spec).
Options for running the command. Refer to the [sudo manual](https://www.sudo.ws/docs/man/1.9.17/sudoers.man/#Tag_Spec).
'';
default = [ ];
};

10
nixos/modules/services/display-managers/default.nix
View File

@@ -267,12 +267,22 @@ in
in
lib.mkIf noDmUsed (lib.mkDefault false);
# We can't just rely on 'Conflicts=autovt@tty1.service' because
# 'switch-to-configuration switch' will start 'autovt@tty1.service'
# and kill us.
systemd.services."autovt@tty1".enable =
lib.mkIf config.systemd.services.display-manager.enable false;
systemd.services.display-manager = {
description = "Display Manager";
after = [
"acpid.service"
"systemd-logind.service"
"systemd-user-sessions.service"
"autovt@tty1.service"
];
conflicts = [
"autovt@tty1.service"
];
restartIfChanged = false;

3
nixos/modules/services/display-managers/gdm.nix
View File

@@ -190,7 +190,6 @@ in
users.groups.gdm.gid = config.ids.gids.gdm;
# GDM needs different xserverArgs, presumable because using wayland by default.
services.xserver.tty = null;
services.xserver.display = null;
services.xserver.verbose = null;
@@ -260,12 +259,10 @@ in
"rc-local.service"
"systemd-machined.service"
"systemd-user-sessions.service"
"getty@tty${gdm.initialVT}.service"
"plymouth-quit.service"
"plymouth-start.service"
];
systemd.services.display-manager.conflicts = [
"getty@tty${gdm.initialVT}.service"
"plymouth-quit.service"
];
systemd.services.display-manager.onFailure = [

20
nixos/modules/services/display-managers/greetd.nix
View File

@@ -6,10 +6,18 @@
}:
let
cfg = config.services.greetd;
tty = "tty${toString cfg.vt}";
tty = "tty1";
settingsFormat = pkgs.formats.toml { };
in
{
imports = [
(lib.mkRemovedOptionModule [
"services"
"greetd"
"vt"
] "The VT is now fixed to VT1.")
];
options.services.greetd = {
enable = lib.mkEnableOption "greetd, a minimal and flexible login manager daemon";
@@ -41,14 +49,6 @@ in
'';
};
vt = lib.mkOption {
type = lib.types.int;
default = 1;
description = ''
The virtual console (tty) that greetd should use. This option also disables getty on that tty.
'';
};
restart = lib.mkOption {
type = lib.types.bool;
default = !(cfg.settings ? initial_session);
@@ -62,7 +62,7 @@ in
};
config = lib.mkIf cfg.enable {
services.greetd.settings.terminal.vt = lib.mkDefault cfg.vt;
services.greetd.settings.terminal.vt = 1;
services.greetd.settings.default_session.user = lib.mkDefault "greeter";
security.pam.services.greetd = {

28
nixos/modules/services/display-managers/lemurs.nix
View File

@@ -9,6 +9,15 @@ let
settingsFormat = pkgs.formats.toml { };
in
{
imports = [
(lib.mkRemovedOptionModule [
"services"
"displayManager"
"lemurs"
"vt"
] "The VT is now fixed to VT1.")
];
options.services.displayManager.lemurs = {
enable = lib.mkEnableOption "" // {
description = ''
@@ -36,14 +45,6 @@ in
See [lemurs configuration documentation](https://github.com/coastalwhite/lemurs/blob/main/extra/config.toml) for available options.
'';
};
vt = lib.mkOption {
type = lib.types.ints.positive;
default = 2;
description = ''
The virtual console (tty) that lemurs should use.
'';
};
};
config = lib.mkIf cfg.enable {
assertions = [
@@ -70,8 +71,7 @@ in
# Required for wayland with setLoginUid = false;
seatd.enable = true;
xserver = {
# To enable user switching, allow lemurs to allocate TTYs/displays dynamically.
tty = null;
# To enable user switching, allow lemurs to allocate displays dynamically.
display = null;
};
displayManager = {
@@ -83,7 +83,7 @@ in
desktops = config.services.displayManager.sessionData.desktops;
in
{
tty = lib.mkDefault cfg.vt;
tty = 1;
system_shell = lib.mkDefault "${pkgs.bash}/bin/bash";
initial_path = lib.mkDefault "/run/current-system/sw/bin";
x11 = {
@@ -102,18 +102,18 @@ in
Wants = [ "systemd-user-sessions.service" ];
After = [
"systemd-user-sessions.service"
"getty@tty${toString cfg.vt}.service"
"plymouth-quit-wait.service"
];
Conflicts = [ "getty@tty${toString cfg.vt}.service" ];
};
serviceConfig = {
Type = "idle";
# Defaults from lemurs upstream configuration
StandardInput = "tty";
TTYPath = "/dev/tty${toString cfg.vt}";
TTYPath = "/dev/tty1";
TTYReset = "yes";
TTYVHangup = "yes";
# Clear the console before starting
TTYVTDisallocate = true;
};
# Don't kill a user session when using nixos-rebuild
restartIfChanged = false;

11
nixos/modules/services/display-managers/ly.nix
View File

@@ -36,7 +36,6 @@ let
defaultConfig = {
shutdown_cmd = "/run/current-system/systemd/bin/systemctl poweroff";
restart_cmd = "/run/current-system/systemd/bin/systemctl reboot";
tty = 2;
service_name = "ly";
path = "/run/current-system/sw/bin";
term_reset_cmd = "${pkgs.ncurses}/bin/tput reset";
@@ -115,11 +114,14 @@ in
displayManager = {
enable = true;
execCmd = "exec /run/current-system/sw/bin/ly";
# Set this here instead of 'defaultConfig' so users get eval
# errors when they change it.
ly.settings.tty = 1;
};
xserver = {
# To enable user switching, allow ly to allocate TTYs/displays dynamically.
tty = null;
# To enable user switching, allow ly to allocate displays dynamically.
display = null;
};
};
@@ -131,11 +133,8 @@ in
after = [
"systemd-user-sessions.service"
"plymouth-quit-wait.service"
"getty@tty${toString finalConfig.tty}.service"
];
conflicts = [ "getty@tty7.service" ];
serviceConfig = {
Type = "idle";
StandardInput = "tty";

8
nixos/modules/services/display-managers/sddm.nix
View File

@@ -93,7 +93,6 @@ let
}
// optionalAttrs xcfg.enable {
X11 = {
MinimumVT = if xcfg.tty != null then xcfg.tty else 7;
ServerPath = toString xserverWrapper;
XephyrPath = "${pkgs.xorg.xorgserver.out}/bin/Xephyr";
SessionCommand = toString dmcfg.sessionData.wrapper;
@@ -419,8 +418,7 @@ in
services = {
dbus.packages = [ sddm ];
xserver = {
# To enable user switching, allow sddm to allocate TTYs/displays dynamically.
tty = null;
# To enable user switching, allow sddm to allocate displays dynamically.
display = null;
};
};
@@ -432,13 +430,9 @@ in
services.display-manager = {
after = [
"systemd-user-sessions.service"
"getty@tty7.service"
"plymouth-quit.service"
"systemd-logind.service"
];
conflicts = [
"getty@tty7.service"
];
};
};
};

35
nixos/modules/services/networking/ddclient.nix
View File

@@ -18,12 +18,16 @@ let
${lib.optionalString (cfg.use != "") "use=${cfg.use}"}
${lib.optionalString (cfg.use == "" && cfg.usev4 != "") "usev4=${cfg.usev4}"}
${lib.optionalString (cfg.use == "" && cfg.usev6 != "") "usev6=${cfg.usev6}"}
login=${cfg.username}
password=${
${lib.optionalString (cfg.username != "") "login=${cfg.username}"}
${
if cfg.protocol == "nsupdate" then
"/run/${RuntimeDirectory}/ddclient.key"
else if (cfg.passwordFile != null) then
"password=@password_placeholder@"
else if (cfg.secretsFile != null) then
"@secrets_placeholder@"
else
"@password_placeholder@"
""
}
protocol=${cfg.protocol}
${lib.optionalString (cfg.script != "") "script=${cfg.script}"}
@@ -49,6 +53,10 @@ let
''
"${pkgs.replace-secret}/bin/replace-secret" "@password_placeholder@" "${cfg.passwordFile}" "/run/${RuntimeDirectory}/ddclient.conf"
''
else if (cfg.secretsFile != null) then
''
"${pkgs.replace-secret}/bin/replace-secret" "@secrets_placeholder@" "${cfg.secretsFile}" "/run/${RuntimeDirectory}/ddclient.conf"
''
else
''
sed -i '/^password=@password_placeholder@$/d' /run/${RuntimeDirectory}/ddclient.conf
@@ -126,6 +134,16 @@ in
'';
};
secretsFile = lib.mkOption {
default = null;
type = nullOr str;
description = ''
A file containing the secrets for the dynamic DNS provider.
This file should contain lines of valid secrets in the format specified by the ddclient documentation.
If this option is set, it overrides the `passwordFile` option.
'';
};
interval = lib.mkOption {
default = "10min";
type = str;
@@ -244,6 +262,17 @@ in
lib.optional (cfg.use != "")
"Setting `use` is deprecated, ddclient now supports `usev4` and `usev6` for separate IPv4/IPv6 configuration.";
assertions = [
{
assertion = !((cfg.passwordFile != null) && (cfg.secretsFile != null));
message = "You cannot use both services.ddclient.passwordFile and services.ddclient.secretsFile at the same time.";
}
{
assertion = !(cfg.protocol == "nsupdate") || (cfg.passwordFile == null && cfg.secretsFile == null);
message = "You cannot use services.ddclient.passwordFile and or services.ddclient.secretsFile when services.ddclient.protocol is \"nsupdate\".";
}
];
systemd.services.ddclient = {
description = "Dynamic DNS Client";
wantedBy = [ "multi-user.target" ];

74
nixos/modules/services/networking/kea.nix
View File

@@ -2,6 +2,7 @@
config,
lib,
pkgs,
utils,
...
}:
let
@@ -34,11 +35,11 @@ let
DhcpDdns = cfg.dhcp-ddns.settings;
}
);
package = pkgs.kea;
in
{
options.services.kea = with lib.types; {
package = lib.mkPackageOption pkgs "kea" { };
ctrl-agent = lib.mkOption {
description = ''
Kea Control Agent configuration
@@ -60,7 +61,7 @@ in
type = nullOr path;
default = null;
description = ''
Kea Control Agent configuration as a path, see <https://kea.readthedocs.io/en/kea-${package.version}/arm/agent.html>.
Kea Control Agent configuration as a path, see <https://kea.readthedocs.io/en/kea-${cfg.package.version}/arm/agent.html>.
Takes preference over [settings](#opt-services.kea.ctrl-agent.settings).
Most users should prefer using [settings](#opt-services.kea.ctrl-agent.settings) instead.
@@ -71,7 +72,7 @@ in
type = format.type;
default = null;
description = ''
Kea Control Agent configuration as an attribute set, see <https://kea.readthedocs.io/en/kea-${package.version}/arm/agent.html>.
Kea Control Agent configuration as an attribute set, see <https://kea.readthedocs.io/en/kea-${cfg.package.version}/arm/agent.html>.
'';
};
};
@@ -99,7 +100,7 @@ in
type = nullOr path;
default = null;
description = ''
Kea DHCP4 configuration as a path, see <https://kea.readthedocs.io/en/kea-${package.version}/arm/dhcp4-srv.html>.
Kea DHCP4 configuration as a path, see <https://kea.readthedocs.io/en/kea-${cfg.package.version}/arm/dhcp4-srv.html>.
Takes preference over [settings](#opt-services.kea.dhcp4.settings).
Most users should prefer using [settings](#opt-services.kea.dhcp4.settings) instead.
@@ -136,7 +137,7 @@ in
];
};
description = ''
Kea DHCP4 configuration as an attribute set, see <https://kea.readthedocs.io/en/kea-${package.version}/arm/dhcp4-srv.html>.
Kea DHCP4 configuration as an attribute set, see <https://kea.readthedocs.io/en/kea-${cfg.package.version}/arm/dhcp4-srv.html>.
'';
};
};
@@ -164,7 +165,7 @@ in
type = nullOr path;
default = null;
description = ''
Kea DHCP6 configuration as a path, see <https://kea.readthedocs.io/en/kea-${package.version}/arm/dhcp6-srv.html>.
Kea DHCP6 configuration as a path, see <https://kea.readthedocs.io/en/kea-${cfg.package.version}/arm/dhcp6-srv.html>.
Takes preference over [settings](#opt-services.kea.dhcp6.settings).
Most users should prefer using [settings](#opt-services.kea.dhcp6.settings) instead.
@@ -202,7 +203,7 @@ in
];
};
description = ''
Kea DHCP6 configuration as an attribute set, see <https://kea.readthedocs.io/en/kea-${package.version}/arm/dhcp6-srv.html>.
Kea DHCP6 configuration as an attribute set, see <https://kea.readthedocs.io/en/kea-${cfg.package.version}/arm/dhcp6-srv.html>.
'';
};
};
@@ -230,7 +231,7 @@ in
type = nullOr path;
default = null;
description = ''
Kea DHCP-DDNS configuration as a path, see <https://kea.readthedocs.io/en/kea-${package.version}/arm/ddns.html>.
Kea DHCP-DDNS configuration as a path, see <https://kea.readthedocs.io/en/kea-${cfg.package.version}/arm/ddns.html>.
Takes preference over [settings](#opt-services.kea.dhcp-ddns.settings).
Most users should prefer using [settings](#opt-services.kea.dhcp-ddns.settings) instead.
@@ -255,7 +256,7 @@ in
};
};
description = ''
Kea DHCP-DDNS configuration as an attribute set, see <https://kea.readthedocs.io/en/kea-${package.version}/arm/ddns.html>.
Kea DHCP-DDNS configuration as an attribute set, see <https://kea.readthedocs.io/en/kea-${cfg.package.version}/arm/ddns.html>.
'';
};
};
@@ -266,9 +267,10 @@ in
config =
let
commonEnvironment = {
KEA_CONTROL_SOCKET_DIR = "/run/kea";
KEA_LOCKFILE_DIR = "/run/kea";
KEA_PIDFILE_DIR = "/run/kea";
# Allow hook scripts only when they originate from the system configuration
KEA_HOOK_SCRIPTS_PATH = lib.mkDefault "/nix/store";
# Allow hooks to originate from the configured package
KEA_HOOKS_PATH = lib.mkDefault "${cfg.package}/lib/kea/hooks";
};
commonServiceConfig = {
@@ -291,7 +293,7 @@ in
lib.mkIf (cfg.ctrl-agent.enable || cfg.dhcp4.enable || cfg.dhcp6.enable || cfg.dhcp-ddns.enable) (
lib.mkMerge [
{
environment.systemPackages = [ package ];
environment.systemPackages = [ cfg.package ];
users.users.kea = {
isSystemUser = true;
@@ -314,7 +316,7 @@ in
description = "Kea Control Agent";
documentation = [
"man:kea-ctrl-agent(8)"
"https://kea.readthedocs.io/en/kea-${package.version}/arm/agent.html"
"https://kea.readthedocs.io/en/kea-${cfg.package.version}/arm/agent.html"
];
wants = [
@@ -337,7 +339,14 @@ in
];
serviceConfig = {
ExecStart = "${package}/bin/kea-ctrl-agent -c /etc/kea/ctrl-agent.conf ${lib.escapeShellArgs cfg.ctrl-agent.extraArgs}";
ExecStart = utils.escapeSystemdExecArgs (
[
(lib.getExe' cfg.package "kea-ctrl-agent")
"-c"
"/etc/kea/ctrl-agent.conf"
]
++ cfg.ctrl-agent.extraArgs
);
KillMode = "process";
Restart = "on-failure";
}
@@ -359,7 +368,7 @@ in
description = "Kea DHCP4 Server";
documentation = [
"man:kea-dhcp4(8)"
"https://kea.readthedocs.io/en/kea-${package.version}/arm/dhcp4-srv.html"
"https://kea.readthedocs.io/en/kea-${cfg.package.version}/arm/dhcp4-srv.html"
];
after = [
@@ -380,7 +389,14 @@ in
];
serviceConfig = {
ExecStart = "${package}/bin/kea-dhcp4 -c /etc/kea/dhcp4-server.conf ${lib.escapeShellArgs cfg.dhcp4.extraArgs}";
ExecStart = utils.escapeSystemdExecArgs (
[
(lib.getExe' cfg.package "kea-dhcp4")
"-c"
"etc/kea/dhcp4-server.conf"
]
++ cfg.dhcp4.extraArgs
);
# Kea does not request capabilities by itself
AmbientCapabilities = [
"CAP_NET_BIND_SERVICE"
@@ -409,7 +425,7 @@ in
description = "Kea DHCP6 Server";
documentation = [
"man:kea-dhcp6(8)"
"https://kea.readthedocs.io/en/kea-${package.version}/arm/dhcp6-srv.html"
"https://kea.readthedocs.io/en/kea-${cfg.package.version}/arm/dhcp6-srv.html"
];
after = [
@@ -430,7 +446,14 @@ in
];
serviceConfig = {
ExecStart = "${package}/bin/kea-dhcp6 -c /etc/kea/dhcp6-server.conf ${lib.escapeShellArgs cfg.dhcp6.extraArgs}";
ExecStart = utils.escapeSystemdExecArgs (
[
(lib.getExe' cfg.package "kea-dhcp6")
"-c"
"/etc/kea/dhcp6-server.conf"
]
++ cfg.dhcp6.extraArgs
);
# Kea does not request capabilities by itself
AmbientCapabilities = [
"CAP_NET_BIND_SERVICE"
@@ -457,7 +480,7 @@ in
description = "Kea DHCP-DDNS Server";
documentation = [
"man:kea-dhcp-ddns(8)"
"https://kea.readthedocs.io/en/kea-${package.version}/arm/ddns.html"
"https://kea.readthedocs.io/en/kea-${cfg.package.version}/arm/ddns.html"
];
wants = [ "network-online.target" ];
@@ -476,7 +499,14 @@ in
];
serviceConfig = {
ExecStart = "${package}/bin/kea-dhcp-ddns -c /etc/kea/dhcp-ddns.conf ${lib.escapeShellArgs cfg.dhcp-ddns.extraArgs}";
ExecStart = utils.escapeSystemdExecArgs (
[
(lib.getExe' cfg.package "kea-dhcp-ddns")
"-c"
"/etc/kea/dhcp-ddns.conf"
]
++ cfg.dhcp-ddns.extraArgs
);
AmbientCapabilities = [
"CAP_NET_BIND_SERVICE"
];

2
nixos/modules/services/ttys/getty.nix
View File

@@ -148,6 +148,8 @@ in
"container-getty@.service"
];
systemd.targets.getty.wants = [ "autovt@tty1.service" ];
systemd.services."getty@" = {
serviceConfig.ExecStart = [
# override upstream default with an empty ExecStart

111
nixos/modules/services/web-apps/go-httpbin.nix Normal file
View File

@@ -0,0 +1,111 @@
{
config,
lib,
pkgs,
...
}:
let
cfg = config.services.go-httpbin;
environment = lib.mapAttrs (
_: value: if lib.isBool value then lib.boolToString value else toString value
) cfg.settings;
in
{
meta.maintainers = with lib.maintainers; [ defelo ];
options.services.go-httpbin = {
enable = lib.mkEnableOption "go-httpbin";
package = lib.mkPackageOption pkgs "go-httpbin" { };
settings = lib.mkOption {
description = ''
Configuration of go-httpbin.
See <https://github.com/mccutchen/go-httpbin#configuration> for a list of options.
'';
example = {
HOST = "0.0.0.0";
PORT = 8080;
};
type = lib.types.submodule {
freeformType =
with lib.types;
attrsOf (oneOf [
str
int
bool
]);
options = {
HOST = lib.mkOption {
type = lib.types.str;
description = "The host to listen on.";
default = "127.0.0.1";
example = "0.0.0.0";
};
PORT = lib.mkOption {
type = lib.types.port;
description = "The port to listen on.";
example = 8080;
};
};
};
};
};
config = lib.mkIf cfg.enable {
systemd.services.go-httpbin = {
wantedBy = [ "multi-user.target" ];
inherit environment;
serviceConfig = {
User = "go-httpbin";
Group = "go-httpbin";
DynamicUser = true;
ExecStart = lib.getExe cfg.package;
# hardening
AmbientCapabilities = "";
CapabilityBoundingSet = [ "" ];
DevicePolicy = "closed";
LockPersonality = true;
MemoryDenyWriteExecute = true;
NoNewPrivileges = true;
PrivateDevices = true;
PrivateTmp = true;
PrivateUsers = true;
ProcSubset = "pid";
ProtectClock = true;
ProtectControlGroups = true;
ProtectHome = true;
ProtectHostname = true;
ProtectKernelLogs = true;
ProtectKernelModules = true;
ProtectKernelTunables = true;
ProtectProc = "invisible";
ProtectSystem = "strict";
RemoveIPC = true;
RestrictAddressFamilies = [ "AF_INET AF_INET6" ];
RestrictNamespaces = true;
RestrictRealtime = true;
RestrictSUIDSGID = true;
SocketBindAllow = "tcp:${toString cfg.settings.PORT}";
SocketBindDeny = "any";
SystemCallArchitectures = "native";
SystemCallFilter = [
"@system-service"
"~@privileged"
"~@resources"
];
UMask = "0077";
};
};
};
}

14
nixos/modules/services/web-apps/lasuite-meet.nix
View File

@@ -230,7 +230,7 @@ in
type = types.str;
default = if cfg.enableNginx then "localhost,127.0.0.1,${cfg.domain}" else "";
defaultText = lib.literalExpression ''
if cfg.enableNginx then "localhost,127.0.0.1,$${cfg.domain}" else ""
if cfg.enableNginx then "localhost,127.0.0.1,''${cfg.domain}" else ""
'';
description = "Comma-separated list of hosts that are able to connect to the server";
};
@@ -328,16 +328,10 @@ in
wantedBy = [ "multi-user.target" ];
preStart = ''
ln -sfT ${cfg.backendPackage}/share/static /var/lib/lasuite-meet/static
if [ ! -f .version ]; then
touch .version
fi
if [ "${cfg.backendPackage.version}" != "$(cat .version)" ]; then
${getExe cfg.backendPackage} migrate
echo -n "${cfg.backendPackage.version}" > .version
fi
${optionalString (cfg.secretKeyPath == null) ''
if [[ ! -f /var/lib/lasuite-meet/django_secret_key ]]; then
(
@@ -346,11 +340,17 @@ in
)
fi
''}
if [ "${cfg.backendPackage.version}" != "$(cat .version)" ]; then
${getExe cfg.backendPackage} migrate
echo -n "${cfg.backendPackage.version}" > .version
fi
'';
environment = pythonEnvironment;
serviceConfig = {
BindReadOnlyPaths = "${cfg.backendPackage}/share/static:/var/lib/lasuite-meet/static";
ExecStart = utils.escapeSystemdExecArgs (
[
(lib.getExe' cfg.backendPackage "gunicorn")

316
nixos/modules/services/web-apps/umami.nix Normal file
View File

@@ -0,0 +1,316 @@
{
config,
lib,
pkgs,
...
}:
let
inherit (lib)
concatStringsSep
filterAttrs
getExe
hasPrefix
hasSuffix
isString
literalExpression
maintainers
mapAttrs
mkEnableOption
mkIf
mkOption
mkPackageOption
optional
optionalString
types
;
cfg = config.services.umami;
nonFileSettings = filterAttrs (k: _: !hasSuffix "_FILE" k) cfg.settings;
in
{
options.services.umami = {
enable = mkEnableOption "umami";
package = mkPackageOption pkgs "umami" { } // {
apply =
pkg:
pkg.override {
databaseType = cfg.settings.DATABASE_TYPE;
collectApiEndpoint = optionalString (
cfg.settings.COLLECT_API_ENDPOINT != null
) cfg.settings.COLLECT_API_ENDPOINT;
trackerScriptNames = cfg.settings.TRACKER_SCRIPT_NAME;
basePath = cfg.settings.BASE_PATH;
};
};
createPostgresqlDatabase = mkOption {
type = types.bool;
default = true;
example = false;
description = ''
Whether to automatically create the database for Umami using PostgreSQL.
Both the database name and username will be `umami`, and the connection is
made through unix sockets using peer authentication.
'';
};
settings = mkOption {
description = ''
Additional configuration (environment variables) for Umami, see
<https://umami.is/docs/environment-variables> for supported values.
'';
type = types.submodule {
freeformType =
with types;
attrsOf (oneOf [
bool
int
str
]);
options = {
APP_SECRET_FILE = mkOption {
type = types.nullOr (
types.str
// {
# We don't want users to be able to pass a path literal here but
# it should look like a path.
check = it: isString it && types.path.check it;
}
);
default = null;
example = "/run/secrets/umamiAppSecret";
description = ''
A file containing a secure random string. This is used for signing user sessions.
The contents of the file are read through systemd credentials, therefore the
user running umami does not need permissions to read the file.
If you wish to set this to a string instead (not recommended since it will be
placed world-readable in the Nix store), you can use the APP_SECRET option.
'';
};
DATABASE_URL = mkOption {
type = types.nullOr (
types.str
// {
check =
it:
isString it
&& ((hasPrefix "postgresql://" it) || (hasPrefix "postgres://" it) || (hasPrefix "mysql://" it));
}
);
# For some reason, Prisma requires the username in the connection string
# and can't derive it from the current user.
default =
if cfg.createPostgresqlDatabase then
"postgresql://umami@localhost/umami?host=/run/postgresql"
else
null;
defaultText = literalExpression ''if config.services.umami.createPostgresqlDatabase then "postgresql://umami@localhost/umami?host=/run/postgresql" else null'';
example = "postgresql://root:root@localhost/umami";
description = ''
Connection string for the database. Must start with `postgresql://`, `postgres://`
or `mysql://`.
'';
};
DATABASE_URL_FILE = mkOption {
type = types.nullOr (
types.str
// {
# We don't want users to be able to pass a path literal here but
# it should look like a path.
check = it: isString it && types.path.check it;
}
);
default = null;
example = "/run/secrets/umamiDatabaseUrl";
description = ''
A file containing a connection string for the database. The connection string
must start with `postgresql://`, `postgres://` or `mysql://`.
If using this, then DATABASE_TYPE must be set to the appropriate value.
The contents of the file are read through systemd credentials, therefore the
user running umami does not need permissions to read the file.
'';
};
DATABASE_TYPE = mkOption {
type = types.nullOr (
types.enum [
"postgresql"
"mysql"
]
);
default =
if cfg.settings.DATABASE_URL != null && hasPrefix "mysql://" cfg.settings.DATABASE_URL then
"mysql"
else
"postgresql";
defaultText = literalExpression ''if config.services.umami.settings.DATABASE_URL != null && hasPrefix "mysql://" config.services.umami.settings.DATABASE_URL then "mysql" else "postgresql"'';
example = "mysql";
description = ''
The type of database to use. This is automatically inferred from DATABASE_URL, but
must be set manually if you are using DATABASE_URL_FILE.
'';
};
COLLECT_API_ENDPOINT = mkOption {
type = types.nullOr types.str;
default = null;
example = "/api/alternate-send";
description = ''
Allows you to send metrics to a location different than the default `/api/send`.
'';
};
TRACKER_SCRIPT_NAME = mkOption {
type = types.listOf types.str;
default = [ ];
example = [ "tracker.js" ];
description = ''
Allows you to assign a custom name to the tracker script different from the default `script.js`.
'';
};
BASE_PATH = mkOption {
type = types.str;
default = "";
example = "/analytics";
description = ''
Allows you to host Umami under a subdirectory.
You may need to update your reverse proxy settings to correctly handle the BASE_PATH prefix.
'';
};
DISABLE_UPDATES = mkOption {
type = types.bool;
default = true;
example = false;
description = ''
Disables the check for new versions of Umami.
'';
};
DISABLE_TELEMETRY = mkOption {
type = types.bool;
default = false;
example = true;
description = ''
Umami collects completely anonymous telemetry data in order help improve the application.
You can choose to disable this if you don't want to participate.
'';
};
HOSTNAME = mkOption {
type = types.str;
default = "127.0.0.1";
example = "0.0.0.0";
description = ''
The address to listen on.
'';
};
PORT = mkOption {
type = types.port;
default = 3000;
example = 3010;
description = ''
The port to listen on.
'';
};
};
};
default = { };
example = {
APP_SECRET_FILE = "/run/secrets/umamiAppSecret";
DISABLE_TELEMETRY = true;
};
};
};
config = mkIf cfg.enable {
assertions = [
{
assertion = (cfg.settings.APP_SECRET_FILE != null) != (cfg.settings ? APP_SECRET);
message = "One (and only one) of services.umami.settings.APP_SECRET_FILE and services.umami.settings.APP_SECRET must be set.";
}
{
assertion = (cfg.settings.DATABASE_URL_FILE != null) != (cfg.settings.DATABASE_URL != null);
message = "One (and only one) of services.umami.settings.DATABASE_URL_FILE and services.umami.settings.DATABASE_URL must be set.";
}
{
assertion =
cfg.createPostgresqlDatabase
-> cfg.settings.DATABASE_URL == "postgresql://umami@localhost/umami?host=/run/postgresql";
message = "The option config.services.umami.createPostgresqlDatabase is enabled, but config.services.umami.settings.DATABASE_URL has been modified.";
}
];
services.postgresql = mkIf cfg.createPostgresqlDatabase {
enable = true;
ensureDatabases = [ "umami" ];
ensureUsers = [
{
name = "umami";
ensureDBOwnership = true;
ensureClauses.login = true;
}
];
};
systemd.services.umami = {
environment = mapAttrs (_: toString) nonFileSettings;
description = "Umami: a simple, fast, privacy-focused alternative to Google Analytics";
after = [ "network.target" ] ++ (optional (cfg.createPostgresqlDatabase) "postgresql.service");
wantedBy = [ "multi-user.target" ];
script =
let
loadCredentials =
(optional (
cfg.settings.APP_SECRET_FILE != null
) ''export APP_SECRET="$(systemd-creds cat appSecret)"'')
++ (optional (
cfg.settings.DATABASE_URL_FILE != null
) ''export DATABASE_URL="$(systemd-creds cat databaseUrl)"'');
in
''
${concatStringsSep "\n" loadCredentials}
${getExe cfg.package}
'';
serviceConfig = {
Type = "simple";
Restart = "on-failure";
RestartSec = 3;
DynamicUser = true;
LoadCredential =
(optional (cfg.settings.APP_SECRET_FILE != null) "appSecret:${cfg.settings.APP_SECRET_FILE}")
++ (optional (
cfg.settings.DATABASE_URL_FILE != null
) "databaseUrl:${cfg.settings.DATABASE_URL_FILE}");
# Hardening
CapabilityBoundingSet = "";
NoNewPrivileges = true;
PrivateUsers = true;
PrivateTmp = true;
PrivateDevices = true;
PrivateMounts = true;
ProtectClock = true;
ProtectControlGroups = true;
ProtectHome = true;
ProtectHostname = true;
ProtectKernelLogs = true;
ProtectKernelModules = true;
ProtectKernelTunables = true;
RestrictAddressFamilies = (optional cfg.createPostgresqlDatabase "AF_UNIX") ++ [
"AF_INET"
"AF_INET6"
];
RestrictNamespaces = true;
RestrictRealtime = true;
RestrictSUIDSGID = true;
};
};
};
meta.maintainers = with maintainers; [ diogotcorreia ];
}

10
nixos/modules/services/x11/display-managers/lightdm.nix
View File

@@ -42,6 +42,7 @@ let
lightdmConf = writeText "lightdm.conf" ''
[LightDM]
minimum-vt = 1
${optionalString cfg.greeter.enable ''
greeter-user = ${config.users.users.lightdm.name}
greeters-directory = ${cfg.greeter.package}
@@ -234,19 +235,11 @@ in
exec ${lightdm}/sbin/lightdm
'';
# Replaces getty
systemd.services.display-manager.conflicts = [
"getty@tty7.service"
# TODO: Add "plymouth-quit.service" so LightDM can control when plymouth
# quits. Currently this breaks switching to configurations with plymouth.
];
# Pull in dependencies of services we replace.
systemd.services.display-manager.after = [
"rc-local.service"
"systemd-machined.service"
"systemd-user-sessions.service"
"getty@tty7.service"
"user.slice"
];
@@ -336,7 +329,6 @@ in
];
users.groups.lightdm.gid = config.ids.gids.lightdm;
services.xserver.tty = null; # We might start multiple X servers so let the tty increment themselves..
services.xserver.display = null; # We specify our own display (and logfile) in xserver-wrapper up there
};
}

12
nixos/modules/services/x11/xserver.nix
View File

@@ -277,6 +277,11 @@ in
"dir"
];
})
(lib.mkRemovedOptionModule [
"services"
"xserver"
"tty"
] "'services.xserver.tty' was removed because it was ineffective.")
];
###### interface
@@ -675,12 +680,6 @@ in
'';
};
tty = mkOption {
type = types.nullOr types.int;
default = 7;
description = "Virtual console for the X server.";
};
display = mkOption {
type = types.nullOr types.int;
default = 0;
@@ -886,7 +885,6 @@ in
"${cfg.xkb.dir}"
]
++ optional (cfg.display != null) ":${toString cfg.display}"
++ optional (cfg.tty != null) "vt${toString cfg.tty}"
++ optional (cfg.dpi != null) "-dpi ${toString cfg.dpi}"
++ optional (cfg.logFile != null) "-logfile ${toString cfg.logFile}"
++ optional (cfg.verbose != null) "-verbose ${toString cfg.verbose}"

18
nixos/modules/testing/test-instrumentation.nix
View File

@@ -72,6 +72,14 @@ let
serviceConfig.KillSignal = "SIGHUP";
};
managerSettings = {
# Don't clobber the console with duplicate systemd messages.
ShowStatus = false;
# Allow very slow start
DefaultTimeoutStartSec = 300;
DefaultDeviceTimeoutSec = 300;
};
in
{
@@ -115,7 +123,7 @@ in
MaxLevelConsole=debug
'';
settings.Manager = config.systemd.settings.Manager;
settings.Manager = managerSettings;
}
(lib.mkIf cfg.initrdBackdoor {
@@ -210,13 +218,7 @@ in
MaxLevelConsole=debug
'';
systemd.settings.Manager = {
# Don't clobber the console with duplicate systemd messages.
ShowStatus = false;
# Allow very slow start
DefaultTimeoutStartSec = 300;
DefaultDeviceTimeoutSec = 300;
};
systemd.settings.Manager = managerSettings;
systemd.user.extraConfig = ''
# Allow very slow start
DefaultTimeoutStartSec=300

2
nixos/tests/all-tests.nix
View File

@@ -618,6 +618,7 @@ in
gnupg = runTest ./gnupg.nix;
goatcounter = runTest ./goatcounter.nix;
go-camo = runTest ./go-camo.nix;
go-httpbin = runTest ./go-httpbin.nix;
go-neb = runTest ./go-neb.nix;
gobgpd = runTest ./gobgpd.nix;
gocd-agent = runTest ./gocd-agent.nix;
@@ -1508,6 +1509,7 @@ in
ucarp = runTest ./ucarp.nix;
udisks2 = runTest ./udisks2.nix;
ulogd = runTest ./ulogd/ulogd.nix;
umami = runTest ./web-apps/umami.nix;
umurmur = runTest ./umurmur.nix;
unbound = runTest ./unbound.nix;
unifi = runTest ./unifi.nix;

38
nixos/tests/go-httpbin.nix Normal file
View File

@@ -0,0 +1,38 @@
{ lib, ... }:
{
name = "go-httpbin";
meta.maintainers = with lib.maintainers; [ defelo ];
nodes.machine = {
services.go-httpbin = {
enable = true;
settings.PORT = 8000;
};
};
interactive.nodes.machine = {
services.go-httpbin.settings.HOST = "0.0.0.0";
networking.firewall.allowedTCPPorts = [ 8000 ];
virtualisation.forwardPorts = [
{
from = "host";
host.port = 8000;
guest.port = 8000;
}
];
};
testScript = ''
import json
machine.wait_for_unit("go-httpbin.service")
machine.wait_for_open_port(8000)
resp = json.loads(machine.succeed("curl localhost:8000/get?foo=bar"))
assert resp["args"]["foo"] == ["bar"]
assert resp["method"] == "GET"
assert resp["origin"] == "127.0.0.1"
assert resp["url"] == "http://localhost:8000/get?foo=bar"
'';
}

4
nixos/tests/lemurs/lemurs.nix
View File

@@ -11,6 +11,8 @@
];
};
enableOCR = true;
nodes.machine = _: {
imports = [ ../common/user-account.nix ];
services.displayManager.lemurs.enable = true;
@@ -20,7 +22,7 @@
machine.start()
machine.wait_for_unit("multi-user.target")
machine.wait_until_succeeds("pgrep -f 'lemurs.*tty1'")
machine.wait_for_text("Login")
machine.screenshot("postboot")
with subtest("Log in as alice on a virtual console"):

45
nixos/tests/web-apps/umami.nix Normal file
View File

@@ -0,0 +1,45 @@
{ lib, ... }:
{
name = "umami-nixos";
meta.maintainers = with lib.maintainers; [ diogotcorreia ];
nodes.machine =
{ pkgs, ... }:
{
services.umami = {
enable = true;
settings = {
APP_SECRET = "very_secret";
};
};
};
testScript = ''
import json
machine.wait_for_unit("umami.service")
machine.wait_for_open_port(3000)
machine.succeed("curl --fail http://localhost:3000/")
machine.succeed("curl --fail http://localhost:3000/script.js")
res = machine.succeed("""
curl -f --json '{ "username": "admin", "password": "umami" }' http://localhost:3000/api/auth/login
""")
token = json.loads(res)['token']
res = machine.succeed("""
curl -f -H 'Authorization: Bearer %s' --json '{ "domain": "localhost", "name": "Test" }' http://localhost:3000/api/websites
""" % token)
print(res)
websiteId = json.loads(res)['id']
res = machine.succeed("""
curl -f -H 'Authorization: Bearer %s' http://localhost:3000/api/websites/%s
""" % (token, websiteId))
website = json.loads(res)
assert website["name"] == "Test"
assert website["domain"] == "localhost"
'';
}

4
pkgs/applications/display-managers/sddm/unwrapped.nix
View File

@@ -72,9 +72,7 @@ stdenv.mkDerivation (finalAttrs: {
"-DUID_MIN=1000"
"-DUID_MAX=29999"
# we still want to run the DM on VT 7 for the time being, as 1-6 are
# occupied by getties by default
"-DSDDM_INITIAL_VT=7"
"-DSDDM_INITIAL_VT=1"
"-DQT_IMPORTS_DIR=${placeholder "out"}/${qtbase.qtQmlPrefix}"
"-DCMAKE_INSTALL_SYSCONFDIR=${placeholder "out"}/etc"

19
pkgs/applications/editors/vscode/extensions/dbaeumer.vscode-eslint/default.nix
View File

@@ -1,31 +1,16 @@
{
jq,
lib,
moreutils,
vscode-utils,
eslint,
}:
vscode-utils.buildVscodeMarketplaceExtension {
mktplcRef = {
name = "vscode-eslint";
publisher = "dbaeumer";
version = "3.0.13";
hash = "sha256-l5VvhQPxPaQsPhXUbFW2yGJjaqnNvijn4QkXPjf1WXo=";
version = "3.0.15";
hash = "sha256-oeudNCBrHO3yvw3FrFA4EZk1yODcRRfF/y3U5tdEz4I=";
};
nativeBuildInputs = [
jq
moreutils
];
buildInputs = [ eslint ];
postInstall = ''
cd "$out/$installPrefix"
jq '.contributes.configuration.properties."eslint.nodePath".default = "${eslint}/lib/node_modules"' package.json | sponge package.json
'';
meta = {
changelog = "https://marketplace.visualstudio.com/items/dbaeumer.vscode-eslint/changelog";
description = "Integrates ESLint JavaScript into VS Code";

15
pkgs/applications/editors/vscode/extensions/esbenp.prettier-vscode/default.nix
View File

@@ -1,8 +1,5 @@
{
jq,
lib,
moreutils,
prettier,
vscode-utils,
}:
@@ -14,18 +11,6 @@ vscode-utils.buildVscodeMarketplaceExtension {
hash = "sha256-pNjkJhof19cuK0PsXJ/Q/Zb2H7eoIkfXJMLZJ4lDn7k=";
};
nativeBuildInputs = [
jq
moreutils
];
buildInputs = [ prettier ];
postInstall = ''
cd "$out/$installPrefix"
jq '.contributes.configuration.properties."prettier.prettierPath".default = "${prettier}"' package.json | sponge package.json
'';
meta = {
changelog = "https://marketplace.visualstudio.com/items/esbenp.prettier-vscode/changelog";
description = "Code formatter using prettier";

2
pkgs/applications/editors/vscode/extensions/myriad-dreamin.tinymist/default.nix
View File

@@ -11,7 +11,7 @@ vscode-utils.buildVscodeMarketplaceExtension {
name = "tinymist";
publisher = "myriad-dreamin";
inherit (tinymist) version;
hash = "sha256-QhME94U4iVUSXGLlGqM+X8WbnnxGIVeKKJYEWWAMztg=";
hash = "sha256-9F/+IuX/5IMIEa8zXYBZsK3QNZCCuCDvXQ7C7WbwuFo=";
};
nativeBuildInputs = [

6
pkgs/applications/emulators/libretro/cores/dosbox-pure.nix
View File

@@ -5,13 +5,13 @@
}:
mkLibretroCore {
core = "dosbox-pure";
version = "0-unstable-2025-07-10";
version = "0-unstable-2025-07-28";
src = fetchFromGitHub {
owner = "schellingb";
repo = "dosbox-pure";
rev = "92894e7bdb6304d23278dc77f8a9fa7212450f6e";
hash = "sha256-uA/pm3DyT0VCyq85DzZGXjSGrKQ9uoEIfrs839ta97s=";
rev = "4b5f6c964aa56357e19632bf73d1875c2496fdd1";
hash = "sha256-J1NSt2Q4+lWUVqROv5yAM/rXI5COl0FRux3xqFLw20g=";
};
hardeningDisable = [ "format" ];

6
pkgs/applications/emulators/libretro/cores/gambatte.nix
View File

@@ -5,13 +5,13 @@
}:
mkLibretroCore {
core = "gambatte";
version = "0-unstable-2025-06-27";
version = "0-unstable-2025-07-25";
src = fetchFromGitHub {
owner = "libretro";
repo = "gambatte-libretro";
rev = "9f591132e67f101780495a43df8da9bca43e08db";
hash = "sha256-wauSnUlZRAtZwheONd+NusM0D1q2pLwha6H90R4R1aU=";
rev = "13b7af780e9893ae62cc24d567591b5eb6a6dd72";
hash = "sha256-bTNZrXp+kMIq/tnPs73tpYRxlrZfCGCmE0EUlJFtUnY=";
};
meta = {

6
pkgs/applications/emulators/libretro/cores/play.nix
View File

@@ -14,13 +14,13 @@
}:
mkLibretroCore {
core = "play";
version = "0-unstable-2025-07-09";
version = "0-unstable-2025-07-23";
src = fetchFromGitHub {
owner = "jpd002";
repo = "Play-";
rev = "ae9afb4e45e8de35382fb98c55d13dec9fcf8ed8";
hash = "sha256-HWKhgGChPGhRmrXXbjEvBt0coGpQ1JAPUTd8Ze4yKww=";
rev = "78c184bca1063d5482cbfad924af72dd23ebbff1";
hash = "sha256-0n6PQqepc7xKVMf8slN9aOodzBbt7J2c68z7200q07M=";
fetchSubmodules = true;
};

4
pkgs/applications/gis/qgis/unwrapped-ltr.nix
View File

@@ -82,14 +82,14 @@ let
];
in
mkDerivation rec {
version = "3.40.8";
version = "3.40.9";
pname = "qgis-ltr-unwrapped";
src = fetchFromGitHub {
owner = "qgis";
repo = "QGIS";
rev = "final-${lib.replaceStrings [ "." ] [ "_" ] version}";
hash = "sha256-3zVZP+cRln896nV/uPbaqauJaxv7aFsKWUXfvjMqAh8=";
hash = "sha256-R2qj6PnCq4uuZP/iFiJh8bFcyPHG7bix9Oc6Re4ixU4=";
};
passthru = {

4
pkgs/applications/gis/qgis/unwrapped.nix
View File

@@ -82,14 +82,14 @@ let
];
in
mkDerivation rec {
version = "3.44.0";
version = "3.44.1";
pname = "qgis-unwrapped";
src = fetchFromGitHub {
owner = "qgis";
repo = "QGIS";
rev = "final-${lib.replaceStrings [ "." ] [ "_" ] version}";
hash = "sha256-9TJNqHvYgCoMTChL3CrOJ7Qr/okSuvj09uzdHuNMZUw=";
hash = "sha256-WUXYjMCq95S5GHcn3pR45kpP3Us1HG4sS+EmjCBYOrM=";
};
passthru = {

9
pkgs/applications/networking/cluster/terraform-providers/providers.json
View File

@@ -134,6 +134,15 @@
"spdx": "MPL-2.0",
"vendorHash": "sha256-low0aq3i3pmqbadYg1VZra+ZzoV6nqyGutf8xzaces0="
},
"awscc": {
"hash": "sha256-9/z8Al6JRsWyBgrcz53EuI9Quco9LAVMLrWWqmhEyMk=",
"homepage": "https://registry.terraform.io/providers/hashicorp/awscc",
"owner": "hashicorp",
"repo": "terraform-provider-awscc",
"rev": "v1.50.0",
"spdx": "MPL-2.0",
"vendorHash": "sha256-WnKUdHVmLTWy+WMMbvI646KzJPGnmWv5NPoePsyP3yg="
},
"azuread": {
"hash": "sha256-lNjU/206yS+smSe1SYlz0TOqHRlvSQKqhJ67fswNlIQ=",
"homepage": "https://registry.terraform.io/providers/hashicorp/azuread",

794
pkgs/applications/networking/mailreaders/thunderbird-bin/release_esr_sources.nix
View File

File diff suppressed because it is too large Load Diff

4
pkgs/applications/networking/mailreaders/thunderbird/packages.nix
View File

@@ -94,8 +94,8 @@ rec {
thunderbird = thunderbird-latest;
thunderbird-latest = common {
version = "140.0.1";
sha512 = "fbef1d0228c49fc9c11425b6be03bb7e44e6abc6f2027ee23317270ca2c6b0a935bb41b38667acf014bd9e1166cbe62754f1e919e04f2355dc4c833e015c78b8";
version = "141.0";
sha512 = "cd747c0831532f90685975567102d1bdb90a780e21209fe4b7bddf2d84ac88576766706e95e22043a30a8a89b6d3daffb56a68c3ccc4a300b8236b20d4fca675";
updateScript = callPackage ./update.nix {
attrPath = "thunderbirdPackages.thunderbird-latest";

4
pkgs/applications/networking/znc/default.nix
View File

@@ -23,11 +23,11 @@
stdenv.mkDerivation (finalAttrs: {
pname = "znc";
version = "1.10.0";
version = "1.10.1";
src = fetchurl {
url = "https://znc.in/releases/archive/znc-${finalAttrs.version}.tar.gz";
hash = "sha256-vmWtm2LvVFp+lIby90E07cU7pROtQ6adnYtHZgUzaxk=";
hash = "sha256-Tm52hR2/JgYYWXK1PsXeytaP5TtjpW5N+LizwKbEaAA=";
};
postPatch = ''

6
pkgs/by-name/aa/aaaaxy/package.nix
View File

@@ -22,17 +22,17 @@
buildGoModule rec {
pname = "aaaaxy";
version = "1.6.257";
version = "1.6.271";
src = fetchFromGitHub {
owner = "divVerent";
repo = "aaaaxy";
tag = "v${version}";
hash = "sha256-l+4nlL8gUnLoBbKWlwOiis3s8svKMq9IjrbKyaBE0kk=";
hash = "sha256-/nSJ1FT9FE856yrupbouRzqpRzZhKfYAq1fVBBvMVmY=";
fetchSubmodules = true;
};
vendorHash = "sha256-iP/7WQZ+BNqtoigRADKlYGEAEZpzSKttY4lVq7v8gR8=";
vendorHash = "sha256-DJvlyfCynz+M5BQ4XDYcdzb3QP5ycDPcF4B+fQ4FRRA=";
buildInputs = [
alsa-lib

6
pkgs/by-name/ai/aiken/package.nix
View File

@@ -8,16 +8,16 @@
rustPlatform.buildRustPackage rec {
pname = "aiken";
version = "1.1.17";
version = "1.1.19";
src = fetchFromGitHub {
owner = "aiken-lang";
repo = "aiken";
tag = "v${version}";
hash = "sha256-bEsBLihMqYHJa5913Q434xKVufxTrcaxwcANPV9u37U=";
hash = "sha256-S3KIOlOz21ItWI+RoeHPYROIlMbKAoNi7hXwHHjHaJs=";
};
cargoHash = "sha256-Ob4UuBLD6HFbghv4E2XMj+xVeUSFtc9qPUNuUDgZeQA=";
cargoHash = "sha256-RrcP23p3KVIGKiW1crDDn5eoowjX3nTPUWBYtT9qdz0=";
buildInputs = [ openssl ];

4
pkgs/by-name/am/amnezia-vpn/package.nix
View File

@@ -65,13 +65,13 @@ let
in
stdenv.mkDerivation (finalAttrs: {
pname = "amnezia-vpn";
version = "4.8.8.3";
version = "4.8.9.1";
src = fetchFromGitHub {
owner = "amnezia-vpn";
repo = "amnezia-client";
tag = finalAttrs.version;
hash = "sha256-hDbrp6eT+avFepJL55Vl2alOD+IMnyy8MPXZQTEmLJo=";
hash = "sha256-docQqOVzmgqWPhKzOmKeXhssjyhtfYy1fNn0ZGXjsZ0=";
fetchSubmodules = true;
};

6
pkgs/by-name/ar/argc/package.nix
View File

@@ -14,16 +14,16 @@ let
in
rustPlatform.buildRustPackage rec {
pname = "argc";
version = "1.22.0";
version = "1.23.0";
src = fetchFromGitHub {
owner = "sigoden";
repo = "argc";
rev = "v${version}";
hash = "sha256-sviGDwxbCBsNY5viV7Qim6B/COd1Uz0Wj/6n/Ge+A50=";
hash = "sha256-in2ymxiSZbs3wZwo/aKfu11x8SLx4OHOoa/tVxr3FyM=";
};
cargoHash = "sha256-uyUwmTDa1RcgQbc/6wMwRK6932CatuGMr0FPd2rAufk=";
cargoHash = "sha256-2UmI9CMa130T7ML9iVNQ8Zh/stiFg05eBtF1sprmwk8=";
nativeBuildInputs = [ installShellFiles ] ++ lib.optional (!canExecuteHost) buildPackages.argc;

6
pkgs/by-name/ar/artichoke/package.nix
View File

@@ -10,13 +10,13 @@
rustPlatform.buildRustPackage {
pname = "artichoke";
version = "0-unstable-2025-06-18";
version = "0-unstable-2025-07-28";
src = fetchFromGitHub {
owner = "artichoke";
repo = "artichoke";
rev = "94921a493f680381c83465e5c50e5d494a7048f6";
hash = "sha256-JdCGCvs7GK/I3yyIl4n9OGtN9VwzmwdDdglwbTHfx0Y=";
rev = "148d3bf4bc361fa3214c02219e50e22e4cf2a3cf";
hash = "sha256-CKCRFSg8ROMhKwiIDU9iAYY/HfGtYlW1zrtn7thxIzY=";
};
cargoHash = "sha256-a43awTdhOlu+KO3B6XQ7Vdv4NbZ3iffq4rpmBBgUcZ8=";

5
pkgs/by-name/au/audacity/package.nix
View File

@@ -70,6 +70,11 @@ stdenv.mkDerivation (finalAttrs: {
hash = "sha256-kESKpIke9Xi4A55i3mUu1JkDjp8voBJBixiAK8pUkKA=";
};
patches = [
# Introduced by https://github.com/Tencent/rapidjson/commit/b1c0c2843fcb2aca9ecc650fc035c57ffc13697c#diff-2f1bcf2729ff7c408adb0c2cc2cfa01602bd5646b05b3e4bc7e46b606035d249R21
./rapidjson.patch
];
postPatch = ''
mkdir src/private
substituteInPlace scripts/build/macOS/fix_bundle.py \

18
pkgs/by-name/au/audacity/rapidjson.patch Normal file
View File

@@ -0,0 +1,18 @@
diff --git a/cmake-proxies/cmake-modules/dependencies/rapidjson.cmake b/cmake-proxies/cmake-modules/dependencies/rapidjson.cmake
index ba95962..66a96a8 100644
--- a/cmake-proxies/cmake-modules/dependencies/rapidjson.cmake
+++ b/cmake-proxies/cmake-modules/dependencies/rapidjson.cmake
@@ -2,8 +2,11 @@
if(NOT ${_OPT}use_rapidjson STREQUAL "off")
if(NOT TARGET rapidjson::rapidjson)
- if(TARGET rapidjson)
- add_library( rapidjson::rapidjson ALIAS rapidjson )
+ if(TARGET RapidJSON)
+ if(NOT TARGET rapidjson)
+ add_library(rapidjson ALIAS RapidJSON)
+ endif()
+ add_library( rapidjson::rapidjson ALIAS RapidJSON )
else()
# At least on Arch RapidJSONConfig.cmake does not define a target at all
# so we have to do it ourselves

6
pkgs/by-name/aw/awscli2/package.nix
View File

@@ -65,14 +65,14 @@ let
in
py.pkgs.buildPythonApplication rec {
pname = "awscli2";
version = "2.27.50"; # N.B: if you change this, check if overrides are still up-to-date
version = "2.27.61"; # N.B: if you change this, check if overrides are still up-to-date
pyproject = true;
src = fetchFromGitHub {
owner = "aws";
repo = "aws-cli";
tag = version;
hash = "sha256-ITiZ144YFhwuRcfhulLF0jxpp1OgznEE8frx4Yn4V+A=";
hash = "sha256-2lcPqNrGAHvPPVZIQaDbI54sQQ7OsOiMxUx6qg6WeNU=";
};
postPatch = ''
@@ -81,7 +81,7 @@ py.pkgs.buildPythonApplication rec {
--replace-fail 'awscrt==' 'awscrt>=' \
--replace-fail 'distro>=1.5.0,<1.9.0' 'distro>=1.5.0' \
--replace-fail 'docutils>=0.10,<0.20' 'docutils>=0.10' \
--replace-fail 'prompt-toolkit>=3.0.24,<3.0.39' 'prompt-toolkit>=3.0.24' \
--replace-fail 'prompt-toolkit>=3.0.24,<3.0.52' 'prompt-toolkit>=3.0.24' \
--replace-fail 'ruamel.yaml.clib>=0.2.0,<=0.2.12' 'ruamel.yaml.clib>=0.2.0' \
substituteInPlace requirements-base.txt \

9
pkgs/by-name/be/beebeep/package.nix
View File

@@ -2,10 +2,11 @@
lib,
fetchzip,
autoPatchelfHook,
libsForQt5,
stdenv,
qt5,
}:
libsForQt5.mkDerivation rec {
stdenv.mkDerivation rec {
pname = "beebeep";
version = "5.8.6";
@@ -15,11 +16,11 @@ libsForQt5.mkDerivation rec {
};
nativeBuildInputs = [
libsForQt5.wrapQtAppsHook
qt5.wrapQtAppsHook
autoPatchelfHook
];
buildInputs = with libsForQt5; [
buildInputs = with qt5; [
qtbase
qtmultimedia
qtx11extras

15
pkgs/by-name/bl/blanket/package.nix
View File

@@ -18,13 +18,13 @@
python3Packages.buildPythonApplication rec {
pname = "blanket";
version = "0.7.0";
version = "0.8.0";
src = fetchFromGitHub {
owner = "rafaelmardojai";
repo = "blanket";
rev = version;
hash = "sha256-mY7c5i0me7mMbD8c6eGJeaZpR8XI5QVL4n3M+j15Z1c=";
tag = version;
hash = "sha256-LnHL/1DJXiKx9U+JkT4Wjx1vtTmKLpzZ8q6uLT5a2MY=";
};
nativeBuildInputs = [
@@ -49,13 +49,7 @@ python3Packages.buildPythonApplication rec {
propagatedBuildInputs = with python3Packages; [ pygobject3 ];
format = "other";
postPatch = ''
patchShebangs build-aux/meson/postinstall.py
substituteInPlace build-aux/meson/postinstall.py \
--replace-fail gtk-update-icon-cache gtk4-update-icon-cache
'';
pyproject = false;
dontWrapGApps = true;
@@ -69,6 +63,7 @@ python3Packages.buildPythonApplication rec {
meta = {
description = "Listen to different sounds";
changelog = "https://github.com/rafaelmardojai/blanket/releases/tag/${version}";
homepage = "https://github.com/rafaelmardojai/blanket";
license = lib.licenses.gpl3Plus;
mainProgram = "blanket";

2
pkgs/by-name/ca/calibre-web/package.nix
View File

@@ -6,7 +6,6 @@
nixosTests,
python3Packages,
}:
python3Packages.buildPythonApplication rec {
pname = "calibre-web";
version = "0.6.24";
@@ -134,6 +133,7 @@ python3Packages.buildPythonApplication rec {
"pypdf"
"regex"
"tornado"
"unidecode"
];
nativeCheckInputs = lib.flatten (lib.attrValues optional-dependencies);

6
pkgs/by-name/ca/cargo-binstall/package.nix
View File

@@ -10,16 +10,16 @@
rustPlatform.buildRustPackage rec {
pname = "cargo-binstall";
version = "1.14.1";
version = "1.14.2";
src = fetchFromGitHub {
owner = "cargo-bins";
repo = "cargo-binstall";
rev = "v${version}";
hash = "sha256-E+Vyup0HNDbHVQ43Dq5U77TxXqDRSPAs0Kw0RsvEggs=";
hash = "sha256-elpTBFt9w6J4xLY+ykzhQnj+4MF5bVgzerxTTpevTxk=";
};
cargoHash = "sha256-VsgiD/k6Kd02t3HnXax9GdvPsymTOBjvdJivpoGxrXc=";
cargoHash = "sha256-9VERKo5GU1gK0rLNx+wq+mnKrwY1DVsmdH+aRSzIOew=";
nativeBuildInputs = [
pkg-config

6
pkgs/by-name/ca/cargo-bolero/package.nix
View File

@@ -10,14 +10,14 @@
rustPlatform.buildRustPackage rec {
pname = "cargo-bolero";
version = "0.13.3";
version = "0.13.4";
src = fetchCrate {
inherit pname version;
hash = "sha256-xU7a5xEFSrFsQ1K5DIYgACuf+34QeCvGmWvlSSwI03I=";
hash = "sha256-lfBpHaY2UCBMg45S4IW8fcpkGkKJoT4qqR2yq5KiXuE=";
};
cargoHash = "sha256-FMpM42D3h42NfDzH+EVs6NB2RVehFNFAYTMvzRQVt/s=";
cargoHash = "sha256-2URFqLg2aQF7MOpwG6fEPBXyBsLENWpdiXgxW/DJxQE=";
buildInputs = [
libbfd

6
pkgs/by-name/ca/cargo-hack/package.nix
View File

@@ -6,14 +6,14 @@
rustPlatform.buildRustPackage rec {
pname = "cargo-hack";
version = "0.6.36";
version = "0.6.37";
src = fetchCrate {
inherit pname version;
hash = "sha256-AO4bB+aqAzGxFyPhuwaEQDAbL+fCIWY2rv3QFdBAq7s=";
hash = "sha256-OlWSyp3et/48x5lRE14pIny8HHQcgOV2f9mI9hcj8K4=";
};
cargoHash = "sha256-fWKrHo5WdeEhnPxATbZ9Cjv+aiSxOh0pRDeeHHDk8u4=";
cargoHash = "sha256-1FgFHnNCEGoBUbH+Uk67W9ufsGtr9uGdzJz0xZuPQ9U=";
# some necessary files are absent in the crate version
doCheck = false;

6
pkgs/by-name/ca/cargo-mutants/package.nix
View File

@@ -6,16 +6,16 @@
rustPlatform.buildRustPackage rec {
pname = "cargo-mutants";
version = "25.2.0";
version = "25.2.2";
src = fetchFromGitHub {
owner = "sourcefrog";
repo = "cargo-mutants";
rev = "v${version}";
hash = "sha256-//OUOf4RUM69tHBB17p4OSs/cCvv0HnDjyRUzUZc8KE=";
hash = "sha256-VDXI/pR7lmIMrsHx9E+oWp0PPUcl83Hc98z6Sh18Hsc=";
};
cargoHash = "sha256-QZrpH0nJ6a9AQAKNp/tkT1hpkUMWa2kh8kek2rY8wO4=";
cargoHash = "sha256-fTGIFD6V7L3erzi2RexR9XJNIV/UTu8vwFnrNpeFE4A=";
# too many tests require internet access
doCheck = false;

6
pkgs/by-name/ca/cargo-shuttle/package.nix
View File

@@ -9,16 +9,16 @@
rustPlatform.buildRustPackage rec {
pname = "cargo-shuttle";
version = "0.56.0";
version = "0.56.6";
src = fetchFromGitHub {
owner = "shuttle-hq";
repo = "shuttle";
rev = "v${version}";
hash = "sha256-Fr31BNTI8pVXHSSu46XPvlb0ic/S011OLWsLEfAZI4M=";
hash = "sha256-IBQExHPJUE16syyRkPOgh7jHONp1XDsAfCYLvZ6CLPs=";
};
cargoHash = "sha256-2YnwBAt2M2MkMhraKlk+BXxaNQ+iZSKzlUER1GBPbCI=";
cargoHash = "sha256-i6Xof5uzVOmdDFZw/J/x8eOqH/iAt2ZJXkOABLSR8Ss=";
nativeBuildInputs = [ pkg-config ];

6
pkgs/by-name/ce/cerberus/package.nix
View File

@@ -8,13 +8,13 @@
}:
ocamlPackages.buildDunePackage {
pname = "cerberus";
version = "0-unstable-2025-06-29";
version = "0-unstable-2025-07-25";
src = fetchFromGitHub {
owner = "rems-project";
repo = "cerberus";
rev = "61700b301f0f1fbc1940db51c50240c397759057";
hash = "sha256-QpgHOQqiJMlMf2RH5/TI3AirdqYPS7HwE9YIlxgorqg=";
rev = "9f8f2d375366e8c6c3c60dcf2da757344d877b14";
hash = "sha256-wwc2XXQ3AdXBhBX7FPhpm56w3g9rrC8tESelcXSwjPE=";
};
minimalOCamlVersion = "4.12";

8
pkgs/by-name/cl/claude-code/package-lock.json generated
View File

@@ -6,13 +6,13 @@
"packages": {
"": {
"dependencies": {
"@anthropic-ai/claude-code": "^1.0.61"
"@anthropic-ai/claude-code": "^1.0.62"
}
},
"node_modules/@anthropic-ai/claude-code": {
"version": "1.0.61",
"resolved": "https://registry.npmjs.org/@anthropic-ai/claude-code/-/claude-code-1.0.61.tgz",
"integrity": "sha512-+gjKzY1hsWfHoH52SgKR6E0ujCDPyyRsjyRShtZfS0urKd8VQq3D/DF3hvT3P4JJeW0YuWp5Dep0aSRON+/FFA==",
"version": "1.0.62",
"resolved": "https://registry.npmjs.org/@anthropic-ai/claude-code/-/claude-code-1.0.62.tgz",
"integrity": "sha512-uWjIvjtOudC/knp7QMJhICdIcvEP8Nuz+0Rj3DeZc5eYyHgtiYTsb5mVTou2P7OTsCfwc3ajFdbFbtyq/LwYSw==",
"license": "SEE LICENSE IN README.md",
"bin": {
"claude": "cli.js"

6
pkgs/by-name/cl/claude-code/package.nix
View File

@@ -7,16 +7,16 @@
buildNpmPackage rec {
pname = "claude-code";
version = "1.0.61";
version = "1.0.62";
nodejs = nodejs_20; # required for sandboxed Nix builds on Darwin
src = fetchzip {
url = "https://registry.npmjs.org/@anthropic-ai/claude-code/-/claude-code-${version}.tgz";
hash = "sha256-K10rlFGi2KH65VE0kiBY1lU16xkMPV24/GSD6OjU3v0=";
hash = "sha256-bzbnLVAtMXr4XHmHqSOn3jxB+6BsFCd3gd/j34Zkwi0=";
};
npmDepsHash = "sha256-8Wt8+ZVMSESULguBME/TMMbTUXH3Soha3RTHWs1rBow=";
npmDepsHash = "sha256-2SBm0RRptnMrmDRdXzm6QokTnMeIrpJMIcMt+R0ZVM8=";
postPatch = ''
cp ${./package-lock.json} package-lock.json

6
pkgs/by-name/cl/clever-tools/package.nix
View File

@@ -11,7 +11,7 @@
buildNpmPackage rec {
pname = "clever-tools";
version = "3.13.1";
version = "3.14.0";
nodejs = nodejs_20;
@@ -19,10 +19,10 @@ buildNpmPackage rec {
owner = "CleverCloud";
repo = "clever-tools";
rev = version;
hash = "sha256-6QzwZmDCts/ci0J2ok1Met9bNiqDHmdYj/PbvWyd4Wk=";
hash = "sha256-gBmYbnKsnqZ4KqjJhNmLB7lzIh3MztmcFVAPtz0dB2A=";
};
npmDepsHash = "sha256-H53g1hbVpArFNy47M5QS2/diWbEyyoLOf86OxVffvwQ=";
npmDepsHash = "sha256-e3H3nLZZHZ+FX0JTPZXX+YknudnzcAKV6o2bqecZTBA=";
nativeBuildInputs = [
installShellFiles

6
pkgs/by-name/cl/cloudflare-warp/package.nix
View File

@@ -23,15 +23,15 @@
}:
let
version = "2025.5.893";
version = "2025.5.943";
sources = {
x86_64-linux = fetchurl {
url = "https://pkg.cloudflareclient.com/pool/noble/main/c/cloudflare-warp/cloudflare-warp_${version}.0_amd64.deb";
hash = "sha256-oWpt6QdGRZJBjxQgrULWTzd0liEOp4q0gHH4Oi7GEKs=";
hash = "sha256-d4H3w+X3i3Hqqz8jbGx8eZ7ZuKrYJScbpFgeXKK71yI=";
};
aarch64-linux = fetchurl {
url = "https://pkg.cloudflareclient.com/pool/noble/main/c/cloudflare-warp/cloudflare-warp_${version}.0_arm64.deb";
hash = "sha256-yV2N8qT0gDQpvQl5MxnrmYvk+L98+L6kPNQIOazSUsQ=";
hash = "sha256-E6+vSUSVNEd4+fNYsWcflk1fZb4dzNcjG8Mep7ZHw84=";
};
};
in

30
pkgs/by-name/co/comma/package.nix
View File

@@ -1,6 +1,7 @@
{
comma,
fetchFromGitHub,
installShellFiles,
fzy,
lib,
nix-index-unwrapped,
@@ -11,16 +12,18 @@
rustPlatform.buildRustPackage rec {
pname = "comma";
version = "2.3.0";
version = "2.3.3";
src = fetchFromGitHub {
owner = "nix-community";
repo = "comma";
rev = "v${version}";
hash = "sha256-JogC9NIS71GyimpqmX2/dhBX1IucK395iWZVVabZxiE=";
hash = "sha256-dNek1a8Yt3icWc8ZpVe1NGuG+eSoTDOmAAJbkYmMocU=";
};
cargoHash = "sha256-Cd4WaOG+OkCM4Q1K9qVzMYOjSi9U8W82JypqUN20x9w=";
cargoHash = "sha256-SJBfWjOVrv2WMIh/cQbaFK8jn3oSbmJpdJM7pkJppDs=";
nativeBuildInputs = [ installShellFiles ];
postPatch = ''
substituteInPlace ./src/main.rs \
@@ -33,20 +36,21 @@ rustPlatform.buildRustPackage rec {
postInstall = ''
ln -s $out/bin/comma $out/bin/,
mkdir -p $out/etc/profile.d
mkdir -p $out/etc/nushell
mkdir -p $out/etc/fish/functions
mkdir -p $out/share/comma
cp $src/etc/comma-command-not-found.sh $out/etc/profile.d
cp $src/etc/comma-command-not-found.nu $out/etc/nushell
cp $src/etc/comma-command-not-found.fish $out/etc/fish/functions
cp $src/etc/command-not-found.sh $out/share/comma
cp $src/etc/command-not-found.nu $out/share/comma
cp $src/etc/command-not-found.fish $out/share/comma
patchShebangs $out/etc/profile.d/comma-command-not-found.sh
patchShebangs $out/share/comma/command-not-found.sh
substituteInPlace \
"$out/etc/profile.d/comma-command-not-found.sh" \
"$out/etc/nushell/comma-command-not-found.nu" \
"$out/etc/fish/functions/comma-command-not-found.fish" \
"$out/share/comma/command-not-found.sh" \
"$out/share/comma/command-not-found.nu" \
"$out/share/comma/command-not-found.fish" \
--replace-fail "comma --ask" "$out/bin/comma --ask"
"$out/bin/comma" --mangen > comma.1
installManPage comma.1
'';
passthru.tests = {

4
pkgs/by-name/co/corsix-th/package.nix
View File

@@ -18,13 +18,13 @@
stdenv.mkDerivation (finalAttrs: {
pname = "corsix-th";
version = "0.68.0";
version = "0.69.0";
src = fetchFromGitHub {
owner = "CorsixTH";
repo = "CorsixTH";
rev = "v${finalAttrs.version}";
hash = "sha256-D8ks+fiFJxwClqW1aNtGGa5UxAFvuH2f2guwPxOEQwI=";
hash = "sha256-U8rl24EBjSRJrK2VmCI3YKeEM7U8ynaufEghgVfqrp0=";
};
patches = [

13
pkgs/by-name/da/dash-mpd-cli/package.nix
View File

@@ -9,19 +9,16 @@
libxslt,
shaka-packager,
nix-update-script,
runCommand,
}:
let
# dash-mpd-cli looks for a binary named `shaka-packager`, while
# shaka-packager provides `packager`.
shaka-packager-wrapped = stdenvNoCC.mkDerivation {
name = "shaka-packager-wrapped";
phases = [ "installPhase" ];
installPhase = ''
mkdir -p $out/bin
ln -s ${lib.getExe shaka-packager} $out/bin/shaka-packager
'';
};
shaka-packager-wrapped = runCommand "shaka-packager-wrapped" { } ''
mkdir -p $out/bin
ln -s ${lib.getExe shaka-packager} $out/bin/shaka-packager
'';
in
rustPlatform.buildRustPackage (finalAttrs: {
pname = "dash-mpd-cli";

4
pkgs/by-name/di/diffoscope/package.nix
View File

@@ -107,7 +107,7 @@ in
python.pkgs.buildPythonApplication rec {
pname = "diffoscope";
version = "302";
format = "setuptools";
pyproject = true;
src = fetchurl {
url = "https://diffoscope.org/archive/diffoscope-${version}.tar.bz2";
@@ -135,6 +135,8 @@ python.pkgs.buildPythonApplication rec {
installShellFiles
];
build-system = with python.pkgs; [ setuptools ];
# Most of the non-Python dependencies here are optional command-line tools for various file-format parsers.
# To help figuring out what's missing from the list, run: ./pkgs/tools/misc/diffoscope/list-missing-tools.sh
#

4
pkgs/by-name/en/enzyme/package.nix
View File

@@ -7,13 +7,13 @@
}:
llvmPackages.stdenv.mkDerivation rec {
pname = "enzyme";
version = "0.0.186";
version = "0.0.187";
src = fetchFromGitHub {
owner = "EnzymeAD";
repo = "Enzyme";
rev = "v${version}";
hash = "sha256-s9YGKHPk4/xy3Re3NdWe1Srjg+inPft0vrQMWaRcGpA=";
hash = "sha256-vdLt7LtVkgcgoUzzl5jb7ERIyQMpY+iSwJpdQpWxoJw=";
};
postPatch = ''

2
pkgs/by-name/ex/exhibit/package.nix
View File

@@ -36,7 +36,7 @@ python3Packages.buildPythonApplication rec {
dependencies = with python3Packages; [
pygobject3
f3d_egl
f3d
];
dontWrapGApps = true;

7
pkgs/by-name/f3/f3d/package.nix
View File

@@ -9,10 +9,7 @@
libXt,
openusd,
tbb,
# There is a f3d overridden with EGL enabled vtk in top-level/all-packages.nix
# compiling with EGL enabled vtk will result in f3d running in headless mode
# See https://github.com/NixOS/nixpkgs/pull/324022. This may change later.
vtk_9,
vtk,
autoPatchelfHook,
python3Packages,
opencascade-occt,
@@ -50,7 +47,7 @@ stdenv.mkDerivation rec {
];
buildInputs = [
vtk_9
vtk
opencascade-occt
assimp
fontconfig

4
pkgs/by-name/fi/fiddler-everywhere/package.nix
View File

@@ -8,11 +8,11 @@
let
pname = "fiddler-everywhere";
version = "7.0.0";
version = "7.1.0";
src = fetchurl {
url = "https://downloads.getfiddler.com/linux/fiddler-everywhere-${version}.AppImage";
hash = "sha256-pDXvzTuivQUjEr0mi/Bw98il6a1D7gJfQ5x5OuQu2wE=";
hash = "sha256-rgo2WGIk8s+xjh4oJ/YXw/SGc4sKnfIvZoFWAklT70Y=";
};
appimageContents = appimageTools.extract {

4
pkgs/by-name/fo/foot/package.nix
View File

@@ -27,7 +27,7 @@
}:
let
version = "1.23.0";
version = "1.23.1";
# build stimuli file for PGO build and the script to generate it
# independently of the foot's build, so we can cache the result
@@ -104,7 +104,7 @@ stdenv.mkDerivation {
owner = "dnkl";
repo = "foot";
tag = version;
hash = "sha256-B7EKEIb6qA9UTRq0jdj1ShLhnldU0pwQPlkq6JrHWmI=";
hash = "sha256-jPHr47ISAp9vzytCEiz/Jx5l8JTkYhtc02hEaiKKQOc=";
};
separateDebugInfo = true;

10
pkgs/by-name/fo/forgejo-runner/package.nix
View File

@@ -17,17 +17,17 @@ let
in
buildGoModule rec {
pname = "forgejo-runner";
version = "8.0.0";
version = "8.0.1";
src = fetchFromGitea {
domain = "code.forgejo.org";
owner = "forgejo";
repo = "runner";
rev = "v${version}";
hash = "sha256-ORFmCvKFbNQ1MGHifNhPmrPDep+WE603+xkIqMF/w6g=";
hash = "sha256-6FTJYs1dqIAHPxMzRNOHHZQv4be9LaR1wxMJsW3t5kg=";
};
vendorHash = "sha256-4TX1ol2WwvZ4WYIzLFfVlYkcT5eLduESc+jg4Ysas2o=";
vendorHash = "sha256-NykeBR2dnWQaqJuY73i9KLIqehLHniaMqf9oTqUDstQ=";
# See upstream Makefile
# https://code.forgejo.org/forgejo/runner/src/branch/main/Makefile
@@ -39,7 +39,7 @@ buildGoModule rec {
ldflags = [
"-s"
"-w"
"-X runner.forgejo.org/internal/pkg/ver.version=${src.rev}"
"-X code.forgejo.org/forgejo/runner/internal/pkg/ver.version=${src.rev}"
];
checkFlags = [
@@ -49,7 +49,7 @@ buildGoModule rec {
postInstall = ''
# fix up go-specific executable naming derived from package name, upstream
# also calls it `forgejo-runner`
mv $out/bin/runner.forgejo.org $out/bin/forgejo-runner
mv $out/bin/runner $out/bin/forgejo-runner
# provide old binary name for compatibility
ln -s $out/bin/forgejo-runner $out/bin/act_runner
'';

5
pkgs/by-name/gd/gdm/package.nix
View File

@@ -59,7 +59,7 @@ stdenv.mkDerivation (finalAttrs: {
mesonFlags = [
"-Dgdm-xsession=true"
# TODO: Setup a default-path? https://gitlab.gnome.org/GNOME/gdm/-/blob/6fc40ac6aa37c8ad87c32f0b1a5d813d34bf7770/meson_options.txt#L6
"-Dinitial-vt=${finalAttrs.passthru.initialVT}"
"-Dinitial-vt=1"
"-Dudev-dir=${placeholder "out"}/lib/udev/rules.d"
"-Dsystemdsystemunitdir=${placeholder "out"}/lib/systemd/system"
"-Dsystemduserunitdir=${placeholder "out"}/lib/systemd/user"
@@ -185,9 +185,6 @@ stdenv.mkDerivation (finalAttrs: {
passthru = {
updateScript = gnome.updateScript { packageName = "gdm"; };
# Used in GDM NixOS module
# Don't remove.
initialVT = "7";
dconfDb = "${finalAttrs.finalPackage}/share/gdm/greeter-dconf-defaults";
dconfProfile = "user-db:user\nfile-db:${finalAttrs.passthru.dconfDb}";

6
pkgs/by-name/gh/ghostfolio/package.nix
View File

@@ -11,13 +11,13 @@
buildNpmPackage rec {
pname = "ghostfolio";
version = "2.183.0";
version = "2.185.0";
src = fetchFromGitHub {
owner = "ghostfolio";
repo = "ghostfolio";
tag = version;
hash = "sha256-ejjuNNCp81UM0B6cvQTL31MO49/zDKPJsXY4dZV1X/E=";
hash = "sha256-jnC2u9ZZcOSux6UUzW9Ot02aFWeGYhrdCC9d4xM0efA=";
# populate values that require us to use git. By doing this in postFetch we
# can delete .git afterwards and maintain better reproducibility of the src.
leaveDotGit = true;
@@ -27,7 +27,7 @@ buildNpmPackage rec {
'';
};
npmDepsHash = "sha256-oApG8QOUteoqhVvAGIDMX0Zef2dV2E49EsekyhV7G4c=";
npmDepsHash = "sha256-FCH0v9jRviH33mfIVX8967X1u494qToHraYVn5pbSPw=";
nativeBuildInputs = [
prisma

4
pkgs/by-name/gi/git-quick-stats/package.nix
View File

@@ -13,13 +13,13 @@
stdenv.mkDerivation rec {
pname = "git-quick-stats";
version = "2.6.2";
version = "2.7.0";
src = fetchFromGitHub {
repo = "git-quick-stats";
owner = "arzzen";
rev = version;
sha256 = "sha256-OSEX9S6Q4R7fT2ic72GkUI5mW8wC5Hy2GQVeENlTm5E=";
sha256 = "sha256-utY3oD0IqnqyyDJv7i4hLkLCXukNcYSdZcaj8NUwRu0=";
};
nativeBuildInputs = [ makeWrapper ];

6
pkgs/by-name/gi/gitmux/package.nix
View File

@@ -8,16 +8,16 @@
buildGoModule (finalAttrs: {
pname = "gitmux";
version = "0.11.2";
version = "0.11.3";
src = fetchFromGitHub {
owner = "arl";
repo = "gitmux";
rev = "v${finalAttrs.version}";
sha256 = "sha256-0Cw98hTg8qPu7BUTBDEgFBOpoCxstPW9HeNXQUUjgGA=";
sha256 = "sha256-Jw2yl95vCQ5JcRGvBeLlGuAagTHUf+IEF7XvzehcMvU=";
};
vendorHash = "sha256-PHY020MIuLlC1LqNGyBJRNd7J+SzoHbNMPAil7CKP/M=";
vendorHash = "sha256-MvvJGB9KPMYeqYclmAAF6qlU7vrJFMPToogbGDRoCpU=";
nativeCheckInputs = [ git ];

59
pkgs/by-name/gl/glasgow/package.nix
View File

@@ -6,61 +6,77 @@
yosys,
icestorm,
nextpnr,
unstableGitUpdater,
}:
python3.pkgs.buildPythonApplication rec {
pname = "glasgow";
version = "0-unstable-2025-01-26";
# from `pdm show`
realVersion =
version = "0-unstable-2025-07-28";
# Similar to `pdm show`, but without the commit counter
pdmVersion =
let
tag = builtins.elemAt (lib.splitString "-" version) 0;
rev = lib.substring 0 7 src.rev;
in
"${tag}.1.dev2085+g${rev}";
"${tag}.1.dev0+g${rev}";
# the latest commit ID touching the `firmware` directory, can differ from rev!
firmwareGitRev = "4fe35360";
pyproject = true;
src = fetchFromGitHub {
owner = "GlasgowEmbedded";
repo = "glasgow";
rev = "2a67f79d6025a06e98277956cbb036c4237960f1";
sha256 = "sha256-THunn3Oz+eldjQ72TGuq4Egnn6fiMiGG/UtYVRc/tfU=";
rev = "18442e9684cdda4bb2cbd2be9c31b3c6dffc625a";
hash = "sha256-b0kpgCHMk5Ylj4hY29sHRzY/zI1JXReHioHxHSO4h5E=";
};
nativeBuildInputs = [
python3.pkgs.pdm-backend
sdcc
];
propagatedBuildInputs = with python3.pkgs; [
typing-extensions
build-system = [
python3.pkgs.pdm-backend
];
dependencies = with python3.pkgs; [
aiohttp
amaranth
cobs
fx2
importlib-resources
libusb1
packaging
platformdirs
fx2
libusb1
pyvcd
aiohttp
typing-extensions
];
nativeCheckInputs = [
# pytestCheckHook discovers way less tests
python3.pkgs.unittestCheckHook
yosys
icestorm
nextpnr
yosys
];
unittestFlags = [ "-v" ];
enableParallelBuilding = true;
__darwinAllowLocalNetworking = true;
preBuild = ''
make -C firmware LIBFX2=${python3.pkgs.fx2}/share/libfx2
cp firmware/glasgow.ihex software/glasgow
make -C firmware GIT_REV_SHORT=${firmwareGitRev} LIBFX2=${python3.pkgs.fx2}/share/libfx2
# Normalize the .ihex file, see ./software/deploy-firmware.sh.
${python3.withPackages (p: [ p.fx2 ])}/bin/python firmware/normalize.py \
firmware/glasgow.ihex firmware/glasgow.ihex
# Ensure the compiled firmware is exactly the same as the one shipped in the repo.
cmp -s firmware/glasgow.ihex software/glasgow/hardware/firmware.ihex
cd software
export PDM_BUILD_SCM_VERSION="${realVersion}"
export PDM_BUILD_SCM_VERSION="${pdmVersion}"
'';
# installCheck tries to build_ext again
@@ -92,15 +108,14 @@ python3.pkgs.buildPythonApplication rec {
"${nextpnr}/bin/nextpnr-ice40"
];
passthru.updateScript = unstableGitUpdater {
hardcodeZeroVersion = true;
};
meta = with lib; {
description = "Software for Glasgow, a digital interface multitool";
homepage = "https://github.com/GlasgowEmbedded/Glasgow";
license = licenses.bsd0;
maintainers = with maintainers; [ thoughtpolice ];
maintainers = with maintainers; [
flokli
thoughtpolice
];
mainProgram = "glasgow";
};
}

52
pkgs/by-name/go/go-httpbin/package.nix Normal file
View File

@@ -0,0 +1,52 @@
{
lib,
buildGoModule,
fetchFromGitHub,
nixosTests,
nix-update-script,
}:
buildGoModule (finalAttrs: {
pname = "go-httpbin";
version = "2.18.3";
src = fetchFromGitHub {
owner = "mccutchen";
repo = "go-httpbin";
tag = "v${finalAttrs.version}";
hash = "sha256-ixEbmppQ+4Udc5ytV4YPOpOT/iEbhjQIYGoOGL0dIw8=";
};
vendorHash = null;
env.CGO_ENABLED = 0;
ldflags = [
"-s"
"-w"
];
# tests are flaky
doCheck = false;
doInstallCheck = true;
installCheckPhase = ''
runHook preInstallCheck
$out/bin/go-httpbin --help &> /dev/null
runHook postInstallCheck
'';
passthru = {
tests = { inherit (nixosTests) go-httpbin; };
updateScript = nix-update-script { };
};
meta = {
description = "Reasonably complete and well-tested golang port of httpbin, with zero dependencies outside the go stdlib";
homepage = "https://github.com/mccutchen/go-httpbin";
changelog = "https://github.com/mccutchen/go-httpbin/releases/tag/v${finalAttrs.version}";
license = lib.licenses.mit;
maintainers = with lib.maintainers; [ defelo ];
mainProgram = "go-httpbin";
};
})

6
pkgs/by-name/go/gopls/package.nix
View File

@@ -11,17 +11,17 @@
buildGoLatestModule (finalAttrs: {
pname = "gopls";
version = "0.19.1";
version = "0.20.0";
src = fetchFromGitHub {
owner = "golang";
repo = "tools";
tag = "gopls/v${finalAttrs.version}";
hash = "sha256-QJnLJNgFtc/MmJ5WWooKcavnPPTYuM4XhUHcbwlvMLY=";
hash = "sha256-DYYitsrdH4nujDFJgdkObEpgElhXI7Yk2IpA/EVVLVo=";
};
modRoot = "gopls";
vendorHash = "sha256-P5wUGXmVvaRUpzmv/SPX8OpCXOCOg6nBI544puNOWCE=";
vendorHash = "sha256-J6QcefSs4XtnktlzG+/+aY6fqkHGd9MMZqi24jAwcd0=";
# https://github.com/golang/tools/blob/9ed98faa/gopls/main.go#L27-L30
ldflags = [ "-X main.version=v${finalAttrs.version}" ];

4
pkgs/by-name/go/gosmee/package.nix
View File

@@ -7,13 +7,13 @@
buildGoModule rec {
pname = "gosmee";
version = "0.26.1";
version = "0.27.0";
src = fetchFromGitHub {
owner = "chmouel";
repo = "gosmee";
rev = "v${version}";
hash = "sha256-qNO7mY03aWabTeUm8rXojy2Ek2IKNG6wimVhwZKxh9g=";
hash = "sha256-MoSfEnciYn+Lv695aZUl27o8VtmmKf0KbELLJb06hqY=";
};
vendorHash = null;

6
pkgs/by-name/gu/guile-curl/package.nix
View File

@@ -3,6 +3,7 @@
stdenv,
fetchFromGitHub,
autoreconfHook,
gettext,
guile,
pkg-config,
texinfo,
@@ -34,6 +35,11 @@ stdenv.mkDerivation (finalAttrs: {
curl
];
# error: possibly undefined macro: AC_LIB_LINKFLAGS_FROM_LIBS
preAutoreconf = ''
cp ${gettext}/share/gettext/m4/lib-{ld,link,prefix}.m4 m4
'';
meta = {
description = "Bindings to cURL for GNU Guile";
homepage = "https://github.com/spk121/guile-curl";

6
pkgs/by-name/ha/harper/package.nix
View File

@@ -7,18 +7,18 @@
rustPlatform.buildRustPackage rec {
pname = "harper";
version = "0.52.0";
version = "0.53.0";
src = fetchFromGitHub {
owner = "Automattic";
repo = "harper";
rev = "v${version}";
hash = "sha256-Mwgdombfc01Ss8Sy/pMwHNWeI1lxC1riFql9FtqaBmY=";
hash = "sha256-huAwuUiSaKaw0689AmYq0/usEq2p+cX73Oy5O0CaCVM=";
};
buildAndTestSubdir = "harper-ls";
cargoHash = "sha256-aOajrh2NZShP1vXSUEDzY1ULTeMs8dY+BDIspCi1BfY=";
cargoHash = "sha256-4ppwbOv+8a4d9v6zbIFkhNWp1s3yMTfX1oNCYAccB3w=";
passthru.updateScript = nix-update-script { };

4
pkgs/by-name/he/hellwal/package.nix
View File

@@ -6,12 +6,12 @@
}:
stdenv.mkDerivation (finalAttrs: {
pname = "hellwal";
version = "1.0.4";
version = "1.0.5";
src = fetchFromGitHub {
owner = "danihek";
repo = "hellwal";
tag = "v${finalAttrs.version}";
hash = "sha256-M+b49KhbzvwpMvnfiNe4yy50aUjrGXEajLMmiXEOCgE=";
hash = "sha256-RIg2l2lFPkmbk9Dh4uKoo7kcl+/InZZ1oYXt2ih8zKs=";
};
nativeBuildInputs = [ makeWrapper ];
installPhase = ''

6
pkgs/by-name/jd/jdd/package.nix
View File

@@ -7,16 +7,16 @@
buildGoModule (finalAttrs: {
pname = "jdd";
version = "0.4.3";
version = "0.4.4";
src = fetchFromGitHub {
owner = "mahyarmirrashed";
repo = "jdd";
tag = "v${finalAttrs.version}";
hash = "sha256-7iHoLv3DeqjXvcB7Nih+TMKwWYuausIP2Nhv00pfz0A=";
hash = "sha256-JeF6dsExfQ+d5F8RWmfGbr7CIl6akOTlLI2jxx/dES0=";
};
vendorHash = "sha256-qwrmiVvmsi1uxHVIKuoMBPUK/Y5aYdUR3fUa5tOpNRY=";
vendorHash = "sha256-KEg5X2wHx7KPHEL1zJd/DeDnR69FyB6pajpHIYdep2k=";
ldflags = [ "-X=main.version=${finalAttrs.version}" ];

6
pkgs/by-name/je/jellyseerr/package.nix
View File

@@ -17,19 +17,19 @@ let
in
stdenv.mkDerivation (finalAttrs: {
pname = "jellyseerr";
version = "2.7.0";
version = "2.7.2";
src = fetchFromGitHub {
owner = "Fallenbagel";
repo = "jellyseerr";
tag = "v${finalAttrs.version}";
hash = "sha256-JzJYRwrwDk8LQZAfWwym+SFTn8YhALghpZb2Dd+3nP4=";
hash = "sha256-MaLmdG98WewnNJt7z6OP9xv6zlNwwu/+YnPM0Iebxj4=";
};
pnpmDeps = pnpm.fetchDeps {
inherit (finalAttrs) pname version src;
fetcherVersion = 1;
hash = "sha256-Ym16jPHMHKmojMQOuMamDsW/u+oP1UhbCP5dooTUzFQ=";
hash = "sha256-3df72m/ARgfelBLE6Bhi8+ThHytowVOBL2Ndk7auDgg=";
};
buildInputs = [ sqlite ];

6
pkgs/by-name/jq/jqfmt/package.nix
View File

@@ -6,13 +6,13 @@
}:
buildGoModule {
pname = "jqfmt";
version = "0-unstable-2024-08-15";
version = "0-unstable-2025-07-28";
src = fetchFromGitHub {
owner = "noperator";
repo = "jqfmt";
rev = "8fc6f864c295e6bd6b08f36f503b3d809270da61";
hash = "sha256-tvFp1SJeosJdCHs3c+vceBfacypJc/aFYSj55mBfkB8=";
rev = "74b59e03caff3ac5a8c061088d2c228a5c27b171";
hash = "sha256-3PYIyjZm265atBAfuj5aHmWoAv4H29I7gN4/rjl1d0o=";
};
vendorHash = "sha256-avpZSgQKFZxLmYGj+2Gi+wSDHnAgF0/hyp4HtoQ0ZCo=";

15
pkgs/by-name/ke/kea/dont-create-system-paths.patch Normal file
View File

@@ -0,0 +1,15 @@
diff --git a/meson.build b/meson.build
index 24ab9b5bd7..8f44076cf7 100644
--- a/meson.build
+++ b/meson.build
@@ -1118,10 +1118,6 @@ top_docs = [
]
install_data(top_docs, install_dir: DATADIR / 'doc/kea')
-install_emptydir(LOGDIR)
-install_emptydir(RUNSTATEDIR)
-install_emptydir(SHAREDSTATEDIR)
-
# Meson is annoying with its opinionated alteration of certain paths based on whether prefix is default or not.
# So we revert what it does..
# In case prefix is default, install to hardcoded path.

34
pkgs/by-name/ke/kea/dont-create-var.patch
View File

@@ -1,34 +0,0 @@
diff --git a/Makefile.am b/Makefile.am
index a81f4cc..5d61407 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -173,18 +173,6 @@ cppcheck:
docs:
$(MAKE) -C doc/sphinx
-
-# These steps are necessary during installation. chmod is for reinstallation/upgrade.
-install-exec-hook:
- mkdir -m 750 -p "$(DESTDIR)${localstatedir}/lib/${PACKAGE_NAME}"
- chmod 750 "$(DESTDIR)${localstatedir}/lib/${PACKAGE_NAME}"
- mkdir -m 750 -p "$(DESTDIR)${localstatedir}/log/${PACKAGE_NAME}"
- chmod 750 "$(DESTDIR)${localstatedir}/log/${PACKAGE_NAME}"
- mkdir -m 750 -p "$(DESTDIR)${runstatedir}/${PACKAGE_NAME}"
- chmod 750 "$(DESTDIR)${runstatedir}/${PACKAGE_NAME}"
- mkdir -m 750 -p "$(DESTDIR)${sysconfdir}/${PACKAGE_NAME}"
- chmod 750 "$(DESTDIR)${sysconfdir}/${PACKAGE_NAME}"
-
EXTRA_DIST = tools/path_replacer.sh
EXTRA_DIST += tools/mk_cfgrpt.sh
diff --git a/src/lib/dhcpsrv/Makefile.am b/src/lib/dhcpsrv/Makefile.am
index 7e0f3c4..08c53d8 100644
--- a/src/lib/dhcpsrv/Makefile.am
+++ b/src/lib/dhcpsrv/Makefile.am
@@ -420,6 +420,3 @@ libkea_dhcpsrv_parsers_include_HEADERS = \
parsers/shared_networks_list_parser.h \
parsers/simple_parser4.h \
parsers/simple_parser6.h
-
-install-data-local:
- $(mkinstalldirs) $(DESTDIR)$(dhcp_data_dir)

97
pkgs/by-name/ke/kea/package.nix
View File

@@ -4,87 +4,108 @@
fetchurl,
# build time
autoreconfHook,
bison,
flex,
meson,
ninja,
pkg-config,
python3Packages,
# runtime
withMysql ? stdenv.buildPlatform.system == stdenv.hostPlatform.system,
withPostgres ? stdenv.buildPlatform.system == stdenv.hostPlatform.system,
boost186,
libmysqlclient,
boost,
log4cplus,
openssl,
libpq,
python3,
withKrb5 ? true,
krb5,
withMysql ? stdenv.buildPlatform.system == stdenv.hostPlatform.system,
libmysqlclient,
withPostgresql ? stdenv.buildPlatform.system == stdenv.hostPlatform.system,
libpq,
# tests
nixosTests,
}:
stdenv.mkDerivation rec {
stdenv.mkDerivation (finalAttrs: {
pname = "kea";
version = "2.6.3"; # only even minor versions are stable
version = "3.0.0"; # only even minor versions are stable
src = fetchurl {
url = "https://ftp.isc.org/isc/${pname}/${version}/${pname}-${version}.tar.gz";
hash = "sha256-ACQaWVX/09IVosCYxFJ/nX9LIDGIsnb5o2JQ3T2d1hI=";
url = "https://ftp.isc.org/isc/kea/${finalAttrs.version}/kea-${finalAttrs.version}.tar.xz";
hash = "sha256-v5Y9HhCVHYxXDGBCr8zyfHCdReA4E70mOde7HPxP7nY=";
};
patches = [
./dont-create-var.patch
./dont-create-system-paths.patch
];
postPatch = ''
substituteInPlace ./src/bin/keactrl/Makefile.am --replace-fail '@sysconfdir@' "$out/etc"
# darwin special-casing just causes trouble
substituteInPlace ./m4macros/ax_crypto.m4 --replace-fail 'apple-darwin' 'nope'
patchShebangs \
scripts/grabber.py \
doc/sphinx/*.sh.in
'';
outputs = [
"out"
"doc"
"man"
"python"
];
configureFlags = [
"--enable-perfdhcp"
"--enable-shell"
"--localstatedir=/var"
"--with-openssl=${lib.getDev openssl}"
]
++ lib.optional withPostgres "--with-pgsql=${libpq.pg_config}/bin/pg_config"
++ lib.optional withMysql "--with-mysql=${lib.getDev libmysqlclient}/bin/mysql_config";
mesonFlags = [
(lib.mesonOption "crypto" "openssl")
(lib.mesonEnable "krb5" withKrb5)
(lib.mesonEnable "mysql" withMysql)
(lib.mesonEnable "netconf" false) # missing libyang-cpp, sysinfo, libsysrepo-cpp
(lib.mesonEnable "postgresql" withPostgresql)
(lib.mesonOption "localstatedir" "/var")
(lib.mesonOption "runstatedir" "/run")
];
postConfigure = ''
# Mangle embedded paths to dev-only inputs.
sed -e "s|$NIX_STORE/[a-z0-9]\{32\}-|$NIX_STORE/eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee-|g" -i config.report
for file in config.report meson-info/intro*.json; do
sed -e "s|$NIX_STORE/[a-z0-9]\{32\}-|$NIX_STORE/eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee-|g" -i "$file"
done
'';
nativeBuildInputs = [
autoreconfHook
bison
flex
meson
ninja
pkg-config
python3
]
++ (with python3Packages; [
sphinxHook
sphinx
sphinx-rtd-theme
]);
sphinxBuilders = [
"html"
"man"
];
sphinxRoot = "doc/sphinx";
buildInputs = [
boost186 # does not build with 1.87 yet, see https://gitlab.isc.org/isc-projects/kea/-/merge_requests/2523
libmysqlclient
boost
log4cplus
openssl
python3
]
++ lib.optionals withMysql [
libmysqlclient
]
++ lib.optionals withPostgresql [
libpq
]
++ lib.optionals withKrb5 [
krb5
];
enableParallelBuilding = true;
postBuild = ''
ninja doc
'';
postFixup = ''
mkdir -p $python/lib
mv $out/lib/python* $python/lib/
'';
passthru.tests = {
kea = nixosTests.kea;
@@ -98,9 +119,7 @@ stdenv.mkDerivation rec {
};
meta = {
# error: implicit instantiation of undefined template 'std::char_traits<unsigned char>'
broken = stdenv.hostPlatform.isDarwin;
changelog = "https://downloads.isc.org/isc/kea/${version}/Kea-${version}-ReleaseNotes.txt";
changelog = "https://gitlab.isc.org/isc-projects/kea/-/wikis/Release-Notes/release-notes-${finalAttrs.version}";
homepage = "https://kea.isc.org/";
description = "High-performance, extensible DHCP server by ISC";
longDescription = ''
@@ -117,4 +136,4 @@ stdenv.mkDerivation rec {
hexa
];
};
}
})

4
pkgs/by-name/kn/knot-dns/package.nix
View File

@@ -33,11 +33,11 @@
stdenv.mkDerivation rec {
pname = "knot-dns";
version = "3.4.7";
version = "3.4.8";
src = fetchurl {
url = "https://secure.nic.cz/files/knot-dns/knot-${version}.tar.xz";
sha256 = "sha256-3TRspvOvq83F6boJ3WZ7AQWQu2akL0VBAh+51vBz2sw=";
sha256 = "sha256-ZzCnPb/BLXnYAA/+ItNtBot0Z+dL7h6xIqxJNezqSfk=";
};
outputs = [

0
pkgs/applications/networking/cluster/kubernetes/kubectl.nix → pkgs/by-name/ku/kubectl/package.nix
View File

0
pkgs/applications/networking/cluster/kubernetes/fixup-addonmanager-lib-path.patch → pkgs/by-name/ku/kubernetes/fixup-addonmanager-lib-path.patch
View File

0
pkgs/applications/networking/cluster/kubernetes/default.nix → pkgs/by-name/ku/kubernetes/package.nix
View File

55
pkgs/by-name/ku/kubevpn/package.nix
View File

@@ -1,19 +1,21 @@
{
lib,
stdenv,
buildGoModule,
fetchFromGitHub,
go,
versionCheckHook,
}:
buildGoModule rec {
buildGoModule (finalAttrs: {
pname = "kubevpn";
version = "2.8.0";
version = "2.8.1";
src = fetchFromGitHub {
owner = "KubeNetworks";
repo = "kubevpn";
rev = "v${version}";
hash = "sha256-iVQzdYWmJOsLP2Za8nGZbxlbgxJdSkKWMXnl4Tijmkg=";
tag = "v${finalAttrs.version}";
hash = "sha256-+TyaujgbeQXApxmjYvLnmhBZZUeIZMidzS7mL+Ach3o=";
};
vendorHash = null;
@@ -23,7 +25,7 @@ buildGoModule rec {
];
ldflags = [
"-X github.com/wencaiwulue/kubevpn/v2/pkg/config.Version=v${version}"
"-X github.com/wencaiwulue/kubevpn/v2/pkg/config.Version=v${finalAttrs.version}"
"-X github.com/wencaiwulue/kubevpn/v2/cmd/kubevpn/cmds.OsArch=${go.GOOS}/${go.GOARCH}"
];
@@ -32,26 +34,37 @@ buildGoModule rec {
export HOME=$(mktemp -d)
'';
# Disable network tests
checkFlags = [
"-skip=^Test(Route|Functions|ByDumpClusterInfo|ByCreateSvc|Elegant)$"
];
checkFlags =
let
skippedTests = [
# Disable network tests
"TestRoute"
"TestFunctions"
"TestByDumpClusterInfo"
"TestByCreateSvc"
"TestElegant"
]
++ lib.optionals stdenv.hostPlatform.isDarwin [
# Not sure why these test fail on darwin with __darwinAllowLocalNetworking.
"TestHttpOverUnix"
"TestConnectionRefuse"
];
in
[ "-skip=^${builtins.concatStringsSep "$|^" skippedTests}$" ];
__darwinAllowLocalNetworking = true;
doInstallCheck = true;
nativeInstallCheckInputs = [ versionCheckHook ];
versionCheckKeepEnvironment = [ "HOME" ];
versionCheckProgramArg = "version";
installCheckPhase = ''
runHook preInstallCheck
$out/bin/kubevpn help
$out/bin/kubevpn version | grep -e "Version: v${version}"
runHook postInstallCheck
'';
meta = with lib; {
changelog = "https://github.com/KubeNetworks/kubevpn/releases/tag/${src.rev}";
meta = {
changelog = "https://github.com/KubeNetworks/kubevpn/releases/tag/${finalAttrs.src.rev}";
description = "Create a VPN and connect to Kubernetes cluster network, access resources, and more";
mainProgram = "kubevpn";
homepage = "https://github.com/KubeNetworks/kubevpn";
license = licenses.mit;
maintainers = with maintainers; [ mig4ng ];
license = lib.licenses.mit;
maintainers = with lib.maintainers; [ mig4ng ];
};
}
})

4
pkgs/by-name/le/lefthook/package.nix
View File

@@ -7,7 +7,7 @@
let
pname = "lefthook";
version = "1.11.15";
version = "1.12.2";
in
buildGoModule {
inherit pname version;
@@ -16,7 +16,7 @@ buildGoModule {
owner = "evilmartians";
repo = "lefthook";
rev = "v${version}";
hash = "sha256-rfOsk8yMVCbTCk6CFL7qbp5oKQ21E9qD4ioyDBML7gw=";
hash = "sha256-7q6dlkvECsZWW8w31xokoD/Pwo2P189MB+7H3oh0+MI=";
};
vendorHash = "sha256-kB12J6b6EbYur1QeLkwqrrzCf51rPF+7Hns1H7m4X9M=";

4
pkgs/by-name/le/lesspipe/package.nix
View File

@@ -21,13 +21,13 @@
stdenv.mkDerivation rec {
pname = "lesspipe";
version = "2.18";
version = "2.19";
src = fetchFromGitHub {
owner = "wofr06";
repo = "lesspipe";
rev = "v${version}";
hash = "sha256-GCtcIXGrMH6LOKxjnB2SkUSChQnMj5d939i2atvqK+Q=";
hash = "sha256-V+fB5KkbBRhVSDgB/e7oVEyMKQ7HbR82XQYlqxcLZyQ=";
};
nativeBuildInputs = [

2
pkgs/by-name/li/libirecovery/package.nix
View File

@@ -47,7 +47,7 @@ stdenv.mkDerivation rec {
# without further configuration).
configureFlags = [
"--with-udevrulesdir=${placeholder "out"}/lib/udev/rules.d"
''--with-udevrule="OWNER=\"root\", GROUP=\"myusergroup\", MODE=\"0660\""''
''--with-udevrule=OWNER="root",GROUP="myusergroup",MODE="0660"''
];
meta = with lib; {

3
pkgs/by-name/li/libpthread-stubs/package.nix
View File

@@ -37,7 +37,6 @@ stdenv.mkDerivation (finalAttrs: {
license = lib.licenses.x11;
maintainers = [ ];
pkgConfigModules = [ "pthread-stubs" ];
# on these platforms according to the readme
platforms = with lib.platforms; linux ++ cygwin ++ darwin ++ [ "x86_64-solaris" ];
platforms = lib.platforms.unix;
};
})

4
pkgs/by-name/li/limine/package.nix
View File

@@ -42,14 +42,14 @@ in
# as bootloader for various platforms and corresponding binary and helper files.
stdenv.mkDerivation (finalAttrs: {
pname = "limine";
version = "9.5.0";
version = "9.5.1";
# We don't use the Git source but the release tarball, as the source has a
# `./bootstrap` script performing network access to download resources.
# Packaging that in Nix is very cumbersome.
src = fetchurl {
url = "https://github.com/limine-bootloader/limine/releases/download/v${finalAttrs.version}/limine-${finalAttrs.version}.tar.gz";
hash = "sha256-SWJ5e6/q92UyC0ea8yJAYcFNr5LreJ2qFY7hcunovEM=";
hash = "sha256-UgY8S+XGlSnO1k98JWBfSN0/IY3LANVFgJwI1kdPAcU=";
};
enableParallelBuilding = true;

4
pkgs/by-name/lu/lug-helper/package.nix
View File

@@ -15,12 +15,12 @@
}:
stdenvNoCC.mkDerivation (finalAttrs: {
name = "lug-helper";
version = "4.1";
version = "4.2";
src = fetchFromGitHub {
owner = "starcitizen-lug";
repo = "lug-helper";
tag = "v${finalAttrs.version}";
hash = "sha256-Pj0jReezB/0yCl5EC+EQ7CVtmgGQrJwVR6pvaP/gtWg=";
hash = "sha256-W8GwDXYHfGdruAMdBei53V5UPYE6yks0+FW48pARknY=";
};
buildInputs = [

4
pkgs/by-name/ma/makejinja/package.nix
View File

@@ -6,14 +6,14 @@
python3Packages.buildPythonApplication rec {
pname = "makejinja";
version = "2.8.0";
version = "2.8.1";
pyproject = true;
src = fetchFromGitHub {
owner = "mirkolenz";
repo = "makejinja";
tag = "v${version}";
hash = "sha256-Y6R+nVwIuviYhvLp5Aqb+BUCaAD6fF+GH8zmJrWNxFc=";
hash = "sha256-vK5MJb4n3/NmkohpJ1shEexvjHlEAfwZJWy2oL+rzRk=";
};
build-system = with python3Packages; [ setuptools ];

27
pkgs/by-name/ma/mandelbrot-cli/package.nix Normal file
View File

@@ -0,0 +1,27 @@
{
lib,
rustPlatform,
fetchFromGitHub,
}:
rustPlatform.buildRustPackage (finalAttrs: {
pname = "mandelbrot-cli";
version = "0-unstable-2025-07-16";
src = fetchFromGitHub {
owner = "IronstoneInnovation";
repo = "mandelbrot_cli";
rev = "36a43d4feace4ac346c6da78262278d4deb6bb94";
hash = "sha256-RGv/B2Zi2hqHWPbo67vTlJIIci3a0tyIgD5+Tnf0yiY=";
};
cargoHash = "sha256-nOhg3nDWGA+0g499EnsX5TNwnZM2NcpqHiyQujOM3OI=";
meta = {
description = "A CLI for generating images of the Mandelbrot Set";
homepage = "https://github.com/IronstoneInnovation/mandelbrot_cli";
license = lib.licenses.mit;
maintainers = with lib.maintainers; [ yiyu ];
mainProgram = "mandelbrot-cli";
};
})

Some files were not shown because too many files have changed in this diff Show More