diff options
129 files changed, 3203 insertions, 2287 deletions
diff --git a/doc/functions.xml b/doc/functions.xml index 3b60f46d81d..96bd95958ea 100644 --- a/doc/functions.xml +++ b/doc/functions.xml @@ -20,4 +20,5 @@ <xi:include href="functions/appimagetools.xml" /> <xi:include href="functions/prefer-remote-fetch.xml" /> <xi:include href="functions/nix-gitignore.xml" /> + <xi:include href="functions/ocitools.xml" /> </chapter> diff --git a/doc/functions/ocitools.xml b/doc/functions/ocitools.xml new file mode 100644 index 00000000000..4500c41a34a --- /dev/null +++ b/doc/functions/ocitools.xml @@ -0,0 +1,76 @@ +<section xmlns="http://docbook.org/ns/docbook" + xmlns:xlink="http://www.w3.org/1999/xlink" + xmlns:xi="http://www.w3.org/2001/XInclude" + xml:id="sec-pkgs-ociTools"> + <title>pkgs.ociTools</title> + + <para> + <varname>pkgs.ociTools</varname> is a set of functions for creating + containers according to the + <link xlink:href="https://github.com/opencontainers/runtime-spec">OCI + container specification v1.0.0</link>. Beyond that it makes no assumptions + about the container runner you choose to use to run the created container. + </para> + + <section xml:id="ssec-pkgs-ociTools-buildContainer"> + <title>buildContainer</title> + + <para> + This function creates a simple OCI container that runs a single command + inside of it. An OCI container consists of a <varname>config.json</varname> + and a rootfs directory.The nix store of the container will contain all + referenced dependencies of the given command. + </para> + + <para> + The parameters of <varname>buildContainer</varname> with an example value + are described below: + </para> + + <example xml:id='ex-ociTools-buildContainer'> + <title>Build Container</title> +<programlisting> +buildContainer { + cmd = with pkgs; writeScript "run.sh" '' + #!${bash}/bin/bash + ${coreutils}/bin/exec ${bash}/bin/bash + ''; <co xml:id='ex-ociTools-buildContainer-1' /> + + mounts = { + "/data" = { + type = "none"; + source = "/var/lib/mydata"; + options = [ "bind" ]; + }; + };<co xml:id='ex-ociTools-buildContainer-2' /> + + readonly = false; <co xml:id='ex-ociTools-buildContainer-3' /> +} + + </programlisting> + <calloutlist> + <callout arearefs='ex-ociTools-buildContainer-1'> + <para> + <varname>cmd</varname> specifies the program to run inside the container. + This is the only required argument for <varname>buildContainer</varname>. + All referenced packages inside the derivation will be made available + inside the container + </para> + </callout> + <callout arearefs='ex-ociTools-buildContainer-2'> + <para> + <varname>mounts</varname> specifies additional mount points chosen by the + user. By default only a minimal set of necessary filesystems are mounted + into the container (e.g procfs, cgroupfs) + </para> + </callout> + <callout arearefs='ex-ociTools-buildContainer-3'> + <para> + <varname>readonly</varname> makes the container's rootfs read-only if it is set to true. + The default value is false <literal>false</literal>. + </para> + </callout> + </calloutlist> + </example> + </section> +</section> diff --git a/doc/stdenv.xml b/doc/stdenv.xml index fe592965656..15a13ba49e8 100644 --- a/doc/stdenv.xml +++ b/doc/stdenv.xml @@ -2716,6 +2716,49 @@ nativeBuildInputs = [ breakpointHook ]; </varlistentry> <varlistentry> <term> + installShellFiles + </term> + <listitem> + <para> + This hook helps with installing manpages and shell completion files. It + exposes 2 shell functions <literal>installManPage</literal> and + <literal>installShellCompletion</literal> that can be used from your + <literal>postInstall</literal> hook. + </para> + <para> + The <literal>installManPage</literal> function takes one or more paths + to manpages to install. The manpages must have a section suffix, and may + optionally be compressed (with <literal>.gz</literal> suffix). This + function will place them into the correct directory. + </para> + <para> + The <literal>installShellCompletion</literal> function takes one or more + paths to shell completion files. By default it will autodetect the shell + type from the completion file extension, but you may also specify it by + passing one of <literal>--bash</literal>, <literal>--fish</literal>, or + <literal>--zsh</literal>. These flags apply to all paths listed after + them (up until another shell flag is given). Each path may also have a + custom installation name provided by providing a flag <literal>--name + NAME</literal> before the path. If this flag is not provided, zsh + completions will be renamed automatically such that + <literal>foobar.zsh</literal> becomes <literal>_foobar</literal>. +<programlisting> +nativeBuildInputs = [ installShellFiles ]; +postInstall = '' + installManPage doc/foobar.1 doc/barfoo.3 + # explicit behavior + installShellCompletion --bash --name foobar.bash share/completions.bash + installShellCompletion --fish --name foobar.fish share/completions.fish + installShellCompletion --zsh --name _foobar share/completions.zsh + # implicit behavior + installShellCompletion share/completions/foobar.{bash,fish,zsh} +''; +</programlisting> + </para> + </listitem> + </varlistentry> + <varlistentry> + <term> libiconv, libintl </term> <listitem> diff --git a/nixos/doc/manual/release-notes/rl-1909.xml b/nixos/doc/manual/release-notes/rl-1909.xml index c0b7cc48a46..ff1bd628ad2 100644 --- a/nixos/doc/manual/release-notes/rl-1909.xml +++ b/nixos/doc/manual/release-notes/rl-1909.xml @@ -422,6 +422,12 @@ It was not useful except for debugging purposes and was confusingly set as default in some circumstances. </para> </listitem> + <listitem> + <para> + The WeeChat plugin <literal>pkgs.weechatScripts.weechat-xmpp</literal> has been removed as it doesn't receive + any updates from upstream and depends on outdated Python2-based modules. + </para> + </listitem> </itemizedlist> </section> @@ -710,6 +716,22 @@ <literal>nix-shell -p altcoins.dogecoin</literal>, etc. </para> </listitem> + <listitem> + <para> + Ceph has been upgraded to v14.2.1. + See the <link xlink:href="https://ceph.com/releases/v14-2-0-nautilus-released/">release notes</link> for details. + The mgr dashboard as well as osds backed by loop-devices is no longer explicitly supported by the package and module. + Note: There's been some issues with python-cherrypy, which is used by the dashboard + and prometheus mgr modules (and possibly others), hence 0000-dont-check-cherrypy-version.patch. + </para> + </listitem> + <listitem> + <para> + <literal>pkgs.weechat</literal> is now compiled against <literal>pkgs.python3</literal>. + Weechat also recommends <link xlink:href="https://weechat.org/scripts/python3/">to use Python3 + in their docs.</link> + </para> + </listitem> </itemizedlist> </section> </section> diff --git a/nixos/maintainers/scripts/ec2/amazon-image.nix b/nixos/maintainers/scripts/ec2/amazon-image.nix index 88d95e67544..31e15537179 100644 --- a/nixos/maintainers/scripts/ec2/amazon-image.nix +++ b/nixos/maintainers/scripts/ec2/amazon-image.nix @@ -17,7 +17,7 @@ in { name = mkOption { type = types.str; description = "The name of the generated derivation"; - default = "nixos-disk-image"; + default = "nixos-amazon-image-${config.system.nixos.label}-${pkgs.stdenv.hostPlatform.system}"; }; contents = mkOption { @@ -42,7 +42,7 @@ in { format = mkOption { type = types.enum [ "raw" "qcow2" "vpc" ]; - default = "qcow2"; + default = "vpc"; description = "The image format to output"; }; }; @@ -51,7 +51,9 @@ in { inherit lib config; inherit (cfg) contents format name; pkgs = import ../../../.. { inherit (pkgs) system; }; # ensure we use the regular qemu-kvm package - partitionTableType = if config.ec2.hvm then "legacy" else "none"; + partitionTableType = if config.ec2.efi then "efi" + else if config.ec2.hvm then "legacy" + else "none"; diskSize = cfg.sizeMB; fsType = "ext4"; configFile = pkgs.writeText "configuration.nix" @@ -61,7 +63,27 @@ in { ${optionalString config.ec2.hvm '' ec2.hvm = true; ''} + ${optionalString config.ec2.efi '' + ec2.efi = true; + ''} } ''; + postVM = '' + extension=''${diskImage##*.} + friendlyName=$out/${cfg.name}.$extension + mv "$diskImage" "$friendlyName" + diskImage=$friendlyName + + mkdir -p $out/nix-support + echo "file ${cfg.format} $diskImage" >> $out/nix-support/hydra-build-products + + ${pkgs.jq}/bin/jq -n \ + --arg label ${lib.escapeShellArg config.system.nixos.label} \ + --arg system ${lib.escapeShellArg pkgs.stdenv.hostPlatform.system} \ + --arg logical_bytes "$(${pkgs.qemu}/bin/qemu-img info --output json "$diskImage" | ${pkgs.jq}/bin/jq '."virtual-size"')" \ + --arg file "$diskImage" \ + '$ARGS.named' \ + > $out/nix-support/image-info.json + ''; }; } diff --git a/nixos/maintainers/scripts/ec2/create-amis.sh b/nixos/maintainers/scripts/ec2/create-amis.sh index 790cc6cbc53..c4149e3e8ff 100755 --- a/nixos/maintainers/scripts/ec2/create-amis.sh +++ b/nixos/maintainers/scripts/ec2/create-amis.sh @@ -1,279 +1,296 @@ #!/usr/bin/env nix-shell -#! nix-shell -i bash -p qemu ec2_ami_tools jq ec2_api_tools awscli +#!nix-shell -p awscli -p jq -p qemu -i bash + +# Uploads and registers NixOS images built from the +# <nixos/release.nix> amazonImage attribute. Images are uploaded and +# registered via a home region, and then copied to other regions. + +# The home region requires an s3 bucket, and a "vmimport" IAM role +# with access to the S3 bucket. Configuration of the vmimport role is +# documented in +# https://docs.aws.amazon.com/vm-import/latest/userguide/vmimport-image-import.html + +# set -x +set -euo pipefail + +# configuration +state_dir=/home/deploy/amis/ec2-images +home_region=eu-west-1 +bucket=nixos-amis + +regions=(eu-west-1 eu-west-2 eu-west-3 eu-central-1 + us-east-1 us-east-2 us-west-1 us-west-2 + ca-central-1 + ap-southeast-1 ap-southeast-2 ap-northeast-1 ap-northeast-2 + ap-south-1 ap-east-1 + sa-east-1) + +log() { + echo "$@" >&2 +} + +if [ -z "$1" ]; then + log "Usage: ./upload-amazon-image.sh IMAGE_OUTPUT" + exit 1 +fi + +# result of the amazon-image from nixos/release.nix +store_path=$1 + +if [ ! -e "$store_path" ]; then + log "Store path: $store_path does not exist, fetching..." + nix-store --realise "$store_path" +fi + +if [ ! -d "$store_path" ]; then + log "store_path: $store_path is not a directory. aborting" + exit 1 +fi + +read_image_info() { + if [ ! -e "$store_path/nix-support/image-info.json" ]; then + log "Image missing metadata" + exit 1 + fi + jq -r "$1" "$store_path/nix-support/image-info.json" +} + +# We handle a single image per invocation, store all attributes in +# globals for convenience. +image_label=$(read_image_info .label) +image_system=$(read_image_info .system) +image_file=$(read_image_info .file) +image_logical_bytes=$(read_image_info .logical_bytes) + +# Derived attributes + +image_logical_gigabytes=$((($image_logical_bytes-1)/1024/1024/1024+1)) # Round to the next GB + +case "$image_system" in + aarch64-linux) + amazon_arch=arm64 + ;; + x86_64-linux) + amazon_arch=x86_64 + ;; + *) + log "Unknown system: $image_system" + exit 1 +esac + +image_name="NixOS-${image_label}-${image_system}" +image_description="NixOS ${image_label} ${image_system}" + +log "Image Details:" +log " Name: $image_name" +log " Description: $image_description" +log " Size (gigabytes): $image_logical_gigabytes" +log " System: $image_system" +log " Amazon Arch: $amazon_arch" + +read_state() { + local state_key=$1 + local type=$2 + + cat "$state_dir/$state_key.$type" 2>/dev/null || true +} + +write_state() { + local state_key=$1 + local type=$2 + local val=$3 + + mkdir -p $state_dir + echo "$val" > "$state_dir/$state_key.$type" +} + +wait_for_import() { + local region=$1 + local task_id=$2 + local state snapshot_id + log "Waiting for import task $task_id to be completed" + while true; do + read state progress snapshot_id < <( + aws ec2 describe-import-snapshot-tasks --region $region --import-task-ids "$task_id" | \ + jq -r '.ImportSnapshotTasks[].SnapshotTaskDetail | "\(.Status) \(.Progress) \(.SnapshotId)"' + ) + log " ... state=$state progress=$progress snapshot_id=$snapshot_id" + case "$state" in + active) + sleep 10 + ;; + completed) + echo "$snapshot_id" + return + ;; + *) + log "Unexpected snapshot import state: '${state}'" + exit 1 + ;; + esac + done +} + +wait_for_image() { + local region=$1 + local ami_id=$2 + local state + log "Waiting for image $ami_id to be available" + + while true; do + read state < <( + aws ec2 describe-images --image-ids "$ami_id" --region $region | \ + jq -r ".Images[].State" + ) + log " ... state=$state" + case "$state" in + pending) + sleep 10 + ;; + available) + return + ;; + *) + log "Unexpected AMI state: '${state}'" + exit 1 + ;; + esac + done +} + + +make_image_public() { + local region=$1 + local ami_id=$2 -# To start with do: nix-shell -p awscli --run "aws configure" + wait_for_image $region "$ami_id" -set -e -set -o pipefail + log "Making image $ami_id public" -version=$(nix-instantiate --eval --strict '<nixpkgs>' -A lib.version | sed s/'"'//g) -major=${version:0:5} -echo "NixOS version is $version ($major)" + aws ec2 modify-image-attribute \ + --image-id "$ami_id" --region "$region" --launch-permission 'Add={Group=all}' >&2 +} -stateDir=/home/deploy/amis/ec2-image-$version -echo "keeping state in $stateDir" -mkdir -p $stateDir +upload_image() { + local region=$1 -rm -f ec2-amis.nix + local aws_path=${image_file#/} -types="hvm" -stores="ebs" -regions="eu-west-1 eu-west-2 eu-west-3 eu-central-1 us-east-1 us-east-2 us-west-1 us-west-2 ca-central-1 ap-southeast-1 ap-southeast-2 ap-northeast-1 ap-northeast-2 sa-east-1 ap-south-1" + local state_key="$region.$image_label.$image_system" + local task_id=$(read_state "$state_key" task_id) + local snapshot_id=$(read_state "$state_key" snapshot_id) + local ami_id=$(read_state "$state_key" ami_id) -for type in $types; do - link=$stateDir/$type - imageFile=$link/nixos.qcow2 - system=x86_64-linux - arch=x86_64 + if [ -z "$task_id" ]; then + log "Checking for image on S3" + if ! aws s3 ls --region "$region" "s3://${bucket}/${aws_path}" >&2; then + log "Image missing from aws, uploading" + aws s3 cp --region $region "$image_file" "s3://${bucket}/${aws_path}" >&2 + fi - # Build the image. - if ! [ -L $link ]; then - if [ $type = pv ]; then hvmFlag=false; else hvmFlag=true; fi + log "Importing image from S3 path s3://$bucket/$aws_path" - echo "building image type '$type'..." - nix-build -o $link \ - '<nixpkgs/nixos>' \ - -A config.system.build.amazonImage \ - --arg configuration "{ imports = [ <nixpkgs/nixos/maintainers/scripts/ec2/amazon-image.nix> ]; ec2.hvm = $hvmFlag; }" + task_id=$(aws ec2 import-snapshot --disk-container "{ + \"Description\": \"nixos-image-${image_label}-${image_system}\", + \"Format\": \"vhd\", + \"UserBucket\": { + \"S3Bucket\": \"$bucket\", + \"S3Key\": \"$aws_path\" + } + }" --region $region | jq -r '.ImportTaskId') + + write_state "$state_key" task_id "$task_id" fi - for store in $stores; do - - bucket=nixos-amis - bucketDir="$version-$type-$store" - - prevAmi= - prevRegion= - - for region in $regions; do - - name=nixos-$version-$arch-$type-$store - description="NixOS $system $version ($type-$store)" - - amiFile=$stateDir/$region.$type.$store.ami-id - - if ! [ -e $amiFile ]; then - - echo "doing $name in $region..." - - if [ -n "$prevAmi" ]; then - ami=$(aws ec2 copy-image \ - --region "$region" \ - --source-region "$prevRegion" --source-image-id "$prevAmi" \ - --name "$name" --description "$description" | jq -r '.ImageId') - if [ "$ami" = null ]; then break; fi - else - - if [ $store = s3 ]; then - - # Bundle the image. - imageDir=$stateDir/$type-bundled - - # Convert the image to raw format. - rawFile=$stateDir/$type.raw - if ! [ -e $rawFile ]; then - qemu-img convert -f qcow2 -O raw $imageFile $rawFile.tmp - mv $rawFile.tmp $rawFile - fi - - if ! [ -d $imageDir ]; then - rm -rf $imageDir.tmp - mkdir -p $imageDir.tmp - ec2-bundle-image \ - -d $imageDir.tmp \ - -i $rawFile --arch $arch \ - --user "$AWS_ACCOUNT" -c "$EC2_CERT" -k "$EC2_PRIVATE_KEY" - mv $imageDir.tmp $imageDir - fi - - # Upload the bundle to S3. - if ! [ -e $imageDir/uploaded ]; then - echo "uploading bundle to S3..." - ec2-upload-bundle \ - -m $imageDir/$type.raw.manifest.xml \ - -b "$bucket/$bucketDir" \ - -a "$AWS_ACCESS_KEY_ID" -s "$AWS_SECRET_ACCESS_KEY" \ - --location EU - touch $imageDir/uploaded - fi - - extraFlags="--image-location $bucket/$bucketDir/$type.raw.manifest.xml" - - else - - # Convert the image to vhd format so we don't have - # to upload a huge raw image. - vhdFile=$stateDir/$type.vhd - if ! [ -e $vhdFile ]; then - qemu-img convert -f qcow2 -O vpc $imageFile $vhdFile.tmp - mv $vhdFile.tmp $vhdFile - fi - - vhdFileLogicalBytes="$(qemu-img info "$vhdFile" | grep ^virtual\ size: | cut -f 2 -d \( | cut -f 1 -d \ )" - vhdFileLogicalGigaBytes=$(((vhdFileLogicalBytes-1)/1024/1024/1024+1)) # Round to the next GB - - echo "Disk size is $vhdFileLogicalBytes bytes. Will be registered as $vhdFileLogicalGigaBytes GB." - - taskId=$(cat $stateDir/$region.$type.task-id 2> /dev/null || true) - volId=$(cat $stateDir/$region.$type.vol-id 2> /dev/null || true) - snapId=$(cat $stateDir/$region.$type.snap-id 2> /dev/null || true) - - # Import the VHD file. - if [ -z "$snapId" -a -z "$volId" -a -z "$taskId" ]; then - echo "importing $vhdFile..." - taskId=$(ec2-import-volume $vhdFile --no-upload -f vhd \ - -O "$AWS_ACCESS_KEY_ID" -W "$AWS_SECRET_ACCESS_KEY" \ - -o "$AWS_ACCESS_KEY_ID" -w "$AWS_SECRET_ACCESS_KEY" \ - --region "$region" -z "${region}a" \ - --bucket "$bucket" --prefix "$bucketDir/" \ - | tee /dev/stderr \ - | sed 's/.*\(import-vol-[0-9a-z]\+\).*/\1/ ; t ; d') - echo -n "$taskId" > $stateDir/$region.$type.task-id - fi - - if [ -z "$snapId" -a -z "$volId" ]; then - ec2-resume-import $vhdFile -t "$taskId" --region "$region" \ - -O "$AWS_ACCESS_KEY_ID" -W "$AWS_SECRET_ACCESS_KEY" \ - -o "$AWS_ACCESS_KEY_ID" -w "$AWS_SECRET_ACCESS_KEY" - fi - - # Wait for the volume creation to finish. - if [ -z "$snapId" -a -z "$volId" ]; then - echo "waiting for import to finish..." - while true; do - volId=$(aws ec2 describe-conversion-tasks --conversion-task-ids "$taskId" --region "$region" | jq -r .ConversionTasks[0].ImportVolume.Volume.Id) - if [ "$volId" != null ]; then break; fi - sleep 10 - done - - echo -n "$volId" > $stateDir/$region.$type.vol-id - fi - - # Delete the import task. - if [ -n "$volId" -a -n "$taskId" ]; then - echo "removing import task..." - ec2-delete-disk-image -t "$taskId" --region "$region" \ - -O "$AWS_ACCESS_KEY_ID" -W "$AWS_SECRET_ACCESS_KEY" \ - -o "$AWS_ACCESS_KEY_ID" -w "$AWS_SECRET_ACCESS_KEY" || true - rm -f $stateDir/$region.$type.task-id - fi - - # Create a snapshot. - if [ -z "$snapId" ]; then - echo "creating snapshot..." - # FIXME: this can fail with InvalidVolume.NotFound. Eventual consistency yay. - snapId=$(aws ec2 create-snapshot --volume-id "$volId" --region "$region" --description "$description" | jq -r .SnapshotId) - if [ "$snapId" = null ]; then exit 1; fi - echo -n "$snapId" > $stateDir/$region.$type.snap-id - fi - - # Wait for the snapshot to finish. - echo "waiting for snapshot to finish..." - while true; do - status=$(aws ec2 describe-snapshots --snapshot-ids "$snapId" --region "$region" | jq -r .Snapshots[0].State) - if [ "$status" = completed ]; then break; fi - sleep 10 - done - - # Delete the volume. - if [ -n "$volId" ]; then - echo "deleting volume..." - aws ec2 delete-volume --volume-id "$volId" --region "$region" || true - rm -f $stateDir/$region.$type.vol-id - fi - - blockDeviceMappings="DeviceName=/dev/sda1,Ebs={SnapshotId=$snapId,VolumeSize=$vhdFileLogicalGigaBytes,DeleteOnTermination=true,VolumeType=gp2}" - extraFlags="" - - if [ $type = pv ]; then - extraFlags+=" --root-device-name /dev/sda1" - else - extraFlags+=" --root-device-name /dev/sda1" - extraFlags+=" --sriov-net-support simple" - extraFlags+=" --ena-support" - fi - - blockDeviceMappings+=" DeviceName=/dev/sdb,VirtualName=ephemeral0" - blockDeviceMappings+=" DeviceName=/dev/sdc,VirtualName=ephemeral1" - blockDeviceMappings+=" DeviceName=/dev/sdd,VirtualName=ephemeral2" - blockDeviceMappings+=" DeviceName=/dev/sde,VirtualName=ephemeral3" - fi - - if [ $type = hvm ]; then - extraFlags+=" --sriov-net-support simple" - extraFlags+=" --ena-support" - fi - - # Register the AMI. - if [ $type = pv ]; then - kernel=$(aws ec2 describe-images --owner amazon --filters "Name=name,Values=pv-grub-hd0_1.05-$arch.gz" | jq -r .Images[0].ImageId) - if [ "$kernel" = null ]; then break; fi - echo "using PV-GRUB kernel $kernel" - extraFlags+=" --virtualization-type paravirtual --kernel $kernel" - else - extraFlags+=" --virtualization-type hvm" - fi - - ami=$(aws ec2 register-image \ - --name "$name" \ - --description "$description" \ - --region "$region" \ - --architecture "$arch" \ - --block-device-mappings $blockDeviceMappings \ - $extraFlags | jq -r .ImageId) - if [ "$ami" = null ]; then break; fi - fi - - echo -n "$ami" > $amiFile - echo "created AMI $ami of type '$type' in $region..." - - else - ami=$(cat $amiFile) - fi - - echo "region = $region, type = $type, store = $store, ami = $ami" - - if [ -z "$prevAmi" ]; then - prevAmi="$ami" - prevRegion="$region" - fi - done + if [ -z "$snapshot_id" ]; then + snapshot_id=$(wait_for_import "$region" "$task_id") + write_state "$state_key" snapshot_id "$snapshot_id" + fi - done + if [ -z "$ami_id" ]; then + log "Registering snapshot $snapshot_id as AMI" + + local block_device_mappings=( + "DeviceName=/dev/sda1,Ebs={SnapshotId=$snapshot_id,VolumeSize=$image_logical_gigabytes,DeleteOnTermination=true,VolumeType=gp2}" + ) + + local extra_flags=( + --root-device-name /dev/sda1 + --sriov-net-support simple + --ena-support + --virtualization-type hvm + ) + + block_device_mappings+=(DeviceName=/dev/sdb,VirtualName=ephemeral0) + block_device_mappings+=(DeviceName=/dev/sdc,VirtualName=ephemeral1) + block_device_mappings+=(DeviceName=/dev/sdd,VirtualName=ephemeral2) + block_device_mappings+=(DeviceName=/dev/sde,VirtualName=ephemeral3) + + ami_id=$( + aws ec2 register-image \ + --name "$image_name" \ + --description "$image_description" \ + --region $region \ + --architecture $amazon_arch \ + --block-device-mappings "${block_device_mappings[@]}" \ + "${extra_flags[@]}" \ + | jq -r '.ImageId' + ) + + write_state "$state_key" ami_id "$ami_id" + fi -done + make_image_public $region "$ami_id" -for type in $types; do - link=$stateDir/$type - system=x86_64-linux - arch=x86_64 + echo "$ami_id" +} - for store in $stores; do +copy_to_region() { + local region=$1 + local from_region=$2 + local from_ami_id=$3 - for region in $regions; do + state_key="$region.$image_label.$image_system" + ami_id=$(read_state "$state_key" ami_id) - name=nixos-$version-$arch-$type-$store - amiFile=$stateDir/$region.$type.$store.ami-id - ami=$(cat $amiFile) + if [ -z "$ami_id" ]; then + log "Copying $from_ami_id to $region" + ami_id=$( + aws ec2 copy-image \ + --region "$region" \ + --source-region "$from_region" \ + --source-image-id "$from_ami_id" \ + --name "$image_name" \ + --description "$image_description" \ + | jq -r '.ImageId' + ) - echo "region = $region, type = $type, store = $store, ami = $ami" + write_state "$state_key" ami_id "$ami_id" + fi - echo -n "waiting for AMI..." - while true; do - status=$(aws ec2 describe-images --image-ids "$ami" --region "$region" | jq -r .Images[0].State) - if [ "$status" = available ]; then break; fi - sleep 10 - echo -n '.' - done - echo + make_image_public $region "$ami_id" + + echo "$ami_id" +} - # Make the image public. - aws ec2 modify-image-attribute \ - --image-id "$ami" --region "$region" --launch-permission 'Add={Group=all}' +upload_all() { + home_image_id=$(upload_image "$home_region") + jq -n \ + --arg key "$home_region.$image_system" \ + --arg value "$home_image_id" \ + '$ARGS.named' - echo " \"$major\".$region.$type-$store = \"$ami\";" >> ec2-amis.nix - done + for region in "${regions[@]}"; do + if [ "$region" = "$home_region" ]; then + continue + fi + copied_image_id=$(copy_to_region "$region" "$home_region" "$home_image_id") + jq -n \ + --arg key "$region.$image_system" \ + --arg value "$copied_image_id" \ + '$ARGS.named' done +} -done +upload_all | jq --slurp from_entries diff --git a/nixos/modules/installer/tools/nix-fallback-paths.nix b/nixos/modules/installer/tools/nix-fallback-paths.nix index b9ab2053c41..2673887d2b9 100644 --- a/nixos/modules/installer/tools/nix-fallback-paths.nix +++ b/nixos/modules/installer/tools/nix-fallback-paths.nix @@ -1,6 +1,6 @@ { - x86_64-linux = "/nix/store/hbhdjn5ik3byg642d1m11k3k3s0kn3py-nix-2.2.2"; - i686-linux = "/nix/store/fz5cikwvj3n0a6zl44h6l2z3cin64mda-nix-2.2.2"; - aarch64-linux = "/nix/store/2gba4cyl4wvxzfbhmli90jy4n5aj0kjj-nix-2.2.2"; - x86_64-darwin = "/nix/store/87i4fp46jfw9yl8c7i9gx75m5yph7irl-nix-2.2.2"; + x86_64-linux = "/nix/store/3ds3cgji9vjxdbgp10av6smyym1126d1-nix-2.3"; + i686-linux = "/nix/store/ln1ndqvfpc9cdl03vqxi6kvlxm9wfv9g-nix-2.3"; + aarch64-linux = "/nix/store/n8a1rwzrp20qcr2c4hvyn6c5q9zx8csw-nix-2.3"; + x86_64-darwin = "/nix/store/jq6npmpld02sz4rgniz0qrsdfnm6j17a-nix-2.3"; } diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix index 290c29993b5..fe28cf7fa49 100644 --- a/nixos/modules/module-list.nix +++ b/nixos/modules/module-list.nix @@ -948,6 +948,7 @@ ./virtualisation/openvswitch.nix ./virtualisation/parallels-guest.nix ./virtualisation/qemu-guest-agent.nix + ./virtualisation/railcar.nix ./virtualisation/rkt.nix ./virtualisation/virtualbox-guest.nix ./virtualisation/virtualbox-host.nix diff --git a/nixos/modules/rename.nix b/nixos/modules/rename.nix index 9e0ab60ca67..1fa91f05030 100644 --- a/nixos/modules/rename.nix +++ b/nixos/modules/rename.nix @@ -34,6 +34,7 @@ with lib; (mkRenamedOptionModule [ "services" "kubernetes" "etcd" "caFile" ] [ "services" "kubernetes" "apiserver" "etcd" "caFile" ]) (mkRemovedOptionModule [ "services" "kubernetes" "kubelet" "applyManifests" ] "") (mkRemovedOptionModule [ "services" "kubernetes" "kubelet" "cadvisorPort" ] "") + (mkRemovedOptionModule [ "services" "kubernetes" "kubelet" "allowPrivileged" ] "") (mkRenamedOptionModule [ "services" "kubernetes" "proxy" "address" ] ["services" "kubernetes" "proxy" "bindAddress"]) (mkRemovedOptionModule [ "services" "kubernetes" "verbose" ] "") (mkRenamedOptionModule [ "services" "logstash" "address" ] [ "services" "logstash" "listenAddress" ]) diff --git a/nixos/modules/services/cluster/kubernetes/addon-manager.nix b/nixos/modules/services/cluster/kubernetes/addon-manager.nix index ad7d17c9c28..17f2dde31a7 100644 --- a/nixos/modules/services/cluster/kubernetes/addon-manager.nix +++ b/nixos/modules/services/cluster/kubernetes/addon-manager.nix @@ -62,50 +62,19 @@ in ''; }; - enable = mkEnableOption "Kubernetes addon manager"; - - kubeconfig = top.lib.mkKubeConfigOptions "Kubernetes addon manager"; - bootstrapAddonsKubeconfig = top.lib.mkKubeConfigOptions "Kubernetes addon manager bootstrap"; + enable = mkEnableOption "Whether to enable Kubernetes addon manager."; }; ###### implementation - config = let - - addonManagerPaths = filter (a: a != null) [ - cfg.kubeconfig.caFile - cfg.kubeconfig.certFile - cfg.kubeconfig.keyFile - ]; - bootstrapAddonsPaths = filter (a: a != null) [ - cfg.bootstrapAddonsKubeconfig.caFile - cfg.bootstrapAddonsKubeconfig.certFile - cfg.bootstrapAddonsKubeconfig.keyFile - ]; - - in mkIf cfg.enable { + config = mkIf cfg.enable { environment.etc."kubernetes/addons".source = "${addons}/"; - #TODO: Get rid of kube-addon-manager in the future for the following reasons - # - it is basically just a shell script wrapped around kubectl - # - it assumes that it is clusterAdmin or can gain clusterAdmin rights through serviceAccount - # - it is designed to be used with k8s system components only - # - it would be better with a more Nix-oriented way of managing addons systemd.services.kube-addon-manager = { description = "Kubernetes addon manager"; wantedBy = [ "kubernetes.target" ]; - after = [ "kube-node-online.target" ]; - before = [ "kubernetes.target" ]; - environment = { - ADDON_PATH = "/etc/kubernetes/addons/"; - KUBECONFIG = top.lib.mkKubeConfig "kube-addon-manager" cfg.kubeconfig; - }; - path = with pkgs; [ gawk kubectl ]; - preStart = '' - until kubectl -n kube-system get serviceaccounts/default 2>/dev/null; do - echo kubectl -n kube-system get serviceaccounts/default: exit status $? - sleep 2 - done - ''; + after = [ "kube-apiserver.service" ]; + environment.ADDON_PATH = "/etc/kubernetes/addons/"; + path = [ pkgs.gawk ]; serviceConfig = { Slice = "kubernetes.slice"; ExecStart = "${top.package}/bin/kube-addons"; @@ -115,52 +84,8 @@ in Restart = "on-failure"; RestartSec = 10; }; - unitConfig.ConditionPathExists = addonManagerPaths; }; - systemd.paths.kube-addon-manager = { - wantedBy = [ "kube-addon-manager.service" ]; - pathConfig = { - PathExists = addonManagerPaths; - PathChanged = addonManagerPaths; - }; - }; - - services.kubernetes.addonManager.kubeconfig.server = mkDefault top.apiserverAddress; - - systemd.services.kube-addon-manager-bootstrap = mkIf (top.apiserver.enable && top.addonManager.bootstrapAddons != {}) { - wantedBy = [ "kube-control-plane-online.target" ]; - after = [ "kube-apiserver.service" ]; - before = [ "kube-control-plane-online.target" ]; - path = [ pkgs.kubectl ]; - environment = { - KUBECONFIG = top.lib.mkKubeConfig "kube-addon-manager-bootstrap" cfg.bootstrapAddonsKubeconfig; - }; - preStart = with pkgs; let - files = mapAttrsToList (n: v: writeText "${n}.json" (builtins.toJSON v)) - cfg.bootstrapAddons; - in '' - until kubectl auth can-i '*' '*' -q 2>/dev/null; do - echo kubectl auth can-i '*' '*': exit status $? - sleep 2 - done - - kubectl apply -f ${concatStringsSep " \\\n -f " files} - ''; - script = "echo Ok"; - unitConfig.ConditionPathExists = bootstrapAddonsPaths; - }; - - systemd.paths.kube-addon-manager-bootstrap = { - wantedBy = [ "kube-addon-manager-bootstrap.service" ]; - pathConfig = { - PathExists = bootstrapAddonsPaths; - PathChanged = bootstrapAddonsPaths; - }; - }; - - services.kubernetes.addonManager.bootstrapAddonsKubeconfig.server = mkDefault top.apiserverAddress; - services.kubernetes.addonManager.bootstrapAddons = mkIf isRBACEnabled (let name = system:kube-addon-manager; diff --git a/nixos/modules/services/cluster/kubernetes/addons/dashboard.nix b/nixos/modules/services/cluster/kubernetes/addons/dashboard.nix index 2295694ffc7..454e7d35bc0 100644 --- a/nixos/modules/services/cluster/kubernetes/addons/dashboard.nix +++ b/nixos/modules/services/cluster/kubernetes/addons/dashboard.nix @@ -169,23 +169,6 @@ in { }; }; - kubernetes-dashboard-cm = { - apiVersion = "v1"; - kind = "ConfigMap"; - metadata = { - labels = { - k8s-app = "kubernetes-dashboard"; - # Allows editing resource and makes sure it is created first. - "addonmanager.kubernetes.io/mode" = "EnsureExists"; - }; - name = "kubernetes-dashboard-settings"; - namespace = "kube-system"; - }; - }; - }; - - services.kubernetes.addonManager.bootstrapAddons = mkMerge [{ - kubernetes-dashboard-sa = { apiVersion = "v1"; kind = "ServiceAccount"; @@ -227,9 +210,20 @@ in { }; type = "Opaque"; }; - } - - (optionalAttrs cfg.rbac.enable + kubernetes-dashboard-cm = { + apiVersion = "v1"; + kind = "ConfigMap"; + metadata = { + labels = { + k8s-app = "kubernetes-dashboard"; + # Allows editing resource and makes sure it is created first. + "addonmanager.kubernetes.io/mode" = "EnsureExists"; + }; + name = "kubernetes-dashboard-settings"; + namespace = "kube-system"; + }; + }; + } // (optionalAttrs cfg.rbac.enable (let subjects = [{ kind = "ServiceAccount"; @@ -329,6 +323,6 @@ in { inherit subjects; }; }) - ))]; + )); }; } diff --git a/nixos/modules/services/cluster/kubernetes/apiserver.nix b/nixos/modules/services/cluster/kubernetes/apiserver.nix index f293dd79f42..33796bf2e08 100644 --- a/nixos/modules/services/cluster/kubernetes/apiserver.nix +++ b/nixos/modules/services/cluster/kubernetes/apiserver.nix @@ -290,32 +290,11 @@ in ###### implementation config = mkMerge [ - (let - - apiserverPaths = filter (a: a != null) [ - cfg.clientCaFile - cfg.etcd.caFile - cfg.etcd.certFile - cfg.etcd.keyFile - cfg.kubeletClientCaFile - cfg.kubeletClientCertFile - cfg.kubeletClientKeyFile - cfg.serviceAccountKeyFile - cfg.tlsCertFile - cfg.tlsKeyFile - ]; - etcdPaths = filter (a: a != null) [ - config.services.etcd.trustedCaFile - config.services.etcd.certFile - config.services.etcd.keyFile - ]; - - in mkIf cfg.enable { + (mkIf cfg.enable { systemd.services.kube-apiserver = { description = "Kubernetes APIServer Service"; - wantedBy = [ "kube-control-plane-online.target" ]; - after = [ "certmgr.service" ]; - before = [ "kube-control-plane-online.target" ]; + wantedBy = [ "kubernetes.target" ]; + after = [ "network.target" ]; serviceConfig = { Slice = "kubernetes.slice"; ExecStart = ''${top.package}/bin/kube-apiserver \ @@ -386,15 +365,6 @@ in Restart = "on-failure"; RestartSec = 5; }; - unitConfig.ConditionPathExists = apiserverPaths; - }; - - systemd.paths.kube-apiserver = mkIf top.apiserver.enable { - wantedBy = [ "kube-apiserver.service" ]; - pathConfig = { - PathExists = apiserverPaths; - PathChanged = apiserverPaths; - }; }; services.etcd = { @@ -408,18 +378,6 @@ in initialAdvertisePeerUrls = mkDefault ["https://${top.masterAddress}:2380"]; }; - systemd.services.etcd = { - unitConfig.ConditionPathExists = etcdPaths; - }; - - systemd.paths.etcd = { - wantedBy = [ "etcd.service" ]; - pathConfig = { - PathExists = etcdPaths; - PathChanged = etcdPaths; - }; - }; - services.kubernetes.addonManager.bootstrapAddons = mkIf isRBACEnabled { apiserver-kubelet-api-admin-crb = { diff --git a/nixos/modules/services/cluster/kubernetes/controller-manager.nix b/nixos/modules/services/cluster/kubernetes/controller-manager.nix index b94e8bd86d4..0b73d090f24 100644 --- a/nixos/modules/services/cluster/kubernetes/controller-manager.nix +++ b/nixos/modules/services/cluster/kubernetes/controller-manager.nix @@ -104,31 +104,11 @@ in }; ###### implementation - config = let - - controllerManagerPaths = filter (a: a != null) [ - cfg.kubeconfig.caFile - cfg.kubeconfig.certFile - cfg.kubeconfig.keyFile - cfg.rootCaFile - cfg.serviceAccountKeyFile - cfg.tlsCertFile - cfg.tlsKeyFile - ]; - - in mkIf cfg.enable { - systemd.services.kube-controller-manager = rec { + config = mkIf cfg.enable { + systemd.services.kube-controller-manager = { description = "Kubernetes Controller Manager Service"; - wantedBy = [ "kube-control-plane-online.target" ]; + wantedBy = [ "kubernetes.target" ]; after = [ "kube-apiserver.service" ]; - before = [ "kube-control-plane-online.target" ]; - environment.KUBECONFIG = top.lib.mkKubeConfig "kube-controller-manager" cfg.kubeconfig; - preStart = '' - until kubectl auth can-i get /api -q 2>/dev/null; do - echo kubectl auth can-i get /api: exit status $? - sleep 2 - done - ''; serviceConfig = { RestartSec = "30s"; Restart = "on-failure"; @@ -140,7 +120,7 @@ in "--cluster-cidr=${cfg.clusterCidr}"} \ ${optionalString (cfg.featureGates != []) "--feature-gates=${concatMapStringsSep "," (feature: "${feature}=true") cfg.featureGates}"} \ - --kubeconfig=${environment.KUBECONFIG} \ + --kubeconfig=${top.lib.mkKubeConfig "kube-controller-manager" cfg.kubeconfig} \ --leader-elect=${boolToString cfg.leaderElect} \ ${optionalString (cfg.rootCaFile!=null) "--root-ca-file=${cfg.rootCaFile}"} \ @@ -161,16 +141,7 @@ in User = "kubernetes"; Group = "kubernetes"; }; - path = top.path ++ [ pkgs.kubectl ]; - unitConfig.ConditionPathExists = controllerManagerPaths; - }; - - systemd.paths.kube-controller-manager = { - wantedBy = [ "kube-controller-manager.service" ]; - pathConfig = { - PathExists = controllerManagerPaths; - PathChanged = controllerManagerPaths; - }; + path = top.path; }; services.kubernetes.pki.certs = with top.lib; { diff --git a/nixos/modules/services/cluster/kubernetes/default.nix b/nixos/modules/services/cluster/kubernetes/default.nix index 143b41f57f6..3790ac9b691 100644 --- a/nixos/modules/services/cluster/kubernetes/default.nix +++ b/nixos/modules/services/cluster/kubernetes/default.nix @@ -256,29 +256,6 @@ in { wantedBy = [ "multi-user.target" ]; }; - systemd.targets.kube-control-plane-online = { - wantedBy = [ "kubernetes.target" ]; - before = [ "kubernetes.target" ]; - }; - - systemd.services.kube-control-plane-online = rec { - description = "Kubernetes control plane is online"; - wantedBy = [ "kube-control-plane-online.target" ]; - after = [ "kube-scheduler.service" "kube-controller-manager.service" ]; - before = [ "kube-control-plane-online.target" ]; - path = [ pkgs.curl ]; - preStart = '' - until curl -Ssf ${cfg.apiserverAddress}/healthz do - echo curl -Ssf ${cfg.apiserverAddress}/healthz: exit status $? - sleep 3 - done - ''; - script = "echo Ok"; - serviceConfig = { - TimeoutSec = "500"; - }; - }; - systemd.tmpfiles.rules = [ "d /opt/cni/bin 0755 root root -" "d /run/kubernetes 0755 kubernetes kubernetes -" @@ -302,8 +279,6 @@ in { services.kubernetes.apiserverAddress = mkDefault ("https://${if cfg.apiserver.advertiseAddress != null then cfg.apiserver.advertiseAddress else "${cfg.masterAddress}:${toString cfg.apiserver.securePort}"}"); - - services.kubernetes.kubeconfig.server = mkDefault cfg.apiserverAddress; }) ]; } diff --git a/nixos/modules/services/cluster/kubernetes/flannel.nix b/nixos/modules/services/cluster/kubernetes/flannel.nix index d9437427d6d..74d10d68437 100644 --- a/nixos/modules/services/cluster/kubernetes/flannel.nix +++ b/nixos/modules/services/cluster/kubernetes/flannel.nix @@ -14,36 +14,25 @@ let buildInputs = [ pkgs.makeWrapper ]; } '' mkdir -p $out - cp ${pkgs.kubernetes.src}/cluster/centos/node/bin/mk-docker-opts.sh $out/mk-docker-opts.sh # bashInteractive needed for `compgen` - makeWrapper ${pkgs.bashInteractive}/bin/bash $out/mk-docker-opts --add-flags "$out/mk-docker-opts.sh" + makeWrapper ${pkgs.bashInteractive}/bin/bash $out/mk-docker-opts --add-flags "${pkgs.kubernetes}/bin/mk-docker-opts.sh" ''; in { ###### interface options.services.kubernetes.flannel = { - enable = mkEnableOption "flannel networking"; - kubeconfig = top.lib.mkKubeConfigOptions "Kubernetes flannel"; + enable = mkEnableOption "enable flannel networking"; }; ###### implementation - config = let - - flannelPaths = filter (a: a != null) [ - cfg.kubeconfig.caFile - cfg.kubeconfig.certFile - cfg.kubeconfig.keyFile - ]; - kubeconfig = top.lib.mkKubeConfig "flannel" cfg.kubeconfig; - - in mkIf cfg.enable { + config = mkIf cfg.enable { services.flannel = { enable = mkDefault true; network = mkDefault top.clusterCidr; - inherit storageBackend kubeconfig; - nodeName = top.kubelet.hostname; + inherit storageBackend; + nodeName = config.services.kubernetes.kubelet.hostname; }; services.kubernetes.kubelet = { @@ -58,66 +47,24 @@ in }]; }; - systemd.services.mk-docker-opts = { + systemd.services."mk-docker-opts" = { description = "Pre-Docker Actions"; - wantedBy = [ "flannel.target" ]; - before = [ "flannel.target" ]; path = with pkgs; [ gawk gnugrep ]; script = '' ${mkDockerOpts}/mk-docker-opts -d /run/flannel/docker systemctl restart docker ''; - unitConfig.ConditionPathExists = [ "/run/flannel/subnet.env" ]; serviceConfig.Type = "oneshot"; }; - systemd.paths.flannel-subnet-env = { - wantedBy = [ "mk-docker-opts.service" ]; - pathConfig = { - PathExists = [ "/run/flannel/subnet.env" ]; - PathChanged = [ "/run/flannel/subnet.env" ]; - Unit = "mk-docker-opts.service"; - }; - }; - - systemd.targets.flannel = { - wantedBy = [ "kube-node-online.target" ]; - before = [ "kube-node-online.target" ]; - }; - - systemd.services.flannel = { - wantedBy = [ "flannel.target" ]; - after = [ "kubelet.target" ]; - before = [ "flannel.target" ]; - path = with pkgs; [ iptables kubectl ]; - environment.KUBECONFIG = kubeconfig; - preStart = let - args = [ - "--selector=kubernetes.io/hostname=${top.kubelet.hostname}" - # flannel exits if node is not registered yet, before that there is no podCIDR - "--output=jsonpath={.items[0].spec.podCIDR}" - # if jsonpath cannot be resolved exit with status 1 - "--allow-missing-template-keys=false" - ]; - in '' - until kubectl get nodes ${concatStringsSep " " args} 2>/dev/null; do - echo Waiting for ${top.kubelet.hostname} to be RegisteredNode - sleep 1 - done - ''; - unitConfig.ConditionPathExists = flannelPaths; - }; - - systemd.paths.flannel = { + systemd.paths."flannel-subnet-env" = { wantedBy = [ "flannel.service" ]; pathConfig = { - PathExists = flannelPaths; - PathChanged = flannelPaths; + PathModified = "/run/flannel/subnet.env"; + Unit = "mk-docker-opts.service"; }; }; - services.kubernetes.flannel.kubeconfig.server = mkDefault top.apiserverAddress; - systemd.services.docker = { environment.DOCKER_OPTS = "-b none"; serviceConfig.EnvironmentFile = "-/run/flannel/docker"; @@ -144,6 +91,7 @@ in # give flannel som kubernetes rbac permissions if applicable services.kubernetes.addonManager.bootstrapAddons = mkIf ((storageBackend == "kubernetes") && (elem "RBAC" top.apiserver.authorizationMode)) { + flannel-cr = { apiVersion = "rbac.authorization.k8s.io/v1beta1"; kind = "ClusterRole"; @@ -179,6 +127,7 @@ in name = "flannel-client"; }]; }; + }; }; } diff --git a/nixos/modules/services/cluster/kubernetes/kubelet.nix b/nixos/modules/services/cluster/kubernetes/kubelet.nix index 4c5df96bcc6..250da4c807e 100644 --- a/nixos/modules/services/cluster/kubernetes/kubelet.nix +++ b/nixos/modules/services/cluster/kubernetes/kubelet.nix @@ -61,12 +61,6 @@ in type = str; }; - allowPrivileged = mkOption { - description = "Whether to allow Kubernetes containers to request privileged mode."; - default = false; - type = bool; - }; - clusterDns = mkOption { description = "Use alternative DNS."; default = "10.1.0.1"; @@ -234,28 +228,21 @@ in ###### implementation config = mkMerge [ - (let - - kubeletPaths = filter (a: a != null) [ - cfg.kubeconfig.caFile - cfg.kubeconfig.certFile - cfg.kubeconfig.keyFile - cfg.clientCaFile - cfg.tlsCertFile - cfg.tlsKeyFile - ]; - - in mkIf cfg.enable { + (mkIf cfg.enable { services.kubernetes.kubelet.seedDockerImages = [infraContainer]; systemd.services.kubelet = { description = "Kubernetes Kubelet Service"; - wantedBy = [ "kubelet.target" ]; - after = [ "kube-control-plane-online.target" ]; - before = [ "kubelet.target" ]; + wantedBy = [ "kubernetes.target" ]; + after = [ "network.target" "docker.service" "kube-apiserver.service" ]; path = with pkgs; [ gitMinimal openssh docker utillinux iproute ethtool thin-provisioning-tools iptables socat ] ++ top.path; preStart = '' - rm -f /opt/cni/bin/* || true + ${concatMapStrings (img: '' + echo "Seeding docker image: ${img}" + docker load <${img} + '') cfg.seedDockerImages} + + rm /opt/cni/bin/* || true ${concatMapStrings (package: '' echo "Linking cni package: ${package}" ln -fs ${package}/bin/* /opt/cni/bin @@ -269,7 +256,6 @@ in RestartSec = "1000ms"; ExecStart = ''${top.package}/bin/kubelet \ --address=${cfg.address} \ - --allow-privileged=${boolToString cfg.allowPrivileged} \ --authentication-token-webhook \ --authentication-token-webhook-cache-ttl="10s" \ --authorization-mode=Webhook \ @@ -308,56 +294,6 @@ in ''; WorkingDirectory = top.dataDir; }; - unitConfig.ConditionPathExists = kubeletPaths; - }; - - systemd.paths.kubelet = { - wantedBy = [ "kubelet.service" ]; - pathConfig = { - PathExists = kubeletPaths; - PathChanged = kubeletPaths; - }; - }; - - systemd.services.docker.before = [ "kubelet.service" ]; - - systemd.services.docker-seed-images = { - wantedBy = [ "docker.service" ]; - after = [ "docker.service" ]; - before = [ "kubelet.service" ]; - path = with pkgs; [ docker ]; - preStart = '' - ${concatMapStrings (img: '' - echo "Seeding docker image: ${img}" - docker load <${img} - '') cfg.seedDockerImages} - ''; - script = "echo Ok"; - serviceConfig.Type = "oneshot"; - serviceConfig.RemainAfterExit = true; - serviceConfig.Slice = "kubernetes.slice"; - }; - - systemd.services.kubelet-online = { - wantedBy = [ "kube-node-online.target" ]; - after = [ "flannel.target" "kubelet.target" ]; - before = [ "kube-node-online.target" ]; - # it is complicated. flannel needs kubelet to run the pause container before - # it discusses the node CIDR with apiserver and afterwards configures and restarts - # dockerd. Until then prevent creating any pods because they have to be recreated anyway - # because the network of docker0 has been changed by flannel. - script = let - docker-env = "/run/flannel/docker"; - flannel-date = "stat --print=%Y ${docker-env}"; - docker-date = "systemctl show --property=ActiveEnterTimestamp --value docker"; - in '' - until test -f ${docker-env} ; do sleep 1 ; done - while test `${flannel-date}` -gt `date +%s --date="$(${docker-date})"` ; do - sleep 1 - done - ''; - serviceConfig.Type = "oneshot"; - serviceConfig.Slice = "kubernetes.slice"; }; # Allways include cni plugins @@ -404,16 +340,5 @@ in }; }) - { - systemd.targets.kubelet = { - wantedBy = [ "kube-node-online.target" ]; - before = [ "kube-node-online.target" ]; - }; - - systemd.targets.kube-node-online = { - wantedBy = [ "kubernetes.target" ]; - before = [ "kubernetes.target" ]; - }; - } ]; } diff --git a/nixos/modules/services/cluster/kubernetes/pki.nix b/nixos/modules/services/cluster/kubernetes/pki.nix index 47384ae50a0..733479e24c9 100644 --- a/nixos/modules/services/cluster/kubernetes/pki.nix +++ b/nixos/modules/services/cluster/kubernetes/pki.nix @@ -27,11 +27,12 @@ let certmgrAPITokenPath = "${top.secretsPath}/${cfsslAPITokenBaseName}"; cfsslAPITokenLength = 32; - clusterAdminKubeconfig = with cfg.certs.clusterAdmin; { - server = top.apiserverAddress; - certFile = cert; - keyFile = key; - }; + clusterAdminKubeconfig = with cfg.certs.clusterAdmin; + top.lib.mkKubeConfig "cluster-admin" { + server = top.apiserverAddress; + certFile = cert; + keyFile = key; + }; remote = with config.services; "https://${kubernetes.masterAddress}:${toString cfssl.port}"; in @@ -118,11 +119,6 @@ in cfsslCertPathPrefix = "${config.services.cfssl.dataDir}/cfssl"; cfsslCert = "${cfsslCertPathPrefix}.pem"; cfsslKey = "${cfsslCertPathPrefix}-key.pem"; - - certmgrPaths = [ - top.caFile - certmgrAPITokenPath - ]; in { @@ -172,40 +168,13 @@ in chown cfssl "${cfsslAPITokenPath}" && chmod 400 "${cfsslAPITokenPath}" '')]); - systemd.targets.cfssl-online = { - wantedBy = [ "network-online.target" ]; - after = [ "cfssl.service" "network-online.target" "cfssl-online.service" ]; - }; - - systemd.services.cfssl-online = { - description = "Wait for ${remote} to be reachable."; - wantedBy = [ "cfssl-online.target" ]; - before = [ "cfssl-online.target" ]; - path = [ pkgs.curl ]; - preStart = '' - until curl --fail-early -fskd '{}' ${remote}/api/v1/cfssl/info -o /dev/null; do - echo curl ${remote}/api/v1/cfssl/info: exit status $? - sleep 2 - done - ''; - script = "echo Ok"; - serviceConfig = { - TimeoutSec = "300"; - }; - }; - systemd.services.kube-certmgr-bootstrap = { description = "Kubernetes certmgr bootstrapper"; - wantedBy = [ "cfssl-online.target" ]; - after = [ "cfssl-online.target" ]; - before = [ "certmgr.service" ]; - path = with pkgs; [ curl cfssl ]; + wantedBy = [ "certmgr.service" ]; + after = [ "cfssl.target" ]; script = concatStringsSep "\n" ['' set -e - mkdir -p $(dirname ${certmgrAPITokenPath}) - mkdir -p $(dirname ${top.caFile}) - # If there's a cfssl (cert issuer) running locally, then don't rely on user to # manually paste it in place. Just symlink. # otherwise, create the target file, ready for users to insert the token @@ -217,18 +186,15 @@ in fi '' (optionalString (cfg.pkiTrustOnBootstrap) '' - if [ ! -s "${top.caFile}" ]; then - until test -s ${top.caFile}.json; do - sleep 2 - curl --fail-early -fskd '{}' ${remote}/api/v1/cfssl/info -o ${top.caFile}.json - done - cfssljson -f ${top.caFile}.json -stdout >${top.caFile} - rm ${top.caFile}.json + if [ ! -f "${top.caFile}" ] || [ $(cat "${top.caFile}" | wc -c) -lt 1 ]; then + ${pkgs.curl}/bin/curl --fail-early -f -kd '{}' ${remote}/api/v1/cfssl/info | \ + ${pkgs.cfssl}/bin/cfssljson -stdout >${top.caFile} fi '') ]; serviceConfig = { - TimeoutSec = "500"; + RestartSec = "10s"; + Restart = "on-failure"; }; }; @@ -264,28 +230,35 @@ in mapAttrs mkSpec cfg.certs; }; - systemd.services.certmgr = { - wantedBy = [ "cfssl-online.target" ]; - after = [ "cfssl-online.target" "kube-certmgr-bootstrap.service" ]; - preStart = '' - while ! test -s ${certmgrAPITokenPath} ; do - sleep 1 - echo Waiting for ${certmgrAPITokenPath} - done - ''; - unitConfig.ConditionPathExists = certmgrPaths; - }; - - systemd.paths.certmgr = { - wantedBy = [ "certmgr.service" ]; - pathConfig = { - PathExists = certmgrPaths; - PathChanged = certmgrPaths; - }; - }; - - environment.etc.${cfg.etcClusterAdminKubeconfig}.source = mkIf (cfg.etcClusterAdminKubeconfig != null) - (top.lib.mkKubeConfig "cluster-admin" clusterAdminKubeconfig); + #TODO: Get rid of kube-addon-manager in the future for the following reasons + # - it is basically just a shell script wrapped around kubectl + # - it assumes that it is clusterAdmin or can gain clusterAdmin rights through serviceAccount + # - it is designed to be used with k8s system components only + # - it would be better with a more Nix-oriented way of managing addons + systemd.services.kube-addon-manager = mkIf top.addonManager.enable (mkMerge [{ + environment.KUBECONFIG = with cfg.certs.addonManager; + top.lib.mkKubeConfig "addon-manager" { + server = top.apiserverAddress; + certFile = cert; + keyFile = key; + }; + } + + (optionalAttrs (top.addonManager.bootstrapAddons != {}) { + serviceConfig.PermissionsStartOnly = true; + preStart = with pkgs; + let + files = mapAttrsToList (n: v: writeText "${n}.json" (builtins.toJSON v)) + top.addonManager.bootstrapAddons; + in + '' + export KUBECONFIG=${clusterAdminKubeconfig} + ${kubectl}/bin/kubectl apply -f ${concatStringsSep " \\\n -f " files} + ''; + })]); + + environment.etc.${cfg.etcClusterAdminKubeconfig}.source = mkIf (!isNull cfg.etcClusterAdminKubeconfig) + clusterAdminKubeconfig; environment.systemPackages = mkIf (top.kubelet.enable || top.proxy.enable) [ (pkgs.writeScriptBin "nixos-kubernetes-node-join" '' @@ -311,22 +284,38 @@ in exit 1 fi - do_restart=$(test -s ${certmgrAPITokenPath} && echo -n y || echo -n n) - echo $token > ${certmgrAPITokenPath} chmod 600 ${certmgrAPITokenPath} - if [ y = $do_restart ]; then - echo "Restarting certmgr..." >&1 - systemctl restart certmgr - fi + echo "Restarting certmgr..." >&1 + systemctl restart certmgr + + echo "Waiting for certs to appear..." >&1 + + ${optionalString top.kubelet.enable '' + while [ ! -f ${cfg.certs.kubelet.cert} ]; do sleep 1; done + echo "Restarting kubelet..." >&1 + systemctl restart kubelet + ''} + + ${optionalString top.proxy.enable '' + while [ ! -f ${cfg.certs.kubeProxyClient.cert} ]; do sleep 1; done + echo "Restarting kube-proxy..." >&1 + systemctl restart kube-proxy + ''} - echo "Node joined succesfully" >&1 + ${optionalString top.flannel.enable '' + while [ ! -f ${cfg.certs.flannelClient.cert} ]; do sleep 1; done + echo "Restarting flannel..." >&1 + systemctl restart flannel + ''} + + echo "Node joined succesfully" '')]; # isolate etcd on loopback at the master node # easyCerts doesn't support multimaster clusters anyway atm. - services.etcd = mkIf top.apiserver.enable (with cfg.certs.etcd; { + services.etcd = with cfg.certs.etcd; { listenClientUrls = ["https://127.0.0.1:2379"]; listenPeerUrls = ["https://127.0.0.1:2380"]; advertiseClientUrls = ["https://etcd.local:2379"]; @@ -335,11 +324,19 @@ in certFile = mkDefault cert; keyFile = mkDefault key; trustedCaFile = mkDefault caCert; - }); + }; networking.extraHosts = mkIf (config.services.etcd.enable) '' 127.0.0.1 etcd.${top.addons.dns.clusterDomain} etcd.local ''; + services.flannel = with cfg.certs.flannelClient; { + kubeconfig = top.lib.mkKubeConfig "flannel" { + server = top.apiserverAddress; + certFile = cert; + keyFile = key; + }; + }; + services.kubernetes = { apiserver = mkIf top.apiserver.enable (with cfg.certs.apiServer; { @@ -359,13 +356,6 @@ in proxyClientCertFile = mkDefault cfg.certs.apiserverProxyClient.cert; proxyClientKeyFile = mkDefault cfg.certs.apiserverProxyClient.key; }); - addonManager = mkIf top.addonManager.enable { - kubeconfig = with cfg.certs.addonManager; { - certFile = mkDefault cert; - keyFile = mkDefault key; - }; - bootstrapAddonsKubeconfig = clusterAdminKubeconfig; - }; controllerManager = mkIf top.controllerManager.enable { serviceAccountKeyFile = mkDefault cfg.certs.serviceAccount.key; rootCaFile = cfg.certs.controllerManagerClient.caCert; @@ -374,12 +364,6 @@ in keyFile = mkDefault key; }; }; - flannel = mkIf top.flannel.enable { - kubeconfig = with cfg.certs.flannelClient; { - certFile = cert; - keyFile = key; - }; - }; scheduler = mkIf top.scheduler.enable { kubeconfig = with cfg.certs.schedulerClient; { certFile = mkDefault cert; diff --git a/nixos/modules/services/cluster/kubernetes/proxy.nix b/nixos/modules/services/cluster/kubernetes/proxy.nix index 23f4d97b703..bd4bf04ea83 100644 --- a/nixos/modules/services/cluster/kubernetes/proxy.nix +++ b/nixos/modules/services/cluster/kubernetes/proxy.nix @@ -45,28 +45,12 @@ in }; ###### implementation - config = let - - proxyPaths = filter (a: a != null) [ - cfg.kubeconfig.caFile - cfg.kubeconfig.certFile - cfg.kubeconfig.keyFile - ]; - - in mkIf cfg.enable { - systemd.services.kube-proxy = rec { + config = mkIf cfg.enable { + systemd.services.kube-proxy = { description = "Kubernetes Proxy Service"; - wantedBy = [ "kube-node-online.target" ]; - after = [ "kubelet-online.service" ]; - before = [ "kube-node-online.target" ]; - environment.KUBECONFIG = top.lib.mkKubeConfig "kube-proxy" cfg.kubeconfig; - path = with pkgs; [ iptables conntrack_tools kubectl ]; - preStart = '' - until kubectl auth can-i get nodes/${top.kubelet.hostname} -q 2>/dev/null; do - echo kubectl auth can-i get nodes/${top.kubelet.hostname}: exit status $? - sleep 2 - done - ''; + wantedBy = [ "kubernetes.target" ]; + after = [ "kube-apiserver.service" ]; + path = with pkgs; [ iptables conntrack_tools ]; serviceConfig = { Slice = "kubernetes.slice"; ExecStart = ''${top.package}/bin/kube-proxy \ @@ -75,7 +59,7 @@ in "--cluster-cidr=${top.clusterCidr}"} \ ${optionalString (cfg.featureGates != []) "--feature-gates=${concatMapStringsSep "," (feature: "${feature}=true") cfg.featureGates}"} \ - --kubeconfig=${environment.KUBECONFIG} \ + --kubeconfig=${top.lib.mkKubeConfig "kube-proxy" cfg.kubeconfig} \ ${optionalString (cfg.verbosity != null) "--v=${toString cfg.verbosity}"} \ ${cfg.extraOpts} ''; @@ -83,15 +67,6 @@ in Restart = "on-failure"; RestartSec = 5; }; - unitConfig.ConditionPathExists = proxyPaths; - }; - - systemd.paths.kube-proxy = { - wantedBy = [ "kube-proxy.service" ]; - pathConfig = { - PathExists = proxyPaths; - PathChanged = proxyPaths; - }; }; services.kubernetes.pki.certs = { diff --git a/nixos/modules/services/cluster/kubernetes/scheduler.nix b/nixos/modules/services/cluster/kubernetes/scheduler.nix index a0e48454295..5f6113227d9 100644 --- a/nixos/modules/services/cluster/kubernetes/scheduler.nix +++ b/nixos/modules/services/cluster/kubernetes/scheduler.nix @@ -56,35 +56,18 @@ in }; ###### implementation - config = let - - schedulerPaths = filter (a: a != null) [ - cfg.kubeconfig.caFile - cfg.kubeconfig.certFile - cfg.kubeconfig.keyFile - ]; - - in mkIf cfg.enable { - systemd.services.kube-scheduler = rec { + config = mkIf cfg.enable { + systemd.services.kube-scheduler = { description = "Kubernetes Scheduler Service"; - wantedBy = [ "kube-control-plane-online.target" ]; + wantedBy = [ "kubernetes.target" ]; after = [ "kube-apiserver.service" ]; - before = [ "kube-control-plane-online.target" ]; - environment.KUBECONFIG = top.lib.mkKubeConfig "kube-scheduler" cfg.kubeconfig; - path = [ pkgs.kubectl ]; - preStart = '' - until kubectl auth can-i get /api -q 2>/dev/null; do - echo kubectl auth can-i get /api: exit status $? - sleep 2 - done - ''; serviceConfig = { Slice = "kubernetes.slice"; ExecStart = ''${top.package}/bin/kube-scheduler \ --address=${cfg.address} \ ${optionalString (cfg.featureGates != []) "--feature-gates=${concatMapStringsSep "," (feature: "${feature}=true") cfg.featureGates}"} \ - --kubeconfig=${environment.KUBECONFIG} \ + --kubeconfig=${top.lib.mkKubeConfig "kube-scheduler" cfg.kubeconfig} \ --leader-elect=${boolToString cfg.leaderElect} \ --port=${toString cfg.port} \ ${optionalString (cfg.verbosity != null) "--v=${toString cfg.verbosity}"} \ @@ -96,15 +79,6 @@ in Restart = "on-failure"; RestartSec = 5; }; - unitConfig.ConditionPathExists = schedulerPaths; - }; - - systemd.paths.kube-scheduler = { - wantedBy = [ "kube-scheduler.service" ]; - pathConfig = { - PathExists = schedulerPaths; - PathChanged = schedulerPaths; - }; }; services.kubernetes.pki.certs = { diff --git a/nixos/modules/services/databases/postgresql.nix b/nixos/modules/services/databases/postgresql.nix index 10250bb5193..1ed4d3290ce 100644 --- a/nixos/modules/services/databases/postgresql.nix +++ b/nixos/modules/services/databases/postgresql.nix @@ -81,6 +81,10 @@ in default = ""; description = '' Defines the mapping from system users to database users. + + The general form is: + + map-name system-username database-username ''; }; diff --git a/nixos/modules/services/misc/zookeeper.nix b/nixos/modules/services/misc/zookeeper.nix index 50c84e3c6b8..5d91e44a199 100644 --- a/nixos/modules/services/misc/zookeeper.nix +++ b/nixos/modules/services/misc/zookeeper.nix @@ -121,6 +121,7 @@ in { systemd.tmpfiles.rules = [ "d '${cfg.dataDir}' 0700 zookeeper - - -" + "Z '${cfg.dataDir}' 0700 zookeeper - - -" ]; systemd.services.zookeeper = { diff --git a/nixos/modules/services/network-filesystems/ceph.nix b/nixos/modules/services/network-filesystems/ceph.nix index 54841861c08..aef284c31a5 100644 --- a/nixos/modules/services/network-filesystems/ceph.nix +++ b/nixos/modules/services/network-filesystems/ceph.nix @@ -3,18 +3,18 @@ with lib; let - ceph = pkgs.ceph; cfg = config.services.ceph; + # function that translates "camelCaseOptions" to "camel case options", credits to tilpner in #nixos@freenode - translateOption = replaceStrings upperChars (map (s: " ${s}") lowerChars); - generateDaemonList = (daemonType: daemons: extraServiceConfig: - mkMerge ( - map (daemon: - { "ceph-${daemonType}-${daemon}" = generateServiceFile daemonType daemon cfg.global.clusterName ceph extraServiceConfig; } - ) daemons - ) - ); - generateServiceFile = (daemonType: daemonId: clusterName: ceph: extraServiceConfig: { + expandCamelCase = replaceStrings upperChars (map (s: " ${s}") lowerChars); + expandCamelCaseAttrs = mapAttrs' (name: value: nameValuePair (expandCamelCase name) value); + + makeServices = (daemonType: daemonIds: extraServiceConfig: + mkMerge (map (daemonId: + { "ceph-${daemonType}-${daemonId}" = makeService daemonType daemonId cfg.global.clusterName pkgs.ceph extraServiceConfig; }) + daemonIds)); + + makeService = (daemonType: daemonId: clusterName: ceph: extraServiceConfig: { enable = true; description = "Ceph ${builtins.replaceStrings lowerChars upperChars daemonType} daemon ${daemonId}"; after = [ "network-online.target" "time-sync.target" ] ++ optional (daemonType == "osd") "ceph-mon.target"; @@ -34,23 +34,29 @@ let Restart = "on-failure"; StartLimitBurst = "5"; StartLimitInterval = "30min"; - ExecStart = "${ceph.out}/bin/${if daemonType == "rgw" then "radosgw" else "ceph-${daemonType}"} -f --cluster ${clusterName} --id ${if daemonType == "rgw" then "client.${daemonId}" else daemonId} --setuser ceph --setgroup ceph"; + ExecStart = ''${ceph.out}/bin/${if daemonType == "rgw" then "radosgw" else "ceph-${daemonType}"} \ + -f --cluster ${clusterName} --id ${daemonId} --setuser ceph \ + --setgroup ${if daemonType == "osd" then "disk" else "ceph"}''; } // extraServiceConfig - // optionalAttrs (daemonType == "osd") { ExecStartPre = "${ceph.out}/libexec/ceph/ceph-osd-prestart.sh --id ${daemonId} --cluster ${clusterName}"; }; - } // optionalAttrs (builtins.elem daemonType [ "mds" "mon" "rgw" "mgr" ]) { preStart = '' + // optionalAttrs (daemonType == "osd") { ExecStartPre = ''${ceph.lib}/libexec/ceph/ceph-osd-prestart.sh \ + --id ${daemonId} --cluster ${clusterName}''; }; + } // optionalAttrs (builtins.elem daemonType [ "mds" "mon" "rgw" "mgr" ]) { + preStart = '' daemonPath="/var/lib/ceph/${if daemonType == "rgw" then "radosgw" else daemonType}/${clusterName}-${daemonId}" - if [ ! -d ''$daemonPath ]; then - mkdir -m 755 -p ''$daemonPath - chown -R ceph:ceph ''$daemonPath + if [ ! -d $daemonPath ]; then + mkdir -m 755 -p $daemonPath + chown -R ceph:ceph $daemonPath fi ''; } // optionalAttrs (daemonType == "osd") { path = [ pkgs.getopt ]; } ); - generateTargetFile = (daemonType: + + makeTarget = (daemonType: { "ceph-${daemonType}" = { description = "Ceph target allowing to start/stop all ceph-${daemonType} services at once"; partOf = [ "ceph.target" ]; + wantedBy = [ "ceph.target" ]; before = [ "ceph.target" ]; }; } @@ -82,6 +88,14 @@ in ''; }; + mgrModulePath = mkOption { + type = types.path; + default = "${pkgs.ceph.lib}/lib/ceph/mgr"; + description = '' + Path at which to find ceph-mgr modules. + ''; + }; + monInitialMembers = mkOption { type = with types; nullOr commas; default = null; @@ -157,6 +171,27 @@ in A comma-separated list of subnets that will be used as cluster networks in the cluster. ''; }; + + rgwMimeTypesFile = mkOption { + type = with types; nullOr path; + default = "${pkgs.mime-types}/etc/mime.types"; + description = '' + Path to mime types used by radosgw. + ''; + }; + }; + + extraConfig = mkOption { + type = with types; attrsOf str; + default = {}; + example = '' + { + "ms bind ipv6" = "true"; + }; + ''; + description = '' + Extra configuration to add to the global section. Use for setting values that are common for all daemons in the cluster. + ''; }; mgr = { @@ -216,6 +251,7 @@ in to the id part in ceph i.e. [ "name1" ] would result in osd.name1 ''; }; + extraConfig = mkOption { type = with types; attrsOf str; default = { @@ -296,9 +332,6 @@ in { assertion = cfg.global.fsid != ""; message = "fsid has to be set to a valid uuid for the cluster to function"; } - { assertion = cfg.mgr.enable == true; - message = "ceph 12.x requires atleast 1 MGR daemon enabled for the cluster to function"; - } { assertion = cfg.mon.enable == true -> cfg.mon.daemons != []; message = "have to set id of atleast one MON if you're going to enable Monitor"; } @@ -317,14 +350,12 @@ in ''Not setting up a list of members in monInitialMembers requires that you set the host variable for each mon daemon or else the cluster won't function''; environment.etc."ceph/ceph.conf".text = let - # Translate camelCaseOptions to the expected camel case option for ceph.conf - translatedGlobalConfig = mapAttrs' (name: value: nameValuePair (translateOption name) value) cfg.global; # Merge the extraConfig set for mgr daemons, as mgr don't have their own section - globalAndMgrConfig = translatedGlobalConfig // optionalAttrs cfg.mgr.enable cfg.mgr.extraConfig; + globalSection = expandCamelCaseAttrs (cfg.global // cfg.extraConfig // optionalAttrs cfg.mgr.enable cfg.mgr.extraConfig); # Remove all name-value pairs with null values from the attribute set to avoid making empty sections in the ceph.conf - globalConfig = mapAttrs' (name: value: nameValuePair (translateOption name) value) (filterAttrs (name: value: value != null) globalAndMgrConfig); + globalSection' = filterAttrs (name: value: value != null) globalSection; totalConfig = { - "global" = globalConfig; + "global" = globalSection'; } // optionalAttrs (cfg.mon.enable && cfg.mon.extraConfig != {}) { "mon" = cfg.mon.extraConfig; } // optionalAttrs (cfg.mds.enable && cfg.mds.extraConfig != {}) { "mds" = cfg.mds.extraConfig; } // optionalAttrs (cfg.osd.enable && cfg.osd.extraConfig != {}) { "osd" = cfg.osd.extraConfig; } @@ -336,8 +367,9 @@ in name = "ceph"; uid = config.ids.uids.ceph; description = "Ceph daemon user"; + group = "ceph"; + extraGroups = [ "disk" ]; }; - users.groups = singleton { name = "ceph"; gid = config.ids.gids.ceph; @@ -345,22 +377,26 @@ in systemd.services = let services = [] - ++ optional cfg.mon.enable (generateDaemonList "mon" cfg.mon.daemons { RestartSec = "10"; }) - ++ optional cfg.mds.enable (generateDaemonList "mds" cfg.mds.daemons { StartLimitBurst = "3"; }) - ++ optional cfg.osd.enable (generateDaemonList "osd" cfg.osd.daemons { StartLimitBurst = "30"; RestartSec = "20s"; }) - ++ optional cfg.rgw.enable (generateDaemonList "rgw" cfg.rgw.daemons { }) - ++ optional cfg.mgr.enable (generateDaemonList "mgr" cfg.mgr.daemons { StartLimitBurst = "3"; }); + ++ optional cfg.mon.enable (makeServices "mon" cfg.mon.daemons { RestartSec = "10"; }) + ++ optional cfg.mds.enable (makeServices "mds" cfg.mds.daemons { StartLimitBurst = "3"; }) + ++ optional cfg.osd.enable (makeServices "osd" cfg.osd.daemons { StartLimitBurst = "30"; + RestartSec = "20s"; + PrivateDevices = "no"; # osd needs disk access + }) + ++ optional cfg.rgw.enable (makeServices "rgw" cfg.rgw.daemons { }) + ++ optional cfg.mgr.enable (makeServices "mgr" cfg.mgr.daemons { StartLimitBurst = "3"; }); in mkMerge services; systemd.targets = let targets = [ - { "ceph" = { description = "Ceph target allowing to start/stop all ceph service instances at once"; }; } - ] ++ optional cfg.mon.enable (generateTargetFile "mon") - ++ optional cfg.mds.enable (generateTargetFile "mds") - ++ optional cfg.osd.enable (generateTargetFile "osd") - ++ optional cfg.rgw.enable (generateTargetFile "rgw") - ++ optional cfg.mgr.enable (generateTargetFile "mgr"); + { "ceph" = { description = "Ceph target allowing to start/stop all ceph service instances at once"; + wantedBy = [ "multi-user.target" ]; }; } + ] ++ optional cfg.mon.enable (makeTarget "mon") + ++ optional cfg.mds.enable (makeTarget "mds") + ++ optional cfg.osd.enable (makeTarget "osd") + ++ optional cfg.rgw.enable (makeTarget "rgw") + ++ optional cfg.mgr.enable (makeTarget "mgr"); in mkMerge targets; diff --git a/nixos/modules/services/web-servers/darkhttpd.nix b/nixos/modules/services/web-servers/darkhttpd.nix index 80870118c33..d6649fd472d 100644 --- a/nixos/modules/services/web-servers/darkhttpd.nix +++ b/nixos/modules/services/web-servers/darkhttpd.nix @@ -67,7 +67,7 @@ in { wantedBy = [ "multi-user.target" ]; serviceConfig = { DynamicUser = true; - ExecStart = "${cfg.package}/bin/darkhttpd ${args}"; + ExecStart = "${pkgs.darkhttpd}/bin/darkhttpd ${args}"; AmbientCapabilities = lib.mkIf (cfg.port < 1024) [ "CAP_NET_BIND_SERVICE" ]; Restart = "on-failure"; RestartSec = "2s"; diff --git a/nixos/modules/virtualisation/amazon-image.nix b/nixos/modules/virtualisation/amazon-image.nix index 1ec17586d49..aadfc5add35 100644 --- a/nixos/modules/virtualisation/amazon-image.nix +++ b/nixos/modules/virtualisation/amazon-image.nix @@ -25,6 +25,9 @@ in { assertion = cfg.hvm; message = "Paravirtualized EC2 instances are no longer supported."; } + { assertion = cfg.efi -> cfg.hvm; + message = "EC2 instances using EFI must be HVM instances."; + } ]; boot.growPartition = cfg.hvm; @@ -35,6 +38,11 @@ in autoResize = true; }; + fileSystems."/boot" = mkIf cfg.efi { + device = "/dev/disk/by-label/ESP"; + fsType = "vfat"; + }; + boot.extraModulePackages = [ config.boot.kernelPackages.ena ]; @@ -50,8 +58,10 @@ in # Generate a GRUB menu. Amazon's pv-grub uses this to boot our kernel/initrd. boot.loader.grub.version = if cfg.hvm then 2 else 1; - boot.loader.grub.device = if cfg.hvm then "/dev/xvda" else "nodev"; + boot.loader.grub.device = if (cfg.hvm && !cfg.efi) then "/dev/xvda" else "nodev"; boot.loader.grub.extraPerEntryConfig = mkIf (!cfg.hvm) "root (hd0)"; + boot.loader.grub.efiSupport = cfg.efi; + boot.loader.grub.efiInstallAsRemovable = cfg.efi; boot.loader.timeout = 0; boot.initrd.network.enable = true; diff --git a/nixos/modules/virtualisation/amazon-options.nix b/nixos/modules/virtualisation/amazon-options.nix index 15de8638bba..2e807131e93 100644 --- a/nixos/modules/virtualisation/amazon-options.nix +++ b/nixos/modules/virtualisation/amazon-options.nix @@ -1,4 +1,4 @@ -{ config, lib, ... }: +{ config, lib, pkgs, ... }: { options = { ec2 = { @@ -9,6 +9,13 @@ Whether the EC2 instance is a HVM instance. ''; }; + efi = lib.mkOption { + default = pkgs.stdenv.hostPlatform.isAarch64; + internal = true; + description = '' + Whether the EC2 instance is using EFI. + ''; + }; }; }; } diff --git a/nixos/modules/virtualisation/railcar.nix b/nixos/modules/virtualisation/railcar.nix new file mode 100644 index 00000000000..8b643e3b6d6 --- /dev/null +++ b/nixos/modules/virtualisation/railcar.nix @@ -0,0 +1,125 @@ +{ config, lib, pkgs, ... }: + +with lib; + +let + cfg = config.services.railcar; + generateUnit = name: containerConfig: + let + container = pkgs.ociTools.buildContainer { + args = [ + (pkgs.writeShellScript "run.sh" containerConfig.cmd).outPath + ]; + }; + in + nameValuePair "railcar-${name}" { + enable = true; + wantedBy = [ "multi-user.target" ]; + serviceConfig = { + ExecStart = '' + ${cfg.package}/bin/railcar -r ${cfg.stateDir} run ${name} -b ${container} + ''; + Type = containerConfig.runType; + }; + }; + mount = with types; (submodule { + options = { + type = mkOption { + type = string; + default = "none"; + description = '' + The type of the filesystem to be mounted. + Linux: filesystem types supported by the kernel as listed in + `/proc/filesystems` (e.g., "minix", "ext2", "ext3", "jfs", "xfs", + "reiserfs", "msdos", "proc", "nfs", "iso9660"). For bind mounts + (when options include either bind or rbind), the type is a dummy, + often "none" (not listed in /proc/filesystems). + ''; + }; + source = mkOption { + type = string; + description = "Source for the in-container mount"; + }; + options = mkOption { + type = loaOf (string); + default = [ "bind" ]; + description = '' + Mount options of the filesystem to be used. + + Support optoions are listed in the mount(8) man page. Note that + both filesystem-independent and filesystem-specific options + are listed. + ''; + }; + }; + }); +in +{ + options.services.railcar = { + enable = mkEnableOption "railcar"; + + containers = mkOption { + default = {}; + description = "Declarative container configuration"; + type = with types; loaOf (submodule ({ name, config, ... }: { + options = { + cmd = mkOption { + type = types.string; + description = "Command or script to run inside the container"; + }; + + mounts = mkOption { + type = with types; attrsOf mount; + default = {}; + description = '' + A set of mounts inside the container. + + The defaults have been chosen for simple bindmounts, meaning + that you only need to provide the "source" parameter. + ''; + example = '' + { "/data" = { source = "/var/lib/data"; }; } + ''; + }; + + runType = mkOption { + type = types.string; + default = "oneshot"; + description = "The systemd service run type"; + }; + + os = mkOption { + type = types.string; + default = "linux"; + description = "OS type of the container"; + }; + + arch = mkOption { + type = types.string; + default = "x86_64"; + description = "Computer architecture type of the container"; + }; + }; + })); + }; + + stateDir = mkOption { + type = types.path; + default = ''/var/railcar''; + description = "Railcar persistent state directory"; + }; + + package = mkOption { + type = types.package; + default = pkgs.railcar; + description = "Railcar package to use"; + }; + }; + + config = mkIf cfg.enable { + systemd.services = flip mapAttrs' cfg.containers (name: containerConfig: + generateUnit name containerConfig + ); + }; +} + diff --git a/nixos/release.nix b/nixos/release.nix index df2c52ccd0b..c7c60965890 100644 --- a/nixos/release.nix +++ b/nixos/release.nix @@ -196,6 +196,22 @@ in rec { ); + # A disk image that can be imported to Amazon EC2 and registered as an AMI + amazonImage = forMatchingSystems [ "x86_64-linux" "aarch64-linux" ] (system: + + with import nixpkgs { inherit system; }; + + hydraJob ((import lib/eval-config.nix { + inherit system; + modules = + [ versionModule + ./maintainers/scripts/ec2/amazon-image.nix + ]; + }).config.system.build.amazonImage) + + ); + + # Ensure that all packages used by the minimal NixOS config end up in the channel. dummy = forAllSystems (system: pkgs.runCommand "dummy" { toplevel = (import lib/eval-config.nix { diff --git a/nixos/tests/ceph.nix b/nixos/tests/ceph.nix index 7408029c460..7a6e238d915 100644 --- a/nixos/tests/ceph.nix +++ b/nixos/tests/ceph.nix @@ -1,4 +1,4 @@ -import ./make-test.nix ({pkgs, ...}: rec { +import ./make-test.nix ({pkgs, lib, ...}: rec { name = "All-in-one-basic-ceph-cluster"; meta = with pkgs.stdenv.lib.maintainers; { maintainers = [ lejonet ]; @@ -7,6 +7,7 @@ import ./make-test.nix ({pkgs, ...}: rec { nodes = { aio = { pkgs, ... }: { virtualisation = { + memorySize = 1536; emptyDiskImages = [ 20480 20480 ]; vlans = [ 1 ]; }; @@ -24,9 +25,6 @@ import ./make-test.nix ({pkgs, ...}: rec { ceph xfsprogs ]; - nixpkgs.config.packageOverrides = super: { - ceph = super.ceph.override({ nss = super.nss; libxfs = super.libxfs; libaio = super.libaio; jemalloc = super.jemalloc; }); - }; boot.kernelModules = [ "xfs" ]; @@ -51,6 +49,9 @@ import ./make-test.nix ({pkgs, ...}: rec { enable = true; daemons = [ "0" "1" ]; }; + + # So that we don't have to battle systemd when bootstraping + systemd.targets.ceph.wantedBy = lib.mkForce []; }; }; @@ -61,24 +62,26 @@ import ./make-test.nix ({pkgs, ...}: rec { # Create the ceph-related directories $aio->mustSucceed( - "mkdir -p /var/lib/ceph/mgr/ceph-aio/", - "mkdir -p /var/lib/ceph/mon/ceph-aio/", - "mkdir -p /var/lib/ceph/osd/ceph-{0..1}/", - "chown ceph:ceph -R /var/lib/ceph/" + "mkdir -p /var/lib/ceph/mgr/ceph-aio", + "mkdir -p /var/lib/ceph/mon/ceph-aio", + "mkdir -p /var/lib/ceph/osd/ceph-{0,1}", + "chown ceph:ceph -R /var/lib/ceph/", + "mkdir -p /etc/ceph", + "chown ceph:ceph -R /etc/ceph" ); # Bootstrap ceph-mon daemon $aio->mustSucceed( - "mkdir -p /var/lib/ceph/bootstrap-osd && chown ceph:ceph /var/lib/ceph/bootstrap-osd", "sudo -u ceph ceph-authtool --create-keyring /tmp/ceph.mon.keyring --gen-key -n mon. --cap mon 'allow *'", - "ceph-authtool --create-keyring /etc/ceph/ceph.client.admin.keyring --gen-key -n client.admin --set-uid=0 --cap mon 'allow *' --cap osd 'allow *' --cap mds 'allow *' --cap mgr 'allow *'", - "ceph-authtool /tmp/ceph.mon.keyring --import-keyring /etc/ceph/ceph.client.admin.keyring", - "monmaptool --create --add aio 192.168.1.1 --fsid 066ae264-2a5d-4729-8001-6ad265f50b03 /tmp/monmap", + "sudo -u ceph ceph-authtool --create-keyring /etc/ceph/ceph.client.admin.keyring --gen-key -n client.admin --cap mon 'allow *' --cap osd 'allow *' --cap mds 'allow *' --cap mgr 'allow *'", + "sudo -u ceph ceph-authtool /tmp/ceph.mon.keyring --import-keyring /etc/ceph/ceph.client.admin.keyring", + "monmaptool --create --add aio 192.168.1.1 --fsid 066ae264-2a5d-4729-8001-6ad265f50b03 /tmp/monmap", "sudo -u ceph ceph-mon --mkfs -i aio --monmap /tmp/monmap --keyring /tmp/ceph.mon.keyring", - "touch /var/lib/ceph/mon/ceph-aio/done", + "sudo -u ceph touch /var/lib/ceph/mon/ceph-aio/done", "systemctl start ceph-mon-aio" ); $aio->waitForUnit("ceph-mon-aio"); + $aio->mustSucceed("ceph mon enable-msgr2"); # Can't check ceph status until a mon is up $aio->succeed("ceph -s | grep 'mon: 1 daemons'"); @@ -90,6 +93,7 @@ import ./make-test.nix ({pkgs, ...}: rec { ); $aio->waitForUnit("ceph-mgr-aio"); $aio->waitUntilSucceeds("ceph -s | grep 'quorum aio'"); + $aio->waitUntilSucceeds("ceph -s | grep 'mgr: aio(active,'"); # Bootstrap both OSDs $aio->mustSucceed( @@ -112,8 +116,8 @@ import ./make-test.nix ({pkgs, ...}: rec { "systemctl start ceph-osd-1" ); - $aio->waitUntilSucceeds("ceph osd stat | grep '2 osds: 2 up, 2 in'"); - $aio->waitUntilSucceeds("ceph -s | grep 'mgr: aio(active)'"); + $aio->waitUntilSucceeds("ceph osd stat | grep -e '2 osds: 2 up[^,]*, 2 in'"); + $aio->waitUntilSucceeds("ceph -s | grep 'mgr: aio(active,'"); $aio->waitUntilSucceeds("ceph -s | grep 'HEALTH_OK'"); $aio->mustSucceed( @@ -135,5 +139,23 @@ import ./make-test.nix ({pkgs, ...}: rec { "ceph osd pool ls | grep 'aio-test'", "ceph osd pool delete aio-other-test aio-other-test --yes-i-really-really-mean-it" ); + + # As we disable the target in the config, we still want to test that it works as intended + $aio->mustSucceed( + "systemctl stop ceph-osd-0", + "systemctl stop ceph-osd-1", + "systemctl stop ceph-mgr-aio", + "systemctl stop ceph-mon-aio" + ); + $aio->succeed("systemctl start ceph.target"); + $aio->waitForUnit("ceph-mon-aio"); + $aio->waitForUnit("ceph-mgr-aio"); + $aio->waitForUnit("ceph-osd-0"); + $aio->waitForUnit("ceph-osd-1"); + $aio->succeed("ceph -s | grep 'mon: 1 daemons'"); + $aio->waitUntilSucceeds("ceph -s | grep 'quorum aio'"); + $aio->waitUntilSucceeds("ceph osd stat | grep -e '2 osds: 2 up[^,]*, 2 in'"); + $aio->waitUntilSucceeds("ceph -s | grep 'mgr: aio(active,'"); + $aio->waitUntilSucceeds("ceph -s | grep 'HEALTH_OK'"); ''; }) diff --git a/nixos/tests/kubernetes/base.nix b/nixos/tests/kubernetes/base.nix index 212023859f6..ec1a75e74c4 100644 --- a/nixos/tests/kubernetes/base.nix +++ b/nixos/tests/kubernetes/base.nix @@ -30,10 +30,7 @@ let { config, pkgs, lib, nodes, ... }: mkMerge [ { - boot = { - postBootCommands = "rm -fr /var/lib/kubernetes/secrets /tmp/shared/*"; - kernel.sysctl = { "fs.inotify.max_user_instances" = 256; }; - }; + boot.postBootCommands = "rm -fr /var/lib/kubernetes/secrets /tmp/shared/*"; virtualisation.memorySize = mkDefault 1536; virtualisation.diskSize = mkDefault 4096; networking = { diff --git a/nixos/tests/kubernetes/dns.nix b/nixos/tests/kubernetes/dns.nix index e7db0a58ab6..46bcb01a526 100644 --- a/nixos/tests/kubernetes/dns.nix +++ b/nixos/tests/kubernetes/dns.nix @@ -77,7 +77,6 @@ let singleNodeTest = { test = '' # prepare machine1 for test - $machine1->waitForUnit("kubernetes.target"); $machine1->waitUntilSucceeds("kubectl get node machine1.${domain} | grep -w Ready"); $machine1->waitUntilSucceeds("docker load < ${redisImage}"); $machine1->waitUntilSucceeds("kubectl create -f ${redisPod}"); @@ -103,8 +102,6 @@ let # Node token exchange $machine1->waitUntilSucceeds("cp -f /var/lib/cfssl/apitoken.secret /tmp/shared/apitoken.secret"); $machine2->waitUntilSucceeds("cat /tmp/shared/apitoken.secret | nixos-kubernetes-node-join"); - $machine1->waitForUnit("kubernetes.target"); - $machine2->waitForUnit("kubernetes.target"); # prepare machines for test $machine1->waitUntilSucceeds("kubectl get node machine2.${domain} | grep -w Ready"); diff --git a/nixos/tests/kubernetes/rbac.nix b/nixos/tests/kubernetes/rbac.nix index 967fe506004..3ce7adcd0d7 100644 --- a/nixos/tests/kubernetes/rbac.nix +++ b/nixos/tests/kubernetes/rbac.nix @@ -94,8 +94,6 @@ let singlenode = base // { test = '' - $machine1->waitForUnit("kubernetes.target"); - $machine1->waitUntilSucceeds("kubectl get node machine1.my.zyx | grep -w Ready"); $machine1->waitUntilSucceeds("docker load < ${kubectlImage}"); @@ -118,8 +116,6 @@ let # Node token exchange $machine1->waitUntilSucceeds("cp -f /var/lib/cfssl/apitoken.secret /tmp/shared/apitoken.secret"); $machine2->waitUntilSucceeds("cat /tmp/shared/apitoken.secret | nixos-kubernetes-node-join"); - $machine1->waitForUnit("kubernetes.target"); - $machine2->waitForUnit("kubernetes.target"); $machine1->waitUntilSucceeds("kubectl get node machine2.my.zyx | grep -w Ready"); diff --git a/nixos/tests/quake3.nix b/nixos/tests/quake3.nix index fbb798515e1..9ea43a71ccc 100644 --- a/nixos/tests/quake3.nix +++ b/nixos/tests/quake3.nix @@ -12,9 +12,9 @@ let # Only allow the demo data to be used (only if it's unfreeRedistributable). unfreePredicate = pkg: with pkgs.lib; let - allowDrvPredicates = [ "quake3-demo" "quake3-pointrelease" ]; + allowPackageNames = [ "quake3-demodata" "quake3-pointrelease" ]; allowLicenses = [ pkgs.lib.licenses.unfreeRedistributable ]; - in any (flip hasPrefix pkg.name) allowDrvPredicates && + in elem pkg.pname allowPackageNames && elem (pkg.meta.license or null) allowLicenses; in diff --git a/pkgs/applications/audio/sayonara/default.nix b/pkgs/applications/audio/sayonara/default.nix index 7776fa0c166..c4258174500 100644 --- a/pkgs/applications/audio/sayonara/default.nix +++ b/pkgs/applications/audio/sayonara/default.nix @@ -1,46 +1,82 @@ -{ stdenv, fetchurl, cmake, qt5, zlib, taglib, pkgconfig, pcre, gst_all_1 }: +{ mkDerivation +, cmake +, fetchgit +, gst_all_1 +, lib +, libpulseaudio +, ninja +, pcre +, pkgconfig +, qtbase +, qttools +, taglib +, zlib +}: -let - version = "1.1.1-git1-20180828"; -in -stdenv.mkDerivation { +mkDerivation rec { pname = "sayonara-player"; - inherit version; + version = "1.5.1-stable5"; - src = fetchurl { - url = "https://sayonara-player.com/sw/sayonara-player-${version}.tar.gz"; - sha256 = "0rvy47qvavrp03zjdrw025dmq9fq5aaii3q1qq8b94byarl0c5kn"; + src = fetchgit { + url = "https://git.sayonara-player.com/sayonara.git"; + rev = version; + sha256 = "13l7r3gaszrkyf4z8rdijfzxvcnilax4ki2mcm30wqk8d4g4qdzj"; }; - nativeBuildInputs = [ cmake pkgconfig ]; - buildInputs = with qt5; with gst_all_1; - [ gstreamer gst-plugins-base gst-plugins-good gst-plugins-ugly - pcre qtbase qttools taglib zlib - ]; - - # CMake Error at src/GUI/Resources/Icons/cmake_install.cmake:49 (file): - # file cannot create directory: /usr/share/icons. Maybe need administrative - # privileges. - # Call Stack (most recent call first): - # src/GUI/Resources/cmake_install.cmake:50 (include) - # src/GUI/cmake_install.cmake:50 (include) - # src/cmake_install.cmake:59 (include) - # cmake_install.cmake:42 (include) + # all this can go with version 1.5.2 postPatch = '' - substituteInPlace src/GUI/Resources/Icons/CMakeLists.txt \ - --replace "/usr/share" "$out/share" + # if we don't delete this, sayonara will look here instead of the provided taglib + rm -r src/3rdParty/taglib + + for f in \ + src/DBus/DBusNotifications.cpp \ + src/Gui/Resources/Icons/CMakeLists.txt \ + src/Utils/Utils.cpp \ + test/Util/FileHelperTest.cpp \ + ; do + + substituteInPlace $f --replace /usr $out + done + + substituteInPlace src/Components/Shutdown/Shutdown.cpp \ + --replace /usr/bin/systemctl systemctl ''; - # [ 65%] Building CXX object src/Components/Engine/CMakeFiles/say_comp_engine.dir/AbstractPipeline.cpp.o - # /tmp/nix-build-sayonara-player-1.0.0-git5-20180115.drv-0/sayonara-player/src/Components/Engine/AbstractPipeline.cpp:28:32: fatal error: gst/app/gstappsink.h: No such file or directory - # #include <gst/app/gstappsink.h> + nativeBuildInputs = [ cmake ninja pkgconfig qttools ]; + + buildInputs = [ + libpulseaudio + pcre + qtbase + taglib + zlib + ] + ++ (with gst_all_1; [ + gstreamer + gst-plugins-base + gst-plugins-good + gst-plugins-bad + gst-plugins-ugly + ]); + + # we carry the patched taglib 1.11.1 that doesn't break ogg but sayonara just + # checks for the version + cmakeFlags = [ + "-DWITH_SYSTEM_TAGLIB=ON" + ]; + + # gstreamer cannot otherwise be found NIX_CFLAGS_COMPILE = "-I${gst_all_1.gst-plugins-base.dev}/include/gstreamer-1.0"; - meta = with stdenv.lib; - { description = "Sayonara music player"; - homepage = https://sayonara-player.com/; - license = licenses.gpl3; - platforms = platforms.linux; - maintainers = [ maintainers.deepfire ]; - }; + postInstall = '' + qtWrapperArgs+=(--prefix GST_PLUGIN_SYSTEM_PATH_1_0 : "$GST_PLUGIN_SYSTEM_PATH_1_0") + ''; + + meta = with lib; { + description = "Sayonara music player"; + homepage = "https://sayonara-player.com/"; + license = licenses.gpl3; + maintainers = with maintainers; [ deepfire ]; + platforms = platforms.unix; + }; } diff --git a/pkgs/applications/audio/strawberry/default.nix b/pkgs/applications/audio/strawberry/default.nix new file mode 100644 index 00000000000..60da75d3c7e --- /dev/null +++ b/pkgs/applications/audio/strawberry/default.nix @@ -0,0 +1,91 @@ +{ mkDerivation +, stdenv +, lib +, fetchFromGitHub +, cmake +, pkgconfig +, alsaLib +, boost +, chromaprint +, fftw +, gnutls +, libcdio +, libmtp +, libpthreadstubs +, libtasn1 +, libXdmcp +, pcre +, protobuf +, sqlite +, taglib +, libpulseaudio ? null +, libselinux ? null +, libsepol ? null +, p11_kit ? null +, utillinux ? null +, qtbase +, qtx11extras +, qttools +, withGstreamer ? true +, gst_all_1 ? null +, withVlc ? true +, vlc ? null +}: + +mkDerivation rec { + pname = "strawberry"; + version = "0.6.3"; + + src = fetchFromGitHub { + owner = "jonaski"; + repo = pname; + rev = version; + sha256 = "01j5jzzicy895kg9sjy46lbcm5kvf3642d3q5wwb2fyvyq1fbcv0"; + }; + + buildInputs = [ + alsaLib + boost + chromaprint + fftw + gnutls + libcdio + libmtp + libpthreadstubs + libtasn1 + libXdmcp + pcre + protobuf + sqlite + taglib + qtbase + qtx11extras + ] + ++ lib.optionals stdenv.isLinux [ + libpulseaudio + libselinux + libsepol + p11_kit + utillinux + ] + ++ lib.optionals withGstreamer (with gst_all_1; [ + gstreamer + gst-plugins-base + gst-plugins-good + ]) + ++ lib.optional withVlc vlc; + + nativeBuildInputs = [ cmake pkgconfig qttools ]; + + cmakeFlags = [ + "-DUSE_SYSTEM_TAGLIB=ON" + ]; + + meta = with lib; { + description = "Music player and music collection organizer"; + license = licenses.gpl2; + maintainers = with maintainers; [ peterhoeg ]; + # upstream says darwin should work but they lack maintainers as of 0.6.3 + platforms = platforms.linux; + }; +} diff --git a/pkgs/applications/blockchains/go-ethereum.nix b/pkgs/applications/blockchains/go-ethereum.nix index 740ecfa228f..5f347fe91e9 100644 --- a/pkgs/applications/blockchains/go-ethereum.nix +++ b/pkgs/applications/blockchains/go-ethereum.nix @@ -2,7 +2,7 @@ buildGoPackage rec { pname = "go-ethereum"; - version = "1.9.2"; + version = "1.9.3"; goPackagePath = "github.com/ethereum/go-ethereum"; @@ -17,7 +17,7 @@ buildGoPackage rec { owner = "ethereum"; repo = pname; rev = "v${version}"; - sha256 = "0lymwylh4j63fzj9jy7mcw676a2ksgpsj9mazif1r3d2q73h9m88"; + sha256 = "0lv6gxp34j26hqazcvyr4c7rsl1vljm6cfzkcmlapsjdgym505bg"; }; meta = with stdenv.lib; { diff --git a/pkgs/applications/editors/vscode/vscode.nix b/pkgs/applications/editors/vscode/vscode.nix index 369ed772890..75abb563c5a 100644 --- a/pkgs/applications/editors/vscode/vscode.nix +++ b/pkgs/applications/editors/vscode/vscode.nix @@ -11,13 +11,13 @@ let archive_fmt = if system == "x86_64-darwin" then "zip" else "tar.gz"; sha256 = { - "x86_64-linux" = "1np7j6xv0bxmq7762ml0h6pib8963s2vdmyvigi0fz2iik92zv8z"; - "x86_64-darwin" = "0f87cv1sbcvix9f7hhw0vsypp0bf627xdyh4bmh0g41k17ls8wvc"; + "x86_64-linux" = "1iz36nhkg78346g5407df6jv4d1ydb22hhgs8hiaxql3hq5z7x3q"; + "x86_64-darwin" = "1iijk0kx90rax39iradbbafyvd3vwnzsgvyb3s13asy42pbhhkky"; }.${system}; in callPackage ./generic.nix rec { - version = "1.37.1"; + version = "1.38.0"; pname = "vscode"; executableName = "code" + lib.optionalString isInsiders "-insiders"; diff --git a/pkgs/applications/editors/vscode/vscodium.nix b/pkgs/applications/editors/vscode/vscodium.nix index 49472fde464..f06cf18e4ec 100644 --- a/pkgs/applications/editors/vscode/vscodium.nix +++ b/pkgs/applications/editors/vscode/vscodium.nix @@ -11,13 +11,13 @@ let archive_fmt = if system == "x86_64-darwin" then "zip" else "tar.gz"; sha256 = { - "x86_64-linux" = "0j6188gm66bwffyg0vn3ak8242vs2vb2cw92b9wfkiml6sfg555n"; - "x86_64-darwin" = "0iblg0hn6jdds7d2hzp0icb5yh6hhw3fd5g4iim64ibi7lpwj2cj"; + "x86_64-linux" = "09rq5jx7aicwp3qqi5pcv6bmyyp1rm5cfa96hvy3f4grhq1fi132"; + "x86_64-darwin" = "1y1lbb3q5myaz7jg21x5sl0in8wr46brqj9zyrg3f16zahsagzr4"; }.${system}; in callPackage ./generic.nix rec { - version = "1.37.1"; + version = "1.38.0"; pname = "vscodium"; executableName = "codium"; diff --git a/pkgs/applications/graphics/azpainter/default.nix b/pkgs/applications/graphics/azpainter/default.nix new file mode 100644 index 00000000000..b2060f5db31 --- /dev/null +++ b/pkgs/applications/graphics/azpainter/default.nix @@ -0,0 +1,38 @@ +{ stdenv, fetchFromGitHub, autoreconfHook +, libX11, libXext, libXi +, freetype, fontconfig +, libpng, libjpeg +, zlib +}: + +stdenv.mkDerivation rec { + pname = "azpainter"; + version = "2.1.4"; + + src = fetchFromGitHub { + owner = "Symbian9"; + repo = pname; + rev = "refs/tags/v${version}"; + sha256 = "1hrr9lhsbjyzar3nxvli6cazr7zhyzh0p8hwpg4g9ga6njs8vi8m"; + }; + + nativeBuildInputs = [ autoreconfHook ]; + + buildInputs = [ + libX11 libXext libXi + freetype fontconfig + libpng libjpeg + zlib + ]; + + configureFlags = [ + "--with-freetype-dir=${stdenv.lib.getDev freetype}/include/freetype2" + ]; + + meta = with stdenv.lib; { + description = "Full color painting software for illustration drawing"; + homepage = "https://osdn.net/projects/azpainter"; + license = licenses.gpl3Plus; + maintainers = with maintainers; [ dtzWill ]; + }; +} diff --git a/pkgs/applications/misc/calibre/default.nix b/pkgs/applications/misc/calibre/default.nix index b4c8bbb3f31..dd85156b3ef 100644 --- a/pkgs/applications/misc/calibre/default.nix +++ b/pkgs/applications/misc/calibre/default.nix @@ -6,11 +6,11 @@ mkDerivation rec { pname = "calibre"; - version = "3.47.0"; + version = "3.47.1"; src = fetchurl { url = "https://download.calibre-ebook.com/${version}/${pname}-${version}.tar.xz"; - sha256 = "0mjj47w9pa7ihycialijrfq2qk107dcxwcwriz3b2mg4lixlawy4"; + sha256 = "17lz6rawlv268vv8i5kj59rswsipq3c14066adaz1paw54zr62dk"; }; patches = [ @@ -105,7 +105,7 @@ mkDerivation rec { disallowedReferences = [ podofo.dev ]; calibreDesktopItem = makeDesktopItem { - name = "calibre"; + name = "calibre-gui"; desktopName = "calibre"; exec = "@out@/bin/calibre --detach %F"; genericName = "E-book library management"; @@ -151,7 +151,7 @@ mkDerivation rec { }; ebookEditDesktopItem = makeDesktopItem { - name = "calibre-edit-ebook"; + name = "calibre-edit-book"; desktopName = "Edit E-book"; genericName = "E-book Editor"; comment = "Edit e-books"; diff --git a/pkgs/applications/misc/dbeaver/default.nix b/pkgs/applications/misc/dbeaver/default.nix index d8cf86461ac..2e821701216 100644 --- a/pkgs/applications/misc/dbeaver/default.nix +++ b/pkgs/applications/misc/dbeaver/default.nix @@ -7,7 +7,7 @@ stdenv.mkDerivation rec { pname = "dbeaver-ce"; - version = "6.1.4"; + version = "6.1.5"; desktopItem = makeDesktopItem { name = "dbeaver"; @@ -30,7 +30,7 @@ stdenv.mkDerivation rec { src = fetchurl { url = "https://dbeaver.io/files/${version}/dbeaver-ce-${version}-linux.gtk.x86_64.tar.gz"; - sha256 = "1l4skcannbzddhm773dm3hwv3a7b3xy569gydcfczgdlgzgmlfjq"; + sha256 = "0lkycm1152wd56i1hjq7q3sd05h51fyz99qr2n65lwi33vz2qk9m"; }; installPhase = '' @@ -65,6 +65,6 @@ stdenv.mkDerivation rec { ''; license = licenses.asl20; platforms = [ "x86_64-linux" ]; - maintainers = [ maintainers.samueldr ]; + maintainers = [ maintainers.jojosch ]; }; } diff --git a/pkgs/applications/misc/evtest/default.nix b/pkgs/applications/misc/evtest/default.nix index 3d715a1d16b..d6d20367b06 100644 --- a/pkgs/applications/misc/evtest/default.nix +++ b/pkgs/applications/misc/evtest/default.nix @@ -1,14 +1,15 @@ { stdenv, fetchgit, autoreconfHook, pkgconfig, libxml2 }: stdenv.mkDerivation rec { - name = "evtest-1.33"; + pname = "evtest"; + version = "1.34"; nativeBuildInputs = [ autoreconfHook pkgconfig ]; buildInputs = [ libxml2 ]; src = fetchgit { - url = "git://anongit.freedesktop.org/evtest"; - rev = "refs/tags/evtest-1.33"; + url = "git://anongit.freedesktop.org/${pname}"; + rev = "refs/tags/${pname}-${version}"; sha256 = "168gdhzj11f4nk94a6z696sm8v1njzwww69bn6wr97l17897913g"; }; diff --git a/pkgs/applications/misc/josm/default.nix b/pkgs/applications/misc/josm/default.nix index 56b28dbc8db..4b70530987f 100644 --- a/pkgs/applications/misc/josm/default.nix +++ b/pkgs/applications/misc/josm/default.nix @@ -2,11 +2,11 @@ stdenv.mkDerivation rec { pname = "josm"; - version = "15238"; + version = "15322"; src = fetchurl { url = "https://josm.openstreetmap.de/download/josm-snapshot-${version}.jar"; - sha256 = "0zh84glb4545av0s1qnccqqp8nrnfsr7rnwgbqpwwzvc2ngk91gv"; + sha256 = "1i6cxs6rvqjwh7yfji5701xdzpnaxcv97gsd692fjrwasnsx1f1i"; }; buildInputs = [ jdk11 makeWrapper ]; diff --git a/pkgs/applications/misc/michabo/default.nix b/pkgs/applications/misc/michabo/default.nix new file mode 100644 index 00000000000..015a326fdc9 --- /dev/null +++ b/pkgs/applications/misc/michabo/default.nix @@ -0,0 +1,53 @@ +{ lib +, mkDerivation +, makeDesktopItem +, fetchFromGitLab +, qmake +# qt +, qtbase +, qtwebsockets +}: + +let + desktopItem = makeDesktopItem { + type = "Application"; + name = "Michabo"; + desktopName = "Michabo"; + exec = "Michabo"; + }; + +in mkDerivation rec { + pname = "michabo"; + version = "0.1"; + + src = fetchFromGitLab { + domain = "git.pleroma.social"; + owner = "kaniini"; + repo = "michabo"; + rev = "v${version}"; + sha256 = "0pl4ymdb36r0kwlclfjjp6b1qml3fm9ql7ag5inprny5y8vcjpzn"; + }; + + nativeBuildInputs = [ + qmake + ]; + buildInputs = [ + qtbase + qtwebsockets + ]; + + qmakeFlags = [ "michabo.pro" "DESTDIR=${placeholder "out"}/bin" ]; + + postInstall = '' + ln -s ${desktopItem}/share $out/share + ''; + + meta = with lib; { + description = "A native desktop app for Pleroma and Mastodon servers"; + homepage = "https://git.pleroma.social/kaniini/michabo"; + license = licenses.gpl3; + maintainers = with maintainers; [ fgaz ]; + platforms = platforms.all; + }; +} + diff --git a/pkgs/applications/misc/taskell/default.nix b/pkgs/applications/misc/taskell/default.nix index 00b96f459cb..702c3124d8a 100644 --- a/pkgs/applications/misc/taskell/default.nix +++ b/pkgs/applications/misc/taskell/default.nix @@ -1,8 +1,8 @@ { lib, haskellPackages, fetchFromGitHub }: let - version = "1.6.0"; - sha256 = "1yq7lbqg759i3hyxcskx3924b7xmw6i4ny6n8yq80k4hikw2k6mf"; + version = "1.6.1"; + sha256 = "047gvpq52pif9sfb4qcfdiwz50x3wlnjvsnnjzypm1qlwyl2rbz1"; in (haskellPackages.mkDerivation { pname = "taskell"; diff --git a/pkgs/applications/networking/browsers/links2/default.nix b/pkgs/applications/networking/browsers/links2/default.nix index f2cc277f3da..7bb443e22c3 100644 --- a/pkgs/applications/networking/browsers/links2/default.nix +++ b/pkgs/applications/networking/browsers/links2/default.nix @@ -8,12 +8,12 @@ }: stdenv.mkDerivation rec { - version = "2.19"; + version = "2.20"; pname = "links2"; src = fetchurl { url = "${meta.homepage}/download/links-${version}.tar.bz2"; - sha256 = "02ls11c02p7xvsdjyb43rrzr850i1yly003r812z0w5vv5yqqxbh"; + sha256 = "0bchwqa87dc8cb55spyybkqpc456pp4x2n9aw587wr7pn96cvp9v"; }; buildInputs = with stdenv.lib; diff --git a/pkgs/applications/networking/browsers/vivaldi/default.nix b/pkgs/applications/networking/browsers/vivaldi/default.nix index 246c5e7e60d..6483b6d03e3 100644 --- a/pkgs/applications/networking/browsers/vivaldi/default.nix +++ b/pkgs/applications/networking/browsers/vivaldi/default.nix @@ -17,11 +17,11 @@ let vivaldiName = if isSnapshot then "vivaldi-snapshot" else "vivaldi"; in stdenv.mkDerivation rec { pname = "vivaldi"; - version = "2.7.1628.30-1"; + version = "2.7.1628.33-1"; src = fetchurl { url = "https://downloads.vivaldi.com/${branch}/vivaldi-${branch}_${version}_amd64.deb"; - sha256 = "1lz8adwiwll8g246s5pa0ipfraph51s9f4lcfysdrp1s3s1qhw8x"; + sha256 = "1km5ccxqyd5xgmzm42zca670jf7wd4j7c726fhyj4wjni71zar34"; }; unpackPhase = '' diff --git a/pkgs/applications/networking/cluster/kubernetes/default.nix b/pkgs/applications/networking/cluster/kubernetes/default.nix index e4adabd7581..d665693439f 100644 --- a/pkgs/applications/networking/cluster/kubernetes/default.nix +++ b/pkgs/applications/networking/cluster/kubernetes/default.nix @@ -15,13 +15,13 @@ with lib; stdenv.mkDerivation rec { pname = "kubernetes"; - version = "1.14.3"; + version = "1.15.3"; src = fetchFromGitHub { owner = "kubernetes"; repo = "kubernetes"; rev = "v${version}"; - sha256 = "1r31ssf8bdbz8fdsprhkc34jqhz5rcs3ixlf0mbjcbq0xr7y651z"; + sha256 = "0vamr7m8i5svmvb0z01cngv3sffdfjj0bky2zalm7cfnapib8vz1"; }; buildInputs = [ removeReferencesTo makeWrapper which go rsync go-bindata ]; @@ -29,7 +29,10 @@ stdenv.mkDerivation rec { outputs = ["out" "man" "pause"]; postPatch = '' - substituteInPlace "hack/lib/golang.sh" --replace "_cgo" "" + # go env breaks the sandbox + substituteInPlace "hack/lib/golang.sh" \ + --replace 'echo "$(go env GOHOSTOS)/$(go env GOHOSTARCH)"' 'echo "${go.GOOS}/${go.GOARCH}"' + substituteInPlace "hack/update-generated-docs.sh" --replace "make" "make SHELL=${stdenv.shell}" # hack/update-munge-docs.sh only performs some tests on the documentation. # They broke building k8s; disabled for now. @@ -52,13 +55,12 @@ stdenv.mkDerivation rec { cp build/pause/pause "$pause/bin/pause" cp -R docs/man/man1 "$man/share/man" - cp cluster/addons/addon-manager/namespace.yaml $out/share cp cluster/addons/addon-manager/kube-addons.sh $out/bin/kube-addons patchShebangs $out/bin/kube-addons - substituteInPlace $out/bin/kube-addons \ - --replace /opt/namespace.yaml $out/share/namespace.yaml wrapProgram $out/bin/kube-addons --set "KUBECTL_BIN" "$out/bin/kubectl" + cp ${./mk-docker-opts.sh} $out/bin/mk-docker-opts.sh + $out/bin/kubectl completion bash > $out/share/bash-completion/completions/kubectl $out/bin/kubectl completion zsh > $out/share/zsh/site-functions/_kubectl ''; diff --git a/pkgs/applications/networking/cluster/kubernetes/mk-docker-opts.sh b/pkgs/applications/networking/cluster/kubernetes/mk-docker-opts.sh new file mode 100755 index 00000000000..22a459f5134 --- /dev/null +++ b/pkgs/applications/networking/cluster/kubernetes/mk-docker-opts.sh @@ -0,0 +1,113 @@ +#!/usr/bin/env bash + +# Copyright 2014 The Kubernetes Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Generate Docker daemon options based on flannel env file. + +# exit on any error +set -e + +usage() { + echo "$0 [-f FLANNEL-ENV-FILE] [-d DOCKER-ENV-FILE] [-i] [-c] [-m] [-k COMBINED-KEY] + +Generate Docker daemon options based on flannel env file +OPTIONS: + -f Path to flannel env file. Defaults to /run/flannel/subnet.env + -d Path to Docker env file to write to. Defaults to /run/docker_opts.env + -i Output each Docker option as individual var. e.g. DOCKER_OPT_MTU=1500 + -c Output combined Docker options into DOCKER_OPTS var + -k Set the combined options key to this value (default DOCKER_OPTS=) + -m Do not output --ip-masq (useful for older Docker version) +" >/dev/stderr + exit 1 +} + +flannel_env="/run/flannel/subnet.env" +docker_env="/run/docker_opts.env" +combined_opts_key="DOCKER_OPTS" +indiv_opts=false +combined_opts=false +ipmasq=true +val="" + +while getopts "f:d:icmk:" opt; do + case $opt in + f) + flannel_env=$OPTARG + ;; + d) + docker_env=$OPTARG + ;; + i) + indiv_opts=true + ;; + c) + combined_opts=true + ;; + m) + ipmasq=false + ;; + k) + combined_opts_key=$OPTARG + ;; + \?) + usage + ;; + esac +done + +if [[ $indiv_opts = false ]] && [[ $combined_opts = false ]]; then + indiv_opts=true + combined_opts=true +fi + +if [[ -f "${flannel_env}" ]]; then + source "${flannel_env}" +fi + +if [[ -n "$FLANNEL_SUBNET" ]]; then + # shellcheck disable=SC2034 # Variable name referenced in OPT_LOOP below + DOCKER_OPT_BIP="--bip=$FLANNEL_SUBNET" +fi + +if [[ -n "$FLANNEL_MTU" ]]; then + # shellcheck disable=SC2034 # Variable name referenced in OPT_LOOP below + DOCKER_OPT_MTU="--mtu=$FLANNEL_MTU" +fi + +if [[ "$FLANNEL_IPMASQ" = true ]] && [[ $ipmasq = true ]]; then + # shellcheck disable=SC2034 # Variable name referenced in OPT_LOOP below + DOCKER_OPT_IPMASQ="--ip-masq=false" +fi + +eval docker_opts="\$${combined_opts_key}" +docker_opts+=" " + +echo -n "" >"${docker_env}" + +# OPT_LOOP +for opt in $(compgen -v DOCKER_OPT_); do + eval val=\$"${opt}" + + if [[ "$indiv_opts" = true ]]; then + echo "$opt=\"$val\"" >>"${docker_env}" + fi + + docker_opts+="$val " +done + +if [[ "$combined_opts" = true ]]; then + echo "${combined_opts_key}=\"${docker_opts}\"" >>"${docker_env}" +fi diff --git a/pkgs/applications/networking/cluster/terraform/default.nix b/pkgs/applications/networking/cluster/terraform/default.nix index de1e86fa073..9c07760355c 100644 --- a/pkgs/applications/networking/cluster/terraform/default.nix +++ b/pkgs/applications/networking/cluster/terraform/default.nix @@ -97,8 +97,8 @@ in rec { terraform_0_11-full = terraform_0_11.full; terraform_0_12 = pluggable (generic { - version = "0.12.7"; - sha256 = "09zsak1a9z2mk88vb6xs9jaxfpazhs0p7x68mw62c9mm13m8kq02"; + version = "0.12.8"; + sha256 = "1qlhbn6xj2nd8gwr6aiyjsb62qmj4j9jnxab006xgdr1avvl2p67"; patches = [ ./provider-path.patch ]; passthru = { inherit plugins; }; }); diff --git a/pkgs/applications/networking/instant-messengers/discord/default.nix b/pkgs/applications/networking/instant-messengers/discord/default.nix index 1d9d645b0ed..f5883875fcd 100644 --- a/pkgs/applications/networking/instant-messengers/discord/default.nix +++ b/pkgs/applications/networking/instant-messengers/discord/default.nix @@ -27,10 +27,10 @@ in { pname = "discord-canary"; binaryName = "DiscordCanary"; desktopName = "Discord Canary"; - version = "0.0.95"; + version = "0.0.96"; src = fetchurl { - url = "https://dl-canary.discordapp.net/apps/linux/0.0.95/discord-canary-0.0.95.tar.gz"; - sha256 = "06qhm73kc88pq0lgbi7qjy4gx9ighkmx128fdm1dpzfv62fjdasw"; + url = "https://dl-canary.discordapp.net/apps/linux/0.0.96/discord-canary-0.0.96.tar.gz"; + sha256 = "1fxyh9v5xglwbgr5sidn0cv70qpzcd2q240wsv87k3nawhvfcwsp"; }; }; }.${branch} diff --git a/pkgs/applications/networking/instant-messengers/signal-desktop/default.nix b/pkgs/applications/networking/instant-messengers/signal-desktop/default.nix index c97a908d33d..f60e87affcf 100644 --- a/pkgs/applications/networking/instant-messengers/signal-desktop/default.nix +++ b/pkgs/applications/networking/instant-messengers/signal-desktop/default.nix @@ -2,7 +2,7 @@ , gnome2, gtk3, atk, at-spi2-atk, cairo, pango, gdk-pixbuf, glib, freetype, fontconfig , dbus, libX11, xorg, libXi, libXcursor, libXdamage, libXrandr, libXcomposite , libXext, libXfixes, libXrender, libXtst, libXScrnSaver, nss, nspr, alsaLib -, cups, expat, udev, libnotify, libuuid +, cups, expat, udev, libnotify, libuuid, at-spi2-core # Unfortunately this also overwrites the UI language (not just the spell # checking language!): , hunspellDicts, spellcheckerLanguage ? null # E.g. "de_DE" @@ -25,6 +25,7 @@ let alsaLib atk at-spi2-atk + at-spi2-core cairo cups dbus @@ -57,11 +58,11 @@ let in stdenv.mkDerivation rec { pname = "signal-desktop"; - version = "1.26.2"; + version = "1.27.1"; src = fetchurl { url = "https://updates.signal.org/desktop/apt/pool/main/s/signal-desktop/signal-desktop_${version}_amd64.deb"; - sha256 = "08qx7k82x6ybqi3lln6ixzmdz4sr8yz8vfx0y408b85wjfc7ncjk"; + sha256 = "16fg60c5r7zcjs8ya6jk33l5kz8m21y9a1si3i0a2dvyaclz4a3q"; }; phases = [ "unpackPhase" "installPhase" ]; diff --git a/pkgs/applications/networking/irc/weechat/default.nix b/pkgs/applications/networking/irc/weechat/default.nix index 3f8ad762218..31f2a7e6a27 100644 --- a/pkgs/applications/networking/irc/weechat/default.nix +++ b/pkgs/applications/networking/irc/weechat/default.nix @@ -6,21 +6,21 @@ , guileSupport ? true, guile , luaSupport ? true, lua5 , perlSupport ? true, perl -, pythonSupport ? true, pythonPackages +, pythonSupport ? true, python3Packages , rubySupport ? true, ruby , tclSupport ? true, tcl , extraBuildInputs ? [] }: let - inherit (pythonPackages) python; + inherit (python3Packages) python; plugins = [ { name = "perl"; enabled = perlSupport; cmakeFlag = "ENABLE_PERL"; buildInputs = [ perl ]; } { name = "tcl"; enabled = tclSupport; cmakeFlag = "ENABLE_TCL"; buildInputs = [ tcl ]; } { name = "ruby"; enabled = rubySupport; cmakeFlag = "ENABLE_RUBY"; buildInputs = [ ruby ]; } { name = "guile"; enabled = guileSupport; cmakeFlag = "ENABLE_GUILE"; buildInputs = [ guile ]; } { name = "lua"; enabled = luaSupport; cmakeFlag = "ENABLE_LUA"; buildInputs = [ lua5 ]; } - { name = "python"; enabled = pythonSupport; cmakeFlag = "ENABLE_PYTHON"; buildInputs = [ python ]; } + { name = "python"; enabled = pythonSupport; cmakeFlag = "ENABLE_PYTHON3"; buildInputs = [ python ]; } ]; enabledPlugins = builtins.filter (p: p.enabled) plugins; diff --git a/pkgs/applications/networking/irc/weechat/scripts/default.nix b/pkgs/applications/networking/irc/weechat/scripts/default.nix index cd9ecbf4337..81ee484f3b3 100644 --- a/pkgs/applications/networking/irc/weechat/scripts/default.nix +++ b/pkgs/applications/networking/irc/weechat/scripts/default.nix @@ -1,17 +1,13 @@ -{ callPackage, luaPackages, pythonPackages }: +{ callPackage, luaPackages }: { - weechat-xmpp = callPackage ./weechat-xmpp { - inherit (pythonPackages) pydns; - }; - weechat-matrix-bridge = callPackage ./weechat-matrix-bridge { inherit (luaPackages) cjson luaffi; }; - wee-slack = callPackage ./wee-slack { - inherit pythonPackages; - }; + wee-slack = callPackage ./wee-slack { }; weechat-autosort = callPackage ./weechat-autosort { }; + + weechat-otr = callPackage ./weechat-otr { }; } diff --git a/pkgs/applications/networking/irc/weechat/scripts/wee-slack/default.nix b/pkgs/applications/networking/irc/weechat/scripts/wee-slack/default.nix index 49616671507..6811cb164e0 100644 --- a/pkgs/applications/networking/irc/weechat/scripts/wee-slack/default.nix +++ b/pkgs/applications/networking/irc/weechat/scripts/wee-slack/default.nix @@ -1,4 +1,4 @@ -{ stdenv, substituteAll, buildEnv, fetchFromGitHub, pythonPackages }: +{ stdenv, substituteAll, buildEnv, fetchFromGitHub, python3Packages }: stdenv.mkDerivation rec { pname = "wee-slack"; @@ -16,8 +16,8 @@ stdenv.mkDerivation rec { src = ./libpath.patch; env = "${buildEnv { name = "wee-slack-env"; - paths = with pythonPackages; [ websocket_client six ]; - }}/${pythonPackages.python.sitePackages}"; + paths = with python3Packages; [ websocket_client six ]; + }}/${python3Packages.python.sitePackages}"; }) ]; diff --git a/pkgs/applications/networking/irc/weechat/scripts/weechat-otr/default.nix b/pkgs/applications/networking/irc/weechat/scripts/weechat-otr/default.nix new file mode 100644 index 00000000000..9682aa3169a --- /dev/null +++ b/pkgs/applications/networking/irc/weechat/scripts/weechat-otr/default.nix @@ -0,0 +1,64 @@ +{ stdenv, substituteAll, buildEnv, fetchgit, fetchFromGitHub, python3Packages, gmp }: + +let + # pure-python-otr (potr) requires an older version of pycrypto, which is + # not compatible with pycryptodome. Therefore, the latest patched version + # of pycrypto will be fetched from the Debian project. + # https://security-tracker.debian.org/tracker/source-package/python-crypto + + pycrypto = python3Packages.buildPythonPackage rec { + pname = "pycrypto"; + version = "2.6.1-10"; + + src = fetchgit { + url = "https://salsa.debian.org/sramacher/python-crypto.git"; + rev = "debian/${version}"; + sha256 = "10rgq8bmjfpiqqa1g1p1hh7pxlxs7x0nawvk6zip0pd6x2vsr661"; + }; + + buildInputs = [ gmp ]; + + preConfigure = '' + sed -i 's,/usr/include,/no-such-dir,' configure + sed -i "s!,'/usr/include/'!!" setup.py + ''; + }; + + potr = python3Packages.potr.overridePythonAttrs (oldAttrs: { + propagatedBuildInputs = [ pycrypto ]; + }); +in stdenv.mkDerivation rec { + pname = "weechat-otr"; + version = "1.9.2"; + + src = fetchFromGitHub { + repo = pname; + owner = "mmb"; + rev = "v${version}"; + sha256 = "1lngv98y6883vk8z2628cl4d5y8jxy39w8245gjdvshl8g18k5s2"; + }; + + patches = [ + (substituteAll { + src = ./libpath.patch; + env = "${buildEnv { + name = "weechat-otr-env"; + paths = [ potr pycrypto ]; + }}/${python3Packages.python.sitePackages}"; + }) + ]; + + passthru.scripts = [ "weechat_otr.py" ]; + + installPhase = '' + mkdir -p $out/share + cp weechat_otr.py $out/share/weechat_otr.py + ''; + + meta = with stdenv.lib; { + homepage = "https://github.com/mmb/weechat-otr"; + license = licenses.gpl3; + maintainers = with maintainers; [ geistesk ]; + description = "WeeChat script for Off-the-Record messaging"; + }; +} diff --git a/pkgs/applications/networking/irc/weechat/scripts/weechat-otr/libpath.patch b/pkgs/applications/networking/irc/weechat/scripts/weechat-otr/libpath.patch new file mode 100644 index 00000000000..a7b77ed9b60 --- /dev/null +++ b/pkgs/applications/networking/irc/weechat/scripts/weechat-otr/libpath.patch @@ -0,0 +1,13 @@ +diff --git a/weechat_otr.py b/weechat_otr.py +index 0ccfb35..c42bebf 100644 +--- a/weechat_otr.py ++++ b/weechat_otr.py +@@ -41,6 +41,8 @@ import shlex + import shutil + import sys + ++sys.path.append('@env@') ++ + import potr + import weechat + diff --git a/pkgs/applications/networking/irc/weechat/scripts/weechat-xmpp/default.nix b/pkgs/applications/networking/irc/weechat/scripts/weechat-xmpp/default.nix deleted file mode 100644 index dad5b9c5e02..00000000000 --- a/pkgs/applications/networking/irc/weechat/scripts/weechat-xmpp/default.nix +++ /dev/null @@ -1,36 +0,0 @@ -{ stdenv, fetchFromGitHub, xmpppy, pydns, substituteAll, buildEnv }: - -stdenv.mkDerivation { - name = "weechat-jabber-2017-08-30"; - - src = fetchFromGitHub { - repo = "weechat-xmpp"; - owner = "sleduc"; - sha256 = "0s02xs0ynld9cxxzj07al364sfglyc5ir1i82133mq0s8cpphnxv"; - rev = "8f6c21f5a160c9318c7a2d8fd5dcac7ab2e0d843"; - }; - - installPhase = '' - mkdir -p $out/share - cp jabber.py $out/share/jabber.py - ''; - - patches = [ - (substituteAll { - src = ./libpath.patch; - env = "${buildEnv { - name = "weechat-xmpp-env"; - paths = [ pydns xmpppy ]; - }}/lib/python2.7/site-packages"; - }) - ]; - - passthru.scripts = [ "jabber.py" ]; - - meta = with stdenv.lib; { - description = "A fork of the jabber plugin for weechat"; - homepage = "https://github.com/sleduc/weechat-xmpp"; - maintainers = with maintainers; [ ma27 ]; - license = licenses.gpl3Plus; - }; -} diff --git a/pkgs/applications/networking/irc/weechat/scripts/weechat-xmpp/libpath.patch b/pkgs/applications/networking/irc/weechat/scripts/weechat-xmpp/libpath.patch deleted file mode 100644 index 372c83944a2..00000000000 --- a/pkgs/applications/networking/irc/weechat/scripts/weechat-xmpp/libpath.patch +++ /dev/null @@ -1,16 +0,0 @@ -diff --git a/jabber.py b/jabber.py -index 27006a3..e53c2c0 100644 ---- a/jabber.py -+++ b/jabber.py -@@ -95,6 +95,11 @@ SCRIPT_COMMAND = SCRIPT_NAME - import re - import warnings - -+import sys -+ -+sys.path.append('@env@') -+ -+ - import_ok = True - - try: diff --git a/pkgs/applications/networking/irc/weechat/wrapper.nix b/pkgs/applications/networking/irc/weechat/wrapper.nix index e6fa95488e1..5c06bb8517a 100644 --- a/pkgs/applications/networking/irc/weechat/wrapper.nix +++ b/pkgs/applications/networking/irc/weechat/wrapper.nix @@ -1,5 +1,5 @@ { lib, runCommand, writeScriptBin, buildEnv -, pythonPackages, perlPackages, runtimeShell +, python3Packages, perlPackages, runtimeShell }: weechat: @@ -17,11 +17,11 @@ let in rec { python = (simplePlugin "python") // { extraEnv = '' - export PATH="${pythonPackages.python}/bin:$PATH" + export PATH="${python3Packages.python}/bin:$PATH" ''; withPackages = pkgsFun: (python // { extraEnv = '' - export PYTHONHOME="${pythonPackages.python.withPackages pkgsFun}" + export PYTHONHOME="${python3Packages.python.withPackages pkgsFun}" ''; }); }; diff --git a/pkgs/applications/science/biology/xenomapper/default.nix b/pkgs/applications/science/biology/xenomapper/default.nix new file mode 100644 index 00000000000..cc235c4ca99 --- /dev/null +++ b/pkgs/applications/science/biology/xenomapper/default.nix @@ -0,0 +1,23 @@ +{buildPythonPackage, lib, fetchFromGitHub, statistics}: + +buildPythonPackage rec { + pname = "xenomapper"; + version = "1.0.2"; + + src = fetchFromGitHub { + owner = "genomematt"; + repo = pname; + rev = "v${version}"; + sha256 = "0mnmfzlq5mhih6z8dq5bkx95vb8whjycz9mdlqwbmlqjb3gb3zhr"; + }; + + propagatedBuildInputs = [ statistics ]; + + meta = with lib; { + homepage = "http://github.com/genomematt/xenomapper"; + description = "A utility for post processing mapped reads that have been aligned to a primary genome and a secondary genome and binning reads into species specific, multimapping in each species, unmapped and unassigned bins"; + license = licenses.gpl3; + platforms = platforms.all; + maintainers = [ maintainers.jbedo ]; + }; +} diff --git a/pkgs/applications/video/kodi/default.nix b/pkgs/applications/video/kodi/default.nix index 73bcdadbc59..03557209975 100644 --- a/pkgs/applications/video/kodi/default.nix +++ b/pkgs/applications/video/kodi/default.nix @@ -43,15 +43,15 @@ assert vdpauSupport -> libvdpau != null; assert useWayland -> wayland != null && wayland-protocols != null && waylandpp != null && libxkbcommon != null; let - kodiReleaseDate = "20190627"; - kodiVersion = "18.3"; + kodiReleaseDate = "20190901"; + kodiVersion = "18.4"; rel = "Leia"; kodi_src = fetchFromGitHub { owner = "xbmc"; repo = "xbmc"; rev = "${kodiVersion}-${rel}"; - sha256 = "18fbl5hs3aqccrn0m3x7hp95wlafjav0yvrwmb5q3gj24mwf6jld"; + sha256 = "1m0295czxabdcqyqf5m94av9d88pzhnzjvyfs1q07xqq82h313p7"; }; cmakeProto = fetchurl { diff --git a/pkgs/applications/video/mkvtoolnix/default.nix b/pkgs/applications/video/mkvtoolnix/default.nix index 42b40ade271..04ddbbb8c06 100644 --- a/pkgs/applications/video/mkvtoolnix/default.nix +++ b/pkgs/applications/video/mkvtoolnix/default.nix @@ -13,13 +13,13 @@ with stdenv.lib; stdenv.mkDerivation rec { pname = "mkvtoolnix"; - version = "36.0.0"; + version = "37.0.0"; src = fetchFromGitLab { owner = "mbunkus"; repo = "mkvtoolnix"; rev = "release-${version}"; - sha256 = "114j9n2m6dkh7vqzyhcsjzzffadr0lzyjmh31cbl4mvvkg9j5z6r"; + sha256 = "0r1qzvqc6xx7rmv4v4fjc70cqy832h8v0fjf6c5ljbg1c6pgkl0l"; }; nativeBuildInputs = [ diff --git a/pkgs/applications/virtualization/docker-compose/default.nix b/pkgs/applications/virtualization/docker-compose/default.nix index 2d983d009f1..b1c42b099b6 100644 --- a/pkgs/applications/virtualization/docker-compose/default.nix +++ b/pkgs/applications/virtualization/docker-compose/default.nix @@ -5,6 +5,7 @@ , six, texttable, websocket_client, cached-property , enum34, functools32, paramiko }: + buildPythonApplication rec { version = "1.24.1"; pname = "docker-compose"; @@ -32,15 +33,17 @@ buildPythonApplication rec { ''; postInstall = '' - mkdir -p $out/share/bash-completion/completions/ - cp contrib/completion/bash/docker-compose $out/share/bash-completion/completions/docker-compose + install -D -m 0444 contrib/completion/bash/docker-compose \ + $out/share/bash-completion/completions/docker-compose + + install -D -m 0444 contrib/completion/zsh/_docker-compose \ + $out/share/zsh-completion/zsh/site-functions/_docker-compose ''; meta = with stdenv.lib; { homepage = https://docs.docker.com/compose/; description = "Multi-container orchestration for Docker"; license = licenses.asl20; - maintainers = with maintainers; [ - ]; + maintainers = [ ]; }; } diff --git a/pkgs/applications/virtualization/virtualbox/default.nix b/pkgs/applications/virtualization/virtualbox/default.nix index 20930b86537..104fc8a89bf 100644 --- a/pkgs/applications/virtualization/virtualbox/default.nix +++ b/pkgs/applications/virtualization/virtualbox/default.nix @@ -1,8 +1,8 @@ { config, stdenv, fetchurl, lib, iasl, dev86, pam, libxslt, libxml2, wrapQtAppsHook , libX11, xorgproto, libXext, libXcursor, libXmu, libIDL, SDL, libcap, libGL , libpng, glib, lvm2, libXrandr, libXinerama, libopus, qtbase, qtx11extras -, qttools, pkgconfig, which, docbook_xsl, docbook_xml_dtd_43 -, alsaLib, curl, libvpx, nettools, dbus +, qttools, qtsvg, qtwayland, pkgconfig, which, docbook_xsl, docbook_xml_dtd_43 +, alsaLib, curl, libvpx, nettools, dbus, substituteAll , makeself, perl , javaBindings ? true, jdk ? null # Almost doesn't affect closure size , pythonBindings ? false, python3 ? null @@ -37,7 +37,7 @@ in stdenv.mkDerivation { nativeBuildInputs = [ pkgconfig which docbook_xsl docbook_xml_dtd_43 patchelfUnstable ] ++ optional (!headless) wrapQtAppsHook; - # Wrap manually because we just need to wrap one executable + # Wrap manually because we wrap just a small number of executables. dontWrapQtApps = true; buildInputs = @@ -79,6 +79,17 @@ in stdenv.mkDerivation { patches = optional enableHardening ./hardened.patch + # When hardening is enabled, we cannot use wrapQtApp to ensure that VirtualBoxVM sees + # the correct environment variables needed for Qt to work, specifically QT_PLUGIN_PATH. + # This is because VirtualBoxVM would detect that it is wrapped that and refuse to run, + # and also because it would unset QT_PLUGIN_PATH for security reasons. We work around + # these issues by patching the code to set QT_PLUGIN_PATH to the necessary paths, + # after the code that unsets it. Note that qtsvg is included so that SVG icons from + # the user's icon theme can be loaded. + ++ optional (!headless && enableHardening) (substituteAll { + src = ./qt-env-vars.patch; + qtPluginPath = "${qtbase.bin}/${qtbase.qtPluginPrefix}:${qtsvg.bin}/${qtbase.qtPluginPrefix}:${qtwayland.bin}/${qtbase.qtPluginPrefix}"; + }) ++ [ ./qtx11extras.patch ]; @@ -184,6 +195,11 @@ in stdenv.mkDerivation { preFixup = optionalString (!headless) '' wrapQtApp $out/bin/VirtualBox + '' + # If hardening is disabled, wrap the VirtualBoxVM binary instead of patching + # the source code (see postPatch). + + optionalString (!headless && !enableHardening) '' + wrapQtApp $out/libexec/virtualbox/VirtualBoxVM ''; passthru = { diff --git a/pkgs/applications/virtualization/virtualbox/qt-env-vars.patch b/pkgs/applications/virtualization/virtualbox/qt-env-vars.patch new file mode 100644 index 00000000000..ad1d1fd11f8 --- /dev/null +++ b/pkgs/applications/virtualization/virtualbox/qt-env-vars.patch @@ -0,0 +1,14 @@ +--- a/src/VBox/HostDrivers/Support/SUPR3HardenedMain.cpp ++++ b/src/VBox/HostDrivers/Support/SUPR3HardenedMain.cpp +@@ -2131,6 +2131,11 @@ static void supR3HardenedMainPurgeEnvironment(char **envp) + /** @todo Call NT API to do the same. */ + #endif + } ++ ++ /* ++ * NixOS hack: Set QT_PLUGIN_PATH to make Qt find plugins. ++ */ ++ setenv("QT_PLUGIN_PATH", "@qtPluginPath@", /*overwrite=*/ 1); + } + + diff --git a/pkgs/applications/window-managers/i3/default.nix b/pkgs/applications/window-managers/i3/default.nix index 31a96ba1788..403d9939e13 100644 --- a/pkgs/applications/window-managers/i3/default.nix +++ b/pkgs/applications/window-managers/i3/default.nix @@ -5,11 +5,11 @@ stdenv.mkDerivation rec { pname = "i3"; - version = "4.17"; + version = "4.17.1"; src = fetchurl { url = "https://i3wm.org/downloads/${pname}-${version}.tar.bz2"; - sha256 = "1z8qmkkq9dhqmqy8sjw3rnpnmnb8v7lr456bs0qzp23bgpj17gjf"; + sha256 = "0iazv2i2rgmakzh95pgj6iapyzn7bdpcbcd35a79mhlml4ry33qy"; }; nativeBuildInputs = [ which pkgconfig makeWrapper ]; diff --git a/pkgs/applications/window-managers/i3/lock-fancy.nix b/pkgs/applications/window-managers/i3/lock-fancy.nix index f6d797c98e1..4ca69ce31b4 100644 --- a/pkgs/applications/window-managers/i3/lock-fancy.nix +++ b/pkgs/applications/window-managers/i3/lock-fancy.nix @@ -23,7 +23,7 @@ stdenv.mkDerivation rec { sed -i -e 's|icon="/usr/share/i3lock-fancy/icons/lock.png"|icon="'$out'/share/i3lock-fancy/icons/lock.png"|' i3lock-fancy sed -i -e "s|getopt |${getopt}/bin/getopt |" i3lock-fancy sed -i -e "s|fc-match |${fontconfig.bin}/bin/fc-match |" i3lock-fancy - sed -i -e "s|shot=(import -window root)|shot=(${scrot}/bin/scrot -z)|" i3lock-fancy + sed -i -e "s|shot=(import -window root)|shot=(${scrot}/bin/scrot -z -o)|" i3lock-fancy rm Makefile ''; installPhase = '' diff --git a/pkgs/applications/window-managers/icewm/default.nix b/pkgs/applications/window-managers/icewm/default.nix index 71a4ec3549a..f388c2d99db 100644 --- a/pkgs/applications/window-managers/icewm/default.nix +++ b/pkgs/applications/window-managers/icewm/default.nix @@ -1,36 +1,40 @@ -{ stdenv, fetchurl, cmake, gettext +{ stdenv, fetchFromGitHub, cmake, gettext, perl, asciidoc , libjpeg, libtiff, libungif, libpng, imlib, expat , freetype, fontconfig, pkgconfig, gdk-pixbuf , mkfontdir, libX11, libXft, libXext, libXinerama , libXrandr, libICE, libSM, libXpm, libXdmcp, libxcb -, libpthreadstubs, pcre }: +, libpthreadstubs, pcre, libXdamage, libXcomposite, libXfixes +, libsndfile, fribidi }: -with stdenv.lib; stdenv.mkDerivation rec { pname = "icewm"; - version = "1.4.2"; + version = "1.6.0"; - buildInputs = - [ cmake gettext libjpeg libtiff libungif libpng imlib expat - freetype fontconfig pkgconfig gdk-pixbuf mkfontdir libX11 - libXft libXext libXinerama libXrandr libICE libSM libXpm - libXdmcp libxcb libpthreadstubs pcre ]; - - src = fetchurl { - url = "https://github.com/bbidulock/icewm/archive/${version}.tar.gz"; - sha256 = "05chzjjnb4n4j05ld2gmhhr07c887qb4j9inwg9izhvml51af1bw"; + src = fetchFromGitHub { + owner = "bbidulock"; + repo = "icewm"; + rev = version; + sha256 = "1l8hjmb19d7ds7z21cx207h86wkjcmmmamcnalgkwh4alvbawc2p"; }; - preConfigure = '' - export cmakeFlags="-DPREFIX=$out -DCFGDIR=/etc/icewm" - ''; + nativeBuildInputs = [ cmake pkgconfig perl asciidoc ]; - patches = [ ./fix-strlcat_strlcpy.patch ] ++ - stdenv.lib.optional stdenv.hostPlatform.isMusl ./musl.patch; + buildInputs = [ + gettext libjpeg libtiff libungif libpng imlib expat + freetype fontconfig gdk-pixbuf mkfontdir libX11 + libXft libXext libXinerama libXrandr libICE libSM libXpm + libXdmcp libxcb libpthreadstubs pcre libsndfile fribidi + libXdamage libXcomposite libXfixes + ]; + + cmakeFlags = [ "-DPREFIX=$out" "-DCFGDIR=/etc/icewm" ]; - patchFlags = [ "-p0" ]; + # install legacy themes + postInstall = '' + cp -r ../lib/themes/{gtk2,Natural,nice,nice2,warp3,warp4,yellowmotif} $out/share/icewm/themes/ + ''; - meta = { + meta = with stdenv.lib; { description = "A simple, lightweight X window manager"; longDescription = '' IceWM is a window manager for the X Window System. The goal of diff --git a/pkgs/applications/window-managers/icewm/fix-strlcat_strlcpy.patch b/pkgs/applications/window-managers/icewm/fix-strlcat_strlcpy.patch deleted file mode 100644 index 9721e125b05..00000000000 --- a/pkgs/applications/window-managers/icewm/fix-strlcat_strlcpy.patch +++ /dev/null @@ -1,236 +0,0 @@ ---- src/apppstatus.cc 2017-07-30 10:59:06.000000000 +0200 -+++ src/apppstatus.cc 2017-08-09 09:12:54.332052762 +0200 -@@ -366,7 +366,7 @@ - sscanf(p, "%s %s %s %s %s", val[0], val[1], val[2], val[3], val[4]); - for (i = 0; i < 4; i++) { - if (strncmp(val[i+1], "?", 1) != 0) -- strlcpy(phoneNumber, val[i+1], sizeof phoneNumber); -+ my_strlcpy(phoneNumber, val[i+1], sizeof phoneNumber); - } - } - ---- src/base.h 2017-07-30 10:59:06.000000000 +0200 -+++ src/base.h 2017-08-09 09:11:13.082025484 +0200 -@@ -44,9 +44,9 @@ - /*** String Functions *********************************************************/ - - /* Prefer this as a safer alternative over strcpy. Return strlen(from). */ --size_t strlcpy(char *dest, const char *from, size_t dest_size); -+size_t my_strlcpy(char *dest, const char *from, size_t dest_size); - /* Prefer this over strcat. Return strlen(dest) + strlen(from). */ --size_t strlcat(char *dest, const char *from, size_t dest_size); -+size_t my_strlcat(char *dest, const char *from, size_t dest_size); - - char *newstr(char const *str); - char *newstr(char const *str, int len); ---- src/gnome2.cc 2017-07-30 10:59:06.000000000 +0200 -+++ src/gnome2.cc 2017-08-09 09:11:21.819027846 +0200 -@@ -158,8 +158,8 @@ - const int plen = strlen(fPath); - - char tmp[256]; -- strlcpy(tmp, fPath, sizeof tmp); -- strlcat(tmp, "/.directory", sizeof tmp); -+ my_strlcpy(tmp, fPath, sizeof tmp); -+ my_strlcat(tmp, "/.directory", sizeof tmp); - - if (isDir && !stat(tmp, &sb)) { // looks like kde/gnome1 style - -@@ -279,8 +279,8 @@ - - while ((file = readdir(dir)) != NULL) { - char fullpath[256]; -- strlcpy(fullpath, dirname, sizeof fullpath); -- strlcat(fullpath, file->d_name, sizeof fullpath); -+ my_strlcpy(fullpath, dirname, sizeof fullpath); -+ my_strlcat(fullpath, file->d_name, sizeof fullpath); - GnomeDesktopItem *ditem = - gnome_desktop_item_new_from_file(fullpath, - (GnomeDesktopItemLoadFlags)0, ---- src/icehelp.cc 2017-07-30 10:59:06.000000000 +0200 -+++ src/icehelp.cc 2017-08-09 09:11:31.490030459 +0200 -@@ -1790,8 +1790,8 @@ - const size_t size = 9 + strlen(cfmt) + strlen(cstr) + strlen(crea); - char *cbuf = (char *)malloc(size); - snprintf(cbuf, size, cfmt, cstr); -- strlcat(cbuf, ":\n ", size); -- strlcat(cbuf, crea, size); -+ my_strlcat(cbuf, ":\n ", size); -+ my_strlcat(cbuf, crea, size); - - node *root = new node(node::div); - flist<node> nodes(root); ---- src/icesm.cc 2017-07-30 10:59:06.000000000 +0200 -+++ src/icesm.cc 2017-08-09 09:13:12.946057758 +0200 -@@ -28,10 +28,10 @@ - wordexp_t w; - if (wordexp(trim(buf), &w, 0) != 0 || w.we_wordc == 0) - return false; -- size_t len = strlcpy(buf, trim(w.we_wordv[0]), bufsiz); -+ size_t len = my_strlcpy(buf, trim(w.we_wordv[0]), bufsiz); - for (size_t k = 1; k < w.we_wordc && len < bufsiz; ++k) { -- strlcat(buf, " ", bufsiz); -- len = strlcat(buf, trim(w.we_wordv[k]), bufsiz); -+ my_strlcat(buf, " ", bufsiz); -+ len = my_strlcat(buf, trim(w.we_wordv[k]), bufsiz); - } - wordfree(&w); - if (len >= bufsiz) -@@ -39,7 +39,7 @@ - #else - char *str = trim(buf); - if (str > buf) -- strlcpy(buf, str, bufsiz); -+ my_strlcpy(buf, str, bufsiz); - #endif - if (buf[0] == '#' || buf[0] == '=') - buf[0] = 0; ---- src/icesound.cc 2017-07-30 10:59:06.000000000 +0200 -+++ src/icesound.cc 2017-08-09 09:11:26.686029161 +0200 -@@ -145,8 +145,8 @@ - char * findSample(int sid) { - char basefname[1024]; - -- strlcpy(basefname, gui_events[sid].name, sizeof basefname); -- strlcat(basefname, ".wav", sizeof basefname); -+ my_strlcpy(basefname, gui_events[sid].name, sizeof basefname); -+ my_strlcat(basefname, ".wav", sizeof basefname); - - return findSample(basefname); - } ---- src/misc.cc 2017-07-30 10:59:06.000000000 +0200 -+++ src/misc.cc 2017-08-09 09:13:39.372064834 +0200 -@@ -448,7 +448,7 @@ - #endif - - /* Prefer this as a safer alternative over strcpy. Return strlen(from). */ --size_t strlcpy(char *dest, const char *from, size_t dest_size) -+size_t my_strlcpy(char *dest, const char *from, size_t dest_size) - { - const char *in = from; - if (dest_size > 0) { -@@ -463,12 +463,12 @@ - } - - /* Prefer this over strcat. Return strlen(dest) + strlen(from). */ --size_t strlcat(char *dest, const char *from, size_t dest_size) -+size_t my_strlcat(char *dest, const char *from, size_t dest_size) - { - char *to = dest; - char *const stop = to + dest_size - 1; - while (to < stop && *to) ++to; -- return to - dest + strlcpy(to, from, dest_size - (to - dest)); -+ return to - dest + my_strlcpy(to, from, dest_size - (to - dest)); - } - - char *newstr(char const *str) { ---- src/strtest.cc 2017-07-30 10:59:06.000000000 +0200 -+++ src/strtest.cc 2017-08-09 09:13:24.395060823 +0200 -@@ -286,63 +286,63 @@ - strtest tester("strlc"); - char d[10] = "@"; - size_t n; -- n = strlcpy(d, "", 0); -+ n = my_strlcpy(d, "", 0); - sequal(d, "@"); - assert(d, n == 0); - -- n = strlcpy(d, "a", 0); -+ n = my_strlcpy(d, "a", 0); - sequal(d, "@"); - assert(d, n == 1); - -- n = strlcpy(d, "", 1); -+ n = my_strlcpy(d, "", 1); - sequal(d, ""); - assert(d, n == 0); - -- n = strlcpy(d, "a", 1); -+ n = my_strlcpy(d, "a", 1); - sequal(d, ""); - assert(d, n == 1); - -- n = strlcpy(d, "a", 2); -+ n = my_strlcpy(d, "a", 2); - sequal(d, "a"); - assert(d, n == 1); - -- n = strlcpy(d, "ab", 2); -+ n = my_strlcpy(d, "ab", 2); - sequal(d, "a"); - assert(d, n == 2); - -- n = strlcpy(d, "ab", 3); -+ n = my_strlcpy(d, "ab", 3); - sequal(d, "ab"); - assert(d, n == 2); - -- n = strlcpy(d, "abc", sizeof d); -+ n = my_strlcpy(d, "abc", sizeof d); - sequal(d, "abc"); - assert(d, n == 3); - -- n = strlcat(d, "def", 4); -+ n = my_strlcat(d, "def", 4); - sequal(d, "abc"); - assert(d, n == 6); - -- n = strlcat(d, "def", sizeof d); -+ n = my_strlcat(d, "def", sizeof d); - sequal(d, "abcdef"); - assert(d, n == 6); - -- n = strlcat(d, "ghijkl", sizeof d); -+ n = my_strlcat(d, "ghijkl", sizeof d); - sequal(d, "abcdefghi"); - assert(d, n == 12); - -- n = strlcpy(d, "123", sizeof d); -+ n = my_strlcpy(d, "123", sizeof d); - sequal(d, "123"); - assert(d, n == 3); - -- n = strlcpy(d, d + 1, sizeof d); -+ n = my_strlcpy(d, d + 1, sizeof d); - sequal(d, "23"); - assert(d, n == 2); - -- n = strlcpy(d, d + 1, sizeof d); -+ n = my_strlcpy(d, d + 1, sizeof d); - sequal(d, "3"); - assert(d, n == 1); - -- n = strlcpy(d, d + 1, sizeof d); -+ n = my_strlcpy(d, d + 1, sizeof d); - sequal(d, ""); - assert(d, n == 0); - } -@@ -418,7 +418,7 @@ - while (a.next()) { - const char *e = a.entry(); - assert(e, strcoll(buf, e) < 0); -- strlcpy(buf, e, sizeof buf); -+ my_strlcpy(buf, e, sizeof buf); - } - assert(buf, strcoll(buf, "~~~~~~~~~") < 0); - } -@@ -437,7 +437,7 @@ - cstring c(s.entry()); - const char *e = c.c_str(); - assert(e, strcoll(buf, e) < 0); -- strlcpy(buf, e, sizeof buf); -+ my_strlcpy(buf, e, sizeof buf); - } - assert(buf, strcoll(buf, "~~~~~~~~~") < 0); - } ---- src/udir.cc 2017-07-30 10:59:06.000000000 +0200 -+++ src/udir.cc 2017-08-09 09:13:28.346061883 +0200 -@@ -66,7 +66,7 @@ - if (impl) { - DirPtr dirp(impl); - if (dirp.next()) { -- strlcpy(fEntry, dirp.name(), sizeof fEntry); -+ my_strlcpy(fEntry, dirp.name(), sizeof fEntry); - return true; - } - } diff --git a/pkgs/applications/window-managers/icewm/musl.patch b/pkgs/applications/window-managers/icewm/musl.patch deleted file mode 100644 index e7d18e31287..00000000000 --- a/pkgs/applications/window-managers/icewm/musl.patch +++ /dev/null @@ -1,23 +0,0 @@ ---- src/ylocale.cc 2017-07-30 10:59:06.000000000 +0200 -+++ src/ylocale.cc 2017-08-09 08:15:50.938841549 +0200 -@@ -55,6 +55,8 @@ - int const codesetItems[] = { - #ifdef CONFIG_NL_CODESETS - CONFIG_NL_CODESETS -+#elif !defined(__GLIBC__) -+ CODESET, 0 - #else - CODESET, _NL_CTYPE_CODESET_NAME, 0 - #endif ---- src/globit.c 2017-07-30 10:59:06.000000000 +0200 -+++ src/globit.c 2017-08-09 08:17:18.691824584 +0200 -@@ -143,7 +143,9 @@ - } else if (*pattern == '~') { - /* yes, tilde */ - is_absolute = 2; -+#if defined(__GLIBC__) - glob_flags |= GLOB_TILDE; -+#endif - /* any slash in the pattern? */ - while (*cp && *cp != '/') - ++cp; diff --git a/pkgs/build-support/install-shell-files/default.nix b/pkgs/build-support/install-shell-files/default.nix new file mode 100644 index 00000000000..e1f2e24dd87 --- /dev/null +++ b/pkgs/build-support/install-shell-files/default.nix @@ -0,0 +1,4 @@ +{ makeSetupHook }: + +# See the header comment in ../setup-hooks/install-shell-files.sh for example usage. +makeSetupHook { name = "install-shell-files"; } ../setup-hooks/install-shell-files.sh diff --git a/pkgs/build-support/oci-tools/default.nix b/pkgs/build-support/oci-tools/default.nix new file mode 100644 index 00000000000..18b238033ff --- /dev/null +++ b/pkgs/build-support/oci-tools/default.nix @@ -0,0 +1,78 @@ +{ lib, writeText, runCommand, writeReferencesToFile }: + +{ + buildContainer = + { args + , mounts ? {} + , os ? "linux" + , arch ? "x86_64" + , readonly ? false + }: + let + sysMounts = { + "/proc" = { + type = "proc"; + source = "proc"; + }; + "/dev" = { + type = "tmpfs"; + source = "tmpfs"; + options = [ "nosuid" "strictatime" "mode=755" "size=65536k" ]; + }; + "/dev/pts" = { + type = "devpts"; + source = "devpts"; + options = [ "nosuid" "noexec" "newinstance" "ptmxmode=0666" "mode=755" "gid=5" ]; + }; + "/dev/shm" = { + type = "tmpfs"; + source = "shm"; + options = [ "nosuid" "noexec" "nodev" "mode=1777" "size=65536k" ]; + }; + "/dev/mqueue" = { + type = "mqueue"; + source = "mqueue"; + options = [ "nosuid" "noexec" "nodev" ]; + }; + "/sys" = { + type = "sysfs"; + source = "sysfs"; + options = [ "nosuid" "noexec" "nodev" "ro" ]; + }; + "/sys/fs/cgroup" = { + type = "cgroup"; + source = "cgroup"; + options = [ "nosuid" "noexec" "nodev" "realatime" "ro" ]; + }; + }; + config = writeText "config.json" (builtins.toJSON { + ociVersion = "1.0.0"; + platform = { + inherit os arch; + }; + + linux = { + namespaces = map (type: { inherit type; }) [ "pid" "network" "mount" "ipc" "uts" ]; + }; + + root = { path = "rootfs"; inherit readonly; }; + + process = { + inherit args; + user = { uid = 0; gid = 0; }; + cwd = "/"; + }; + + mounts = lib.mapAttrsToList (destination: { type, source, options ? null }: { + inherit destination type source options; + }) sysMounts; + }); + in + runCommand "join" {} '' + set -o pipefail + mkdir -p $out/rootfs/{dev,proc,sys} + cp ${config} $out/config.json + xargs tar c < ${writeReferencesToFile args} | tar -xC $out/rootfs/ + ''; +} + diff --git a/pkgs/build-support/setup-hooks/install-shell-files.sh b/pkgs/build-support/setup-hooks/install-shell-files.sh new file mode 100644 index 00000000000..e0ea1f7f30a --- /dev/null +++ b/pkgs/build-support/setup-hooks/install-shell-files.sh @@ -0,0 +1,165 @@ +#!/bin/bash +# Setup hook for the `installShellFiles` package. +# +# Example usage in a derivation: +# +# { …, installShellFiles, … }: +# stdenv.mkDerivation { +# … +# nativeBuildInputs = [ installShellFiles ]; +# postInstall = '' +# installManPage share/doc/foobar.1 +# installShellCompletion share/completions/foobar.{bash,fish,zsh} +# ''; +# … +# } +# +# See comments on each function for more details. + +# installManPage <path> [...<path>] +# +# Each argument is checked for its man section suffix and installed into the appropriate +# share/man<n>/ directory. The function returns an error if any paths don't have the man section +# suffix (with optional .gz compression). +installManPage() { + local path + for path in "$@"; do + if (( "${NIX_DEBUG:-0}" >= 1 )); then + echo "installManPage: installing $path" + fi + if test -z "$path"; then + echo "installManPage: error: path cannot be empty" >&2 + return 1 + fi + local basename + basename=$(stripHash "$path") # use stripHash in case it's a nix store path + local trimmed=${basename%.gz} # don't get fooled by compressed manpages + local suffix=${trimmed##*.} + if test -z "$suffix" -o "$suffix" = "$trimmed"; then + echo "installManPage: error: path missing manpage section suffix: $path" >&2 + return 1 + fi + local outRoot + if test "$suffix" = 3; then + outRoot=${!outputDevman:?} + else + outRoot=${!outputMan:?} + fi + install -Dm644 -T "$path" "${outRoot}/share/man/man$suffix/$basename" || return + done +} + +# installShellCompletion [--bash|--fish|--zsh] ([--name <name>] <path>)... +# +# Each path is installed into the appropriate directory for shell completions for the given shell. +# If one of `--bash`, `--fish`, or `--zsh` is given the path is assumed to belong to that shell. +# Otherwise the file extension will be examined to pick a shell. If the shell is unknown a warning +# will be logged and the command will return a non-zero status code after processing any remaining +# paths. Any of the shell flags will affect all subsequent paths (unless another shell flag is +# given). +# +# If the shell completion needs to be renamed before installing the optional `--name <name>` flag +# may be given. Any name provided with this flag only applies to the next path. +# +# For zsh completions, if the `--name` flag is not given, the path will be automatically renamed +# such that `foobar.zsh` becomes `_foobar`. +# +# This command accepts multiple shell flags in conjunction with multiple paths if you wish to +# install them all in one command: +# +# installShellCompletion share/completions/foobar.{bash,fish} --zsh share/completions/_foobar +# +# However it may be easier to read if each shell is split into its own invocation, especially when +# renaming is involved: +# +# installShellCompletion --bash --name foobar.bash share/completions.bash +# installShellCompletion --fish --name foobar.fish share/completions.fish +# installShellCompletion --zsh --name _foobar share/completions.zsh +# +# If any argument is `--` the remaining arguments will be treated as paths. +installShellCompletion() { + local shell='' name='' retval=0 parseArgs=1 arg + while { arg=$1; shift; }; do + # Parse arguments + if (( parseArgs )); then + case "$arg" in + --bash|--fish|--zsh) + shell=${arg#--} + continue;; + --name) + name=$1 + shift || { + echo 'installShellCompletion: error: --name flag expected an argument' >&2 + return 1 + } + continue;; + --name=*) + # treat `--name=foo` the same as `--name foo` + name=${arg#--name=} + continue;; + --?*) + echo "installShellCompletion: warning: unknown flag ${arg%%=*}" >&2 + retval=2 + continue;; + --) + # treat remaining args as paths + parseArgs=0 + continue;; + esac + fi + if (( "${NIX_DEBUG:-0}" >= 1 )); then + echo "installShellCompletion: installing $arg${name:+ as $name}" + fi + # if we get here, this is a path + # Identify shell + local basename + basename=$(stripHash "$arg") + local curShell=$shell + if [[ -z "$curShell" ]]; then + # auto-detect the shell + case "$basename" in + ?*.bash) curShell=bash;; + ?*.fish) curShell=fish;; + ?*.zsh) curShell=zsh;; + *) + if [[ "$basename" = _* && "$basename" != *.* ]]; then + # probably zsh + echo "installShellCompletion: warning: assuming path \`$arg' is zsh; please specify with --zsh" >&2 + curShell=zsh + else + echo "installShellCompletion: warning: unknown shell for path: $arg" >&2 + retval=2 + continue + fi;; + esac + fi + # Identify output path + local outName sharePath + outName=${name:-$basename} + case "$curShell" in + bash) sharePath=bash-completion/completions;; + fish) sharePath=fish/vendor_completions.d;; + zsh) + sharePath=zsh/site-functions + # only apply automatic renaming if we didn't have a manual rename + if test -z "$name"; then + # convert a name like `foo.zsh` into `_foo` + outName=${outName%.zsh} + outName=_${outName#_} + fi;; + *) + # Our list of shells is out of sync with the flags we accept or extensions we detect. + echo 'installShellCompletion: internal error' >&2 + return 1;; + esac + # Install file + install -Dm644 -T "$arg" "${!outputBin:?}/share/$sharePath/$outName" || return + # Clear the name, it only applies to one path + name= + done + if [[ -n "$name" ]]; then + echo 'installShellCompletion: error: --name flag given with no path' >&2 + return 1 + fi + return $retval +} diff --git a/pkgs/data/fonts/sudo/default.nix b/pkgs/data/fonts/sudo/default.nix index bfc66a77207..adb69b6c974 100644 --- a/pkgs/data/fonts/sudo/default.nix +++ b/pkgs/data/fonts/sudo/default.nix @@ -1,11 +1,11 @@ { lib, fetchzip }: let - version = "0.37"; + version = "0.40"; in fetchzip rec { name = "sudo-font-${version}"; url = "https://github.com/jenskutilek/sudo-font/releases/download/v${version}/sudo.zip"; - sha256 = "16x6vs016wz6rmd4p248ri9fn35xq7r3dc8hv4w2c4rz1xl8c099"; + sha256 = "1nf025sjps4yysf6zkns5fzjgls6xdpifh7bz4ray9x8h5pz0z64"; postFetch = '' mkdir -p $out/share/fonts/truetype/ diff --git a/pkgs/data/fonts/victor-mono/default.nix b/pkgs/data/fonts/victor-mono/default.nix index e1ef611d686..e886ad7578e 100644 --- a/pkgs/data/fonts/victor-mono/default.nix +++ b/pkgs/data/fonts/victor-mono/default.nix @@ -2,7 +2,7 @@ let pname = "victor-mono"; - version = "1.2.1"; + version = "1.2.5"; in fetchFromGitHub rec { name = "${pname}-${version}"; @@ -26,7 +26,7 @@ in fetchFromGitHub rec { unzip -j VictorMonoAll.zip \*.otf -d $out/share/fonts/opentype/${pname} ''; - sha256 = "0347n3kdyrbg42rxcgnyghi21qz5iz6w30v7ms2vjal7pfm6h2vn"; + sha256 = "0dj5h45qk6abggj6mgm19sb0a7q0v4x41f2zds1ab79yd22gbjns"; meta = with lib; { description = "Free programming font with cursive italics and ligatures"; diff --git a/pkgs/development/arduino/platformio/chrootenv.nix b/pkgs/development/arduino/platformio/chrootenv.nix index 182f8fbefab..01a2fb873aa 100644 --- a/pkgs/development/arduino/platformio/chrootenv.nix +++ b/pkgs/development/arduino/platformio/chrootenv.nix @@ -3,19 +3,8 @@ let pio-pkgs = pkgs: let - python = pkgs.python.override { + python = pkgs.python3.override { packageOverrides = self: super: { - - # https://github.com/platformio/platformio-core/issues/349 - click = super.click.overridePythonAttrs (oldAttrs: rec { - version = "5.1"; - src = oldAttrs.src.override { - inherit version; - sha256 = "678c98275431fad324275dec63791e4a17558b40e5a110e20a82866139a85a5a"; - }; - postPatch = ""; - }); - platformio = self.callPackage ./core.nix { }; }; }; @@ -38,7 +27,7 @@ in buildFHSUserEnv { meta = with lib; { description = "An open source ecosystem for IoT development"; - homepage = http://platformio.org; + homepage = "https://platformio.org"; maintainers = with maintainers; [ mog ]; license = licenses.asl20; platforms = with platforms; linux; diff --git a/pkgs/development/arduino/platformio/core.nix b/pkgs/development/arduino/platformio/core.nix index 0866311ad89..bfe216c6ad3 100644 --- a/pkgs/development/arduino/platformio/core.nix +++ b/pkgs/development/arduino/platformio/core.nix @@ -1,7 +1,7 @@ { stdenv, lib, buildPythonApplication, fetchFromGitHub , bottle, click, colorama , lockfile, pyserial, requests -, pytest, semantic-version, tox +, pytest, semantic-version, tox, tabulate , git }: @@ -35,6 +35,7 @@ let "test_builder.py::test_build_unflags" "test_misc.py::test_api_cache" "test_misc.py::test_ping_internet_ips" + "test_misc.py::test_platformio_cli" "test_pkgmanifest.py::test_packages" ]) ++ (map (e: "--ignore=tests/${e}") [ "commands/test_boards.py" @@ -46,19 +47,20 @@ let in buildPythonApplication rec { pname = "platformio"; - version = "3.6.6"; + version = "4.0.3"; # pypi tarballs don't contain tests - https://github.com/platformio/platformio-core/issues/1964 src = fetchFromGitHub { owner = "platformio"; repo = "platformio-core"; rev = "v${version}"; - sha256 = "1qwd6684y2xagl375sv8fm6a535hcdqx296hknjlbvsgc1jc514a"; + sha256 = "1naaa53cc7n7zyqggqjvvgkcq8cyzngdf904y9ag0x1vvb70f8j9"; }; propagatedBuildInputs = [ bottle click colorama git lockfile pyserial requests semantic-version + tabulate ]; HOME = "/tmp"; diff --git a/pkgs/development/arduino/platformio/fix-searchpath.patch b/pkgs/development/arduino/platformio/fix-searchpath.patch index a215ffc7d61..1570cae1b19 100644 --- a/pkgs/development/arduino/platformio/fix-searchpath.patch +++ b/pkgs/development/arduino/platformio/fix-searchpath.patch @@ -1,6 +1,6 @@ ---- ./platformio/util.py-old 2017-09-29 01:20:08.174548250 +0200 -+++ ./platformio/util.py 2017-09-29 01:19:48.410485308 +0200 -@@ -395,7 +395,7 @@ +--- ./platformio/proc.py-old 2017-09-29 01:20:08.174548250 +0200 ++++ ./platformio/proc.py 2017-09-29 01:19:48.410485308 +0200 +@@ -164,7 +164,7 @@ isdir(join(p, "click")) or isdir(join(p, "platformio"))) if all(conditions): _PYTHONPATH.append(p) diff --git a/pkgs/development/interpreters/supercollider/default.nix b/pkgs/development/interpreters/supercollider/default.nix index 049dd9192d7..b4ed9232452 100644 --- a/pkgs/development/interpreters/supercollider/default.nix +++ b/pkgs/development/interpreters/supercollider/default.nix @@ -9,12 +9,12 @@ in mkDerivation rec { pname = "supercollider"; - version = "3.10.2"; + version = "3.10.3"; src = fetchurl { - url = "https://github.com/supercollider/supercollider/releases/download/Version-${version}/SuperCollider-${version}-Source-linux.tar.bz2"; - sha256 = "0ynz1ydcpsd5h57h1n4a7avm6p1cif5a8rkmz4qpr46pr8z9p6iq"; + url = "https://github.com/supercollider/supercollider/releases/download/Version-${version}/SuperCollider-${version}-Source.tar.bz2"; + sha256 = "1wvsrr4qcqmpxpn57wwrnwbnf3pflr3n4wkj9j6b9cdisp34kv5d"; }; hardeningDisable = [ "stackprotector" ]; @@ -26,6 +26,8 @@ mkDerivation rec { nativeBuildInputs = [ cmake pkgconfig qttools ]; + enableParallelBuilding = true; + buildInputs = [ gcc libjack2 libsndfile fftw curl libXt qtbase qtwebengine qtwebsockets readline ] ++ optional (!stdenv.isDarwin) alsaLib @@ -33,7 +35,7 @@ mkDerivation rec { meta = with stdenv.lib; { description = "Programming language for real time audio synthesis"; - homepage = http://supercollider.sourceforge.net/; + homepage = "https://supercollider.github.io"; maintainers = with maintainers; [ mrmebelman ]; license = licenses.gpl3; platforms = [ "x686-linux" "x86_64-linux" ]; diff --git a/pkgs/development/libraries/fflas-ffpack/default.nix b/pkgs/development/libraries/fflas-ffpack/default.nix index 858bc209391..2f2e22de12c 100644 --- a/pkgs/development/libraries/fflas-ffpack/default.nix +++ b/pkgs/development/libraries/fflas-ffpack/default.nix @@ -3,13 +3,13 @@ }: stdenv.mkDerivation rec { pname = "fflas-ffpack"; - version = "2.4.0"; + version = "2.4.3"; src = fetchFromGitHub { owner = "linbox-team"; repo = "${pname}"; - rev = "v${version}"; - sha256 = "1q1ala88ysz14pb5cn2kskv829nc1qif7zfzjwzhd5nnzwyivmc4"; + rev = "${version}"; + sha256 = "1ynbjd72qrwp0b4kpn0p5d7gddpvj8dlb5fwdxajr5pvkvi3if74"; }; checkInputs = [ diff --git a/pkgs/development/libraries/libyaml-cpp/default.nix b/pkgs/development/libraries/libyaml-cpp/default.nix index 75b377ff8d4..fbc4b4bcec5 100644 --- a/pkgs/development/libraries/libyaml-cpp/default.nix +++ b/pkgs/development/libraries/libyaml-cpp/default.nix @@ -15,7 +15,7 @@ stdenv.mkDerivation rec { nativeBuildInputs = [ cmake ]; - cmakeFlags = "-DBUILD_SHARED_LIBS=ON"; + cmakeFlags = "-DBUILD_SHARED_LIBS=ON -DYAML_CPP_BUILD_TESTS=OFF"; meta = with stdenv.lib; { inherit (src.meta) homepage; diff --git a/pkgs/development/python-modules/imagecodecs-lite/default.nix b/pkgs/development/python-modules/imagecodecs-lite/default.nix new file mode 100644 index 00000000000..6374b882718 --- /dev/null +++ b/pkgs/development/python-modules/imagecodecs-lite/default.nix @@ -0,0 +1,25 @@ +{ lib, fetchPypi, buildPythonPackage +, pytest +, numpy +, cython +}: + +buildPythonPackage rec { + pname = "imagecodecs-lite"; + version = "2019.4.20"; + + src = fetchPypi { + inherit pname version; + sha256 = "1cp88g7g91gdhjhaz6gvb4jzvi5ad817id9f2bnc5r95ag93bqb0"; + }; + + checkInputs = [ pytest ]; + propagatedBuildInputs = [ numpy cython ]; + + meta = with lib; { + description = "Block-oriented, in-memory buffer transformation, compression, and decompression functions"; + homepage = "https://www.lfd.uci.edu/~gohlke/"; + maintainers = [ maintainers.tbenst ]; + license = licenses.bsd3; + }; +} diff --git a/pkgs/development/python-modules/pyvmomi/default.nix b/pkgs/development/python-modules/pyvmomi/default.nix new file mode 100644 index 00000000000..a7fbf301295 --- /dev/null +++ b/pkgs/development/python-modules/pyvmomi/default.nix @@ -0,0 +1,24 @@ +{ lib, buildPythonPackage, fetchFromGitHub, requests }: + +buildPythonPackage rec { + pname = "pyvmomi"; + version = "6.7.1.2018.12"; + + src = fetchFromGitHub { + owner = "vmware"; + repo = pname; + rev = "v${version}"; + sha256 = "1pgl95rbghidbyr8hndjzfzgb1yjchfcknlqgg3qbqvljnz9hfja"; + }; + + # requires old version of vcrpy + doCheck = false; + + propagatedBuildInputs = [ requests ]; + + meta = with lib; { + description = "Python SDK for the VMware vSphere API that allows you to manage ESX, ESXi, and vCenter"; + homepage = "https://github.com/vmware/pyvmomi"; + license = licenses.asl20; + }; +} diff --git a/pkgs/development/python-modules/semantic-version/default.nix b/pkgs/development/python-modules/semantic-version/default.nix index e3c92a0e40f..4fcc19e57fc 100644 --- a/pkgs/development/python-modules/semantic-version/default.nix +++ b/pkgs/development/python-modules/semantic-version/default.nix @@ -2,11 +2,11 @@ buildPythonPackage rec { pname = "semantic_version"; - version = "2.6.0"; + version = "2.8.1"; src = fetchPypi { inherit pname version; - sha256 = "1h2l9xyg1zzsda6kjcmfcgycbvrafwci283vcr1v5sbk01l2hhra"; + sha256 = "1lnnpxmf3z1rcfr5n562vbraq236s13wlj8fmw2kwr2mrq7lqb8r"; }; # ModuleNotFoundError: No module named 'tests' diff --git a/pkgs/development/python-modules/speedtest-cli/default.nix b/pkgs/development/python-modules/speedtest-cli/default.nix index 36816f6133d..3c7a1c8d839 100644 --- a/pkgs/development/python-modules/speedtest-cli/default.nix +++ b/pkgs/development/python-modules/speedtest-cli/default.nix @@ -7,11 +7,11 @@ # required for home-assistant buildPythonPackage rec { pname = "speedtest-cli"; - version = "2.1.1"; + version = "2.1.2"; src = fetchPypi { inherit pname version; - sha256 = "1s3ylvkclzdsyqmpjnsd6ixrbmj7vd4bfsdplkjaz1c2czyy3j9p"; + sha256 = "0m1fpsb318mrpliw026a7nhx8iky306rmfi565734k7r49i3h7fg"; }; # tests require working internet connection diff --git a/pkgs/development/python-modules/textacy/default.nix b/pkgs/development/python-modules/textacy/default.nix index 086218b8439..454cff5e4a8 100644 --- a/pkgs/development/python-modules/textacy/default.nix +++ b/pkgs/development/python-modules/textacy/default.nix @@ -1,69 +1,59 @@ -{ stdenv -, buildPythonPackage -, isPy27 -, fetchPypi +{ lib, buildPythonPackage, fetchPypi, isPy27 , cachetools -, cld2-cffi , cytoolz -, ftfy -, ijson +, jellyfish , matplotlib , networkx , numpy , pyemd , pyphen -, python-Levenshtein +, pytest , requests , scikitlearn , scipy , spacy -, tqdm -, unidecode +, srsly }: buildPythonPackage rec { pname = "textacy"; - version = "0.6.3"; + version = "0.9.1"; + disabled = isPy27; src = fetchPypi { inherit pname version; - sha256 = "50402545ac92b1a931c2365e341cb35c4ebe5575525f1dcc5265901ff3895a5f"; + sha256 = "1jhj02g6kh5vc0z4az7n547siav3gj5571bqpzdryskj6bsma2z1"; }; propagatedBuildInputs = [ cachetools - cld2-cffi cytoolz - ftfy - ijson + jellyfish matplotlib networkx numpy pyemd pyphen - python-Levenshtein requests scikitlearn scipy spacy - tqdm - unidecode + srsly ]; - postPatch = '' - substituteInPlace setup.py \ - --replace "'ftfy>=4.2.0,<5.0.0'," "'ftfy>=5.0.0'," + checkInputs = [ pytest ]; + # almost all tests have to deal with downloading a dataset, only test pure tests + checkPhase = '' + pytest tests/test_text_utils.py \ + tests/test_utils.py \ + tests/preprocessing \ + tests/datasets/test_base_dataset.py ''; - doCheck = false; # tests want to download data files - - meta = with stdenv.lib; { + meta = with lib; { description = "Higher-level text processing, built on spaCy"; homepage = "http://textacy.readthedocs.io/"; license = licenses.asl20; maintainers = with maintainers; [ rvl ]; - # ftfy and jellyfish no longer support python2 - # latest scikitlearn not supported for this: https://github.com/chartbeat-labs/textacy/issues/260 - broken = true; }; } diff --git a/pkgs/development/python-modules/trezor_agent/default.nix b/pkgs/development/python-modules/trezor_agent/default.nix index e0c5329d23f..17ecd369136 100644 --- a/pkgs/development/python-modules/trezor_agent/default.nix +++ b/pkgs/development/python-modules/trezor_agent/default.nix @@ -8,6 +8,8 @@ , mnemonic , keepkey , semver +, wheel +, pinentry }: buildPythonPackage rec{ @@ -19,13 +21,13 @@ buildPythonPackage rec{ sha256 = "e82bf000c1178b1a7612f2a90487eb34c6234d2edb15dc8e310ad875d8298690"; }; - propagatedBuildInputs = [ trezor libagent ecdsa ed25519 mnemonic keepkey semver ]; + propagatedBuildInputs = [ trezor libagent ecdsa ed25519 mnemonic keepkey semver wheel pinentry ]; meta = with stdenv.lib; { description = "Using Trezor as hardware SSH agent"; - homepage = https://github.com/romanz/trezor-agent; + homepage = "https://github.com/romanz/trezor-agent"; license = licenses.gpl3; - maintainers = with maintainers; [ np ]; + maintainers = with maintainers; [ np mmahut ]; }; } diff --git a/pkgs/development/ruby-modules/bundix/default.nix b/pkgs/development/ruby-modules/bundix/default.nix index d6a8f3ddbc6..353adbcea6f 100644 --- a/pkgs/development/ruby-modules/bundix/default.nix +++ b/pkgs/development/ruby-modules/bundix/default.nix @@ -6,13 +6,13 @@ buildRubyGem rec { name = "${gemName}-${version}"; gemName = "bundix"; - version = "2.4.2"; + version = "2.5.0"; src = fetchFromGitHub { - owner = "manveru"; + owner = "nix-community"; repo = "bundix"; rev = version; - sha256 = "03jhj1dy0ljrymjnpi6mcxn36a29qxr835l1lc11879jjzvnr2ax"; + sha256 = "05y8sy6v9km1dwvpjzkjxpfzv95g6yzac1b5blac2f1r2kw167p8"; }; buildInputs = [ ruby bundler ]; diff --git a/pkgs/development/tools/analysis/flow/default.nix b/pkgs/development/tools/analysis/flow/default.nix index fb351f4adfd..f4c7047e8de 100644 --- a/pkgs/development/tools/analysis/flow/default.nix +++ b/pkgs/development/tools/analysis/flow/default.nix @@ -2,13 +2,13 @@ stdenv.mkDerivation rec { pname = "flow"; - version = "0.106.0"; + version = "0.107.0"; src = fetchFromGitHub { owner = "facebook"; repo = "flow"; rev = "refs/tags/v${version}"; - sha256 = "0da32j8s3avxa84g2gn9sr4nakibllz1kq5i3bgqbndrgcgsdvgw"; + sha256 = "1in7a006lgw4v2p0gn5sx41cn3p259vncpq0l3rz52lyfpn7ai3b"; }; installPhase = '' diff --git a/pkgs/development/tools/analysis/radare2/cutter.nix b/pkgs/development/tools/analysis/radare2/cutter.nix index a528a849ad7..84c56a9b569 100644 --- a/pkgs/development/tools/analysis/radare2/cutter.nix +++ b/pkgs/development/tools/analysis/radare2/cutter.nix @@ -5,7 +5,8 @@ , qtbase, qtsvg, qtwebengine # buildInputs , r2-for-cutter -, python3 }: +, python3 +, wrapQtAppsHook }: stdenv.mkDerivation rec { pname = "radare2-cutter"; @@ -30,7 +31,7 @@ stdenv.mkDerivation rec { ''; nativeBuildInputs = [ qmake pkgconfig ]; - buildInputs = [ qtbase qtsvg qtwebengine r2-for-cutter python3 ]; + buildInputs = [ qtbase qtsvg qtwebengine r2-for-cutter python3 wrapQtAppsHook ]; qmakeFlags = [ "CONFIG+=link_pkgconfig" diff --git a/pkgs/development/web/postman/default.nix b/pkgs/development/web/postman/default.nix index 1767eaab8bc..07bb1337745 100644 --- a/pkgs/development/web/postman/default.nix +++ b/pkgs/development/web/postman/default.nix @@ -1,20 +1,22 @@ -{ stdenv, lib, gnome2, fetchurl, pkgs, xorg, makeWrapper, makeDesktopItem }: +{ stdenv, fetchurl, makeDesktopItem, wrapGAppsHook +, atk, at-spi2-atk, alsaLib, cairo, cups, dbus, expat, gdk-pixbuf, glib, gtk3 +, freetype, fontconfig, nss, nspr, pango, udev, libX11, libxcb, libXi +, libXcursor, libXdamage, libXrandr, libXcomposite, libXext, libXfixes +, libXrender, libXtst, libXScrnSaver +}: stdenv.mkDerivation rec { pname = "postman"; - version = "7.0.7"; + version = "7.6.0"; src = fetchurl { url = "https://dl.pstmn.io/download/version/${version}/linux64"; - sha256 = "47be1b955759520f3a2c7dcdecb85b4c52c38df717da294ba184f46f2058014a"; - name = "${pname}-${version}.tar.gz"; + sha256 = "sha256:03y82ydkj46l7dn35y944gnghbrrhc75y3yxdyidbh8fl3xvmlfv"; + name = "${pname}.tar.gz"; }; - nativeBuildInputs = [ makeWrapper ]; - - dontPatchELF = true; - - buildPhase = ":"; # nothing to build + dontBuild = true; # nothing to build + dontConfigure = true; desktopItem = makeDesktopItem { name = "postman"; @@ -26,12 +28,48 @@ stdenv.mkDerivation rec { categories = "Application;Development;"; }; + buildInputs = [ + stdenv.cc.cc.lib + atk + at-spi2-atk + alsaLib + cairo + cups + dbus + expat + gdk-pixbuf + glib + gtk3 + freetype + fontconfig + nss + nspr + pango + udev + libX11 + libxcb + libXi + libXcursor + libXdamage + libXrandr + libXcomposite + libXext + libXfixes + libXrender + libXtst + libXScrnSaver + ]; + + nativeBuildInputs = [ wrapGAppsHook ]; + + installPhase = '' mkdir -p $out/share/postman cp -R app/* $out/share/postman + rm $out/share/postman/Postman mkdir -p $out/bin - ln -s $out/share/postman/Postman $out/bin/postman + ln -s $out/share/postman/_Postman $out/bin/postman mkdir -p $out/share/applications ln -s ${desktopItem}/share/applications/* $out/share/applications/ @@ -43,55 +81,21 @@ stdenv.mkDerivation rec { ln -s $out/share/postman/resources/app/assets/icon.png $iconSizeDir/postman.png ''; - preFixup = let - libPath = lib.makeLibraryPath [ - stdenv.cc.cc.lib - gnome2.pango - gnome2.GConf - pkgs.atk - pkgs.alsaLib - pkgs.cairo - pkgs.cups - pkgs.dbus.daemon.lib - pkgs.expat - pkgs.gdk-pixbuf - pkgs.glib - pkgs.gtk2-x11 - pkgs.freetype - pkgs.fontconfig - pkgs.nss - pkgs.nspr - pkgs.udev.lib - xorg.libX11 - xorg.libxcb - xorg.libXi - xorg.libXcursor - xorg.libXdamage - xorg.libXrandr - xorg.libXcomposite - xorg.libXext - xorg.libXfixes - xorg.libXrender - xorg.libX11 - xorg.libXtst - xorg.libXScrnSaver - ]; - in '' - patchelf \ - --set-interpreter "$(cat $NIX_CC/nix-support/dynamic-linker)" \ - --set-rpath "${libPath}:$out/share/postman" \ - $out/share/postman/Postman - patchelf --set-rpath "${libPath}" $out/share/postman/libnode.so - patchelf --set-rpath "${libPath}" $out/share/postman/libffmpeg.so - - wrapProgram $out/share/postman/Postman --prefix LD_LIBRARY_PATH : ${libPath} + postFixup = '' + pushd $out/share/postman + patchelf --set-interpreter "$(cat $NIX_CC/nix-support/dynamic-linker)" _Postman + for file in $(find . -type f \( -name \*.node -o -name _Postman -o -name \*.so\* \) ); do + ORIGIN=$(patchelf --print-rpath $file); \ + patchelf --set-rpath "${stdenv.lib.makeLibraryPath buildInputs}:$ORIGIN" $file + done + popd ''; meta = with stdenv.lib; { homepage = https://www.getpostman.com; description = "API Development Environment"; - license = stdenv.lib.licenses.postman; + license = licenses.postman; platforms = [ "x86_64-linux" ]; - maintainers = with maintainers; [ xurei ]; + maintainers = with maintainers; [ xurei evanjs ]; }; } diff --git a/pkgs/os-specific/linux/fwts/default.nix b/pkgs/os-specific/linux/fwts/default.nix index 07252b8bc31..b5df553a97c 100644 --- a/pkgs/os-specific/linux/fwts/default.nix +++ b/pkgs/os-specific/linux/fwts/default.nix @@ -3,11 +3,11 @@ stdenv.mkDerivation rec { pname = "fwts"; - version = "19.07.00"; + version = "19.08.00"; src = fetchzip { - url = "http://fwts.ubuntu.com/release/fwts-V${version}.tar.gz"; - sha256 = "04h99ri3nzhxr2js2a04bcj6zm17zlybqzv528j6hr6v0pv5wn4p"; + url = "http://fwts.ubuntu.com/release/${pname}-V${version}.tar.gz"; + sha256 = "14v4vxvfsl008xalsmlhl9wh89xlrfffh3pky9m90flaizdzwyp4"; stripRoot = false; }; diff --git a/pkgs/os-specific/linux/sysdig/default.nix b/pkgs/os-specific/linux/sysdig/default.nix index ce2bd1fa99f..399244e47ee 100644 --- a/pkgs/os-specific/linux/sysdig/default.nix +++ b/pkgs/os-specific/linux/sysdig/default.nix @@ -5,13 +5,13 @@ with stdenv.lib; stdenv.mkDerivation rec { pname = "sysdig"; - version = "0.26.2"; + version = "0.26.4"; src = fetchFromGitHub { owner = "draios"; repo = "sysdig"; rev = version; - sha256 = "1a74cvvy3lhilibc3lzcsvs6pwrdvdx2580qgckp1lrra9gf5hga"; + sha256 = "1v2j1ns17wyj7xl91p6wy1iwfx2fnn8af9nm939skc6229m87zzn"; }; nativeBuildInputs = [ cmake perl ]; diff --git a/pkgs/os-specific/linux/usbguard/default.nix b/pkgs/os-specific/linux/usbguard/default.nix index efc7406cc19..a9983561345 100644 --- a/pkgs/os-specific/linux/usbguard/default.nix +++ b/pkgs/os-specific/linux/usbguard/default.nix @@ -1,11 +1,8 @@ { stdenv, fetchurl, lib, - pkgconfig, libxml2, libxslt, - dbus-glib, libcap_ng, libqb, libseccomp, polkit, protobuf, audit, - withGui ? true, - qtbase ? null, - qttools ? null, - qtsvg ? null, + pkgconfig, libxslt, libxml2, docbook_xml_dtd_45, docbook_xsl, asciidoc, + dbus-glib, libcap_ng, libqb, libseccomp, polkit, protobuf, + audit, libgcrypt ? null, libsodium ? null }: @@ -15,20 +12,23 @@ with stdenv.lib; assert libgcrypt != null -> libsodium == null; stdenv.mkDerivation rec { - version = "0.7.4"; + version = "0.7.5"; pname = "usbguard"; repo = "https://github.com/USBGuard/usbguard"; src = fetchurl { url = "${repo}/releases/download/${pname}-${version}/${pname}-${version}.tar.gz"; - sha256 = "1qkskd6q5cwlh2cpcsbzmmmgk6w63z0825wlb2sjwqq3kfgwjb3k"; + sha256 = "0jj56sls13ryfgz6vajq8p4dm3grgb6rf2cmga6sckmzd4chk65b"; }; nativeBuildInputs = [ + asciidoc pkgconfig libxslt # xsltproc libxml2 # xmllint + docbook_xml_dtd_45 + docbook_xsl ]; buildInputs = [ @@ -41,8 +41,7 @@ stdenv.mkDerivation rec { audit ] ++ (lib.optional (libgcrypt != null) libgcrypt) - ++ (lib.optional (libsodium != null) libsodium) - ++ (lib.optionals withGui [ qtbase qtsvg qttools ]); + ++ (lib.optional (libsodium != null) libsodium); configureFlags = [ "--with-bundled-catch" @@ -51,8 +50,7 @@ stdenv.mkDerivation rec { "--with-polkit" ] ++ (lib.optional (libgcrypt != null) "--with-crypto-library=gcrypt") - ++ (lib.optional (libsodium != null) "--with-crypto-library=sodium") - ++ (lib.optional withGui "--with-gui-qt=qt5"); + ++ (lib.optional (libsodium != null) "--with-crypto-library=sodium"); enableParallelBuilding = true; diff --git a/pkgs/os-specific/linux/v4l-utils/default.nix b/pkgs/os-specific/linux/v4l-utils/default.nix index 9bb6fcdd0a0..199964daa66 100644 --- a/pkgs/os-specific/linux/v4l-utils/default.nix +++ b/pkgs/os-specific/linux/v4l-utils/default.nix @@ -8,11 +8,11 @@ mkDerivation rec { pname = "v4l-utils"; - version = "1.16.6"; + version = "1.16.7"; src = fetchurl { - url = "https://linuxtv.org/downloads/v4l-utils/${pname}-${version}.tar.bz2"; - sha256 = "1bkqlrizx0j2rd6ybam2x17bjrpwzl4v4szmnzm3cmixis3w3npr"; + url = "https://linuxtv.org/downloads/${pname}/${pname}-${version}.tar.bz2"; + sha256 = "1ng0x3wj3a1ckfd00yxa4za43xms92gdp7rdag060b7p39z7m4gf"; }; outputs = [ "out" "dev" ]; diff --git a/pkgs/servers/mautrix-whatsapp/default.nix b/pkgs/servers/mautrix-whatsapp/default.nix index 3d79d8421dd..852ea423649 100644 --- a/pkgs/servers/mautrix-whatsapp/default.nix +++ b/pkgs/servers/mautrix-whatsapp/default.nix @@ -1,24 +1,22 @@ -{ stdenv, buildGoPackage, fetchFromGitHub }: +{ stdenv, buildGoModule, fetchFromGitHub }: -buildGoPackage rec { +buildGoModule rec { pname = "mautrix-unstable"; - version = "2019-07-04"; - - goPackagePath = "maunium.net/go/mautrix-whatsapp"; + version = "2019-09-03"; src = fetchFromGitHub { owner = "tulir"; repo = "mautrix-whatsapp"; - rev = "29f5ae45c4b22f463003b23e355b951831f08b3e"; - sha256 = "12209m3x01i7bnnkg57ag1ivsk6n6pqaqfin7y02irgi3i3rm31r"; + rev = "22fb5c125db1a0a3a8be8e8e09e92bb38718e6bf"; + sha256 = "03wd6mn9jr1hr3qxg1r707ibi1s9511y97bfrmzka4mrsymgamxa"; }; - goDeps = ./deps.nix; + modSha256 = "14bqxx2hcr8yhcd5hi087pyc1hzqmr13p2fqb3nnsx12j7n07gww"; meta = with stdenv.lib; { homepage = https://github.com/tulir/mautrix-whatsapp; description = "Matrix <-> Whatsapp hybrid puppeting/relaybot bridge"; license = licenses.agpl3; - maintainers = with maintainers; [ vskilet ]; + maintainers = with maintainers; [ vskilet ma27 ]; }; } diff --git a/pkgs/servers/mautrix-whatsapp/deps.nix b/pkgs/servers/mautrix-whatsapp/deps.nix deleted file mode 100644 index 2dd35846bf5..00000000000 --- a/pkgs/servers/mautrix-whatsapp/deps.nix +++ /dev/null @@ -1,211 +0,0 @@ -# NOTE: this file isn't entirely generated, while performing the bump -# from 2019-02-24 to 2019-06-01, a lot of stuff broke during `vgo2nix` as the -# tool is unable to parse `replace` statements atm. -# -# The following sources were altered manually: -# * github.com/Rhymen/go-whatsapp -> github.com/tulir/go-whatsapp (at 36ed380bdc18) -# * github.com/golang/protobuf: v1.2.0 -> v1.3.1 -# * maunium.net/go/mautrix: v0.1.0-alpha3 -> ca5d9535b6cc -# * maunium.net/go/mautrix-appservice: v0.1.0-alpha3 -> 6e6c9bb47548 - -# file generated from go.mod using vgo2nix (https://github.com/adisbladis/vgo2nix) -[ - { - goPackagePath = "github.com/Rhymen/go-whatsapp"; - fetch = { - type = "git"; - url = "https://github.com/tulir/go-whatsapp"; - rev = "36ed380bdc188e35fe804d6dd4809ee170136670"; - sha256 = "1ida4j5hgqc5djwfsaqp8g6iynn150rwj42kqk9q2srwz5075n4p"; - }; - } - { - goPackagePath = "github.com/fatih/color"; - fetch = { - type = "git"; - url = "https://github.com/fatih/color"; - rev = "v1.7.0"; - sha256 = "0v8msvg38r8d1iiq2i5r4xyfx0invhc941kjrsg5gzwvagv55inv"; - }; - } - { - goPackagePath = "github.com/golang/protobuf"; - fetch = { - type = "git"; - url = "https://github.com/golang/protobuf"; - rev = "v1.3.1"; - sha256 = "15am4s4646qy6iv0g3kkqq52rzykqjhm4bf08dk0fy2r58knpsyl"; - }; - } - { - goPackagePath = "github.com/gorilla/mux"; - fetch = { - type = "git"; - url = "https://github.com/gorilla/mux"; - rev = "v1.6.2"; - sha256 = "0pvzm23hklxysspnz52mih6h1q74vfrdhjfm1l3sa9r8hhqmmld2"; - }; - } - { - goPackagePath = "github.com/gorilla/websocket"; - fetch = { - type = "git"; - url = "https://github.com/gorilla/websocket"; - rev = "v1.4.0"; - sha256 = "00i4vb31nsfkzzk7swvx3i75r2d960js3dri1875vypk3v2s0pzk"; - }; - } - { - goPackagePath = "github.com/lib/pq"; - fetch = { - type = "git"; - url = "https://github.com/lib/pq"; - rev = "v1.1.1"; - sha256 = "0g64wlg1l1ybq4x44idksl4pgm055s58jxc6r6x4qhqm5q76h0km"; - }; - } - { - goPackagePath = "github.com/mattn/go-colorable"; - fetch = { - type = "git"; - url = "https://github.com/mattn/go-colorable"; - rev = "v0.0.9"; - sha256 = "1nwjmsppsjicr7anq8na6md7b1z84l9ppnlr045hhxjvbkqwalvx"; - }; - } - { - goPackagePath = "github.com/mattn/go-isatty"; - fetch = { - type = "git"; - url = "https://github.com/mattn/go-isatty"; - rev = "v0.0.4"; - sha256 = "0zs92j2cqaw9j8qx1sdxpv3ap0rgbs0vrvi72m40mg8aa36gd39w"; - }; - } - { - goPackagePath = "github.com/mattn/go-sqlite3"; - fetch = { - type = "git"; - url = "https://github.com/mattn/go-sqlite3"; - rev = "v1.10.0"; - sha256 = "1zmz6asplixfihxhj11spgfs0v3xzb3nv0hlq6n6zsg781ni31xx"; - }; - } - { - goPackagePath = "github.com/pkg/errors"; - fetch = { - type = "git"; - url = "https://github.com/pkg/errors"; - rev = "v0.8.1"; - sha256 = "0g5qcb4d4fd96midz0zdk8b9kz8xkzwfa8kr1cliqbg8sxsy5vd1"; - }; - } - { - goPackagePath = "gopkg.in/russross/blackfriday.v2"; - fetch = { - type = "git"; - url = "https://github.com/russross/blackfriday"; - rev = "v2.0.1"; - sha256 = "0nlz7isdd4rgnwzs68499hlwicxz34j2k2a0b8jy0y7ycd2bcr5j"; - }; - } - { - goPackagePath = "github.com/shurcooL/sanitized_anchor_name"; - fetch = { - type = "git"; - url = "https://github.com/shurcooL/sanitized_anchor_name"; - rev = "v1.0.0"; - sha256 = "1gv9p2nr46z80dnfjsklc6zxbgk96349sdsxjz05f3z6wb6m5l8f"; - }; - } - { - goPackagePath = "github.com/skip2/go-qrcode"; - fetch = { - type = "git"; - url = "https://github.com/skip2/go-qrcode"; - rev = "dc11ecdae0a9"; - sha256 = "0mc70hsn5x2a66a9sbwlq51cng2s1aq7rw4pr9pif4xdzflkl057"; - }; - } - { - goPackagePath = "golang.org/x/crypto"; - fetch = { - type = "git"; - url = "https://go.googlesource.com/crypto"; - rev = "b8fe1690c613"; - sha256 = "1mbfpbrirsz8fsdkibm9l4sccpm774p9201mpmfh4hxshz3girq3"; - }; - } - { - goPackagePath = "golang.org/x/net"; - fetch = { - type = "git"; - url = "https://go.googlesource.com/net"; - rev = "915654e7eabc"; - sha256 = "0fzd7n2yc4qnnf2wk21zxy6gb01xviq2z1dzrbqcn8p1s4fjsqw5"; - }; - } - { - goPackagePath = "golang.org/x/sync"; - fetch = { - type = "git"; - url = "https://go.googlesource.com/sync"; - rev = "37e7f081c4d4"; - sha256 = "1bb0mw6ckb1k7z8v3iil2qlqwfj408fvvp8m1cik2b46p7snyjhm"; - }; - } - { - goPackagePath = "gopkg.in/check.v1"; - fetch = { - type = "git"; - url = "https://gopkg.in/check.v1"; - rev = "788fd7840127"; - sha256 = "0v3bim0j375z81zrpr5qv42knqs0y2qv2vkjiqi5axvb78slki1a"; - }; - } - { - goPackagePath = "gopkg.in/yaml.v2"; - fetch = { - type = "git"; - url = "https://gopkg.in/yaml.v2"; - rev = "v2.2.2"; - sha256 = "01wj12jzsdqlnidpyjssmj0r4yavlqy7dwrg7adqd8dicjc4ncsa"; - }; - } - { - goPackagePath = "maunium.net/go/mauflag"; - fetch = { - type = "git"; - url = "https://github.com/tulir/mauflag.git"; - rev = "v1.0.0"; - sha256 = "09jv1819jwq5i29y6ngf4j4ii6qwlshydvprfvsfplc419dkz1vx"; - }; - } - { - goPackagePath = "maunium.net/go/maulogger"; - fetch = { - type = "git"; - url = "https://github.com/tulir/maulogger.git"; - rev = "v2.0.0"; - sha256 = "0qz4cpaqvcmrj3fb2bb6yrhw3k5h51crskricyqgg1b7aklphan5"; - }; - } - { - goPackagePath = "maunium.net/go/mautrix"; - fetch = { - type = "git"; - url = "https://github.com/tulir/mautrix-go.git"; - rev = "ca5d9535b6ccee8fdf473f9cc935932ef3e53ae7"; - sha256 = "1qrh77c8vh2k6ffwf0cymjmhcp7d0rdad1ixqx5r1xig27f7v0qg"; - }; - } - { - goPackagePath = "maunium.net/go/mautrix-appservice"; - fetch = { - type = "git"; - url = "https://github.com/tulir/mautrix-appservice-go.git"; - rev = "6e6c9bb4754849443cb3c64d9510f8d2eb3e668d"; - sha256 = "1zwsfvgxs2zbc6yvgnk16w2wkh891kihrzar3qzz9cvsgjznlyvy"; - }; - } -] diff --git a/pkgs/servers/monitoring/prometheus/process-exporter.nix b/pkgs/servers/monitoring/prometheus/process-exporter.nix new file mode 100644 index 00000000000..a29ab649633 --- /dev/null +++ b/pkgs/servers/monitoring/prometheus/process-exporter.nix @@ -0,0 +1,31 @@ +{ stdenv, buildGoPackage, fetchFromGitHub }: + +buildGoPackage rec { + pname = "process-exporter"; + version = "0.5.0"; + + goPackagePath = "github.com/ncabatoff/process-exporter"; + + goDeps = ./process-exporter_deps.nix; + + src = fetchFromGitHub { + owner = "ncabatoff"; + repo = pname; + rev = "v${version}"; + sha256 = "129vqry3l8waxcyvx83wg0dvh3qg4pr3rl5fw7vmhgdzygbaq3bq"; + }; + + postPatch = '' + substituteInPlace proc/read_test.go --replace /bin/cat cat + ''; + + doCheck = true; + + meta = with stdenv.lib; { + description = "Prometheus exporter that mines /proc to report on selected processes"; + homepage = "https://github.com/ncabatoff/process-exporter"; + license = licenses.mit; + maintainers = with maintainers; [ maintainers."1000101" ]; + platforms = platforms.linux; + }; +} diff --git a/pkgs/servers/monitoring/prometheus/process-exporter_deps.nix b/pkgs/servers/monitoring/prometheus/process-exporter_deps.nix new file mode 100644 index 00000000000..c8880119207 --- /dev/null +++ b/pkgs/servers/monitoring/prometheus/process-exporter_deps.nix @@ -0,0 +1,156 @@ +# file generated from go.mod using vgo2nix (https://github.com/adisbladis/vgo2nix) +[ + { + goPackagePath = "github.com/beorn7/perks"; + fetch = { + type = "git"; + url = "https://github.com/beorn7/perks"; + rev = "3a771d992973"; + sha256 = "1l2lns4f5jabp61201sh88zf3b0q793w4zdgp9nll7mmfcxxjif3"; + }; + } + { + goPackagePath = "github.com/golang/protobuf"; + fetch = { + type = "git"; + url = "https://github.com/golang/protobuf"; + rev = "v1.1.0"; + sha256 = "0ya4ha7m20bw048m1159ppqzlvda4x0vdprlbk5sdgmy74h3xcdq"; + }; + } + { + goPackagePath = "github.com/google/go-cmp"; + fetch = { + type = "git"; + url = "https://github.com/google/go-cmp"; + rev = "v0.2.0"; + sha256 = "1fbv0x27k9sn8svafc0hjwsnckk864lv4yi7bvzrxvmd3d5hskds"; + }; + } + { + goPackagePath = "github.com/kr/pretty"; + fetch = { + type = "git"; + url = "https://github.com/kr/pretty"; + rev = "v0.1.0"; + sha256 = "18m4pwg2abd0j9cn5v3k2ksk9ig4vlwxmlw9rrglanziv9l967qp"; + }; + } + { + goPackagePath = "github.com/kr/pty"; + fetch = { + type = "git"; + url = "https://github.com/kr/pty"; + rev = "v1.1.1"; + sha256 = "0383f0mb9kqjvncqrfpidsf8y6ns5zlrc91c6a74xpyxjwvzl2y6"; + }; + } + { + goPackagePath = "github.com/kr/text"; + fetch = { + type = "git"; + url = "https://github.com/kr/text"; + rev = "v0.1.0"; + sha256 = "1gm5bsl01apvc84bw06hasawyqm4q84vx1pm32wr9jnd7a8vjgj1"; + }; + } + { + goPackagePath = "github.com/matttproud/golang_protobuf_extensions"; + fetch = { + type = "git"; + url = "https://github.com/matttproud/golang_protobuf_extensions"; + rev = "v1.0.1"; + sha256 = "1d0c1isd2lk9pnfq2nk0aih356j30k3h1gi2w0ixsivi5csl7jya"; + }; + } + { + goPackagePath = "github.com/ncabatoff/fakescraper"; + fetch = { + type = "git"; + url = "https://github.com/ncabatoff/fakescraper"; + rev = "15938421d91a"; + sha256 = "1in2iakq6xly9r8gk0mfim8n0glbjzpa07hkaj1rlrm0i11jlc6f"; + }; + } + { + goPackagePath = "github.com/ncabatoff/go-seq"; + fetch = { + type = "git"; + url = "https://github.com/ncabatoff/go-seq"; + rev = "b08ef85ed833"; + sha256 = "1x88x285n4wf221pp7ccmh2ai7rgcnwz764gn8k861qg30jl1ky6"; + }; + } + { + goPackagePath = "github.com/ncabatoff/procfs"; + fetch = { + type = "git"; + url = "https://github.com/ncabatoff/procfs"; + rev = "9ced60d7b905"; + sha256 = "19756h4lw5v8f0xr70cl8gd0wfqcnszrhhgawqhyinnir82rz728"; + }; + } + { + goPackagePath = "github.com/prometheus/client_golang"; + fetch = { + type = "git"; + url = "https://github.com/prometheus/client_golang"; + rev = "v0.8.0"; + sha256 = "1xqny3147g12n4j03kxm8s9mvdbs3ln6i56c655mybrn9jjy48kd"; + }; + } + { + goPackagePath = "github.com/prometheus/client_model"; + fetch = { + type = "git"; + url = "https://github.com/prometheus/client_model"; + rev = "5c3871d89910"; + sha256 = "04psf81l9fjcwascsys428v03fx4fi894h7fhrj2vvcz723q57k0"; + }; + } + { + goPackagePath = "github.com/prometheus/common"; + fetch = { + type = "git"; + url = "https://github.com/prometheus/common"; + rev = "c7de2306084e"; + sha256 = "11dqfm2d0m4sjjgyrnayman96g59x2apmvvqby9qmww2qj2k83ig"; + }; + } + { + goPackagePath = "github.com/prometheus/procfs"; + fetch = { + type = "git"; + url = "https://github.com/prometheus/procfs"; + rev = "ea9eea638872"; + sha256 = "1j99qszynx2asac82bhzhk0g1nav87nfgkb1cz5a2iywj81liirj"; + }; + } + { + goPackagePath = "golang.org/x/sync"; + fetch = { + type = "git"; + url = "https://go.googlesource.com/sync"; + rev = "37e7f081c4d4"; + sha256 = "1bb0mw6ckb1k7z8v3iil2qlqwfj408fvvp8m1cik2b46p7snyjhm"; + }; + } + { + goPackagePath = "gopkg.in/check.v1"; + fetch = { + type = "git"; + url = "https://gopkg.in/check.v1"; + rev = "788fd7840127"; + sha256 = "0v3bim0j375z81zrpr5qv42knqs0y2qv2vkjiqi5axvb78slki1a"; + }; + } + { + goPackagePath = "gopkg.in/yaml.v2"; + fetch = { + type = "git"; + url = "https://gopkg.in/yaml.v2"; + rev = "v2.2.1"; + sha256 = "0dwjrs2lp2gdlscs7bsrmyc5yf6mm4fvgw71bzr9mv2qrd2q73s1"; + }; + } +] diff --git a/pkgs/servers/tacacs+/default.nix b/pkgs/servers/tacacsplus/default.nix index 01d8affd1e8..400298d15d5 100644 --- a/pkgs/servers/tacacs+/default.nix +++ b/pkgs/servers/tacacsplus/default.nix @@ -1,7 +1,7 @@ { stdenv, fetchurl, tcp_wrappers, flex, bison, perl }: stdenv.mkDerivation rec { - pname = "tacacs+"; + pname = "tacacsplus"; version = "4.0.4.28"; src = fetchurl { diff --git a/pkgs/tools/X11/caffeine-ng/default.nix b/pkgs/tools/X11/caffeine-ng/default.nix index 57f32ed8225..b54a7303ff8 100644 --- a/pkgs/tools/X11/caffeine-ng/default.nix +++ b/pkgs/tools/X11/caffeine-ng/default.nix @@ -1,23 +1,28 @@ { gdk-pixbuf, glib, gobject-introspection, gtk3, lib, libnotify, - pythonPackages, wrapGAppsHook + python3Packages, wrapGAppsHook }: -pythonPackages.buildPythonApplication rec { +python3Packages.buildPythonApplication rec { pname = "caffeine-ng"; version = "3.4.2"; - src = pythonPackages.fetchPypi{ + src = python3Packages.fetchPypi{ inherit pname version; sha256="05k8smjlfjcccgmp8qi04l7106k46fs4p8fl5bdqqjwv6pwl7y4w"; }; nativeBuildInputs = [ wrapGAppsHook glib ]; - buildInputs = [ gdk-pixbuf gobject-introspection libnotify gtk3 ]; - pythonPath = with pythonPackages; [ + buildInputs = [ + gdk-pixbuf gobject-introspection libnotify gtk3 + python3Packages.setuptools_scm + ]; + pythonPath = with python3Packages; [ dbus-python docopt ewmh pygobject3 pyxdg - setproctitle setuptools setuptools_scm wheel + setproctitle ]; + doCheck = false; # There are no tests. + postBuild = '' mkdir -p $out/share cp -r share $out/ diff --git a/pkgs/tools/admin/aws-rotate-key/default.nix b/pkgs/tools/admin/aws-rotate-key/default.nix index 70f1c64c7f2..830dcee26e4 100644 --- a/pkgs/tools/admin/aws-rotate-key/default.nix +++ b/pkgs/tools/admin/aws-rotate-key/default.nix @@ -2,7 +2,7 @@ buildGoPackage rec { pname = "aws-rotate-key"; - version = "1.0.4"; + version = "1.0.6"; goPackagePath = "github.com/Fullscreen/aws-rotate-key"; @@ -10,7 +10,7 @@ buildGoPackage rec { rev = "v${version}"; owner = "Fullscreen"; repo = "aws-rotate-key"; - sha256 = "14bcs434646qdywws55r1a1v8ncwz8n0yljaa8zb5796pv4445wf"; + sha256 = "sha256:1w9704g1l2b0y6g6mk79g28kk0yaswpgljkk85d0i10wyxq4icby"; }; goDeps = ./deps.nix; diff --git a/pkgs/tools/admin/eksctl/default.nix b/pkgs/tools/admin/eksctl/default.nix index 4a4d738f04d..5671cd096f8 100644 --- a/pkgs/tools/admin/eksctl/default.nix +++ b/pkgs/tools/admin/eksctl/default.nix @@ -2,16 +2,16 @@ buildGoModule rec { pname = "eksctl"; - version = "0.4.3"; + version = "0.5.0"; src = fetchFromGitHub { owner = "weaveworks"; repo = pname; rev = version; - sha256 = "1h7fyxlwa9f9r08rpl05r62ap7h7viaqchldbnv7j3vs2j23k127"; + sha256 = "1aifdrxasg7d6gpy7s6kdjz9ky2kddpigh8z0f3zckw7hd68jk0g"; }; - modSha256 = "17bb1k18x1xfq9bi9qbm8pln6h6pkhaqzy07qdvnhinmspll1695"; + modSha256 = "18vsi1hrv3z36w7vwl2bg8b2p5dwzw7dsw434adw9l1k7yv5x4vv"; subPackages = [ "cmd/eksctl" ]; diff --git a/pkgs/tools/audio/aucdtect/default.nix b/pkgs/tools/audio/aucdtect/default.nix index 21adf3b972a..ad9d5fb8690 100644 --- a/pkgs/tools/audio/aucdtect/default.nix +++ b/pkgs/tools/audio/aucdtect/default.nix @@ -3,26 +3,29 @@ with lib; stdenv.mkDerivation rec { - pname = "aucdtext"; + pname = "aucdtect"; version = "0.8-2"; src = fetchurl { - url = "http://www.true-audio.com/ftp/aucdtect-${version}.i586.rpm"; + url = "http://www.true-audio.com/ftp/${pname}-${version}.i586.rpm"; sha256 = "1lp5f0rq5b5n5il0c64m00gcfskarvgqslpryms9443d200y6mmd"; }; unpackCmd = "${rpmextract}/bin/rpmextract $src"; installPhase = '' - mkdir -p $out/bin - install -m755 local/bin/auCDtect $out/bin/aucdtect + runHook preInstall + + install -Dm755 local/bin/auCDtect $out/bin/aucdtect + + runHook postInstall ''; dontStrip = true; meta = with stdenv.lib; { description = "Verify authenticity of lossless audio files"; - homepage = http://tausoft.org; + homepage = "http://tausoft.org"; license = licenses.unfreeRedistributable; maintainers = with maintainers; [ peterhoeg ]; platforms = platforms.linux; diff --git a/pkgs/tools/filesystems/ceph/0000-dont-check-cherrypy-version.patch b/pkgs/tools/filesystems/ceph/0000-dont-check-cherrypy-version.patch new file mode 100644 index 00000000000..9604da87fb5 --- /dev/null +++ b/pkgs/tools/filesystems/ceph/0000-dont-check-cherrypy-version.patch @@ -0,0 +1,70 @@ +diff --git a/src/pybind/mgr/dashboard/module.py b/src/pybind/mgr/dashboard/module.py +index a8a3ec07c1..bcc9b86c37 100644 +--- a/src/pybind/mgr/dashboard/module.py ++++ b/src/pybind/mgr/dashboard/module.py +@@ -25,40 +25,6 @@ except ImportError: + + from .services.sso import load_sso_db + +-# The SSL code in CherryPy 3.5.0 is buggy. It was fixed long ago, +-# but 3.5.0 is still shipping in major linux distributions +-# (Fedora 27, Ubuntu Xenial), so we must monkey patch it to get SSL working. +-if cherrypy is not None: +- v = StrictVersion(cherrypy.__version__) +- # It was fixed in 3.7.0. Exact lower bound version is probably earlier, +- # but 3.5.0 is what this monkey patch is tested on. +- if StrictVersion("3.5.0") <= v < StrictVersion("3.7.0"): +- from cherrypy.wsgiserver.wsgiserver2 import HTTPConnection,\ +- CP_fileobject +- +- def fixed_init(hc_self, server, sock, makefile=CP_fileobject): +- hc_self.server = server +- hc_self.socket = sock +- hc_self.rfile = makefile(sock, "rb", hc_self.rbufsize) +- hc_self.wfile = makefile(sock, "wb", hc_self.wbufsize) +- hc_self.requests_seen = 0 +- +- HTTPConnection.__init__ = fixed_init +- +-# When the CherryPy server in 3.2.2 (and later) starts it attempts to verify +-# that the ports its listening on are in fact bound. When using the any address +-# "::" it tries both ipv4 and ipv6, and in some environments (e.g. kubernetes) +-# ipv6 isn't yet configured / supported and CherryPy throws an uncaught +-# exception. +-if cherrypy is not None: +- v = StrictVersion(cherrypy.__version__) +- # the issue was fixed in 3.2.3. it's present in 3.2.2 (current version on +- # centos:7) and back to at least 3.0.0. +- if StrictVersion("3.1.2") <= v < StrictVersion("3.2.3"): +- # https://github.com/cherrypy/cherrypy/issues/1100 +- from cherrypy.process import servers +- servers.wait_for_occupied_port = lambda host, port: None +- + if 'COVERAGE_ENABLED' in os.environ: + import coverage + __cov = coverage.Coverage(config_file="{}/.coveragerc".format(os.path.dirname(__file__)), +diff --git a/src/pybind/mgr/prometheus/module.py b/src/pybind/mgr/prometheus/module.py +index b7fecf8d85..dfd4160591 100644 +--- a/src/pybind/mgr/prometheus/module.py ++++ b/src/pybind/mgr/prometheus/module.py +@@ -18,20 +18,6 @@ from rbd import RBD + DEFAULT_ADDR = '::' + DEFAULT_PORT = 9283 + +-# When the CherryPy server in 3.2.2 (and later) starts it attempts to verify +-# that the ports its listening on are in fact bound. When using the any address +-# "::" it tries both ipv4 and ipv6, and in some environments (e.g. kubernetes) +-# ipv6 isn't yet configured / supported and CherryPy throws an uncaught +-# exception. +-if cherrypy is not None: +- v = StrictVersion(cherrypy.__version__) +- # the issue was fixed in 3.2.3. it's present in 3.2.2 (current version on +- # centos:7) and back to at least 3.0.0. +- if StrictVersion("3.1.2") <= v < StrictVersion("3.2.3"): +- # https://github.com/cherrypy/cherrypy/issues/1100 +- from cherrypy.process import servers +- servers.wait_for_occupied_port = lambda host, port: None +- + # cherrypy likes to sys.exit on error. don't let it take us down too! + def os_exit_noop(*args, **kwargs): + pass diff --git a/pkgs/tools/filesystems/ceph/0000-fix-SPDK-build-env.patch b/pkgs/tools/filesystems/ceph/0000-fix-SPDK-build-env.patch new file mode 100644 index 00000000000..b04082537b5 --- /dev/null +++ b/pkgs/tools/filesystems/ceph/0000-fix-SPDK-build-env.patch @@ -0,0 +1,11 @@ +--- a/cmake/modules/BuildSPDK.cmake 2018-08-09 09:22:34.950684960 +0200 ++++ b/cmake/modules/BuildSPDK.cmake 2018-08-09 09:21:59.986964224 +0200 +@@ -16,7 +16,7 @@ + # unset $CFLAGS, otherwise it will interfere with how SPDK sets + # its include directory. + # unset $LDFLAGS, otherwise SPDK will fail to mock some functions. +- BUILD_COMMAND env -i PATH=$ENV{PATH} CC=${CMAKE_C_COMPILER} $(MAKE) EXTRA_CFLAGS="-fPIC" ++ BUILD_COMMAND env PATH=$ENV{PATH} CC=${CMAKE_C_COMPILER} $(MAKE) EXTRA_CFLAGS="-fPIC" C_OPT="-mssse3" + BUILD_IN_SOURCE 1 + INSTALL_COMMAND "true") + ExternalProject_Get_Property(spdk-ext source_dir) diff --git a/pkgs/tools/filesystems/ceph/0001-kv-RocksDBStore-API-break-additional.patch b/pkgs/tools/filesystems/ceph/0001-kv-RocksDBStore-API-break-additional.patch deleted file mode 100644 index 0b6f1d30a4c..00000000000 --- a/pkgs/tools/filesystems/ceph/0001-kv-RocksDBStore-API-break-additional.patch +++ /dev/null @@ -1,58 +0,0 @@ -Seulement dans ceph: ceph.old -diff -ur ceph.old/src/kv/RocksDBStore.cc ceph/src/kv/RocksDBStore.cc ---- ceph.old/src/kv/RocksDBStore.cc 1980-01-02 00:00:00.000000000 +0100 -+++ ceph/src/kv/RocksDBStore.cc 2018-01-24 14:08:35.017553372 +0100 -@@ -505,7 +505,7 @@ - // considering performance overhead, default is disabled - if (g_conf->rocksdb_perf) { - rocksdb::SetPerfLevel(rocksdb::PerfLevel::kEnableTimeExceptForMutex); -- rocksdb::perf_context.Reset(); -+ rocksdb::get_perf_context()->Reset(); - } - - RocksDBTransactionImpl * _t = -@@ -532,13 +532,13 @@ - utime_t write_wal_time; - utime_t write_pre_and_post_process_time; - write_wal_time.set_from_double( -- static_cast<double>(rocksdb::perf_context.write_wal_time)/1000000000); -+ static_cast<double>(rocksdb::get_perf_context()->write_wal_time)/1000000000); - write_memtable_time.set_from_double( -- static_cast<double>(rocksdb::perf_context.write_memtable_time)/1000000000); -+ static_cast<double>(rocksdb::get_perf_context()->write_memtable_time)/1000000000); - write_delay_time.set_from_double( -- static_cast<double>(rocksdb::perf_context.write_delay_time)/1000000000); -+ static_cast<double>(rocksdb::get_perf_context()->write_delay_time)/1000000000); - write_pre_and_post_process_time.set_from_double( -- static_cast<double>(rocksdb::perf_context.write_pre_and_post_process_time)/1000000000); -+ static_cast<double>(rocksdb::get_perf_context()->write_pre_and_post_process_time)/1000000000); - logger->tinc(l_rocksdb_write_memtable_time, write_memtable_time); - logger->tinc(l_rocksdb_write_delay_time, write_delay_time); - logger->tinc(l_rocksdb_write_wal_time, write_wal_time); -@@ -558,7 +558,7 @@ - // considering performance overhead, default is disabled - if (g_conf->rocksdb_perf) { - rocksdb::SetPerfLevel(rocksdb::PerfLevel::kEnableTimeExceptForMutex); -- rocksdb::perf_context.Reset(); -+ rocksdb::get_perf_context()->Reset(); - } - - RocksDBTransactionImpl * _t = -@@ -586,13 +586,13 @@ - utime_t write_wal_time; - utime_t write_pre_and_post_process_time; - write_wal_time.set_from_double( -- static_cast<double>(rocksdb::perf_context.write_wal_time)/1000000000); -+ static_cast<double>(rocksdb::get_perf_context()->write_wal_time)/1000000000); - write_memtable_time.set_from_double( -- static_cast<double>(rocksdb::perf_context.write_memtable_time)/1000000000); -+ static_cast<double>(rocksdb::get_perf_context()->write_memtable_time)/1000000000); - write_delay_time.set_from_double( -- static_cast<double>(rocksdb::perf_context.write_delay_time)/1000000000); -+ static_cast<double>(rocksdb::get_perf_context()->write_delay_time)/1000000000); - write_pre_and_post_process_time.set_from_double( -- static_cast<double>(rocksdb::perf_context.write_pre_and_post_process_time)/1000000000); -+ static_cast<double>(rocksdb::get_perf_context()->write_pre_and_post_process_time)/1000000000); - logger->tinc(l_rocksdb_write_memtable_time, write_memtable_time); - logger->tinc(l_rocksdb_write_delay_time, write_delay_time); - logger->tinc(l_rocksdb_write_wal_time, write_wal_time); diff --git a/pkgs/tools/filesystems/ceph/0002-fix-absolute-include-path.patch b/pkgs/tools/filesystems/ceph/0002-fix-absolute-include-path.patch deleted file mode 100644 index 01aa194dddf..00000000000 --- a/pkgs/tools/filesystems/ceph/0002-fix-absolute-include-path.patch +++ /dev/null @@ -1,19 +0,0 @@ -diff -ru ceph/src/key_value_store/kv_flat_btree_async.cc ceph-copy/src/key_value_store/kv_flat_btree_async.cc ---- ceph/src/key_value_store/kv_flat_btree_async.cc 1980-01-02 00:00:00.000000000 +0100 -+++ ceph-copy/src/key_value_store/kv_flat_btree_async.cc 2018-02-13 21:49:59.232860487 +0100 -@@ -15,13 +15,13 @@ - #include "key_value_store/kv_flat_btree_async.h" - #include "key_value_store/kvs_arg_types.h" - #include "include/rados/librados.hpp" --#include "/usr/include/asm-generic/errno.h" --#include "/usr/include/asm-generic/errno-base.h" - #include "common/ceph_context.h" - #include "common/Clock.h" - #include "include/types.h" - - -+#include <asm-generic/errno.h> -+#include <asm-generic/errno-base.h> - #include <string> - #include <iostream> - #include <cassert> diff --git a/pkgs/tools/filesystems/ceph/default.nix b/pkgs/tools/filesystems/ceph/default.nix index ef3e36ff627..efb292687ab 100644 --- a/pkgs/tools/filesystems/ceph/default.nix +++ b/pkgs/tools/filesystems/ceph/default.nix @@ -1,12 +1,198 @@ -{ callPackage, fetchgit, fetchpatch, ... } @ args: +{ stdenv, runCommand, fetchurl +, ensureNewerSourcesHook +, cmake, pkgconfig +, which, git +, boost, python3Packages +, libxml2, zlib, lz4 +, openldap, lttng-ust +, babeltrace, gperf +, cunit, snappy +, rocksdb, makeWrapper +, leveldb, oathToolkit, removeReferencesTo -callPackage ./generic.nix (args // rec { - version = "12.2.7"; +# Optional Dependencies +, yasm ? null, fcgi ? null, expat ? null +, curl ? null, fuse ? null +, libedit ? null, libatomic_ops ? null +, libs3 ? null - src = fetchgit { - url = "https://github.com/ceph/ceph.git"; - rev = "refs/tags/v${version}"; - sha256 = "031nfw2g2fdpxxx39g862phgmdx68hj9r54axazandghfhc1bzrl"; +# Mallocs +, jemalloc ? null, gperftools ? null + +# Crypto Dependencies +, cryptopp ? null +, nss ? null, nspr ? null + +# Linux Only Dependencies +, linuxHeaders, utillinux, libuuid, udev, keyutils, rdma-core, rabbitmq-c +, libaio ? null, libxfs ? null, zfs ? null +, ... +}: + +# We must have one crypto library +assert cryptopp != null || (nss != null && nspr != null); + +with stdenv; with stdenv.lib; +let + shouldUsePkg = pkg: if pkg != null && pkg.meta.available then pkg else null; + + optYasm = shouldUsePkg yasm; + optFcgi = shouldUsePkg fcgi; + optExpat = shouldUsePkg expat; + optCurl = shouldUsePkg curl; + optFuse = shouldUsePkg fuse; + optLibedit = shouldUsePkg libedit; + optLibatomic_ops = shouldUsePkg libatomic_ops; + optLibs3 = shouldUsePkg libs3; + + optJemalloc = shouldUsePkg jemalloc; + optGperftools = shouldUsePkg gperftools; + + optCryptopp = shouldUsePkg cryptopp; + optNss = shouldUsePkg nss; + optNspr = shouldUsePkg nspr; + + optLibaio = shouldUsePkg libaio; + optLibxfs = shouldUsePkg libxfs; + optZfs = shouldUsePkg zfs; + + hasRadosgw = optFcgi != null && optExpat != null && optCurl != null && optLibedit != null; + + + # Malloc implementation (can be jemalloc, tcmalloc or null) + malloc = if optJemalloc != null then optJemalloc else optGperftools; + + # We prefer nss over cryptopp + cryptoStr = if optNss != null && optNspr != null then "nss" else + if optCryptopp != null then "cryptopp" else "none"; + + cryptoLibsMap = { + nss = [ optNss optNspr ]; + cryptopp = [ optCryptopp ]; + none = [ ]; + }; + + ceph-python-env = python3Packages.python.withPackages (ps: [ + ps.sphinx + ps.flask + ps.cython + ps.setuptools + ps.virtualenv + # Libraries needed by the python tools + ps.Mako + ps.cherrypy + ps.pecan + ps.prettytable + ps.pyjwt + ps.webob + ps.bcrypt + ps.six + ]); + + version = "14.2.1"; +in rec { + ceph = stdenv.mkDerivation { + name="ceph-${version}"; + + src = fetchurl { + url = "http://download.ceph.com/tarballs/ceph-${version}.tar.gz"; + sha256 = "0qa9p8xp26d45h3jfj1rbwhmqv44f9n1mvccmpzaf2i05v42kmzb"; + }; + + patches = [ + ./0000-fix-SPDK-build-env.patch + ./0000-dont-check-cherrypy-version.patch + ]; + + nativeBuildInputs = [ + cmake + pkgconfig which git python3Packages.wrapPython makeWrapper + (ensureNewerSourcesHook { year = "1980"; }) + ]; + + buildInputs = cryptoLibsMap.${cryptoStr} ++ [ + boost ceph-python-env libxml2 optYasm optLibatomic_ops optLibs3 + malloc zlib openldap lttng-ust babeltrace gperf cunit + snappy rocksdb lz4 oathToolkit leveldb + removeReferencesTo + ] ++ optionals stdenv.isLinux [ + linuxHeaders utillinux libuuid udev keyutils optLibaio optLibxfs optZfs + # ceph 14 + rdma-core rabbitmq-c + ] ++ optionals hasRadosgw [ + optFcgi optExpat optCurl optFuse optLibedit + ]; + + preConfigure ='' + substituteInPlace src/common/module.c --replace "/sbin/modinfo" "modinfo" + substituteInPlace src/common/module.c --replace "/sbin/modprobe" "modprobe" + # Since Boost 1.67 this seems to have changed + substituteInPlace CMakeLists.txt --replace "list(APPEND BOOST_COMPONENTS python)" "list(APPEND BOOST_COMPONENTS python37)" + substituteInPlace src/CMakeLists.txt --replace "Boost::python " "Boost::python37 " + + # for pybind/rgw to find internal dep + export LD_LIBRARY_PATH="$PWD/build/lib:$LD_LIBRARY_PATH" + # install target needs to be in PYTHONPATH for "*.pth support" check to succeed + export PYTHONPATH=${ceph-python-env}/lib/python3.7/site-packages:$lib/lib/python3.7/site-packages/:$out/lib/python3.7/site-packages/ + + patchShebangs src/spdk + ''; + + cmakeFlags = [ + "-DWITH_PYTHON3=ON" + "-DWITH_SYSTEM_ROCKSDB=OFF" + + "-DWITH_SYSTEM_BOOST=ON" + "-DWITH_SYSTEMD=OFF" + "-DWITH_TESTS=OFF" + # TODO breaks with sandbox, tries to download stuff with npm + "-DWITH_MGR_DASHBOARD_FRONTEND=OFF" + ]; + + preFixup = '' + find $lib -type f -exec remove-references-to -t $out '{}' + + mv $out/share/ceph/mgr $lib/lib/ceph/ + ''; + + postFixup = '' + export PYTHONPATH="${ceph-python-env}/lib/python3.7/site-packages:$lib/lib/ceph/mgr:$out/lib/python3.7/site-packages/" + wrapPythonPrograms + wrapProgram $out/bin/ceph-mgr --prefix PYTHONPATH ":" "${ceph-python-env}/lib/python3.7/site-packages:$lib/lib/ceph/mgr:$out/lib/python3.7/site-packages/" + wrapProgram $out/bin/ceph-volume --prefix PYTHONPATH ":" "${ceph-python-env}/lib/python3.7/site-packages:$lib/lib/ceph/mgr:$out/lib/python3.7/site-packages/" + ''; + + enableParallelBuilding = true; + + outputs = [ "out" "lib" "dev" "doc" "man" ]; + + meta = { + homepage = https://ceph.com/; + description = "Distributed storage system"; + license = with licenses; [ lgpl21 gpl2 bsd3 mit publicDomain ]; + maintainers = with maintainers; [ adev ak krav johanot ]; + platforms = platforms.unix; + }; + + passthru.version = version; }; -}) + ceph-client = runCommand "ceph-client-${version}" { + meta = { + homepage = https://ceph.com/; + description = "Tools needed to mount Ceph's RADOS Block Devices"; + license = with licenses; [ lgpl21 gpl2 bsd3 mit publicDomain ]; + maintainers = with maintainers; [ adev ak krav ]; + platforms = platforms.unix; + }; + } '' + mkdir -p $out/{bin,etc,lib/python3.7/site-packages} + cp -r ${ceph}/bin/{ceph,.ceph-wrapped,rados,rbd,rbdmap} $out/bin + cp -r ${ceph}/bin/ceph-{authtool,conf,dencoder,rbdnamer,syn} $out/bin + cp -r ${ceph}/bin/rbd-replay* $out/bin + cp -r ${ceph}/lib/python3.7/site-packages $out/lib/python3.7/ + cp -r ${ceph}/etc/bash_completion.d $out/etc + # wrapPythonPrograms modifies .ceph-wrapped, so lets just update its paths + substituteInPlace $out/bin/ceph --replace ${ceph} $out + substituteInPlace $out/bin/.ceph-wrapped --replace ${ceph} $out + ''; +} diff --git a/pkgs/tools/filesystems/ceph/generic.nix b/pkgs/tools/filesystems/ceph/generic.nix deleted file mode 100644 index e8a4917be99..00000000000 --- a/pkgs/tools/filesystems/ceph/generic.nix +++ /dev/null @@ -1,175 +0,0 @@ -{ stdenv, ensureNewerSourcesHook, cmake, pkgconfig -, which, git -, boost, python2Packages -, libxml2, zlib -, openldap, lttng-ust -, babeltrace, gperf -, cunit, snappy -, rocksdb, makeWrapper - -# Optional Dependencies -, yasm ? null, fcgi ? null, expat ? null -, curl ? null, fuse ? null -, libedit ? null, libatomic_ops ? null, kinetic-cpp-client ? null -, libs3 ? null - -# Mallocs -, jemalloc ? null, gperftools ? null - -# Crypto Dependencies -, cryptopp ? null -, nss ? null, nspr ? null - -# Linux Only Dependencies -, linuxHeaders, libuuid, udev, keyutils, libaio ? null, libxfs ? null -, zfs ? null - -# Version specific arguments -, version, src ? [], buildInputs ? [] -, ... -}: - -# We must have one crypto library -assert cryptopp != null || (nss != null && nspr != null); - -with stdenv; -with stdenv.lib; -let - - shouldUsePkg = pkg_: let pkg = (builtins.tryEval pkg_).value; - in if lib.any (lib.meta.platformMatch stdenv.hostPlatform) pkg.meta.platforms - then pkg else null; - - optYasm = shouldUsePkg yasm; - optFcgi = shouldUsePkg fcgi; - optExpat = shouldUsePkg expat; - optCurl = shouldUsePkg curl; - optFuse = shouldUsePkg fuse; - optLibedit = shouldUsePkg libedit; - optLibatomic_ops = shouldUsePkg libatomic_ops; - optKinetic-cpp-client = shouldUsePkg kinetic-cpp-client; - optLibs3 = if versionAtLeast version "10.0.0" then null else shouldUsePkg libs3; - - optJemalloc = shouldUsePkg jemalloc; - optGperftools = shouldUsePkg gperftools; - - optCryptopp = shouldUsePkg cryptopp; - optNss = shouldUsePkg nss; - optNspr = shouldUsePkg nspr; - - optLibaio = shouldUsePkg libaio; - optLibxfs = shouldUsePkg libxfs; - optZfs = shouldUsePkg zfs; - - hasRadosgw = optFcgi != null && optExpat != null && optCurl != null && optLibedit != null; - - - # TODO: Reenable when kinetic support is fixed - #hasKinetic = versionAtLeast version "9.0.0" && optKinetic-cpp-client != null; - hasKinetic = false; - - # Malloc implementation (can be jemalloc, tcmalloc or null) - malloc = if optJemalloc != null then optJemalloc else optGperftools; - - # We prefer nss over cryptopp - cryptoStr = if optNss != null && optNspr != null then "nss" else - if optCryptopp != null then "cryptopp" else "none"; - cryptoLibsMap = { - nss = [ optNss optNspr ]; - cryptopp = [ optCryptopp ]; - none = [ ]; - }; - - ceph-python-env = python2Packages.python.withPackages (ps: [ - ps.sphinx - ps.flask - ps.cython - ps.setuptools - ps.pip - # Libraries needed by the python tools - ps.Mako - ps.pecan - ps.prettytable - ps.webob - ps.cherrypy - ]); - -in -stdenv.mkDerivation { - pname = "ceph"; - inherit version; - - inherit src; - - patches = [ - # ./ceph-patch-cmake-path.patch - ./0001-kv-RocksDBStore-API-break-additional.patch - ] ++ optionals stdenv.isLinux [ - ./0002-fix-absolute-include-path.patch - ]; - - nativeBuildInputs = [ - cmake - pkgconfig which git python2Packages.wrapPython makeWrapper - (ensureNewerSourcesHook { year = "1980"; }) - ]; - - buildInputs = buildInputs ++ cryptoLibsMap.${cryptoStr} ++ [ - boost ceph-python-env libxml2 optYasm optLibatomic_ops optLibs3 - malloc zlib openldap lttng-ust babeltrace gperf cunit - snappy rocksdb - ] ++ optionals stdenv.isLinux [ - linuxHeaders libuuid udev keyutils optLibaio optLibxfs optZfs - ] ++ optionals hasRadosgw [ - optFcgi optExpat optCurl optFuse optLibedit - ] ++ optionals hasKinetic [ - optKinetic-cpp-client - ]; - - - preConfigure ='' - # rip off submodule that interfer with system libs - rm -rf src/boost - rm -rf src/rocksdb - - # require LD_LIBRARY_PATH for cython to find internal dep - export LD_LIBRARY_PATH="$PWD/build/lib:$LD_LIBRARY_PATH" - - # requires setuptools due to embedded in-cmake setup.py usage - export PYTHONPATH="${python2Packages.setuptools}/lib/python2.7/site-packages/:$PYTHONPATH" - ''; - - cmakeFlags = [ - "-DENABLE_GIT_VERSION=OFF" - "-DWITH_SYSTEM_BOOST=ON" - "-DWITH_SYSTEM_ROCKSDB=ON" - "-DWITH_LEVELDB=OFF" - - # enforce shared lib - "-DBUILD_SHARED_LIBS=ON" - - # disable cephfs, cmake build broken for now - "-DWITH_CEPHFS=OFF" - "-DWITH_LIBCEPHFS=OFF" - ]; - - postFixup = '' - wrapPythonPrograms - wrapProgram $out/bin/ceph-mgr --set PYTHONPATH $out/${python2Packages.python.sitePackages} - ''; - - enableParallelBuilding = true; - - outputs = [ "dev" "lib" "out" "doc" ]; - - meta = { - homepage = https://ceph.com/; - description = "Distributed storage system"; - license = licenses.lgpl21; - maintainers = with maintainers; [ adev ak ]; - platforms = platforms.unix; - broken = true; - }; - - passthru.version = version; -} diff --git a/pkgs/tools/graphics/pngquant/default.nix b/pkgs/tools/graphics/pngquant/default.nix index b519733f964..51be6afd102 100644 --- a/pkgs/tools/graphics/pngquant/default.nix +++ b/pkgs/tools/graphics/pngquant/default.nix @@ -2,13 +2,13 @@ stdenv.mkDerivation rec { pname = "pngquant"; - version = "2.12.1"; + version = "2.12.5"; src = fetchFromGitHub { owner = "pornel"; repo = "pngquant"; rev = version; - sha256 = "0jdvry3kvmmxcgwf5a3zbfz0idl6yl3700ag7pf8sk4lg4qp0llp"; + sha256 = "0sq398iv5cacblz6pb4j2hn16cnszsbkahikdpfq84rb9bj0ya40"; fetchSubmodules = true; }; diff --git a/pkgs/tools/misc/bdf2psf/default.nix b/pkgs/tools/misc/bdf2psf/default.nix index af9ad77bdda..2f326a1d6ac 100644 --- a/pkgs/tools/misc/bdf2psf/default.nix +++ b/pkgs/tools/misc/bdf2psf/default.nix @@ -2,11 +2,11 @@ stdenv.mkDerivation rec { pname = "bdf2psf"; - version = "1.192"; + version = "1.193"; src = fetchurl { url = "mirror://debian/pool/main/c/console-setup/bdf2psf_${version}_all.deb"; - sha256 = "0yjylbj88p2a7qi1wicicl1ivrhp52pnzy44mc1yg6l3n7zifcwn"; + sha256 = "1mykng02fyxshm02kywrk16f27b1jhgn9zcaxcvxd255sn58w68k"; }; buildInputs = [ dpkg ]; diff --git a/pkgs/tools/misc/heimdall/default.nix b/pkgs/tools/misc/heimdall/default.nix index 9e21ab5e38f..a8100e455f0 100644 --- a/pkgs/tools/misc/heimdall/default.nix +++ b/pkgs/tools/misc/heimdall/default.nix @@ -1,10 +1,11 @@ -{ stdenv, fetchFromGitHub, cmake -, zlib, libusb1 -, enableGUI ? false, qtbase ? null }: +{ stdenv, mkDerivation, fetchFromGitHub, cmake, zlib, libusb1 +, enableGUI ? false, qtbase ? null +}: -stdenv.mkDerivation rec { +let version = "1.4.2"; in + +mkDerivation { name = "heimdall-${if enableGUI then "gui-" else ""}${version}"; - version = "1.4.2"; src = fetchFromGitHub { owner = "Benjamin-Dobell"; diff --git a/pkgs/tools/misc/html-proofer/Gemfile.lock b/pkgs/tools/misc/html-proofer/Gemfile.lock index 6b0d5d3387c..46c6ffb9242 100644 --- a/pkgs/tools/misc/html-proofer/Gemfile.lock +++ b/pkgs/tools/misc/html-proofer/Gemfile.lock @@ -1,41 +1,30 @@ GEM remote: https://rubygems.org/ specs: - activesupport (5.2.3) - concurrent-ruby (~> 1.0, >= 1.0.2) - i18n (>= 0.7, < 2) - minitest (~> 5.1) - tzinfo (~> 1.1) - addressable (2.6.0) - public_suffix (>= 2.0.2, < 4.0) - concurrent-ruby (1.1.5) + addressable (2.7.0) + public_suffix (>= 2.0.2, < 5.0) ethon (0.12.0) ffi (>= 1.3.0) ffi (1.11.1) - html-proofer (3.11.1) - activesupport (>= 4.2, < 6.0) + html-proofer (3.12.0) addressable (~> 2.3) - mercenary (~> 0.3.2) - nokogiri (~> 1.9) + mercenary (~> 0.3) + nokogiri (~> 1.10) parallel (~> 1.3) rainbow (~> 3.0) + timerizer (~> 0.3) typhoeus (~> 1.3) yell (~> 2.0) - i18n (1.6.0) - concurrent-ruby (~> 1.0) mercenary (0.3.6) mini_portile2 (2.4.0) - minitest (5.11.3) nokogiri (1.10.4) mini_portile2 (~> 2.4.0) parallel (1.17.0) - public_suffix (3.1.1) + public_suffix (4.0.1) rainbow (3.0.0) - thread_safe (0.3.6) + timerizer (0.3.2) typhoeus (1.3.1) ethon (>= 0.9.0) - tzinfo (1.2.5) - thread_safe (~> 0.1) yell (2.2.0) PLATFORMS diff --git a/pkgs/tools/misc/html-proofer/gemset.nix b/pkgs/tools/misc/html-proofer/gemset.nix index 256243f3d5d..46c6734c025 100644 --- a/pkgs/tools/misc/html-proofer/gemset.nix +++ b/pkgs/tools/misc/html-proofer/gemset.nix @@ -1,35 +1,14 @@ { - activesupport = { - dependencies = ["concurrent-ruby" "i18n" "minitest" "tzinfo"]; - groups = ["default"]; - platforms = []; - source = { - remotes = ["https://rubygems.org"]; - sha256 = "110vp4frgkw3mpzlmshg2f2ig09cknls2w68ym1r1s39d01v0mi8"; - type = "gem"; - }; - version = "5.2.3"; - }; addressable = { dependencies = ["public_suffix"]; groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0bcm2hchn897xjhqj9zzsxf3n9xhddymj4lsclz508f4vw3av46l"; - type = "gem"; - }; - version = "2.6.0"; - }; - concurrent-ruby = { - groups = ["default"]; - platforms = []; - source = { - remotes = ["https://rubygems.org"]; - sha256 = "1x07r23s7836cpp5z9yrlbpljcxpax14yw4fy4bnp6crhr6x24an"; + sha256 = "1fvchp2rhp2rmigx7qglf69xvjqvzq7x0g49naliw29r2bz656sy"; type = "gem"; }; - version = "1.1.5"; + version = "2.7.0"; }; ethon = { dependencies = ["ffi"]; @@ -53,26 +32,15 @@ version = "1.11.1"; }; html-proofer = { - dependencies = ["activesupport" "addressable" "mercenary" "nokogiri" "parallel" "rainbow" "typhoeus" "yell"]; - groups = ["default"]; - platforms = []; - source = { - remotes = ["https://rubygems.org"]; - sha256 = "0kpcz7p0yjr1y9fs8gila2bkgb8y6qkyqv5a8yymw0hkvddnqig4"; - type = "gem"; - }; - version = "3.11.1"; - }; - i18n = { - dependencies = ["concurrent-ruby"]; + dependencies = ["addressable" "mercenary" "nokogiri" "parallel" "rainbow" "timerizer" "typhoeus" "yell"]; groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1hfxnlyr618s25xpafw9mypa82qppjccbh292c4l3bj36az7f6wl"; + sha256 = "1a5h5ijrngfd4ri36g7bs5lcg4001i5xx7nlk35rsg34xpy8mp04"; type = "gem"; }; - version = "1.6.0"; + version = "3.12.0"; }; mercenary = { groups = ["default"]; @@ -94,16 +62,6 @@ }; version = "2.4.0"; }; - minitest = { - groups = ["default"]; - platforms = []; - source = { - remotes = ["https://rubygems.org"]; - sha256 = "0icglrhghgwdlnzzp4jf76b0mbc71s80njn5afyfjn4wqji8mqbq"; - type = "gem"; - }; - version = "5.11.3"; - }; nokogiri = { dependencies = ["mini_portile2"]; groups = ["default"]; @@ -130,10 +88,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0g9ds2ffzljl6jjmkjffwxc1z6lh5nkqqmhhkxjk71q5ggv0rkpm"; + sha256 = "0xnfv2j2bqgdpg2yq9i2rxby0w2sc9h5iyjkpaas2xknwrgmhdb0"; type = "gem"; }; - version = "3.1.1"; + version = "4.0.1"; }; rainbow = { groups = ["default"]; @@ -145,15 +103,15 @@ }; version = "3.0.0"; }; - thread_safe = { + timerizer = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0nmhcgq6cgz44srylra07bmaw99f5271l0dpsvl5f75m44l0gmwy"; + sha256 = "06zk04kprgj0abws15wqrk4q29f3wcx7z2jj3v25nnb2517lk66c"; type = "gem"; }; - version = "0.3.6"; + version = "0.3.2"; }; typhoeus = { dependencies = ["ethon"]; @@ -166,17 +124,6 @@ }; version = "1.3.1"; }; - tzinfo = { - dependencies = ["thread_safe"]; - groups = ["default"]; - platforms = []; - source = { - remotes = ["https://rubygems.org"]; - sha256 = "1fjx9j327xpkkdlxwmkl3a8wqj7i4l4jwlrv3z13mg95z9wl253z"; - type = "gem"; - }; - version = "1.2.5"; - }; yell = { groups = ["default"]; platforms = []; diff --git a/pkgs/tools/misc/txr/default.nix b/pkgs/tools/misc/txr/default.nix index f679131381f..a71666b7acd 100644 --- a/pkgs/tools/misc/txr/default.nix +++ b/pkgs/tools/misc/txr/default.nix @@ -2,11 +2,11 @@ stdenv.mkDerivation rec { pname = "txr"; - version = "220"; + version = "224"; src = fetchurl { url = "http://www.kylheku.com/cgit/txr/snapshot/${pname}-${version}.tar.bz2"; - sha256 = "00jg1zhsqhi146xrh0bfb2czfgfw9i2xbpqwk3yh0n766wcm4ryd"; + sha256 = "10xz140i4sam9r7r8rz5mz5jbwal7xvaimzrb7lmisqsvby2qcw7"; }; nativeBuildInputs = [ bison flex ]; diff --git a/pkgs/tools/networking/httpie/default.nix b/pkgs/tools/networking/httpie/default.nix index 2a608bf809a..6395fcf09eb 100644 --- a/pkgs/tools/networking/httpie/default.nix +++ b/pkgs/tools/networking/httpie/default.nix @@ -1,11 +1,12 @@ { stdenv, fetchurl, pythonPackages }: pythonPackages.buildPythonApplication rec { - name = "httpie-1.0.2"; + pname = "httpie"; + version = "1.0.3"; - src = fetchurl { - url = "mirror://pypi/h/httpie/${name}.tar.gz"; - sha256 = "1ax22jh5lpjywpj7lsl072wdhr1pxiqzmxhyph5diwxxzs2nqrzw"; + src = pythonPackages.fetchPypi { + inherit pname version; + sha256 = "103fcigpxf4nqmrdqjnyz7d9n4n16906slwmmqqc0gkxv8hnw6vd"; }; propagatedBuildInputs = with pythonPackages; [ pygments requests ]; diff --git a/pkgs/tools/package-management/home-manager/default.nix b/pkgs/tools/package-management/home-manager/default.nix index 5049a90c7a7..e1ae6bc88b8 100644 --- a/pkgs/tools/package-management/home-manager/default.nix +++ b/pkgs/tools/package-management/home-manager/default.nix @@ -6,13 +6,13 @@ stdenv.mkDerivation rec { pname = "home-manager"; - version = "2019-06-25"; + version = "2019-09-04"; src = fetchFromGitHub { owner = "rycee"; repo = "home-manager"; - rev = "95d55b8da152f1efffb7713c82ead83a3fcf476d"; - sha256 = "1zbx051rc0b880wjl832m9sliwrhrm1dbdxw8734gvc0pfz6qwn1"; + rev = "1923ac3358cbd2d75352c2db2178314eb4623818"; + sha256 = "1xdsz62sjh8j3p8jfz449gv9vl01adk3qdyjvbpgi7y5c09ymwg7"; }; nativeBuildInputs = [ makeWrapper ]; diff --git a/pkgs/tools/package-management/nix/default.nix b/pkgs/tools/package-management/nix/default.nix index 6e7aac70653..69489e271cb 100644 --- a/pkgs/tools/package-management/nix/default.nix +++ b/pkgs/tools/package-management/nix/default.nix @@ -174,10 +174,10 @@ in rec { }; nixStable = callPackage common (rec { - name = "nix-2.2.2"; + name = "nix-2.3"; src = fetchurl { url = "http://nixos.org/releases/nix/${name}/${name}.tar.xz"; - sha256 = "f80a1b4f9837a8d33209f0b7769d5038335459ff4303eccf3e9217a9eca8594c"; + sha256 = "b1d1b4d87390941fc64b19776f1ed9e3871231d38f5a1f295dd13925acd3a98d"; }; inherit storeDir stateDir confDir boehmgc; diff --git a/pkgs/tools/package-management/xbps/default.nix b/pkgs/tools/package-management/xbps/default.nix index 5954ca4959b..f83a1498825 100644 --- a/pkgs/tools/package-management/xbps/default.nix +++ b/pkgs/tools/package-management/xbps/default.nix @@ -2,13 +2,13 @@ stdenv.mkDerivation rec { pname = "xbps"; - version = "0.56"; + version = "0.57"; src = fetchFromGitHub { owner = "void-linux"; repo = "xbps"; rev = version; - sha256 = "0hqvq6fq62l5sgm4fy3zb0ks889d21mqz4f4my3iifs6c9f50na2"; + sha256 = "1aaa0h265lx85hmcvg7zpg7iiq6dzzlyxqazn1s387ss709i5gxn"; }; nativeBuildInputs = [ pkgconfig which ]; @@ -17,6 +17,8 @@ stdenv.mkDerivation rec { patches = [ ./cert-paths.patch ]; + NIX_CFLAGS_COMPILE = [ "-Wno-error=unused-result" ]; + postPatch = '' # fix unprefixed ranlib (needed on cross) substituteInPlace lib/Makefile \ diff --git a/pkgs/tools/security/metasploit/Gemfile b/pkgs/tools/security/metasploit/Gemfile index 99d7556db2d..2aae6fc49d9 100644 --- a/pkgs/tools/security/metasploit/Gemfile +++ b/pkgs/tools/security/metasploit/Gemfile @@ -1,4 +1,4 @@ # frozen_string_literal: true source "https://rubygems.org" -gem "metasploit-framework", git: "https://github.com/rapid7/metasploit-framework", ref: "refs/tags/4.16.1" +gem "metasploit-framework", git: "https://github.com/rapid7/metasploit-framework", ref: "refs/tags/5.0.45" diff --git a/pkgs/tools/security/metasploit/Gemfile.lock b/pkgs/tools/security/metasploit/Gemfile.lock index a84e3d08f43..931ea65f54a 100644 --- a/pkgs/tools/security/metasploit/Gemfile.lock +++ b/pkgs/tools/security/metasploit/Gemfile.lock @@ -1,17 +1,24 @@ GIT remote: https://github.com/rapid7/metasploit-framework - revision: dbec1c2d2ae4bd77276cbfb3c6ee2902048b9453 - ref: refs/tags/4.16.1 + revision: 2b9e74c7a8a4423ea195e75abca1f56c354e5541 + ref: refs/tags/5.0.45 specs: - metasploit-framework (4.16.1) + metasploit-framework (5.0.45) actionpack (~> 4.2.6) activerecord (~> 4.2.6) activesupport (~> 4.2.6) + aws-sdk-ec2 + aws-sdk-iam + aws-sdk-s3 backports - bcrypt + bcrypt (= 3.1.12) bcrypt_pbkdf bit-struct + concurrent-ruby (= 1.0.5) dnsruby + ed25519 + em-http-request + faker filesize jsobfu json @@ -19,9 +26,10 @@ GIT metasploit-concern metasploit-credential metasploit-model - metasploit-payloads (= 1.3.1) - metasploit_data_models - metasploit_payloads-mettle (= 0.2.0) + metasploit-payloads (= 1.3.70) + metasploit_data_models (= 3.0.10) + metasploit_payloads-mettle (= 0.5.16) + mqtt msgpack nessus_rest net-ssh @@ -35,11 +43,9 @@ GIT patch_finder pcaprub pdf-reader - pg (= 0.20.0) + pg (~> 0.20) railties rb-readline - rbnacl (< 5.0.0) - rbnacl-libsodium recog redcarpet rex-arch @@ -51,23 +57,26 @@ GIT rex-mime rex-nop rex-ole - rex-powershell (< 0.1.73) + rex-powershell rex-random_identifier rex-registry rex-rop_builder - rex-socket + rex-socket (= 0.1.17) rex-sslscan rex-struct2 rex-text rex-zip - robots + ruby-macho ruby_smb rubyntlm rubyzip + sinatra sqlite3 sshkey + thin tzinfo tzinfo-data + warden windows_error xdr xmlrpc @@ -75,66 +84,109 @@ GIT GEM remote: https://rubygems.org/ specs: - Ascii85 (1.0.2) - actionpack (4.2.9) - actionview (= 4.2.9) - activesupport (= 4.2.9) + Ascii85 (1.0.3) + actionpack (4.2.11.1) + actionview (= 4.2.11.1) + activesupport (= 4.2.11.1) rack (~> 1.6) rack-test (~> 0.6.2) rails-dom-testing (~> 1.0, >= 1.0.5) rails-html-sanitizer (~> 1.0, >= 1.0.2) - actionview (4.2.9) - activesupport (= 4.2.9) + actionview (4.2.11.1) + activesupport (= 4.2.11.1) builder (~> 3.1) erubis (~> 2.7.0) rails-dom-testing (~> 1.0, >= 1.0.5) rails-html-sanitizer (~> 1.0, >= 1.0.3) - activemodel (4.2.9) - activesupport (= 4.2.9) + activemodel (4.2.11.1) + activesupport (= 4.2.11.1) builder (~> 3.1) - activerecord (4.2.9) - activemodel (= 4.2.9) - activesupport (= 4.2.9) + activerecord (4.2.11.1) + activemodel (= 4.2.11.1) + activesupport (= 4.2.11.1) arel (~> 6.0) - activesupport (4.2.9) + activesupport (4.2.11.1) i18n (~> 0.7) minitest (~> 5.1) thread_safe (~> 0.3, >= 0.3.4) tzinfo (~> 1.1) - addressable (2.5.1) - public_suffix (~> 2.0, >= 2.0.2) + addressable (2.7.0) + public_suffix (>= 2.0.2, < 5.0) afm (0.2.2) arel (6.0.4) - arel-helpers (2.4.0) - activerecord (>= 3.1.0, < 6) - backports (3.8.0) - bcrypt (3.1.11) - bcrypt_pbkdf (1.0.0) - bindata (2.4.0) + arel-helpers (2.10.0) + activerecord (>= 3.1.0, < 7) + aws-eventstream (1.0.3) + aws-partitions (1.208.0) + aws-sdk-core (3.66.0) + aws-eventstream (~> 1.0, >= 1.0.2) + aws-partitions (~> 1.0) + aws-sigv4 (~> 1.1) + jmespath (~> 1.0) + aws-sdk-ec2 (1.106.0) + aws-sdk-core (~> 3, >= 3.61.1) + aws-sigv4 (~> 1.1) + aws-sdk-iam (1.29.0) + aws-sdk-core (~> 3, >= 3.61.1) + aws-sigv4 (~> 1.1) + aws-sdk-kms (1.24.0) + aws-sdk-core (~> 3, >= 3.61.1) + aws-sigv4 (~> 1.1) + aws-sdk-s3 (1.48.0) + aws-sdk-core (~> 3, >= 3.61.1) + aws-sdk-kms (~> 1) + aws-sigv4 (~> 1.1) + aws-sigv4 (1.1.0) + aws-eventstream (~> 1.0, >= 1.0.2) + backports (3.15.0) + bcrypt (3.1.12) + bcrypt_pbkdf (1.0.1) + bindata (2.4.4) bit-struct (0.16) builder (3.2.3) - dnsruby (1.60.2) + concurrent-ruby (1.0.5) + cookiejar (0.3.3) + crass (1.0.4) + daemons (1.3.1) + dnsruby (1.61.3) + addressable (~> 2.5) + ed25519 (1.2.4) + em-http-request (1.1.5) + addressable (>= 2.3.4) + cookiejar (!= 0.3.1) + em-socksify (>= 0.3) + eventmachine (>= 1.0.3) + http_parser.rb (>= 0.6.0) + em-socksify (0.3.2) + eventmachine (>= 1.0.0.beta.4) erubis (2.7.0) - faraday (0.13.1) + eventmachine (1.2.7) + faker (2.2.1) + i18n (>= 0.8) + faraday (0.15.4) multipart-post (>= 1.2, < 3) - ffi (1.9.18) - filesize (0.1.1) + filesize (0.2.0) hashery (2.1.2) - i18n (0.8.6) + http_parser.rb (0.6.0) + i18n (0.9.5) + concurrent-ruby (~> 1.0) + jmespath (1.4.0) jsobfu (0.4.2) rkelly-remix - json (2.1.0) - loofah (2.0.3) + json (2.2.0) + loofah (2.2.3) + crass (~> 1.0.2) nokogiri (>= 1.5.9) - metasm (1.0.3) + metasm (1.0.4) metasploit-concern (2.0.5) activemodel (~> 4.2.6) activesupport (~> 4.2.6) railties (~> 4.2.6) - metasploit-credential (2.0.12) + metasploit-credential (3.0.3) metasploit-concern metasploit-model - metasploit_data_models + metasploit_data_models (>= 3.0.0) + net-ssh pg railties rex-socket @@ -144,8 +196,8 @@ GEM activemodel (~> 4.2.6) activesupport (~> 4.2.6) railties (~> 4.2.6) - metasploit-payloads (1.3.1) - metasploit_data_models (2.0.15) + metasploit-payloads (1.3.70) + metasploit_data_models (3.0.10) activerecord (~> 4.2.6) activesupport (~> 4.2.6) arel-helpers @@ -155,77 +207,76 @@ GEM postgres_ext railties (~> 4.2.6) recog (~> 2.0) - metasploit_payloads-mettle (0.2.0) - mini_portile2 (2.2.0) - minitest (5.10.3) - msgpack (1.1.0) - multipart-post (2.0.0) + metasploit_payloads-mettle (0.5.16) + mini_portile2 (2.4.0) + minitest (5.11.3) + mqtt (0.5.0) + msgpack (1.3.1) + multipart-post (2.1.1) nessus_rest (0.1.6) - net-ssh (4.1.0) - network_interface (0.0.1) - nexpose (6.1.1) - nokogiri (1.8.0) - mini_portile2 (~> 2.2.0) - octokit (4.7.0) + net-ssh (5.2.0) + network_interface (0.0.2) + nexpose (7.2.1) + nokogiri (1.10.4) + mini_portile2 (~> 2.4.0) + octokit (4.14.0) sawyer (~> 0.8.0, >= 0.5.3) - openssl-ccm (1.2.1) + openssl-ccm (1.2.2) openvas-omp (0.0.4) packetfu (1.1.13) pcaprub patch_finder (1.0.2) - pcaprub (0.12.4) - pdf-reader (2.0.0) + pcaprub (0.13.0) + pdf-reader (2.2.1) Ascii85 (~> 1.0.0) afm (~> 0.2.1) hashery (~> 2.0) ruby-rc4 ttfunk - pg (0.20.0) + pg (0.21.0) pg_array_parser (0.0.9) - postgres_ext (3.0.0) - activerecord (>= 4.0.0) + postgres_ext (3.0.1) + activerecord (~> 4.0) arel (>= 4.0.1) pg_array_parser (~> 0.0.9) - public_suffix (2.0.5) + public_suffix (4.0.1) rack (1.6.11) + rack-protection (1.5.5) + rack rack-test (0.6.3) rack (>= 1.0) rails-deprecated_sanitizer (1.0.3) activesupport (>= 4.2.0.alpha) - rails-dom-testing (1.0.8) - activesupport (>= 4.2.0.beta, < 5.0) + rails-dom-testing (1.0.9) + activesupport (>= 4.2.0, < 5.0) nokogiri (~> 1.6) rails-deprecated_sanitizer (>= 1.0.1) - rails-html-sanitizer (1.0.3) - loofah (~> 2.0) - railties (4.2.9) - actionpack (= 4.2.9) - activesupport (= 4.2.9) + rails-html-sanitizer (1.2.0) + loofah (~> 2.2, >= 2.2.2) + railties (4.2.11.1) + actionpack (= 4.2.11.1) + activesupport (= 4.2.11.1) rake (>= 0.8.7) thor (>= 0.18.1, < 2.0) - rake (12.0.0) + rake (12.3.3) rb-readline (0.5.5) - rbnacl (4.0.2) - ffi - rbnacl-libsodium (1.0.13) - rbnacl (>= 3.0.1) - recog (2.1.12) + recog (2.3.2) nokogiri - redcarpet (3.4.0) - rex-arch (0.1.11) + redcarpet (3.5.0) + rex-arch (0.1.13) rex-text - rex-bin_tools (0.1.4) + rex-bin_tools (0.1.6) metasm rex-arch rex-core rex-struct2 rex-text - rex-core (0.1.12) + rex-core (0.1.13) rex-encoder (0.1.4) metasm rex-arch rex-text - rex-exploitation (0.1.14) + rex-exploitation (0.1.21) jsobfu metasm rex-arch @@ -238,47 +289,58 @@ GEM rex-arch rex-ole (0.1.6) rex-text - rex-powershell (0.1.72) + rex-powershell (0.1.82) rex-random_identifier rex-text - rex-random_identifier (0.1.2) + rex-random_identifier (0.1.4) rex-text rex-registry (0.1.3) rex-rop_builder (0.1.3) metasm rex-core rex-text - rex-socket (0.1.8) + rex-socket (0.1.17) rex-core rex-sslscan (0.1.5) rex-core rex-socket rex-text rex-struct2 (0.1.2) - rex-text (0.2.15) + rex-text (0.2.23) rex-zip (0.1.3) rex-text rkelly-remix (0.0.7) - robots (0.10.1) + ruby-macho (2.2.0) ruby-rc4 (0.1.5) - ruby_smb (0.0.18) + ruby_smb (1.1.0) bindata rubyntlm windows_error rubyntlm (0.6.2) - rubyzip (1.2.1) - sawyer (0.8.1) - addressable (>= 2.3.5, < 2.6) - faraday (~> 0.8, < 1.0) - sqlite3 (1.3.13) - sshkey (1.9.0) - thor (0.20.0) + rubyzip (1.2.3) + sawyer (0.8.2) + addressable (>= 2.3.5) + faraday (> 0.8, < 2.0) + sinatra (1.4.8) + rack (~> 1.5) + rack-protection (~> 1.4) + tilt (>= 1.3, < 3) + sqlite3 (1.4.1) + sshkey (2.0.0) + thin (1.7.2) + daemons (~> 1.0, >= 1.0.9) + eventmachine (~> 1.0, >= 1.0.4) + rack (>= 1, < 3) + thor (0.20.3) thread_safe (0.3.6) + tilt (2.0.9) ttfunk (1.5.1) - tzinfo (1.2.3) + tzinfo (1.2.5) thread_safe (~> 0.1) - tzinfo-data (1.2017.2) + tzinfo-data (1.2019.2) tzinfo (>= 1.0.0) + warden (1.2.7) + rack (>= 1.0) windows_error (0.1.2) xdr (2.0.0) activemodel (>= 4.2.7) @@ -292,4 +354,4 @@ DEPENDENCIES metasploit-framework! BUNDLED WITH - 1.16.4 + 1.17.2 diff --git a/pkgs/tools/security/metasploit/default.nix b/pkgs/tools/security/metasploit/default.nix index 50341e873fa..8b67e90f415 100644 --- a/pkgs/tools/security/metasploit/default.nix +++ b/pkgs/tools/security/metasploit/default.nix @@ -17,13 +17,13 @@ let }; in stdenv.mkDerivation rec { pname = "metasploit-framework"; - version = "4.16.1"; + version = "5.0.45"; src = fetchFromGitHub { owner = "rapid7"; repo = "metasploit-framework"; rev = version; - sha256 = "1vilyy0dqzp8kbbpvs2zrv2ac7s39w2vv7mrbzgcjgh2bj7c6bg1"; + sha256 = "16jl3fkfbwl4wwbj2zrq9yr8y8brkhj9641hplc8idv8gaqkgmm5"; }; buildInputs = [ makeWrapper ]; diff --git a/pkgs/tools/security/metasploit/gemset.nix b/pkgs/tools/security/metasploit/gemset.nix index 938817cb64f..28cc83b240f 100644 --- a/pkgs/tools/security/metasploit/gemset.nix +++ b/pkgs/tools/security/metasploit/gemset.nix @@ -1,59 +1,73 @@ { actionpack = { dependencies = ["actionview" "activesupport" "rack" "rack-test" "rails-dom-testing" "rails-html-sanitizer"]; + groups = ["default"]; + platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1kgrq74gp2czzxr0f2sqrc98llz03lgq498300z2z5n4khgznwc4"; + sha256 = "0rmldsk3a4lwxk0lrp6x1nz1v1r2xmbm3300l4ghgfygv3grdwjh"; type = "gem"; }; - version = "4.2.9"; + version = "4.2.11.1"; }; actionview = { dependencies = ["activesupport" "builder" "erubis" "rails-dom-testing" "rails-html-sanitizer"]; + groups = ["default"]; + platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "04kgp4gmahw31miz8xdq1pns14qmvvzd14fgfv7fg9klkw3bxyyp"; + sha256 = "0x7vjn8q6blzyf7j3kwg0ciy7vnfh28bjdkd1mp9k4ghp9jn0g9p"; type = "gem"; }; - version = "4.2.9"; + version = "4.2.11.1"; }; activemodel = { dependencies = ["activesupport" "builder"]; + groups = ["default"]; + platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1qxmivny0ka5s3iyap08sn9bp2bd9wrhqp2njfw26hr9wsjk5kfv"; + sha256 = "1c1x0rd6wnk1f0gsmxs6x3gx7yf6fs9qqkdv7r4hlbcdd849in33"; type = "gem"; }; - version = "4.2.9"; + version = "4.2.11.1"; }; activerecord = { dependencies = ["activemodel" "activesupport" "arel"]; + groups = ["default"]; + platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "18i790dfhi4ndypd1pj9pv08knpxr2sayvvwfq7axj5jfwgpmrqb"; + sha256 = "07ixiwi0zzs9skqarvpfamsnay7npfswymrn28ngxaf8hi279q5p"; type = "gem"; }; - version = "4.2.9"; + version = "4.2.11.1"; }; activesupport = { dependencies = ["i18n" "minitest" "thread_safe" "tzinfo"]; + groups = ["default"]; + platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1d0a362p3m2m2kljichar2pwq0qm4vblc3njy1rdzm09ckzd45sp"; + sha256 = "1vbq7a805bfvyik2q3kl9s3r418f5qzvysqbz2cwy4hr7m2q4ir6"; type = "gem"; }; - version = "4.2.9"; + version = "4.2.11.1"; }; addressable = { dependencies = ["public_suffix"]; + groups = ["default"]; + platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1i8q32a4gr0zghxylpyy7jfqwxvwrivsxflg9mks6kx92frh75mh"; + sha256 = "1fvchp2rhp2rmigx7qglf69xvjqvzq7x0g49naliw29r2bz656sy"; type = "gem"; }; - version = "2.5.1"; + version = "2.7.0"; }; afm = { + groups = ["default"]; + platforms = []; source = { remotes = ["https://rubygems.org"]; sha256 = "06kj9hgd0z8pj27bxp2diwqh6fv7qhwwm17z64rhdc4sfn76jgn8"; @@ -62,6 +76,8 @@ version = "0.2.2"; }; arel = { + groups = ["default"]; + platforms = []; source = { remotes = ["https://rubygems.org"]; sha256 = "0nfcrdiys6q6ylxiblky9jyssrw2xj96fmxmal7f4f0jj3417vj4"; @@ -71,54 +87,154 @@ }; arel-helpers = { dependencies = ["activerecord"]; + groups = ["default"]; + platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1sx4qbzhld3a99175p2krz3hv1npc42rv3sd8x4awzkgplg3zy9c"; + sha256 = "0lb52rd20ix7khh70vrwd85qivir9sis62s055k3zr5h9iy3lyqi"; type = "gem"; }; - version = "2.4.0"; + version = "2.10.0"; }; Ascii85 = { + groups = ["default"]; + platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0j95sbxd18kc8rhcnvl1w37kflqpax1r12h1x47gh4xxn3mz4m7q"; + sha256 = "0658m37jjjn6drzqg1gk4p6c205mgp7g1jh2d00n4ngghgmz5qvs"; type = "gem"; }; - version = "1.0.2"; + version = "1.0.3"; + }; + aws-eventstream = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "100g77a5ixg4p5zwq77f28n2pdkk0y481f7v83qrlmnj22318qq6"; + type = "gem"; + }; + version = "1.0.3"; + }; + aws-partitions = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0vkjw8cxssfwplrcl593gp4jxxiajihb8gqmpgzyac8i3xigpacb"; + type = "gem"; + }; + version = "1.208.0"; + }; + aws-sdk-core = { + dependencies = ["aws-eventstream" "aws-partitions" "aws-sigv4" "jmespath"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "18h35j7wp7n6zc5r6dpixjcyjshqmpkhwph9qgpv2g0db37zlxyk"; + type = "gem"; + }; + version = "3.66.0"; + }; + aws-sdk-ec2 = { + dependencies = ["aws-sdk-core" "aws-sigv4"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1sb04blmc0lgdgq909cj8cm63zl2idgc5mcysj6cg4rvm8699ahp"; + type = "gem"; + }; + version = "1.106.0"; + }; + aws-sdk-iam = { + dependencies = ["aws-sdk-core" "aws-sigv4"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1ypv1cmmrc496myllqd8dqz422qm1i0bhskkvqb9b2lbagmzr3l9"; + type = "gem"; + }; + version = "1.29.0"; + }; + aws-sdk-kms = { + dependencies = ["aws-sdk-core" "aws-sigv4"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "14blvvfz67rhffi4ahby50jiip5f0hm85mcxlx6y93g0cfrnxh3m"; + type = "gem"; + }; + version = "1.24.0"; + }; + aws-sdk-s3 = { + dependencies = ["aws-sdk-core" "aws-sdk-kms" "aws-sigv4"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "14iv2wqvvbiz0gdms21i9n6rh8390r1yg4zcf8pzzfplbqfwqw4w"; + type = "gem"; + }; + version = "1.48.0"; + }; + aws-sigv4 = { + dependencies = ["aws-eventstream"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1dfc8i5cxjwlvi4b665lbpbwvks8a6wfy3vfmwr3pjdmxwdmc2cs"; + type = "gem"; + }; + version = "1.1.0"; }; backports = { + groups = ["default"]; + platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "17pcz0z6jms5jydr1r95kf1bpk3ms618hgr26c62h34icy9i1dpm"; + sha256 = "0cczfi1yp7a68bg7ipzi4lvrmi4xsi36n9a19krr4yb3nfwd8fn2"; type = "gem"; }; - version = "3.8.0"; + version = "3.15.0"; }; bcrypt = { + groups = ["default"]; + platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1d254sdhdj6mzak3fb5x3jam8b94pvl1srladvs53j05a89j5z50"; + sha256 = "0ysblqxkclmnhrd0kmb5mr8p38mbar633gdsb14b7dhkhgawgzfy"; type = "gem"; }; - version = "3.1.11"; + version = "3.1.12"; }; bcrypt_pbkdf = { + groups = ["default"]; + platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0cj4k13c7qvvck7y25i3xarvyqq8d27vl61jddifkc7llnnap1hv"; + sha256 = "02vssr285m7kpsr47jdmzbar1h1d0mnkmyrpr1zg828isfmwii35"; type = "gem"; }; - version = "1.0.0"; + version = "1.0.1"; }; bindata = { + groups = ["default"]; + platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "10sii2chgnkp2jw830sbr2wb20p8p1wcwrl9jhadkw94f505qcyg"; + sha256 = "0kz42nvxnk1j9cj0i8lcnhprcgdqsqska92g6l19ziadydfk2gqy"; type = "gem"; }; - version = "2.4.0"; + version = "2.4.4"; }; bit-struct = { + groups = ["default"]; + platforms = []; source = { remotes = ["https://rubygems.org"]; sha256 = "1w7x1fh4a6inpb46imhdf4xrq0z4d6zdpg7sdf8n98pif2hx50sx"; @@ -127,6 +243,8 @@ version = "0.16"; }; builder = { + groups = ["default"]; + platforms = []; source = { remotes = ["https://rubygems.org"]; sha256 = "0qibi5s67lpdv1wgcj66wcymcr04q6j4mzws6a479n0mlrmh5wr1"; @@ -134,15 +252,92 @@ }; version = "3.2.3"; }; + concurrent-ruby = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "183lszf5gx84kcpb779v6a2y0mx9sssy8dgppng1z9a505nj1qcf"; + type = "gem"; + }; + version = "1.0.5"; + }; + cookiejar = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0q0kmbks9l3hl0wdq744hzy97ssq9dvlzywyqv9k9y1p3qc9va2a"; + type = "gem"; + }; + version = "0.3.3"; + }; + crass = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0bpxzy6gjw9ggjynlxschbfsgmx8lv3zw1azkjvnb8b9i895dqfi"; + type = "gem"; + }; + version = "1.0.4"; + }; + daemons = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0l5gai3vd4g7aqff0k1mp41j9zcsvm2rbwmqn115a325k9r7pf4w"; + type = "gem"; + }; + version = "1.3.1"; + }; dnsruby = { + dependencies = ["addressable"]; + groups = ["default"]; + platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0qfvpkka69f8vnmda3zhkr54fjpf7pwgmbx0gcsxg3jd6c7sjs1d"; + sha256 = "139cbl2k934q7d50g7hi8r4im69ca3iv16y9plq9yc6mgjq1cgfk"; type = "gem"; }; - version = "1.60.2"; + version = "1.61.3"; + }; + ed25519 = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1f5kr8za7hvla38fc0n9jiv55iq62k5bzclsa5kdb14l3r4w6qnw"; + type = "gem"; + }; + version = "1.2.4"; + }; + em-http-request = { + dependencies = ["addressable" "cookiejar" "em-socksify" "eventmachine" "http_parser.rb"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "13rxmbi0fv91n4sg300v3i9iiwd0jxv0i6xd0sp81dx3jlx7kasx"; + type = "gem"; + }; + version = "1.1.5"; + }; + em-socksify = { + dependencies = ["eventmachine"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0rk43ywaanfrd8180d98287xv2pxyl7llj291cwy87g1s735d5nk"; + type = "gem"; + }; + version = "0.3.2"; }; erubis = { + groups = ["default"]; + platforms = []; source = { remotes = ["https://rubygems.org"]; sha256 = "1fj827xqjs91yqsydf0zmfyw9p4l2jz5yikg3mppz6d7fi8kyrb3"; @@ -150,32 +345,51 @@ }; version = "2.7.0"; }; - faraday = { - dependencies = ["multipart-post"]; + eventmachine = { + groups = ["default"]; + platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1gyqsj7vlqynwvivf9485zwmcj04v1z7gq362z0b8zw2zf4ag0hw"; + sha256 = "0wh9aqb0skz80fhfn66lbpr4f86ya2z5rx6gm5xlfhd05bj1ch4r"; type = "gem"; }; - version = "0.13.1"; + version = "1.2.7"; }; - ffi = { + faker = { + dependencies = ["i18n"]; + groups = ["default"]; + platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "034f52xf7zcqgbvwbl20jwdyjwznvqnwpbaps9nk18v9lgb1dpx0"; + sha256 = "1wpzpqzpqd9jjzm3ap8182sfbnhdahcxpbg0dssbwq13qdf1s5xs"; type = "gem"; }; - version = "1.9.18"; + version = "2.2.1"; + }; + faraday = { + dependencies = ["multipart-post"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0s72m05jvzc1pd6cw1i289chas399q0a14xrwg4rvkdwy7bgzrh0"; + type = "gem"; + }; + version = "0.15.4"; }; filesize = { + groups = ["default"]; + platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "061qmg82mm9xnmnq3b7gbi24g28xk62w0b0nw86gybd07m1jn989"; + sha256 = "17p7rf1x7h3ivaznb4n4kmxnnzj25zaviryqgn2n12v2kmibhp8g"; type = "gem"; }; - version = "0.1.1"; + version = "0.2.0"; }; hashery = { + groups = ["default"]; + platforms = []; source = { remotes = ["https://rubygems.org"]; sha256 = "0qj8815bf7q6q7llm5rzdz279gzmpqmqqicxnzv066a020iwqffj"; @@ -183,16 +397,41 @@ }; version = "2.1.2"; }; + "http_parser.rb" = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "15nidriy0v5yqfjsgsra51wmknxci2n2grliz78sf9pga3n0l7gi"; + type = "gem"; + }; + version = "0.6.0"; + }; i18n = { + dependencies = ["concurrent-ruby"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "038qvz7kd3cfxk8bvagqhakx68pfbnmghpdkx7573wbf0maqp9a3"; + type = "gem"; + }; + version = "0.9.5"; + }; + jmespath = { + groups = ["default"]; + platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1i3aqvzfsj786kwjj70jsjpxm6ffw5pwhalzr2abjfv2bdc7k9kw"; + sha256 = "1d4wac0dcd1jf6kc57891glih9w57552zgqswgy74d1xhgnk0ngf"; type = "gem"; }; - version = "0.8.6"; + version = "1.4.0"; }; jsobfu = { dependencies = ["rkelly-remix"]; + groups = ["default"]; + platforms = []; source = { remotes = ["https://rubygems.org"]; sha256 = "1hchns89cfj0gggm2zbr7ghb630imxm2x2d21ffx2jlasn9xbkyk"; @@ -201,32 +440,40 @@ version = "0.4.2"; }; json = { + groups = ["default"]; + platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "01v6jjpvh3gnq6sgllpfqahlgxzj50ailwhj9b3cd20hi2dx0vxp"; + sha256 = "0sx97bm9by389rbzv8r1f43h06xcz8vwi3h5jv074gvparql7lcx"; type = "gem"; }; - version = "2.1.0"; + version = "2.2.0"; }; loofah = { - dependencies = ["nokogiri"]; + dependencies = ["crass" "nokogiri"]; + groups = ["default"]; + platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "109ps521p0sr3kgc460d58b4pr1z4mqggan2jbsf0aajy9s6xis8"; + sha256 = "1ccsid33xjajd0im2xv941aywi58z7ihwkvaf1w2bv89vn5bhsjg"; type = "gem"; }; - version = "2.0.3"; + version = "2.2.3"; }; metasm = { + groups = ["default"]; + platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0gss57q4lv6l0jkih77zffrpjjzgkdcsy7b9nvvawyzknis9w4s5"; + sha256 = "0mbmpc8vsi574s78f23bhiqk07sr6yrrrmk702lfv61ql4ah5l89"; type = "gem"; }; - version = "1.0.3"; + version = "1.0.4"; }; metasploit-concern = { dependencies = ["activemodel" "activesupport" "railties"]; + groups = ["default"]; + platforms = []; source = { remotes = ["https://rubygems.org"]; sha256 = "0v9lm225fhzhnbjcc0vwb38ybikxwzlv8116rrrkndzs8qy79297"; @@ -235,27 +482,33 @@ version = "2.0.5"; }; metasploit-credential = { - dependencies = ["metasploit-concern" "metasploit-model" "metasploit_data_models" "pg" "railties" "rex-socket" "rubyntlm" "rubyzip"]; + dependencies = ["metasploit-concern" "metasploit-model" "metasploit_data_models" "net-ssh" "pg" "railties" "rex-socket" "rubyntlm" "rubyzip"]; + groups = ["default"]; + platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1flahrcl5hf4bncqs40mry6pkffvmir85kqzkad22x3dh6crw50i"; + sha256 = "0m6j149x502p00y2jzra65281dhhw3m8a41pwfn1sk9wv7aiclvl"; type = "gem"; }; - version = "2.0.12"; + version = "3.0.3"; }; metasploit-framework = { - dependencies = ["actionpack" "activerecord" "activesupport" "backports" "bcrypt" "bcrypt_pbkdf" "bit-struct" "dnsruby" "filesize" "jsobfu" "json" "metasm" "metasploit-concern" "metasploit-credential" "metasploit-model" "metasploit-payloads" "metasploit_data_models" "metasploit_payloads-mettle" "msgpack" "nessus_rest" "net-ssh" "network_interface" "nexpose" "nokogiri" "octokit" "openssl-ccm" "openvas-omp" "packetfu" "patch_finder" "pcaprub" "pdf-reader" "pg" "railties" "rb-readline" "rbnacl" "rbnacl-libsodium" "recog" "redcarpet" "rex-arch" "rex-bin_tools" "rex-core" "rex-encoder" "rex-exploitation" "rex-java" "rex-mime" "rex-nop" "rex-ole" "rex-powershell" "rex-random_identifier" "rex-registry" "rex-rop_builder" "rex-socket" "rex-sslscan" "rex-struct2" "rex-text" "rex-zip" "robots" "ruby_smb" "rubyntlm" "rubyzip" "sqlite3" "sshkey" "tzinfo" "tzinfo-data" "windows_error" "xdr" "xmlrpc"]; + dependencies = ["actionpack" "activerecord" "activesupport" "aws-sdk-ec2" "aws-sdk-iam" "aws-sdk-s3" "backports" "bcrypt" "bcrypt_pbkdf" "bit-struct" "concurrent-ruby" "dnsruby" "ed25519" "em-http-request" "faker" "filesize" "jsobfu" "json" "metasm" "metasploit-concern" "metasploit-credential" "metasploit-model" "metasploit-payloads" "metasploit_data_models" "metasploit_payloads-mettle" "mqtt" "msgpack" "nessus_rest" "net-ssh" "network_interface" "nexpose" "nokogiri" "octokit" "openssl-ccm" "openvas-omp" "packetfu" "patch_finder" "pcaprub" "pdf-reader" "pg" "railties" "rb-readline" "recog" "redcarpet" "rex-arch" "rex-bin_tools" "rex-core" "rex-encoder" "rex-exploitation" "rex-java" "rex-mime" "rex-nop" "rex-ole" "rex-powershell" "rex-random_identifier" "rex-registry" "rex-rop_builder" "rex-socket" "rex-sslscan" "rex-struct2" "rex-text" "rex-zip" "ruby-macho" "ruby_smb" "rubyntlm" "rubyzip" "sinatra" "sqlite3" "sshkey" "thin" "tzinfo" "tzinfo-data" "warden" "windows_error" "xdr" "xmlrpc"]; + groups = ["default"]; + platforms = []; source = { fetchSubmodules = false; - rev = "dbec1c2d2ae4bd77276cbfb3c6ee2902048b9453"; - sha256 = "06a2dc64wl8w02zimf44hch4cap7ckw42kg1x01lmcwaa8d5q09w"; + rev = "2b9e74c7a8a4423ea195e75abca1f56c354e5541"; + sha256 = "16jl3fkfbwl4wwbj2zrq9yr8y8brkhj9641hplc8idv8gaqkgmm5"; type = "git"; url = "https://github.com/rapid7/metasploit-framework"; }; - version = "4.16.1"; + version = "5.0.45"; }; metasploit-model = { dependencies = ["activemodel" "activesupport" "railties"]; + groups = ["default"]; + platforms = []; source = { remotes = ["https://rubygems.org"]; sha256 = "05pnai1cv00xw87rrz38dz4s3ss45s90290d0knsy1mq6rp8yvmw"; @@ -264,63 +517,89 @@ version = "2.0.4"; }; metasploit-payloads = { + groups = ["default"]; + platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0icha08z4c5rnyp66xcyn9c8lbv43gx7hgs9rsm3539gj8c40znx"; + sha256 = "01s3xmgw4fp2ic0wql8lswa86q3lgr3z687idx3xkfii3dskjpp3"; type = "gem"; }; - version = "1.3.1"; + version = "1.3.70"; }; metasploit_data_models = { dependencies = ["activerecord" "activesupport" "arel-helpers" "metasploit-concern" "metasploit-model" "pg" "postgres_ext" "railties" "recog"]; + groups = ["default"]; + platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0j3ijxn6n3ack9572a74cwknijymy41c8rx34njyhg25lx4hbvah"; + sha256 = "1h59lblfrx8gsnqr10wk958zp6rsjy3qib3hb87s3nm6m1zhm2bc"; type = "gem"; }; - version = "2.0.15"; + version = "3.0.10"; }; metasploit_payloads-mettle = { + groups = ["default"]; + platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1y2nfzgs17pq3xvlw14jgjcksr4h8p4miypxk9a87l1h7xv7dcgn"; + sha256 = "1x2rgs2r16m8z87j5z78vp49xvr2sr4dxjgbi6d0nxrlr52pd8yf"; type = "gem"; }; - version = "0.2.0"; + version = "0.5.16"; }; mini_portile2 = { + groups = ["default"]; + platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0g5bpgy08q0nc0anisg3yvwc1gc3inl854fcrg48wvg7glqd6dpm"; + sha256 = "15zplpfw3knqifj9bpf604rb3wc1vhq6363pd6lvhayng8wql5vy"; type = "gem"; }; - version = "2.2.0"; + version = "2.4.0"; }; minitest = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0icglrhghgwdlnzzp4jf76b0mbc71s80njn5afyfjn4wqji8mqbq"; + type = "gem"; + }; + version = "5.11.3"; + }; + mqtt = { + groups = ["default"]; + platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "05521clw19lrksqgvg2kmm025pvdhdaniix52vmbychrn2jm7kz2"; + sha256 = "0d1khsry5mf63y03r6v91f4vrbn88277ksv7d69z3xmqs9sgpri9"; type = "gem"; }; - version = "5.10.3"; + version = "0.5.0"; }; msgpack = { + groups = ["default"]; + platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0ck7w17d6b4jbb8inh1q57bghi9cjkiaxql1d3glmj1yavbpmlh7"; + sha256 = "1qr2mkm2i3m76zarvy7qgjl9596hmvjrg7x6w42vx8cfsbf5p0y1"; type = "gem"; }; - version = "1.1.0"; + version = "1.3.1"; }; multipart-post = { + groups = ["default"]; + platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "09k0b3cybqilk1gwrwwain95rdypixb2q9w65gd44gfzsd84xi1x"; + sha256 = "1zgw9zlwh2a6i1yvhhc4a84ry1hv824d6g2iw2chs3k5aylpmpfj"; type = "gem"; }; - version = "2.0.0"; + version = "2.1.1"; }; nessus_rest = { + groups = ["default"]; + platforms = []; source = { remotes = ["https://rubygems.org"]; sha256 = "1allyrd4rll333zbmsi3hcyg6cw1dhc4bg347ibsw191nswnp8ci"; @@ -329,56 +608,70 @@ version = "0.1.6"; }; net-ssh = { + groups = ["default"]; + platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "013p5jb4wy0cq7x7036piw2a3s1i9p752ki1srx2m289mpz4ml3q"; + sha256 = "101wd2px9lady54aqmkibvy4j62zk32w0rjz4vnigyg974fsga40"; type = "gem"; }; - version = "4.1.0"; + version = "5.2.0"; }; network_interface = { + groups = ["default"]; + platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0ir4c1vbz1y0gxyih024262i7ig1nji1lkylcrn9pjzx3798p97a"; + sha256 = "1xh4knfq77ii4pjzsd2z1p3nd6nrcdjhb2vi5gw36jqj43ffw0zp"; type = "gem"; }; - version = "0.0.1"; + version = "0.0.2"; }; nexpose = { + groups = ["default"]; + platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0jnyvj09z8r3chhj930fdnashbfcfv0vw2drjvsrcnm7firdhdzb"; + sha256 = "0i108glkklwgjxhfhnlqf4b16plqf9b84qpfz0pnl2pbnal5af8m"; type = "gem"; }; - version = "6.1.1"; + version = "7.2.1"; }; nokogiri = { dependencies = ["mini_portile2"]; + groups = ["default"]; + platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1nffsyx1xjg6v5n9rrbi8y1arrcx2i5f21cp6clgh9iwiqkr7rnn"; + sha256 = "0nmdrqqz1gs0fwkgzxjl4wr554gr8dc1fkrqjc2jpsvwgm41rygv"; type = "gem"; }; - version = "1.8.0"; + version = "1.10.4"; }; octokit = { dependencies = ["sawyer"]; + groups = ["default"]; + platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0h6cm7bi0y7ysjgwws3paaipqdld6c0m0niazrjahhpz88qqq1g4"; + sha256 = "1w7agbfg39jzqk81yad9xhscg31869277ysr2iwdvpjafl5lj4ha"; type = "gem"; }; - version = "4.7.0"; + version = "4.14.0"; }; openssl-ccm = { + groups = ["default"]; + platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "18h5lxv0zh4j2f0wnhdmfz63x02vbzbq2k1clz6kzr0q83h8kj9c"; + sha256 = "0gxwxk657jya2s5m8cpckvgy5m7qx0hzfp8xvc0hg2wf1lg5gwp0"; type = "gem"; }; - version = "1.2.1"; + version = "1.2.2"; }; openvas-omp = { + groups = ["default"]; + platforms = []; source = { remotes = ["https://rubygems.org"]; sha256 = "14xf614vd76qjdjxjv14mmjar6s64fwp4cwb7bv5g1wc29srg28x"; @@ -388,6 +681,8 @@ }; packetfu = { dependencies = ["pcaprub"]; + groups = ["default"]; + platforms = []; source = { remotes = ["https://rubygems.org"]; sha256 = "16ppq9wfxq4x2hss61l5brs3s6fmi8gb50mnp1nnnzb1asq4g8ll"; @@ -396,6 +691,8 @@ version = "1.1.13"; }; patch_finder = { + groups = ["default"]; + platforms = []; source = { remotes = ["https://rubygems.org"]; sha256 = "1md9scls55n1riw26vw1ak0ajq38dfygr36l0h00wqhv51cq745m"; @@ -404,31 +701,39 @@ version = "1.0.2"; }; pcaprub = { + groups = ["default"]; + platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0pl4lqy7308185pfv0197n8b4v20fhd0zb3wlpz284rk8ssclkvz"; + sha256 = "0h4iarqdych6v4jm5s0ywkc01qspadz8sf6qn7pkqmszq4iqv67q"; type = "gem"; }; - version = "0.12.4"; + version = "0.13.0"; }; pdf-reader = { dependencies = ["Ascii85" "afm" "hashery" "ruby-rc4" "ttfunk"]; + groups = ["default"]; + platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0nlammdpjy3padmzxhsql7mw31jyqp88n6bdffiarv5kzl4s3y7p"; + sha256 = "14lqdbiwn2qwgbvnnzxg7haqiy026d8x37hp45c3m9jb9rym92ps"; type = "gem"; }; - version = "2.0.0"; + version = "2.2.1"; }; pg = { + groups = ["default"]; + platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "03xcgwjs6faxis81jxf2plnlalg55dhhafqv3kvjxfr8ic7plpw5"; + sha256 = "00vhasqwc4f98qb4wxqn2h07fjwzhp5lwyi41j2gndi2g02wrdqh"; type = "gem"; }; - version = "0.20.0"; + version = "0.21.0"; }; pg_array_parser = { + groups = ["default"]; + platforms = []; source = { remotes = ["https://rubygems.org"]; sha256 = "1034dhg8h53j48sfm373js54skg4vpndjga6hzn2zylflikrrf3s"; @@ -438,22 +743,28 @@ }; postgres_ext = { dependencies = ["activerecord" "arel" "pg_array_parser"]; + groups = ["default"]; + platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1lbp1qf5s1addhznm7d4bzks9adh7jpilgcsr8k7mbd0a1ailcgc"; + sha256 = "0ni1ajzxvc17ba4rgl27cd3645ddbpqpfckv7m08sfgk015hh7dq"; type = "gem"; }; - version = "3.0.0"; + version = "3.0.1"; }; public_suffix = { + groups = ["default"]; + platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "040jf98jpp6w140ghkhw2hvc1qx41zvywx5gj7r2ylr1148qnj7q"; + sha256 = "0xnfv2j2bqgdpg2yq9i2rxby0w2sc9h5iyjkpaas2xknwrgmhdb0"; type = "gem"; }; - version = "2.0.5"; + version = "4.0.1"; }; rack = { + groups = ["default"]; + platforms = []; source = { remotes = ["https://rubygems.org"]; sha256 = "1g9926ln2lw12lfxm4ylq1h6nl0rafl10za3xvjzc87qvnqic87f"; @@ -461,8 +772,21 @@ }; version = "1.6.11"; }; + rack-protection = { + dependencies = ["rack"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0my0wlw4a5l3hs79jkx2xzv7djhajgf8d28k8ai1ddlnxxb0v7ss"; + type = "gem"; + }; + version = "1.5.5"; + }; rack-test = { dependencies = ["rack"]; + groups = ["default"]; + platforms = []; source = { remotes = ["https://rubygems.org"]; sha256 = "0h6x5jq24makgv2fq5qqgjlrk74dxfy62jif9blk43llw8ib2q7z"; @@ -472,6 +796,8 @@ }; rails-deprecated_sanitizer = { dependencies = ["activesupport"]; + groups = ["default"]; + platforms = []; source = { remotes = ["https://rubygems.org"]; sha256 = "0qxymchzdxww8bjsxj05kbf86hsmrjx40r41ksj0xsixr2gmhbbj"; @@ -481,40 +807,50 @@ }; rails-dom-testing = { dependencies = ["activesupport" "nokogiri" "rails-deprecated_sanitizer"]; + groups = ["default"]; + platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1ny7mbjxhq20rzg4pivvyvk14irmc7cn20kxfk3vc0z2r2c49p8r"; + sha256 = "0wssfqpn00byhvp2372p99mphkcj8qx6pf6646avwr9ifvq0q1x6"; type = "gem"; }; - version = "1.0.8"; + version = "1.0.9"; }; rails-html-sanitizer = { dependencies = ["loofah"]; + groups = ["default"]; + platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "138fd86kv073zqfx0xifm646w6bgw2lr8snk16lknrrfrss8xnm7"; + sha256 = "0ilwxzm3a7bql5c9q2n9g9nb1hax7vd8d65a5yp3d967ld97nvrq"; type = "gem"; }; - version = "1.0.3"; + version = "1.2.0"; }; railties = { dependencies = ["actionpack" "activesupport" "rake" "thor"]; + groups = ["default"]; + platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1g5jnk1zllm2fr06lixq7gv8l2cwqc99akv7886gz6lshijpfyxd"; + sha256 = "1bjf21z9maiiazc1if56nnh9xmgbkcqlpznv34f40a1hsvgk1d1m"; type = "gem"; }; - version = "4.2.9"; + version = "4.2.11.1"; }; rake = { + groups = ["default"]; + platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "01j8fc9bqjnrsxbppncai05h43315vmz9fwg28qdsgcjw9ck1d7n"; + sha256 = "1cvaqarr1m84mhc006g3l1vw7sa5qpkcw0138lsxlf769zdllsgp"; type = "gem"; }; - version = "12.0.0"; + version = "12.3.3"; }; rb-readline = { + groups = ["default"]; + platforms = []; source = { remotes = ["https://rubygems.org"]; sha256 = "14w79a121czmvk1s953qfzww30mqjb2zc0k9qhi0ivxxk3hxg6wy"; @@ -522,69 +858,63 @@ }; version = "0.5.5"; }; - rbnacl = { - dependencies = ["ffi"]; - source = { - remotes = ["https://rubygems.org"]; - sha256 = "08dkigw8wdx53hviw1zqrs7rcrzqcwh9jd3dvwr72013z9fmyp48"; - type = "gem"; - }; - version = "4.0.2"; - }; - rbnacl-libsodium = { - dependencies = ["rbnacl"]; - source = { - remotes = ["https://rubygems.org"]; - sha256 = "1323fli41m01af13xz5xvabsjnz09si1b9l4qd2p802kq0dr61gd"; - type = "gem"; - }; - version = "1.0.13"; - }; recog = { dependencies = ["nokogiri"]; + groups = ["default"]; + platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0h023ykrrra74bpbibkyg083kafaswvraw4naw9p1ghcjzn9ggj3"; + sha256 = "0kbv0j82zf90sc9hhwna2bkb5zv0nxagk22gxyfy82kjmcz71c6k"; type = "gem"; }; - version = "2.1.12"; + version = "2.3.2"; }; redcarpet = { + groups = ["default"]; + platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0h9qz2hik4s9knpmbwrzb3jcp3vc5vygp9ya8lcpl7f1l9khmcd7"; + sha256 = "0skcyx1h8b5ms0rp2zm3ql6g322b8c1adnkwkqyv7z3kypb4bm7k"; type = "gem"; }; - version = "3.4.0"; + version = "3.5.0"; }; rex-arch = { dependencies = ["rex-text"]; + groups = ["default"]; + platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1izzalmjwdyib8y0xlgys8qb60di6xyjk485ylgh14p47wkyc6yp"; + sha256 = "0cvdy2ysiphdig258lkicbxqq2y47bkl69kgj4kkj8w338rb5kwa"; type = "gem"; }; - version = "0.1.11"; + version = "0.1.13"; }; rex-bin_tools = { dependencies = ["metasm" "rex-arch" "rex-core" "rex-struct2" "rex-text"]; + groups = ["default"]; + platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "01hi1cjr68adp47nxbjfprvn0r3b72r4ib82x9j33bf2pny6nvaw"; + sha256 = "19q4cj7cis29k3zx9j2gp4h3ib0zig2fa4rs56c1gjr32f192zzk"; type = "gem"; }; - version = "0.1.4"; + version = "0.1.6"; }; rex-core = { + groups = ["default"]; + platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "16dwf4pw7bpx8xvlv241imxvwhvjfv0cw9kl7ipsv40yazy5lzpk"; + sha256 = "1b9pf7f8m2zjck65dpp8h8v4n0a05kfas6cn9adv0w8d9z58aqvv"; type = "gem"; }; - version = "0.1.12"; + version = "0.1.13"; }; rex-encoder = { dependencies = ["metasm" "rex-arch" "rex-text"]; + groups = ["default"]; + platforms = []; source = { remotes = ["https://rubygems.org"]; sha256 = "1zm5jdxgyyp8pkfqwin34izpxdrmglx6vmk20ifnvcsm55c9m70z"; @@ -594,14 +924,18 @@ }; rex-exploitation = { dependencies = ["jsobfu" "metasm" "rex-arch" "rex-encoder" "rex-text"]; + groups = ["default"]; + platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0gbj28jqaaldpk4qzysgcl6m0wcqx3gcldarqdk55p5z9zasrk19"; + sha256 = "0b2jg7mccwc34j9mfpndh7b387723qas38qsd906bs4s8b6hf05c"; type = "gem"; }; - version = "0.1.14"; + version = "0.1.21"; }; rex-java = { + groups = ["default"]; + platforms = []; source = { remotes = ["https://rubygems.org"]; sha256 = "0j58k02p5g9snkpak64sb4aymkrvrh9xpqh8wsnya4w7b86w2y6i"; @@ -611,6 +945,8 @@ }; rex-mime = { dependencies = ["rex-text"]; + groups = ["default"]; + platforms = []; source = { remotes = ["https://rubygems.org"]; sha256 = "15a14kz429h7pn81ysa6av3qijxjmxagjff6dyss5v394fxzxf4a"; @@ -620,6 +956,8 @@ }; rex-nop = { dependencies = ["rex-arch"]; + groups = ["default"]; + platforms = []; source = { remotes = ["https://rubygems.org"]; sha256 = "0aigf9qsqsmiraa6zvfy1a7cyvf7zc3iyhzxi6fjv5sb8f64d6ny"; @@ -629,6 +967,8 @@ }; rex-ole = { dependencies = ["rex-text"]; + groups = ["default"]; + platforms = []; source = { remotes = ["https://rubygems.org"]; sha256 = "1pnzbqfnvbs0vc0z0ryszk3fxhgxrjd6gzwqa937rhlphwp5jpww"; @@ -638,23 +978,29 @@ }; rex-powershell = { dependencies = ["rex-random_identifier" "rex-text"]; + groups = ["default"]; + platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0nl60fdd1rlckk95d3s3y873w84vb0sgwvwxdzv414qxz8icpjnm"; + sha256 = "1fcyiz8cgcv6pcn5w969ac4wwhr1cz6jk6kf6p8gyw5rjrlwfz0j"; type = "gem"; }; - version = "0.1.72"; + version = "0.1.82"; }; rex-random_identifier = { dependencies = ["rex-text"]; + groups = ["default"]; + platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0cksrljaw61mdjvbmj9vqqhd8nra7jv466w5nim47n73rj72jc19"; + sha256 = "0fg94sczff5c2rlvqqgw2dndlqyzjil5rjk3p9f46ss2hc8zxlbk"; type = "gem"; }; - version = "0.1.2"; + version = "0.1.4"; }; rex-registry = { + groups = ["default"]; + platforms = []; source = { remotes = ["https://rubygems.org"]; sha256 = "0wv812ghnz143vx10ixmv32ypj1xrzr4rh4kgam8d8wwjwxsgw1q"; @@ -664,6 +1010,8 @@ }; rex-rop_builder = { dependencies = ["metasm" "rex-core" "rex-text"]; + groups = ["default"]; + platforms = []; source = { remotes = ["https://rubygems.org"]; sha256 = "0xjd3d6wnbq4ym0d0m268md8fb16f2hbwrahvxnl14q63fj9i3wy"; @@ -673,15 +1021,19 @@ }; rex-socket = { dependencies = ["rex-core"]; + groups = ["default"]; + platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0bkr64qrfy2mcv6cpp2z2rn9npgn9s0yyagzjh7kawbm80ldwf2h"; + sha256 = "136szyv31fcdzmcgs44vg009k3ssyawkqppkhm3xyv2ivpp1mlgv"; type = "gem"; }; - version = "0.1.8"; + version = "0.1.17"; }; rex-sslscan = { dependencies = ["rex-core" "rex-socket" "rex-text"]; + groups = ["default"]; + platforms = []; source = { remotes = ["https://rubygems.org"]; sha256 = "06gbx45q653ajcx099p0yxdqqxazfznbrqshd4nwiwg1p498lmyx"; @@ -690,6 +1042,8 @@ version = "0.1.5"; }; rex-struct2 = { + groups = ["default"]; + platforms = []; source = { remotes = ["https://rubygems.org"]; sha256 = "1nbdn53264a20cr2m2nq2v4mg0n33dvrd1jj1sixl37qjzw2k452"; @@ -698,15 +1052,19 @@ version = "0.1.2"; }; rex-text = { + groups = ["default"]; + platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "024miva867h4wv4y1lnxxrw2d7p51va32ismxqf3fsz4s9cqc88m"; + sha256 = "0cmfwzd3r6xzhaw5l2grgiivql1yynh620drg8h39q8hiixya6xz"; type = "gem"; }; - version = "0.2.15"; + version = "0.2.23"; }; rex-zip = { dependencies = ["rex-text"]; + groups = ["default"]; + platforms = []; source = { remotes = ["https://rubygems.org"]; sha256 = "1mbfryyhcw47i7jb8cs8vilbyqgyiyjkfl1ngl6wdbf7d87dwdw7"; @@ -715,6 +1073,8 @@ version = "0.1.3"; }; rkelly-remix = { + groups = ["default"]; + platforms = []; source = { remotes = ["https://rubygems.org"]; sha256 = "1g7hjl9nx7f953y7lncmfgp0xgxfxvgfm367q6da9niik6rp1y3j"; @@ -722,15 +1082,19 @@ }; version = "0.0.7"; }; - robots = { + ruby-macho = { + groups = ["default"]; + platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "141gvihcr2c0dpzl3dqyh8kqc9121prfdql2iamaaw0mf9qs3njs"; + sha256 = "1k5vvk9d13pixhbram6fs74ibgmr2dngv7bks13npcjb42q275if"; type = "gem"; }; - version = "0.10.1"; + version = "2.2.0"; }; ruby-rc4 = { + groups = ["default"]; + platforms = []; source = { remotes = ["https://rubygems.org"]; sha256 = "00vci475258mmbvsdqkmqadlwn6gj9m01sp7b5a3zd90knil1k00"; @@ -740,14 +1104,18 @@ }; ruby_smb = { dependencies = ["bindata" "rubyntlm" "windows_error"]; + groups = ["default"]; + platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1jby5wlppxhc2jlqldic05aqd5l57171lsxqv86702grk665n612"; + sha256 = "125pimmaskp13nkk5j138nfk1kd8n91sfdlx4dhj2j9zk342wsf4"; type = "gem"; }; - version = "0.0.18"; + version = "1.1.0"; }; rubyntlm = { + groups = ["default"]; + platforms = []; source = { remotes = ["https://rubygems.org"]; sha256 = "1p6bxsklkbcqni4bcq6jajc2n57g0w5rzn4r49c3lb04wz5xg0dy"; @@ -756,47 +1124,81 @@ version = "0.6.2"; }; rubyzip = { + groups = ["default"]; + platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "06js4gznzgh8ac2ldvmjcmg9v1vg9llm357yckkpylaj6z456zqz"; + sha256 = "1w9gw28ly3zyqydnm8phxchf4ymyjl2r7zf7c12z8kla10cpmhlc"; type = "gem"; }; - version = "1.2.1"; + version = "1.2.3"; }; sawyer = { dependencies = ["addressable" "faraday"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0yrdchs3psh583rjapkv33mljdivggqn99wkydkjdckcjn43j3cz"; + type = "gem"; + }; + version = "0.8.2"; + }; + sinatra = { + dependencies = ["rack" "rack-protection" "tilt"]; + groups = ["default"]; + platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0sv1463r7bqzvx4drqdmd36m7rrv6sf1v3c6vswpnq3k6vdw2dvd"; + sha256 = "0byxzl7rx3ki0xd7aiv1x8mbah7hzd8f81l65nq8857kmgzj1jqq"; type = "gem"; }; - version = "0.8.1"; + version = "1.4.8"; }; sqlite3 = { + groups = ["default"]; + platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "01ifzp8nwzqppda419c9wcvr8n82ysmisrs0hph9pdmv1lpa4f5i"; + sha256 = "1v903nbcws3ifm6jnxrdfcpgl1qg2x3lbif16mhlbyfn0npzb494"; type = "gem"; }; - version = "1.3.13"; + version = "1.4.1"; }; sshkey = { + groups = ["default"]; + platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0g02lh50jd5z4l9bp7xirnfn3n1dh9lr06dv3xh0kr3yhsny059h"; + sha256 = "03bkn55qsng484iqwz2lmm6rkimj01vsvhwk661s3lnmpkl65lbp"; type = "gem"; }; - version = "1.9.0"; + version = "2.0.0"; + }; + thin = { + dependencies = ["daemons" "eventmachine" "rack"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0nagbf9pwy1vg09k6j4xqhbjjzrg5dwzvkn4ffvlj76fsn6vv61f"; + type = "gem"; + }; + version = "1.7.2"; }; thor = { + groups = ["default"]; + platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0nmqpyj642sk4g16nkbq6pj856adpv91lp4krwhqkh2iw63aszdl"; + sha256 = "1yhrnp9x8qcy5vc7g438amd5j9sw83ih7c30dr6g6slgw9zj3g29"; type = "gem"; }; - version = "0.20.0"; + version = "0.20.3"; }; thread_safe = { + groups = ["default"]; + platforms = []; source = { remotes = ["https://rubygems.org"]; sha256 = "0nmhcgq6cgz44srylra07bmaw99f5271l0dpsvl5f75m44l0gmwy"; @@ -804,7 +1206,19 @@ }; version = "0.3.6"; }; + tilt = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0ca4k0clwf0rkvy7726x4nxpjxkpv67w043i39saxgldxd97zmwz"; + type = "gem"; + }; + version = "2.0.9"; + }; ttfunk = { + groups = ["default"]; + platforms = []; source = { remotes = ["https://rubygems.org"]; sha256 = "1mgrnqla5n51v4ivn844albsajkck7k6lviphfqa8470r46c58cd"; @@ -814,23 +1228,40 @@ }; tzinfo = { dependencies = ["thread_safe"]; + groups = ["default"]; + platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "05r81lk7q7275rdq7xipfm0yxgqyd2ggh73xpc98ypngcclqcscl"; + sha256 = "1fjx9j327xpkkdlxwmkl3a8wqj7i4l4jwlrv3z13mg95z9wl253z"; type = "gem"; }; - version = "1.2.3"; + version = "1.2.5"; }; tzinfo-data = { dependencies = ["tzinfo"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1m507in0d7vlfgasxpkz3y1a44zp532k9qlqcaz90ay939sz9h5q"; + type = "gem"; + }; + version = "1.2019.2"; + }; + warden = { + dependencies = ["rack"]; + groups = ["default"]; + platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1n83rmy476d4qmzq74qx0j7lbcpskbvrj1bmy3np4d5pydyw2yky"; + sha256 = "0va966lhpylcwbqb9n151kkihx30agh0a57mwjwdxyanll4s1q12"; type = "gem"; }; - version = "1.2017.2"; + version = "1.2.7"; }; windows_error = { + groups = ["default"]; + platforms = []; source = { remotes = ["https://rubygems.org"]; sha256 = "0kbcv9j5sc7pvjzf1dkp6h69i6lmj205zyy2arxcfgqg11bsz2kp"; @@ -840,6 +1271,8 @@ }; xdr = { dependencies = ["activemodel" "activesupport"]; + groups = ["default"]; + platforms = []; source = { remotes = ["https://rubygems.org"]; sha256 = "0c5cp1k4ij3xq1q6fb0f6xv5b65wy18y7bhwvsdx8wd0zyg3x96m"; @@ -848,6 +1281,8 @@ version = "2.0.0"; }; xmlrpc = { + groups = ["default"]; + platforms = []; source = { remotes = ["https://rubygems.org"]; sha256 = "1s744iwblw262gj357pky3d9fcx9hisvla7rnw29ysn5zsb6i683"; diff --git a/pkgs/tools/system/netdata/default.nix b/pkgs/tools/system/netdata/default.nix index dc169ee23b4..30ebd4969dc 100644 --- a/pkgs/tools/system/netdata/default.nix +++ b/pkgs/tools/system/netdata/default.nix @@ -12,12 +12,12 @@ with stdenv.lib; stdenv.mkDerivation rec { - version = "1.16.0"; + version = "1.17.0"; pname = "netdata"; src = fetchurl { url = "https://github.com/netdata/netdata/releases/download/v${version}/netdata-v${version}.tar.gz"; - sha256 = "0kwbrkv7g9m7l580myd2r8bpxqn6fxmx5vd6xh7x94wygfffhann"; + sha256 = "099xvndf5lql4ipwqhm38lpc65yicmpmkk3a7c2j4m48l3vqw9y6"; }; nativeBuildInputs = [ autoreconfHook pkgconfig ]; diff --git a/pkgs/tools/system/stress-ng/default.nix b/pkgs/tools/system/stress-ng/default.nix index ab7fdf7c4bf..9a9879d5564 100644 --- a/pkgs/tools/system/stress-ng/default.nix +++ b/pkgs/tools/system/stress-ng/default.nix @@ -4,11 +4,11 @@ stdenv.mkDerivation rec { pname = "stress-ng"; - version = "0.10.01"; + version = "0.10.02"; src = fetchurl { url = "https://kernel.ubuntu.com/~cking/tarballs/${pname}/${pname}-${version}.tar.xz"; - sha256 = "0gcgm96prkzysszgq34cpx30y0bx9b5zll7943zwg3941fkg4x2a"; + sha256 = "100daxz0j80jhmpfnqa78mvfwq1qj7zb67y7w9f747a0f1havvim"; }; # All platforms inputs then Linux-only ones diff --git a/pkgs/top-level/aliases.nix b/pkgs/top-level/aliases.nix index 202590f626f..ddd6c1d270b 100644 --- a/pkgs/top-level/aliases.nix +++ b/pkgs/top-level/aliases.nix @@ -373,13 +373,13 @@ mapAliases ({ ucsFonts = ucs-fonts; # added 2016-07-15 ultrastardx-beta = ultrastardx; # added 2017-08-12 usb_modeswitch = usb-modeswitch; # added 2016-05-10 + usbguard-nox = usbguard; # added 2019-09-04 v4l_utils = v4l-utils; # added 2019-08-07 vimbWrapper = vimb; # added 2015-01 vimprobable2Wrapper = vimprobable2; # added 2015-01 virtviewer = virt-viewer; # added 2015-12-24 vorbisTools = vorbis-tools; # added 2016-01-26 webkit = webkitgtk; # added 2019-03-05 - weechat-xmpp = weechatScripts.weechat-xmpp; # added 2018-09-06 weechat-matrix-bridge = weechatScripts.weechat-matrix-bridge; # added 2018-09-06 wineStaging = wine-staging; # added 2018-01-08 winusb = woeusb; # added 2017-12-22 diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 2296119769d..5d6b8037de7 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -360,6 +360,8 @@ in inherit url; }; + installShellFiles = callPackage ../build-support/install-shell-files {}; + lazydocker = callPackage ../tools/misc/lazydocker { }; ld-is-cc-hook = makeSetupHook { name = "ld-is-cc-hook"; } @@ -389,6 +391,8 @@ in nix-gitignore = callPackage ../build-support/nix-gitignore { }; + ociTools = callPackage ../build-support/oci-tools { }; + pathsFromGraph = ../build-support/kernel/paths-from-graph.pl; pruneLibtoolFiles = makeSetupHook { name = "prune-libtool-files"; } @@ -2193,9 +2197,11 @@ in nrg2iso = callPackage ../tools/cd-dvd/nrg2iso { }; libceph = ceph.lib; - ceph = callPackage ../tools/filesystems/ceph { - boost = boost166.override { enablePython = true; }; - }; + inherit (callPackages ../tools/filesystems/ceph { + boost = boost167.override { enablePython = true; python = python37; }; + }) + ceph + ceph-client; ceph-dev = ceph; inherit (callPackages ../tools/security/certmgr { }) @@ -2821,6 +2827,8 @@ in sonobuoy = callPackage ../applications/networking/cluster/sonobuoy { }; + strawberry = libsForQt5.callPackage ../applications/audio/strawberry { }; + tealdeer = callPackage ../tools/misc/tealdeer { }; teamocil = callPackage ../tools/misc/teamocil { }; @@ -7851,7 +7859,7 @@ in psc-package = haskell.lib.justStaticExecutables (haskellPackages.callPackage ../development/compilers/purescript/psc-package { }); - "tacacs+" = callPackage ../servers/tacacs+ { }; + tacacsplus = callPackage ../servers/tacacsplus { }; tamarin-prover = (haskellPackages.callPackage ../applications/science/logic/tamarin-prover { @@ -12716,7 +12724,7 @@ in withGUI = false; }; - mlt = callPackage ../development/libraries/mlt {}; + mlt = callPackage ../development/libraries/mlt { ffmpeg = ffmpeg_4; }; mono-addins = callPackage ../development/libraries/mono-addins { }; @@ -13299,7 +13307,7 @@ in kpmcore = callPackage ../development/libraries/kpmcore { }; mlt = callPackage ../development/libraries/mlt/qt-5.nix { - ffmpeg = ffmpeg_2; + ffmpeg = ffmpeg_4; }; openbr = callPackage ../development/libraries/openbr { }; @@ -15076,6 +15084,7 @@ in prometheus-openvpn-exporter = callPackage ../servers/monitoring/prometheus/openvpn-exporter.nix { }; prometheus-postfix-exporter = callPackage ../servers/monitoring/prometheus/postfix-exporter.nix { }; prometheus-postgres-exporter = callPackage ../servers/monitoring/prometheus/postgres-exporter.nix { }; + prometheus-process-exporter = callPackage ../servers/monitoring/prometheus/process-exporter.nix { }; prometheus-pushgateway = callPackage ../servers/monitoring/prometheus/pushgateway.nix { }; prometheus-rabbitmq-exporter = callPackage ../servers/monitoring/prometheus/rabbitmq-exporter.nix { }; prometheus-snmp-exporter = callPackage ../servers/monitoring/prometheus/snmp-exporter.nix { @@ -15928,7 +15937,7 @@ in perf = callPackage ../os-specific/linux/kernel/perf.nix { }; - phc-intel = callPackage ../os-specific/linux/phc-intel { }; + phc-intel = if stdenv.lib.versionAtLeast kernel.version "4.10" then callPackage ../os-specific/linux/phc-intel { } else null; # Disable for kernels 4.15 and above due to compatibility issues prl-tools = if stdenv.lib.versionOlder kernel.version "4.15" then callPackage ../os-specific/linux/prl-tools { } else null; @@ -16527,14 +16536,10 @@ in upower = callPackage ../os-specific/linux/upower { }; - usbguard = libsForQt5.callPackage ../os-specific/linux/usbguard { + usbguard = callPackage ../os-specific/linux/usbguard { libgcrypt = null; }; - usbguard-nox = usbguard.override { - withGui = false; - }; - usbtop = callPackage ../os-specific/linux/usbtop { }; usbutils = callPackage ../os-specific/linux/usbutils { }; @@ -17388,6 +17393,8 @@ in avocode = callPackage ../applications/graphics/avocode {}; + azpainter = callPackage ../applications/graphics/azpainter { }; + cadence = libsForQt5.callPackage ../applications/audio/cadence { }; milkytracker = callPackage ../applications/audio/milkytracker { }; @@ -19377,6 +19384,8 @@ in mhwaveedit = callPackage ../applications/audio/mhwaveedit {}; + michabo = libsForQt5.callPackage ../applications/misc/michabo { }; + mid2key = callPackage ../applications/audio/mid2key { }; midori-unwrapped = callPackage ../applications/networking/browsers/midori { }; @@ -20382,7 +20391,7 @@ in sakura = callPackage ../applications/misc/sakura { }; - sayonara = callPackage ../applications/audio/sayonara { }; + sayonara = libsForQt5.callPackage ../applications/audio/sayonara { }; sbagen = callPackage ../applications/misc/sbagen { }; @@ -24135,6 +24144,8 @@ in nix-serve = callPackage ../tools/package-management/nix-serve { }; + nixfmt = haskell.lib.justStaticExecutables haskellPackages.nixfmt; + nixpkgs-fmt = callPackage ../tools/nix/nixpkgs-fmt { }; nixos-artwork = callPackage ../data/misc/nixos-artwork { }; diff --git a/pkgs/top-level/python-packages.nix b/pkgs/top-level/python-packages.nix index 0e71d1de3ec..97a76a1e3e5 100644 --- a/pkgs/top-level/python-packages.nix +++ b/pkgs/top-level/python-packages.nix @@ -2435,6 +2435,8 @@ in { ijson = callPackage ../development/python-modules/ijson {}; + imagecodecs-lite = disabledIf (!isPy3k) (callPackage ../development/python-modules/imagecodecs-lite { }); + imagesize = callPackage ../development/python-modules/imagesize { }; image-match = callPackage ../development/python-modules/image-match { }; @@ -4431,6 +4433,8 @@ in { pyupdate = callPackage ../development/python-modules/pyupdate {}; + pyvmomi = callPackage ../development/python-modules/pyvmomi { }; + pyx = callPackage ../development/python-modules/pyx { }; mmpython = callPackage ../development/python-modules/mmpython { }; @@ -6182,6 +6186,8 @@ in { yattag = callPackage ../development/python-modules/yattag { }; + xenomapper = disabledIf (!isPy3k) (callPackage ../applications/science/biology/xenomapper { }); + z3 = (toPythonModule (pkgs.z3.override { inherit python; })).python; |