diff options
-rw-r--r-- | nixos/doc/manual/from_md/release-notes/rl-2111.section.xml | 7 | ||||
-rw-r--r-- | nixos/doc/manual/release-notes/rl-2111.section.md | 2 | ||||
-rw-r--r-- | nixos/modules/installer/cd-dvd/iso-image.nix | 6 | ||||
-rw-r--r-- | nixos/modules/installer/netboot/netboot.nix | 6 | ||||
-rw-r--r-- | nixos/modules/installer/tools/nix-fallback-paths.nix | 10 | ||||
-rw-r--r-- | nixos/modules/module-list.nix | 1 | ||||
-rw-r--r-- | nixos/modules/services/misc/mx-puppet-discord.nix | 120 | ||||
-rw-r--r-- | pkgs/os-specific/linux/jool/source.nix | 4 | ||||
-rw-r--r-- | pkgs/tools/misc/trash-cli/default.nix | 4 | ||||
-rw-r--r-- | pkgs/tools/networking/mu/default.nix | 4 | ||||
-rw-r--r-- | pkgs/tools/security/b3sum/default.nix | 6 | ||||
-rw-r--r-- | pkgs/tools/security/nmap-unfree/default.nix | 65 | ||||
-rw-r--r-- | pkgs/tools/security/nmap/default.nix | 4 | ||||
-rw-r--r-- | pkgs/tools/system/stress/default.nix | 5 | ||||
-rw-r--r-- | pkgs/tools/system/ts/default.nix | 6 | ||||
-rw-r--r-- | pkgs/tools/system/undaemonize/default.nix | 4 | ||||
-rw-r--r-- | pkgs/top-level/aliases.nix | 1 | ||||
-rw-r--r-- | pkgs/top-level/all-packages.nix | 2 |
18 files changed, 166 insertions, 91 deletions
diff --git a/nixos/doc/manual/from_md/release-notes/rl-2111.section.xml b/nixos/doc/manual/from_md/release-notes/rl-2111.section.xml index 5a7f52d338f..de2cd7bef6d 100644 --- a/nixos/doc/manual/from_md/release-notes/rl-2111.section.xml +++ b/nixos/doc/manual/from_md/release-notes/rl-2111.section.xml @@ -133,6 +133,13 @@ <link linkend="opt-services.prometheus.exporters.influxdb.enable">services.prometheus.exporters.influxdb</link>. </para> </listitem> + <listitem> + <para> + <link xlink:href="https://github.com/matrix-discord/mx-puppet-discord">mx-puppet-discord</link>, + a discord puppeting bridge for matrix. Available as + <link linkend="opt-services.mx-puppet-discord.enable">services.mx-puppet-discord</link>. + </para> + </listitem> </itemizedlist> </section> <section xml:id="sec-release-21.11-incompatibilities"> diff --git a/nixos/doc/manual/release-notes/rl-2111.section.md b/nixos/doc/manual/release-notes/rl-2111.section.md index 89a3e6398c6..1ce78a4d774 100644 --- a/nixos/doc/manual/release-notes/rl-2111.section.md +++ b/nixos/doc/manual/release-notes/rl-2111.section.md @@ -41,6 +41,8 @@ pt-services.clipcat.enable). - [influxdb-exporter](https://github.com/prometheus/influxdb_exporter) a Prometheus exporter that exports metrics received on an InfluxDB compatible endpoint is now available as [services.prometheus.exporters.influxdb](#opt-services.prometheus.exporters.influxdb.enable). +- [mx-puppet-discord](https://github.com/matrix-discord/mx-puppet-discord), a discord puppeting bridge for matrix. Available as [services.mx-puppet-discord](#opt-services.mx-puppet-discord.enable). + ## Backward Incompatibilities {#sec-release-21.11-incompatibilities} - The `staticjinja` package has been upgraded from 1.0.4 to 3.0.1 diff --git a/nixos/modules/installer/cd-dvd/iso-image.nix b/nixos/modules/installer/cd-dvd/iso-image.nix index d94af0b5bf7..f0384513247 100644 --- a/nixos/modules/installer/cd-dvd/iso-image.nix +++ b/nixos/modules/installer/cd-dvd/iso-image.nix @@ -654,7 +654,11 @@ in ]; fileSystems."/" = - { fsType = "tmpfs"; + # This module is often over-layed onto an existing host config + # that defines `/`. We use mkOverride 60 to override standard + # values, but at the same time leave room for mkForce values + # targeted at the image build. + { fsType = mkOverride 60 "tmpfs"; options = [ "mode=0755" ]; }; diff --git a/nixos/modules/installer/netboot/netboot.nix b/nixos/modules/installer/netboot/netboot.nix index 238ab6d0617..f7543fdf4a2 100644 --- a/nixos/modules/installer/netboot/netboot.nix +++ b/nixos/modules/installer/netboot/netboot.nix @@ -30,7 +30,11 @@ with lib; else [ pkgs.grub2 pkgs.syslinux ]); fileSystems."/" = - { fsType = "tmpfs"; + # This module is often over-layed onto an existing host config + # that defines `/`. We use mkOverride 60 to override standard + # values, but at the same time leave room for mkForce values + # targeted at the image build. + { fsType = mkOverride 60 "tmpfs"; options = [ "mode=0755" ]; }; diff --git a/nixos/modules/installer/tools/nix-fallback-paths.nix b/nixos/modules/installer/tools/nix-fallback-paths.nix index e3576074a5b..15c76287e34 100644 --- a/nixos/modules/installer/tools/nix-fallback-paths.nix +++ b/nixos/modules/installer/tools/nix-fallback-paths.nix @@ -1,7 +1,7 @@ { - x86_64-linux = "/nix/store/qsgz2hhn6mzlzp53a7pwf9z2pq3l5z6h-nix-2.3.14"; - i686-linux = "/nix/store/1yw40bj04lykisw2jilq06lir3k9ga4a-nix-2.3.14"; - aarch64-linux = "/nix/store/32yzwmynmjxfrkb6y6l55liaqdrgkj4a-nix-2.3.14"; - x86_64-darwin = "/nix/store/06j0vi2d13w4l0p3jsigq7lk4x6gkycj-nix-2.3.14"; - aarch64-darwin = "/nix/store/77wi7vpbrghw5rgws25w30bwb8yggnk9-nix-2.3.14"; + x86_64-linux = "/nix/store/jhbxh1jwjc3hjhzs9y2hifdn0rmnfwaj-nix-2.3.15"; + i686-linux = "/nix/store/9pspwnkdrgzma1l4xlv7arhwa56y16di-nix-2.3.15"; + aarch64-linux = "/nix/store/72aqi5g7f4fhgvgafbcqwcpqjgnczj48-nix-2.3.15"; + x86_64-darwin = "/nix/store/6p6qwp73dgfkqhynmxrzbx1lcfgfpqal-nix-2.3.15"; + aarch64-darwin = "/nix/store/dmq2vksdhssgfl822shd0ky3x5x0klh4-nix-2.3.15"; } diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix index 4d1700ed99a..0bd789b5911 100644 --- a/nixos/modules/module-list.nix +++ b/nixos/modules/module-list.nix @@ -529,6 +529,7 @@ ./services/misc/mediatomb.nix ./services/misc/metabase.nix ./services/misc/mwlib.nix + ./services/misc/mx-puppet-discord.nix ./services/misc/n8n.nix ./services/misc/nix-daemon.nix ./services/misc/nix-gc.nix diff --git a/nixos/modules/services/misc/mx-puppet-discord.nix b/nixos/modules/services/misc/mx-puppet-discord.nix new file mode 100644 index 00000000000..11116f7c348 --- /dev/null +++ b/nixos/modules/services/misc/mx-puppet-discord.nix @@ -0,0 +1,120 @@ +{ config, pkgs, lib, ... }: + +with lib; + +let + dataDir = "/var/lib/mx-puppet-discord"; + registrationFile = "${dataDir}/discord-registration.yaml"; + cfg = config.services.mx-puppet-discord; + settingsFormat = pkgs.formats.json {}; + settingsFile = settingsFormat.generate "mx-puppet-discord-config.json" cfg.settings; + +in { + options = { + services.mx-puppet-discord = { + enable = mkEnableOption '' + mx-puppet-discord is a discord puppeting bridge for matrix. + It handles bridging private and group DMs, as well as Guilds (servers) + ''; + + settings = mkOption rec { + apply = recursiveUpdate default; + inherit (settingsFormat) type; + default = { + bridge.port = 8434; + presence = { + enabled = true; + interval = 500; + }; + provisioning.whitelist = [ ]; + relay.whitelist = [ ]; + + # variables are preceded by a colon. + namePatterns = { + user = ":name"; + userOverride = ":displayname"; + room = ":name"; + group = ":name"; + }; + + #defaults to sqlite but can be configured to use postgresql with + #connstring + database.filename = "${dataDir}/mx-puppet-discord/database.db"; + logging = { + console = "info"; + lineDateFormat = "MMM-D HH:mm:ss.SSS"; + }; + }; + example = literalExample '' + { + bridge = { + bindAddress = "localhost"; + domain = "example.com"; + homeserverUrl = "https://example.com"; + }; + + provisioning.whitelist = [ "@admin:example.com" ]; + relay.whitelist = [ "@.*:example.com" ]; + } + ''; + description = '' + <filename>config.yaml</filename> configuration as a Nix attribute set. + Configuration options should match those described in + <link xlink:href="https://github.com/matrix-discord/mx-puppet-discord/blob/master/sample.config.yaml"> + sample.config.yaml</link>. + ''; + }; + serviceDependencies = mkOption { + type = with types; listOf str; + default = optional config.services.matrix-synapse.enable "matrix-synapse.service"; + description = '' + List of Systemd services to require and wait for when starting the application service. + ''; + }; + }; + }; + + config = mkIf cfg.enable { + systemd.services.mx-puppet-discord = { + description = '' + mx-puppet-discord is a discord puppeting bridge for matrix. + It handles bridging private and group DMs, as well as Guilds (servers). + ''; + + wantedBy = [ "multi-user.target" ]; + wants = [ "network-online.target" ] ++ cfg.serviceDependencies; + after = [ "network-online.target" ] ++ cfg.serviceDependencies; + + preStart = '' + # generate the appservice's registration file if absent + if [ ! -f '${registrationFile}' ]; then + ${pkgs.mx-puppet-discord}/bin/mx-puppet-discord -r -c ${settingsFile} \ + -f ${registrationFile} + fi + ''; + + serviceConfig = { + Type = "simple"; + Restart = "always"; + + ProtectSystem = "strict"; + ProtectHome = true; + ProtectKernelTunables = true; + ProtectKernelModules = true; + ProtectControlGroups = true; + + DynamicUser = true; + PrivateTmp = true; + WorkingDirectory = pkgs.mx-puppet-discord; + StateDirectory = baseNameOf dataDir; + UMask = 0027; + + ExecStart = '' + ${pkgs.mx-puppet-discord}/bin/mx-puppet-discord -c ${settingsFile} + ''; + }; + }; + }; + + meta.maintainers = with maintainers; [ govanify ]; +} diff --git a/pkgs/os-specific/linux/jool/source.nix b/pkgs/os-specific/linux/jool/source.nix index abf7b0dac45..a90482a58d3 100644 --- a/pkgs/os-specific/linux/jool/source.nix +++ b/pkgs/os-specific/linux/jool/source.nix @@ -1,11 +1,11 @@ { fetchFromGitHub }: rec { - version = "4.0.9"; + version = "4.1.5"; src = fetchFromGitHub { owner = "NICMx"; repo = "Jool"; rev = "v${version}"; - sha256 = "0zhdpk1sbsv1iyr9rvj94wk853684avz3zzn4cv2k4254d7n25m7"; + sha256 = "05dwz4q6v6azgpyj9dzwihnw1lalhhym116q2ya7spvgxzxi04ax"; }; } diff --git a/pkgs/tools/misc/trash-cli/default.nix b/pkgs/tools/misc/trash-cli/default.nix index 301f6163d76..5824e9cc495 100644 --- a/pkgs/tools/misc/trash-cli/default.nix +++ b/pkgs/tools/misc/trash-cli/default.nix @@ -2,13 +2,13 @@ python3Packages.buildPythonApplication rec { pname = "trash-cli"; - version = "0.21.7.23"; + version = "0.21.7.24"; src = fetchFromGitHub { owner = "andreafrancia"; repo = "trash-cli"; rev = version; - sha256 = "1kdkzs9mbyac8ndc6r0wa39z8d3fj8zglqp149id4j37aydxb10l"; + sha256 = "082mfl4mza4xkm3fdn5aka9rsbd8c149qj3cqqk62idrnszmgzg5"; }; propagatedBuildInputs = [ python3Packages.psutil ]; diff --git a/pkgs/tools/networking/mu/default.nix b/pkgs/tools/networking/mu/default.nix index 4553063929f..da7ef58f199 100644 --- a/pkgs/tools/networking/mu/default.nix +++ b/pkgs/tools/networking/mu/default.nix @@ -7,13 +7,13 @@ stdenv.mkDerivation rec { pname = "mu"; - version = "1.4.15"; + version = "1.6.0"; src = fetchFromGitHub { owner = "djcb"; repo = "mu"; rev = version; - sha256 = "sha256-VIUA0W+AmEbvGWatv4maBGILvUTGhBgO3iQtjIc3vG8="; + sha256 = "d2REyoSbznMhqV4PNntvg8uQmU66Bsi4OwH2Gj7gQ10="; }; postPatch = lib.optionalString (batchSize != null) '' diff --git a/pkgs/tools/security/b3sum/default.nix b/pkgs/tools/security/b3sum/default.nix index 1d9b2f66deb..9238ba06b1f 100644 --- a/pkgs/tools/security/b3sum/default.nix +++ b/pkgs/tools/security/b3sum/default.nix @@ -2,14 +2,14 @@ rustPlatform.buildRustPackage rec { pname = "b3sum"; - version = "0.3.8"; + version = "1.0.0"; src = fetchCrate { inherit version pname; - sha256 = "1a42kwbl886yymm3v7h6y957x5f4yi9j40jy4szg9k0iy8bsdfmh"; + sha256 = "sha256-eWsvCpMG3iWB2cYIKaaP6h9QwKQQrpFNliHTqBtdzVw="; }; - cargoSha256 = "0v7ric12agicppg5ax5q0vwbslw7kmxpinafvdjj5sc2ysinw1zm"; + cargoSha256 = "sha256-YglKiEz/D5+Dz6CIzWIpoc33bhMSdGTM4MP/uJCxe7E="; meta = { description = "BLAKE3 cryptographic hash function"; diff --git a/pkgs/tools/security/nmap-unfree/default.nix b/pkgs/tools/security/nmap-unfree/default.nix deleted file mode 100644 index 1e6ed42bae4..00000000000 --- a/pkgs/tools/security/nmap-unfree/default.nix +++ /dev/null @@ -1,65 +0,0 @@ -{ lib -, stdenv -, fetchurl -, libpcap -, pkg-config -, openssl -, lua5_3 -, pcre -, liblinear -, libssh2 -, zlib -, withLua ? true -}: - -stdenv.mkDerivation rec { - pname = "nmap-unfree"; - version = "7.91"; - - src = fetchurl { - url = "https://nmap.org/dist/nmap-${version}.tar.bz2"; - sha256 = "001kb5xadqswyw966k2lqi6jr6zz605jpp9w4kmm272if184pk0q"; - }; - - prePatch = lib.optionalString stdenv.isDarwin '' - substituteInPlace libz/configure \ - --replace /usr/bin/libtool ar \ - --replace 'AR="libtool"' 'AR="ar"' \ - --replace 'ARFLAGS="-o"' 'ARFLAGS="-r"' - ''; - - configureFlags = [ - (if withLua then "--with-liblua=${lua5_3}" else "--without-liblua") - ]; - - makeFlags = lib.optionals (stdenv.buildPlatform != stdenv.hostPlatform) [ - "AR=${stdenv.cc.bintools.targetPrefix}ar" - "RANLIB=${stdenv.cc.bintools.targetPrefix}ranlib" - "CC=${stdenv.cc.targetPrefix}gcc" - ]; - - nativeBuildInputs = [ pkg-config ]; - - buildInputs = [ - pcre - liblinear - libssh2 - libpcap - openssl - zlib - ]; - - enableParallelBuilding = true; - - # Tests require network access - doCheck = false; - - meta = with lib; { - description = "Open source utility for network discovery and security auditing"; - homepage = "http://www.nmap.org"; - # Nmap Public Source License Version 0.93 - # https://github.com/nmap/nmap/blob/master/LICENSE - license = licenses.unfree; - maintainers = with maintainers; [ fab SuperSandro2000 ]; - }; -} diff --git a/pkgs/tools/security/nmap/default.nix b/pkgs/tools/security/nmap/default.nix index 531eb6eae4a..a6d2ab14362 100644 --- a/pkgs/tools/security/nmap/default.nix +++ b/pkgs/tools/security/nmap/default.nix @@ -12,11 +12,11 @@ with lib; stdenv.mkDerivation rec { name = "nmap${optionalString graphicalSupport "-graphical"}-${version}"; - version = "7.80"; + version = "7.91"; src = fetchurl { url = "https://nmap.org/dist/nmap-${version}.tar.bz2"; - sha256 = "1aizfys6l9f9grm82bk878w56mg0zpkfns3spzj157h98875mypw"; + sha256 = "001kb5xadqswyw966k2lqi6jr6zz605jpp9w4kmm272if184pk0q"; }; patches = [ ./zenmap.patch ] diff --git a/pkgs/tools/system/stress/default.nix b/pkgs/tools/system/stress/default.nix index 33fbd15c5e6..10aa285085f 100644 --- a/pkgs/tools/system/stress/default.nix +++ b/pkgs/tools/system/stress/default.nix @@ -1,10 +1,11 @@ { lib, stdenv, fetchurl }: stdenv.mkDerivation rec { - name = "stress-1.0.4"; + pname = "stress"; + version = "1.0.4"; src = fetchurl { - url = "https://people.seas.harvard.edu/~apw/stress/${name}.tar.gz"; + url = "https://people.seas.harvard.edu/~apw/stress/stress-${version}.tar.gz"; sha256 = "0nw210jajk38m3y7h8s130ps2qsbz7j75wab07hi2r3hlz14yzh5"; }; diff --git a/pkgs/tools/system/ts/default.nix b/pkgs/tools/system/ts/default.nix index b954b1adc01..df19955b607 100644 --- a/pkgs/tools/system/ts/default.nix +++ b/pkgs/tools/system/ts/default.nix @@ -3,8 +3,8 @@ }: stdenv.mkDerivation rec { - - name = "ts-1.0"; + pname = "ts"; + version = "1.0"; installPhase=''make install "PREFIX=$out"''; @@ -13,7 +13,7 @@ stdenv.mkDerivation rec { ''; src = fetchurl { - url = "http://viric.name/~viric/soft/ts/${name}.tar.gz"; + url = "https://viric.name/~viric/soft/ts/ts-${version}.tar.gz"; sha256 = "15dkzczx10fhl0zs9bmcgkxfbwq2znc7bpscljm4rchbzx7y6lsg"; }; diff --git a/pkgs/tools/system/undaemonize/default.nix b/pkgs/tools/system/undaemonize/default.nix index 45e7a8d6d62..50ae366d10b 100644 --- a/pkgs/tools/system/undaemonize/default.nix +++ b/pkgs/tools/system/undaemonize/default.nix @@ -1,7 +1,9 @@ { lib, stdenv, fetchFromGitHub }: stdenv.mkDerivation { - name = "undaemonize-2017-07-11"; + pname = "undaemonize"; + version = "unstable-2017-07-11"; + src = fetchFromGitHub { repo = "undaemonize"; owner = "nickstenning"; diff --git a/pkgs/top-level/aliases.nix b/pkgs/top-level/aliases.nix index a148788c35b..88d289a8379 100644 --- a/pkgs/top-level/aliases.nix +++ b/pkgs/top-level/aliases.nix @@ -526,6 +526,7 @@ mapAliases ({ nix-review = nixpkgs-review; # added 2019-12-22 nixFlakes = nixUnstable; # added 2021-05-21 nmap_graphical = nmap-graphical; # added 2017-01-19 + nmap-unfree = nmap; # added 2021-04-06 nologin = shadow; # added 2018-04-25 nordic-polar = throw "nordic-polar was removed on 2021-05-27, now integrated in nordic"; # added 2021-05-27 nxproxy = nx-libs; # added 2019-02-15 diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index e78e27a41eb..a4b8dbf0af0 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -7495,8 +7495,6 @@ in graphicalSupport = true; }; - nmap-unfree = callPackage ../tools/security/nmap-unfree { }; - nmapsi4 = libsForQt514.callPackage ../tools/security/nmap/qt.nix { }; nnn = callPackage ../applications/misc/nnn { }; |