Merge staging-next into staging
This commit is contained in:
commit
6c13816249
90 changed files with 2867 additions and 1360 deletions
|
@ -33,10 +33,11 @@ with lib.maintainers; {
|
|||
|
||||
podman = {
|
||||
members = [
|
||||
adisbladis
|
||||
saschagrunert
|
||||
vdemeester
|
||||
zowoq
|
||||
];
|
||||
scope = "Maintain podman related packages.";
|
||||
scope = "Maintain Podman related packages and modules.";
|
||||
};
|
||||
}
|
||||
|
|
|
@ -935,8 +935,8 @@ services.dnsmasq.servers = [ "127.0.0.1#43" ];
|
|||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
Haskell <varname>env</varname> and <varname>shellFor</varname> dev shell environments now organized dependencies the same way as regular builds.
|
||||
In particular, rather than receiving all the different lists of dependencies master together as one big lists, and then partitioning into Haskell and non-Hakell dependencies, they work from the original many different dependency parameters and don't need to algorithmically partition anything.
|
||||
Haskell <varname>env</varname> and <varname>shellFor</varname> dev shell environments now organize dependencies the same way as regular builds.
|
||||
In particular, rather than receiving all the different lists of dependencies mashed together as one big list, and then partitioning into Haskell and non-Hakell dependencies, they work from the original many different dependency parameters and don't need to algorithmically partition anything.
|
||||
</para>
|
||||
<para>
|
||||
This means that if you incorrectly categorize a dependency, e.g. non-Haskell library dependency as a <varname>buildDepends</varname> or run-time Haskell dependency as a <varname>setupDepends</varname>, whereas things would have worked before they may not work now.
|
||||
|
@ -1145,9 +1145,11 @@ systemd.services.nginx.serviceConfig.User = lib.mkForce "root";
|
|||
As well as this, the options <literal>security.acme.acceptTerms</literal> and either
|
||||
<literal>security.acme.email</literal> or <literal>security.acme.certs.<name>.email</literal>
|
||||
must be set in order to use the ACME module.
|
||||
Certificates will be regenerated anew on the next renewal date. The credentials for simp-le are
|
||||
preserved and thus it is possible to roll back to previous versions without breaking certificate
|
||||
generation.
|
||||
Certificates will be regenerated on activation, no account or certificate will be migrated from simp-le.
|
||||
In particular private keys will not be preserved. However, the credentials for simp-le are preserved and
|
||||
thus it is possible to roll back to previous versions without breaking certificate generation.
|
||||
Note also that in contrary to simp-le a new private key is recreated at each renewal by default, which can
|
||||
have consequences if you embed your public key in apps.
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
|
|
|
@ -40,6 +40,11 @@
|
|||
make use of these new options instead.
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
There is a new module for Podman(<varname>virtualisation.podman</varname>), a drop-in replacement for the Docker command line.
|
||||
</para>
|
||||
</listitem>
|
||||
</itemizedlist>
|
||||
</section>
|
||||
|
||||
|
@ -267,6 +272,13 @@ environment.systemPackages = [
|
|||
<title>Other Notable Changes</title>
|
||||
|
||||
<itemizedlist>
|
||||
<listitem>
|
||||
<para>
|
||||
<option>services.journald.rateLimitBurst</option> was updated from
|
||||
<literal>1000</literal> to <literal>10000</literal> to follow the new
|
||||
upstream systemd default.
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
The <package>notmuch</package> package move its emacs-related binaries and
|
||||
|
|
|
@ -11,9 +11,6 @@ with lib;
|
|||
|
||||
services.xserver.desktopManager.gnome3.enable = true;
|
||||
|
||||
# Wayland can be problematic for some hardware like Nvidia graphics cards.
|
||||
services.xserver.displayManager.defaultSession = "gnome-xorg";
|
||||
|
||||
services.xserver.displayManager.gdm = {
|
||||
enable = true;
|
||||
# autoSuspend makes the machine automatically suspend after inactivity.
|
||||
|
|
|
@ -109,8 +109,8 @@ in
|
|||
PRETTY_NAME="NixOS ${cfg.release} (${cfg.codeName})"
|
||||
LOGO="nix-snowflake"
|
||||
HOME_URL="https://nixos.org/"
|
||||
DOCUMENTATION_URL="https://nixos.org/nixos/manual/index.html"
|
||||
SUPPORT_URL="https://nixos.org/nixos/support.html"
|
||||
DOCUMENTATION_URL="https://nixos.org/learn.html"
|
||||
SUPPORT_URL="https://nixos.org/community.html"
|
||||
BUG_REPORT_URL="https://github.com/NixOS/nixpkgs/issues"
|
||||
'';
|
||||
|
||||
|
|
|
@ -984,6 +984,7 @@
|
|||
./virtualisation/anbox.nix
|
||||
./virtualisation/container-config.nix
|
||||
./virtualisation/containers.nix
|
||||
./virtualisation/nixos-containers.nix
|
||||
./virtualisation/cri-o.nix
|
||||
./virtualisation/docker.nix
|
||||
./virtualisation/docker-containers.nix
|
||||
|
@ -997,6 +998,7 @@
|
|||
./virtualisation/kvmgt.nix
|
||||
./virtualisation/openvswitch.nix
|
||||
./virtualisation/parallels-guest.nix
|
||||
./virtualisation/podman.nix
|
||||
./virtualisation/qemu-guest-agent.nix
|
||||
./virtualisation/railcar.nix
|
||||
./virtualisation/rkt.nix
|
||||
|
|
|
@ -37,7 +37,10 @@ in {
|
|||
RuntimeDirectoryMode = 755;
|
||||
|
||||
StateDirectory = "tailscale";
|
||||
StateDirectoryMode = 700;
|
||||
StateDirectoryMode = 750;
|
||||
|
||||
CacheDirectory = "tailscale";
|
||||
CacheDirectoryMode = 750;
|
||||
|
||||
Restart = "on-failure";
|
||||
};
|
||||
|
|
|
@ -12,7 +12,7 @@ let
|
|||
# command-line to launch oauth2_proxy.
|
||||
providerSpecificOptions = {
|
||||
azure = cfg: {
|
||||
azure.tenant = cfg.azure.tenant;
|
||||
azure-tenant = cfg.azure.tenant;
|
||||
resource = cfg.azure.resource;
|
||||
};
|
||||
|
||||
|
@ -44,6 +44,7 @@ let
|
|||
pass-access-token = passAccessToken;
|
||||
pass-basic-auth = passBasicAuth;
|
||||
pass-host-header = passHostHeader;
|
||||
reverse-proxy = reverseProxy;
|
||||
proxy-prefix = proxyPrefix;
|
||||
profile-url = profileURL;
|
||||
redeem-url = redeemURL;
|
||||
|
@ -65,8 +66,8 @@ let
|
|||
} // lib.optionalAttrs (cfg.htpasswd.file != null) {
|
||||
display-htpasswd-file = cfg.htpasswd.displayForm;
|
||||
} // lib.optionalAttrs tls.enable {
|
||||
tls-cert = tls.certificate;
|
||||
tls-key = tls.key;
|
||||
tls-cert-file = tls.certificate;
|
||||
tls-key-file = tls.key;
|
||||
https-address = tls.httpsAddress;
|
||||
} // (getProviderOptions cfg cfg.provider) // cfg.extraConfig;
|
||||
|
||||
|
@ -98,14 +99,21 @@ in
|
|||
|
||||
##############################################
|
||||
# PROVIDER configuration
|
||||
# Taken from: https://github.com/pusher/oauth2_proxy/blob/master/providers/providers.go
|
||||
provider = mkOption {
|
||||
type = types.enum [
|
||||
"google"
|
||||
"github"
|
||||
"azure"
|
||||
"facebook"
|
||||
"github"
|
||||
"keycloak"
|
||||
"gitlab"
|
||||
"linkedin"
|
||||
"myusa"
|
||||
"login.gov"
|
||||
"bitbucket"
|
||||
"nextcloud"
|
||||
"digitalocean"
|
||||
"oidc"
|
||||
];
|
||||
default = "google";
|
||||
description = ''
|
||||
|
@ -433,6 +441,17 @@ in
|
|||
'';
|
||||
};
|
||||
|
||||
reverseProxy = mkOption {
|
||||
type = types.bool;
|
||||
default = false;
|
||||
description = ''
|
||||
In case when running behind a reverse proxy, controls whether headers
|
||||
like <literal>X-Real-Ip</literal> are accepted. Usage behind a reverse
|
||||
proxy will require this flag to be set to avoid logging the reverse
|
||||
proxy IP address.
|
||||
'';
|
||||
};
|
||||
|
||||
proxyPrefix = mkOption {
|
||||
type = types.str;
|
||||
default = "/oauth2";
|
||||
|
|
|
@ -12,7 +12,7 @@ let
|
|||
|
||||
httpdConf = cfg.configFile;
|
||||
|
||||
php = cfg.phpPackage.override { apacheHttpd = pkg.dev; /* otherwise it only gets .out */ };
|
||||
php = cfg.phpPackage.override { apacheHttpd = pkg; };
|
||||
|
||||
phpMajorVersion = lib.versions.major (lib.getVersion php);
|
||||
|
||||
|
@ -338,6 +338,7 @@ let
|
|||
}
|
||||
''
|
||||
cat ${php}/etc/php.ini > $out
|
||||
cat ${php}/lib/custom-php.ini > $out
|
||||
echo "$options" >> $out
|
||||
'';
|
||||
|
||||
|
|
|
@ -209,14 +209,14 @@ in {
|
|||
user = "php";
|
||||
group = "php";
|
||||
phpPackage = pkgs.php;
|
||||
settings = '''
|
||||
settings = {
|
||||
"pm" = "dynamic";
|
||||
"pm.max_children" = 75;
|
||||
"pm.start_servers" = 10;
|
||||
"pm.min_spare_servers" = 5;
|
||||
"pm.max_spare_servers" = 20;
|
||||
"pm.max_requests" = 500;
|
||||
''';
|
||||
};
|
||||
}
|
||||
}'';
|
||||
description = ''
|
||||
|
|
|
@ -597,7 +597,7 @@ in
|
|||
};
|
||||
|
||||
services.journald.rateLimitBurst = mkOption {
|
||||
default = 1000;
|
||||
default = 10000;
|
||||
type = types.int;
|
||||
description = ''
|
||||
Configures the rate limiting burst limit (number of messages per
|
||||
|
|
|
@ -1,838 +1,150 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
cfg = config.virtualisation.containers;
|
||||
|
||||
# The container's init script, a small wrapper around the regular
|
||||
# NixOS stage-2 init script.
|
||||
containerInit = (cfg:
|
||||
let
|
||||
renderExtraVeth = (name: cfg:
|
||||
''
|
||||
echo "Bringing ${name} up"
|
||||
ip link set dev ${name} up
|
||||
${optionalString (cfg.localAddress != null) ''
|
||||
echo "Setting ip for ${name}"
|
||||
ip addr add ${cfg.localAddress} dev ${name}
|
||||
''}
|
||||
${optionalString (cfg.localAddress6 != null) ''
|
||||
echo "Setting ip6 for ${name}"
|
||||
ip -6 addr add ${cfg.localAddress6} dev ${name}
|
||||
''}
|
||||
${optionalString (cfg.hostAddress != null) ''
|
||||
echo "Setting route to host for ${name}"
|
||||
ip route add ${cfg.hostAddress} dev ${name}
|
||||
''}
|
||||
${optionalString (cfg.hostAddress6 != null) ''
|
||||
echo "Setting route6 to host for ${name}"
|
||||
ip -6 route add ${cfg.hostAddress6} dev ${name}
|
||||
''}
|
||||
''
|
||||
);
|
||||
in
|
||||
pkgs.writeScript "container-init"
|
||||
''
|
||||
#! ${pkgs.runtimeShell} -e
|
||||
inherit (lib) mkOption types;
|
||||
|
||||
# Initialise the container side of the veth pair.
|
||||
if [ -n "$HOST_ADDRESS" ] || [ -n "$HOST_ADDRESS6" ] ||
|
||||
[ -n "$LOCAL_ADDRESS" ] || [ -n "$LOCAL_ADDRESS6" ] ||
|
||||
[ -n "$HOST_BRIDGE" ]; then
|
||||
ip link set host0 name eth0
|
||||
ip link set dev eth0 up
|
||||
# Once https://github.com/NixOS/nixpkgs/pull/75584 is merged we can use the TOML generator
|
||||
toTOML = name: value: pkgs.runCommandNoCC name {
|
||||
nativeBuildInputs = [ pkgs.remarshal ];
|
||||
value = builtins.toJSON value;
|
||||
passAsFile = [ "value" ];
|
||||
} ''
|
||||
json2toml "$valuePath" "$out"
|
||||
'';
|
||||
|
||||
if [ -n "$LOCAL_ADDRESS" ]; then
|
||||
ip addr add $LOCAL_ADDRESS dev eth0
|
||||
fi
|
||||
if [ -n "$LOCAL_ADDRESS6" ]; then
|
||||
ip -6 addr add $LOCAL_ADDRESS6 dev eth0
|
||||
fi
|
||||
if [ -n "$HOST_ADDRESS" ]; then
|
||||
ip route add $HOST_ADDRESS dev eth0
|
||||
ip route add default via $HOST_ADDRESS
|
||||
fi
|
||||
if [ -n "$HOST_ADDRESS6" ]; then
|
||||
ip -6 route add $HOST_ADDRESS6 dev eth0
|
||||
ip -6 route add default via $HOST_ADDRESS6
|
||||
fi
|
||||
|
||||
${concatStringsSep "\n" (mapAttrsToList renderExtraVeth cfg.extraVeths)}
|
||||
fi
|
||||
|
||||
# Start the regular stage 1 script.
|
||||
exec "$1"
|
||||
''
|
||||
);
|
||||
|
||||
nspawnExtraVethArgs = (name: cfg: "--network-veth-extra=${name}");
|
||||
|
||||
startScript = cfg:
|
||||
''
|
||||
mkdir -p -m 0755 "$root/etc" "$root/var/lib"
|
||||
mkdir -p -m 0700 "$root/var/lib/private" "$root/root" /run/containers
|
||||
if ! [ -e "$root/etc/os-release" ]; then
|
||||
touch "$root/etc/os-release"
|
||||
fi
|
||||
|
||||
if ! [ -e "$root/etc/machine-id" ]; then
|
||||
touch "$root/etc/machine-id"
|
||||
fi
|
||||
|
||||
mkdir -p -m 0755 \
|
||||
"/nix/var/nix/profiles/per-container/$INSTANCE" \
|
||||
"/nix/var/nix/gcroots/per-container/$INSTANCE"
|
||||
|
||||
cp --remove-destination /etc/resolv.conf "$root/etc/resolv.conf"
|
||||
|
||||
if [ "$PRIVATE_NETWORK" = 1 ]; then
|
||||
extraFlags+=" --private-network"
|
||||
fi
|
||||
|
||||
if [ -n "$HOST_ADDRESS" ] || [ -n "$LOCAL_ADDRESS" ] ||
|
||||
[ -n "$HOST_ADDRESS6" ] || [ -n "$LOCAL_ADDRESS6" ]; then
|
||||
extraFlags+=" --network-veth"
|
||||
fi
|
||||
|
||||
if [ -n "$HOST_PORT" ]; then
|
||||
OIFS=$IFS
|
||||
IFS=","
|
||||
for i in $HOST_PORT
|
||||
do
|
||||
extraFlags+=" --port=$i"
|
||||
done
|
||||
IFS=$OIFS
|
||||
fi
|
||||
|
||||
if [ -n "$HOST_BRIDGE" ]; then
|
||||
extraFlags+=" --network-bridge=$HOST_BRIDGE"
|
||||
fi
|
||||
|
||||
extraFlags+=" ${concatStringsSep " " (mapAttrsToList nspawnExtraVethArgs cfg.extraVeths)}"
|
||||
|
||||
for iface in $INTERFACES; do
|
||||
extraFlags+=" --network-interface=$iface"
|
||||
done
|
||||
|
||||
for iface in $MACVLANS; do
|
||||
extraFlags+=" --network-macvlan=$iface"
|
||||
done
|
||||
|
||||
# If the host is 64-bit and the container is 32-bit, add a
|
||||
# --personality flag.
|
||||
${optionalString (config.nixpkgs.localSystem.system == "x86_64-linux") ''
|
||||
if [ "$(< ''${SYSTEM_PATH:-/nix/var/nix/profiles/per-container/$INSTANCE/system}/system)" = i686-linux ]; then
|
||||
extraFlags+=" --personality=x86"
|
||||
fi
|
||||
''}
|
||||
|
||||
# Run systemd-nspawn without startup notification (we'll
|
||||
# wait for the container systemd to signal readiness).
|
||||
exec ${config.systemd.package}/bin/systemd-nspawn \
|
||||
--keep-unit \
|
||||
-M "$INSTANCE" -D "$root" $extraFlags \
|
||||
$EXTRA_NSPAWN_FLAGS \
|
||||
--notify-ready=yes \
|
||||
--bind-ro=/nix/store \
|
||||
--bind-ro=/nix/var/nix/db \
|
||||
--bind-ro=/nix/var/nix/daemon-socket \
|
||||
--bind="/nix/var/nix/profiles/per-container/$INSTANCE:/nix/var/nix/profiles" \
|
||||
--bind="/nix/var/nix/gcroots/per-container/$INSTANCE:/nix/var/nix/gcroots" \
|
||||
${optionalString (!cfg.ephemeral) "--link-journal=try-guest"} \
|
||||
--setenv PRIVATE_NETWORK="$PRIVATE_NETWORK" \
|
||||
--setenv HOST_BRIDGE="$HOST_BRIDGE" \
|
||||
--setenv HOST_ADDRESS="$HOST_ADDRESS" \
|
||||
--setenv LOCAL_ADDRESS="$LOCAL_ADDRESS" \
|
||||
--setenv HOST_ADDRESS6="$HOST_ADDRESS6" \
|
||||
--setenv LOCAL_ADDRESS6="$LOCAL_ADDRESS6" \
|
||||
--setenv HOST_PORT="$HOST_PORT" \
|
||||
--setenv PATH="$PATH" \
|
||||
${optionalString cfg.ephemeral "--ephemeral"} \
|
||||
${if cfg.additionalCapabilities != null && cfg.additionalCapabilities != [] then
|
||||
''--capability="${concatStringsSep "," cfg.additionalCapabilities}"'' else ""
|
||||
} \
|
||||
${if cfg.tmpfs != null && cfg.tmpfs != [] then
|
||||
''--tmpfs=${concatStringsSep " --tmpfs=" cfg.tmpfs}'' else ""
|
||||
} \
|
||||
${containerInit cfg} "''${SYSTEM_PATH:-/nix/var/nix/profiles/system}/init"
|
||||
'';
|
||||
|
||||
preStartScript = cfg:
|
||||
''
|
||||
# Clean up existing machined registration and interfaces.
|
||||
machinectl terminate "$INSTANCE" 2> /dev/null || true
|
||||
|
||||
if [ -n "$HOST_ADDRESS" ] || [ -n "$LOCAL_ADDRESS" ] ||
|
||||
[ -n "$HOST_ADDRESS6" ] || [ -n "$LOCAL_ADDRESS6" ]; then
|
||||
ip link del dev "ve-$INSTANCE" 2> /dev/null || true
|
||||
ip link del dev "vb-$INSTANCE" 2> /dev/null || true
|
||||
fi
|
||||
|
||||
${concatStringsSep "\n" (
|
||||
mapAttrsToList (name: cfg:
|
||||
''ip link del dev ${name} 2> /dev/null || true ''
|
||||
) cfg.extraVeths
|
||||
)}
|
||||
'';
|
||||
|
||||
postStartScript = (cfg:
|
||||
let
|
||||
ipcall = cfg: ipcmd: variable: attribute:
|
||||
if cfg.${attribute} == null then
|
||||
''
|
||||
if [ -n "${variable}" ]; then
|
||||
${ipcmd} add ${variable} dev $ifaceHost
|
||||
fi
|
||||
''
|
||||
else
|
||||
''${ipcmd} add ${cfg.${attribute}} dev $ifaceHost'';
|
||||
renderExtraVeth = name: cfg:
|
||||
if cfg.hostBridge != null then
|
||||
''
|
||||
# Add ${name} to bridge ${cfg.hostBridge}
|
||||
ip link set dev ${name} master ${cfg.hostBridge} up
|
||||
''
|
||||
else
|
||||
''
|
||||
echo "Bring ${name} up"
|
||||
ip link set dev ${name} up
|
||||
# Set IPs and routes for ${name}
|
||||
${optionalString (cfg.hostAddress != null) ''
|
||||
ip addr add ${cfg.hostAddress} dev ${name}
|
||||
''}
|
||||
${optionalString (cfg.hostAddress6 != null) ''
|
||||
ip -6 addr add ${cfg.hostAddress6} dev ${name}
|
||||
''}
|
||||
${optionalString (cfg.localAddress != null) ''
|
||||
ip route add ${cfg.localAddress} dev ${name}
|
||||
''}
|
||||
${optionalString (cfg.localAddress6 != null) ''
|
||||
ip -6 route add ${cfg.localAddress6} dev ${name}
|
||||
''}
|
||||
'';
|
||||
in
|
||||
''
|
||||
if [ -n "$HOST_ADDRESS" ] || [ -n "$LOCAL_ADDRESS" ] ||
|
||||
[ -n "$HOST_ADDRESS6" ] || [ -n "$LOCAL_ADDRESS6" ]; then
|
||||
if [ -z "$HOST_BRIDGE" ]; then
|
||||
ifaceHost=ve-$INSTANCE
|
||||
ip link set dev $ifaceHost up
|
||||
|
||||
${ipcall cfg "ip addr" "$HOST_ADDRESS" "hostAddress"}
|
||||
${ipcall cfg "ip -6 addr" "$HOST_ADDRESS6" "hostAddress6"}
|
||||
${ipcall cfg "ip route" "$LOCAL_ADDRESS" "localAddress"}
|
||||
${ipcall cfg "ip -6 route" "$LOCAL_ADDRESS6" "localAddress6"}
|
||||
fi
|
||||
${concatStringsSep "\n" (mapAttrsToList renderExtraVeth cfg.extraVeths)}
|
||||
fi
|
||||
''
|
||||
);
|
||||
|
||||
serviceDirectives = cfg: {
|
||||
ExecReload = pkgs.writeScript "reload-container"
|
||||
''
|
||||
#! ${pkgs.runtimeShell} -e
|
||||
${pkgs.nixos-container}/bin/nixos-container run "$INSTANCE" -- \
|
||||
bash --login -c "''${SYSTEM_PATH:-/nix/var/nix/profiles/system}/bin/switch-to-configuration test"
|
||||
'';
|
||||
|
||||
SyslogIdentifier = "container %i";
|
||||
|
||||
EnvironmentFile = "-/etc/containers/%i.conf";
|
||||
|
||||
Type = "notify";
|
||||
|
||||
RuntimeDirectory = lib.optional cfg.ephemeral "containers/%i";
|
||||
|
||||
# Note that on reboot, systemd-nspawn returns 133, so this
|
||||
# unit will be restarted. On poweroff, it returns 0, so the
|
||||
# unit won't be restarted.
|
||||
RestartForceExitStatus = "133";
|
||||
SuccessExitStatus = "133";
|
||||
|
||||
# Some containers take long to start
|
||||
# especially when you automatically start many at once
|
||||
TimeoutStartSec = cfg.timeoutStartSec;
|
||||
|
||||
Restart = "on-failure";
|
||||
|
||||
Slice = "machine.slice";
|
||||
Delegate = true;
|
||||
|
||||
# Hack: we don't want to kill systemd-nspawn, since we call
|
||||
# "machinectl poweroff" in preStop to shut down the
|
||||
# container cleanly. But systemd requires sending a signal
|
||||
# (at least if we want remaining processes to be killed
|
||||
# after the timeout). So send an ignored signal.
|
||||
KillMode = "mixed";
|
||||
KillSignal = "WINCH";
|
||||
|
||||
DevicePolicy = "closed";
|
||||
DeviceAllow = map (d: "${d.node} ${d.modifier}") cfg.allowedDevices;
|
||||
# Copy configuration files to avoid having the entire sources in the system closure
|
||||
copyFile = filePath: pkgs.runCommandNoCC (builtins.unsafeDiscardStringContext (builtins.baseNameOf filePath)) {} ''
|
||||
cp ${filePath} $out
|
||||
'';
|
||||
in
|
||||
{
|
||||
meta = {
|
||||
maintainers = [] ++ lib.teams.podman.members;
|
||||
};
|
||||
|
||||
options.virtualisation.containers = {
|
||||
|
||||
system = config.nixpkgs.localSystem.system;
|
||||
|
||||
bindMountOpts = { name, ... }: {
|
||||
|
||||
options = {
|
||||
mountPoint = mkOption {
|
||||
example = "/mnt/usb";
|
||||
type = types.str;
|
||||
description = "Mount point on the container file system.";
|
||||
};
|
||||
hostPath = mkOption {
|
||||
default = null;
|
||||
example = "/home/alice";
|
||||
type = types.nullOr types.str;
|
||||
description = "Location of the host path to be mounted.";
|
||||
};
|
||||
isReadOnly = mkOption {
|
||||
default = true;
|
||||
enable =
|
||||
mkOption {
|
||||
type = types.bool;
|
||||
description = "Determine whether the mounted path will be accessed in read-only mode.";
|
||||
};
|
||||
};
|
||||
|
||||
config = {
|
||||
mountPoint = mkDefault name;
|
||||
};
|
||||
|
||||
};
|
||||
|
||||
allowedDeviceOpts = { ... }: {
|
||||
options = {
|
||||
node = mkOption {
|
||||
example = "/dev/net/tun";
|
||||
type = types.str;
|
||||
description = "Path to device node";
|
||||
};
|
||||
modifier = mkOption {
|
||||
example = "rw";
|
||||
type = types.str;
|
||||
default = false;
|
||||
description = ''
|
||||
Device node access modifier. Takes a combination
|
||||
<literal>r</literal> (read), <literal>w</literal> (write), and
|
||||
<literal>m</literal> (mknod). See the
|
||||
<literal>systemd.resource-control(5)</literal> man page for more
|
||||
information.'';
|
||||
This option enables the common libpod container configuration module.
|
||||
'';
|
||||
};
|
||||
|
||||
registries = {
|
||||
search = mkOption {
|
||||
type = types.listOf types.str;
|
||||
default = [ "docker.io" "quay.io" ];
|
||||
description = ''
|
||||
List of repositories to search.
|
||||
'';
|
||||
};
|
||||
|
||||
insecure = mkOption {
|
||||
default = [];
|
||||
type = types.listOf types.str;
|
||||
description = ''
|
||||
List of insecure repositories.
|
||||
'';
|
||||
};
|
||||
|
||||
block = mkOption {
|
||||
default = [];
|
||||
type = types.listOf types.str;
|
||||
description = ''
|
||||
List of blocked repositories.
|
||||
'';
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
|
||||
mkBindFlag = d:
|
||||
let flagPrefix = if d.isReadOnly then " --bind-ro=" else " --bind=";
|
||||
mountstr = if d.hostPath != null then "${d.hostPath}:${d.mountPoint}" else "${d.mountPoint}";
|
||||
in flagPrefix + mountstr ;
|
||||
|
||||
mkBindFlags = bs: concatMapStrings mkBindFlag (lib.attrValues bs);
|
||||
|
||||
networkOptions = {
|
||||
hostBridge = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
default = null;
|
||||
example = "br0";
|
||||
policy = mkOption {
|
||||
default = {};
|
||||
type = types.attrs;
|
||||
example = lib.literalExample ''
|
||||
{
|
||||
default = [ { type = "insecureAcceptAnything"; } ];
|
||||
transports = {
|
||||
docker-daemon = {
|
||||
"" = [ { type = "insecureAcceptAnything"; } ];
|
||||
};
|
||||
};
|
||||
}
|
||||
'';
|
||||
description = ''
|
||||
Put the host-side of the veth-pair into the named bridge.
|
||||
Only one of hostAddress* or hostBridge can be given.
|
||||
Signature verification policy file.
|
||||
If this option is empty the default policy file from
|
||||
<literal>skopeo</literal> will be used.
|
||||
'';
|
||||
};
|
||||
|
||||
forwardPorts = mkOption {
|
||||
type = types.listOf (types.submodule {
|
||||
users = mkOption {
|
||||
default = [];
|
||||
type = types.listOf types.str;
|
||||
description = ''
|
||||
List of users to set up subuid/subgid mappings for.
|
||||
This is a requirement for running rootless containers.
|
||||
'';
|
||||
};
|
||||
|
||||
libpod = mkOption {
|
||||
default = {};
|
||||
description = "Libpod configuration";
|
||||
type = types.submodule {
|
||||
options = {
|
||||
protocol = mkOption {
|
||||
type = types.str;
|
||||
default = "tcp";
|
||||
description = "The protocol specifier for port forwarding between host and container";
|
||||
};
|
||||
hostPort = mkOption {
|
||||
type = types.int;
|
||||
description = "Source port of the external interface on host";
|
||||
};
|
||||
containerPort = mkOption {
|
||||
type = types.nullOr types.int;
|
||||
default = null;
|
||||
description = "Target port of container";
|
||||
|
||||
extraConfig = mkOption {
|
||||
type = types.lines;
|
||||
default = "";
|
||||
description = ''
|
||||
Extra configuration that should be put in the libpod.conf
|
||||
configuration file
|
||||
'';
|
||||
|
||||
};
|
||||
};
|
||||
});
|
||||
default = [];
|
||||
example = [ { protocol = "tcp"; hostPort = 8080; containerPort = 80; } ];
|
||||
description = ''
|
||||
List of forwarded ports from host to container. Each forwarded port
|
||||
is specified by protocol, hostPort and containerPort. By default,
|
||||
protocol is tcp and hostPort and containerPort are assumed to be
|
||||
the same if containerPort is not explicitly given.
|
||||
'';
|
||||
};
|
||||
|
||||
|
||||
hostAddress = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
default = null;
|
||||
example = "10.231.136.1";
|
||||
description = ''
|
||||
The IPv4 address assigned to the host interface.
|
||||
(Not used when hostBridge is set.)
|
||||
'';
|
||||
};
|
||||
|
||||
hostAddress6 = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
default = null;
|
||||
example = "fc00::1";
|
||||
description = ''
|
||||
The IPv6 address assigned to the host interface.
|
||||
(Not used when hostBridge is set.)
|
||||
'';
|
||||
};
|
||||
|
||||
localAddress = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
default = null;
|
||||
example = "10.231.136.2";
|
||||
description = ''
|
||||
The IPv4 address assigned to the interface in the container.
|
||||
If a hostBridge is used, this should be given with netmask to access
|
||||
the whole network. Otherwise the default netmask is /32 and routing is
|
||||
set up from localAddress to hostAddress and back.
|
||||
'';
|
||||
};
|
||||
|
||||
localAddress6 = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
default = null;
|
||||
example = "fc00::2";
|
||||
description = ''
|
||||
The IPv6 address assigned to the interface in the container.
|
||||
If a hostBridge is used, this should be given with netmask to access
|
||||
the whole network. Otherwise the default netmask is /128 and routing is
|
||||
set up from localAddress6 to hostAddress6 and back.
|
||||
'';
|
||||
};
|
||||
|
||||
};
|
||||
|
||||
dummyConfig =
|
||||
{
|
||||
extraVeths = {};
|
||||
additionalCapabilities = [];
|
||||
ephemeral = false;
|
||||
timeoutStartSec = "15s";
|
||||
allowedDevices = [];
|
||||
hostAddress = null;
|
||||
hostAddress6 = null;
|
||||
localAddress = null;
|
||||
localAddress6 = null;
|
||||
tmpfs = null;
|
||||
};
|
||||
|
||||
in
|
||||
|
||||
{
|
||||
options = {
|
||||
|
||||
boot.isContainer = mkOption {
|
||||
type = types.bool;
|
||||
default = false;
|
||||
description = ''
|
||||
Whether this NixOS machine is a lightweight container running
|
||||
in another NixOS system.
|
||||
'';
|
||||
};
|
||||
|
||||
boot.enableContainers = mkOption {
|
||||
type = types.bool;
|
||||
default = !config.boot.isContainer;
|
||||
description = ''
|
||||
Whether to enable support for NixOS containers.
|
||||
'';
|
||||
};
|
||||
|
||||
containers = mkOption {
|
||||
type = types.attrsOf (types.submodule (
|
||||
{ config, options, name, ... }:
|
||||
{
|
||||
options = {
|
||||
|
||||
config = mkOption {
|
||||
description = ''
|
||||
A specification of the desired configuration of this
|
||||
container, as a NixOS module.
|
||||
'';
|
||||
type = let
|
||||
confPkgs = if config.pkgs == null then pkgs else config.pkgs;
|
||||
in lib.mkOptionType {
|
||||
name = "Toplevel NixOS config";
|
||||
merge = loc: defs: (import (confPkgs.path + "/nixos/lib/eval-config.nix") {
|
||||
inherit system;
|
||||
pkgs = confPkgs;
|
||||
baseModules = import (confPkgs.path + "/nixos/modules/module-list.nix");
|
||||
inherit (confPkgs) lib;
|
||||
modules =
|
||||
let
|
||||
extraConfig = {
|
||||
_file = "module at ${__curPos.file}:${toString __curPos.line}";
|
||||
config = {
|
||||
boot.isContainer = true;
|
||||
networking.hostName = mkDefault name;
|
||||
networking.useDHCP = false;
|
||||
assertions = [
|
||||
{
|
||||
assertion = config.privateNetwork -> stringLength name < 12;
|
||||
message = ''
|
||||
Container name `${name}` is too long: When `privateNetwork` is enabled, container names can
|
||||
not be longer than 11 characters, because the container's interface name is derived from it.
|
||||
This might be fixed in the future. See https://github.com/NixOS/nixpkgs/issues/38509
|
||||
'';
|
||||
}
|
||||
];
|
||||
};
|
||||
};
|
||||
in [ extraConfig ] ++ (map (x: x.value) defs);
|
||||
prefix = [ "containers" name ];
|
||||
}).config;
|
||||
};
|
||||
};
|
||||
|
||||
path = mkOption {
|
||||
type = types.path;
|
||||
example = "/nix/var/nix/profiles/containers/webserver";
|
||||
description = ''
|
||||
As an alternative to specifying
|
||||
<option>config</option>, you can specify the path to
|
||||
the evaluated NixOS system configuration, typically a
|
||||
symlink to a system profile.
|
||||
'';
|
||||
};
|
||||
|
||||
additionalCapabilities = mkOption {
|
||||
type = types.listOf types.str;
|
||||
default = [];
|
||||
example = [ "CAP_NET_ADMIN" "CAP_MKNOD" ];
|
||||
description = ''
|
||||
Grant additional capabilities to the container. See the
|
||||
capabilities(7) and systemd-nspawn(1) man pages for more
|
||||
information.
|
||||
'';
|
||||
};
|
||||
|
||||
pkgs = mkOption {
|
||||
type = types.nullOr types.attrs;
|
||||
default = null;
|
||||
example = literalExample "pkgs";
|
||||
description = ''
|
||||
Customise which nixpkgs to use for this container.
|
||||
'';
|
||||
};
|
||||
|
||||
ephemeral = mkOption {
|
||||
type = types.bool;
|
||||
default = false;
|
||||
description = ''
|
||||
Runs container in ephemeral mode with the empty root filesystem at boot.
|
||||
This way container will be bootstrapped from scratch on each boot
|
||||
and will be cleaned up on shutdown leaving no traces behind.
|
||||
Useful for completely stateless, reproducible containers.
|
||||
|
||||
Note that this option might require to do some adjustments to the container configuration,
|
||||
e.g. you might want to set
|
||||
<varname>systemd.network.networks.$interface.dhcpConfig.ClientIdentifier</varname> to "mac"
|
||||
if you use <varname>macvlans</varname> option.
|
||||
This way dhcp client identifier will be stable between the container restarts.
|
||||
|
||||
Note that the container journal will not be linked to the host if this option is enabled.
|
||||
'';
|
||||
};
|
||||
|
||||
enableTun = mkOption {
|
||||
type = types.bool;
|
||||
default = false;
|
||||
description = ''
|
||||
Allows the container to create and setup tunnel interfaces
|
||||
by granting the <literal>NET_ADMIN</literal> capability and
|
||||
enabling access to <literal>/dev/net/tun</literal>.
|
||||
'';
|
||||
};
|
||||
|
||||
privateNetwork = mkOption {
|
||||
type = types.bool;
|
||||
default = false;
|
||||
description = ''
|
||||
Whether to give the container its own private virtual
|
||||
Ethernet interface. The interface is called
|
||||
<literal>eth0</literal>, and is hooked up to the interface
|
||||
<literal>ve-<replaceable>container-name</replaceable></literal>
|
||||
on the host. If this option is not set, then the
|
||||
container shares the network interfaces of the host,
|
||||
and can bind to any port on any interface.
|
||||
'';
|
||||
};
|
||||
|
||||
interfaces = mkOption {
|
||||
type = types.listOf types.str;
|
||||
default = [];
|
||||
example = [ "eth1" "eth2" ];
|
||||
description = ''
|
||||
The list of interfaces to be moved into the container.
|
||||
'';
|
||||
};
|
||||
|
||||
macvlans = mkOption {
|
||||
type = types.listOf types.str;
|
||||
default = [];
|
||||
example = [ "eth1" "eth2" ];
|
||||
description = ''
|
||||
The list of host interfaces from which macvlans will be
|
||||
created. For each interface specified, a macvlan interface
|
||||
will be created and moved to the container.
|
||||
'';
|
||||
};
|
||||
|
||||
extraVeths = mkOption {
|
||||
type = with types; attrsOf (submodule { options = networkOptions; });
|
||||
default = {};
|
||||
description = ''
|
||||
Extra veth-pairs to be created for the container
|
||||
'';
|
||||
};
|
||||
|
||||
autoStart = mkOption {
|
||||
type = types.bool;
|
||||
default = false;
|
||||
description = ''
|
||||
Whether the container is automatically started at boot-time.
|
||||
'';
|
||||
};
|
||||
|
||||
timeoutStartSec = mkOption {
|
||||
type = types.str;
|
||||
default = "1min";
|
||||
description = ''
|
||||
Time for the container to start. In case of a timeout,
|
||||
the container processes get killed.
|
||||
See <citerefentry><refentrytitle>systemd.time</refentrytitle>
|
||||
<manvolnum>7</manvolnum></citerefentry>
|
||||
for more information about the format.
|
||||
'';
|
||||
};
|
||||
|
||||
bindMounts = mkOption {
|
||||
type = with types; loaOf (submodule bindMountOpts);
|
||||
default = {};
|
||||
example = literalExample ''
|
||||
{ "/home" = { hostPath = "/home/alice";
|
||||
isReadOnly = false; };
|
||||
}
|
||||
'';
|
||||
|
||||
description =
|
||||
''
|
||||
An extra list of directories that is bound to the container.
|
||||
'';
|
||||
};
|
||||
|
||||
allowedDevices = mkOption {
|
||||
type = with types; listOf (submodule allowedDeviceOpts);
|
||||
default = [];
|
||||
example = [ { node = "/dev/net/tun"; modifier = "rw"; } ];
|
||||
description = ''
|
||||
A list of device nodes to which the containers has access to.
|
||||
'';
|
||||
};
|
||||
|
||||
tmpfs = mkOption {
|
||||
type = types.listOf types.str;
|
||||
default = [];
|
||||
example = [ "/var" ];
|
||||
description = ''
|
||||
Mounts a set of tmpfs file systems into the container.
|
||||
Multiple paths can be specified.
|
||||
Valid items must conform to the --tmpfs argument
|
||||
of systemd-nspawn. See systemd-nspawn(1) for details.
|
||||
'';
|
||||
};
|
||||
|
||||
extraFlags = mkOption {
|
||||
type = types.listOf types.str;
|
||||
default = [];
|
||||
example = [ "--drop-capability=CAP_SYS_CHROOT" ];
|
||||
description = ''
|
||||
Extra flags passed to the systemd-nspawn command.
|
||||
See systemd-nspawn(1) for details.
|
||||
'';
|
||||
};
|
||||
|
||||
} // networkOptions;
|
||||
|
||||
config = mkMerge
|
||||
[
|
||||
(mkIf options.config.isDefined {
|
||||
path = config.config.system.build.toplevel;
|
||||
})
|
||||
];
|
||||
}));
|
||||
|
||||
default = {};
|
||||
example = literalExample
|
||||
''
|
||||
{ webserver =
|
||||
{ path = "/nix/var/nix/profiles/webserver";
|
||||
};
|
||||
database =
|
||||
{ config =
|
||||
{ config, pkgs, ... }:
|
||||
{ services.postgresql.enable = true;
|
||||
services.postgresql.package = pkgs.postgresql_9_6;
|
||||
|
||||
system.stateVersion = "17.03";
|
||||
};
|
||||
};
|
||||
}
|
||||
'';
|
||||
description = ''
|
||||
A set of NixOS system configurations to be run as lightweight
|
||||
containers. Each container appears as a service
|
||||
<literal>container-<replaceable>name</replaceable></literal>
|
||||
on the host system, allowing it to be started and stopped via
|
||||
<command>systemctl</command>.
|
||||
'';
|
||||
};
|
||||
|
||||
};
|
||||
|
||||
|
||||
config = mkIf (config.boot.enableContainers) (let
|
||||
|
||||
unit = {
|
||||
description = "Container '%i'";
|
||||
|
||||
unitConfig.RequiresMountsFor = "/var/lib/containers/%i";
|
||||
|
||||
path = [ pkgs.iproute ];
|
||||
|
||||
environment = {
|
||||
root = "/var/lib/containers/%i";
|
||||
INSTANCE = "%i";
|
||||
};
|
||||
|
||||
preStart = preStartScript dummyConfig;
|
||||
|
||||
script = startScript dummyConfig;
|
||||
|
||||
postStart = postStartScript dummyConfig;
|
||||
|
||||
preStop = "machinectl poweroff $INSTANCE";
|
||||
|
||||
restartIfChanged = false;
|
||||
|
||||
serviceConfig = serviceDirectives dummyConfig;
|
||||
};
|
||||
in {
|
||||
systemd.targets.multi-user.wants = [ "machines.target" ];
|
||||
|
||||
systemd.services = listToAttrs (filter (x: x.value != null) (
|
||||
# The generic container template used by imperative containers
|
||||
[{ name = "container@"; value = unit; }]
|
||||
# declarative containers
|
||||
++ (mapAttrsToList (name: cfg: nameValuePair "container@${name}" (let
|
||||
containerConfig = cfg // (
|
||||
if cfg.enableTun then
|
||||
{
|
||||
allowedDevices = cfg.allowedDevices
|
||||
++ [ { node = "/dev/net/tun"; modifier = "rw"; } ];
|
||||
additionalCapabilities = cfg.additionalCapabilities
|
||||
++ [ "CAP_NET_ADMIN" ];
|
||||
}
|
||||
else {});
|
||||
in
|
||||
recursiveUpdate unit {
|
||||
preStart = preStartScript containerConfig;
|
||||
script = startScript containerConfig;
|
||||
postStart = postStartScript containerConfig;
|
||||
serviceConfig = serviceDirectives containerConfig;
|
||||
unitConfig.RequiresMountsFor = lib.optional (!containerConfig.ephemeral) "/var/lib/containers/%i";
|
||||
environment.root = if containerConfig.ephemeral then "/run/containers/%i" else "/var/lib/containers/%i";
|
||||
} // (
|
||||
if containerConfig.autoStart then
|
||||
{
|
||||
wantedBy = [ "machines.target" ];
|
||||
wants = [ "network.target" ];
|
||||
after = [ "network.target" ];
|
||||
restartTriggers = [
|
||||
containerConfig.path
|
||||
config.environment.etc."containers/${name}.conf".source
|
||||
];
|
||||
restartIfChanged = true;
|
||||
}
|
||||
else {})
|
||||
)) config.containers)
|
||||
));
|
||||
};
|
||||
|
||||
# Generate a configuration file in /etc/containers for each
|
||||
# container so that container@.target can get the container
|
||||
# configuration.
|
||||
environment.etc =
|
||||
let mkPortStr = p: p.protocol + ":" + (toString p.hostPort) + ":" + (if p.containerPort == null then toString p.hostPort else toString p.containerPort);
|
||||
in mapAttrs' (name: cfg: nameValuePair "containers/${name}.conf"
|
||||
{ text =
|
||||
''
|
||||
SYSTEM_PATH=${cfg.path}
|
||||
${optionalString cfg.privateNetwork ''
|
||||
PRIVATE_NETWORK=1
|
||||
${optionalString (cfg.hostBridge != null) ''
|
||||
HOST_BRIDGE=${cfg.hostBridge}
|
||||
''}
|
||||
${optionalString (length cfg.forwardPorts > 0) ''
|
||||
HOST_PORT=${concatStringsSep "," (map mkPortStr cfg.forwardPorts)}
|
||||
''}
|
||||
${optionalString (cfg.hostAddress != null) ''
|
||||
HOST_ADDRESS=${cfg.hostAddress}
|
||||
''}
|
||||
${optionalString (cfg.hostAddress6 != null) ''
|
||||
HOST_ADDRESS6=${cfg.hostAddress6}
|
||||
''}
|
||||
${optionalString (cfg.localAddress != null) ''
|
||||
LOCAL_ADDRESS=${cfg.localAddress}
|
||||
''}
|
||||
${optionalString (cfg.localAddress6 != null) ''
|
||||
LOCAL_ADDRESS6=${cfg.localAddress6}
|
||||
''}
|
||||
''}
|
||||
INTERFACES="${toString cfg.interfaces}"
|
||||
MACVLANS="${toString cfg.macvlans}"
|
||||
${optionalString cfg.autoStart ''
|
||||
AUTO_START=1
|
||||
''}
|
||||
EXTRA_NSPAWN_FLAGS="${mkBindFlags cfg.bindMounts +
|
||||
optionalString (cfg.extraFlags != [])
|
||||
(" " + concatStringsSep " " cfg.extraFlags)}"
|
||||
'';
|
||||
}) config.containers;
|
||||
config = lib.mkIf cfg.enable {
|
||||
|
||||
# Generate /etc/hosts entries for the containers.
|
||||
networking.extraHosts = concatStrings (mapAttrsToList (name: cfg: optionalString (cfg.localAddress != null)
|
||||
''
|
||||
${head (splitString "/" cfg.localAddress)} ${name}.containers
|
||||
'') config.containers);
|
||||
environment.etc."containers/libpod.conf".text = ''
|
||||
cni_plugin_dir = ["${pkgs.cni-plugins}/bin/"]
|
||||
cni_config_dir = "/etc/cni/net.d/"
|
||||
|
||||
networking.dhcpcd.denyInterfaces = [ "ve-*" "vb-*" ];
|
||||
'' + cfg.libpod.extraConfig;
|
||||
|
||||
services.udev.extraRules = optionalString config.networking.networkmanager.enable ''
|
||||
# Don't manage interfaces created by nixos-container.
|
||||
ENV{INTERFACE}=="v[eb]-*", ENV{NM_UNMANAGED}="1"
|
||||
'';
|
||||
environment.etc."containers/registries.conf".source = toTOML "registries.conf" {
|
||||
registries = lib.mapAttrs (n: v: { registries = v; }) cfg.registries;
|
||||
};
|
||||
|
||||
environment.systemPackages = [ pkgs.nixos-container ];
|
||||
users.extraUsers = builtins.listToAttrs (
|
||||
(
|
||||
builtins.foldl' (
|
||||
acc: user: {
|
||||
values = acc.values ++ [
|
||||
{
|
||||
name = user;
|
||||
value = {
|
||||
subUidRanges = [ { startUid = acc.offset; count = 65536; } ];
|
||||
subGidRanges = [ { startGid = acc.offset; count = 65536; } ];
|
||||
};
|
||||
}
|
||||
];
|
||||
offset = acc.offset + 65536;
|
||||
}
|
||||
)
|
||||
{ values = []; offset = 100000; } (lib.unique cfg.users)
|
||||
).values
|
||||
);
|
||||
|
||||
environment.etc."containers/policy.json".source =
|
||||
if cfg.policy != {} then pkgs.writeText "policy.json" (builtins.toJSON cfg.policy)
|
||||
else copyFile "${pkgs.skopeo.src}/default-policy.json";
|
||||
};
|
||||
|
||||
boot.kernelModules = [
|
||||
"bridge"
|
||||
"macvlan"
|
||||
"tap"
|
||||
"tun"
|
||||
];
|
||||
});
|
||||
}
|
||||
|
|
|
@ -62,9 +62,7 @@ in
|
|||
log_level = "${cfg.logLevel}"
|
||||
manage_network_ns_lifecycle = true
|
||||
'';
|
||||
environment.etc."containers/policy.json".text = ''
|
||||
{"default": [{"type": "insecureAcceptAnything"}]}
|
||||
'';
|
||||
|
||||
environment.etc."cni/net.d/20-cri-o-bridge.conf".text = ''
|
||||
{
|
||||
"cniVersion": "0.3.1",
|
||||
|
@ -83,6 +81,9 @@ in
|
|||
}
|
||||
'';
|
||||
|
||||
# Enable common container configuration, this will create policy.json
|
||||
virtualisation.containers.enable = true;
|
||||
|
||||
systemd.services.crio = {
|
||||
description = "Container Runtime Interface for OCI (CRI-O)";
|
||||
documentation = [ "https://github.com/cri-o/cri-o" ];
|
||||
|
|
844
nixos/modules/virtualisation/nixos-containers.nix
Normal file
844
nixos/modules/virtualisation/nixos-containers.nix
Normal file
|
@ -0,0 +1,844 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
|
||||
# The container's init script, a small wrapper around the regular
|
||||
# NixOS stage-2 init script.
|
||||
containerInit = (cfg:
|
||||
let
|
||||
renderExtraVeth = (name: cfg:
|
||||
''
|
||||
echo "Bringing ${name} up"
|
||||
ip link set dev ${name} up
|
||||
${optionalString (cfg.localAddress != null) ''
|
||||
echo "Setting ip for ${name}"
|
||||
ip addr add ${cfg.localAddress} dev ${name}
|
||||
''}
|
||||
${optionalString (cfg.localAddress6 != null) ''
|
||||
echo "Setting ip6 for ${name}"
|
||||
ip -6 addr add ${cfg.localAddress6} dev ${name}
|
||||
''}
|
||||
${optionalString (cfg.hostAddress != null) ''
|
||||
echo "Setting route to host for ${name}"
|
||||
ip route add ${cfg.hostAddress} dev ${name}
|
||||
''}
|
||||
${optionalString (cfg.hostAddress6 != null) ''
|
||||
echo "Setting route6 to host for ${name}"
|
||||
ip -6 route add ${cfg.hostAddress6} dev ${name}
|
||||
''}
|
||||
''
|
||||
);
|
||||
in
|
||||
pkgs.writeScript "container-init"
|
||||
''
|
||||
#! ${pkgs.runtimeShell} -e
|
||||
|
||||
# Initialise the container side of the veth pair.
|
||||
if [ -n "$HOST_ADDRESS" ] || [ -n "$HOST_ADDRESS6" ] ||
|
||||
[ -n "$LOCAL_ADDRESS" ] || [ -n "$LOCAL_ADDRESS6" ] ||
|
||||
[ -n "$HOST_BRIDGE" ]; then
|
||||
ip link set host0 name eth0
|
||||
ip link set dev eth0 up
|
||||
|
||||
if [ -n "$LOCAL_ADDRESS" ]; then
|
||||
ip addr add $LOCAL_ADDRESS dev eth0
|
||||
fi
|
||||
if [ -n "$LOCAL_ADDRESS6" ]; then
|
||||
ip -6 addr add $LOCAL_ADDRESS6 dev eth0
|
||||
fi
|
||||
if [ -n "$HOST_ADDRESS" ]; then
|
||||
ip route add $HOST_ADDRESS dev eth0
|
||||
ip route add default via $HOST_ADDRESS
|
||||
fi
|
||||
if [ -n "$HOST_ADDRESS6" ]; then
|
||||
ip -6 route add $HOST_ADDRESS6 dev eth0
|
||||
ip -6 route add default via $HOST_ADDRESS6
|
||||
fi
|
||||
|
||||
${concatStringsSep "\n" (mapAttrsToList renderExtraVeth cfg.extraVeths)}
|
||||
fi
|
||||
|
||||
# Start the regular stage 1 script.
|
||||
exec "$1"
|
||||
''
|
||||
);
|
||||
|
||||
nspawnExtraVethArgs = (name: cfg: "--network-veth-extra=${name}");
|
||||
|
||||
startScript = cfg:
|
||||
''
|
||||
mkdir -p -m 0755 "$root/etc" "$root/var/lib"
|
||||
mkdir -p -m 0700 "$root/var/lib/private" "$root/root" /run/containers
|
||||
if ! [ -e "$root/etc/os-release" ]; then
|
||||
touch "$root/etc/os-release"
|
||||
fi
|
||||
|
||||
if ! [ -e "$root/etc/machine-id" ]; then
|
||||
touch "$root/etc/machine-id"
|
||||
fi
|
||||
|
||||
mkdir -p -m 0755 \
|
||||
"/nix/var/nix/profiles/per-container/$INSTANCE" \
|
||||
"/nix/var/nix/gcroots/per-container/$INSTANCE"
|
||||
|
||||
cp --remove-destination /etc/resolv.conf "$root/etc/resolv.conf"
|
||||
|
||||
if [ "$PRIVATE_NETWORK" = 1 ]; then
|
||||
extraFlags+=" --private-network"
|
||||
fi
|
||||
|
||||
if [ -n "$HOST_ADDRESS" ] || [ -n "$LOCAL_ADDRESS" ] ||
|
||||
[ -n "$HOST_ADDRESS6" ] || [ -n "$LOCAL_ADDRESS6" ]; then
|
||||
extraFlags+=" --network-veth"
|
||||
fi
|
||||
|
||||
if [ -n "$HOST_PORT" ]; then
|
||||
OIFS=$IFS
|
||||
IFS=","
|
||||
for i in $HOST_PORT
|
||||
do
|
||||
extraFlags+=" --port=$i"
|
||||
done
|
||||
IFS=$OIFS
|
||||
fi
|
||||
|
||||
if [ -n "$HOST_BRIDGE" ]; then
|
||||
extraFlags+=" --network-bridge=$HOST_BRIDGE"
|
||||
fi
|
||||
|
||||
extraFlags+=" ${concatStringsSep " " (mapAttrsToList nspawnExtraVethArgs cfg.extraVeths)}"
|
||||
|
||||
for iface in $INTERFACES; do
|
||||
extraFlags+=" --network-interface=$iface"
|
||||
done
|
||||
|
||||
for iface in $MACVLANS; do
|
||||
extraFlags+=" --network-macvlan=$iface"
|
||||
done
|
||||
|
||||
# If the host is 64-bit and the container is 32-bit, add a
|
||||
# --personality flag.
|
||||
${optionalString (config.nixpkgs.localSystem.system == "x86_64-linux") ''
|
||||
if [ "$(< ''${SYSTEM_PATH:-/nix/var/nix/profiles/per-container/$INSTANCE/system}/system)" = i686-linux ]; then
|
||||
extraFlags+=" --personality=x86"
|
||||
fi
|
||||
''}
|
||||
|
||||
# Run systemd-nspawn without startup notification (we'll
|
||||
# wait for the container systemd to signal readiness).
|
||||
exec ${config.systemd.package}/bin/systemd-nspawn \
|
||||
--keep-unit \
|
||||
-M "$INSTANCE" -D "$root" $extraFlags \
|
||||
$EXTRA_NSPAWN_FLAGS \
|
||||
--notify-ready=yes \
|
||||
--bind-ro=/nix/store \
|
||||
--bind-ro=/nix/var/nix/db \
|
||||
--bind-ro=/nix/var/nix/daemon-socket \
|
||||
--bind="/nix/var/nix/profiles/per-container/$INSTANCE:/nix/var/nix/profiles" \
|
||||
--bind="/nix/var/nix/gcroots/per-container/$INSTANCE:/nix/var/nix/gcroots" \
|
||||
${optionalString (!cfg.ephemeral) "--link-journal=try-guest"} \
|
||||
--setenv PRIVATE_NETWORK="$PRIVATE_NETWORK" \
|
||||
--setenv HOST_BRIDGE="$HOST_BRIDGE" \
|
||||
--setenv HOST_ADDRESS="$HOST_ADDRESS" \
|
||||
--setenv LOCAL_ADDRESS="$LOCAL_ADDRESS" \
|
||||
--setenv HOST_ADDRESS6="$HOST_ADDRESS6" \
|
||||
--setenv LOCAL_ADDRESS6="$LOCAL_ADDRESS6" \
|
||||
--setenv HOST_PORT="$HOST_PORT" \
|
||||
--setenv PATH="$PATH" \
|
||||
${optionalString cfg.ephemeral "--ephemeral"} \
|
||||
${if cfg.additionalCapabilities != null && cfg.additionalCapabilities != [] then
|
||||
''--capability="${concatStringsSep "," cfg.additionalCapabilities}"'' else ""
|
||||
} \
|
||||
${if cfg.tmpfs != null && cfg.tmpfs != [] then
|
||||
''--tmpfs=${concatStringsSep " --tmpfs=" cfg.tmpfs}'' else ""
|
||||
} \
|
||||
${containerInit cfg} "''${SYSTEM_PATH:-/nix/var/nix/profiles/system}/init"
|
||||
'';
|
||||
|
||||
preStartScript = cfg:
|
||||
''
|
||||
# Clean up existing machined registration and interfaces.
|
||||
machinectl terminate "$INSTANCE" 2> /dev/null || true
|
||||
|
||||
if [ -n "$HOST_ADDRESS" ] || [ -n "$LOCAL_ADDRESS" ] ||
|
||||
[ -n "$HOST_ADDRESS6" ] || [ -n "$LOCAL_ADDRESS6" ]; then
|
||||
ip link del dev "ve-$INSTANCE" 2> /dev/null || true
|
||||
ip link del dev "vb-$INSTANCE" 2> /dev/null || true
|
||||
fi
|
||||
|
||||
${concatStringsSep "\n" (
|
||||
mapAttrsToList (name: cfg:
|
||||
''ip link del dev ${name} 2> /dev/null || true ''
|
||||
) cfg.extraVeths
|
||||
)}
|
||||
'';
|
||||
|
||||
postStartScript = (cfg:
|
||||
let
|
||||
ipcall = cfg: ipcmd: variable: attribute:
|
||||
if cfg.${attribute} == null then
|
||||
''
|
||||
if [ -n "${variable}" ]; then
|
||||
${ipcmd} add ${variable} dev $ifaceHost
|
||||
fi
|
||||
''
|
||||
else
|
||||
''${ipcmd} add ${cfg.${attribute}} dev $ifaceHost'';
|
||||
renderExtraVeth = name: cfg:
|
||||
if cfg.hostBridge != null then
|
||||
''
|
||||
# Add ${name} to bridge ${cfg.hostBridge}
|
||||
ip link set dev ${name} master ${cfg.hostBridge} up
|
||||
''
|
||||
else
|
||||
''
|
||||
echo "Bring ${name} up"
|
||||
ip link set dev ${name} up
|
||||
# Set IPs and routes for ${name}
|
||||
${optionalString (cfg.hostAddress != null) ''
|
||||
ip addr add ${cfg.hostAddress} dev ${name}
|
||||
''}
|
||||
${optionalString (cfg.hostAddress6 != null) ''
|
||||
ip -6 addr add ${cfg.hostAddress6} dev ${name}
|
||||
''}
|
||||
${optionalString (cfg.localAddress != null) ''
|
||||
ip route add ${cfg.localAddress} dev ${name}
|
||||
''}
|
||||
${optionalString (cfg.localAddress6 != null) ''
|
||||
ip -6 route add ${cfg.localAddress6} dev ${name}
|
||||
''}
|
||||
'';
|
||||
in
|
||||
''
|
||||
if [ -n "$HOST_ADDRESS" ] || [ -n "$LOCAL_ADDRESS" ] ||
|
||||
[ -n "$HOST_ADDRESS6" ] || [ -n "$LOCAL_ADDRESS6" ]; then
|
||||
if [ -z "$HOST_BRIDGE" ]; then
|
||||
ifaceHost=ve-$INSTANCE
|
||||
ip link set dev $ifaceHost up
|
||||
|
||||
${ipcall cfg "ip addr" "$HOST_ADDRESS" "hostAddress"}
|
||||
${ipcall cfg "ip -6 addr" "$HOST_ADDRESS6" "hostAddress6"}
|
||||
${ipcall cfg "ip route" "$LOCAL_ADDRESS" "localAddress"}
|
||||
${ipcall cfg "ip -6 route" "$LOCAL_ADDRESS6" "localAddress6"}
|
||||
fi
|
||||
${concatStringsSep "\n" (mapAttrsToList renderExtraVeth cfg.extraVeths)}
|
||||
fi
|
||||
''
|
||||
);
|
||||
|
||||
serviceDirectives = cfg: {
|
||||
ExecReload = pkgs.writeScript "reload-container"
|
||||
''
|
||||
#! ${pkgs.runtimeShell} -e
|
||||
${pkgs.nixos-container}/bin/nixos-container run "$INSTANCE" -- \
|
||||
bash --login -c "''${SYSTEM_PATH:-/nix/var/nix/profiles/system}/bin/switch-to-configuration test"
|
||||
'';
|
||||
|
||||
SyslogIdentifier = "container %i";
|
||||
|
||||
EnvironmentFile = "-/etc/containers/%i.conf";
|
||||
|
||||
Type = "notify";
|
||||
|
||||
RuntimeDirectory = lib.optional cfg.ephemeral "containers/%i";
|
||||
|
||||
# Note that on reboot, systemd-nspawn returns 133, so this
|
||||
# unit will be restarted. On poweroff, it returns 0, so the
|
||||
# unit won't be restarted.
|
||||
RestartForceExitStatus = "133";
|
||||
SuccessExitStatus = "133";
|
||||
|
||||
# Some containers take long to start
|
||||
# especially when you automatically start many at once
|
||||
TimeoutStartSec = cfg.timeoutStartSec;
|
||||
|
||||
Restart = "on-failure";
|
||||
|
||||
Slice = "machine.slice";
|
||||
Delegate = true;
|
||||
|
||||
# Hack: we don't want to kill systemd-nspawn, since we call
|
||||
# "machinectl poweroff" in preStop to shut down the
|
||||
# container cleanly. But systemd requires sending a signal
|
||||
# (at least if we want remaining processes to be killed
|
||||
# after the timeout). So send an ignored signal.
|
||||
KillMode = "mixed";
|
||||
KillSignal = "WINCH";
|
||||
|
||||
DevicePolicy = "closed";
|
||||
DeviceAllow = map (d: "${d.node} ${d.modifier}") cfg.allowedDevices;
|
||||
};
|
||||
|
||||
|
||||
system = config.nixpkgs.localSystem.system;
|
||||
|
||||
bindMountOpts = { name, ... }: {
|
||||
|
||||
options = {
|
||||
mountPoint = mkOption {
|
||||
example = "/mnt/usb";
|
||||
type = types.str;
|
||||
description = "Mount point on the container file system.";
|
||||
};
|
||||
hostPath = mkOption {
|
||||
default = null;
|
||||
example = "/home/alice";
|
||||
type = types.nullOr types.str;
|
||||
description = "Location of the host path to be mounted.";
|
||||
};
|
||||
isReadOnly = mkOption {
|
||||
default = true;
|
||||
type = types.bool;
|
||||
description = "Determine whether the mounted path will be accessed in read-only mode.";
|
||||
};
|
||||
};
|
||||
|
||||
config = {
|
||||
mountPoint = mkDefault name;
|
||||
};
|
||||
|
||||
};
|
||||
|
||||
allowedDeviceOpts = { ... }: {
|
||||
options = {
|
||||
node = mkOption {
|
||||
example = "/dev/net/tun";
|
||||
type = types.str;
|
||||
description = "Path to device node";
|
||||
};
|
||||
modifier = mkOption {
|
||||
example = "rw";
|
||||
type = types.str;
|
||||
description = ''
|
||||
Device node access modifier. Takes a combination
|
||||
<literal>r</literal> (read), <literal>w</literal> (write), and
|
||||
<literal>m</literal> (mknod). See the
|
||||
<literal>systemd.resource-control(5)</literal> man page for more
|
||||
information.'';
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
|
||||
mkBindFlag = d:
|
||||
let flagPrefix = if d.isReadOnly then " --bind-ro=" else " --bind=";
|
||||
mountstr = if d.hostPath != null then "${d.hostPath}:${d.mountPoint}" else "${d.mountPoint}";
|
||||
in flagPrefix + mountstr ;
|
||||
|
||||
mkBindFlags = bs: concatMapStrings mkBindFlag (lib.attrValues bs);
|
||||
|
||||
networkOptions = {
|
||||
hostBridge = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
default = null;
|
||||
example = "br0";
|
||||
description = ''
|
||||
Put the host-side of the veth-pair into the named bridge.
|
||||
Only one of hostAddress* or hostBridge can be given.
|
||||
'';
|
||||
};
|
||||
|
||||
forwardPorts = mkOption {
|
||||
type = types.listOf (types.submodule {
|
||||
options = {
|
||||
protocol = mkOption {
|
||||
type = types.str;
|
||||
default = "tcp";
|
||||
description = "The protocol specifier for port forwarding between host and container";
|
||||
};
|
||||
hostPort = mkOption {
|
||||
type = types.int;
|
||||
description = "Source port of the external interface on host";
|
||||
};
|
||||
containerPort = mkOption {
|
||||
type = types.nullOr types.int;
|
||||
default = null;
|
||||
description = "Target port of container";
|
||||
};
|
||||
};
|
||||
});
|
||||
default = [];
|
||||
example = [ { protocol = "tcp"; hostPort = 8080; containerPort = 80; } ];
|
||||
description = ''
|
||||
List of forwarded ports from host to container. Each forwarded port
|
||||
is specified by protocol, hostPort and containerPort. By default,
|
||||
protocol is tcp and hostPort and containerPort are assumed to be
|
||||
the same if containerPort is not explicitly given.
|
||||
'';
|
||||
};
|
||||
|
||||
|
||||
hostAddress = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
default = null;
|
||||
example = "10.231.136.1";
|
||||
description = ''
|
||||
The IPv4 address assigned to the host interface.
|
||||
(Not used when hostBridge is set.)
|
||||
'';
|
||||
};
|
||||
|
||||
hostAddress6 = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
default = null;
|
||||
example = "fc00::1";
|
||||
description = ''
|
||||
The IPv6 address assigned to the host interface.
|
||||
(Not used when hostBridge is set.)
|
||||
'';
|
||||
};
|
||||
|
||||
localAddress = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
default = null;
|
||||
example = "10.231.136.2";
|
||||
description = ''
|
||||
The IPv4 address assigned to the interface in the container.
|
||||
If a hostBridge is used, this should be given with netmask to access
|
||||
the whole network. Otherwise the default netmask is /32 and routing is
|
||||
set up from localAddress to hostAddress and back.
|
||||
'';
|
||||
};
|
||||
|
||||
localAddress6 = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
default = null;
|
||||
example = "fc00::2";
|
||||
description = ''
|
||||
The IPv6 address assigned to the interface in the container.
|
||||
If a hostBridge is used, this should be given with netmask to access
|
||||
the whole network. Otherwise the default netmask is /128 and routing is
|
||||
set up from localAddress6 to hostAddress6 and back.
|
||||
'';
|
||||
};
|
||||
|
||||
};
|
||||
|
||||
dummyConfig =
|
||||
{
|
||||
extraVeths = {};
|
||||
additionalCapabilities = [];
|
||||
ephemeral = false;
|
||||
timeoutStartSec = "15s";
|
||||
allowedDevices = [];
|
||||
hostAddress = null;
|
||||
hostAddress6 = null;
|
||||
localAddress = null;
|
||||
localAddress6 = null;
|
||||
tmpfs = null;
|
||||
};
|
||||
|
||||
in
|
||||
|
||||
{
|
||||
options = {
|
||||
|
||||
boot.isContainer = mkOption {
|
||||
type = types.bool;
|
||||
default = false;
|
||||
description = ''
|
||||
Whether this NixOS machine is a lightweight container running
|
||||
in another NixOS system. If set to true, support for nested
|
||||
containers is disabled by default, but can be reenabled by
|
||||
setting <config>boot.enableContainers</config> to true.
|
||||
'';
|
||||
};
|
||||
|
||||
boot.enableContainers = mkOption {
|
||||
type = types.bool;
|
||||
default = !config.boot.isContainer;
|
||||
description = ''
|
||||
Whether to enable support for NixOS containers. Defaults to true
|
||||
(at no cost if containers are not actually used), but only if the
|
||||
system is not itself a lightweight container of a host.
|
||||
To enable support for nested containers, this option has to be
|
||||
explicitly set to true (in the outer container).
|
||||
'';
|
||||
};
|
||||
|
||||
containers = mkOption {
|
||||
type = types.attrsOf (types.submodule (
|
||||
{ config, options, name, ... }:
|
||||
{
|
||||
options = {
|
||||
|
||||
config = mkOption {
|
||||
description = ''
|
||||
A specification of the desired configuration of this
|
||||
container, as a NixOS module.
|
||||
'';
|
||||
type = let
|
||||
confPkgs = if config.pkgs == null then pkgs else config.pkgs;
|
||||
in lib.mkOptionType {
|
||||
name = "Toplevel NixOS config";
|
||||
merge = loc: defs: (import (confPkgs.path + "/nixos/lib/eval-config.nix") {
|
||||
inherit system;
|
||||
pkgs = confPkgs;
|
||||
baseModules = import (confPkgs.path + "/nixos/modules/module-list.nix");
|
||||
inherit (confPkgs) lib;
|
||||
modules =
|
||||
let
|
||||
extraConfig = {
|
||||
_file = "module at ${__curPos.file}:${toString __curPos.line}";
|
||||
config = {
|
||||
boot.isContainer = true;
|
||||
networking.hostName = mkDefault name;
|
||||
networking.useDHCP = false;
|
||||
assertions = [
|
||||
{
|
||||
assertion = config.privateNetwork -> stringLength name < 12;
|
||||
message = ''
|
||||
Container name `${name}` is too long: When `privateNetwork` is enabled, container names can
|
||||
not be longer than 11 characters, because the container's interface name is derived from it.
|
||||
This might be fixed in the future. See https://github.com/NixOS/nixpkgs/issues/38509
|
||||
'';
|
||||
}
|
||||
];
|
||||
};
|
||||
};
|
||||
in [ extraConfig ] ++ (map (x: x.value) defs);
|
||||
prefix = [ "containers" name ];
|
||||
}).config;
|
||||
};
|
||||
};
|
||||
|
||||
path = mkOption {
|
||||
type = types.path;
|
||||
example = "/nix/var/nix/profiles/containers/webserver";
|
||||
description = ''
|
||||
As an alternative to specifying
|
||||
<option>config</option>, you can specify the path to
|
||||
the evaluated NixOS system configuration, typically a
|
||||
symlink to a system profile.
|
||||
'';
|
||||
};
|
||||
|
||||
additionalCapabilities = mkOption {
|
||||
type = types.listOf types.str;
|
||||
default = [];
|
||||
example = [ "CAP_NET_ADMIN" "CAP_MKNOD" ];
|
||||
description = ''
|
||||
Grant additional capabilities to the container. See the
|
||||
capabilities(7) and systemd-nspawn(1) man pages for more
|
||||
information.
|
||||
'';
|
||||
};
|
||||
|
||||
pkgs = mkOption {
|
||||
type = types.nullOr types.attrs;
|
||||
default = null;
|
||||
example = literalExample "pkgs";
|
||||
description = ''
|
||||
Customise which nixpkgs to use for this container.
|
||||
'';
|
||||
};
|
||||
|
||||
ephemeral = mkOption {
|
||||
type = types.bool;
|
||||
default = false;
|
||||
description = ''
|
||||
Runs container in ephemeral mode with the empty root filesystem at boot.
|
||||
This way container will be bootstrapped from scratch on each boot
|
||||
and will be cleaned up on shutdown leaving no traces behind.
|
||||
Useful for completely stateless, reproducible containers.
|
||||
|
||||
Note that this option might require to do some adjustments to the container configuration,
|
||||
e.g. you might want to set
|
||||
<varname>systemd.network.networks.$interface.dhcpConfig.ClientIdentifier</varname> to "mac"
|
||||
if you use <varname>macvlans</varname> option.
|
||||
This way dhcp client identifier will be stable between the container restarts.
|
||||
|
||||
Note that the container journal will not be linked to the host if this option is enabled.
|
||||
'';
|
||||
};
|
||||
|
||||
enableTun = mkOption {
|
||||
type = types.bool;
|
||||
default = false;
|
||||
description = ''
|
||||
Allows the container to create and setup tunnel interfaces
|
||||
by granting the <literal>NET_ADMIN</literal> capability and
|
||||
enabling access to <literal>/dev/net/tun</literal>.
|
||||
'';
|
||||
};
|
||||
|
||||
privateNetwork = mkOption {
|
||||
type = types.bool;
|
||||
default = false;
|
||||
description = ''
|
||||
Whether to give the container its own private virtual
|
||||
Ethernet interface. The interface is called
|
||||
<literal>eth0</literal>, and is hooked up to the interface
|
||||
<literal>ve-<replaceable>container-name</replaceable></literal>
|
||||
on the host. If this option is not set, then the
|
||||
container shares the network interfaces of the host,
|
||||
and can bind to any port on any interface.
|
||||
'';
|
||||
};
|
||||
|
||||
interfaces = mkOption {
|
||||
type = types.listOf types.str;
|
||||
default = [];
|
||||
example = [ "eth1" "eth2" ];
|
||||
description = ''
|
||||
The list of interfaces to be moved into the container.
|
||||
'';
|
||||
};
|
||||
|
||||
macvlans = mkOption {
|
||||
type = types.listOf types.str;
|
||||
default = [];
|
||||
example = [ "eth1" "eth2" ];
|
||||
description = ''
|
||||
The list of host interfaces from which macvlans will be
|
||||
created. For each interface specified, a macvlan interface
|
||||
will be created and moved to the container.
|
||||
'';
|
||||
};
|
||||
|
||||
extraVeths = mkOption {
|
||||
type = with types; attrsOf (submodule { options = networkOptions; });
|
||||
default = {};
|
||||
description = ''
|
||||
Extra veth-pairs to be created for the container.
|
||||
'';
|
||||
};
|
||||
|
||||
autoStart = mkOption {
|
||||
type = types.bool;
|
||||
default = false;
|
||||
description = ''
|
||||
Whether the container is automatically started at boot-time.
|
||||
'';
|
||||
};
|
||||
|
||||
timeoutStartSec = mkOption {
|
||||
type = types.str;
|
||||
default = "1min";
|
||||
description = ''
|
||||
Time for the container to start. In case of a timeout,
|
||||
the container processes get killed.
|
||||
See <citerefentry><refentrytitle>systemd.time</refentrytitle>
|
||||
<manvolnum>7</manvolnum></citerefentry>
|
||||
for more information about the format.
|
||||
'';
|
||||
};
|
||||
|
||||
bindMounts = mkOption {
|
||||
type = with types; loaOf (submodule bindMountOpts);
|
||||
default = {};
|
||||
example = literalExample ''
|
||||
{ "/home" = { hostPath = "/home/alice";
|
||||
isReadOnly = false; };
|
||||
}
|
||||
'';
|
||||
|
||||
description =
|
||||
''
|
||||
An extra list of directories that is bound to the container.
|
||||
'';
|
||||
};
|
||||
|
||||
allowedDevices = mkOption {
|
||||
type = with types; listOf (submodule allowedDeviceOpts);
|
||||
default = [];
|
||||
example = [ { node = "/dev/net/tun"; modifier = "rw"; } ];
|
||||
description = ''
|
||||
A list of device nodes to which the containers has access to.
|
||||
'';
|
||||
};
|
||||
|
||||
tmpfs = mkOption {
|
||||
type = types.listOf types.str;
|
||||
default = [];
|
||||
example = [ "/var" ];
|
||||
description = ''
|
||||
Mounts a set of tmpfs file systems into the container.
|
||||
Multiple paths can be specified.
|
||||
Valid items must conform to the --tmpfs argument
|
||||
of systemd-nspawn. See systemd-nspawn(1) for details.
|
||||
'';
|
||||
};
|
||||
|
||||
extraFlags = mkOption {
|
||||
type = types.listOf types.str;
|
||||
default = [];
|
||||
example = [ "--drop-capability=CAP_SYS_CHROOT" ];
|
||||
description = ''
|
||||
Extra flags passed to the systemd-nspawn command.
|
||||
See systemd-nspawn(1) for details.
|
||||
'';
|
||||
};
|
||||
|
||||
} // networkOptions;
|
||||
|
||||
config = mkMerge
|
||||
[
|
||||
(mkIf options.config.isDefined {
|
||||
path = config.config.system.build.toplevel;
|
||||
})
|
||||
];
|
||||
}));
|
||||
|
||||
default = {};
|
||||
example = literalExample
|
||||
''
|
||||
{ webserver =
|
||||
{ path = "/nix/var/nix/profiles/webserver";
|
||||
};
|
||||
database =
|
||||
{ config =
|
||||
{ config, pkgs, ... }:
|
||||
{ services.postgresql.enable = true;
|
||||
services.postgresql.package = pkgs.postgresql_9_6;
|
||||
|
||||
system.stateVersion = "17.03";
|
||||
};
|
||||
};
|
||||
}
|
||||
'';
|
||||
description = ''
|
||||
A set of NixOS system configurations to be run as lightweight
|
||||
containers. Each container appears as a service
|
||||
<literal>container-<replaceable>name</replaceable></literal>
|
||||
on the host system, allowing it to be started and stopped via
|
||||
<command>systemctl</command>.
|
||||
'';
|
||||
};
|
||||
|
||||
};
|
||||
|
||||
|
||||
config = mkIf (config.boot.enableContainers) (let
|
||||
|
||||
unit = {
|
||||
description = "Container '%i'";
|
||||
|
||||
unitConfig.RequiresMountsFor = "/var/lib/containers/%i";
|
||||
|
||||
path = [ pkgs.iproute ];
|
||||
|
||||
environment = {
|
||||
root = "/var/lib/containers/%i";
|
||||
INSTANCE = "%i";
|
||||
};
|
||||
|
||||
preStart = preStartScript dummyConfig;
|
||||
|
||||
script = startScript dummyConfig;
|
||||
|
||||
postStart = postStartScript dummyConfig;
|
||||
|
||||
preStop = "machinectl poweroff $INSTANCE";
|
||||
|
||||
restartIfChanged = false;
|
||||
|
||||
serviceConfig = serviceDirectives dummyConfig;
|
||||
};
|
||||
in {
|
||||
systemd.targets.multi-user.wants = [ "machines.target" ];
|
||||
|
||||
systemd.services = listToAttrs (filter (x: x.value != null) (
|
||||
# The generic container template used by imperative containers
|
||||
[{ name = "container@"; value = unit; }]
|
||||
# declarative containers
|
||||
++ (mapAttrsToList (name: cfg: nameValuePair "container@${name}" (let
|
||||
containerConfig = cfg // (
|
||||
if cfg.enableTun then
|
||||
{
|
||||
allowedDevices = cfg.allowedDevices
|
||||
++ [ { node = "/dev/net/tun"; modifier = "rw"; } ];
|
||||
additionalCapabilities = cfg.additionalCapabilities
|
||||
++ [ "CAP_NET_ADMIN" ];
|
||||
}
|
||||
else {});
|
||||
in
|
||||
recursiveUpdate unit {
|
||||
preStart = preStartScript containerConfig;
|
||||
script = startScript containerConfig;
|
||||
postStart = postStartScript containerConfig;
|
||||
serviceConfig = serviceDirectives containerConfig;
|
||||
unitConfig.RequiresMountsFor = lib.optional (!containerConfig.ephemeral) "/var/lib/containers/%i";
|
||||
environment.root = if containerConfig.ephemeral then "/run/containers/%i" else "/var/lib/containers/%i";
|
||||
} // (
|
||||
if containerConfig.autoStart then
|
||||
{
|
||||
wantedBy = [ "machines.target" ];
|
||||
wants = [ "network.target" ];
|
||||
after = [ "network.target" ];
|
||||
restartTriggers = [
|
||||
containerConfig.path
|
||||
config.environment.etc."containers/${name}.conf".source
|
||||
];
|
||||
restartIfChanged = true;
|
||||
}
|
||||
else {})
|
||||
)) config.containers)
|
||||
));
|
||||
|
||||
# Generate a configuration file in /etc/containers for each
|
||||
# container so that container@.target can get the container
|
||||
# configuration.
|
||||
environment.etc =
|
||||
let mkPortStr = p: p.protocol + ":" + (toString p.hostPort) + ":" + (if p.containerPort == null then toString p.hostPort else toString p.containerPort);
|
||||
in mapAttrs' (name: cfg: nameValuePair "containers/${name}.conf"
|
||||
{ text =
|
||||
''
|
||||
SYSTEM_PATH=${cfg.path}
|
||||
${optionalString cfg.privateNetwork ''
|
||||
PRIVATE_NETWORK=1
|
||||
${optionalString (cfg.hostBridge != null) ''
|
||||
HOST_BRIDGE=${cfg.hostBridge}
|
||||
''}
|
||||
${optionalString (length cfg.forwardPorts > 0) ''
|
||||
HOST_PORT=${concatStringsSep "," (map mkPortStr cfg.forwardPorts)}
|
||||
''}
|
||||
${optionalString (cfg.hostAddress != null) ''
|
||||
HOST_ADDRESS=${cfg.hostAddress}
|
||||
''}
|
||||
${optionalString (cfg.hostAddress6 != null) ''
|
||||
HOST_ADDRESS6=${cfg.hostAddress6}
|
||||
''}
|
||||
${optionalString (cfg.localAddress != null) ''
|
||||
LOCAL_ADDRESS=${cfg.localAddress}
|
||||
''}
|
||||
${optionalString (cfg.localAddress6 != null) ''
|
||||
LOCAL_ADDRESS6=${cfg.localAddress6}
|
||||
''}
|
||||
''}
|
||||
INTERFACES="${toString cfg.interfaces}"
|
||||
MACVLANS="${toString cfg.macvlans}"
|
||||
${optionalString cfg.autoStart ''
|
||||
AUTO_START=1
|
||||
''}
|
||||
EXTRA_NSPAWN_FLAGS="${mkBindFlags cfg.bindMounts +
|
||||
optionalString (cfg.extraFlags != [])
|
||||
(" " + concatStringsSep " " cfg.extraFlags)}"
|
||||
'';
|
||||
}) config.containers;
|
||||
|
||||
# Generate /etc/hosts entries for the containers.
|
||||
networking.extraHosts = concatStrings (mapAttrsToList (name: cfg: optionalString (cfg.localAddress != null)
|
||||
''
|
||||
${head (splitString "/" cfg.localAddress)} ${name}.containers
|
||||
'') config.containers);
|
||||
|
||||
networking.dhcpcd.denyInterfaces = [ "ve-*" "vb-*" ];
|
||||
|
||||
services.udev.extraRules = optionalString config.networking.networkmanager.enable ''
|
||||
# Don't manage interfaces created by nixos-container.
|
||||
ENV{INTERFACE}=="v[eb]-*", ENV{NM_UNMANAGED}="1"
|
||||
'';
|
||||
|
||||
environment.systemPackages = [ pkgs.nixos-container ];
|
||||
|
||||
boot.kernelModules = [
|
||||
"bridge"
|
||||
"macvlan"
|
||||
"tap"
|
||||
"tun"
|
||||
];
|
||||
});
|
||||
}
|
80
nixos/modules/virtualisation/podman.nix
Normal file
80
nixos/modules/virtualisation/podman.nix
Normal file
|
@ -0,0 +1,80 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
let
|
||||
cfg = config.virtualisation.podman;
|
||||
|
||||
inherit (lib) mkOption types;
|
||||
|
||||
# Provides a fake "docker" binary mapping to podman
|
||||
dockerCompat = pkgs.runCommandNoCC "${pkgs.podman.pname}-docker-compat-${pkgs.podman.version}" {
|
||||
outputs = [ "out" "bin" "man" ];
|
||||
inherit (pkgs.podman) meta;
|
||||
} ''
|
||||
mkdir $out
|
||||
|
||||
mkdir -p $bin/bin
|
||||
ln -s ${pkgs.podman.bin}/bin/podman $bin/bin/docker
|
||||
|
||||
mkdir -p $man/share/man/man1
|
||||
for f in ${pkgs.podman.man}/share/man/man1/*; do
|
||||
basename=$(basename $f | sed s/podman/docker/g)
|
||||
ln -s $f $man/share/man/man1/$basename
|
||||
done
|
||||
'';
|
||||
|
||||
# Copy configuration files to avoid having the entire sources in the system closure
|
||||
copyFile = filePath: pkgs.runCommandNoCC (builtins.unsafeDiscardStringContext (builtins.baseNameOf filePath)) {} ''
|
||||
cp ${filePath} $out
|
||||
'';
|
||||
|
||||
in
|
||||
{
|
||||
meta = {
|
||||
maintainers = lib.teams.podman.members;
|
||||
};
|
||||
|
||||
options.virtualisation.podman = {
|
||||
|
||||
enable =
|
||||
mkOption {
|
||||
type = types.bool;
|
||||
default = false;
|
||||
description = ''
|
||||
This option enables Podman, a daemonless container engine for
|
||||
developing, managing, and running OCI Containers on your Linux System.
|
||||
|
||||
It is a drop-in replacement for the <command>docker</command> command.
|
||||
'';
|
||||
};
|
||||
|
||||
dockerCompat = mkOption {
|
||||
type = types.bool;
|
||||
default = false;
|
||||
description = ''
|
||||
Create an alias mapping <command>docker</command> to <command>podman</command>.
|
||||
'';
|
||||
};
|
||||
|
||||
};
|
||||
|
||||
config = lib.mkIf cfg.enable {
|
||||
|
||||
environment.systemPackages = [
|
||||
pkgs.podman # Docker compat
|
||||
pkgs.runc # Default container runtime
|
||||
pkgs.crun # Default container runtime (cgroups v2)
|
||||
pkgs.conmon # Container runtime monitor
|
||||
pkgs.slirp4netns # User-mode networking for unprivileged namespaces
|
||||
pkgs.fuse-overlayfs # CoW for images, much faster than default vfs
|
||||
pkgs.utillinux # nsenter
|
||||
pkgs.cni-plugins # Networking plugins
|
||||
pkgs.iptables
|
||||
]
|
||||
++ lib.optional cfg.dockerCompat dockerCompat;
|
||||
|
||||
environment.etc."cni/net.d/87-podman-bridge.conflist".source = copyFile "${pkgs.podman.src}/cni/87-podman-bridge.conflist";
|
||||
|
||||
virtualisation.containers.enable = true;
|
||||
|
||||
};
|
||||
|
||||
}
|
|
@ -115,6 +115,7 @@ in rec {
|
|||
(onFullSupported "nixos.tests.openssh")
|
||||
(onFullSupported "nixos.tests.pantheon")
|
||||
(onFullSupported "nixos.tests.php.fpm")
|
||||
(onFullSupported "nixos.tests.php.httpd")
|
||||
(onFullSupported "nixos.tests.php.pcre")
|
||||
(onFullSupported "nixos.tests.plasma5")
|
||||
(onFullSupported "nixos.tests.predictable-interface-names.predictableNetworkd")
|
||||
|
|
|
@ -248,6 +248,7 @@ in
|
|||
php = handleTest ./php {};
|
||||
plasma5 = handleTest ./plasma5.nix {};
|
||||
plotinus = handleTest ./plotinus.nix {};
|
||||
podman = handleTest ./podman.nix {};
|
||||
postgis = handleTest ./postgis.nix {};
|
||||
postgresql = handleTest ./postgresql.nix {};
|
||||
postgresql-wal-receiver = handleTest ./postgresql-wal-receiver.nix {};
|
||||
|
@ -299,6 +300,7 @@ in
|
|||
systemd-timesyncd = handleTest ./systemd-timesyncd.nix {};
|
||||
systemd-networkd-vrf = handleTest ./systemd-networkd-vrf.nix {};
|
||||
systemd-networkd = handleTest ./systemd-networkd.nix {};
|
||||
systemd-networkd-dhcpserver = handleTest ./systemd-networkd-dhcpserver.nix {};
|
||||
systemd-nspawn = handleTest ./systemd-nspawn.nix {};
|
||||
pdns-recursor = handleTest ./pdns-recursor.nix {};
|
||||
taskserver = handleTest ./taskserver.nix {};
|
||||
|
|
|
@ -3,5 +3,6 @@
|
|||
pkgs ? import ../../.. { inherit system config; }
|
||||
}: {
|
||||
fpm = import ./fpm.nix { inherit system pkgs; };
|
||||
httpd = import ./httpd.nix { inherit system pkgs; };
|
||||
pcre = import ./pcre.nix { inherit system pkgs; };
|
||||
}
|
||||
|
|
|
@ -43,13 +43,11 @@ import ../make-test-python.nix ({pkgs, ...}: {
|
|||
machine.wait_for_unit("phpfpm-foobar.service")
|
||||
|
||||
# Check so we get an evaluated PHP back
|
||||
assert "PHP Version ${pkgs.php.version}" in machine.succeed("curl -vvv -s http://127.0.0.1:80/")
|
||||
response = machine.succeed("curl -vvv -s http://127.0.0.1:80/")
|
||||
assert "PHP Version ${pkgs.php.version}" in response, "PHP version not detected"
|
||||
|
||||
# Check so we have database and some other extensions loaded
|
||||
assert "json" in machine.succeed("curl -vvv -s http://127.0.0.1:80/")
|
||||
assert "opcache" in machine.succeed("curl -vvv -s http://127.0.0.1:80/")
|
||||
assert "pdo_mysql" in machine.succeed("curl -vvv -s http://127.0.0.1:80/")
|
||||
assert "pdo_pgsql" in machine.succeed("curl -vvv -s http://127.0.0.1:80/")
|
||||
assert "pdo_sqlite" in machine.succeed("curl -vvv -s http://127.0.0.1:80/")
|
||||
for ext in ["json", "opcache", "pdo_mysql", "pdo_pgsql", "pdo_sqlite"]:
|
||||
assert ext in response, f"Missing {ext} extension"
|
||||
'';
|
||||
})
|
||||
|
|
31
nixos/tests/php/httpd.nix
Normal file
31
nixos/tests/php/httpd.nix
Normal file
|
@ -0,0 +1,31 @@
|
|||
import ../make-test-python.nix ({pkgs, ...}: {
|
||||
name = "php-httpd-test";
|
||||
meta.maintainers = with pkgs.stdenv.lib.maintainers; [ etu ];
|
||||
|
||||
machine = { config, lib, pkgs, ... }: {
|
||||
services.httpd = {
|
||||
enable = true;
|
||||
adminAddr = "admin@phpfpm";
|
||||
virtualHosts."phpfpm" = let
|
||||
testdir = pkgs.writeTextDir "web/index.php" "<?php phpinfo();";
|
||||
in {
|
||||
documentRoot = "${testdir}/web";
|
||||
locations."/" = {
|
||||
index = "index.php index.html";
|
||||
};
|
||||
};
|
||||
enablePHP = true;
|
||||
};
|
||||
};
|
||||
testScript = { ... }: ''
|
||||
machine.wait_for_unit("httpd.service")
|
||||
|
||||
# Check so we get an evaluated PHP back
|
||||
response = machine.succeed("curl -vvv -s http://127.0.0.1:80/")
|
||||
assert "PHP Version ${pkgs.php.version}" in response, "PHP version not detected"
|
||||
|
||||
# Check so we have database and some other extensions loaded
|
||||
for ext in ["json", "opcache", "pdo_mysql", "pdo_pgsql", "pdo_sqlite"]:
|
||||
assert ext in response, f"Missing {ext} extension"
|
||||
'';
|
||||
})
|
|
@ -30,8 +30,8 @@ in import ../make-test-python.nix ({ ...}: {
|
|||
''
|
||||
machine.wait_for_unit("httpd.service")
|
||||
# Ensure php evaluation by matching on the var_dump syntax
|
||||
assert 'string(${toString (builtins.stringLength testString)}) "${testString}"' in machine.succeed(
|
||||
"curl -vvv -s http://127.0.0.1:80/index.php"
|
||||
)
|
||||
response = machine.succeed("curl -vvv -s http://127.0.0.1:80/index.php")
|
||||
expected = 'string(${toString (builtins.stringLength testString)}) "${testString}"'
|
||||
assert expected in response, "Does not appear to be able to use subgroups."
|
||||
'';
|
||||
})
|
||||
|
|
30
nixos/tests/podman.nix
Normal file
30
nixos/tests/podman.nix
Normal file
|
@ -0,0 +1,30 @@
|
|||
# This test runs podman and checks if simple container starts
|
||||
|
||||
import ./make-test-python.nix (
|
||||
{ pkgs, lib, ... }: {
|
||||
name = "podman";
|
||||
meta = {
|
||||
maintainers = lib.teams.podman.members;
|
||||
};
|
||||
|
||||
nodes = {
|
||||
podman =
|
||||
{ pkgs, ... }:
|
||||
{
|
||||
virtualisation.podman.enable = true;
|
||||
};
|
||||
};
|
||||
|
||||
testScript = ''
|
||||
start_all()
|
||||
|
||||
podman.wait_for_unit("sockets.target")
|
||||
podman.succeed("tar cv --files-from /dev/null | podman import - scratchimg")
|
||||
podman.succeed(
|
||||
"podman run -d --name=sleeping -v /nix/store:/nix/store -v /run/current-system/sw/bin:/bin scratchimg /bin/sleep 10"
|
||||
)
|
||||
podman.succeed("podman ps | grep sleeping")
|
||||
podman.succeed("podman stop sleeping")
|
||||
'';
|
||||
}
|
||||
)
|
|
@ -3,74 +3,42 @@
|
|||
pkgs ? import ../.. { inherit system config; }
|
||||
}:
|
||||
|
||||
with import ../lib/testing.nix { inherit system pkgs; };
|
||||
with import ../lib/testing-python.nix { inherit system pkgs; };
|
||||
with pkgs.lib;
|
||||
|
||||
let
|
||||
mysqlTest = package: makeTest {
|
||||
machine =
|
||||
{ config, pkgs, ... }:
|
||||
{ services.redmine.enable = true;
|
||||
services.redmine.package = package;
|
||||
services.redmine.database.type = "mysql2";
|
||||
services.redmine.plugins = {
|
||||
redmineTest = { name, type }: makeTest {
|
||||
name = "redmine-${name}";
|
||||
machine = { config, pkgs, ... }: {
|
||||
services.redmine = {
|
||||
enable = true;
|
||||
package = pkgs.redmine;
|
||||
database.type = type;
|
||||
plugins = {
|
||||
redmine_env_auth = pkgs.fetchurl {
|
||||
url = "https://github.com/Intera/redmine_env_auth/archive/0.7.zip";
|
||||
sha256 = "1xb8lyarc7mpi86yflnlgyllh9hfwb9z304f19dx409gqpia99sc";
|
||||
};
|
||||
};
|
||||
services.redmine.themes = {
|
||||
themes = {
|
||||
dkuk-redmine_alex_skin = pkgs.fetchurl {
|
||||
url = "https://bitbucket.org/dkuk/redmine_alex_skin/get/1842ef675ef3.zip";
|
||||
sha256 = "0hrin9lzyi50k4w2bd2b30vrf1i4fi1c0gyas5801wn8i7kpm9yl";
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
testScript = ''
|
||||
startAll;
|
||||
$machine->waitForUnit('redmine.service');
|
||||
$machine->waitForOpenPort('3000');
|
||||
$machine->succeed("curl --fail http://localhost:3000/");
|
||||
start_all()
|
||||
machine.wait_for_unit("redmine.service")
|
||||
machine.wait_for_open_port(3000)
|
||||
machine.succeed("curl --fail http://localhost:3000/")
|
||||
'';
|
||||
};
|
||||
|
||||
pgsqlTest = package: makeTest {
|
||||
machine =
|
||||
{ config, pkgs, ... }:
|
||||
{ services.redmine.enable = true;
|
||||
services.redmine.package = package;
|
||||
services.redmine.database.type = "postgresql";
|
||||
services.redmine.plugins = {
|
||||
redmine_env_auth = pkgs.fetchurl {
|
||||
url = "https://github.com/Intera/redmine_env_auth/archive/0.7.zip";
|
||||
sha256 = "1xb8lyarc7mpi86yflnlgyllh9hfwb9z304f19dx409gqpia99sc";
|
||||
};
|
||||
};
|
||||
services.redmine.themes = {
|
||||
dkuk-redmine_alex_skin = pkgs.fetchurl {
|
||||
url = "https://bitbucket.org/dkuk/redmine_alex_skin/get/1842ef675ef3.zip";
|
||||
sha256 = "0hrin9lzyi50k4w2bd2b30vrf1i4fi1c0gyas5801wn8i7kpm9yl";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
testScript = ''
|
||||
startAll;
|
||||
$machine->waitForUnit('redmine.service');
|
||||
$machine->waitForOpenPort('3000');
|
||||
$machine->succeed("curl --fail http://localhost:3000/");
|
||||
'';
|
||||
};
|
||||
in
|
||||
{
|
||||
mysql = mysqlTest pkgs.redmine // {
|
||||
name = "mysql";
|
||||
meta.maintainers = [ maintainers.aanderse ];
|
||||
};
|
||||
|
||||
pgsql = pgsqlTest pkgs.redmine // {
|
||||
name = "pgsql";
|
||||
} // {
|
||||
meta.maintainers = [ maintainers.aanderse ];
|
||||
};
|
||||
in {
|
||||
mysql = redmineTest { name = "mysql"; type = "mysql2"; };
|
||||
pgsql = redmineTest { name = "pgsql"; type = "postgresql"; };
|
||||
}
|
||||
|
|
58
nixos/tests/systemd-networkd-dhcpserver.nix
Normal file
58
nixos/tests/systemd-networkd-dhcpserver.nix
Normal file
|
@ -0,0 +1,58 @@
|
|||
# This test predominantly tests systemd-networkd DHCP server, by
|
||||
# setting up a DHCP server and client, and ensuring they are mutually
|
||||
# reachable via the DHCP allocated address.
|
||||
import ./make-test-python.nix ({pkgs, ...}: {
|
||||
name = "systemd-networkd-dhcpserver";
|
||||
meta = with pkgs.stdenv.lib.maintainers; {
|
||||
maintainers = [ tomfitzhenry ];
|
||||
};
|
||||
nodes = {
|
||||
router = { config, pkgs, ... }: {
|
||||
virtualisation.vlans = [ 1 ];
|
||||
systemd.services.systemd-networkd.environment.SYSTEMD_LOG_LEVEL = "debug";
|
||||
networking = {
|
||||
useNetworkd = true;
|
||||
useDHCP = false;
|
||||
firewall.enable = false;
|
||||
};
|
||||
systemd.network = {
|
||||
networks = {
|
||||
# systemd-networkd will load the first network unit file
|
||||
# that matches, ordered lexiographically by filename.
|
||||
# /etc/systemd/network/{40-eth1,99-main}.network already
|
||||
# exists. This network unit must be loaded for the test,
|
||||
# however, hence why this network is named such.
|
||||
"01-eth1" = {
|
||||
name = "eth1";
|
||||
networkConfig = {
|
||||
DHCPServer = true;
|
||||
Address = "10.0.0.1/24";
|
||||
};
|
||||
dhcpServerConfig = {
|
||||
PoolOffset = 100;
|
||||
PoolSize = 1;
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
client = { config, pkgs, ... }: {
|
||||
virtualisation.vlans = [ 1 ];
|
||||
systemd.services.systemd-networkd.environment.SYSTEMD_LOG_LEVEL = "debug";
|
||||
networking = {
|
||||
useNetworkd = true;
|
||||
useDHCP = false;
|
||||
firewall.enable = false;
|
||||
interfaces.eth1.useDHCP = true;
|
||||
};
|
||||
};
|
||||
};
|
||||
testScript = { ... }: ''
|
||||
start_all()
|
||||
router.wait_for_unit("systemd-networkd-wait-online.service")
|
||||
client.wait_for_unit("systemd-networkd-wait-online.service")
|
||||
client.wait_until_succeeds("ping -c 5 10.0.0.1")
|
||||
router.wait_until_succeeds("ping -c 5 10.0.0.100")
|
||||
'';
|
||||
})
|
|
@ -39,6 +39,7 @@
|
|||
, nss
|
||||
, pciutils
|
||||
, pkgsi686Linux
|
||||
, ps
|
||||
, setxkbmap
|
||||
, stdenv
|
||||
, systemd
|
||||
|
@ -89,6 +90,7 @@ let
|
|||
|
||||
# Runtime stuff
|
||||
git
|
||||
ps
|
||||
]}" \
|
||||
--prefix LD_LIBRARY_PATH : "${stdenv.lib.makeLibraryPath [
|
||||
|
||||
|
|
|
@ -1,25 +1,25 @@
|
|||
{ stdenv, fetchFromGitHub, cmake, pkgconfig, zip, gettext, perl
|
||||
, wxGTK30, libXext, libXi, libXt, libXtst, xercesc
|
||||
, wxGTK31, libXext, libXi, libXt, libXtst, xercesc
|
||||
, qrencode, libuuid, libyubikey, yubikey-personalization
|
||||
, curl, openssl, file
|
||||
}:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "pwsafe";
|
||||
version = "1.09.0";
|
||||
version = "3.52.0";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = pname;
|
||||
repo = pname;
|
||||
rev = "${version}";
|
||||
sha256 = "0dmazm95d53wq74qvsjvhl7r6fr4dv11nzf8sgdy47nyxv06xs1b";
|
||||
sha256 = "1ka7xsl63v0559fzf3pwc1iqr37gwr4vq5iaxa2hzar2g28hsxvh";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [
|
||||
cmake gettext perl pkgconfig zip
|
||||
];
|
||||
buildInputs = [
|
||||
libXext libXi libXt libXtst wxGTK30
|
||||
libXext libXi libXt libXtst wxGTK31
|
||||
curl qrencode libuuid openssl xercesc
|
||||
libyubikey yubikey-personalization
|
||||
file
|
||||
|
|
|
@ -11,8 +11,8 @@
|
|||
version = "84.0.4115.5";
|
||||
};
|
||||
stable = {
|
||||
sha256 = "0hsxxw7fm1p8g53msqb644v8vr4cpvjmpln444c2268rm43yik17";
|
||||
sha256bin64 = "0ap7flrw3h885454fa2r7psa4sh8567ql7v7x96q11gh9gjrdvp3";
|
||||
version = "81.0.4044.113";
|
||||
sha256 = "0ahqh3vmzbpai4xwn7qybgw9phc8ssjdvfc7384mxqk9swqgv7qg";
|
||||
sha256bin64 = "0gpgim244594m35qwf625blwdqgjbp4qr846wq75a9a9zqwqs05w";
|
||||
version = "81.0.4044.122";
|
||||
};
|
||||
}
|
||||
|
|
|
@ -1,10 +1,10 @@
|
|||
{ stdenv, fetchFromGitHub, fetchpatch, libiconv }:
|
||||
{ stdenv, lib, fetchFromGitHub, fetchpatch, libiconv, ruby ? null }:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "mblaze";
|
||||
version = "0.5.1";
|
||||
|
||||
buildInputs = stdenv.lib.optionals stdenv.isDarwin [ libiconv ];
|
||||
buildInputs = [ ruby ] ++ lib.optionals stdenv.isDarwin [ libiconv ];
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "chneukirchen";
|
||||
|
@ -24,9 +24,11 @@ stdenv.mkDerivation rec {
|
|||
|
||||
postInstall = ''
|
||||
install -Dm644 -t $out/share/zsh/site-functions contrib/_mblaze
|
||||
'' + lib.optionalString (ruby != null) ''
|
||||
install -Dt $out/bin contrib/msuck contrib/mblow
|
||||
'';
|
||||
|
||||
meta = with stdenv.lib; {
|
||||
meta = with lib; {
|
||||
homepage = "https://github.com/chneukirchen/mblaze";
|
||||
description = "Unix utilities to deal with Maildir";
|
||||
license = licenses.cc0;
|
||||
|
|
|
@ -6,6 +6,7 @@
|
|||
, speechdSupport ? false, speechd ? null
|
||||
, pulseSupport ? false, libpulseaudio ? null
|
||||
, iceSupport ? false, zeroc-ice ? null
|
||||
, nixosTests
|
||||
}:
|
||||
|
||||
assert jackSupport -> libjack2 != null;
|
||||
|
@ -63,6 +64,8 @@ let
|
|||
|
||||
enableParallelBuilding = true;
|
||||
|
||||
passthru.tests.connectivity = nixosTests.mumble;
|
||||
|
||||
meta = {
|
||||
description = "Low-latency, high quality voice chat software";
|
||||
homepage = "https://mumble.info";
|
||||
|
|
|
@ -1,19 +1,19 @@
|
|||
{ stdenv, fetchFromGitHub, qmake, pkgconfig, wrapQtAppsHook
|
||||
{ stdenv, fetchFromGitHub, qmake, pkg-config, wrapQtAppsHook
|
||||
, qtbase, qttools, qtwebkit, sqlite
|
||||
}:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "quiterss";
|
||||
version = "0.19.3";
|
||||
version = "0.19.4";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "QuiteRSS";
|
||||
repo = "quiterss";
|
||||
rev = version;
|
||||
sha256 = "06m5mhzxvv8q2adaqcrar3sx2c1hc89h2i0qfjxmirfc5z67hdw2";
|
||||
sha256 = "1cgvl67vhn5y7bj5gbjbgk26bhb0196bgrgsp3r5fmrislarj8s6";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ qmake pkgconfig wrapQtAppsHook ];
|
||||
nativeBuildInputs = [ qmake pkg-config wrapQtAppsHook ];
|
||||
buildInputs = [ qtbase qttools qtwebkit sqlite.dev ];
|
||||
|
||||
meta = with stdenv.lib; {
|
||||
|
@ -23,6 +23,7 @@ stdenv.mkDerivation rec {
|
|||
written on Qt/C++
|
||||
'';
|
||||
homepage = "https://quiterss.org";
|
||||
changelog = "https://github.com/QuiteRSS/quiterss/blob/${version}/CHANGELOG";
|
||||
license = licenses.gpl3;
|
||||
platforms = platforms.linux;
|
||||
maintainers = with maintainers; [ primeos ];
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
{ buildGoModule, stdenv, lib, procps, fetchFromGitHub }:
|
||||
{ buildGoModule, stdenv, lib, procps, fetchFromGitHub, nixosTests }:
|
||||
|
||||
let
|
||||
common = { stname, target, postInstall ? "" }:
|
||||
|
@ -35,6 +35,11 @@ let
|
|||
|
||||
inherit postInstall;
|
||||
|
||||
passthru.tests = with nixosTests; {
|
||||
init = syncthing-init;
|
||||
relay = syncthing-relay;
|
||||
};
|
||||
|
||||
meta = with lib; {
|
||||
homepage = "https://www.syncthing.net/";
|
||||
description = "Open Source Continuous File Synchronization";
|
||||
|
|
|
@ -1,9 +1,12 @@
|
|||
{ lib
|
||||
, fetchFromGitHub
|
||||
, crystal
|
||||
, crystal_0_33
|
||||
}:
|
||||
|
||||
crystal.buildCrystalPackage rec {
|
||||
let
|
||||
crystal = crystal_0_33;
|
||||
|
||||
in crystal.buildCrystalPackage rec {
|
||||
pname = "thicket";
|
||||
version = "0.1.3";
|
||||
|
||||
|
@ -14,13 +17,18 @@ crystal.buildCrystalPackage rec {
|
|||
sha256 = "0hkmmssiwipx373d0zw9a2yn72gqzqzcvwkqbs522m5adz6qmkzw";
|
||||
};
|
||||
|
||||
format = "shards";
|
||||
|
||||
shardsFile = ./shards.nix;
|
||||
crystalBinaries.thicket.src = "src/thicket.cr";
|
||||
|
||||
# there is one test that tries to clone a repo
|
||||
doCheck = false;
|
||||
|
||||
meta = with lib; {
|
||||
description = "A better one-line git log";
|
||||
homepage = "https://github.com/taylorthurlow/thicket";
|
||||
license = licenses.mit;
|
||||
maintainers = with maintainers; [ filalex77 ];
|
||||
};
|
||||
}
|
||||
}
|
||||
|
|
|
@ -192,7 +192,9 @@ in stdenv.mkDerivation {
|
|||
++ lib.optional usbSupport libusb
|
||||
++ lib.optional vdpauSupport libvdpau
|
||||
++ lib.optionals useWayland [
|
||||
wayland waylandpp wayland-protocols
|
||||
wayland
|
||||
waylandpp.dev
|
||||
wayland-protocols
|
||||
# Not sure why ".dev" is needed here, but CMake doesn't find libxkbcommon otherwise
|
||||
libxkbcommon.dev
|
||||
]
|
||||
|
@ -213,7 +215,7 @@ in stdenv.mkDerivation {
|
|||
|
||||
# for TexturePacker
|
||||
giflib zlib libpng libjpeg lzo
|
||||
] ++ lib.optionals useWayland [ wayland-protocols ];
|
||||
] ++ lib.optionals useWayland [ wayland-protocols waylandpp.bin ];
|
||||
|
||||
depsBuildBuild = [
|
||||
buildPackages.stdenv.cc
|
||||
|
|
|
@ -5,11 +5,11 @@
|
|||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "i3";
|
||||
version = "4.18";
|
||||
version = "4.18.1";
|
||||
|
||||
src = fetchurl {
|
||||
url = "https://i3wm.org/downloads/${pname}-${version}.tar.bz2";
|
||||
sha256 = "0dv5g8ycfmijxfjyw8hzsxaf80v09lb73zh7x2vszy78h3amifqz";
|
||||
sha256 = "0z709cianlzw0x0qwq4361347354xd9ckj1v7vjvhb1zh3x91gws";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ which pkgconfig makeWrapper ];
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
{ stdenv, name, src, patches ? [], buildInputs ? [] }:
|
||||
{stdenv, name, src, patches ? [], buildInputs ? [], ...}:
|
||||
stdenv.mkDerivation {
|
||||
inherit src buildInputs patches name;
|
||||
installPhase = "cp -r . $out";
|
||||
|
|
|
@ -1,53 +1,109 @@
|
|||
{ stdenv, lib, crystal, linkFarm, fetchFromGitHub }:
|
||||
{ # Generate shards.nix with `nix-shell -p crystal2nix --run crystal2nix` in the projects root
|
||||
shardsFile ? null
|
||||
{ stdenv, lib, crystal, shards, git, pkgconfig, which, linkFarm, fetchFromGitHub, installShellFiles }:
|
||||
|
||||
{ # Some projects do not include a lock file, so you can pass one
|
||||
lockFile ? null
|
||||
# Generate shards.nix with `nix-shell -p crystal2nix --run crystal2nix` in the projects root
|
||||
, shardsFile ? null
|
||||
# We support different builders. To make things more straight forward, make it
|
||||
# user selectable instead of trying to autodetect
|
||||
, format ? "make"
|
||||
, installManPages ? true
|
||||
# Specify binaries to build in the form { foo.src = "src/foo.cr"; }
|
||||
# The default `crystal build` options can be overridden with { foo.options = [ "--no-debug" ]; }
|
||||
, crystalBinaries ? {}
|
||||
, ...
|
||||
}@args:
|
||||
, crystalBinaries ? { }, ... }@args:
|
||||
|
||||
assert (builtins.elem format [ "make" "crystal" "shards" ]);
|
||||
|
||||
let
|
||||
mkDerivationArgs = builtins.removeAttrs args [ "shardsFile" "crystalBinaries" ];
|
||||
mkDerivationArgs = builtins.removeAttrs args [
|
||||
"format"
|
||||
"installManPages"
|
||||
"lockFile"
|
||||
"shardsFile"
|
||||
"crystalBinaries"
|
||||
];
|
||||
|
||||
crystalLib = linkFarm "crystal-lib" (lib.mapAttrsToList (name: value: {
|
||||
inherit name;
|
||||
path = fetchFromGitHub value;
|
||||
}) (import shardsFile));
|
||||
|
||||
defaultOptions = [ "--release" "--progress" "--no-debug" "--verbose" ];
|
||||
# we previously had --no-debug here but that is not recommended by upstream
|
||||
defaultOptions = [ "--release" "--progress" "--verbose" ];
|
||||
|
||||
buildDirectly = shardsFile == null || crystalBinaries != { };
|
||||
in stdenv.mkDerivation (mkDerivationArgs // {
|
||||
|
||||
configurePhase = args.configurePhase or ''
|
||||
runHook preConfigure
|
||||
${lib.optionalString (shardsFile != null) "ln -s ${crystalLib} lib"}
|
||||
runHook postConfigure
|
||||
configurePhase = args.configurePhase or lib.concatStringsSep "\n" ([
|
||||
"runHook preConfigure"
|
||||
] ++ lib.optional (lockFile != null) "ln -s ${lockFile} ./shard.lock"
|
||||
++ lib.optional (shardsFile != null) "ln -s ${crystalLib} lib"
|
||||
++ [ "runHook postConfigure "]);
|
||||
|
||||
CRFLAGS = lib.concatStringsSep " " defaultOptions;
|
||||
|
||||
PREFIX = placeholder "out";
|
||||
|
||||
buildInputs = args.buildInputs or [ ] ++ [ crystal ]
|
||||
++ lib.optional (format != "crystal") shards;
|
||||
|
||||
nativeBuildInputs = args.nativeBuildInputs or [ ] ++ [ git installShellFiles pkgconfig which ];
|
||||
|
||||
buildPhase = args.buildPhase or (lib.concatStringsSep "\n" ([
|
||||
"runHook preBuild"
|
||||
] ++ lib.optional (format == "make")
|
||||
''make ''${buildTargets:-build} $makeFlags''
|
||||
++ lib.optionals (format == "crystal") (lib.mapAttrsToList (bin: attrs: ''
|
||||
crystal ${lib.escapeShellArgs (["build" "-o" bin
|
||||
(attrs.src or (throw "No source file for crystal binary ${bin} provided"))
|
||||
] ++ (attrs.options or defaultOptions))}
|
||||
'') crystalBinaries)
|
||||
++ lib.optional (format == "shards")
|
||||
"shards build --local --production ${lib.concatStringsSep " " defaultOptions}"
|
||||
++ [ "runHook postBuild" ]));
|
||||
|
||||
installPhase = args.installPhase or (lib.concatStringsSep "\n" ([
|
||||
"runHook preInstall"
|
||||
] ++ lib.optional (format == "make")
|
||||
''make ''${installTargets:-install} $installFlags''
|
||||
++ lib.optionals (format == "crystal") (map (bin: ''
|
||||
install -Dm555 ${lib.escapeShellArgs [ bin "${placeholder "out"}/bin/${bin}" ]}
|
||||
'') (lib.attrNames crystalBinaries))
|
||||
++ lib.optional (format == "shards")
|
||||
''install -Dm555 bin/* -t $out/bin''
|
||||
++ [
|
||||
''
|
||||
for f in README* *.md LICENSE; do
|
||||
test -f $f && install -Dm444 $f -t $out/share/doc/${args.pname}
|
||||
done
|
||||
''
|
||||
] ++ (lib.optional installManPages ''
|
||||
if [ -d man ]; then
|
||||
installManPage man/*.?
|
||||
fi
|
||||
'') ++ [
|
||||
"runHook postInstall"
|
||||
]));
|
||||
|
||||
doCheck = args.doCheck or true;
|
||||
|
||||
checkPhase = args.checkPhase or (lib.concatStringsSep "\n" ([
|
||||
"runHook preCheck"
|
||||
] ++ lib.optional (format == "make")
|
||||
''make ''${checkTarget:-test} $checkFlags''
|
||||
++ lib.optional (format != "make")
|
||||
''crystal ''${checkTarget:-spec} $checkFlags''
|
||||
++ [ "runHook postCheck" ]));
|
||||
|
||||
doInstallCheck = args.doInstallCheck or true;
|
||||
|
||||
installCheckPhase = args.installCheckPhase or ''
|
||||
for f in $out/bin/*; do
|
||||
$f --help
|
||||
done
|
||||
'';
|
||||
|
||||
buildInputs = args.buildInputs or [] ++ [ crystal ];
|
||||
|
||||
buildPhase = args.buildPhase or ''
|
||||
runHook preBuild
|
||||
${lib.concatStringsSep "\n" (lib.mapAttrsToList (bin: attrs: ''
|
||||
crystal ${lib.escapeShellArgs ([
|
||||
"build"
|
||||
"-o" bin
|
||||
(attrs.src or (throw "No source file for crystal binary ${bin} provided"))
|
||||
] ++ attrs.options or defaultOptions)}
|
||||
'') crystalBinaries)}
|
||||
runHook postBuild
|
||||
'';
|
||||
|
||||
installPhase = args.installPhase or ''
|
||||
runHook preInstall
|
||||
mkdir -p "$out/bin"
|
||||
${lib.concatMapStringsSep "\n" (bin: ''
|
||||
mv ${lib.escapeShellArgs [ bin "${placeholder "out"}/bin/${bin}" ]}
|
||||
'') (lib.attrNames crystalBinaries)}
|
||||
runHook postInstall
|
||||
'';
|
||||
|
||||
meta = args.meta or {} // {
|
||||
meta = args.meta or { } // {
|
||||
platforms = args.meta.platforms or crystal.meta.platforms;
|
||||
};
|
||||
})
|
||||
|
|
|
@ -1,4 +1,5 @@
|
|||
{ lib, crystal, nix-prefetch-git }:
|
||||
|
||||
crystal.buildCrystalPackage {
|
||||
pname = "crystal2nix";
|
||||
version = "unstable-2018-07-31";
|
||||
|
@ -6,11 +7,16 @@ crystal.buildCrystalPackage {
|
|||
nixPrefetchGit = "${lib.getBin nix-prefetch-git}/bin/nix-prefetch-git";
|
||||
unpackPhase = "substituteAll ${./crystal2nix.cr} crystal2nix.cr";
|
||||
|
||||
format = "crystal";
|
||||
|
||||
crystalBinaries.crystal2nix.src = "crystal2nix.cr";
|
||||
|
||||
# it will blow up without a shard.yml file
|
||||
doInstallCheck = false;
|
||||
|
||||
meta = with lib; {
|
||||
description = "Utility to convert Crystal's shard.lock files to a Nix file";
|
||||
license = licenses.mit;
|
||||
maintainers = [ maintainers.manveru ];
|
||||
maintainers = with maintainers; [ manveru ];
|
||||
};
|
||||
}
|
||||
|
|
|
@ -1,41 +0,0 @@
|
|||
{ stdenv, fetchurl, curl, tzdata, autoPatchelfHook, fixDarwinDylibNames, libxml2
|
||||
, version, hashes }:
|
||||
with stdenv;
|
||||
let
|
||||
OS = if hostPlatform.isDarwin then "osx" else hostPlatform.parsed.kernel.name;
|
||||
ARCH = toString hostPlatform.parsed.cpu.name;
|
||||
in mkDerivation {
|
||||
pname = "ldc-bootstrap";
|
||||
inherit version;
|
||||
|
||||
src = fetchurl rec {
|
||||
name = "ldc2-${version}-${OS}-${ARCH}.tar.xz";
|
||||
url = "https://github.com/ldc-developers/ldc/releases/download/v${version}/${name}";
|
||||
sha256 = hashes."${OS}-${ARCH}" or (throw "missing bootstrap sha256 for ${OS}-${ARCH}");
|
||||
};
|
||||
|
||||
dontConfigure = true;
|
||||
dontBuild = true;
|
||||
|
||||
nativeBuildInputs = [ fixDarwinDylibNames autoPatchelfHook ];
|
||||
|
||||
buildInputs = lib.optionals stdenv.hostPlatform.isLinux [ libxml2 stdenv.cc.cc ];
|
||||
|
||||
propagatedBuildInputs = [ curl tzdata ];
|
||||
|
||||
installPhase = ''
|
||||
mkdir -p $out
|
||||
|
||||
mv bin etc import lib LICENSE README $out/
|
||||
'';
|
||||
|
||||
meta = with lib; {
|
||||
inherit version;
|
||||
description = "The LLVM-based D Compiler";
|
||||
homepage = "https://github.com/ldc-developers/ldc";
|
||||
# from https://github.com/ldc-developers/ldc/blob/master/LICENSE
|
||||
license = with licenses; [ bsd3 boost mit ncsa gpl2Plus ];
|
||||
maintainers = with maintainers; [ ThomasMader lionello ];
|
||||
platforms = [ "x86_64-linux" "x86_64-darwin" "aarch64-linux" ];
|
||||
};
|
||||
}
|
|
@ -1,10 +0,0 @@
|
|||
{ callPackage }:
|
||||
callPackage ./binary.nix {
|
||||
version = "1.19.0";
|
||||
hashes = {
|
||||
# Get these from `nix-prefetch-url https://github.com/ldc-developers/ldc/releases/download/v1.19.0/ldc2-1.19.0-osx-x86_64.tar.xz` etc..
|
||||
osx-x86_64 = "1bp3xkh9zp64dzq8isanib1gacb3nfbl70qv15qygwk1zan6zgy7";
|
||||
linux-x86_64 = "146grr2lwarfk13wgkpyb77xb6b3as1is2rf4s2hipqjmc8biy1h";
|
||||
linux-aarch64 = "1fv6jshfvi15m7masgxq1hgp216qjd5amizrqdf26vhrq3a08li3";
|
||||
};
|
||||
}
|
|
@ -1,5 +1,173 @@
|
|||
import ./generic.nix {
|
||||
version = "1.20.1";
|
||||
ldcSha256 = "1bqsgab22v02pc3c9gcyf15y7aimadv24d68icaw5lpgnvzxy89b";
|
||||
{ stdenv, fetchurl, cmake, ninja, llvm_5, llvm_8, curl, tzdata
|
||||
, libconfig, lit, gdb, unzip, darwin, bash
|
||||
, callPackage, makeWrapper, runCommand, targetPackages
|
||||
, bootstrapVersion ? false
|
||||
, version ? "1.17.0"
|
||||
, ldcSha256 ? "1aag5jfrng6p4ms0fs90hjbv9bcj3hj8h52r68c3cm6racdajbva"
|
||||
}:
|
||||
|
||||
let
|
||||
bootstrapLdc = if !bootstrapVersion then
|
||||
# LDC 0.17.x is the last version which doesn't need a working D compiler to
|
||||
# build so we use that version to bootstrap the actual build.
|
||||
callPackage ./default.nix {
|
||||
bootstrapVersion = true;
|
||||
version = "0.17.6";
|
||||
ldcSha256 = "0qf5kbxddgmg3kqzi0kf4bgv8vdrnv16y07hcpm0cwv9mc3qr2w6";
|
||||
}
|
||||
else
|
||||
"";
|
||||
|
||||
pathConfig = runCommand "ldc-lib-paths" {} ''
|
||||
mkdir $out
|
||||
echo ${tzdata}/share/zoneinfo/ > $out/TZDatabaseDirFile
|
||||
echo ${curl.out}/lib/libcurl${stdenv.hostPlatform.extensions.sharedLibrary} > $out/LibcurlPathFile
|
||||
'';
|
||||
in
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "ldc";
|
||||
inherit version;
|
||||
|
||||
enableParallelBuilding = true;
|
||||
|
||||
src = fetchurl {
|
||||
url = "https://github.com/ldc-developers/ldc/releases/download/v${version}/ldc-${version}-src.tar.gz";
|
||||
sha256 = ldcSha256;
|
||||
};
|
||||
|
||||
# https://issues.dlang.org/show_bug.cgi?id=19553
|
||||
hardeningDisable = [ "fortify" ];
|
||||
|
||||
postUnpack = ''
|
||||
patchShebangs .
|
||||
''
|
||||
|
||||
+ stdenv.lib.optionalString (!bootstrapVersion) ''
|
||||
rm ldc-${version}-src/tests/d2/dmd-testsuite/fail_compilation/mixin_gc.d
|
||||
rm ldc-${version}-src/tests/d2/dmd-testsuite/runnable/xtest46_gc.d
|
||||
rm ldc-${version}-src/tests/d2/dmd-testsuite/runnable/testptrref_gc.d
|
||||
|
||||
# test depends on current year
|
||||
rm ldc-${version}-src/tests/d2/dmd-testsuite/compilable/ddocYear.d
|
||||
''
|
||||
|
||||
+ stdenv.lib.optionalString (!bootstrapVersion && stdenv.hostPlatform.isDarwin) ''
|
||||
# https://github.com/NixOS/nixpkgs/issues/34817
|
||||
rm -r ldc-${version}-src/tests/plugins/addFuncEntryCall
|
||||
'';
|
||||
|
||||
postPatch = ''
|
||||
# Setting SHELL=$SHELL when dmd testsuite is run doesn't work on Linux somehow
|
||||
substituteInPlace tests/d2/dmd-testsuite/Makefile --replace "SHELL=/bin/bash" "SHELL=${bash}/bin/bash"
|
||||
''
|
||||
|
||||
+ stdenv.lib.optionalString (!bootstrapVersion && stdenv.hostPlatform.isLinux) ''
|
||||
substituteInPlace runtime/phobos/std/socket.d --replace "assert(ih.addrList[0] == 0x7F_00_00_01);" ""
|
||||
''
|
||||
|
||||
+ stdenv.lib.optionalString (!bootstrapVersion && stdenv.hostPlatform.isDarwin) ''
|
||||
substituteInPlace runtime/phobos/std/socket.d --replace "foreach (name; names)" "names = []; foreach (name; names)"
|
||||
''
|
||||
|
||||
+ stdenv.lib.optionalString (bootstrapVersion && stdenv.hostPlatform.isDarwin) ''
|
||||
# Was not able to compile on darwin due to "__inline_isnanl"
|
||||
# being undefined.
|
||||
# TODO Remove with version > 0.17.6
|
||||
substituteInPlace dmd2/root/port.c --replace __inline_isnanl __inline_isnan
|
||||
'';
|
||||
|
||||
nativeBuildInputs = [ cmake ninja makeWrapper unzip ]
|
||||
++ stdenv.lib.optionals (!bootstrapVersion) [
|
||||
bootstrapLdc lit lit.python
|
||||
]
|
||||
++ stdenv.lib.optional (!bootstrapVersion && stdenv.hostPlatform.isDarwin)
|
||||
# https://github.com/NixOS/nixpkgs/issues/57120
|
||||
# https://github.com/NixOS/nixpkgs/pull/59197#issuecomment-481972515
|
||||
llvm_5
|
||||
++ stdenv.lib.optional (!bootstrapVersion && !stdenv.hostPlatform.isDarwin)
|
||||
llvm_8
|
||||
++ stdenv.lib.optional (!bootstrapVersion && !stdenv.hostPlatform.isDarwin)
|
||||
# https://github.com/NixOS/nixpkgs/pull/36378#issuecomment-385034818
|
||||
gdb
|
||||
++ stdenv.lib.optionals (bootstrapVersion) [
|
||||
libconfig llvm_5
|
||||
]
|
||||
++ stdenv.lib.optional stdenv.hostPlatform.isDarwin
|
||||
darwin.apple_sdk.frameworks.Foundation;
|
||||
|
||||
|
||||
buildInputs = [ curl tzdata ];
|
||||
|
||||
cmakeFlags = stdenv.lib.optionals (!bootstrapVersion) [
|
||||
"-DD_FLAGS=-d-version=TZDatabaseDir;-d-version=LibcurlPath;-J${pathConfig}"
|
||||
"-DCMAKE_BUILD_TYPE=Release"
|
||||
];
|
||||
|
||||
postConfigure = ''
|
||||
export DMD=$PWD/bin/ldmd2
|
||||
'';
|
||||
|
||||
makeFlags = [ "DMD=$DMD" ];
|
||||
|
||||
fixNames = stdenv.lib.optionalString stdenv.hostPlatform.isDarwin ''
|
||||
fixDarwinDylibNames() {
|
||||
local flags=()
|
||||
|
||||
for fn in "$@"; do
|
||||
flags+=(-change "$(basename "$fn")" "$fn")
|
||||
done
|
||||
|
||||
for fn in "$@"; do
|
||||
if [ -L "$fn" ]; then continue; fi
|
||||
echo "$fn: fixing dylib"
|
||||
install_name_tool -id "$fn" "''${flags[@]}" "$fn"
|
||||
done
|
||||
}
|
||||
|
||||
fixDarwinDylibNames $(find "$(pwd)/lib" -name "*.dylib")
|
||||
export DYLD_LIBRARY_PATH=$(pwd)/lib
|
||||
'';
|
||||
|
||||
# https://github.com/ldc-developers/ldc/issues/2497#issuecomment-459633746
|
||||
additionalExceptions = stdenv.lib.optionalString stdenv.hostPlatform.isDarwin
|
||||
"|druntime-test-shared";
|
||||
|
||||
doCheck = !bootstrapVersion;
|
||||
|
||||
checkPhase = stdenv.lib.optionalString doCheck ''
|
||||
# Build default lib test runners
|
||||
ninja -j$NIX_BUILD_CORES all-test-runners
|
||||
|
||||
${fixNames}
|
||||
|
||||
# Run dmd testsuite
|
||||
export DMD_TESTSUITE_MAKE_ARGS="-j$NIX_BUILD_CORES DMD=$DMD CC=$CXX"
|
||||
ctest -V -R "dmd-testsuite"
|
||||
|
||||
# Build and run LDC D unittests.
|
||||
ctest --output-on-failure -R "ldc2-unittest"
|
||||
|
||||
# Run LIT testsuite.
|
||||
ctest -V -R "lit-tests"
|
||||
|
||||
# Run default lib unittests
|
||||
ctest -j$NIX_BUILD_CORES --output-on-failure -E "ldc2-unittest|lit-tests|dmd-testsuite${additionalExceptions}"
|
||||
'';
|
||||
|
||||
postInstall = ''
|
||||
wrapProgram $out/bin/ldc2 \
|
||||
--prefix PATH ":" "${targetPackages.stdenv.cc}/bin" \
|
||||
--set-default CC "${targetPackages.stdenv.cc}/bin/cc"
|
||||
'';
|
||||
|
||||
meta = with stdenv.lib; {
|
||||
description = "The LLVM-based D compiler";
|
||||
homepage = "https://github.com/ldc-developers/ldc";
|
||||
# from https://github.com/ldc-developers/ldc/blob/master/LICENSE
|
||||
license = with licenses; [ bsd3 boost mit ncsa gpl2Plus ];
|
||||
maintainers = with maintainers; [ ThomasMader ];
|
||||
platforms = [ "x86_64-linux" "i686-linux" "x86_64-darwin" ];
|
||||
};
|
||||
}
|
||||
|
||||
|
|
|
@ -1,143 +0,0 @@
|
|||
{ version, ldcSha256 }:
|
||||
{ stdenv, fetchurl, cmake, ninja, llvm_5, llvm_8, curl, tzdata
|
||||
, libconfig, lit, gdb, unzip, darwin, bash
|
||||
, callPackage, makeWrapper, runCommand, targetPackages
|
||||
, ldcBootstrap ? callPackage ./bootstrap.nix { }
|
||||
}:
|
||||
|
||||
let
|
||||
pathConfig = runCommand "ldc-lib-paths" {} ''
|
||||
mkdir $out
|
||||
echo ${tzdata}/share/zoneinfo/ > $out/TZDatabaseDirFile
|
||||
echo ${curl.out}/lib/libcurl${stdenv.hostPlatform.extensions.sharedLibrary} > $out/LibcurlPathFile
|
||||
'';
|
||||
|
||||
in
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "ldc";
|
||||
inherit version;
|
||||
|
||||
enableParallelBuilding = true;
|
||||
|
||||
src = fetchurl {
|
||||
url = "https://github.com/ldc-developers/ldc/releases/download/v${version}/ldc-${version}-src.tar.gz";
|
||||
sha256 = ldcSha256;
|
||||
};
|
||||
|
||||
# https://issues.dlang.org/show_bug.cgi?id=19553
|
||||
hardeningDisable = [ "fortify" ];
|
||||
|
||||
postUnpack = ''
|
||||
patchShebangs .
|
||||
''
|
||||
+ ''
|
||||
rm ldc-${version}-src/tests/d2/dmd-testsuite/fail_compilation/mixin_gc.d
|
||||
rm ldc-${version}-src/tests/d2/dmd-testsuite/runnable/xtest46_gc.d
|
||||
rm ldc-${version}-src/tests/d2/dmd-testsuite/runnable/testptrref_gc.d
|
||||
|
||||
# test depends on current year
|
||||
rm ldc-${version}-src/tests/d2/dmd-testsuite/compilable/ddocYear.d
|
||||
''
|
||||
+ stdenv.lib.optionalString stdenv.hostPlatform.isDarwin ''
|
||||
# https://github.com/NixOS/nixpkgs/issues/34817
|
||||
rm -r ldc-${version}-src/tests/plugins/addFuncEntryCall
|
||||
'';
|
||||
|
||||
postPatch = ''
|
||||
# Setting SHELL=$SHELL when dmd testsuite is run doesn't work on Linux somehow
|
||||
substituteInPlace tests/d2/dmd-testsuite/Makefile --replace "SHELL=/bin/bash" "SHELL=${bash}/bin/bash"
|
||||
''
|
||||
+ stdenv.lib.optionalString stdenv.hostPlatform.isLinux ''
|
||||
substituteInPlace runtime/phobos/std/socket.d --replace "assert(ih.addrList[0] == 0x7F_00_00_01);" ""
|
||||
''
|
||||
+ stdenv.lib.optionalString stdenv.hostPlatform.isDarwin ''
|
||||
substituteInPlace runtime/phobos/std/socket.d --replace "foreach (name; names)" "names = []; foreach (name; names)"
|
||||
'';
|
||||
|
||||
nativeBuildInputs = [
|
||||
cmake ninja makeWrapper unzip ldcBootstrap lit lit.python
|
||||
]
|
||||
++ stdenv.lib.optionals stdenv.hostPlatform.isDarwin [
|
||||
darwin.apple_sdk.frameworks.Foundation
|
||||
# https://github.com/NixOS/nixpkgs/issues/57120
|
||||
# https://github.com/NixOS/nixpkgs/pull/59197#issuecomment-481972515
|
||||
llvm_5
|
||||
]
|
||||
++ stdenv.lib.optionals (!stdenv.hostPlatform.isDarwin) [
|
||||
llvm_8
|
||||
# https://github.com/NixOS/nixpkgs/pull/36378#issuecomment-385034818
|
||||
gdb
|
||||
];
|
||||
|
||||
buildInputs = [ curl tzdata ];
|
||||
|
||||
cmakeFlags = [
|
||||
"-DD_FLAGS=-d-version=TZDatabaseDir;-d-version=LibcurlPath;-J${pathConfig}"
|
||||
"-DCMAKE_BUILD_TYPE=Release"
|
||||
];
|
||||
|
||||
postConfigure = ''
|
||||
export DMD=$PWD/bin/ldmd2
|
||||
'';
|
||||
|
||||
makeFlags = [ "DMD=$DMD" ];
|
||||
|
||||
fixNames = stdenv.lib.optionalString stdenv.hostPlatform.isDarwin ''
|
||||
fixDarwinDylibNames() {
|
||||
local flags=()
|
||||
|
||||
for fn in "$@"; do
|
||||
flags+=(-change "$(basename "$fn")" "$fn")
|
||||
done
|
||||
|
||||
for fn in "$@"; do
|
||||
if [ -L "$fn" ]; then continue; fi
|
||||
echo "$fn: fixing dylib"
|
||||
install_name_tool -id "$fn" "''${flags[@]}" "$fn"
|
||||
done
|
||||
}
|
||||
|
||||
fixDarwinDylibNames $(find "$(pwd)/lib" -name "*.dylib")
|
||||
export DYLD_LIBRARY_PATH=$(pwd)/lib
|
||||
'';
|
||||
|
||||
# https://github.com/ldc-developers/ldc/issues/2497#issuecomment-459633746
|
||||
additionalExceptions = stdenv.lib.optionalString stdenv.hostPlatform.isDarwin
|
||||
"|druntime-test-shared";
|
||||
|
||||
checkPhase = ''
|
||||
# Build default lib test runners
|
||||
ninja -j$NIX_BUILD_CORES all-test-runners
|
||||
|
||||
${fixNames}
|
||||
|
||||
# Run dmd testsuite
|
||||
export DMD_TESTSUITE_MAKE_ARGS="-j$NIX_BUILD_CORES DMD=$DMD"
|
||||
ctest -V -R "dmd-testsuite"
|
||||
|
||||
# Build and run LDC D unittests.
|
||||
ctest --output-on-failure -R "ldc2-unittest"
|
||||
|
||||
# Run LIT testsuite.
|
||||
ctest -V -R "lit-tests"
|
||||
|
||||
# Run default lib unittests
|
||||
ctest -j$NIX_BUILD_CORES --output-on-failure -E "ldc2-unittest|lit-tests|dmd-testsuite${additionalExceptions}"
|
||||
'';
|
||||
|
||||
postInstall = ''
|
||||
wrapProgram $out/bin/ldc2 \
|
||||
--prefix PATH ":" "${targetPackages.stdenv.cc}/bin" \
|
||||
--set-default CC "${targetPackages.stdenv.cc}/bin/cc"
|
||||
'';
|
||||
|
||||
meta = with stdenv.lib; {
|
||||
description = "The LLVM-based D compiler";
|
||||
homepage = "https://github.com/ldc-developers/ldc";
|
||||
# from https://github.com/ldc-developers/ldc/blob/master/LICENSE
|
||||
license = with licenses; [ bsd3 boost mit ncsa gpl2Plus ];
|
||||
maintainers = with maintainers; [ ThomasMader lionello ];
|
||||
platforms = [ "x86_64-linux" "i686-linux" "x86_64-darwin" ];
|
||||
};
|
||||
}
|
|
@ -1,27 +1,36 @@
|
|||
{ lib, fetchFromGitHub, crystal, zlib, openssl, duktape, which, libyaml }:
|
||||
crystal.buildCrystalPackage rec {
|
||||
version = "0.7.1";
|
||||
{ lib, fetchFromGitHub, crystal_0_33, openssl }:
|
||||
|
||||
let crystal = crystal_0_33;
|
||||
in crystal.buildCrystalPackage rec {
|
||||
version = "0.9.0";
|
||||
pname = "mint";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "mint-lang";
|
||||
repo = "mint";
|
||||
rev = version;
|
||||
sha256 = "18cg96kl4dn89bj6fm3080zzyd1r7rsfi17agdjjayd2v9fgs95l";
|
||||
sha256 = "0y1qr616x7s0pjgih6s1n4wiwb8kn8l1knnzmib6j4jmqax0jhz0";
|
||||
};
|
||||
|
||||
buildInputs = [ openssl ];
|
||||
postPatch = ''
|
||||
export HOME=$TMP
|
||||
'';
|
||||
|
||||
format = "shards";
|
||||
|
||||
# Update with
|
||||
# nix-shell -p crystal2nix --run crystal2nix
|
||||
# with mint's shard.lock file in the current directory
|
||||
shardsFile = ./shards.nix;
|
||||
crystalBinaries.mint.src = "src/mint.cr";
|
||||
|
||||
meta = {
|
||||
buildInputs = [ openssl ];
|
||||
|
||||
meta = with lib; {
|
||||
description = "A refreshing language for the front-end web";
|
||||
homepage = "https://mint-lang.com/";
|
||||
license = lib.licenses.bsd3;
|
||||
maintainers = with lib.maintainers; [ manveru ];
|
||||
license = licenses.bsd3;
|
||||
maintainers = with maintainers; [ manveru ];
|
||||
platforms = [ "x86_64-linux" "i686-linux" "x86_64-darwin" ];
|
||||
broken = lib.versionOlder crystal.version "0.33";
|
||||
};
|
||||
}
|
||||
|
|
|
@ -2,26 +2,26 @@
|
|||
admiral = {
|
||||
owner = "jwaldrip";
|
||||
repo = "admiral.cr";
|
||||
rev = "v1.7.3";
|
||||
sha256 = "0b98qjy43wsrc08am7lkhcdsxc7gplf9hcmbvd4p3dw4g107rk91";
|
||||
rev = "v1.9.0";
|
||||
sha256 = "0y8gsh1qz42bc9jawcrn0i49mzzfvf8znmivd8lybapf0f53fblz";
|
||||
};
|
||||
ameba = {
|
||||
owner = "veelenga";
|
||||
owner = "crystal-ameba";
|
||||
repo = "ameba";
|
||||
rev = "v0.10.1";
|
||||
sha256 = "0dcw7px7g0c5pxpdlirhirqzhcc7gdwdfiwb9kgm4x1k74ghjgxq";
|
||||
rev = "v0.12.0";
|
||||
sha256 = "0g68yijbm2j4ig536fwq49d1z7x2iv9kp4g3gjklf5zn1sbqhm12";
|
||||
};
|
||||
baked_file_system = {
|
||||
owner = "schovi";
|
||||
repo = "baked_file_system";
|
||||
rev = "v0.9.7";
|
||||
sha256 = "1fi6zag1a6h4xwrfizy01dls3hhraqw0cmpwj7rjv1qcddjgig5z";
|
||||
rev = "v0.9.8";
|
||||
sha256 = "12l375jllg1lxvfh610dz0a39p803xw6q9fxlmnc6hy55i0gm0y3";
|
||||
};
|
||||
diff = {
|
||||
owner = "MakeNowJust";
|
||||
repo = "crystal-diff";
|
||||
rev = "51962dc36f9bbb1b926d557f7cb8993a6c73cc63";
|
||||
sha256 = "1nwnsxm8srfw8jg0yfi2v19x6j3dadx62hq0xpxra40qcqz9dbnp";
|
||||
rev = "v1.1.0";
|
||||
sha256 = "1q5q2d5mp1r8c6k5v4755sb3b6awiz85d1j280djzhbd0pggk3z7";
|
||||
};
|
||||
dotenv = {
|
||||
owner = "gdotdesign";
|
||||
|
@ -32,14 +32,14 @@
|
|||
exception_page = {
|
||||
owner = "crystal-loot";
|
||||
repo = "exception_page";
|
||||
rev = "v0.1.2";
|
||||
sha256 = "0j5ishhyriq9p339yaawrmawl9wgmp1paniq30a8d6a0568h3avq";
|
||||
rev = "v0.1.4";
|
||||
sha256 = "0bsp2m89sl0bg9d5szbs1nxyk7yk58rkk24aibr39hhb5zi70pqi";
|
||||
};
|
||||
kemal = {
|
||||
owner = "kemalcr";
|
||||
repo = "kemal";
|
||||
rev = "v0.25.1";
|
||||
sha256 = "1334i905xj6vlmp8acyybwwlaxsgmf90b59da7brzpnf28wci782";
|
||||
rev = "v0.26.1";
|
||||
sha256 = "169pwkjmk7x6j8i0rf5rpyk1y0hl7jaf9h6yrq4ha2ag9yq9i8fr";
|
||||
};
|
||||
kilt = {
|
||||
owner = "jeromegn";
|
||||
|
|
|
@ -23,7 +23,7 @@
|
|||
, pngquant
|
||||
}:
|
||||
stdenv.mkDerivation rec {
|
||||
name = "appstream-glib-0.7.16";
|
||||
name = "appstream-glib-0.7.17";
|
||||
|
||||
outputs = [ "out" "dev" "man" "installedTests" ];
|
||||
outputBin = "dev";
|
||||
|
@ -32,7 +32,7 @@ stdenv.mkDerivation rec {
|
|||
owner = "hughsie";
|
||||
repo = "appstream-glib";
|
||||
rev = stdenv.lib.replaceStrings [ "." "-" ] [ "_" "_" ] name;
|
||||
sha256 = "05x2pmsq18fcpgfvx0y54qdlryy5c9k3sxk6kgank8frkzhgnm9r";
|
||||
sha256 = "06pm8l58y0ladimyckbvlslr5bjj9rwb70rgjmn09l41pdpipy2i";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [
|
||||
|
|
4
pkgs/development/libraries/icu/65.nix
Normal file
4
pkgs/development/libraries/icu/65.nix
Normal file
|
@ -0,0 +1,4 @@
|
|||
import ./base.nix {
|
||||
version = "65.1";
|
||||
sha256 = "0j6r6qqnhfr5iqkx53k63ifkm93kv1kkb7h2mlgd1mnnndk79qsk";
|
||||
}
|
4
pkgs/development/libraries/icu/66.nix
Normal file
4
pkgs/development/libraries/icu/66.nix
Normal file
|
@ -0,0 +1,4 @@
|
|||
import ./base.nix {
|
||||
version = "66.1";
|
||||
sha256 = "0bharwzc9nzkbrcf405z2nb3h7q0711z450arz0mjmdrk8hg58sj";
|
||||
}
|
|
@ -9,8 +9,7 @@ let
|
|||
|
||||
baseAttrs = {
|
||||
src = fetchurl {
|
||||
url = "http://download.icu-project.org/files/${pname}/${version}/${pname}-"
|
||||
+ (stdenv.lib.replaceChars ["."] ["_"] version) + "-src.tgz";
|
||||
url = "https://github.com/unicode-org/icu/releases/download/release-${lib.replaceChars [ "." ] [ "-" ] version}/icu4c-${lib.replaceChars [ "." ] [ "_" ] version}-src.tgz";
|
||||
inherit sha256;
|
||||
};
|
||||
|
||||
|
|
|
@ -1,21 +1,39 @@
|
|||
{ stdenv, fetchFromGitHub, cmake, pkgconfig, pugixml, wayland, libGL, libffi, buildPackages }:
|
||||
{ stdenv
|
||||
, fetchFromGitHub
|
||||
, cmake
|
||||
, pkgconfig
|
||||
, pugixml
|
||||
, wayland
|
||||
, libGL
|
||||
, libffi
|
||||
, buildPackages
|
||||
, docSupport ? true
|
||||
, doxygen ? null
|
||||
}:
|
||||
|
||||
assert docSupport -> doxygen != null;
|
||||
|
||||
with stdenv.lib;
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "waylandpp";
|
||||
version = "0.2.5";
|
||||
version = "0.2.7";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "NilsBrause";
|
||||
repo = pname;
|
||||
rev = version;
|
||||
sha256 = "16h57hzd688664qcyznzhjp3hxipdkzgv46x82yhkww24av8b55n";
|
||||
sha256 = "1r4m0xhvwpcqxrqvp3hz1bzlkxqj2jiymd5r6hj8xjzz536hyprz";
|
||||
};
|
||||
|
||||
cmakeFlags = stdenv.lib.optional (stdenv.hostPlatform != stdenv.buildPlatform) "-DWAYLAND_SCANNERPP=${buildPackages.waylandpp}/bin/wayland-scanner++";
|
||||
|
||||
nativeBuildInputs = [ cmake pkgconfig ];
|
||||
nativeBuildInputs = [ cmake pkgconfig ] ++ optional docSupport doxygen;
|
||||
buildInputs = [ pugixml wayland libGL libffi ];
|
||||
|
||||
outputs = [ "bin" "dev" "lib" "out" ] ++ optionals docSupport [ "doc" "devman" ];
|
||||
|
||||
cmakeFlags = [ "-DCMAKE_INSTALL_DATADIR=${placeholder "dev"}" ];
|
||||
|
||||
meta = with stdenv.lib; {
|
||||
description = "Wayland C++ binding";
|
||||
homepage = "https://github.com/NilsBrause/waylandpp/";
|
||||
|
|
|
@ -7,7 +7,7 @@
|
|||
|
||||
buildPythonPackage rec {
|
||||
pname = "dotnetcore2";
|
||||
version = "2.1.11";
|
||||
version = "2.1.13";
|
||||
format = "wheel";
|
||||
disabled = isPy27;
|
||||
|
||||
|
@ -15,7 +15,7 @@ buildPythonPackage rec {
|
|||
inherit pname version format;
|
||||
python = "py3";
|
||||
platform = "manylinux1_x86_64";
|
||||
sha256 = "0qhp94bjz4icz2f0fnhgck875chiqzy4lvsp6lwhj5jd0zsv2bb3";
|
||||
sha256 = "1fbg3pn7g0a6pg0gb5vaapcc3cdp6wfnliim57fn3cnzmx5d8p6i";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ unzip ];
|
||||
|
@ -35,13 +35,9 @@ buildPythonPackage rec {
|
|||
)
|
||||
];
|
||||
|
||||
# unfortunately the noraml pip install fails because the manylinux1 format check fails with NixOS
|
||||
installPhase = ''
|
||||
mkdir -p $out/${python.sitePackages}/${pname}
|
||||
# copy metadata
|
||||
cp -r dotnetcore2-2* $out/${python.sitePackages}
|
||||
# copy non-dotnetcore related files
|
||||
cp -r dotnetcore2/{__init__.py,runtime.py} $out/${python.sitePackages}/${pname}
|
||||
# prevent exposing a broken dotnet executable
|
||||
postInstall = ''
|
||||
rm -r $out/${python.sitePackages}/${pname}/bin
|
||||
'';
|
||||
|
||||
# no tests, ensure it's one useful function works
|
||||
|
|
|
@ -12,6 +12,9 @@ buildPythonPackage rec {
|
|||
sha256 = "089a95s6g9izsy1fzpz48p6pz0wpngcbbrvsillm1n53492gfhjg";
|
||||
};
|
||||
|
||||
# Required for a breaking change in google-api-python-client 1.8.1:
|
||||
patches = [ ./fix-build.patch ];
|
||||
|
||||
propagatedBuildInputs = [
|
||||
google_api_python_client simplejson oauth2client setuptools
|
||||
];
|
||||
|
|
32
pkgs/development/python-modules/goobook/fix-build.patch
Normal file
32
pkgs/development/python-modules/goobook/fix-build.patch
Normal file
|
@ -0,0 +1,32 @@
|
|||
From 8de09b82c5ac900317043e1c1025f431516b6788 Mon Sep 17 00:00:00 2001
|
||||
From: Michael Weiss <dev.primeos@gmail.com>
|
||||
Date: Tue, 21 Apr 2020 21:41:04 +0200
|
||||
Subject: [PATCH] Switch from the alias apiclient to googleapiclient
|
||||
|
||||
This fixes the package after a breaking change / bug in
|
||||
google-api-python-client 1.8.1 (see [0] and a lot of duplicate issues).
|
||||
|
||||
The module apiclient is just an alias for googleapiclient [1].
|
||||
|
||||
[0]: https://github.com/googleapis/google-api-python-client/issues/870
|
||||
[1]: https://github.com/googleapis/google-api-python-client/blob/v1.8.1/apiclient/__init__.py
|
||||
---
|
||||
goobook/goobook.py | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/goobook/goobook.py b/goobook/goobook.py
|
||||
index 5bcb0b3..a2e25e9 100755
|
||||
--- a/goobook/goobook.py
|
||||
+++ b/goobook/goobook.py
|
||||
@@ -31,7 +31,7 @@ import sys
|
||||
import time
|
||||
|
||||
import httplib2
|
||||
-from apiclient.discovery import build
|
||||
+from googleapiclient.discovery import build
|
||||
|
||||
from goobook.storage import Storage, storageify, unstorageify
|
||||
|
||||
--
|
||||
2.26.1
|
||||
|
|
@ -4,11 +4,11 @@
|
|||
|
||||
buildPythonPackage rec {
|
||||
pname = "google-api-python-client";
|
||||
version = "1.8.0";
|
||||
version = "1.8.2";
|
||||
|
||||
src = fetchPypi {
|
||||
inherit pname version;
|
||||
sha256 = "003rgr15r9j080f3n5y2x6ymxsfv652m3r7j83p7sbrd9shl4nqg";
|
||||
sha256 = "09g7v6yrf8p0kgmjnzy9d0fx9p1zngk2pmprf0bx19j1zc9jqj5z";
|
||||
};
|
||||
|
||||
# No tests included in archive
|
||||
|
|
|
@ -20,13 +20,13 @@
|
|||
|
||||
buildPythonPackage rec {
|
||||
pname = "nio";
|
||||
version = "0.9.0";
|
||||
version = "0.10.0";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "poljar";
|
||||
repo = "matrix-nio";
|
||||
rev = version;
|
||||
sha256 = "0gqhk9d06w1in6dj7aqy45skzyg8018nmclqd5r0m5nnw8yns6gz";
|
||||
sha256 = "04ryf9lrm0820hqij46hav6mgplabnyl9dfj46iwvxasn06fh2j8";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [
|
||||
|
@ -56,6 +56,6 @@ buildPythonPackage rec {
|
|||
description = "A Python Matrix client library, designed according to sans I/O principles";
|
||||
homepage = "https://github.com/poljar/matrix-nio";
|
||||
license = licenses.isc;
|
||||
maintainers = with maintainers; [ tilpner emily ];
|
||||
maintainers = with maintainers; [ tilpner emily symphorien ];
|
||||
};
|
||||
}
|
||||
|
|
31
pkgs/development/python-modules/pulsectl/default.nix
Normal file
31
pkgs/development/python-modules/pulsectl/default.nix
Normal file
|
@ -0,0 +1,31 @@
|
|||
{ lib, buildPythonPackage, fetchPypi, libpulseaudio, glibc, substituteAll, stdenv, pulseaudio, python }:
|
||||
|
||||
buildPythonPackage rec {
|
||||
pname = "pulsectl";
|
||||
version = "20.4.3";
|
||||
|
||||
src = fetchPypi {
|
||||
inherit pname version;
|
||||
sha256 = "1m5fz740r4rk2i8qsnblsn16hai7givqxbx21swhpflan1yzvzzm";
|
||||
};
|
||||
|
||||
patches = [
|
||||
(substituteAll {
|
||||
src = ./library-paths.patch;
|
||||
libpulse = "${libpulseaudio.out}/lib/libpulse${stdenv.hostPlatform.extensions.sharedLibrary}";
|
||||
librt = "${glibc.out}/lib/librt${stdenv.hostPlatform.extensions.sharedLibrary}";
|
||||
})
|
||||
];
|
||||
|
||||
checkInputs = [ pulseaudio ];
|
||||
checkPhase = ''
|
||||
${python.interpreter} -m unittest pulsectl.tests.all
|
||||
'';
|
||||
|
||||
meta = with lib; {
|
||||
description = "Python high-level interface and ctypes-based bindings for PulseAudio (libpulse)";
|
||||
homepage = "https://pypi.python.org/pypi/pulsectl/";
|
||||
license = licenses.mit;
|
||||
maintainers = with maintainers; [ hexa ];
|
||||
};
|
||||
}
|
22
pkgs/development/python-modules/pulsectl/library-paths.patch
Normal file
22
pkgs/development/python-modules/pulsectl/library-paths.patch
Normal file
|
@ -0,0 +1,22 @@
|
|||
diff --git a/pulsectl/_pulsectl.py b/pulsectl/_pulsectl.py
|
||||
index 4422ddf..3fb2f39 100644
|
||||
--- a/pulsectl/_pulsectl.py
|
||||
+++ b/pulsectl/_pulsectl.py
|
||||
@@ -31,7 +31,7 @@ else:
|
||||
if not hasattr(mono_time, 'ts'):
|
||||
class timespec(Structure):
|
||||
_fields_ = [('tv_sec', c_long), ('tv_nsec', c_long)]
|
||||
- librt = CDLL('librt.so.1', use_errno=True)
|
||||
+ librt = CDLL('@librt@', use_errno=True)
|
||||
mono_time.get = librt.clock_gettime
|
||||
mono_time.get.argtypes = [c_int, POINTER(timespec)]
|
||||
mono_time.ts = timespec
|
||||
@@ -625,7 +625,7 @@ class LibPulse(object):
|
||||
|
||||
|
||||
def __init__(self):
|
||||
- p = CDLL(ctypes.util.find_library('libpulse') or 'libpulse.so.0')
|
||||
+ p = CDLL('@libpulse@')
|
||||
|
||||
self.funcs = dict()
|
||||
for k, spec in self.func_defs.items():
|
|
@ -1,30 +1,28 @@
|
|||
{ lib
|
||||
, buildPythonPackage
|
||||
, fetchFromGitHub
|
||||
, pytest
|
||||
, pytestCheckHook
|
||||
}:
|
||||
|
||||
buildPythonPackage rec {
|
||||
pname = "pylatexenc";
|
||||
version = "2.1";
|
||||
version = "2.2";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "phfaist";
|
||||
repo = pname;
|
||||
repo = "pylatexenc";
|
||||
rev = "v${version}";
|
||||
sha256 = "0wnl00y5dl56aw9j4y21kqapraaravbycwfxdmjsbgl11nk4llx9";
|
||||
sha256 = "0icwd7iipz3sv4jdh9iam7h4xslvdqg16rwsmczrna3mmjbwccdk";
|
||||
};
|
||||
|
||||
pythonImportsCheck = [ "pylatexenc" ];
|
||||
checkInputs = [ pytest ];
|
||||
checkPhase = ''
|
||||
pytest
|
||||
'';
|
||||
dontUseSetuptoolsCheck = true;
|
||||
checkInputs = [ pytestCheckHook ];
|
||||
|
||||
meta = with lib; {
|
||||
description = "Simple LaTeX parser providing latex-to-unicode and unicode-to-latex conversion";
|
||||
homepage = "https://pylatexenc.readthedocs.io";
|
||||
downloadPage = "https;//www.github.com/phfaist/pylatexenc";
|
||||
downloadPage = "https://www.github.com/phfaist/pylatexenc/releases";
|
||||
license = licenses.mit;
|
||||
maintainers = with maintainers; [ drewrisinger ];
|
||||
};
|
||||
|
|
21
pkgs/development/python-modules/pyroma/default.nix
Normal file
21
pkgs/development/python-modules/pyroma/default.nix
Normal file
|
@ -0,0 +1,21 @@
|
|||
{ stdenv, buildPythonPackage, fetchPypi
|
||||
, docutils, pygments, setuptools
|
||||
}:
|
||||
|
||||
buildPythonPackage rec {
|
||||
pname = "pyroma";
|
||||
version = "2.6";
|
||||
|
||||
src = fetchPypi {
|
||||
inherit pname version;
|
||||
sha256 = "00j1j81kiipi5yppmk385cbfccf2ih0xyapl7pw6nqhrf8vh1764";
|
||||
};
|
||||
|
||||
propagatedBuildInputs = [ docutils pygments setuptools ];
|
||||
|
||||
meta = with stdenv.lib; {
|
||||
description = "Test your project's packaging friendliness";
|
||||
homepage = "https://github.com/regebro/pyroma";
|
||||
license = licenses.mit;
|
||||
};
|
||||
}
|
|
@ -6,11 +6,6 @@ buildPythonPackage rec {
|
|||
version = "4.6.8";
|
||||
pname = "pytest";
|
||||
|
||||
preCheck = ''
|
||||
# don't test bash builtins
|
||||
rm testing/test_argcomplete.py
|
||||
'';
|
||||
|
||||
src = fetchPypi {
|
||||
inherit pname version;
|
||||
sha256 = "6192875be8af57b694b7c4904e909680102befcb99e610ef3d9f786952f795aa";
|
||||
|
@ -25,7 +20,14 @@ buildPythonPackage rec {
|
|||
doCheck = !isPyPy; # https://github.com/pytest-dev/pytest/issues/3460
|
||||
checkPhase = ''
|
||||
runHook preCheck
|
||||
$out/bin/py.test -x testing/ -k "not test_collect_pyargs_with_testpaths"
|
||||
|
||||
# don't test bash builtins
|
||||
rm testing/test_argcomplete.py
|
||||
|
||||
# determinism - this test writes non deterministic bytecode
|
||||
rm -rf testing/test_assertrewrite.py
|
||||
|
||||
PYTHONDONTWRITEBYTECODE=1 $out/bin/py.test -x testing/ -k "not test_collect_pyargs_with_testpaths"
|
||||
runHook postCheck
|
||||
'';
|
||||
|
||||
|
|
24
pkgs/development/python-modules/simpleaudio/default.nix
Normal file
24
pkgs/development/python-modules/simpleaudio/default.nix
Normal file
|
@ -0,0 +1,24 @@
|
|||
{ alsaLib, buildPythonPackage, fetchFromGitHub, isPy27, lib }:
|
||||
|
||||
buildPythonPackage rec {
|
||||
pname = "simpleaudio";
|
||||
version = "1.0.4";
|
||||
disabled = isPy27;
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "hamiltron";
|
||||
repo = "py-simple-audio";
|
||||
rev = version;
|
||||
sha256 = "12nypzb1m14yip4zrbzin5jc5awyp1d5md5y40g5anj4phb4hx1i";
|
||||
};
|
||||
|
||||
buildInputs = [ alsaLib ];
|
||||
|
||||
meta = with lib; {
|
||||
homepage = "https://github.com/hamiltron/py-simple-audio";
|
||||
description =
|
||||
"A simple audio playback Python extension - cross-platform, asynchronous, dependency-free";
|
||||
license = licenses.mit;
|
||||
maintainers = with maintainers; [ lucus16 ];
|
||||
};
|
||||
}
|
|
@ -1,38 +1,16 @@
|
|||
{ stdenv, lib, fetchFromGitHub, crystal, shards }:
|
||||
{ stdenv, lib, fetchFromGitHub, crystal }:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
crystal.buildCrystalPackage rec {
|
||||
pname = "ameba";
|
||||
version = "0.12.0";
|
||||
version = "0.12.1";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "crystal-ameba";
|
||||
repo = "ameba";
|
||||
rev = "v${version}";
|
||||
sha256 = "0g68yijbm2j4ig536fwq49d1z7x2iv9kp4g3gjklf5zn1sbqhm12";
|
||||
owner = "crystal-ameba";
|
||||
repo = "ameba";
|
||||
rev = "v${version}";
|
||||
sha256 = "0c2j2qki0czkpsqxv75qg95pk9f0w4rqa5ln07rs4bj9dk2lrr3l";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ crystal shards ];
|
||||
|
||||
buildPhase = ''
|
||||
runHook preBuild
|
||||
shards build --release
|
||||
runHook postBuild
|
||||
'';
|
||||
|
||||
installPhase = ''
|
||||
runHook preInstall
|
||||
install -Dm755 -t $out/bin bin/ameba
|
||||
runHook postInstall
|
||||
'';
|
||||
|
||||
doCheck = true;
|
||||
|
||||
checkPhase = ''
|
||||
runHook preCheck
|
||||
crystal spec
|
||||
runHook postCheck
|
||||
'';
|
||||
|
||||
meta = with stdenv.lib; {
|
||||
description = "A static code analysis tool for Crystal";
|
||||
homepage = "https://crystal-ameba.github.io";
|
||||
|
|
|
@ -1,22 +1,29 @@
|
|||
{ stdenv, fetchFromGitHub, crystal, pcre, libyaml, which }:
|
||||
{ stdenv, fetchFromGitHub, crystal }:
|
||||
|
||||
crystal.buildCrystalPackage rec {
|
||||
pname = "shards";
|
||||
version = "0.10.0";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "crystal-lang";
|
||||
repo = "shards";
|
||||
rev = "v${version}";
|
||||
owner = "crystal-lang";
|
||||
repo = "shards";
|
||||
rev = "v${version}";
|
||||
sha256 = "1bjy3hcdqq8769bx73f3pwn26rnkj23dngyfbw4iv32bw23x1d49";
|
||||
};
|
||||
|
||||
# we cannot use `make` here as it would introduce a dependency on itself
|
||||
format = "crystal";
|
||||
|
||||
shardsFile = ./shards.nix;
|
||||
|
||||
crystalBinaries.shards.src = "./src/shards.cr";
|
||||
|
||||
# tries to execute git which fails spectacularly
|
||||
doCheck = false;
|
||||
|
||||
meta = with stdenv.lib; {
|
||||
description = "Dependency manager for the Crystal language";
|
||||
license = licenses.asl20;
|
||||
license = licenses.asl20;
|
||||
maintainers = with maintainers; [ peterhoeg ];
|
||||
inherit (crystal.meta) homepage platforms;
|
||||
};
|
||||
|
|
|
@ -1,16 +1,16 @@
|
|||
{ lib, buildGoPackage, fetchFromGitLab, fetchurl }:
|
||||
|
||||
let
|
||||
version = "12.9.0";
|
||||
version = "12.10.0";
|
||||
# Gitlab runner embeds some docker images these are prebuilt for arm and x86_64
|
||||
docker_x86_64 = fetchurl {
|
||||
url = "https://gitlab-runner-downloads.s3.amazonaws.com/v${version}/helper-images/prebuilt-x86_64.tar.xz";
|
||||
sha256 = "0kd4zc9rgzsl6imk9vi2yqpaxrgy8ywcz2vvpsfzrhhmm2yx3qh0";
|
||||
sha256 = "1a2cfr72b15h3ymxf69a0inb4amfxivdhfaj711wgyvcf5ymnbsv";
|
||||
};
|
||||
|
||||
docker_arm = fetchurl {
|
||||
url = "https://gitlab-runner-downloads.s3.amazonaws.com/v${version}/helper-images/prebuilt-arm.tar.xz";
|
||||
sha256 = "13xwcvw6m3p5ffas5mr55jkqks9s3f7qg1b928vcxkx57j06kb22";
|
||||
sha256 = "18if2xbkldpn0bwfyk6bgbdl9rdg4rjxc0im6lclwcgpbmslwx5r";
|
||||
};
|
||||
in
|
||||
buildGoPackage rec {
|
||||
|
@ -29,7 +29,7 @@ buildGoPackage rec {
|
|||
owner = "gitlab-org";
|
||||
repo = "gitlab-runner";
|
||||
rev = "v${version}";
|
||||
sha256 = "0p9i4z0xsq5rl6gkqjpwpz6hb57vi6wl969gncrsfskjjc1kcifq";
|
||||
sha256 = "0bsd3dk2fi21klqwzw8c181gv61qxbd32lj6mhkj9liz4flarhmv";
|
||||
};
|
||||
|
||||
patches = [ ./fix-shell-path.patch ];
|
||||
|
|
|
@ -1,10 +1,10 @@
|
|||
{ stdenv, fetchurl, postgresql, getopt, makeWrapper }:
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "ephemeralpg";
|
||||
version = "2.9";
|
||||
version = "3.0";
|
||||
src = fetchurl {
|
||||
url = "http://ephemeralpg.org/code/${pname}-${version}.tar.gz";
|
||||
sha256 = "1ghp3kya4lxvfwz3c022cx9vqf55jbf9sjw60bxjcb5sszklyc89";
|
||||
sha256 = "1j0g7g114ma7y7sadbng5p1ss1zsm9zpicm77qspym6565733vvh";
|
||||
};
|
||||
buildInputs = [ makeWrapper ];
|
||||
installPhase = ''
|
||||
|
|
|
@ -1,29 +1,31 @@
|
|||
{ stdenv, fetchFromGitHub, crystal, shards, which
|
||||
, openssl, readline, libyaml }:
|
||||
{ stdenv, lib, fetchFromGitHub, crystal, shards, makeWrapper, pkgconfig, which
|
||||
, openssl, readline, libyaml, zlib }:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
crystal.buildCrystalPackage rec {
|
||||
pname = "icr";
|
||||
version = "0.6.0";
|
||||
version = "0.8.0";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "crystal-community";
|
||||
repo = pname;
|
||||
rev = "v${version}";
|
||||
sha256 = "0kkdqrxk4f4bqbb84mgjrk9r0fz1hsz95apvjsc49gav4c8xx3mb";
|
||||
owner = "crystal-community";
|
||||
repo = pname;
|
||||
rev = "v${version}";
|
||||
sha256 = "1bz2bhs6csyg2rhrlknlvaiilq3vq8plxjh1hdxmbrfi3n6c7k5a";
|
||||
};
|
||||
|
||||
postPatch = ''
|
||||
substituteInPlace Makefile \
|
||||
--replace /usr/local $out
|
||||
shardsFile = ./shards.nix;
|
||||
|
||||
buildInputs = [ libyaml openssl readline zlib ];
|
||||
|
||||
nativeBuildInputs = [ makeWrapper pkgconfig which ];
|
||||
|
||||
# tests are failing due to our sandbox
|
||||
doCheck = false;
|
||||
|
||||
postFixup = ''
|
||||
wrapProgram $out/bin/icr \
|
||||
--prefix PATH : ${lib.makeBinPath [ crystal shards makeWrapper which ]}
|
||||
'';
|
||||
|
||||
buildInputs = [ crystal libyaml openssl readline ];
|
||||
|
||||
nativeBuildInputs = [ shards which ];
|
||||
|
||||
doCheck = true;
|
||||
checkTarget = "test";
|
||||
|
||||
meta = with stdenv.lib; {
|
||||
description = "Interactive console for the Crystal programming language";
|
||||
homepage = "https://github.com/crystal-community/icr";
|
||||
|
|
8
pkgs/development/tools/icr/shards.nix
Normal file
8
pkgs/development/tools/icr/shards.nix
Normal file
|
@ -0,0 +1,8 @@
|
|||
{
|
||||
readline = {
|
||||
owner = "crystal-lang";
|
||||
repo = "crystal-readline";
|
||||
rev = "0fb7d186da8e1b157998d98d1c96e99699b791eb";
|
||||
sha256 = "1rk27vw3ssldgnfgprwvz2gag02v4g6d6yg56b3sk9w3fn8jyyi8";
|
||||
};
|
||||
}
|
|
@ -2,13 +2,13 @@
|
|||
|
||||
buildDunePackage rec {
|
||||
pname = "merlin";
|
||||
version = "3.3.3";
|
||||
version = "3.3.4";
|
||||
|
||||
minimumOCamlVersion = "4.02.1";
|
||||
|
||||
src = fetchurl {
|
||||
url = "https://github.com/ocaml/merlin/releases/download/v${version}/merlin-v${version}.tbz";
|
||||
sha256 = "05dfkbpbb7nvs4g6y0iw7a9f73ygvhs9l45l2g56y7zagvs9x43j";
|
||||
sha256 = "12wxric6n3rmsn0w16xm8vjd8p5aw24cj76zw2x87qfwwgmy1kdd";
|
||||
};
|
||||
|
||||
buildInputs = [ yojson ];
|
||||
|
|
|
@ -1,6 +1,8 @@
|
|||
{ lib, fetchFromGitHub, crystal }:
|
||||
{ lib, fetchFromGitHub, crystal_0_31, coreutils, shards, makeWrapper, which }:
|
||||
|
||||
crystal.buildCrystalPackage rec {
|
||||
let crystal = crystal_0_31;
|
||||
|
||||
in crystal.buildCrystalPackage rec {
|
||||
pname = "scry";
|
||||
version = "0.8.1";
|
||||
|
||||
|
@ -11,9 +13,27 @@ crystal.buildCrystalPackage rec {
|
|||
sha256 = "0ii4k9l3dgm1c9lllc8ni9dar59lrxik0v9iz7gk3d6v62wwnq79";
|
||||
};
|
||||
|
||||
# we are already testing for this, so we can ignore the failures
|
||||
postPatch = ''
|
||||
rm spec/scry/executable_spec.cr
|
||||
'';
|
||||
|
||||
format = "crystal";
|
||||
|
||||
nativeBuildInputs = [ makeWrapper ];
|
||||
|
||||
shardsFile = ./shards.nix;
|
||||
|
||||
crystalBinaries.scry.src = "src/scry.cr";
|
||||
|
||||
postFixup = ''
|
||||
wrapProgram $out/bin/scry \
|
||||
--prefix PATH : ${lib.makeBinPath [ crystal coreutils ]}
|
||||
'';
|
||||
|
||||
# the binary doesn't take any arguments, so this will hang
|
||||
doInstallCheck = false;
|
||||
|
||||
meta = with lib; {
|
||||
description = "Code analysis server for the Crystal programming language";
|
||||
homepage = "https://github.com/crystal-lang-tools/scry";
|
||||
|
|
42
pkgs/development/web/lucky-cli/default.nix
Normal file
42
pkgs/development/web/lucky-cli/default.nix
Normal file
|
@ -0,0 +1,42 @@
|
|||
{ lib, fetchFromGitHub, crystal, makeWrapper, openssl }:
|
||||
|
||||
crystal.buildCrystalPackage rec {
|
||||
pname = "lucky-cli";
|
||||
version = "0.20.0";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "luckyframework";
|
||||
repo = "lucky_cli";
|
||||
rev = "v${version}";
|
||||
sha256 = "0n7fgnsivf39bkxpf7xgg9dqkam08axdn1j45wl1n0r4qmfkjs94";
|
||||
};
|
||||
|
||||
# the integration tests will try to clone a remote repos
|
||||
postPatch = ''
|
||||
rm -rf spec/integration
|
||||
'';
|
||||
|
||||
format = "crystal";
|
||||
|
||||
lockFile = ./shard.lock;
|
||||
shardsFile = ./shards.nix;
|
||||
|
||||
crystalBinaries.lucky.src = "src/lucky.cr";
|
||||
|
||||
buildInputs = [ openssl ];
|
||||
|
||||
nativeBuildInputs = [ makeWrapper ];
|
||||
|
||||
postInstall = ''
|
||||
wrapProgram $out/bin/lucky \
|
||||
--prefix PATH : ${lib.makeBinPath [ crystal ]}
|
||||
'';
|
||||
|
||||
meta = with lib; {
|
||||
description =
|
||||
"A Crystal library for creating and running tasks. Also generates Lucky projects";
|
||||
license = licenses.mit;
|
||||
maintainers = with maintainers; [ peterhoeg ];
|
||||
platforms = platforms.unix;
|
||||
};
|
||||
}
|
5
pkgs/development/web/lucky-cli/shard.lock
Normal file
5
pkgs/development/web/lucky-cli/shard.lock
Normal file
|
@ -0,0 +1,5 @@
|
|||
version: 1.0
|
||||
shards:
|
||||
teeplate:
|
||||
github: luckyframework/teeplate
|
||||
version: 0.8.1
|
8
pkgs/development/web/lucky-cli/shards.nix
Normal file
8
pkgs/development/web/lucky-cli/shards.nix
Normal file
|
@ -0,0 +1,8 @@
|
|||
{
|
||||
teeplate = {
|
||||
owner = "luckyframework";
|
||||
repo = "teeplate";
|
||||
rev = "v0.8.1";
|
||||
sha256 = "022jmmg3d2wq2xnhc63afldm9vrcr8xqn43s9i39d7qflrzrfc7v";
|
||||
};
|
||||
}
|
25
pkgs/development/web/shopify-themekit/default.nix
Normal file
25
pkgs/development/web/shopify-themekit/default.nix
Normal file
|
@ -0,0 +1,25 @@
|
|||
{ stdenv, buildGoPackage, fetchFromGitHub }:
|
||||
|
||||
buildGoPackage rec {
|
||||
pname = "shopify-themekit";
|
||||
version = "1.0.3";
|
||||
|
||||
goPackagePath = "github.com/Shopify/themekit/";
|
||||
|
||||
goDeps = ./shopify-themekit_deps.nix;
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "Shopify";
|
||||
repo = "themekit";
|
||||
rev = "v${version}";
|
||||
sha256 = "1780h33mf2h2lv6mr4xx3shfvsabr7w138yb59vvdgvjng9wjkg0";
|
||||
};
|
||||
|
||||
meta = with stdenv.lib; {
|
||||
description = "A command line tool for shopify themes";
|
||||
homepage = "https://shopify.github.io/themekit/";
|
||||
license = licenses.mit;
|
||||
maintainers = with maintainers; [ maintainers."1000101" ];
|
||||
platforms = platforms.all;
|
||||
};
|
||||
}
|
300
pkgs/development/web/shopify-themekit/shopify-themekit_deps.nix
Normal file
300
pkgs/development/web/shopify-themekit/shopify-themekit_deps.nix
Normal file
|
@ -0,0 +1,300 @@
|
|||
# file generated from go.mod using vgo2nix (https://github.com/adisbladis/vgo2nix)
|
||||
[
|
||||
{
|
||||
goPackagePath = "github.com/VividCortex/ewma";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/VividCortex/ewma";
|
||||
rev = "v1.1.1";
|
||||
sha256 = "14v2dy5gqchjn7k0sd6cx59ms42v681r6xz7cb1kspp4b28a74rw";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/aws/aws-sdk-go";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/aws/aws-sdk-go";
|
||||
rev = "1c16cd01d785";
|
||||
sha256 = "129iizv2rny2frg36057hayynpsdav53nhj41dia3mi2r6zyalny";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/caarlos0/env";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/caarlos0/env";
|
||||
rev = "d0de832ed2fb";
|
||||
sha256 = "013shh38rs2jv4a2hsbix0hlanjr2a539akmkqkwwg0il9h3qmq2";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/davecgh/go-spew";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/davecgh/go-spew";
|
||||
rev = "v1.1.1";
|
||||
sha256 = "0hka6hmyvp701adzag2g26cxdj47g21x6jz4sc6jjz1mn59d474y";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/fatih/color";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/fatih/color";
|
||||
rev = "v1.7.0";
|
||||
sha256 = "0v8msvg38r8d1iiq2i5r4xyfx0invhc941kjrsg5gzwvagv55inv";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/fsnotify/fsnotify";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/fsnotify/fsnotify";
|
||||
rev = "v1.4.7";
|
||||
sha256 = "07va9crci0ijlivbb7q57d2rz9h27zgn2fsm60spjsqpdbvyrx4g";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/go-ini/ini";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/go-ini/ini";
|
||||
rev = "v1.25.4";
|
||||
sha256 = "0b6cql5ripbiyrm18d6bfd1rfjnwcbskppw3d0vb80l0wy72d0c6";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/hashicorp/go-version";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/hashicorp/go-version";
|
||||
rev = "270f2f71b1ee";
|
||||
sha256 = "1d43wlp932nqbwkca4bhw8l4x6cg25jyh8l1s3814vddscfpfz2v";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/imdario/mergo";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/imdario/mergo";
|
||||
rev = "v0.3.6";
|
||||
sha256 = "1lbzy8p8wv439sqgf0n21q52flf2wbamp6qa1jkyv6an0nc952q7";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/inconshreveable/go-update";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/inconshreveable/go-update";
|
||||
rev = "8152e7eb6ccf";
|
||||
sha256 = "07czhspakpi7al004rm669cmf4h5l0vnygsm11280nkfn2zxqdi3";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/inconshreveable/mousetrap";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/inconshreveable/mousetrap";
|
||||
rev = "v1.0.0";
|
||||
sha256 = "1mn0kg48xkd74brf48qf5hzp0bc6g8cf5a77w895rl3qnlpfw152";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/jmespath/go-jmespath";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/jmespath/go-jmespath";
|
||||
rev = "0b12d6b521d8";
|
||||
sha256 = "1vv6hph8j6xgv7gwl9vvhlsaaqsm22sxxqmgmldi4v11783pc1ld";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/joho/godotenv";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/joho/godotenv";
|
||||
rev = "v1.3.0";
|
||||
sha256 = "0ri8if0pc3x6jg4c3i8wr58xyfpxkwmcjk3rp8gb398a1aa3gpjm";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/mattn/go-colorable";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/mattn/go-colorable";
|
||||
rev = "efa589957cd0";
|
||||
sha256 = "0kshi4hvm0ayrsxqxy0599iv81kryhd2fn9lwjyczpj593cq069r";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/mattn/go-isatty";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/mattn/go-isatty";
|
||||
rev = "v0.0.4";
|
||||
sha256 = "0zs92j2cqaw9j8qx1sdxpv3ap0rgbs0vrvi72m40mg8aa36gd39w";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/pmezard/go-difflib";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/pmezard/go-difflib";
|
||||
rev = "v1.0.0";
|
||||
sha256 = "0c1cn55m4rypmscgf0rrb88pn58j3ysvc2d0432dp3c6fqg6cnzw";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/radovskyb/watcher";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/radovskyb/watcher";
|
||||
rev = "v1.0.6";
|
||||
sha256 = "1xlbrfgm6ha161szdjq2rab53plkdhmh5h86lpbk5g7fmq881945";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/ryanuber/go-glob";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/ryanuber/go-glob";
|
||||
rev = "572520ed46db";
|
||||
sha256 = "0dzbpqp1h7gjmlm4irnh6lpbfz5zjc721jidibyvmxj7xcx3wp5d";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/shibukawa/configdir";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/shibukawa/configdir";
|
||||
rev = "e180dbdc8da0";
|
||||
sha256 = "0vbma9jkwh0ifz8dk2ssgmy7aiaify63lpa0lah7i4dkkxr94c9z";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/skratchdot/open-golang";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/skratchdot/open-golang";
|
||||
rev = "75fb7ed4208c";
|
||||
sha256 = "1b67imqbsdvg19vif1q1dfmapxy3v2anagacbql95fwnnw0v8jga";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/spf13/cobra";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/spf13/cobra";
|
||||
rev = "7c4570c3ebeb";
|
||||
sha256 = "16amh0prlzqrrbg5j629sg0f688nfzfgn9sair8jyybqampr3wc7";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/spf13/pflag";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/spf13/pflag";
|
||||
rev = "v1.0.2";
|
||||
sha256 = "005598piihl3l83a71ahj10cpq9pbhjck4xishx1b4dzc02r9xr2";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/stretchr/objx";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/stretchr/objx";
|
||||
rev = "v0.1.1";
|
||||
sha256 = "0iph0qmpyqg4kwv8jsx6a56a7hhqq8swrazv40ycxk9rzr0s8yls";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/stretchr/testify";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/stretchr/testify";
|
||||
rev = "v1.2.2";
|
||||
sha256 = "0dlszlshlxbmmfxj5hlwgv3r22x0y1af45gn1vd198nvvs3pnvfs";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/vbauerster/mpb";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/vbauerster/mpb";
|
||||
rev = "v3.3.2";
|
||||
sha256 = "18m66b80iv9z768c15dqsx5mnjq6iaa6b5lckpdqnynqzkkvw8kk";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "golang.org/x/crypto";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://go.googlesource.com/crypto";
|
||||
rev = "a1f597ede03a";
|
||||
sha256 = "0yiczljll72ip2vkxgd6052rhpaba37a68vf6si3v8s8s3g870lc";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "golang.org/x/lint";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://go.googlesource.com/lint";
|
||||
rev = "d0100b6bd8b3";
|
||||
sha256 = "0b0amr9x4ji66iv9ayfx7zrfx52k1m5g66qfcxkgj80qrb1y2yn7";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "golang.org/x/net";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://go.googlesource.com/net";
|
||||
rev = "1272bf9dcd53";
|
||||
sha256 = "1500gryd7jli7yjn4c927ppyllry8lxcmnsmpn7zxfd1k14q7nyv";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "golang.org/x/sync";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://go.googlesource.com/sync";
|
||||
rev = "1d60e4601c6f";
|
||||
sha256 = "046jlanz2lkxq1r57x9bl6s4cvfqaic6p2xybsj8mq1120jv4rs6";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "golang.org/x/sys";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://go.googlesource.com/sys";
|
||||
rev = "6c81ef8f67ca";
|
||||
sha256 = "1iqrral339vxb635ip5jjzn84aa86kb629kbp1w29qwyfzbs0yqi";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "golang.org/x/text";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://go.googlesource.com/text";
|
||||
rev = "v0.3.0";
|
||||
sha256 = "0r6x6zjzhr8ksqlpiwm5gdd7s209kwk5p4lw54xjvz10cs3qlq19";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "golang.org/x/tools";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://go.googlesource.com/tools";
|
||||
rev = "3f1ed9edd1b4";
|
||||
sha256 = "00d2h0df03gv57valad4wr3g2rc8dcn8w3ci783x9wzzc86y4giw";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "gopkg.in/yaml.v1";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://gopkg.in/yaml.v1";
|
||||
rev = "9f9df34309c0";
|
||||
sha256 = "1r8d346szqa9x8q03wiycik5qy3d6w8qq4hs99z1p64q5lm0g7gm";
|
||||
};
|
||||
}
|
||||
]
|
21
pkgs/misc/cbeams/default.nix
Normal file
21
pkgs/misc/cbeams/default.nix
Normal file
|
@ -0,0 +1,21 @@
|
|||
{ lib, buildPythonApplication, fetchPypi, isPy3k, blessings, docopt }:
|
||||
|
||||
buildPythonApplication rec {
|
||||
pname = "cbeams";
|
||||
version = "1.0.3";
|
||||
disabled = !isPy3k;
|
||||
|
||||
src = fetchPypi {
|
||||
inherit pname version;
|
||||
sha256 = "1agcjg6kmcyvk834xd2j60mi349qi9iw3dc2vwpd7pqwq1daq3gi";
|
||||
};
|
||||
|
||||
propagatedBuildInputs = [ blessings docopt ];
|
||||
|
||||
meta = with lib; {
|
||||
homepage = "https://github.com/tartley/cbeams";
|
||||
description = "Command-line program to draw animated colored circles in the terminal";
|
||||
license = licenses.bsd3;
|
||||
maintainers = with maintainers; [ geistesk ];
|
||||
};
|
||||
}
|
|
@ -5,13 +5,13 @@
|
|||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "pcsx2";
|
||||
version = "unstable-2020-01-05";
|
||||
version = "1.6.0-rc";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "PCSX2";
|
||||
repo = "pcsx2";
|
||||
rev = "9c12937351c51b921e1f28d44b019bc52e747c51";
|
||||
sha256 = "0y1f5v99a6njmf6hyvl4z5xnrm7351rkyw2fn4f09hqn92r7zmi5";
|
||||
rev = "v${version}";
|
||||
sha256 = "1mdv1dgwawb4k6bs1jh6j2jaaxg168fbssm1lwnlk5di0gz31h23";
|
||||
};
|
||||
|
||||
postPatch = "sed '1i#include \"x86intrin.h\"' -i common/src/x86emitter/cpudetect.cpp";
|
||||
|
|
|
@ -1,15 +1,27 @@
|
|||
{ stdenv, lib, fetchurl, fetchpatch, fetchFromGitHub, bc, bison, dtc, flex
|
||||
, openssl, swig, meson-tools, armTrustedFirmwareAllwinner
|
||||
, armTrustedFirmwareRK3328, armTrustedFirmwareRK3399
|
||||
{ stdenv
|
||||
, lib
|
||||
, fetchurl
|
||||
, fetchpatch
|
||||
, fetchFromGitHub
|
||||
, bc
|
||||
, bison
|
||||
, dtc
|
||||
, flex
|
||||
, openssl
|
||||
, swig
|
||||
, meson-tools
|
||||
, armTrustedFirmwareAllwinner
|
||||
, armTrustedFirmwareRK3328
|
||||
, armTrustedFirmwareRK3399
|
||||
, armTrustedFirmwareS905
|
||||
, buildPackages
|
||||
}:
|
||||
|
||||
let
|
||||
defaultVersion = "2020.01";
|
||||
defaultVersion = "2020.04";
|
||||
defaultSrc = fetchurl {
|
||||
url = "ftp://ftp.denx.de/pub/u-boot/u-boot-${defaultVersion}.tar.bz2";
|
||||
sha256 = "1w9ml4jl15q6ixpdqzspxjnl7d3rgxd7f99ms1xv5c8869h3qida";
|
||||
sha256 = "0wjkasnz87q86hx93inspdjfjsinmxi87bcvj30c773x0fpjlwzy";
|
||||
};
|
||||
buildUBoot = {
|
||||
version ? null
|
||||
|
|
|
@ -18,6 +18,7 @@
|
|||
, mpd_clientlib
|
||||
# Tag support
|
||||
, libid3tag
|
||||
, nixosTests
|
||||
}:
|
||||
|
||||
let
|
||||
|
@ -128,6 +129,8 @@ let
|
|||
++ lib.optional (builtins.elem "systemd" features_)
|
||||
"-Dsystemd_system_unit_dir=etc/systemd/system";
|
||||
|
||||
passthru.tests.nixos = nixosTests.mpd;
|
||||
|
||||
meta = with stdenv.lib; {
|
||||
description = "A flexible, powerful daemon for playing music";
|
||||
homepage = "https://www.musicpd.org/";
|
||||
|
|
|
@ -2,23 +2,28 @@
|
|||
|
||||
buildGoPackage rec {
|
||||
pname = "oauth2_proxy";
|
||||
version = "3.2.0";
|
||||
|
||||
version = "5.1.0";
|
||||
|
||||
goPackagePath = "github.com/pusher/${pname}";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
repo = pname;
|
||||
owner = "pusher";
|
||||
sha256 = "0k73ggyh12g2vzjq91i9d3bxbqfvh5k6njzza1lvkzasgp07wisg";
|
||||
sha256 = "190k1v2c1f6vp9waqs01rlzm0jc3vrmsq1w1n0c2q2nfqx76y2wz";
|
||||
rev = "v${version}";
|
||||
};
|
||||
|
||||
goDeps = ./deps.nix;
|
||||
|
||||
doCheck = true;
|
||||
|
||||
# Taken from https://github.com/oauth2-proxy/oauth2-proxy/blob/master/Makefile
|
||||
buildFlagsArray = ("-ldflags=-X main.VERSION=${version}");
|
||||
|
||||
meta = with lib; {
|
||||
description = "A reverse proxy that provides authentication with Google, Github or other provider";
|
||||
description = "A reverse proxy that provides authentication with Google, Github, or other providers";
|
||||
homepage = "https://github.com/pusher/oauth2_proxy/";
|
||||
license = licenses.mit;
|
||||
maintainers = [ maintainers.yorickvp ];
|
||||
maintainers = with maintainers; [ yorickvp knl ];
|
||||
};
|
||||
}
|
||||
|
|
552
pkgs/servers/oauth2_proxy/deps.nix
generated
552
pkgs/servers/oauth2_proxy/deps.nix
generated
|
@ -1,183 +1,615 @@
|
|||
# file generated from Gopkg.lock using dep2nix (https://github.com/nixcloud/dep2nix)
|
||||
# file generated from go.mod using vgo2nix (https://github.com/adisbladis/vgo2nix)
|
||||
[
|
||||
{
|
||||
goPackagePath = "cloud.google.com/go";
|
||||
goPackagePath = "cloud.google.com/go";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://code.googlesource.com/gocloud";
|
||||
rev = "2d3a6656c17a60b0815b7e06ab0be04eacb6e613";
|
||||
sha256 = "0fi3qj9fvc4bxbrwa1m5sxsb8yhvawiwigaddvmmizjykxbq5csq";
|
||||
rev = "v0.38.0";
|
||||
sha256 = "0n6n13b7lri2fmc4bn4ifszyawj31dpbzvyv0xafsf81440z8cyh";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/BurntSushi/toml";
|
||||
goPackagePath = "github.com/BurntSushi/toml";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/BurntSushi/toml";
|
||||
rev = "b26d9c308763d68093482582cea63d69be07a0f0";
|
||||
sha256 = "0k7v2i1d2d6si8gswn83qb84czhhia53v2wdy33yz9ppdidxk0ry";
|
||||
rev = "v0.3.1";
|
||||
sha256 = "1fjdwwfzyzllgiwydknf1pwjvy49qxfsczqx5gz3y0izs7as99j6";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/bitly/go-simplejson";
|
||||
goPackagePath = "github.com/alicebob/gopher-json";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/alicebob/gopher-json";
|
||||
rev = "5a6b3ba71ee6";
|
||||
sha256 = "0hx6n722zq51p852lv56k39yjy09lw6mnr2c3x0p23rfyyrakj2p";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/alicebob/miniredis";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/alicebob/miniredis";
|
||||
rev = "v2.11.2";
|
||||
sha256 = "1fc6w9n1jznwj8ks2svxmjrv87pk3spjf5z3kcxpgpynp13pd55n";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/bitly/go-simplejson";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/bitly/go-simplejson";
|
||||
rev = "aabad6e819789e569bd6aabf444c935aa9ba1e44";
|
||||
rev = "v0.5.0";
|
||||
sha256 = "0n9f9dz1jn1jx86d48569nznpjn9fmq3knn7r65xpy7jhih284jj";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/coreos/go-oidc";
|
||||
goPackagePath = "github.com/bmizerany/assert";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/coreos/go-oidc";
|
||||
rev = "77e7f2010a464ade7338597afe650dfcffbe2ca8";
|
||||
sha256 = "0mh8fa7al9gfzx4k7rd623bpy14s06s96iz6lbf6psi5q2bnbs2r";
|
||||
url = "https://github.com/bmizerany/assert";
|
||||
rev = "b7ed37b82869";
|
||||
sha256 = "18hy1wyl9zdi7sgxafrn3m7fadh6in0rhhb8l0cvkxqzdl0jcw2s";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/davecgh/go-spew";
|
||||
goPackagePath = "github.com/census-instrumentation/opencensus-proto";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/census-instrumentation/opencensus-proto";
|
||||
rev = "v0.2.1";
|
||||
sha256 = "19fcx3sc99i5dsklny6r073z5j20vlwn2xqm6di1q3b1xwchzqfj";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/chzyer/logex";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/chzyer/logex";
|
||||
rev = "v1.1.10";
|
||||
sha256 = "08pbjj3wx9acavlwyr055isa8a5hnmllgdv5k6ra60l5y1brmlq4";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/chzyer/readline";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/chzyer/readline";
|
||||
rev = "2972be24d48e";
|
||||
sha256 = "104q8dazj8yf6b089jjr82fy9h1g80zyyzvp3g8b44a7d8ngjj6r";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/chzyer/test";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/chzyer/test";
|
||||
rev = "a1ea475d72b1";
|
||||
sha256 = "0rns2aqk22i9xsgyap0pq8wi4cfaxsri4d9q6xxhhyma8jjsnj2k";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/client9/misspell";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/client9/misspell";
|
||||
rev = "v0.3.4";
|
||||
sha256 = "1vwf33wsc4la25zk9nylpbp9px3svlmldkm0bha4hp56jws4q9cs";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/coreos/go-oidc";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/coreos/go-oidc";
|
||||
rev = "v2.2.1";
|
||||
sha256 = "11m6slbpi33ynffml7812piq4anhjlf1qszjlsf26f5y7x3qh8n5";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/davecgh/go-spew";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/davecgh/go-spew";
|
||||
rev = "346938d642f2ec3594ed81d874461961cd0faa76";
|
||||
rev = "v1.1.0";
|
||||
sha256 = "0d4jfmak5p6lb7n2r6yvf5p1zcw0l8j74kn55ghvr7zr7b7axm6c";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/dgrijalva/jwt-go";
|
||||
goPackagePath = "github.com/dgrijalva/jwt-go";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/dgrijalva/jwt-go";
|
||||
rev = "06ea1031745cb8b3dab3f6a236daf2b0aa468b7e";
|
||||
rev = "v3.2.0";
|
||||
sha256 = "08m27vlms74pfy5z79w67f9lk9zkx6a9jd68k3c4msxy75ry36mp";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/golang/protobuf";
|
||||
goPackagePath = "github.com/envoyproxy/go-control-plane";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/envoyproxy/go-control-plane";
|
||||
rev = "5f8ba28d4473";
|
||||
sha256 = "1f1s764rd41vd9vgk3r14h1m6fz6pdvxj6fd83q58gxifbc4q5w4";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/envoyproxy/protoc-gen-validate";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/envoyproxy/protoc-gen-validate";
|
||||
rev = "v0.1.0";
|
||||
sha256 = "0kxd3wwh3xwqk0r684hsy281xq4y71cd11d4q2hspcjbnlbwh7cy";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/fsnotify/fsnotify";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/fsnotify/fsnotify";
|
||||
rev = "v1.4.7";
|
||||
sha256 = "07va9crci0ijlivbb7q57d2rz9h27zgn2fsm60spjsqpdbvyrx4g";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/go-redis/redis";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/go-redis/redis";
|
||||
rev = "v6.15.7";
|
||||
sha256 = "0fc0sfispyzn652ny05wn6bz18a60n6ryk23ki8j97xx3l24nq2g";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/golang/glog";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/golang/glog";
|
||||
rev = "23def4e6c14b";
|
||||
sha256 = "0jb2834rw5sykfr937fxi8hxi2zy80sj2bdn9b3jb4b26ksqng30";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/golang/mock";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/golang/mock";
|
||||
rev = "v1.2.0";
|
||||
sha256 = "12ddj2g8ab87id6n2n67vnbhq6p8dvgsq1pzpqfriym4dk8w54fg";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/golang/protobuf";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/golang/protobuf";
|
||||
rev = "1e59b77b52bf8e4b449a57e6f79f21226d571845";
|
||||
sha256 = "19bkh81wnp6njg3931wky6hsnnl2d1ig20vfjxpv450sd3k6yys8";
|
||||
rev = "v1.3.2";
|
||||
sha256 = "1k1wb4zr0qbwgpvz9q5ws9zhlal8hq7dmq62pwxxriksayl6hzym";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/mbland/hmacauth";
|
||||
goPackagePath = "github.com/gomodule/redigo";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/gomodule/redigo";
|
||||
rev = "v2.0.0";
|
||||
sha256 = "1kg7s8027b4g1sfw0v3nh30c15j407kv684s53gg281r807dnfpk";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/google/btree";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/google/btree";
|
||||
rev = "4030bb1f1f0c";
|
||||
sha256 = "0ba430m9fbnagacp57krgidsyrgp3ycw5r7dj71brgp5r52g82p6";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/google/go-cmp";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/google/go-cmp";
|
||||
rev = "v0.3.0";
|
||||
sha256 = "1hyxx3434zshl2m9ja78gwlkg1rx9yl6diqa7dnjb31xz5x4gbjj";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/google/martian";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/google/martian";
|
||||
rev = "v2.1.0";
|
||||
sha256 = "197hil6vrjk50b9wvwyzf61csid83whsjj6ik8mc9r2lryxlyyrp";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/google/pprof";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/google/pprof";
|
||||
rev = "3ea8567a2e57";
|
||||
sha256 = "09rhjn3ms0a72dw0yzbp237p7yhqma772zspddn6mgkh3gi3kn4c";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/googleapis/gax-go";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/googleapis/gax-go";
|
||||
rev = "v2.0.5";
|
||||
sha256 = "1lxawwngv6miaqd25s3ba0didfzylbwisd2nz7r4gmbmin6jsjrx";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/hashicorp/golang-lru";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/hashicorp/golang-lru";
|
||||
rev = "v0.5.1";
|
||||
sha256 = "13f870cvk161bzjj6x41l45r5x9i1z9r2ymwmvm7768kg08zznpy";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/hpcloud/tail";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/hpcloud/tail";
|
||||
rev = "v1.0.0";
|
||||
sha256 = "1njpzc0pi1acg5zx9y6vj9xi6ksbsc5d387rd6904hy6rh2m6kn0";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/jstemmer/go-junit-report";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/jstemmer/go-junit-report";
|
||||
rev = "af01ea7f8024";
|
||||
sha256 = "1lp3n94ris12hac02wi31f3whs88lcrzwgdg43a5j6cafg9p1d0s";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/kr/pretty";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/kr/pretty";
|
||||
rev = "v0.2.0";
|
||||
sha256 = "1ywbfzz1h3a3qd8rpkiqwi1dm4w8ls9ijb4x1b7567grns9f0vnp";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/kr/pty";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/kr/pty";
|
||||
rev = "v1.1.1";
|
||||
sha256 = "0383f0mb9kqjvncqrfpidsf8y6ns5zlrc91c6a74xpyxjwvzl2y6";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/kr/text";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/kr/text";
|
||||
rev = "v0.1.0";
|
||||
sha256 = "1gm5bsl01apvc84bw06hasawyqm4q84vx1pm32wr9jnd7a8vjgj1";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/mbland/hmacauth";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/mbland/hmacauth";
|
||||
rev = "107c17adcc5eccc9935cd67d9bc2feaf5255d2cb";
|
||||
sha256 = "1zd9r8znhkxyl997lhjk8nrlxlfv5s1hn7ql87wrcyvlsszx3mzh";
|
||||
rev = "44256dfd4bfa";
|
||||
sha256 = "1d5pbjgc5j8pi3frsjp5gqg7j12bxdbl55nhy01cv4c96hay2ij1";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/mreiferson/go-options";
|
||||
goPackagePath = "github.com/mreiferson/go-options";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/mreiferson/go-options";
|
||||
rev = "20ba7d382d05facb01e02eb777af0c5f229c5c95";
|
||||
sha256 = "1vdz3wqkj885a0jkggaygl4k6k8b94fpspywr26snm4xnb8vgxsf";
|
||||
rev = "v1.0.0";
|
||||
sha256 = "1pxs9ybrh196qy14ijn4zn51h2z28lj31y6vxrz2xxhgvpmfmxyl";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/pmezard/go-difflib";
|
||||
goPackagePath = "github.com/onsi/ginkgo";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/onsi/ginkgo";
|
||||
rev = "v1.12.0";
|
||||
sha256 = "0ly246i0ax53l6dn9f1zlhkd9gs03hvbk7aazxay2dd5fxzh9n65";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/onsi/gomega";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/onsi/gomega";
|
||||
rev = "v1.9.0";
|
||||
sha256 = "0l69r6nbnz6b3j9zrqn8aql88jjv1pqykzkvqdbhfprss9b2dy46";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/pmezard/go-difflib";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/pmezard/go-difflib";
|
||||
rev = "792786c7400a136282c1664665ae0a8db921c6c2";
|
||||
rev = "v1.0.0";
|
||||
sha256 = "0c1cn55m4rypmscgf0rrb88pn58j3ysvc2d0432dp3c6fqg6cnzw";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/pquerna/cachecontrol";
|
||||
goPackagePath = "github.com/pquerna/cachecontrol";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/pquerna/cachecontrol";
|
||||
rev = "0dec1b30a0215bb68605dfc568e8855066c9202d";
|
||||
sha256 = "14yyfhrv60rvb983rqm7s916nwvn9kcmbvnrcna2md0s3mkzs3yh";
|
||||
rev = "1555304b9b35";
|
||||
sha256 = "0nr3p9pms6jmr2s44vy2s22q1d3v6xns2kzsvkq2gg1rkx6c1hc9";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/stretchr/testify";
|
||||
goPackagePath = "github.com/prometheus/client_model";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/prometheus/client_model";
|
||||
rev = "14fe0d1b01d4";
|
||||
sha256 = "0zdmk6rbbx39cvfz0r59v2jg5sg9yd02b4pds5n5llgvivi99550";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/stretchr/objx";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/stretchr/objx";
|
||||
rev = "v0.1.0";
|
||||
sha256 = "19ynspzjdynbi85xw06mh8ad5j0qa1vryvxjgvbnyrr8rbm4vd8w";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/stretchr/testify";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/stretchr/testify";
|
||||
rev = "69483b4bd14f5845b5a1e55bca19e954e827f1d0";
|
||||
sha256 = "11lzrwkdzdd8yyag92akncc008h2f9d1bpc489mxiwp0jrmz4ivb";
|
||||
rev = "v1.5.1";
|
||||
sha256 = "09r89m1wy4cjv2nps1ykp00qjpi0531r07q3s34hr7m6njk4srkl";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/yhat/wsutil";
|
||||
goPackagePath = "github.com/yhat/wsutil";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/yhat/wsutil";
|
||||
rev = "1d66fa95c997864ba4d8479f56609620fe542928";
|
||||
rev = "1d66fa95c997";
|
||||
sha256 = "1agh4ss6y1laps8pg4mdl844ivmw2wrb7rnpfyag4gai4693i7bv";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "golang.org/x/crypto";
|
||||
goPackagePath = "github.com/yuin/gopher-lua";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/yuin/gopher-lua";
|
||||
rev = "ab39c6098bdb";
|
||||
sha256 = "13b0rrpv3988qw8rq6z7npajn1my059ybhafi5mxff9jw09k9sja";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "go.opencensus.io";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/census-instrumentation/opencensus-go";
|
||||
rev = "v0.21.0";
|
||||
sha256 = "14s0a12xdzjvad0dgksgv8m3hh7nc585abvjkvyk6r67a29lxj6x";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "golang.org/x/crypto";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://go.googlesource.com/crypto";
|
||||
rev = "9f005a07e0d31d45e6656d241bb5c0f2efd4bc94";
|
||||
sha256 = "1mhmr6ljzl3iafsz4qy8vval7rmr828wh59dlqqqjqx6sqmcs1dv";
|
||||
rev = "2aa609cf4a9d";
|
||||
sha256 = "1yvis6fqbsd7f356aqyi18f76vnwj3bry6mxqnkvshq4cwrf92il";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "golang.org/x/net";
|
||||
goPackagePath = "golang.org/x/exp";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://go.googlesource.com/exp";
|
||||
rev = "509febef88a4";
|
||||
sha256 = "02isrh39z8znrp5znplzy0dip2gnrl3jm1355raliyvhnhg04j6q";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "golang.org/x/lint";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://go.googlesource.com/lint";
|
||||
rev = "959b441ac422";
|
||||
sha256 = "1mgcv5f00pkzsbwnq2y7vqvd1b4lr5a3s47cphh2qv4indfk7pck";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "golang.org/x/net";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://go.googlesource.com/net";
|
||||
rev = "9dfe39835686865bff950a07b394c12a98ddc811";
|
||||
sha256 = "0z8mnl4mi88syafrgqys2ak2gg3yrbna25hpz88y3anl8x4jhg1a";
|
||||
rev = "0de0cce0169b";
|
||||
sha256 = "1db7s5kbzyh2zd5lpv05n7hp8wbwdvgk0wpiwrlnig94mkr0y5aq";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "golang.org/x/oauth2";
|
||||
goPackagePath = "golang.org/x/oauth2";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://go.googlesource.com/oauth2";
|
||||
rev = "9ff8ebcc8e241d46f52ecc5bff0e5a2f2dbef402";
|
||||
sha256 = "035v5w1nad6r1l22cj6f73zzr6qi4jgq71yjywf2c6rvsa5147r2";
|
||||
rev = "bf48bf16ab8d";
|
||||
sha256 = "1sirdib60zwmh93kf9qrx51r8544k1p9rs5mk0797wibz3m4mrdg";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "google.golang.org/api";
|
||||
goPackagePath = "golang.org/x/sync";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://go.googlesource.com/sync";
|
||||
rev = "112230192c58";
|
||||
sha256 = "05i2k43j2d0llq768hg5pf3hb2yhfzp9la1w5wp0rsnnzblr0lfn";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "golang.org/x/sys";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://go.googlesource.com/sys";
|
||||
rev = "bd437916bb0e";
|
||||
sha256 = "1i8x26frmlin55k69k936zd1rp5sqnq14y5ms4rkxbfzhasdm2rx";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "golang.org/x/text";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://go.googlesource.com/text";
|
||||
rev = "v0.3.2";
|
||||
sha256 = "0flv9idw0jm5nm8lx25xqanbkqgfiym6619w575p7nrdh0riqwqh";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "golang.org/x/time";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://go.googlesource.com/time";
|
||||
rev = "85acf8d2951c";
|
||||
sha256 = "0yqnxsrarjk4qkda8kcxzmk7y90kkkxzx9iwryzrk7bzs87ky3xc";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "golang.org/x/tools";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://go.googlesource.com/tools";
|
||||
rev = "2c0ae7006135";
|
||||
sha256 = "1lsi2ssxajclj3bciz2a41v1vjv768ja3v6wnbyhxy8xphwkp4fk";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "golang.org/x/xerrors";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://go.googlesource.com/xerrors";
|
||||
rev = "a985d3407aa7";
|
||||
sha256 = "00wzr5w8aadipgc3rkk8f11i41znskfj9ix5nhhaxyg7isrslgcj";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "google.golang.org/api";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://code.googlesource.com/google-api-go-client";
|
||||
rev = "8791354e7ab150705ede13637a18c1fcc16b62e8";
|
||||
sha256 = "0ps7y4m9787wvkqwrwqyb4nmmibhrihmg7xqh7sba2cyj397wngm";
|
||||
rev = "v0.19.0";
|
||||
sha256 = "0rbwijzl91xmbr9kqhiwx4fydm7r6ci6rxsi9jsy8zap9zy120f6";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "google.golang.org/appengine";
|
||||
goPackagePath = "google.golang.org/appengine";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/golang/appengine";
|
||||
rev = "150dc57a1b433e64154302bdc40b6bb8aefa313a";
|
||||
sha256 = "0w3knznv39k8bm85ri62f83czcrxknql7dv6p9hk1a5jx3xljgxq";
|
||||
rev = "v1.5.0";
|
||||
sha256 = "0l7mkdnwhidv8m686x432vmx8z5nqcrr9f46ddgvrxbh4wvyfcll";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "gopkg.in/fsnotify/fsnotify.v1";
|
||||
goPackagePath = "google.golang.org/genproto";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/fsnotify/fsnotify";
|
||||
rev = "836bfd95fecc0f1511dd66bdbf2b5b61ab8b00b6";
|
||||
sha256 = "0470dznkcbabncskgr8hfilpj5w24ygg455pyggbfbssmfv1m9gg";
|
||||
url = "https://github.com/google/go-genproto";
|
||||
rev = "24fa4b261c55";
|
||||
sha256 = "109zhaqlfd8zkbr1hk6zqbs6vcxfrk64scjwh2nswph05gr0m84d";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "gopkg.in/square/go-jose.v2";
|
||||
goPackagePath = "google.golang.org/grpc";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/square/go-jose";
|
||||
rev = "f8f38de21b4dcd69d0413faf231983f5fd6634b1";
|
||||
sha256 = "1bjrs3xq3m2ckfds0l4wqf81311ymm9agipmkllbvkadac156dsa";
|
||||
url = "https://github.com/grpc/grpc-go";
|
||||
rev = "v1.27.0";
|
||||
sha256 = "1ijrmgrxyabfn51nm3p9l81iaasq5fg237wnr6mdc4dzsfcg8kd7";
|
||||
};
|
||||
}
|
||||
]
|
||||
{
|
||||
goPackagePath = "gopkg.in/check.v1";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://gopkg.in/check.v1";
|
||||
rev = "20d25e280405";
|
||||
sha256 = "0k1m83ji9l1a7ng8a7v40psbymxasmssbrrhpdv2wl4rhs0nc3np";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "gopkg.in/fsnotify.v1";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://gopkg.in/fsnotify.v1";
|
||||
rev = "v1.4.7";
|
||||
sha256 = "07va9crci0ijlivbb7q57d2rz9h27zgn2fsm60spjsqpdbvyrx4g";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "gopkg.in/fsnotify/fsnotify.v1";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://gopkg.in/fsnotify/fsnotify.v1";
|
||||
rev = "v1.4.7";
|
||||
sha256 = "07va9crci0ijlivbb7q57d2rz9h27zgn2fsm60spjsqpdbvyrx4g";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "gopkg.in/natefinch/lumberjack.v2";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://gopkg.in/natefinch/lumberjack.v2";
|
||||
rev = "v2.0.0";
|
||||
sha256 = "1m2sxypk7p805jvc68padvylyx5v7cwkh5klnnxxr0340kgspf08";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "gopkg.in/square/go-jose.v2";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://gopkg.in/square/go-jose.v2";
|
||||
rev = "v2.4.1";
|
||||
sha256 = "1y0angxwryishwd1z0q7fp2xwjjhpw70kqh4ml4ly40akfhf1f5a";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "gopkg.in/tomb.v1";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://gopkg.in/tomb.v1";
|
||||
rev = "dd632973f1e7";
|
||||
sha256 = "1lqmq1ag7s4b3gc3ddvr792c5xb5k6sfn0cchr3i2s7f1c231zjv";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "gopkg.in/yaml.v2";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://gopkg.in/yaml.v2";
|
||||
rev = "v2.2.4";
|
||||
sha256 = "11bwj757wi8kdrcnlgfqb8vv2d2xdhlghmyagd19i62khrkchsg2";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "honnef.co/go/tools";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/dominikh/go-tools";
|
||||
rev = "ea95bdfd59fc";
|
||||
sha256 = "1763nw7pwpzkvzfnm63dgzcgbq9hwmq5l1nffchnhh77vgkaq4ic";
|
||||
};
|
||||
}
|
||||
]
|
||||
|
|
|
@ -6,7 +6,7 @@
|
|||
, fetchpatch
|
||||
|
||||
, writeText
|
||||
|
||||
, nixosTests
|
||||
, useOperatingSystemEtc ? true
|
||||
|
||||
}:
|
||||
|
@ -179,6 +179,7 @@ let
|
|||
|
||||
passthru = {
|
||||
shellPath = "/bin/fish";
|
||||
tests.nixos = nixosTests.fish;
|
||||
};
|
||||
};
|
||||
|
||||
|
|
|
@ -1,12 +1,12 @@
|
|||
{ stdenv, lib, fetchurl, fetchpatch, readline }:
|
||||
{ stdenv, lib, fetchurl, readline }:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "oil";
|
||||
version = "0.7.0";
|
||||
version = "0.8.pre4";
|
||||
|
||||
src = fetchurl {
|
||||
url = "https://www.oilshell.org/download/oil-${version}.tar.xz";
|
||||
sha256 = "12c9s462879adb6mwd3fqafk0dnqsm16s18rhym6cmzfzy8v8zm3";
|
||||
sha256 = "07kj86hrvlz9f1gh3qv4hdaz3qnb4a2qf0dnxhd2r0qilrkjanxh";
|
||||
};
|
||||
|
||||
postPatch = ''
|
||||
|
|
|
@ -24,6 +24,11 @@ stdenv.mkDerivation rec {
|
|||
substituteInPlace makefile.machine \
|
||||
--replace 'CC=gcc' 'CC=${stdenv.cc.targetPrefix}gcc' \
|
||||
--replace 'CXX=g++' 'CXX=${stdenv.cc.targetPrefix}g++'
|
||||
'' + ''
|
||||
# Remove non-free RAR source code
|
||||
# (see DOC/License.txt, https://fedoraproject.org/wiki/Licensing:Unrar)
|
||||
rm -r CPP/7zip/Compress/Rar*
|
||||
find . -name makefile'*' -exec sed -i '/Rar/d' {} +
|
||||
'';
|
||||
|
||||
preConfigure = ''
|
||||
|
@ -42,9 +47,9 @@ stdenv.mkDerivation rec {
|
|||
meta = {
|
||||
homepage = "http://p7zip.sourceforge.net/";
|
||||
description = "A port of the 7-zip archiver";
|
||||
# license = stdenv.lib.licenses.lgpl21Plus; + "unRAR restriction"
|
||||
platforms = stdenv.lib.platforms.unix;
|
||||
maintainers = [ stdenv.lib.maintainers.raskin ];
|
||||
# RAR code is under non-free UnRAR license, but we remove it
|
||||
license = stdenv.lib.licenses.lgpl2Plus;
|
||||
};
|
||||
}
|
||||
|
|
23
pkgs/tools/graphics/spirv-cross/default.nix
Normal file
23
pkgs/tools/graphics/spirv-cross/default.nix
Normal file
|
@ -0,0 +1,23 @@
|
|||
{ stdenv, fetchFromGitHub, cmake, python3 }:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "spirv-cross";
|
||||
version = "2020-04-03";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "KhronosGroup";
|
||||
repo = "SPIRV-Cross";
|
||||
rev = version;
|
||||
sha256 = "0489s29kqgq20clxqg22y299yxz23p0yjh87yhka705hm9skx4sa";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ cmake python3 ];
|
||||
|
||||
meta = with stdenv.lib; {
|
||||
description = "A tool designed for parsing and converting SPIR-V to other shader languages";
|
||||
homepage = "https://github.com/KhronosGroup/SPIRV-Cross";
|
||||
platforms = platforms.linux;
|
||||
license = licenses.asl20;
|
||||
maintainers = with maintainers; [ Flakebi ];
|
||||
};
|
||||
}
|
|
@ -1,4 +1,4 @@
|
|||
{ stdenv, fetchFromGitHub, nodejs, which, python27, utillinux }:
|
||||
{ stdenv, fetchFromGitHub, nodejs, which, python27, utillinux, nixosTests }:
|
||||
|
||||
let version = "20.6"; in
|
||||
stdenv.mkDerivation {
|
||||
|
@ -29,6 +29,8 @@ stdenv.mkDerivation {
|
|||
cp -R contrib tools node_build node_modules $out/share/cjdns/
|
||||
'';
|
||||
|
||||
passthru.tests.basic = nixosTests.cjdns;
|
||||
|
||||
meta = with stdenv.lib; {
|
||||
homepage = "https://github.com/cjdelisle/cjdns";
|
||||
description = "Encrypted networking for regular people";
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
{ lib, buildGoModule, fetchFromGitHub }:
|
||||
{ lib, buildGoModule, fetchFromGitHub, nixosTests }:
|
||||
|
||||
buildGoModule rec {
|
||||
pname = "yggdrasil";
|
||||
|
@ -27,6 +27,8 @@ buildGoModule rec {
|
|||
-s -w
|
||||
'';
|
||||
|
||||
passthru.tests.basic = nixosTests.yggdrasil;
|
||||
|
||||
meta = with lib; {
|
||||
description =
|
||||
"An experiment in scalable routing as an encrypted IPv6 overlay network";
|
||||
|
|
|
@ -2,7 +2,7 @@
|
|||
|
||||
rustPlatform.buildRustPackage rec {
|
||||
pname = "tre";
|
||||
version = "0.2.2";
|
||||
version = "0.2.3";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "dduan";
|
||||
|
@ -11,7 +11,7 @@ rustPlatform.buildRustPackage rec {
|
|||
sha256 = "1fazw2wn738iknbv54gv7qll7d4q2gy9bq1s3f3cv21cdv6bqral";
|
||||
};
|
||||
|
||||
cargoSha256 = "1m3ccp5ncafkifg8sxyxczsg3ja1gvq8wmgni68bgzm2lwxh2qgw";
|
||||
cargoSha256 = "16bvnwgjf3kj99d77j1pkldbasxfwy55sj9sv9vf2z6llfmzfabd";
|
||||
|
||||
meta = with stdenv.lib; {
|
||||
description = "Tree command, improved";
|
||||
|
|
|
@ -13,11 +13,11 @@ in
|
|||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "sile";
|
||||
version = "0.10.3";
|
||||
version = "0.10.4";
|
||||
|
||||
src = fetchurl {
|
||||
url = "https://github.com/sile-typesetter/sile/releases/download/v${version}/${pname}-${version}.tar.bz2";
|
||||
sha256 = "d89d5ce7d2bf46fb062e5299ffd8b5d821dc3cb3462a0e7c1109edeee111d856";
|
||||
sha256 = "08j2vv6spnzz8bsh62wbdv1pjiziiba71cadscsy5hw6pklzndni";
|
||||
};
|
||||
|
||||
configureFlags = [ "--with-system-luarocks" ];
|
||||
|
|
|
@ -2,12 +2,12 @@
|
|||
|
||||
buildGoPackage rec {
|
||||
pname = "cri-tools";
|
||||
version = "1.17.0";
|
||||
version = "1.18.0";
|
||||
src = fetchFromGitHub {
|
||||
owner = "kubernetes-sigs";
|
||||
repo = pname;
|
||||
rev = "v${version}";
|
||||
sha256 = "0h9gry56graif761lmcy91q9fzwvmwb15wcx8245927yfg5j0zgh";
|
||||
sha256 = "06sxjhjpd893fn945c1s4adri2bf7s50ddvcw5pnwb6qndzfljw6";
|
||||
};
|
||||
|
||||
goPackagePath = "github.com/kubernetes-sigs/cri-tools";
|
||||
|
|
|
@ -216,7 +216,6 @@ mapAliases ({
|
|||
keymon = throw "keymon has been removed from nixpkgs, as it's abandoned and archived."; # 2019-12-10
|
||||
kvm = qemu_kvm; # added 2018-04-25
|
||||
latinmodern-math = lmmath;
|
||||
ldc2 = ldc; # added 2020-04-18
|
||||
letsencrypt = certbot; # added 2016-05-16
|
||||
libaudit = audit; # added 2018-04-25
|
||||
libcanberra_gtk2 = libcanberra-gtk2; # added 2018-02-25
|
||||
|
|
|
@ -3991,6 +3991,8 @@ in
|
|||
|
||||
httplab = callPackage ../tools/networking/httplab { };
|
||||
|
||||
lucky-cli = callPackage ../development/web/lucky-cli { };
|
||||
|
||||
partclone = callPackage ../tools/backup/partclone { };
|
||||
|
||||
partimage = callPackage ../tools/backup/partimage { };
|
||||
|
@ -6532,6 +6534,8 @@ in
|
|||
|
||||
shocco = callPackage ../tools/text/shocco { };
|
||||
|
||||
shopify-themekit = callPackage ../development/web/shopify-themekit { };
|
||||
|
||||
shorewall = callPackage ../tools/networking/shorewall { };
|
||||
|
||||
shotwell = callPackage ../applications/graphics/shotwell { };
|
||||
|
@ -8114,9 +8118,7 @@ in
|
|||
crystal
|
||||
crystal2nix;
|
||||
|
||||
icr = callPackage ../development/tools/icr {
|
||||
openssl = openssl_1_0_2;
|
||||
};
|
||||
icr = callPackage ../development/tools/icr { };
|
||||
|
||||
scry = callPackage ../development/tools/scry {};
|
||||
|
||||
|
@ -12222,6 +12224,16 @@ in
|
|||
} // (stdenv.lib.optionalAttrs (stdenv.hostPlatform.isi686 && stdenv.cc.isGNU) {
|
||||
stdenv = gcc6Stdenv; # with gcc-7: undefined reference to `__divmoddi4'
|
||||
}));
|
||||
icu65 = callPackage ../development/libraries/icu/65.nix ({
|
||||
nativeBuildRoot = buildPackages.icu65.override { buildRootOnly = true; };
|
||||
} // (stdenv.lib.optionalAttrs (stdenv.hostPlatform.isi686 && stdenv.cc.isGNU) {
|
||||
stdenv = gcc6Stdenv; # with gcc-7: undefined reference to `__divmoddi4'
|
||||
}));
|
||||
icu66 = callPackage ../development/libraries/icu/66.nix ({
|
||||
nativeBuildRoot = buildPackages.icu66.override { buildRootOnly = true; };
|
||||
} // (stdenv.lib.optionalAttrs (stdenv.hostPlatform.isi686 && stdenv.cc.isGNU) {
|
||||
stdenv = gcc6Stdenv; # with gcc-7: undefined reference to `__divmoddi4'
|
||||
}));
|
||||
|
||||
icu = icu64;
|
||||
|
||||
|
@ -14547,6 +14559,8 @@ in
|
|||
|
||||
spice-up = callPackage ../applications/office/spice-up { };
|
||||
|
||||
spirv-cross = callPackage ../tools/graphics/spirv-cross { };
|
||||
|
||||
sratom = callPackage ../development/libraries/audio/sratom { };
|
||||
|
||||
srm = callPackage ../tools/security/srm { };
|
||||
|
|
|
@ -560,6 +560,8 @@ in {
|
|||
|
||||
catalogue = callPackage ../development/python-modules/catalogue { };
|
||||
|
||||
cbeams = callPackage ../misc/cbeams { };
|
||||
|
||||
cdecimal = callPackage ../development/python-modules/cdecimal { };
|
||||
|
||||
cfn-flip = callPackage ../development/python-modules/cfn-flip { };
|
||||
|
@ -1063,6 +1065,8 @@ in {
|
|||
|
||||
proglog = callPackage ../development/python-modules/proglog { };
|
||||
|
||||
pulsectl = callPackage ../development/python-modules/pulsectl { };
|
||||
|
||||
pure-python-adb-homeassistant = callPackage ../development/python-modules/pure-python-adb-homeassistant { };
|
||||
|
||||
purl = callPackage ../development/python-modules/purl { };
|
||||
|
@ -1463,6 +1467,8 @@ in {
|
|||
|
||||
shellingham = callPackage ../development/python-modules/shellingham {};
|
||||
|
||||
simpleaudio = callPackage ../development/python-modules/simpleaudio { };
|
||||
|
||||
simpleeval = callPackage ../development/python-modules/simpleeval { };
|
||||
|
||||
simple-salesforce = callPackage ../development/python-modules/simple-salesforce { };
|
||||
|
@ -3266,6 +3272,8 @@ in {
|
|||
|
||||
peewee = callPackage ../development/python-modules/peewee { };
|
||||
|
||||
pyroma = callPackage ../development/python-modules/pyroma { };
|
||||
|
||||
pyroute2 = callPackage ../development/python-modules/pyroute2 { };
|
||||
|
||||
pyspf = callPackage ../development/python-modules/pyspf { };
|
||||
|
|
Loading…
Reference in a new issue