diff --git a/doc/builders/trivial-builders.chapter.md b/doc/builders/trivial-builders.chapter.md index c05511785bf5..2cb1f2debcb8 100644 --- a/doc/builders/trivial-builders.chapter.md +++ b/doc/builders/trivial-builders.chapter.md @@ -4,9 +4,25 @@ Nixpkgs provides a couple of functions that help with building derivations. The ## `runCommand` {#trivial-builder-runCommand} -This takes three arguments, `name`, `env`, and `buildCommand`. `name` is just the name that Nix will append to the store path in the same way that `stdenv.mkDerivation` uses its `name` attribute. `env` is an attribute set specifying environment variables that will be set for this derivation. These attributes are then passed to the wrapped `stdenv.mkDerivation`. `buildCommand` specifies the commands that will be run to create this derivation. Note that you will need to create `$out` for Nix to register the command as successful. +`runCommand :: String -> AttrSet -> String -> Derivation` -An example of using `runCommand` is provided below. +`runCommand name drvAttrs buildCommand` returns a derivation that is built by running the specified shell commands. + +`name :: String` +: The name that Nix will append to the store path in the same way that `stdenv.mkDerivation` uses its `name` attribute. + +`drvAttr :: AttrSet` +: Attributes to pass to the underlying call to [`stdenv.mkDerivation`](#chap-stdenv). + +`buildCommand :: String` +: Shell commands to run in the derivation builder. + + ::: {.note} + You have to create a file or directory `$out` for Nix to be able to run the builder successfully. + ::: + +::: {.example #ex-runcommand-simple} +# Invocation of `runCommand` ```nix (import {}).runCommand "my-example" {} '' @@ -28,6 +44,7 @@ An example of using `runCommand` is provided below. date '' ``` +::: ## `runCommandCC` {#trivial-builder-runCommandCC} diff --git a/doc/languages-frameworks/beam.section.md b/doc/languages-frameworks/beam.section.md index 5e85723085c1..2cb4863fc53b 100644 --- a/doc/languages-frameworks/beam.section.md +++ b/doc/languages-frameworks/beam.section.md @@ -44,11 +44,29 @@ There is also a `buildMix` helper, whose behavior is closer to that of `buildErl ## How to Install BEAM Packages {#how-to-install-beam-packages} -BEAM builders are not registered at the top level, simply because they are not relevant to the vast majority of Nix users. To install any of those builders into your profile, refer to them by their attribute path `beamPackages.rebar3`: +BEAM builders are not registered at the top level, simply because they are not relevant to the vast majority of Nix users. +To use any of those builders into your environment, refer to them by their attribute path under `beamPackages`, e.g. `beamPackages.rebar3`: + +::: {.example #ex-beam-ephemeral-shell} +# Ephemeral shell ```ShellSession -$ nix-env -f "" -iA beamPackages.rebar3 +$ nix-shell -p beamPackages.rebar3 ``` +::: + +::: {.example #ex-beam-declarative-shell} +# Declarative shell + +```nix +let + pkgs = import { config = {}; overlays = []; }; +in +pkgs.mkShell { + packages = [ pkgs.beamPackages.rebar3 ]; +} +``` +::: ## Packaging BEAM Applications {#packaging-beam-applications} diff --git a/maintainers/maintainer-list.nix b/maintainers/maintainer-list.nix index 3726cf7b24fa..e8c35b915c4d 100644 --- a/maintainers/maintainer-list.nix +++ b/maintainers/maintainer-list.nix @@ -2429,12 +2429,6 @@ githubId = 1743184; name = "Boris Babić"; }; - borlaag = { - email = "borlaag@proton.me"; - github = "Borlaag"; - githubId = 114830266; - name = "Børlaag"; - }; bosu = { email = "boriss@gmail.com"; github = "bosu"; @@ -3115,7 +3109,7 @@ }; christianharke = { email = "christian@harke.ch"; - github = "christianharke"; + github = "rake5k"; githubId = 13007345; name = "Christian Harke"; keys = [{ @@ -4471,7 +4465,7 @@ DomesticMoth = { name = "Andrew"; email = "silkmoth@protonmail.com"; - github = "DomesticMoth"; + github = "asciimoth"; githubId = 91414737; keys = [{ fingerprint = "7D6B AE0A A98A FDE9 3396 E721 F87E 15B8 3AA7 3087"; @@ -4857,12 +4851,6 @@ githubId = 54799; name = "Edward Tjörnhammar"; }; - ee2500 = { - email = "earthengine@skiff.com"; - github = "ee2500"; - githubId = 134107129; - name = "EarthEngine"; - }; eelco = { email = "edolstra+nixpkgs@gmail.com"; github = "edolstra"; @@ -7349,7 +7337,7 @@ }; imalison = { email = "IvanMalison@gmail.com"; - github = "IvanMalison"; + github = "colonelpanic8"; githubId = 1246619; name = "Ivan Malison"; }; @@ -7773,7 +7761,7 @@ jayesh-bhoot = { name = "Jayesh Bhoot"; email = "jb@jayeshbhoot.com"; - github = "bhootjb"; + github = "jyssh"; githubId = 1915507; }; jayman2000 = { @@ -8445,7 +8433,7 @@ }; jonnybolton = { email = "jonnybolton@gmail.com"; - github = "jonnybolton"; + github = "jonnynightingale"; githubId = 8580434; name = "Jonny Bolton"; }; @@ -8481,11 +8469,6 @@ github = "jorsn"; githubId = 4646725; }; - joscha = { - name = "joscha Loos"; - email = "j.loos@posteo.net"; - githubId = 57965027; - }; josephst = { name = "Joseph Stahl"; email = "hello@josephstahl.com"; @@ -9786,7 +9769,7 @@ }; lethalman = { email = "lucabru@src.gnome.org"; - github = "lethalman"; + github = "lucabrunox"; githubId = 480920; name = "Luca Bruno"; }; @@ -10459,12 +10442,6 @@ github = "mac-chaffee"; githubId = 7581860; }; - maddiethecafebabe = { - email = "maddie@cafebabe.date"; - github = "maddiethecafebabe"; - githubId = 75337286; - name = "Madeline S."; - }; madjar = { email = "georges.dubus@compiletoi.net"; github = "madjar"; @@ -12211,12 +12188,6 @@ githubId = 77314501; name = "Maurice Zhou"; }; - nebulka = { - email = "arapun@proton.me"; - github = "nebulka1"; - githubId = 121920704; - name = "Nebulka"; - }; Necior = { email = "adrian@sadlocha.eu"; github = "Necior"; @@ -13040,7 +13011,7 @@ }; orichter = { email = "richter-oliver@gmx.net"; - github = "RichterOliver"; + github = "ORichterSec"; githubId = 135209509; name = "Oliver Richter"; }; @@ -13649,7 +13620,7 @@ }; pjbarnoy = { email = "pjbarnoy@gmail.com"; - github = "pjbarnoy"; + github = "waaamb"; githubId = 119460; name = "Perry Barnoy"; }; @@ -13695,7 +13666,7 @@ PlayerNameHere = { name = "Dixon Sean Low Yan Feng"; email = "dixonseanlow@protonmail.com"; - github = "PlayerNameHere"; + github = "dixslyf"; githubId = 56017218; keys = [{ fingerprint = "E6F4 BFB4 8DE3 893F 68FC A15F FF5F 4B30 A41B BAC8"; @@ -14401,7 +14372,7 @@ }; razvan = { email = "razvan.panda@gmail.com"; - github = "razvan-flavius-panda"; + github = "freeman42x"; githubId = 1758708; name = "Răzvan Flavius Panda"; }; @@ -17130,7 +17101,7 @@ name = "The Hedgehog"; email = "hedgehog@mrhedgehog.xyz"; matrix = "@mrhedgehog:jupiterbroadcasting.com"; - github = "theHedgehog0"; + github = "pyrox0"; githubId = 35778371; keys = [{ fingerprint = "38A0 29B0 4A7E 4C13 A4BB 86C8 7D51 0786 6B1C 6752"; diff --git a/nixos/doc/manual/release-notes/rl-2311.section.md b/nixos/doc/manual/release-notes/rl-2311.section.md index 077e7c98f7b3..37225b550691 100644 --- a/nixos/doc/manual/release-notes/rl-2311.section.md +++ b/nixos/doc/manual/release-notes/rl-2311.section.md @@ -250,6 +250,8 @@ Unfortunately all servers supporting new clients (newer version of anki-sync-server, anki's built in sync server and this new rust package) do not support the older sync protocol that was used in the old server, so such old clients will also need updating and in particular the anki package in nixpkgs is also being updated in this release. The module update takes care of the new config syntax and the data itself (user login and cards) are compatible, so users of the module will be able to just log in again after updating both client and server without any extra action. +- `services.matrix-synapse` has new options to configure worker processes for matrix-synapse using [`services.matrix-synapse.workers`](#opt-services.matrix-synapse.workers). It's also now possible to configure a local redis server using [`services.matrix-synapse.configureRedisLocally`](#opt-services.matrix-synapse.configureRedisLocally). + - `services.nginx` gained a `defaultListen` option at server-level with support for PROXY protocol listeners, also `proxyProtocol` is now exposed in `services.nginx.virtualHosts..listen` option. It is now possible to run PROXY listeners and non-PROXY listeners at a server-level, see [#213510](https://github.com/NixOS/nixpkgs/pull/213510/) for more details. - `services.restic.backups` now adds wrapper scripts to your system path, which set the same environment variables as the service, so restic operations can easly be run from the command line. This behavior can be disabled by setting `createWrapper` to `false`, per backup configuration. diff --git a/nixos/modules/services/matrix/synapse-log_config.yaml b/nixos/modules/services/matrix/synapse-log_config.yaml deleted file mode 100644 index d85bdd1208f9..000000000000 --- a/nixos/modules/services/matrix/synapse-log_config.yaml +++ /dev/null @@ -1,25 +0,0 @@ -version: 1 - -# In systemd's journal, loglevel is implicitly stored, so let's omit it -# from the message text. -formatters: - journal_fmt: - format: '%(name)s: [%(request)s] %(message)s' - -filters: - context: - (): synapse.util.logcontext.LoggingContextFilter - request: "" - -handlers: - journal: - class: systemd.journal.JournalHandler - formatter: journal_fmt - filters: [context] - SYSLOG_IDENTIFIER: synapse - -root: - level: INFO - handlers: [journal] - -disable_existing_loggers: False diff --git a/nixos/modules/services/matrix/synapse.nix b/nixos/modules/services/matrix/synapse.nix index 71f64d2fc4f8..554e9ca2ecc3 100644 --- a/nixos/modules/services/matrix/synapse.nix +++ b/nixos/modules/services/matrix/synapse.nix @@ -4,7 +4,7 @@ with lib; let cfg = config.services.matrix-synapse; - format = pkgs.formats.yaml {}; + format = pkgs.formats.yaml { }; # remove null values from the final configuration finalSettings = lib.filterAttrsRecursive (_: v: v != null) cfg.settings; @@ -13,6 +13,7 @@ let usePostgresql = cfg.settings.database.name == "psycopg2"; hasLocalPostgresDB = let args = cfg.settings.database.args; in usePostgresql && (!(args ? host) || (elem args.host [ "localhost" "127.0.0.1" "::1" ])); + hasWorkers = cfg.workers != { }; registerNewMatrixUser = let @@ -68,6 +69,48 @@ let extras = wantedExtras; inherit (cfg) plugins; }; + + logConfig = logName: { + version = 1; + formatters.journal_fmt.format = "%(name)s: [%(request)s] %(message)s"; + handlers.journal = { + class = "systemd.journal.JournalHandler"; + formatter = "journal_fmt"; + SYSLOG_IDENTIFIER = logName; + }; + root = { + level = "INFO"; + handlers = [ "journal" ]; + }; + disable_existing_loggers = false; + }; + logConfigText = logName: + let + expr = '' + { + version = 1; + formatters.journal_fmt.format = "%(name)s: [%(request)s] %(message)s"; + handlers.journal = { + class = "systemd.journal.JournalHandler"; + formatter = "journal_fmt"; + SYSLOG_IDENTIFIER = "${logName}"; + }; + root = { + level = "INFO"; + handlers = [ "journal" ]; + }; + disable_existing_loggers = false; + }; + ''; + in + lib.literalMD '' + Path to a yaml file generated from this Nix expression: + + ``` + ${expr} + ``` + ''; + genLogConfigFile = logName: format.generate "synapse-log-${logName}.yaml" (logConfig logName); in { imports = [ @@ -154,7 +197,108 @@ in { ]; - options = { + options = let + listenerType = workerContext: types.submodule { + options = { + port = mkOption { + type = types.port; + example = 8448; + description = lib.mdDoc '' + The port to listen for HTTP(S) requests on. + ''; + }; + + bind_addresses = mkOption { + type = types.listOf types.str; + default = [ + "::1" + "127.0.0.1" + ]; + example = literalExpression '' + [ + "::" + "0.0.0.0" + ] + ''; + description = lib.mdDoc '' + IP addresses to bind the listener to. + ''; + }; + + type = mkOption { + type = types.enum [ + "http" + "manhole" + "metrics" + "replication" + ]; + default = "http"; + example = "metrics"; + description = lib.mdDoc '' + The type of the listener, usually http. + ''; + }; + + tls = mkOption { + type = types.bool; + default = !workerContext; + example = false; + description = lib.mdDoc '' + Whether to enable TLS on the listener socket. + ''; + }; + + x_forwarded = mkOption { + type = types.bool; + default = false; + example = true; + description = lib.mdDoc '' + Use the X-Forwarded-For (XFF) header as the client IP and not the + actual client IP. + ''; + }; + + resources = mkOption { + type = types.listOf (types.submodule { + options = { + names = mkOption { + type = types.listOf (types.enum [ + "client" + "consent" + "federation" + "health" + "keys" + "media" + "metrics" + "openid" + "replication" + "static" + ]); + description = lib.mdDoc '' + List of resources to host on this listener. + ''; + example = [ + "client" + ]; + }; + compress = mkOption { + default = false; + type = types.bool; + description = lib.mdDoc '' + Whether synapse should compress HTTP responses to clients that support it. + This should be disabled if running synapse behind a load balancer + that can do automatic compression. + ''; + }; + }; + }); + description = lib.mdDoc '' + List of HTTP resources to serve on this listener. + ''; + }; + }; + }; + in { services.matrix-synapse = { enable = mkEnableOption (lib.mdDoc "matrix.org synapse"); @@ -251,7 +395,7 @@ in { }; settings = mkOption { - default = {}; + default = { }; description = mdDoc '' The primary synapse configuration. See the [sample configuration](https://github.com/matrix-org/synapse/blob/v${pkgs.matrix-synapse-unwrapped.version}/docs/sample_config.yaml) @@ -346,8 +490,8 @@ in { log_config = mkOption { type = types.path; - default = ./synapse-log_config.yaml; - defaultText = lib.literalExpression "nixos/modules/services/matrix/synapse-log_config.yaml"; + default = genLogConfigFile "synapse"; + defaultText = logConfigText "synapse"; description = lib.mdDoc '' The file that holds the logging configuration. ''; @@ -409,120 +553,37 @@ in { }; listeners = mkOption { - type = types.listOf (types.submodule { - options = { - port = mkOption { - type = types.port; - example = 8448; - description = lib.mdDoc '' - The port to listen for HTTP(S) requests on. - ''; - }; - - bind_addresses = mkOption { - type = types.listOf types.str; - default = [ - "::1" - "127.0.0.1" - ]; - example = literalExpression '' - [ - "::" - "0.0.0.0" - ] - ''; - description = lib.mdDoc '' - IP addresses to bind the listener to. - ''; - }; - - type = mkOption { - type = types.enum [ - "http" - "manhole" - "metrics" - "replication" - ]; - default = "http"; - example = "metrics"; - description = lib.mdDoc '' - The type of the listener, usually http. - ''; - }; - - tls = mkOption { - type = types.bool; - default = true; - example = false; - description = lib.mdDoc '' - Whether to enable TLS on the listener socket. - ''; - }; - - x_forwarded = mkOption { - type = types.bool; - default = false; - example = true; - description = lib.mdDoc '' - Use the X-Forwarded-For (XFF) header as the client IP and not the - actual client IP. - ''; - }; - - resources = mkOption { - type = types.listOf (types.submodule { - options = { - names = mkOption { - type = types.listOf (types.enum [ - "client" - "consent" - "federation" - "keys" - "media" - "metrics" - "openid" - "replication" - "static" - ]); - description = lib.mdDoc '' - List of resources to host on this listener. - ''; - example = [ - "client" - ]; - }; - compress = mkOption { - type = types.bool; - description = lib.mdDoc '' - Should synapse compress HTTP responses to clients that support it? - This should be disabled if running synapse behind a load balancer - that can do automatic compression. - ''; - }; - }; - }); - description = lib.mdDoc '' - List of HTTP resources to serve on this listener. - ''; - }; - }; - }); - default = [ { + type = types.listOf (listenerType false); + default = [{ port = 8008; bind_addresses = [ "127.0.0.1" ]; type = "http"; tls = false; x_forwarded = true; - resources = [ { + resources = [{ names = [ "client" ]; compress = true; } { names = [ "federation" ]; compress = false; - } ]; - } ]; + }]; + }] ++ lib.optional hasWorkers { + port = 9093; + bind_addresses = [ "127.0.0.1" ]; + type = "http"; + tls = false; + x_forwarded = false; + resources = [{ + names = [ "replication" ]; + compress = false; + }]; + }; description = lib.mdDoc '' List of ports that Synapse should listen on, their purpose and their configuration. + + By default, synapse will be configured for client and federation traffic on port 8008, and + for worker replication traffic on port 9093. See [`services.matrix-synapse.workers`](#opt-services.matrix-synapse.workers) + for more details. ''; }; @@ -534,7 +595,7 @@ in { default = if versionAtLeast config.system.stateVersion "18.03" then "psycopg2" else "sqlite3"; - defaultText = literalExpression '' + defaultText = literalExpression '' if versionAtLeast config.system.stateVersion "18.03" then "psycopg2" else "sqlite3" @@ -551,10 +612,10 @@ in { psycopg2 = "matrix-synapse"; }.${cfg.settings.database.name}; defaultText = literalExpression '' - { - sqlite3 = "''${${options.services.matrix-synapse.dataDir}}/homeserver.db"; - psycopg2 = "matrix-synapse"; - }.''${${options.services.matrix-synapse.settings}.database.name}; + { + sqlite3 = "''${${options.services.matrix-synapse.dataDir}}/homeserver.db"; + psycopg2 = "matrix-synapse"; + }.''${${options.services.matrix-synapse.settings}.database.name}; ''; description = lib.mdDoc '' Name of the database when using the psycopg2 backend, @@ -622,7 +683,7 @@ in { url_preview_ip_range_whitelist = mkOption { type = types.listOf types.str; - default = []; + default = [ ]; description = lib.mdDoc '' List of IP address CIDR ranges that the URL preview spider is allowed to access even if they are specified in url_preview_ip_range_blacklist. @@ -644,7 +705,7 @@ in { on how to configure it properly. '')) (types.attrsOf types.str)); - default = []; + default = [ ]; example = literalExpression '' [ { scheme = "http"; } # no http previews @@ -690,7 +751,7 @@ in { turn_uris = mkOption { type = types.listOf types.str; - default = []; + default = [ ]; example = [ "turn:turn.example.com:3487?transport=udp" "turn:turn.example.com:3487?transport=tcp" @@ -727,12 +788,12 @@ in { }; }; }); - default = [ { + default = [{ server_name = "matrix.org"; verify_keys = { "ed25519:auto" = "Noi6WqcDj0QmPxCNQqgezwTlBKrfqehY1u2FyWP9uYw"; }; - } ]; + }]; description = lib.mdDoc '' The trusted servers to download signing keys from. ''; @@ -746,13 +807,114 @@ in { ''; }; + redis = lib.mkOption { + type = types.submodule { + freeformType = format.type; + options = { + enabled = lib.mkOption { + type = types.bool; + default = false; + description = lib.mdDoc '' + Whether to use redis support + ''; + }; + }; + }; + default = { }; + description = lib.mdDoc '' + Redis configuration for synapse. + + See the + [upstream documentation](https://github.com/matrix-org/synapse/blob/v${pkgs.matrix-synapse-unwrapped.version}/usage/configuration/config_documentation.md#redis) + for available options. + ''; + }; }; }; }; + workers = lib.mkOption { + default = { }; + description = lib.mdDoc '' + Options for configuring workers. Worker support will be enabled if at least one worker is configured here. + + See the [worker documention](https://matrix-org.github.io/synapse/latest/workers.html#worker-configuration) + for possible options for each worker. Worker-specific options overriding the shared homeserver configuration can be + specified here for each worker. + + ::: {.note} + Worker support will add a replication listener on port 9093 to the main synapse process using the default + value of [`services.matrix-synapse.settings.listeners`](#opt-services.matrix-synapse.settings.listeners) and configure that + listener as `services.matrix-synapse.settings.instance_map.main`. + If you set either of those options, make sure to configure a replication listener yourself. + + A redis server is required for running workers. A local one can be enabled + using [`services.matrix-synapse.configureRedisLocally`](#opt-services.matrix-synapse.configureRedisLocally). + + Workers also require a proper reverse proxy setup to direct incoming requests to the appropriate process. See + the [reverse proxy documentation](https://matrix-org.github.io/synapse/latest/reverse_proxy.html) for a + general reverse proxying setup and + the [worker documentation](https://matrix-org.github.io/synapse/latest/workers.html#available-worker-applications) + for the available endpoints per worker application. + ::: + ''; + type = types.attrsOf (types.submodule ({name, ...}: { + freeformType = format.type; + options = { + worker_app = lib.mkOption { + type = types.enum [ + "synapse.app.generic_worker" + "synapse.app.media_repository" + ]; + description = "Type of this worker"; + default = "synapse.app.generic_worker"; + }; + worker_listeners = lib.mkOption { + default = [ ]; + type = types.listOf (listenerType true); + description = lib.mdDoc '' + List of ports that this worker should listen on, their purpose and their configuration. + ''; + }; + worker_log_config = lib.mkOption { + type = types.path; + default = genLogConfigFile "synapse-${name}"; + defaultText = logConfigText "synapse-${name}"; + description = lib.mdDoc '' + The file for log configuration. + + See the [python documentation](https://docs.python.org/3/library/logging.config.html#configuration-dictionary-schema) + for the schema and the [upstream repository](https://github.com/matrix-org/synapse/blob/v${pkgs.matrix-synapse-unwrapped.version}/docs/sample_log_config.yaml) + for an example. + ''; + }; + }; + })); + default = { }; + example = lib.literalExpression '' + { + "federation_sender" = { }; + "federation_receiver" = { + worker_listeners = [ + { + type = "http"; + port = 8009; + bind_addresses = [ "127.0.0.1" ]; + tls = false; + x_forwarded = true; + resources = [{ + names = [ "federation" ]; + }]; + } + ]; + }; + } + ''; + }; + extraConfigFiles = mkOption { type = types.listOf types.path; - default = []; + default = [ ]; description = lib.mdDoc '' Extra config files to include. @@ -762,12 +924,21 @@ in { NixOps is in use. ''; }; + + configureRedisLocally = lib.mkOption { + type = types.bool; + default = false; + description = lib.mdDoc '' + Whether to automatically configure a local redis server for matrix-synapse. + ''; + }; }; }; config = mkIf cfg.enable { assertions = [ - { assertion = hasLocalPostgresDB -> config.services.postgresql.enable; + { + assertion = hasLocalPostgresDB -> config.services.postgresql.enable; message = '' Cannot deploy matrix-synapse with a configuration for a local postgresql database and a missing postgresql service. Since 20.03 it's mandatory to manually configure the @@ -783,8 +954,47 @@ in { For further information about this update, please read the release-notes of 20.03 carefully. ''; } + { + assertion = hasWorkers -> cfg.settings.redis.enabled; + message = '' + Workers for matrix-synapse require configuring a redis instance. This can be done + automatically by setting `services.matrix-synapse.configureRedisLocally = true`. + ''; + } + { + assertion = + let + main = cfg.settings.instance_map.main; + listener = lib.findFirst + ( + listener: + listener.port == main.port + && (lib.any (resource: builtins.elem "replication" resource.names) listener.resources) + && (lib.any (bind: bind == main.host || bind == "0.0.0.0" || bind == "::") listener.bind_addresses) + ) + null + cfg.settings.listeners; + in + hasWorkers -> (listener != null); + message = '' + Workers for matrix-synapse require setting `services.matrix-synapse.settings.instance_map.main` + to any listener configured in `services.matrix-synapse.settings.listeners` with a `"replication"` + resource. + + This is done by default unless you manually configure either of those settings. + ''; + } ]; + services.matrix-synapse.settings.redis = lib.mkIf cfg.configureRedisLocally { + enabled = true; + path = config.services.redis.servers.matrix-synapse.unixSocket; + }; + services.matrix-synapse.settings.instance_map.main = lib.mkIf hasWorkers (lib.mkDefault { + host = "127.0.0.1"; + port = 9093; + }); + services.matrix-synapse.configFile = configFile; services.matrix-synapse.package = wrapped; @@ -803,64 +1013,124 @@ in { gid = config.ids.gids.matrix-synapse; }; - systemd.services.matrix-synapse = { - description = "Synapse Matrix homeserver"; + systemd.targets.matrix-synapse = lib.mkIf hasWorkers { + description = "Synapse Matrix parent target"; after = [ "network.target" ] ++ optional hasLocalPostgresDB "postgresql.service"; wantedBy = [ "multi-user.target" ]; - preStart = '' - ${cfg.package}/bin/synapse_homeserver \ - --config-path ${configFile} \ - --keys-directory ${cfg.dataDir} \ - --generate-keys - ''; - environment = optionalAttrs (cfg.withJemalloc) { - LD_PRELOAD = "${pkgs.jemalloc}/lib/libjemalloc.so"; - }; - serviceConfig = { - Type = "notify"; - User = "matrix-synapse"; - Group = "matrix-synapse"; - WorkingDirectory = cfg.dataDir; - ExecStartPre = [ ("+" + (pkgs.writeShellScript "matrix-synapse-fix-permissions" '' - chown matrix-synapse:matrix-synapse ${cfg.settings.signing_key_path} - chmod 0600 ${cfg.settings.signing_key_path} - '')) ]; - ExecStart = '' - ${cfg.package}/bin/synapse_homeserver \ - ${ concatMapStringsSep "\n " (x: "--config-path ${x} \\") ([ configFile ] ++ cfg.extraConfigFiles) } - --keys-directory ${cfg.dataDir} - ''; - ExecReload = "${pkgs.util-linux}/bin/kill -HUP $MAINPID"; - Restart = "on-failure"; - UMask = "0077"; + }; - # Security Hardening - # Refer to systemd.exec(5) for option descriptions. - CapabilityBoundingSet = [ "" ]; - LockPersonality = true; - NoNewPrivileges = true; - PrivateDevices = true; - PrivateTmp = true; - PrivateUsers = true; - ProcSubset = "pid"; - ProtectClock = true; - ProtectControlGroups = true; - ProtectHome = true; - ProtectHostname = true; - ProtectKernelLogs = true; - ProtectKernelModules = true; - ProtectKernelTunables = true; - ProtectProc = "invisible"; - ProtectSystem = "strict"; - ReadWritePaths = [ cfg.dataDir ]; - RemoveIPC = true; - RestrictAddressFamilies = [ "AF_INET" "AF_INET6" "AF_UNIX" ]; - RestrictNamespaces = true; - RestrictRealtime = true; - RestrictSUIDSGID = true; - SystemCallArchitectures = "native"; - SystemCallFilter = [ "@system-service" "~@resources" "~@privileged" ]; - }; + systemd.services = + let + targetConfig = + if hasWorkers + then { + partOf = [ "matrix-synapse.target" ]; + wantedBy = [ "matrix-synapse.target" ]; + unitConfig.ReloadPropagatedFrom = "matrix-synapse.target"; + } + else { + after = [ "network.target" ] ++ optional hasLocalPostgresDB "postgresql.service"; + wantedBy = [ "multi-user.target" ]; + }; + baseServiceConfig = { + environment = optionalAttrs (cfg.withJemalloc) { + LD_PRELOAD = "${pkgs.jemalloc}/lib/libjemalloc.so"; + }; + serviceConfig = { + Type = "notify"; + User = "matrix-synapse"; + Group = "matrix-synapse"; + WorkingDirectory = cfg.dataDir; + ExecReload = "${pkgs.util-linux}/bin/kill -HUP $MAINPID"; + Restart = "on-failure"; + UMask = "0077"; + + # Security Hardening + # Refer to systemd.exec(5) for option descriptions. + CapabilityBoundingSet = [ "" ]; + LockPersonality = true; + NoNewPrivileges = true; + PrivateDevices = true; + PrivateTmp = true; + PrivateUsers = true; + ProcSubset = "pid"; + ProtectClock = true; + ProtectControlGroups = true; + ProtectHome = true; + ProtectHostname = true; + ProtectKernelLogs = true; + ProtectKernelModules = true; + ProtectKernelTunables = true; + ProtectProc = "invisible"; + ProtectSystem = "strict"; + ReadWritePaths = [ cfg.dataDir ]; + RemoveIPC = true; + RestrictAddressFamilies = [ "AF_INET" "AF_INET6" "AF_UNIX" ]; + RestrictNamespaces = true; + RestrictRealtime = true; + RestrictSUIDSGID = true; + SystemCallArchitectures = "native"; + SystemCallFilter = [ "@system-service" "~@resources" "~@privileged" ]; + }; + } + // targetConfig; + genWorkerService = name: workerCfg: + let + finalWorkerCfg = workerCfg // { worker_name = name; }; + workerConfigFile = format.generate "worker-${name}.yaml" finalWorkerCfg; + in + { + name = "matrix-synapse-worker-${name}"; + value = lib.mkMerge [ + baseServiceConfig + { + description = "Synapse Matrix worker ${name}"; + # make sure the main process starts first for potential database migrations + after = [ "matrix-synapse.service" ]; + requires = [ "matrix-synapse.service" ]; + serviceConfig = { + ExecStart = '' + ${cfg.package}/bin/synapse_worker \ + ${ concatMapStringsSep "\n " (x: "--config-path ${x} \\") ([ configFile workerConfigFile ] ++ cfg.extraConfigFiles) } + --keys-directory ${cfg.dataDir} + ''; + }; + } + ]; + }; + in + { + matrix-synapse = lib.mkMerge [ + baseServiceConfig + { + description = "Synapse Matrix homeserver"; + preStart = '' + ${cfg.package}/bin/synapse_homeserver \ + --config-path ${configFile} \ + --keys-directory ${cfg.dataDir} \ + --generate-keys + ''; + serviceConfig = { + ExecStartPre = [ + ("+" + (pkgs.writeShellScript "matrix-synapse-fix-permissions" '' + chown matrix-synapse:matrix-synapse ${cfg.settings.signing_key_path} + chmod 0600 ${cfg.settings.signing_key_path} + '')) + ]; + ExecStart = '' + ${cfg.package}/bin/synapse_homeserver \ + ${ concatMapStringsSep "\n " (x: "--config-path ${x} \\") ([ configFile ] ++ cfg.extraConfigFiles) } + --keys-directory ${cfg.dataDir} + ''; + }; + } + ]; + } + // (lib.mapAttrs' genWorkerService cfg.workers); + + services.redis.servers.matrix-synapse = lib.mkIf cfg.configureRedisLocally { + enable = true; + user = "matrix-synapse"; }; environment.systemPackages = [ registerNewMatrixUser ]; diff --git a/nixos/tests/all-tests.nix b/nixos/tests/all-tests.nix index 2d9674e69b64..0574c1db8754 100644 --- a/nixos/tests/all-tests.nix +++ b/nixos/tests/all-tests.nix @@ -468,6 +468,7 @@ in { matrix-appservice-irc = handleTest ./matrix/appservice-irc.nix {}; matrix-conduit = handleTest ./matrix/conduit.nix {}; matrix-synapse = handleTest ./matrix/synapse.nix {}; + matrix-synapse-workers = handleTest ./matrix/synapse-workers.nix {}; mattermost = handleTest ./mattermost.nix {}; mediamtx = handleTest ./mediamtx.nix {}; mediatomb = handleTest ./mediatomb.nix {}; diff --git a/nixos/tests/matrix/synapse-workers.nix b/nixos/tests/matrix/synapse-workers.nix new file mode 100644 index 000000000000..e90301aeae9e --- /dev/null +++ b/nixos/tests/matrix/synapse-workers.nix @@ -0,0 +1,50 @@ +import ../make-test-python.nix ({ pkgs, ... }: { + name = "matrix-synapse-workers"; + meta = with pkgs.lib; { + maintainers = teams.matrix.members; + }; + + nodes = { + homeserver = + { pkgs + , nodes + , ... + }: { + services.postgresql = { + enable = true; + initialScript = pkgs.writeText "synapse-init.sql" '' + CREATE ROLE "matrix-synapse" WITH LOGIN PASSWORD 'synapse'; + CREATE DATABASE "matrix-synapse" WITH OWNER "matrix-synapse" + TEMPLATE template0 + LC_COLLATE = "C" + LC_CTYPE = "C"; + ''; + }; + + services.matrix-synapse = { + enable = true; + settings = { + database = { + name = "psycopg2"; + args.password = "synapse"; + }; + enable_registration = true; + enable_registration_without_verification = true; + + federation_sender_instances = [ "federation_sender" ]; + }; + configureRedisLocally = true; + workers = { + "federation_sender" = { }; + }; + }; + }; + }; + + testScript = '' + start_all() + + homeserver.wait_for_unit("matrix-synapse.service"); + homeserver.wait_for_unit("matrix-synapse-worker-federation_sender.service"); + ''; +}) diff --git a/pkgs/applications/audio/scream/default.nix b/pkgs/applications/audio/scream/default.nix index 6d2eae52e5e8..3c0b83d46c19 100644 --- a/pkgs/applications/audio/scream/default.nix +++ b/pkgs/applications/audio/scream/default.nix @@ -44,6 +44,7 @@ stdenv.mkDerivation rec { homepage = "https://github.com/duncanthrax/scream"; license = licenses.mspl; platforms = platforms.linux; + mainProgram = "scream"; maintainers = with maintainers; [ arcnmx ]; }; } diff --git a/pkgs/applications/gis/grass/default.nix b/pkgs/applications/gis/grass/default.nix index 0d16ba036a9c..654aa6451fd0 100644 --- a/pkgs/applications/gis/grass/default.nix +++ b/pkgs/applications/gis/grass/default.nix @@ -32,14 +32,14 @@ , zstd }: -stdenv.mkDerivation (finalAttrs: rec { +stdenv.mkDerivation (finalAttrs: { pname = "grass"; version = "8.3.0"; - src = with lib; fetchFromGitHub { + src = fetchFromGitHub { owner = "OSGeo"; repo = "grass"; - rev = version; + rev = finalAttrs.version; hash = "sha256-YHQtvp/AYMWme46yIc4lE/izjqVePnPxn3GY5RRfPq4="; }; diff --git a/pkgs/applications/graphics/figma-linux/default.nix b/pkgs/applications/graphics/figma-linux/default.nix index 9f6407f71739..64af09ada8b2 100644 --- a/pkgs/applications/graphics/figma-linux/default.nix +++ b/pkgs/applications/graphics/figma-linux/default.nix @@ -8,12 +8,12 @@ , ... }: with lib; -stdenv.mkDerivation rec { +stdenv.mkDerivation (finalAttrs: { pname = "figma-linux"; version = "0.10.0"; src = fetchurl { - url = "https://github.com/Figma-Linux/figma-linux/releases/download/v${version}/figma-linux_${version}_linux_amd64.deb"; + url = "https://github.com/Figma-Linux/figma-linux/releases/download/v${finalAttrs.version}/figma-linux_${finalAttrs.version}_linux_amd64.deb"; sha256 = "sha256-+xiXEwSSxpt1/Eu9g57/L+Il/Av+a/mgGBQl/4LKR74="; }; @@ -65,7 +65,7 @@ stdenv.mkDerivation rec { postFixup = '' substituteInPlace $out/share/applications/figma-linux.desktop \ - --replace "Exec=/opt/figma-linux/figma-linux" "Exec=$out/bin/${pname}" + --replace "Exec=/opt/figma-linux/figma-linux" "Exec=$out/bin/${finalAttrs.pname}" ''; meta = { @@ -73,6 +73,6 @@ stdenv.mkDerivation rec { homepage = "https://github.com/Figma-Linux/figma-linux"; platforms = [ "x86_64-linux" ]; license = licenses.gpl2; - maintainers = with maintainers; [ ercao ]; + maintainers = with maintainers; [ ercao kashw2 ]; }; -} +}) diff --git a/pkgs/applications/graphics/flaca/Cargo.lock b/pkgs/applications/graphics/flaca/Cargo.lock index af1e061d3caa..fe91f0890a47 100644 --- a/pkgs/applications/graphics/flaca/Cargo.lock +++ b/pkgs/applications/graphics/flaca/Cargo.lock @@ -63,9 +63,9 @@ checksum = "2c676a478f63e9fa2dd5368a42f28bba0d6c560b775f38583c8bbaa7fcd67c9c" [[package]] name = "bytemuck" -version = "1.13.1" +version = "1.14.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "17febce684fd15d89027105661fec94afb475cb995fbc59d2865198446ba2eea" +checksum = "374d28ec25809ee0e23827c2ab573d729e293f281dfe393500e7ad618baa61c6" [[package]] name = "byteorder" @@ -149,9 +149,9 @@ dependencies = [ [[package]] name = "ctrlc" -version = "3.4.0" +version = "3.4.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2a011bbe2c35ce9c1f143b7af6f94f29a167beb4cd1d29e6740ce836f723120e" +checksum = "82e95fbd621905b854affdc67943b043a0fbb6ed7385fd5a25650d19a8a6cfdf" dependencies = [ "nix", "windows-sys", @@ -190,9 +190,9 @@ checksum = "a26ae43d7bcc3b814de94796a5e736d4029efb0ee900c12e2d54c993ad1a1e07" [[package]] name = "errno" -version = "0.3.2" +version = "0.3.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6b30f669a7961ef1631673d2766cc92f52d64f7ef354d4fe0ddfd30ed52f0f4f" +checksum = "136526188508e25c6fef639d7927dfb3e0e3084488bf202267829cf7fc23dbdd" dependencies = [ "errno-dragonfly", "libc", @@ -226,7 +226,7 @@ dependencies = [ [[package]] name = "flaca" -version = "2.2.2" +version = "2.3.0" dependencies = [ "argyle", "cc", @@ -259,9 +259,9 @@ checksum = "e6d5a32815ae3f33302d95fdcb2ce17862f8c65363dcfd29360480ba1001fc9c" [[package]] name = "fyi_msg" -version = "0.11.2" +version = "0.11.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "64175e76ad270dcde1566c16eb7d0f6cc2cbb575e5721dbd899e7f3a86b92718" +checksum = "04bb9530916893c31bca029d18088c77f02ea93e270cffab771f9b985cdeb4bb" dependencies = [ "ahash", "bytecount", @@ -326,9 +326,9 @@ dependencies = [ [[package]] name = "libc" -version = "0.2.147" +version = "0.2.148" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b4668fb0ea861c1df094127ac5f1da3409a82116a4ba74fca2e58ef927159bb3" +checksum = "9cdc71e17332e86d2e1d38c1f99edcb6288ee11b815fb1a4b049eaa2114d369b" [[package]] name = "libdeflate-sys" @@ -350,9 +350,9 @@ dependencies = [ [[package]] name = "linux-raw-sys" -version = "0.4.5" +version = "0.4.7" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "57bcfdad1b858c2db7c38303a6d2ad4dfaf5eb53dfeb0910128b2c26d6158503" +checksum = "1a9bad9f94746442c783ca431b22403b519cd7fbeed0533fdd6328b2f2212128" [[package]] name = "log" @@ -381,9 +381,9 @@ dependencies = [ [[package]] name = "mozjpeg-sys" -version = "1.1.0" +version = "2.0.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "626df331e335cf8a26510918010954f4770f3b04714026c1904e42c4507f8a3e" +checksum = "808feab72499ffd6c267a6fd06bd07e37bef14650c328a5c64636fecfa113eff" dependencies = [ "cc", "dunce", @@ -402,14 +402,13 @@ dependencies = [ [[package]] name = "nix" -version = "0.26.2" +version = "0.27.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bfdda3d196821d6af13126e40375cdf7da646a96114af134d5f417a9a1dc8e1a" +checksum = "2eb04e9c688eff1c89d72b407f168cf79bb9e867a9d3323ed6c01519eb9cc053" dependencies = [ - "bitflags 1.3.2", + "bitflags 2.4.0", "cfg-if", "libc", - "static_assertions", ] [[package]] @@ -552,9 +551,9 @@ dependencies = [ [[package]] name = "rustix" -version = "0.38.9" +version = "0.38.13" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9bfe0f2582b4931a45d1fa608f8a8722e8b3c7ac54dd6d5f3b3212791fedef49" +checksum = "d7db8590df6dfcd144d22afd1b83b36c21a18d7cbc1dc4bb5295a8712e9eb662" dependencies = [ "bitflags 2.4.0", "errno", @@ -581,12 +580,6 @@ version = "0.3.7" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "d66dc143e6b11c1eddc06d5c423cfc97062865baf299914ab64caa38182078fe" -[[package]] -name = "static_assertions" -version = "1.1.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a2eb9349b6444b326872e140eb1cf5e7c522154d69e7a0ffb0fb81c06b37543f" - [[package]] name = "tap" version = "1.0.1" @@ -718,9 +711,9 @@ checksum = "ed94fce61571a4006852b7389a063ab983c02eb1bb37b47f8272ce92d06d9538" [[package]] name = "write_atomic" -version = "0.4.0" +version = "0.4.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e0ccffd0975630df843ef6124fdfb5032f86b6110d4913b7c85cab7d597dd49f" +checksum = "e1cc5bd3df909eefc4f13328da8ac3b9e6016e0899477c0354c6880c67362cfc" dependencies = [ "rustix", "tempfile", diff --git a/pkgs/applications/graphics/flaca/default.nix b/pkgs/applications/graphics/flaca/default.nix index 0fcb0f7d21d1..0c421618d094 100644 --- a/pkgs/applications/graphics/flaca/default.nix +++ b/pkgs/applications/graphics/flaca/default.nix @@ -2,13 +2,13 @@ rustPlatform.buildRustPackage rec { pname = "flaca"; - version = "2.2.2"; + version = "2.3.0"; src = fetchFromGitHub { owner = "Blobfolio"; repo = pname; rev = "v${version}"; - hash = "sha256-YLJ8jeJhpxmSfF0PObd7FSFdVbEVhHYIaUJusAIEIx4="; + hash = "sha256-gK9nKvhrqGQ3yDAfnqDF2K1g6JK3CYz0kSpTLqfGTzc="; }; # upstream does not provide a Cargo.lock diff --git a/pkgs/applications/misc/fluidd/default.nix b/pkgs/applications/misc/fluidd/default.nix index 5e1802d002bb..ff1630dc3504 100644 --- a/pkgs/applications/misc/fluidd/default.nix +++ b/pkgs/applications/misc/fluidd/default.nix @@ -2,12 +2,12 @@ stdenvNoCC.mkDerivation rec { pname = "fluidd"; - version = "1.25.2"; + version = "1.25.3"; src = fetchurl { name = "fluidd-v${version}.zip"; url = "https://github.com/cadriel/fluidd/releases/download/v${version}/fluidd.zip"; - sha256 = "sha256-WlUTRmQ1RWI2HQ5Kn85q+/fzVnTsda2aqgTWRlA+5JY="; + sha256 = "sha256-raslLhVbeUL6Zoz5cw+fKtqdUvAkd7frAncd+q1AVxs="; }; nativeBuildInputs = [ unzip ]; diff --git a/pkgs/applications/misc/hyprland-autoname-workspaces/default.nix b/pkgs/applications/misc/hyprland-autoname-workspaces/default.nix index 874bffbef3a7..abd18f8eac9e 100644 --- a/pkgs/applications/misc/hyprland-autoname-workspaces/default.nix +++ b/pkgs/applications/misc/hyprland-autoname-workspaces/default.nix @@ -5,16 +5,16 @@ rustPlatform.buildRustPackage rec { pname = "hyprland-autoname-workspaces"; - version = "1.1.7"; + version = "1.1.10"; src = fetchFromGitHub { owner = "hyprland-community"; repo = "hyprland-autoname-workspaces"; - rev = "v${version}"; - hash = "sha256-OtKPJZI0YKi98HUY4IDU8LRg6dTaD68OgVi9FzfjDbA="; + rev = version; + hash = "sha256-I0ELCexJxZgbTLzO4GtvOtaIghzVND8kgOFmlQ0oca8="; }; - cargoHash = "sha256-ueT85rKa2PGvp/R/ZXkDGUFIXyYNpDErg4W8WcXAPIw="; + cargoHash = "sha256-MmWYsYRxrcEtL+efK1yCzq5b+PsrsrG1flSXn2kGdYs="; meta = with lib; { description = "Automatically rename workspaces with icons of started applications"; diff --git a/pkgs/applications/networking/cluster/k8sgpt/default.nix b/pkgs/applications/networking/cluster/k8sgpt/default.nix index 81e2408528be..17811da54a9a 100644 --- a/pkgs/applications/networking/cluster/k8sgpt/default.nix +++ b/pkgs/applications/networking/cluster/k8sgpt/default.nix @@ -2,16 +2,16 @@ buildGoModule rec { pname = "k8sgpt"; - version = "0.3.14"; + version = "0.3.15"; src = fetchFromGitHub { owner = "k8sgpt-ai"; repo = "k8sgpt"; rev = "v${version}"; - hash = "sha256-n1bWAx3BQxgiuhDdTb2HU1DSEBQqOP/ek9bJBZlbWEM="; + hash = "sha256-mWdSyP1Gcs1FC0HUX2p84PK0n1Xnd2LrD48luN4+OVs="; }; - vendorHash = "sha256-FUgIziVI99kL3dLJLqVFPEmQqLKXxAMie2q46sp0PeU="; + vendorHash = "sha256-y+oF9sqYVEQSukLkfz0JXFpKtUKP/1DzHIivkL2wBwk="; CGO_ENABLED = 0; diff --git a/pkgs/applications/networking/instant-messengers/feishu/default.nix b/pkgs/applications/networking/instant-messengers/feishu/default.nix index 7255ff4d971e..602df7626f0e 100644 --- a/pkgs/applications/networking/instant-messengers/feishu/default.nix +++ b/pkgs/applications/networking/instant-messengers/feishu/default.nix @@ -63,13 +63,13 @@ }: stdenv.mkDerivation rec { - version = "6.1.11"; + version = "6.9.16"; pname = "feishu"; - packageHash = "e82bd3ef"; # A hash value used in the download url + packageHash = "fe01b99b"; # A hash value used in the download url src = fetchurl { url = "https://sf3-cn.feishucdn.com/obj/ee-appcenter/${packageHash}/Feishu-linux_x64-${version}.deb"; - hash = "sha256-IBNMNOcOYIdiTlr4+Ziju7Pbf9XJV0O+w2arHTa1zZ0="; + hash = "sha256-+koH6/K0J8KCVaNGIVvmLmPn/Ttyc9WcNAp0f7PLkqg="; }; nativeBuildInputs = [ diff --git a/pkgs/applications/networking/nextdns/default.nix b/pkgs/applications/networking/nextdns/default.nix index c17c65e14fe2..04d43a4c79b8 100644 --- a/pkgs/applications/networking/nextdns/default.nix +++ b/pkgs/applications/networking/nextdns/default.nix @@ -2,16 +2,16 @@ buildGoModule rec { pname = "nextdns"; - version = "1.39.4"; + version = "1.40.1"; src = fetchFromGitHub { owner = "nextdns"; repo = "nextdns"; rev = "v${version}"; - sha256 = "sha256-7inMloKU/AL4s/p171xCzs4p4+AcLsvsbVsELK9vhFc="; + sha256 = "sha256-VK6e8+r0A642zP0Pae8qbQCWT+CGpHY7B9ZGobXl92A="; }; - vendorHash = "sha256-pCta8FzGVpl9fvnnjQ7/e2x/HolXAuxnz0vwKejGk98="; + vendorHash = "sha256-CKKyLtqSzbmvpmDcoyGD79msAudlumqxcXaMTNbCbNI="; ldflags = [ "-s" "-w" "-X main.version=${version}" ]; diff --git a/pkgs/applications/networking/warp/default.nix b/pkgs/applications/networking/warp/default.nix index f30b10e99c7b..e8bf21b19ed0 100644 --- a/pkgs/applications/networking/warp/default.nix +++ b/pkgs/applications/networking/warp/default.nix @@ -15,6 +15,8 @@ , glib , gtk4 , libadwaita +, Security +, Foundation }: stdenv.mkDerivation rec { @@ -57,6 +59,9 @@ stdenv.mkDerivation rec { glib gtk4 libadwaita + ] ++ lib.optionals stdenv.isDarwin [ + Security + Foundation ]; meta = { @@ -64,6 +69,6 @@ stdenv.mkDerivation rec { homepage = "https://apps.gnome.org/app/app.drey.Warp"; license = lib.licenses.gpl3Only; maintainers = with lib.maintainers; [ dotlambda foo-dogsquared ]; - platforms = lib.platforms.linux; + platforms = lib.platforms.all; }; } diff --git a/pkgs/applications/video/freetube/default.nix b/pkgs/applications/video/freetube/default.nix index 82bcb8c85668..33034d9ef97a 100644 --- a/pkgs/applications/video/freetube/default.nix +++ b/pkgs/applications/video/freetube/default.nix @@ -46,6 +46,6 @@ stdenv.mkDerivation rec { homepage = "https://freetubeapp.io/"; license = licenses.agpl3Only; maintainers = with maintainers; [ ryneeverett alyaeanyx ]; - platforms = [ "x86_64-linux" ]; + inherit (electron_22.meta) platforms; }; } diff --git a/pkgs/applications/video/obs-studio/plugins/obs-pipewire-audio-capture.nix b/pkgs/applications/video/obs-studio/plugins/obs-pipewire-audio-capture.nix index 523683e0c175..8e227195484e 100644 --- a/pkgs/applications/video/obs-studio/plugins/obs-pipewire-audio-capture.nix +++ b/pkgs/applications/video/obs-studio/plugins/obs-pipewire-audio-capture.nix @@ -10,13 +10,13 @@ stdenv.mkDerivation rec { pname = "obs-pipewire-audio-capture"; - version = "1.1.0"; + version = "1.1.1"; src = fetchFromGitHub { owner = "dimtpap"; repo = pname; rev = version; - sha256 = "sha256-gcOH8gJuP03MxhJbgl941yTtm2XIHmqHWVwkRCVATkQ="; + sha256 = "sha256-D4ONz/4S5Kt23Tmfa6jvw0X7680R9YDqG8/N6HhIQLE="; }; nativeBuildInputs = [ cmake ninja pkg-config ]; diff --git a/pkgs/applications/virtualization/rvvm/default.nix b/pkgs/applications/virtualization/rvvm/default.nix index 1c5a20d8b852..b1b03d09680f 100644 --- a/pkgs/applications/virtualization/rvvm/default.nix +++ b/pkgs/applications/virtualization/rvvm/default.nix @@ -24,6 +24,6 @@ stdenv.mkDerivation rec { description = "The RISC-V Virtual Machine"; license = with licenses; [ gpl3 /* or */ mpl20 ]; platforms = platforms.linux ++ platforms.darwin; - maintainers = with maintainers; [ nebulka ]; + maintainers = with maintainers; [ ]; }; } diff --git a/pkgs/data/fonts/sarasa-gothic/default.nix b/pkgs/data/fonts/sarasa-gothic/default.nix index b963e7fc8ea7..8d56554939f6 100644 --- a/pkgs/data/fonts/sarasa-gothic/default.nix +++ b/pkgs/data/fonts/sarasa-gothic/default.nix @@ -2,13 +2,13 @@ stdenvNoCC.mkDerivation rec { pname = "sarasa-gothic"; - version = "0.41.9"; + version = "0.41.10"; src = fetchurl { # Use the 'ttc' files here for a smaller closure size. # (Using 'ttf' files gives a closure size about 15x larger, as of November 2021.) url = "https://github.com/be5invis/Sarasa-Gothic/releases/download/v${version}/sarasa-gothic-ttc-${version}.7z"; - hash = "sha256-bZM6RJHN1Zm7SMmEfQFWSqrpzab7AeJgBfZ8Q2uVSB4="; + hash = "sha256-RxXLjlWJEWaWph8jz1L1zZABYOm75MoxcI0cZJGBDvg="; }; sourceRoot = "."; diff --git a/pkgs/desktops/mate/mate-desktop/default.nix b/pkgs/desktops/mate/mate-desktop/default.nix index 5ac9942d49bb..d7c052ae3c24 100644 --- a/pkgs/desktops/mate/mate-desktop/default.nix +++ b/pkgs/desktops/mate/mate-desktop/default.nix @@ -13,11 +13,11 @@ stdenv.mkDerivation rec { pname = "mate-desktop"; - version = "1.26.1"; + version = "1.26.2"; src = fetchurl { url = "https://pub.mate-desktop.org/releases/${lib.versions.majorMinor version}/${pname}-${version}.tar.xz"; - sha256 = "EtFmiiesGr1gk1OB0/OYIbuAhGenuKz570WIXXyAohE="; + sha256 = "XtA/fFLXt+zknKHnNqp2au/rXGOeqz5oxwkMUw0CN2o="; }; nativeBuildInputs = [ diff --git a/pkgs/development/compilers/bfc/default.nix b/pkgs/development/compilers/bfc/default.nix index 2dbc5e97a557..f84026d443f2 100644 --- a/pkgs/development/compilers/bfc/default.nix +++ b/pkgs/development/compilers/bfc/default.nix @@ -10,16 +10,16 @@ rustPlatform.buildRustPackage rec { pname = "bfc"; - version = "1.11.0"; + version = "1.12.0"; src = fetchFromGitHub { owner = "Wilfred"; repo = "bfc"; rev = version; - hash = "sha256-uRQP3LS7cpG85BilkSaI+2WbEp/6zZcFrryMNO+n6EA="; + hash = "sha256-5pcvwCtXWEexvV3TS62dZ6Opg8ANP2L8B0Z8u/OQENU="; }; - cargoHash = "sha256-aQLUZzHBy5CBbp5SpsS5dFQYpD7Bc+4zTfLjA/nmMnE="; + cargoHash = "sha256-1w/jPBO1TZpa0ju+O/NxQ/oMyzIvYVoXpj+ZLcIpQoU="; buildInputs = [ libxml2 diff --git a/pkgs/development/libraries/fmt/default.nix b/pkgs/development/libraries/fmt/default.nix index 0796febe4ae1..e2677bdea25d 100644 --- a/pkgs/development/libraries/fmt/default.nix +++ b/pkgs/development/libraries/fmt/default.nix @@ -67,7 +67,7 @@ in }; fmt_10 = generic { - version = "10.1.0"; - sha256 = "sha256-t/Mcl3n2dj8UEnptQh4YgpvWrxSYN3iGPZ3LKwzlPAg="; + version = "10.1.1"; + sha256 = "sha256-H9+1lEaHM12nzXSmo9m8S6527t+97e6necayyjCPm1A="; }; } diff --git a/pkgs/development/libraries/openssl/default.nix b/pkgs/development/libraries/openssl/default.nix index 231875340567..2be34feeaa8f 100644 --- a/pkgs/development/libraries/openssl/default.nix +++ b/pkgs/development/libraries/openssl/default.nix @@ -221,6 +221,7 @@ let homepage = "https://www.openssl.org/"; description = "A cryptographic library that implements the SSL and TLS protocols"; license = licenses.openssl; + mainProgram = "openssl"; pkgConfigModules = [ "libcrypto" "libssl" diff --git a/pkgs/development/libraries/seasocks/default.nix b/pkgs/development/libraries/seasocks/default.nix index 12ec9aa0e894..96db323f90a7 100644 --- a/pkgs/development/libraries/seasocks/default.nix +++ b/pkgs/development/libraries/seasocks/default.nix @@ -2,13 +2,13 @@ stdenv.mkDerivation rec { pname = "seasocks"; - version = "1.4.5"; + version = "1.4.6"; src = fetchFromGitHub { owner = "mattgodbolt"; repo = pname; rev = "v${version}"; - sha256 = "sha256-b1KNHuS5ndkBWItKVTiJ//Y+uKi1PcUk9624IILOusQ="; + sha256 = "sha256-R1McxZm2qsUoggFGfL587g+8eQf7si56xVkR8B8nehQ="; }; postPatch = '' diff --git a/pkgs/development/libraries/sqlitecpp/default.nix b/pkgs/development/libraries/sqlitecpp/default.nix index 4212f29e924f..8c9e3cba5dfb 100644 --- a/pkgs/development/libraries/sqlitecpp/default.nix +++ b/pkgs/development/libraries/sqlitecpp/default.nix @@ -2,13 +2,13 @@ stdenv.mkDerivation rec { pname = "sqlitecpp"; - version = "3.3.0"; + version = "3.3.1"; src = fetchFromGitHub { owner = "SRombauts"; repo = pname; rev = version; - sha256 = "sha256-3Xo/FgifbrSn0AvinriJZerUM2kbcMaoyF5ST8+1Qqw="; + sha256 = "sha256-8l1JRaE7w9vJ4bCSLGAk9zwYHDFeKkBi9pE5fUJfLRc="; }; nativeBuildInputs = [ cmake ]; diff --git a/pkgs/development/libraries/yas/default.nix b/pkgs/development/libraries/yas/default.nix index 137693401eba..b06d995007fa 100644 --- a/pkgs/development/libraries/yas/default.nix +++ b/pkgs/development/libraries/yas/default.nix @@ -22,7 +22,7 @@ stdenvNoCC.mkDerivation rec { homepage = "https://github.com/niXman/yas"; description = "Yet Another Serialization"; license = licenses.boost; - maintainers = with maintainers; [ ee2500 ]; + maintainers = with maintainers; [ ]; platforms = platforms.all; }; } diff --git a/pkgs/development/node-packages/main-programs.nix b/pkgs/development/node-packages/main-programs.nix index 846cdd75beda..d42505bd24e3 100644 --- a/pkgs/development/node-packages/main-programs.nix +++ b/pkgs/development/node-packages/main-programs.nix @@ -26,6 +26,7 @@ "@webassemblyjs/wasm-text-gen-1.11.1" = "wasmgen"; "@webassemblyjs/wast-refmt-1.11.1" = "wast-refmt"; aws-cdk = "cdk"; + bash-language-server = "bash-language-server"; cdk8s-cli = "cdk8s"; cdktf-cli = "cdktf"; clipboard-cli = "clipboard"; diff --git a/pkgs/development/python-modules/adafruit-platformdetect/default.nix b/pkgs/development/python-modules/adafruit-platformdetect/default.nix index 0bb566508b34..d7f3d2c9e523 100644 --- a/pkgs/development/python-modules/adafruit-platformdetect/default.nix +++ b/pkgs/development/python-modules/adafruit-platformdetect/default.nix @@ -7,7 +7,7 @@ buildPythonPackage rec { pname = "adafruit-platformdetect"; - version = "3.51.0"; + version = "3.52.0"; format = "pyproject"; disabled = pythonOlder "3.7"; @@ -15,7 +15,7 @@ buildPythonPackage rec { src = fetchPypi { pname = "Adafruit-PlatformDetect"; inherit version; - hash = "sha256-/a0IKOFWnXC6BJItpJDqiA9aCB1PNhglNlB/4KvyQdg="; + hash = "sha256-RydAyIzWRVQ+/xCVPtZ4HQ7eCH8cxeHW1XjEupWlAqc="; }; SETUPTOOLS_SCM_PRETEND_VERSION = version; diff --git a/pkgs/development/python-modules/adlfs/default.nix b/pkgs/development/python-modules/adlfs/default.nix index b6a0d4c7956b..f3d19bd779ab 100644 --- a/pkgs/development/python-modules/adlfs/default.nix +++ b/pkgs/development/python-modules/adlfs/default.nix @@ -12,7 +12,7 @@ buildPythonPackage rec { pname = "adlfs"; - version = "2023.8.0"; + version = "2023.9.0"; format = "setuptools"; disabled = pythonOlder "3.7"; @@ -21,7 +21,7 @@ buildPythonPackage rec { owner = "fsspec"; repo = pname; rev = "refs/tags/${version}"; - hash = "sha256-ZPHB01CiBYiNoii73zVecq1l0WCqB2CzhhhaBeetb4g="; + hash = "sha256-gu0qGaOIi5U8CtuhTfbX+AjyYSS6psPrJCM1ZqVe8Ww="; }; propagatedBuildInputs = [ diff --git a/pkgs/development/python-modules/aliyun-python-sdk-iot/default.nix b/pkgs/development/python-modules/aliyun-python-sdk-iot/default.nix index 43f132b19020..9f4098d6fa5b 100644 --- a/pkgs/development/python-modules/aliyun-python-sdk-iot/default.nix +++ b/pkgs/development/python-modules/aliyun-python-sdk-iot/default.nix @@ -7,14 +7,14 @@ buildPythonPackage rec { pname = "aliyun-python-sdk-iot"; - version = "8.55.0"; + version = "8.56.0"; format = "setuptools"; disabled = pythonOlder "3.7"; src = fetchPypi { inherit pname version; - hash = "sha256-cLiOdXZpjZUVJ0O0rykM6GQH0pXaiMQp1zH6kuDLqOY="; + hash = "sha256-8d77P522c6gV8LhKErixzE2DvGmjr9bms+2eHYirgwg="; }; propagatedBuildInputs = [ diff --git a/pkgs/development/python-modules/aliyun-python-sdk-kms/default.nix b/pkgs/development/python-modules/aliyun-python-sdk-kms/default.nix index 36f5f197695b..55288c2b6d2a 100644 --- a/pkgs/development/python-modules/aliyun-python-sdk-kms/default.nix +++ b/pkgs/development/python-modules/aliyun-python-sdk-kms/default.nix @@ -7,14 +7,14 @@ buildPythonPackage rec { pname = "aliyun-python-sdk-kms"; - version = "2.16.1"; + version = "2.16.2"; format = "setuptools"; disabled = pythonOlder "3.7"; src = fetchPypi { inherit pname version; - hash = "sha256-o3JzdxVoIBS6zmi9QP6DMy9P2SUAmj6xENQbxm8nDno="; + hash = "sha256-+HI0qLZNRXyiM4+HZQ2xijzn99vJv+9x7+jyiUre09Y="; }; propagatedBuildInputs = [ diff --git a/pkgs/development/python-modules/aws-sam-translator/default.nix b/pkgs/development/python-modules/aws-sam-translator/default.nix index f5af4ac77973..7fe9fdac96eb 100644 --- a/pkgs/development/python-modules/aws-sam-translator/default.nix +++ b/pkgs/development/python-modules/aws-sam-translator/default.nix @@ -16,7 +16,7 @@ buildPythonPackage rec { pname = "aws-sam-translator"; - version = "1.73.0"; + version = "1.74.0"; format = "setuptools"; disabled = pythonOlder "3.7"; @@ -25,7 +25,7 @@ buildPythonPackage rec { owner = "aws"; repo = "serverless-application-model"; rev = "refs/tags/v${version}"; - hash = "sha256-rj+q/06gIvPYTJP/EH9ZrP0Sp4J3K1aCRyNkgpphWP4="; + hash = "sha256-uOfBR0bvLVyBcfSAkSqOx4KjmSYbfktpJlxKjipfj50="; }; postPatch = '' diff --git a/pkgs/development/python-modules/debugpy/default.nix b/pkgs/development/python-modules/debugpy/default.nix index 2a937c9f41a2..2cf365846246 100644 --- a/pkgs/development/python-modules/debugpy/default.nix +++ b/pkgs/development/python-modules/debugpy/default.nix @@ -20,18 +20,16 @@ buildPythonPackage rec { pname = "debugpy"; - version = "1.6.7.post1"; + version = "1.8.0"; format = "setuptools"; - # Currently doesn't support 3.11: - # https://github.com/microsoft/debugpy/issues/1107 - disabled = pythonOlder "3.7" || pythonAtLeast "3.11"; + disabled = pythonOlder "3.8" || pythonAtLeast "3.13"; src = fetchFromGitHub { owner = "microsoft"; repo = "debugpy"; rev = "refs/tags/v${version}"; - hash = "sha256-zsF6XUSAAKhwmUZkroRWvOBWXjTWzWuRYOhnYuN3KrY="; + hash = "sha256-FW1RDmj4sDBS0q08C82ErUd16ofxJxgVaxfykn/wVBA="; }; patches = [ @@ -50,13 +48,6 @@ buildPythonPackage rec { # To avoid this issue, debugpy should be installed using python.withPackages: # python.withPackages (ps: with ps; [ debugpy ]) ./fix-test-pythonpath.patch - - # Support disabling process timeouts when set to 0 - # See https://github.com/microsoft/debugpy/pull/1286 - (fetchpatch { - url = "https://github.com/microsoft/debugpy/commit/1569cc8319350afcc5ba8630660f599d514ac3bb.patch"; - hash = "sha256-v4GKLb2M20F1egAGtix9cTkSzBnvSgSSphSQST5p63w="; - }) ] ++ lib.optionals stdenv.isLinux [ # Hard code GDB path (used to attach to process) (substituteAll { @@ -121,6 +112,11 @@ buildPythonPackage rec { disabledTests = [ # https://github.com/microsoft/debugpy/issues/1241 "test_flask_breakpoint_multiproc" + + # DeprecationWarning: pkg_resources is deprecated as an API + # Supposedly fixed in https://github.com/microsoft/debugpy/pull/1374, + # but still fails for a nix build + "test_gevent" ]; pythonImportsCheck = [ diff --git a/pkgs/development/python-modules/elkm1-lib/default.nix b/pkgs/development/python-modules/elkm1-lib/default.nix index d7536d9a56e0..f64cbda4885b 100644 --- a/pkgs/development/python-modules/elkm1-lib/default.nix +++ b/pkgs/development/python-modules/elkm1-lib/default.nix @@ -12,7 +12,7 @@ buildPythonPackage rec { pname = "elkm1-lib"; - version = "2.2.5"; + version = "2.2.6"; format = "pyproject"; disabled = pythonOlder "3.9"; @@ -21,7 +21,7 @@ buildPythonPackage rec { owner = "gwww"; repo = "elkm1"; rev = "refs/tags/${version}"; - hash = "sha256-8Mzxaww6a+vi3i8H4W9jRgY+5mpTGaJbNBXPDPn8sl4="; + hash = "sha256-5Jmn/ywyg6fmp0ZxPf79ET+JWPF4VjDJMwj/qU6ckS0="; }; nativeBuildInputs = [ diff --git a/pkgs/development/python-modules/flask-migrate/default.nix b/pkgs/development/python-modules/flask-migrate/default.nix index d5bb05b58917..819c9d239231 100644 --- a/pkgs/development/python-modules/flask-migrate/default.nix +++ b/pkgs/development/python-modules/flask-migrate/default.nix @@ -12,16 +12,16 @@ buildPythonPackage rec { pname = "flask-migrate"; - version = "4.0.4"; + version = "4.0.5"; format = "pyproject"; - disabled = pythonOlder "3.7"; + disabled = pythonOlder "3.8"; src = fetchFromGitHub { owner = "miguelgrinberg"; repo = "Flask-Migrate"; rev = "v${version}"; - hash = "sha256-x52LGYvXuTUCP9dR3FP7a/xNRWyCAV1sReDAYJbYDvE="; + hash = "sha256-fdnoX7ypTpH2mQ+7Xuhzdh706Of7PIVhHQGVbe0jv1s="; }; nativeBuildInputs = [ diff --git a/pkgs/development/python-modules/intake/default.nix b/pkgs/development/python-modules/intake/default.nix index e194cfa06086..77301db1d5fd 100644 --- a/pkgs/development/python-modules/intake/default.nix +++ b/pkgs/development/python-modules/intake/default.nix @@ -35,7 +35,7 @@ buildPythonPackage rec { owner = pname; repo = pname; rev = "81b1567a2030adfb22b856b4f63cefe35de68983"; - hash = "sha256-S2PoUN0Bao5VULfHhgbXXowopPLm/njAHO3dIM8ILno="; + hash = "sha256-PygLrZz8ssHUrzGt2A7HxidvA2IVY94edVLjSp4jLI4="; }; propagatedBuildInputs = [ diff --git a/pkgs/development/python-modules/murmurhash/default.nix b/pkgs/development/python-modules/murmurhash/default.nix index 79e0f3755844..6845d8a5b6b0 100644 --- a/pkgs/development/python-modules/murmurhash/default.nix +++ b/pkgs/development/python-modules/murmurhash/default.nix @@ -7,14 +7,14 @@ buildPythonPackage rec { pname = "murmurhash"; - version = "1.0.9"; + version = "1.0.10"; format = "setuptools"; disabled = pythonOlder "3.6"; src = fetchPypi { inherit pname version; - hash = "sha256-/no4yw09h8FOyd3cSTL/4tvHfXVGmrgP1QFGibDge1g="; + hash = "sha256-UoKqsTF4BMbr1t1/afFbqQda7mccRKNL4r3g8bEe+Io="; }; postPatch = '' diff --git a/pkgs/development/python-modules/oss2/default.nix b/pkgs/development/python-modules/oss2/default.nix index 54427f03897c..52fc79baed4c 100644 --- a/pkgs/development/python-modules/oss2/default.nix +++ b/pkgs/development/python-modules/oss2/default.nix @@ -16,7 +16,7 @@ buildPythonPackage rec { pname = "oss2"; - version = "2.17.0"; + version = "2.18.1"; format = "setuptools"; disabled = pythonOlder "3.7"; @@ -25,7 +25,7 @@ buildPythonPackage rec { owner = "aliyun"; repo = "aliyun-oss-python-sdk"; rev = "refs/tags/${version}"; - hash = "sha256-EL6qbtVyOJ2RGw3sZiRJouqVNLBMUKGycAZl31M1+oQ="; + hash = "sha256-4P2o10FhnLwRkhRYS+LzY+ugWPQgz+Tddn9XYR17018="; }; nativeBuildInputs = [ @@ -58,7 +58,9 @@ buildPythonPackage rec { "tests/test_api_base.py" "tests/test_async_fetch_task.py" "tests/test_bucket_access_monitor.py" + "tests/test_bucket_callback_policy.py" "tests/test_bucket_cname.py" + "tests/test_bucket_describe_regions.py" "tests/test_bucket_inventory.py" "tests/test_bucket_meta_query.py" "tests/test_bucket_replication.py" @@ -75,6 +77,7 @@ buildPythonPackage rec { "tests/test_crypto_object.py" "tests/test_crypto.py" "tests/test_download.py" + "tests/test_exception_ec.py" "tests/test_headers.py" "tests/test_image.py" "tests/test_init.py" @@ -103,6 +106,8 @@ buildPythonPackage rec { disabledTests = [ "test_crypto_get_compact_deprecated_kms" + # RuntimeError + "test_crypto_put" ]; meta = with lib; { diff --git a/pkgs/development/python-modules/pmdarima/default.nix b/pkgs/development/python-modules/pmdarima/default.nix new file mode 100644 index 000000000000..17bde3ddf3c7 --- /dev/null +++ b/pkgs/development/python-modules/pmdarima/default.nix @@ -0,0 +1,64 @@ +{ lib +, buildPythonPackage +, fetchFromGitHub +, cython +, joblib +, numpy +, pandas +, scikit-learn +, scipy +, statsmodels +, urllib3 +, pythonOlder +, python +, pytestCheckHook +}: + +buildPythonPackage rec { + pname = "pmdarima"; + version = "2.0.3"; + format = "setuptools"; + + disable = pythonOlder "3.7"; + + src = fetchFromGitHub { + owner = "alkaline-ml"; + repo = "pmdarima"; + rev = "v${version}"; + hash = "sha256-uX4iZZ2deYqVWnqVZT6J0Djf2pXo7ug4MsOsPkKjvSU="; + }; + + nativeBuildInputs = [ cython ]; + + propagatedBuildInputs = [ + joblib + numpy + pandas + scikit-learn + scipy + statsmodels + urllib3 + ]; + + # Make sure we're running the tests for the actually installed + # package, so that cython's compiled files are available. + preCheck = '' + cd $out/lib/${python.libPrefix}/site-packages + ''; + + nativeCheckInputs = [ pytestCheckHook ]; + disabledTests= [ + # touches internet + "test_load_from_web" + ]; + + pythonImportsCheck = [ "pmdarima" ]; + + meta = with lib; { + description = "A statistical library designed to fill the void in Python's time series analysis capabilities, including the equivalent of R's auto.arima function"; + homepage = "https://github.com/alkaline-ml/pmdarima"; + changelog = "https://github.com/alkaline-ml/pmdarima/releases/tag/v${version}"; + license = licenses.mit; + maintainers = with maintainers; [ mbalatsko ]; + }; +} diff --git a/pkgs/development/python-modules/pyunifiprotect/default.nix b/pkgs/development/python-modules/pyunifiprotect/default.nix index 65dc66a3fc7a..00b0f3740c35 100644 --- a/pkgs/development/python-modules/pyunifiprotect/default.nix +++ b/pkgs/development/python-modules/pyunifiprotect/default.nix @@ -31,7 +31,7 @@ buildPythonPackage rec { pname = "pyunifiprotect"; - version = "4.20.0"; + version = "4.21.0"; format = "pyproject"; disabled = pythonOlder "3.9"; @@ -40,7 +40,7 @@ buildPythonPackage rec { owner = "briis"; repo = pname; rev = "refs/tags/v${version}"; - hash = "sha256-d4pMswABy/KFO2adwufSRRsj879O894nphh3MEjZOl0="; + hash = "sha256-BFcICpWq0aBjEww9EuO6UH8oGX8fufernFqh/gihIrM="; }; postPatch = '' diff --git a/pkgs/development/python-modules/smbprotocol/default.nix b/pkgs/development/python-modules/smbprotocol/default.nix index 9f199d612511..471f02e50bd8 100644 --- a/pkgs/development/python-modules/smbprotocol/default.nix +++ b/pkgs/development/python-modules/smbprotocol/default.nix @@ -11,16 +11,16 @@ buildPythonPackage rec { pname = "smbprotocol"; - version = "1.10.1"; + version = "1.11.0"; format = "setuptools"; disabled = pythonOlder "3.7"; src = fetchFromGitHub { owner = "jborean93"; - repo = pname; + repo = "smbprotocol"; rev = "refs/tags/v${version}"; - hash = "sha256-8T091yF/Hu60aaUr6IDZt2cLxz1sXUbMewSqW1Ch0Vo="; + hash = "sha256-MhkeizBorDAlTLrvbsuzvrwrbBZv/dYA7Khvg/FrKoI="; }; propagatedBuildInputs = [ diff --git a/pkgs/development/python-modules/torch/default.nix b/pkgs/development/python-modules/torch/default.nix index 0dcc2fdba2d9..1fa790686cac 100644 --- a/pkgs/development/python-modules/torch/default.nix +++ b/pkgs/development/python-modules/torch/default.nix @@ -1,4 +1,4 @@ -{ stdenv, lib, fetchFromGitHub, buildPythonPackage, python, +{ stdenv, lib, fetchFromGitHub, fetchpatch, buildPythonPackage, python, config, cudaSupport ? config.cudaSupport, cudaPackages, magma, useSystemNccl ? true, MPISupport ? false, mpi, @@ -52,17 +52,8 @@ let inherit (lib) lists strings trivial; - inherit (cudaPackages) cudatoolkit cudaFlags cudnn nccl; -in + inherit (cudaPackages) cudaFlags cudnn nccl; -assert cudaSupport -> stdenv.isLinux; -assert cudaSupport -> (cudaPackages.cudaMajorVersion == "11"); - -# confirm that cudatoolkits are sync'd across dependencies -assert !(MPISupport && cudaSupport) || mpi.cudatoolkit == cudatoolkit; -assert !cudaSupport || magma.cudaPackages.cudatoolkit == cudatoolkit; - -let setBool = v: if v then "1" else "0"; # https://github.com/pytorch/pytorch/blob/v2.0.1/torch/utils/cpp_extension.py#L1744 @@ -103,23 +94,6 @@ let throw "No GPU targets specified" ); - cudatoolkit_joined = symlinkJoin { - name = "${cudatoolkit.name}-unsplit"; - # nccl is here purely for semantic grouping it could be moved to nativeBuildInputs - paths = [ cudatoolkit.out cudatoolkit.lib nccl.dev nccl.out ]; - }; - - # Normally libcuda.so.1 is provided at runtime by nvidia-x11 via - # LD_LIBRARY_PATH=/run/opengl-driver/lib. We only use the stub - # libcuda.so from cudatoolkit for running tests, so that we don’t have - # to recompile pytorch on every update to nvidia-x11 or the kernel. - cudaStub = linkFarm "cuda-stub" [{ - name = "libcuda.so.1"; - path = "${cudatoolkit}/lib/stubs/libcuda.so"; - }]; - cudaStubEnv = lib.optionalString cudaSupport - "LD_LIBRARY_PATH=${cudaStub}\${LD_LIBRARY_PATH:+:}$LD_LIBRARY_PATH "; - rocmtoolkit_joined = symlinkJoin { name = "rocm-merged"; @@ -160,6 +134,12 @@ in buildPythonPackage rec { # base is 10.12. Until we upgrade, we can fall back on the older # pthread support. ./pthreadpool-disable-gcd.diff + ] ++ lib.optionals stdenv.isLinux [ + # Propagate CUPTI to Kineto by overriding the search path with environment variables. + (fetchpatch { + url = "https://github.com/pytorch/pytorch/pull/108847/commits/7ae4d7c0e2dec358b4fe81538efe9da5eb580ec9.patch"; + hash = "sha256-skFaDg98xcJqJfzxWk+qhUxPLHDStqvd0mec3PgksIg="; + }) ]; postPatch = lib.optionalString rocmSupport '' @@ -184,6 +164,13 @@ in buildPythonPackage rec { --replace "set(ROCM_PATH \$ENV{ROCM_PATH})" \ "set(ROCM_PATH \$ENV{ROCM_PATH})''\nset(ROCM_VERSION ${lib.concatStrings (lib.intersperse "0" (lib.splitString "." hip.version))})" '' + # Detection of NCCL version doesn't work particularly well when using the static binary. + + lib.optionalString cudaSupport '' + substituteInPlace cmake/Modules/FindNCCL.cmake \ + --replace \ + 'message(FATAL_ERROR "Found NCCL header version and library version' \ + 'message(WARNING "Found NCCL header version and library version' + '' # error: no member named 'aligned_alloc' in the global namespace; did you mean simply 'aligned_alloc' # This lib overrided aligned_alloc hence the error message. Tltr: his function is linkable but not in header. + lib.optionalString (stdenv.isDarwin && lib.versionOlder stdenv.targetPlatform.darwinSdkVersion "11.0") '' @@ -192,12 +179,16 @@ in buildPythonPackage rec { inline void *aligned_alloc(size_t align, size_t size)' ''; + # NOTE(@connorbaker): Though we do not disable Gloo or MPI when building with CUDA support, caution should be taken + # when using the different backends. Gloo's GPU support isn't great, and MPI and CUDA can't be used at the same time + # without extreme care to ensure they don't lock each other out of shared resources. + # For more, see https://github.com/open-mpi/ompi/issues/7733#issuecomment-629806195. preConfigure = lib.optionalString cudaSupport '' export TORCH_CUDA_ARCH_LIST="${gpuTargetString}" - export CC=${cudatoolkit.cc}/bin/gcc CXX=${cudatoolkit.cc}/bin/g++ - '' + lib.optionalString (cudaSupport && cudnn != null) '' export CUDNN_INCLUDE_DIR=${cudnn.dev}/include export CUDNN_LIB_DIR=${cudnn.lib}/lib + export CUPTI_INCLUDE_DIR=${cudaPackages.cuda_cupti.dev}/include + export CUPTI_LIBRARY_DIR=${cudaPackages.cuda_cupti.lib}/lib '' + lib.optionalString rocmSupport '' export ROCM_PATH=${rocmtoolkit_joined} export ROCM_SOURCE_DIR=${rocmtoolkit_joined} @@ -256,6 +247,7 @@ in buildPythonPackage rec { PYTORCH_BUILD_NUMBER = 0; USE_SYSTEM_NCCL = setBool useSystemNccl; # don't build pytorch's third_party NCCL + USE_STATIC_NCCL = setBool useSystemNccl; # Suppress a weird warning in mkl-dnn, part of ideep in pytorch # (upstream seems to have fixed this in the wrong place?) @@ -286,12 +278,43 @@ in buildPythonPackage rec { pybind11 pythonRelaxDepsHook removeReferencesTo - ] ++ lib.optionals cudaSupport [ cudatoolkit_joined ] - ++ lib.optionals rocmSupport [ rocmtoolkit_joined ]; + ] ++ lib.optionals cudaSupport (with cudaPackages; [ + autoAddOpenGLRunpathHook + cuda_nvcc + ]) + ++ lib.optionals rocmSupport [ rocmtoolkit_joined ]; buildInputs = [ blas blas.provider pybind11 ] ++ lib.optionals stdenv.isLinux [ linuxHeaders_5_19 ] # TMP: avoid "flexible array member" errors for now - ++ lib.optionals cudaSupport [ cudnn.dev cudnn.lib nccl ] + ++ lib.optionals cudaSupport (with cudaPackages; [ + cuda_cccl.dev # + cuda_cudart # cuda_runtime.h and libraries + cuda_cupti.dev # For kineto + cuda_cupti.lib # For kineto + cuda_nvcc.dev # crt/host_config.h; even though we include this in nativeBuildinputs, it's needed here too + cuda_nvml_dev.dev # + cuda_nvrtc.dev + cuda_nvrtc.lib + cuda_nvtx.dev + cuda_nvtx.lib # -llibNVToolsExt + cudnn.dev + cudnn.lib + libcublas.dev + libcublas.lib + libcufft.dev + libcufft.lib + libcurand.dev + libcurand.lib + libcusolver.dev + libcusolver.lib + libcusparse.dev + libcusparse.lib + nccl.dev # Provides nccl.h AND a static copy of NCCL! + ] ++ lists.optionals (strings.versionOlder cudaVersion "11.8") [ + cuda_nvprof.dev # + ] ++ lists.optionals (strings.versionAtLeast cudaVersion "11.8") [ + cuda_profiler_api.dev # + ]) ++ lib.optionals rocmSupport [ openmp ] ++ lib.optionals (cudaSupport || rocmSupport) [ magma ] ++ lib.optionals stdenv.isLinux [ numactl ] @@ -335,7 +358,6 @@ in buildPythonPackage rec { checkPhase = with lib.versions; with lib.strings; concatStringsSep " " [ "runHook preCheck" - cudaStubEnv "${python.interpreter} test/run_test.py" "--exclude" (concatStringsSep " " [ @@ -419,6 +441,17 @@ in buildPythonPackage rec { license = licenses.bsd3; maintainers = with maintainers; [ teh thoughtpolice tscholak ]; # tscholak esp. for darwin-related builds platforms = with platforms; linux ++ lib.optionals (!cudaSupport && !rocmSupport) darwin; - broken = rocmSupport && cudaSupport; # CUDA and ROCm are mutually exclusive + broken = builtins.any trivial.id [ + # CUDA and ROCm are mutually exclusive + (cudaSupport && rocmSupport) + # CUDA is only supported on Linux + (cudaSupport && !stdenv.isLinux) + # Only CUDA 11 is currently supported + (cudaSupport && (cudaPackages.cudaMajorVersion != "11")) + # MPI cudatoolkit does not match cudaPackages.cudatoolkit + (MPISupport && cudaSupport && (mpi.cudatoolkit != cudaPackages.cudatoolkit)) + # Magma cudaPackages does not match cudaPackages + (cudaSupport && (magma.cudaPackages != cudaPackages)) + ]; }; } diff --git a/pkgs/development/tools/analysis/checkov/default.nix b/pkgs/development/tools/analysis/checkov/default.nix index a345f7c89930..14ef623c3f19 100644 --- a/pkgs/development/tools/analysis/checkov/default.nix +++ b/pkgs/development/tools/analysis/checkov/default.nix @@ -22,14 +22,14 @@ with py.pkgs; buildPythonApplication rec { pname = "checkov"; - version = "2.4.39"; + version = "2.4.41"; format = "setuptools"; src = fetchFromGitHub { owner = "bridgecrewio"; repo = pname; rev = "refs/tags/${version}"; - hash = "sha256-QlHYeg9gOd+YiAZ+ei9/Pq+AjTgTakx0d/LjTlvsAIs="; + hash = "sha256-yL0xGNLIT2zrk6c8herlDJFkaoLvpVS77llL0z5fDVk="; }; patches = [ diff --git a/pkgs/development/tools/build-managers/buck2/default.nix b/pkgs/development/tools/build-managers/buck2/default.nix index 829cf2bb89b0..24a7db6b2247 100644 --- a/pkgs/development/tools/build-managers/buck2/default.nix +++ b/pkgs/development/tools/build-managers/buck2/default.nix @@ -38,7 +38,7 @@ let buildHashes = builtins.fromJSON (builtins.readFile ./hashes.json); # our version of buck2; this should be a git tag - version = "2023-09-01"; + version = "2023-09-15"; # the platform-specific, statically linked binary — which is also # zstd-compressed @@ -63,7 +63,7 @@ let # tooling prelude-src = let - prelude-hash = "3526cf5512668040e011d67e1e272da588264f3b"; + prelude-hash = "1cdbe261a4e669d9bb25bac5617b17919b2bb05c"; name = "buck2-prelude-${version}.tar.gz"; hash = buildHashes."_prelude"; url = "https://github.com/facebook/buck2-prelude/archive/${prelude-hash}.tar.gz"; diff --git a/pkgs/development/tools/build-managers/buck2/hashes.json b/pkgs/development/tools/build-managers/buck2/hashes.json index 16575e64ca2e..8fafcf99bc5c 100644 --- a/pkgs/development/tools/build-managers/buck2/hashes.json +++ b/pkgs/development/tools/build-managers/buck2/hashes.json @@ -1,7 +1,7 @@ { "_comment": "@generated by pkgs/development/tools/build-managers/buck2/update.sh" -, "_prelude": "sha256-0ib3TuGLNy23wRHySOySBIc5ZHtM/vfb6GWmrq63v2o=" -, "x86_64-linux": "sha256-Xykduicmmugp7iLyTm4r4JGp6k0IX2czTJq9Y1CkvRw=" -, "x86_64-darwin": "sha256-v9a0WAlSUEpXsZouILEI4Pk0x/4MaVDgKVUzu26CIC8=" -, "aarch64-linux": "sha256-3S2eih5sFUMFQD4QlBVONm7n3CFNkJHiK4xBjHjXvPs=" -, "aarch64-darwin": "sha256-xGNaZayKVa1PToPNUPROV/UYRdw51xai60emNEC1lZ4=" +, "_prelude": "sha256-M+QlMVemxkdajUEnsLzvkFyZ6rW59n2uFafftDze0tc=" +, "x86_64-linux": "sha256-cMHNeR6jdYiumJZgNQviCNtzv3DfvJISG6AbWdQYquo=" +, "x86_64-darwin": "sha256-03QD4rXmBgEY95b63Yzimhj7sRoeEomT3N5n0xYzweU=" +, "aarch64-linux": "sha256-nATdxVVNH7RVJ7ck3tDjcf4Ask0aZkH1sy/2eKtJpKM=" +, "aarch64-darwin": "sha256-+l0W5918KRYwBi/5pqSr10RaVH79QT5qx/cZRDaZ0EY=" } diff --git a/pkgs/development/tools/extism-cli/default.nix b/pkgs/development/tools/extism-cli/default.nix index dc96452a4175..a7999fcaeb49 100644 --- a/pkgs/development/tools/extism-cli/default.nix +++ b/pkgs/development/tools/extism-cli/default.nix @@ -31,7 +31,7 @@ stdenvNoCC.mkDerivation rec { description = "The extism CLI is used to manage Extism installations"; homepage = "https://github.com/extism/cli"; license = licenses.bsd3; - maintainers = with maintainers; [ borlaag ]; + maintainers = with maintainers; [ ]; platforms = platforms.all; }; } diff --git a/pkgs/development/tools/go-mockery/default.nix b/pkgs/development/tools/go-mockery/default.nix index e6baa82f1150..49425e5125e3 100644 --- a/pkgs/development/tools/go-mockery/default.nix +++ b/pkgs/development/tools/go-mockery/default.nix @@ -2,13 +2,13 @@ buildGoModule rec { pname = "go-mockery"; - version = "2.33.2"; + version = "2.33.3"; src = fetchFromGitHub { owner = "vektra"; repo = "mockery"; rev = "v${version}"; - sha256 = "sha256-VhzU/18xLmimhRyEqAEi0+B8uiXJFb+ri/0MuugogzI="; + sha256 = "sha256-ctq4DPlLsV9HCa2Vc+soQJu3DdrTyaHoSN9pZZtk+Mw="; }; preCheck = '' diff --git a/pkgs/development/tools/grpc-gateway/default.nix b/pkgs/development/tools/grpc-gateway/default.nix index 4930224fb830..08452c98c286 100644 --- a/pkgs/development/tools/grpc-gateway/default.nix +++ b/pkgs/development/tools/grpc-gateway/default.nix @@ -2,16 +2,16 @@ buildGoModule rec { pname = "grpc-gateway"; - version = "2.17.1"; + version = "2.18.0"; src = fetchFromGitHub { owner = "grpc-ecosystem"; repo = "grpc-gateway"; rev = "v${version}"; - sha256 = "sha256-zQAfy2dl0YtQGN9MARs9RhoqM/2GFn4iQb/X6vD8HHc="; + sha256 = "sha256-FVb3x/wZ0jLI17lXAT/lcUpJiq3ZcvWjFnORynOvfmY="; }; - vendorHash = "sha256-2VkUQ6NhoRJY3qRS41igZ7U/908uWgkHaQ9V2veo1j8="; + vendorHash = "sha256-SV2ZO8Y9yt6iyw9VvNY0xpqZIzLrTyHYYpIpzcEVsLY="; meta = with lib; { description = diff --git a/pkgs/development/tools/language-servers/dockerfile-language-server-nodejs/default.nix b/pkgs/development/tools/language-servers/dockerfile-language-server-nodejs/default.nix index 67d996319b18..f8f0043650f0 100644 --- a/pkgs/development/tools/language-servers/dockerfile-language-server-nodejs/default.nix +++ b/pkgs/development/tools/language-servers/dockerfile-language-server-nodejs/default.nix @@ -5,20 +5,20 @@ buildNpmPackage rec { pname = "dockerfile-language-server-nodejs"; - version = "0.10.2"; + version = "0.11.0"; src = fetchFromGitHub { owner = "rcjsuen"; repo = "dockerfile-language-server-nodejs"; rev = "v${version}"; - hash = "sha256-uwwwF1eMoSA2C5h56BBllTZW8zRHueNeVwhwtycrNfA="; + hash = "sha256-xhb540hXATfSo+O+BAYt4VWOa6QHLzKHoi0qKrdBVjw="; }; preBuild = '' npm run prepublishOnly ''; - npmDepsHash = "sha256-lI+tkUBR0rmWcU57jU0y7XaMK3JADNU7fcbCxMmz/7s="; + npmDepsHash = "sha256-+u4AM6wzVMhfQisw/kcwg4u0rzrbbQeIIk6qBXUM+5I="; meta = { changelog = "https://github.com/rcjsuen/dockerfile-language-server-nodejs/blob/${src.rev}/CHANGELOG.md"; diff --git a/pkgs/development/tools/language-servers/neocmakelsp/default.nix b/pkgs/development/tools/language-servers/neocmakelsp/default.nix index b8807f0a26f8..20714daaab6d 100644 --- a/pkgs/development/tools/language-servers/neocmakelsp/default.nix +++ b/pkgs/development/tools/language-servers/neocmakelsp/default.nix @@ -5,16 +5,16 @@ rustPlatform.buildRustPackage rec { pname = "neocmakelsp"; - version = "0.6.3"; + version = "0.6.5"; src = fetchFromGitHub { owner = "Decodetalkers"; repo = "neocmakelsp"; rev = "v${version}"; - hash = "sha256-8FQFg9EV50wGnhAoK6TNL2n7BSuvJnVw73LRNdmaegw="; + hash = "sha256-VXxxtIJwtRfgQFteifR5zFn6DCSNgJxDYNdt0jM2kG4="; }; - cargoHash = "sha256-HWu+SYwjnZCv9K9Uru3YlZukpjK9+en2HBMTbRz5oW4="; + cargoHash = "sha256-FJd0mWpimI/OgG65+OquyAUO2a47gUfE4R5XhhYNJhs="; meta = with lib; { description = "A cmake lsp based on tower-lsp and treesitter"; diff --git a/pkgs/development/tools/reindeer/default.nix b/pkgs/development/tools/reindeer/default.nix index 5d352ccca0b0..5f024ef75408 100644 --- a/pkgs/development/tools/reindeer/default.nix +++ b/pkgs/development/tools/reindeer/default.nix @@ -11,16 +11,16 @@ rustPlatform.buildRustPackage rec { pname = "reindeer"; - version = "unstable-2023-08-14"; + version = "unstable-2023-09-16"; src = fetchFromGitHub { owner = "facebookincubator"; repo = pname; - rev = "7ab6fc86006c3a9c7d46775d23474f86b1d29881"; - sha256 = "sha256-wn5MwBDOKnHIOVYZK68GOjvX7dkFaWJuLJOxgUR6bok="; + rev = "3e72020a556320180053d16425d19ffe089916a3"; + sha256 = "sha256-M3yFIcB4Zdjl+xgp40hNj5cWQhxrv8mfMC2dggNxeqY="; }; - cargoSha256 = "sha256-MVQVYiJ6512wahVG8ONtZB+jgXXEGGFnE89VHGa/77U="; + cargoSha256 = "sha256-608rF338ukoti8Xa+7p84dyG0XNXJFJkuZqNAqqGJj4="; nativeBuildInputs = [ pkg-config ]; buildInputs = diff --git a/pkgs/development/tools/sem/default.nix b/pkgs/development/tools/sem/default.nix index b9e9040bc471..144521a70f21 100644 --- a/pkgs/development/tools/sem/default.nix +++ b/pkgs/development/tools/sem/default.nix @@ -2,13 +2,13 @@ buildGoModule rec { pname = "sem"; - version = "0.28.2"; + version = "0.28.3"; src = fetchFromGitHub { owner = "semaphoreci"; repo = "cli"; rev = "v${version}"; - sha256 = "sha256-L+OdUqhNbCI1UsFvihiKQnmPIzS0mxAKLPVv4u2VP6Y="; + sha256 = "sha256-g/OMkR3G3g6lp1lQn9L8QxOuUoQDsvxLBC7TYZ1Onsg="; }; vendorHash = "sha256-GAYCdq4eHTyxQ5JaNYLd3mQ2LvgLHdmYdz4RN+Hpe70="; diff --git a/pkgs/games/empty-epsilon/0001-bundle-system-glm-in-seriousproton.patch b/pkgs/games/empty-epsilon/0001-bundle-system-glm-in-seriousproton.patch deleted file mode 100644 index a896f8c5867e..000000000000 --- a/pkgs/games/empty-epsilon/0001-bundle-system-glm-in-seriousproton.patch +++ /dev/null @@ -1,34 +0,0 @@ -From 9718cdb4bdaf7203d07789b2dc5eec4060538889 Mon Sep 17 00:00:00 2001 -From: Maximilian Bosch -Date: Fri, 9 Jul 2021 11:37:22 +0200 -Subject: [PATCH] bundle system-glm in seriousproton - ---- - CMakeLists.txt | 5 ++++- - 1 file changed, 4 insertions(+), 1 deletion(-) - -diff --git a/CMakeLists.txt b/CMakeLists.txt -index cbd68ca..730df82 100644 ---- a/CMakeLists.txt -+++ b/CMakeLists.txt -@@ -81,6 +81,9 @@ if(NOT ${SFML_FOUND}) - ) - endif() - -+ -+find_package(glm) -+ - add_subdirectory(src/Box2D) - add_subdirectory(src/lua) - add_subdirectory(src/GL) -@@ -205,7 +208,7 @@ target_compile_options(seriousproton_deps - - target_link_libraries(seriousproton_deps - INTERFACE -- box2d lua glew ${SFML_LIBRARIES} -+ box2d lua glew ${SFML_LIBRARIES} glm::glm - "$<$:wsock32>" - # LTO flag must be on the linker's list as well. - "$<$,$,$>>:-flto>" --- -2.31.1 diff --git a/pkgs/games/empty-epsilon/default.nix b/pkgs/games/empty-epsilon/default.nix index bee806fcdd5b..ba41431eb5ca 100644 --- a/pkgs/games/empty-epsilon/default.nix +++ b/pkgs/games/empty-epsilon/default.nix @@ -1,45 +1,40 @@ -{ lib, stdenv, fetchFromGitHub, cmake, sfml, libX11, glew, python3, fetchpatch, applyPatches, glm}: +{ lib, stdenv, fetchFromGitHub, cmake, sfml, libX11, glew, python3, fetchpatch, applyPatches, glm, meshoptimizer, SDL2, ninja}: let - major = "2021"; + major = "2023"; minor = "06"; - patch.seriousproton = "23"; - patch.emptyepsilon = "23"; + patch.seriousproton = "17"; + patch.emptyepsilon = "17"; version.seriousproton = "${major}.${minor}.${patch.seriousproton}"; version.emptyepsilon = "${major}.${minor}.${patch.emptyepsilon}"; + version.basis-universal = "v1_15_update2"; + + basis-universal = fetchFromGitHub { + owner = "BinomialLLC"; + repo = "basis_universal"; + rev = version.basis-universal; + sha256 = "sha256-2snzq/SnhWHIgSbUUgh24B6tka7EfkGO+nwKEObRkU4="; + }; serious-proton = stdenv.mkDerivation { pname = "serious-proton"; version = version.seriousproton; - src = applyPatches { - src = fetchFromGitHub { - owner = "daid"; - repo = "SeriousProton"; - rev = "EE-${version.seriousproton}"; - sha256 = "sha256-02cHHWKoe99257qLgxtMjeXnhi0UYajh4v87B57felM="; - }; - - patches = [ - # Various CMake fixes for `json11`. Can be removed on the next release. - (fetchpatch { - url = "https://github.com/daid/SeriousProton/commit/adbba45fd9ae5e020e43e5d7f9326f1355391209.patch"; - sha256 = "sha256-gMTpIGPGCREmZ/ZxvEc7RVsVUxWXbu2BPUCE3A62sCI="; - }) - - # Simplified variant of - # * https://github.com/daid/SeriousProton/commit/0d1ac45b738195db5e2785531db713328f547e60 - # * https://github.com/daid/SeriousProton/commit/32509f2db91a58b9528aeb1bb505e9426b52b825 - # - # To fix configure errors when building EmptyEpsilon, can be removed on the next release. - ./0001-bundle-system-glm-in-seriousproton.patch - ]; + src = fetchFromGitHub { + owner = "daid"; + repo = "SeriousProton"; + rev = "EE-${version.seriousproton}"; + sha256 = "sha256-5ifYb5dX8ihQmJB1RHyzMsZJeXZ+m27JmA+W+XA/XwI="; }; nativeBuildInputs = [ cmake ]; - buildInputs = [ sfml libX11 glm ]; + buildInputs = [ sfml libX11 glm SDL2 ]; + + cmakeFlags = [ + "-DFETCHCONTENT_SOURCE_DIR_BASIS=${basis-universal}" + ]; meta = with lib; { description = "C++ game engine coded on top of SFML used for EmptyEpsilon"; @@ -61,23 +56,11 @@ stdenv.mkDerivation { owner = "daid"; repo = "EmptyEpsilon"; rev = "EE-${version.emptyepsilon}"; - sha256 = "sha256-dc/Ic1/DULTQO6y9xSop2HxFvUh4kN57oSF/HBmbmF4="; + sha256 = "sha256-zuXbCBlv6URndbB0aA+3bli0cSeUBf3LT/7/jcPITnc="; }; - patches = [ - # Various CMake fixes that can be removed when upgrading to the next release. - (fetchpatch { - url = "https://github.com/daid/EmptyEpsilon/commit/ee0cd42bfe5fd20b8339e8e02eb7f69766168d57.patch"; - sha256 = "sha256-8dXtl/izfzqbwHtjuugjH34vYP+d4AobqZhxL2GXTzw="; - }) - (fetchpatch { - url = "https://github.com/daid/EmptyEpsilon/commit/69d93e6acdae3259755924f9d35e7e5ae949d377.patch"; - sha256 = "sha256-30AGo4mi73GrW9GNS3vF3mTOS7J5/41LvjOzNjeFhOg="; - }) - ]; - nativeBuildInputs = [ cmake ]; - buildInputs = [ serious-proton sfml glew libX11 python3 glm ]; + buildInputs = [ serious-proton sfml glew libX11 python3 glm SDL2 ninja ]; cmakeFlags = [ "-DSERIOUS_PROTON_DIR=${serious-proton.src}" @@ -85,6 +68,11 @@ stdenv.mkDerivation { "-DCPACK_PACKAGE_VERSION_MAJOR=${major}" "-DCPACK_PACKAGE_VERSION_MINOR=${minor}" "-DCPACK_PACKAGE_VERSION_PATCH=${patch.emptyepsilon}" + "-DFETCHCONTENT_SOURCE_DIR_BASIS=${basis-universal}" + "-DFETCHCONTENT_SOURCE_DIR_MESHOPTIMIZER=${meshoptimizer.src}" + "-DCMAKE_AR=${stdenv.cc.cc}/bin/gcc-ar" + "-DCMAKE_RANLIB=${stdenv.cc.cc}/bin/gcc-ranlib" + "-G Ninja" ]; meta = with lib; { diff --git a/pkgs/os-specific/darwin/utm/default.nix b/pkgs/os-specific/darwin/utm/default.nix index 2a9879085b0c..d3aea9209727 100644 --- a/pkgs/os-specific/darwin/utm/default.nix +++ b/pkgs/os-specific/darwin/utm/default.nix @@ -7,11 +7,11 @@ stdenvNoCC.mkDerivation rec { pname = "utm"; - version = "4.2.5"; + version = "4.3.5"; src = fetchurl { url = "https://github.com/utmapp/UTM/releases/download/v${version}/UTM.dmg"; - hash = "sha256-T3TA+CwddNtUL80xASRCSczGA2LLTwPEA2+jnc9m6jY="; + hash = "sha256-aDIjf4TqhSIgYaJulI5FgXxlNiZ1qcNY+Typ7+S5Hc8="; }; nativeBuildInputs = [ undmg makeWrapper ]; @@ -62,6 +62,6 @@ stdenvNoCC.mkDerivation rec { license = licenses.asl20; platforms = platforms.darwin; # 11.3 is the minimum supported version as of UTM 4. sourceProvenance = with sourceTypes; [ binaryNativeCode ]; - maintainers = with maintainers; [ rrbutani ]; + maintainers = with maintainers; [ rrbutani wegank ]; }; } diff --git a/pkgs/os-specific/linux/nvidia-x11/default.nix b/pkgs/os-specific/linux/nvidia-x11/default.nix index 24e0ed5adbb1..ff37b362a819 100644 --- a/pkgs/os-specific/linux/nvidia-x11/default.nix +++ b/pkgs/os-specific/linux/nvidia-x11/default.nix @@ -106,6 +106,11 @@ rec { url = "https://gist.github.com/joanbm/dfe8dc59af1c83e2530a1376b77be8ba/raw/37ff2b5ccf99f295ff958c9a44ca4ed4f42503b4/nvidia-470xx-fix-linux-6.5.patch"; hash = "sha256-s5r7nwuMva0BLy2qJBVKqNtnUN9am5+PptnVwNdzdbk="; }) + # source: https://gist.github.com/joanbm/2ec3c512a1ac21f5f5c6b3c1a4dbef35 + (fetchpatch { + url = "https://gist.github.com/joanbm/2ec3c512a1ac21f5f5c6b3c1a4dbef35/raw/615feaefed2de3a28bd12fe9783894b84a7c86e4/nvidia-470xx-fix-linux-6.6.patch"; + hash = "sha256-pOYlL5wYfeJsq9EX8zhn/CkNm4ZocNSns5N5pAuIuow="; + }) ]; }; @@ -125,8 +130,8 @@ rec { aurPatches = fetchFromGitHub { owner = "archlinux-jerry"; repo = "nvidia-340xx"; - rev = "f472f9297fe2ae285b954cd3f88abd8e2e255e4f"; - hash = "sha256-tMA69Wlhi14DMS3O3nfwMX3EiT8pKa6McLxFpAayoEI="; + rev = "fa434fb5da47e9423db2b19577817eb8c65d2f4e"; + hash = "sha256-KeMTYHGuZSAPGnYaERZSMu/4lWyB25ZCIv4nJhXxABY="; }; patchset = [ "0001-kernel-5.7.patch" @@ -142,6 +147,7 @@ rec { "0011-kernel-6.0.patch" "0012-kernel-6.2.patch" "0013-kernel-6.3.patch" + "0014-kernel-6.5.patch" ]; in generic { version = "340.108"; @@ -151,7 +157,7 @@ rec { persistencedSha256 = "1ax4xn3nmxg1y6immq933cqzw6cj04x93saiasdc0kjlv0pvvnkn"; useGLVND = false; - broken = kernel.kernelAtLeast "6.4"; + broken = kernel.kernelAtLeast "6.6"; patches = map (patch: "${aurPatches}/${patch}") patchset; }; } diff --git a/pkgs/servers/http/pomerium/default.nix b/pkgs/servers/http/pomerium/default.nix index d1632c97d027..29167c79f847 100644 --- a/pkgs/servers/http/pomerium/default.nix +++ b/pkgs/servers/http/pomerium/default.nix @@ -14,15 +14,15 @@ let in buildGoModule rec { pname = "pomerium"; - version = "0.22.2"; + version = "0.23.0"; src = fetchFromGitHub { owner = "pomerium"; repo = "pomerium"; rev = "v${version}"; - sha256 = "sha256-EcAzj2VLbBPu5afKZcf2fGBbw2kTOYGgSemD70msrqw="; + hash = "sha256-3q/dizGTuwg0GsyBklx9jPIfarDhAxIzXz7x8zFK0Ic="; }; - vendorHash = "sha256-xe8as7OY1+tTSqgpwk2Q1jcBnn89latJpMyx4KG7zg8="; + vendorHash = "sha256-fJg1fcnLQII5sybuamZBE5CHSOEg+zlee4Pvzt8yyA0="; ui = mkYarnPackage { inherit version; diff --git a/pkgs/servers/http/pomerium/package.json b/pkgs/servers/http/pomerium/package.json index 37227248672c..c19dd62fc5ff 100644 --- a/pkgs/servers/http/pomerium/package.json +++ b/pkgs/servers/http/pomerium/package.json @@ -24,16 +24,16 @@ "dependencies": { "@babel/core": "^7.0.0", "@emotion/react": "^11.7.1", - "@emotion/styled": "^11.6.0", + "@emotion/styled": "^11.11.0", "@fontsource/dm-mono": "^4.5.2", - "@fontsource/dm-sans": "^4.5.1", + "@fontsource/dm-sans": "^5.0.3", "@mui/icons-material": "^5.3.1", "@mui/material": "^5.4.0", "luxon": "^2.5.2", - "markdown-to-jsx": "^7.1.7", + "markdown-to-jsx": "^7.2.1", "react": "^17.0.2", "react-dom": "^17.0.2", - "react-feather": "^2.0.9" + "react-feather": "^2.0.10" }, "devDependencies": { "@trivago/prettier-plugin-sort-imports": "2.0.4", @@ -42,14 +42,14 @@ "@types/react": "^17.0.34", "@types/react-dom": "^17.0.11", "@typescript-eslint/eslint-plugin": "^5.10.2", - "@typescript-eslint/parser": "^5.10.2", + "@typescript-eslint/parser": "^5.59.11", "esbuild": "^0.13.12", "eslint": "7.32.0", "eslint-config-prettier": "^8.3.0", "eslint-plugin-react": "^7.28.0", "prettier": "^2.4.1", "ts-node": "^10.4.0", - "typescript": "^4.4.4" + "typescript": "^5.1.3" }, "prettier": { "importOrder": [ diff --git a/pkgs/servers/http/pomerium/yarn-hash b/pkgs/servers/http/pomerium/yarn-hash index fec5f1f3c7e8..77b9664cec92 100644 --- a/pkgs/servers/http/pomerium/yarn-hash +++ b/pkgs/servers/http/pomerium/yarn-hash @@ -1 +1 @@ -085nghha82q30b3vgzs76xsa85kbxqk7mjrknxxc5z7awrjhdmkb +0l9byvq09wjz66020nnzanfg2fhhg7bsvpi9rmip0zymgc1dc2z8 diff --git a/pkgs/servers/matrix-synapse/default.nix b/pkgs/servers/matrix-synapse/default.nix index 478be3129e4d..60da7eafa379 100644 --- a/pkgs/servers/matrix-synapse/default.nix +++ b/pkgs/servers/matrix-synapse/default.nix @@ -157,7 +157,7 @@ python3.pkgs.buildPythonApplication rec { ''; passthru = { - tests = { inherit (nixosTests) matrix-synapse; }; + tests = { inherit (nixosTests) matrix-synapse matrix-synapse-workers; }; inherit plugins tools; python = python3; }; diff --git a/pkgs/servers/soft-serve/default.nix b/pkgs/servers/soft-serve/default.nix index 6801c680b6ec..a3f35d32885a 100644 --- a/pkgs/servers/soft-serve/default.nix +++ b/pkgs/servers/soft-serve/default.nix @@ -2,16 +2,16 @@ buildGoModule rec { pname = "soft-serve"; - version = "0.6.0"; + version = "0.6.1"; src = fetchFromGitHub { owner = "charmbracelet"; repo = "soft-serve"; rev = "v${version}"; - hash = "sha256-LrqkLZ7ouMUrE3vHYC0ZwmblaYL6b5fY2RYEYOOxNYQ="; + hash = "sha256-Xst/eNam3HuHixEmPUl2J7B7cLYaeGVaUnzXIVugBbw="; }; - vendorHash = "sha256-RQQvR4d5dtzboPYJwdeUqfGwSun04gs7hm1YYAt8OPo="; + vendorHash = "sha256-tzJu2DmbvPU1tPIWP88q66PBtC1XEduQac8cIxwb/sM="; doCheck = false; diff --git a/pkgs/tools/admin/granted/default.nix b/pkgs/tools/admin/granted/default.nix index 7cb1dc0cb1e2..eec754dc32a5 100644 --- a/pkgs/tools/admin/granted/default.nix +++ b/pkgs/tools/admin/granted/default.nix @@ -12,16 +12,16 @@ buildGoModule rec { pname = "granted"; - version = "0.14.4"; + version = "0.16.0"; src = fetchFromGitHub { owner = "common-fate"; repo = pname; rev = "v${version}"; - sha256 = "sha256-haeFDAm44b4JgNbl983MjG3HQMvqrkiGSboCcf3uYmI="; + sha256 = "sha256-s9HnZ+yZ/dPIn8d2510k+lpsq5KHvtNsULTxtWVlGAk="; }; - vendorHash = "sha256-B+d15b8ei1wn3F8L1Hgce2wRPoisoFwG6YgrbPikeOo="; + vendorHash = "sha256-8wPQjxmY3EW0Y8BfNjZW1NNz4L9Rwzsvap0BF+7AtDc="; nativeBuildInputs = [ makeWrapper ]; diff --git a/pkgs/tools/misc/betterdiscordctl/default.nix b/pkgs/tools/misc/betterdiscordctl/default.nix index 6a20ebc10c5c..c2c935c0d981 100644 --- a/pkgs/tools/misc/betterdiscordctl/default.nix +++ b/pkgs/tools/misc/betterdiscordctl/default.nix @@ -36,6 +36,7 @@ stdenvNoCC.mkDerivation rec { homepage = "https://github.com/bb010g/betterdiscordctl"; description = "A utility for managing BetterDiscord on Linux"; license = licenses.mit; + mainProgram = "betterdiscordctl"; maintainers = with maintainers; [ ivar bb010g ]; platforms = platforms.linux; }; diff --git a/pkgs/tools/misc/cpulimit/default.nix b/pkgs/tools/misc/cpulimit/default.nix index a0ee76ec46fa..75c3ba733b14 100644 --- a/pkgs/tools/misc/cpulimit/default.nix +++ b/pkgs/tools/misc/cpulimit/default.nix @@ -24,6 +24,7 @@ stdenv.mkDerivation rec { description = "CPU usage limiter"; platforms = platforms.unix; license = licenses.gpl2; + mainProgram = "cpulimit"; maintainers = [ maintainers.jsoo1 ]; }; } diff --git a/pkgs/tools/networking/ddns-go/default.nix b/pkgs/tools/networking/ddns-go/default.nix index 6a711adcd5d6..236808b0272c 100644 --- a/pkgs/tools/networking/ddns-go/default.nix +++ b/pkgs/tools/networking/ddns-go/default.nix @@ -5,13 +5,13 @@ buildGoModule rec { pname = "ddns-go"; - version = "5.6.1"; + version = "5.6.2"; src = fetchFromGitHub { owner = "jeessy2"; repo = pname; rev = "v${version}"; - hash = "sha256-uVYTAJhTQDNknBZmE8uaX4h5lU7cb/cyzIoTV2iHGJ8="; + hash = "sha256-5q2QAKi+pw70g2UjavGMECDUOtltwfbQ/EccEg5FVzA="; }; vendorHash = "sha256-azsXfWa4w3wZaiy9AKy7UPOybikubcJvLsXthYedmbY="; diff --git a/pkgs/tools/virtualization/uefi-run/default.nix b/pkgs/tools/virtualization/uefi-run/default.nix index aacb6f7d583b..9486995538ce 100644 --- a/pkgs/tools/virtualization/uefi-run/default.nix +++ b/pkgs/tools/virtualization/uefi-run/default.nix @@ -20,6 +20,6 @@ rustPlatform.buildRustPackage rec { description = "Directly run UEFI applications in qemu"; homepage = "https://github.com/Richard-W/uefi-run"; license = licenses.mit; - maintainers = [ maintainers.maddiethecafebabe ]; + maintainers = with maintainers; [ ]; }; } diff --git a/pkgs/tools/wayland/kanshi/default.nix b/pkgs/tools/wayland/kanshi/default.nix index f92e70a9d888..c0884acfeadb 100644 --- a/pkgs/tools/wayland/kanshi/default.nix +++ b/pkgs/tools/wayland/kanshi/default.nix @@ -40,6 +40,7 @@ stdenv.mkDerivation rec { wlr-output-management protocol. ''; license = licenses.mit; + mainProgram = "kanshi"; maintainers = with maintainers; [ balsoft danielbarter ]; platforms = platforms.linux; }; diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index fad6e8591974..9b0ed4bae8bf 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -36607,7 +36607,9 @@ with pkgs; waon = callPackage ../applications/audio/waon { }; - warp = callPackage ../applications/networking/warp { }; + warp = callPackage ../applications/networking/warp { + inherit (darwin.apple_sdk.frameworks) Security Foundation; + }; warpd = callPackage ../applications/misc/warpd { }; diff --git a/pkgs/top-level/python-packages.nix b/pkgs/top-level/python-packages.nix index 3f187bb87986..9bf338fb5f9c 100644 --- a/pkgs/top-level/python-packages.nix +++ b/pkgs/top-level/python-packages.nix @@ -8500,6 +8500,8 @@ self: super: with self; { pmw = callPackage ../development/python-modules/pmw { }; + pmdarima = callPackage ../development/python-modules/pmdarima { }; + pmdsky-debug-py = callPackage ../development/python-modules/pmdsky-debug-py { }; pnglatex = callPackage ../development/python-modules/pnglatex { };