movefasta/nixpkgs
1
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2025-06-17 06:59:46 +03:00
Code Issues Projects Releases Packages Wiki Activity

Merge remote-tracking branch 'upstream/master' into hardened-stdenv

Browse source
This commit is contained in:
Robin Gloster 2016-05-30 19:39:34 +00:00
commit 2d382f3d98
711 changed files with 49079 additions and 11672 deletions
Download patch file Download diff file Expand all files Collapse all files

3
.github/PULL_REQUEST_TEMPLATE.md vendored
View file

@ -1,3 +1,6 @@
###### Motivation for this change
###### Things done ###### Things done
- [ ] Tested using sandboxing - [ ] Tested using sandboxing

4
doc/configuration.xml
View file

@ -46,10 +46,10 @@ $ export NIXPKGS_ALLOW_UNFREE=1
allowUnfreePredicate = (pkg: ...); allowUnfreePredicate = (pkg: ...);
</programlisting> </programlisting>
Example to allow flash player only: Example to allow flash player and visual studio code only:
<programlisting> <programlisting>
allowUnfreePredicate = (pkg: pkgs.lib.hasPrefix "flashplayer-" pkg.name); allowUnfreePredicate = with builtins; (pkg: elem (parseDrvName pkg.name).name [ "flashplayer" "vscode" ]);
</programlisting> </programlisting>
</para> </para>

6
doc/default.nix
View file

@ -27,6 +27,7 @@ stdenv.mkDerivation {
in '' in ''
{ {
pandoc '${inputFile}' -w docbook ${optionalString useChapters "--chapters"} \ pandoc '${inputFile}' -w docbook ${optionalString useChapters "--chapters"} \
--smart \
| sed -e 's|<ulink url=|<link xlink:href=|' \ | sed -e 's|<ulink url=|<link xlink:href=|' \
-e 's|</ulink>|</link>|' \ -e 's|</ulink>|</link>|' \
-e 's|<sect. id=|<section xml:id=|' \ -e 's|<sect. id=|<section xml:id=|' \
@ -52,9 +53,8 @@ stdenv.mkDerivation {
outputFile = "./languages-frameworks/python.xml"; outputFile = "./languages-frameworks/python.xml";
} }
+ toDocbook { + toDocbook {
inputFile = ./haskell-users-guide.md; inputFile = ./languages-frameworks/haskell.md;
outputFile = "haskell-users-guide.xml"; outputFile = "./languages-frameworks/haskell.xml";
useChapters = true;
} }
+ toDocbook { + toDocbook {
inputFile = ./../pkgs/development/idris-modules/README.md; inputFile = ./../pkgs/development/idris-modules/README.md;

9
doc/functions.xml
View file

@ -92,7 +92,14 @@ in ...</programlisting>
<para>Do not use this function in Nixpkgs. Because it breaks <para>Do not use this function in Nixpkgs. Because it breaks
package abstraction and doesnt provide error checking for package abstraction and doesnt provide error checking for
function arguments, it is only intended for ad-hoc customisation function arguments, it is only intended for ad-hoc customisation
(such as in <filename>~/.nixpkgs/config.nix</filename>).</para> (such as in <filename>~/.nixpkgs/config.nix</filename>).
</para>
<para>
Additionally, <varname>overrideDerivation</varname> forces an evaluation
of the Derivation which can be quite a performance penalty if there are many
overrides used.
</para>
</warning> </warning>
<para> <para>

10
doc/beam-users-guide.xml → doc/languages-frameworks/beam.xml
View file

@ -1,10 +1,10 @@
<chapter xmlns="http://docbook.org/ns/docbook" <section xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink" xmlns:xlink="http://www.w3.org/1999/xlink"
xml:id="users-guide-to-the-erlang-infrastructure"> xml:id="sec-beam">
<title>User's Guide to the Beam Infrastructure</title> <title>Beam Languages (Erlang &amp; Elixir)</title>
<section xml:id="beam-introduction"> <section xml:id="beam-introduction">
<title>Beam Languages (Erlang &amp; Elixir) on Nix</title> <title>Introduction</title>
<para> <para>
In this document and related Nix expressions we use the term In this document and related Nix expressions we use the term
<emphasis>Beam</emphasis> to describe the environment. Beam is <emphasis>Beam</emphasis> to describe the environment. Beam is
@ -373,4 +373,4 @@ $ nix-build -A beamPackages
that. that.
</para> </para>
</section> </section>
</chapter> </section>

2
doc/haskell-users-guide.md → doc/languages-frameworks/haskell.md
View file

@ -329,7 +329,7 @@ workarounds.
### How to build a Haskell project using Stack ### How to build a Haskell project using Stack
[Stack][http://haskellstack.org] is a popular build tool for Haskell projects. [Stack](http://haskellstack.org) is a popular build tool for Haskell projects.
It has first-class support for Nix. Stack can optionally use Nix to It has first-class support for Nix. Stack can optionally use Nix to
automatically select the right version of GHC and other build tools to build, automatically select the right version of GHC and other build tools to build,
test and execute apps in an existing project downloaded from somewhere on the test and execute apps in an existing project downloaded from somewhere on the

17
doc/languages-frameworks/index.xml
View file

@ -13,19 +13,20 @@ in Nixpkgs to easily build packages for other programming languages,
such as Perl or Haskell. These are described in this chapter.</para> such as Perl or Haskell. These are described in this chapter.</para>
<xi:include href="perl.xml" /> <xi:include href="beam.xml" />
<xi:include href="python.xml" /> <xi:include href="bower.xml" />
<xi:include href="ruby.xml" /> <xi:include href="coq.xml" />
<xi:include href="go.xml" /> <xi:include href="go.xml" />
<xi:include href="haskell.xml" />
<xi:include href="idris.xml" /> <!-- generated from ../../pkgs/development/idris-modules/README.md -->
<xi:include href="java.xml" /> <xi:include href="java.xml" />
<xi:include href="lua.xml" /> <xi:include href="lua.xml" />
<xi:include href="coq.xml" /> <xi:include href="perl.xml" />
<xi:include href="idris.xml" /> <!-- generated from ../../pkgs/development/idris-modules/README.md --> <xi:include href="python.xml" />
<xi:include href="r.xml" /> <!-- generated from ../../pkgs/development/r-modules/README.md -->
<xi:include href="qt.xml" /> <xi:include href="qt.xml" />
<xi:include href="r.xml" /> <!-- generated from ../../pkgs/development/r-modules/README.md -->
<xi:include href="ruby.xml" />
<xi:include href="texlive.xml" /> <xi:include href="texlive.xml" />
<xi:include href="bower.xml" />
</chapter> </chapter>

74
doc/languages-frameworks/python.md
View file

@ -78,18 +78,16 @@ containing
```nix ```nix
with import <nixpkgs> {}; with import <nixpkgs> {};
(pkgs.python35.buildEnv.override { (pkgs.python35.withPackages (ps: [ps.numpy ps.toolz])).env
extraLibs = with pkgs.python35Packages; [ numpy toolz ];
}).env
``` ```
executing `nix-shell` gives you again a Nix shell from which you can run Python. executing `nix-shell` gives you again a Nix shell from which you can run Python.
What's happening here? What's happening here?
1. We begin with importing the Nix Packages collections. `import <nixpkgs>` import the `<nixpkgs>` function, `{}` calls it and the `with` statement brings all attributes of `nixpkgs` in the local scope. Therefore we can now use `pkgs`. 1. We begin with importing the Nix Packages collections. `import <nixpkgs>` import the `<nixpkgs>` function, `{}` calls it and the `with` statement brings all attributes of `nixpkgs` in the local scope. Therefore we can now use `pkgs`.
2. Then we create a Python 3.5 environment with `pkgs.buildEnv`. Because we want to use it with a custom set of Python packages, we override it. 2. Then we create a Python 3.5 environment with the `withPackages` function.
3. The `extraLibs` argument of the original `buildEnv` function can be used to specify which packages should be included. We want `numpy` and `toolz`. Again, we use the `with` statement to bring a set of attributes into the local scope. 3. The `withPackages` function expects us to provide a function as an argument that takes the set of all python packages and returns a list of packages to include in the environment. Here, we select the packages `numpy` and `toolz` from the package set.
4. And finally, for in interactive use we return the environment. 4. And finally, for in interactive use we return the environment by using the `env` attribute.
### Developing with Python ### Developing with Python
@ -187,10 +185,7 @@ with import <nixpkgs> {};
}; };
}; };
in pkgs.python35.buildEnv.override rec { in pkgs.python35.withPackages (ps: [ps.numpy toolz])
extraLibs = [ pkgs.python35Packages.numpy toolz ];
}
).env ).env
``` ```
@ -199,8 +194,11 @@ locally defined package as well as `numpy` which is build according to the
definition in Nixpkgs. What did we do here? Well, we took the Nix expression definition in Nixpkgs. What did we do here? Well, we took the Nix expression
that we used earlier to build a Python environment, and said that we wanted to that we used earlier to build a Python environment, and said that we wanted to
include our own version of `toolz`. To introduce our own package in the scope of include our own version of `toolz`. To introduce our own package in the scope of
`buildEnv.override` we used a `withPackages` we used a
[`let`](http://nixos.org/nix/manual/#sec-constructs) expression. [`let`](http://nixos.org/nix/manual/#sec-constructs) expression.
You can see that we used `ps.numpy` to select numpy from the nixpkgs package set (`ps`).
But we do not take `toolz` from the nixpkgs package set this time.
Instead, `toolz` will resolve to our local definition that we introduced with `let`.
### Handling dependencies ### Handling dependencies
@ -359,7 +357,7 @@ own packages. The important functions here are `import` and `callPackage`.
### Including a derivation using `callPackage` ### Including a derivation using `callPackage`
Earlier we created a Python environment using `buildEnv`, and included the Earlier we created a Python environment using `withPackages`, and included the
`toolz` package via a `let` expression. `toolz` package via a `let` expression.
Let's split the package definition from the environment definition. Let's split the package definition from the environment definition.
@ -394,9 +392,7 @@ with import <nixpkgs> {};
( let ( let
toolz = pkgs.callPackage ~/path/to/toolz/release.nix { pkgs=pkgs; buildPythonPackage=pkgs.python35Packages.buildPythonPackage; }; toolz = pkgs.callPackage ~/path/to/toolz/release.nix { pkgs=pkgs; buildPythonPackage=pkgs.python35Packages.buildPythonPackage; };
in pkgs.python35.buildEnv.override rec { in pkgs.python35.withPackages (ps: [ ps.numpy toolz ])
extraLibs = [ pkgs.python35Packages.numpy toolz ];
}
).env ).env
``` ```
@ -450,6 +446,7 @@ Each interpreter has the following attributes:
- `libPrefix`. Name of the folder in `${python}/lib/` for corresponding interpreter. - `libPrefix`. Name of the folder in `${python}/lib/` for corresponding interpreter.
- `interpreter`. Alias for `${python}/bin/${executable}`. - `interpreter`. Alias for `${python}/bin/${executable}`.
- `buildEnv`. Function to build python interpreter environments with extra packages bundled together. See section *python.buildEnv function* for usage and documentation. - `buildEnv`. Function to build python interpreter environments with extra packages bundled together. See section *python.buildEnv function* for usage and documentation.
- `withPackages`. Simpler interface to `buildEnv`. See section *python.withPackages function* for usage and documentation.
- `sitePackages`. Alias for `lib/${libPrefix}/site-packages`. - `sitePackages`. Alias for `lib/${libPrefix}/site-packages`.
- `executable`. Name of the interpreter executable, ie `python3.4`. - `executable`. Name of the interpreter executable, ie `python3.4`.
@ -548,7 +545,7 @@ Python environments can be created using the low-level `pkgs.buildEnv` function.
This example shows how to create an environment that has the Pyramid Web Framework. This example shows how to create an environment that has the Pyramid Web Framework.
Saving the following as `default.nix` Saving the following as `default.nix`
with import {}; with import <nixpkgs> {};
python.buildEnv.override { python.buildEnv.override {
extraLibs = [ pkgs.pythonPackages.pyramid ]; extraLibs = [ pkgs.pythonPackages.pyramid ];
@ -565,7 +562,7 @@ You can also use the `env` attribute to create local environments with needed
packages installed. This is somewhat comparable to `virtualenv`. For example, packages installed. This is somewhat comparable to `virtualenv`. For example,
running `nix-shell` with the following `shell.nix` running `nix-shell` with the following `shell.nix`
with import {}; with import <nixpkgs> {};
(python3.buildEnv.override { (python3.buildEnv.override {
extraLibs = with python3Packages; [ numpy requests ]; extraLibs = with python3Packages; [ numpy requests ];
@ -581,6 +578,37 @@ specified packages in its path.
* `postBuild`: Shell command executed after the build of environment. * `postBuild`: Shell command executed after the build of environment.
* `ignoreCollisions`: Ignore file collisions inside the environment (default is `false`). * `ignoreCollisions`: Ignore file collisions inside the environment (default is `false`).
#### python.withPackages function
The `python.withPackages` function provides a simpler interface to the `python.buildEnv` functionality.
It takes a function as an argument that is passed the set of python packages and returns the list
of the packages to be included in the environment. Using the `withPackages` function, the previous
example for the Pyramid Web Framework environment can be written like this:
with import <nixpkgs> {};
python.withPackages (ps: [ps.pyramid])
`withPackages` passes the correct package set for the specific interpreter version as an
argument to the function. In the above example, `ps` equals `pythonPackages`.
But you can also easily switch to using python3:
with import <nixpkgs> {};
python3.withPackages (ps: [ps.pyramid])
Now, `ps` is set to `python3Packages`, matching the version of the interpreter.
As `python.withPackages` simply uses `python.buildEnv` under the hood, it also supports the `env`
attribute. The `shell.nix` file from the previous section can thus be also written like this:
with import <nixpkgs> {};
(python33.withPackages (ps: [ps.numpy ps.requests])).env
In contrast to `python.buildEnv`, `python.withPackages` does not support the more advanced options
such as `ignoreCollisions = true` or `postBuild`. If you need them, you have to use `python.buildEnv`.
### Development mode ### Development mode
Development or editable mode is supported. To develop Python packages Development or editable mode is supported. To develop Python packages
@ -591,7 +619,7 @@ Warning: `shellPhase` is executed only if `setup.py` exists.
Given a `default.nix`: Given a `default.nix`:
with import {}; with import <nixpkgs> {};
buildPythonPackage { name = "myproject"; buildPythonPackage { name = "myproject";
@ -649,9 +677,8 @@ newpkgs = pkgs.overridePackages(self: super: rec {
self = python35Packages // { pandas = python35Packages.pandas.override{name="foo";};}; self = python35Packages // { pandas = python35Packages.pandas.override{name="foo";};};
}; };
}); });
in newpkgs.python35.buildEnv.override{ in newpkgs.python35.withPackages (ps: [ps.blaze])
extraLibs = [newpkgs.python35Packages.blaze ]; ).env
}).env
``` ```
A typical use case is to switch to another version of a certain package. For example, in the Nixpkgs repository we have multiple versions of `django` and `scipy`. A typical use case is to switch to another version of a certain package. For example, in the Nixpkgs repository we have multiple versions of `django` and `scipy`.
In the following example we use a different version of `scipy`. All packages in `newpkgs` will now use the updated `scipy` version. In the following example we use a different version of `scipy`. All packages in `newpkgs` will now use the updated `scipy` version.
@ -665,9 +692,8 @@ newpkgs = pkgs.overridePackages(self: super: rec {
self = python35Packages // { scipy = python35Packages.scipy_0_16;}; self = python35Packages // { scipy = python35Packages.scipy_0_16;};
}; };
}); });
in pkgs.python35.buildEnv.override{ in newpkgs.python35.withPackages (ps: [ps.blaze])
extraLibs = [newpkgs.python35Packages.blaze ]; ).env
}).env
``` ```
The requested package `blaze` depends upon `pandas` which itself depends on `scipy`. The requested package `blaze` depends upon `pandas` which itself depends on `scipy`.

2
doc/manual.xml
View file

@ -20,8 +20,6 @@
<xi:include href="package-notes.xml" /> <xi:include href="package-notes.xml" />
<xi:include href="coding-conventions.xml" /> <xi:include href="coding-conventions.xml" />
<xi:include href="submitting-changes.xml" /> <xi:include href="submitting-changes.xml" />
<xi:include href="haskell-users-guide.xml" />
<xi:include href="beam-users-guide.xml" />
<xi:include href="contributing.xml" /> <xi:include href="contributing.xml" />
</book> </book>

2
lib/composable-derivation.nix
View file

@ -50,7 +50,7 @@ let inherit (lib) nv nvs; in
# nice features: # nice features:
# declaring "optional featuers" is modular. For instance: # declaring "optional featuers" is modular. For instance:
# flags.curl = { # flags.curl = {
# configureFlags = ["--with-curl=${curl}" "--with-curlwrappers"]; # configureFlags = ["--with-curl=${curl.dev}" "--with-curlwrappers"];
# buildInputs = [curl openssl]; # buildInputs = [curl openssl];
# }; # };
# flags.other = { .. } # flags.other = { .. }

2
lib/lists.nix
View file

@ -24,7 +24,7 @@ rec {
Example: Example:
concat = fold (a: b: a + b) "z" concat = fold (a: b: a + b) "z"
concat [ "a" "b" "c" ] concat [ "a" "b" "c" ]
=> "abcnul" => "abcz"
*/ */
fold = op: nul: list: fold = op: nul: list:
let let

9
lib/maintainers.nix
View file

@ -76,6 +76,7 @@
choochootrain = "Hurshal Patel <hurshal@imap.cc>"; choochootrain = "Hurshal Patel <hurshal@imap.cc>";
christopherpoole = "Christopher Mark Poole <mail@christopherpoole.net>"; christopherpoole = "Christopher Mark Poole <mail@christopherpoole.net>";
cleverca22 = "Michael Bishop <cleverca22@gmail.com>"; cleverca22 = "Michael Bishop <cleverca22@gmail.com>";
cmcdragonkai = "Roger Qiu <roger.qiu@matrix.ai>";
coconnor = "Corey O'Connor <coreyoconnor@gmail.com>"; coconnor = "Corey O'Connor <coreyoconnor@gmail.com>";
codsl = "codsl <codsl@riseup.net>"; codsl = "codsl <codsl@riseup.net>";
codyopel = "Cody Opel <codyopel@gmail.com>"; codyopel = "Cody Opel <codyopel@gmail.com>";
@ -85,7 +86,7 @@
couchemar = "Andrey Pavlov <couchemar@yandex.ru>"; couchemar = "Andrey Pavlov <couchemar@yandex.ru>";
cransom = "Casey Ransom <cransom@hubns.net>"; cransom = "Casey Ransom <cransom@hubns.net>";
CrystalGamma = "Jona Stubbe <nixos@crystalgamma.de>"; CrystalGamma = "Jona Stubbe <nixos@crystalgamma.de>";
cstrahan = "Charles Strahan <charles.c.strahan@gmail.com>"; cstrahan = "Charles Strahan <charles@cstrahan.com>";
cwoac = "Oliver Matthews <oliver@codersoffortune.net>"; cwoac = "Oliver Matthews <oliver@codersoffortune.net>";
DamienCassou = "Damien Cassou <damien@cassou.me>"; DamienCassou = "Damien Cassou <damien@cassou.me>";
dasuxullebt = "Christoph-Simon Senjak <christoph.senjak@googlemail.com>"; dasuxullebt = "Christoph-Simon Senjak <christoph.senjak@googlemail.com>";
@ -150,6 +151,7 @@
goibhniu = "Cillian de Róiste <cillian.deroiste@gmail.com>"; goibhniu = "Cillian de Róiste <cillian.deroiste@gmail.com>";
Gonzih = "Max Gonzih <gonzih@gmail.com>"; Gonzih = "Max Gonzih <gonzih@gmail.com>";
gpyh = "Yacine Hmito <yacine.hmito@gmail.com>"; gpyh = "Yacine Hmito <yacine.hmito@gmail.com>";
grahamc = "Graham Christensen <graham@grahamc.com>";
gridaphobe = "Eric Seidel <eric@seidel.io>"; gridaphobe = "Eric Seidel <eric@seidel.io>";
guibert = "David Guibert <david.guibert@gmail.com>"; guibert = "David Guibert <david.guibert@gmail.com>";
havvy = "Ryan Scheel <ryan.havvy@gmail.com>"; havvy = "Ryan Scheel <ryan.havvy@gmail.com>";
@ -228,7 +230,7 @@
matthiasbeyer = "Matthias Beyer <mail@beyermatthias.de>"; matthiasbeyer = "Matthias Beyer <mail@beyermatthias.de>";
maurer = "Matthew Maurer <matthew.r.maurer+nix@gmail.com>"; maurer = "Matthew Maurer <matthew.r.maurer+nix@gmail.com>";
mbakke = "Marius Bakke <ymse@tuta.io>"; mbakke = "Marius Bakke <ymse@tuta.io>";
mbauer = "Matthew Bauer <mjbauer95@gmail.com>"; matthewbauer = "Matthew Bauer <mjbauer95@gmail.com>";
mbe = "Brandon Edens <brandonedens@gmail.com>"; mbe = "Brandon Edens <brandonedens@gmail.com>";
mboes = "Mathieu Boespflug <mboes@tweag.net>"; mboes = "Mathieu Boespflug <mboes@tweag.net>";
mcmtroffaes = "Matthias C. M. Troffaes <matthias.troffaes@gmail.com>"; mcmtroffaes = "Matthias C. M. Troffaes <matthias.troffaes@gmail.com>";
@ -259,6 +261,7 @@
nfjinjing = "Jinjing Wang <nfjinjing@gmail.com>"; nfjinjing = "Jinjing Wang <nfjinjing@gmail.com>";
nico202 = "Nicolò Balzarotti <anothersms@gmail.com>"; nico202 = "Nicolò Balzarotti <anothersms@gmail.com>";
notthemessiah = "Brian Cohen <brian.cohen.88@gmail.com>"; notthemessiah = "Brian Cohen <brian.cohen.88@gmail.com>";
NikolaMandic = "Ratko Mladic <nikola@mandic.email>";
np = "Nicolas Pouillard <np.nix@nicolaspouillard.fr>"; np = "Nicolas Pouillard <np.nix@nicolaspouillard.fr>";
nslqqq = "Nikita Mikhailov <nslqqq@gmail.com>"; nslqqq = "Nikita Mikhailov <nslqqq@gmail.com>";
obadz = "obadz <obadz-nixos@obadz.com>"; obadz = "obadz <obadz-nixos@obadz.com>";
@ -293,6 +296,7 @@
pmiddend = "Philipp Middendorf <pmidden@secure.mailbox.org>"; pmiddend = "Philipp Middendorf <pmidden@secure.mailbox.org>";
prikhi = "Pavan Rikhi <pavan.rikhi@gmail.com>"; prikhi = "Pavan Rikhi <pavan.rikhi@gmail.com>";
profpatsch = "Profpatsch <mail@profpatsch.de>"; profpatsch = "Profpatsch <mail@profpatsch.de>";
pshendry = "Paul Hendry <paul@pshendry.com>";
psibi = "Sibi <sibi@psibi.in>"; psibi = "Sibi <sibi@psibi.in>";
pSub = "Pascal Wittmann <mail@pascal-wittmann.de>"; pSub = "Pascal Wittmann <mail@pascal-wittmann.de>";
puffnfresh = "Brian McKenna <brian@brianmckenna.org>"; puffnfresh = "Brian McKenna <brian@brianmckenna.org>";
@ -303,6 +307,7 @@
rasendubi = "Alexey Shmalko <rasen.dubi@gmail.com>"; rasendubi = "Alexey Shmalko <rasen.dubi@gmail.com>";
raskin = "Michael Raskin <7c6f434c@mail.ru>"; raskin = "Michael Raskin <7c6f434c@mail.ru>";
redbaron = "Maxim Ivanov <ivanov.maxim@gmail.com>"; redbaron = "Maxim Ivanov <ivanov.maxim@gmail.com>";
redvers = "Redvers Davies <red@infect.me>";
refnil = "Martin Lavoie <broemartino@gmail.com>"; refnil = "Martin Lavoie <broemartino@gmail.com>";
relrod = "Ricky Elrod <ricky@elrod.me>"; relrod = "Ricky Elrod <ricky@elrod.me>";
renzo = "Renzo Carbonara <renzocarbonara@gmail.com>"; renzo = "Renzo Carbonara <renzocarbonara@gmail.com>";

26
lib/sources.nix
View file

@ -29,4 +29,30 @@ rec {
in type == "directory" || lib.any (ext: lib.hasSuffix ext base) exts; in type == "directory" || lib.any (ext: lib.hasSuffix ext base) exts;
in builtins.filterSource filter path; in builtins.filterSource filter path;
# Get the commit id of a git repo
# Example: commitIdFromGitRepo <nixpkgs/.git>
commitIdFromGitRepo =
let readCommitFromFile = path: file:
with builtins;
let fileName = toString path + "/" + file;
packedRefsName = toString path + "/packed-refs";
in if lib.pathExists fileName
then
let fileContent = readFile fileName;
# Sometimes git stores the commitId directly in the file but
# sometimes it stores something like: «ref: refs/heads/branch-name»
matchRef = match "^ref: (.*)\n$" fileContent;
in if isNull matchRef
then lib.removeSuffix "\n" fileContent
else readCommitFromFile path (lib.head matchRef)
# Sometimes, the file isn't there at all and has been packed away in the
# packed-refs file, so we have to grep through it:
else if lib.pathExists packedRefsName
then
let packedRefs = lib.splitString "\n" (readFile packedRefsName);
matchRule = match ("^(.*) " + file + "$");
matchedRefs = lib.flatten (lib.filter (m: ! (isNull m)) (map matchRule packedRefs));
in lib.head matchedRefs
else throw ("Not a .git directory: " + path);
in lib.flip readCommitFromFile "HEAD";
} }

18
lib/types.nix
View file

@ -114,13 +114,17 @@ rec {
name = "list of ${elemType.name}s"; name = "list of ${elemType.name}s";
check = isList; check = isList;
merge = loc: defs: merge = loc: defs:
map (x: x.value) (filter (x: x ? value) (concatLists (imap (n: def: imap (m: def': map (x: x.value) (filter (x: x ? value) (concatLists (imap (n: def:
(mergeDefinitions if isList def.value then
(loc ++ ["[definition ${toString n}-entry ${toString m}]"]) imap (m: def':
elemType (mergeDefinitions
[{ inherit (def) file; value = def'; }] (loc ++ ["[definition ${toString n}-entry ${toString m}]"])
).optionalValue elemType
) def.value) defs))); [{ inherit (def) file; value = def'; }]
).optionalValue
) def.value
else
throw "The option value `${showOption loc}' in `${def.file}' is not a list.") defs)));
getSubOptions = prefix: elemType.getSubOptions (prefix ++ ["*"]); getSubOptions = prefix: elemType.getSubOptions (prefix ++ ["*"]);
getSubModules = elemType.getSubModules; getSubModules = elemType.getSubModules;
substSubModules = m: listOf (elemType.substSubModules m); substSubModules = m: listOf (elemType.substSubModules m);

3
maintainers/scripts/nix-generate-from-cpan.nix
View file

@ -1,7 +1,7 @@
{ stdenv, makeWrapper, perl, perlPackages }: { stdenv, makeWrapper, perl, perlPackages }:
stdenv.mkDerivation { stdenv.mkDerivation {
name = "nix-generate-from-cpan-2"; name = "nix-generate-from-cpan-3";
buildInputs = with perlPackages; [ buildInputs = with perlPackages; [
makeWrapper perl CPANMeta GetoptLongDescriptive CPANPLUS Readonly Log4Perl makeWrapper perl CPANMeta GetoptLongDescriptive CPANPLUS Readonly Log4Perl
@ -20,5 +20,6 @@ stdenv.mkDerivation {
meta = { meta = {
maintainers = with stdenv.lib.maintainers; [ eelco rycee ]; maintainers = with stdenv.lib.maintainers; [ eelco rycee ];
description = "Utility to generate a Nix expression for a Perl package from CPAN"; description = "Utility to generate a Nix expression for a Perl package from CPAN";
platforms = stdenv.lib.platforms.unix;
}; };
} }

14
maintainers/scripts/nix-generate-from-cpan.pl
View file

@ -278,13 +278,13 @@ sub get_deps {
foreach my $n ( $deps->required_modules ) { foreach my $n ( $deps->required_modules ) {
next if $n eq "perl"; next if $n eq "perl";
# Hacky way to figure out if this module is part of Perl. # Figure out whether the module is a core module by attempting
if ( $n !~ /^JSON/ && $n !~ /^YAML/ && $n !~ /^Module::Pluggable/ && $n !~ /^if$/ ) { # to `use` the module in a pure Perl interpreter and checking
eval "use $n;"; # whether it succeeded. Note, $^X is a magic variable holding
if ( !$@ ) { # the path to the running Perl interpreter.
DEBUG("skipping Perl-builtin module $n"); if ( system("env -i $^X -M$n -e1 >/dev/null 2>&1") == 0 ) {
next; DEBUG("skipping Perl-builtin module $n");
} next;
} }
my $pkg = module_to_pkg( $cb, $n ); my $pkg = module_to_pkg( $cb, $n );

23
nixos/doc/manual/configuration/linux-kernel.xml
View file

@ -19,7 +19,7 @@ kernel.</para>
<para>The default Linux kernel configuration should be fine for most users. You can see the configuration of your current kernel with the following command: <para>The default Linux kernel configuration should be fine for most users. You can see the configuration of your current kernel with the following command:
<programlisting> <programlisting>
cat /proc/config.gz | gunzip zcat /proc/config.gz
</programlisting> </programlisting>
If you want to change the kernel configuration, you can use the If you want to change the kernel configuration, you can use the
<option>packageOverrides</option> feature (see <xref <option>packageOverrides</option> feature (see <xref
@ -66,4 +66,25 @@ boot.kernel.sysctl."net.ipv4.tcp_keepalive_time" = 120;
sets the kernels TCP keepalive time to 120 seconds. To see the sets the kernels TCP keepalive time to 120 seconds. To see the
available parameters, run <command>sysctl -a</command>.</para> available parameters, run <command>sysctl -a</command>.</para>
<section>
<title>Developing kernel modules</title>
<para>When developing kernel modules it's often convenient to run
edit-compile-run loop as quickly as possible.
See below snippet as an example of developing <literal>mellanox</literal>
drivers.
</para>
<screen><![CDATA[
$ nix-build '<nixpkgs>' -A linuxPackages.kernel.dev
$ nix-shell '<nixpkgs>' -A linuxPackages.kernel
$ unpackPhase
$ cd linux-*
$ make -C $dev/lib/modules/*/build M=$(pwd)/drivers/net/ethernet/mellanox modules
$ sudo insmod ./drivers/net/ethernet/mellanox/mlx5/core/mlx5_core.ko
]]></screen>
</section>
</chapter> </chapter>

12
nixos/doc/manual/configuration/luks-file-systems.xml
View file

@ -9,21 +9,21 @@
<para>NixOS supports file systems that are encrypted using <para>NixOS supports file systems that are encrypted using
<emphasis>LUKS</emphasis> (Linux Unified Key Setup). For example, <emphasis>LUKS</emphasis> (Linux Unified Key Setup). For example,
here is how you create an encrypted Ext4 file system on the device here is how you create an encrypted Ext4 file system on the device
<filename>/dev/sda2</filename>: <filename>/dev/disk/by-uuid/3f6b0024-3a44-4fde-a43a-767b872abe5d</filename>:
<screen> <screen>
$ cryptsetup luksFormat /dev/sda2 $ cryptsetup luksFormat /dev/disk/by-uuid/3f6b0024-3a44-4fde-a43a-767b872abe5d
WARNING! WARNING!
======== ========
This will overwrite data on /dev/sda2 irrevocably. This will overwrite data on /dev/disk/by-uuid/3f6b0024-3a44-4fde-a43a-767b872abe5d irrevocably.
Are you sure? (Type uppercase yes): YES Are you sure? (Type uppercase yes): YES
Enter LUKS passphrase: *** Enter LUKS passphrase: ***
Verify passphrase: *** Verify passphrase: ***
$ cryptsetup luksOpen /dev/sda2 crypted $ cryptsetup luksOpen /dev/disk/by-uuid/3f6b0024-3a44-4fde-a43a-767b872abe5d crypted
Enter passphrase for /dev/sda2: *** Enter passphrase for /dev/disk/by-uuid/3f6b0024-3a44-4fde-a43a-767b872abe5d: ***
$ mkfs.ext4 /dev/mapper/crypted $ mkfs.ext4 /dev/mapper/crypted
</screen> </screen>
@ -33,7 +33,7 @@ as <filename>/</filename>, add the following to
<filename>configuration.nix</filename>: <filename>configuration.nix</filename>:
<programlisting> <programlisting>
boot.initrd.luks.devices = [ { device = "/dev/sda2"; name = "crypted"; } ]; boot.initrd.luks.devices.crypted.device = "/dev/disk/by-uuid/3f6b0024-3a44-4fde-a43a-767b872abe5d";
fileSystems."/".device = "/dev/mapper/crypted"; fileSystems."/".device = "/dev/mapper/crypted";
</programlisting> </programlisting>

6
nixos/doc/manual/development/option-declarations.xml
View file

@ -7,8 +7,8 @@
<title>Option Declarations</title> <title>Option Declarations</title>
<para>An option declaration specifies the name, type and description <para>An option declaration specifies the name, type and description
of a NixOS configuration option. It is illegal to define an option of a NixOS configuration option. It is invalid to define an option
that hasnt been declared in any module. A option declaration that hasnt been declared in any module. An option declaration
generally looks like this: generally looks like this:
<programlisting> <programlisting>
@ -42,7 +42,7 @@ options = {
<listitem> <listitem>
<para>The default value used if no value is defined by any <para>The default value used if no value is defined by any
module. A default is not required; in that case, if the option module. A default is not required; in that case, if the option
value is ever used, an error will be thrown.</para> value is never used, an error will be thrown.</para>
</listitem> </listitem>
</varlistentry> </varlistentry>

4
nixos/doc/manual/man-nixos-generate-config.xml
View file

@ -113,8 +113,8 @@
<varlistentry> <varlistentry>
<term><option>--no-filesystems</option></term> <term><option>--no-filesystems</option></term>
<listitem> <listitem>
<para>Omit everything concerning file system information <para>Omit everything concerning file systems and swap devices
(which includes swap devices) from the hardware configuration.</para> from the hardware configuration.</para>
</listitem> </listitem>
</varlistentry> </varlistentry>

2
nixos/doc/manual/release-notes/rl-1603.xml
View file

@ -279,7 +279,7 @@ fileSystems."/example" = {
<listitem> <listitem>
<para><literal>services.xserver.vaapiDrivers</literal> has been removed. Use <para><literal>services.xserver.vaapiDrivers</literal> has been removed. Use
<literal>services.hardware.opengl.extraPackages{,32}</literal> instead. You can <literal>hardware.opengl.extraPackages{,32}</literal> instead. You can
also specify VDPAU drivers there.</para> also specify VDPAU drivers there.</para>
</listitem> </listitem>

5
nixos/doc/manual/release-notes/rl-1609.xml
View file

@ -30,7 +30,10 @@ following incompatible changes:</para>
<itemizedlist> <itemizedlist>
<listitem> <listitem>
<para>todo</para> <para>Shell aliases for systemd sub-commands
<link xlink:href="https://github.com/NixOS/nixpkgs/pull/15598">were dropped</link>:
<command>start</command>, <command>stop</command>,
<command>restart</command>, <command>status</command>.</para>
</listitem> </listitem>
</itemizedlist> </itemizedlist>

4
nixos/lib/test-driver/Logger.pm
View file

@ -3,6 +3,7 @@ package Logger;
use strict; use strict;
use Thread::Queue; use Thread::Queue;
use XML::Writer; use XML::Writer;
use Encode qw(decode encode);
sub new { sub new {
my ($class) = @_; my ($class) = @_;
@ -56,7 +57,8 @@ sub nest {
sub sanitise { sub sanitise {
my ($s) = @_; my ($s) = @_;
$s =~ s/[[:cntrl:]\xff]//g; $s =~ s/[[:cntrl:]\xff]//g;
return $s; $s = decode('UTF-8', $s, Encode::FB_DEFAULT);
return encode('UTF-8', $s, Encode::FB_CROAK);
} }
sub log { sub log {

12
nixos/lib/test-driver/Machine.pm
View file

@ -382,9 +382,17 @@ sub waitForUnit {
my $state = $info->{ActiveState}; my $state = $info->{ActiveState};
die "unit $unit reached state $state\n" if $state eq "failed"; die "unit $unit reached state $state\n" if $state eq "failed";
if ($state eq "inactive") { if ($state eq "inactive") {
# If there are no pending jobs, then assume this unit
# will never reach active state.
my ($status, $jobs) = $self->execute("systemctl list-jobs --full 2>&1"); my ($status, $jobs) = $self->execute("systemctl list-jobs --full 2>&1");
die "unit $unit is inactive and there are no pending jobs\n" if ($jobs =~ /No jobs/) { # FIXME: fragile
if $jobs =~ /No jobs/; # FIXME: fragile # Handle the case where the unit may have started
# between the previous getUnitInfo() and
# list-jobs.
my $info2 = $self->getUnitInfo($unit);
die "unit $unit is inactive and there are no pending jobs\n"
if $info2->{ActiveState} eq $state;
}
} }
return 1 if $state eq "active"; return 1 if $state eq "active";
}; };

54
nixos/modules/config/fonts/fontdir.nix
View file

@ -4,47 +4,17 @@ with lib;
let let
fontDirs = config.fonts.fonts; x11Fonts = pkgs.runCommand "X11-fonts" { } ''
mkdir -p "$out/share/X11-fonts"
localDefs = with pkgs.builderDefs; pkgs.builderDefs.passthru.function rec { find ${toString config.fonts.fonts} \
src = "";/* put a fetchurl here */ \( -name fonts.dir -o -name '*.ttf' -o -name '*.otf' \) \
buildInputs = [pkgs.xorg.mkfontdir pkgs.xorg.mkfontscale]; -exec ln -sf -t "$out/share/X11-fonts" '{}' \;
inherit fontDirs; cd "$out/share/X11-fonts"
installPhase = fullDepEntry (" rm -f fonts.dir fonts.scale fonts.alias
list=''; ${pkgs.xorg.mkfontdir}/bin/mkfontdir
for i in ${toString fontDirs} ; do ${pkgs.xorg.mkfontscale}/bin/mkfontscale
if [ -d \$i/ ]; then cat $(find ${pkgs.xorg.fontalias}/ -name fonts.alias) >fonts.alias
list=\"\$list \$i\"; '';
fi;
done
list=\$(find \$list -name fonts.dir -o -name '*.ttf' -o -name '*.otf');
fontDirs='';
for i in \$list ; do
fontDirs=\"\$fontDirs \$(dirname \$i)\";
done;
mkdir -p \$out/share/X11-fonts/;
find \$fontDirs -type f -o -type l | while read i; do
j=\"\${i##*/}\"
if ! test -e \"\$out/share/X11-fonts/\${j}\"; then
ln -s \"\$i\" \"\$out/share/X11-fonts/\${j}\";
fi;
done;
cd \$out/share/X11-fonts/
rm fonts.dir
rm fonts.scale
rm fonts.alias
mkfontdir
mkfontscale
cat \$( find ${pkgs.xorg.fontalias}/ -name fonts.alias) >fonts.alias
") ["minInit" "addInputs"];
};
x11Fonts = with localDefs; stdenv.mkDerivation rec {
name = "X11-fonts";
builder = writeScript (name + "-builder")
(textClosure localDefs
[installPhase doForceShare doPropagate]);
};
in in
@ -70,6 +40,8 @@ in
environment.systemPackages = [ x11Fonts ]; environment.systemPackages = [ x11Fonts ];
environment.pathsToLink = [ "/share/X11-fonts" ];
}; };
} }

2
nixos/modules/config/ldap.nix
View file

@ -192,7 +192,7 @@ in
system.activationScripts = mkIf insertLdapPassword { system.activationScripts = mkIf insertLdapPassword {
ldap = stringAfter [ "etc" "groups" "users" ] '' ldap = stringAfter [ "etc" "groups" "users" ] ''
if test -f "${cfg.bind.password}" ; then if test -f "${cfg.bind.password}" ; then
echo "bindpw "$(cat ${cfg.bind.password})"" | cat ${ldapConfig} - > /etc/ldap.conf.bindpw echo "bindpw "$(cat ${cfg.bind.password})"" | cat ${ldapConfig.source} - > /etc/ldap.conf.bindpw
mv -fT /etc/ldap.conf.bindpw /etc/ldap.conf mv -fT /etc/ldap.conf.bindpw /etc/ldap.conf
chmod 600 /etc/ldap.conf chmod 600 /etc/ldap.conf
fi fi

20
nixos/modules/config/networking.nix
View file

@ -11,6 +11,9 @@ let
config.services.dnsmasq.resolveLocalQueries; config.services.dnsmasq.resolveLocalQueries;
hasLocalResolver = config.services.bind.enable || dnsmasqResolve; hasLocalResolver = config.services.bind.enable || dnsmasqResolve;
resolvconfOptions = cfg.resolvconfOptions
++ optional cfg.dnsSingleRequest "single-request"
++ optional cfg.dnsExtensionMechanism "ends0";
in in
{ {
@ -59,6 +62,14 @@ in
''; '';
}; };
networking.resolvconfOptions = lib.mkOption {
type = types.listOf types.str;
default = [];
example = [ "ndots:1" "rotate" ];
description = ''
Set the options in <filename>/etc/resolv.conf</filename>.
'';
};
networking.proxy = { networking.proxy = {
@ -171,12 +182,9 @@ in
# Invalidate the nscd cache whenever resolv.conf is # Invalidate the nscd cache whenever resolv.conf is
# regenerated. # regenerated.
libc_restart='${pkgs.systemd}/bin/systemctl try-restart --no-block nscd.service 2> /dev/null' libc_restart='${pkgs.systemd}/bin/systemctl try-restart --no-block nscd.service 2> /dev/null'
'' + optionalString cfg.dnsSingleRequest '' '' + optionalString (length resolvconfOptions > 0) ''
# only send one DNS request at a time # Options as described in resolv.conf(5)
resolv_conf_options+=' single-request' resolv_conf_options='${concatStringsSep " " resolvconfOptions}'
'' + optionalString cfg.dnsExtensionMechanism ''
# enable extension mechanisms for DNS
resolv_conf_options+=' edns0'
'' + optionalString hasLocalResolver '' '' + optionalString hasLocalResolver ''
# This hosts runs a full-blown DNS resolver. # This hosts runs a full-blown DNS resolver.
name_servers='127.0.0.1' name_servers='127.0.0.1'

4
nixos/modules/config/shells-environment.nix
View file

@ -150,10 +150,6 @@ in
system.build.binsh = pkgs.bashInteractive; system.build.binsh = pkgs.bashInteractive;
# Ensure TERMINFO is set appropriately *before* user shells are run,
# as they may depend on it
environment.sessionVariables.TERMINFO = "/run/current-system/sw/share/terminfo";
# Set session variables in the shell as well. This is usually # Set session variables in the shell as well. This is usually
# unnecessary, but it allows changes to session variables to take # unnecessary, but it allows changes to session variables to take
# effect without restarting the session (e.g. by opening a new # effect without restarting the session (e.g. by opening a new

2
nixos/modules/installer/cd-dvd/iso-image.nix
View file

@ -79,7 +79,7 @@ let
echo "options init=${config.system.build.toplevel}/init ${toString config.boot.kernelParams} nomodeset" >> $out/loader/entries/nixos-livecd-nomodeset.conf echo "options init=${config.system.build.toplevel}/init ${toString config.boot.kernelParams} nomodeset" >> $out/loader/entries/nixos-livecd-nomodeset.conf
echo "default nixos-livecd" > $out/loader/loader.conf echo "default nixos-livecd" > $out/loader/loader.conf
echo "timeout ${builtins.toString config.boot.loader.gummiboot.timeout}" >> $out/loader/loader.conf echo "timeout ${builtins.toString config.boot.loader.timeout}" >> $out/loader/loader.conf
''; '';
efiImg = pkgs.runCommand "efi-image_eltorito" { buildInputs = [ pkgs.mtools pkgs.libfaketime ]; } efiImg = pkgs.runCommand "efi-image_eltorito" { buildInputs = [ pkgs.mtools pkgs.libfaketime ]; }

33
nixos/modules/installer/tools/nixos-generate-config.pl
View file

@ -1,5 +1,6 @@
#! @perl@ #! @perl@
use strict;
use Cwd 'abs_path'; use Cwd 'abs_path';
use File::Spec; use File::Spec;
use File::Path; use File::Path;
@ -69,6 +70,7 @@ for (my $n = 0; $n < scalar @ARGV; $n++) {
my @attrs = (); my @attrs = ();
my @kernelModules = (); my @kernelModules = ();
my @initrdKernelModules = (); my @initrdKernelModules = ();
my @initrdAvailableKernelModules = ();
my @modulePackages = (); my @modulePackages = ();
my @imports; my @imports;
@ -379,7 +381,7 @@ EOF
# Is this a btrfs filesystem? # Is this a btrfs filesystem?
if ($fsType eq "btrfs") { if ($fsType eq "btrfs") {
my ($status, @id_info) = runCommand("btrfs subvol show $rootDir$mountPoint"); my ($status, @id_info) = runCommand("btrfs subvol show $rootDir$mountPoint");
if ($status != 0 || join("", @msg) =~ /ERROR:/) { if ($status != 0 || join("", @id_info) =~ /ERROR:/) {
die "Failed to retrieve subvolume info for $mountPoint\n"; die "Failed to retrieve subvolume info for $mountPoint\n";
} }
my @ids = join("", @id_info) =~ m/Subvolume ID:[ \t\n]*([^ \t\n]*)/; my @ids = join("", @id_info) =~ m/Subvolume ID:[ \t\n]*([^ \t\n]*)/;
@ -408,7 +410,7 @@ EOF
EOF EOF
if (scalar @extraOptions > 0) { if (scalar @extraOptions > 0) {
$fileSystems .= <<EOF; $fileSystems .= <<EOF;
options = \[ ${\join " ", map { "\"" . $_ . "\"" } uniq(@extraOptions)} \]; options = \[ ${\join " ", map { "\"" . $_ . "\"" } uniq(@extraOptions)} \];
EOF EOF
} }
@ -417,6 +419,25 @@ EOF
}; };
EOF EOF
# If this filesystem is on a LUKS device, then add a
# boot.initrd.luks.devices entry.
if (-e $device) {
my $deviceName = basename(abs_path($device));
if (-e "/sys/class/block/$deviceName"
&& read_file("/sys/class/block/$deviceName/dm/uuid", err_mode => 'quiet') =~ /^CRYPT-LUKS/)
{
my @slaves = glob("/sys/class/block/$deviceName/slaves/*");
if (scalar @slaves == 1) {
my $slave = "/dev/" . basename($slaves[0]);
if (-e $slave) {
my $dmName = read_file("/sys/class/block/$deviceName/dm/name");
chomp $dmName;
$fileSystems .= " boot.initrd.luks.devices.\"$dmName\".device = \"${\(findStableDevPath $slave)}\";\n\n";
}
}
}
}
} }
@ -440,7 +461,7 @@ sub toNixList {
sub multiLineList { sub multiLineList {
my $indent = shift; my $indent = shift;
return " [ ]" if !@_; return " [ ]" if !@_;
$res = "\n${indent}[ "; my $res = "\n${indent}[ ";
my $first = 1; my $first = 1;
foreach my $s (@_) { foreach my $s (@_) {
$res .= "$indent " if !$first; $res .= "$indent " if !$first;
@ -457,7 +478,7 @@ my $modulePackages = toNixList(uniq @modulePackages);
my $fsAndSwap = ""; my $fsAndSwap = "";
if (!$noFilesystems) { if (!$noFilesystems) {
$fsAndSwap = "\n${fileSystems} "; $fsAndSwap = "\n$fileSystems ";
$fsAndSwap .= "swapDevices =" . multiLineList(" ", @swapDevices) . ";\n"; $fsAndSwap .= "swapDevices =" . multiLineList(" ", @swapDevices) . ";\n";
} }
@ -494,7 +515,7 @@ if ($showHardwareConfig) {
if ($force || ! -e $fn) { if ($force || ! -e $fn) {
print STDERR "writing $fn...\n"; print STDERR "writing $fn...\n";
my $bootloaderConfig = ""; my $bootLoaderConfig = "";
if (-e "/sys/firmware/efi/efivars") { if (-e "/sys/firmware/efi/efivars") {
$bootLoaderConfig = <<EOF; $bootLoaderConfig = <<EOF;
# Use the gummiboot efi boot loader. # Use the gummiboot efi boot loader.
@ -568,7 +589,7 @@ $bootLoaderConfig
# }; # };
# The NixOS release to be compatible with for stateful data such as databases. # The NixOS release to be compatible with for stateful data such as databases.
system.stateVersion = "@nixosRelease@"; system.stateVersion = "${\(qw(@nixosRelease@))}";
} }
EOF EOF

4
nixos/modules/misc/ids.nix
View file

@ -267,6 +267,8 @@
graylog = 243; graylog = 243;
sniproxy = 244; sniproxy = 244;
nzbget = 245; nzbget = 245;
mosquitto = 246;
toxvpn = 247;
# When adding a uid, make sure it doesn't match an existing gid. And don't use uids above 399! # When adding a uid, make sure it doesn't match an existing gid. And don't use uids above 399!
@ -504,6 +506,8 @@
emby = 242; emby = 242;
sniproxy = 244; sniproxy = 244;
nzbget = 245; nzbget = 245;
mosquitto = 246;
#toxvpn = 247; # unused
# When adding a gid, make sure it doesn't match an existing # When adding a gid, make sure it doesn't match an existing
# uid. Users and groups with the same name should have equal # uid. Users and groups with the same name should have equal

8
nixos/modules/misc/version.nix
View file

@ -5,9 +5,11 @@ with lib;
let let
cfg = config.system; cfg = config.system;
releaseFile = "${toString pkgs.path}/.version"; releaseFile = "${toString pkgs.path}/.version";
suffixFile = "${toString pkgs.path}/.version-suffix"; suffixFile = "${toString pkgs.path}/.version-suffix";
revisionFile = "${toString pkgs.path}/.git-revision"; revisionFile = "${toString pkgs.path}/.git-revision";
gitRepo = "${toString pkgs.path}/.git";
gitCommitId = lib.substring 0 7 (commitIdFromGitRepo gitRepo);
in in
{ {
@ -102,6 +104,8 @@ in
# changing them would not rebuild the manual # changing them would not rebuild the manual
nixosLabel = mkDefault (maybeEnv "NIXOS_LABEL" cfg.nixosVersion); nixosLabel = mkDefault (maybeEnv "NIXOS_LABEL" cfg.nixosVersion);
nixosVersion = mkDefault (maybeEnv "NIXOS_VERSION" (cfg.nixosRelease + cfg.nixosVersionSuffix)); nixosVersion = mkDefault (maybeEnv "NIXOS_VERSION" (cfg.nixosRelease + cfg.nixosVersionSuffix));
nixosRevision = mkIf (pathExists gitRepo) (mkDefault gitCommitId);
nixosVersionSuffix = mkIf (pathExists gitRepo) (mkDefault (".git." + gitCommitId));
# Note: code names must only increase in alphabetical order. # Note: code names must only increase in alphabetical order.
nixosCodeName = "Flounder"; nixosCodeName = "Flounder";

5
nixos/modules/module-list.nix
View file

@ -62,7 +62,8 @@
./programs/bash/bash.nix ./programs/bash/bash.nix
./programs/blcr.nix ./programs/blcr.nix
./programs/cdemu.nix ./programs/cdemu.nix
./programs/command-not-found/command-not-found.nix # see https://github.com/NixOS/nixos-channel-scripts/issues/4
#./programs/command-not-found/command-not-found.nix
./programs/dconf.nix ./programs/dconf.nix
./programs/environment.nix ./programs/environment.nix
./programs/freetds.nix ./programs/freetds.nix
@ -346,6 +347,7 @@
./services/networking/mjpg-streamer.nix ./services/networking/mjpg-streamer.nix
./services/networking/minidlna.nix ./services/networking/minidlna.nix
./services/networking/miniupnpd.nix ./services/networking/miniupnpd.nix
./services/networking/mosquitto.nix
./services/networking/mstpd.nix ./services/networking/mstpd.nix
./services/networking/murmur.nix ./services/networking/murmur.nix
./services/networking/namecoind.nix ./services/networking/namecoind.nix
@ -395,6 +397,7 @@
./services/networking/tftpd.nix ./services/networking/tftpd.nix
./services/networking/tlsdated.nix ./services/networking/tlsdated.nix
./services/networking/tox-bootstrapd.nix ./services/networking/tox-bootstrapd.nix
./services/networking/toxvpn.nix
./services/networking/tvheadend.nix ./services/networking/tvheadend.nix
./services/networking/unbound.nix ./services/networking/unbound.nix
./services/networking/unifi.nix ./services/networking/unifi.nix

12
nixos/modules/programs/fish.nix
View file

@ -84,19 +84,19 @@ in
set fish_function_path $fish_function_path ${pkgs.fish-foreign-env}/share/fish-foreign-env/functions set fish_function_path $fish_function_path ${pkgs.fish-foreign-env}/share/fish-foreign-env/functions
fenv source ${config.system.build.setEnvironment} 1> /dev/null fenv source ${config.system.build.setEnvironment} > /dev/null ^&1
fenv source /etc/fish/foreign-env/shellInit 1> /dev/null fenv source /etc/fish/foreign-env/shellInit > /dev/null
${cfg.shellInit} ${cfg.shellInit}
if builtin status --is-login if status --is-login
fenv source /etc/fish/foreign-env/loginShellInit 1> /dev/null fenv source /etc/fish/foreign-env/loginShellInit > /dev/null
${cfg.loginShellInit} ${cfg.loginShellInit}
end end
if builtin status --is-interactive if status --is-interactive
${fishAliases} ${fishAliases}
fenv source /etc/fish/foreign-env/interactiveShellInit 1> /dev/null fenv source /etc/fish/foreign-env/interactiveShellInit > /dev/null
${cfg.interactiveShellInit} ${cfg.interactiveShellInit}
end end
''; '';

2
nixos/modules/programs/man.nix
View file

@ -19,7 +19,7 @@ with lib;
config = mkIf config.programs.man.enable { config = mkIf config.programs.man.enable {
environment.systemPackages = [ pkgs.man ]; environment.systemPackages = [ pkgs.man-db ];
environment.pathsToLink = [ "/share/man" ]; environment.pathsToLink = [ "/share/man" ];

143
nixos/modules/programs/tmux.nix
View file

@ -5,8 +5,57 @@ let
cfg = config.programs.tmux; cfg = config.programs.tmux;
in defaultKeyMode = "emacs";
{ defaultResize = 5;
defaultShortcut = "b";
defaultTerminal = "screen";
boolToStr = value: if value then "on" else "off";
tmuxConf = ''
set -g default-terminal "${cfg.terminal}"
set -g base-index ${toString cfg.baseIndex}
setw -g pane-base-index ${toString cfg.baseIndex}
${if cfg.newSession then "new-session" else ""}
${if cfg.reverseSplit then ''
bind v split-window -h
bind s split-window -v
'' else ""}
set -g status-keys ${cfg.keyMode}
set -g mode-keys ${cfg.keyMode}
${if cfg.keyMode == "vi" then ''
bind h select-pane -L
bind j select-pane -D
bind k select-pane -U
bind l select-pane -R
bind -r H resize-pane -L ${toString cfg.resizeAmount}
bind -r J resize-pane -D ${toString cfg.resizeAmount}
bind -r K resize-pane -U ${toString cfg.resizeAmount}
bind -r L resize-pane -R ${toString cfg.resizeAmount}
'' else ""}
${if (cfg.shortcut != defaultShortcut) then ''
# rebind main key: C-${cfg.shortcut}
unbind C-${defaultShortcut}
set -g prefix C-${cfg.shortcut}
bind ${cfg.shortcut} send-prefix
bind C-${cfg.shortcut} last-window
'' else ""}
setw -g aggressive-resize ${boolToStr cfg.aggressiveResize}
setw -g clock-mode-style ${if cfg.clock24 then "24" else "12"}
set -s escape-time ${toString cfg.escapeTime}
set -g history-limit ${toString cfg.historyLimit}
${cfg.extraTmuxConf}
'';
in {
###### interface ###### interface
options = { options = {
@ -14,13 +63,92 @@ in
enable = mkEnableOption "<command>tmux</command> - a <command>screen</command> replacement."; enable = mkEnableOption "<command>tmux</command> - a <command>screen</command> replacement.";
tmuxconf = mkOption { aggressiveResize = mkOption {
default = false;
example = true;
type = types.bool;
description = ''
Resize the window to the size of the smallest session for which it is the current window.
'';
};
baseIndex = mkOption {
default = 0;
example = 1;
type = types.int;
description = "Base index for windows and panes.";
};
clock24 = mkOption {
default = false;
example = true;
type = types.bool;
description = "Use 24 hour clock.";
};
escapeTime = mkOption {
default = 500;
example = 0;
type = types.int;
description = "Time in milliseconds for which tmux waits after an escape is input.";
};
extraTmuxConf = mkOption {
default = ""; default = "";
description = '' description = ''
The contents of /etc/tmux.conf Additional contents of /etc/tmux.conf
''; '';
type = types.lines; type = types.lines;
}; };
historyLimit = mkOption {
default = 2000;
example = 5000;
type = types.int;
description = "Maximum number of lines held in window history.";
};
keyMode = mkOption {
default = defaultKeyMode;
example = "vi";
type = types.enum [ "emacs" "vi" ];
description = "VI or Emacs style shortcuts.";
};
newSession = mkOption {
default = false;
example = true;
type = types.bool;
description = "Automatically spawn a session if trying to attach and none are running.";
};
reverseSplit = mkOption {
default = false;
example = true;
type = types.bool;
description = "Reverse the window split shortcuts.";
};
resizeAmount = mkOption {
default = defaultResize;
example = 10;
type = types.int;
description = "Number of lines/columns when resizing.";
};
shortcut = mkOption {
default = defaultShortcut;
example = "a";
type = types.str;
description = "Ctrl following by this key is used as the main shortcut.";
};
terminal = mkOption {
default = defaultTerminal;
example = "screen-256color";
type = types.str;
description = "Set the $TERM variable.";
};
}; };
}; };
@ -28,8 +156,13 @@ in
config = mkIf cfg.enable { config = mkIf cfg.enable {
environment = { environment = {
etc."tmux.conf".text = tmuxConf;
systemPackages = [ pkgs.tmux ]; systemPackages = [ pkgs.tmux ];
etc."tmux.conf".text = cfg.tmuxconf;
variables = {
TMUX_TMPDIR = ''''${XDG_RUNTIME_DIR:-"/run/user/\$(id -u)"}'';
};
}; };
}; };
} }

2
nixos/modules/rename.nix
View file

@ -34,6 +34,8 @@ with lib;
# Old Grub-related options. # Old Grub-related options.
(mkRenamedOptionModule [ "boot" "initrd" "extraKernelModules" ] [ "boot" "initrd" "kernelModules" ]) (mkRenamedOptionModule [ "boot" "initrd" "extraKernelModules" ] [ "boot" "initrd" "kernelModules" ])
(mkRenamedOptionModule [ "boot" "extraKernelParams" ] [ "boot" "kernelParams" ]) (mkRenamedOptionModule [ "boot" "extraKernelParams" ] [ "boot" "kernelParams" ])
(mkRenamedOptionModule [ "boot" "loader" "grub" "timeout" ] [ "boot" "loader" "timeout" ])
(mkRenamedOptionModule [ "boot" "loader" "gummiboot" "timeout" ] [ "boot" "loader" "timeout" ])
# smartd # smartd
(mkRenamedOptionModule [ "services" "smartd" "deviceOpts" ] [ "services" "smartd" "defaults" "monitored" ]) (mkRenamedOptionModule [ "services" "smartd" "deviceOpts" ] [ "services" "smartd" "defaults" "monitored" ])

2
nixos/modules/security/setuid-wrappers.nix
View file

@ -96,7 +96,7 @@ in
}: }:
'' ''
if ! source=${if source != "" then source else "$(PATH=$SETUID_PATH type -tP ${program})"}; then if ! source=${if source != "" then source else "$(readlink -f $(PATH=$SETUID_PATH type -tP ${program}))"}; then
# If we can't find the program, fall back to the # If we can't find the program, fall back to the
# system profile. # system profile.
source=/nix/var/nix/profiles/default/bin/${program} source=/nix/var/nix/profiles/default/bin/${program}

4
nixos/modules/services/computing/slurm/slurm.nix
View file

@ -40,7 +40,7 @@ in
defaultText = "pkgs.slurm-llnl"; defaultText = "pkgs.slurm-llnl";
example = literalExample "pkgs.slurm-llnl-full"; example = literalExample "pkgs.slurm-llnl-full";
description = '' description = ''
The packge to use for slurm binaries. The package to use for slurm binaries.
''; '';
}; };
@ -111,7 +111,7 @@ in
builder = pkgs.writeText "builder.sh" '' builder = pkgs.writeText "builder.sh" ''
source $stdenv/setup source $stdenv/setup
mkdir -p $out/bin mkdir -p $out/bin
find ${cfg.package}/bin -type f -executable | while read EXE find ${getBin cfg.package}/bin -type f -executable | while read EXE
do do
exename="$(basename $EXE)" exename="$(basename $EXE)"
wrappername="$out/bin/$exename" wrappername="$out/bin/$exename"

24
nixos/modules/services/databases/redis.nix
View file

@ -68,6 +68,22 @@ in
description = "The port for Redis to listen to."; description = "The port for Redis to listen to.";
}; };
vmOverCommit = mkOption {
type = types.bool;
default = false;
description = ''
Set vm.overcommit_memory to 1 (Suggested for Background Saving: http://redis.io/topics/faq)
'';
};
openFirewall = mkOption {
type = types.bool;
default = false;
description = ''
Whether to open ports in the firewall for the server.
'';
};
bind = mkOption { bind = mkOption {
type = with types; nullOr str; type = with types; nullOr str;
default = null; # All interfaces default = null; # All interfaces
@ -193,6 +209,14 @@ in
config = mkIf config.services.redis.enable { config = mkIf config.services.redis.enable {
boot.kernel.sysctl = mkIf cfg.vmOverCommit {
"vm.overcommit_memory" = "1";
};
networking.firewall = mkIf cfg.openFirewall {
allowedTCPPorts = [ cfg.port ];
};
users.extraUsers.redis = users.extraUsers.redis =
{ name = cfg.user; { name = cfg.user;
uid = config.ids.uids.redis; uid = config.ids.uids.redis;

2
nixos/modules/services/desktops/gnome3/gnome-keyring.nix
View file

@ -36,7 +36,7 @@ in
environment.systemPackages = [ gnome3.gnome_keyring ]; environment.systemPackages = [ gnome3.gnome_keyring ];
services.dbus.packages = [ gnome3.gnome_keyring ]; services.dbus.packages = [ gnome3.gnome_keyring gnome3.gcr ];
}; };

11
nixos/modules/services/mail/opensmtpd.nix
View file

@ -107,7 +107,16 @@ in {
wantedBy = [ "multi-user.target" ]; wantedBy = [ "multi-user.target" ];
wants = [ "network.target" ]; wants = [ "network.target" ];
after = [ "network.target" ]; after = [ "network.target" ];
preStart = "mkdir -p /var/spool"; preStart = ''
mkdir -p /var/spool/smtpd
mkdir -p /var/spool/smtpd/offline
chown root.smtpq /var/spool/smtpd/offline
chmod 770 /var/spool/smtpd/offline
mkdir -p /var/spool/smtpd/purge
chmod 700 /var/spool/smtpd/purge
'';
serviceConfig.ExecStart = "${opensmtpd}/sbin/smtpd -d -f ${conf} ${args}"; serviceConfig.ExecStart = "${opensmtpd}/sbin/smtpd -d -f ${conf} ${args}";
environment.OPENSMTPD_PROC_PATH = "${procEnv}/libexec/opensmtpd"; environment.OPENSMTPD_PROC_PATH = "${procEnv}/libexec/opensmtpd";
}; };

2
nixos/modules/services/network-filesystems/diod.nix
View file

@ -153,7 +153,7 @@ in
after = [ "network.target" ]; after = [ "network.target" ];
serviceConfig = { serviceConfig = {
ExecStart = "${pkgs.diod}/sbin/diod -f -c ${diodConfig}"; ExecStart = "${pkgs.diod}/sbin/diod -f -c ${diodConfig}";
Capabilities = "cap_net_bind_service+=ep"; CapabilityBoundingSet = "cap_net_bind_service+=ep";
}; };
}; };
}; };

6
nixos/modules/services/networking/chrony.nix
View file

@ -64,7 +64,7 @@ in
###### implementation ###### implementation
config = mkIf config.services.chrony.enable { config = mkIf cfg.enable {
# Make chronyc available in the system path # Make chronyc available in the system path
environment.systemPackages = [ pkgs.chrony ]; environment.systemPackages = [ pkgs.chrony ];
@ -101,12 +101,14 @@ in
home = stateDir; home = stateDir;
}; };
systemd.services.ntpd.enable = false; systemd.services.ntpd.enable = mkForce false;
systemd.services.chronyd = systemd.services.chronyd =
{ description = "chrony NTP daemon"; { description = "chrony NTP daemon";
wantedBy = [ "multi-user.target" ]; wantedBy = [ "multi-user.target" ];
wants = [ "time-sync.target" ];
before = [ "time-sync.target" ];
after = [ "network.target" ]; after = [ "network.target" ];
conflicts = [ "ntpd.service" "systemd-timesyncd.service" ]; conflicts = [ "ntpd.service" "systemd-timesyncd.service" ];

2
nixos/modules/services/networking/dnscrypt-proxy.nix
View file

@ -90,7 +90,7 @@ in
example = literalExample "${pkgs.dnscrypt-proxy}/share/dnscrypt-proxy/dnscrypt-resolvers.csv"; example = literalExample "${pkgs.dnscrypt-proxy}/share/dnscrypt-proxy/dnscrypt-resolvers.csv";
default = pkgs.fetchurl { default = pkgs.fetchurl {
url = "https://raw.githubusercontent.com/jedisct1/dnscrypt-proxy/master/dnscrypt-resolvers.csv"; url = "https://raw.githubusercontent.com/jedisct1/dnscrypt-proxy/master/dnscrypt-resolvers.csv";
sha256 = "07kbbisrvrqdxif3061hxj3whin3llg4nh50ln7prisi2vbd76xd"; sha256 = "0lac20qhcgjxxiiz8jzcn3hkqj4ywl58hahp5n2i6vf9akfyqp7c";
}; };
defaultText = "pkgs.fetchurl { url = ...; sha256 = ...; }"; defaultText = "pkgs.fetchurl { url = ...; sha256 = ...; }";
}; };

219
nixos/modules/services/networking/mosquitto.nix Normal file
View file

@ -0,0 +1,219 @@
{ config, lib, pkgs, ...}:
with lib;
let
cfg = config.services.mosquitto;
listenerConf = optionalString cfg.ssl.enable ''
listener ${toString cfg.ssl.port} ${cfg.ssl.host}
cafile ${cfg.ssl.cafile}
certfile ${cfg.ssl.certfile}
keyfile ${cfg.ssl.keyfile}
'';
mosquittoConf = pkgs.writeText "mosquitto.conf" ''
pid_file /run/mosquitto/pid
acl_file ${aclFile}
persistence true
allow_anonymous ${if cfg.allowAnonymous then "true" else "false"}
bind_address ${cfg.host}
port ${toString cfg.port}
${listenerConf}
${cfg.extraConf}
'';
userAcl = (concatStringsSep "\n\n" (mapAttrsToList (n: c:
"user ${n}\n" + (concatStringsSep "\n" c.acl)) cfg.users
));
aclFile = pkgs.writeText "mosquitto.acl" ''
${cfg.aclExtraConf}
${userAcl}
'';
in
{
###### Interface
options = {
services.mosquitto = {
enable = mkEnableOption "Enable the MQTT Mosquitto broker.";
host = mkOption {
default = "127.0.0.1";
example = "0.0.0.0";
type = types.string;
description = ''
Host to listen on without SSL.
'';
};
port = mkOption {
default = 1883;
example = 1883;
type = types.int;
description = ''
Port on which to listen without SSL.
'';
};
ssl = {
enable = mkEnableOption "Enable SSL listener.";
cafile = mkOption {
type = types.nullOr types.path;
default = null;
description = "Path to PEM encoded CA certificates.";
};
certfile = mkOption {
type = types.nullOr types.path;
default = null;
description = "Path to PEM encoded server certificate.";
};
keyfile = mkOption {
type = types.nullOr types.path;
default = null;
description = "Path to PEM encoded server key.";
};
host = mkOption {
default = "0.0.0.0";
example = "localhost";
type = types.string;
description = ''
Host to listen on with SSL.
'';
};
port = mkOption {
default = 8883;
example = 8883;
type = types.int;
description = ''
Port on which to listen with SSL.
'';
};
};
dataDir = mkOption {
default = "/var/lib/mosquitto";
type = types.path;
description = ''
The data directory.
'';
};
users = mkOption {
type = types.attrsOf (types.submodule {
options = {
password = mkOption {
type = with types; uniq (nullOr str);
default = null;
description = ''
Specifies the (clear text) password for the MQTT User.
'';
};
hashedPassword = mkOption {
type = with types; uniq (nullOr str);
default = null;
description = ''
Specifies the hashed password for the MQTT User.
<option>hashedPassword</option> overrides <option>password</option>.
To generate hashed password install <literal>mkpasswd</literal>
package and run <literal>mkpasswd -m sha-512</literal>.
'';
};
acl = mkOption {
type = types.listOf types.string;
example = [ "topic read A/B" "topic A/#" ];
description = ''
Control client access to topics on the broker.
'';
};
};
});
example = { john = { password = "123456"; acl = [ "topic readwrite john/#" ]; }; };
description = ''
A set of users and their passwords and ACLs.
'';
};
allowAnonymous = mkOption {
default = false;
example = true;
type = types.bool;
description = ''
Allow clients to connect without authentication.
'';
};
extraConf = mkOption {
default = "";
type = types.lines;
description = ''
Extra config to append to `mosquitto.conf` file.
'';
};
aclExtraConf = mkOption {
default = "";
type = types.lines;
description = ''
Extra config to prepend to the ACL file.
'';
};
};
};
###### Implementation
config = mkIf cfg.enable {
systemd.services.mosquitto = {
description = "Mosquitto MQTT Broker Daemon";
wantedBy = [ "multi-user.target" ];
after = [ "network.target" ];
serviceConfig = {
Type = "forking";
User = "mosquitto";
Group = "mosquitto";
RuntimeDirectory = "mosquitto";
WorkingDirectory = cfg.dataDir;
Restart = "on-failure";
ExecStart = "${pkgs.mosquitto}/bin/mosquitto -c ${mosquittoConf} -d";
ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID";
PIDFile = "/run/mosquitto/pid";
};
preStart = ''
rm -f ${cfg.dataDir}/passwd
touch ${cfg.dataDir}/passwd
'' + concatStringsSep "\n" (
mapAttrsToList (n: c:
if c.hashedPassword != null then
"echo '${n}:${c.hashedPassword}' > ${cfg.dataDir}/passwd"
else optionalString (c.password != null)
"${pkgs.mosquitto}/bin/mosquitto_passwd -b ${cfg.dataDir}/passwd ${n} ${c.password}"
) cfg.users);
};
users.extraUsers.mosquitto = {
description = "Mosquitto MQTT Broker Daemon owner";
group = "mosquitto";
uid = config.ids.uids.mosquitto;
home = cfg.dataDir;
createHome = true;
};
users.extraGroups.mosquitto.gid = config.ids.gids.mosquitto;
};
}

8
nixos/modules/services/networking/networkmanager.nix
View file

@ -114,12 +114,10 @@ in {
# Ugly hack for using the correct gnome3 packageSet # Ugly hack for using the correct gnome3 packageSet
basePackages = mkOption { basePackages = mkOption {
type = types.attrsOf types.package; type = types.attrsOf types.package;
default = { inherit modemmanager wpa_supplicant default = { inherit networkmanager modemmanager wpa_supplicant
networkmanager_openvpn networkmanager_vpnc networkmanager_openvpn networkmanager_vpnc
networkmanager_openconnect networkmanager_openconnect
networkmanager_pptp networkmanager_l2tp; networkmanager_pptp networkmanager_l2tp; };
networkmanager = networkmanager.out;
};
internal = true; internal = true;
}; };
@ -189,7 +187,7 @@ in {
boot.kernelModules = [ "ppp_mppe" ]; # Needed for most (all?) PPTP VPN connections. boot.kernelModules = [ "ppp_mppe" ]; # Needed for most (all?) PPTP VPN connections.
environment.etc = with mapAttrs (name: getBin) cfg.basePackages; [ environment.etc = with cfg.basePackages; [
{ source = ipUpScript; { source = ipUpScript;
target = "NetworkManager/dispatcher.d/01nixos-ip-up"; target = "NetworkManager/dispatcher.d/01nixos-ip-up";
} }

2
nixos/modules/services/networking/ntpd.nix
View file

@ -82,6 +82,8 @@ in
{ description = "NTP Daemon"; { description = "NTP Daemon";
wantedBy = [ "multi-user.target" ]; wantedBy = [ "multi-user.target" ];
wants = [ "time-sync.target" ];
before = [ "time-sync.target" ];
preStart = preStart =
'' ''

3
nixos/modules/services/networking/openntpd.nix
View file

@ -64,7 +64,8 @@ in
systemd.services.openntpd = { systemd.services.openntpd = {
description = "OpenNTP Server"; description = "OpenNTP Server";
wantedBy = [ "multi-user.target" ]; wantedBy = [ "multi-user.target" ];
wants = [ "network-online.target" ]; wants = [ "network-online.target" "time-sync.target" ];
before = [ "time-sync.target" ];
after = [ "dnsmasq.service" "bind.service" "network-online.target" ]; after = [ "dnsmasq.service" "bind.service" "network-online.target" ];
serviceConfig.ExecStart = "${package}/sbin/ntpd -d -f ${cfgFile} ${cfg.extraOptions}"; serviceConfig.ExecStart = "${package}/sbin/ntpd -d -f ${cfgFile} ${cfg.extraOptions}";
}; };

4
nixos/modules/services/networking/syncthing.nix
View file

@ -121,7 +121,7 @@ in
User = cfg.user; User = cfg.user;
Group = cfg.group; Group = cfg.group;
PermissionsStartOnly = true; PermissionsStartOnly = true;
ExecStart = "${pkgs.syncthing}/bin/syncthing -no-browser -home=${cfg.dataDir}"; ExecStart = "${cfg.package}/bin/syncthing -no-browser -home=${cfg.dataDir}";
}; };
}; };
}; };
@ -129,7 +129,7 @@ in
systemd.user.services = { systemd.user.services = {
syncthing = header // { syncthing = header // {
serviceConfig = service // { serviceConfig = service // {
ExecStart = "${pkgs.syncthing}/bin/syncthing -no-browser"; ExecStart = "${cfg.package}/bin/syncthing -no-browser";
}; };
}; };
}; };

54
nixos/modules/services/networking/toxvpn.nix Normal file
View file

@ -0,0 +1,54 @@
{ config, stdenv, pkgs, lib, ... }:
with lib;
{
options = {
services.toxvpn = {
enable = mkEnableOption "enable toxvpn running on startup";
localip = mkOption {
type = types.string;
default = "10.123.123.1";
description = "your ip on the vpn";
};
port = mkOption {
type = types.int;
default = 33445;
description = "udp port for toxcore, port-forward to help with connectivity if you run many nodes behind one NAT";
};
};
};
config = mkIf config.services.toxvpn.enable {
systemd.services.toxvpn = {
description = "toxvpn daemon";
requires = [ "network-online.target" ]; # consider replacing by NetworkManager-wait-online.service
wantedBy = [ "multi-user.target" ];
preStart = ''
mkdir -p /run/toxvpn || true
chown toxvpn /run/toxvpn
'';
serviceConfig = {
ExecStart = "${pkgs.toxvpn}/bin/toxvpn -i ${config.services.toxvpn.localip} -l /run/toxvpn/control -u toxvpn -p ${toString config.services.toxvpn.port}";
KillMode = "process";
Restart = "on-success";
Type = "notify";
};
restartIfChanged = false; # Likely to be used for remote admin
};
users.extraUsers = {
toxvpn = {
uid = config.ids.uids.toxvpn;
home = "/var/lib/toxvpn";
createHome = true;
};
};
};
}

2
nixos/modules/services/networking/unbound.nix
View file

@ -106,8 +106,10 @@ in
preStart = '' preStart = ''
mkdir -m 0755 -p ${stateDir}/dev/ mkdir -m 0755 -p ${stateDir}/dev/
cp ${confFile} ${stateDir}/unbound.conf cp ${confFile} ${stateDir}/unbound.conf
${optionalString cfg.enableRootTrustAnchor ''
${pkgs.unbound}/bin/unbound-anchor -a ${rootTrustAnchorFile} ${pkgs.unbound}/bin/unbound-anchor -a ${rootTrustAnchorFile}
chown unbound ${stateDir} ${rootTrustAnchorFile} chown unbound ${stateDir} ${rootTrustAnchorFile}
''}
touch ${stateDir}/dev/random touch ${stateDir}/dev/random
${pkgs.utillinux}/bin/mount --bind -n /dev/random ${stateDir}/dev/random ${pkgs.utillinux}/bin/mount --bind -n /dev/random ${stateDir}/dev/random
''; '';

2
nixos/modules/services/security/fail2ban.nix
View file

@ -102,7 +102,7 @@ in
partOf = optional config.networking.firewall.enable "firewall.service"; partOf = optional config.networking.firewall.enable "firewall.service";
restartTriggers = [ fail2banConf jailConf ]; restartTriggers = [ fail2banConf jailConf ];
path = [ pkgs.fail2ban pkgs.iptables ]; path = [ pkgs.fail2ban pkgs.iptables pkgs.iproute ];
preStart = preStart =
'' ''

2
nixos/modules/services/system/dbus.nix
View file

@ -110,7 +110,7 @@ in
}; };
services.dbus.packages = [ services.dbus.packages = [
pkgs.dbus pkgs.dbus.out
config.system.path config.system.path
]; ];

32
nixos/modules/services/torrent/transmission.nix
View file

@ -113,22 +113,22 @@ in
#include <abstractions/base> #include <abstractions/base>
#include <abstractions/nameservice> #include <abstractions/nameservice>
${pkgs.glibc.out}/lib/*.so mr, ${getLib pkgs.glibc}/lib/*.so mr,
${pkgs.libevent.out}/lib/libevent*.so* mr, ${getLib pkgs.libevent}/lib/libevent*.so* mr,
${pkgs.curl.out}/lib/libcurl*.so* mr, ${getLib pkgs.curl}/lib/libcurl*.so* mr,
${pkgs.openssl.out}/lib/libssl*.so* mr, ${getLib pkgs.openssl}/lib/libssl*.so* mr,
${pkgs.openssl.out}/lib/libcrypto*.so* mr, ${getLib pkgs.openssl}/lib/libcrypto*.so* mr,
${pkgs.zlib.out}/lib/libz*.so* mr, ${getLib pkgs.zlib}/lib/libz*.so* mr,
${pkgs.libssh2.out}/lib/libssh2*.so* mr, ${getLib pkgs.libssh2}/lib/libssh2*.so* mr,
${pkgs.systemd}/lib/libsystemd*.so* mr, ${getLib pkgs.systemd}/lib/libsystemd*.so* mr,
${pkgs.xz.out}/lib/liblzma*.so* mr, ${getLib pkgs.xz}/lib/liblzma*.so* mr,
${pkgs.libgcrypt.out}/lib/libgcrypt*.so* mr, ${getLib pkgs.libgcrypt}/lib/libgcrypt*.so* mr,
${pkgs.libgpgerror.out}/lib/libgpg-error*.so* mr, ${getLib pkgs.libgpgerror}/lib/libgpg-error*.so* mr,
${pkgs.nghttp2.lib}/lib/libnghttp2*.so* mr, ${getLib pkgs.nghttp2}/lib/libnghttp2*.so* mr,
${pkgs.c-ares.out}/lib/libcares*.so* mr, ${getLib pkgs.c-ares}/lib/libcares*.so* mr,
${pkgs.libcap.lib}/lib/libcap*.so* mr, ${getLib pkgs.libcap}/lib/libcap*.so* mr,
${pkgs.attr.out}/lib/libattr*.so* mr, ${getLib pkgs.attr}/lib/libattr*.so* mr,
${pkgs.lz4}/lib/liblz4*.so* mr, ${getLib pkgs.lz4}/lib/liblz4*.so* mr,
@{PROC}/sys/kernel/random/uuid r, @{PROC}/sys/kernel/random/uuid r,
@{PROC}/sys/vm/overcommit_memory r, @{PROC}/sys/vm/overcommit_memory r,

2
nixos/modules/services/web-servers/apache-httpd/mediawiki.nix
View file

@ -43,7 +43,7 @@ let
# Paths to external programs. # Paths to external programs.
$wgDiff3 = "${pkgs.diffutils}/bin/diff3"; $wgDiff3 = "${pkgs.diffutils}/bin/diff3";
$wgDiff = "${pkgs.diffutils}/bin/diff"; $wgDiff = "${pkgs.diffutils}/bin/diff";
$wgImageMagickConvertCommand = "${pkgs.imagemagick}/bin/convert"; $wgImageMagickConvertCommand = "${pkgs.imagemagick.out}/bin/convert";
#$wgDebugLogFile = "/tmp/mediawiki_debug_log.txt"; #$wgDebugLogFile = "/tmp/mediawiki_debug_log.txt";

2
nixos/modules/services/x11/desktop-managers/gnome3.nix
View file

@ -44,7 +44,7 @@ let
${cfg.extraGSettingsOverrides} ${cfg.extraGSettingsOverrides}
EOF EOF
${pkgs.glib}/bin/glib-compile-schemas $out/share/gsettings-schemas/nixos-gsettings-overrides/glib-2.0/schemas/ ${pkgs.glib.dev}/bin/glib-compile-schemas $out/share/gsettings-schemas/nixos-gsettings-overrides/glib-2.0/schemas/
''; '';
}; };

20
nixos/modules/services/x11/display-managers/default.nix
View file

@ -32,6 +32,12 @@ let
'' ''
#! ${pkgs.bash}/bin/bash #! ${pkgs.bash}/bin/bash
${optionalString cfg.displayManager.logToJournal ''
if [ -z "$_DID_SYSTEMD_CAT" ]; then
_DID_SYSTEMD_CAT=1 exec ${config.systemd.package}/bin/systemd-cat -t xsession -- "$0" "$1"
fi
''}
. /etc/profile . /etc/profile
cd "$HOME" cd "$HOME"
@ -39,7 +45,7 @@ let
sessionType="$1" sessionType="$1"
if [ "$sessionType" = default ]; then sessionType=""; fi if [ "$sessionType" = default ]; then sessionType=""; fi
${optionalString (!cfg.displayManager.job.logsXsession) '' ${optionalString (!cfg.displayManager.job.logsXsession && !cfg.displayManager.logToJournal) ''
exec > ~/.xsession-errors 2>&1 exec > ~/.xsession-errors 2>&1
''} ''}
@ -83,6 +89,8 @@ let
# .local/share doesn't exist yet. # .local/share doesn't exist yet.
mkdir -p $HOME/.local/share mkdir -p $HOME/.local/share
unset _DID_SYSTEMD_CAT
${cfg.displayManager.sessionCommands} ${cfg.displayManager.sessionCommands}
# Allow the user to execute commands at the beginning of the X session. # Allow the user to execute commands at the beginning of the X session.
@ -278,6 +286,16 @@ in
}; };
logToJournal = mkOption {
type = types.bool;
default = true;
description = ''
By default, the stdout/stderr of sessions is written
to <filename>~/.xsession-errors</filename>. When this option
is enabled, it will instead be written to the journal.
'';
};
}; };
}; };

2
nixos/modules/services/x11/display-managers/kdm.nix
View file

@ -139,7 +139,7 @@ in
mkdir -m 0755 -p /var/lib/kdm mkdir -m 0755 -p /var/lib/kdm
chown kdm /var/lib/kdm chown kdm /var/lib/kdm
${(optionalString (config.system.boot.loader.id == "grub" && config.system.build.grub != null) "PATH=${config.system.build.grub}/sbin:$PATH ") + ${(optionalString (config.system.boot.loader.id == "grub" && config.system.build.grub != null) "PATH=${config.system.build.grub}/sbin:$PATH ") +
"KDEDIRS=/run/current-system/sw exec ${kdebase_workspace}/bin/kdm -config ${kdmrc} -nodaemon"} "KDEDIRS=/run/current-system/sw exec ${kdebase_workspace}/bin/kdm -config ${kdmrc} -nodaemon -logfile /dev/stderr"}
''; '';
logsXsession = true; logsXsession = true;
}; };

4
nixos/modules/services/x11/hardware/synaptics.nix
View file

@ -169,10 +169,10 @@ in {
config = mkIf cfg.enable { config = mkIf cfg.enable {
services.xserver.modules = [ pkg ]; services.xserver.modules = [ pkg.out ];
environment.etc."${etcFile}".source = environment.etc."${etcFile}".source =
"${pkg}/share/X11/xorg.conf.d/50-synaptics.conf"; "${pkg.out}/share/X11/xorg.conf.d/50-synaptics.conf";
environment.systemPackages = [ pkg ]; environment.systemPackages = [ pkg ];

5
nixos/modules/services/x11/xserver.nix
View file

@ -16,6 +16,7 @@ let
virtualbox = { modules = [ kernelPackages.virtualboxGuestAdditions ]; driverName = "vboxvideo"; }; virtualbox = { modules = [ kernelPackages.virtualboxGuestAdditions ]; driverName = "vboxvideo"; };
ati = { modules = with pkgs.xorg; [ xf86videoati glamoregl ]; }; ati = { modules = with pkgs.xorg; [ xf86videoati glamoregl ]; };
intel = { modules = with pkgs.xorg; [ xf86videointel glamoregl ]; }; intel = { modules = with pkgs.xorg; [ xf86videointel glamoregl ]; };
modesetting = { modules = []; };
}; };
fontsForXServer = fontsForXServer =
@ -519,6 +520,7 @@ in
serviceConfig = { serviceConfig = {
Restart = "always"; Restart = "always";
RestartSec = "200ms"; RestartSec = "200ms";
SyslogIdentifier = "display-manager";
}; };
}; };
@ -526,10 +528,11 @@ in
[ "-terminate" [ "-terminate"
"-config ${configFile}" "-config ${configFile}"
"-xkbdir" "${cfg.xkbDir}" "-xkbdir" "${cfg.xkbDir}"
# Log at the default verbosity level to stderr rather than /var/log/X.*.log.
"-verbose" "3" "-logfile" "/dev/null"
] ++ optional (cfg.display != null) ":${toString cfg.display}" ] ++ optional (cfg.display != null) ":${toString cfg.display}"
++ optional (cfg.tty != null) "vt${toString cfg.tty}" ++ optional (cfg.tty != null) "vt${toString cfg.tty}"
++ optional (cfg.dpi != null) "-dpi ${toString cfg.dpi}" ++ optional (cfg.dpi != null) "-dpi ${toString cfg.dpi}"
++ optionals (cfg.display != null) [ "-logfile" "/var/log/X.${toString cfg.display}.log" ]
++ optional (!cfg.enableTCP) "-nolisten tcp"; ++ optional (!cfg.enableTCP) "-nolisten tcp";
services.xserver.modules = services.xserver.modules =

4
nixos/modules/system/boot/initrd-ssh.nix
View file

@ -85,6 +85,10 @@ in
}; };
config = mkIf (config.boot.initrd.network.enable && cfg.enable) { config = mkIf (config.boot.initrd.network.enable && cfg.enable) {
assertions = [ {
assertion = cfg.hostRSAKey != null || cfg.hostDSSKey != null || cfg.hostECDSAKey != null;
message = "You should specify at least one host key for initrd SSH";
} ];
boot.initrd.extraUtilsCommands = '' boot.initrd.extraUtilsCommands = ''
copy_bin_and_libs ${pkgs.dropbear}/bin/dropbear copy_bin_and_libs ${pkgs.dropbear}/bin/dropbear

11
nixos/modules/system/boot/loader/grub/grub.nix
View file

@ -48,12 +48,13 @@ let
bootPath = args.path; bootPath = args.path;
storePath = config.boot.loader.grub.storePath; storePath = config.boot.loader.grub.storePath;
bootloaderId = if args.efiBootloaderId == null then "NixOS${efiSysMountPoint'}" else args.efiBootloaderId; bootloaderId = if args.efiBootloaderId == null then "NixOS${efiSysMountPoint'}" else args.efiBootloaderId;
timeout = if config.boot.loader.timeout == null then -1 else config.boot.loader.timeout;
inherit efiSysMountPoint; inherit efiSysMountPoint;
inherit (args) devices; inherit (args) devices;
inherit (efi) canTouchEfiVariables; inherit (efi) canTouchEfiVariables;
inherit (cfg) inherit (cfg)
version extraConfig extraPerEntryConfig extraEntries version extraConfig extraPerEntryConfig extraEntries
extraEntriesBeforeNixOS extraPrepareConfig configurationLimit copyKernels timeout extraEntriesBeforeNixOS extraPrepareConfig configurationLimit copyKernels
default fsIdentifier efiSupport gfxmodeEfi gfxmodeBios; default fsIdentifier efiSupport gfxmodeEfi gfxmodeBios;
path = (makeBinPath ([ path = (makeBinPath ([
pkgs.coreutils pkgs.gnused pkgs.gnugrep pkgs.findutils pkgs.diffutils pkgs.btrfs-progs pkgs.coreutils pkgs.gnused pkgs.gnugrep pkgs.findutils pkgs.diffutils pkgs.btrfs-progs
@ -313,14 +314,6 @@ in
''; '';
}; };
timeout = mkOption {
default = if (config.boot.loader.timeout != null) then config.boot.loader.timeout else -1;
type = types.int;
description = ''
Timeout (in seconds) until GRUB boots the default menu item.
'';
};
default = mkOption { default = mkOption {
default = 0; default = 0;
type = types.int; type = types.int;

16
nixos/modules/system/boot/loader/gummiboot/gummiboot.nix
View file

@ -16,7 +16,7 @@ let
nix = config.nix.package.out; nix = config.nix.package.out;
timeout = if cfg.timeout != null then cfg.timeout else ""; timeout = if config.boot.loader.timeout != null then config.boot.loader.timeout else "";
inherit (efi) efiSysMountPoint canTouchEfiVariables; inherit (efi) efiSysMountPoint canTouchEfiVariables;
}; };
@ -29,20 +29,6 @@ in {
description = "Whether to enable the gummiboot UEFI boot manager"; description = "Whether to enable the gummiboot UEFI boot manager";
}; };
timeout = mkOption {
default = if config.boot.loader.timeout == null then 10000 else config.boot.loader.timeout;
example = 4;
type = types.nullOr types.int;
description = ''
Timeout (in seconds) for how long to show the menu (null if none).
Note that even with no timeout the menu can be forced if the space
key is pressed during bootup
'';
};
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {

44
nixos/modules/system/boot/luksroot.nix
View file

@ -5,7 +5,7 @@ with lib;
let let
luks = config.boot.initrd.luks; luks = config.boot.initrd.luks;
openCommand = { name, device, header, keyFile, keyFileSize, allowDiscards, yubikey, ... }: '' openCommand = name': { name, device, header, keyFile, keyFileSize, allowDiscards, yubikey, ... }: assert name' == name; ''
# Wait for luksRoot to appear, e.g. if on a usb drive. # Wait for luksRoot to appear, e.g. if on a usb drive.
# XXX: copied and adapted from stage-1-init.sh - should be # XXX: copied and adapted from stage-1-init.sh - should be
# available as a function. # available as a function.
@ -192,9 +192,8 @@ let
''} ''}
''; '';
isPreLVM = f: f.preLVM; preLVM = filterAttrs (n: v: v.preLVM) luks.devices;
preLVM = filter isPreLVM luks.devices; postLVM = filterAttrs (n: v: !v.preLVM) luks.devices;
postLVM = filter (f: !(isPreLVM f)) luks.devices;
in in
{ {
@ -228,31 +227,31 @@ in
}; };
boot.initrd.luks.devices = mkOption { boot.initrd.luks.devices = mkOption {
default = [ ]; default = { };
example = literalExample ''[ { name = "luksroot"; device = "/dev/sda3"; preLVM = true; } ]''; example = { "luksroot".device = "/dev/disk/by-uuid/430e9eff-d852-4f68-aa3b-2fa3599ebe08"; };
description = '' description = ''
The list of devices that should be decrypted using LUKS before trying to mount the The encrypted disk that should be opened before the root
root partition. This works for both LVM-over-LUKS and LUKS-over-LVM setups. filesystem is mounted. Both LVM-over-LUKS and LUKS-over-LVM
setups are sypported. The unencrypted devices can be accessed as
The devices are decrypted to the device mapper names defined. <filename>/dev/mapper/<replaceable>name</replaceable></filename>.
Make sure that initrd has the crypto modules needed for decryption.
''; '';
type = types.listOf types.optionSet; type = types.loaOf types.optionSet;
options = { options = { name, ... }: { options = {
name = mkOption { name = mkOption {
visible = false;
default = name;
example = "luksroot"; example = "luksroot";
type = types.str; type = types.str;
description = "Named to be used for the generated device in /dev/mapper."; description = "Name of the unencrypted device in <filename>/dev/mapper</filename>.";
}; };
device = mkOption { device = mkOption {
example = "/dev/sda2"; example = "/dev/disk/by-uuid/430e9eff-d852-4f68-aa3b-2fa3599ebe08";
type = types.str; type = types.str;
description = "Path of the underlying block device."; description = "Path of the underlying encrypted block device.";
}; };
header = mkOption { header = mkOption {
@ -289,6 +288,7 @@ in
''; '';
}; };
# FIXME: get rid of this option.
preLVM = mkOption { preLVM = mkOption {
default = true; default = true;
type = types.bool; type = types.bool;
@ -394,7 +394,7 @@ in
}; };
}; };
}; }; };
}; };
boot.initrd.luks.yubikeySupport = mkOption { boot.initrd.luks.yubikeySupport = mkOption {
@ -408,7 +408,7 @@ in
}; };
}; };
config = mkIf (luks.devices != []) { config = mkIf (luks.devices != {}) {
# actually, sbp2 driver is the one enabling the DMA attack, but this needs to be tested # actually, sbp2 driver is the one enabling the DMA attack, but this needs to be tested
boot.blacklistedKernelModules = optionals luks.mitigateDMAAttacks boot.blacklistedKernelModules = optionals luks.mitigateDMAAttacks
@ -438,7 +438,7 @@ in
copy_bin_and_libs ${pkgs.ykpers}/bin/ykinfo copy_bin_and_libs ${pkgs.ykpers}/bin/ykinfo
copy_bin_and_libs ${pkgs.openssl.bin}/bin/openssl copy_bin_and_libs ${pkgs.openssl.bin}/bin/openssl
cc -O3 -I${pkgs.openssl}/include -L${pkgs.openssl.out}/lib ${./pbkdf2-sha512.c} -o pbkdf2-sha512 -lcrypto cc -O3 -I${pkgs.openssl.dev}/include -L${pkgs.openssl.out}/lib ${./pbkdf2-sha512.c} -o pbkdf2-sha512 -lcrypto
strip -s pbkdf2-sha512 strip -s pbkdf2-sha512
copy_bin_and_libs pbkdf2-sha512 copy_bin_and_libs pbkdf2-sha512
@ -463,8 +463,8 @@ in
''} ''}
''; '';
boot.initrd.preLVMCommands = concatMapStrings openCommand preLVM; boot.initrd.preLVMCommands = concatStrings (mapAttrsToList openCommand preLVM);
boot.initrd.postDeviceCommands = concatMapStrings openCommand postLVM; boot.initrd.postDeviceCommands = concatStrings (mapAttrsToList openCommand postLVM);
environment.systemPackages = [ pkgs.cryptsetup ]; environment.systemPackages = [ pkgs.cryptsetup ];
}; };

7
nixos/modules/system/boot/systemd.nix
View file

@ -753,13 +753,6 @@ in
"TMPFS_XATTR" "SECCOMP" "TMPFS_XATTR" "SECCOMP"
]; ];
environment.shellAliases =
{ start = "systemctl start";
stop = "systemctl stop";
restart = "systemctl restart";
status = "systemctl status";
};
users.extraGroups.systemd-journal.gid = config.ids.gids.systemd-journal; users.extraGroups.systemd-journal.gid = config.ids.gids.systemd-journal;
users.extraUsers.systemd-journal-gateway.uid = config.ids.uids.systemd-journal-gateway; users.extraUsers.systemd-journal-gateway.uid = config.ids.uids.systemd-journal-gateway;
users.extraGroups.systemd-journal-gateway.gid = config.ids.gids.systemd-journal-gateway; users.extraGroups.systemd-journal-gateway.gid = config.ids.gids.systemd-journal-gateway;

2
nixos/modules/tasks/cpu-freq.nix
View file

@ -38,7 +38,7 @@ in
description = "CPU Frequency Governor Setup"; description = "CPU Frequency Governor Setup";
after = [ "systemd-modules-load.service" ]; after = [ "systemd-modules-load.service" ];
wantedBy = [ "multi-user.target" ]; wantedBy = [ "multi-user.target" ];
path = [ cpupower ]; path = [ cpupower config.system.sbin.modprobe ];
unitConfig.ConditionVirtualization = false; unitConfig.ConditionVirtualization = false;
serviceConfig = { serviceConfig = {
Type = "oneshot"; Type = "oneshot";

10
nixos/modules/testing/test-instrumentation.nix
View file

@ -113,6 +113,16 @@ let kernel = config.boot.kernelPackages.kernel; in
# Make it easy to log in as root when running the test interactively. # Make it easy to log in as root when running the test interactively.
users.extraUsers.root.initialHashedPassword = mkOverride 150 ""; users.extraUsers.root.initialHashedPassword = mkOverride 150 "";
services.xserver.displayManager.logToJournal = true;
# Bump kdm's X server start timeout to account for heavily loaded
# VM host systems.
services.xserver.displayManager.kdm.extraConfig =
''
[X-:*-Core]
ServerTimeout=240
'';
}; };
} }

2
nixos/modules/virtualisation/amazon-image.nix
View file

@ -32,8 +32,8 @@ let cfg = config.ec2; in
# Generate a GRUB menu. Amazon's pv-grub uses this to boot our kernel/initrd. # Generate a GRUB menu. Amazon's pv-grub uses this to boot our kernel/initrd.
boot.loader.grub.version = if cfg.hvm then 2 else 1; boot.loader.grub.version = if cfg.hvm then 2 else 1;
boot.loader.grub.device = if cfg.hvm then "/dev/xvda" else "nodev"; boot.loader.grub.device = if cfg.hvm then "/dev/xvda" else "nodev";
boot.loader.grub.timeout = 0;
boot.loader.grub.extraPerEntryConfig = mkIf (!cfg.hvm) "root (hd0)"; boot.loader.grub.extraPerEntryConfig = mkIf (!cfg.hvm) "root (hd0)";
boot.loader.timeout = 0;
boot.initrd.postDeviceCommands = boot.initrd.postDeviceCommands =
'' ''

4
nixos/modules/virtualisation/azure-common.nix
View file

@ -10,10 +10,10 @@ with lib;
boot.kernelParams = [ "console=ttyS0" "earlyprintk=ttyS0" "rootdelay=300" "panic=1" "boot.panic_on_fail" ]; boot.kernelParams = [ "console=ttyS0" "earlyprintk=ttyS0" "rootdelay=300" "panic=1" "boot.panic_on_fail" ];
boot.initrd.kernelModules = [ "hv_vmbus" "hv_netvsc" "hv_utils" "hv_storvsc" ]; boot.initrd.kernelModules = [ "hv_vmbus" "hv_netvsc" "hv_utils" "hv_storvsc" ];
# Generate a GRUB menu. # Generate a GRUB menu.
boot.loader.grub.device = "/dev/sda"; boot.loader.grub.device = "/dev/sda";
boot.loader.grub.version = 2; boot.loader.grub.version = 2;
boot.loader.grub.timeout = 0; boot.loader.timeout = 0;
# Don't put old configurations in the GRUB menu. The user has no # Don't put old configurations in the GRUB menu. The user has no
# way to select them anyway. # way to select them anyway.

2
nixos/modules/virtualisation/brightbox-image.nix
View file

@ -94,7 +94,7 @@ in
# Generate a GRUB menu. Amazon's pv-grub uses this to boot our kernel/initrd. # Generate a GRUB menu. Amazon's pv-grub uses this to boot our kernel/initrd.
boot.loader.grub.device = "/dev/vda"; boot.loader.grub.device = "/dev/vda";
boot.loader.grub.timeout = 0; boot.loader.timeout = 0;
# Don't put old configurations in the GRUB menu. The user has no # Don't put old configurations in the GRUB menu. The user has no
# way to select them anyway. # way to select them anyway.

6
nixos/modules/virtualisation/containers.nix
View file

@ -309,6 +309,10 @@ in
touch "$root/etc/os-release" touch "$root/etc/os-release"
fi fi
if ! [ -e "$root/etc/machine-id" ]; then
touch "$root/etc/machine-id"
fi
mkdir -p -m 0755 \ mkdir -p -m 0755 \
"/nix/var/nix/profiles/per-container/$INSTANCE" \ "/nix/var/nix/profiles/per-container/$INSTANCE" \
"/nix/var/nix/gcroots/per-container/$INSTANCE" "/nix/var/nix/gcroots/per-container/$INSTANCE"
@ -338,7 +342,7 @@ in
fi fi
''} ''}
rm -f $root/var/lib/private/host-notify
# Run systemd-nspawn without startup notification (we'll # Run systemd-nspawn without startup notification (we'll
# wait for the container systemd to signal readiness). # wait for the container systemd to signal readiness).

2
nixos/modules/virtualisation/google-compute-image.nix
View file

@ -102,7 +102,7 @@ in
# Generate a GRUB menu. Amazon's pv-grub uses this to boot our kernel/initrd. # Generate a GRUB menu. Amazon's pv-grub uses this to boot our kernel/initrd.
boot.loader.grub.device = "/dev/sda"; boot.loader.grub.device = "/dev/sda";
boot.loader.grub.timeout = 0; boot.loader.timeout = 0;
# Don't put old configurations in the GRUB menu. The user has no # Don't put old configurations in the GRUB menu. The user has no
# way to select them anyway. # way to select them anyway.

2
nixos/modules/virtualisation/nova-image.nix
View file

@ -27,7 +27,7 @@ with lib;
boot.kernelParams = [ "console=ttyS0" ]; boot.kernelParams = [ "console=ttyS0" ];
boot.loader.grub.device = "/dev/vda"; boot.loader.grub.device = "/dev/vda";
boot.loader.grub.timeout = 0; boot.loader.timeout = 0;
# Allow root logins # Allow root logins
services.openssh.enable = true; services.openssh.enable = true;

2
nixos/modules/virtualisation/qemu-vm.nix
View file

@ -465,7 +465,7 @@ in
}); });
swapDevices = mkVMOverride [ ]; swapDevices = mkVMOverride [ ];
boot.initrd.luks.devices = mkVMOverride []; boot.initrd.luks.devices = mkVMOverride {};
# Don't run ntpd in the guest. It should get the correct time from KVM. # Don't run ntpd in the guest. It should get the correct time from KVM.
services.ntp.enable = false; services.ntp.enable = false;

1
nixos/release-combined.nix
View file

@ -69,6 +69,7 @@ in rec {
(all nixos.tests.boot.uefiUsb) (all nixos.tests.boot.uefiUsb)
(all nixos.tests.boot-stage1) (all nixos.tests.boot-stage1)
(all nixos.tests.ipv6) (all nixos.tests.ipv6)
(all nixos.tests.i3wm)
(all nixos.tests.kde4) (all nixos.tests.kde4)
#(all nixos.tests.lightdm) #(all nixos.tests.lightdm)
(all nixos.tests.login) (all nixos.tests.login)

6
nixos/tests/boot.nix
View file

@ -12,7 +12,6 @@ let
modules = modules =
[ ../modules/installer/cd-dvd/installation-cd-minimal.nix [ ../modules/installer/cd-dvd/installation-cd-minimal.nix
../modules/testing/test-instrumentation.nix ../modules/testing/test-instrumentation.nix
{ key = "serial"; }
]; ];
}).config.system.build.isoImage; }).config.system.build.isoImage;
@ -30,20 +29,25 @@ let
''; '';
}; };
in { in {
biosCdrom = makeBootTest "bios-cdrom" '' biosCdrom = makeBootTest "bios-cdrom" ''
cdrom => glob("${iso}/iso/*.iso") cdrom => glob("${iso}/iso/*.iso")
''; '';
biosUsb = makeBootTest "bios-usb" '' biosUsb = makeBootTest "bios-usb" ''
usb => glob("${iso}/iso/*.iso") usb => glob("${iso}/iso/*.iso")
''; '';
uefiCdrom = makeBootTest "uefi-cdrom" '' uefiCdrom = makeBootTest "uefi-cdrom" ''
cdrom => glob("${iso}/iso/*.iso"), cdrom => glob("${iso}/iso/*.iso"),
bios => '${pkgs.OVMF}/FV/OVMF.fd' bios => '${pkgs.OVMF}/FV/OVMF.fd'
''; '';
uefiUsb = makeBootTest "uefi-usb" '' uefiUsb = makeBootTest "uefi-usb" ''
usb => glob("${iso}/iso/*.iso"), usb => glob("${iso}/iso/*.iso"),
bios => '${pkgs.OVMF}/FV/OVMF.fd' bios => '${pkgs.OVMF}/FV/OVMF.fd'
''; '';
netboot = let netboot = let
config = (import ../lib/eval-config.nix { config = (import ../lib/eval-config.nix {
inherit system; inherit system;

8
nixos/tests/installer.nix
View file

@ -360,14 +360,8 @@ in {
"mount LABEL=boot /mnt/boot", "mount LABEL=boot /mnt/boot",
); );
''; '';
# XXX: Currently, generate-config doesn't detect LUKS yet.
extraConfig = '' extraConfig = ''
boot.kernelParams = lib.mkAfter [ "console=tty0" ]; boot.kernelParams = lib.mkAfter [ "console=tty0" ];
boot.initrd.luks.devices = lib.singleton {
name = "cryptroot";
device = "/dev/vda3";
preLVM = true;
};
''; '';
enableOCR = true; enableOCR = true;
preBootCommands = '' preBootCommands = ''
@ -403,8 +397,6 @@ in {
"mkdir /mnt/boot", "mkdir /mnt/boot",
"mount LABEL=boot /mnt/boot", "mount LABEL=boot /mnt/boot",
"udevadm settle", "udevadm settle",
"mdadm --verbose -W /dev/md0", # wait for sync to finish; booting off an unsynced device tends to fail
"mdadm --verbose -W /dev/md1",
); );
''; '';
preBootCommands = '' preBootCommands = ''

13
nixos/tests/virtualbox.nix
View file

@ -11,7 +11,7 @@ let
#!${pkgs.stdenv.shell} -xe #!${pkgs.stdenv.shell} -xe
export PATH="${pkgs.coreutils}/bin:${pkgs.utillinux}/bin" export PATH="${pkgs.coreutils}/bin:${pkgs.utillinux}/bin"
mkdir -p /etc/dbus-1 /var/run/dbus mkdir -p /var/run/dbus
cat > /etc/passwd <<EOF cat > /etc/passwd <<EOF
root:x:0:0::/root:/bin/false root:x:0:0::/root:/bin/false
messagebus:x:1:1::/var/run/dbus:/bin/false messagebus:x:1:1::/var/run/dbus:/bin/false
@ -20,9 +20,9 @@ let
root:x:0: root:x:0:
messagebus:x:1: messagebus:x:1:
EOF EOF
cp -v "${pkgs.dbus.daemon}/etc/dbus-1/system.conf" \
/etc/dbus-1/system.conf "${pkgs.dbus.daemon}/bin/dbus-daemon" --fork \
"${pkgs.dbus.daemon}/bin/dbus-daemon" --fork --system --config-file="${pkgs.dbus.daemon}/share/dbus-1/system.conf"
${guestAdditions}/bin/VBoxService ${guestAdditions}/bin/VBoxService
${(attrs.vmScript or (const "")) pkgs} ${(attrs.vmScript or (const "")) pkgs}
@ -326,6 +326,7 @@ let
in [ ./common/user-account.nix ./common/x11.nix ] ++ vmConfigs; in [ ./common/user-account.nix ./common/x11.nix ] ++ vmConfigs;
virtualisation.memorySize = 2048; virtualisation.memorySize = 2048;
virtualisation.virtualbox.host.enable = true; virtualisation.virtualbox.host.enable = true;
services.xserver.displayManager.auto.user = "alice";
users.extraUsers.alice.extraGroups = let users.extraUsers.alice.extraGroups = let
inherit (config.virtualisation.virtualbox.host) enableHardening; inherit (config.virtualisation.virtualbox.host) enableHardening;
in lib.mkIf enableHardening (lib.singleton "vboxusers"); in lib.mkIf enableHardening (lib.singleton "vboxusers");
@ -363,7 +364,9 @@ in mapAttrs mkVBoxTest {
simple-gui = '' simple-gui = ''
createVM_simple; createVM_simple;
$machine->succeed(ru "VirtualBox &"); $machine->succeed(ru "VirtualBox &");
$machine->waitForWindow(qr/Oracle VM VirtualBox Manager/); $machine->waitUntilSucceeds(
ru "xprop -name 'Oracle VM VirtualBox Manager'"
);
$machine->sleep(5); $machine->sleep(5);
$machine->screenshot("gui_manager_started"); $machine->screenshot("gui_manager_started");
$machine->sendKeys("ret"); $machine->sendKeys("ret");

9
pkgs/applications/audio/audacious/default.nix
View file

@ -1,7 +1,7 @@
{ stdenv, fetchurl, pkgconfig, glib, gtk3, libmowgli, libmcs { stdenv, fetchurl, pkgconfig, glib, gtk3, libmowgli, libmcs
, gettext, dbus_glib, libxml2, libmad, xorg, alsaLib, libogg , gettext, dbus_glib, libxml2, libmad, xorg, alsaLib, libogg
, libvorbis, libcdio, libcddb, flac, ffmpeg, makeWrapper , libvorbis, libcdio, libcddb, flac, ffmpeg, makeWrapper
, mpg123, neon, faad2 , mpg123, neon, faad2, gnome3
}: }:
let version = "3.5.2"; in let version = "3.5.2"; in
@ -22,7 +22,7 @@ stdenv.mkDerivation {
buildInputs = buildInputs =
[ gettext pkgconfig glib gtk3 libmowgli libmcs libxml2 dbus_glib [ gettext pkgconfig glib gtk3 libmowgli libmcs libxml2 dbus_glib
libmad xorg.libXcomposite libogg libvorbis flac alsaLib libcdio libmad xorg.libXcomposite libogg libvorbis flac alsaLib libcdio
libcddb ffmpeg makeWrapper mpg123 neon faad2 libcddb ffmpeg makeWrapper mpg123 neon faad2 gnome3.defaultIconTheme
]; ];
# Here we build bouth audacious and audacious-plugins in one # Here we build bouth audacious and audacious-plugins in one
@ -48,8 +48,11 @@ stdenv.mkDerivation {
( (
source $stdenv/setup source $stdenv/setup
# gsettings schemas for file dialogues # gsettings schemas for file dialogues
# XDG_ICON_DIRS is set by hook for gnome3.defaultIconTheme
for file in "$out/bin/"*; do for file in "$out/bin/"*; do
wrapProgram "$file" --prefix XDG_DATA_DIRS : "$XDG_ADD:$GSETTINGS_SCHEMAS_PATH" wrapProgram "$file" \
--prefix XDG_DATA_DIRS : "$XDG_ADD:$GSETTINGS_SCHEMAS_PATH" \
--suffix XDG_DATA_DIRS : "$XDG_ICON_DIRS"
done done
) )
''; '';

3
pkgs/applications/audio/groovebasin/default.nix
View file

@ -1,9 +1,10 @@
{ stdenv, fetchFromGitHub, makeWrapper, callPackage, libgroove, python, utillinux }: { stdenv, fetchFromGitHub, makeWrapper, callPackage, libgroove, python, utillinux, nodejs }:
with stdenv.lib; with stdenv.lib;
let let
nodePackages = callPackage (import ../../../top-level/node-packages.nix) { nodePackages = callPackage (import ../../../top-level/node-packages.nix) {
inherit nodejs;
neededNatives = [ libgroove python utillinux ]; neededNatives = [ libgroove python utillinux ];
self = nodePackages; self = nodePackages;
generated = ./package.nix; generated = ./package.nix;

27
pkgs/applications/audio/mp3splt/default.nix
View file

@ -1,20 +1,27 @@
{ fetchurl, stdenv, libmp3splt, pkgconfig }: { stdenv, fetchurl, pkgconfig, libmp3splt }:
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
name = "mp3splt-2.6.1"; pname = "mp3splt";
version = "2.6.2";
name = "${pname}-${version}";
src = fetchurl { src = fetchurl {
url = "http://prdownloads.sourceforge.net/mp3splt/${name}.tar.gz"; url = "mirror://sourceforge/${pname}/${name}.tar.gz";
sha256 = "783a903fafbcf47f06673136a78b78d32a8e616a6ae06b79b459a32090dd14f7"; sha256 = "1aiv20gypb6r84qabz8gblk8vi42cg3x333vk2pi3fyqvl82phry";
}; };
buildInputs = [ libmp3splt pkgconfig ]; configureFlags = [ "--enable-oggsplt-symlink" "--enable-flacsplt-symlink" ];
nativeBuildInputs = [ pkgconfig ];
buildInputs = [ libmp3splt ];
meta = { outputs = [ "out" "man" ];
description = "utility to split mp3, ogg vorbis and FLAC files without decoding";
meta = with stdenv.lib; {
description = "Utility to split mp3, ogg vorbis and FLAC files without decoding";
homepage = http://sourceforge.net/projects/mp3splt/; homepage = http://sourceforge.net/projects/mp3splt/;
license = stdenv.lib.licenses.gpl2; license = licenses.gpl2;
maintainers = [ stdenv.lib.maintainers.bosu ]; maintainers = [ maintainers.bosu ];
platforms = stdenv.lib.platforms.unix; platforms = platforms.unix;
}; };
} }

5
pkgs/applications/audio/pithos/default.nix
View file

@ -6,8 +6,6 @@ pythonPackages.buildPythonApplication rec {
version = "1.1.2"; version = "1.1.2";
name = "${pname}-${version}"; name = "${pname}-${version}";
namePrefix = "";
src = fetchFromGitHub { src = fetchFromGitHub {
owner = pname; owner = pname;
repo = pname; repo = pname;
@ -15,6 +13,9 @@ pythonPackages.buildPythonApplication rec {
sha256 = "0zk9clfawsnwmgjbk7y5d526ksxd1pkh09ln6sb06v4ygaiifcxp"; sha256 = "0zk9clfawsnwmgjbk7y5d526ksxd1pkh09ln6sb06v4ygaiifcxp";
}; };
# No tests in repo
doCheck = false;
postPatch = '' postPatch = ''
substituteInPlace setup.py --replace "/usr/share" "$out/share" substituteInPlace setup.py --replace "/usr/share" "$out/share"
''; '';

0
pkgs/applications/audio/QmidiNet/default.nix → pkgs/applications/audio/qmidinet/default.nix
View file

4
pkgs/applications/audio/qmmp/default.nix
View file

@ -28,11 +28,11 @@
# handle that. # handle that.
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
name = "qmmp-0.8.4"; name = "qmmp-0.9.9";
src = fetchurl { src = fetchurl {
url = "http://qmmp.ylsoftware.com/files/${name}.tar.bz2"; url = "http://qmmp.ylsoftware.com/files/${name}.tar.bz2";
sha256 = "1ld69xypyak3lzwmfvzbxsyd4fl841aaq0gmkfa7jpavbdlggydf"; sha256 = "1wv4kbjq50xflhrl1jjf1hm3rrw599xkd72dwm4rscm0sdvzhnc1";
}; };
buildInputs = buildInputs =

2
pkgs/applications/display-managers/slim/default.nix
View file

@ -28,7 +28,7 @@ stdenv.mkDerivation rec {
cmakeFlags = [ "-DUSE_PAM=1" ]; cmakeFlags = [ "-DUSE_PAM=1" ];
NIX_CFLAGS_COMPILE = "-I${freetype}/include/freetype -std=c++11"; NIX_CFLAGS_COMPILE = "-I${freetype.dev}/include/freetype -std=c++11";
enableParallelBuilding = true; enableParallelBuilding = true;

2
pkgs/applications/editors/emacs-25/default.nix
View file

@ -64,7 +64,7 @@ stdenv.mkDerivation rec {
"--with-gif=no" "--with-tiff=no" ]; "--with-gif=no" "--with-tiff=no" ];
NIX_CFLAGS_COMPILE = stdenv.lib.optionalString (stdenv.isDarwin && withX) NIX_CFLAGS_COMPILE = stdenv.lib.optionalString (stdenv.isDarwin && withX)
"-I${cairo}/include/cairo"; "-I${cairo.dev}/include/cairo";
preBuild = '' preBuild = ''
find . -name '*.elc' -delete find . -name '*.elc' -delete

47
pkgs/applications/editors/emacs-modes/elpa-generated.nix
View file

@ -81,10 +81,10 @@
aggressive-indent = callPackage ({ cl-lib ? null, elpaBuild, emacs, fetchurl, lib }: aggressive-indent = callPackage ({ cl-lib ? null, elpaBuild, emacs, fetchurl, lib }:
elpaBuild { elpaBuild {
pname = "aggressive-indent"; pname = "aggressive-indent";
version = "1.7"; version = "1.8.1";
src = fetchurl { src = fetchurl {
url = "https://elpa.gnu.org/packages/aggressive-indent-1.7.el"; url = "https://elpa.gnu.org/packages/aggressive-indent-1.8.1.el";
sha256 = "0z2zsw0qnzcabsz2frfsjhfg7qa4nbmprrd41yjfxq62d12wg70m"; sha256 = "07d311dwg6rpzydh9bw9dn1djf4x4f00ma41jmsl35mcd2m0bpz8";
}; };
packageRequires = [ cl-lib emacs ]; packageRequires = [ cl-lib emacs ];
meta = { meta = {
@ -95,10 +95,10 @@
ahungry-theme = callPackage ({ elpaBuild, emacs, fetchurl, lib }: ahungry-theme = callPackage ({ elpaBuild, emacs, fetchurl, lib }:
elpaBuild { elpaBuild {
pname = "ahungry-theme"; pname = "ahungry-theme";
version = "1.1.0"; version = "1.2.0";
src = fetchurl { src = fetchurl {
url = "https://elpa.gnu.org/packages/ahungry-theme-1.1.0.tar"; url = "https://elpa.gnu.org/packages/ahungry-theme-1.2.0.tar";
sha256 = "1jy2h4r72fr26yavs0s8dy1xnkxvaf2hsrlm63f6sng81njj9dgx"; sha256 = "04z9d8xszgsl6p02gf3yixgj8kwwb6rfc6bq1b3sz95n3v9wmg9d";
}; };
packageRequires = [ emacs ]; packageRequires = [ emacs ];
meta = { meta = {
@ -162,10 +162,10 @@
}) {}; }) {};
async = callPackage ({ elpaBuild, fetchurl, lib }: elpaBuild { async = callPackage ({ elpaBuild, fetchurl, lib }: elpaBuild {
pname = "async"; pname = "async";
version = "1.6"; version = "1.9";
src = fetchurl { src = fetchurl {
url = "https://elpa.gnu.org/packages/async-1.6.tar"; url = "https://elpa.gnu.org/packages/async-1.9.tar";
sha256 = "17psvz75n42x33my967wkgi7r0blx46n3jdv510j0z5jswv66039"; sha256 = "1ip5nc8xyln5szvqwp6wqva9xr84pn8ssn3nnphrszr19y4js2bm";
}; };
packageRequires = []; packageRequires = [];
meta = { meta = {
@ -566,10 +566,10 @@
}) {}; }) {};
el-search = callPackage ({ elpaBuild, emacs, fetchurl, lib }: elpaBuild { el-search = callPackage ({ elpaBuild, emacs, fetchurl, lib }: elpaBuild {
pname = "el-search"; pname = "el-search";
version = "0.1.3"; version = "0.2";
src = fetchurl { src = fetchurl {
url = "https://elpa.gnu.org/packages/el-search-0.1.3.el"; url = "https://elpa.gnu.org/packages/el-search-0.2.el";
sha256 = "1iwglpzs78zy07k3ijbwgv9781bs5cpf088giyz6bn5amfpp1jks"; sha256 = "1ps4p79xrvsdys9yh1wyk4zdly6c55agbqa6f8q3xkwc9sva9lw9";
}; };
packageRequires = [ emacs ]; packageRequires = [ emacs ];
meta = { meta = {
@ -850,8 +850,8 @@
pname = "javaimp"; pname = "javaimp";
version = "0.6"; version = "0.6";
src = fetchurl { src = fetchurl {
url = "https://elpa.gnu.org/packages/javaimp-0.6.el"; url = "https://elpa.gnu.org/packages/javaimp-0.6.tar";
sha256 = "00a37jv9wbzy521a15vk7a66rsf463zzr57adc8ii2m4kcyldpqh"; sha256 = "015kchx6brsjk7q6lz9y44a18n5imapd95czx50hqdscjczmj2ff";
}; };
packageRequires = []; packageRequires = [];
meta = { meta = {
@ -1505,6 +1505,19 @@
license = lib.licenses.free; license = lib.licenses.free;
}; };
}) {}; }) {};
smart-yank = callPackage ({ elpaBuild, emacs, fetchurl, lib }: elpaBuild {
pname = "smart-yank";
version = "0.1.1";
src = fetchurl {
url = "https://elpa.gnu.org/packages/smart-yank-0.1.1.el";
sha256 = "1v7hbn8pl4bzal31m132dn04rgsgjjcc7k2knd1jqzk1wq6azpdn";
};
packageRequires = [ emacs ];
meta = {
homepage = "https://elpa.gnu.org/packages/smart-yank.html";
license = lib.licenses.free;
};
}) {};
sml-mode = callPackage ({ elpaBuild, fetchurl, lib }: elpaBuild { sml-mode = callPackage ({ elpaBuild, fetchurl, lib }: elpaBuild {
pname = "sml-mode"; pname = "sml-mode";
version = "6.7"; version = "6.7";
@ -1905,10 +1918,10 @@
xelb = callPackage ({ cl-generic, elpaBuild, emacs, fetchurl, lib }: xelb = callPackage ({ cl-generic, elpaBuild, emacs, fetchurl, lib }:
elpaBuild { elpaBuild {
pname = "xelb"; pname = "xelb";
version = "0.6"; version = "0.7";
src = fetchurl { src = fetchurl {
url = "https://elpa.gnu.org/packages/xelb-0.6.tar"; url = "https://elpa.gnu.org/packages/xelb-0.7.tar";
sha256 = "1m91af5srxq8zs9w4gb44kl4bgka8fq7k33h7f2yn213h23kvvvh"; sha256 = "0i4336a8xns6zp82dj77w5gjgv3mfngcjsw7ghyf7bb7flh8ipw1";
}; };
packageRequires = [ cl-generic emacs ]; packageRequires = [ cl-generic emacs ];
meta = { meta = {

6
pkgs/applications/editors/emacs-modes/emacs-w3m/default.nix
View file

@ -19,11 +19,11 @@ stdenv.mkDerivation rec {
patchPhase = '' patchPhase = ''
sed -i "w3m.el" \ sed -i "w3m.el" \
-e 's|defcustom w3m-command nil|defcustom w3m-command "${w3m}/bin/w3m"|g ; -e 's|defcustom w3m-command nil|defcustom w3m-command "${w3m}/bin/w3m"|g ;
s|(w3m-which-command "display")|"${imagemagick}/bin/display"|g' s|(w3m-which-command "display")|"${imagemagick.out}/bin/display"|g'
sed -i "w3m-image.el" \ sed -i "w3m-image.el" \
-e 's|(w3m-which-command "convert")|"${imagemagick}/bin/convert"|g ; -e 's|(w3m-which-command "convert")|"${imagemagick.out}/bin/convert"|g ;
s|(w3m-which-command "identify")|"${imagemagick}/bin/identify"|g' s|(w3m-which-command "identify")|"${imagemagick.out}/bin/identify"|g'
''; '';
configureFlags = [ configureFlags = [

7721
pkgs/applications/editors/emacs-modes/melpa-generated.nix
View file

File diff suppressed because it is too large Load diff

3
pkgs/applications/editors/emacs-modes/melpa-packages.nix
View file

@ -60,9 +60,6 @@ self:
# upstream issue: missing file header # upstream issue: missing file header
connection = markBroken super.connection; connection = markBroken super.connection;
# upstream issue: missing file header
crux = markBroken super.crux;
# upstream issue: missing file header # upstream issue: missing file header
dictionary = markBroken super.dictionary; dictionary = markBroken super.dictionary;

3380
pkgs/applications/editors/emacs-modes/melpa-stable-generated.nix
View file

File diff suppressed because it is too large Load diff

5
pkgs/applications/editors/idea/common.nix
View file

@ -1,7 +1,7 @@
{ stdenv, fetchurl, makeDesktopItem, makeWrapper, patchelf, p7zip { stdenv, fetchurl, makeDesktopItem, makeWrapper, patchelf, p7zip
, coreutils, gnugrep, which, git, python, unzip, jdk }: , coreutils, gnugrep, which, git, python, unzip, jdk }:
{ name, product, version, build, src, meta } @ attrs: { name, product, version, build, src, wmClass, meta } @ attrs:
with stdenv.lib; with stdenv.lib;
@ -20,6 +20,9 @@ with stdenv; lib.makeOverridable mkDerivation rec {
genericName = meta.description; genericName = meta.description;
categories = "Application;Development;"; categories = "Application;Development;";
icon = execName; icon = execName;
extraEntries = ''
StartupWMClass=${wmClass}
'';
}; };
buildInputs = [ makeWrapper patchelf p7zip unzip ]; buildInputs = [ makeWrapper patchelf p7zip unzip ];

40
pkgs/applications/editors/idea/default.nix
View file

@ -10,9 +10,9 @@ let
bnumber = with stdenv.lib; build: last (splitString "-" build); bnumber = with stdenv.lib; build: last (splitString "-" build);
mkIdeaProduct = callPackage ./common.nix { }; mkIdeaProduct = callPackage ./common.nix { };
buildAndroidStudio = { name, version, build, src, license, description }: buildAndroidStudio = { name, version, build, src, license, description, wmClass }:
let drv = (mkIdeaProduct rec { let drv = (mkIdeaProduct rec {
inherit name version build src; inherit name version build src wmClass;
product = "Studio"; product = "Studio";
meta = with stdenv.lib; { meta = with stdenv.lib; {
homepage = https://developer.android.com/sdk/installing/studio.html; homepage = https://developer.android.com/sdk/installing/studio.html;
@ -35,9 +35,9 @@ let
''; '';
}); });
buildClion = { name, version, build, src, license, description }: buildClion = { name, version, build, src, license, description, wmClass }:
(mkIdeaProduct rec { (mkIdeaProduct rec {
inherit name version build src; inherit name version build src wmClass;
product = "CLion"; product = "CLion";
meta = with stdenv.lib; { meta = with stdenv.lib; {
homepage = "https://www.jetbrains.com/clion/"; homepage = "https://www.jetbrains.com/clion/";
@ -51,9 +51,9 @@ let
}; };
}); });
buildIdea = { name, version, build, src, license, description }: buildIdea = { name, version, build, src, license, description, wmClass }:
(mkIdeaProduct rec { (mkIdeaProduct rec {
inherit name version build src; inherit name version build src wmClass;
product = "IDEA"; product = "IDEA";
meta = with stdenv.lib; { meta = with stdenv.lib; {
homepage = "https://www.jetbrains.com/idea/"; homepage = "https://www.jetbrains.com/idea/";
@ -68,9 +68,9 @@ let
}; };
}); });
buildRubyMine = { name, version, build, src, license, description }: buildRubyMine = { name, version, build, src, license, description, wmClass }:
(mkIdeaProduct rec { (mkIdeaProduct rec {
inherit name version build src; inherit name version build src wmClass;
product = "RubyMine"; product = "RubyMine";
meta = with stdenv.lib; { meta = with stdenv.lib; {
homepage = "https://www.jetbrains.com/ruby/"; homepage = "https://www.jetbrains.com/ruby/";
@ -81,9 +81,9 @@ let
}; };
}); });
buildPhpStorm = { name, version, build, src, license, description }: buildPhpStorm = { name, version, build, src, license, description, wmClass }:
(mkIdeaProduct { (mkIdeaProduct {
inherit name version build src; inherit name version build src wmClass;
product = "PhpStorm"; product = "PhpStorm";
meta = with stdenv.lib; { meta = with stdenv.lib; {
homepage = "https://www.jetbrains.com/phpstorm/"; homepage = "https://www.jetbrains.com/phpstorm/";
@ -98,9 +98,9 @@ let
}; };
}); });
buildWebStorm = { name, version, build, src, license, description }: buildWebStorm = { name, version, build, src, license, description, wmClass }:
(mkIdeaProduct { (mkIdeaProduct {
inherit name version build src; inherit name version build src wmClass;
product = "WebStorm"; product = "WebStorm";
meta = with stdenv.lib; { meta = with stdenv.lib; {
homepage = "https://www.jetbrains.com/webstorm/"; homepage = "https://www.jetbrains.com/webstorm/";
@ -115,9 +115,9 @@ let
}; };
}); });
buildPycharm = { name, version, build, src, license, description }: buildPycharm = { name, version, build, src, license, description, wmClass }:
(mkIdeaProduct rec { (mkIdeaProduct rec {
inherit name version build src; inherit name version build src wmClass;
product = "PyCharm"; product = "PyCharm";
meta = with stdenv.lib; { meta = with stdenv.lib; {
homepage = "https://www.jetbrains.com/pycharm/"; homepage = "https://www.jetbrains.com/pycharm/";
@ -157,6 +157,7 @@ in
"/android-studio-ide-${buildNumber}-linux.zip"; "/android-studio-ide-${buildNumber}-linux.zip";
sha256 = "1zxxzyhny7j4vzlydrhwz3g8l8zcml84mhkcf5ckx8xr50j3m101"; sha256 = "1zxxzyhny7j4vzlydrhwz3g8l8zcml84mhkcf5ckx8xr50j3m101";
}; };
wmClass = "jetbrains-studio";
}; };
clion = buildClion rec { clion = buildClion rec {
@ -169,6 +170,7 @@ in
url = "https://download.jetbrains.com/cpp/${name}.tar.gz"; url = "https://download.jetbrains.com/cpp/${name}.tar.gz";
sha256 = "0ll1rcnnbd1if6x5rp3qw35lvp5zdzmvyg9n1lha89i34xiw36jp"; sha256 = "0ll1rcnnbd1if6x5rp3qw35lvp5zdzmvyg9n1lha89i34xiw36jp";
}; };
wmClass = "jetbrains-clion";
}; };
idea14-community = buildIdea rec { idea14-community = buildIdea rec {
@ -181,6 +183,7 @@ in
url = "https://download.jetbrains.com/idea/ideaIC-${version}.tar.gz"; url = "https://download.jetbrains.com/idea/ideaIC-${version}.tar.gz";
sha256 = "1i4mdjm9dd6zvxlpdgd3bqg45ir0cfc9hl55cdc0hg5qwbz683fz"; sha256 = "1i4mdjm9dd6zvxlpdgd3bqg45ir0cfc9hl55cdc0hg5qwbz683fz";
}; };
wmClass = "jetbrains-idea-ce";
}; };
idea-community = buildIdea rec { idea-community = buildIdea rec {
@ -193,6 +196,7 @@ in
url = "https://download.jetbrains.com/idea/ideaIC-${version}.tar.gz"; url = "https://download.jetbrains.com/idea/ideaIC-${version}.tar.gz";
sha256 = "15c92wsfw16j48k12x4vw78886yf9yjx7hwwjamgf28lmzvc37iz"; sha256 = "15c92wsfw16j48k12x4vw78886yf9yjx7hwwjamgf28lmzvc37iz";
}; };
wmClass = "jetbrains-idea-ce";
}; };
idea14-ultimate = buildIdea rec { idea14-ultimate = buildIdea rec {
@ -205,6 +209,7 @@ in
url = "https://download.jetbrains.com/idea/ideaIU-${version}.tar.gz"; url = "https://download.jetbrains.com/idea/ideaIU-${version}.tar.gz";
sha256 = "a2259249f6e7bf14ba17b0af90a18d24d9b4670af60d24f0bb51af2f62500fc2"; sha256 = "a2259249f6e7bf14ba17b0af90a18d24d9b4670af60d24f0bb51af2f62500fc2";
}; };
wmClass = "jetbrains-idea";
}; };
idea15-ultimate = buildIdea rec { idea15-ultimate = buildIdea rec {
@ -217,6 +222,7 @@ in
url = "https://download.jetbrains.com/idea/ideaIU-${version}.tar.gz"; url = "https://download.jetbrains.com/idea/ideaIU-${version}.tar.gz";
sha256 = "012aap2qn0jx4x34bdv9ivrsr86vvf683srb5vpj27hc4l6rw6ll"; sha256 = "012aap2qn0jx4x34bdv9ivrsr86vvf683srb5vpj27hc4l6rw6ll";
}; };
wmClass = "jetbrains-idea";
}; };
idea-ultimate = buildIdea rec { idea-ultimate = buildIdea rec {
@ -229,6 +235,7 @@ in
url = "https://download.jetbrains.com/idea/ideaIU-${version}.tar.gz"; url = "https://download.jetbrains.com/idea/ideaIU-${version}.tar.gz";
sha256 = "0dxpx4nx845vgqxl5qz029d3w3kn3hi98wgzympidplxrphgalgy"; sha256 = "0dxpx4nx845vgqxl5qz029d3w3kn3hi98wgzympidplxrphgalgy";
}; };
wmClass = "jetbrains-idea";
}; };
ruby-mine = buildRubyMine rec { ruby-mine = buildRubyMine rec {
@ -241,6 +248,7 @@ in
url = "https://download.jetbrains.com/ruby/RubyMine-${version}.tar.gz"; url = "https://download.jetbrains.com/ruby/RubyMine-${version}.tar.gz";
sha256 = "04fcxj1xlap9mxmwf051s926p2darlj5kwl4lms2gy5d8b2lhd5l"; sha256 = "04fcxj1xlap9mxmwf051s926p2darlj5kwl4lms2gy5d8b2lhd5l";
}; };
wmClass = "jetbrains-rubymine";
}; };
pycharm-community = buildPycharm rec { pycharm-community = buildPycharm rec {
@ -253,6 +261,7 @@ in
url = "https://download.jetbrains.com/python/${name}.tar.gz"; url = "https://download.jetbrains.com/python/${name}.tar.gz";
sha256 = "1ks7crrfnhzkdxban2hh2pnr986vqwmac5zybmb1ighcyamhdi4q"; sha256 = "1ks7crrfnhzkdxban2hh2pnr986vqwmac5zybmb1ighcyamhdi4q";
}; };
wmClass = "jetbrains-pycharm-ce";
}; };
pycharm-professional = buildPycharm rec { pycharm-professional = buildPycharm rec {
@ -265,6 +274,7 @@ in
url = "https://download.jetbrains.com/python/${name}.tar.gz"; url = "https://download.jetbrains.com/python/${name}.tar.gz";
sha256 = "1rn0i5qbvfjbl4v571ngmyslispibcq5ab0fb7xjl38vr1y417f2"; sha256 = "1rn0i5qbvfjbl4v571ngmyslispibcq5ab0fb7xjl38vr1y417f2";
}; };
wmClass = "jetbrains-pycharm";
}; };
phpstorm = buildPhpStorm rec { phpstorm = buildPhpStorm rec {
@ -277,6 +287,7 @@ in
url = "https://download.jetbrains.com/webide/PhpStorm-${version}.tar.gz"; url = "https://download.jetbrains.com/webide/PhpStorm-${version}.tar.gz";
sha256 = "0fi042zvjpg5pn2mnhj3bbrdkl1b9vmhpf2l6ca4nr0rhjjv7dsm"; sha256 = "0fi042zvjpg5pn2mnhj3bbrdkl1b9vmhpf2l6ca4nr0rhjjv7dsm";
}; };
wmClass = "jetbrains-phpstorm";
}; };
webstorm = buildWebStorm rec { webstorm = buildWebStorm rec {
@ -289,6 +300,7 @@ in
url = "https://download.jetbrains.com/webstorm/WebStorm-${version}.tar.gz"; url = "https://download.jetbrains.com/webstorm/WebStorm-${version}.tar.gz";
sha256 = "0a5s6f99wyql5pgjl94pf4ljdbviik3b8dbr1s6b7c6jn1gk62ic"; sha256 = "0a5s6f99wyql5pgjl94pf4ljdbviik3b8dbr1s6b7c6jn1gk62ic";
}; };
wmClass = "jetbrains-webstorm";
}; };
} }

10
pkgs/applications/editors/neovim/default.nix
View file

@ -1,6 +1,6 @@
{ stdenv, fetchFromGitHub, cmake, gettext, glib, libmsgpack, libtermkey { stdenv, fetchFromGitHub, cmake, gettext, glib, libmsgpack, libtermkey
, libtool, libuv, lpeg, lua, luajit, luaMessagePack, luabitop, ncurses, perl , libtool, libuv, lpeg, lua, luajit, luaMessagePack, luabitop, man, ncurses
, pkgconfig, unibilium, makeWrapper, vimUtils , perl, pkgconfig, unibilium, makeWrapper, vimUtils, xsel
, withPython ? true, pythonPackages, extraPythonPackages ? [] , withPython ? true, pythonPackages, extraPythonPackages ? []
, withPython3 ? true, python3Packages, extraPython3Packages ? [] , withPython3 ? true, python3Packages, extraPython3Packages ? []
@ -101,7 +101,10 @@ let
# triggers on buffer overflow bug while running tests # triggers on buffer overflow bug while running tests
hardeningDisable = [ "fortify" ]; hardeningDisable = [ "fortify" ];
preConfigure = stdenv.lib.optionalString stdenv.isDarwin '' preConfigure = ''
substituteInPlace runtime/autoload/man.vim \
--replace /usr/bin/man ${man}/bin/man
'' + stdenv.lib.optionalString stdenv.isDarwin ''
export DYLD_LIBRARY_PATH=${jemalloc}/lib export DYLD_LIBRARY_PATH=${jemalloc}/lib
substituteInPlace src/nvim/CMakeLists.txt --replace " util" "" substituteInPlace src/nvim/CMakeLists.txt --replace " util" ""
''; '';
@ -111,6 +114,7 @@ let
install_name_tool -change libjemalloc.1.dylib \ install_name_tool -change libjemalloc.1.dylib \
${jemalloc}/lib/libjemalloc.1.dylib \ ${jemalloc}/lib/libjemalloc.1.dylib \
$out/bin/nvim $out/bin/nvim
sed -i -e "s|'xsel|'${xsel}/bin/xsel|" share/nvim/runtime/autoload/provider/clipboard.vim
'' + optionalString withPython '' '' + optionalString withPython ''
ln -s ${pythonEnv}/bin/python $out/bin/nvim-python ln -s ${pythonEnv}/bin/python $out/bin/nvim-python
'' + optionalString withPyGUI '' '' + optionalString withPyGUI ''

21
pkgs/applications/editors/sublime/default.nix
View file

@ -1,4 +1,4 @@
{ fetchurl, stdenv, glib, xorg, cairo, gtk}: { fetchurl, stdenv, glib, xorg, cairo, gtk, makeDesktopItem }:
let let
libPath = stdenv.lib.makeLibraryPath [glib xorg.libX11 gtk cairo]; libPath = stdenv.lib.makeLibraryPath [glib xorg.libX11 gtk cairo];
in in
@ -31,8 +31,27 @@ stdenv.mkDerivation rec {
--interpreter "$(cat $NIX_CC/nix-support/dynamic-linker)" \ --interpreter "$(cat $NIX_CC/nix-support/dynamic-linker)" \
--set-rpath ${libPath}:${stdenv.cc.cc.lib}/lib${stdenv.lib.optionalString stdenv.is64bit "64"} \ --set-rpath ${libPath}:${stdenv.cc.cc.lib}/lib${stdenv.lib.optionalString stdenv.is64bit "64"} \
$out/sublime/sublime_text $out/sublime/sublime_text
mkdir -p $out/share/icons
for x in $(ls $out/sublime/Icon); do
mkdir -p $out/share/icons/hicolor/$x/apps
cp -v $out/sublime/Icon/$x/* $out/share/icons/hicolor/$x/apps
done
ln -sv "${desktopItem}/share/applications" $out/share
''; '';
desktopItem = makeDesktopItem {
name = "sublime2";
exec = "sublime2 %F";
comment = meta.description;
desktopName = "Sublime Text";
genericName = "Text Editor";
categories = "TextEditor;Development;";
icon = "sublime_text";
};
meta = { meta = {
description = "Sophisticated text editor for code, markup and prose"; description = "Sophisticated text editor for code, markup and prose";
license = stdenv.lib.licenses.unfree; license = stdenv.lib.licenses.unfree;

2
pkgs/applications/editors/texmaker/default.nix
View file

@ -12,7 +12,7 @@ stdenv.mkDerivation rec {
buildInputs = [ qt4 poppler_qt4 zlib ]; buildInputs = [ qt4 poppler_qt4 zlib ];
nativeBuildInputs = [ pkgconfig poppler qmake4Hook ]; nativeBuildInputs = [ pkgconfig poppler qmake4Hook ];
NIX_CFLAGS_COMPILE="-I${poppler}/include/poppler"; NIX_CFLAGS_COMPILE="-I${poppler.dev}/include/poppler";
preConfigure = '' preConfigure = ''
qmakeFlags="$qmakeFlags DESKTOPDIR=$out/share/applications ICONDIR=$out/share/pixmaps" qmakeFlags="$qmakeFlags DESKTOPDIR=$out/share/applications ICONDIR=$out/share/pixmaps"

16
pkgs/applications/graphics/ImageMagick/default.nix
View file

@ -43,7 +43,8 @@ stdenv.mkDerivation rec {
patches = [ ./imagetragick.patch ] ++ cfg.patches; patches = [ ./imagetragick.patch ] ++ cfg.patches;
outputs = [ "out" "doc" ]; outputs = [ "dev" "out" "doc" ]; # bin/ isn't really big
outputMan = "out"; # it's tiny
enableParallelBuilding = true; enableParallelBuilding = true;
@ -76,18 +77,23 @@ stdenv.mkDerivation rec {
; ;
postInstall = '' postInstall = ''
(cd "$dev/include" && ln -s ImageMagick* ImageMagick)
(cd "$out/include" && ln -s ImageMagick* ImageMagick) moveToOutput "bin/*-config" "$dev"
moveToOutput "lib/ImageMagick-*/config-Q16" "$dev" # includes configure params
for file in "$dev"/bin/*-config; do
substituteInPlace "$file" --replace pkg-config \
"PKG_CONFIG_PATH='$dev/lib/pkgconfig' '${pkgconfig}/bin/pkg-config'"
done
'' + lib.optionalString (ghostscript != null) '' '' + lib.optionalString (ghostscript != null) ''
for la in $out/lib/*.la; do for la in $out/lib/*.la; do
sed 's|-lgs|-L${ghostscript}/lib -lgs|' -i $la sed 's|-lgs|-L${lib.getLib ghostscript}/lib -lgs|' -i $la
done done
''; '';
meta = with stdenv.lib; { meta = with stdenv.lib; {
homepage = http://www.imagemagick.org/; homepage = http://www.imagemagick.org/;
description = "A software suite to create, edit, compose, or convert bitmap images"; description = "A software suite to create, edit, compose, or convert bitmap images";
platforms = platforms.linux ++ [ "x86_64-darwin" ]; platforms = platforms.linux ++ platforms.darwin;
maintainers = with maintainers; [ the-kenny wkennington ]; maintainers = with maintainers; [ the-kenny wkennington ];
}; };
} }

2
pkgs/applications/graphics/digikam/default.nix
View file

@ -71,7 +71,7 @@ let
# Help digiKam find libusb, otherwise gphoto2 support is disabled # Help digiKam find libusb, otherwise gphoto2 support is disabled
cmakeFlags = [ cmakeFlags = [
"-DLIBUSB_LIBRARIES=${libusb1.out}/lib" "-DLIBUSB_LIBRARIES=${libusb1.out}/lib"
"-DLIBUSB_INCLUDE_DIR=${libusb1}/include/libusb-1.0" "-DLIBUSB_INCLUDE_DIR=${libusb1.dev}/include/libusb-1.0"
"-DENABLE_BALOOSUPPORT=ON" "-DENABLE_BALOOSUPPORT=ON"
"-DENABLE_KDEPIMLIBSSUPPORT=ON" "-DENABLE_KDEPIMLIBSSUPPORT=ON"
"-DENABLE_LCMS2=ON" ] "-DENABLE_LCMS2=ON" ]

30
pkgs/applications/graphics/exrdisplay/default.nix
View file

@ -1,27 +1,29 @@
{ stdenv, fetchurl, pkgconfig, fltk, openexr, mesa, which, openexr_ctl }: { stdenv, fetchurl, pkgconfig, fltk, openexr, mesa, openexr_ctl }:
assert fltk.glSupport; assert fltk.glSupport;
stdenv.mkDerivation { stdenv.mkDerivation {
name ="openexr_viewers-1.0.1"; name ="openexr_viewers-2.2.0";
src = fetchurl { src = fetchurl {
url = "mirror://savannah/openexr/openexr_viewers-1.0.1.tar.gz"; url = "mirror://savannah/openexr/openexr_viewers-2.2.0.tar.gz";
sha256 = "1w5qbcdp7sw48z1wk2v07f7p14vqqb1m2ncxyxnbkm9f4ab0ymg6"; sha256 = "1s84vnas12ybx8zz0jcmpfbk9m4ab5bg2d3cglqwk3wys7jf4gzp";
}; };
configurePhase = configurePhase = ''
'' ./configure --prefix=$out --with-fltk-config=${fltk}/bin/fltk-config
# don't know why.. adding these flags it works '';
#export CXXFLAGS=`fltk-config --use-gl --cxxflags --ldflags`
./configure --prefix=$out --with-fltk-config=${fltk}/bin/fltk-config
'';
buildInputs = [ openexr fltk pkgconfig mesa which openexr_ctl ]; buildPahse = ''
make LDFLAGS="`fltk-config --ldflags` -lGL -lfltk_gl"
'';
buildInputs = [ openexr fltk pkgconfig mesa openexr_ctl ];
meta = { meta = {
description = "Tool to view OpenEXR images"; description = "Application for viewing OpenEXR images on a display at various exposure settings";
homepage = http://openexr.com; homepage = "http://openexr.com";
license = "BSD-like"; platforms = stdenv.lib.platforms.linux;
license = stdenv.lib.licenses.bsd3;
}; };
} }

Some files were not shown because too many files have changed in this diff Show more