movefasta/nixpkgs
0
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2025-07-14 14:10:33 +03:00
Code Activity

Merge remote-tracking branch 'origin/master' into staging-next

Browse source
This commit is contained in:
K900 2025-07-11 09:24:31 +03:00
commit 77e81dbfc2
66 changed files with 1614 additions and 549 deletions
Download patch file Download diff file Expand all files Collapse all files

5
lib/filesystem.nix
View file

@ -385,7 +385,6 @@ in
recurseIntoAttrs
removeSuffix
;
inherit (lib.path) append;
# Generate an attrset corresponding to a given directory.
# This function is outside `packagesFromDirectoryRecursive`'s lambda expression,
@ -396,7 +395,7 @@ in
name: type:
# for each directory entry
let
path = append directory name;
path = directory + "/${name}";
in
if type == "directory" then
{
@ -429,7 +428,7 @@ in
directory,
}@args:
let
defaultPath = append directory "package.nix";
defaultPath = directory + "/package.nix";
in
if pathExists defaultPath then
# if `${directory}/package.nix` exists, call it directly

28
lib/tests/misc.nix
View file

@ -4158,6 +4158,34 @@ runTests {
};
};
# Make sure that passing a string for the `directory` works.
#
# See: https://github.com/NixOS/nixpkgs/pull/361424#discussion_r1934813568
# See: https://github.com/NixOS/nix/issues/9428
testPackagesFromDirectoryRecursiveStringDirectory = {
expr = packagesFromDirectoryRecursive {
callPackage = path: overrides: import path overrides;
# Do NOT remove the `builtins.toString` call here!!!
directory = builtins.toString ./packages-from-directory/plain;
};
expected = {
a = "a";
b = "b";
# Note: Other files/directories in `./test-data/c/` are ignored and can be
# used by `package.nix`.
c = "c";
my-namespace = {
d = "d";
e = "e";
f = "f";
my-sub-namespace = {
g = "g";
h = "h";
};
};
};
};
# Check that `packagesFromDirectoryRecursive` can process a directory with a
# top-level `package.nix` file into a single package.
testPackagesFromDirectoryRecursiveTopLevelPackageNix = {

2
nixos/doc/manual/release-notes/rl-2505.section.md
View file

@ -222,6 +222,8 @@ Alongside many enhancements to NixOS modules and general system improvements, th
- [Limine](https://github.com/limine-bootloader/limine) a modern, advanced, portable, multiprotocol bootloader and boot manager. Available as [boot.loader.limine](#opt-boot.loader.limine.enable).
- [tee-supplicant](https://github.com/OP-TEE/optee_client), a userspace supplicant for OP-TEE OS. Available as [services.tee-supplicant](#opt-services.tee-supplicant.enable).
- [Orthanc](https://orthanc.uclouvain.be/) a lightweight, RESTful DICOM server for healthcare and medical research. Available as [services.orthanc](#opt-services.orthanc.enable).
- [Docling Serve](https://github.com/docling-project/docling-serve) running [Docling](https://github.com/docling-project/docling) as an API service. Available as [services.docling-serve](#opt-services.docling-serve.enable).

2
nixos/modules/module-list.nix
View file

@ -930,6 +930,7 @@
./services/misc/taskchampion-sync-server.nix
./services/misc/taskserver
./services/misc/tautulli.nix
./services/misc/tee-supplicant
./services/misc/tiddlywiki.nix
./services/misc/tp-auto-kbbl.nix
./services/misc/transfer-sh.nix
@ -1413,6 +1414,7 @@
./services/search/hound.nix
./services/search/manticore.nix
./services/search/meilisearch.nix
./services/search/nominatim.nix
./services/search/opensearch.nix
./services/search/qdrant.nix
./services/search/quickwit.nix

14
nixos/modules/services/hardware/nvidia-container-toolkit/cdi-generate.nix
View file

@ -10,18 +10,9 @@
nvidia-driver,
runtimeShell,
writeScriptBin,
extraArgs,
}:
let
mkMount =
{
hostPath,
containerPath,
mountOptions,
}:
{
inherit hostPath containerPath;
options = mountOptions;
};
mountToCommand =
mount:
"additionalMount \"${mount.hostPath}\" \"${mount.containerPath}\" '${builtins.toJSON mount.mountOptions}'";
@ -48,7 +39,8 @@ writeScriptBin "nvidia-cdi-generator" ''
--device-name-strategy ${device-name-strategy} \
--ldconfig-path ${lib.getExe' glibc "ldconfig"} \
--library-search-path ${lib.getLib nvidia-driver}/lib \
--nvidia-cdi-hook-path ${lib.getExe' nvidia-container-toolkit.tools "nvidia-cdi-hook"}
--nvidia-cdi-hook-path ${lib.getExe' nvidia-container-toolkit.tools "nvidia-cdi-hook"} \
${lib.escapeShellArgs extraArgs}
}
function additionalMount {

9
nixos/modules/services/hardware/nvidia-container-toolkit/default.nix
View file

@ -120,6 +120,14 @@
};
package = lib.mkPackageOption pkgs "nvidia-container-toolkit" { };
extraArgs = lib.mkOption {
type = lib.types.listOf lib.types.str;
default = [ ];
description = ''
Extra arguments to be passed to nvidia-ctk.
'';
};
};
};
@ -241,6 +249,7 @@
device-name-strategy
discovery-mode
mounts
extraArgs
;
nvidia-container-toolkit = config.hardware.nvidia-container-toolkit.package;
nvidia-driver = config.hardware.nvidia.package;

95
nixos/modules/services/misc/tee-supplicant/default.nix Normal file
View file

@ -0,0 +1,95 @@
{
config,
pkgs,
lib,
...
}:
let
inherit (lib)
getExe'
mkEnableOption
mkIf
mkOption
mkPackageOption
types
;
cfg = config.services.tee-supplicant;
taDir = "optee_armtz";
trustedApplications = pkgs.linkFarm "runtime-trusted-applications" (
map (
ta:
let
# This is safe since we are using it as the path value, so the context
# will still ensure that this nix store path exists on the running
# system.
taFile = builtins.baseNameOf (builtins.unsafeDiscardStringContext ta);
in
{
name = "lib/${taDir}/${taFile}";
path = ta;
}
) cfg.trustedApplications
);
in
{
options.services.tee-supplicant = {
enable = mkEnableOption "OP-TEE userspace supplicant";
package = mkPackageOption pkgs "optee-client" { };
trustedApplications = mkOption {
type = types.listOf types.path;
default = [ ];
description = ''
A list of full paths to trusted applications that will be loaded at
runtime by tee-supplicant.
'';
};
pluginPath = mkOption {
type = types.path;
default = "/run/current-system/sw/lib/tee-supplicant/plugins";
description = ''
The directory where plugins will be loaded from on startup.
'';
};
reeFsParentPath = mkOption {
type = types.path;
default = "/var/lib/tee";
description = ''
The directory where the secure filesystem will be stored in the rich
execution environment (REE FS).
'';
};
};
config = mkIf cfg.enable {
environment = mkIf (cfg.trustedApplications != [ ]) {
systemPackages = [ trustedApplications ];
pathsToLink = [ "/lib/${taDir}" ];
};
systemd.services.tee-supplicant = {
description = "Userspace supplicant for OPTEE-OS";
serviceConfig = {
ExecStart = toString [
(getExe' cfg.package "tee-supplicant")
"--ta-dir ${taDir}"
"--fs-parent-path ${cfg.reeFsParentPath}"
"--plugin-path ${cfg.pluginPath}"
];
Restart = "always";
};
after = [ "modprobe@optee.service" ];
wants = [ "modprobe@optee.service" ];
wantedBy = [ "multi-user.target" ];
};
};
}

3
nixos/modules/services/networking/syncthing.nix
View file

@ -847,7 +847,8 @@ in
];
};
systemd.packages = [ pkgs.syncthing ];
environment.systemPackages = [ cfg.package ];
systemd.packages = [ cfg.package ];
users.users = mkIf (cfg.systemService && cfg.user == defaultUser) {
${defaultUser} = {

324
nixos/modules/services/search/nominatim.nix Normal file
View file

@ -0,0 +1,324 @@
{
lib,
config,
pkgs,
...
}:
let
cfg = config.services.nominatim;
localDb = cfg.database.host == "localhost";
uiPackage = cfg.ui.package.override { customConfig = cfg.ui.config; };
in
{
options.services.nominatim = {
enable = lib.mkOption {
type = lib.types.bool;
default = false;
description = ''
Whether to enable nominatim.
Also enables nginx virtual host management. Further nginx configuration
can be done by adapting `services.nginx.virtualHosts.<name>`.
See [](#opt-services.nginx.virtualHosts).
'';
};
package = lib.mkPackageOption pkgs.python3Packages "nominatim-api" { };
hostName = lib.mkOption {
type = lib.types.str;
description = "Hostname to use for the nginx vhost.";
example = "nominatim.example.com";
};
settings = lib.mkOption {
default = { };
type = lib.types.attrsOf lib.types.str;
example = lib.literalExpression ''
{
NOMINATIM_REPLICATION_URL = "https://planet.openstreetmap.org/replication/minute";
NOMINATIM_REPLICATION_MAX_DIFF = "100";
}
'';
description = ''
Nominatim configuration settings.
For the list of available configuration options see
<https://nominatim.org/release-docs/latest/customize/Settings>.
'';
};
ui = {
package = lib.mkPackageOption pkgs "nominatim-ui" { };
config = lib.mkOption {
type = lib.types.nullOr lib.types.str;
default = null;
description = ''
Nominatim UI configuration placed to theme/config.theme.js file.
For the list of available configuration options see
<https://github.com/osm-search/nominatim-ui/blob/master/dist/config.defaults.js>.
'';
example = ''
Nominatim_Config.Page_Title='My Nominatim instance';
Nominatim_Config.Nominatim_API_Endpoint='https://localhost/';
'';
};
};
database = {
host = lib.mkOption {
type = lib.types.str;
default = "localhost";
description = ''
Host of the postgresql server. If not set to `localhost`, Nominatim
database and postgresql superuser with appropriate permissions must
exist on target host.
'';
};
port = lib.mkOption {
type = lib.types.port;
default = 5432;
description = "Port of the postgresql database.";
};
dbname = lib.mkOption {
type = lib.types.str;
default = "nominatim";
description = "Name of the postgresql database.";
};
superUser = lib.mkOption {
type = lib.types.str;
default = "nominatim";
description = ''
Postgresql database superuser used to create Nominatim database and
import data. If `database.host` is set to `localhost`, a unix user and
group of the same name will be automatically created.
'';
};
apiUser = lib.mkOption {
type = lib.types.str;
default = "nominatim-api";
description = ''
Postgresql database user with read-only permissions used for Nominatim
web API service.
'';
};
passwordFile = lib.mkOption {
type = lib.types.nullOr lib.types.path;
default = null;
description = ''
Password file used for Nominatim database connection.
Must be readable only for the Nominatim web API user.
The file must be a valid `.pgpass` file as described in:
<https://www.postgresql.org/docs/current/libpq-pgpass.html>
In most cases, the following will be enough:
```
*:*:*:*:<password>
```
'';
};
extraConnectionParams = lib.mkOption {
type = lib.types.nullOr lib.types.str;
default = null;
description = ''
Extra Nominatim database connection parameters.
Format:
<param1>=<value1>;<param2>=<value2>
See <https://www.postgresql.org/docs/current/libpq-connect.html#LIBPQ-PARAMKEYWORDS>.
'';
};
};
};
config =
let
nominatimSuperUserDsn =
"pgsql:dbname=${cfg.database.dbname};"
+ "user=${cfg.database.superUser}"
+ lib.optionalString (cfg.database.extraConnectionParams != null) (
";" + cfg.database.extraConnectionParams
);
nominatimApiDsn =
"pgsql:dbname=${cfg.database.dbname}"
+ lib.optionalString (!localDb) (
";host=${cfg.database.host};"
+ "port=${toString cfg.database.port};"
+ "user=${cfg.database.apiUser}"
)
+ lib.optionalString (cfg.database.extraConnectionParams != null) (
";" + cfg.database.extraConnectionParams
);
in
lib.mkIf cfg.enable {
# CLI package
environment.systemPackages = [ pkgs.nominatim ];
# Database
users.users.${cfg.database.superUser} = lib.mkIf localDb {
group = cfg.database.superUser;
isSystemUser = true;
createHome = false;
};
users.groups.${cfg.database.superUser} = lib.mkIf localDb { };
services.postgresql = lib.mkIf localDb {
enable = true;
extensions = ps: with ps; [ postgis ];
ensureUsers = [
{
name = cfg.database.superUser;
ensureClauses.superuser = true;
}
{
name = cfg.database.apiUser;
}
];
};
# TODO: add nominatim-update service
systemd.services.nominatim-init = lib.mkIf localDb {
after = [ "postgresql-setup.service" ];
requires = [ "postgresql-setup.service" ];
wantedBy = [ "multi-user.target" ];
serviceConfig = {
Type = "oneshot";
User = cfg.database.superUser;
RemainAfterExit = true;
PrivateTmp = true;
};
script = ''
sql="SELECT COUNT(*) FROM pg_database WHERE datname='${cfg.database.dbname}'"
db_exists=$(${pkgs.postgresql}/bin/psql --dbname postgres -tAc "$sql")
if [ "$db_exists" == "0" ]; then
${lib.getExe pkgs.nominatim} import --prepare-database
else
echo "Database ${cfg.database.dbname} already exists. Skipping ..."
fi
'';
path = [
pkgs.postgresql
];
environment = {
NOMINATIM_DATABASE_DSN = nominatimSuperUserDsn;
NOMINATIM_DATABASE_WEBUSER = cfg.database.apiUser;
} // cfg.settings;
};
# Web API service
users.users.${cfg.database.apiUser} = {
group = cfg.database.apiUser;
isSystemUser = true;
createHome = false;
};
users.groups.${cfg.database.apiUser} = { };
systemd.services.nominatim = {
after = [ "network.target" ] ++ lib.optionals localDb [ "nominatim-init.service" ];
requires = lib.optionals localDb [ "nominatim-init.service" ];
bindsTo = lib.optionals localDb [ "postgresql.service" ];
wantedBy = [ "multi-user.target" ];
wants = [ "network.target" ];
serviceConfig = {
Type = "simple";
User = cfg.database.apiUser;
ExecStart = ''
${pkgs.python3Packages.gunicorn}/bin/gunicorn \
--bind unix:/run/nominatim.sock \
--workers 4 \
--worker-class uvicorn.workers.UvicornWorker "nominatim_api.server.falcon.server:run_wsgi()"
'';
Environment = lib.optional (
cfg.database.passwordFile != null
) "PGPASSFILE=${cfg.database.passwordFile}";
ExecReload = "${pkgs.procps}/bin/kill -s HUP $MAINPID";
KillMode = "mixed";
TimeoutStopSec = 5;
};
environment = {
PYTHONPATH =
with pkgs.python3Packages;
pkgs.python3Packages.makePythonPath [
cfg.package
falcon
uvicorn
];
NOMINATIM_DATABASE_DSN = nominatimApiDsn;
NOMINATIM_DATABASE_WEBUSER = cfg.database.apiUser;
} // cfg.settings;
};
systemd.sockets.nominatim = {
before = [ "nominatim.service" ];
wantedBy = [ "sockets.target" ];
socketConfig = {
ListenStream = "/run/nominatim.sock";
SocketUser = cfg.database.apiUser;
SocketGroup = config.services.nginx.group;
};
};
services.nginx = {
enable = true;
appendHttpConfig = ''
map $args $format {
default default;
~(^|&)format=html(&|$) html;
}
map $uri/$format $forward_to_ui {
default 0; # No forwarding by default.
# Redirect to HTML UI if explicitly requested.
~/reverse.*/html 1;
~/search.*/html 1;
~/lookup.*/html 1;
~/details.*/html 1;
}
'';
upstreams.nominatim = {
servers = {
"unix:/run/nominatim.sock" = { };
};
};
virtualHosts = {
${cfg.hostName} = {
forceSSL = lib.mkDefault true;
enableACME = lib.mkDefault true;
locations = {
"= /" = {
extraConfig = ''
return 301 $scheme://$http_host/ui/search.html;
'';
};
"/" = {
proxyPass = "http://nominatim";
extraConfig = ''
if ($forward_to_ui) {
rewrite ^(/[^/.]*) /ui$1.html redirect;
}
'';
};
"/ui/" = {
alias = "${uiPackage}/";
};
};
};
};
};
};
}

37
nixos/tests/all-tests.nix
View file

@ -605,7 +605,7 @@ in
gns3-server = runTest ./gns3-server.nix;
gnupg = runTest ./gnupg.nix;
goatcounter = runTest ./goatcounter.nix;
go-camo = handleTest ./go-camo.nix { };
go-camo = runTest ./go-camo.nix;
go-neb = runTest ./go-neb.nix;
gobgpd = runTest ./gobgpd.nix;
gocd-agent = runTest ./gocd-agent.nix;
@ -649,10 +649,22 @@ in
harmonia = runTest ./harmonia.nix;
headscale = runTest ./headscale.nix;
healthchecks = runTest ./web-apps/healthchecks.nix;
hbase2 = handleTest ./hbase.nix { package = pkgs.hbase2; };
hbase_2_5 = handleTest ./hbase.nix { package = pkgs.hbase_2_5; };
hbase_2_4 = handleTest ./hbase.nix { package = pkgs.hbase_2_4; };
hbase3 = handleTest ./hbase.nix { package = pkgs.hbase3; };
hbase2 = runTest {
imports = [ ./hbase.nix ];
_module.args.getPackage = pkgs: pkgs.hbase2;
};
hbase_2_5 = runTest {
imports = [ ./hbase.nix ];
_module.args.getPackage = pkgs: pkgs.hbase_2_5;
};
hbase_2_4 = runTest {
imports = [ ./hbase.nix ];
_module.args.getPackage = pkgs: pkgs.hbase_2_4;
};
hbase3 = runTest {
imports = [ ./hbase.nix ];
_module.args.getPackage = pkgs: pkgs.hbase3;
};
hedgedoc = runTest ./hedgedoc.nix;
herbstluftwm = runTest ./herbstluftwm.nix;
homebox = runTest ./homebox.nix;
@ -1014,6 +1026,7 @@ in
nixseparatedebuginfod = runTest ./nixseparatedebuginfod.nix;
node-red = runTest ./node-red.nix;
nomad = runTest ./nomad.nix;
nominatim = runTest ./nominatim.nix;
non-default-filesystems = handleTest ./non-default-filesystems.nix { };
non-switchable-system = runTest ./non-switchable-system.nix;
noto-fonts = runTest ./noto-fonts.nix;
@ -1067,6 +1080,7 @@ in
openvscode-server = runTest ./openvscode-server.nix;
open-webui = runTest ./open-webui.nix;
openvswitch = runTest ./openvswitch.nix;
optee = handleTestOn [ "aarch64-linux" ] ./optee.nix { };
orangefs = runTest ./orangefs.nix;
os-prober = handleTestOn [ "x86_64-linux" ] ./os-prober.nix { };
osquery = handleTestOn [ "x86_64-linux" ] ./osquery.nix { };
@ -1319,7 +1333,7 @@ in
stratis = handleTest ./stratis { };
strongswan-swanctl = runTest ./strongswan-swanctl.nix;
stub-ld = handleTestOn [ "x86_64-linux" "aarch64-linux" ] ./stub-ld.nix { };
stunnel = handleTest ./stunnel.nix { };
stunnel = import ./stunnel.nix { inherit runTest; };
sudo = runTest ./sudo.nix;
sudo-rs = runTest ./sudo-rs.nix;
sunshine = runTest ./sunshine.nix;
@ -1364,7 +1378,7 @@ in
systemd-initrd-luks-tpm2 = runTest ./systemd-initrd-luks-tpm2.nix;
systemd-initrd-luks-unl0kr = runTest ./systemd-initrd-luks-unl0kr.nix;
systemd-initrd-modprobe = runTest ./systemd-initrd-modprobe.nix;
systemd-initrd-networkd = handleTest ./systemd-initrd-networkd.nix { };
systemd-initrd-networkd = import ./systemd-initrd-networkd.nix { inherit runTest; };
systemd-initrd-networkd-ssh = runTest ./systemd-initrd-networkd-ssh.nix;
systemd-initrd-networkd-openvpn = handleTestOn [
"x86_64-linux"
@ -1386,9 +1400,7 @@ in
systemd-networkd = runTest ./systemd-networkd.nix;
systemd-networkd-bridge = runTest ./systemd-networkd-bridge.nix;
systemd-networkd-dhcpserver = runTest ./systemd-networkd-dhcpserver.nix;
systemd-networkd-dhcpserver-static-leases =
handleTest ./systemd-networkd-dhcpserver-static-leases.nix
{ };
systemd-networkd-dhcpserver-static-leases = runTest ./systemd-networkd-dhcpserver-static-leases.nix;
systemd-networkd-ipv6-prefix-delegation =
handleTest ./systemd-networkd-ipv6-prefix-delegation.nix
{ };
@ -1555,7 +1567,10 @@ in
xterm = runTest ./xterm.nix;
xxh = runTest ./xxh.nix;
yarr = runTest ./yarr.nix;
ydotool = handleTest ./ydotool.nix { };
ydotool = import ./ydotool.nix {
inherit (pkgs) lib;
inherit runTest;
};
yggdrasil = runTest ./yggdrasil.nix;
your_spotify = runTest ./your_spotify.nix;
zammad = runTest ./zammad.nix;

52
nixos/tests/go-camo.nix
View file

@ -1,36 +1,26 @@
{ lib, ... }:
let
key_val = "12345678";
in
{
system ? builtins.currentSystem,
config ? { },
pkgs ? import ../.. { inherit system config; },
}:
name = "go-camo-file-key";
meta = {
maintainers = [ lib.maintainers.viraptor ];
};
with import ../lib/testing-python.nix { inherit system pkgs; };
{
gocamo_file_key =
let
key_val = "12345678";
in
makeTest {
name = "go-camo-file-key";
meta = {
maintainers = [ pkgs.lib.maintainers.viraptor ];
nodes.machine =
{ pkgs, ... }:
{
services.go-camo = {
enable = true;
keyFile = pkgs.writeText "foo" key_val;
};
nodes.machine =
{ config, pkgs, ... }:
{
services.go-camo = {
enable = true;
keyFile = pkgs.writeText "foo" key_val;
};
};
# go-camo responds to http requests
testScript = ''
machine.wait_for_unit("go-camo.service")
machine.wait_for_open_port(8080)
machine.succeed("curl http://localhost:8080")
'';
};
# go-camo responds to http requests
testScript = ''
machine.wait_for_unit("go-camo.service")
machine.wait_for_open_port(8080)
machine.succeed("curl http://localhost:8080")
'';
}

66
nixos/tests/hbase.nix
View file

@ -1,39 +1,33 @@
import ./make-test-python.nix (
{
pkgs,
lib,
package ? pkgs.hbase,
...
}:
{
name = "hbase-standalone";
{ getPackage, lib, ... }:
{
name = "hbase-standalone";
meta = with lib.maintainers; {
maintainers = [ illustris ];
meta = with lib.maintainers; {
maintainers = [ illustris ];
};
nodes.hbase =
{ pkgs, ... }:
let
package = getPackage pkgs;
in
{
services.hbase-standalone = {
enable = true;
inherit package;
# Needed for standalone mode in hbase 2+
# This setting and standalone mode are not suitable for production
settings."hbase.unsafe.stream.capability.enforce" = "false";
};
environment.systemPackages = [
package
];
};
nodes = {
hbase =
{ pkgs, ... }:
{
services.hbase-standalone = {
enable = true;
inherit package;
# Needed for standalone mode in hbase 2+
# This setting and standalone mode are not suitable for production
settings."hbase.unsafe.stream.capability.enforce" = "false";
};
environment.systemPackages = with pkgs; [
package
];
};
};
testScript = ''
start_all()
hbase.wait_for_unit("hbase.service")
hbase.wait_until_succeeds("echo \"create 't1','f1'\" | sudo -u hbase hbase shell -n")
assert "NAME => 'f1'" in hbase.succeed("echo \"describe 't1'\" | sudo -u hbase hbase shell -n")
'';
}
)
testScript = ''
start_all()
hbase.wait_for_unit("hbase.service")
hbase.wait_until_succeeds("echo \"create 't1','f1'\" | sudo -u hbase hbase shell -n")
assert "NAME => 'f1'" in hbase.succeed("echo \"describe 't1'\" | sudo -u hbase hbase shell -n")
'';
}

187
nixos/tests/nominatim.nix Normal file
View file

@ -0,0 +1,187 @@
{ pkgs, lib, ... }:
let
# Andorra - the smallest dataset in Europe (3.1 MB)
osmData = pkgs.fetchurl {
url = "https://web.archive.org/web/20250430211212/https://download.geofabrik.de/europe/andorra-latest.osm.pbf";
hash = "sha256-Ey+ipTOFUm80rxBteirPW5N4KxmUsg/pCE58E/2rcyE=";
};
in
{
name = "nominatim";
meta = {
maintainers = with lib.teams; [
geospatial
ngi
];
};
nodes = {
# nominatim - self contained host
nominatim =
{ config, pkgs, ... }:
{
# Nominatim
services.nominatim = {
enable = true;
hostName = "nominatim";
settings = {
NOMINATIM_IMPORT_STYLE = "admin";
};
ui = {
config = ''
Nominatim_Config.Page_Title='Test Nominatim instance';
Nominatim_Config.Nominatim_API_Endpoint='https://localhost/';
'';
};
};
# Disable SSL
services.nginx.virtualHosts.nominatim = {
forceSSL = false;
enableACME = false;
};
# Database
services.postgresql = {
enableTCPIP = true;
authentication = lib.mkForce ''
local all all trust
host all all 0.0.0.0/0 md5
host all all ::0/0 md5
'';
};
systemd.services.postgresql-setup.postStart = ''
psql --command "ALTER ROLE \"nominatim-api\" WITH PASSWORD 'password';"
'';
networking.firewall.allowedTCPPorts = [ config.services.postgresql.settings.port ];
};
# api - web API only
api =
{ config, pkgs, ... }:
{
# Database password
system.activationScripts = {
passwordFile.text = with config.services.nominatim.database; ''
mkdir -p /run/secrets
echo "${host}:${toString port}:${dbname}:${apiUser}:password" \
> /run/secrets/pgpass
chown nominatim-api:nominatim-api /run/secrets/pgpass
chmod 0600 /run/secrets/pgpass
'';
};
# Nominatim
services.nominatim = {
enable = true;
hostName = "nominatim";
settings = {
NOMINATIM_LOG_DB = "yes";
};
database = {
host = "nominatim";
passwordFile = "/run/secrets/pgpass";
extraConnectionParams = "application_name=nominatim;connect_timeout=2";
};
};
# Disable SSL
services.nginx.virtualHosts.nominatim = {
forceSSL = false;
enableACME = false;
};
};
};
testScript = ''
# Test nominatim host
nominatim.start()
nominatim.wait_for_unit("nominatim.service")
# Import OSM data
nominatim.succeed("""
cd /tmp
sudo -u nominatim \
NOMINATIM_DATABASE_WEBUSER=nominatim-api \
NOMINATIM_IMPORT_STYLE=admin \
nominatim import --continue import-from-file --osm-file ${osmData}
""")
nominatim.succeed("systemctl restart nominatim.service")
# Test CLI
nominatim.succeed("sudo -u nominatim-api nominatim search --query Andorra")
# Test web API
nominatim.succeed("curl 'http://localhost/status' | grep OK")
nominatim.succeed("""
curl "http://localhost/search?q=Andorra&format=geojson" | grep "Andorra"
curl "http://localhost/reverse?lat=42.5407167&lon=1.5732033&format=geojson"
""")
# Test UI
nominatim.succeed("""
curl "http://localhost/ui/search.html" \
| grep "<title>Nominatim Demo</title>"
""")
# Test api host
api.start()
api.wait_for_unit("nominatim.service")
# Test web API
api.succeed("""
curl "http://localhost/search?q=Andorra&format=geojson" | grep "Andorra"
curl "http://localhost/reverse?lat=42.5407167&lon=1.5732033&format=geojson"
""")
# Test format rewrites
# Redirect / to search
nominatim.succeed("""
curl --verbose "http://localhost" 2>&1 \
| grep "Location: http://localhost/ui/search.html"
""")
# Return text by default
nominatim.succeed("""
curl --verbose "http://localhost/status" 2>&1 \
| grep "Content-Type: text/plain"
""")
# Return JSON by default
nominatim.succeed("""
curl --verbose "http://localhost/search?q=Andorra" 2>&1 \
| grep "Content-Type: application/json"
""")
# Return XML by default
nominatim.succeed("""
curl --verbose "http://localhost/lookup" 2>&1 \
| grep "Content-Type: text/xml"
curl --verbose "http://localhost/reverse?lat=0&lon=0" 2>&1 \
| grep "Content-Type: text/xml"
""")
# Redirect explicitly requested HTML format
nominatim.succeed("""
curl --verbose "http://localhost/search?format=html" 2>&1 \
| grep "Location: http://localhost/ui/search.html"
curl --verbose "http://localhost/reverse?format=html" 2>&1 \
| grep "Location: http://localhost/ui/reverse.html"
""")
# Return explicitly requested JSON format
nominatim.succeed("""
curl --verbose "http://localhost/search?format=json" 2>&1 \
| grep "Content-Type: application/json"
curl --verbose "http://localhost/reverse?format=json" 2>&1 \
| grep "Content-Type: application/json"
""")
'';
}

72
nixos/tests/optee.nix Normal file
View file

@ -0,0 +1,72 @@
import ./make-test-python.nix (
{ pkgs, lib, ... }:
{
name = "optee";
meta = with pkgs.lib.maintainers; {
maintainers = [ jmbaur ];
};
nodes.machine =
{ config, pkgs, ... }:
let
inherit (pkgs) armTrustedFirmwareQemu opteeQemuAarch64 ubootQemuAarch64;
# Default environment for qemu-arm64 uboot does not work well with
# large nixos kernel/initrds.
uboot = ubootQemuAarch64.overrideAttrs (old: {
postPatch =
(old.postPatch or "")
+ ''
substituteInPlace board/emulation/qemu-arm/qemu-arm.env \
--replace-fail "ramdisk_addr_r=0x44000000" "ramdisk_addr_r=0x46000000"
'';
});
bios = armTrustedFirmwareQemu.override {
extraMakeFlags = [
"SPD=opteed"
"BL32=${opteeQemuAarch64}/tee-header_v2.bin"
"BL32_EXTRA1=${opteeQemuAarch64}/tee-pager_v2.bin"
"BL32_EXTRA2=${opteeQemuAarch64}/tee-pageable_v2.bin"
"BL33=${uboot}/u-boot.bin"
"all"
"fip"
];
filesToInstall = [
"build/qemu/release/bl1.bin"
"build/qemu/release/fip.bin"
];
postInstall = ''
dd if=$out/bl1.bin of=$out/bios.bin bs=4096 conv=notrunc
dd if=$out/fip.bin of=$out/bios.bin seek=64 bs=4096 conv=notrunc
'';
};
in
{
virtualisation = {
inherit bios;
cores = 2;
qemu.options = [
"-machine virt,secure=on,accel=tcg,gic-version=2"
"-cpu cortex-a57"
];
};
# VM boots up via qfw
boot.loader.grub.enable = false;
services.tee-supplicant = {
enable = true;
# pkcs11 trusted application
trustedApplications = [ "${opteeQemuAarch64.devkit}/ta/fd02c9da-306c-48c7-a49c-bbd827ae86ee.ta" ];
};
};
testScript = ''
machine.wait_for_unit("tee-supplicant.service")
out = machine.succeed("${pkgs.opensc}/bin/pkcs11-tool --module ${lib.getLib pkgs.optee-client}/lib/libckteec.so --list-token-slots")
if out.find("OP-TEE PKCS11 TA") < 0:
raise Exception("optee pkcs11 token not found")
'';
}
)

29
nixos/tests/stunnel.nix
View file

@ -1,11 +1,4 @@
{
system ? builtins.currentSystem,
config ? { },
pkgs ? import ../.. { inherit system config; },
}:
with import ../lib/testing-python.nix { inherit system pkgs; };
with pkgs.lib;
{ runTest }:
let
stunnelCommon = {
@ -20,7 +13,12 @@ let
};
};
makeCert =
{ config, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
{
systemd.services.create-test-cert = {
wantedBy = [ "sysinit.target" ];
@ -32,14 +30,14 @@ let
unitConfig.DefaultDependencies = false;
serviceConfig.Type = "oneshot";
script = ''
${pkgs.openssl}/bin/openssl req -batch -x509 -newkey rsa -nodes -out /test-cert.pem -keyout /test-key.pem -subj /CN=${config.networking.hostName}
${lib.getExe pkgs.openssl} req -batch -x509 -newkey rsa -nodes -out /test-cert.pem -keyout /test-key.pem -subj /CN=${config.networking.hostName}
( umask 077; cat /test-key.pem /test-cert.pem > /test-key-and-cert.pem )
chown stunnel /test-key.pem /test-key-and-cert.pem
'';
};
};
serverCommon =
{ pkgs, ... }:
{ lib, pkgs, ... }:
{
networking.firewall.allowedTCPPorts = [ 443 ];
services.stunnel.servers.https = {
@ -51,7 +49,7 @@ let
wantedBy = [ "multi-user.target" ];
script = ''
cd /etc/webroot
${pkgs.python3}/bin/python -m http.server 80
${lib.getExe' pkgs.python3 "python"} -m http.server 80
'';
};
};
@ -61,10 +59,9 @@ let
server_cert = ${src}.succeed("cat /test-cert.pem")
${dest}.succeed("echo %s > ${filename}" % quote(server_cert))
'';
in
{
basicServer = makeTest {
basicServer = runTest {
name = "basicServer";
nodes = {
@ -92,7 +89,7 @@ in
'';
};
serverAndClient = makeTest {
serverAndClient = runTest {
name = "serverAndClient";
nodes = {
@ -150,7 +147,7 @@ in
'';
};
mutualAuth = makeTest {
mutualAuth = runTest {
name = "mutualAuth";
nodes = rec {

150
nixos/tests/systemd-initrd-networkd.nix
View file

@ -1,61 +1,80 @@
{
system ? builtins.currentSystem,
config ? { },
pkgs ? import ../.. { inherit system config; },
lib ? pkgs.lib,
}:
with import ../lib/testing-python.nix { inherit system pkgs; };
{ runTest }:
let
inherit (lib.maintainers) elvishjerricco;
common = {
boot.initrd.systemd = {
enable = true;
network.wait-online.timeout = 10;
network.wait-online.anyInterface = true;
targets.network-online.requiredBy = [ "initrd.target" ];
services.systemd-networkd-wait-online.requiredBy = [ "network-online.target" ];
initrdBin = [
pkgs.iproute2
pkgs.iputils
pkgs.gnugrep
];
common =
{ pkgs, ... }:
{
boot.initrd.systemd = {
enable = true;
network.wait-online.timeout = 10;
network.wait-online.anyInterface = true;
targets.network-online.requiredBy = [ "initrd.target" ];
services.systemd-networkd-wait-online.requiredBy = [ "network-online.target" ];
initrdBin = [
pkgs.iproute2
pkgs.iputils
pkgs.gnugrep
];
};
testing.initrdBackdoor = true;
boot.initrd.network.enable = true;
};
testing.initrdBackdoor = true;
boot.initrd.network.enable = true;
};
mkFlushTest =
flush: script:
makeTest {
name = "systemd-initrd-network-${lib.optionalString (!flush) "no-"}flush";
meta.maintainers = [ elvishjerricco ];
runTest (
{ lib, ... }:
{
name = "systemd-initrd-network-${lib.optionalString (!flush) "no-"}flush";
meta.maintainers = with lib.maintainers; [ elvishjerricco ];
nodes.machine = {
imports = [ common ];
nodes.machine =
{ pkgs, ... }:
{
imports = [ common ];
boot.initrd.network.flushBeforeStage2 = flush;
systemd.services.check-flush = {
requiredBy = [ "multi-user.target" ];
before = [
"network-pre.target"
"multi-user.target"
"shutdown.target"
];
conflicts = [ "shutdown.target" ];
wants = [ "network-pre.target" ];
unitConfig.DefaultDependencies = false;
serviceConfig.Type = "oneshot";
path = [
pkgs.iproute2
pkgs.iputils
pkgs.gnugrep
];
inherit script;
};
};
boot.initrd.network.flushBeforeStage2 = flush;
systemd.services.check-flush = {
requiredBy = [ "multi-user.target" ];
before = [
"network-pre.target"
"multi-user.target"
"shutdown.target"
];
conflicts = [ "shutdown.target" ];
wants = [ "network-pre.target" ];
unitConfig.DefaultDependencies = false;
serviceConfig.Type = "oneshot";
path = [
pkgs.iproute2
pkgs.iputils
pkgs.gnugrep
];
inherit script;
};
};
testScript = ''
machine.wait_for_unit("network-online.target")
machine.succeed(
"ip addr | grep 10.0.2.15",
"ping -c1 10.0.2.2",
)
machine.switch_root()
machine.wait_for_unit("multi-user.target")
'';
}
);
in
{
basic = runTest (
{ lib, ... }:
{
name = "systemd-initrd-network";
meta.maintainers = with lib.maintainers; [ elvishjerricco ];
nodes.machine = common;
testScript = ''
machine.wait_for_unit("network-online.target")
@ -65,33 +84,14 @@ let
)
machine.switch_root()
# Make sure the systemd-network user was set correctly in initrd
machine.wait_for_unit("multi-user.target")
machine.succeed("[ $(stat -c '%U,%G' /run/systemd/netif/links) = systemd-network,systemd-network ]")
machine.succeed("ip addr show >&2")
machine.succeed("ip route show >&2")
'';
};
in
{
basic = makeTest {
name = "systemd-initrd-network";
meta.maintainers = [ elvishjerricco ];
nodes.machine = common;
testScript = ''
machine.wait_for_unit("network-online.target")
machine.succeed(
"ip addr | grep 10.0.2.15",
"ping -c1 10.0.2.2",
)
machine.switch_root()
# Make sure the systemd-network user was set correctly in initrd
machine.wait_for_unit("multi-user.target")
machine.succeed("[ $(stat -c '%U,%G' /run/systemd/netif/links) = systemd-network,systemd-network ]")
machine.succeed("ip addr show >&2")
machine.succeed("ip route show >&2")
'';
};
}
);
doFlush = mkFlushTest true ''
if ip addr | grep 10.0.2.15; then

166
nixos/tests/systemd-networkd-dhcpserver-static-leases.nix
View file

@ -1,96 +1,94 @@
# In contrast to systemd-networkd-dhcpserver, this test configures
# the router with a static DHCP lease for the client's MAC address.
import ./make-test-python.nix (
{ lib, ... }:
{
name = "systemd-networkd-dhcpserver-static-leases";
meta = with lib.maintainers; {
maintainers = [ veehaitch ];
};
nodes = {
router = {
virtualisation.vlans = [ 1 ];
systemd.services.systemd-networkd.environment.SYSTEMD_LOG_LEVEL = "debug";
networking = {
useNetworkd = true;
useDHCP = false;
firewall.enable = false;
};
systemd.network = {
networks = {
# systemd-networkd will load the first network unit file
# that matches, ordered lexiographically by filename.
# /etc/systemd/network/{40-eth1,99-main}.network already
# exists. This network unit must be loaded for the test,
# however, hence why this network is named such.
"01-eth1" = {
name = "eth1";
networkConfig = {
DHCPServer = true;
Address = "10.0.0.1/24";
};
dhcpServerStaticLeases = [
{
MACAddress = "02:de:ad:be:ef:01";
Address = "10.0.0.10";
}
];
};
};
};
{ lib, ... }:
{
name = "systemd-networkd-dhcpserver-static-leases";
meta = with lib.maintainers; {
maintainers = [ veehaitch ];
};
nodes = {
router = {
virtualisation.vlans = [ 1 ];
systemd.services.systemd-networkd.environment.SYSTEMD_LOG_LEVEL = "debug";
networking = {
useNetworkd = true;
useDHCP = false;
firewall.enable = false;
};
client = {
virtualisation.vlans = [ 1 ];
systemd.services.systemd-networkd.environment.SYSTEMD_LOG_LEVEL = "debug";
systemd.network = {
enable = true;
links."10-eth1" = {
matchConfig.OriginalName = "eth1";
linkConfig.MACAddress = "02:de:ad:be:ef:01";
};
networks."40-eth1" = {
matchConfig.Name = "eth1";
systemd.network = {
networks = {
# systemd-networkd will load the first network unit file
# that matches, ordered lexiographically by filename.
# /etc/systemd/network/{40-eth1,99-main}.network already
# exists. This network unit must be loaded for the test,
# however, hence why this network is named such.
"01-eth1" = {
name = "eth1";
networkConfig = {
DHCP = "ipv4";
IPv6AcceptRA = false;
DHCPServer = true;
Address = "10.0.0.1/24";
};
# This setting is important to have the router assign the
# configured lease based on the client's MAC address. Also see:
# https://github.com/systemd/systemd/issues/21368#issuecomment-982193546
dhcpV4Config.ClientIdentifier = "mac";
linkConfig.RequiredForOnline = "routable";
dhcpServerStaticLeases = [
{
MACAddress = "02:de:ad:be:ef:01";
Address = "10.0.0.10";
}
];
};
};
networking = {
useDHCP = false;
firewall.enable = false;
interfaces.eth1 = lib.mkForce { };
};
};
};
testScript = ''
start_all()
with subtest("check router network configuration"):
router.systemctl("start systemd-networkd-wait-online.service")
router.wait_for_unit("systemd-networkd-wait-online.service")
eth1_status = router.succeed("networkctl status eth1")
assert "Network File: /etc/systemd/network/01-eth1.network" in eth1_status, \
"The router interface eth1 is not using the expected network file"
assert "10.0.0.1" in eth1_status, "Did not find expected router IPv4"
client = {
virtualisation.vlans = [ 1 ];
systemd.services.systemd-networkd.environment.SYSTEMD_LOG_LEVEL = "debug";
systemd.network = {
enable = true;
links."10-eth1" = {
matchConfig.OriginalName = "eth1";
linkConfig.MACAddress = "02:de:ad:be:ef:01";
};
networks."40-eth1" = {
matchConfig.Name = "eth1";
networkConfig = {
DHCP = "ipv4";
IPv6AcceptRA = false;
};
# This setting is important to have the router assign the
# configured lease based on the client's MAC address. Also see:
# https://github.com/systemd/systemd/issues/21368#issuecomment-982193546
dhcpV4Config.ClientIdentifier = "mac";
linkConfig.RequiredForOnline = "routable";
};
};
networking = {
useDHCP = false;
firewall.enable = false;
interfaces.eth1 = lib.mkForce { };
};
};
};
testScript = ''
start_all()
with subtest("check client network configuration"):
client.systemctl("start systemd-networkd-wait-online.service")
client.wait_for_unit("systemd-networkd-wait-online.service")
eth1_status = client.succeed("networkctl status eth1")
assert "Network File: /etc/systemd/network/40-eth1.network" in eth1_status, \
"The client interface eth1 is not using the expected network file"
assert "10.0.0.10" in eth1_status, "Did not find expected client IPv4"
with subtest("check router network configuration"):
router.systemctl("start systemd-networkd-wait-online.service")
router.wait_for_unit("systemd-networkd-wait-online.service")
eth1_status = router.succeed("networkctl status eth1")
assert "Network File: /etc/systemd/network/01-eth1.network" in eth1_status, \
"The router interface eth1 is not using the expected network file"
assert "10.0.0.1" in eth1_status, "Did not find expected router IPv4"
with subtest("router and client can reach each other"):
client.wait_until_succeeds("ping -c 5 10.0.0.1")
router.wait_until_succeeds("ping -c 5 10.0.0.10")
'';
}
)
with subtest("check client network configuration"):
client.systemctl("start systemd-networkd-wait-online.service")
client.wait_for_unit("systemd-networkd-wait-online.service")
eth1_status = client.succeed("networkctl status eth1")
assert "Network File: /etc/systemd/network/40-eth1.network" in eth1_status, \
"The client interface eth1 is not using the expected network file"
assert "10.0.0.10" in eth1_status, "Did not find expected client IPv4"
with subtest("router and client can reach each other"):
client.wait_until_succeeds("ping -c 5 10.0.0.1")
router.wait_until_succeeds("ping -c 5 10.0.0.10")
'';
}

278
nixos/tests/ydotool.nix
View file

@ -1,16 +1,12 @@
{
system ? builtins.currentSystem,
config ? { },
pkgs ? import ../.. { inherit system config; },
lib ? pkgs.lib,
}:
{ runTest, lib }:
let
makeTest = import ./make-test-python.nix;
textInput = "This works.";
inputBoxText = "Enter input";
inputBox = pkgs.writeShellScript "zenity-input" ''
${lib.getExe pkgs.zenity} --entry --text '${inputBoxText}:' > /tmp/output &
'';
inputBox =
pkgs:
pkgs.writeShellScript "zenity-input" ''
${lib.getExe pkgs.zenity} --entry --text '${inputBoxText}:' > /tmp/output &
'';
asUser = ''
def as_user(cmd: str):
"""
@ -20,124 +16,137 @@ let
'';
in
{
headless = makeTest {
name = "headless";
headless = runTest (
{ lib, ... }:
{
name = "headless";
enableOCR = true;
enableOCR = true;
nodes.machine = {
imports = [ ./common/user-account.nix ];
nodes.machine = {
imports = [ ./common/user-account.nix ];
users.users.alice.extraGroups = [ "ydotool" ];
users.users.alice.extraGroups = [ "ydotool" ];
programs.ydotool.enable = true;
programs.ydotool.enable = true;
services.getty.autologinUser = "alice";
};
services.getty.autologinUser = "alice";
};
testScript =
asUser
+ ''
start_all()
testScript =
asUser
+ ''
start_all()
machine.wait_for_unit("multi-user.target")
machine.wait_for_text("alice")
machine.succeed(as_user("ydotool type 'echo ${textInput} > /tmp/output'")) # text input
machine.succeed(as_user("ydotool key 28:1 28:0")) # text input
machine.screenshot("headless_input")
machine.wait_for_file("/tmp/output")
machine.wait_until_succeeds("grep '${textInput}' /tmp/output") # text input
'';
machine.wait_for_unit("multi-user.target")
machine.wait_for_text("alice")
machine.succeed(as_user("ydotool type 'echo ${textInput} > /tmp/output'")) # text input
machine.succeed(as_user("ydotool key 28:1 28:0")) # text input
machine.screenshot("headless_input")
machine.wait_for_file("/tmp/output")
machine.wait_until_succeeds("grep '${textInput}' /tmp/output") # text input
'';
meta.maintainers = with lib.maintainers; [
OPNA2608
quantenzitrone
];
};
x11 = makeTest {
name = "x11";
enableOCR = true;
nodes.machine = {
imports = [
./common/user-account.nix
./common/auto.nix
./common/x11.nix
meta.maintainers = with lib.maintainers; [
OPNA2608
quantenzitrone
];
}
);
users.users.alice.extraGroups = [ "ydotool" ];
x11 = runTest (
{ config, lib, ... }:
{
name = "x11";
programs.ydotool.enable = true;
enableOCR = true;
test-support.displayManager.auto = {
enable = true;
user = "alice";
};
nodes.machine =
{ lib, ... }:
{
imports = [
./common/user-account.nix
./common/auto.nix
./common/x11.nix
];
services.xserver.windowManager.dwm.enable = true;
services.displayManager.defaultSession = lib.mkForce "none+dwm";
};
users.users.alice.extraGroups = [ "ydotool" ];
testScript =
asUser
+ ''
programs.ydotool.enable = true;
test-support.displayManager.auto = {
enable = true;
user = "alice";
};
services.xserver.windowManager.dwm.enable = true;
services.displayManager.defaultSession = lib.mkForce "none+dwm";
};
testScript =
asUser
+ ''
start_all()
machine.wait_for_x()
machine.execute(as_user("${inputBox config.node.pkgs}"))
machine.wait_for_text("${inputBoxText}")
machine.succeed(as_user("ydotool type '${textInput}'")) # text input
machine.screenshot("x11_input")
machine.succeed(as_user("ydotool mousemove -a 400 110")) # mouse input
machine.succeed(as_user("ydotool click 0xC0")) # mouse input
machine.wait_for_file("/tmp/output")
machine.wait_until_succeeds("grep '${textInput}' /tmp/output") # text input
'';
meta.maintainers = with lib.maintainers; [
OPNA2608
quantenzitrone
];
}
);
wayland = runTest (
{ lib, ... }:
{
name = "wayland";
enableOCR = true;
nodes.machine =
{ pkgs, ... }:
{
imports = [ ./common/user-account.nix ];
services.cage = {
enable = true;
user = "alice";
};
programs.ydotool.enable = true;
services.cage.program = inputBox pkgs;
};
testScript = ''
start_all()
machine.wait_for_x()
machine.execute(as_user("${inputBox}"))
machine.wait_for_unit("graphical.target")
machine.wait_for_text("${inputBoxText}")
machine.succeed(as_user("ydotool type '${textInput}'")) # text input
machine.screenshot("x11_input")
machine.succeed(as_user("ydotool mousemove -a 400 110")) # mouse input
machine.succeed(as_user("ydotool click 0xC0")) # mouse input
machine.succeed("ydotool type '${textInput}'") # text input
machine.screenshot("wayland_input")
machine.succeed("ydotool mousemove -a 100 100") # mouse input
machine.succeed("ydotool click 0xC0") # mouse input
machine.wait_for_file("/tmp/output")
machine.wait_until_succeeds("grep '${textInput}' /tmp/output") # text input
'';
meta.maintainers = with lib.maintainers; [
OPNA2608
quantenzitrone
];
};
wayland = makeTest {
name = "wayland";
enableOCR = true;
nodes.machine = {
imports = [ ./common/user-account.nix ];
services.cage = {
enable = true;
user = "alice";
};
programs.ydotool.enable = true;
services.cage.program = inputBox;
};
testScript = ''
start_all()
machine.wait_for_unit("graphical.target")
machine.wait_for_text("${inputBoxText}")
machine.succeed("ydotool type '${textInput}'") # text input
machine.screenshot("wayland_input")
machine.succeed("ydotool mousemove -a 100 100") # mouse input
machine.succeed("ydotool click 0xC0") # mouse input
machine.wait_for_file("/tmp/output")
machine.wait_until_succeeds("grep '${textInput}' /tmp/output") # text input
'';
meta.maintainers = with lib.maintainers; [
OPNA2608
quantenzitrone
];
};
meta.maintainers = with lib.maintainers; [
OPNA2608
quantenzitrone
];
}
);
customGroup =
let
@ -147,38 +156,41 @@ in
outsideGroupUsername = "other-user";
groupName = "custom-group";
in
makeTest {
inherit name;
runTest (
{ lib, ... }:
{
inherit name;
nodes."${nodeName}" = {
programs.ydotool = {
enable = true;
group = groupName;
};
users.users = {
"${insideGroupUsername}" = {
isNormalUser = true;
extraGroups = [ groupName ];
nodes."${nodeName}" = {
programs.ydotool = {
enable = true;
group = groupName;
};
users.users = {
"${insideGroupUsername}" = {
isNormalUser = true;
extraGroups = [ groupName ];
};
"${outsideGroupUsername}".isNormalUser = true;
};
"${outsideGroupUsername}".isNormalUser = true;
};
};
testScript = ''
start_all()
testScript = ''
start_all()
# Wait for service to start
${nodeName}.wait_for_unit("multi-user.target")
${nodeName}.wait_for_unit("ydotoold.service")
# Wait for service to start
${nodeName}.wait_for_unit("multi-user.target")
${nodeName}.wait_for_unit("ydotoold.service")
# Verify that user with the configured group can use the service
${nodeName}.succeed("sudo --login --user=${insideGroupUsername} ydotool type 'Hello, World!'")
# Verify that user with the configured group can use the service
${nodeName}.succeed("sudo --login --user=${insideGroupUsername} ydotool type 'Hello, World!'")
# Verify that user without the configured group can't use the service
${nodeName}.fail("sudo --login --user=${outsideGroupUsername} ydotool type 'Hello, World!'")
'';
# Verify that user without the configured group can't use the service
${nodeName}.fail("sudo --login --user=${outsideGroupUsername} ydotool type 'Hello, World!'")
'';
meta.maintainers = with lib.maintainers; [ l0b0 ];
};
meta.maintainers = with lib.maintainers; [ l0b0 ];
}
);
}

14
pkgs/applications/networking/browsers/chromium/info.json
View file

@ -802,7 +802,7 @@
}
},
"ungoogled-chromium": {
"version": "138.0.7204.96",
"version": "138.0.7204.100",
"deps": {
"depot_tools": {
"rev": "a8900cc0f023d6a662eb66b317e8ddceeb113490",
@ -813,16 +813,16 @@
"hash": "sha256-UB9a7Fr1W0yYld6WbXyRR8dFqWsj/zx4KumDZ5JQKSM="
},
"ungoogled-patches": {
"rev": "138.0.7204.96-1",
"hash": "sha256-tOQSvdwK3lMN/7l23rbw7txJ/ovRguSXe9oMeol63Cs="
"rev": "138.0.7204.100-1",
"hash": "sha256-zIBOQlW8UAE7n8x6R5LLjiNUquLOiTPvyxx4sM9r85Y="
},
"npmHash": "sha256-8d5VTHutv51libabhxv7SqPRcHfhVmGDSOvTSv013rE="
},
"DEPS": {
"src": {
"url": "https://chromium.googlesource.com/chromium/src.git",
"rev": "f01343ee86bdb55cc999f82381f038cdbf20db62",
"hash": "sha256-9Ryxv2DvnIKVk4ZvjXegubFDUNzJ3YXGPuYHlntC3RU=",
"rev": "5f45b4744e3d5ba82c2ca6d942f1e7a516110752",
"hash": "sha256-bI75IXPl6YeauK2oTnUURh1ch1H7KKw/QzKYZ/q6htI=",
"recompress": true
},
"src/third_party/clang-format/script": {
@ -1047,8 +1047,8 @@
},
"src/third_party/devtools-frontend/src": {
"url": "https://chromium.googlesource.com/devtools/devtools-frontend",
"rev": "f8dfe8b36e516cef8a5a169e88d16480d8abdc68",
"hash": "sha256-7ygnGBAeiLxwbTx5s7LRs9+ZOe06tr8VFcSY5cVHnS4="
"rev": "a6dbe06dafbad00ef4b0ea139ece1a94a5e2e6d8",
"hash": "sha256-XkyJFRxo3ZTBGfKdTwSIo14SLNPQAKQvY4lEX03j6LM="
},
"src/third_party/dom_distiller_js/dist": {
"url": "https://chromium.googlesource.com/chromium/dom-distiller/dist.git",

1
pkgs/build-support/dart/build-dart-application/default.nix
View file

@ -101,6 +101,7 @@ let
} // sdkSourceBuilders;
};
packageConfig = generators.linkPackageConfig {
inherit pubspecLock;
packageConfig = pub2nix.generatePackageConfig {
pname = if args.pname != null then "${args.pname}-${args.version}" else null;

27
pkgs/build-support/dart/build-dart-application/generators.nix
View file

@ -49,6 +49,7 @@ let
# Adds the root package to a dependency package_config.json file from pub2nix.
linkPackageConfig =
{
pubspecLock,
packageConfig,
extraSetupCommands ? "",
}:
@ -67,15 +68,27 @@ let
dontBuild = true;
installPhase = ''
runHook preInstall
installPhase =
let
m = builtins.match "^[[:space:]]*(\\^|>=|>)?[[:space:]]*([0-9]+\\.[0-9]+)\\.[0-9]+.*$" pubspecLock.sdks.dart;
languageVersion =
if m != null then
(builtins.elemAt m 1)
else if pubspecLock.sdks.dart == "any" then
"null"
else
# https://github.com/dart-lang/pub/blob/15b96589066884300a30bdc356566f3398794857/lib/src/language_version.dart#L109
"2.7";
in
''
runHook preInstall
packageName="$(yq --raw-output .name pubspec.yaml)"
jq --arg name "$packageName" '.packages |= . + [{ name: $name, rootUri: "../", packageUri: "lib/" }]' '${packageConfig}' > "$out"
${extraSetupCommands}
packageName="$(yq --raw-output .name pubspec.yaml)"
jq --arg name "$packageName" --arg languageVersion ${languageVersion} '.packages |= . + [{ name: $name, rootUri: "../", packageUri: "lib/", languageVersion: (if $languageVersion == "null" then null else $languageVersion end) }]' '${packageConfig}' > "$out"
${extraSetupCommands}
runHook postInstall
'';
runHook postInstall
'';
}
);
in

18
pkgs/build-support/fetchhg/default.nix
View file

@ -30,16 +30,14 @@ lib.extendMkDerivation {
outputHashAlgo = if finalAttrs.hash != null && finalAttrs.hash != "" then null else "sha256";
outputHashMode = "recursive";
outputHash =
lib.throwIf (finalAttrs.hash != null && sha256 != null) "Only one of sha256 or hash can be set"
(
if finalAttrs.hash != null then
finalAttrs.hash
else if sha256 != null then
sha256
else
""
);
outputHash = lib.throwIf (hash != null && sha256 != null) "Only one of sha256 or hash can be set" (
if finalAttrs.hash != null then
finalAttrs.hash
else if sha256 != null then
sha256
else
""
);
inherit url rev hash;
inherit preferLocalBuild;

6
pkgs/by-name/ac/act/package.nix
View file

@ -8,7 +8,7 @@
}:
let
version = "0.2.78";
version = "0.2.79";
in
buildGoModule {
pname = "act";
@ -18,10 +18,10 @@ buildGoModule {
owner = "nektos";
repo = "act";
tag = "v${version}";
hash = "sha256-S4Ev7MszuvlsUstnjOltYnZTuhzeqP/GDqMEWsFLe5Y=";
hash = "sha256-tIp9iG8SCppg+tX/KdvAON5fKAHAlU01GSJEgvm2JSg=";
};
vendorHash = "sha256-YH5SIZ73VYqg7+sSJpvqkIlBUy1rs3uNEWiEBDRdkQw=";
vendorHash = "sha256-wMtRpFUOMia7ZbuKUUkkcr2Gi88fiZydqFSVSAdiKdo=";
doCheck = false;

4
pkgs/by-name/aw/aws-lc/package.nix
View file

@ -10,13 +10,13 @@
}:
stdenv.mkDerivation (finalAttrs: {
pname = "aws-lc";
version = "1.53.1";
version = "1.55.0";
src = fetchFromGitHub {
owner = "aws";
repo = "aws-lc";
rev = "v${finalAttrs.version}";
hash = "sha256-1liZ1xellboNNsL7D6vqYk9sHFpWN5c0o8B1S9B5Gnc=";
hash = "sha256-Ul+PoOItv7FU7v7NkpaCrZrr/ULnI9FSv6T8ePzTMCs=";
};
outputs = [

6
pkgs/by-name/bi/bibiman/package.nix
View file

@ -8,18 +8,18 @@
rustPlatform.buildRustPackage rec {
pname = "bibiman";
version = "0.12.4";
version = "0.13.1";
src = fetchFromGitea {
domain = "codeberg.org";
owner = "lukeflo";
repo = "bibiman";
tag = "v${version}";
hash = "sha256-6duqLBPm6GlBHm3Kr4foHF1MKodYOYKKDITk/BiX6mA=";
hash = "sha256-MdUabJQ5x3/n7dfbIjAqK9hDQ+lLNOtXknY4fTSW67Q=";
};
useFetchCargoVendor = true;
cargoHash = "sha256-tbgzjTsK88+G4Wxex4Tl0K5Ii99tPNud3UEDzAHaI0M=";
cargoHash = "sha256-FARk/BCssI35aS4yxUnfGoV6C3i4/a/LQcEMIKD29Ac=";
nativeInstallCheckInputs = [
versionCheckHook

6
pkgs/by-name/br/bruno/package.nix
View file

@ -19,20 +19,20 @@
buildNpmPackage rec {
pname = "bruno";
version = "2.6.1";
version = "2.7.0";
src = fetchFromGitHub {
owner = "usebruno";
repo = "bruno";
tag = "v${version}";
hash = "sha256-GR/TmBuZbt/8cB9gtRPgzSVnzdrB1BKhYjahfJ3ErgQ=";
hash = "sha256-qNZCLd4FixJ+I5xaIIQ9EIKfCXnPOZFGbXHkgagBbFE=";
postFetch = ''
${lib.getExe npm-lockfile-fix} $out/package-lock.json
'';
};
npmDepsHash = "sha256-/u7xyd1+RXNN7khVOglzYGMCI+fPjyiuSF2BSZAqEtI=";
npmDepsHash = "sha256-osdjtn9jn6T1YizQM7I9cfiHvIkrZ8HRDNjsR+FS/DE=";
npmFlags = [ "--legacy-peer-deps" ];
nativeBuildInputs =

4
pkgs/by-name/by/byedpi/package.nix
View file

@ -6,13 +6,13 @@
}:
stdenv.mkDerivation (finalAttrs: {
pname = "byedpi";
version = "0.17";
version = "0.17.1";
src = fetchFromGitHub {
owner = "hufrea";
repo = "byedpi";
tag = "v${finalAttrs.version}";
hash = "sha256-JedtEgkj21pDnNM19Oq6asI7iMIHZqf3ZolDlUDhHg8=";
hash = "sha256-an0UmsAZw5DJMuM4WpAWBVVN0ZVBpXhn0cbZ0ZbfBjo=";
};
installPhase = ''

6
pkgs/by-name/ca/cargo-mobile2/package.nix
View file

@ -10,7 +10,7 @@
let
pname = "cargo-mobile2";
version = "0.20.1";
version = "0.20.2";
in
rustPlatform.buildRustPackage {
inherit pname version;
@ -18,7 +18,7 @@ rustPlatform.buildRustPackage {
owner = "tauri-apps";
repo = "cargo-mobile2";
rev = "cargo-mobile2-v${version}";
hash = "sha256-gKqGmd34nNKMc3fl5lMH09oOGnmRaMDBwsbHhAeUMBc=";
hash = "sha256-mXedzfAN40IG8ivcSa/tf/Ys/rKcwkCmxU7/ja9ec2U=";
};
# Manually specify the sourceRoot since this crate depends on other crates in the workspace. Relevant info at
@ -26,7 +26,7 @@ rustPlatform.buildRustPackage {
# sourceRoot = "${src.name}/tooling/cli";
useFetchCargoVendor = true;
cargoHash = "sha256-QEZe+7/i0XygXxs7pwdS9WtYbE2pfrUuRQC0dm+WqTo=";
cargoHash = "sha256-Y1ykz7QU48AJVKBcYdrWEuNcahontkaJyFmrrh4eQs0=";
preBuild = ''
mkdir -p $out/share/

8
pkgs/by-name/cl/claude-code/package-lock.json generated
View file

@ -6,13 +6,13 @@
"packages": {
"": {
"dependencies": {
"@anthropic-ai/claude-code": "^1.0.44"
"@anthropic-ai/claude-code": "^1.0.48"
}
},
"node_modules/@anthropic-ai/claude-code": {
"version": "1.0.44",
"resolved": "https://registry.npmjs.org/@anthropic-ai/claude-code/-/claude-code-1.0.44.tgz",
"integrity": "sha512-GCX0KeMcyhLlfs/dLWlMiHShAMmjt8d7xcVUS53z7VnV6s3cIIrRPsKQ/xX/Q9rFm5dSVmRnzU88Ku28fb3QKQ==",
"version": "1.0.48",
"resolved": "https://registry.npmjs.org/@anthropic-ai/claude-code/-/claude-code-1.0.48.tgz",
"integrity": "sha512-h63VBAZZ6Pl/DlYW2PjbfUeicZ4r9VSl8dymD3d+1lZEHwCPgfMpu3g+30+FDMs79Xqc7qSDm6CRnMApxhbjqw==",
"hasInstallScript": true,
"license": "SEE LICENSE IN README.md",
"bin": {

6
pkgs/by-name/cl/claude-code/package.nix
View file

@ -7,16 +7,16 @@
buildNpmPackage rec {
pname = "claude-code";
version = "1.0.44";
version = "1.0.48";
nodejs = nodejs_20; # required for sandboxed Nix builds on Darwin
src = fetchzip {
url = "https://registry.npmjs.org/@anthropic-ai/claude-code/-/claude-code-${version}.tgz";
hash = "sha256-Dnooy0KNfhirTu7hv6DfwL7SHwf++CKtG8VHptNhcxU=";
hash = "sha256-nl7NGiREuFpbr0if273FfbSpjD/BG8a/uMXfYtiZgbE=";
};
npmDepsHash = "sha256-Q3m4q0g/H5ZWmnMXSipRt3FUFu+SgDAJutVelQsv9ls=";
npmDepsHash = "sha256-ppsyT+VXXaIP1ncuJx1I8M6eLTk7zP1KStf5nnWSwSo=";
postPatch = ''
cp ${./package-lock.json} package-lock.json

6
pkgs/by-name/cl/clorinde/package.nix
View file

@ -8,17 +8,17 @@
rustPlatform.buildRustPackage (finalAttrs: {
pname = "clorinde";
version = "0.16.0";
version = "1.0.0";
src = fetchFromGitHub {
owner = "halcyonnouveau";
repo = "clorinde";
tag = "clorinde-v${finalAttrs.version}";
hash = "sha256-ze/PEML1buh3HlVgz6ifMPWfZnr6eT3VpIXf7jR68jw=";
hash = "sha256-AYoSs3rDZ5j8Xt6E4X7RmgccM3bng3rgWzVLFjhmfR0=";
};
useFetchCargoVendor = true;
cargoHash = "sha256-dp5m/PLVG8xUM6LCq48NKK0P8di44keB/YZ9ocfL0Bg=";
cargoHash = "sha256-hxOVocfQvBlaYh227SVLYncfVZ80bDxIvoMtthaqQqc=";
cargoBuildFlags = [ "--package=clorinde" ];

4
pkgs/by-name/fa/fantomas/package.nix
View file

@ -2,9 +2,9 @@
buildDotnetGlobalTool {
pname = "fantomas";
version = "7.0.2";
version = "7.0.3";
nugetHash = "sha256-BAaENIm/ksTiXrUImRgKoIXTGIlgsX7ch6ayoFjhJXA=";
nugetHash = "sha256-0XlfV7SxXPDnk/CjkUesJSaH0cxlNHJ+Jj86zNUhkNA=";
meta = with lib; {
description = "F# source code formatter";

4
pkgs/by-name/gi/gitaly/package.nix
View file

@ -7,7 +7,7 @@
}:
let
version = "18.1.1";
version = "18.1.2";
package_version = "v${lib.versions.major version}";
gitaly_package = "gitlab.com/gitlab-org/gitaly/${package_version}";
@ -21,7 +21,7 @@ let
owner = "gitlab-org";
repo = "gitaly";
rev = "v${version}";
hash = "sha256-R79UV6QIEO/B7xQ3ds4scm7twHmalziksKBJ97tYVJM=";
hash = "sha256-ErA04W6rWsjSay02bst0ur1mztrdo8SW/mpGtln4unI=";
};
vendorHash = "sha256-BTpcnaHNyLgdAA9KqqA+mBo18fmQ0+OwLGNOPHRJ/IE=";

6
pkgs/by-name/gi/gitlab-container-registry/package.nix
View file

@ -6,7 +6,7 @@
buildGoModule rec {
pname = "gitlab-container-registry";
version = "4.23.1";
version = "4.24.0";
rev = "v${version}-gitlab";
# nixpkgs-update: no auto update
@ -14,10 +14,10 @@ buildGoModule rec {
owner = "gitlab-org";
repo = "container-registry";
inherit rev;
hash = "sha256-eCuSuQXtzd2jLJf9G8DO1KGXdT8bYGe9tcKw6BZNiiI=";
hash = "sha256-GNL7L6DKIKEgDEZQkeHNOn4R5SnWnHvNoUIs2YLjoR8=";
};
vendorHash = "sha256-OrdlQp+USRf+Yc7UDjIncDpbuRu5ui6TUoYY2MMc8Ro=";
vendorHash = "sha256-zisadCxyfItD/n7VGbtbvhl8MRHiqdw0Kkrg6ebgS/8=";
checkFlags =
let

4
pkgs/by-name/gi/gitlab-pages/package.nix
View file

@ -6,14 +6,14 @@
buildGoModule rec {
pname = "gitlab-pages";
version = "18.1.1";
version = "18.1.2";
# nixpkgs-update: no auto update
src = fetchFromGitLab {
owner = "gitlab-org";
repo = "gitlab-pages";
rev = "v${version}";
hash = "sha256-tqT+ARebnBhBHzOenkL/o7/tf4/urxKFAOFMwCQSzeA=";
hash = "sha256-XY/WK19nujQPdsicGDHS5gEZf3uJZdW41R4xK9hDML0=";
};
vendorHash = "sha256-6ZHKwPhC3N813kiw1NnPOMVc2CBSIClwc4MunDi0gCk=";

12
pkgs/by-name/gi/gitlab/data.json
View file

@ -1,15 +1,15 @@
{
"version": "18.1.1",
"repo_hash": "1agw51d1qvvx6yyzz71sz4mkx04ic8hmql8lggz3x5scnhglnzjq",
"version": "18.1.2",
"repo_hash": "072ib6rc7mw9pdzql8514k4z76i1ahssyj5kypgyvf9qj4naym0b",
"yarn_hash": "0c5pp3dpvw0q0nfl6w1lpdmk7dvkfinwb7z7a3vq22wgzca23x2m",
"owner": "gitlab-org",
"repo": "gitlab",
"rev": "v18.1.1-ee",
"rev": "v18.1.2-ee",
"passthru": {
"GITALY_SERVER_VERSION": "18.1.1",
"GITLAB_PAGES_VERSION": "18.1.1",
"GITALY_SERVER_VERSION": "18.1.2",
"GITLAB_PAGES_VERSION": "18.1.2",
"GITLAB_SHELL_VERSION": "14.42.0",
"GITLAB_ELASTICSEARCH_INDEXER_VERSION": "5.6.0",
"GITLAB_WORKHORSE_VERSION": "18.1.1"
"GITLAB_WORKHORSE_VERSION": "18.1.2"
}
}

2
pkgs/by-name/gi/gitlab/gitlab-workhorse/default.nix
View file

@ -10,7 +10,7 @@ in
buildGoModule rec {
pname = "gitlab-workhorse";
version = "18.1.1";
version = "18.1.2";
# nixpkgs-update: no auto update
src = fetchFromGitLab {

4
pkgs/by-name/gi/gitlab/rubyEnv/Gemfile
View file

@ -648,7 +648,9 @@ gem 'gitaly', '~> 18.1.0.pre.rc1', feature_category: :gitaly
# KAS GRPC protocol definitions
gem 'gitlab-kas-grpc', '~> 17.11.0', feature_category: :deployment_management
gem 'grpc', '~> 1.72.0', feature_category: :shared
# Lock until 1.74.0 is available
# https://gitlab.com/gitlab-com/gl-infra/production/-/issues/20067
gem 'grpc', '= 1.63.0', feature_category: :shared
gem 'google-protobuf', '~> 3.25', '>= 3.25.3', feature_category: :shared

8
pkgs/by-name/gi/gitlab/rubyEnv/Gemfile.lock
View file

@ -48,7 +48,7 @@ PATH
google-cloud-storage_transfer (~> 1.2.0)
google-protobuf (~> 3.25, >= 3.25.3)
googleauth (~> 1.8.1)
grpc (~> 1.72.0)
grpc (= 1.63.0)
json (~> 2.7)
jwt (~> 2.5)
logger (~> 1.5)
@ -956,8 +956,8 @@ GEM
graphql (~> 2.0)
html-pipeline (~> 2.14, >= 2.14.3)
sass-embedded (~> 1.58)
grpc (1.72.0)
google-protobuf (>= 3.25, < 5.0)
grpc (1.63.0)
google-protobuf (~> 3.25)
googleapis-common-protos-types (~> 1.0)
grpc-google-iam-v1 (1.5.0)
google-protobuf (~> 3.18)
@ -2210,7 +2210,7 @@ DEPENDENCIES
graphlyte (~> 1.0.0)
graphql (= 2.4.13)
graphql-docs (~> 5.0.0)
grpc (~> 1.72.0)
grpc (= 1.63.0)
gssapi (~> 1.3.1)
guard-rspec
haml_lint (~> 0.58)

4
pkgs/by-name/gi/gitlab/rubyEnv/gemset.nix
View file

@ -3886,10 +3886,10 @@ src: {
platforms = [ ];
source = {
remotes = [ "https://rubygems.org" ];
sha256 = "02gakdhvpl777b41i8cgkrj7gk0jlq4fza9hjksp2r7ryji0vyjn";
sha256 = "11ink0ayf14qgs3msn5a7dpg49vm3ck2415r64nfk1i8xv286hsz";
type = "gem";
};
version = "1.72.0";
version = "1.63.0";
};
grpc-google-iam-v1 = {
dependencies = [

5
pkgs/by-name/go/go-camo/package.nix
View file

@ -3,6 +3,7 @@
buildGo124Module,
fetchFromGitHub,
installShellFiles,
nixosTests,
scdoc,
}:
@ -43,6 +44,10 @@ buildGo124Module rec {
rm pkg/camo/proxy_{,filter_}test.go
'';
passthru.tests = {
inherit (nixosTests) go-camo;
};
meta = {
description = "Camo server is a special type of image proxy that proxies non-secure images over SSL/TLS";
homepage = "https://github.com/cactus/go-camo";

4
pkgs/by-name/go/go-musicfox/package.nix
View file

@ -11,13 +11,13 @@
buildGoModule rec {
pname = "go-musicfox";
version = "4.6.2";
version = "4.6.3";
src = fetchFromGitHub {
owner = "go-musicfox";
repo = "go-musicfox";
rev = "v${version}";
hash = "sha256-GpzbHShQvsgPNnUjk52PSDhvmxEuJVXNXI7z8ESv6QQ=";
hash = "sha256-TxBd+Q7tEyJpcUwOWAl2U1gmdNRYrBkGCtT961/8K1E=";
};
deleteVendor = true;

4
pkgs/by-name/ja/janus-gateway/package.nix
View file

@ -34,13 +34,13 @@ in
stdenv.mkDerivation rec {
pname = "janus-gateway";
version = "1.3.1";
version = "1.3.2";
src = fetchFromGitHub {
owner = "meetecho";
repo = "janus-gateway";
rev = "v${version}";
sha256 = "sha256-Y4MdbB706aziKPxM9y/3uCKpc60dMDlV0xgugDjfa7A=";
sha256 = "sha256-FvTNe2lpDBchhVLTD+fKtwTcuqsuSEeNWcRAbLibLbc=";
};
nativeBuildInputs = [

4
pkgs/by-name/li/limine/package.nix
View file

@ -42,14 +42,14 @@ in
# as bootloader for various platforms and corresponding binary and helper files.
stdenv.mkDerivation (finalAttrs: {
pname = "limine";
version = "9.3.4";
version = "9.4.0";
# We don't use the Git source but the release tarball, as the source has a
# `./bootstrap` script performing network access to download resources.
# Packaging that in Nix is very cumbersome.
src = fetchurl {
url = "https://github.com/limine-bootloader/limine/releases/download/v${finalAttrs.version}/limine-${finalAttrs.version}.tar.gz";
hash = "sha256-GXArMxm7vDyUShTIM1O8/4M8h/ol/b8YcsXdodxJqeM=";
hash = "sha256-ddQB0wKMhKSnPrJflgsDfyWCzOiFehf/2CijPiVk65U=";
};
enableParallelBuilding = true;

4
pkgs/by-name/ll/llama-cpp/package.nix
View file

@ -72,13 +72,13 @@ let
in
effectiveStdenv.mkDerivation (finalAttrs: {
pname = "llama-cpp";
version = "5760";
version = "5836";
src = fetchFromGitHub {
owner = "ggml-org";
repo = "llama.cpp";
tag = "b${finalAttrs.version}";
hash = "sha256-sl1lhj40c546YRuCTn6BlmS60Rd2TBKNx4TaQ0I6110=";
hash = "sha256-fo6wnwN3a4xZamwm68EVLNVfQkk+vSxgEoORQKLzdH8=";
leaveDotGit = true;
postFetch = ''
git -C "$out" rev-parse --short HEAD > $out/COMMIT

9
pkgs/by-name/ni/nixos-rebuild-ng/src/tests/test_models.py
View file

@ -108,9 +108,9 @@ def test_flake_from_arg(
return_value=True,
),
patch(
"pathlib.Path.is_symlink",
"pathlib.Path.resolve",
autospec=True,
return_value=False,
return_value=Path("/etc/nixos/flake.nix"),
),
):
assert m.Flake.from_arg(None, None) == m.Flake(
@ -123,11 +123,6 @@ def test_flake_from_arg(
autospec=True,
return_value=True,
),
patch(
"pathlib.Path.is_symlink",
autospec=True,
return_value=True,
),
patch(
"pathlib.Path.resolve",
autospec=True,

7
pkgs/by-name/no/nominatim-ui/package.nix
View file

@ -3,6 +3,7 @@
stdenv,
fetchFromGitHub,
fetchYarnDeps,
nixosTests,
writableTmpDirAsHomeHook,
writeText,
@ -10,7 +11,7 @@
nodejs,
yarn,
# Custom application configuration placed to theme/config.theme.js file
# Custom application configuration placed to theme/config.theme.js file.
# For the list of available configuration options see
# https://github.com/osm-search/nominatim-ui/blob/master/dist/config.defaults.js
customConfig ? null,
@ -83,6 +84,10 @@ stdenv.mkDerivation (finalAttrs: {
runHook postInstall
'';
passthru.tests = {
inherit (nixosTests) nominatim;
};
meta = {
description = "Debugging user interface for Nominatim geocoder";
homepage = "https://github.com/osm-search/nominatim-ui";

6
pkgs/by-name/no/nominatim/package.nix
View file

@ -7,6 +7,7 @@
python3Packages,
nominatim, # required for testVersion
nixosTests,
testers,
}:
@ -64,8 +65,9 @@ python3Packages.buildPythonApplication rec {
pythonImportsCheck = [ "nominatim_db" ];
passthru = {
tests.version = testers.testVersion { package = nominatim; };
passthru.tests = {
version = testers.testVersion { package = nominatim; };
inherit (nixosTests) nominatim;
};
meta = {

72
pkgs/by-name/op/optee-client/package.nix Normal file
View file

@ -0,0 +1,72 @@
{
fetchFromGitHub,
isNixOS ? true,
lib,
libuuid,
pkg-config,
stdenv,
which,
}:
stdenv.mkDerivation (finalAttrs: {
pname = "optee-client";
version = "4.6.0";
src = fetchFromGitHub {
owner = "OP-TEE";
repo = "optee_client";
rev = finalAttrs.version;
hash = "sha256-hHEIn0WU4XfqwZbOdg9kwSDxDcvK7Tvxtelamfc3IRM=";
};
outputs = [
"out"
"lib"
"dev"
];
strictDeps = true;
enableParallelBuilding = true;
nativeBuildInputs = [
which
pkg-config
];
buildInputs = [ libuuid ];
makeFlags =
[
"CROSS_COMPILE=${stdenv.cc.targetPrefix}"
"DESTDIR=$(out)"
"SBINDIR=/bin"
"INCLUDEDIR=/include"
"LIBDIR=/lib"
]
++
# If we are building for NixOS, change default optee config to use paths
# that will work well with NixOS.
lib.optionals isNixOS [
"CFG_TEE_CLIENT_LOAD_PATH=/run/current-system/sw/lib"
"CFG_TEE_PLUGIN_LOAD_PATH=/run/current-system/sw/lib/tee-supplicant/plugins"
"CFG_TEE_FS_PARENT_PATH=/var/lib/tee"
];
preFixup = ''
mkdir -p "$lib" "$dev"
mv "$out/lib" "$lib"
mv "$out/include" "$dev"
'';
meta = {
description = "Normal world client for OPTEE OS";
homepage = "https://github.com/OP-TEE/optee_client";
changelog = "https://github.com/OP-TEE/optee_client/releases/tag/${finalAttrs.version}";
license = lib.licenses.bsd2;
maintainers = [ lib.maintainers.jmbaur ];
platforms = [
"aarch64-linux"
"armv7l-linux"
];
};
})

6
pkgs/by-name/pi/pimsync/package.nix
View file

@ -12,17 +12,17 @@
rustPlatform.buildRustPackage (finalAttrs: {
pname = "pimsync";
version = "0.4.2";
version = "0.4.3";
src = fetchFromSourcehut {
owner = "~whynothugo";
repo = "pimsync";
rev = "v${finalAttrs.version}";
hash = "sha256-6oV9E6Q6FmCh24xT9+lsQ47GVs70sSujsn54dX6CPgY=";
hash = "sha256-VPrEY3aJKhn96oaehJ8MrrUj0XoSOMWC7APbnw6OrsQ=";
};
useFetchCargoVendor = true;
cargoHash = "sha256-vnBk0uojWDM9PS8v5Qda2UflmIFZ09Qp9l25qTTWGMc=";
cargoHash = "sha256-m5tg50C6DMFuBrCW9sxYfeRRZv6Sncp8X40fzaKEsi0=";
PIMSYNC_VERSION = finalAttrs.version;

35
pkgs/by-name/ru/rustical/package.nix Normal file
View file

@ -0,0 +1,35 @@
{
lib,
rustPlatform,
fetchFromGitHub,
pkg-config,
openssl,
}:
rustPlatform.buildRustPackage (finalAttrs: {
pname = "rustical";
version = "0.4.11";
src = fetchFromGitHub {
owner = "lennart-k";
repo = "rustical";
tag = "v${finalAttrs.version}";
hash = "sha256-QWuJKEc6hBA2rdbaqdhrah+WyRwVd91Y8/BIOaKlW28=";
};
cargoHash = "sha256-dQF+6my+TxZ6niFO5OnLXcPt0LGEymaXE9NqZWU5HJk=";
nativeBuildInputs = [ pkg-config ];
buildInputs = [ openssl ];
env.OPENSSL_NO_VENDOR = true;
meta = {
description = "Yet another calendar server aiming to be simple, fast and passwordless";
homepage = "https://github.com/lennart-k/rustical";
changelog = "https://github.com/lennart-k/rustical/releases/tag/v${finalAttrs.version}";
license = lib.licenses.agpl3Plus;
maintainers = with lib.maintainers; [ PopeRigby ];
mainProgram = "rustical";
};
})

4
pkgs/by-name/si/signal-export/package.nix
View file

@ -7,13 +7,13 @@
python3.pkgs.buildPythonApplication rec {
pname = "signal-export";
version = "3.5.1";
version = "3.6.0";
pyproject = true;
src = fetchPypi {
inherit version;
pname = "signal_export";
hash = "sha256-UhLWSYdJEDhZ1zI3nxhJoqeH8JfR4s9Hdp6fJ4UNROQ=";
hash = "sha256-lflRY6EC9fqgdYwQ9Incc2PJ22okZC9Juu6X7pxGJ8w=";
};
build-system = with python3.pkgs; [

34
pkgs/by-name/up/upbound/sources-main.json
View file

@ -8,38 +8,38 @@
"fetchurlAttrSet": {
"docker-credential-up": {
"aarch64-darwin": {
"hash": "sha256-ByiFy8k6qwKXTp7iLoojUNNKhhZnbqc6ms6g+r4f9u0=",
"url": "https://cli.upbound.io/main/v0.39.0-87.g20595f83/bundle/docker-credential-up/darwin_arm64.tar.gz"
"hash": "sha256-9X6D0WI9Vru/M3oQ/yK0AJjth6MTGfxeEf5Axx2rAlc=",
"url": "https://cli.upbound.io/main/v0.39.0-115.gbdd4b5af/bundle/docker-credential-up/darwin_arm64.tar.gz"
},
"aarch64-linux": {
"hash": "sha256-qis91nt43HGEfuqcCH5ri/s4QiHiMrRMTinSUjQeI3o=",
"url": "https://cli.upbound.io/main/v0.39.0-87.g20595f83/bundle/docker-credential-up/linux_arm64.tar.gz"
"hash": "sha256-g7AzAp4cdJIsZ3mtkYF2MzlLHgwauFORaIkQ6mdwkuI=",
"url": "https://cli.upbound.io/main/v0.39.0-115.gbdd4b5af/bundle/docker-credential-up/linux_arm64.tar.gz"
},
"x86_64-darwin": {
"hash": "sha256-s2ORdd3G87Vo9I5zSZXGisjSMr0x86sCu6WOxOZBWTk=",
"url": "https://cli.upbound.io/main/v0.39.0-87.g20595f83/bundle/docker-credential-up/darwin_amd64.tar.gz"
"hash": "sha256-8F7r3o3e3Mo+GDicS+5Hg6qNz5B+Tt8OHcosHzpZUQM=",
"url": "https://cli.upbound.io/main/v0.39.0-115.gbdd4b5af/bundle/docker-credential-up/darwin_amd64.tar.gz"
},
"x86_64-linux": {
"hash": "sha256-5q/XactXioaOqUYwrojg5xgZg+pKjqnxR9tB8ILaaHg=",
"url": "https://cli.upbound.io/main/v0.39.0-87.g20595f83/bundle/docker-credential-up/linux_amd64.tar.gz"
"hash": "sha256-3TduM86fAb3cIFhb8SNrAFisu9RjQ7H0gtd7csJfSb0=",
"url": "https://cli.upbound.io/main/v0.39.0-115.gbdd4b5af/bundle/docker-credential-up/linux_amd64.tar.gz"
}
},
"up": {
"aarch64-darwin": {
"hash": "sha256-Rud8CPSlxl08cRjChFsZFG6Mfro8BiRWN7f2+DRwUsE=",
"url": "https://cli.upbound.io/main/v0.39.0-87.g20595f83/bundle/up/darwin_arm64.tar.gz"
"hash": "sha256-xLIdYSR+ILRY2qf5lPMroxZDvDEfDYxrz3cX4ZI0+h0=",
"url": "https://cli.upbound.io/main/v0.39.0-115.gbdd4b5af/bundle/up/darwin_arm64.tar.gz"
},
"aarch64-linux": {
"hash": "sha256-KN84vzXue9Tc8O9Ci/4emI7GOX8pETcVc/hpFuBJmy4=",
"url": "https://cli.upbound.io/main/v0.39.0-87.g20595f83/bundle/up/linux_arm64.tar.gz"
"hash": "sha256-nUOTdWTUJe8eyHTIF4b/00Q9J0Qb4QaAIdAz90h4yHo=",
"url": "https://cli.upbound.io/main/v0.39.0-115.gbdd4b5af/bundle/up/linux_arm64.tar.gz"
},
"x86_64-darwin": {
"hash": "sha256-qHN7PSqU5nK5Dh8k4HEjwTmjN/yIoJh7VBoQ/dJS3/s=",
"url": "https://cli.upbound.io/main/v0.39.0-87.g20595f83/bundle/up/darwin_amd64.tar.gz"
"hash": "sha256-qn2cfprwaLP7chMcWN+zw8+G/tHGNlJtPMX6iB9XjCY=",
"url": "https://cli.upbound.io/main/v0.39.0-115.gbdd4b5af/bundle/up/darwin_amd64.tar.gz"
},
"x86_64-linux": {
"hash": "sha256-mw80qJ+9CRQFFKF7bhWiEYcW1P7Jm4dqkXTN+F8erPM=",
"url": "https://cli.upbound.io/main/v0.39.0-87.g20595f83/bundle/up/linux_amd64.tar.gz"
"hash": "sha256-AAmdDWW0MmLYP5viRJ0BpXIVpmU7R6iSN5hwGm6HIuc=",
"url": "https://cli.upbound.io/main/v0.39.0-115.gbdd4b5af/bundle/up/linux_amd64.tar.gz"
}
}
},
@ -49,5 +49,5 @@
"x86_64-darwin",
"x86_64-linux"
],
"version": "0.39.0-87.g20595f83"
"version": "0.39.0-115.gbdd4b5af"
}

4
pkgs/by-name/wi/wireless-regdb/package.nix
View file

@ -7,11 +7,11 @@
stdenvNoCC.mkDerivation rec {
pname = "wireless-regdb";
version = "2025.02.20";
version = "2025.07.10";
src = fetchurl {
url = "https://www.kernel.org/pub/software/network/${pname}/${pname}-${version}.tar.xz";
hash = "sha256-V/jnchz1qIDBOuDCAu27IQkqBg1F+enFm80qgnK/pFY=";
hash = "sha256-qDQLzc0bXbbHkUmHnRIrFw87sHU4FxjU9Cmtgxpvoo0=";
};
dontBuild = true;

4
pkgs/development/python-modules/arviz/default.nix
View file

@ -39,14 +39,14 @@
buildPythonPackage rec {
pname = "arviz";
version = "0.21.0";
version = "0.22.0";
pyproject = true;
src = fetchFromGitHub {
owner = "arviz-devs";
repo = "arviz";
tag = "v${version}";
hash = "sha256-rrOvdyZE0wo3iiiQ2hHklAtLU38mXs3hLsb+Fwy9eAk=";
hash = "sha256-ZzZZKEtpVy44119H+upU36VLriZjjwPz3gqgKrL+gRI=";
};
build-system = [

7
pkgs/development/python-modules/mmengine/default.nix
View file

@ -9,6 +9,7 @@
# dependencies
addict,
distutils,
matplotlib,
numpy,
opencv4,
@ -67,17 +68,13 @@ buildPythonPackage rec {
+ ''
substituteInPlace tests/test_config/test_lazy.py \
--replace-fail "import numpy.compat" ""
substituteInPlace mmengine/utils/dl_utils/collect_env.py \
--replace-fail \
"from distutils" \
"from setuptools._distutils"
'';
build-system = [ setuptools ];
dependencies = [
addict
distutils
matplotlib
numpy
opencv4

4
pkgs/development/python-modules/orbax-checkpoint/default.nix
View file

@ -35,14 +35,14 @@
buildPythonPackage rec {
pname = "orbax-checkpoint";
version = "0.11.18";
version = "0.11.19";
pyproject = true;
src = fetchFromGitHub {
owner = "google";
repo = "orbax";
tag = "v${version}";
hash = "sha256-Uosd2TfC3KJMp46SnNnodPBc+G1nNdqFOwPQA+aVyrQ=";
hash = "sha256-j15E4jGvxIjEdWG6Lwr9mvPXr9WifrD1zFF6Vj+7wik=";
};
sourceRoot = "${src.name}/checkpoint";

88
pkgs/development/python-modules/sqlite-vec/default.nix Normal file
View file

@ -0,0 +1,88 @@
{
lib,
buildPythonPackage,
fetchpatch,
# build-system
setuptools,
setuptools-scm,
# dependencies
sqlite-vec-c, # alias for pkgs.sqlite-vec
# optional dependencies
numpy,
# check inputs
openai,
pytestCheckHook,
}:
buildPythonPackage rec {
inherit (sqlite-vec-c) pname version src;
pyproject = true;
# The actual source root is bindings/python but the patches
# apply to the bindings directory.
# This is a known issue, see https://discourse.nixos.org/t/how-to-apply-patches-with-sourceroot/59727
sourceRoot = "${src.name}/bindings";
patches = [
(fetchpatch {
# https://github.com/asg017/sqlite-vec/pull/233
name = "add-python-build-files.patch";
url = "https://github.com/asg017/sqlite-vec/commit/c1917deb11aa79dcac32440679345b93e13b1b86.patch";
hash = "sha256-4/9QLKuM/1AbD8AQHwJ14rhWVYVc+MILvK6+tWwWQlw=";
stripLen = 1;
})
(fetchpatch {
# https://github.com/asg017/sqlite-vec/pull/233
name = "add-python-test.patch";
url = "https://github.com/asg017/sqlite-vec/commit/608972c9dcbfc7f4583e99fd8de6e5e16da11081.patch";
hash = "sha256-8dfw7zs7z2FYh8DoAxurMYCDMOheg8Zl1XGcPw1A1BM=";
stripLen = 1;
})
];
# Change into the proper directory for building, move `extra_init.py` into its proper location,
# and supply the path to the library.
postPatch = ''
cd python
mv extra_init.py sqlite_vec/
substituteInPlace sqlite_vec/__init__.py \
--replace-fail "@libpath@" "${lib.getLib sqlite-vec-c}/lib/"
'';
build-system = [
setuptools
setuptools-scm
];
dependencies = [
sqlite-vec-c
];
optional-dependencies = {
numpy = [
numpy
];
};
nativeCheckInputs = [
numpy
openai
pytestCheckHook
sqlite-vec-c
];
pythonImportsCheck = [ "sqlite_vec" ];
meta = sqlite-vec-c.meta // {
description = "Python bindings for sqlite-vec";
maintainers = [ lib.maintainers.sarahec ];
badPlatforms = [
# segfaults during test
"x86_64-darwin"
];
};
}

4
pkgs/development/python-modules/timm/default.nix
View file

@ -22,14 +22,14 @@
buildPythonPackage rec {
pname = "timm";
version = "1.0.16";
version = "1.0.17";
pyproject = true;
src = fetchFromGitHub {
owner = "huggingface";
repo = "pytorch-image-models";
tag = "v${version}";
hash = "sha256-8z23KQvb+wAlM/IXDC9j6OV8ioZE1dx0xhITSzdHoeY=";
hash = "sha256-NWWKDWcwRrQ2lrNSbkA2xepAoPP7+0G7g7eIjGLZSCw=";
};
build-system = [ pdm-backend ];

4
pkgs/development/python-modules/txtai/default.nix
View file

@ -24,7 +24,7 @@
hnswlib,
pgvector,
sqlalchemy,
sqlite-vec,
sqlite-vec-c,
# api
aiohttp,
fastapi,
@ -103,7 +103,7 @@ let
hnswlib
pgvector
sqlalchemy
sqlite-vec
sqlite-vec-c
];
api = [
aiohttp

14
pkgs/development/tools/analysis/flow/default.nix
View file

@ -7,19 +7,15 @@
stdenv.mkDerivation rec {
pname = "flow";
version = "0.238.3";
version = "0.274.2";
src = fetchFromGitHub {
owner = "facebook";
repo = "flow";
rev = "v${version}";
hash = "sha256-WlHta/wXTULehopXeIUdNAQb12Lf0SJnm1HIVHTDshA=";
tag = "v${version}";
hash = "sha256-ZktRFFgPvIfbsAY3C6g3s3zqX3wES+QShu811m183cA=";
};
postPatch = ''
substituteInPlace src/services/inference/check_cache.ml --replace 'Core_kernel' 'Core'
'';
makeFlags = [ "FLOW_RELEASE=1" ];
installPhase = ''
@ -39,12 +35,12 @@ stdenv.mkDerivation rec {
buildInputs = (
with ocamlPackages;
[
core_kernel
camlp-streams
dtoa
fileutils
lwt_log
lwt_ppx
ocaml_lwt
lwt
ppx_deriving
ppx_gen_rec
ppx_let

12
pkgs/misc/arm-trusted-firmware/default.nix
View file

@ -18,7 +18,7 @@
}:
let
buildArmTrustedFirmware =
buildArmTrustedFirmware = lib.makeOverridable (
{
filesToInstall,
installDir ? "$out",
@ -59,8 +59,11 @@ let
depsBuildBuild = [ buildPackages.stdenv.cc ];
# For Cortex-M0 firmware in RK3399
nativeBuildInputs = [ pkgsCross.arm-embedded.stdenv.cc ];
nativeBuildInputs = [
pkgsCross.arm-embedded.stdenv.cc # For Cortex-M0 firmware in RK3399
openssl # For fiptool
];
# Make the new toolchain guessing (from 2.11+) happy
# https://github.com/ARM-software/arm-trusted-firmware/blob/4ec2948fe3f65dba2f19e691e702f7de2949179c/make_helpers/toolchains/rk3399-m0.mk#L21-L22
rk3399-m0-oc = "${pkgsCross.arm-embedded.stdenv.cc.targetPrefix}objcopy";
@ -112,7 +115,8 @@ let
// extraMeta;
}
// builtins.removeAttrs args [ "extraMeta" ]
);
)
);
in
{

127
pkgs/misc/optee-os/default.nix Normal file
View file

@ -0,0 +1,127 @@
{
dtc,
fetchFromGitHub,
lib,
pkgsBuildBuild,
stdenv,
}:
let
defaultVersion = "4.6.0";
defaultSrc = fetchFromGitHub {
owner = "OP-TEE";
repo = "optee_os";
rev = defaultVersion;
hash = "sha256-4z706DNfZE+CAPOa362CNSFhAN1KaNyKcI9C7+MRccs=";
};
buildOptee = lib.makeOverridable (
{
version ? null,
src ? null,
platform,
extraMakeFlags ? [ ],
extraMeta ? { },
...
}@args:
let
inherit (stdenv.hostPlatform) is32bit is64bit;
taTarget =
{
"arm" = "ta_arm32";
"arm64" = "ta_arm64";
}
.${stdenv.hostPlatform.linuxArch};
in
stdenv.mkDerivation (
{
pname = "optee-os-${platform}";
version = if src == null then defaultVersion else version;
src = if src == null then defaultSrc else src;
postPatch = ''
patchShebangs $(find -type d -name scripts -printf '%p ')
'';
outputs = [
"out"
"devkit"
];
strictDeps = true;
enableParallelBuilding = true;
depsBuildBuild = [ pkgsBuildBuild.stdenv.cc ];
nativeBuildInputs = [
dtc
(pkgsBuildBuild.python3.withPackages (
p: with p; [
pyelftools
cryptography
]
))
];
makeFlags =
[
"O=out"
"PLATFORM=${platform}"
"CFG_USER_TA_TARGETS=${taTarget}"
]
++ (lib.optionals (is32bit) [
"CFG_ARM32_core=y"
"CROSS_COMPILE32=${stdenv.cc.targetPrefix}"
])
++ (lib.optionals (is64bit) [
"CFG_ARM64_core=y"
"CROSS_COMPILE64=${stdenv.cc.targetPrefix}"
])
++ extraMakeFlags;
installPhase = ''
runHook preInstall
mkdir -p $out
cp out/core/{tee.elf,tee-pageable_v2.bin,tee.bin,tee-header_v2.bin,tee-pager_v2.bin,tee-raw.bin} $out
cp -r out/export-${taTarget} $devkit
runHook postInstall
'';
meta =
with lib;
{
description = "A Trusted Execution Environment for ARM";
homepage = "https://github.com/OP-TEE/optee_os";
changelog = "https://github.com/OP-TEE/optee_os/blob/${defaultVersion}/CHANGELOG.md";
license = licenses.bsd2;
maintainers = [ maintainers.jmbaur ];
}
// extraMeta;
}
// removeAttrs args [ "extraMeta" ]
)
);
in
{
inherit buildOptee;
opteeQemuArm = buildOptee {
platform = "vexpress";
extraMakeFlags = [ "PLATFORM_FLAVOR=qemu_virt" ];
extraMeta.platforms = [ "armv7l-linux" ];
};
opteeQemuAarch64 = buildOptee {
platform = "vexpress";
extraMakeFlags = [ "PLATFORM_FLAVOR=qemu_armv8a" ];
extraMeta.platforms = [ "aarch64-linux" ];
};
}

6
pkgs/servers/home-assistant/custom-lovelace-modules/hourly-weather/package.nix
View file

@ -6,16 +6,16 @@
buildNpmPackage rec {
pname = "hourly-weather";
version = "6.6.1";
version = "6.7.0";
src = fetchFromGitHub {
owner = "decompil3d";
repo = "lovelace-hourly-weather";
rev = version;
hash = "sha256-D2kCUcUgLyMVeba3xc02q/5PrEzXrBVCX+75F58j8y0=";
hash = "sha256-VrHgFup2hAnoxqJQGw23ZiPFpAwfgSLC97U+KHV3PKQ=";
};
npmDepsHash = "sha256-gpyqQd4pRF4xKgfT9gRAVnXLSFThjfJV2yu4zOCvVpg=";
npmDepsHash = "sha256-wXL1wLdBp8gkAfY29AS1fM/ZpCCoP1u9PTxDIahy1cg=";
env.CYPRESS_INSTALL_BINARY = "0";

10
pkgs/top-level/all-packages.nix
View file

@ -7232,9 +7232,7 @@ with pkgs;
haskellPackages.callPackage ../tools/misc/fffuu { }
);
flow = callPackage ../development/tools/analysis/flow {
ocamlPackages = ocaml-ng.ocamlPackages_4_14;
};
flow = callPackage ../development/tools/analysis/flow { };
framac = callPackage ../by-name/fr/framac/package.nix {
ocamlPackages = ocaml-ng.ocamlPackages_5_2;
@ -7434,6 +7432,12 @@ with pkgs;
libiberty_static = libiberty.override { staticBuild = true; };
};
inherit (callPackage ../misc/optee-os { })
buildOptee
opteeQemuArm
opteeQemuAarch64
;
patchelf = callPackage ../development/tools/misc/patchelf { };
patchelfUnstable = lowPrio (callPackage ../development/tools/misc/patchelf/unstable.nix { });

6
pkgs/top-level/python-packages.nix
View file

@ -17031,6 +17031,10 @@ self: super: with self; {
sqlite-utils = callPackage ../development/python-modules/sqlite-utils { };
sqlite-vec = callPackage ../development/python-modules/sqlite-vec {
sqlite-vec-c = pkgs.sqlite-vec;
};
sqlitedict = callPackage ../development/python-modules/sqlitedict { };
sqliteschema = callPackage ../development/python-modules/sqliteschema { };
@ -18332,7 +18336,7 @@ self: super: with self; {
txrequests = callPackage ../development/python-modules/txrequests { };
txtai = callPackage ../development/python-modules/txtai { };
txtai = callPackage ../development/python-modules/txtai { sqlite-vec-c = pkgs.sqlite-vec; };
txtorcon = callPackage ../development/python-modules/txtorcon { };