| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
| |
|
|
|
|
| |
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
I didn't get the starcoscard to run with aqbanking so far and the bank
itself is very uncooperative if it comes to giving specific details
about their implementation of FinTS 3.00, so in the end I'm going to
move away from the bank.
But during transition this will work much better than running a Windows
VM (which I didn't have access to in the meantime, so I *had* to get
this running somehow), especially because we can wrap this plugin in
*any* browser that supports NPAPI.
Also, there seems to be some work implementing PPAPI support for
pipelight, but the branch is stale since quite a while:
https://bitbucket.org/mmueller2012/pipelight/branch/ppapi
Going back to the pesky Santander plugin:
In order to support PC/SC-Lite, we need to patch Wine to get support for
the winscard API. We also patch out unixfs, so while there definitely
are better sandboxing options this should suffice so that the plugin
doesn't write garbage on any location of the system (basically it works
entirely read-only).
So in the end we get a nice and small dwb browser, which directly opens
up the login page along with the plugin. The browser is wrapped so that
it only writes to a temporary location, so as soon as it is closed all
the cruft is cleaned up afterwards.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
The right name for it is "signingkey" instead of "signkey" and the
reason this has worked for so long was that if there is no signingkey
value set, Git falls back to using the users name and email address
instead, which is accepted by GnuPG as well.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Regression introduced by fba5c2469bd5e95857c4ffd9db3dd0529f2485f3.
The derivation paths returned by nix-instantiate are usually valid store
paths, except when used with --add-root. In case of the latter, we get
the root symlink back, so we need to do an additional readlink on it.
We also now pass -t to mktemp so that $TMPDIR or /tmp is used instead of
the current working directory.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
|
|
|
|
|
|
|
|
|
|
|
| |
Time for a new GnuPG key, this time CCID-only :-)
This is the last commit you'll get using my old key (which will soon be
revoked as soon as I moved everything over to use the new key), so if
you're paranoid be sure to check the fingerprint against the signature
of this very commit.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
|
|
|
|
| |
one can easily tell I don't currently use the vuizvui channel.
|
| |
|
| |
|
|
|
|
|
|
|
| |
This is needed to ensure that the .drv file doesn't get garbage
collected while we're transferring it to taalo.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
|
|
|
|
|
|
|
| |
We need to split off the !output from the derivation name returned by
nix-instantiate, because we can't realize such a path.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
|
|
|
|
|
|
| |
This is needed to access things such as the YubiKey 4.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
|
|
|
|
|
|
|
|
|
|
| |
I'm doing online banking using FinTS/HBCI via a card reader, so
libchipcard is needed as well.
Another package I've added is gwenhywfar because it contains commands
such as gct-tool, which is useful for debugging.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
|
|
|
|
|
|
|
| |
Needed for various stuff such as YubiKey and card readers I use for
online banking.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Just tested it a bit but haven't really played it (and probably won't
have time to during the next weeks).
This is the version that got released on 2016-06-02 and it needs a small
preload wrapper because it tries to load assets and other stuff relative
to the current directory. The preloader makes sure that the correct
store path is read instead.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
|
|
|
|
|
|
|
| |
Since the merge of the closure-size branch, the curl binary now is in a
dedicated output ".bin".
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
|
|
|
|
|
|
| |
Contains a fix for lower/greater than operators (LnL7/vim-nix#9).
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
|
|
|
|
|
|
|
| |
Since NixOS/nixpkgs@7cf8daa every chroot*-option has been renamed to
refer to "sandbox", because the name fits better (it's not only chroot).
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
|
|
|
|
|
|
|
| |
As of NixOS/nixpkgs@32bed83 the boot loader specific timeout options are
gone and there is only a single option for all boot loaders now.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
|
|
|
|
| |
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
It's a small helper tool which I specifically use for running NixOS
tests (especially the installer ones) that require <nixpkgs> to be
copied to the store.
What git-detach does is creating a temporary working directory which
only contains a trimmed-down (without untracked files and .git
directory) version of the current Git repository.
So in case of <nixpkgs> this is especially useful to keep down the
closure size whenever the working dir is going to be exported to the
store.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
With just taalo-build we can't realize plain .drv files, so let's use
the Perl part to just realize the derivations given by the command line
and provide two shell script wrappers on top of it:
* taalo-build: Similar to nix-build
* taalo-realize: Similar to nix-store -r
Having a command like taalo-realize is very useful if evaluation is done
on a different machine and the closure is just copied over to the local
machine before being sent to taalo.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
|
|
|
|
|
|
|
|
|
|
| |
It makes sense to not only include Vuizvui specific packages to the
constituents of the generic channel, but also all of the Vuizvui
specific tests as well, because if we want to use modules from machines
outside of Vuizvui, we really want to make sure they get a well-tested
channel as well.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This adds all the packages that are marked to be built on Hydra to the
constituents of the generic channel so that we can ensure that the
channel always stays with succeeding builds.
It's especially useful for the patched gitlab that is used for the
OpenLab website VM, because it is not a NixOS system. We can simply use
the generic channel over there and stay up-to-date with it without
getting broken builds.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Cc: @Profpatsch
|
|
|
|
|
|
| |
Forgot to do that in ea85dd3eaf0cbd19ddf22f41391d092a21147063.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
According to @Profpatsch the whole point of this dummy machine was that
the patched gitit version should be built on Hydra.
We don't need to have such workarounds, because we're already recursing
through all packages in the Vuizvui namespace whether meta.platforms
includes a system that we support on our Hydra.
This has been done with a4d6395 so "website-vm" is obsolete now.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Instead of setting meta.platforms, we're setting just "platforms" here,
because the cabal build expression passes it through as meta.platforms.
Note that I'm currently setting the platforms attribute to just
x86_64-linux for now, because that is the architecture the workaround
machine "website-vm" so far has been built for.
Of course, if we'd not set the platforms at all, it would include all
supported architectures by default.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Cc: @Profpatsch
|
|
|
|
|
|
|
|
| |
Otherwise, neither nix-env nor packagePlatforms will able to pick up the
nested derivations.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Cc: @Profpatsch
|
|
|
|
|
|
|
|
|
|
|
|
| |
We already have an "i3wm" test in upstream <nixpkgs> which is much more
thorough than the unfinished test I've made here.
The intention of this test however was to specifically test the Vuizvui
service module. Nevertheless, it's still just a dummy test and the
"i3wm" test works much better, so let's remove it until we have a more
complete implementation.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
|
|
|
|
|
|
|
| |
Since NixOS/nixpkgs@73f1f5e, we have to refer to imagemagick.out for the
binaries, because we otherwise end up with the .dev output.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
|
|
|
|
|
| |
Not sure if having this as a machine config is the way to go.
Comments, @aszlig?
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Just a small workaround for NixOS/nixpkgs#15498, because putting the
Vuizvui version of Tomahawk into systemPackages will propagate Qt 5.5
into the system path, which in turn causes KDE initalization to
dlopen() Qt 5.5 libraries while being linked against Qt 5.6 libraries.
We currently can't link Tomahawk against Qt 5.6, because it depends on
QtWebKit, so moving Tomahawk to Qt 5.6 is not an option yet until
QtWebEngine is packaged.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
|
|
|
|
|
|
|
|
| |
Since we have disabled allowUnfree, this is the only package that was
left on my machines and I really don't even use that firmware, so it's
safe to just remove it.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
|
|
|
|
|
|
|
|
|
| |
The only package which pretty much is a major nuisance is Skype here and
we really need to find a way to add it to the system without actually
building it. But for now, let's mark it explicitly as unfree and
non-distributable.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
|
|
|
|
|
|
|
|
|
|
|
| |
The CPU microcode is already excempted from it and unrar is unfree but
redistributable, so let's use our new unfreePkgs module attribute for
that.
Apart from that I haven't found anything else on my machines, but let's
see what happens after Hydra evaluates the jobset.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
|
|
|
|
|
|
|
|
|
| |
A more permanent fix for f50de454fd2f4c919195b1cc904b89343c243451.
At least we can now easily change the underlying implementation.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Cc: @Profpatsch
|
|
|
|
|
|
|
|
| |
The name "profiles" really doesn't match what these modules are for.
Instead they define the very core of Vuizvui and its internal plumbing
and those options are available/enabled to all machines and modules.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
This basically provides module arguments with different variations of
the pkgs arguments so that it's easier to allow specific unfree packages
selectively.
Note that I deliberately chose "unfreeAndNonDistributablePkgs", because
we really want to let those packages stand out. We want to avoid
building those packages on Hydra as much as possible.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
We want to have lib.vuizvui instead of polluting the <nixpkgs/lib>
namespace with our functions.
Apart from that the default.nix was broken because of 49dc58c, which
factored away the argument from <vuizvui/machines>.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
|
|
|
|
|
|
|
| |
The printer is a Canon PIXMA MX920 and it uses a proprietary protocol
for network printing :-(
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
|
|
|
|
|
|
|
|
| |
I found this quite annoying sometimes if the screen is so dark that you
can't see anything. Just switching to red is pretty much sufficient I'd
say, at least for me.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
|
|
|
|
|
|
|
|
|
| |
It's been a while since the last update, so let's change that.
I haven't tested whether the current version works, only tested building
against it and it built fine.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
|
|
|
|
|
|
|
|
|
|
|
| |
Right now we haven't packaged QtWebEngine for Qt 5.6, so we can't easily
switch towards using the qt5 attribute, which is Qt 5.6 already.
So we need to make sure that attica, extra-cmake-modules and qca are
using qt55 explicitly as well so we don't have any reference to Qt 5.6
anymore left (checked using nix-store -qR on the .drv).
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Having the default locale set to de_DE it feels pretty weird getting
output that sounds awkward (well, obviously because German IS awkward)
and I often have to pause for a minute to understand what the message
should actually mean.
The main user of the system is rarely working in the shell, but even
during those occasions it's difficult for me if I get something like
"There is an error message saying <some blurb in German>".
Also, having command line completion is a good idea as well.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
|