Browse Source

Merge master into staging-next

nimPackages
Frederik Rietdijk 2 years ago
parent
commit
98640fd482
100 changed files with 1462 additions and 1302 deletions
  1. 1
    1
      lib/options.nix
  2. 25
    0
      maintainers/maintainer-list.nix
  3. 21
    0
      nixos/doc/manual/release-notes/rl-1909.xml
  4. 1
    0
      nixos/modules/config/update-users-groups.pl
  5. 4
    2
      nixos/modules/misc/ids.nix
  6. 2
    1
      nixos/modules/module-list.nix
  7. 2
    2
      nixos/modules/rename.nix
  8. 0
    1
      nixos/modules/services/databases/memcached.nix
  9. 0
    252
      nixos/modules/services/mail/rmilter.nix
  10. 4
    1
      nixos/modules/services/misc/zoneminder.nix
  11. 10
    4
      nixos/modules/services/networking/dnschain.nix
  12. 1
    1
      nixos/modules/services/networking/jormungandr.nix
  13. 64
    19
      nixos/modules/services/networking/pdns-recursor.nix
  14. 1
    0
      nixos/modules/services/networking/unifi.nix
  15. 27
    9
      nixos/modules/services/torrent/transmission.nix
  16. 1
    1
      nixos/modules/services/web-apps/matomo.nix
  17. 300
    0
      nixos/modules/services/web-apps/moodle.nix
  18. 77
    0
      nixos/modules/services/web-servers/darkhttpd.nix
  19. 188
    121
      nixos/modules/services/x11/desktop-managers/gnome3.nix
  20. 3
    3
      nixos/modules/system/boot/systemd.nix
  21. 1
    0
      nixos/tests/all-tests.nix
  22. 28
    0
      nixos/tests/jormungandr.nix
  23. 22
    0
      nixos/tests/moodle.nix
  24. 7
    0
      nixos/tests/systemd.nix
  25. 3
    3
      pkgs/applications/altcoins/bitcoin-classic.nix
  26. 16
    0
      pkgs/applications/altcoins/jormungandr/default.nix
  27. 3
    3
      pkgs/applications/audio/vcv-rack/default.nix
  28. 7
    16
      pkgs/applications/editors/emacs-modes/melpa-packages.nix
  29. 2
    2
      pkgs/applications/editors/nano/default.nix
  30. 2
    2
      pkgs/applications/editors/tiled/default.nix
  31. 3
    3
      pkgs/applications/misc/hugo/default.nix
  32. 2
    6
      pkgs/applications/misc/megasync/default.nix
  33. 2
    1
      pkgs/applications/misc/orca/default.nix
  34. 24
    0
      pkgs/applications/misc/rsclock/default.nix
  35. 4
    4
      pkgs/applications/misc/yate/default.nix
  36. 4
    4
      pkgs/applications/networking/browsers/chromium/plugins.nix
  37. 2
    2
      pkgs/applications/networking/browsers/vivaldi/default.nix
  38. 3
    3
      pkgs/applications/networking/cluster/tilt/default.nix
  39. 1
    128
      pkgs/applications/networking/instant-messengers/riot/riot-desktop-yarndeps.nix
  40. 8
    12
      pkgs/applications/networking/instant-messengers/riot/riot-desktop.nix
  41. 17
    0
      pkgs/applications/networking/instant-messengers/riot/update-riot-desktop.sh
  42. 0
    320
      pkgs/applications/networking/instant-messengers/riot/yarn2nix.nix
  43. 2
    2
      pkgs/applications/networking/instant-messengers/slack/default.nix
  44. 2
    2
      pkgs/applications/networking/mumble/overlay.nix
  45. 17
    23
      pkgs/applications/networking/p2p/gnunet/default.nix
  46. 56
    0
      pkgs/applications/networking/p2p/stig/default.nix
  47. 2
    2
      pkgs/applications/networking/sniffers/wireshark/default.nix
  48. 6
    6
      pkgs/applications/networking/ssb/patchwork/default.nix
  49. 74
    0
      pkgs/applications/radio/sdrangel/default.nix
  50. 5
    6
      pkgs/applications/science/logic/stp/default.nix
  51. 3
    6
      pkgs/applications/science/logic/vampire/default.nix
  52. 2
    2
      pkgs/applications/version-management/blackbox/default.nix
  53. 7
    8
      pkgs/applications/version-management/git-and-tools/qgit/default.nix
  54. 47
    16
      pkgs/applications/video/kodi/default.nix
  55. 5
    0
      pkgs/applications/virtualization/singularity/default.nix
  56. 2
    6
      pkgs/applications/window-managers/sway/default.nix
  57. 4
    6
      pkgs/data/themes/obsidian2/default.nix
  58. 7
    2
      pkgs/desktops/gnome-3/core/gnome-color-manager/default.nix
  59. 73
    17
      pkgs/desktops/gnome-3/core/vino/default.nix
  60. 5
    30
      pkgs/desktops/gnome-3/default.nix
  61. 3
    3
      pkgs/desktops/lxqt/compton-conf/default.nix
  62. 3
    3
      pkgs/desktops/lxqt/libfm-qt/default.nix
  63. 3
    10
      pkgs/desktops/lxqt/liblxqt/default.nix
  64. 3
    3
      pkgs/desktops/lxqt/libqtxdg/default.nix
  65. 3
    3
      pkgs/desktops/lxqt/libsysstat/default.nix
  66. 3
    3
      pkgs/desktops/lxqt/lximage-qt/default.nix
  67. 3
    8
      pkgs/desktops/lxqt/lxqt-about/default.nix
  68. 3
    8
      pkgs/desktops/lxqt/lxqt-admin/default.nix
  69. 3
    3
      pkgs/desktops/lxqt/lxqt-archiver/default.nix
  70. 7
    0
      pkgs/desktops/lxqt/lxqt-build-tools/LXQtConfigVars.cmake
  71. 12
    5
      pkgs/desktops/lxqt/lxqt-build-tools/default.nix
  72. 15
    0
      pkgs/desktops/lxqt/lxqt-build-tools/setup-hook.sh
  73. 3
    20
      pkgs/desktops/lxqt/lxqt-config/default.nix
  74. 3
    13
      pkgs/desktops/lxqt/lxqt-globalkeys/default.nix
  75. 3
    13
      pkgs/desktops/lxqt/lxqt-notificationd/default.nix
  76. 3
    8
      pkgs/desktops/lxqt/lxqt-openssh-askpass/default.nix
  77. 3
    17
      pkgs/desktops/lxqt/lxqt-panel/default.nix
  78. 3
    11
      pkgs/desktops/lxqt/lxqt-policykit/default.nix
  79. 3
    13
      pkgs/desktops/lxqt/lxqt-powermanagement/default.nix
  80. 3
    3
      pkgs/desktops/lxqt/lxqt-qtplugin/default.nix
  81. 3
    11
      pkgs/desktops/lxqt/lxqt-runner/default.nix
  82. 3
    15
      pkgs/desktops/lxqt/lxqt-session/default.nix
  83. 3
    8
      pkgs/desktops/lxqt/lxqt-sudo/default.nix
  84. 3
    10
      pkgs/desktops/lxqt/lxqt-themes/default.nix
  85. 3
    3
      pkgs/desktops/lxqt/obconf-qt/default.nix
  86. 3
    3
      pkgs/desktops/lxqt/pavucontrol-qt/default.nix
  87. 3
    10
      pkgs/desktops/lxqt/pcmanfm-qt/default.nix
  88. 3
    3
      pkgs/desktops/lxqt/qlipper/default.nix
  89. 3
    3
      pkgs/desktops/lxqt/qps/default.nix
  90. 3
    3
      pkgs/desktops/lxqt/qterminal/default.nix
  91. 4
    4
      pkgs/desktops/lxqt/qtermwidget/default.nix
  92. 3
    3
      pkgs/desktops/lxqt/screengrab/default.nix
  93. 8
    1
      pkgs/development/compilers/crystal/default.nix
  94. 52
    14
      pkgs/development/compilers/fsharp41/default.nix
  95. 21
    0
      pkgs/development/compilers/fsharp41/fsharp-IsPathRooted-type-inference.patch
  96. 22
    0
      pkgs/development/compilers/fsharp41/fsharp-path-overloads.patch
  97. 13
    0
      pkgs/development/compilers/fsharp41/fsharp-string-switchName.patch
  98. 3
    3
      pkgs/development/compilers/ghc/8.8.1.nix
  99. 9
    0
      pkgs/development/compilers/mono/6.nix
  100. 0
    0
      pkgs/development/compilers/mono/generic.nix

+ 1
- 1
lib/options.nix View File

@@ -36,7 +36,7 @@ rec {
36 36
     example ? null,
37 37
     # String describing the option.
38 38
     description ? null,
39
-    # Related packages used in the manual (see `genRelatedPackages` in ../nixos/doc/manual/default.nix).
39
+    # Related packages used in the manual (see `genRelatedPackages` in ../nixos/lib/make-options-doc/default.nix).
40 40
     relatedPackages ? null,
41 41
     # Option type, providing type-checking and value merging.
42 42
     type ? null,

+ 25
- 0
maintainers/maintainer-list.nix View File

@@ -1724,6 +1724,16 @@
1724 1724
       fingerprint = "389A 78CB CD88 5E0C 4701  DEB9 FD42 C7D0 D414 94C8";
1725 1725
     }];
1726 1726
   };
1727
+  dump_stack = {
1728
+    email = "root@dumpstack.io";
1729
+    github = "jollheef";
1730
+    githubId = 1749762;
1731
+    name = "Mikhail Klementev";
1732
+    keys = [{
1733
+      longkeyid = "rsa4096/0x1525585D1B43C62A";
1734
+      fingerprint = "5DD7 C6F6 0630 F08E DAE7  4711 1525 585D 1B43 C62A";
1735
+    }];
1736
+  };
1727 1737
   dxf = {
1728 1738
     email = "dingxiangfei2009@gmail.com";
1729 1739
     github = "dingxiangfei2009";
@@ -2853,6 +2863,15 @@
2853 2863
     githubId = 1383440;
2854 2864
     name = "Jason Gilliland";
2855 2865
   };
2866
+  jdanek = {
2867
+    email = "jdanek@redhat.com";
2868
+    github = "jdanekrh";
2869
+    keys = [{
2870
+      longkeyid = "ed25519/0x69275CADF15D872E";
2871
+      fingerprint = "D4A6 F051 AD58 2E7C BCED  5439 6927 5CAD F15D 872E";
2872
+    }];
2873
+    name = "Jiri Daněk";
2874
+  };
2856 2875
   jdehaas = {
2857 2876
     email = "qqlq@nullptr.club";
2858 2877
     github = "jeroendehaas";
@@ -6549,6 +6568,12 @@
6549 6568
     githubId = 1525767;
6550 6569
     name = "Vaibhav Sagar";
6551 6570
   };
6571
+  valebes = {  
6572
+    email = "valebes@gmail.com";
6573
+    github = "valebes";
6574
+    githubid = 10956211;
6575
+    name = "Valerio Besozzi";
6576
+  };
6552 6577
   valeriangalliat = {
6553 6578
     email = "val@codejam.info";
6554 6579
     github = "valeriangalliat";

+ 21
- 0
nixos/doc/manual/release-notes/rl-1909.xml View File

@@ -284,6 +284,13 @@
284 284
        Squid 3 has been removed and the <option>squid</option> derivation now refers to Squid 4.
285 285
      </para>
286 286
    </listitem>
287
+   <listitem>
288
+     <para>
289
+       The <option>services.pdns-recursor.extraConfig</option> option has been replaced by
290
+       <option>services.pdns-recursor.settings</option>. The new option allows setting extra
291
+       configuration while being better type-checked and mergeable.
292
+     </para>
293
+   </listitem>
287 294
   </itemizedlist>
288 295
  </section>
289 296
 
@@ -506,6 +513,20 @@
506 513
     been removed.
507 514
    </para>
508 515
   </listitem>
516
+  <listitem>
517
+   <para>
518
+    The <literal>rmilter</literal> package was removed with associated module and options due deprecation by upstream developer.
519
+    Use <literal>rspamd</literal> in proxy mode instead.
520
+   </para>
521
+  </listitem>
522
+  <listitem>
523
+   <para>
524
+     systemd cgroup accounting via the
525
+     <link linkend="opt-systemd.enableCgroupAccounting">systemd.enableCgroupAccounting</link>
526
+     option is now enabled by default. It now also enables the more recent Block IO and IP accounting
527
+     features.
528
+   </para>
529
+  </listitem>
509 530
   </itemizedlist>
510 531
  </section>
511 532
 </section>

+ 1
- 0
nixos/modules/config/update-users-groups.pl View File

@@ -267,6 +267,7 @@ foreach my $line (-f "/etc/shadow" ? read_file("/etc/shadow") : ()) {
267 267
     next if !defined $u;
268 268
     $hashedPassword = "!" if !$spec->{mutableUsers};
269 269
     $hashedPassword = $u->{hashedPassword} if defined $u->{hashedPassword} && !$spec->{mutableUsers}; # FIXME
270
+    chomp $hashedPassword;
270 271
     push @shadowNew, join(":", $name, $hashedPassword, @rest) . "\n";
271 272
     $shadowSeen{$name} = 1;
272 273
 }

+ 4
- 2
nixos/modules/misc/ids.nix View File

@@ -251,7 +251,7 @@
251 251
       gale = 223;
252 252
       matrix-synapse = 224;
253 253
       rspamd = 225;
254
-      rmilter = 226;
254
+      # rmilter = 226; # unused, removed 2019-08-22
255 255
       cfdyndns = 227;
256 256
       gammu-smsd = 228;
257 257
       pdnsd = 229;
@@ -340,6 +340,7 @@
340 340
       cockroachdb = 313;
341 341
       zoneminder = 314;
342 342
       paperless = 315;
343
+      mailman = 316;
343 344
 
344 345
       # When adding a uid, make sure it doesn't match an existing gid. And don't use uids above 399!
345 346
 
@@ -559,7 +560,7 @@
559 560
       gale = 223;
560 561
       matrix-synapse = 224;
561 562
       rspamd = 225;
562
-      rmilter = 226;
563
+      # rmilter = 226; # unused, removed 2019-08-22
563 564
       cfdyndns = 227;
564 565
       pdnsd = 229;
565 566
       octoprint = 230;
@@ -640,6 +641,7 @@
640 641
       cockroachdb = 313;
641 642
       zoneminder = 314;
642 643
       paperless = 315;
644
+      mailman = 316;
643 645
 
644 646
       # When adding a gid, make sure it doesn't match an existing
645 647
       # uid. Users and groups with the same name should have equal

+ 2
- 1
nixos/modules/module-list.nix View File

@@ -387,7 +387,6 @@
387 387
   ./services/mail/spamassassin.nix
388 388
   ./services/mail/rspamd.nix
389 389
   ./services/mail/rss2email.nix
390
-  ./services/mail/rmilter.nix
391 390
   ./services/mail/roundcube.nix
392 391
   ./services/mail/nullmailer.nix
393 392
   ./services/misc/airsonic.nix
@@ -790,6 +789,7 @@
790 789
   ./services/web-apps/mattermost.nix
791 790
   ./services/web-apps/mediawiki.nix
792 791
   ./services/web-apps/miniflux.nix
792
+  ./services/web-apps/moodle.nix
793 793
   ./services/web-apps/nextcloud.nix
794 794
   ./services/web-apps/nexus.nix
795 795
   ./services/web-apps/pgpkeyserver-lite.nix
@@ -803,6 +803,7 @@
803 803
   ./services/web-apps/zabbix.nix
804 804
   ./services/web-servers/apache-httpd/default.nix
805 805
   ./services/web-servers/caddy.nix
806
+  ./services/web-servers/darkhttpd.nix
806 807
   ./services/web-servers/fcgiwrap.nix
807 808
   ./services/web-servers/hitch/default.nix
808 809
   ./services/web-servers/hydron.nix

+ 2
- 2
nixos/modules/rename.nix View File

@@ -72,8 +72,8 @@ with lib;
72 72
     # PAM
73 73
     (mkRenamedOptionModule [ "security" "pam" "enableU2F" ] [ "security" "pam" "u2f" "enable" ])
74 74
 
75
-    (mkRemovedOptionModule [ "services" "rmilter" "bindInetSockets" ] "Use services.rmilter.bindSocket.* instead")
76
-    (mkRemovedOptionModule [ "services" "rmilter" "bindUnixSockets" ] "Use services.rmilter.bindSocket.* instead")
75
+    # rmilter/rspamd
76
+    (mkRemovedOptionModule [ "services" "rmilter" ] "Use services.rspamd.* instead to set up milter service")
77 77
 
78 78
     # Xsession script
79 79
     (mkRenamedOptionModule [ "services" "xserver" "displayManager" "job" "logsXsession" ] [ "services" "xserver" "displayManager" "job" "logToFile" ])

+ 0
- 1
nixos/modules/services/databases/memcached.nix View File

@@ -103,7 +103,6 @@ in
103 103
         LockPersonality = true;
104 104
         RestrictRealtime = true;
105 105
         PrivateMounts = true;
106
-        PrivateUsers = true;
107 106
         MemoryDenyWriteExecute = true;
108 107
       };
109 108
     };

+ 0
- 252
nixos/modules/services/mail/rmilter.nix View File

@@ -1,252 +0,0 @@
1
-{ config, lib, pkgs, ... }:
2
-
3
-with lib;
4
-
5
-let
6
-
7
-  rspamdCfg = config.services.rspamd;
8
-  postfixCfg = config.services.postfix;
9
-  cfg = config.services.rmilter;
10
-
11
-  inetSocket = addr: port: "inet:${addr}:${toString port}";
12
-  unixSocket = sock: "unix:${sock}";
13
-
14
-  systemdSocket = if cfg.bindSocket.type == "unix" then cfg.bindSocket.path
15
-    else "${cfg.bindSocket.address}:${toString cfg.bindSocket.port}";
16
-  rmilterSocket = if cfg.bindSocket.type == "unix" then unixSocket cfg.bindSocket.path
17
-    else inetSocket cfg.bindSocket.address cfg.bindSocket.port;
18
-
19
-  rmilterConf = ''
20
-    pidfile = /run/rmilter/rmilter.pid;
21
-    bind_socket = ${if cfg.socketActivation then "fd:3" else rmilterSocket};
22
-    tempdir = /tmp;
23
-  '' + (with cfg.rspamd; if enable then ''
24
-    spamd {
25
-      servers = ${concatStringsSep ", " servers};
26
-      connect_timeout = 1s;
27
-      results_timeout = 20s;
28
-      error_time = 10;
29
-      dead_time = 300;
30
-      maxerrors = 10;
31
-      reject_message = "${rejectMessage}";
32
-      ${optionalString (length whitelist != 0)  "whitelist = ${concatStringsSep ", " whitelist};"}
33
-
34
-      # rspamd_metric - metric for using with rspamd
35
-      # Default: "default"
36
-      rspamd_metric = "default";
37
-      ${extraConfig}
38
-    };
39
-  '' else "") + cfg.extraConfig;
40
-
41
-  rmilterConfigFile = pkgs.writeText "rmilter.conf" rmilterConf;
42
-
43
-in
44
-
45
-{
46
-
47
-  ###### interface
48
-
49
-  options = {
50
-
51
-    services.rmilter = {
52
-
53
-      enable = mkOption {
54
-        type = types.bool;
55
-        default = false;
56
-        description = "Whether to run the rmilter daemon.";
57
-      };
58
-
59
-      debug = mkOption {
60
-        type = types.bool;
61
-        default = false;
62
-        description = "Whether to run the rmilter daemon in debug mode.";
63
-      };
64
-
65
-      user = mkOption {
66
-        type = types.string;
67
-        default = "rmilter";
68
-        description = ''
69
-          User to use when no root privileges are required.
70
-        '';
71
-       };
72
-
73
-      group = mkOption {
74
-        type = types.string;
75
-        default = "rmilter";
76
-        description = ''
77
-          Group to use when no root privileges are required.
78
-        '';
79
-       };
80
-
81
-      bindSocket.type = mkOption {
82
-        type = types.enum [ "unix" "inet" ];
83
-        default = "unix";
84
-        description = ''
85
-          What kind of socket rmilter should listen on. Either "unix"
86
-          for an Unix domain socket or "inet" for a TCP socket.
87
-        '';
88
-      };
89
-
90
-      bindSocket.path = mkOption {
91
-       type = types.str;
92
-       default = "/run/rmilter.sock";
93
-       description = ''
94
-          Path to Unix domain socket to listen on.
95
-        '';
96
-      };
97
-
98
-      bindSocket.address = mkOption {
99
-        type = types.str;
100
-        default = "[::1]";
101
-        example = "0.0.0.0";
102
-        description = ''
103
-          Inet address to listen on.
104
-        '';
105
-      };
106
-
107
-      bindSocket.port = mkOption {
108
-        type = types.int;
109
-        default = 11990;
110
-        description = ''
111
-          Inet port to listen on.
112
-        '';
113
-      };
114
-
115
-      socketActivation = mkOption {
116
-        type = types.bool;
117
-        default = true;
118
-        description = ''
119
-          Enable systemd socket activation for rmilter.
120
-
121
-          Disabling socket activation is not recommended when a Unix
122
-          domain socket is used and could lead to incorrect
123
-          permissions.
124
-        '';
125
-      };
126
-
127
-      rspamd = {
128
-        enable = mkOption {
129
-          type = types.bool;
130
-          default = rspamdCfg.enable;
131
-          description = "Whether to use rspamd to filter mails";
132
-        };
133
-
134
-        servers = mkOption {
135
-          type = types.listOf types.str;
136
-          default = ["r:/run/rspamd/rspamd.sock"];
137
-          description = ''
138
-            Spamd socket definitions.
139
-            Is server name is prefixed with r: it is rspamd server.
140
-          '';
141
-        };
142
-
143
-        whitelist = mkOption {
144
-          type = types.listOf types.str;
145
-          default = [ ];
146
-          description = "list of ips or nets that should be not checked with spamd";
147
-        };
148
-
149
-        rejectMessage = mkOption {
150
-          type = types.str;
151
-          default = "Spam message rejected; If this is not spam contact abuse";
152
-          description = "reject message for spam";
153
-        };
154
-
155
-        extraConfig = mkOption {
156
-          type = types.lines;
157
-          default = "";
158
-          description = "Custom snippet to append to end of `spamd' section";
159
-        };
160
-      };
161
-
162
-      extraConfig = mkOption {
163
-        type = types.lines;
164
-        default = "";
165
-        description = "Custom snippet to append to rmilter config";
166
-      };
167
-
168
-      postfix = {
169
-        enable = mkOption {
170
-          type = types.bool;
171
-          default = false;
172
-          description = "Add rmilter to postfix main.conf";
173
-        };
174
-
175
-        configFragment = mkOption {
176
-          type = types.str;
177
-          description = "Addon to postfix configuration";
178
-          default = ''
179
-            smtpd_milters = ${rmilterSocket}
180
-            milter_protocol = 6
181
-            milter_mail_macros = i {mail_addr} {client_addr} {client_name} {auth_authen}
182
-          '';
183
-        };
184
-      };
185
-
186
-    };
187
-
188
-  };
189
-
190
-
191
-  ###### implementation
192
-
193
-  config = mkMerge [
194
-
195
-    (mkIf cfg.enable {
196
-      warnings = [
197
-        ''`config.services.rmilter' is deprecated, `rmilter' deprecated and unsupported by upstream, and will be removed from next releases. Use built-in rspamd milter instead.''
198
-      ];
199
-
200
-      users.users = singleton {
201
-        name = cfg.user;
202
-        description = "rmilter daemon";
203
-        uid = config.ids.uids.rmilter;
204
-        group = cfg.group;
205
-      };
206
-
207
-      users.groups = singleton {
208
-        name = cfg.group;
209
-        gid = config.ids.gids.rmilter;
210
-      };
211
-
212
-      systemd.services.rmilter = {
213
-        description = "Rmilter Service";
214
-
215
-        wantedBy = [ "multi-user.target" ];
216
-        after = [ "network.target" ];
217
-
218
-        serviceConfig = {
219
-          ExecStart = "${pkgs.rmilter}/bin/rmilter ${optionalString cfg.debug "-d"} -n -c ${rmilterConfigFile}";
220
-          ExecReload = "${pkgs.coreutils}/bin/kill -USR1 $MAINPID";
221
-          User = cfg.user;
222
-          Group = cfg.group;
223
-          PermissionsStartOnly = true;
224
-          Restart = "always";
225
-          RuntimeDirectory = "rmilter";
226
-          RuntimeDirectoryMode = "0750";
227
-        };
228
-
229
-      };
230
-
231
-      systemd.sockets.rmilter = mkIf cfg.socketActivation {
232
-        description = "Rmilter service socket";
233
-        wantedBy = [ "sockets.target" ];
234
-        socketConfig = {
235
-          ListenStream = systemdSocket;
236
-          SocketUser = cfg.user;
237
-          SocketGroup = cfg.group;
238
-          SocketMode = "0660";
239
-        };
240
-      };
241
-    })
242
-
243
-    (mkIf (cfg.enable && cfg.rspamd.enable && rspamdCfg.enable) {
244
-      users.users.${cfg.user}.extraGroups = [ rspamdCfg.group ];
245
-    })
246
-
247
-    (mkIf (cfg.enable && cfg.postfix.enable) {
248
-      services.postfix.extraConfig = cfg.postfix.configFragment;
249
-      users.users.${postfixCfg.user}.extraGroups = [ cfg.group ];
250
-    })
251
-  ];
252
-}

+ 4
- 1
nixos/modules/services/misc/zoneminder.nix View File

@@ -200,7 +200,10 @@ in {
200 200
       "zoneminder/80-nixos.conf".source    = configFile;
201 201
     };
202 202
 
203
-    networking.firewall.allowedTCPPorts = lib.mkIf cfg.openFirewall [ cfg.port ];
203
+    networking.firewall.allowedTCPPorts = lib.mkIf cfg.openFirewall [
204
+      cfg.port
205
+      6802 # zmtrigger
206
+    ];
204 207
 
205 208
     services = {
206 209
       fcgiwrap = lib.mkIf useNginx {

+ 10
- 4
nixos/modules/services/networking/dnschain.nix View File

@@ -136,10 +136,16 @@ in
136 136
         "/.dns/127.0.0.1#${toString cfg.dns.port}"
137 137
       ];
138 138
 
139
-    services.pdns-recursor.forwardZones = mkIf cfgs.pdns-recursor.resolveDNSChainQueries
140
-      { bit = "127.0.0.1:${toString cfg.dns.port}";
141
-        dns = "127.0.0.1:${toString cfg.dns.port}";
142
-      };
139
+    services.pdns-recursor = mkIf cfgs.pdns-recursor.resolveDNSChainQueries {
140
+      forwardZones =
141
+        { bit = "127.0.0.1:${toString cfg.dns.port}";
142
+          dns = "127.0.0.1:${toString cfg.dns.port}";
143
+        };
144
+      luaConfig =''
145
+        addNTA("bit", "namecoin doesn't support DNSSEC")
146
+        addNTA("dns", "namecoin doesn't support DNSSEC")
147
+      '';
148
+    };
143 149
 
144 150
     users.users = singleton {
145 151
       name = username;

+ 1
- 1
nixos/modules/services/networking/jormungandr.nix View File

@@ -13,7 +13,7 @@ let
13 13
   configSettings = {
14 14
     storage = dataDir;
15 15
     p2p = {
16
-      public_address = "/ip4/127.0.0.1/tcp/8606";
16
+      public_address = "/ip4/127.0.0.1/tcp/8299";
17 17
       messages = "high";
18 18
       blocks = "high";
19 19
     };

+ 64
- 19
nixos/modules/services/networking/pdns-recursor.nix View File

@@ -6,25 +6,27 @@ let
6 6
   dataDir  = "/var/lib/pdns-recursor";
7 7
   username = "pdns-recursor";
8 8
 
9
-  cfg   = config.services.pdns-recursor;
10
-  zones = mapAttrsToList (zone: uri: "${zone}.=${uri}") cfg.forwardZones;
9
+  cfg = config.services.pdns-recursor;
11 10
 
12
-  configFile = pkgs.writeText "recursor.conf" ''
13
-    local-address=${cfg.dns.address}
14
-    local-port=${toString cfg.dns.port}
15
-    allow-from=${concatStringsSep "," cfg.dns.allowFrom}
11
+  oneOrMore  = type: with types; either type (listOf type);
12
+  valueType  = with types; oneOf [ int str bool path ];
13
+  configType = with types; attrsOf (nullOr (oneOrMore valueType));
16 14
 
17
-    webserver-address=${cfg.api.address}
18
-    webserver-port=${toString cfg.api.port}
19
-    webserver-allow-from=${concatStringsSep "," cfg.api.allowFrom}
15
+  toBool    = val: if val then "yes" else "no";
16
+  serialize = val: with types;
17
+         if str.check       val then val
18
+    else if int.check       val then toString val
19
+    else if path.check      val then toString val
20
+    else if bool.check      val then toBool val
21
+    else if builtins.isList val then (concatMapStringsSep "," serialize val)
22
+    else "";
20 23
 
21
-    forward-zones=${concatStringsSep "," zones}
22
-    export-etc-hosts=${if cfg.exportHosts then "yes" else "no"}
23
-    dnssec=${cfg.dnssecValidation}
24
-    serve-rfc1918=${if cfg.serveRFC1918 then "yes" else "no"}
24
+  configFile = pkgs.writeText "recursor.conf"
25
+    (concatStringsSep "\n"
26
+      (flip mapAttrsToList cfg.settings
27
+        (name: val: "${name}=${serialize val}")));
25 28
 
26
-    ${cfg.extraConfig}
27
-  '';
29
+  mkDefaultAttrs = mapAttrs (n: v: mkDefault v);
28 30
 
29 31
 in {
30 32
   options.services.pdns-recursor = {
@@ -117,17 +119,55 @@ in {
117 119
       '';
118 120
     };
119 121
 
120
-    extraConfig = mkOption {
122
+    settings = mkOption {
123
+      type = configType;
124
+      default = { };
125
+      example = literalExample ''
126
+        {
127
+          loglevel = 8;
128
+          log-common-errors = true;
129
+        }
130
+      '';
131
+      description = ''
132
+        PowerDNS Recursor settings. Use this option to configure Recursor
133
+        settings not exposed in a NixOS option or to bypass one.
134
+        See the full documentation at
135
+        <link xlink:href="https://doc.powerdns.com/recursor/settings.html"/>
136
+        for the available options.
137
+      '';
138
+    };
139
+
140
+    luaConfig = mkOption {
121 141
       type = types.lines;
122 142
       default = "";
123 143
       description = ''
124
-        Extra options to be appended to the configuration file.
144
+        The content Lua configuration file for PowerDNS Recursor. See
145
+        <link xlink:href="https://doc.powerdns.com/recursor/lua-config/index.html"/>.
125 146
       '';
126 147
     };
127 148
   };
128 149
 
129 150
   config = mkIf cfg.enable {
130 151
 
152
+    services.pdns-recursor.settings = mkDefaultAttrs {
153
+      local-address = cfg.dns.address;
154
+      local-port    = cfg.dns.port;
155
+      allow-from    = cfg.dns.allowFrom;
156
+
157
+      webserver-address    = cfg.api.address;
158
+      webserver-port       = cfg.api.port;
159
+      webserver-allow-from = cfg.api.allowFrom;
160
+
161
+      forward-zones    = mapAttrsToList (zone: uri: "${zone}.=${uri}") cfg.forwardZones;
162
+      export-etc-hosts = cfg.exportHosts;
163
+      dnssec           = cfg.dnssecValidation;
164
+      serve-rfc1918    = cfg.serveRFC1918;
165
+      lua-config-file  = pkgs.writeText "recursor.lua" cfg.luaConfig;
166
+
167
+      log-timestamp  = false;
168
+      disable-syslog = true;
169
+    };
170
+
131 171
     users.users."${username}" = {
132 172
       home = dataDir;
133 173
       createHome = true;
@@ -150,8 +190,7 @@ in {
150 190
         AmbientCapabilities = "cap_net_bind_service";
151 191
         ExecStart = ''${pkgs.pdns-recursor}/bin/pdns_recursor \
152 192
           --config-dir=${dataDir} \
153
-          --socket-dir=${dataDir} \
154
-          --disable-syslog
193
+          --socket-dir=${dataDir}
155 194
         '';
156 195
       };
157 196
 
@@ -165,4 +204,10 @@ in {
165 204
       '';
166 205
     };
167 206
   };
207
+
208
+  imports = [
209
+   (mkRemovedOptionModule [ "services" "pdns-recursor" "extraConfig" ]
210
+     "To change extra Recursor settings use services.pdns-recursor.settings instead.")
211
+  ];
212
+
168 213
 }

+ 1
- 0
nixos/modules/services/networking/unifi.nix View File

@@ -176,6 +176,7 @@ in
176 176
         Type = "simple";
177 177
         ExecStart = "${(removeSuffix "\n" cmd)} start";
178 178
         ExecStop = "${(removeSuffix "\n" cmd)} stop";
179
+        Restart = "on-failure";
179 180
         User = "unifi";
180 181
         UMask = "0077";
181 182
         WorkingDirectory = "${stateDir}";

+ 27
- 9
nixos/modules/services/torrent/transmission.nix View File

@@ -84,6 +84,18 @@ in
84 84
           The directory where transmission will create files.
85 85
         '';
86 86
       };
87
+
88
+      user = mkOption {
89
+        type = types.str;
90
+        default = "transmission";
91
+        description = "User account under which Transmission runs.";
92
+      };
93
+
94
+      group = mkOption {
95
+        type = types.str;
96
+        default = "transmission";
97
+        description = "Group account under which Transmission runs.";
98
+      };
87 99
     };
88 100
   };
89 101
 
@@ -99,7 +111,8 @@ in
99 111
       serviceConfig.ExecStartPre = preStart;
100 112
       serviceConfig.ExecStart = "${pkgs.transmission}/bin/transmission-daemon -f --port ${toString config.services.transmission.port}";
101 113
       serviceConfig.ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID";
102
-      serviceConfig.User = "transmission";
114
+      serviceConfig.User = cfg.user;
115
+      serviceConfig.Group = cfg.group;
103 116
       # NOTE: transmission has an internal umask that also must be set (in settings.json)
104 117
       serviceConfig.UMask = "0002";
105 118
     };
@@ -107,14 +120,19 @@ in
107 120
     # It's useful to have transmission in path, e.g. for remote control
108 121
     environment.systemPackages = [ pkgs.transmission ];
109 122
 
110
-    users.groups.transmission.gid = config.ids.gids.transmission;
111
-    users.users.transmission = {
112
-      group = "transmission";
113
-      uid = config.ids.uids.transmission;
114
-      description = "Transmission BitTorrent user";
115
-      home = homeDir;
116
-      createHome = true;
117
-    };
123
+    users.users = optionalAttrs (cfg.user == "transmission") (singleton
124
+      { name = "transmission";
125
+        group = cfg.group;
126
+        uid = config.ids.uids.transmission;
127
+        description = "Transmission BitTorrent user";
128
+        home = homeDir;
129
+        createHome = true;
130
+      });
131
+
132
+    users.groups = optionalAttrs (cfg.group == "transmission") (singleton
133
+      { name = "transmission";
134
+        gid = config.ids.gids.transmission;
135
+      });
118 136
 
119 137
     # AppArmor profile
120 138
     security.apparmor.profiles = mkIf apparmor [

+ 1
- 1
nixos/modules/services/web-apps/matomo.nix View File

@@ -176,7 +176,7 @@ in {
176 176
             # Use User-Private Group scheme to protect Matomo data, but allow administration / backup via 'matomo' group
177 177
             # Copy config folder
178 178
             chmod g+s "${dataDir}"
179
-            cp -r "${cfg.package}/config" "${dataDir}/"
179
+            cp -r "${cfg.package}/share/config" "${dataDir}/"
180 180
             chmod -R u+rwX,g+rwX,o-rwx "${dataDir}"
181 181
 
182 182
             # check whether user setup has already been done

+ 300
- 0
nixos/modules/services/web-apps/moodle.nix View File

@@ -0,0 +1,300 @@
1
+{ config, lib, pkgs, ... }:
2
+
3
+let
4
+  inherit (lib) mkDefault mkEnableOption mkForce mkIf mkMerge mkOption types;
5
+  inherit (lib) concatStringsSep literalExample mapAttrsToList optional optionalString;
6
+
7
+  cfg = config.services.moodle;
8
+  fpm = config.services.phpfpm.pools.moodle;
9
+
10
+  user = "moodle";
11
+  group = config.services.httpd.group;
12
+  stateDir = "/var/lib/moodle";
13
+
14
+  moodleConfig = pkgs.writeText "config.php" ''
15
+  <?php  // Moodle configuration file
16
+
17
+  unset($CFG);
18
+  global $CFG;
19
+  $CFG = new stdClass();
20
+
21
+  $CFG->dbtype    = '${ { "mysql" = "mariadb"; "pgsql" = "pgsql"; }.${cfg.database.type} }';
22
+  $CFG->dblibrary = 'native';
23
+  $CFG->dbhost    = '${cfg.database.host}';
24
+  $CFG->dbname    = '${cfg.database.name}';
25
+  $CFG->dbuser    = '${cfg.database.user}';
26
+  ${optionalString (cfg.database.passwordFile != null) "$CFG->dbpass = file_get_contents('${cfg.database.passwordFile}');"}
27
+  $CFG->prefix    = 'mdl_';
28
+  $CFG->dboptions = array (
29
+    'dbpersist' => 0,
30
+    'dbport' => '${toString cfg.database.port}',
31
+    ${optionalString (cfg.database.socket != null) "'dbsocket' => '${cfg.database.socket}',"}
32
+    'dbcollation' => 'utf8mb4_unicode_ci',
33
+  );
34
+
35
+  $CFG->wwwroot   = '${if cfg.virtualHost.enableSSL then "https" else "http"}://${cfg.virtualHost.hostName}';
36
+  $CFG->dataroot  = '${stateDir}';
37
+  $CFG->admin     = 'admin';
38
+
39
+  $CFG->directorypermissions = 02777;
40
+  $CFG->disableupdateautodeploy = true;
41
+
42
+  $CFG->pathtogs = '${pkgs.ghostscript}/bin/gs';
43
+  $CFG->pathtophp = '${pkgs.php}/bin/php';
44
+  $CFG->pathtodu = '${pkgs.coreutils}/bin/du';
45
+  $CFG->aspellpath = '${pkgs.aspell}/bin/aspell';
46
+  $CFG->pathtodot = '${pkgs.graphviz}/bin/dot';
47
+
48
+  require_once('${cfg.package}/share/moodle/lib/setup.php');
49
+
50
+  // There is no php closing tag in this file,
51
+  // it is intentional because it prevents trailing whitespace problems!
52
+  '';
53
+
54
+  mysqlLocal = cfg.database.createLocally && cfg.database.type == "mysql";
55
+  pgsqlLocal = cfg.database.createLocally && cfg.database.type == "pgsql";
56
+in
57
+{
58
+  # interface
59
+  options.services.moodle = {
60
+    enable = mkEnableOption "Moodle web application";
61
+
62
+    package = mkOption {
63
+      type = types.package;
64
+      default = pkgs.moodle;
65
+      defaultText = "pkgs.moodle";
66
+      description = "The Moodle package to use.";
67
+    };
68
+
69
+    initialPassword = mkOption {
70
+      type = types.str;
71
+      example = "correcthorsebatterystaple";
72
+      description = ''
73
+        Specifies the initial password for the admin, i.e. the password assigned if the user does not already exist.
74
+        The password specified here is world-readable in the Nix store, so it should be changed promptly.
75
+      '';
76
+    };
77
+
78
+    database = {
79
+      type = mkOption {
80
+        type = types.enum [ "mysql" "pgsql" ];
81
+        default = "mysql";
82
+        description = ''Database engine to use.'';
83
+      };
84
+
85
+      host = mkOption {
86
+        type = types.str;
87
+        default = "localhost";
88
+        description = "Database host address.";
89
+      };
90
+
91
+      port = mkOption {
92
+        type = types.int;
93
+        description = "Database host port.";
94
+        default = {
95
+          "mysql" = 3306;
96
+          "pgsql" = 5432;
97
+        }.${cfg.database.type};
98
+        defaultText = "3306";
99
+      };
100
+
101
+      name = mkOption {
102
+        type = types.str;
103
+        default = "moodle";
104
+        description = "Database name.";
105
+      };
106
+
107
+      user = mkOption {
108
+        type = types.str;
109
+        default = "moodle";
110
+        description = "Database user.";
111
+      };
112
+
113
+      passwordFile = mkOption {
114
+        type = types.nullOr types.path;
115
+        default = null;
116
+        example = "/run/keys/moodle-dbpassword";
117
+        description = ''
118
+          A file containing the password corresponding to
119
+          <option>database.user</option>.
120
+        '';
121
+      };
122
+
123
+      socket = mkOption {
124
+        type = types.nullOr types.path;
125
+        default =
126
+          if mysqlLocal then "/run/mysqld/mysqld.sock"
127
+          else if pgsqlLocal then "/run/postgresql"
128
+          else null;
129
+        defaultText = "/run/mysqld/mysqld.sock";
130
+        description = "Path to the unix socket file to use for authentication.";
131
+      };
132
+
133
+      createLocally = mkOption {
134
+        type = types.bool;
135
+        default = true;
136
+        description = "Create the database and database user locally.";
137
+      };
138
+    };
139
+
140
+    virtualHost = mkOption {
141
+      type = types.submodule ({
142
+        options = import ../web-servers/apache-httpd/per-server-options.nix {
143
+          inherit lib;
144
+          forMainServer = false;
145
+        };
146
+      });
147
+      example = {
148
+        hostName = "moodle.example.org";
149
+        enableSSL = true;
150
+        adminAddr = "webmaster@example.org";
151
+        sslServerCert = "/var/lib/acme/moodle.example.org/full.pem";
152
+        sslServerKey = "/var/lib/acme/moodle.example.org/key.pem";
153
+      };
154
+      description = ''
155
+        Apache configuration can be done by adapting <option>services.httpd.virtualHosts</option>.
156
+        See <xref linkend="opt-services.httpd.virtualHosts"/> for further information.
157
+      '';
158
+    };
159
+
160
+    poolConfig = mkOption {
161
+      type = with types; attrsOf (oneOf [ str int bool ]);
162
+      default = {
163
+        "pm" = "dynamic";
164
+        "pm.max_children" = 32;
165
+        "pm.start_servers" = 2;
166
+        "pm.min_spare_servers" = 2;
167
+        "pm.max_spare_servers" = 4;
168
+        "pm.max_requests" = 500;
169
+      };
170
+      description = ''
171
+        Options for the Moodle PHP pool. See the documentation on <literal>php-fpm.conf</literal>
172
+        for details on configuration directives.
173
+      '';
174
+    };
175
+  };
176
+
177
+  # implementation
178
+  config = mkIf cfg.enable {
179
+
180
+    assertions = [
181
+      { assertion = cfg.database.createLocally -> cfg.database.user == user;
182
+        message = "services.moodle.database.user must be set to ${user} if services.moodle.database.createLocally is set true";
183
+      }
184
+      { assertion = cfg.database.createLocally -> cfg.database.passwordFile == null;
185
+        message = "a password cannot be specified if services.moodle.database.createLocally is set to true";
186
+      }
187
+    ];
188
+
189
+    services.mysql = mkIf mysqlLocal {
190
+      enable = true;
191
+      package = mkDefault pkgs.mariadb;
192
+      ensureDatabases = [ cfg.database.name ];
193
+      ensureUsers = [
194
+        { name = cfg.database.user;
195
+          ensurePermissions = {
196
+            "${cfg.database.name}.*" = "SELECT, INSERT, UPDATE, DELETE, CREATE, CREATE TEMPORARY TABLES, DROP, INDEX, ALTER";
197
+          };
198
+        }
199
+      ];
200
+    };
201
+
202
+    services.postgresql = mkIf pgsqlLocal {
203
+      enable = true;
204
+      ensureDatabases = [ cfg.database.name ];
205
+      ensureUsers = [
206
+        { name = cfg.database.user;
207
+          ensurePermissions = { "DATABASE ${cfg.database.name}" = "ALL PRIVILEGES"; };
208
+        }
209
+      ];
210
+    };
211
+
212
+    services.phpfpm.pools.moodle = {
213
+      inherit user group;
214
+      phpEnv.MOODLE_CONFIG = "${moodleConfig}";
215
+      phpOptions = ''
216
+        zend_extension = opcache.so
217
+        opcache.enable = 1
218
+      '';
219
+      settings = {
220
+        "listen.owner" = config.services.httpd.user;
221
+        "listen.group" = config.services.httpd.group;
222
+      } // cfg.poolConfig;
223
+    };
224
+
225
+    services.httpd = {
226
+      enable = true;
227
+      adminAddr = mkDefault cfg.virtualHost.adminAddr;
228
+      extraModules = [ "proxy_fcgi" ];
229
+      virtualHosts = [ (mkMerge [
230
+        cfg.virtualHost {
231
+          documentRoot = mkForce "${cfg.package}/share/moodle";
232
+          extraConfig = ''
233
+            <Directory "${cfg.package}/share/moodle">
234
+              <FilesMatch "\.php$">
235
+                <If "-f %{REQUEST_FILENAME}">
236
+                  SetHandler "proxy:unix:${fpm.socket}|fcgi://localhost/"
237
+                </If>
238
+              </FilesMatch>
239
+              Options -Indexes
240
+              DirectoryIndex index.php
241
+            </Directory>
242
+          '';
243
+        }
244
+      ]) ];
245
+    };
246
+
247
+    systemd.tmpfiles.rules = [
248
+      "d '${stateDir}' 0750 ${user} ${group} - -"
249
+    ];
250
+
251
+    systemd.services.moodle-init = {
252
+      wantedBy = [ "multi-user.target" ];
253
+      before = [ "phpfpm-moodle.service" ];
254
+      after = optional mysqlLocal "mysql.service" ++ optional pgsqlLocal "postgresql.service";
255
+      environment.MOODLE_CONFIG = moodleConfig;
256
+      script = ''
257
+        ${pkgs.php}/bin/php ${cfg.package}/share/moodle/admin/cli/check_database_schema.php && rc=$? || rc=$?
258
+
259
+        [ "$rc" == 1 ] && ${pkgs.php}/bin/php ${cfg.package}/share/moodle/admin/cli/upgrade.php \
260
+          --non-interactive \
261
+          --allow-unstable
262
+
263
+        [ "$rc" == 2 ] && ${pkgs.php}/bin/php ${cfg.package}/share/moodle/admin/cli/install_database.php \
264
+          --agree-license \
265
+          --adminpass=${cfg.initialPassword}
266
+
267
+        true
268
+      '';
269
+      serviceConfig = {
270
+        User = user;
271
+        Group = group;
272
+        Type = "oneshot";
273
+      };
274
+    };
275
+
276
+    systemd.services.moodle-cron = {
277
+      description = "Moodle cron service";
278
+      after = [ "moodle-init.service" ];
279
+      environment.MOODLE_CONFIG = moodleConfig;
280
+      serviceConfig = {
281
+        User = user;
282
+        Group = group;
283
+        ExecStart = "${pkgs.php}/bin/php ${cfg.package}/share/moodle/admin/cli/cron.php";
284
+      };
285
+    };
286
+
287
+    systemd.timers.moodle-cron = {
288
+      description = "Moodle cron timer";
289
+      wantedBy = [ "timers.target" ];
290
+      timerConfig = {
291
+        OnCalendar = "minutely";
292
+      };
293
+    };
294
+
295
+    systemd.services.httpd.after = optional mysqlLocal "mysql.service" ++ optional pgsqlLocal "postgresql.service";
296
+
297
+    users.users."${user}".group = group;
298
+
299
+  };
300
+}

+ 77
- 0
nixos/modules/services/web-servers/darkhttpd.nix View File

@@ -0,0 +1,77 @@
1
+{ config, lib, pkgs, ... }:
2
+
3
+with lib;
4
+
5
+let
6
+  cfg = config.services.darkhttpd;
7
+
8
+  args = concatStringsSep " " ([
9
+    cfg.rootDir
10
+    "--port ${toString cfg.port}"
11
+    "--addr ${cfg.address}"
12
+  ] ++ cfg.extraArgs
13
+    ++ optional cfg.hideServerId             "--no-server-id"
14
+    ++ optional config.networking.enableIPv6 "--ipv6");
15
+
16
+in {
17
+  options.services.darkhttpd = with types; {
18
+    enable = mkEnableOption "DarkHTTPd web server";
19
+
20
+    port = mkOption {
21
+      default = 80;
22
+      type = ints.u16;
23
+      description = ''
24
+        Port to listen on.
25
+        Pass 0 to let the system choose any free port for you.
26
+      '';
27
+    };
28
+
29
+    address = mkOption {
30
+      default = "127.0.0.1";
31
+      type = str;
32
+      description = ''
33
+        Address to listen on.
34
+        Pass `all` to listen on all interfaces.
35
+      '';
36
+    };
37
+
38
+    rootDir = mkOption {
39
+      type = path;
40
+      description = ''
41
+        Path from which to serve files.
42
+      '';
43
+    };
44
+
45
+    hideServerId = mkOption {
46
+      type = bool;
47
+      default = true;
48
+      description = ''
49
+        Don't identify the server type in headers or directory listings.
50
+      '';
51
+    };
52
+
53
+    extraArgs = mkOption {
54
+      type = listOf str;
55
+      default = [];
56
+      description = ''
57
+        Additional configuration passed to the executable.
58
+      '';
59
+    };
60
+  };
61
+
62
+  config = mkIf cfg.enable {
63
+    systemd.services.darkhttpd = {
64
+      description = "Dark HTTPd";
65
+      wants = [ "network.target" ];
66
+      after = [ "network.target" ];
67
+      wantedBy = [ "multi-user.target" ];
68
+      serviceConfig = {
69
+        DynamicUser = true;
70
+        ExecStart = "${cfg.package}/bin/darkhttpd ${args}";
71
+        AmbientCapabilities = lib.mkIf (cfg.port < 1024) [ "CAP_NET_BIND_SERVICE" ];
72
+        Restart = "on-failure";
73
+        RestartSec = "2s";
74
+      };
75
+    };
76
+  };
77
+}

+ 188
- 121
nixos/modules/services/x11/desktop-managers/gnome3.nix View File

@@ -3,7 +3,9 @@
3 3
 with lib;
4 4
 
5 5
 let
6
+
6 7
   cfg = config.services.xserver.desktopManager.gnome3;
8
+  serviceCfg = config.services.gnome3;
7 9
 
8 10
   # Prioritize nautilus by default when opening directories
9 11
   mimeAppsList = pkgs.writeTextFile {
@@ -45,10 +47,19 @@ let
45 47
 
46 48
   flashbackEnabled = cfg.flashback.enableMetacity || length cfg.flashback.customSessions > 0;
47 49
 
48
-in {
50
+in
51
+
52
+{
49 53
 
50 54
   options = {
51 55
 
56
+    services.gnome3 = {
57
+      core-os-services.enable = mkEnableOption "essential services for GNOME3";
58
+      core-shell.enable = mkEnableOption "GNOME Shell services";
59
+      core-utilities.enable = mkEnableOption "GNOME core utilities";
60
+      games.enable = mkEnableOption "GNOME games";
61
+    };
62
+
52 63
     services.xserver.desktopManager.gnome3 = {
53 64
       enable = mkOption {
54 65
         default = false;
@@ -121,138 +132,194 @@ in {
121 132
 
122 133
   };
123 134
 
124
-  config = mkIf cfg.enable {
125
-
126
-    # Enable helpful DBus services.
127
-    security.polkit.enable = true;
128
-    services.udisks2.enable = true;
129
-    services.accounts-daemon.enable = true;
130
-    services.dleyna-renderer.enable = mkDefault true;
131
-    services.dleyna-server.enable = mkDefault true;
132
-    services.gnome3.at-spi2-core.enable = true;
133
-    services.gnome3.evolution-data-server.enable = true;
134
-    services.gnome3.glib-networking.enable = true;
135
-    services.gnome3.gnome-keyring.enable = true;
136
-    services.gnome3.gnome-online-accounts.enable = mkDefault true;
137
-    services.gnome3.gnome-remote-desktop.enable = mkDefault true;
138
-    services.gnome3.gnome-settings-daemon.enable = true;
139
-    services.gnome3.gnome-user-share.enable = mkDefault true;
140
-    services.gvfs.enable = true;
141
-    services.gnome3.rygel.enable = mkDefault true;
142
-    services.gnome3.seahorse.enable = mkDefault true;
143
-    services.gnome3.sushi.enable = mkDefault true;
144
-    services.gnome3.tracker.enable = mkDefault true;
145
-    services.gnome3.tracker-miners.enable = mkDefault true;
146
-    hardware.pulseaudio.enable = mkDefault true;
147
-    services.telepathy.enable = mkDefault true;
148
-    networking.networkmanager.enable = mkDefault true;
149
-    services.upower.enable = config.powerManagement.enable;
150
-    services.dbus.packages =
151
-      optional config.services.printing.enable pkgs.system-config-printer ++
152
-      optional flashbackEnabled pkgs.gnome3.gnome-screensaver;
153
-    services.colord.enable = mkDefault true;
154
-    services.packagekit.enable = mkDefault true;
155
-    hardware.bluetooth.enable = mkDefault true;
156
-    services.hardware.bolt.enable = mkDefault true;
157
-    services.xserver.libinput.enable = mkDefault true; # for controlling touchpad settings via gnome control center
158
-    systemd.packages = [ pkgs.gnome3.vino ];
159
-    xdg.portal.enable = true;
160
-    xdg.portal.extraPortals = [ pkgs.xdg-desktop-portal-gtk ];
161
-
162
-    # Enable default programs
163
-    programs.dconf.enable = true;
164
-    programs.evince.enable = mkDefault true;
165
-    programs.file-roller.enable = mkDefault true;
166
-    programs.gnome-disks.enable = mkDefault true;
167
-    programs.gnome-documents.enable = mkDefault true;
168
-    programs.gnome-terminal.enable = mkDefault true;
169
-
170
-    # If gnome3 is installed, build vim for gtk3 too.
171
-    nixpkgs.config.vim.gui = "gtk3";
172
-
173
-    fonts.fonts = [
174
-      pkgs.dejavu_fonts pkgs.cantarell-fonts
175
-      pkgs.source-sans-pro
176
-      pkgs.source-code-pro # Default monospace font in 3.32
177
-    ];
178
-
179
-    services.xserver.displayManager.extraSessionFilePackages = [ pkgs.gnome3.gnome-session ]
180
-      ++ map
181
-        (wm: pkgs.gnome3.gnome-flashback.mkSessionForWm {
182
-          inherit (wm) wmName wmLabel wmCommand;
183
-        }) (optional cfg.flashback.enableMetacity {
184
-              wmName = "metacity";
185
-              wmLabel = "Metacity";
186
-              wmCommand = "${pkgs.gnome3.metacity}/bin/metacity";
187
-            } ++ cfg.flashback.customSessions);
188
-
189
-    environment.extraInit = ''
190
-      ${concatMapStrings (p: ''
191
-        if [ -d "${p}/share/gsettings-schemas/${p.name}" ]; then
192
-          export XDG_DATA_DIRS=$XDG_DATA_DIRS''${XDG_DATA_DIRS:+:}${p}/share/gsettings-schemas/${p.name}
193
-        fi
194
-
195
-        if [ -d "${p}/lib/girepository-1.0" ]; then
196
-          export GI_TYPELIB_PATH=$GI_TYPELIB_PATH''${GI_TYPELIB_PATH:+:}${p}/lib/girepository-1.0
197
-          export LD_LIBRARY_PATH=$LD_LIBRARY_PATH''${LD_LIBRARY_PATH:+:}${p}/lib
198
-        fi
199
-      '') cfg.sessionPath}
200
-    '';
135
+  config = mkMerge [
136
+    (mkIf (cfg.enable || flashbackEnabled) {
137
+      services.gnome3.core-os-services.enable = true;
138
+      services.gnome3.core-shell.enable = true;
139
+      services.gnome3.core-utilities.enable = mkDefault true;
201 140
 
141
+      services.xserver.displayManager.extraSessionFilePackages = [ pkgs.gnome3.gnome-session ];
202 142
 
203
-    services.geoclue2.enable = mkDefault true;
204
-    # GNOME should have its own geoclue agent
205
-    services.geoclue2.enableDemoAgent = false;
143
+      environment.extraInit = ''
144
+        ${concatMapStrings (p: ''
145
+          if [ -d "${p}/share/gsettings-schemas/${p.name}" ]; then
146
+            export XDG_DATA_DIRS=$XDG_DATA_DIRS''${XDG_DATA_DIRS:+:}${p}/share/gsettings-schemas/${p.name}
147
+          fi
206 148
 
207
-    services.geoclue2.appConfig."gnome-datetime-panel" = {
208
-      isAllowed = true;
209
-      isSystem = true;
210
-    };
211
-    services.geoclue2.appConfig."gnome-color-panel" = {
212
-      isAllowed = true;
213
-      isSystem = true;
214
-    };
215
-    services.geoclue2.appConfig."org.gnome.Shell" = {
216
-      isAllowed = true;
217
-      isSystem = true;
218
-    };
149
+          if [ -d "${p}/lib/girepository-1.0" ]; then
150
+            export GI_TYPELIB_PATH=$GI_TYPELIB_PATH''${GI_TYPELIB_PATH:+:}${p}/lib/girepository-1.0
151
+            export LD_LIBRARY_PATH=$LD_LIBRARY_PATH''${LD_LIBRARY_PATH:+:}${p}/lib
152
+          fi
153
+        '') cfg.sessionPath}
154
+      '';
219 155
 
220
-    environment.variables.GNOME_SESSION_DEBUG = optionalString cfg.debug "1";
156
+      environment.systemPackages = cfg.sessionPath;
221 157
 
222
-    # Override default mimeapps
223
-    environment.variables.XDG_DATA_DIRS = [ "${mimeAppsList}/share" ];
158
+      environment.variables.GNOME_SESSION_DEBUG = mkIf cfg.debug "1";
224 159
 
225
-    # Override GSettings schemas
226
-    environment.variables.NIX_GSETTINGS_OVERRIDES_DIR = "${nixos-gsettings-desktop-schemas}/share/gsettings-schemas/nixos-gsettings-overrides/glib-2.0/schemas";
160
+      # Override GSettings schemas
161
+      environment.variables.NIX_GSETTINGS_OVERRIDES_DIR = "${nixos-gsettings-desktop-schemas}/share/gsettings-schemas/nixos-gsettings-overrides/glib-2.0/schemas";
227 162
 
228
-    # Let nautilus find extensions
229
-    # TODO: Create nautilus-with-extensions package
230
-    environment.variables.NAUTILUS_EXTENSION_DIR = "${config.system.path}/lib/nautilus/extensions-3.0";
163
+       # If gnome3 is installed, build vim for gtk3 too.
164
+      nixpkgs.config.vim.gui = "gtk3";
165
+    })
231 166
 
232
-    services.xserver.updateDbusEnvironment = true;
167
+    (mkIf flashbackEnabled {
168
+      services.xserver.displayManager.extraSessionFilePackages =  map
169
+        (wm: pkgs.gnome3.gnome-flashback.mkSessionForWm {
170
+          inherit (wm) wmName wmLabel wmCommand;
171
+        }) (optional cfg.flashback.enableMetacity {
172
+              wmName = "metacity";
173
+              wmLabel = "Metacity";
174
+              wmCommand = "${pkgs.gnome3.metacity}/bin/metacity";
175
+            } ++ cfg.flashback.customSessions);
233 176
 
234
-    environment.systemPackages = pkgs.gnome3.corePackages ++ cfg.sessionPath
235
-      ++ (pkgs.gnome3.removePackagesByName pkgs.gnome3.optionalPackages config.environment.gnome3.excludePackages) ++ [
236
-      pkgs.xdg-user-dirs # Update user dirs as described in http://freedesktop.org/wiki/Software/xdg-user-dirs/
237
-    ];
177
+      security.pam.services.gnome-screensaver = {
178
+        enableGnomeKeyring = true;
179
+      };
238 180
 
239
-    # Use the correct gnome3 packageSet
240
-    networking.networkmanager.basePackages =
241
-      { inherit (pkgs) networkmanager modemmanager wpa_supplicant crda;
181
+      services.dbus.packages = [
182
+        pkgs.gnome3.gnome-screensaver
183
+      ];
184
+    })
185
+
186
+    (mkIf serviceCfg.core-os-services.enable {
187
+      hardware.bluetooth.enable = mkDefault true;
188
+      hardware.pulseaudio.enable = mkDefault true;
189
+      programs.dconf.enable = true;
190
+      security.polkit.enable = true;
191
+      services.accounts-daemon.enable = true;
192
+      services.dleyna-renderer.enable = mkDefault true;
193
+      services.dleyna-server.enable = mkDefault true;
194
+      services.gnome3.at-spi2-core.enable = true;
195
+      services.gnome3.evolution-data-server.enable = true;
196
+      services.gnome3.gnome-keyring.enable = true;
197
+      services.gnome3.gnome-online-accounts.enable = mkDefault true;
198
+      services.gnome3.gnome-online-miners.enable = true;
199
+      services.gnome3.tracker-miners.enable = mkDefault true;
200
+      services.gnome3.tracker.enable = mkDefault true;
201
+      services.hardware.bolt.enable = mkDefault true;
202
+      services.packagekit.enable = mkDefault true;
203
+      services.udisks2.enable = true;
204
+      services.upower.enable = config.powerManagement.enable;
205
+      services.xserver.libinput.enable = mkDefault true; # for controlling touchpad settings via gnome control center
206
+
207
+      xdg.portal.enable = true;
208
+      xdg.portal.extraPortals = [ pkgs.xdg-desktop-portal-gtk ];
209
+
210
+      networking.networkmanager.enable = mkDefault true;
211
+
212
+      # Use the correct gnome3 packageSet
213
+      networking.networkmanager.basePackages = {
214
+        inherit (pkgs) networkmanager modemmanager wpa_supplicant crda;
242 215
         inherit (pkgs.gnome3) networkmanager-openvpn networkmanager-vpnc
243
-                              networkmanager-openconnect networkmanager-fortisslvpn
244
-                              networkmanager-iodine networkmanager-l2tp; };
245
-
246
-    # Needed for themes and backgrounds
247
-    environment.pathsToLink = [
248
-      "/share"
249
-      "/share/nautilus-python/extensions"
250
-    ];
216
+        networkmanager-openconnect networkmanager-fortisslvpn
217
+        networkmanager-iodine networkmanager-l2tp;
218
+      };
251 219
 
252
-    security.pam.services.gnome-screensaver = mkIf flashbackEnabled {
253
-      enableGnomeKeyring = true;
254
-    };
255
-  };
220
+      services.xserver.updateDbusEnvironment = true;
221
+
222
+      # Needed for themes and backgrounds
223
+      environment.pathsToLink = [
224
+        "/share" # TODO: https://github.com/NixOS/nixpkgs/issues/47173
225
+      ];
226
+    })
227
+
228
+    (mkIf serviceCfg.core-shell.enable {
229
+      services.colord.enable = mkDefault true;
230
+      services.gnome3.glib-networking.enable = true;
231
+      services.gnome3.gnome-remote-desktop.enable = mkDefault true;
232
+      services.gnome3.gnome-settings-daemon.enable = true;
233
+      services.gnome3.gnome-user-share.enable = mkDefault true;
234
+      services.gnome3.rygel.enable = mkDefault true;
235
+      services.gvfs.enable = true;
236
+      services.telepathy.enable = mkDefault true;
237
+      systemd.packages = [ pkgs.gnome3.vino ];
238
+      services.dbus.packages =
239
+        optional config.services.printing.enable pkgs.system-config-printer;
240
+
241
+      services.geoclue2.enable = mkDefault true;
242
+      services.geoclue2.enableDemoAgent = false; # GNOME has its own geoclue agent
243
+
244
+      services.geoclue2.appConfig."gnome-datetime-panel" = {
245
+        isAllowed = true;
246
+        isSystem = true;
247
+      };
248
+      services.geoclue2.appConfig."gnome-color-panel" = {
249
+        isAllowed = true;
250
+        isSystem = true;
251
+      };
252
+      services.geoclue2.appConfig."org.gnome.Shell" = {
253
+        isAllowed = true;
254
+        isSystem = true;
255
+      };
256 256
 
257
+      fonts.fonts = with pkgs; [
258
+        cantarell-fonts
259
+        dejavu_fonts
260
+        source-code-pro # Default monospace font in 3.32
261
+        source-sans-pro
262
+      ];
263
+
264
+      environment.systemPackages = with pkgs.gnome3; [
265
+        adwaita-icon-theme
266
+        gnome-backgrounds
267
+        gnome-bluetooth
268
+        gnome-control-center
269
+        gnome-getting-started-docs
270
+        gnome-shell
271
+        gnome-shell-extensions
272
+        gnome-themes-extra
273
+        gnome-user-docs
274
+        pkgs.glib # for gsettings
275
+        pkgs.gnome-menus
276
+        pkgs.gtk3.out # for gtk-launch
277
+        pkgs.hicolor-icon-theme
278
+        pkgs.shared-mime-info # for update-mime-database
279
+        pkgs.xdg-user-dirs # Update user dirs as described in http://freedesktop.org/wiki/Software/xdg-user-dirs/
280
+        vino
281
+      ];
282
+    })
283
+
284
+    (mkIf serviceCfg.core-utilities.enable {
285
+      environment.systemPackages = (with pkgs.gnome3; removePackagesByName [
286
+        baobab eog epiphany evince gucharmap nautilus totem yelp gnome-calculator
287
+        gnome-contacts gnome-font-viewer gnome-screenshot gnome-system-monitor simple-scan
288
+        gnome-terminal evolution file-roller gedit gnome-clocks gnome-music gnome-tweaks
289
+        pkgs.gnome-photos nautilus-sendto dconf-editor vinagre gnome-weather gnome-logs
290
+        gnome-maps gnome-characters gnome-calendar accerciser gnome-nettool gnome-packagekit
291
+        gnome-software gnome-power-manager gnome-todo pkgs.gnome-usage
292
+      ] config.environment.gnome3.excludePackages);
293
+
294
+      # Enable default programs
295
+      programs.evince.enable = mkDefault true;
296
+      programs.file-roller.enable = mkDefault true;
297
+      programs.gnome-disks.enable = mkDefault true;
298
+      programs.gnome-documents.enable = mkDefault true;
299
+      programs.gnome-terminal.enable = mkDefault true;
300
+      services.gnome3.seahorse.enable = mkDefault true;
301
+      services.gnome3.sushi.enable = mkDefault true;
302
+
303
+      # Let nautilus find extensions
304
+      # TODO: Create nautilus-with-extensions package
305
+      environment.variables.NAUTILUS_EXTENSION_DIR = "${config.system.path}/lib/nautilus/extensions-3.0";
306
+
307
+      # Override default mimeapps for nautilus
308
+      environment.variables.XDG_DATA_DIRS = [ "${mimeAppsList}/share" ];
309
+
310
+      environment.pathsToLink = [
311
+        "/share/nautilus-python/extensions"
312
+      ];
313
+    })
314
+
315
+    (mkIf serviceCfg.games.enable {
316
+      environment.systemPackages = (with pkgs.gnome3; removePackagesByName [
317
+        aisleriot atomix five-or-more four-in-a-row gnome-chess gnome-klotski
318
+        gnome-mahjongg gnome-mines gnome-nibbles gnome-robots gnome-sudoku
319
+        gnome-taquin gnome-tetravex hitori iagno lightsoff quadrapassel
320
+        swell-foop tali
321
+      ] config.environment.gnome3.excludePackages);
322
+    })
323
+  ];
257 324
 
258 325
 }

+ 3
- 3
nixos/modules/system/boot/systemd.nix View File

@@ -537,7 +537,7 @@ in
537 537
     };
538 538
 
539 539
     systemd.enableCgroupAccounting = mkOption {
540
-      default = false;
540
+      default = true;
541 541
       type = types.bool;
542 542
       description = ''
543 543
         Whether to enable cgroup accounting.
@@ -804,10 +804,10 @@ in
804 804
         [Manager]
805 805
         ${optionalString config.systemd.enableCgroupAccounting ''
806 806
           DefaultCPUAccounting=yes
807
+          DefaultBlockIOAccounting=yes
807 808
           DefaultIOAccounting=yes
808 809
           DefaultBlockIOAccounting=yes
809
-          DefaultMemoryAccounting=yes
810
-          DefaultTasksAccounting=yes
810
+          DefaultIPAccounting=yes
811 811
         ''}
812 812
         DefaultLimitCORE=infinity
813 813
         ${config.systemd.extraConfig}

+ 1
- 0
nixos/tests/all-tests.nix View File

@@ -161,6 +161,7 @@ in
161 161
   minio = handleTest ./minio.nix {};
162 162
   misc = handleTest ./misc.nix {};
163 163
   mongodb = handleTest ./mongodb.nix {};
164
+  moodle = handleTest ./moodle.nix {};
164 165
   morty = handleTest ./morty.nix {};
165 166
   mosquitto = handleTest ./mosquitto.nix {};
166 167
   mpd = handleTest ./mpd.nix {};

+ 28
- 0
nixos/tests/jormungandr.nix View File

@@ -5,9 +5,17 @@ import ./make-test.nix ({ pkgs, ... }: {
5 5
   };
6 6
 
7 7
   nodes = {
8
+    # Testing the Byzantine Fault Tolerant protocol
8 9
     bft = { ... }: {
9 10
       environment.systemPackages = [ pkgs.jormungandr ];
11
+      services.jormungandr.enable = true;
12
+      services.jormungandr.genesisBlockFile = "/var/lib/jormungandr/block-0.bin";
13
+      services.jormungandr.secretFile = "/etc/secrets/jormungandr.yaml";
14
+    };
10 15
 
16
+    # Testing the Ouroboros Genesis Praos protocol
17
+    genesis = { ... }: {
18
+      environment.systemPackages = [ pkgs.jormungandr ];
11 19
       services.jormungandr.enable = true;
12 20
       services.jormungandr.genesisBlockFile = "/var/lib/jormungandr/block-0.bin";
13 21
       services.jormungandr.secretFile = "/etc/secrets/jormungandr.yaml";
@@ -17,6 +25,7 @@ import ./make-test.nix ({ pkgs, ... }: {
17 25
   testScript = ''
18 26
     startAll;
19 27
 
28
+    ## Testing BFT
20 29
     # Let's wait for the StateDirectory
21 30
     $bft->waitForFile("/var/lib/jormungandr/");
22 31
 
@@ -45,5 +54,24 @@ import ./make-test.nix ({ pkgs, ... }: {
45 54
 
46 55
     # Now we can test if we are able to reach the REST API
47 56
     $bft->waitUntilSucceeds("curl -L http://localhost:8607/api/v0/node/stats | grep uptime");
57
+
58
+    ## Testing Genesis
59
+    # Let's wait for the StateDirectory
60
+    $genesis->waitForFile("/var/lib/jormungandr/");
61
+
62
+    # Bootstraping the configuration
63
+    $genesis->succeed("jormungandr-bootstrap -g -p 8607 -s 1");
64
+
65
+    # Moving generated files in place
66
+    $genesis->succeed("mkdir -p /etc/secrets");
67
+    $genesis->succeed("mv pool-secret1.yaml /etc/secrets/jormungandr.yaml");
68
+    $genesis->succeed("mv block-0.bin /var/lib/jormungandr/");
69
+
70
+    # We should have everything to start the service now
71
+    $genesis->succeed("systemctl restart jormungandr");
72
+    $genesis->waitForUnit("jormungandr.service");
73
+
74
+    # Now we can create and delegate an account
75
+    $genesis->succeed("./create-account-and-delegate.sh | tee -a /tmp/delegate.log");
48 76
   '';
49 77
 })

+ 22
- 0
nixos/tests/moodle.nix View File

@@ -0,0 +1,22 @@
1
+import ./make-test.nix ({ pkgs, lib, ... }: {
2
+  name = "moodle";
3
+  meta.maintainers = [ lib.maintainers.aanderse ];
4
+
5
+  machine =
6
+    { ... }:
7
+    { services.moodle.enable = true;
8
+      services.moodle.virtualHost.hostName = "localhost";
9
+      services.moodle.virtualHost.adminAddr = "root@example.com";
10
+      services.moodle.initialPassword = "correcthorsebatterystaple";
11
+
12
+      # Ensure the virtual machine has enough memory to avoid errors like:
13
+      # Fatal error: Out of memory (allocated 152047616) (tried to allocate 33554440 bytes)
14
+      virtualisation.memorySize = 2000;
15
+    };
16
+
17
+  testScript = ''
18
+    startAll;
19
+    $machine->waitForUnit('phpfpm-moodle.service');
20
+    $machine->succeed('curl http://localhost/') =~ /You are not logged in/ or die;
21
+  '';
22
+})

+ 7
- 0
nixos/tests/systemd.nix View File

@@ -89,5 +89,12 @@ import ./make-test.nix ({ pkgs, ... }: {
89 89
      $machine->waitForUnit('multi-user.target');
90 90
      $machine->succeed('sysctl net.core.default_qdisc | grep -q "fq_codel"');
91 91
    };
92
+
93
+   # Test cgroup accounting is enabled
94
+   subtest "systemd cgroup accounting is enabled", sub {
95
+     $machine->waitForUnit('multi-user.target');
96
+     $machine->succeed('systemctl show testservice1.service -p IOAccounting | grep -q "yes"');
97
+     $machine->succeed('systemctl status testservice1.service | grep -q "CPU:"');
98
+   };
92 99
   '';
93 100
 })

+ 3
- 3
pkgs/applications/altcoins/bitcoin-classic.nix View File

@@ -16,15 +16,15 @@ stdenv.mkDerivation rec {
16 16
     sha256 = "06ij9v7zbdnhxq9429nnxiw655cp8idldj18l7fmj94gqx07n5vh";
17 17
   };
18 18
 
19
-  patches = [ ./fix-bitcoin-qt-build.patch ];
20
-
21 19
   nativeBuildInputs = [ pkgconfig autoreconfHook ];
22 20
   buildInputs = [ openssl db48 boost zlib
23 21
                   miniupnpc utillinux protobuf libevent ]
24 22
                   ++ optionals withGui [ qtbase qttools qrencode ];
25 23
 
26 24
   configureFlags = [ "--with-boost-libdir=${boost.out}/lib" ]
27
-                     ++ optionals withGui [ "--with-gui=qt5" ];
25
+                     ++ optionals withGui [ "--with-gui=qt5"
26
+                                            "--with-qt-bindir=${qtbase.dev}/bin:${qttools.dev}/bin"
27
+                                          ];
28 28
 
29 29
   enableParallelBuilding = true;
30 30
 

+ 16
- 0
pkgs/applications/altcoins/jormungandr/default.nix View File

@@ -24,6 +24,22 @@ rustPlatform.buildRustPackage rec {
24 24
   nativeBuildInputs = [ pkgconfig protobuf ];
25 25
   buildInputs = [ openssl ] ++ lib.optionals stdenv.isDarwin [ darwin.apple_sdk.frameworks.Security ];
26 26
 
27
+  patchPhase = ''
28
+    sed -i "s~SCRIPTPATH=.*~SCRIPTPATH=$out/templates/~g" scripts/bootstrap
29
+  '';
30
+
31
+  installPhase = ''
32
+    install -d $out/bin $out/templates
33
+    install -m755 target/*/release/jormungandr $out/bin/
34
+    install -m755 target/*/release/jcli $out/bin/
35
+    install -m755 scripts/send-transaction $out/templates
36
+    install -m755 scripts/jcli-helpers $out/bin/
37
+    install -m755 scripts/bootstrap $out/bin/jormungandr-bootstrap
38
+    install -m644 scripts/faucet-send-money.shtempl $out/templates/
39
+    install -m644 scripts/create-account-and-delegate.shtempl $out/templates/
40
+    install -m644 scripts/faucet-send-certificate.shtempl $out/templates/
41
+  '';
42
+
27 43
   PROTOC = "${protobuf}/bin/protoc";
28 44
 
29 45
   # Disabling integration tests

+ 3
- 3
pkgs/applications/audio/vcv-rack/default.nix View File

@@ -28,13 +28,13 @@ let
28 28
 in
29 29
 with stdenv.lib; stdenv.mkDerivation rec {
30 30
   pname = "VCV-Rack";
31
-  version = "1.1.3";
31
+  version = "1.1.4";
32 32
 
33 33
   src = fetchFromGitHub {
34 34
     owner = "VCVRack";
35 35
     repo = "Rack";
36 36
     rev = "v${version}";
37
-    sha256 = "16q3x0jpwkdwwvh7rn472w7nfjf81s10z9c7bx011kk7rgk88hh2";
37
+    sha256 = "04kg0nm7w19s2zfrsxjfl3bs4sy3bzf28kzl4hayzwv480667ybx";
38 38
     fetchSubmodules = true;
39 39
   };
40 40
 
@@ -78,7 +78,7 @@ with stdenv.lib; stdenv.mkDerivation rec {
78 78
     # The source is BSD-3 licensed, some of the art is CC-BY-NC 4.0 or under a
79 79
     # no-derivatives clause
80 80
     license = with licenses; [ bsd3 cc-by-nc-40 unfreeRedistributable ];
81
-    maintainers = with maintainers; [ moredread ];
81
+    maintainers = with maintainers; [ moredread nathyong ];
82 82
     platforms = platforms.linux;
83 83
   };
84 84
 }

+ 7
- 16
pkgs/applications/editors/emacs-modes/melpa-packages.nix View File

@@ -33,8 +33,6 @@ env NIXPKGS_ALLOW_BROKEN=1 nix-instantiate --show-trace ../../../../ -A emacsPac
33 33
     inherit (import ./libgenerated.nix lib self) melpaDerivation;
34 34
     super = lib.listToAttrs (map (melpaDerivation variant) (lib.importJSON archiveJson));
35 35
 
36
-    generic = import ./melpa-generic.nix;
37
-
38 36
     overrides = rec {
39 37
       shared = {
40 38
         # Expects bash to be at /bin/bash
@@ -131,20 +129,20 @@ env NIXPKGS_ALLOW_BROKEN=1 nix-instantiate --show-trace ../../../../ -A emacsPac
131 129
         # upstream issue: missing file header
132 130
         initsplit = markBroken super.initsplit;
133 131
 
134
-        irony = super.irony.overrideAttrs(old: {
132
+        irony = super.irony.overrideAttrs (old: {
133
+          cmakeFlags = old.cmakeFlags or [] ++ [ "-DCMAKE_INSTALL_BINDIR=bin" ];
135 134
           preConfigure = ''
136 135
             cd server
137 136
           '';
138 137
           preBuild = ''
139 138
             make
139
+            install -D bin/irony-server $out/bin/irony-server
140
+            cd ..
140 141
           '';
141
-          postInstall = ''
142
-            mkdir -p $out
143
-            mv $out/share/emacs/site-lisp/elpa/*/server/bin $out
144
-            rm -rf $out/share/emacs/site-lisp/elpa/*/server
145
-          '';
146
-          preCheck = ''
142
+          checkPhase = ''
147 143
             cd source/server
144
+            make check
145
+            cd ../..
148 146
           '';
149 147
           dontUseCmakeBuildDir = true;
150 148
           doCheck = true;
@@ -396,13 +394,6 @@ env NIXPKGS_ALLOW_BROKEN=1 nix-instantiate --show-trace ../../../../ -A emacsPac
396 394
         # Expects bash to be at /bin/bash
397 395
         helm-rtags = markBroken super.helm-rtags;
398 396
 
399
-        # Fails with "package does not untar cleanly into ..."
400
-        irony = shared.irony.overrideAttrs(old: {
401
-          meta = old.meta // {
402
-            broken = true;
403
-          };
404
-        });
405
-
406 397
         orgit =
407 398
           (super.orgit.overrideAttrs (attrs: {
408 399
             # searches for Git at build time

+ 2
- 2
pkgs/applications/editors/nano/default.nix View File

@@ -20,11 +20,11 @@ let
20 20
 
21 21
 in stdenv.mkDerivation rec {
22 22
   pname = "nano";
23
-  version = "4.3";
23
+  version = "4.4";
24 24
 
25 25
   src = fetchurl {
26 26
     url = "mirror://gnu/nano/${pname}-${version}.tar.xz";
27
-    sha256 = "108dzj6azqmini9bvgl26r0q1y59s3nnrw75hfzv91bs50davlq0";
27
+    sha256 = "1iw2ypq34g1gfqyhgka2fz5yj5vrlz85q6zk7amgyj286ph25wia";
28 28
   };
29 29
 
30 30
   nativeBuildInputs = [ texinfo ] ++ optional enableNls gettext;

+ 2
- 2
pkgs/applications/editors/tiled/default.nix View File

@@ -1,7 +1,7 @@
1
-{ stdenv, fetchFromGitHub, pkgconfig, qmake
1
+{ stdenv, mkDerivation, fetchFromGitHub, pkgconfig, qmake
2 2
 , python, qtbase, qttools }:
3 3
 
4
-stdenv.mkDerivation rec {
4
+mkDerivation rec {
5 5
   pname = "tiled";
6 6
   version = "1.2.4";
7 7
 

+ 3
- 3
pkgs/applications/misc/hugo/default.nix View File

@@ -2,7 +2,7 @@
2 2
 
3 3
 buildGoModule rec {
4 4
   pname = "hugo";
5
-  version = "0.55.4";
5
+  version = "0.57.2";
6 6
 
7 7
   goPackagePath = "github.com/gohugoio/hugo";
8 8
 
@@ -10,10 +10,10 @@ buildGoModule rec {
10 10
     owner  = "gohugoio";
11 11
     repo   = "hugo";
12 12
     rev    = "v${version}";
13
-    sha256 = "0hbkl8dhhdic0admrkvlp1h1bmfrrwfnvipx27clyk0f88jcvb7y";
13
+    sha256 = "1cqvm2fj6hh2n9iv67vamhn23fbxmmwciks0r4h4y0hapzlzpyd8";
14 14
   };
15 15
 
16
-  modSha256 = "0yrwkaaasj9ihjjfbywnzkppix1y2znagg3dkyikk21sl5n0nz23";
16
+  modSha256 = "09r7r1s5b2fvnzpzjarpv2lnvp6bxdfschiq6352hw631n7kkyz1";
17 17
 
18 18
   buildFlags = "-tags extended";
19 19
 

+ 2
- 6
pkgs/applications/misc/megasync/default.nix View File

@@ -17,9 +17,7 @@
17 17
 , lsb-release
18 18
 , mkDerivation
19 19
 , pkgconfig
20
-, qmake
21 20
 , qtbase
22
-, qtsvg
23 21
 , qttools
24 22
 , sqlite
25 23
 , swig
@@ -29,13 +27,13 @@
29 27
 
30 28
 mkDerivation rec {
31 29
   pname = "megasync";
32
-  version = "4.1.1.0";
30
+  version = "4.2.3.0";
33 31
 
34 32
   src = fetchFromGitHub {
35 33
     owner = "meganz";
36 34
     repo = "MEGAsync";
37 35
     rev = "v${version}_Linux";
38
-    sha256 = "0lc228q3s9xp78dxjn22g6anqlsy1hi7a6yfs4q3l6gyfc3qcxl2";
36
+    sha256 = "0l4yfrxjb62vc9dnlzy8rjqi68ga1bys5x5rfzs40daw13yf1adv";
39 37
     fetchSubmodules = true;
40 38
   };
41 39
 
@@ -45,7 +43,6 @@ mkDerivation rec {
45 43
     doxygen
46 44
     lsb-release
47 45
     pkgconfig
48
-    qmake
49 46
     qttools
50 47
     swig
51 48
   ];
@@ -62,7 +59,6 @@ mkDerivation rec {
62 59
     libuv
63 60
     libzen
64 61
     qtbase
65
-    qtsvg
66 62
     sqlite
67 63
     unzip
68 64
     wget

+ 2
- 1
pkgs/applications/misc/orca/default.nix View File

@@ -1,7 +1,7 @@
1 1
 { stdenv, pkgconfig, fetchurl, buildPythonApplication
2 2
 , autoreconfHook, wrapGAppsHook, gobject-introspection
3 3
 , intltool, yelp-tools, itstool, libxmlxx3
4
-, python, pygobject3, gtk3, gnome3, substituteAll
4
+, python, pygobject3, gtk3, gnome3, substituteAll, hicolor-icon-theme
5 5
 , at-spi2-atk, at-spi2-core, pyatspi, dbus, dbus-python, pyxdg
6 6
 , xkbcomp, procps, lsof, coreutils, gsettings-desktop-schemas
7 7
 , speechd, brltty, liblouis, setproctitle, gst_all_1, gst-python
@@ -31,6 +31,7 @@ buildPythonApplication rec {
31 31
   nativeBuildInputs = [
32 32
     autoreconfHook wrapGAppsHook pkgconfig libxmlxx3
33 33
     intltool yelp-tools itstool gobject-introspection
34
+    hicolor-icon-theme # setup-hook
34 35
   ];
35 36
 
36 37
   propagatedBuildInputs = [

+ 24
- 0
pkgs/applications/misc/rsclock/default.nix View File

@@ -0,0 +1,24 @@
1
+{ stdenv, rustPlatform, fetchFromGitHub }:
2
+
3
+rustPlatform.buildRustPackage rec {
4
+  pname = "rsClock";
5
+  version = "0.1.0";
6
+
7
+  src = fetchFromGitHub {
8
+    owner = "valebes";
9
+    repo = pname;
10
+    rev = "v${version}";
11
+    sha256 = "1fpidswkgpf9yr4vxqn38livz6r3z5i0lhg7ngj9f1ki4yqxn9zh";
12
+  };
13
+   
14
+  cargoSha256 = "1m0lm8xh1qp0cbx870xy2m0bv047mb00vcwzq7r5gxqx8n61qm4n";
15
+
16
+  meta = with stdenv.lib; {
17
+    description = "A simple terminal clock written in Rust";
18
+    homepage = "https://github.com/valebes/rsClock";
19
+    license = licenses.mit;
20
+    maintainers = with maintainers; [valebes];
21
+    platforms = platforms.all;
22
+  };
23
+}
24
+

+ 4
- 4
pkgs/applications/misc/yate/default.nix View File

@@ -1,17 +1,17 @@
1
-{ stdenv, fetchurl, lib, qt4, openssl, autoconf, automake, pkgconfig }:
1
+{ stdenv, fetchurl, lib, qt4, openssl, pkgconfig }:
2 2
 
3 3
 stdenv.mkDerivation rec {
4 4
   pname = "yate";
5
-  version = "6.0.0-1";
5
+  version = "6.1.0-1";
6 6
 
7 7
   src = fetchurl {
8 8
     url = "http://voip.null.ro/tarballs/yate${lib.versions.major version}/${pname}-${version}.tar.gz";
9
-    sha256 = "05qqdhi3rp5660gq1484jkmxkm9vq81j0yr765h0gf0xclan1dqa";
9
+    sha256 = "0xx3i997nsf2wzbv6m5n6adsym0qhgc6xg4rsv0fwqrgisf5327d";
10 10
   };
11 11
 
12 12
   # TODO zaptel ? postgres ?
13 13
   nativeBuildInputs = [ pkgconfig ];
14
-  buildInputs = [ qt4 openssl autoconf automake ];
14
+  buildInputs = [ qt4 openssl ];
15 15
 
16 16
   # /dev/null is used when linking which is a impure path for the wrapper
17 17
   preConfigure =

+ 4
- 4
pkgs/applications/networking/browsers/chromium/plugins.nix View File

@@ -94,17 +94,17 @@ let
94 94
         envVars.NIX_CHROMIUM_PLUGIN_PATH_WIDEVINE = "@out@/lib";
95 95
       }}
96 96
     '';
97
-    
97
+
98 98
     meta.platforms = platforms.x86_64;
99 99
   };
100 100
 
101 101
   flash = stdenv.mkDerivation rec {
102 102
     pname = "flashplayer-ppapi";
103
-    version = "32.0.0.223";
103
+    version = "32.0.0.238";
104 104
 
105 105
     src = fetchzip {
106 106
       url = "https://fpdownload.adobe.com/pub/flashplayer/pdc/${version}/flash_player_ppapi_linux.x86_64.tar.gz";
107
-      sha256 = "0xm6jcdip4gki267ldw106l5j43im0ji2zjsarvi7n2nvvnwwgnl";
107
+      sha256 = "0jqx68lfqjpy6wbxdi0giclvh9mc9rha92hqdj1nx42v95k3gc65";
108 108
       stripRoot = false;
109 109
     };
110 110
 
@@ -135,7 +135,7 @@ let
135 135
     '';
136 136
 
137 137
     dontStrip = true;
138
-    
138
+
139 139
     meta.platforms = platforms.x86_64;
140 140
   };
141 141
 

+ 2
- 2
pkgs/applications/networking/browsers/vivaldi/default.nix View File

@@ -17,11 +17,11 @@ let
17 17
   vivaldiName = if isSnapshot then "vivaldi-snapshot" else "vivaldi";
18 18
 in stdenv.mkDerivation rec {
19 19
   pname = "vivaldi";
20
-  version = "2.6.1566.51-1";
20
+  version = "2.7.1628.30-1";
21 21
 
22 22
   src = fetchurl {
23 23
     url = "https://downloads.vivaldi.com/${branch}/vivaldi-${branch}_${version}_amd64.deb";
24
-    sha256 = "0582f16saldgn482806f9igb97is4p3ayvh99j0wx9plxnyq5xmm";
24
+    sha256 = "1lz8adwiwll8g246s5pa0ipfraph51s9f4lcfysdrp1s3s1qhw8x";
25 25
   };
26 26
 
27 27
   unpackPhase = ''

+ 3
- 3
pkgs/applications/networking/cluster/tilt/default.nix View File

@@ -5,20 +5,20 @@ buildGoPackage rec {
5 5
   /* Do not use "dev" as a version. If you do, Tilt will consider itself
6 6
      running in development environment and try to serve assets from the
7 7
      source tree, which is not there once build completes.  */
8
-  version = "0.9.7";
8
+  version = "0.10.4";
9 9
 
10 10
   src = fetchFromGitHub {
11 11
     owner  = "windmilleng";
12 12
     repo   = pname;
13 13
     rev    = "v${version}";
14
-    sha256 = "0b7jk7iwjzdsb2wp9qx4gs9g3gi2vcqw5ilkax3gfz7wsplm0n65";
14
+    sha256 = "0nxgmldbcaj91jq47qxpf6jqwvi9bhg243qchdkiliphybvilcrg";
15 15
   };
16 16
 
17 17
   goPackagePath = "github.com/windmilleng/tilt";
18 18
 
19 19
   subPackages = [ "cmd/tilt" ];
20 20
 
21
-  buildFlagsArray = ("-ldflags=-X main.version=${version} -X main.date=2019-07-30");
21
+  buildFlagsArray = ("-ldflags=-X main.version=${version} -X main.date=2019-08-14");
22 22
 
23 23
   meta = with stdenv.lib; {
24 24
     description = "Local development tool to manage your developer instance when your team deploys to Kubernetes in production";

+ 1
- 128
pkgs/applications/networking/instant-messengers/riot/riot-desktop-yarndeps.nix
File diff suppressed because it is too large
View File


+ 8
- 12
pkgs/applications/networking/instant-messengers/riot/riot-desktop.nix View File

@@ -1,9 +1,8 @@
1
-{ pkgs, stdenv, fetchFromGitHub, makeWrapper, makeDesktopItem, electron_5, riot-web }:
1
+{ pkgs, stdenv, fetchFromGitHub, makeWrapper, makeDesktopItem, electron_5, riot-web, yarn2nix-moretea }:
2 2
 
3
-# Note for maintainers:
4
-# Versions of `riot-web` and `riot-desktop` should be kept in sync.
5
-
6
-with (import ./yarn2nix.nix { inherit pkgs; });
3
+# Notes for maintainers:
4
+# * versions of `riot-web` and `riot-desktop` should be kept in sync.
5
+# * the Yarn dependency expression must be updated with `./update-riot-desktop.sh <git release tag>`
7 6
 
8 7
 let
9 8
   executableName = "riot-desktop";
@@ -15,18 +14,13 @@ let
15 14
     sha256 = "1nzzxcz4r9932cha80q1bzn1425m67fsl89pn7n7ybrv6y0jnxpc";
16 15
   };
17 16
 
18
-in mkYarnPackage rec {
17
+in yarn2nix-moretea.mkYarnPackage rec {
19 18
   name = "riot-desktop-${version}";
20 19
   inherit version;
21 20
 
22 21
   src = "${riot-web-src}/electron_app";
23 22
 
24
-  # The package manifest should be copied on each update of this package.
25
-  # > cp ${riot-web-src}/electron_app/package.json riot-desktop-package.json
26 23
   packageJSON = ./riot-desktop-package.json;
27
-
28
-  # The dependency expression can be regenerated using nixos.yarn2nix with the following command:
29
-  # > yarn2nix --lockfile=${riot-web-src}/electron_app/yarn.lock > riot-desktop-yarndeps.nix
30 24
   yarnNix = ./riot-desktop-yarndeps.nix;
31 25
 
32 26
   nativeBuildInputs = [ makeWrapper ];
@@ -36,7 +30,9 @@ in mkYarnPackage rec {
36 30
     mkdir -p "$out/share/riot"
37 31
     ln -s '${riot-web}' "$out/share/riot/webapp"
38 32
     cp -r '${riot-web-src}/origin_migrator' "$out/share/riot/origin_migrator"
39
-    cp -r '.' "$out/share/riot/electron"
33
+    cp -r './deps/riot-web' "$out/share/riot/electron"
34
+    rm "$out/share/riot/electron/node_modules"
35
+    cp -r './node_modules' "$out/share/riot/electron"
40 36
 
41 37
     # icons
42 38
     for icon in $out/share/riot/electron/build/icons/*.png; do

+ 17
- 0
pkgs/applications/networking/instant-messengers/riot/update-riot-desktop.sh View File

@@ -0,0 +1,17 @@
1
+#!/usr/bin/env nix-shell
2
+#!nix-shell -I nixpkgs=../../../../../ -i bash -p wget yarn2nix-moretea.yarn2nix
3
+
4
+set -euo pipefail
5
+
6
+if [ "$#" -ne 1 ] || [[ "$1" == -* ]]; then
7
+	echo "Regenerates the Yarn dependency lock files for the riot-desktop package."
8
+	echo "Usage: $0 <git release tag>"
9
+	exit 1
10
+fi
11
+
12
+RIOT_WEB_SRC="https://raw.githubusercontent.com/vector-im/riot-web/$1"
13
+
14
+wget "$RIOT_WEB_SRC/electron_app/package.json" -O riot-desktop-package.json
15
+wget "$RIOT_WEB_SRC/electron_app/yarn.lock" -O riot-desktop-yarndeps.lock
16
+yarn2nix --lockfile=riot-desktop-yarndeps.lock > riot-desktop-yarndeps.nix
17
+rm riot-desktop-yarndeps.lock

+ 0
- 320
pkgs/applications/networking/instant-messengers/riot/yarn2nix.nix View File

@@ -1,320 +0,0 @@
1
-{ pkgs ? import <nixpkgs> {}
2
-, nodejs ? pkgs.nodejs
3
-, yarn ? pkgs.yarn
4
-}:
5
-
6
-let
7
-  inherit (pkgs) stdenv lib fetchurl linkFarm;
8
-in rec {
9
-  # Export yarn again to make it easier to find out which yarn was used.
10
-  inherit yarn;
11
-
12
-  # Re-export pkgs
13
-  inherit pkgs;
14
-
15
-  unlessNull = item: alt:
16
-    if item == null then alt else item;
17
-
18
-  reformatPackageName = pname:
19
-    let
20
-      # regex adapted from `validate-npm-package-name`
21
-      # will produce 3 parts e.g.
22
-      # "@someorg/somepackage" -> [ "@someorg/" "someorg" "somepackage" ]
23
-      # "somepackage" -> [ null null "somepackage" ]
24
-      parts = builtins.tail (builtins.match "^(@([^/]+)/)?([^/]+)$" pname);
25
-      # if there is no organisation we need to filter out null values.
26
-      non-null = builtins.filter (x: x != null) parts;
27
-    in builtins.concatStringsSep "-" non-null;
28
-
29
-  # https://docs.npmjs.com/files/package.json#license
30
-  # TODO: support expression syntax (OR, AND, etc)
31
-  spdxLicense = licstr:
32
-    if licstr == "UNLICENSED" then
33
-      lib.licenses.unfree
34
-    else
35
-      lib.findFirst
36
-        (l: l ? spdxId && l.spdxId == licstr)
37
-        { shortName = licstr; }
38
-        (builtins.attrValues lib.licenses);
39
-
40
-  # Generates the yarn.nix from the yarn.lock file
41
-  mkYarnNix = yarnLock:
42
-    pkgs.runCommand "yarn.nix" {}
43
-      "${yarn2nix}/bin/yarn2nix --lockfile ${yarnLock} --no-patch > $out";
44
-
45
-  # Loads the generated offline cache. This will be used by yarn as
46
-  # the package source.
47
-  importOfflineCache = yarnNix:
48
-    let
49
-      pkg = import yarnNix { inherit fetchurl linkFarm; };
50
-    in
51
-      pkg.offline_cache;
52
-
53
-  defaultYarnFlags = [
54
-    "--offline"
55
-    "--frozen-lockfile"
56
-    "--ignore-engines"
57
-    "--ignore-scripts"
58
-  ];
59
-
60
-  mkYarnModules = {
61
-    name,
62
-    pname,
63
-    packageJSON,
64
-    yarnLock,
65
-    yarnNix ? mkYarnNix yarnLock,
66
-    yarnFlags ? defaultYarnFlags,
67
-    pkgConfig ? {},
68
-    preBuild ? "",
69
-    workspaceDependencies ? [],
70
-  }:
71
-    let
72
-      offlineCache = importOfflineCache yarnNix;
73
-      extraBuildInputs = (lib.flatten (builtins.map (key:
74
-        pkgConfig.${key} . buildInputs or []
75
-      ) (builtins.attrNames pkgConfig)));
76
-      postInstall = (builtins.map (key:
77
-        if (pkgConfig.${key} ? postInstall) then
78
-          ''
79
-            for f in $(find -L -path '*/node_modules/${key}' -type d); do
80
-              (cd "$f" && (${pkgConfig.${key}.postInstall}))
81
-            done
82
-          ''
83
-        else
84
-          ""
85
-      ) (builtins.attrNames pkgConfig));
86
-      workspaceJSON = pkgs.writeText
87
-        "${name}-workspace-package.json"
88
-        (builtins.toJSON { private = true; workspaces = ["deps/**"]; }); # scoped packages need second splat
89
-      workspaceDependencyLinks = lib.concatMapStringsSep "\n"
90
-        (dep: ''
91
-          mkdir -p "deps/${dep.pname}"
92
-          ln -sf ${dep.packageJSON} "deps/${dep.pname}/package.json"
93
-        '')
94
-        workspaceDependencies;
95
-    in stdenv.mkDerivation {
96
-      inherit preBuild name;
97
-      phases = ["configurePhase" "buildPhase"];
98
-      buildInputs = [ yarn nodejs ] ++ extraBuildInputs;
99
-
100
-      configurePhase = ''
101
-        # Yarn writes cache directories etc to $HOME.
102
-        export HOME=$PWD/yarn_home
103
-      '';
104
-
105
-      buildPhase = ''
106
-        runHook preBuild
107
-
108
-        mkdir -p "deps/${pname}"
109
-        cp ${packageJSON} "deps/${pname}/package.json"
110
-        cp ${workspaceJSON} ./package.json
111
-        cp ${yarnLock} ./yarn.lock
112
-        chmod +w ./yarn.lock
113
-
114
-        yarn config --offline set yarn-offline-mirror ${offlineCache}
115
-
116
-        # Do not look up in the registry, but in the offline cache.
117
-        # TODO: Ask upstream to fix this mess.
118
-        sed -i -E '/resolved /{s|https://registry.yarnpkg.com/||;s|[@/:-]|_|g}' yarn.lock
119
-
120
-        ${workspaceDependencyLinks}
121
-        yarn install ${lib.escapeShellArgs yarnFlags}
122
-
123
-        ${lib.concatStringsSep "\n" postInstall}
124
-
125
-        mkdir $out
126
-        mv node_modules $out/
127
-        mv deps $out/
128
-        patchShebangs $out
129
-      '';
130
-    };
131
-
132
-  # This can be used as a shellHook in mkYarnPackage. It brings the built node_modules into
133
-  # the shell-hook environment.
134
-  linkNodeModulesHook = ''
135
-    if [[ -d node_modules || -L node_modules ]]; then
136
-      echo "./node_modules is present. Replacing."
137
-      rm -rf node_modules
138
-    fi
139
-
140
-    ln -s "$node_modules" node_modules
141
-  '';
142
-
143
-  mkYarnWorkspace = {
144
-    src,
145
-    packageJSON ? src+"/package.json",
146
-    yarnLock ? src+"/yarn.lock",
147
-    packageOverrides ? {},
148
-    ...
149
-  }@attrs:
150
-  let
151
-    package = lib.importJSON packageJSON;
152
-    packageGlobs = package.workspaces;
153
-    globElemToRegex = lib.replaceStrings ["*"] [".*"];
154
-    # PathGlob -> [PathGlobElem]
155
-    splitGlob = lib.splitString "/";
156
-    # Path -> [PathGlobElem] -> [Path]
157
-    # Note: Only directories are included, everything else is filtered out
158
-    expandGlobList = base: globElems:
159
-    let
160
-      elemRegex = globElemToRegex (lib.head globElems);
161
-      rest = lib.tail globElems;
162
-      children = lib.attrNames (lib.filterAttrs (name: type: type == "directory") (builtins.readDir base));
163
-      matchingChildren = lib.filter (child: builtins.match elemRegex child != null) children;
164
-    in if globElems == []
165
-      then [ base ]
166
-      else lib.concatMap (child: expandGlobList (base+("/"+child)) rest) matchingChildren;
167
-    # Path -> PathGlob -> [Path]
168
-    expandGlob = base: glob: expandGlobList base (splitGlob glob);
169
-    packagePaths = lib.concatMap (expandGlob src) packageGlobs;
170
-    packages = lib.listToAttrs (map (src:
171
-    let
172
-      packageJSON = src+"/package.json";
173
-      package = lib.importJSON packageJSON;
174
-      allDependencies = lib.foldl (a: b: a // b) {} (map (field: lib.attrByPath [field] {} package) ["dependencies" "devDependencies"]);
175
-    in rec {
176
-      name = reformatPackageName package.name;
177
-      value = mkYarnPackage (builtins.removeAttrs attrs ["packageOverrides"] // {
178
-        inherit src packageJSON yarnLock;
179
-        workspaceDependencies = lib.mapAttrsToList (name: version: packages.${name})
180
-          (lib.filterAttrs (name: version: packages ? ${name}) allDependencies);
181
-      } // lib.attrByPath [name] {} packageOverrides);
182
-    }) packagePaths);
183
-  in packages;
184
-
185
-  mkYarnPackage = {
186
-    name ? null,
187
-    src,
188
-    packageJSON ? src + "/package.json",
189
-    yarnLock ? src + "/yarn.lock",
190
-    yarnNix ? mkYarnNix yarnLock,
191
-    yarnFlags ? defaultYarnFlags,
192
-    yarnPreBuild ? "",
193
-    pkgConfig ? {},
194
-    extraBuildInputs ? [],
195
-    publishBinsFor ? null,
196
-    workspaceDependencies ? [],
197
-    ...
198
-  }@attrs:
199
-    let
200
-      package = lib.importJSON packageJSON;
201
-      pname = package.name;
202
-      safeName = reformatPackageName pname;
203
-      version = package.version;
204
-      baseName = unlessNull name "${safeName}-${version}";
205
-      deps = mkYarnModules {
206
-        name = "${safeName}-modules-${version}";
207
-        preBuild = yarnPreBuild;
208
-        workspaceDependencies = workspaceDependenciesTransitive;
209
-        inherit packageJSON pname yarnLock yarnNix yarnFlags pkgConfig;
210
-      };
211
-      publishBinsFor_ = unlessNull publishBinsFor [pname];
212
-      linkDirFunction = ''
213
-        linkDirToDirLinks() {
214
-          target=$1
215
-          if [ ! -f "$target" ]; then
216
-            mkdir -p "$target"
217
-          elif [ -L "$target" ]; then
218
-            local new=$(mktemp -d)
219
-            trueSource=$(realpath "$target")
220
-            if [ "$(ls $trueSource | wc -l)" -gt 0 ]; then
221
-              ln -s $trueSource/* $new/
222
-            fi
223
-            rm -r "$target"
224
-            mv "$new" "$target"
225
-          fi
226
-        }
227
-      '';
228
-      workspaceDependenciesTransitive = lib.unique ((lib.flatten (builtins.map (dep: dep.workspaceDependencies) workspaceDependencies)) ++ workspaceDependencies);
229
-      workspaceDependencyCopy = lib.concatMapStringsSep "\n"
230
-        (dep: ''
231
-          # ensure any existing scope directory is not a symlink
232
-          linkDirToDirLinks "$(dirname node_modules/${dep.pname})"
233
-          mkdir -p "deps/${dep.pname}"
234
-          tar -xf "${dep}/tarballs/${dep.name}.tgz" --directory "deps/${dep.pname}" --strip-components=1
235
-          if [ ! -e "deps/${dep.pname}/node_modules" ]; then
236
-            ln -s "${deps}/deps/${dep.pname}/node_modules" "deps/${dep.pname}/node_modules"
237
-          fi
238
-        '')
239
-        workspaceDependenciesTransitive;
240
-    in stdenv.mkDerivation (builtins.removeAttrs attrs ["pkgConfig" "workspaceDependencies"] // {
241
-      inherit src;
242
-
243
-      name = baseName;
244
-
245
-      buildInputs = [ yarn nodejs ] ++ extraBuildInputs;
246
-
247
-      node_modules = deps + "/node_modules";
248
-
249
-      configurePhase = attrs.configurePhase or ''
250
-        runHook preConfigure
251
-
252
-        for localDir in npm-packages-offline-cache node_modules; do
253
-          if [[ -d $localDir || -L $localDir ]]; then
254
-            echo "$localDir dir present. Removing."
255
-            rm -rf $localDir
256
-          fi
257
-        done
258
-
259
-        mkdir -p "deps/${pname}"
260
-        shopt -s extglob
261
-        cp -r !(deps) "deps/${pname}"
262
-        shopt -u extglob
263
-        ln -s ${deps}/deps/${pname}/node_modules "deps/${pname}/node_modules"
264
-
265
-        cp -r $node_modules node_modules
266
-        chmod -R +w node_modules
267
-
268
-        ${linkDirFunction}
269
-        linkDirToDirLinks "$(dirname node_modules/${pname})"
270
-        ln -s "deps/${pname}" "node_modules/${pname}"
271
-        ${workspaceDependencyCopy}
272
-
273
-        # Help yarn commands run in other phases find the package
274
-        echo "--cwd deps/${pname}" > .yarnrc
275
-        runHook postConfigure
276
-      '';
277
-
278
-      # Replace this phase on frontend packages where only the generated
279
-      # files are an interesting output.
280
-      installPhase = attrs.installPhase or ''
281
-        runHook preInstall
282
-
283
-        mkdir -p $out/{bin,libexec/${pname}}
284
-        mv node_modules $out/libexec/${pname}/node_modules
285
-        mv deps $out/libexec/${pname}/deps
286
-        node ${./nix/fixup_bin.js} $out/bin $out/libexec/${pname}/node_modules ${lib.concatStringsSep " " publishBinsFor_}
287
-
288
-        runHook postInstall
289
-      '';
290
-
291
-      doDist = true;
292
-      distPhase = attrs.distPhase or ''
293
-        # pack command ignores cwd option
294
-        rm -f .yarnrc
295
-        cd $out/libexec/${pname}/deps/${pname}
296
-        mkdir -p $out/tarballs/
297
-        yarn pack --ignore-scripts --filename $out/tarballs/${baseName}.tgz
298
-      '';
299
-
300
-      passthru = {
301
-        inherit pname package packageJSON deps;
302
-        workspaceDependencies = workspaceDependenciesTransitive;
303
-      } // (attrs.passthru or {});
304
-
305
-      meta = {
306
-        inherit (nodejs.meta) platforms;
307
-        description = packageJSON.description or "";
308
-        homepage = packageJSON.homepage or "";
309
-        version = packageJSON.version or "";
310
-        license = if packageJSON ? license then spdxLicense packageJSON.license else "";
311
-      } // (attrs.meta or {});
312
-    });
313
-
314
-  yarn2nix = mkYarnPackage {
315
-    src = ./.;
316
-    # yarn2nix is the only package that requires the yarnNix option.
317
-    # All the other projects can auto-generate that file.
318
-    yarnNix = ./yarn.nix;
319
-  };
320
-}

+ 2
- 2
pkgs/applications/networking/instant-messengers/slack/default.nix View File

@@ -6,7 +6,7 @@ at-spi2-atk, libuuid, nodePackages
6 6
 
7 7
 let
8 8
 
9
-  version = "4.0.1";
9
+  version = "4.0.2";
10 10
 
11 11
   rpath = stdenv.lib.makeLibraryPath [
12 12
     alsaLib
@@ -51,7 +51,7 @@ let
51 51
     if stdenv.hostPlatform.system == "x86_64-linux" then
52 52
       fetchurl {
53 53
         url = "https://downloads.slack-edge.com/linux_releases/slack-desktop-${version}-amd64.deb";
54
-        sha256 = "1g7c8jka750pblsfzjvfyf7sp1m409kybqagml9miif1v71scxv2";
54
+        sha256 = "053j5py16ilpwy868rhh5l2g93xj1fq4fwxrsi2bkfsnmq261hkm";
55 55
       }
56 56
     else
57 57
       throw "Slack is not supported on ${stdenv.hostPlatform.system}";

+ 2
- 2
pkgs/applications/networking/mumble/overlay.nix View File

@@ -12,10 +12,10 @@ in stdenv.mkDerivation {
12 12
 
13 13
   installPhase = ''
14 14
     mkdir -p $out/lib
15
-    ln -s ${mumble}/lib/libmumble.so.1.* $out/lib/libmumble.so.1
15
+    ln -s ${mumble}/lib/libmumble.so.1.2.* $out/lib/libmumble.so.1
16 16
     ${lib.optionalString (mumble_i686 != null) ''
17 17
       mkdir -p $out/lib32
18
-      ln -s ${mumble_i686}/lib/libmumble.so.1.* $out/lib32/libmumble.so.1
18
+      ln -s ${mumble_i686}/lib/libmumble.so.1.2.* $out/lib32/libmumble.so.1
19 19
     ''}
20 20
     install -Dm755 scripts/mumble-overlay $out/bin/mumble-overlay
21 21
     sed -i "s,/usr/lib,$out/lib,g" $out/bin/mumble-overlay

+ 17
- 23
pkgs/applications/networking/p2p/gnunet/default.nix View File

@@ -1,20 +1,24 @@
1 1
 { stdenv, fetchurl, adns, curl, gettext, gmp, gnutls, libextractor
2 2
 , libgcrypt, libgnurl, libidn, libmicrohttpd, libtool, libunistring
3 3
 , makeWrapper, ncurses, pkgconfig, libxml2, sqlite, zlib
4
-, libpulseaudio, libopus, libogg }:
4
+, libpulseaudio, libopus, libogg, jansson }:
5 5
 
6 6
 stdenv.mkDerivation rec {
7
-  name = "gnunet-0.11.0";
7
+  pname = "gnunet";
8
+  version = "0.11.6";
8 9
 
9 10
   src = fetchurl {
10
-    url = "mirror://gnu/gnunet/${name}.tar.gz";
11
-    sha256 = "16kydkrjlf2vxflgls46bwaf9kjczf621p456q0qlphd7cy7lixp";
11
+    url = "mirror://gnu/gnunet/${pname}-${version}.tar.gz";
12
+    sha256 = "1gspr1lh885sb9r2anh7bi4zan3zjqx33lpyhq9hm2g0n5ip187q";
12 13
   };
13 14
 
15
+  enableParallelBuilding = true;
16
+
17
+  nativeBuildInputs = [ pkgconfig libtool makeWrapper ];
14 18
   buildInputs = [
15
-    adns curl gettext gmp gnutls libextractor libgcrypt libgnurl libidn
16
-    libmicrohttpd libtool libunistring libxml2 makeWrapper ncurses
17
-    pkgconfig sqlite zlib libpulseaudio libopus libogg
19
+    adns curl gmp gnutls libextractor libgcrypt libgnurl libidn
20
+    libmicrohttpd libunistring libxml2 ncurses gettext
21
+    sqlite zlib libpulseaudio libopus libogg jansson
18 22
   ];
19 23
 
20 24
   preConfigure = ''
@@ -29,26 +33,18 @@ stdenv.mkDerivation rec {
29 33
     find . \( -iname \*test\*.c -or -name \*.conf \) | \
30 34
       xargs sed -ie "s|/tmp|$TMPDIR|g"
31 35
 
32
-    # Ensure NSS installation works fine
33
-    configureFlags="$configureFlags --with-nssdir=$out/lib"
34
-    patchShebangs src/gns/nss/install-nss-plugin.sh
35
-
36 36
     sed -ie 's|@LDFLAGS@|@LDFLAGS@ $(Z_LIBS)|g' \
37 37
       src/regex/Makefile.in \
38 38
       src/fs/Makefile.in
39 39
   '';
40 40
 
41
+  # unfortunately, there's still a few failures with impure tests
41 42
   doCheck = false;
42
-
43
-  /* FIXME: Tests must be run this way, but there are still a couple of
44
-     failures.
45
-
46
-  postInstall =
47
-    '' export GNUNET_PREFIX="$out"
48
-       export PATH="$out/bin:$PATH"
49
-       make -k check
50
-    '';
51
-  */
43
+  checkPhase = ''
44
+    export GNUNET_PREFIX="$out"
45
+    export PATH="$out/bin:$PATH"
46
+    make -k check
47
+  '';
52 48
 
53 49
   meta = with stdenv.lib; {
54 50
     description = "GNU's decentralized anonymous and censorship-resistant P2P framework";
@@ -69,9 +65,7 @@ stdenv.mkDerivation rec {
69 65
     '';
70 66
 
71 67
     homepage = https://gnunet.org/;
72
-
73 68
     license = licenses.gpl2Plus;
74
-
75 69
     maintainers = with maintainers; [ vrthra ];
76 70
     platforms = platforms.gnu ++ platforms.linux;
77 71
   };

+ 56