diff options
| author | github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> | 2022-12-01 00:02:26 +0000 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2022-12-01 00:02:26 +0000 |
| commit | 818d9a61a30374a643b33546b27e3cdac13f02dc (patch) | |
| tree | e2326dbee51af00a32b244c70e777274b83ae91a | |
| parent | cb51cfe7454106a06e00405ce7222691437a068b (diff) | |
| parent | e989ef9671a711bdff9a096e4d5e6a495e631920 (diff) | |
Merge master into staging-next
39 files changed, 689 insertions, 300 deletions
diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md index 47857a8ca4c35..3d4bb049991f2 100644 --- a/.github/PULL_REQUEST_TEMPLATE.md +++ b/.github/PULL_REQUEST_TEMPLATE.md @@ -22,7 +22,7 @@ For new packages please briefly describe the package or provide a link to its ho - made sure NixOS tests are [linked](https://nixos.org/manual/nixpkgs/unstable/#ssec-nixos-tests-linking) to the relevant packages - [ ] Tested compilation of all packages that depend on this change using `nix-shell -p nixpkgs-review --run "nixpkgs-review rev HEAD"`. Note: all changes have to be committed, also see [nixpkgs-review usage](https://github.com/Mic92/nixpkgs-review#usage) - [ ] Tested basic functionality of all binary files (usually in `./result/bin/`) -- [22.11 Release Notes (or backporting 22.05 Release notes)](https://github.com/NixOS/nixpkgs/blob/master/CONTRIBUTING.md#generating-2211-release-notes) +- [23.05 Release Notes (or backporting 22.11 Release notes)](https://github.com/NixOS/nixpkgs/blob/master/CONTRIBUTING.md#generating-2305-release-notes) - [ ] (Package updates) Added a release notes entry if the change is major or breaking - [ ] (Module updates) Added a release notes entry if the change is significant - [ ] (Module addition) Added a release notes entry if adding a new NixOS module diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index d8540782b91b0..2d83222ee3a8b 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -98,17 +98,17 @@ git push origin feature --force-with-lease Follow these steps to backport a change into a release branch in compliance with the [commit policy](https://nixos.org/nixpkgs/manual/#submitting-changes-stable-release-branches). -You can add a label such as `backport release-22.05` to a PR, so that merging it will +You can add a label such as `backport release-22.11` to a PR, so that merging it will automatically create a backport (via [a GitHub Action](.github/workflows/backport.yml)). This also works for PR's that have already been merged, and might take a couple of minutes to trigger. You can also create the backport manually: 1. Take note of the commits in which the change was introduced into `master` branch. -2. Check out the target _release branch_, e.g. `release-22.05`. Do not use a _channel branch_ like `nixos-22.05` or `nixpkgs-22.05-darwin`. +2. Check out the target _release branch_, e.g. `release-22.11`. Do not use a _channel branch_ like `nixos-22.11` or `nixpkgs-22.11-darwin`. 3. Create a branch for your change, e.g. `git checkout -b backport`. 4. When the reason to backport is not obvious from the original commit message, use `git cherry-pick -xe <original commit>` and add a reason. Otherwise use `git cherry-pick -x <original commit>`. That's fine for minor version updates that only include security and bug fixes, commits that fixes an otherwise broken package or similar. Please also ensure the commits exists on the master branch; in the case of squashed or rebased merges, the commit hash will change and the new commits can be found in the merge message at the bottom of the master pull request. -5. Push to GitHub and open a backport pull request. Make sure to select the release branch (e.g. `release-22.05`) as the target branch of the pull request, and link to the pull request in which the original change was comitted to `master`. The pull request title should be the commit title with the release version as prefix, e.g. `[22.05]`. +5. Push to GitHub and open a backport pull request. Make sure to select the release branch (e.g. `release-22.11`) as the target branch of the pull request, and link to the pull request in which the original change was comitted to `master`. The pull request title should be the commit title with the release version as prefix, e.g. `[22.11]`. 6. When the backport pull request is merged and you have the necessary privileges you can also replace the label `9.needs: port to stable` with `8.has: port to stable` on the original pull request. This way maintainers can keep track of missing backports easier. ## Criteria for Backporting changes @@ -120,15 +120,15 @@ Anything that does not cause user or downstream dependency regressions can be ba - Services which require a client to be up-to-date regardless. (E.g. `spotify`, `steam`, or `discord`) - Security critical applications (E.g. `firefox`) -## Generating 22.11 Release Notes +## Generating 23.05 Release Notes Documentation in nixpkgs is transitioning to a markdown-centric workflow. Release notes now require a translation step to convert from markdown to a compatible docbook document. -Steps for updating 22.11 Release notes: +Steps for updating 23.05 Release notes: -1. Edit `nixos/doc/manual/release-notes/rl-2211.section.md` with the desired changes -2. Run `./nixos/doc/manual/md-to-db.sh` to render `nixos/doc/manual/from_md/release-notes/rl-2211.section.xml` -3. Include changes to `rl-2211.section.md` and `rl-2211.section.xml` in the same commit. +1. Edit `nixos/doc/manual/release-notes/rl-2305.section.md` with the desired changes +2. Run `./nixos/doc/manual/md-to-db.sh` to render `nixos/doc/manual/from_md/release-notes/rl-2305.section.xml` +3. Include changes to `rl-2305.section.md` and `rl-2305.section.xml` in the same commit. ## Reviewing contributions diff --git a/README.md b/README.md index c7e14f6934957..4c6ad635164b2 100644 --- a/README.md +++ b/README.md @@ -51,9 +51,9 @@ Nixpkgs and NixOS are built and tested by our continuous integration system, [Hydra](https://hydra.nixos.org/). * [Continuous package builds for unstable/master](https://hydra.nixos.org/jobset/nixos/trunk-combined) -* [Continuous package builds for the NixOS 22.05 release](https://hydra.nixos.org/jobset/nixos/release-22.05) +* [Continuous package builds for the NixOS 22.11 release](https://hydra.nixos.org/jobset/nixos/release-22.11) * [Tests for unstable/master](https://hydra.nixos.org/job/nixos/trunk-combined/tested#tabs-constituents) -* [Tests for the NixOS 22.05 release](https://hydra.nixos.org/job/nixos/release-22.05/tested#tabs-constituents) +* [Tests for the NixOS 22.11 release](https://hydra.nixos.org/job/nixos/release-22.11/tested#tabs-constituents) Artifacts successfully built with Hydra are published to cache at https://cache.nixos.org/. When successful build and test criteria are diff --git a/maintainers/maintainer-list.nix b/maintainers/maintainer-list.nix index 7750177545eb7..9075a976025e1 100644 --- a/maintainers/maintainer-list.nix +++ b/maintainers/maintainer-list.nix @@ -1071,6 +1071,12 @@ githubId = 56009; name = "Arcadio Rubio García"; }; + archer-65 = { + email = "mario.liguori.056@gmail.com"; + github = "archer-65"; + githubId = 76066109; + name = "Mario Liguori"; + }; archseer = { email = "blaz@mxxn.io"; github = "archseer"; @@ -9678,6 +9684,12 @@ githubId = 43796009; name = "Max Wilson"; }; + myaats = { + email = "mats@mats.sh"; + github = "Myaats"; + githubId = 6295090; + name = "Mats"; + }; myrl = { email = "myrl.0xf@gmail.com"; github = "Myrl"; diff --git a/nixos/doc/manual/from_md/installation/upgrading.chapter.xml b/nixos/doc/manual/from_md/installation/upgrading.chapter.xml index 11fe1d317ccdd..f6aedc800aca5 100644 --- a/nixos/doc/manual/from_md/installation/upgrading.chapter.xml +++ b/nixos/doc/manual/from_md/installation/upgrading.chapter.xml @@ -12,7 +12,7 @@ <listitem> <para> <emphasis>Stable channels</emphasis>, such as - <link xlink:href="https://nixos.org/channels/nixos-22.05"><literal>nixos-22.05</literal></link>. + <link xlink:href="https://nixos.org/channels/nixos-22.05"><literal>nixos-22.11</literal></link>. These only get conservative bug fixes and package upgrades. For instance, a channel update may cause the Linux kernel on your system to be upgraded from 4.19.34 to 4.19.38 (a minor bug fix), @@ -33,7 +33,7 @@ <listitem> <para> <emphasis>Small channels</emphasis>, such as - <link xlink:href="https://nixos.org/channels/nixos-22.05-small"><literal>nixos-22.05-small</literal></link> + <link xlink:href="https://nixos.org/channels/nixos-22.05-small"><literal>nixos-22.11-small</literal></link> or <link xlink:href="https://nixos.org/channels/nixos-unstable-small"><literal>nixos-unstable-small</literal></link>. These are identical to the stable and unstable channels @@ -60,8 +60,8 @@ <para> When you first install NixOS, you’re automatically subscribed to the NixOS channel that corresponds to your installation source. For - instance, if you installed from a 22.05 ISO, you will be subscribed - to the <literal>nixos-22.05</literal> channel. To see which NixOS + instance, if you installed from a 22.11 ISO, you will be subscribed + to the <literal>nixos-22.11</literal> channel. To see which NixOS channel you’re subscribed to, run the following as root: </para> <programlisting> @@ -76,17 +76,17 @@ nixos https://nixos.org/channels/nixos-unstable </programlisting> <para> (Be sure to include the <literal>nixos</literal> parameter at the - end.) For instance, to use the NixOS 22.05 stable channel: + end.) For instance, to use the NixOS 22.11 stable channel: </para> <programlisting> -# nix-channel --add https://nixos.org/channels/nixos-22.05 nixos +# nix-channel --add https://nixos.org/channels/nixos-22.11 nixos </programlisting> <para> If you have a server, you may want to use the <quote>small</quote> channel instead: </para> <programlisting> -# nix-channel --add https://nixos.org/channels/nixos-22.05-small nixos +# nix-channel --add https://nixos.org/channels/nixos-22.11-small nixos </programlisting> <para> And if you want to live on the bleeding edge: @@ -146,7 +146,7 @@ system.autoUpgrade.allowReboot = true; also specify a channel explicitly, e.g. </para> <programlisting language="bash"> -system.autoUpgrade.channel = https://nixos.org/channels/nixos-22.05; +system.autoUpgrade.channel = https://nixos.org/channels/nixos-22.11; </programlisting> </section> </chapter> diff --git a/nixos/doc/manual/from_md/release-notes/rl-2211.section.xml b/nixos/doc/manual/from_md/release-notes/rl-2211.section.xml index 6689d2389eb2e..b72c4326004c3 100644 --- a/nixos/doc/manual/from_md/release-notes/rl-2211.section.xml +++ b/nixos/doc/manual/from_md/release-notes/rl-2211.section.xml @@ -1,8 +1,8 @@ <section xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink" xml:id="sec-release-22.11"> - <title>Release 22.11 (“Raccoon”, 2022.11/??)</title> + <title>Release 22.11 (“Raccoon”, 2022.11/30)</title> <para> The NixOS release team is happy to announce a new version of NixOS - 22.11. NixOS is both a linux distribution, and a set of packages + 22.11. NixOS is both a Linux distribution, and a set of packages usable on other Linux systems and macOS. </para> <para> @@ -190,9 +190,10 @@ <listitem> <para> For cross-compilation targets that can also run on the - building machine, we also enabled running tests now. This is - for example the case for the pkgsStatic and pkgsLLVm package - sets or i686 packages on <literal>x86_64</literal> machine. + building machine, we now run tests. This, for example, is the + case for the <literal>pkgsStatic</literal> and + <literal>pkgsLLVM</literal> package sets or i686 packages on + <literal>x86_64</literal> machines. </para> </listitem> <listitem> @@ -242,9 +243,12 @@ <itemizedlist> <listitem> <para> - Nix has been upgraded from - <link xlink:href="https://github.com/NixOS/nix/compare/2.8.1...2.11.0">v2.8.1 - to v2.11.0</link> + Nix has been upgraded from v2.8.1 to v2.11.0. For more + information, please see the release notes for + <link xlink:href="https://nixos.org/manual/nix/stable/release-notes/rl-2.9.html">2.9</link>, + <link xlink:href="https://nixos.org/manual/nix/stable/release-notes/rl-2.10.html">2.10</link> + and + <link xlink:href="https://nixos.org/manual/nix/stable/release-notes/rl-2.11.html">2.11</link>. </para> </listitem> <listitem> @@ -254,9 +258,9 @@ </listitem> <listitem> <para> - GNOME has been upgraded to version 43. Please take a look at - their <link xlink:href="https://release.gnome.org/43/">Release - Notes</link> for details. + GNOME has been upgraded to version 43. Please see the + <link xlink:href="https://release.gnome.org/43/">release + notes</link> for details. </para> </listitem> <listitem> @@ -290,7 +294,7 @@ </listitem> <listitem> <para> - Python now defalts to 3.10, updated from 3.9. + Python now defaults to 3.10, updated from 3.9. </para> </listitem> </itemizedlist> @@ -393,7 +397,7 @@ checkouts via the <literal>sparseCheckout</literal> option. This used to accept a multi-line string with directories/patterns to check out, but now requires a list of - strings + strings. </para> </listitem> <listitem> @@ -403,7 +407,7 @@ <literal>ssh-keygen -A</literal> as they are insecure. Also, <literal>SetEnv</literal> directives in <literal>ssh_config</literal> and - <literal>sshd_config</literal> are now first-match-wins + <literal>sshd_config</literal> are now first-match-wins. </para> </listitem> <listitem> @@ -511,7 +515,7 @@ <literal>kanidm</literal> has been updated to 1.1.0-alpha.10 and now requires a TLS certificate and key. It will always start <literal>https</literal> and-–-if enabled-–-an LDAPS - server and no HTTP and LDAP server anymore + server and no HTTP and LDAP server anymore. </para> </listitem> <listitem> @@ -1508,7 +1512,7 @@ services.github-runner.serviceOverrides.SupplementaryGroups = [ </listitem> <listitem> <para> - <literal>haskellPackage.callHackage</literal> is not always + <literal>haskellPackages.callHackage</literal> is not always invalidated if <literal>all-cabal-hashes</literal> changes, leading to less rebuilds of haskell dependencies. </para> @@ -1529,6 +1533,13 @@ services.github-runner.serviceOverrides.SupplementaryGroups = [ <itemizedlist> <listitem> <para> + <link xlink:href="https://git.sr.ht/~migadu/alps">alps</link>, + a simple and extensible webmail. Available as + <link linkend="opt-services.alps.enable">services.alps</link>. + </para> + </listitem> + <listitem> + <para> <link xlink:href="https://github.com/jollheef/appvm">appvm</link>, Nix based app VMs. Available as <link xlink:href="options.html#opt-virtualisation.appvm.enable">virtualisation.appvm</link>. @@ -1536,26 +1547,26 @@ services.github-runner.serviceOverrides.SupplementaryGroups = [ </listitem> <listitem> <para> - <link xlink:href="https://github.com/maxbrunet/automatic-timezoned">automatic-timezoned</link>. - a Linux daemon to automatically update the system timezone - based on location. Available as - <link linkend="opt-services.automatic-timezoned.enable">services.automatic-timezoned</link>. + <link xlink:href="https://www.ausweisapp.bund.de/">AusweisApp2</link>, + the authentication software for the German ID card. Available + as + <link linkend="opt-programs.ausweisapp.enable">programs.ausweisapp</link>. </para> </listitem> <listitem> <para> - [xray] (https://github.com/XTLS/Xray-core), a fully compatible - v2ray-core replacement. Features XTLS, which when enabled on - server and client, brings UDP FullCone NAT to proxy setups. - Available as - <link xlink:href="options.html#opt-services.xray.enable">services.xray</link>. + <link xlink:href="https://github.com/maxbrunet/automatic-timezoned">automatic-timezoned</link>. + a Linux daemon to automatically update the system timezone + based on location. Available as + <link linkend="opt-services.automatic-timezoned.enable">services.automatic-timezoned</link>. </para> </listitem> <listitem> <para> - <link xlink:href="https://github.com/mozilla-services/syncstorage-rs">syncstorage-rs</link>, - a self-hostable sync server for Firefox. Available as - <link xlink:href="options.html#opt-services.firefox-syncserver.enable">services.firefox-syncserver</link>. + <link xlink:href="https://www.dolibarr.org/">Dolibarr</link>, + an enterprise resource planning and customer relationship + manager. Enable using + <link linkend="opt-services.dolibarr.enable">services.dolibarr</link>. </para> </listitem> <listitem> @@ -1567,64 +1578,77 @@ services.github-runner.serviceOverrides.SupplementaryGroups = [ </listitem> <listitem> <para> - <link xlink:href="https://komga.org/">Komga</link>, a free and - open source comics/mangas media server. Available as - <link linkend="opt-services.komga.enable">services.komga</link>. + <link xlink:href="https://github.com/shizunge/endlessh-go">endlessh-go</link>, + an SSH tarpit that exposes Prometheus metrics. Available as + <link linkend="opt-services.endlessh-go.enable">services.endlessh-go</link>. </para> </listitem> <listitem> <para> - <link xlink:href="https://tandoor.dev">Tandoor Recipes</link>, - a self-hosted multi-tenant recipe collection. Available as - <link xlink:href="options.html#opt-services.tandoor-recipes.enable">services.tandoor-recipes</link>. + <link xlink:href="https://github.com/skeeto/endlessh">endlessh</link>, + an SSH tarpit. Available as + <link linkend="opt-services.endlessh.enable">services.endlessh</link>. </para> </listitem> <listitem> <para> - <link xlink:href="https://hbase.apache.org/">HBase - cluster</link>, a distributed, scalable, big data store. + <link xlink:href="https://evcc.io">EVCC</link> is an EV charge + controller with PV integration. It supports a multitude of + chargers, meters, vehicle APIs and more and ties that together + with a well-tested backend and a lightweight web frontend. Available as - <link xlink:href="options.html#opt-services.hadoop.hbase.enable">services.hadoop.hbase</link>. + <link linkend="opt-services.evcc.enable">services.evcc</link>. </para> </listitem> <listitem> <para> - <link xlink:href="https://github.com/edneville/please">Please</link>, - a Sudo clone written in Rust. Available as - <link linkend="opt-security.please.enable">security.please</link> + <link xlink:href="https://www.expressvpn.com">expressvpn</link>, + the CLI client for ExpressVPN. Available as + <link linkend="opt-services.expressvpn.enable">services.expressvpn</link>. </para> </listitem> <listitem> <para> - <link xlink:href="https://github.com/messagebird/sachet/">Sachet</link>, - an SMS alerting tool for the Prometheus Alertmanager. - Available as - <link linkend="opt-services.prometheus.sachet.enable">services.prometheus.sachet</link>. + <link xlink:href="https://freshrss.org/">FreshRSS</link>, a + free, self-hostable RSS feed aggregator. Available as + <link linkend="opt-services.freshrss.enable">services.freshrss</link>. </para> </listitem> <listitem> <para> - <link xlink:href="https://evcc.io">EVCC</link> is an EV charge - controller with PV integration. It supports a multitude of - chargers, meters, vehicle APIs and more and ties that together - with a well-tested backend and a lightweight web frontend. - Available as - <link linkend="opt-services.evcc.enable">services.evcc</link>. + <link xlink:href="https://garagehq.deuxfleurs.fr/">Garage</link>, + a simple object storage server for geodistributed deployments, + alternative to MinIO. Available as + <link linkend="opt-services.garage.enable">services.garage</link>. </para> </listitem> <listitem> <para> - <link xlink:href="https://github.com/leetronics/infnoise">infnoise</link>, - a hardware True Random Number Generator dongle. Available as - <link xlink:href="options.html#opt-services.infnoise.enable">services.infnoise</link>. + <link xlink:href="https://github.com/L11R/go-autoconfig">go-autoconfig</link>, + IMAP/SMTP autodiscover server. Available as + <link linkend="opt-services.go-autoconfig.enable">services.go-autoconfig</link>. </para> </listitem> <listitem> <para> - <link xlink:href="https://github.com/prymitive/kthxbye">kthxbye</link>, - an alert acknowledgement management daemon for Prometheus - Alertmanager. Available as - <link xlink:href="options.html#opt-services.kthxbye.enable">services.kthxbye</link> + <link xlink:href="https://www.grafana.com/oss/tempo/">Grafana + Tempo</link>, a distributed tracing store. Available as + <link linkend="opt-services.tempo.enable">services.tempo</link>. + </para> + </listitem> + <listitem> + <para> + <link xlink:href="https://hbase.apache.org/">HBase + cluster</link>, a distributed, scalable, big data store. + Available as + <link xlink:href="options.html#opt-services.hadoop.hbase.enable">services.hadoop.hbase</link>. + </para> + </listitem> + <listitem> + <para> + <link xlink:href="https://github.com/leetronics/infnoise">infnoise</link>, + a hardware True Random Number Generator dongle. Available as + <link xlink:href="options.html#opt-services.infnoise.enable">services.infnoise</link>. </para> </listitem> <listitem> @@ -1644,6 +1668,21 @@ services.github-runner.serviceOverrides.SupplementaryGroups = [ </listitem> <listitem> <para> + <link xlink:href="https://komga.org/">Komga</link>, a free and + open source comics/mangas media server. Available as + <link linkend="opt-services.komga.enable">services.komga</link>. + </para> + </listitem> + <listitem> + <para> + <link xlink:href="https://github.com/prymitive/kthxbye">kthxbye</link>, + an alert acknowledgement management daemon for Prometheus + Alertmanager. Available as + <link xlink:href="options.html#opt-services.kthxbye.enable">services.kthxbye</link> + </para> + </listitem> + <listitem> + <para> <link xlink:href="https://languagetool.org/">languagetool</link>, a multilingual grammar, style, and spell checker. Available as <link xlink:href="options.html#opt-services.languagetool.enable">services.languagetool</link>. @@ -1651,59 +1690,60 @@ services.github-runner.serviceOverrides.SupplementaryGroups = [ </listitem> <listitem> <para> - <link xlink:href="https://gitlab.com/CalcProgrammer1/OpenRGB/-/tree/master">OpenRGB</link>, - a FOSS tool for controlling RGB lighting. Available as - <link xlink:href="options.html#opt-services.hardware.openrgb.enable">services.hardware.openrgb.enable</link>. + <link xlink:href="https://listmonk.app">Listmonk</link>, a + self-hosted newsletter manager. Enable using + <link xlink:href="options.html#opt-services.listmonk.enable">services.listmonk</link>. </para> </listitem> <listitem> <para> - <link xlink:href="https://www.getoutline.com/">Outline</link>, - a wiki and knowledge base similar to Notion. Available as - <link linkend="opt-services.outline.enable">services.outline</link>. + <link xlink:href="https://mepo.milesalan.com">Mepo</link>, a + fast, simple, hackable OSM map viewer for mobile and desktop + Linux. Available as + <link linkend="opt-programs.mepo.enable">programs.mepo.enable</link>. </para> </listitem> <listitem> <para> - <link xlink:href="https://ntfy.sh">ntfy.sh</link>, a push - notification service. Available as - <link linkend="opt-services.ntfy-sh.enable">services.ntfy-sh</link> + <link xlink:href="https://troglobit.com/projects/merecat/">merecat</link>, + a small and easy HTTP server based on thttpd. Available as + <link linkend="opt-services.merecat.enable">services.merecat</link> </para> </listitem> <listitem> <para> - <link xlink:href="https://git.sr.ht/~migadu/alps">alps</link>, - a simple and extensible webmail. Available as - <link linkend="opt-services.alps.enable">services.alps</link>. + <link xlink:href="https://netbird.io">netbird</link>, a zero + configuration VPN. Available as + <link xlink:href="options.html#opt-services.netbird.enable">services.netbird</link>. </para> </listitem> <listitem> <para> - <link xlink:href="https://github.com/skeeto/endlessh">endlessh</link>, - an SSH tarpit. Available as - <link linkend="opt-services.endlessh.enable">services.endlessh</link>. + <link xlink:href="https://ntfy.sh">ntfy.sh</link>, a push + notification service. Available as + <link linkend="opt-services.ntfy-sh.enable">services.ntfy-sh</link> </para> </listitem> <listitem> <para> - <link xlink:href="https://github.com/shizunge/endlessh-go">endlessh-go</link>, - an SSH tarpit that exposes Prometheus metrics. Available as - <link linkend="opt-services.endlessh-go.enable">services.endlessh-go</link>. + <link xlink:href="https://gitlab.com/CalcProgrammer1/OpenRGB/-/tree/master">OpenRGB</link>, + a FOSS tool for controlling RGB lighting. Available as + <link xlink:href="options.html#opt-services.hardware.openrgb.enable">services.hardware.openrgb.enable</link>. </para> </listitem> <listitem> <para> - <link xlink:href="https://garagehq.deuxfleurs.fr/">Garage</link>, - a simple object storage server for geodistributed deployments, - alternative to MinIO. Available as - <link linkend="opt-services.garage.enable">services.garage</link>. + <link xlink:href="https://www.getoutline.com/">Outline</link>, + a wiki and knowledge base similar to Notion. Available as + <link linkend="opt-services.outline.enable">services.outline</link>. </para> </listitem> <listitem> <para> - <link xlink:href="https://netbird.io">netbird</link>, a zero - configuration VPN. Available as - <link xlink:href="options.html#opt-services.netbird.enable">services.netbird</link>. + <link xlink:href="https://github.com/zalando/patroni">Patroni</link>, + a template for PostgreSQL HA with ZooKeeper, etcd or Consul. + Available as + <link xlink:href="options.html#opt-services.patroni.enable">services.patroni</link>. </para> </listitem> <listitem> @@ -1717,45 +1757,46 @@ services.github-runner.serviceOverrides.SupplementaryGroups = [ </listitem> <listitem> <para> - <link xlink:href="https://schleuder.org/">schleuder</link>, a - mailing list manager with PGP support. Enable using - <link linkend="opt-services.schleuder.enable">services.schleuder</link>. + <link xlink:href="https://github.com/edneville/please">Please</link>, + a Sudo clone written in Rust. Available as + <link linkend="opt-security.please.enable">security.please</link>. </para> </listitem> <listitem> <para> - <link xlink:href="https://www.dolibarr.org/">Dolibarr</link>, - an enterprise resource planning and customer relationship - manager. Enable using - <link linkend="opt-services.dolibarr.enable">services.dolibarr</link>. + <link xlink:href="https://github.com/prometheus-community/ipmi_exporter">Prometheus + IPMI exporter</link>, an IPMI exporter for Prometheus. + Available as + <link linkend="opt-services.prometheus.exporters.ipmi.enable">services.prometheus.exporters.ipmi</link>. </para> </listitem> <listitem> <para> - <link xlink:href="https://freshrss.org/">FreshRSS</link>, a - free, self-hostable RSS feed aggregator. Available as - <link linkend="opt-services.freshrss.enable">services.freshrss</link>. + <link xlink:href="https://github.com/messagebird/sachet/">Sachet</link>, + an SMS alerting tool for the Prometheus Alertmanager. + Available as + <link linkend="opt-services.prometheus.sachet.enable">services.prometheus.sachet</link>. </para> </listitem> <listitem> <para> - <link xlink:href="https://www.expressvpn.com">expressvpn</link>, - the CLI client for ExpressVPN. Available as - <link linkend="opt-services.expressvpn.enable">services.expressvpn</link>. + <link xlink:href="https://schleuder.org/">schleuder</link>, a + mailing list manager with PGP support. Enable using + <link linkend="opt-services.schleuder.enable">services.schleuder</link>. </para> </listitem> <listitem> <para> - <link xlink:href="https://troglobit.com/projects/merecat/">merecat</link>, - a small and easy HTTP server based on thttpd. Available as - <link linkend="opt-services.merecat.enable">services.merecat</link> + <link xlink:href="https://github.com/mozilla-services/syncstorage-rs">syncstorage-rs</link>, + a self-hostable sync server for Firefox. Available as + <link xlink:href="options.html#opt-services.firefox-syncserver.enable">services.firefox-syncserver</link>. </para> </listitem> <listitem> <para> - <link xlink:href="https://github.com/L11R/go-autoconfig">go-autoconfig</link>, - IMAP/SMTP autodiscover server. Available as - <link linkend="opt-services.go-autoconfig.enable">services.go-autoconfig</link>. + <link xlink:href="https://tandoor.dev">Tandoor Recipes</link>, + a self-hosted multi-tenant recipe collection. Available as + <link xlink:href="options.html#opt-services.tandoor-recipes.enable">services.tandoor-recipes</link>. </para> </listitem> <listitem> @@ -1769,33 +1810,9 @@ services.github-runner.serviceOverrides.SupplementaryGroups = [ </listitem> <listitem> <para> - <link xlink:href="https://www.grafana.com/oss/tempo/">Grafana - Tempo</link>, a distributed tracing store. Available as - <link linkend="opt-services.tempo.enable">services.tempo</link>. - </para> - </listitem> - <listitem> - <para> - <link xlink:href="https://www.ausweisapp.bund.de/">AusweisApp2</link>, - the authentication software for the German ID card. Available - as - <link linkend="opt-programs.ausweisapp.enable">programs.ausweisapp</link>. - </para> - </listitem> - <listitem> - <para> - <link xlink:href="https://github.com/zalando/patroni">Patroni</link>, - a template for PostgreSQL HA with ZooKeeper, etcd or Consul. - Available as - <link xlink:href="options.html#opt-services.patroni.enable">services.patroni</link>. - </para> - </listitem> - <listitem> - <para> - <link xlink:href="https://github.com/prometheus-community/ipmi_exporter">Prometheus - IPMI exporter</link>, an IPMI exporter for Prometheus. - Available as - <link linkend="opt-services.prometheus.exporters.ipmi.enable">services.prometheus.exporters.ipmi</link>. + <link xlink:href="https://uptime.kuma.pet/">Uptime + Kuma</link>, a fancy self-hosted monitoring tool. Available as + <link linkend="opt-services.uptime-kuma.enable">services.uptime-kuma</link>. </para> </listitem> <listitem> @@ -1808,24 +1825,11 @@ services.github-runner.serviceOverrides.SupplementaryGroups = [ </listitem> <listitem> <para> - <link xlink:href="https://listmonk.app">Listmonk</link>, a - self-hosted newsletter manager. Enable using - <link xlink:href="options.html#opt-services.listmonk.enable">services.listmonk</link>. - </para> - </listitem> - <listitem> - <para> - <link xlink:href="https://uptime.kuma.pet/">Uptime - Kuma</link>, a fancy self-hosted monitoring tool. Available as - <link linkend="opt-services.uptime-kuma.enable">services.uptime-kuma</link>. - </para> - </listitem> - <listitem> - <para> - <link xlink:href="https://mepo.milesalan.com">Mepo</link>, a - fast, simple, hackable OSM map viewer for mobile and desktop - Linux. Available as - <link linkend="opt-programs.mepo.enable">programs.mepo.enable</link>. + <link xlink:href="https://github.com/XTLS/Xray-core">xray</link>, + a fully compatible v2ray-core replacement. Features XTLS, + which when enabled on server and client, brings UDP FullCone + NAT to proxy setups. Available as + <link xlink:href="options.html#opt-services.xray.enable">services.xray</link>. </para> </listitem> </itemizedlist> diff --git a/nixos/doc/manual/installation/upgrading.chapter.md b/nixos/doc/manual/installation/upgrading.chapter.md index 2644979bc9db2..249bcd97cec84 100644 --- a/nixos/doc/manual/installation/upgrading.chapter.md +++ b/nixos/doc/manual/installation/upgrading.chapter.md @@ -6,7 +6,7 @@ expressions and associated binaries. The NixOS channels are updated automatically from NixOS's Git repository after certain tests have passed and all packages have been built. These channels are: -- *Stable channels*, such as [`nixos-22.05`](https://nixos.org/channels/nixos-22.05). +- *Stable channels*, such as [`nixos-22.11`](https://nixos.org/channels/nixos-22.05). These only get conservative bug fixes and package upgrades. For instance, a channel update may cause the Linux kernel on your system to be upgraded from 4.19.34 to 4.19.38 (a minor bug fix), but not @@ -19,7 +19,7 @@ passed and all packages have been built. These channels are: radical changes between channel updates. It's not recommended for production systems. -- *Small channels*, such as [`nixos-22.05-small`](https://nixos.org/channels/nixos-22.05-small) +- *Small channels*, such as [`nixos-22.11-small`](https://nixos.org/channels/nixos-22.05-small) or [`nixos-unstable-small`](https://nixos.org/channels/nixos-unstable-small). These are identical to the stable and unstable channels described above, except that they contain fewer binary packages. This means they get updated @@ -38,8 +38,8 @@ newest supported stable release. When you first install NixOS, you're automatically subscribed to the NixOS channel that corresponds to your installation source. For -instance, if you installed from a 22.05 ISO, you will be subscribed to -the `nixos-22.05` channel. To see which NixOS channel you're subscribed +instance, if you installed from a 22.11 ISO, you will be subscribed to +the `nixos-22.11` channel. To see which NixOS channel you're subscribed to, run the following as root: ```ShellSession @@ -54,16 +54,16 @@ To switch to a different NixOS channel, do ``` (Be sure to include the `nixos` parameter at the end.) For instance, to -use the NixOS 22.05 stable channel: +use the NixOS 22.11 stable channel: ```ShellSession -# nix-channel --add https://nixos.org/channels/nixos-22.05 nixos +# nix-channel --add https://nixos.org/channels/nixos-22.11 nixos ``` If you have a server, you may want to use the "small" channel instead: ```ShellSession -# nix-channel --add https://nixos.org/channels/nixos-22.05-small nixos +# nix-channel --add https://nixos.org/channels/nixos-22.11-small nixos ``` And if you want to live on the bleeding edge: @@ -114,5 +114,5 @@ the new generation contains a different kernel, initrd or kernel modules. You can also specify a channel explicitly, e.g. ```nix -system.autoUpgrade.channel = https://nixos.org/channels/nixos-22.05; +system.autoUpgrade.channel = https://nixos.org/channels/nixos-22.11; ``` diff --git a/nixos/doc/manual/release-notes/rl-2211.section.md b/nixos/doc/manual/release-notes/rl-2211.section.md index 00e815fa66ac7..e0aef342c1ac5 100644 --- a/nixos/doc/manual/release-notes/rl-2211.section.md +++ b/nixos/doc/manual/release-notes/rl-2211.section.md @@ -1,6 +1,6 @@ -# Release 22.11 (“Raccoon”, 2022.11/??) {#sec-release-22.11} +# Release 22.11 (“Raccoon”, 2022.11/30) {#sec-release-22.11} -The NixOS release team is happy to announce a new version of NixOS 22.11. NixOS is both a linux distribution, and a set of packages usable on other Linux systems and macOS. +The NixOS release team is happy to announce a new version of NixOS 22.11. NixOS is both a Linux distribution, and a set of packages usable on other Linux systems and macOS. This release is supported until the end of June 2023, handing over to NixOS 23.05. @@ -26,9 +26,9 @@ In addition to numerous new and upgraded packages, this release includes the fol - `nsncd` is now available as a replacement of `nscd`. `nscd` is responsible for resolving hostnames, users and more in NixOS and has been a long standing source of bugs, such as sporadic network freezes. - + More context in this [issue](https://github.com/NixOS/nixpkgs/issues/135888). - + Help us test the new implementation by setting `services.nscd.enableNsncd` to `true`. We plan to use `nsncd` by default in NixOS 23.05. @@ -45,7 +45,7 @@ In addition to numerous new and upgraded packages, this release includes the fol - Haskell `ghcWithPackages` is now up to 15 times faster to evaluate, thanks to changing `lib.closePropagation` from a quadratic to linear complexity. Please see backward incompatibilities notes below. <https://github.com/NixOS/nixpkgs/pull/194391> -- For cross-compilation targets that can also run on the building machine, we also enabled running tests now. This is for example the case for the pkgsStatic and pkgsLLVm package sets or i686 packages on `x86_64` machine. +- For cross-compilation targets that can also run on the building machine, we now run tests. This, for example, is the case for the `pkgsStatic` and `pkgsLLVM` package sets or i686 packages on `x86_64` machines. - To simplify cross-compilation in NixOS, this release introduces the `nixpkgs.hostPlatform` and `nixpkgs.buildPlatform` options. These cover and override the `nixpkgs.{system,localSystem,crossSystem}` options. @@ -66,11 +66,11 @@ In addition to numerous new and upgraded packages, this release includes the fol ## Notable version updates {#sec-release-22.11-version-updates} -- Nix has been upgraded from [v2.8.1 to v2.11.0](https://github.com/NixOS/nix/compare/2.8.1...2.11.0) +- Nix has been upgraded from v2.8.1 to v2.11.0. For more information, please see the release notes for [2.9](https://nixos.org/manual/nix/stable/release-notes/rl-2.9.html), [2.10](https://nixos.org/manual/nix/stable/release-notes/rl-2.10.html) and [2.11](https://nixos.org/manual/nix/stable/release-notes/rl-2.11.html). - OpenSSL now defaults to OpenSSL 3, updated from 1.1.1. -- GNOME has been upgraded to version 43. Please take a look at their [Release Notes](https://release.gnome.org/43/) for details. +- GNOME has been upgraded to version 43. Please see the [release notes](https://release.gnome.org/43/) for details. - KDE Plasma has been upgraded from v5.24 to v5.26. Please see the release notes for [v5.25](https://kde.org/announcements/plasma/5/5.25.0/) and [v5.26](https://kde.org/announcements/plasma/5/5.26.0/) for more details on the included changes. @@ -81,7 +81,7 @@ In addition to numerous new and upgraded packages, this release includes the fol - Perl has been updated to 5.36, and its core module `HTTP::Tiny` was patched to verify SSL/TLS certificates by default. -- Python now defalts to 3.10, updated from 3.9. +- Python now defaults to 3.10, updated from 3.9. ## Backward Incompatibilities {#sec-release-22.11-incompatibilities} @@ -111,9 +111,9 @@ In addition to numerous new and upgraded packages, this release includes the fol - The `fetchgit` fetcher now uses [cone mode](https://www.git-scm.com/docs/git-sparse-checkout/2.37.0#_internalscone_mode_handling) by default for sparse checkouts. [Non-cone mode](https://www.git-scm.com/docs/git-sparse-checkout/2.37.0#_internalsnon_cone_problems) can be enabled by passing `nonConeMode = true`, but note that non-cone mode is deprecated and this option may be removed alongside a future Git update without notice. -- The `fetchgit` fetcher supports sparse checkouts via the `sparseCheckout` option. This used to accept a multi-line string with directories/patterns to check out, but now requires a list of strings +- The `fetchgit` fetcher supports sparse checkouts via the `sparseCheckout` option. This used to accept a multi-line string with directories/patterns to check out, but now requires a list of strings. -- `openssh` was updated to version 9.1, disabling the generation of DSA keys when using `ssh-keygen -A` as they are insecure. Also, `SetEnv` directives in `ssh_config` and `sshd_config` are now first-match-wins +- `openssh` was updated to version 9.1, disabling the generation of DSA keys when using `ssh-keygen -A` as they are insecure. Also, `SetEnv` directives in `ssh_config` and `sshd_config` are now first-match-wins. - `bsp-layout` no longer uses the command `cycle` to switch to other window layouts, as it got replaced by the commands `previous` and `next`. @@ -149,7 +149,7 @@ In addition to numerous new and upgraded packages, this release includes the fol - Emacs now uses the Lucid toolkit by default instead of GTK because of stability and compatibility issues. Users who still wish to remain using GTK can do so by using `emacs-gtk`. -- `kanidm` has been updated to 1.1.0-alpha.10 and now requires a TLS certificate and key. It will always start `https` and-–-if enabled-–-an LDAPS server and no HTTP and LDAP server anymore +- `kanidm` has been updated to 1.1.0-alpha.10 and now requires a TLS certificate and key. It will always start `https` and-–-if enabled-–-an LDAPS server and no HTTP and LDAP server anymore. - riak package removed along with `services.riak` module, due to lack of maintainer to update the package. @@ -444,7 +444,7 @@ In addition to numerous new and upgraded packages, this release includes the fol - The option `services.picom.experimentalBackends` was removed since it is now the default and the option will cause `picom` to quit instead. -- `haskellPackage.callHackage` is not always invalidated if `all-cabal-hashes` changes, leading to less rebuilds of haskell dependencies. +- `haskellPackages.callHackage` is not always invalidated if `all-cabal-hashes` changes, leading to less rebuilds of haskell dependencies. - `haskellPackages.callHackage` and `haskellPackages.callCabal2nix` (and related functions) no longer keep a reference to the `cabal2nix` call used to generate them. As a result, they will be garbage collected more often. @@ -452,89 +452,84 @@ In addition to numerous new and upgraded packages, this release includes the fol ## New Services {#sec-release-22.11-new-services} +- [alps](https://git.sr.ht/~migadu/alps), a simple and extensible webmail. Available as [services.alps](#opt-services.alps.enable). + - [appvm](https://github.com/jollheef/appvm), Nix based app VMs. Available as [virtualisation.appvm](options.html#opt-virtualisation.appvm.enable). -- [automatic-timezoned](https://github.com/maxbrunet/automatic-timezoned). a Linux daemon to automatically update the system timezone based on location. Available as [services.automatic-timezoned](#opt-services.automatic-timezoned.enable). +- [AusweisApp2](https://www.ausweisapp.bund.de/), the authentication software for the German ID card. Available as [programs.ausweisapp](#opt-programs.ausweisapp.enable). -- [xray] (https://github.com/XTLS/Xray-core), a fully compatible v2ray-core replacement. Features XTLS, which when enabled on server and client, brings UDP FullCone NAT to proxy setups. Available as [services.xray](options.html#opt-services.xray.enable). +- [automatic-timezoned](https://github.com/maxbrunet/automatic-timezoned). a Linux daemon to automatically update the system timezone based on location. Available as [services.automatic-timezoned](#opt-services.automatic-timezoned.enable). -- [syncstorage-rs](https://github.com/mozilla-services/syncstorage-rs), a self-hostable sync server for Firefox. Available as [services.firefox-syncserver](options.html#opt-services.firefox-syncserver.enable). +- [Dolibarr](https://www.dolibarr.org/), an enterprise resource planning and customer relationship manager. Enable using [services.dolibarr](#opt-services.dolibarr.enable). - [dragonflydb](https://dragonflydb.io/), a modern replacement for Redis and Memcached. Available as [services.dragonflydb](#opt-services.dragonflydb.enable). -- [Komga](https://komga.org/), a free and open source comics/mangas media server. Available as [services.komga](#opt-services.komga.enable). - -- [Tandoor Recipes](https://tandoor.dev), a self-hosted multi-tenant recipe collection. Available as [services.tandoor-recipes](options.html#opt-services.tandoor-recipes.enable). - -- [HBase cluster](https://hbase.apache.org/), a distributed, scalable, big data store. Available as [services.hadoop.hbase](options.html#opt-services.hadoop.hbase.enable). - -- [Please](https://github.com/edneville/please), a Sudo clone written in Rust. Available as [security.please](#opt-security.please.enable) +- [endlessh-go](https://github.com/shizunge/endlessh-go), an SSH tarpit that exposes Prometheus metrics. Available as [services.endlessh-go](#opt-services.endlessh-go.enable). -- [Sachet](https://github.com/messagebird/sachet/), an SMS alerting tool for the Prometheus Alertmanager. Available as [services.prometheus.sachet](#opt-services.prometheus.sachet.enable). +- [endlessh](https://github.com/skeeto/endlessh), an SSH tarpit. Available as [services.endlessh](#opt-services.endlessh.enable). - [EVCC](https://evcc.io) is an EV charge controller with PV integration. It supports a multitude of chargers, meters, vehicle APIs and more and ties that together with a well-tested backend and a lightweight web frontend. Available as [services.evcc](#opt-services.evcc.enable). -- [infnoise](https://github.com/leetronics/infnoise), a hardware True Random Number Generator dongle. - Available as [services.infnoise](options.html#opt-services.infnoise.enable). +- [expressvpn](https://www.expressvpn.com), the CLI client for ExpressVPN. Available as [services.expressvpn](#opt-services.expressvpn.enable). -- [kthxbye](https://github.com/prymitive/kthxbye), an alert acknowledgement management daemon for Prometheus Alertmanager. Available as [services.kthxbye](options.html#opt-services.kthxbye.enable) +- [FreshRSS](https://freshrss.org/), a free, self-hostable RSS feed aggregator. Available as [services.freshrss](#opt-services.freshrss.enable). -- [kanata](https://github.com/jtroo/kanata), a tool to improve keyboard comfort and usability with advanced customization. - Available as [services.kanata](options.html#opt-services.kanata.enable). +- [Garage](https://garagehq.deuxfleurs.fr/), a simple object storage server for geodistributed deployments, alternative to MinIO. Available as [services.garage](#opt-services.garage.enable). -- [karma](https://github.com/prymitive/karma), an alert dashboard for Prometheus Alertmanager. Available as [services.karma](options.html#opt-services.karma.enable) +- [go-autoconfig](https://github.com/L11R/go-autoconfig), IMAP/SMTP autodiscover server. Available as [services.go-autoconfig](#opt-services.go-autoconfig.enable). -- [languagetool](https://languagetool.org/), a multilingual grammar, style, and spell checker. - Available as [services.languagetool](options.html#opt-services.languagetool.enable). +- [Grafana Tempo](https://www.grafana.com/oss/tempo/), a distributed tracing store. Available as [services.tempo](#opt-services.tempo.enable). -- [OpenRGB](https://gitlab.com/CalcProgrammer1/OpenRGB/-/tree/master), a FOSS tool for controlling RGB lighting. Available as [services.hardware.openrgb.enable](options.html#opt-services.hardware.openrgb.enable). +- [HBase cluster](https://hbase.apache.org/), a distributed, scalable, big data store. Available as [services.hadoop.hbase](options.html#opt-services.hadoop.hbase.enable). -- [Outline](https://www.getoutline.com/), a wiki and knowledge base similar to Notion. Available as [services.outline](#opt-services.outline.enable). +- [infnoise](https://github.com/leetronics/infnoise), a hardware True Random Number Generator dongle. Available as [services.infnoise](options.html#opt-services.infnoise.enable). -- [ntfy.sh](https://ntfy.sh), a push notification service. Available as [services.ntfy-sh](#opt-services.ntfy-sh.enable) +- [kanata](https://github.com/jtroo/kanata), a tool to improve keyboard comfort and usability with advanced customization. Available as [services.kanata](options.html#opt-services.kanata.enable). -- [alps](https://git.sr.ht/~migadu/alps), a simple and extensible webmail. Available as [services.alps](#opt-services.alps.enable). +- [karma](https://github.com/prymitive/karma), an alert dashboard for Prometheus Alertmanager. Available as [services.karma](options.html#opt-services.karma.enable) -- [endlessh](https://github.com/skeeto/endlessh), an SSH tarpit. Available as [services.endlessh](#opt-services.endlessh.enable). +- [Komga](https://komga.org/), a free and open source comics/mangas media server. Available as [services.komga](#opt-services.komga.enable). -- [endlessh-go](https://github.com/shizunge/endlessh-go), an SSH tarpit that exposes Prometheus metrics. Available as [services.endlessh-go](#opt-services.endlessh-go.enable). +- [kthxbye](https://github.com/prymitive/kthxbye), an alert acknowledgement management daemon for Prometheus Alertmanager. Available as [services.kthxbye](options.html#opt-services.kthxbye.enable) -- [Garage](https://garagehq.deuxfleurs.fr/), a simple object storage server for geodistributed deployments, alternative to MinIO. Available as [services.garage](#opt-services.garage.enable). +- [languagetool](https://languagetool.org/), a multilingual grammar, style, and spell checker. Available as [services.languagetool](options.html#opt-services.languagetool.enable). -- [netbird](https://netbird.io), a zero configuration VPN. - Available as [services.netbird](options.html#opt-services.netbird.enable). +- [Listmonk](https://listmonk.app), a self-hosted newsletter manager. Enable using [services.listmonk](options.html#opt-services.listmonk.enable). -- [persistent-evdev](https://github.com/aiberia/persistent-evdev), a daemon to add virtual proxy devices that mirror a physical input device but persist even if the underlying hardware is hot-plugged. Available as [services.persistent-evdev](#opt-services.persistent-evdev.enable). +- [Mepo](https://mepo.milesalan.com), a fast, simple, hackable OSM map viewer for mobile and desktop Linux. Available as [programs.mepo.enable](#opt-programs.mepo.enable). -- [schleuder](https://schleuder.org/), a mailing list manager with PGP support. Enable using [services.schleuder](#opt-services.schleuder.enable). +- [merecat](https://troglobit.com/projects/merecat/), a small and easy HTTP server based on thttpd. Available as [services.merecat](#opt-services.merecat.enable) -- [Dolibarr](https://www.dolibarr.org/), an enterprise resource planning and customer relationship manager. Enable using [services.dolibarr](#opt-services.dolibarr.enable). +- [netbird](https://netbird.io), a zero configuration VPN. Available as [services.netbird](options.html#opt-services.netbird.enable). -- [FreshRSS](https://freshrss.org/), a free, self-hostable RSS feed aggregator. Available as [services.freshrss](#opt-services.freshrss.enable). +- [ntfy.sh](https://ntfy.sh), a push notification service. Available as [services.ntfy-sh](#opt-services.ntfy-sh.enable) -- [expressvpn](https://www.expressvpn.com), the CLI client for ExpressVPN. Available as [services.expressvpn](#opt-services.expressvpn.enable). +- [OpenRGB](https://gitlab.com/CalcProgrammer1/OpenRGB/-/tree/master), a FOSS tool for controlling RGB lighting. Available as [services.hardware.openrgb.enable](options.html#opt-services.hardware.openrgb.enable). -- [merecat](https://troglobit.com/projects/merecat/), a small and easy HTTP server based on thttpd. Available as [services.merecat](#opt-services.merecat.enable) +- [Outline](https://www.getoutline.com/), a wiki and knowledge base similar to Notion. Available as [services.outline](#opt-services.outline.enable). -- [go-autoconfig](https://github.com/L11R/go-autoconfig), IMAP/SMTP autodiscover server. Available as [services.go-autoconfig](#opt-services.go-autoconfig.enable). +- [Patroni](https://github.com/zalando/patroni), a template for PostgreSQL HA with ZooKeeper, etcd or Consul. Available as [services.patroni](options.html#opt-services.patroni.enable). -- [tmate-ssh-server](https://github.com/tmate-io/tmate-ssh-server), server side part of [tmate](https://tmate.io/). Available as [services.tmate-ssh-server](#opt-services.tmate-ssh-server.enable). +- [persistent-evdev](https://github.com/aiberia/persistent-evdev), a daemon to add virtual proxy devices that mirror a physical input device but persist even if the underlying hardware is hot-plugged. Available as [services.persistent-evdev](#opt-services.persistent-evdev.enable). -- [Grafana Tempo](https://www.grafana.com/oss/tempo/), a distributed tracing store. Available as [services.tempo](#opt-services.tempo.enable). +- [Please](https://github.com/edneville/please), a Sudo clone written in Rust. Available as [security.please](#opt-security.please.enable). -- [AusweisApp2](https://www.ausweisapp.bund.de/), the authentication software for the German ID card. Available as [programs.ausweisapp](#opt-programs.ausweisapp.enable). +- [Prometheus IPMI exporter](https://github.com/prometheus-community/ipmi_exporter), an IPMI exporter for Prometheus. Available as [services.prometheus.exporters.ipmi](#opt-services.prometheus.exporters.ipmi.enable). -- [Patroni](https://github.com/zalando/patroni), a template for PostgreSQL HA with ZooKeeper, etcd or Consul. -Available as [services.patroni](options.html#opt-services.patroni.enable). +- [Sachet](https://github.com/messagebird/sachet/), an SMS alerting tool for the Prometheus Alertmanager. Available as [services.prometheus.sachet](#opt-services.prometheus.sachet.enable). -- [Prometheus IPMI exporter](https://github.com/prometheus-community/ipmi_exporter), an IPMI exporter for Prometheus. Available as [services.prometheus.exporters.ipmi](#opt-services.prometheus.exporters.ipmi.enable). +- [schleuder](https://schleuder.org/), a mailing list manager with PGP support. Enable using [services.schleuder](#opt-services.schleuder.enable). -- [WriteFreely](https://writefreely.org), a simple blogging platform with ActivityPub support. Available as [services.writefreely](options.html#opt-services.writefreely.enable). +- [syncstorage-rs](https://github.com/mozilla-services/syncstorage-rs), a self-hostable sync server for Firefox. Available as [services.firefox-syncserver](options.html#opt-services.firefox-syncserver.enable). -- [Listmonk](https://listmonk.app), a self-hosted newsletter manager. Enable using [services.listmonk](options.html#opt-services.listmonk.enable). +- [Tandoor Recipes](https://tandoor.dev), a self-hosted multi-tenant recipe collection. Available as [services.tandoor-recipes](options.html#opt-services.tandoor-recipes.enable). + +- [tmate-ssh-server](https://github.com/tmate-io/tmate-ssh-server), server side part of [tmate](https://tmate.io/). Available as [services.tmate-ssh-server](#opt-services.tmate-ssh-server.enable). - [Uptime Kuma](https://uptime.kuma.pet/), a fancy self-hosted monitoring tool. Available as [services.uptime-kuma](#opt-services.uptime-kuma.enable). -- [Mepo](https://mepo.milesalan.com), a fast, simple, hackable OSM map viewer for mobile and desktop Linux. Available as [programs.mepo.enable](#opt-programs.mepo.enable). +- [WriteFreely](https://writefreely.org), a simple blogging platform with ActivityPub support. Available as [services.writefreely](options.html#opt-services.writefreely.enable). + +- [xray](https://github.com/XTLS/Xray-core), a fully compatible v2ray-core replacement. Features XTLS, which when enabled on server and client, brings UDP FullCone NAT to proxy setups. Available as [services.xray](options.html#opt-services.xray.enable). <!-- To avoid merge conflicts, consider adding your item at an arbitrary place in the list instead. --> diff --git a/nixos/modules/services/misc/nix-daemon.nix b/nixos/modules/services/misc/nix-daemon.nix index 26e7cbfca733f..8eb1ed53d0c7c 100644 --- a/nixos/modules/services/misc/nix-daemon.nix +++ b/nixos/modules/services/misc/nix-daemon.nix @@ -414,6 +414,7 @@ in str int bool + path package ]); in diff --git a/nixos/modules/virtualisation/lxc-container.nix b/nixos/modules/virtualisation/lxc-container.nix index f05f04baa35da..a71b693410518 100644 --- a/nixos/modules/virtualisation/lxc-container.nix +++ b/nixos/modules/virtualisation/lxc-container.nix @@ -88,6 +88,16 @@ in }; ''; }; + + privilegedContainer = mkOption { + type = types.bool; + default = false; + description = lib.mdDoc '' + Whether this LXC container will be running as a privileged container or not. If set to `true` then + additional configuration will be applied to the `systemd` instance running within the container as + recommended by [distrobuilder](https://linuxcontainers.org/distrobuilder/introduction/). + ''; + }; }; }; @@ -146,12 +156,31 @@ in }; # Add the overrides from lxd distrobuilder - systemd.extraConfig = '' - [Service] - ProtectProc=default - ProtectControlGroups=no - ProtectKernelTunables=no - ''; + # https://github.com/lxc/distrobuilder/blob/05978d0d5a72718154f1525c7d043e090ba7c3e0/distrobuilder/main.go#L630 + systemd.packages = [ + (pkgs.writeTextFile { + name = "systemd-lxc-service-overrides"; + destination = "/etc/systemd/system/service.d/zzz-lxc-service.conf"; + text = '' + [Service] + ProcSubset=all + ProtectProc=default + ProtectControlGroups=no + ProtectKernelTunables=no + NoNewPrivileges=no + LoadCredential= + '' + optionalString cfg.privilegedContainer '' + # Additional settings for privileged containers + ProtectHome=no + ProtectSystem=no + PrivateDevices=no + PrivateTmp=no + ProtectKernelLogs=no + ProtectKernelModules=no + ReadWritePaths= + ''; + }) + ]; # Allow the user to login as root without password. users.users.root.initialHashedPassword = mkOverride 150 ""; diff --git a/pkgs/applications/audio/vimpc/default.nix b/pkgs/applications/audio/vimpc/default.nix index 5cc3c1099995f..7e834efb95249 100644 --- a/pkgs/applications/audio/vimpc/default.nix +++ b/pkgs/applications/audio/vimpc/default.nix @@ -44,7 +44,7 @@ stdenv.mkDerivation rec { description = "A vi/vim inspired client for the Music Player Daemon (mpd)"; homepage = "https://github.com/boysetsfrog/vimpc"; license = licenses.gpl3; - platforms = platforms.linux; + platforms = platforms.unix; maintainers = with maintainers; [ pSub ]; }; } diff --git a/pkgs/applications/editors/emacs/generic.nix b/pkgs/applications/editors/emacs/generic.nix index 486435cc86b47..3e195fdec6a9c 100644 --- a/pkgs/applications/editors/emacs/generic.nix +++ b/pkgs/applications/editors/emacs/generic.nix @@ -7,7 +7,7 @@ , patches ? _: [ ] , macportVersion ? null }: -{ stdenv, llvmPackages_6, lib, fetchurl, fetchpatch, ncurses, xlibsWrapper, libXaw, libXpm +{ stdenv, llvmPackages_6, lib, fetchurl, fetchpatch, substituteAll, ncurses, xlibsWrapper, libXaw, libXpm , Xaw3d, libXcursor, pkg-config, gettext, libXft, dbus, libpng, libjpeg, giflib , libtiff, librsvg, libwebp, gconf, libxml2, imagemagick, gnutls, libselinux , alsa-lib, cairo, acl, gpm, m17n_lib, libotf @@ -67,7 +67,25 @@ let emacs = (if withMacport then llvmPackages_6.stdenv else stdenv).mkDerivation pname = pname + lib.optionalString ( !withX && !withNS && !withMacport && !withGTK2 && !withGTK3 ) "-nox"; inherit version; - patches = patches fetchpatch; + patches = patches fetchpatch ++ lib.optionals nativeComp [ + (substituteAll { + src = if lib.versionOlder version "29" + then ./native-comp-driver-options-28.patch + else ./native-comp-driver-options.patch; + backendPath = (lib.concatStringsSep " " + (builtins.map (x: ''"-B${x}"'') [ + # Paths necessary so the JIT compiler finds its libraries: + "${lib.getLib libgccjit}/lib" + "${lib.getLib libgccjit}/lib/gcc" + "${lib.getLib stdenv.cc.libc}/lib" + + # Executable paths necessary for compilation (ld, as): + "${lib.getBin stdenv.cc.cc}/bin" + "${lib.getBin stdenv.cc.bintools}/bin" + "${lib.getBin stdenv.cc.bintools.bintools}/bin" + ])); + }) + ]; src = if macportVersion != null then fetchFromBitbucket { owner = "mituharu"; @@ -112,25 +130,6 @@ let emacs = (if withMacport then llvmPackages_6.stdenv else stdenv).mkDerivation done '' - # Make native compilation work both inside and outside of nix build - (lib.optionalString nativeComp (let - backendPath = (lib.concatStringsSep " " - (builtins.map (x: ''\"-B${x}\"'') [ - # Paths necessary so the JIT compiler finds its libraries: - "${lib.getLib libgccjit}/lib" - "${lib.getLib libgccjit}/lib/gcc" - "${lib.getLib stdenv.cc.libc}/lib" - - # Executable paths necessary for compilation (ld, as): - "${lib.getBin stdenv.cc.cc}/bin" - "${lib.getBin stdenv.cc.bintools}/bin" - "${lib.getBin stdenv.cc.bintools.bintools}/bin" - ])); - in '' - substituteInPlace lisp/emacs-lisp/comp.el --replace \ - "(defcustom native-comp-driver-options nil" \ - "(defcustom native-comp-driver-options '(${backendPath})" - '')) "" ]; diff --git a/pkgs/applications/editors/emacs/native-comp-driver-options-28.patch b/pkgs/applications/editors/emacs/native-comp-driver-options-28.patch new file mode 100644 index 0000000000000..98c6da305145d --- /dev/null +++ b/pkgs/applications/editors/emacs/native-comp-driver-options-28.patch @@ -0,0 +1,16 @@ +diff --git a/lisp/emacs-lisp/comp.el b/lisp/emacs-lisp/comp.el +index a5ab12ae38..e33e71cb55 100644 +--- a/lisp/emacs-lisp/comp.el ++++ b/lisp/emacs-lisp/comp.el +@@ -178,7 +178,7 @@ native-comp-compiler-options + :type '(repeat string) + :version "28.1") + +-(defcustom native-comp-driver-options nil ++(defcustom native-comp-driver-options '(@backendPath@) + "Options passed verbatim to the native compiler's back-end driver. + Note that not all options are meaningful; typically only the options + affecting the assembler and linker are likely to be useful. +-- +2.37.3 + diff --git a/pkgs/applications/editors/emacs/native-comp-driver-options.patch b/pkgs/applications/editors/emacs/native-comp-driver-options.patch new file mode 100644 index 0000000000000..58eee35aed0af --- /dev/null +++ b/pkgs/applications/editors/emacs/native-comp-driver-options.patch @@ -0,0 +1,19 @@ +diff --git a/lisp/emacs-lisp/comp.el b/lisp/emacs-lisp/comp.el +index 2c9b79334b..50c6b5ac85 100644 +--- a/lisp/emacs-lisp/comp.el ++++ b/lisp/emacs-lisp/comp.el +@@ -178,8 +178,9 @@ native-comp-compiler-options + :type '(repeat string) + :version "28.1") + +-(defcustom native-comp-driver-options (when (eq system-type 'darwin) +- '("-Wl,-w")) ++(defcustom native-comp-driver-options (append (when (eq system-type 'darwin) ++ '("-Wl,-w")) ++ '(@backendPath@)) + "Options passed verbatim to the native compiler's back-end driver. + Note that not all options are meaningful; typically only the options + affecting the assembler and linker are likely to be useful. +-- +2.37.3 + diff --git a/pkgs/applications/networking/cluster/terraform/default.nix b/pkgs/applications/networking/cluster/terraform/default.nix index b6601bb91bfe4..fe105fa3b71ab 100644 --- a/pkgs/applications/networking/cluster/terraform/default.nix +++ b/pkgs/applications/networking/cluster/terraform/default.nix @@ -168,8 +168,8 @@ rec { mkTerraform = attrs: pluggable (generic attrs); terraform_1 = mkTerraform { - version = "1.3.5"; - sha256 = "sha256-+jmZcIF9+vvjoA/PXWCc3F4l3YnlpZgxs0eGxchiIBE="; + version = "1.3.6"; + sha256 = "sha256-aETsvcHoHSwqWCAdn9JPJLcX1Wi1umUghSjkq37OYDU="; vendorSha256 = "sha256-fviukVGBkbxFs2fJpEp/tFMymXex7NRQdcGIIA9W88k="; patches = [ ./provider-path-0_15.patch ]; passthru = { diff --git a/pkgs/applications/virtualization/docker/default.nix b/pkgs/applications/virtualization/docker/default.nix index 90a17ae87f485..35416a898f06d 100644 --- a/pkgs/applications/virtualization/docker/default.nix +++ b/pkgs/applications/virtualization/docker/default.nix @@ -15,10 +15,10 @@ rec { , iptables, e2fsprogs, xz, util-linux, xfsprogs, git , procps, rootlesskit, slirp4netns, fuse-overlayfs, nixosTests , clientOnly ? !stdenv.isLinux, symlinkJoin - , withSystemd ? true, systemd - , withBtrfs ? true, btrfs-progs - , withLvm ? true, lvm2 - , withSeccomp ? true, libseccomp + , withSystemd ? stdenv.isLinux, systemd + , withBtrfs ? stdenv.isLinux, btrfs-progs + , withLvm ? stdenv.isLinux, lvm2 + , withSeccomp ? stdenv.isLinux, libseccomp }: let docker-runc = runc.overrideAttrs (oldAttrs: { diff --git a/pkgs/applications/window-managers/river/default.nix b/pkgs/applications/window-managers/river/default.nix index b1f80d102d2a3..3231882a4fba2 100644 --- a/pkgs/applications/window-managers/river/default.nix +++ b/pkgs/applications/window-managers/river/default.nix @@ -52,6 +52,7 @@ stdenv.mkDerivation rec { installPhase = '' runHook preInstall zig build -Drelease-safe -Dcpu=baseline ${lib.optionalString xwaylandSupport "-Dxwayland"} -Dman-pages --prefix $out install + install contrib/river.desktop -Dt $out/share/wayland-sessions runHook postInstall ''; @@ -61,6 +62,8 @@ stdenv.mkDerivation rec { */ installFlags = [ "DESTDIR=$(out)" ]; + passthru.providedSessions = ["river"]; + meta = with lib; { homepage = "https://github.com/ifreund/river"; description = "A dynamic tiling wayland compositor"; diff --git a/pkgs/development/libraries/mongoc/default.nix b/pkgs/development/libraries/mongoc/default.nix index 8b5753b3aca99..ecb247de0ba40 100644 --- a/pkgs/development/libraries/mongoc/default.nix +++ b/pkgs/development/libraries/mongoc/default.nix @@ -1,19 +1,36 @@ -{ lib, stdenv, fetchzip, perl, pkg-config, libbson -, openssl, which, zlib, snappy +{ + lib, + stdenv, + fetchzip, + cmake, + pkg-config, + perl, + openssl, + zlib, + cyrus_sasl, + libbson, + snappy, }: - stdenv.mkDerivation rec { pname = "mongoc"; - version = "1.8.0"; + version = "1.23.1"; src = fetchzip { url = "https://github.com/mongodb/mongo-c-driver/releases/download/${version}/mongo-c-driver-${version}.tar.gz"; sha256 = "1vnnk3pwbcmwva1010bl111kdcdx3yb2w7j7a78hhvrm1k9r1wp8"; }; - nativeBuildInputs = [ pkg-config which perl ]; - buildInputs = [ openssl zlib ]; - propagatedBuildInputs = [ libbson snappy ]; + # https://github.com/NixOS/nixpkgs/issues/25585 + preFixup = ''rm -rf "$(pwd)" ''; + + nativeBuildInputs = [cmake pkg-config perl]; + buildInputs = [openssl zlib cyrus_sasl]; + propagatedBuildInputs = [libbson snappy]; + + # -DMONGOC_TEST_USE_CRYPT_SHARED=OFF + # The `mongodl.py` script is causing issues, and you also need to disabled sandboxing for it. However, it is used only to run some tests. + # https://www.mongodb.com/community/forums/t/problem-downloading-crypt-shared-when-installing-the-mongodb-c-driver/189370 + cmakeFlags = ["-DCMAKE_BUILD_TYPE=Release" "-DENABLE_AUTOMATIC_INIT_AND_CLEANUP=OFF" "-DMONGOC_TEST_USE_CRYPT_SHARED=OFF"]; enableParallelBuilding = true; @@ -22,6 +39,7 @@ stdenv.mkDerivation rec { homepage = "http://mongoc.org"; license = licenses.asl20; mainProgram = "mongoc-stat"; + maintainers = with maintainers; [archer-65]; platforms = platforms.all; }; } diff --git a/pkgs/development/python-modules/adafruit-platformdetect/default.nix b/pkgs/development/python-modules/adafruit-platformdetect/default.nix index a87ec356dc06c..64aca1ab3eedd 100644 --- a/pkgs/development/python-modules/adafruit-platformdetect/default.nix +++ b/pkgs/development/python-modules/adafruit-platformdetect/default.nix @@ -7,7 +7,7 @@ buildPythonPackage rec { pname = "adafruit-platformdetect"; - version = "3.35.0"; + version = "3.36.0"; format = "setuptools"; disabled = pythonOlder "3.7"; @@ -15,7 +15,7 @@ buildPythonPackage rec { src = fetchPypi { pname = "Adafruit-PlatformDetect"; inherit version; - hash = "sha256-B0WxkloPTjILXfLl2FgoE9/7OkVdxU05mKAYcoPqCxM="; + hash = "sha256-c5AJsTR6qfBtxlTkjRpVoxDGO6TxJ6BvD9HX+Icf1ig="; }; nativeBuildInputs = [ diff --git a/pkgs/development/python-modules/ailment/default.nix b/pkgs/development/python-modules/ailment/default.nix index 6ad9cd017ed94..6253c43d60c64 100644 --- a/pkgs/development/python-modules/ailment/default.nix +++ b/pkgs/development/python-modules/ailment/default.nix @@ -8,7 +8,7 @@ buildPythonPackage rec { pname = "ailment"; - version = "9.2.26"; + version = "9.2.27"; format = "pyproject"; disabled = pythonOlder "3.8"; @@ -17,7 +17,7 @@ buildPythonPackage rec { owner = "angr"; repo = pname; rev = "v${version}"; - hash = "sha256-/M0D252/YaJhmyJv51sOoAUCDbcxbIndF8mw9ATtYMQ="; + hash = "sha256-siODqRqji2u+EJag/wTXCZG4LATNxggpMtqMHZAfQ9o="; }; nativeBuildInputs = [ diff --git a/pkgs/development/python-modules/angr/default.nix b/pkgs/development/python-modules/angr/default.nix index 91d4ff4211f88..f592ba98e3903 100644 --- a/pkgs/development/python-modules/angr/default.nix +++ b/pkgs/development/python-modules/angr/default.nix @@ -31,7 +31,7 @@ buildPythonPackage rec { pname = "angr"; - version = "9.2.26"; + version = "9.2.27"; format = "pyproject"; disabled = pythonOlder "3.8"; @@ -40,7 +40,7 @@ buildPythonPackage rec { owner = pname; repo = pname; rev = "v${version}"; - hash = "sha256-6NqxJETKBDUmOOM+RjD3gdvqfsXFqoHhhaL55D+Ajz8="; + hash = "sha256-ttq9V+Bhmbeit3OBUquIlLW7HQeCe2+KE/QkuvLJMjE="; }; propagatedBuildInputs = [ diff --git a/pkgs/development/python-modules/angrop/default.nix b/pkgs/development/python-modules/angrop/default.nix index ea47444d47cea..eb8c6706b5d55 100644 --- a/pkgs/development/python-modules/angrop/default.nix +++ b/pkgs/development/python-modules/angrop/default.nix @@ -2,6 +2,7 @@ , angr , buildPythonPackage , fetchFromGitHub +, fetchpatch , progressbar , pythonOlder , pythonRelaxDepsHook @@ -22,6 +23,14 @@ buildPythonPackage rec { hash = "sha256-wIPk7Cz7FSPviPFBSLrBjLr9M0o3pyoJM7wiAhHrg9Q="; }; + patches = [ + (fetchpatch { + name = "compatibility-with-newer-angr.patch"; + url = "https://github.com/angr/angrop/commit/23194ee4ecdcb7a7390ec04eb133786ec3f807b1.patch"; + hash = "sha256-n9/oPUblUHSk81qwU129rnNOjsNViaegp6454CaDo+8="; + }) + ]; + nativeBuildInputs = [ pythonRelaxDepsHook ]; diff --git a/pkgs/development/python-modules/archinfo/default.nix b/pkgs/development/python-modules/archinfo/default.nix index 47dc3c22a799b..7081f426c66f2 100644 --- a/pkgs/development/python-modules/archinfo/default.nix +++ b/pkgs/development/python-modules/archinfo/default.nix @@ -8,7 +8,7 @@ buildPythonPackage rec { pname = "archinfo"; - version = "9.2.26"; + version = "9.2.27"; format = "pyproject"; disabled = pythonOlder "3.8"; @@ -17,7 +17,7 @@ buildPythonPackage rec { owner = "angr"; repo = pname; rev = "v${version}"; - hash = "sha256-aiOJxdQnpNa4zCHRysyw9JsW9GQTHha8lup8VErgiDA="; + hash = "sha256-dzD73jmbeQQY/IjF6XRdOcDIhR2lzeA2XQdipssiT00="; }; nativeBuildInputs = [ diff --git a/pkgs/development/python-modules/claripy/default.nix b/pkgs/development/python-modules/claripy/default.nix index 7c3296cbd7204..9afd28132e150 100644 --- a/pkgs/development/python-modules/claripy/default.nix +++ b/pkgs/development/python-modules/claripy/default.nix @@ -15,7 +15,7 @@ buildPythonPackage rec { pname = "claripy"; - version = "9.2.26"; + version = "9.2.27"; format = "pyproject"; disabled = pythonOlder "3.8"; @@ -24,7 +24,7 @@ buildPythonPackage rec { owner = "angr"; repo = pname; rev = "v${version}"; - hash = "sha256-niJaHsvIX7NFA+pWufTA6j+Jvj6LcGlC+RaLNFn7yBo="; + hash = "sha256-7tn/OdPNUnbF2T0wASCBfuTZ0zI1j8GY5kh0QwbzS+8="; }; nativeBuildInputs = [ diff --git a/pkgs/development/python-modules/cle/default.nix b/pkgs/development/python-modules/cle/default.nix index 038062982f85f..88d472a9de7a1 100644 --- a/pkgs/development/python-modules/cle/default.nix +++ b/pkgs/development/python-modules/cle/default.nix @@ -16,7 +16,7 @@ let # The binaries are following the argr projects release cycle - version = "9.2.26"; + version = "9.2.27"; # Binary files from https://github.com/angr/binaries (only used for testing and only here) binaries = fetchFromGitHub { @@ -38,7 +38,7 @@ buildPythonPackage rec { owner = "angr"; repo = pname; rev = "v${version}"; - hash = "sha256-o6JGxEiG4HD4leAf1+NOEDQ5gkmRaDXl2SZtcVtH6f0="; + hash = "sha256-PP8TdAiyqdcgJNz5jYjAFcuv42ca0zfLwL289XKDqk4="; }; nativeBuildInputs = [ diff --git a/pkgs/development/python-modules/fakeredis/default.nix b/pkgs/development/python-modules/fakeredis/default.nix index 317f3d4067595..cc45b86ab6265 100644 --- a/pkgs/development/python-modules/fakeredis/default.nix +++ b/pkgs/development/python-modules/fakeredis/default.nix @@ -16,7 +16,7 @@ buildPythonPackage rec { pname = "fakeredis"; - version = "2.0.0"; + version = "2.1.0"; format = "pyproject"; disabled = pythonOlder "3.7"; @@ -25,7 +25,7 @@ buildPythonPackage rec { owner = "dsoftwareinc"; repo = "fakeredis-py"; rev = "refs/tags/v${version}"; - hash = "sha256-y9fuVg5Mu0ZT8hoja9V5mEfOz/hPH66Zbk5Rr/luPSc="; + hash = "sha256-d+colAAESTt2YME8URX3e/l6GsC1l0vzg3wY/NQPkDk="; }; nativeBuildInputs = [ @@ -61,6 +61,7 @@ buildPythonPackage rec { meta = with lib; { description = "Fake implementation of Redis API"; homepage = "https://github.com/dsoftwareinc/fakeredis-py"; + changelog = "https://github.com/cunla/fakeredis-py/releases/tag/v${version}"; license = with licenses; [ mit ]; maintainers = with maintainers; [ fab ]; }; diff --git a/pkgs/development/python-modules/growattserver/default.nix b/pkgs/development/python-modules/growattserver/default.nix index 03a43a92eecfd..f8fb0996e29ff 100644 --- a/pkgs/development/python-modules/growattserver/default.nix +++ b/pkgs/development/python-modules/growattserver/default.nix @@ -7,7 +7,7 @@ buildPythonPackage rec { pname = "growattserver"; - version = "1.2.4"; + version = "1.3.0"; format = "setuptools"; disabled = pythonOlder "3.7"; @@ -16,7 +16,7 @@ buildPythonPackage rec { owner = "indykoning"; repo = "PyPi_GrowattServer"; rev = "refs/tags/${version}"; - hash = "sha256-HZsgha7CAjJYDDBlh2Ib24glUiMAXpNR8KsSdm78BA8="; + hash = "sha256-xriI4VFLTTeYkfIu7kb/k1OcgnHhCdvl5Ic/JF4Pf6s="; }; propagatedBuildInputs = [ @@ -33,6 +33,7 @@ buildPythonPackage rec { meta = with lib; { description = "Python package to retrieve information from Growatt units"; homepage = "https://github.com/indykoning/PyPi_GrowattServer"; + changelog = "https://github.com/indykoning/PyPi_GrowattServer/releases/tag/${version}"; license = licenses.mit; maintainers = with maintainers; [ fab ]; }; diff --git a/pkgs/development/python-modules/hachoir/default.nix b/pkgs/development/python-modules/hachoir/default.nix index c7d4178e3bf9a..3a1a34f8340b5 100644 --- a/pkgs/development/python-modules/hachoir/default.nix +++ b/pkgs/development/python-modules/hachoir/default.nix @@ -8,7 +8,7 @@ buildPythonPackage rec { pname = "hachoir"; - version = "3.1.3"; + version = "3.2.0"; format = "setuptools"; disabled = pythonOlder "3.7"; @@ -16,8 +16,8 @@ buildPythonPackage rec { src = fetchFromGitHub { owner = "vstinner"; repo = pname; - rev = version; - hash = "sha256-HlxDwkU0GccO+IUzbtVpLbsAo+Mcacm4/WrXWCsmpBg="; + rev = "refs/tags/${version}"; + hash = "sha256-BRrb6bnPSDVjZF1cOA9NlUYd2HrtqZEAVhHgkjmE0Xg="; }; propagatedBuildInputs = [ @@ -35,6 +35,7 @@ buildPythonPackage rec { meta = with lib; { description = "Python library to view and edit a binary stream"; homepage = "https://hachoir.readthedocs.io/"; + changelog = "https://github.com/vstinner/hachoir/blob/${version}/doc/changelog.rst"; license = with licenses; [ gpl2Only ]; maintainers = with maintainers; [ fab ]; }; diff --git a/pkgs/development/python-modules/manimpango/default.nix b/pkgs/development/python-modules/manimpango/default.nix index 48487af1bc473..6a56682605497 100644 --- a/pkgs/development/python-modules/manimpango/default.nix +++ b/pkgs/development/python-modules/manimpango/default.nix @@ -13,7 +13,7 @@ buildPythonPackage rec { pname = "manimpango"; - version = "0.4.2"; + version = "0.4.3"; format = "setuptools"; disabled = pythonOlder "3.7"; @@ -22,7 +22,7 @@ buildPythonPackage rec { owner = "ManimCommunity"; repo = pname; rev = "refs/tags/v${version}"; - hash = "sha256-ftoESXUMc+jnKmEzhmwZc/R7vVX9idsezPFHRUzPbaU="; + hash = "sha256-FT3X6TmGfwd8kRPtuqy78ZCGeEGGg6IJEeEpB7ZbIsA="; }; nativeBuildInputs = [ diff --git a/pkgs/development/python-modules/meshtastic/default.nix b/pkgs/development/python-modules/meshtastic/default.nix index dc545b48874a2..3857ea2971d0d 100644 --- a/pkgs/development/python-modules/meshtastic/default.nix +++ b/pkgs/development/python-modules/meshtastic/default.nix @@ -18,7 +18,7 @@ buildPythonPackage rec { pname = "meshtastic"; - version = "2.0.4"; + version = "2.0.5"; format = "setuptools"; disabled = pythonOlder "3.7"; @@ -27,7 +27,7 @@ buildPythonPackage rec { owner = "meshtastic"; repo = "Meshtastic-python"; rev = "refs/tags/${version}"; - hash = "sha256-WPmoK/5pTVv9ueRnR6Gxtj86LM8ChB0dMfEvo+lLmy0="; + hash = "sha256-wzDi4C/XUykoTxgoDneQzWplTlo0bGUODM38Eza4fUY="; }; propagatedBuildInputs = [ diff --git a/pkgs/development/python-modules/opytimark/default.nix b/pkgs/development/python-modules/opytimark/default.nix new file mode 100644 index 0000000000000..059c5555b997b --- /dev/null +++ b/pkgs/development/python-modules/opytimark/default.nix @@ -0,0 +1,58 @@ +{ lib +, buildPythonPackage +, fetchFromGitHub +, fetchpatch +, numpy +, pytestCheckHook +, pythonOlder +}: + +buildPythonPackage rec { + pname = "opytimizer"; + version = "1.0.8"; + format = "setuptools"; + + disabled = pythonOlder "3.7"; + + src = fetchFromGitHub { + owner = "gugarosa"; + repo = "opytimark"; + rev = "v${version}"; + hash = "sha256-T3OFm10gvGrUXAAHOnO0Zv1nWrXPBXSmEWnbJxrWYU0="; + }; + + patches = [ + (fetchpatch { + url = "https://patch-diff.githubusercontent.com/raw/gugarosa/opytimark/pull/2.patch"; + hash = "sha256-r/oCKI9Q1nuCZDGHx7UW8j523sFe4EFmguMOJTs/LOU="; + }) + ]; + + propagatedBuildInputs = [ + numpy + ]; + + checkInputs = [ + pytestCheckHook + ]; + + # several tests are failing + disabledTests = [ + "test_year" + "test_decorator" + "test_loader" + "cec_benchmark" + ]; + + pythonImportsCheck = [ + "opytimark" + ]; + + meta = with lib; { + description = "Library consisting of optimization benchmarking functions"; + homepage = "https://github.com/gugarosa/opytimark"; + changelog = "https://github.com/gugarosa/opytimark/releases/tag/v${version}"; + license = licenses.asl20; + maintainers = with maintainers; [ firefly-cpp ]; + }; +} diff --git a/pkgs/development/python-modules/pyvex/default.nix b/pkgs/development/python-modules/pyvex/default.nix index 0224ffeb43a0a..88670ec9f7a5c 100644 --- a/pkgs/development/python-modules/pyvex/default.nix +++ b/pkgs/development/python-modules/pyvex/default.nix @@ -13,14 +13,14 @@ buildPythonPackage rec { pname = "pyvex"; - version = "9.2.26"; + version = "9.2.27"; format = "pyproject"; disabled = pythonOlder "3.8"; src = fetchPypi { inherit pname version; - hash = "sha256-stxFT4oM4qLHXFJ2+kTNVgcjQ77239Gg0rp6T76wVBU="; + hash = "sha256-r46rTS9MOMUUWRwGF3pohV+1bPL03VmoILEjEKfr04o="; }; nativeBuildInputs = [ diff --git a/pkgs/development/python-modules/signalslot/default.nix b/pkgs/development/python-modules/signalslot/default.nix new file mode 100644 index 0000000000000..44f1c91fc4357 --- /dev/null +++ b/pkgs/development/python-modules/signalslot/default.nix @@ -0,0 +1,48 @@ +{ stdenv +, lib +, buildPythonPackage +, fetchPypi +, contexter +, eventlet +, mock +, pytestCheckHook +, six +, weakrefmethod +}: + +buildPythonPackage rec { + pname = "signalslot"; + version = "0.1.2"; + + src = fetchPypi { + inherit pname version; + sha256 = "sha256-Z26RPNau+4719e82jMhb2LyIR6EvsANI8r3+eKuw494="; + }; + + propagatedBuildInputs = [ + contexter + six + weakrefmethod + ]; + + checkInputs = [ + eventlet + mock + pytestCheckHook + ]; + + pythonImportsCheck = [ "signalslot" ]; + + postPatch = '' + substituteInPlace setup.cfg \ + --replace "--pep8 --cov" "" \ + --replace "--cov-report html" "" + ''; + + meta = with lib; { + description = "Simple Signal/Slot implementation"; + homepage = "https://github.com/numergy/signalslot"; + license = licenses.mit; + maintainers = with maintainers; [ myaats ]; + }; +} diff --git a/pkgs/development/python-modules/weakrefmethod/default.nix b/pkgs/development/python-modules/weakrefmethod/default.nix new file mode 100644 index 0000000000000..66c0aef2eb9fe --- /dev/null +++ b/pkgs/development/python-modules/weakrefmethod/default.nix @@ -0,0 +1,24 @@ +{ stdenv, lib, buildPythonPackage, fetchPypi, unittest2 }: + +buildPythonPackage rec { + pname = "weakrefmethod"; + version = "1.0.3"; + + src = fetchPypi { + inherit pname version; + sha256 = "sha256-N7wfu1V1rPghctTre2/EQS131aHXDf8sH4pFdDAc2mY="; + }; + + checkInputs = [ + unittest2 + ]; + + pythonImportsCheck = [ "weakrefmethod" ]; + + meta = with lib; { + description = "A WeakMethod class for storing bound methods using weak references"; + homepage = "https://github.com/twang817/weakrefmethod"; + license = licenses.psfl; + maintainers = with maintainers; [ myaats ]; + }; +} diff --git a/pkgs/development/tools/appthreat-depscan/default.nix b/pkgs/development/tools/appthreat-depscan/default.nix index e6d107b393562..81096c44ac444 100644 --- a/pkgs/development/tools/appthreat-depscan/default.nix +++ b/pkgs/development/tools/appthreat-depscan/default.nix @@ -5,13 +5,13 @@ python3.pkgs.buildPythonApplication rec { pname = "appthreat-depscan"; - version = "3.2.1"; + version = "3.2.3"; src = fetchFromGitHub { owner = "AppThreat"; repo = "dep-scan"; rev = "refs/tags/v${version}"; - hash = "sha256-tBhsH5ZlEsrboOCSJLcwY9kYv0aK9IrLCU+ZjY0y648="; + hash = "sha256-VWFYgRIpEmOpOonazoRF0wPUfAiOu90gxm22M6Wkvgo="; }; propagatedBuildInputs = with python3.pkgs; [ diff --git a/pkgs/development/tools/steamos-devkit/default.nix b/pkgs/development/tools/steamos-devkit/default.nix new file mode 100644 index 0000000000000..8451f7f9898eb --- /dev/null +++ b/pkgs/development/tools/steamos-devkit/default.nix @@ -0,0 +1,135 @@ +{ lib +, fetchFromGitHub +, fetchFromGitLab +, writeScript +, python3 +, copyDesktopItems +, makeDesktopItem +, pkg-config +, SDL2 +}: +let + # steamos-devkit requires a build of the unreleased pyimgui 2.0 branch, move to pythonPackages when 2.0 is released. + pyimgui = python3.pkgs.buildPythonPackage { + pname = "pyimgui"; + version = "unstable-2022-03-06"; + + src = fetchFromGitHub { + owner = "pyimgui"; + repo = "pyimgui"; + rev = "1f095af5886f424ee12f26fa93b108b6420fafa4"; # dev/version-2.0 branch + fetchSubmodules = true; + sha256 = "sha256-k070ue132m8H1Zm8bo7J7spCS5dSTGOj689ci7vJ+aw="; + }; + + nativeBuildInputs = with python3.pkgs; [ + cython + pkg-config + SDL2 + ]; + + propagatedBuildInputs = with python3.pkgs; [ + click + pyopengl + pysdl2 + ]; + + # Requires OpenGL acceleration + doCheck = false; + pythonImportsCheck = [ "imgui" ]; + }; + steamos-devkit-script = '' + #!${python3.interpreter} + import os + + # Change the cwd to avoid imgui using cwd which often is ~ to store the state, use the same location as the settings + path = os.path.expanduser(os.path.join("~", ".devkit-client-gui")) + os.makedirs(path, exist_ok=True) + os.chdir(path) + + # Workaround to get pysdl to work on wayland, remove when https://gitlab.steamos.cloud/devkit/steamos-devkit/-/issues/1 is solved. + if os.environ.get("XDG_SESSION_TYPE") == "wayland": + os.environ["SDL_VIDEODRIVER"] = "wayland" + + import devkit_client.gui2 + devkit_client.gui2.main() + ''; +in +python3.pkgs.buildPythonPackage rec { + pname = "steamos-devkit"; + version = "0.20221101"; + + src = fetchFromGitLab { + domain = "gitlab.steamos.cloud"; + owner = "devkit"; + repo = "steamos-devkit"; + rev = "v${version}"; + sha256 = "sha256-VKnfcMF3WxkvqxlhJF+5j4Hso/TZpSS4dMOmSrWagRU="; + }; + + propagatedBuildInputs = with python3.pkgs; [ + appdirs + bcrypt + cffi + cryptography + idna + ifaddr + netifaces + numpy + paramiko + pycparser + pyimgui + pynacl + pysdl2 + signalslot + six + ]; + + nativeBuildInputs = [ + copyDesktopItems + ]; + + postUnpack = '' + # Find the absolute source root to link correctly to the previous root + prevRoot=$(realpath $sourceRoot) + + # Update the source root to the devkit_client package + sourceRoot="$sourceRoot/client" + + # Link the setup script into the new source root + ln -s $prevRoot/setup/shiv-linux-setup.py $sourceRoot/setup.py + ''; + + postInstall = '' + mkdir -p $out/bin + + # These are various assets like scripts that steamos-devkit will copy to the remote device + cp -R ./devkit-utils $out/${python3.sitePackages}/devkit-utils + + # writeScript + symlink will be ignored by wrapPythonPrograms + # Copying it is undesirable too, just write it directly to a script instead + cat << EOF > $out/bin/steamos-devkit + ${steamos-devkit-script} + EOF + chmod +x $out/bin/steamos-devkit + ''; + + # There are no checks for steamos-devkit + doCheck = false; + pythonImportsCheck = [ "devkit_client" ]; + + desktopItems = [ + (makeDesktopItem { + name = "SteamOS-Devkit"; + exec = "steamos-devkit"; + desktopName = "SteamOS Devkit Client"; + }) + ]; + + meta = with lib; { + description = "SteamOS Devkit Client"; + homepage = "https://gitlab.steamos.cloud/devkit/steamos-devkit"; + license = licenses.mit; + maintainers = with maintainers; [ myaats ]; + }; +} diff --git a/pkgs/servers/monitoring/nagios/plugins/check_ssl_cert.nix b/pkgs/servers/monitoring/nagios/plugins/check_ssl_cert.nix index 9ca3ebaf0e89c..c84231cb3b8ee 100644 --- a/pkgs/servers/monitoring/nagios/plugins/check_ssl_cert.nix +++ b/pkgs/servers/monitoring/nagios/plugins/check_ssl_cert.nix @@ -6,17 +6,24 @@ , makeWrapper , which , curl +, bc +, coreutils # date and timeout binary +, bind # host and dig binary +, nmap +, iproute2 +, netcat-gnu +, python3 }: stdenv.mkDerivation rec { pname = "check_ssl_cert"; - version = "2.54.0"; + version = "2.55.0"; src = fetchFromGitHub { owner = "matteocorti"; repo = "check_ssl_cert"; rev = "v${version}"; - hash = "sha256-rRzO5MYpQrDuMyQlOCupV6IR7ZZgpU2lhPpgqoEXiaY="; + hash = "sha256-7eMK1WYazxfqkwxAJyE4SyKukegkYOUd3AC7Y8A7EFA="; }; nativeBuildInputs = [ @@ -30,12 +37,13 @@ stdenv.mkDerivation rec { postInstall = '' wrapProgram $out/bin/check_ssl_cert \ - --prefix PATH : "${lib.makeBinPath [ openssl file which curl ]}" + --prefix PATH : "${lib.makeBinPath [ openssl file which curl bc coreutils bind nmap iproute2 netcat-gnu python3 ]}" ''; meta = with lib; { description = "Nagios plugin to check the CA and validity of an X.509 certificate"; homepage = "https://github.com/matteocorti/check_ssl_cert"; + changelog = "https://github.com/matteocorti/check_ssl_cert/releases/tag/v${version}"; license = licenses.gpl3Plus; maintainers = with maintainers; [ fab ]; platforms = platforms.all; diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 228d873dbb5cd..85bc2a47d7950 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -25872,6 +25872,8 @@ with pkgs; statifier = callPackage ../os-specific/linux/statifier { }; + steamos-devkit = callPackage ../development/tools/steamos-devkit { }; + swiftdefaultapps = callPackage ../os-specific/darwin/swiftdefaultapps { }; sysdig = callPackage ../os-specific/linux/sysdig { diff --git a/pkgs/top-level/python-packages.nix b/pkgs/top-level/python-packages.nix index 0d9fc1c3f9b8c..3a61dcb63350c 100644 --- a/pkgs/top-level/python-packages.nix +++ b/pkgs/top-level/python-packages.nix @@ -6542,6 +6542,8 @@ self: super: with self; { opuslib = callPackage ../development/python-modules/opuslib { }; + opytimark = callPackage ../development/python-modules/opytimark { }; + oralb-ble = callPackage ../development/python-modules/oralb-ble { }; orderedmultidict = callPackage ../development/python-modules/orderedmultidict { }; @@ -10249,6 +10251,8 @@ self: super: with self; { sievelib = callPackage ../development/python-modules/sievelib { }; + signalslot = callPackage ../development/python-modules/signalslot { }; + signedjson = callPackage ../development/python-modules/signedjson { }; sigrok = callPackage ../development/python-modules/sigrok { }; @@ -11885,6 +11889,8 @@ self: super: with self; { wcwidth = callPackage ../development/python-modules/wcwidth { }; + weakrefmethod = callPackage ../development/python-modules/weakrefmethod { }; + weasyprint = callPackage ../development/python-modules/weasyprint { }; web3 = callPackage ../development/python-modules/web3 { }; |