diff options
author | github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> | 2022-12-17 00:02:17 +0000 |
---|---|---|
committer | GitHub <noreply@github.com> | 2022-12-17 00:02:17 +0000 |
commit | 30b97b0e835b1ac4404fa0ef28df0b199f5d9b93 (patch) | |
tree | 4948199785b22f3298bca157b66d8c65d87a35af | |
parent | 5bfe30aafaae2024e63bb2b047084a11c2fcd9af (diff) | |
parent | d154d50e2c1cd54a0097e57fcb7a9aecfc3cbf96 (diff) |
Merge master into staging-next
37 files changed, 465 insertions, 92 deletions
diff --git a/nixos/doc/manual/from_md/release-notes/rl-2305.section.xml b/nixos/doc/manual/from_md/release-notes/rl-2305.section.xml index 27c09f6629e76..aded38b4f723a 100644 --- a/nixos/doc/manual/from_md/release-notes/rl-2305.section.xml +++ b/nixos/doc/manual/from_md/release-notes/rl-2305.section.xml @@ -39,6 +39,13 @@ </listitem> <listitem> <para> + <link xlink:href="https://github.com/ellie/atuin">atuin</link>, + a sync server for shell history. Available as + <link linkend="opt-services.atuin.enable">services.atuin</link>. + </para> + </listitem> + <listitem> + <para> <link xlink:href="https://v2raya.org">v2rayA</link>, a Linux web GUI client of Project V which supports V2Ray, Xray, SS, SSR, Trojan and Pingtunnel. Available as @@ -63,6 +70,14 @@ </listitem> <listitem> <para> + <literal>borgbackup</literal> module now has an option for + inhibiting system sleep while backups are running, defaulting + to off (not inhibiting sleep), available as + <link linkend="opt-services.borgbackup.jobs._name_.inhibitsSleep"><literal>services.borgbackup.jobs.<name>.inhibitsSleep</literal></link>. + </para> + </listitem> + <listitem> + <para> The EC2 image module no longer fetches instance metadata in stage-1. This results in a significantly smaller initramfs, since network drivers no longer need to be included, and @@ -240,6 +255,13 @@ </listitem> <listitem> <para> + The new option <literal>users.motdFile</literal> allows + configuring a Message Of The Day that can be updated + dynamically. + </para> + </listitem> + <listitem> + <para> Resilio sync secret keys can now be provided using a secrets file at runtime, preventing these secrets from ending up in the Nix store. diff --git a/nixos/doc/manual/release-notes/rl-2305.section.md b/nixos/doc/manual/release-notes/rl-2305.section.md index c9dfd0582c283..7aff655f44190 100644 --- a/nixos/doc/manual/release-notes/rl-2305.section.md +++ b/nixos/doc/manual/release-notes/rl-2305.section.md @@ -18,6 +18,8 @@ In addition to numerous new and upgraded packages, this release has the followin - [fzf](https://github.com/junegunn/fzf), a command line fuzzyfinder. Available as [programs.fzf](#opt-programs.fzf.fuzzyCompletion). +- [atuin](https://github.com/ellie/atuin), a sync server for shell history. Available as [services.atuin](#opt-services.atuin.enable). + - [v2rayA](https://v2raya.org), a Linux web GUI client of Project V which supports V2Ray, Xray, SS, SSR, Trojan and Pingtunnel. Available as [services.v2raya](options.html#opt-services.v2raya.enable). ## Backward Incompatibilities {#sec-release-23.05-incompatibilities} @@ -26,6 +28,8 @@ In addition to numerous new and upgraded packages, this release has the followin - `carnix` and `cratesIO` has been removed due to being unmaintained, use alternatives such as [naersk](https://github.com/nix-community/naersk) and [crate2nix](https://github.com/kolloch/crate2nix) instead. +- `borgbackup` module now has an option for inhibiting system sleep while backups are running, defaulting to off (not inhibiting sleep), available as [`services.borgbackup.jobs.<name>.inhibitsSleep`](#opt-services.borgbackup.jobs._name_.inhibitsSleep). + - The EC2 image module no longer fetches instance metadata in stage-1. This results in a significantly smaller initramfs, since network drivers no longer need to be included, and faster boots, since metadata fetching can happen in parallel with startup of other services. This breaks services which rely on metadata being present by the time stage-2 is entered. Anything which reads EC2 metadata from `/etc/ec2-metadata` should now have an `after` dependency on `fetch-ec2-metadata.service` @@ -70,6 +74,8 @@ In addition to numerous new and upgraded packages, this release has the followin - A new `virtualisation.rosetta` module was added to allow running `x86_64` binaries through [Rosetta](https://developer.apple.com/documentation/apple-silicon/about-the-rosetta-translation-environment) inside virtualised NixOS guests on Apple silicon. This feature works by default with the [UTM](https://docs.getutm.app/) virtualisation [package](https://search.nixos.org/packages?channel=unstable&show=utm&from=0&size=1&sort=relevance&type=packages&query=utm). +- The new option `users.motdFile` allows configuring a Message Of The Day that can be updated dynamically. + - Resilio sync secret keys can now be provided using a secrets file at runtime, preventing these secrets from ending up in the Nix store. - The `services.fwupd` module now allows arbitrary daemon settings to be configured in a structured manner ([`services.fwupd.daemonSettings`](#opt-services.fwupd.daemonSettings)). diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix index 2500fe2a71f51..a621432327776 100644 --- a/nixos/modules/module-list.nix +++ b/nixos/modules/module-list.nix @@ -559,6 +559,7 @@ ./services/misc/airsonic.nix ./services/misc/ankisyncd.nix ./services/misc/apache-kafka.nix + ./services/misc/atuin.nix ./services/misc/autofs.nix ./services/misc/autorandr.nix ./services/misc/bazarr.nix diff --git a/nixos/modules/programs/streamdeck-ui.nix b/nixos/modules/programs/streamdeck-ui.nix index e933b899c55ec..113d1d49e151a 100644 --- a/nixos/modules/programs/streamdeck-ui.nix +++ b/nixos/modules/programs/streamdeck-ui.nix @@ -4,7 +4,8 @@ with lib; let cfg = config.programs.streamdeck-ui; -in { +in +{ options.programs.streamdeck-ui = { enable = mkEnableOption (lib.mdDoc "streamdeck-ui"); @@ -13,15 +14,20 @@ in { type = types.bool; description = lib.mdDoc "Whether streamdeck-ui should be started automatically."; }; + + package = mkPackageOption pkgs "streamdeck-ui" { + default = [ "streamdeck-ui" ]; + }; + }; config = mkIf cfg.enable { environment.systemPackages = with pkgs; [ - streamdeck-ui - (mkIf cfg.autoStart (makeAutostartItem { name = "streamdeck-ui"; package = streamdeck-ui; })) + cfg.package + (mkIf cfg.autoStart (makeAutostartItem { name = "streamdeck-ui"; package = cfg.package; })) ]; - services.udev.packages = with pkgs; [ streamdeck-ui ]; + services.udev.packages = [ cfg.package ]; }; meta.maintainers = with maintainers; [ majiir ]; diff --git a/nixos/modules/security/pam.nix b/nixos/modules/security/pam.nix index 21e1749d85032..08b51788e0828 100644 --- a/nixos/modules/security/pam.nix +++ b/nixos/modules/security/pam.nix @@ -694,7 +694,7 @@ let optionalString (cfg.limits != []) '' session required ${pkgs.pam}/lib/security/pam_limits.so conf=${makeLimitsConf cfg.limits} '' + - optionalString (cfg.showMotd && config.users.motd != null) '' + optionalString (cfg.showMotd && (config.users.motd != null || config.users.motdFile != null)) '' session optional ${pkgs.pam}/lib/security/pam_motd.so motd=${motd} '' + optionalString (cfg.enableAppArmor && config.security.apparmor.enable) '' @@ -775,7 +775,9 @@ let }; })); - motd = pkgs.writeText "motd" config.users.motd; + motd = if isNull config.users.motdFile + then pkgs.writeText "motd" config.users.motd + else config.users.motdFile; makePAMService = name: service: { name = "pam.d/${name}"; @@ -1199,12 +1201,26 @@ in description = lib.mdDoc "Message of the day shown to users when they log in."; }; + users.motdFile = mkOption { + default = null; + example = "/etc/motd"; + type = types.nullOr types.path; + description = lib.mdDoc "A file containing the message of the day shown to users when they log in."; + }; }; ###### implementation config = { + assertions = [ + { + assertion = isNull config.users.motd || isNull config.users.motdFile; + message = '' + Only one of users.motd and users.motdFile can be set. + ''; + } + ]; environment.systemPackages = # Include the PAM modules in the system path mostly for the manpages. diff --git a/nixos/modules/services/backup/borgbackup.nix b/nixos/modules/services/backup/borgbackup.nix index ea1d393c7b026..0ae3d4180ae75 100644 --- a/nixos/modules/services/backup/borgbackup.nix +++ b/nixos/modules/services/backup/borgbackup.nix @@ -19,7 +19,8 @@ let concatStringsSep " " (mapAttrsToList (x: y: "--keep-${x}=${toString y}") cfg.prune.keep); - mkBackupScript = cfg: '' + mkBackupScript = name: cfg: pkgs.writeShellScript "${name}-script" ('' + set -e on_exit() { exitStatus=$? @@ -61,7 +62,7 @@ let ${optionalString (cfg.prune.prefix != null) "--glob-archives ${escapeShellArg "${cfg.prune.prefix}*"}"} \ $extraPruneArgs ${cfg.postPrune} - ''; + ''); mkPassEnv = cfg: with cfg.encryption; if passCommand != null then @@ -73,12 +74,19 @@ let mkBackupService = name: cfg: let userHome = config.users.users.${cfg.user}.home; - in nameValuePair "borgbackup-job-${name}" { + backupJobName = "borgbackup-job-${name}"; + backupScript = mkBackupScript backupJobName cfg; + in nameValuePair backupJobName { description = "BorgBackup job ${name}"; path = with pkgs; [ borgbackup openssh ]; - script = mkBackupScript cfg; + script = "exec " + optionalString cfg.inhibitsSleep ''\ + ${pkgs.systemd}/bin/systemd-inhibit \ + --who="borgbackup" \ + --what="sleep" \ + --why="Scheduled backup" \ + '' + backupScript; serviceConfig = { User = cfg.user; Group = cfg.group; @@ -341,6 +349,15 @@ in { ''; }; + inhibitsSleep = mkOption { + default = false; + type = types.bool; + example = true; + description = lib.mdDoc '' + Prevents the system from sleeping while backing up. + ''; + }; + user = mkOption { type = types.str; description = lib.mdDoc '' diff --git a/nixos/modules/services/misc/atuin.nix b/nixos/modules/services/misc/atuin.nix new file mode 100644 index 0000000000000..c94852e3aad9c --- /dev/null +++ b/nixos/modules/services/misc/atuin.nix @@ -0,0 +1,85 @@ +{ config, pkgs, lib, ... }: + +with lib; + +let + cfg = config.services.atuin; +in +{ + options = { + services.atuin = { + enable = mkEnableOption (mdDoc "Enable server for shell history sync with atuin."); + + openRegistration = mkOption { + type = types.bool; + default = false; + description = mdDoc "Allow new user registrations with the atuin server."; + }; + + path = mkOption { + type = types.str; + default = ""; + description = mdDoc "A path to prepend to all the routes of the server."; + }; + + host = mkOption { + type = types.str; + default = "127.0.0.1"; + description = mdDoc "The host address the atuin server should listen on."; + }; + + port = mkOption { + type = types.port; + default = 8888; + description = mdDoc "The port the atuin server should listen on."; + }; + + openFirewall = mkOption { + type = types.bool; + default = false; + description = mdDoc "Open ports in the firewall for the atuin server."; + }; + + }; + }; + + config = mkIf cfg.enable { + + # enable postgres to host atuin db + services.postgresql = { + enable = true; + ensureUsers = [{ + name = "atuin"; + ensurePermissions = { + "DATABASE atuin" = "ALL PRIVILEGES"; + }; + }]; + ensureDatabases = [ "atuin" ]; + }; + + systemd.services.atuin = { + description = "atuin server"; + after = [ "network.target" "postgresql.service" ]; + wantedBy = [ "multi-user.target" ]; + + serviceConfig = { + ExecStart = "${pkgs.atuin}/bin/atuin server start"; + RuntimeDirectory = "atuin"; + RuntimeDirectoryMode = "0700"; + DynamicUser = true; + }; + + environment = { + ATUIN_HOST = cfg.host; + ATUIN_PORT = toString cfg.port; + ATUIN_OPEN_REGISTRATION = boolToString cfg.openRegistration; + ATUIN_DB_URI = "postgresql:///atuin"; + ATUIN_PATH = cfg.path; + ATUIN_CONFIG_DIR = "/run/atuin"; # required to start, but not used as configuration is via environment variables + }; + }; + + networking.firewall.allowedTCPPorts = mkIf cfg.openFirewall [ cfg.port ]; + + }; +} diff --git a/nixos/tests/all-tests.nix b/nixos/tests/all-tests.nix index 65ae8b6590612..7163d0c8dc608 100644 --- a/nixos/tests/all-tests.nix +++ b/nixos/tests/all-tests.nix @@ -80,6 +80,7 @@ in { apparmor = handleTest ./apparmor.nix {}; atd = handleTest ./atd.nix {}; atop = handleTest ./atop.nix {}; + atuin = handleTest ./atuin.nix {}; auth-mysql = handleTest ./auth-mysql.nix {}; avahi = handleTest ./avahi.nix {}; avahi-with-resolved = handleTest ./avahi.nix { networkd = true; }; diff --git a/nixos/tests/atuin.nix b/nixos/tests/atuin.nix new file mode 100644 index 0000000000000..85213d1e53eac --- /dev/null +++ b/nixos/tests/atuin.nix @@ -0,0 +1,65 @@ +import ./make-test-python.nix ({ pkgs, lib, ... }: + +let + testPort = 8888; + testUser = "testerman"; + testPass = "password"; + testEmail = "test.testerman@test.com"; +in +with lib; +{ + name = "atuin"; + meta.maintainers = with pkgs.lib.maintainers; [ devusb ]; + + nodes = { + server = + { ... }: + { + services.atuin = { + enable = true; + port = testPort; + host = "0.0.0.0"; + openFirewall = true; + openRegistration = true; + }; + }; + + client = + { ... }: + { }; + + }; + + testScript = with pkgs; '' + start_all() + + # wait for atuin server startup + server.wait_for_unit("atuin.service") + server.wait_for_open_port(${toString testPort}) + + # configure atuin client on server node + server.execute("mkdir -p ~/.config/atuin") + server.execute("echo 'sync_address = \"http://localhost:${toString testPort}\"' > ~/.config/atuin/config.toml") + + # register with atuin server on server node + server.succeed("${atuin}/bin/atuin register -u ${testUser} -p ${testPass} -e ${testEmail}") + _, key = server.execute("${atuin}/bin/atuin key") + + # store test record in atuin server and sync + server.succeed("ATUIN_SESSION=$(${atuin}/bin/atuin uuid) ${atuin}/bin/atuin history start 'shazbot'") + server.succeed("${atuin}/bin/atuin sync") + + # configure atuin client on client node + client.execute("mkdir -p ~/.config/atuin") + client.execute("echo 'sync_address = \"http://server:${toString testPort}\"' > ~/.config/atuin/config.toml") + + # log in to atuin server on client node + client.succeed(f"${atuin}/bin/atuin login -u ${testUser} -p ${testPass} -k {key}") + + # pull records from atuin server + client.succeed("${atuin}/bin/atuin sync -f") + + # check for test record + client.succeed("ATUIN_SESSION=$(${atuin}/bin/atuin uuid) ${atuin}/bin/atuin history list | grep shazbot") + ''; +}) diff --git a/nixos/tests/borgbackup.nix b/nixos/tests/borgbackup.nix index d3cd6c66bfebe..9afe4d537da44 100644 --- a/nixos/tests/borgbackup.nix +++ b/nixos/tests/borgbackup.nix @@ -99,6 +99,18 @@ in { environment.BORG_RSH = "ssh -oStrictHostKeyChecking=no -i /root/id_ed25519"; }; + sleepInhibited = { + inhibitsSleep = true; + # Blocks indefinitely while "backing up" so that we can try to suspend the local system while it's hung + dumpCommand = pkgs.writeScript "sleepInhibited" '' + cat /dev/zero + ''; + repo = remoteRepo; + encryption.mode = "none"; + startAt = [ ]; + environment.BORG_RSH = "ssh -oStrictHostKeyChecking=no -i /root/id_ed25519"; + }; + }; }; @@ -204,5 +216,13 @@ in { client.wait_for_unit("network.target") client.systemctl("start --wait borgbackup-job-commandFail") client.succeed("systemctl is-failed borgbackup-job-commandFail") + + with subtest("sleepInhibited"): + server.wait_for_unit("sshd.service") + client.wait_for_unit("network.target") + client.fail("systemd-inhibit --list | grep -q borgbackup") + client.systemctl("start borgbackup-job-sleepInhibited") + client.wait_until_succeeds("systemd-inhibit --list | grep -q borgbackup") + client.systemctl("stop borgbackup-job-sleepInhibited") ''; }) diff --git a/nixos/tests/prometheus-exporters.nix b/nixos/tests/prometheus-exporters.nix index fa8c59170bf5a..7264bd5a498aa 100644 --- a/nixos/tests/prometheus-exporters.nix +++ b/nixos/tests/prometheus-exporters.nix @@ -1244,10 +1244,8 @@ let exporterConfig.enable = true; exporterConfig.controllers = [{ }]; exporterTest = '' - wait_for_unit("prometheus-unpoller-exporter.service") - wait_for_open_port(9130) - succeed( - "curl -sSf localhost:9130/metrics | grep 'unpoller_build_info{.\\+} 1'" + wait_until_succeeds( + 'journalctl -eu prometheus-unpoller-exporter.service -o cat | grep "Connection Error"' ) ''; }; diff --git a/pkgs/applications/editors/vim/plugins/generated.nix b/pkgs/applications/editors/vim/plugins/generated.nix index b7e0d8e1c4ea2..d658323dafd56 100644 --- a/pkgs/applications/editors/vim/plugins/generated.nix +++ b/pkgs/applications/editors/vim/plugins/generated.nix @@ -3596,6 +3596,18 @@ final: prev: meta.homepage = "https://github.com/rktjmp/hotpot.nvim/"; }; + html5-vim = buildVimPluginFrom2Nix { + pname = "html5.vim"; + version = "2020-08-22"; + src = fetchFromGitHub { + owner = "othree"; + repo = "html5.vim"; + rev = "7c9f6f38ce4f9d35db7eeedb764035b6b63922c6"; + sha256 = "1hgbvdpmn3yffk5ahz7hz36a7f5zjc1k3pan5ybgncmdq9f4rzq6"; + }; + meta.homepage = "https://github.com/othree/html5.vim/"; + }; + hydra-nvim = buildVimPluginFrom2Nix { pname = "hydra.nvim"; version = "2022-11-20"; diff --git a/pkgs/applications/editors/vim/plugins/vim-plugin-names b/pkgs/applications/editors/vim/plugins/vim-plugin-names index 6ed73b5e9a8aa..dff2ab29a7f43 100644 --- a/pkgs/applications/editors/vim/plugins/vim-plugin-names +++ b/pkgs/applications/editors/vim/plugins/vim-plugin-names @@ -301,6 +301,7 @@ https://github.com/edluffy/hologram.nvim/,, https://github.com/urbit/hoon.vim/,, https://github.com/phaazon/hop.nvim/,, https://github.com/rktjmp/hotpot.nvim/,, +https://github.com/othree/html5.vim/,HEAD, https://github.com/anuvyklack/hydra.nvim/,HEAD, https://github.com/mboughaba/i3config.vim/,, https://github.com/cocopon/iceberg.vim/,, diff --git a/pkgs/applications/graphics/evilpixie/default.nix b/pkgs/applications/graphics/evilpixie/default.nix index be8e00b5154ac..88a381ed56997 100644 --- a/pkgs/applications/graphics/evilpixie/default.nix +++ b/pkgs/applications/graphics/evilpixie/default.nix @@ -1,52 +1,43 @@ -{ mkDerivation -, lib +{ lib +, stdenv , fetchFromGitHub -, makeDesktopItem -, qmake +, meson +, ninja +, pkg-config +, wrapQtAppsHook , qtbase , libpng , giflib +, libjpeg , impy }: -let - desktopItem = makeDesktopItem { - name = "EvilPixie"; - desktopName = "EvilPixie"; - exec = "evilpixie %F"; - icon = "evilpixie"; - genericName = "Image Editor"; - categories = [ "Graphics" "2DGraphics" "RasterGraphics" ]; - mimeTypes = [ "image/bmp" "image/gif" "image/jpeg" "image/jpg" "image/png" "image/x-pcx" "image/x-targa" "image/x-tga" ]; - }; - -in mkDerivation rec { +stdenv.mkDerivation rec { pname = "evilpixie"; - version = "0.2.1"; + version = "0.3"; src = fetchFromGitHub { owner = "bcampbell"; repo = "evilpixie"; rev = "v${version}"; - sha256 = "0dwgfr8kmkfppgf5wx9i5f7fjz3gxk0ji1l06x1z4r3vj52hdbph"; + sha256 = "sha256-t7ccaMXaCanCyn3oV8WJ11bhF7xTBkd992AheFJpSGQ="; }; nativeBuildInputs = [ - qmake + meson + ninja + pkg-config + wrapQtAppsHook ]; buildInputs = [ qtbase libpng giflib + libjpeg impy ]; - postInstall = '' - ln -s ${desktopItem}/share/applications $out/share - install -Dm 444 icon_128x128.png $out/share/icons/hicolor/128x128/apps/evilpixie.png - ''; - meta = with lib; { description = "Pixel-oriented paint program, modelled on Deluxe Paint"; homepage = "https://github.com/bcampbell/evilpixie"; # http://evilpixie.scumways.com/ is gone @@ -54,6 +45,11 @@ in mkDerivation rec { license = licenses.gpl3Only; maintainers = with maintainers; [ fgaz ]; platforms = platforms.all; + # Undefined symbols for architecture x86_64: + # "_bundle_path", referenced from: App::SetupPaths() in src_app.cpp.o + broken = stdenv.isDarwin || + # https://github.com/bcampbell/evilpixie/issues/28 + stdenv.isAarch64; }; } diff --git a/pkgs/applications/misc/bemenu/default.nix b/pkgs/applications/misc/bemenu/default.nix index 5b78e99932019..ced6a70a24689 100644 --- a/pkgs/applications/misc/bemenu/default.nix +++ b/pkgs/applications/misc/bemenu/default.nix @@ -11,13 +11,13 @@ assert x11Support -> xorg != null; stdenv.mkDerivation rec { pname = "bemenu"; - version = "0.6.13"; + version = "0.6.14"; src = fetchFromGitHub { owner = "Cloudef"; repo = pname; rev = version; - sha256 = "sha256-YGaAJOyVZBHEWQuZVfPIIbtuntv1klQk9GcWRN+oVF4="; + sha256 = "sha256-bMnnuT+LNNKphmvVcD1aaNZxasSGOEcAveC4stCieG8="; }; nativeBuildInputs = [ pkg-config pcre ]; diff --git a/pkgs/applications/networking/gns3/gui.nix b/pkgs/applications/networking/gns3/gui.nix index 756cbd7c8b978..e0c45e8eede32 100644 --- a/pkgs/applications/networking/gns3/gui.nix +++ b/pkgs/applications/networking/gns3/gui.nix @@ -46,7 +46,8 @@ python3.pkgs.buildPythonPackage rec { postPatch = '' substituteInPlace requirements.txt \ --replace "psutil==" "psutil>=" \ - --replace "jsonschema>=4.17.0,<4.18" "jsonschema" + --replace "jsonschema>=4.17.0,<4.18" "jsonschema" \ + --replace "sentry-sdk==1.10.1,<1.11" "sentry-sdk" ''; meta = with lib; { diff --git a/pkgs/applications/networking/gns3/server.nix b/pkgs/applications/networking/gns3/server.nix index 5eee199d69155..5bc6e9be80c2e 100644 --- a/pkgs/applications/networking/gns3/server.nix +++ b/pkgs/applications/networking/gns3/server.nix @@ -24,7 +24,8 @@ python3.pkgs.buildPythonApplication { postPatch = '' substituteInPlace requirements.txt \ --replace "psutil==" "psutil>=" \ - --replace "jsonschema>=4.17.0,<4.18" "jsonschema" + --replace "jsonschema>=4.17.0,<4.18" "jsonschema" \ + --replace "sentry-sdk==1.10.1,<1.11" "sentry-sdk" ''; propagatedBuildInputs = with python3.pkgs; [ diff --git a/pkgs/applications/version-management/git-and-tools/git-delete-merged-branches/default.nix b/pkgs/applications/version-management/git-and-tools/git-delete-merged-branches/default.nix index e24003c858911..7d3d1b6b2c692 100644 --- a/pkgs/applications/version-management/git-and-tools/git-delete-merged-branches/default.nix +++ b/pkgs/applications/version-management/git-and-tools/git-delete-merged-branches/default.nix @@ -2,13 +2,13 @@ python3Packages.buildPythonApplication rec { pname = "git-delete-merged-branches"; - version = "7.2.2"; + version = "7.3.1"; src = fetchFromGitHub { owner = "hartwork"; repo = pname; rev = "refs/tags/${version}"; - sha256 = "sha256-Q83s0kkrArRndxQa+V+eZw+iaJje7VR+aPScB33l1W0="; + sha256 = "sha256-9Y4n8OWZMwGoCunqwWtkDeDvRcJ4aepw1vgMXFHkhx0="; }; propagatedBuildInputs = with python3Packages; [ diff --git a/pkgs/applications/virtualization/docker/compose.nix b/pkgs/applications/virtualization/docker/compose.nix index 47ab9f6951fce..e3a9ddbbf102b 100644 --- a/pkgs/applications/virtualization/docker/compose.nix +++ b/pkgs/applications/virtualization/docker/compose.nix @@ -2,13 +2,13 @@ buildGoModule rec { pname = "docker-compose"; - version = "2.14.0"; + version = "2.14.1"; src = fetchFromGitHub { owner = "docker"; repo = "compose"; rev = "v${version}"; - sha256 = "sha256-6dTVDAFq5CwLvTzOczyaM+ZILKjKZzR2SAaRq2hqk7M="; + sha256 = "sha256-FxioqEPVHI6PlKfcQlKbPVj6LGyUsXabCpJh+zY3gco="; }; postPatch = '' @@ -16,7 +16,7 @@ buildGoModule rec { rm -rf e2e/ ''; - vendorSha256 = "sha256-B6xqMsspWexTdYX+o2BJNlXuJFL7/rv8oexFUxOO8BI="; + vendorSha256 = "sha256-sWEtpwtr2/2qNWyHZdiZRYdw/LTwmIQKM9nCaHxL7ns="; ldflags = [ "-X github.com/docker/compose/v2/internal.Version=${version}" "-s" "-w" ]; diff --git a/pkgs/development/guile-modules/guile-gcrypt/default.nix b/pkgs/development/guile-modules/guile-gcrypt/default.nix index 7c7e11e3d2b1d..6b1af4048a7c1 100644 --- a/pkgs/development/guile-modules/guile-gcrypt/default.nix +++ b/pkgs/development/guile-modules/guile-gcrypt/default.nix @@ -10,14 +10,14 @@ stdenv.mkDerivation rec { pname = "guile-gcrypt"; - version = "0.3.0"; + version = "0.4.0"; src = fetchFromGitea { domain = "notabug.org"; owner = "cwebber"; repo = "guile-gcrypt"; rev = "v${version}"; - sha256 = "sha256-lAaiKBOdTFWEWsmwKgx0C67ACvtnEKUxti66dslzSVQ="; + hash = "sha256-vbm31EsOJiMeTs2tu5KPXckxPcAQbi3/PGJ5EHCC5VQ="; }; nativeBuildInputs = [ diff --git a/pkgs/development/interpreters/python/cpython/2.7/default.nix b/pkgs/development/interpreters/python/cpython/2.7/default.nix index 31798a719ec42..15626fe28cd7c 100644 --- a/pkgs/development/interpreters/python/cpython/2.7/default.nix +++ b/pkgs/development/interpreters/python/cpython/2.7/default.nix @@ -35,6 +35,7 @@ , stripConfig ? false , stripIdlelib ? false , stripTests ? false +, stripLibs ? [ ] , pythonAttr ? "python${sourceVersion.major}${sourceVersion.minor}" }: @@ -325,14 +326,22 @@ in with passthru; stdenv.mkDerivation ({ '' + optionalString strip2to3 '' rm -R $out/bin/2to3 $out/lib/python*/lib2to3 '' + optionalString stripConfig '' - rm -R $out/bin/python*-config $out/lib/python*/config-* + rm -R $out/bin/python*-config $out/lib/python*/config* '' + optionalString stripIdlelib '' # Strip IDLE rm -R $out/bin/idle* $out/lib/python*/idlelib '' + optionalString stripTests '' # Strip tests rm -R $out/lib/python*/test $out/lib/python*/**/test{,s} - ''; + '' + (concatStringsSep "\n" + (map + (lib: + '' + rm -vR $out/lib/python*/${lib} + # libraries in dynload (C libraries) may not exist, + # but when they exist they may be prefixed with _ + rm -vfR $out/lib/python*/lib-dynload/{,_}${lib} + '') stripLibs)); enableParallelBuilding = true; diff --git a/pkgs/development/libraries/impy/default.nix b/pkgs/development/libraries/impy/default.nix index 1f5d9070dd37a..6d148dd146391 100644 --- a/pkgs/development/libraries/impy/default.nix +++ b/pkgs/development/libraries/impy/default.nix @@ -1,27 +1,28 @@ { lib, stdenv , fetchFromGitHub -, cmake +, meson +, ninja , pkg-config , libpng , zlib , giflib , libjpeg -, SDL2 }: stdenv.mkDerivation rec { pname = "impy"; - version = "0.1"; + version = "0.2"; src = fetchFromGitHub { owner = "bcampbell"; repo = "impy"; rev = "v${version}"; - sha256 = "1h45xjms56radhknspyx17a12dpnm7xgqm1x1chy42aw5ic8b5qf"; + sha256 = "sha256-0bHm3jawYgcIeF2COALWlypX7kvPw1hifB/W+TKcC4M="; }; nativeBuildInputs = [ - cmake + meson + ninja pkg-config ]; @@ -30,7 +31,6 @@ stdenv.mkDerivation rec { zlib giflib libjpeg - SDL2 ]; meta = with lib; { diff --git a/pkgs/development/libraries/spice-gtk/default.nix b/pkgs/development/libraries/spice-gtk/default.nix index cb5065144c37d..4ea33774cf2d7 100644 --- a/pkgs/development/libraries/spice-gtk/default.nix +++ b/pkgs/development/libraries/spice-gtk/default.nix @@ -23,6 +23,7 @@ , libusb1 , lz4 , meson +, mesonEmulatorHook , ninja , openssl , perl @@ -36,6 +37,7 @@ , usbredir , vala , wayland-protocols +, wayland-scanner , zlib , withPolkit ? stdenv.isLinux }: @@ -82,6 +84,10 @@ stdenv.mkDerivation rec { "# meson.add_install_script('../build-aux/setcap-or-suid'," ''; + depsBuildBuild = [ + pkg-config + ]; + nativeBuildInputs = [ docbook_xsl gettext @@ -94,7 +100,10 @@ stdenv.mkDerivation rec { python3 python3.pkgs.pyparsing python3.pkgs.six + wayland-scanner vala + ] ++ lib.optionals (stdenv.buildPlatform != stdenv.hostPlatform) [ + mesonEmulatorHook ]; propagatedBuildInputs = [ @@ -118,6 +127,7 @@ stdenv.mkDerivation rec { pixman spice-protocol usbredir + vala zlib ] ++ lib.optionals withPolkit [ polkit diff --git a/pkgs/development/misc/resholve/default.nix b/pkgs/development/misc/resholve/default.nix index df0573fd884f7..c87f496792a4f 100644 --- a/pkgs/development/misc/resholve/default.nix +++ b/pkgs/development/misc/resholve/default.nix @@ -29,6 +29,60 @@ let stripConfig = true; stripIdlelib = true; stripTests = true; + stripLibs = [ + # directories + "bsddb*" + "curses" + "compiler" + "ensurepip" + "hotshot" + "lib-tk" + "sqlite3" + # files + "aifc*" + "antigravity*" + "async*" + "*audio*" + "BaseHTTPServer*" + "Bastion*" + "binhex*" + "bdb*" + "CGIHTTPServer*" + "cgitb*" + "chunk*" + "colorsys*" + "dbhash*" + "dircache*" + "*dbm*" + "ftplib*" + "*hdr*" + "imaplib*" + "imputil*" + "MimeWriter*" + "mailbox*" + "mhlib*" + "mimify*" + "multifile*" + "netrc*" + "nntplib*" + "os2emxpath*" + "pyclbr*" + "pydoc*" + "SimpleHTTPServer*" + "sgmllib*" + "smtp*" + "ssl*" + "sun*" + "tabnanny*" + "telnetlib*" + "this*" + "wave*" + "webbrowser*" + "whichdb*" + "wsgiref*" + "xdrlib*" + "*XMLRPC*" + ]; enableOptimizations = false; }; callPackage = lib.callPackageWith (pkgs // { python27 = python27'; }); diff --git a/pkgs/development/python-modules/selenium/default.nix b/pkgs/development/python-modules/selenium/default.nix index c6f42a38e0f1a..0cdbfdfec4b12 100644 --- a/pkgs/development/python-modules/selenium/default.nix +++ b/pkgs/development/python-modules/selenium/default.nix @@ -13,7 +13,7 @@ buildPythonPackage rec { pname = "selenium"; - version = "4.6.0"; + version = "4.7.0"; format = "setuptools"; disabled = pythonOlder "3.7"; @@ -23,7 +23,7 @@ buildPythonPackage rec { repo = "selenium"; # check if there is a newer tag with or without -python suffix rev = "refs/tags/selenium-${version}"; - hash = "sha256-xgGGtJo+DZIwPa0H6dsT0VClRTMM8iFbNzSDZjH7ImI="; + hash = "sha256-7inmi8dHi6So+8AbLq85Go/GEaiV1XK/7+wt9UkTdo8="; }; postPatch = '' diff --git a/pkgs/development/python-modules/skorch/default.nix b/pkgs/development/python-modules/skorch/default.nix index a6508ded491e0..20d3fb5f4e76a 100644 --- a/pkgs/development/python-modules/skorch/default.nix +++ b/pkgs/development/python-modules/skorch/default.nix @@ -2,8 +2,6 @@ , buildPythonPackage , fetchPypi , pytestCheckHook -, pytest -, pytest-cov , flaky , numpy , pandas @@ -16,32 +14,41 @@ buildPythonPackage rec { pname = "skorch"; - version = "0.11.0"; + version = "0.12.1"; src = fetchPypi { inherit pname version; - sha256 = "b35cb4e50045742f0ffcfad33044af691d5d36b50212573753a804483a947ca9"; + hash = "sha256-fjNbNY/Dr7lgVGPrHJTvPGuhyPR6IVS7ohBQMI+J1+k="; }; propagatedBuildInputs = [ numpy torch scikit-learn scipy tabulate tqdm ]; - checkInputs = [ pytest pytest-cov flaky pandas pytestCheckHook ]; + checkInputs = [ flaky pandas pytestCheckHook ]; + + # patch out pytest-cov dep/invocation + postPatch = '' + substituteInPlace setup.cfg \ + --replace "--cov=skorch" "" \ + --replace "--cov-report=term-missing" "" \ + --replace "--cov-config .coveragerc" "" + ''; disabledTests = [ # on CPU, these expect artifacts from previous GPU run "test_load_cuda_params_to_cpu" # failing tests "test_pickle_load" - "test_grid_search_with_slds_" - "test_grid_search_with_dict_works" ]; + # tries to import `transformers` and download HuggingFace data + disabledTestPaths = [ "skorch/tests/test_hf.py" ]; + + pythonImportsCheck = [ "skorch" ]; + meta = with lib; { description = "Scikit-learn compatible neural net library using Pytorch"; homepage = "https://skorch.readthedocs.io"; changelog = "https://github.com/skorch-dev/skorch/blob/master/CHANGES.md"; license = licenses.bsd3; maintainers = with maintainers; [ bcdarwin ]; - # TypeError: __init__() got an unexpected keyword argument 'iid' - broken = true; }; } diff --git a/pkgs/development/tools/bacon/default.nix b/pkgs/development/tools/bacon/default.nix index ce374a0e8a811..eac02f3ff735e 100644 --- a/pkgs/development/tools/bacon/default.nix +++ b/pkgs/development/tools/bacon/default.nix @@ -2,16 +2,16 @@ rustPlatform.buildRustPackage rec { pname = "bacon"; - version = "2.2.7"; + version = "2.2.8"; src = fetchFromGitHub { owner = "Canop"; repo = pname; rev = "v${version}"; - sha256 = "sha256-GVwaqpczo+9bRA8VUwpLTwP+3PQ0mqM+4F1K61WKaNA="; + sha256 = "sha256-UFuU3y+v1V7Llc+IrWbh7kz8uUyCsxJO2zJhE6zwjSg="; }; - cargoSha256 = "sha256-mdzNbGDA93MSuZw3gYXGIuHbt36WAlf/7JcxJtkl0mk="; + cargoSha256 = "sha256-CPugHGkYbJG6WrguuGt/CnHq6NvRZ2fP2hgPIuIGGqc="; buildInputs = lib.optional stdenv.isDarwin CoreServices; diff --git a/pkgs/development/tools/continuous-integration/cirrus-cli/default.nix b/pkgs/development/tools/continuous-integration/cirrus-cli/default.nix index 05bfd5655b28a..37b36ff3ed5b8 100644 --- a/pkgs/development/tools/continuous-integration/cirrus-cli/default.nix +++ b/pkgs/development/tools/continuous-integration/cirrus-cli/default.nix @@ -6,16 +6,16 @@ buildGoModule rec { pname = "cirrus-cli"; - version = "0.92.1"; + version = "0.93.0"; src = fetchFromGitHub { owner = "cirruslabs"; repo = pname; rev = "v${version}"; - sha256 = "sha256-ehJyC5NXB53i7ZpWTKySnMwWiqgbgBbnxIVWhyrXC0A="; + sha256 = "sha256-exGOCBKPHuVBaFXd+/jbjAid7ZDodtZ/h/OWp/NBOhE="; }; - vendorSha256 = "sha256-Llq6siZn34sHsZFneT+MLXf2W9cXqi4DZwrH1R5laOY="; + vendorSha256 = "sha256-gotc9M2UkRJtE4LZPCpqDTXQ/cnN4tk+3HG243tFoss="; ldflags = [ "-X github.com/cirruslabs/cirrus-cli/internal/version.Version=v${version}" diff --git a/pkgs/os-specific/linux/libcgroup/default.nix b/pkgs/os-specific/linux/libcgroup/default.nix index 13c248a039822..8f24362b94b22 100644 --- a/pkgs/os-specific/linux/libcgroup/default.nix +++ b/pkgs/os-specific/linux/libcgroup/default.nix @@ -12,8 +12,8 @@ stdenv.mkDerivation rec { hash = "sha256-x2yBqpr3LedtWmpZ4K1ipZxIualNJuDtC4FVGzzcQn8="; }; - buildInputs = [ pam bison flex ]; - nativeBuildInputs = [ autoreconfHook ]; + nativeBuildInputs = [ autoreconfHook bison flex ]; + buildInputs = [ pam ]; postPatch = '' substituteInPlace src/tools/Makefile.am \ diff --git a/pkgs/servers/mautrix-whatsapp/default.nix b/pkgs/servers/mautrix-whatsapp/default.nix index 50ec609897018..847aaeffdcadb 100644 --- a/pkgs/servers/mautrix-whatsapp/default.nix +++ b/pkgs/servers/mautrix-whatsapp/default.nix @@ -2,18 +2,18 @@ buildGoModule rec { pname = "mautrix-whatsapp"; - version = "0.7.2"; + version = "0.8.0"; src = fetchFromGitHub { owner = "mautrix"; repo = "whatsapp"; rev = "v${version}"; - hash = "sha256-KeuAxrp4DYy0+K1XYF3FxindYoOHHfwtufwKnic46i8="; + hash = "sha256-shCFKTS6ArvjecokNSrgOBr5jO+64+d6OdubTHOWiws="; }; buildInputs = [ olm ]; - vendorSha256 = "sha256-oxRxGxYvpO1TeEBAKO1RDwqw4NUSW4XunGdVB6zXjx8="; + vendorSha256 = "sha256-BD1DBzr8iwVq2Qe7Zz1i871ysAYJ7iUlcBftjDYreeM="; doCheck = false; diff --git a/pkgs/servers/monitoring/unpoller/default.nix b/pkgs/servers/monitoring/unpoller/default.nix index aa217ece87784..a49fef47f5491 100644 --- a/pkgs/servers/monitoring/unpoller/default.nix +++ b/pkgs/servers/monitoring/unpoller/default.nix @@ -6,16 +6,16 @@ buildGoModule rec { pname = "unpoller"; - version = "2.3.1"; + version = "2.4.1"; src = fetchFromGitHub { owner = "unpoller"; repo = "unpoller"; rev = "v${version}"; - hash = "sha256-0IknWsJ7fWJuvXeiMZscWEv8p90KZQaQC4Q0KV98Z88="; + hash = "sha256-t4f7iAIOg19n1aKG0tQy/GHNXdVAEnaRyTXMZY+1IUw="; }; - vendorHash = "sha256-l2V41Rf8KDoh/fC9NcuGF4ISwCLwpbVuzQZiqiGNbuc="; + vendorHash = "sha256-GUzMu3ltdmFCKKWi9Hlr39rNe5uPnZpwQfhVAHtbeiw="; ldflags = [ "-w" "-s" diff --git a/pkgs/tools/misc/atuin/default.nix b/pkgs/tools/misc/atuin/default.nix index 3501ebf91019b..9d3de4aaa5f99 100644 --- a/pkgs/tools/misc/atuin/default.nix +++ b/pkgs/tools/misc/atuin/default.nix @@ -6,6 +6,7 @@ , libiconv , Security , SystemConfiguration +, nixosTests }: rustPlatform.buildRustPackage rec { @@ -32,6 +33,10 @@ rustPlatform.buildRustPackage rec { --zsh <($out/bin/atuin gen-completions -s zsh) ''; + passthru.tests = { + inherit (nixosTests) atuin; + }; + meta = with lib; { description = "Replacement for a shell history which records additional commands context with optional encrypted synchronization between machines"; homepage = "https://github.com/ellie/atuin"; diff --git a/pkgs/tools/networking/mbidled/default.nix b/pkgs/tools/networking/mbidled/default.nix new file mode 100644 index 0000000000000..1b5c1c3dc3d4d --- /dev/null +++ b/pkgs/tools/networking/mbidled/default.nix @@ -0,0 +1,39 @@ +{ stdenv +, lib +, fetchFromGitHub +, meson +, ninja +, libev +, openssl +}: +stdenv.mkDerivation { + pname = "mbidled"; + version = "unstable-2022-10-30"; + + src = fetchFromGitHub { + owner = "zsugabubus"; + repo = "mbidled"; + rev = "b06152f015a470876b042e538804ebb1ac247c09"; + sha256 = "sha256-eHm10onJ7v6fhvJiGXZhuN3c9cj+NoVIW2XQb2fdmuA="; + }; + + preConfigure = '' + export LIBRARY_PATH=${libev}/lib + ''; + + nativeBuildInputs = [ + meson ninja + ]; + + buildInputs = [ + libev openssl + ]; + + meta = with lib; { + description = "run command on mailbox change"; + homepage = "https://github.com/zsugabubus/mbidled"; + license = licenses.unlicense; + maintainers = with maintainers; [ laalsaas ]; + platforms = platforms.linux; + }; +} diff --git a/pkgs/tools/security/nsjail/default.nix b/pkgs/tools/security/nsjail/default.nix index b2e17cae6b68e..5abb9012b7d33 100644 --- a/pkgs/tools/security/nsjail/default.nix +++ b/pkgs/tools/security/nsjail/default.nix @@ -23,10 +23,10 @@ stdenv.mkDerivation rec { ''; installPhase = '' - runHook preInstallPhase + runHook preInstall install -Dm755 nsjail "$out/bin/nsjail" installManPage nsjail.1 - runHook postInstallPhase + runHook postInstall ''; meta = with lib; { diff --git a/pkgs/tools/security/pinentry/default.nix b/pkgs/tools/security/pinentry/default.nix index 61f84e5d76e93..54c8685f38eb1 100644 --- a/pkgs/tools/security/pinentry/default.nix +++ b/pkgs/tools/security/pinentry/default.nix @@ -1,6 +1,6 @@ { fetchurl, mkDerivation, fetchpatch, stdenv, lib, pkg-config, autoreconfHook, wrapGAppsHook , libgpg-error, libassuan, qtbase, wrapQtAppsHook -, ncurses, gtk2, gcr, libcap +, ncurses, gtk2, gcr , withLibsecret ? true, libsecret , enabledFlavors ? [ "curses" "tty" "gtk2" "emacs" ] ++ lib.optionals stdenv.isLinux [ "gnome3" ] @@ -35,18 +35,18 @@ in pinentryMkDerivation rec { pname = "pinentry"; - version = "1.2.0"; + version = "1.2.1"; src = fetchurl { url = "mirror://gnupg/pinentry/${pname}-${version}.tar.bz2"; - sha256 = "sha256-EAcgRaPgQ9BYH5HNVnb8rH/+6VehZjat7apPWDphZHA="; + sha256 = "sha256-RXoYXlqFI4+5RalV3GNSq5YtyLSHILYvyfpIx1QKQGc="; }; nativeBuildInputs = [ pkg-config autoreconfHook ] ++ lib.concatMap(f: flavorInfo.${f}.nativeBuildInputs or []) enabledFlavors; + buildInputs = [ libgpg-error libassuan ] ++ lib.optional withLibsecret libsecret - ++ lib.optional (!stdenv.isDarwin) libcap ++ lib.concatMap(f: flavorInfo.${f}.buildInputs or []) enabledFlavors; dontWrapGApps = true; @@ -62,8 +62,7 @@ pinentryMkDerivation rec { ]; configureFlags = [ - (lib.withFeature (libcap != null) "libcap") - (lib.enableFeature withLibsecret "libsecret") + (lib.enableFeature withLibsecret "libsecret") ] ++ (map enableFeaturePinentry (lib.attrNames flavorInfo)); postInstall = diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index b09d8c0eaedf8..5f42f078fa201 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -1414,6 +1414,8 @@ with pkgs; linux-router-without-wifi = linux-router.override { useWifiDependencies = false; }; + mbidled = callPackage ../tools/networking/mbidled { }; + metapixel = callPackage ../tools/graphics/metapixel { }; midimonster = callPackage ../tools/audio/midimonster { }; diff --git a/pkgs/top-level/perl-packages.nix b/pkgs/top-level/perl-packages.nix index 705a2fe639415..624eacbd26f17 100644 --- a/pkgs/top-level/perl-packages.nix +++ b/pkgs/top-level/perl-packages.nix @@ -12507,11 +12507,11 @@ let ImageExifTool = buildPerlPackage rec { pname = "Image-ExifTool"; - version = "12.51"; + version = "12.52"; src = fetchurl { url = "https://exiftool.org/Image-ExifTool-${version}.tar.gz"; - hash = "sha256-76meNQp9c0Z+81gNSMnDTtJmd/qOGu4uqeHsGhTnDkQ="; + hash = "sha256-yH8RlkTRAanHYNyq5Vi52W8mGKIJwmGZsWhzyokz+ao="; }; nativeBuildInputs = lib.optional stdenv.isDarwin shortenPerlShebang; |