diff options
| author | github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> | 2024-05-22 18:01:30 +0000 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2024-05-22 18:01:30 +0000 |
| commit | dfe5aa3439ee8778fff34b825c59d8344365a913 (patch) | |
| tree | adc57c6ab5809b4601fcfd42aa89208a559cd263 | |
| parent | 94bdc4bbbb1ae53474c219a1770385b9c6a92082 (diff) | |
| parent | b73bfe9a7c245264f96d5a9dcd8809b2ec88aff0 (diff) | |
Merge staging-next into staging
47 files changed, 770 insertions, 577 deletions
diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md index 7b68fbd77b74b..15741f57e6f4c 100644 --- a/.github/PULL_REQUEST_TEMPLATE.md +++ b/.github/PULL_REQUEST_TEMPLATE.md @@ -24,7 +24,7 @@ For new packages please briefly describe the package or provide a link to its ho - made sure NixOS tests are [linked](https://nixos.org/manual/nixpkgs/unstable/#ssec-nixos-tests-linking) to the relevant packages - [ ] Tested compilation of all packages that depend on this change using `nix-shell -p nixpkgs-review --run "nixpkgs-review rev HEAD"`. Note: all changes have to be committed, also see [nixpkgs-review usage](https://github.com/Mic92/nixpkgs-review#usage) - [ ] Tested basic functionality of all binary files (usually in `./result/bin/`) -- [24.05 Release Notes](https://github.com/NixOS/nixpkgs/blob/master/nixos/doc/manual/release-notes/rl-2405.section.md) (or backporting [23.05](https://github.com/NixOS/nixpkgs/blob/master/nixos/doc/manual/release-notes/rl-2305.section.md) and [23.11](https://github.com/NixOS/nixpkgs/blob/master/nixos/doc/manual/release-notes/rl-2311.section.md) Release notes) +- [24.11 Release Notes](https://github.com/NixOS/nixpkgs/blob/master/nixos/doc/manual/release-notes/rl-2411.section.md) (or backporting [23.11](https://github.com/NixOS/nixpkgs/blob/master/nixos/doc/manual/release-notes/rl-2311.section.md) and [24.05](https://github.com/NixOS/nixpkgs/blob/master/nixos/doc/manual/release-notes/rl-2405.section.md) Release notes) - [ ] (Package updates) Added a release notes entry if the change is major or breaking - [ ] (Module updates) Added a release notes entry if the change is significant - [ ] (Module addition) Added a release notes entry if adding a new NixOS module diff --git a/.github/workflows/periodic-merge-24h.yml b/.github/workflows/periodic-merge-24h.yml index 7001dccb0d5db..261a2cdba45dc 100644 --- a/.github/workflows/periodic-merge-24h.yml +++ b/.github/workflows/periodic-merge-24h.yml @@ -39,6 +39,10 @@ jobs: into: staging-next-23.11 - from: staging-next-23.11 into: staging-23.11 + - from: release-24.05 + into: staging-next-24.05 + - from: staging-next-24.05 + into: staging-24.05 name: ${{ matrix.pairs.from }} → ${{ matrix.pairs.into }} steps: - uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index f40fb86ee5595..3623246f6871b 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -359,7 +359,7 @@ See [Nix Channel Status](https://status.nixos.org/) for the current channels and Here's a brief overview of the main Git branches and what channels they're used for: - `master`: The main branch, used for the unstable channels such as `nixpkgs-unstable`, `nixos-unstable` and `nixos-unstable-small`. -- `release-YY.MM` (e.g. `release-23.11`): The NixOS release branches, used for the stable channels such as `nixos-23.11`, `nixos-23.11-small` and `nixpkgs-23.11-darwin`. +- `release-YY.MM` (e.g. `release-24.05`): The NixOS release branches, used for the stable channels such as `nixos-24.05`, `nixos-24.05-small` and `nixpkgs-24.05-darwin`. When a channel is updated, a corresponding Git branch is also updated to point to the corresponding commit. So e.g. the [`nixpkgs-unstable` branch](https://github.com/nixos/nixpkgs/tree/nixpkgs-unstable) corresponds to the Git commit from the [`nixpkgs-unstable` channel](https://channels.nixos.org/nixpkgs-unstable). diff --git a/lib/.version b/lib/.version index 420f61e8c7f66..cd158b7c510bd 100644 --- a/lib/.version +++ b/lib/.version @@ -1 +1 @@ -24.05 \ No newline at end of file +24.11 \ No newline at end of file diff --git a/lib/meta.nix b/lib/meta.nix index 675e1912d4be9..9a97afb1aa9b0 100644 --- a/lib/meta.nix +++ b/lib/meta.nix @@ -26,8 +26,12 @@ rec { dontDistribute = drv: addMetaAttrs { hydraPlatforms = []; } drv; - /* Change the symbolic name of a package for presentation purposes - (i.e., so that nix-env users can tell them apart). + /* + Change the [symbolic name of a derivation](https://nixos.org/manual/nix/stable/language/derivations.html#attr-name). + + :::{.warning} + Dependent derivations will be rebuilt when the symbolic name is changed. + ::: */ setName = name: drv: drv // {inherit name;}; diff --git a/lib/trivial.nix b/lib/trivial.nix index 5b7a1ee30f7ad..dee7eca9699a0 100644 --- a/lib/trivial.nix +++ b/lib/trivial.nix @@ -403,7 +403,7 @@ in { On each release the first letter is bumped and a new animal is chosen starting with that new letter. */ - codeName = "Uakari"; + codeName = "Vicuña"; /** Returns the current nixpkgs version suffix as string. diff --git a/nixos/doc/manual/release-notes/release-notes.md b/nixos/doc/manual/release-notes/release-notes.md index 0514a1b0044af..24494ed95ca88 100644 --- a/nixos/doc/manual/release-notes/release-notes.md +++ b/nixos/doc/manual/release-notes/release-notes.md @@ -3,6 +3,7 @@ This section lists the release notes for each stable version of NixOS and current unstable revision. ```{=include=} sections +rl-2411.section.md rl-2405.section.md rl-2311.section.md rl-2305.section.md diff --git a/nixos/doc/manual/release-notes/rl-2405.section.md b/nixos/doc/manual/release-notes/rl-2405.section.md index 7ac0fc579bb02..484cc4a3b6725 100644 --- a/nixos/doc/manual/release-notes/rl-2405.section.md +++ b/nixos/doc/manual/release-notes/rl-2405.section.md @@ -6,11 +6,11 @@ Support is planned until the end of December 2024, handing over to 24.11. In addition to numerous new and upgraded packages, this release has the following highlights: -<!-- To avoid merge conflicts, consider adding your item at an arbitrary place in the list instead. --> +<!-- Please keep entries alphabetically sorted. --> - The default kernel package has been updated from 6.1 to 6.6. All supported kernels remain available. -- For each supporting version of the Linux kernel firmware blobs +- For each supporting version of the Linux kernel, firmware blobs are compressed with zstd. For firmware blobs this means an increase of 4.4% in size, however a significantly higher decompression speed. @@ -53,7 +53,7 @@ In addition to numerous new and upgraded packages, this release has the followin ## New Services {#sec-release-24.05-new-services} -<!-- To avoid merge conflicts, consider adding your item at an arbitrary place in the list instead. --> +<!-- Please keep entries alphabetically sorted. --> - [Anki Sync Server](https://docs.ankiweb.net/sync-server.html), the official sync server built into recent versions of Anki. Available as [services.anki-sync-server](#opt-services.anki-sync-server.enable). The pre-existing [services.ankisyncd](#opt-services.ankisyncd.enable) has been marked deprecated and will be dropped after 24.05 due to lack of maintenance of the anki-sync-server software. @@ -75,7 +75,7 @@ The pre-existing [services.ankisyncd](#opt-services.ankisyncd.enable) has been m - [Clevis](https://github.com/latchset/clevis), a pluggable framework for automated decryption, used to unlock encrypted devices in initrd. Available as [boot.initrd.clevis.enable](#opt-boot.initrd.clevis.enable). -- [CommaFeed](https://github.com/Athou/commafeed), a Google Reader inspired self-hosted RSS reader. Available as [services.commafeed](#opt-services.commafeed.enable). +- [CommaFeed](https://github.com/Athou/commafeed), a Google Reader-inspired self-hosted RSS reader. Available as [services.commafeed](#opt-services.commafeed.enable). - [davis](https://github.com/tchapi/davis), a simple CardDav and CalDav server inspired by Baïkal. Available as [services.davis](#opt-services.davis.enable). @@ -85,6 +85,8 @@ The pre-existing [services.ankisyncd](#opt-services.ankisyncd.enable) has been m - [FCast Receiver](https://fcast.org), an open-source alternative to Chromecast and AirPlay. Available as [programs.fcast-receiver](#opt-programs.fcast-receiver.enable). +- [FileSender](https://filesender.org/), a file sharing software. Available as [services.filesender](#opt-services.filesender.enable). + - [Firefly-iii](https://www.firefly-iii.org), a free and open source personal finance manager. Available as [services.firefly-iii](#opt-services.firefly-iii.enable). - [Flarum](https://flarum.org/), a delightfully simple discussion platform for your website. Available as [services.flarum](#opt-services.flarum.enable). @@ -187,6 +189,8 @@ The pre-existing [services.ankisyncd](#opt-services.ankisyncd.enable) has been m - [wastebin](https://github.com/matze/wastebin), a pastebin server written in rust. Available as [services.wastebin](#opt-services.wastebin.enable). +- [watchdogd](https://troglobit.com/projects/watchdogd/), a system and process supervisor using watchdog timers. Available as [services.watchdogd](#opt-services.watchdogd.enable). + - [Workout-tracker](https://github.com/jovandeginste/workout-tracker), a workout tracking web application for personal use. - [wyoming-satellite](https://github.com/rhasspy/wyoming-satellite), a voice assistant satellite for Home Assistant using the Wyoming protocol. Available as [services.wyoming.satellite](#opt-services.wyoming.satellite.enable). @@ -197,8 +201,6 @@ The pre-existing [services.ankisyncd](#opt-services.ankisyncd.enable) has been m - [your_spotify](https://github.com/Yooooomi/your_spotify), a self hosted Spotify tracking dashboard. Available as [services.your_spotify](#opt-services.your_spotify.enable) -- [FileSender](https://filesender.org/), a file sharing software. Available as [services.filesender](#opt-services.filesender.enable). - ## Backward Incompatibilities {#sec-release-24.05-incompatibilities} <!-- To avoid merge conflicts, consider adding your item at an arbitrary place in the list instead. --> @@ -223,10 +225,10 @@ The pre-existing [services.ankisyncd](#opt-services.ankisyncd.enable) has been m - `buildGoModule` now throws an error when `vendorHash` is not specified. `vendorSha256`, deprecated in Nixpkgs 23.11, is now ignored and is no longer a `vendorHash` alias. -- `chromium` and `ungoogled-chromium` had a long standing issue regarding Widevine DRM handling in nixpkgs fixed. +- `chromium` and `ungoogled-chromium` had a long-standing issue regarding Widevine DRM handling in nixpkgs fixed. `chromium` now no longer automatically downloads Widevine when encountering DRM protected content. To be able to play DRM protected content in `chromium` now, you have to explicitly opt-in as originally intended using `chromium.override { enableWideVine = true; }`. - This override has been added almost 10 years ago. + This override was added almost 10 years ago. - `craftos-pc` package has been updated to v2.8, which includes [breaking changes](https://github.com/MCJack123/craftos2/releases/tag/v2.8). - Files are now handled in binary mode; this could break programs with embedded UTF-8 characters. @@ -248,16 +250,16 @@ The pre-existing [services.ankisyncd](#opt-services.ankisyncd.enable) has been m - `cudaPackages.cudatoolkit` has been deprecated and replaced with a symlink-based wrapper for the splayed redistributable CUDA packages. The wrapper only includes tools and libraries necessary to build common packages - like e.g. tensorflow. The original runfile-based `cudatoolkit` is still + such as tensorflow. The original runfile-based `cudatoolkit` is still available as `cudatoolkit-legacy-runfile`. -- `cudaPackages.nsight_systems` now has most vendored third party libraries removed, though we now only ship it for `cudaPackages_11_8` and later due to outdated dependencies. Users comfortable with the vendored dependencies may use `overrideAttrs` to amend the `postPatch` phase and the `meta.broken` correspondingly. Alternatively, one could package the deprecated `boost170` locally, as required for `cudaPackages_11_4.nsight_systems`. +- `cudaPackages.nsight_systems` now has most vendored third party-libraries removed, though we now only ship it for `cudaPackages_11_8` and later, due to outdated dependencies. Users comfortable with the vendored dependencies may use `overrideAttrs` to amend the `postPatch` phase and the `meta.broken` correspondingly. Alternatively, one could package the deprecated `boost170` locally, as required for `cudaPackages_11_4.nsight_systems`. - `cudaPackages.autoFixElfFiles` has been deprecated for `pkgs.autoFixElfFiles`. Functionality has not changed, but the setuphook has been renamed and moved to the top-level package scope. -- `davfs2`' `services.davfs2.extraConfig` setting has been deprecated and converted to the free-form type option named `services.davfs2.settings` according to RFC42. +- `davfs2`'s `services.davfs2.extraConfig` setting has been deprecated and converted to the free-form type option named `services.davfs2.settings` according to RFC42. -- `dwarf-fortress` has been updated to version 50, and its derivations continue to menace with spikes of Nix and bash. Version 50 is identical to the version on Steam, but without the paid elements like tilepacks. +- `dwarf-fortress` has been updated to version 50, and its derivations continue to menace with spikes of Nix and bash [TODO what does this mean?]. Version 50 is identical to the version on Steam, but without the paid elements like tilepacks. dfhack and Dwarf Therapist still work, and older versions are still packaged in case you'd like to roll back. Note that DF 50 saves will not be compatible with DF 0.47 and earlier. See [Bay 12 Games](http://www.bay12games.com/dwarves/) for more details on what's new in Dwarf Fortress. @@ -334,12 +336,12 @@ The pre-existing [services.ankisyncd](#opt-services.ankisyncd.enable) has been m - `livebook` package is now built as a `mix release` instead of an `escript`. This means that configuration now has to be done using [environment variables](https://hexdocs.pm/livebook/readme.html#environment-variables) instead of command line arguments. - This has the further implication that the `livebook` service configuration has changed: + This has the further implication that the `livebook` service configuration has changed. - `lua` interpreters default LUA_PATH and LUA_CPATH are not overriden by nixpkgs anymore, we patch LUA_ROOT instead which is more respectful to upstream. -- `luarocks-packages-updater` has changed the .csv format used to define lua packages updates: `src` (URL towards a git repository) has now become `rockspec` (URL towards a rockspec) to remove ambiguity regarding which rockspec to use and simplify implementation. +- `luarocks-packages-updater`'s .csv format used to define lua packages to be updated, has changed: `src` (URL of a git repository) has now become `rockspec` (URL of a rockspec) to remove ambiguity regarding which rockspec to use and simplify implementation. - `mkosi` was updated to v22. Parts of the user interface have changed. Consult the release notes of [v19](https://github.com/systemd/mkosi/releases/tag/v19), @@ -388,7 +390,7 @@ The pre-existing [services.ankisyncd](#opt-services.ankisyncd.enable) has been m - `nomad_1_4` has been removed, as it is now unsupported upstream. -- `nvtop` family of packages was reorganized into nested attrset. `nvtop` has been renamed to `nvtopPackages.full`, and all `nvtop-{amd,nvidia,intel,msm}` packages are now named as `nvtopPackages.{amd,nvidia,intel,msm}`. +- `nvtop` family of packages was reorganized into a nested attrset. `nvtop` has been renamed to `nvtopPackages.full`, and all `nvtop-{amd,nvidia,intel,msm}` packages are renamed to `nvtopPackages.{amd,nvidia,intel,msm}`. - `openssh`, `openssh_hpn` and `openssh_gssapi` are now compiled without support for the DSA signature algorithm as it is being deprecated upstream. Users still relying on DSA keys should consider upgrading to another signature algorithm. However, for the time being it is possible to restore DSA key support using `override` to set `dsaKeysSupport = true`. @@ -444,12 +446,12 @@ Use `services.pipewire.extraConfig` or `services.pipewire.configPackages` for Pi "mysecret"` becomes `services.aria2.rpcSecretFile = "/path/to/secret_file"` where the file `secret_file` contains the string `mysecret`. -- `services.avahi.nssmdns` got split into `services.avahi.nssmdns4` and `services.avahi.nssmdns6` which enable the mDNS NSS switch for IPv4 and IPv6 respectively. +- `services.avahi.nssmdns` was split into `services.avahi.nssmdns4` and `services.avahi.nssmdns6` which enable the mDNS NSS switches for IPv4 and IPv6 respectively. Since most mDNS responders only register IPv4 addresses, most users want to keep the IPv6 support disabled to avoid long timeouts. -- `services.frp.settings` now generates the frp configuration file in TOML format as [recommended by upstream](https://github.com/fatedier/frp#configuration-files), instead of the legacy INI format. This has also introduced other changes in the configuration file structure and options. - - The `settings.common` section in the configuration is no longer valid and all the options form inside it now goes directly under `settings`. - - The `_` separating words in the configuration options is removed so the options are now in camel case. For example: `server_addr` becomes `serverAddr`, `server_port` becomes `serverPort` etc. +- `services.frp.settings` now generates the frp configuration file in TOML format as [recommended by upstream](https://github.com/fatedier/frp#configuration-files), instead of the legacy INI format. This has also introduced other changes in the configuration file structure and options: + - The `settings.common` section in the configuration is no longer valid and all the options form inside it now go directly under `settings`. + - Configuration option names have been changed from snake_case to camelCase. For example: `server_addr` becomes `serverAddr`, `server_port` becomes `serverPort` etc. - Proxies are now defined with a new option `settings.proxies` which takes a list of proxies. - Consult the [upstream documentation](https://github.com/fatedier/frp#example-usage) for more details on the changes. @@ -505,11 +507,16 @@ Use `services.pipewire.extraConfig` or `services.pipewire.configPackages` for Pi - `services.redis.vmOverCommit` now defaults to `true` and no longer enforces Transparent Hugepages (THP) to be disabled. Redis only works with THP configured to `madvise` which is the kernel's default. -- `services.resolved.fallbackDns` can now be used to disable the upstream fallback servers entirely by setting it to an empty list. To get the previous behaviour of the upstream defaults set it to null, the new default, instead. +- `services.resolved.fallbackDns` + - can now be used to disable the upstream fallback servers entirely by setting it to `[]` + - to get previous behaviour of upstream defaults, set it to `null` + - default value has changed from `[]` to `null`, in order to preserve default behaviour + +can now be used to disable the upstream fallback servers entirely by setting it to an empty list. To get the previous behaviour of the upstream defaults set it to null, the new default, instead. - `services.vikunja` systemd service now uses `vikunja` as dynamic user instead of `vikunja-api`. Database users might need to be changed. -- `services.vikunja.setupNginx` setting has been removed. Users now need to setup the webserver configuration on their own with a proxy pass to the vikunja service. +- `services.vikunja.setupNginx` setting has been removed. Users now need to set up the webserver configuration on their own with a proxy pass to the vikunja service. - `services.vmagent` module deprecates `dataDir`, `group` and `user` setting in favor of systemd provided CacheDirectory and DynamicUser. @@ -526,14 +533,14 @@ Use `services.pipewire.extraConfig` or `services.pipewire.configPackages` for Pi - `system.forbiddenDependenciesRegex` has been renamed to `system.forbiddenDependenciesRegexes` and now has the type of `listOf string` instead of `string` to accept multiple regexes. -- `systemd.oomd` module behavior is changed as: +- `systemd.oomd` module behavior has changed: - Raise ManagedOOMMemoryPressureLimit from 50% to 80%. This should make systemd-oomd kill things less often, and fix issues like [this](https://pagure.io/fedora-workstation/issue/358). Reference: [commit](https://src.fedoraproject.org/rpms/systemd/c/806c95e1c70af18f81d499b24cd7acfa4c36ffd6?branch=806c95e1c70af18f81d499b24cd7acfa4c36ffd6). - Remove swap policy. This helps prevent killing processes when user's swap is small. - - Expand the memory pressure policy to system.slice, user-.slice, and all user owned slices. Reference: [commit](https://src.fedoraproject.org/rpms/systemd/c/7665e1796f915dedbf8e014f0a78f4f576d609bb). + - Expand the memory pressure policy to `system.slice`, `user-.slice`, and all user owned slices. Reference: [commit](https://src.fedoraproject.org/rpms/systemd/c/7665e1796f915dedbf8e014f0a78f4f576d609bb). - `systemd.oomd.enableUserServices` is renamed to `systemd.oomd.enableUserSlices`. @@ -552,8 +559,6 @@ Use `services.pipewire.extraConfig` or `services.pipewire.configPackages` for Pi - `virtialisation.incus` now defaults to the newly-added `incus-lts` release (v6.0.x). Users who wish to continue using the non-LTS release will need to set `virtualisation.incus.package = pkgs.incus`. Stable release users are encouraged to stay on the LTS release as non-LTS releases will by default not be backported. -- [watchdogd](https://troglobit.com/projects/watchdogd/), a system and process supervisor using watchdog timers. Available as [services.watchdogd](#opt-services.watchdogd.enable). - - `woodpecker-*` packages have been updated to v2 which includes [breaking changes](https://woodpecker-ci.org/docs/next/migrations#200). - `wpaperd` has been updated to 1.0.1, which has a breaking change: previous version 0.3.0 had 2 different configuration files, one for wpaperd and one for the wallpapers. Remove the former and move the latter (`wallpaper.toml`) to `config.toml`. @@ -583,7 +588,7 @@ Use `services.pipewire.extraConfig` or `services.pipewire.configPackages` for Pi allows to restart multiple services that are ordered before sysinit.target and respect the ordering between the services. -- The configuration format for `services.prometheus.exporters.snmp` changed with release 0.23.0. +- `services.prometheus.exporters.snmp`'s configuration format changed with release 0.23.0. The module now includes an optional config check, that is enabled by default, to make the change obvious before any deployment. More information about the configuration syntax change is available in the [upstream repository](https://github.com/prometheus/snmp_exporter/blob/b75fc6b839ee3f3ccbee68bee55f1ae99555084a/auth-split-migration.md). @@ -593,7 +598,7 @@ Use `services.pipewire.extraConfig` or `services.pipewire.configPackages` for Pi - `addDriverRunpath` has been added to facilitate the deprecation of the old `addOpenGLRunpath` setuphook. This change is motivated by the evolution of the setuphook to include all hardware acceleration. -- `appimage`, `appimageTools.wrapAppImage` and `buildFHSEnvBubblewrap` now properly accepts `pname` and `version`. +- `appimage`, `appimageTools.wrapAppImage` and `buildFHSEnvBubblewrap` now properly accept `pname` and `version`. - `bacula` now allows to configure `TLS` for encrypted communication. @@ -608,11 +613,11 @@ Use `services.pipewire.extraConfig` or `services.pipewire.configPackages` for Pi - `buildDubPackage` can now be used to build Programs written in [D](https://dlang.org/) using the `dub` build system and package manager. See the [D section](https://nixos.org/manual/nixpkgs/unstable#dlang) in the manual for more information. -- `castopod` has some migration actions to be taken in case of a S3 setup. Some new features may also need some manual migration actions. See [https://code.castopod.org/adaures/castopod/-/releases](https://code.castopod.org/adaures/castopod/-/releases) for more informations. +- `castopod` has some migration actions to be taken in case of a S3 setup. Some new features may also need some manual migration actions. See [https://code.castopod.org/adaures/castopod/-/releases](https://code.castopod.org/adaures/castopod/-/releases) for more information. - `cinnamon` has been updated to 6.0. Please beware that the [Wayland session](https://blog.linuxmint.com/?p=4591) is still experimental in this release and could potentially [affect Xorg sessions](https://blog.linuxmint.com/?p=4639). We suggest a reboot when switching between sessions. -- `documentation.man.mandoc` now by default uses `MANPATH` to set the directories where mandoc will search for manual pages. +- `documentation.man.mandoc` now uses `MANPATH` by defaultwas to set the directories where mandoc will search for manual pages. This enables mandoc to find manual pages in Nix profiles. To set the manual search paths via the `mandoc.conf` configuration file like before, use `documentation.man.mandoc.settings.manpath` instead. - `drbd` out-of-tree Linux kernel driver has been added in version 9.2.7. With it the DRBD 9.x features can be used instead of the 8.x features provided by the 8.4.11 in-tree driver. @@ -663,7 +668,7 @@ Use `services.pipewire.extraConfig` or `services.pipewire.configPackages` for Pi - `services.github-runner` module has been removed. To configure a single GitHub Actions Runner refer to `services.github-runners.*`. Note that this will trigger a new runner registration. -- `services.networkmanager.extraConfig` was renamed to `services.networkmanager.settings` and was changed to use the ini type instead of using a multiline string. +- `services.networkmanager.extraConfig` was renamed to `services.networkmanager.settings` and changed to use the ini type instead of using a multiline string. - `services.nextcloud.config.dbport` option of the Nextcloud module was removed to match upstream. The port can be specified in [`services.nextcloud.config.dbhost`](#opt-services.nextcloud.config.dbhost). @@ -691,7 +696,7 @@ Use `services.pipewire.extraConfig` or `services.pipewire.configPackages` for Pi - `services.paperless` module no longer uses the previously downloaded NLTK data stored in `/var/cache/paperless/nltk`. This directory can be removed. -- `services.postgresql.extraPlugins` changed its type from just a list of packages to also a function that returns such a list. +- `services.postgresql.extraPlugins`' type has expanded. Previously it was a list of packages, now it can also be a function that returns such a list. For example a config line like ``services.postgresql.extraPlugins = with pkgs.postgresql_11.pkgs; [ postgis ];`` is recommended to be changed to ``services.postgresql.extraPlugins = ps: with ps; [ postgis ];``; - `services.slskd` has been refactored to include more configuation options in @@ -741,8 +746,8 @@ Use `services.pipewire.extraConfig` or `services.pipewire.configPackages` for Pi - A new hardening flag, `trivialautovarinit` was made available, corresponding to the gcc/clang option `-ftrivial-auto-var-init=pattern`. -- New options were added to the dnsdist module to enable and configure a DNSCrypt endpoint (see `services.dnsdist.dnscrypt.enable`, etc.). - The module can generate the DNSCrypt provider key pair, certificates and also performs their rotation automatically with no downtime. +- `dnsdist` has new options to enable and configure a DNSCrypt endpoint (see `services.dnsdist.dnscrypt.enable`, etc.). + The module can generate the DNSCrypt provider key pair and certificates, and also rotates them automatically with no downtime. - The kernel Yama LSM is now enabled by default, which prevents ptracing non-child processes. This means you will not be able to attach gdb to an diff --git a/nixos/doc/manual/release-notes/rl-2411.section.md b/nixos/doc/manual/release-notes/rl-2411.section.md new file mode 100644 index 0000000000000..530ca68e0c77c --- /dev/null +++ b/nixos/doc/manual/release-notes/rl-2411.section.md @@ -0,0 +1,21 @@ +# Release 24.11 (“Vicuña”, 2024.11/??) {#sec-release-24.11} + +<!-- To avoid merge conflicts, consider adding your item at an arbitrary place in the list instead. --> + +## Highlights {#sec-release-24.11-highlights} + +- Create the first release note entry in this section! + +## New Services {#sec-release-24.11-new-services} + +- Create the first release note entry in this section! + +## Backward Incompatibilities {#sec-release-24.11-incompatibilities} + +- Create the first release note entry in this section! + +## Other Notable Changes {#sec-release-24.11-notable-changes} + +- Create the first release note entry in this section! + +<!-- To avoid merge conflicts, consider adding your item at an arbitrary place in the list instead. --> diff --git a/nixos/modules/hardware/video/nvidia.nix b/nixos/modules/hardware/video/nvidia.nix index 37d8e53a2e049..3caec769400cb 100644 --- a/nixos/modules/hardware/video/nvidia.nix +++ b/nixos/modules/hardware/video/nvidia.nix @@ -3,12 +3,10 @@ lib, pkgs, ... -}: let +}: +let nvidiaEnabled = (lib.elem "nvidia" config.services.xserver.videoDrivers); - nvidia_x11 = - if nvidiaEnabled || cfg.datacenter.enable - then cfg.package - else null; + nvidia_x11 = if nvidiaEnabled || cfg.datacenter.enable then cfg.package else null; cfg = config.hardware.nvidia; @@ -19,8 +17,9 @@ primeEnabled = syncCfg.enable || reverseSyncCfg.enable || offloadCfg.enable; busIDType = lib.types.strMatching "([[:print:]]+[\:\@][0-9]{1,3}\:[0-9]{1,2}\:[0-9])?"; ibtSupport = cfg.open || (nvidia_x11.ibtSupport or false); - settingsFormat = pkgs.formats.keyValue {}; -in { + settingsFormat = pkgs.formats.keyValue { }; +in +{ options = { hardware.nvidia = { datacenter.enable = lib.mkEnableOption '' @@ -29,50 +28,50 @@ in { datacenter.settings = lib.mkOption { type = settingsFormat.type; default = { - LOG_LEVEL=4; - LOG_FILE_NAME="/var/log/fabricmanager.log"; - LOG_APPEND_TO_LOG=1; - LOG_FILE_MAX_SIZE=1024; - LOG_USE_SYSLOG=0; - DAEMONIZE=1; - BIND_INTERFACE_IP="127.0.0.1"; - STARTING_TCP_PORT=16000; - FABRIC_MODE=0; - FABRIC_MODE_RESTART=0; - STATE_FILE_NAME="/var/tmp/fabricmanager.state"; - FM_CMD_BIND_INTERFACE="127.0.0.1"; - FM_CMD_PORT_NUMBER=6666; - FM_STAY_RESIDENT_ON_FAILURES=0; - ACCESS_LINK_FAILURE_MODE=0; - TRUNK_LINK_FAILURE_MODE=0; - NVSWITCH_FAILURE_MODE=0; - ABORT_CUDA_JOBS_ON_FM_EXIT=1; - TOPOLOGY_FILE_PATH="${nvidia_x11.fabricmanager}/share/nvidia-fabricmanager/nvidia/nvswitch"; - DATABASE_PATH="${nvidia_x11.fabricmanager}/share/nvidia-fabricmanager/nvidia/nvswitch"; + LOG_LEVEL = 4; + LOG_FILE_NAME = "/var/log/fabricmanager.log"; + LOG_APPEND_TO_LOG = 1; + LOG_FILE_MAX_SIZE = 1024; + LOG_USE_SYSLOG = 0; + DAEMONIZE = 1; + BIND_INTERFACE_IP = "127.0.0.1"; + STARTING_TCP_PORT = 16000; + FABRIC_MODE = 0; + FABRIC_MODE_RESTART = 0; + STATE_FILE_NAME = "/var/tmp/fabricmanager.state"; + FM_CMD_BIND_INTERFACE = "127.0.0.1"; + FM_CMD_PORT_NUMBER = 6666; + FM_STAY_RESIDENT_ON_FAILURES = 0; + ACCESS_LINK_FAILURE_MODE = 0; + TRUNK_LINK_FAILURE_MODE = 0; + NVSWITCH_FAILURE_MODE = 0; + ABORT_CUDA_JOBS_ON_FM_EXIT = 1; + TOPOLOGY_FILE_PATH = "${nvidia_x11.fabricmanager}/share/nvidia-fabricmanager/nvidia/nvswitch"; + DATABASE_PATH = "${nvidia_x11.fabricmanager}/share/nvidia-fabricmanager/nvidia/nvswitch"; }; defaultText = lib.literalExpression '' - { - LOG_LEVEL=4; - LOG_FILE_NAME="/var/log/fabricmanager.log"; - LOG_APPEND_TO_LOG=1; - LOG_FILE_MAX_SIZE=1024; - LOG_USE_SYSLOG=0; - DAEMONIZE=1; - BIND_INTERFACE_IP="127.0.0.1"; - STARTING_TCP_PORT=16000; - FABRIC_MODE=0; - FABRIC_MODE_RESTART=0; - STATE_FILE_NAME="/var/tmp/fabricmanager.state"; - FM_CMD_BIND_INTERFACE="127.0.0.1"; - FM_CMD_PORT_NUMBER=6666; - FM_STAY_RESIDENT_ON_FAILURES=0; - ACCESS_LINK_FAILURE_MODE=0; - TRUNK_LINK_FAILURE_MODE=0; - NVSWITCH_FAILURE_MODE=0; - ABORT_CUDA_JOBS_ON_FM_EXIT=1; - TOPOLOGY_FILE_PATH="''${nvidia_x11.fabricmanager}/share/nvidia-fabricmanager/nvidia/nvswitch"; - DATABASE_PATH="''${nvidia_x11.fabricmanager}/share/nvidia-fabricmanager/nvidia/nvswitch"; - } + { + LOG_LEVEL=4; + LOG_FILE_NAME="/var/log/fabricmanager.log"; + LOG_APPEND_TO_LOG=1; + LOG_FILE_MAX_SIZE=1024; + LOG_USE_SYSLOG=0; + DAEMONIZE=1; + BIND_INTERFACE_IP="127.0.0.1"; + STARTING_TCP_PORT=16000; + FABRIC_MODE=0; + FABRIC_MODE_RESTART=0; + STATE_FILE_NAME="/var/tmp/fabricmanager.state"; + FM_CMD_BIND_INTERFACE="127.0.0.1"; + FM_CMD_PORT_NUMBER=6666; + FM_STAY_RESIDENT_ON_FAILURES=0; + ACCESS_LINK_FAILURE_MODE=0; + TRUNK_LINK_FAILURE_MODE=0; + NVSWITCH_FAILURE_MODE=0; + ABORT_CUDA_JOBS_ON_FM_EXIT=1; + TOPOLOGY_FILE_PATH="''${nvidia_x11.fabricmanager}/share/nvidia-fabricmanager/nvidia/nvswitch"; + DATABASE_PATH="''${nvidia_x11.fabricmanager}/share/nvidia-fabricmanager/nvidia/nvswitch"; + } ''; description = '' Additional configuration options for fabricmanager. @@ -211,7 +210,9 @@ in { (lib.mkEnableOption '' nvidia-settings, NVIDIA's GUI configuration tool '') - // {default = true;}; + // { + default = true; + }; nvidiaPersistenced = lib.mkEnableOption '' nvidia-persistenced a update for NVIDIA GPU headless mode, i.e. @@ -226,7 +227,8 @@ in { ''; package = lib.mkOption { - default = config.boot.kernelPackages.nvidiaPackages."${if cfg.datacenter.enable then "dc" else "stable"}"; + default = + config.boot.kernelPackages.nvidiaPackages."${if cfg.datacenter.enable then "dc" else "stable"}"; defaultText = lib.literalExpression '' config.boot.kernelPackages.nvidiaPackages."\$\{if cfg.datacenter.enable then "dc" else "stable"}" ''; @@ -242,403 +244,404 @@ in { }; }; - config = let - igpuDriver = - if pCfg.intelBusId != "" - then "modesetting" - else "amdgpu"; - igpuBusId = - if pCfg.intelBusId != "" - then pCfg.intelBusId - else pCfg.amdgpuBusId; - in - lib.mkIf (nvidia_x11 != null) (lib.mkMerge [ - # Common - ({ - assertions = [ - { - assertion = !(nvidiaEnabled && cfg.datacenter.enable); - message = "You cannot configure both X11 and Data Center drivers at the same time."; - } - ]; - boot = { - blacklistedKernelModules = ["nouveau" "nvidiafb"]; - - # Don't add `nvidia-uvm` to `kernelModules`, because we want - # `nvidia-uvm` be loaded only after `udev` rules for `nvidia` kernel - # module are applied. - # - # Instead, we use `softdep` to lazily load `nvidia-uvm` kernel module - # after `nvidia` kernel module is loaded and `udev` rules are applied. - extraModprobeConfig = '' - softdep nvidia post: nvidia-uvm - ''; - }; - systemd.tmpfiles.rules = - lib.optional config.virtualisation.docker.enableNvidia - "L+ /run/nvidia-docker/bin - - - - ${nvidia_x11.bin}/origBin"; - services.udev.extraRules = - '' - # Create /dev/nvidia-uvm when the nvidia-uvm module is loaded. - KERNEL=="nvidia", RUN+="${pkgs.runtimeShell} -c 'mknod -m 666 /dev/nvidiactl c 195 255'" - KERNEL=="nvidia", RUN+="${pkgs.runtimeShell} -c 'for i in $$(cat /proc/driver/nvidia/gpus/*/information | grep Minor | cut -d \ -f 4); do mknod -m 666 /dev/nvidia$${i} c 195 $${i}; done'" - KERNEL=="nvidia_modeset", RUN+="${pkgs.runtimeShell} -c 'mknod -m 666 /dev/nvidia-modeset c 195 254'" - KERNEL=="nvidia_uvm", RUN+="${pkgs.runtimeShell} -c 'mknod -m 666 /dev/nvidia-uvm c $$(grep nvidia-uvm /proc/devices | cut -d \ -f 1) 0'" - KERNEL=="nvidia_uvm", RUN+="${pkgs.runtimeShell} -c 'mknod -m 666 /dev/nvidia-uvm-tools c $$(grep nvidia-uvm /proc/devices | cut -d \ -f 1) 1'" - ''; - hardware.opengl = { - extraPackages = [ - nvidia_x11.out - ]; - extraPackages32 = [ - nvidia_x11.lib32 + config = + let + igpuDriver = if pCfg.intelBusId != "" then "modesetting" else "amdgpu"; + igpuBusId = if pCfg.intelBusId != "" then pCfg.intelBusId else pCfg.amdgpuBusId; + in + lib.mkIf (nvidia_x11 != null) ( + lib.mkMerge [ + # Common + ({ + assertions = [ + { + assertion = !(nvidiaEnabled && cfg.datacenter.enable); + message = "You cannot configure both X11 and Data Center drivers at the same time."; + } ]; - }; - environment.systemPackages = [ - nvidia_x11.bin - ]; - }) - # X11 - (lib.mkIf nvidiaEnabled { - assertions = [ - { - assertion = primeEnabled -> pCfg.intelBusId == "" || pCfg.amdgpuBusId == ""; - message = "You cannot configure both an Intel iGPU and an AMD APU. Pick the one corresponding to your processor."; - } - - { - assertion = offloadCfg.enableOffloadCmd -> offloadCfg.enable || reverseSyncCfg.enable; - message = "Offload command requires offloading or reverse prime sync to be enabled."; - } - - { - assertion = primeEnabled -> pCfg.nvidiaBusId != "" && (pCfg.intelBusId != "" || pCfg.amdgpuBusId != ""); - message = "When NVIDIA PRIME is enabled, the GPU bus IDs must be configured."; - } - - { - assertion = offloadCfg.enable -> lib.versionAtLeast nvidia_x11.version "435.21"; - message = "NVIDIA PRIME render offload is currently only supported on versions >= 435.21."; - } - - { - assertion = (reverseSyncCfg.enable && pCfg.amdgpuBusId != "") -> lib.versionAtLeast nvidia_x11.version "470.0"; - message = "NVIDIA PRIME render offload for AMD APUs is currently only supported on versions >= 470 beta."; - } - - { - assertion = !(syncCfg.enable && offloadCfg.enable); - message = "PRIME Sync and Offload cannot be both enabled"; - } - - { - assertion = !(syncCfg.enable && reverseSyncCfg.enable); - message = "PRIME Sync and PRIME Reverse Sync cannot be both enabled"; - } - - { - assertion = !(syncCfg.enable && cfg.powerManagement.finegrained); - message = "Sync precludes powering down the NVIDIA GPU."; - } - - { - assertion = cfg.powerManagement.finegrained -> offloadCfg.enable; - message = "Fine-grained power management requires offload to be enabled."; - } - - { - assertion = cfg.powerManagement.enable -> lib.versionAtLeast nvidia_x11.version "430.09"; - message = "Required files for driver based power management only exist on versions >= 430.09."; - } - - { - assertion = cfg.open -> (cfg.package ? open && cfg.package ? firmware); - message = "This version of NVIDIA driver does not provide a corresponding opensource kernel driver"; - } - - { - assertion = cfg.dynamicBoost.enable -> lib.versionAtLeast nvidia_x11.version "510.39.01"; - message = "NVIDIA's Dynamic Boost feature only exists on versions >= 510.39.01"; - }]; - - # If Optimus/PRIME is enabled, we: - # - Specify the configured NVIDIA GPU bus ID in the Device section for the - # "nvidia" driver. - # - Add the AllowEmptyInitialConfiguration option to the Screen section for the - # "nvidia" driver, in order to allow the X server to start without any outputs. - # - Add a separate Device section for the Intel GPU, using the "modesetting" - # driver and with the configured BusID. - # - OR add a separate Device section for the AMD APU, using the "amdgpu" - # driver and with the configures BusID. - # - Reference that Device section from the ServerLayout section as an inactive - # device. - # - Configure the display manager to run specific `xrandr` commands which will - # configure/enable displays connected to the Intel iGPU / AMD APU. - - # reverse sync implies offloading - hardware.nvidia.prime.offload.enable = lib.mkDefault reverseSyncCfg.enable; - - services.xserver.drivers = - lib.optional primeEnabled { - name = igpuDriver; - display = offloadCfg.enable; - modules = lib.optional (igpuDriver == "amdgpu") pkgs.xorg.xf86videoamdgpu; - deviceSection = - '' - BusID "${igpuBusId}" - '' - + lib.optionalString (syncCfg.enable && igpuDriver != "amdgpu") '' - Option "AccelMethod" "none" - ''; - } - ++ lib.singleton { - name = "nvidia"; - modules = [nvidia_x11.bin]; - display = !offloadCfg.enable; - deviceSection = - '' - Option "SidebandSocketPath" "/run/nvidia-xdriver/" - '' + - lib.optionalString primeEnabled - '' - BusID "${pCfg.nvidiaBusId}" - '' - + lib.optionalString pCfg.allowExternalGpu '' - Option "AllowExternalGpus" - ''; - screenSection = - '' - Option "RandRRotation" "on" - '' - + lib.optionalString syncCfg.enable '' - Option "AllowEmptyInitialConfiguration" - '' - + lib.optionalString cfg.forceFullCompositionPipeline '' - Option "metamodes" "nvidia-auto-select +0+0 {ForceFullCompositionPipeline=On}" - Option "AllowIndirectGLXProtocol" "off" - Option "TripleBuffer" "on" - ''; + boot = { + blacklistedKernelModules = [ + "nouveau" + "nvidiafb" + ]; + + # Don't add `nvidia-uvm` to `kernelModules`, because we want + # `nvidia-uvm` be loaded only after `udev` rules for `nvidia` kernel + # module are applied. + # + # Instead, we use `softdep` to lazily load `nvidia-uvm` kernel module + # after `nvidia` kernel module is loaded and `udev` rules are applied. + extraModprobeConfig = '' + softdep nvidia post: nvidia-uvm + ''; }; - - services.xserver.serverLayoutSection = - lib.optionalString syncCfg.enable '' - Inactive "Device-${igpuDriver}[0]" - '' - + lib.optionalString reverseSyncCfg.enable '' - Inactive "Device-nvidia[0]" - '' - + lib.optionalString offloadCfg.enable '' - Option "AllowNVIDIAGPUScreens" + systemd.tmpfiles.rules = lib.optional config.virtualisation.docker.enableNvidia "L+ /run/nvidia-docker/bin - - - - ${nvidia_x11.bin}/origBin"; + services.udev.extraRules = '' + # Create /dev/nvidia-uvm when the nvidia-uvm module is loaded. + KERNEL=="nvidia", RUN+="${pkgs.runtimeShell} -c 'mknod -m 666 /dev/nvidiactl c 195 255'" + KERNEL=="nvidia", RUN+="${pkgs.runtimeShell} -c 'for i in $$(cat /proc/driver/nvidia/gpus/*/information | grep Minor | cut -d \ -f 4); do mknod -m 666 /dev/nvidia$${i} c 195 $${i}; done'" + KERNEL=="nvidia_modeset", RUN+="${pkgs.runtimeShell} -c 'mknod -m 666 /dev/nvidia-modeset c 195 254'" + KERNEL=="nvidia_uvm", RUN+="${pkgs.runtimeShell} -c 'mknod -m 666 /dev/nvidia-uvm c $$(grep nvidia-uvm /proc/devices | cut -d \ -f 1) 0'" + KERNEL=="nvidia_uvm", RUN+="${pkgs.runtimeShell} -c 'mknod -m 666 /dev/nvidia-uvm-tools c $$(grep nvidia-uvm /proc/devices | cut -d \ -f 1) 1'" ''; + hardware.opengl = { + extraPackages = [ nvidia_x11.out ]; + extraPackages32 = [ nvidia_x11.lib32 ]; + }; + environment.systemPackages = [ nvidia_x11.bin ]; + }) + # X11 + (lib.mkIf nvidiaEnabled { + assertions = [ + { + assertion = primeEnabled -> pCfg.intelBusId == "" || pCfg.amdgpuBusId == ""; + message = "You cannot configure both an Intel iGPU and an AMD APU. Pick the one corresponding to your processor."; + } + + { + assertion = offloadCfg.enableOffloadCmd -> offloadCfg.enable || reverseSyncCfg.enable; + message = "Offload command requires offloading or reverse prime sync to be enabled."; + } + + { + assertion = + primeEnabled -> pCfg.nvidiaBusId != "" && (pCfg.intelBusId != "" || pCfg.amdgpuBusId != ""); + message = "When NVIDIA PRIME is enabled, the GPU bus IDs must be configured."; + } + + { + assertion = offloadCfg.enable -> lib.versionAtLeast nvidia_x11.version "435.21"; + message = "NVIDIA PRIME render offload is currently only supported on versions >= 435.21."; + } + + { + assertion = + (reverseSyncCfg.enable && pCfg.amdgpuBusId != "") -> lib.versionAtLeast nvidia_x11.version "470.0"; + message = "NVIDIA PRIME render offload for AMD APUs is currently only supported on versions >= 470 beta."; + } + + { + assertion = !(syncCfg.enable && offloadCfg.enable); + message = "PRIME Sync and Offload cannot be both enabled"; + } + + { + assertion = !(syncCfg.enable && reverseSyncCfg.enable); + message = "PRIME Sync and PRIME Reverse Sync cannot be both enabled"; + } + + { + assertion = !(syncCfg.enable && cfg.powerManagement.finegrained); + message = "Sync precludes powering down the NVIDIA GPU."; + } + + { + assertion = cfg.powerManagement.finegrained -> offloadCfg.enable; + message = "Fine-grained power management requires offload to be enabled."; + } + + { + assertion = cfg.powerManagement.enable -> lib.versionAtLeast nvidia_x11.version "430.09"; + message = "Required files for driver based power management only exist on versions >= 430.09."; + } + + { + assertion = cfg.open -> (cfg.package ? open && cfg.package ? firmware); + message = "This version of NVIDIA driver does not provide a corresponding opensource kernel driver"; + } + + { + assertion = cfg.dynamicBoost.enable -> lib.versionAtLeast nvidia_x11.version "510.39.01"; + message = "NVIDIA's Dynamic Boost feature only exists on versions >= 510.39.01"; + } + ]; - services.xserver.displayManager.setupCommands = let - gpuProviderName = - if igpuDriver == "amdgpu" - then - # find the name of the provider if amdgpu - "`${lib.getExe pkgs.xorg.xrandr} --listproviders | ${lib.getExe pkgs.gnugrep} -i AMD | ${lib.getExe pkgs.gnused} -n 's/^.*name://p'`" - else igpuDriver; - providerCmdParams = - if syncCfg.enable - then "\"${gpuProviderName}\" NVIDIA-0" - else "NVIDIA-G0 \"${gpuProviderName}\""; - in - lib.optionalString (syncCfg.enable || reverseSyncCfg.enable) '' - # Added by nvidia configuration module for Optimus/PRIME. - ${lib.getExe pkgs.xorg.xrandr} --setprovideroutputsource ${providerCmdParams} - ${lib.getExe pkgs.xorg.xrandr} --auto - ''; + # If Optimus/PRIME is enabled, we: + # - Specify the configured NVIDIA GPU bus ID in the Device section for the + # "nvidia" driver. + # - Add the AllowEmptyInitialConfiguration option to the Screen section for the + # "nvidia" driver, in order to allow the X server to start without any outputs. + # - Add a separate Device section for the Intel GPU, using the "modesetting" + # driver and with the configured BusID. + # - OR add a separate Device section for the AMD APU, using the "amdgpu" + # driver and with the configures BusID. + # - Reference that Device section from the ServerLayout section as an inactive + # device. + # - Configure the display manager to run specific `xrandr` commands which will + # configure/enable displays connected to the Intel iGPU / AMD APU. + + # reverse sync implies offloading + hardware.nvidia.prime.offload.enable = lib.mkDefault reverseSyncCfg.enable; + + services.xserver.drivers = + lib.optional primeEnabled { + name = igpuDriver; + display = offloadCfg.enable; + modules = lib.optional (igpuDriver == "amdgpu") pkgs.xorg.xf86videoamdgpu; + deviceSection = + '' + BusID "${igpuBusId}" + '' + + lib.optionalString (syncCfg.enable && igpuDriver != "amdgpu") '' + Option "AccelMethod" "none" + ''; + } + ++ lib.singleton { + name = "nvidia"; + modules = [ nvidia_x11.bin ]; + display = !offloadCfg.enable; + deviceSection = + '' + Option "SidebandSocketPath" "/run/nvidia-xdriver/" + '' + + lib.optionalString primeEnabled '' + BusID "${pCfg.nvidiaBusId}" + '' + + lib.optionalString pCfg.allowExternalGpu '' + Option "AllowExternalGpus" + ''; + screenSection = + '' + Option "RandRRotation" "on" + '' + + lib.optionalString syncCfg.enable '' + Option "AllowEmptyInitialConfiguration" + '' + + lib.optionalString cfg.forceFullCompositionPipeline '' + Option "metamodes" "nvidia-auto-select +0+0 {ForceFullCompositionPipeline=On}" + Option "AllowIndirectGLXProtocol" "off" + Option "TripleBuffer" "on" + ''; + }; - environment.etc = { - "nvidia/nvidia-application-profiles-rc" = lib.mkIf nvidia_x11.useProfiles {source = "${nvidia_x11.bin}/share/nvidia/nvidia-application-profiles-rc";}; + services.xserver.serverLayoutSection = + lib.optionalString syncCfg.enable '' + Inactive "Device-${igpuDriver}[0]" + '' + + lib.optionalString reverseSyncCfg.enable '' + Inactive "Device-nvidia[0]" + '' + + lib.optionalString offloadCfg.enable '' + Option "AllowNVIDIAGPUScreens" + ''; + + services.xserver.displayManager.setupCommands = + let + gpuProviderName = + if igpuDriver == "amdgpu" then + # find the name of the provider if amdgpu + "`${lib.getExe pkgs.xorg.xrandr} --listproviders | ${lib.getExe pkgs.gnugrep} -i AMD | ${lib.getExe pkgs.gnused} -n 's/^.*name://p'`" + else + igpuDriver; + providerCmdParams = + if syncCfg.enable then "\"${gpuProviderName}\" NVIDIA-0" else "NVIDIA-G0 \"${gpuProviderName}\""; + in + lib.optionalString (syncCfg.enable || reverseSyncCfg.enable) '' + # Added by nvidia configuration module for Optimus/PRIME. + ${lib.getExe pkgs.xorg.xrandr} --setprovideroutputsource ${providerCmdParams} + ${lib.getExe pkgs.xorg.xrandr} --auto + ''; + + environment.etc = { + "nvidia/nvidia-application-profiles-rc" = lib.mkIf nvidia_x11.useProfiles { + source = "${nvidia_x11.bin}/share/nvidia/nvidia-application-profiles-rc"; + }; - # 'nvidia_x11' installs it's files to /run/opengl-driver/... - "egl/egl_external_platform.d".source = "/run/opengl-driver/share/egl/egl_external_platform.d/"; - }; + # 'nvidia_x11' installs it's files to /run/opengl-driver/... + "egl/egl_external_platform.d".source = "/run/opengl-driver/share/egl/egl_external_platform.d/"; + }; - hardware.opengl = { - extraPackages = [ - pkgs.nvidia-vaapi-driver - ]; - extraPackages32 = [ - pkgs.pkgsi686Linux.nvidia-vaapi-driver - ]; - }; - environment.systemPackages = - lib.optional cfg.nvidiaSettings nvidia_x11.settings - ++ lib.optional cfg.nvidiaPersistenced nvidia_x11.persistenced - ++ lib.optional offloadCfg.enableOffloadCmd - (pkgs.writeShellScriptBin "nvidia-offload" '' - export __NV_PRIME_RENDER_OFFLOAD=1 - export __NV_PRIME_RENDER_OFFLOAD_PROVIDER=NVIDIA-G0 - export __GLX_VENDOR_LIBRARY_NAME=nvidia - export __VK_LAYER_NV_optimus=NVIDIA_only - exec "$@" - ''); - - systemd.packages = lib.optional cfg.powerManagement.enable nvidia_x11.out; - - systemd.services = let - nvidiaService = state: { - description = "NVIDIA system ${state} actions"; - path = [pkgs.kbd]; - serviceConfig = { - Type = "oneshot"; - ExecStart = "${nvidia_x11.out}/bin/nvidia-sleep.sh '${state}'"; - }; - before = ["systemd-${state}.service"]; - requiredBy = ["systemd-${state}.service"]; + hardware.opengl = { + extraPackages = [ pkgs.nvidia-vaapi-driver ]; + extraPackages32 = [ pkgs.pkgsi686Linux.nvidia-vaapi-driver ]; }; - in - lib.mkMerge [ - (lib.mkIf cfg.powerManagement.enable { - nvidia-suspend = nvidiaService "suspend"; - nvidia-hibernate = nvidiaService "hibernate"; - nvidia-resume = - (nvidiaService "resume") - // { - before = []; - after = ["systemd-suspend.service" "systemd-hibernate.service"]; - requiredBy = ["systemd-suspend.service" "systemd-hibernate.service"]; - }; - }) - (lib.mkIf cfg.nvidiaPersistenced { - "nvidia-persistenced" = { - description = "NVIDIA Persistence Daemon"; - wantedBy = ["multi-user.target"]; + environment.systemPackages = + lib.optional cfg.nvidiaSettings nvidia_x11.settings + ++ lib.optional cfg.nvidiaPersistenced nvidia_x11.persistenced + ++ lib.optional offloadCfg.enableOffloadCmd ( + pkgs.writeShellScriptBin "nvidia-offload" '' + export __NV_PRIME_RENDER_OFFLOAD=1 + export __NV_PRIME_RENDER_OFFLOAD_PROVIDER=NVIDIA-G0 + export __GLX_VENDOR_LIBRARY_NAME=nvidia + export __VK_LAYER_NV_optimus=NVIDIA_only + exec "$@" + '' + ); + + systemd.packages = lib.optional cfg.powerManagement.enable nvidia_x11.out; + + systemd.services = + let + nvidiaService = state: { + description = "NVIDIA system ${state} actions"; + path = [ pkgs.kbd ]; serviceConfig = { - Type = "forking"; - Restart = "always"; - PIDFile = "/var/run/nvidia-persistenced/nvidia-persistenced.pid"; - ExecStart = "${lib.getExe nvidia_x11.persistenced} --verbose"; - ExecStopPost = "${pkgs.coreutils}/bin/rm -rf /var/run/nvidia-persistenced"; + Type = "oneshot"; + ExecStart = "${nvidia_x11.out}/bin/nvidia-sleep.sh '${state}'"; }; + before = [ "systemd-${state}.service" ]; + requiredBy = [ "systemd-${state}.service" ]; }; - }) - (lib.mkIf cfg.dynamicBoost.enable { - "nvidia-powerd" = { - description = "nvidia-powerd service"; - path = [ - pkgs.util-linux # nvidia-powerd wants lscpu - ]; - wantedBy = ["multi-user.target"]; - serviceConfig = { - Type = "dbus"; - BusName = "nvidia.powerd.server"; - ExecStart = "${nvidia_x11.bin}/bin/nvidia-powerd"; + in + lib.mkMerge [ + (lib.mkIf cfg.powerManagement.enable { + nvidia-suspend = nvidiaService "suspend"; + nvidia-hibernate = nvidiaService "hibernate"; + nvidia-resume = (nvidiaService "resume") // { + before = [ ]; + after = [ + "systemd-suspend.service" + "systemd-hibernate.service" + ]; + requiredBy = [ + "systemd-suspend.service" + "systemd-hibernate.service" + ]; }; - }; - }) - ]; - services.acpid.enable = true; - - services.dbus.packages = lib.optional cfg.dynamicBoost.enable nvidia_x11.bin; - - hardware.firmware = lib.optional cfg.open nvidia_x11.firmware; - - systemd.tmpfiles.rules = [ - # Remove the following log message: - # (WW) NVIDIA: Failed to bind sideband socket to - # (WW) NVIDIA: '/var/run/nvidia-xdriver-b4f69129' Permission denied - # - # https://bbs.archlinux.org/viewtopic.php?pid=1909115#p1909115 - "d /run/nvidia-xdriver 0770 root users" - ] ++ lib.optional (nvidia_x11.persistenced != null && config.virtualisation.docker.enableNvidia) - "L+ /run/nvidia-docker/extras/bin/nvidia-persistenced - - - - ${nvidia_x11.persistenced}/origBin/nvidia-persistenced"; - - boot = { - extraModulePackages = - if cfg.open - then [nvidia_x11.open] - else [nvidia_x11.bin]; - # nvidia-uvm is required by CUDA applications. - kernelModules = - lib.optionals config.services.xserver.enable ["nvidia" "nvidia_modeset" "nvidia_drm"]; - - # If requested enable modesetting via kernel parameter. - kernelParams = - lib.optional (offloadCfg.enable || cfg.modesetting.enable) "nvidia-drm.modeset=1" - ++ lib.optional cfg.powerManagement.enable "nvidia.NVreg_PreserveVideoMemoryAllocations=1" - ++ lib.optional cfg.open "nvidia.NVreg_OpenRmEnableUnsupportedGpus=1" - ++ lib.optional (config.boot.kernelPackages.kernel.kernelAtLeast "6.2" && !ibtSupport) "ibt=off"; - - # enable finegrained power management - extraModprobeConfig = lib.optionalString cfg.powerManagement.finegrained '' - options nvidia "NVreg_DynamicPowerManagement=0x02" - ''; - }; - services.udev.extraRules = - lib.optionalString cfg.powerManagement.finegrained ( - lib.optionalString (lib.versionOlder config.boot.kernelPackages.kernel.version "5.5") '' - # Remove NVIDIA USB xHCI Host Controller devices, if present - ACTION=="add", SUBSYSTEM=="pci", ATTR{vendor}=="0x10de", ATTR{class}=="0x0c0330", ATTR{remove}="1" - - # Remove NVIDIA USB Type-C UCSI devices, if present - ACTION=="add", SUBSYSTEM=="pci", ATTR{vendor}=="0x10de", ATTR{class}=="0x0c8000", ATTR{remove}="1" - - # Remove NVIDIA Audio devices, if present - ACTION=="add", SUBSYSTEM=="pci", ATTR{vendor}=="0x10de", ATTR{class}=="0x040300", ATTR{remove}="1" - '' - + '' - # Enable runtime PM for NVIDIA VGA/3D controller devices on driver bind - ACTION=="bind", SUBSYSTEM=="pci", ATTR{vendor}=="0x10de", ATTR{class}=="0x030000", TEST=="power/control", ATTR{power/control}="auto" - ACTION=="bind", SUBSYSTEM=="pci", ATTR{vendor}=="0x10de", ATTR{class}=="0x030200", TEST=="power/control", ATTR{power/control}="auto" - - # Disable runtime PM for NVIDIA VGA/3D controller devices on driver unbind - ACTION=="unbind", SUBSYSTEM=="pci", ATTR{vendor}=="0x10de", ATTR{class}=="0x030000", TEST=="power/control", ATTR{power/control}="on" - ACTION=="unbind", SUBSYSTEM=="pci", ATTR{vendor}=="0x10de", ATTR{class}=="0x030200", TEST=="power/control", ATTR{power/control}="on" - '' - ); - }) - # Data Center - (lib.mkIf (cfg.datacenter.enable) { - boot.extraModulePackages = [ - nvidia_x11.bin - ]; - - systemd = { - tmpfiles.rules = - lib.optional (nvidia_x11.persistenced != null && config.virtualisation.docker.enableNvidia) - "L+ /run/nvidia-docker/extras/bin/nvidia-persistenced - - - - ${nvidia_x11.persistenced}/origBin/nvidia-persistenced"; - - services = lib.mkMerge [ - ({ - nvidia-fabricmanager = { - enable = true; - description = "Start NVIDIA NVLink Management"; - wantedBy = [ "multi-user.target" ]; - unitConfig.After = [ "network-online.target" ]; - unitConfig.Requires = [ "network-online.target" ]; - serviceConfig = { - Type = "forking"; - TimeoutStartSec = 240; - ExecStart = let - nv-fab-conf = settingsFormat.generate "fabricmanager.conf" cfg.datacenter.settings; - in + }) + (lib.mkIf cfg.nvidiaPersistenced { + "nvidia-persistenced" = { + description = "NVIDIA Persistence Daemon"; + wantedBy = [ "multi-user.target" ]; + serviceConfig = { + Type = "forking"; + Restart = "always"; + PIDFile = "/var/run/nvidia-persistenced/nvidia-persistenced.pid"; + ExecStart = "${lib.getExe nvidia_x11.persistenced} --verbose"; + ExecStopPost = "${pkgs.coreutils}/bin/rm -rf /var/run/nvidia-persistenced"; + }; + }; + }) + (lib.mkIf cfg.dynamicBoost.enable { + "nvidia-powerd" = { + description = "nvidia-powerd service"; + path = [ + pkgs.util-linux # nvidia-powerd wants lscpu + ]; + wantedBy = [ "multi-user.target" ]; + serviceConfig = { + Type = "dbus"; + BusName = "nvidia.powerd.server"; + ExecStart = "${nvidia_x11.bin}/bin/nvidia-powerd"; + }; + }; + }) + ]; + services.acpid.enable = true; + + services.dbus.packages = lib.optional cfg.dynamicBoost.enable nvidia_x11.bin; + + hardware.firmware = + let + isOpen = cfg.open; + isNewUnfree = lib.versionAtLeast nvidia_x11.version "555"; + in + lib.optional (isOpen || isNewUnfree) nvidia_x11.firmware; + + systemd.tmpfiles.rules = + [ + # Remove the following log message: + # (WW) NVIDIA: Failed to bind sideband socket to + # (WW) NVIDIA: '/var/run/nvidia-xdriver-b4f69129' Permission denied + # + # https://bbs.archlinux.org/viewtopic.php?pid=1909115#p1909115 + "d /run/nvidia-xdriver 0770 root users" + ] + ++ lib.optional (nvidia_x11.persistenced != null && config.virtualisation.docker.enableNvidia) + "L+ /run/nvidia-docker/extras/bin/nvidia-persistenced - - - - ${nvidia_x11.persistenced}/origBin/nvidia-persistenced"; + + boot = { + extraModulePackages = if cfg.open then [ nvidia_x11.open ] else [ nvidia_x11.bin ]; + # nvidia-uvm is required by CUDA applications. + kernelModules = lib.optionals config.services.xserver.enable [ + "nvidia" + "nvidia_modeset" + "nvidia_drm" + ]; + + # If requested enable modesetting via kernel parameter. + kernelParams = + lib.optional (offloadCfg.enable || cfg.modesetting.enable) "nvidia-drm.modeset=1" + ++ lib.optional cfg.powerManagement.enable "nvidia.NVreg_PreserveVideoMemoryAllocations=1" + ++ lib.optional cfg.open "nvidia.NVreg_OpenRmEnableUnsupportedGpus=1" + ++ lib.optional (config.boot.kernelPackages.kernel.kernelAtLeast "6.2" && !ibtSupport) "ibt=off"; + + # enable finegrained power management + extraModprobeConfig = lib.optionalString cfg.powerManagement.finegrained '' + options nvidia "NVreg_DynamicPowerManagement=0x02" + ''; + }; + services.udev.extraRules = lib.optionalString cfg.powerManagement.finegrained ( + lib.optionalString (lib.versionOlder config.boot.kernelPackages.kernel.version "5.5") '' + # Remove NVIDIA USB xHCI Host Controller devices, if present + ACTION=="add", SUBSYSTEM=="pci", ATTR{vendor}=="0x10de", ATTR{class}=="0x0c0330", ATTR{remove}="1" + + # Remove NVIDIA USB Type-C UCSI devices, if present + ACTION=="add", SUBSYSTEM=="pci", ATTR{vendor}=="0x10de", ATTR{class}=="0x0c8000", ATTR{remove}="1" + + # Remove NVIDIA Audio devices, if present + ACTION=="add", SUBSYSTEM=="pci", ATTR{vendor}=="0x10de", ATTR{class}=="0x040300", ATTR{remove}="1" + '' + + '' + # Enable runtime PM for NVIDIA VGA/3D controller devices on driver bind + ACTION=="bind", SUBSYSTEM=="pci", ATTR{vendor}=="0x10de", ATTR{class}=="0x030000", TEST=="power/control", ATTR{power/control}="auto" + ACTION=="bind", SUBSYSTEM=="pci", ATTR{vendor}=="0x10de", ATTR{class}=="0x030200", TEST=="power/control", ATTR{power/control}="auto" + + # Disable runtime PM for NVIDIA VGA/3D controller devices on driver unbind + ACTION=="unbind", SUBSYSTEM=="pci", ATTR{vendor}=="0x10de", ATTR{class}=="0x030000", TEST=="power/control", ATTR{power/control}="on" + ACTION=="unbind", SUBSYSTEM=="pci", ATTR{vendor}=="0x10de", ATTR{class}=="0x030200", TEST=="power/control", ATTR{power/control}="on" + '' + ); + }) + # Data Center + (lib.mkIf (cfg.datacenter.enable) { + boot.extraModulePackages = [ nvidia_x11.bin ]; + + systemd = { + tmpfiles.rules = + lib.optional (nvidia_x11.persistenced != null && config.virtualisation.docker.enableNvidia) + "L+ /run/nvidia-docker/extras/bin/nvidia-persistenced - - - - ${nvidia_x11.persistenced}/origBin/nvidia-persistenced"; + + services = lib.mkMerge [ + ({ + nvidia-fabricmanager = { + enable = true; + description = "Start NVIDIA NVLink Management"; + wantedBy = [ "multi-user.target" ]; + unitConfig.After = [ "network-online.target" ]; + unitConfig.Requires = [ "network-online.target" ]; + serviceConfig = { + Type = "forking"; + TimeoutStartSec = 240; + ExecStart = + let + nv-fab-conf = settingsFormat.generate "fabricmanager.conf" cfg.datacenter.settings; + in "${lib.getExe nvidia_x11.fabricmanager} -c ${nv-fab-conf}"; - LimitCORE="infinity"; + LimitCORE = "infinity"; + }; }; - }; - }) - (lib.mkIf cfg.nvidiaPersistenced { - "nvidia-persistenced" = { - description = "NVIDIA Persistence Daemon"; - wantedBy = ["multi-user.target"]; - serviceConfig = { - Type = "forking"; - Restart = "always"; - PIDFile = "/var/run/nvidia-persistenced/nvidia-persistenced.pid"; - ExecStart = "${lib.getExe nvidia_x11.persistenced} --verbose"; - ExecStopPost = "${pkgs.coreutils}/bin/rm -rf /var/run/nvidia-persistenced"; + }) + (lib.mkIf cfg.nvidiaPersistenced { + "nvidia-persistenced" = { + description = "NVIDIA Persistence Daemon"; + wantedBy = [ "multi-user.target" ]; + serviceConfig = { + Type = "forking"; + Restart = "always"; + PIDFile = "/var/run/nvidia-persistenced/nvidia-persistenced.pid"; + ExecStart = "${lib.getExe nvidia_x11.persistenced} --verbose"; + ExecStopPost = "${pkgs.coreutils}/bin/rm -rf /var/run/nvidia-persistenced"; + }; }; - }; - }) - ]; - }; + }) + ]; + }; - environment.systemPackages = - lib.optional cfg.datacenter.enable nvidia_x11.fabricmanager - ++ lib.optional cfg.nvidiaPersistenced nvidia_x11.persistenced; - }) - ]); + environment.systemPackages = + lib.optional cfg.datacenter.enable nvidia_x11.fabricmanager + ++ lib.optional cfg.nvidiaPersistenced nvidia_x11.persistenced; + }) + ] + ); } diff --git a/nixos/tests/systemd-initrd-luks-fido2.nix b/nixos/tests/systemd-initrd-luks-fido2.nix index f9f75ab7f301c..207f51f4dd9b4 100644 --- a/nixos/tests/systemd-initrd-luks-fido2.nix +++ b/nixos/tests/systemd-initrd-luks-fido2.nix @@ -9,7 +9,6 @@ import ./make-test-python.nix ({ lib, pkgs, ... }: { # Booting off the encrypted disk requires having a Nix store available for the init script mountHostNixStore = true; useEFIBoot = true; - qemu.package = lib.mkForce (pkgs.qemu_test.override { canokeySupport = true; }); qemu.options = [ "-device canokey,file=/tmp/canokey-file" ]; }; boot.loader.systemd-boot.enable = true; diff --git a/pkgs/applications/networking/browsers/chromium/upstream-info.nix b/pkgs/applications/networking/browsers/chromium/upstream-info.nix index e3a13731541b8..e3bf7d7c09444 100644 --- a/pkgs/applications/networking/browsers/chromium/upstream-info.nix +++ b/pkgs/applications/networking/browsers/chromium/upstream-info.nix @@ -27,11 +27,11 @@ version = "2024-04-10"; }; ungoogled-patches = { - hash = "sha256-I3RQBa4LLuOdZQFKHIqePj9Ozw61dsuAOctqN1abij0="; - rev = "125.0.6422.60-1"; + hash = "sha256-bGc8hQnuiGot0kThSAi4AFAwmvrNPs1bR7oZx2XoAGo="; + rev = "125.0.6422.76-1"; }; }; - hash = "sha256-ewX7oRna7IYCXhAe98HS5HbS1psIEAguhZJ1ymK+dPE="; - version = "125.0.6422.60"; + hash = "sha256-m7WeRloS6tGH2AwhkNicpqThUQmS+9w2xFS2dbmu1vw="; + version = "125.0.6422.76"; }; } diff --git a/pkgs/applications/networking/cluster/cni/plugins.nix b/pkgs/applications/networking/cluster/cni/plugins.nix index 438d51518dff9..b0cd31e9de019 100644 --- a/pkgs/applications/networking/cluster/cni/plugins.nix +++ b/pkgs/applications/networking/cluster/cni/plugins.nix @@ -2,13 +2,13 @@ buildGoModule rec { pname = "cni-plugins"; - version = "1.4.1"; + version = "1.5.0"; src = fetchFromGitHub { owner = "containernetworking"; repo = "plugins"; rev = "v${version}"; - hash = "sha256-co4jThsUR070aJh1hgXHT6QKW22d8UCmogtZYc4nzlA="; + hash = "sha256-gJp1w2H+hPSSu1Y4BY9Sa8lLnhpiZJu2Dz9OenYlQFo="; }; vendorHash = null; diff --git a/pkgs/applications/networking/instant-messengers/qq/sources.nix b/pkgs/applications/networking/instant-messengers/qq/sources.nix index 590dbb3605e0e..b8f1b2effdf34 100644 --- a/pkgs/applications/networking/instant-messengers/qq/sources.nix +++ b/pkgs/applications/networking/instant-messengers/qq/sources.nix @@ -1,9 +1,9 @@ # Generated by ./update.sh - do not update manually! -# Last updated: 2024-04-27 +# Last updated: 2024-05-21 { - version = "3.2.7"; - amd64_url = "https://dldir1.qq.com/qqfile/qq/QQNT/Linux/QQ_3.2.7_240422_amd64_01.deb"; - arm64_url = "https://dldir1.qq.com/qqfile/qq/QQNT/Linux/QQ_3.2.7_240422_arm64_01.deb"; - arm64_hash = "sha256-MrLkPHri3ifVy3+WNNs/CKK4Myztw8ZjWFEZDr27mpM="; - amd64_hash = "sha256-eZMzMaqCF514Wij8BZ0sLoyzjKNArLSFe92tN9WAiu0="; + version = "3.2.8"; + amd64_url = "https://dldir1.qq.com/qqfile/qq/QQNT/Linux/QQ_3.2.8_240520_amd64_01.deb"; + arm64_url = "https://dldir1.qq.com/qqfile/qq/QQNT/Linux/QQ_3.2.8_240520_arm64_01.deb"; + arm64_hash = "sha256-qSv7GqnXvp8IFh3krcJlKheRn4sF4cr4+ZItd2y8JUg="; + amd64_hash = "sha256-0j4hLSbPgKQOPqtESZqnZYbq3j/CYNG58XEpT7UHOT8="; } diff --git a/pkgs/applications/radio/cloudlog/default.nix b/pkgs/applications/radio/cloudlog/default.nix index b9d17927776d1..162c9cac96589 100644 --- a/pkgs/applications/radio/cloudlog/default.nix +++ b/pkgs/applications/radio/cloudlog/default.nix @@ -8,13 +8,13 @@ stdenvNoCC.mkDerivation rec { pname = "cloudlog"; - version = "2.6.11"; + version = "2.6.12"; src = fetchFromGitHub { owner = "magicbug"; repo = "Cloudlog"; rev = version; - hash = "sha256-9JGhMCypoKOh1Gy1DdK7nrma+L4sJsYN/iuNhBPmHPA="; + hash = "sha256-djY+TqkA+YFCmUwZd1x4YeJDOS6ZtxDb4EhBmyftSzI="; }; postPatch = '' diff --git a/pkgs/applications/virtualization/cri-o/default.nix b/pkgs/applications/virtualization/cri-o/default.nix index d932daa41f3a2..8b13c01852bae 100644 --- a/pkgs/applications/virtualization/cri-o/default.nix +++ b/pkgs/applications/virtualization/cri-o/default.nix @@ -15,13 +15,13 @@ buildGoModule rec { pname = "cri-o"; - version = "1.30.0"; + version = "1.30.1"; src = fetchFromGitHub { owner = "cri-o"; repo = "cri-o"; rev = "v${version}"; - hash = "sha256-gsC6e0wQowgskUazuqQRtO7ra5Wg9RU8+k3LFqIReJk="; + hash = "sha256-3TO7pPDIYxlWXWNIAqCMWPCFPRxG6k6ilL2wDiAXFVY="; }; vendorHash = null; diff --git a/pkgs/applications/virtualization/qemu/canokey-qemu-memcpy.patch b/pkgs/applications/virtualization/qemu/canokey-qemu-memcpy.patch new file mode 100644 index 0000000000000..578c687f54cff --- /dev/null +++ b/pkgs/applications/virtualization/qemu/canokey-qemu-memcpy.patch @@ -0,0 +1,41 @@ +From 9e59480d941c40b868ebafa5138bbc71ca87f08e Mon Sep 17 00:00:00 2001 +From: Alyssa Ross <hi@alyssa.is> +Date: Sat, 18 May 2024 09:55:17 +0200 +Subject: [PATCH] Fix build where memcpy is a macro + +I got the following compiler error with Clang 16 building for +x86_64-apple-darwin: + + /tmp/nix-build-canokey-qemu-0-unstable-2023-06-06.drv-0/source/canokey-core/applets/oath/oath.c:44:50: error: too many arguments provided to function-like macro invocation + memcpy(RDATA, (uint8_t[]){OATH_TAG_VERSION, 3, 0x05, 0x05, 0x05, OATH_TAG_NAME, HANDLE_LEN}, 7); + ^ + /nix/store/vw8y07yai2pjv02s1piw3r5cyhmjbddf-Libsystem-1238.60.2/include/secure/_string.h:64:9: note: macro 'memcpy' defined here + #define memcpy(dest, src, len) \ + ^ + /tmp/nix-build-canokey-qemu-0-unstable-2023-06-06.drv-0/source/canokey-core/applets/oath/oath.c:44:3: note: parentheses are required around macro argument containing braced initializer list + memcpy(RDATA, (uint8_t[]){OATH_TAG_VERSION, 3, 0x05, 0x05, 0x05, OATH_TAG_NAME, HANDLE_LEN}, 7); + ^ + ( ) + 1 error generated. + +Link: https://github.com/canokeys/canokey-core/pull/85 +--- + canokey-core/applets/oath/oath.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/canokey-core/applets/oath/oath.c b/canokey-core/applets/oath/oath.c +index bd8361a..2d2c0ef 100644 +--- a/canokey-core/applets/oath/oath.c ++++ b/canokey-core/applets/oath/oath.c +@@ -41,7 +41,7 @@ int oath_install(uint8_t reset) { + static int oath_select(const CAPDU *capdu, RAPDU *rapdu) { + if (P2 != 0x00) EXCEPT(SW_WRONG_P1P2); + +- memcpy(RDATA, (uint8_t[]){OATH_TAG_VERSION, 3, 0x05, 0x05, 0x05, OATH_TAG_NAME, HANDLE_LEN}, 7); ++ memcpy(RDATA, ((uint8_t[]){OATH_TAG_VERSION, 3, 0x05, 0x05, 0x05, OATH_TAG_NAME, HANDLE_LEN}), 7); + if (read_attr(OATH_FILE, ATTR_HANDLE, RDATA + 7, HANDLE_LEN) < 0) return -1; + LL = 7 + HANDLE_LEN; + +-- +2.44.0 + diff --git a/pkgs/applications/virtualization/qemu/canokey-qemu.nix b/pkgs/applications/virtualization/qemu/canokey-qemu.nix index 9536b91ba5403..b94ba0c1adbe4 100644 --- a/pkgs/applications/virtualization/qemu/canokey-qemu.nix +++ b/pkgs/applications/virtualization/qemu/canokey-qemu.nix @@ -3,29 +3,47 @@ stdenv, fetchFromGitHub, cmake, + unstableGitUpdater, }: stdenv.mkDerivation rec { pname = "canokey-qemu"; - version = "unstable-2022-06-23"; - rev = "b70af31229f1858089c3366f71b8d771de4a1e84"; + version = "0-unstable-2023-06-06"; + rev = "151568c34f5e92b086b7a3a62a11c43dd39f628b"; src = fetchFromGitHub { owner = "canokeys"; repo = "canokey-qemu"; inherit rev; fetchSubmodules = true; - hash = "sha256-VJb59K/skx+DhoJs5qGUu070hAjQZC2Z6hAMXuX0bMw="; + hash = "sha256-4V/2UOgGWgL+tFJO/k90bCDjWSVyIpxw3nYi9NU/OxA="; }; + patches = [ + ./canokey-qemu-memcpy.patch + ]; + postPatch = '' substituteInPlace canokey-core/CMakeLists.txt \ --replace "COMMAND git describe --always --tags --long --abbrev=8 --dirty >>" "COMMAND echo '$rev' >>" ''; + preConfigure = '' + cmakeFlagsArray+=( + -DCMAKE_C_FLAGS=${lib.escapeShellArg ([ + "-Wno-error=unused-but-set-parameter" + "-Wno-error=unused-but-set-variable" + ] ++ lib.optionals stdenv.cc.isClang [ + "-Wno-error=documentation" + ])} + ) + ''; + outputs = [ "out" "dev" ]; nativeBuildInputs = [ cmake ]; + passthru.updateScript = unstableGitUpdater { }; + meta = with lib; { homepage = "https://github.com/canokeys/canokey-qemu"; description = "CanoKey QEMU Virt Card"; diff --git a/pkgs/applications/virtualization/qemu/default.nix b/pkgs/applications/virtualization/qemu/default.nix index 3e6a905fe8843..c5d3a6fd75685 100644 --- a/pkgs/applications/virtualization/qemu/default.nix +++ b/pkgs/applications/virtualization/qemu/default.nix @@ -29,7 +29,7 @@ , smbdSupport ? false, samba , tpmSupport ? !toolsOnly , uringSupport ? stdenv.isLinux, liburing -, canokeySupport ? false, canokey-qemu +, canokeySupport ? !toolsOnly, canokey-qemu , capstoneSupport ? !toolsOnly, capstone , enableDocs ? true , hostCpuOnly ? false diff --git a/pkgs/by-name/im/immich-go/package.nix b/pkgs/by-name/im/immich-go/package.nix index cfa5a04bf2465..439c4768ea15e 100644 --- a/pkgs/by-name/im/immich-go/package.nix +++ b/pkgs/by-name/im/immich-go/package.nix @@ -1,16 +1,30 @@ { lib, buildGoModule, fetchFromGitHub, nix-update-script, testers, immich-go }: buildGoModule rec { pname = "immich-go"; - version = "0.13.2"; + version = "0.14.1"; src = fetchFromGitHub { owner = "simulot"; repo = "immich-go"; rev = "${version}"; - hash = "sha256-zYqPPLDfBx4FLvZIo5E6nAeIiFfBCLI00xLieXFkMxs="; + hash = "sha256-5dgEyg55ffJLH8zxp6mFVsUqAzyPnY18XnX+jMethUc="; + + # Inspired by: https://github.com/NixOS/nixpkgs/blob/f2d7a289c5a5ece8521dd082b81ac7e4a57c2c5c/pkgs/applications/graphics/pdfcpu/default.nix#L20-L32 + # The intention here is to write the information into files in the `src`'s + # `$out`, and use them later in other phases (in this case `preBuild`). + # In order to keep determinism, we also delete the `.git` directory + # afterwards, imitating the default behavior of `leaveDotGit = false`. + # More info about git log format can be found at `git-log(1)` manpage. + leaveDotGit = true; + postFetch = '' + cd "$out" + git log -1 --pretty=%H > "COMMIT" + git log -1 --pretty=%cd --date=format:'%Y-%m-%dT%H:%M:%SZ' > "SOURCE_DATE" + rm -rf ".git" + ''; }; - vendorHash = "sha256-Y5BujN2mk662oKxQpenjFlxazST2GqWr9ug0sOsxKbY="; + vendorHash = "sha256-nOJJz5KEXqxl3tP1Q12Cb/fugtxR67RjzH6khKg3ppE="; # options used by upstream: # https://github.com/simulot/immich-go/blob/0.13.2/.goreleaser.yaml @@ -19,10 +33,13 @@ buildGoModule rec { "-w" "-extldflags=-static" "-X main.version=${version}" - "-X main.commit=${version}" - "-X main.date=unknown" ]; + preBuild = '' + ldflags+=" -X main.commit=$(cat COMMIT)" + ldflags+=" -X main.date=$(cat SOURCE_DATE)" + ''; + passthru = { updateScript = nix-update-script { }; tests.versionTest = testers.testVersion { diff --git a/pkgs/by-name/mi/mihomo/package.nix b/pkgs/by-name/mi/mihomo/package.nix index b397c9a3e2b0d..3d1805687e2ad 100644 --- a/pkgs/by-name/mi/mihomo/package.nix +++ b/pkgs/by-name/mi/mihomo/package.nix @@ -6,16 +6,16 @@ buildGoModule rec { pname = "mihomo"; - version = "1.18.4"; + version = "1.18.5"; src = fetchFromGitHub { owner = "MetaCubeX"; repo = "mihomo"; rev = "v${version}"; - hash = "sha256-mqNcMB2nb8+e9XEGKqwaBE/nC4+jRaEFxE17e0JTo8Y="; + hash = "sha256-YNnZ/wlOzmTAD76py4CRlClPi2S1b4PaanCfT/Q426A="; }; - vendorHash = "sha256-9Ey4roUm/Y6GfFmLD6ij/A+YIgetStawWmhD+Iq3qc8="; + vendorHash = "sha256-yBQ4Nt03VS2em6vkzMa1WH9jHc6pwdlW0tt9cth55oQ="; excludedPackages = [ "./test" ]; diff --git a/pkgs/by-name/pg/pgroll/package.nix b/pkgs/by-name/pg/pgroll/package.nix index d3670ef96d131..bc28bfb74ad73 100644 --- a/pkgs/by-name/pg/pgroll/package.nix +++ b/pkgs/by-name/pg/pgroll/package.nix @@ -5,16 +5,16 @@ buildGoModule rec { pname = "pgroll"; - version = "0.5.0"; + version = "0.6.0"; src = fetchFromGitHub { owner = "xataio"; repo = "pgroll"; rev = "v${version}"; - hash = "sha256-VYGwIJsPVilFxvglj+E7H9NpqUV1CV/ggBP3gFleWIA="; + hash = "sha256-XZrgJZR6CWdQWgGMXlEyZ5De6bu/u7+YvYvq6id9YzM="; }; - vendorHash = "sha256-Fz+o1jSoMfqKYo1I7VUFqbhBEgcoQEx7aYsmzCLsbnI="; + vendorHash = "sha256-+6HpxqQxGpIAyfn+38UeW2ksv5WyX67AT5e9JgQBI+k="; # Tests require a running docker daemon doCheck = false; diff --git a/pkgs/applications/editors/pulsar/001-patch-wrapper.patch b/pkgs/by-name/pu/pulsar/001-patch-wrapper.patch index 2270ad3c8aea8..2270ad3c8aea8 100644 --- a/pkgs/applications/editors/pulsar/001-patch-wrapper.patch +++ b/pkgs/by-name/pu/pulsar/001-patch-wrapper.patch diff --git a/pkgs/applications/editors/pulsar/default.nix b/pkgs/by-name/pu/pulsar/package.nix index 6cd8e423ad529..443ac74c32db2 100644 --- a/pkgs/applications/editors/pulsar/default.nix +++ b/pkgs/by-name/pu/pulsar/package.nix @@ -34,13 +34,13 @@ let pname = "pulsar"; - version = "1.114.0"; + version = "1.117.0"; sourcesPath = { x86_64-linux.tarname = "Linux.${pname}-${version}.tar.gz"; - x86_64-linux.hash = "sha256-O//dowoMgQfS3hq088IKr5aJd5St9zpT/ypfuswnyv0="; + x86_64-linux.hash = "sha256-iDQV4wcb+TY5qv8X6UW6PumK9+i5cn705ZzCSx5VgMs="; aarch64-linux.tarname = "ARM.Linux.${pname}-${version}-arm64.tar.gz"; - aarch64-linux.hash = "sha256-EzCTB1Ib9cTbslEdXPsS5gehHr1qd5v4iZgOqpxhUmA="; + aarch64-linux.hash = "sha256-NJc6CQA7ZCX70ui+QcVcLW2qxM05A93yqpiiW+YosGc="; }.${stdenv.hostPlatform.system} or (throw "Unsupported system: ${stdenv.hostPlatform.system}"); newLibpath = lib.makeLibraryPath [ @@ -219,17 +219,17 @@ stdenv.mkDerivation rec { passthru.updateScript = ./update.mjs; - meta = with lib; { + meta = { description = "A Community-led Hyper-Hackable Text Editor"; longDescription = '' A Community-led Hyper-Hackable Text Editor, Forked from Atom, built on Electron. Designed to be deeply customizable, but still approachable using the default configuration. ''; homepage = "https://github.com/pulsar-edit/pulsar"; - sourceProvenance = with sourceTypes; [ binaryNativeCode ]; - license = licenses.mit; - platforms = platforms.linux; - maintainers = with maintainers; [ bryango ]; + sourceProvenance = with lib.sourceTypes; [ binaryNativeCode ]; + license = lib.licenses.mit; + platforms = lib.platforms.linux; + maintainers = with lib.maintainers; [ bryango ]; knownVulnerabilities = [ "CVE-2023-5217" "CVE-2022-21718" diff --git a/pkgs/applications/editors/pulsar/pulsar.nemo_action b/pkgs/by-name/pu/pulsar/pulsar.nemo_action index a74d7324ecce3..a74d7324ecce3 100644 --- a/pkgs/applications/editors/pulsar/pulsar.nemo_action +++ b/pkgs/by-name/pu/pulsar/pulsar.nemo_action diff --git a/pkgs/applications/editors/pulsar/update.mjs b/pkgs/by-name/pu/pulsar/update.mjs index 4f3d2993e9730..4f3d2993e9730 100755 --- a/pkgs/applications/editors/pulsar/update.mjs +++ b/pkgs/by-name/pu/pulsar/update.mjs diff --git a/pkgs/development/compilers/unison/default.nix b/pkgs/development/compilers/unison/default.nix index 2ba6a65c7afcb..f685ab2405f64 100644 --- a/pkgs/development/compilers/unison/default.nix +++ b/pkgs/development/compilers/unison/default.nix @@ -4,24 +4,26 @@ , gmp , less , makeWrapper +, libb2 , ncurses6 +, openssl , stdenv , zlib }: stdenv.mkDerivation (finalAttrs: { pname = "unison-code-manager"; - version = "0.5.19"; + version = "0.5.20"; src = if stdenv.isDarwin then fetchurl { url = "https://github.com/unisonweb/unison/releases/download/release/${finalAttrs.version}/ucm-macos.tar.gz"; - hash = "sha256-//bjpmW45BqBHmBIj2uMahYQYjhNJ8hvGh+O/7oYQOk="; + hash = "sha256-jhI3qy2ov8bf3l1n0wsslWT70LDeQ6sGNSH62VFJ5cE="; } else fetchurl { url = "https://github.com/unisonweb/unison/releases/download/release/${finalAttrs.version}/ucm-linux.tar.gz"; - hash = "sha256-3WyiV6mIuo5GDpDK/KdWMvj22sZ3uph15u3v3TX5YZA="; + hash = "sha256-MOm0RsMFWGik2OL2MPkgmHqKYNO28fkZHVJ/6P3aIww="; }; # The tarball is just the prebuilt binary, in the archive root. @@ -31,14 +33,17 @@ stdenv.mkDerivation (finalAttrs: { nativeBuildInputs = [ makeWrapper ] ++ lib.optional (!stdenv.isDarwin) autoPatchelfHook; - buildInputs = lib.optionals (!stdenv.isDarwin) [ ncurses6 zlib gmp ]; + buildInputs = lib.optionals (!stdenv.isDarwin) [ gmp ncurses6 zlib ]; installPhase = '' - mkdir -p $out/bin - mv ucm $out/bin + mkdir -p $out/{bin,lib} + mv runtime $out/lib/runtime mv ui $out/ui - wrapProgram $out/bin/ucm \ + mv unison $out/unison + makeWrapper $out/unison/unison $out/bin/ucm \ + --prefix LD_LIBRARY_PATH : ${lib.makeLibraryPath [ libb2 openssl ]} \ --prefix PATH ":" "${lib.makeBinPath [ less ]}" \ + --add-flags "--runtime-path $out/lib/runtime/bin/unison-runtime" \ --set UCM_WEB_UI "$out/ui" ''; diff --git a/pkgs/development/interpreters/wasmtime/default.nix b/pkgs/development/interpreters/wasmtime/default.nix index fafe521fbde19..afa65741892c9 100644 --- a/pkgs/development/interpreters/wasmtime/default.nix +++ b/pkgs/development/interpreters/wasmtime/default.nix @@ -2,19 +2,19 @@ rustPlatform.buildRustPackage rec { pname = "wasmtime"; - version = "20.0.2"; + version = "21.0.0"; src = fetchFromGitHub { owner = "bytecodealliance"; repo = pname; rev = "v${version}"; - hash = "sha256-zXBVqSBq/dLY8oEs0dNZxtjs4H1aKTJYeeazysHvh3w="; + hash = "sha256-2iCtAgOhO7ydmaSKFFdiMMImrJHv53EtVeJ6tn3F7/Y="; fetchSubmodules = true; }; # Disable cargo-auditable until https://github.com/rust-secure-code/cargo-auditable/issues/124 is solved. auditable = false; - cargoHash = "sha256-jFqLUWdW/UfOc843aWO7RNDx1E6sBhUWB5Xw2+A2u90="; + cargoHash = "sha256-vYOSX01jYJ4x6QaGazYXA1QJiR501zlaV3QZfeDDUdw="; cargoBuildFlags = [ "--package" "wasmtime-cli" "--package" "wasmtime-c-api" ]; outputs = [ "out" "dev" ]; diff --git a/pkgs/development/python-modules/django-modeltranslation/default.nix b/pkgs/development/python-modules/django-modeltranslation/default.nix index 3f7fd5abd6d19..eb6458d6a96cd 100644 --- a/pkgs/development/python-modules/django-modeltranslation/default.nix +++ b/pkgs/development/python-modules/django-modeltranslation/default.nix @@ -11,7 +11,7 @@ let # 0.18.12 was yanked from PyPI, it refers to this issue: # https://github.com/deschler/django-modeltranslation/issues/701 - version = "0.18.12"; + version = "0.18.13"; in buildPythonPackage { pname = "django-modeltranslation"; @@ -21,7 +21,7 @@ buildPythonPackage { owner = "deschler"; repo = "django-modeltranslation"; rev = "refs/tags/v${version}"; - hash = "sha256-6rAAu3Fd4D93rX8kvkcqhykzBu/lDByQ6zpjWq7J8mg="; + hash = "sha256-9tfB5/XMLnwn+AgaT9TkHtc3HcHiD4pme/+BW1uztIs="; }; # Remove all references to pytest-cov diff --git a/pkgs/development/python-modules/mitmproxy-macos/default.nix b/pkgs/development/python-modules/mitmproxy-macos/default.nix index 31f4c7d8292c9..34989f1655994 100644 --- a/pkgs/development/python-modules/mitmproxy-macos/default.nix +++ b/pkgs/development/python-modules/mitmproxy-macos/default.nix @@ -33,5 +33,6 @@ buildPythonPackage rec { license = licenses.mit; maintainers = with maintainers; [ boltzmannrain ]; platforms = platforms.darwin; + broken = true; # last successful build 2023-12-04 }; } diff --git a/pkgs/development/rocm-modules/6/default.nix b/pkgs/development/rocm-modules/6/default.nix index e74df33a7bfbf..4d10ea2440444 100644 --- a/pkgs/development/rocm-modules/6/default.nix +++ b/pkgs/development/rocm-modules/6/default.nix @@ -115,8 +115,7 @@ in rec { }; rocgdb = callPackage ./rocgdb { - inherit rocmUpdateScript; - elfutils = elfutils.override { enableDebuginfod = true; }; + inherit rocmUpdateScript rocdbgapi; stdenv = llvm.rocmClangStdenv; }; diff --git a/pkgs/development/rocm-modules/6/rocgdb/default.nix b/pkgs/development/rocm-modules/6/rocgdb/default.nix index 919b3e70f6e06..2112c6cf02105 100644 --- a/pkgs/development/rocm-modules/6/rocgdb/default.nix +++ b/pkgs/development/rocm-modules/6/rocgdb/default.nix @@ -6,11 +6,16 @@ , texinfo , bison , flex +, glibc , zlib -, elfutils , gmp +, mpfr , ncurses , expat +, rocdbgapi +, python3 +, babeltrace +, sourceHighlight }: stdenv.mkDerivation (finalAttrs: { @@ -33,12 +38,53 @@ stdenv.mkDerivation (finalAttrs: { buildInputs = [ zlib - elfutils gmp + mpfr ncurses expat + rocdbgapi + python3 + babeltrace + sourceHighlight ]; + configureFlags = [ + # Ensure we build the amdgpu traget + "--enable-targets=${stdenv.targetPlatform.config},amdgcn-amd-amdhsa" + "--with-amd-dbgapi=yes" + + "--with-iconv-path=${glibc.bin}" + "--enable-tui" + "--with-babeltrace" + "--with-python=python3" + "--with-system-zlib" + "--enable-64-bit-bfd" + "--with-gmp=${gmp.dev}" + "--with-mpfr=${mpfr.dev}" + "--with-expat" + "--with-libexpat-prefix=${expat.dev}" + + # So the installed binary is called "rocgdb" instead on plain "gdb" + "--program-prefix=roc" + + # Disable building many components not used or incompatible with the amdgcn target + "--disable-sim" + "--disable-gdbserver" + "--disable-ld" + "--disable-gas" + "--disable-gdbserver" + "--disable-sim" + "--disable-gdbtk" + "--disable-gprofng" + "--disable-shared" + ]; + + # The source directory for ROCgdb (based on upstream GDB) contains multiple project + # of GNU’s toolchain (binutils and onther), we only need to install the GDB part. + installPhase = '' + make install-gdb + ''; + # `-Wno-format-nonliteral` doesn't work env.NIX_CFLAGS_COMPILE = "-Wno-error=format-security"; @@ -51,7 +97,7 @@ stdenv.mkDerivation (finalAttrs: { meta = with lib; { description = "ROCm source-level debugger for Linux, based on GDB"; homepage = "https://github.com/ROCm/ROCgdb"; - license = with licenses; [ gpl2 gpl3 bsd3 ]; + license = licenses.gpl3Plus; maintainers = teams.rocm.members; platforms = platforms.linux; broken = versionAtLeast finalAttrs.version "7.0.0"; diff --git a/pkgs/development/tools/continuous-integration/cirrus-cli/default.nix b/pkgs/development/tools/continuous-integration/cirrus-cli/default.nix index a86db85067f6a..c9b74bfb0f4e8 100644 --- a/pkgs/development/tools/continuous-integration/cirrus-cli/default.nix +++ b/pkgs/development/tools/continuous-integration/cirrus-cli/default.nix @@ -6,13 +6,13 @@ buildGoModule rec { pname = "cirrus-cli"; - version = "0.117.0"; + version = "0.118.0"; src = fetchFromGitHub { owner = "cirruslabs"; repo = pname; rev = "v${version}"; - sha256 = "sha256-dJq2/XxhSvqlRQwMHX2RHct6KQu9uik3SPeWD2/rwto="; + sha256 = "sha256-b3riwH3/hsn5PL3QYk/TzVrMpVCVaFxn9gbEn0oTILQ="; }; vendorHash = "sha256-d3cHXO4SFeNybiVDc3dUmd1XzUJ1SlMqSw7KPC3ZrXQ="; diff --git a/pkgs/development/tools/okteto/default.nix b/pkgs/development/tools/okteto/default.nix index 50789530be67d..79514af491938 100644 --- a/pkgs/development/tools/okteto/default.nix +++ b/pkgs/development/tools/okteto/default.nix @@ -2,16 +2,16 @@ buildGoModule rec { pname = "okteto"; - version = "2.26.1"; + version = "2.27.1"; src = fetchFromGitHub { owner = "okteto"; repo = "okteto"; rev = version; - hash = "sha256-bWyerkXmAto0c/LYybUSRctajmL1R0PldfpKsh8crfA="; + hash = "sha256-CpU29+dVC/OHZdVtbQKSUwoBHsUUb2ZmBNtU1YSa/UA="; }; - vendorHash = "sha256-cYiyKNpsMfjqLL+6Q/s3nHRcj2y0DHuOu+S5GndLHxk="; + vendorHash = "sha256-RpkKWz/cJ1StbpVydqpSfA6uwIYgKa1YOCJVXZRer6k="; postPatch = '' # Disable some tests that need file system & network access. @@ -21,6 +21,8 @@ buildGoModule rec { nativeBuildInputs = [ installShellFiles ]; + excludedPackages = [ "integration" "samples" ]; + ldflags = [ "-s" "-w" @@ -30,7 +32,7 @@ buildGoModule rec { tags = [ "osusergo" "netgo" "static_build" ]; preCheck = '' - export HOME=$(mktemp -d) + export HOME="$(mktemp -d)" ''; checkFlags = [ @@ -46,7 +48,7 @@ buildGoModule rec { passthru.tests.version = testers.testVersion { package = okteto; - command = "HOME=$(mktemp -d) okteto version"; + command = "HOME=\"$(mktemp -d)\" okteto version"; }; meta = with lib; { diff --git a/pkgs/development/tools/ols/default.nix b/pkgs/development/tools/ols/default.nix index 0737f56c2bdee..613dd0f5acbdc 100644 --- a/pkgs/development/tools/ols/default.nix +++ b/pkgs/development/tools/ols/default.nix @@ -2,13 +2,13 @@ stdenv.mkDerivation { pname = "ols"; - version = "0-unstable-2024-05-11"; + version = "0-unstable-2024-05-18"; src = fetchFromGitHub { owner = "DanielGavin"; repo = "ols"; - rev = "30625d5568c085c622deece91ed8ac9e81ba28be"; - hash = "sha256-iBrXpLrnBL5W47Iz0Uy4nd5h/ADqSnxZt2jWQi9eYiM="; + rev = "b5b6733320bd866b6895cc2f44910f180dda4e0b"; + hash = "sha256-Mok77ioHklE3jeSFT2um1XgrnRuQf0ysDcTo3Fjukmk="; }; passthru.updateScript = unstableGitUpdater { diff --git a/pkgs/development/tools/profiling/heaptrack/default.nix b/pkgs/development/tools/profiling/heaptrack/default.nix index 2e4d996af01e3..88de0065e8ec2 100644 --- a/pkgs/development/tools/profiling/heaptrack/default.nix +++ b/pkgs/development/tools/profiling/heaptrack/default.nix @@ -1,5 +1,5 @@ { - lib, mkDerivation, fetchFromGitHub, cmake, extra-cmake-modules, + lib, stdenv, mkDerivation, fetchFromGitHub, cmake, extra-cmake-modules, makeBinaryWrapper, zlib, boost179, libunwind, elfutils, sparsehash, zstd, qtbase, kio, kitemmodels, threadweaver, kconfigwidgets, kcoreaddons, kdiagram }: @@ -12,20 +12,29 @@ mkDerivation rec { owner = "KDE"; repo = "heaptrack"; rev = "v${version}"; - sha256 = "sha256-pP+s60ERnmOctYTe/vezCg0VYzziApNY0QaF3aTccZU="; + hash = "sha256-pP+s60ERnmOctYTe/vezCg0VYzziApNY0QaF3aTccZU="; }; - nativeBuildInputs = [ cmake extra-cmake-modules ]; + nativeBuildInputs = [ cmake extra-cmake-modules makeBinaryWrapper ]; buildInputs = [ - zlib boost179 libunwind elfutils sparsehash zstd + zlib boost179 libunwind sparsehash zstd qtbase kio kitemmodels threadweaver kconfigwidgets kcoreaddons kdiagram + ] ++ lib.optionals stdenv.hostPlatform.isLinux [ + elfutils ]; + postInstall = lib.optionalString stdenv.hostPlatform.isDarwin '' + makeWrapper \ + $out/Applications/KDE/heaptrack_gui.app/Contents/MacOS/heaptrack_gui \ + $out/bin/heaptrack_gui + ''; + meta = with lib; { description = "Heap memory profiler for Linux"; homepage = "https://github.com/KDE/heaptrack"; license = licenses.lgpl21Plus; + mainProgram = "heaptrack_gui"; maintainers = with maintainers; [ gebner ]; - platforms = platforms.linux; + platforms = platforms.unix; }; } diff --git a/pkgs/games/chiaki4deck/default.nix b/pkgs/games/chiaki4deck/default.nix index fad7a26e356f4..7bdce8d1df421 100644 --- a/pkgs/games/chiaki4deck/default.nix +++ b/pkgs/games/chiaki4deck/default.nix @@ -17,6 +17,7 @@ , SDL2 , libevdev , udev +, curlFull , hidapi , json_c , fftw @@ -66,6 +67,7 @@ stdenv.mkDerivation rec { qtwebengine protobuf SDL2 + curlFull hidapi json_c fftw @@ -82,8 +84,18 @@ stdenv.mkDerivation rec { xxHash ]; + # handle cmake not being able to identify if curl is built with websocket support, and library name discrepancy when curl not built with cmake + postPatch = '' + substituteInPlace CMakeLists.txt \ + --replace-fail ' WS WSS' "" + + substituteInPlace lib/CMakeLists.txt \ + --replace-fail 'libcurl_shared' 'libcurl' + ''; + cmakeFlags = [ "-Wno-dev" + (lib.cmakeFeature "CHIAKI_USE_SYSTEM_CURL" "true") ]; qtWrapperArgs = [ diff --git a/pkgs/os-specific/linux/nvidia-x11/default.nix b/pkgs/os-specific/linux/nvidia-x11/default.nix index 777e5b6ca4d94..db6a5819c5bc4 100644 --- a/pkgs/os-specific/linux/nvidia-x11/default.nix +++ b/pkgs/os-specific/linux/nvidia-x11/default.nix @@ -51,14 +51,12 @@ rec { }); beta = selectHighestVersion latest (generic { - version = "550.40.07"; - sha256_64bit = "sha256-KYk2xye37v7ZW7h+uNJM/u8fNf7KyGTZjiaU03dJpK0="; - sha256_aarch64 = "sha256-AV7KgRXYaQGBFl7zuRcfnTGr8rS5n13nGUIe3mJTXb4="; - openSha256 = "sha256-mRUTEWVsbjq+psVe+kAT6MjyZuLkG2yRDxCMvDJRL1I="; - settingsSha256 = "sha256-c30AQa4g4a1EHmaEu1yc05oqY01y+IusbBuq+P6rMCs="; - persistencedSha256 = "sha256-11tLSY8uUIl4X/roNnxf5yS2PQvHvoNjnd2CB67e870="; - - patches = [ rcu_patch ]; + version = "555.42.02"; + sha256_64bit = "sha256-k7cI3ZDlKp4mT46jMkLaIrc2YUx1lh1wj/J4SVSHWyk="; + sha256_aarch64 = "sha256-ekx0s0LRxxTBoqOzpcBhEKIj/JnuRCSSHjtwng9qAc0="; + openSha256 = "sha256-3/eI1VsBzuZ3Y6RZmt3Q5HrzI2saPTqUNs6zPh5zy6w="; + settingsSha256 = "sha256-rtDxQjClJ+gyrCLvdZlT56YyHQ4sbaL+d5tL4L4VfkA="; + persistencedSha256 = "sha256-3ae31/egyMKpqtGEqgtikWcwMwfcqMv2K4MVFa70Bqs="; }); # Vulkan developer beta driver diff --git a/pkgs/servers/mail/mailman/web.nix b/pkgs/servers/mail/mailman/web.nix index dc5ef230c235a..ae4320fd443a2 100644 --- a/pkgs/servers/mail/mailman/web.nix +++ b/pkgs/servers/mail/mailman/web.nix @@ -6,30 +6,26 @@ with python3.pkgs; buildPythonPackage rec { - pname = "mailman-web"; - version = "0.0.8"; + pname = "mailman_web"; + version = "0.0.9"; disabled = pythonOlder "3.8"; + pyproject = true; src = fetchPypi { inherit pname version; - hash = "sha256-nN/L+X2Rvm6rqkscns4Tn2TAr59O5lCJObvcJp6M0+Q="; + hash = "sha256-3wnduej6xMQzrjGhGXQznfJud/Uoy3BDduukRJeahL8="; }; postPatch = '' - # Django is depended on transitively by hyperkitty and postorius, - # and mailman_web has overly restrictive version bounds on it, so - # let's remove it. - sed -i '/^[[:space:]]*django/Id' setup.cfg - # Upstream seems to mostly target installing on top of existing # distributions, and uses a path appropriate for that, but we are # a distribution, so use a state directory appropriate for a # distro package. substituteInPlace mailman_web/settings/base.py \ - --replace /opt/mailman/web /var/lib/mailman-web + --replace-fail /opt/mailman/web /var/lib/mailman-web ''; - nativeBuildInputs = [ setuptools-scm ]; + nativeBuildInputs = [ pdm-backend ]; propagatedBuildInputs = [ hyperkitty postorius whoosh ]; # Tries to check runtime configuration. diff --git a/pkgs/servers/mattermost/default.nix b/pkgs/servers/mattermost/default.nix index 6a2aedc4cbaf0..2e4df7b51dc9f 100644 --- a/pkgs/servers/mattermost/default.nix +++ b/pkgs/servers/mattermost/default.nix @@ -12,13 +12,13 @@ buildGoModule rec { # See https://docs.mattermost.com/upgrade/extended-support-release.html # When a new ESR version is available (e.g. 8.1.x -> 9.5.x), update # the version regex in passthru.updateScript as well. - version = "9.5.4"; + version = "9.5.5"; src = fetchFromGitHub { owner = "mattermost"; repo = "mattermost"; rev = "v${version}"; - hash = "sha256-iuUTAdgJJDSvUwVmcggJ4ZMVbQ19ymuIaB0PDIgEIdg="; + hash = "sha256-ZaFXuYm9SEE9ARN5PG8vjt9WnNfGiALilGzjfnDP7aA="; }; # Needed because buildGoModule does not support go workspaces yet. @@ -34,7 +34,7 @@ buildGoModule rec { webapp = fetchurl { url = "https://releases.mattermost.com/${version}/mattermost-${version}-linux-amd64.tar.gz"; - hash = "sha256-OVq+puaXPJGOmW9pcgX24LXBfYLzuczRY7KG2tQBY3Q="; + hash = "sha256-tgds8eTBeisuJcLgtx6zOiFUcVL1oU0LLbPqmh4SQUU="; }; vendorHash = "sha256-TJCtgNf56A1U0EbV5gXjTro+YudVBRWiSZoBC3nJxnE="; diff --git a/pkgs/servers/snac2/default.nix b/pkgs/servers/snac2/default.nix index 9c2594c80f999..31b3a0d907de9 100644 --- a/pkgs/servers/snac2/default.nix +++ b/pkgs/servers/snac2/default.nix @@ -10,14 +10,14 @@ stdenv.mkDerivation rec { pname = "snac2"; - version = "2.52"; + version = "2.53"; src = fetchFromGitea { domain = "codeberg.org"; owner = "grunfink"; repo = pname; rev = version; - hash = "sha256-2dDIbY6IaB53BbtNtzyOrigjzkGk7By2N2zZSuQhDAs="; + hash = "sha256-YSopopSJIcONw4utEBWhrfVglD5rTdf/rGNICFBHTvo="; }; buildInputs = [ curl openssl ]; diff --git a/pkgs/shells/zsh/zsh-abbr/default.nix b/pkgs/shells/zsh/zsh-abbr/default.nix index e44fa4a71a97e..20e9dcdb64729 100644 --- a/pkgs/shells/zsh/zsh-abbr/default.nix +++ b/pkgs/shells/zsh/zsh-abbr/default.nix @@ -5,13 +5,13 @@ }: stdenv.mkDerivation rec { pname = "zsh-abbr"; - version = "5.6.0"; + version = "5.7.1"; src = fetchFromGitHub { owner = "olets"; repo = "zsh-abbr"; rev = "v${version}"; - hash = "sha256-FcT1gk11a3nluP0sFMa5LoF7oT/MO4B1GdqdTdFxsLQ="; + hash = "sha256-2Uwo1gV732ZsSmJ6XU895Uqb5QOAQ2J1z85vufBv7nI="; }; strictDeps = true; diff --git a/pkgs/tools/admin/copilot-cli/default.nix b/pkgs/tools/admin/copilot-cli/default.nix index 505e44f3b3c14..941a7956dfb3f 100644 --- a/pkgs/tools/admin/copilot-cli/default.nix +++ b/pkgs/tools/admin/copilot-cli/default.nix @@ -2,16 +2,16 @@ buildGoModule rec { pname = "copilot-cli"; - version = "1.33.3"; + version = "1.33.4"; src = fetchFromGitHub { owner = "aws"; repo = pname; rev = "v${version}"; - hash = "sha256-WPPEox4NKFsVUpLkXawCK2QFwW1BAFaxQ85elvrneHo="; + hash = "sha256-sYsrjp23F/fyvNfLbJdZrptwNrZYespz8xMLYIwGfH0="; }; - vendorHash = "sha256-tVZ8TxJ77Qy+wn+O0otjZ6/VoKkav4OhNKWcrLhudgU="; + vendorHash = "sha256-GOr1l+4xDPm8ArqZpY0PshPeDnqYT+C4hgHGQkezBt8="; nativeBuildInputs = [ installShellFiles ]; diff --git a/pkgs/tools/inputmethods/ibus-engines/ibus-mozc/default.nix b/pkgs/tools/inputmethods/ibus-engines/ibus-mozc/default.nix index d5b1e306f8e8d..4c19fd9abc017 100644 --- a/pkgs/tools/inputmethods/ibus-engines/ibus-mozc/default.nix +++ b/pkgs/tools/inputmethods/ibus-engines/ibus-mozc/default.nix @@ -68,6 +68,13 @@ buildBazelPackage rec { unzip bazel-bin/unix/mozc.zip -x "tmp/*" -d / + # create a desktop file for gnome-control-center + # copied from ubuntu + mkdir -p $out/share/applications + cp ${./ibus-setup-mozc-jp.desktop} $out/share/applications/ibus-setup-mozc-jp.desktop + substituteInPlace $out/share/applications/ibus-setup-mozc-jp.desktop \ + --replace-fail "@mozc@" "$out" + runHook postInstall ''; diff --git a/pkgs/tools/inputmethods/ibus-engines/ibus-mozc/ibus-setup-mozc-jp.desktop b/pkgs/tools/inputmethods/ibus-engines/ibus-mozc/ibus-setup-mozc-jp.desktop new file mode 100644 index 0000000000000..fd12e537a6761 --- /dev/null +++ b/pkgs/tools/inputmethods/ibus-engines/ibus-mozc/ibus-setup-mozc-jp.desktop @@ -0,0 +1,7 @@ +[Desktop Entry] +Name=Mozc Setup +Exec=@mozc@/lib/mozc/mozc_tool --mode=config_dialog +Type=Application +StartupNotify=true +NoDisplay=true +X-Desktop-File-Install-Version=0.27 diff --git a/pkgs/tools/networking/openapi-generator-cli/default.nix b/pkgs/tools/networking/openapi-generator-cli/default.nix index 215d2466d4c82..d451c3094e14d 100644 --- a/pkgs/tools/networking/openapi-generator-cli/default.nix +++ b/pkgs/tools/networking/openapi-generator-cli/default.nix @@ -1,7 +1,7 @@ { callPackage, lib, stdenv, fetchurl, jre, makeWrapper }: let this = stdenv.mkDerivation (finalAttrs: { - version = "7.5.0"; + version = "7.6.0"; pname = "openapi-generator-cli"; jarfilename = "${finalAttrs.pname}-${finalAttrs.version}.jar"; @@ -12,7 +12,7 @@ let this = stdenv.mkDerivation (finalAttrs: { src = fetchurl { url = "mirror://maven/org/openapitools/${finalAttrs.pname}/${finalAttrs.version}/${finalAttrs.jarfilename}"; - sha256 = "sha256-R+u9G+3a99++5SPnuHYjxuwbHUKWD74V9srS9kJsab8="; + sha256 = "sha256-NQdL3TzfxGvpqQLhGlSj+qPK4eNOtmy9lZ0cgHC719c="; }; dontUnpack = true; diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 2f1be7f86551c..94fcff8c7287b 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -29677,8 +29677,6 @@ with pkgs; atlassian-cli = callPackage ../applications/office/atlassian-cli { }; - pulsar = callPackage ../applications/editors/pulsar { }; - asap = callPackage ../tools/audio/asap { }; aseprite = callPackage ../applications/editors/aseprite { }; |