Merge master into staging-next

This commit is contained in:
github-actions[bot] 2024-10-16 00:14:08 +00:00 committed by GitHub
commit 961e42940f
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
37 changed files with 400 additions and 185 deletions

View File

@ -22652,6 +22652,13 @@
githubId = 144771550;
name = "Luca Uricariu";
};
voronind = {
email = "hi@voronind.com";
name = "Dmitry Voronin";
github = "voronind-com";
githubId = 22127600;
keys = [ { fingerprint = "3241 FDAD 82A7 E22D 4279 F405 913F 3267 9278 2E1C"; } ];
};
votava = {
email = "votava@gmail.com";
github = "janvotava";

View File

@ -752,6 +752,16 @@ with lib.maintainers;
enableFeatureFreezePing = true;
};
ngi = {
members = [
eljamm
fricklerhandwerk
wegank
];
scope = "Maintain NGI-supported software.";
shortName = "NGI";
};
node = {
members = [ winter ];
scope = "Maintain Node.js runtimes and build tooling.";

View File

@ -187,6 +187,8 @@
- [Fedimint](https://github.com/fedimint/fedimint), a module based system for building federated applications (Federated E-Cash Mint). Available as [services.fedimintd](#opt-services.fedimintd).
- [Zapret](https://github.com/bol-van/zapret), a DPI bypass tool. Available as [services.zapret](option.html#opt-services.zapret).
## Backward Incompatibilities {#sec-release-24.11-incompatibilities}
- The `sound` options have been removed or renamed, as they had a lot of unintended side effects. See [below](#sec-release-24.11-migration-sound) for details.

View File

@ -17,6 +17,7 @@ let
filterAttrs
flatten
flip
hasPrefix
head
isInt
isFloat
@ -196,6 +197,10 @@ in rec {
optional (attr ? ${name})
"Systemd ${group} field `${name}' has been removed. See ${see}";
assertKeyIsSystemdCredential = name: group: attr:
optional (attr ? ${name} && !(hasPrefix "@" attr.${name}))
"Systemd ${group} field `${name}' is not a systemd credential";
checkUnitConfig = group: checks: attrs: let
# We're applied at the top-level type (attrsOf unitOption), so the actual
# unit options might contain attributes from mkOverride and mkIf that we need to

View File

@ -1277,6 +1277,7 @@
./services/networking/xray.nix
./services/networking/xrdp.nix
./services/networking/yggdrasil.nix
./services/networking/zapret.nix
./services/networking/zerobin.nix
./services/networking/zeronet.nix
./services/networking/zerotierone.nix

View File

@ -20,6 +20,11 @@
settingsFormat = pkgs.formats.yaml {};
configFile = settingsFormat.generate "headscale.yaml" cfg.settings;
cliConfigFile = settingsFormat.generate "headscale.yaml" cliConfig;
assertRemovedOption = option: message: {
assertion = !lib.hasAttrByPath option cfg;
message = "The option `services.headscale.${lib.options.showOption option}` was removed. " + message;
};
in {
options = {
services.headscale = {
@ -82,21 +87,6 @@ in {
type = lib.types.submodule {
freeformType = settingsFormat.type;
imports = with lib; [
(mkAliasOptionModule ["acl_policy_path"] ["policy" "path"])
(mkAliasOptionModule ["db_host"] ["database" "postgres" "host"])
(mkAliasOptionModule ["db_name"] ["database" "postgres" "name"])
(mkAliasOptionModule ["db_password_file"] ["database" "postgres" "password_file"])
(mkAliasOptionModule ["db_path"] ["database" "sqlite" "path"])
(mkAliasOptionModule ["db_port"] ["database" "postgres" "port"])
(mkAliasOptionModule ["db_type"] ["database" "type"])
(mkAliasOptionModule ["db_user"] ["database" "postgres" "user"])
(mkAliasOptionModule ["dns_config" "base_domain"] ["dns" "base_domain"])
(mkAliasOptionModule ["dns_config" "domains"] ["dns" "search_domains"])
(mkAliasOptionModule ["dns_config" "magic_dns"] ["dns" "magic_dns"])
(mkAliasOptionModule ["dns_config" "nameservers"] ["dns" "nameservers" "global"])
];
options = {
server_url = lib.mkOption {
type = lib.types.str;
@ -299,7 +289,6 @@ in {
default = true;
description = ''
Whether to use [MagicDNS](https://tailscale.com/kb/1081/magicdns/).
Only works if there is at least a nameserver defined.
'';
example = false;
};
@ -309,11 +298,13 @@ in {
default = "";
description = ''
Defines the base domain to create the hostnames for MagicDNS.
{option}`baseDomain` must be a FQDNs, without the trailing dot.
The FQDN of the hosts will be
`hostname.namespace.base_domain` (e.g.
`myhost.mynamespace.example.com`).
This domain must be different from the {option}`server_url`
domain.
{option}`base_domain` must be a FQDN, without the trailing dot.
The FQDN of the hosts will be `hostname.base_domain` (e.g.
`myhost.tailnet.example.com`).
'';
example = "tailnet.example.com";
};
nameservers = {
@ -500,6 +491,30 @@ in {
];
config = lib.mkIf cfg.enable {
assertions = [
{
# This is stricter than it needs to be but is exactly what upstream does:
# https://github.com/kradalby/headscale/blob/adc084f20f843d7963c999764fa83939668d2d2c/hscontrol/types/config.go#L799
assertion = with cfg.settings; dns.use_username_in_magic_dns or false || dns.base_domain == "" || !lib.hasInfix dns.base_domain server_url;
message = "server_url cannot contain the base_domain, this will cause the headscale server and embedded DERP to become unreachable from the Tailscale node.";
}
{
assertion = with cfg.settings; dns.magic_dns -> dns.base_domain != "";
message = "dns.base_domain must be set when using MagicDNS";
}
(assertRemovedOption ["settings" "acl_policy_path"] "Use `policy.path` instead.")
(assertRemovedOption ["settings" "db_host"] "Use `database.postgres.host` instead.")
(assertRemovedOption ["settings" "db_name"] "Use `database.postgres.name` instead.")
(assertRemovedOption ["settings" "db_password_file"] "Use `database.postgres.password_file` instead.")
(assertRemovedOption ["settings" "db_path"] "Use `database.sqlite.path` instead.")
(assertRemovedOption ["settings" "db_port"] "Use `database.postgres.port` instead.")
(assertRemovedOption ["settings" "db_type"] "Use `database.type` instead.")
(assertRemovedOption ["settings" "db_user"] "Use `database.postgres.user` instead.")
(assertRemovedOption ["settings" "dns_config"] "Use `dns` instead.")
(assertRemovedOption ["settings" "dns_config" "domains"] "Use `dns.search_domains` instead.")
(assertRemovedOption ["settings" "dns_config" "nameservers"] "Use `dns.nameservers.global` instead.")
];
services.headscale.settings = lib.mkMerge [
cliConfig
{

View File

@ -5,8 +5,6 @@ with lib;
let
cfg = config.services.resilio;
resilioSync = pkgs.resilio-sync;
sharedFoldersRecord = map (entry: {
dir = entry.directory;
@ -83,6 +81,8 @@ in
'';
};
package = mkPackageOption pkgs "resilio-sync" { };
deviceName = mkOption {
type = types.str;
example = "Voltron";
@ -285,7 +285,7 @@ in
RuntimeDirectory = "rslsync";
ExecStartPre = "${createConfig}/bin/create-resilio-config";
ExecStart = ''
${resilioSync}/bin/rslsync --nodaemon --config ${runConfigPath}
${lib.getExe cfg.package} --nodaemon --config ${runConfigPath}
'';
};
};

View File

@ -0,0 +1,159 @@
{
lib,
config,
pkgs,
...
}:
let
cfg = config.services.zapret;
whitelist = lib.optionalString (
cfg.whitelist != null
) "--hostlist ${pkgs.writeText "zapret-whitelist" (lib.concatStringsSep "\n" cfg.whitelist)}";
blacklist =
lib.optionalString (cfg.blacklist != null)
"--hostlist-exclude ${pkgs.writeText "zapret-blacklist" (lib.concatStringsSep "\n" cfg.blacklist)}";
ports = if cfg.httpSupport then "80,443" else "443";
in
{
options.services.zapret = {
enable = lib.mkEnableOption "the Zapret DPI bypass service.";
package = lib.mkPackageOption pkgs "zapret" { };
params = lib.mkOption {
default = [ ];
type = with lib.types; listOf str;
example = ''
[
"--dpi-desync=fake,disorder2"
"--dpi-desync-ttl=1"
"--dpi-desync-autottl=2"
];
'';
description = ''
Specify the bypass parameters for Zapret binary.
There are no universal parameters as they vary between different networks, so you'll have to find them yourself.
This can be done by running the `blockcheck` binary from zapret package, i.e. `nix-shell -p zapret --command blockcheck`.
It'll try different params and then tell you which params are working for your network.
'';
};
whitelist = lib.mkOption {
default = null;
type = with lib.types; nullOr (listOf str);
example = ''
[
"youtube.com"
"googlevideo.com"
"ytimg.com"
"youtu.be"
]
'';
description = ''
Specify a list of domains to bypass. All other domains will be ignored.
You can specify either whitelist or blacklist, but not both.
If neither are specified, then bypass all domains.
It is recommended to specify the whitelist. This will make sure that other resources won't be affected by this service.
'';
};
blacklist = lib.mkOption {
default = null;
type = with lib.types; nullOr (listOf str);
example = ''
[
"example.com"
]
'';
description = ''
Specify a list of domains NOT to bypass. All other domains will be bypassed.
You can specify either whitelist or blacklist, but not both.
If neither are specified, then bypass all domains.
'';
};
qnum = lib.mkOption {
default = 200;
type = lib.types.int;
description = ''
Routing queue number.
Only change this if you already use the default queue number somewhere else.
'';
};
configureFirewall = lib.mkOption {
default = true;
type = lib.types.bool;
description = ''
Whether to setup firewall routing so that system http(s) traffic is forwarded via this service.
Disable if you want to set it up manually.
'';
};
httpSupport = lib.mkOption {
default = true;
type = lib.types.bool;
description = ''
Whether to route http traffic on port 80.
Http bypass rarely works and you might want to disable it if you don't utilise http connections.
'';
};
};
config = lib.mkIf cfg.enable (
lib.mkMerge [
{
assertions = [
{
assertion = (cfg.whitelist == null) || (cfg.blacklist == null);
message = "Can't specify both whitelist and blacklist.";
}
{
assertion = (builtins.length cfg.params) != 0;
message = "You have to specify zapret parameters. See the params option's description.";
}
];
systemd.services.zapret = {
description = "DPI bypass service";
wantedBy = [ "multi-user.target" ];
after = [ "network.target" ];
serviceConfig = {
ExecStart = "${cfg.package}/bin/nfqws --pidfile=/run/nfqws.pid ${lib.concatStringsSep " " cfg.params} ${whitelist} ${blacklist} --qnum=${toString cfg.qnum}";
Type = "simple";
PIDFile = "/run/nfqws.pid";
Restart = "always";
RuntimeMaxSec = "1h"; # This service loves to crash silently or cause network slowdowns. It also restarts instantly. In my experience restarting it hourly provided the best experience.
# hardening
DevicePolicy = "closed";
KeyringMode = "private";
PrivateTmp = true;
PrivateMounts = true;
ProtectHome = true;
ProtectHostname = true;
ProtectKernelModules = true;
ProtectKernelTunables = true;
ProtectSystem = "strict";
ProtectProc = "invisible";
RemoveIPC = true;
RestrictNamespaces = true;
RestrictRealtime = true;
RestrictSUIDSGID = true;
SystemCallArchitectures = "native";
};
};
}
# Route system traffic via service for specified ports.
(lib.mkIf cfg.configureFirewall {
networking.firewall.extraCommands = ''
iptables -t mangle -I POSTROUTING -p tcp -m multiport --dports ${ports} -m connbytes --connbytes-dir=original --connbytes-mode=packets --connbytes 1:6 -m mark ! --mark 0x40000000/0x40000000 -j NFQUEUE --queue-num ${toString cfg.qnum} --queue-bypass
'';
})
]
);
meta.maintainers = with lib.maintainers; [
voronind
nishimara
];
}

View File

@ -4,8 +4,6 @@ with lib;
let
cfg = config.services.freshrss;
poolName = "freshrss";
extension-env = pkgs.buildEnv {
name = "freshrss-extensions";
paths = cfg.extensions;
@ -141,8 +139,8 @@ in
};
pool = mkOption {
type = types.str;
default = poolName;
type = types.nullOr types.str;
default = "freshrss";
description = ''
Name of the php-fpm pool to use and setup. If not specified, a pool will be created
with default values.
@ -235,8 +233,8 @@ in
};
# Set up phpfpm pool
services.phpfpm.pools = mkIf (cfg.pool == poolName) {
${poolName} = {
services.phpfpm.pools = mkIf (cfg.pool != null) {
${cfg.pool} = {
user = "freshrss";
settings = {
"listen.owner" = "nginx";
@ -271,9 +269,9 @@ in
let
settingsFlags = concatStringsSep " \\\n "
(mapAttrsToList (k: v: "${k} ${toString v}") {
"--default_user" = ''"${cfg.defaultUser}"'';
"--auth_type" = ''"${cfg.authType}"'';
"--base_url" = ''"${cfg.baseUrl}"'';
"--default-user" = ''"${cfg.defaultUser}"'';
"--auth-type" = ''"${cfg.authType}"'';
"--base-url" = ''"${cfg.baseUrl}"'';
"--language" = ''"${cfg.language}"'';
"--db-type" = ''"${cfg.database.type}"'';
# The following attributes are optional depending on the type of

View File

@ -411,11 +411,14 @@ let
(assertValueOneOf "Layer2SpecificHeader" [ "none" "default" ])
];
# NOTE The PrivateKey directive is missing on purpose here, please
# do not add it to this list. The nix store is world-readable let's
# refrain ourselves from providing a footgun.
# NOTE Check whether the key starts with an @, in which case it is
# interpreted as the name of the credential from which the actual key
# shall be read by systemd-creds.
# Do not remove this check as the nix store is world-readable.
sectionWireGuard = checkUnitConfig "WireGuard" [
(assertKeyIsSystemdCredential "PrivateKey")
(assertOnlyFields [
"PrivateKey"
"PrivateKeyFile"
"ListenPort"
"FirewallMark"
@ -426,12 +429,15 @@ let
(assertRange "FirewallMark" 1 4294967295)
];
# NOTE The PresharedKey directive is missing on purpose here, please
# do not add it to this list. The nix store is world-readable,let's
# refrain ourselves from providing a footgun.
# NOTE Check whether the key starts with an @, in which case it is
# interpreted as the name of the credential from which the actual key
# shall be read by systemd-creds.
# Do not remove this check as the nix store is world-readable.
sectionWireGuardPeer = checkUnitConfigWithLegacyKey "wireguardPeerConfig" "WireGuardPeer" [
(assertKeyIsSystemdCredential "PresharedKey")
(assertOnlyFields [
"PublicKey"
"PresharedKey"
"PresharedKeyFile"
"AllowedIPs"
"Endpoint"

View File

@ -38,6 +38,7 @@ import ./make-test-python.nix ({ pkgs, lib, ... }:
region_id = 999;
stun_listen_addr = "0.0.0.0:${toString stunPort}";
};
dns.base_domain = "tailnet";
};
};
nginx = {
@ -77,6 +78,6 @@ import ./make-test-python.nix ({ pkgs, lib, ... }:
# Check that they are reachable from the tailnet
peer1.wait_until_succeeds("tailscale ping peer2")
peer2.wait_until_succeeds("tailscale ping peer1")
peer2.wait_until_succeeds("tailscale ping peer1.tailnet")
'';
})

View File

@ -1,4 +1,4 @@
let generateNodeConf = { lib, pkgs, config, privk, pubk, peerId, nodeId, ...}: {
let generateNodeConf = { lib, pkgs, config, privk, pubk, systemdCreds, peerId, nodeId, ...}: {
imports = [ common/user-account.nix ];
systemd.services.systemd-networkd.environment.SYSTEMD_LOG_LEVEL = "debug";
networking.useNetworkd = true;
@ -6,6 +6,7 @@ let generateNodeConf = { lib, pkgs, config, privk, pubk, peerId, nodeId, ...}: {
networking.firewall.enable = false;
virtualisation.vlans = [ 1 ];
environment.systemPackages = with pkgs; [ wireguard-tools ];
environment.etc."credstore/network.wireguard.private" = lib.mkIf systemdCreds { text = privk; };
systemd.network = {
enable = true;
config = {
@ -15,11 +16,14 @@ let generateNodeConf = { lib, pkgs, config, privk, pubk, peerId, nodeId, ...}: {
"90-wg0" = {
netdevConfig = { Kind = "wireguard"; Name = "wg0"; };
wireguardConfig = {
# Test storing wireguard private key using systemd credentials.
PrivateKey = lib.mkIf systemdCreds "@network.wireguard.private";
# NOTE: we're storing the wireguard private key in the
# store for this test. Do not do this in the real
# world. Keep in mind the nix store is
# world-readable.
PrivateKeyFile = pkgs.writeText "wg0-priv" privk;
PrivateKeyFile = lib.mkIf (!systemdCreds) (pkgs.writeText "wg0-priv" privk);
ListenPort = 51820;
FirewallMark = 42;
};
@ -74,6 +78,7 @@ in import ./make-test-python.nix ({pkgs, ... }: {
let localConf = {
privk = "GDiXWlMQKb379XthwX0haAbK6hTdjblllpjGX0heP00=";
pubk = "iRxpqj42nnY0Qz8MAQbSm7bXxXP5hkPqWYIULmvW+EE=";
systemdCreds = false;
nodeId = "1";
peerId = "2";
};
@ -83,6 +88,7 @@ in import ./make-test-python.nix ({pkgs, ... }: {
let localConf = {
privk = "eHxSI2jwX/P4AOI0r8YppPw0+4NZnjOxfbS5mt06K2k=";
pubk = "27s0OvaBBdHoJYkH9osZpjpgSOVNw+RaKfboT/Sfq0g=";
systemdCreds = true;
nodeId = "2";
peerId = "1";
};

View File

@ -13,14 +13,14 @@
stdenv.mkDerivation (finalAttrs: {
pname = "qpwgraph";
version = "0.7.5";
version = "0.7.8";
src = fetchFromGitLab {
domain = "gitlab.freedesktop.org";
owner = "rncbc";
repo = "qpwgraph";
rev = "v${finalAttrs.version}";
sha256 = "sha256-EMBoP0gmJ1JwjkCc1UjTM4BgeYhFSFhUOD14rJRow1o=";
sha256 = "sha256-Ap2iSYalsyzUq/MvKUim3l29FFYid0FLUBKQ29FyWDg=";
};
nativeBuildInputs = [ cmake pkg-config wrapQtAppsHook ];

View File

@ -14,13 +14,13 @@
stdenv.mkDerivation rec {
pname = "focuswriter";
version = "1.8.8";
version = "1.8.9";
src = fetchFromGitHub {
owner = "gottcode";
repo = "focuswriter";
rev = "v${version}";
hash = "sha256-6DUUY7pqhmalxTq/LnJteQkd5Z001+kyQb/cUtmuZI4=";
hash = "sha256-FFfNjjVwi0bE6oc8LYhXrCKd+nwRQrjWzK5P4DSIIgs=";
};
nativeBuildInputs = [ pkg-config cmake qttools wrapQtAppsHook ];

View File

@ -1,6 +1,5 @@
{ lib
, stdenv
, mkDerivation
, fetchFromGitHub
, installShellFiles
, pkg-config
@ -14,18 +13,19 @@
, qtsvg
, qtxmlpatterns
, qtmacextras
, wrapQtAppsHook
}:
mkDerivation rec {
stdenv.mkDerivation rec {
pname = "qcad";
version = "3.30.1.3";
version = "3.31.1.2";
src = fetchFromGitHub {
name = "qcad-${version}-src";
owner = "qcad";
repo = "qcad";
rev = "v${version}";
hash = "sha256-bGSXFX1LuNZzs981t0GZxnMPzyJ+bddB4m/wkLMsfg0=";
hash = "sha256-lTe/XCW/qUARfIpcps1RMjubLiIR7cvYMZ0XgebaDrk=";
};
patches = [
@ -47,6 +47,7 @@ mkDerivation rec {
pkg-config
qmake
qttools
wrapQtAppsHook
];
buildInputs = [

View File

@ -22,13 +22,13 @@
stdenv.mkDerivation (finalAttrs: {
pname = "lagrange";
version = "1.18.1";
version = "1.18.3";
src = fetchFromGitHub {
owner = "skyjake";
repo = "lagrange";
rev = "v${finalAttrs.version}";
hash = "sha256-iIUWF93RZheW4uf3zgs1jqDjQnn0nFH7GOMaLBR0w0o=";
hash = "sha256-ewpSZD+pCr6gbzT+4lW2+6tssPNLq4rqgUx7p8IsjIY=";
};
nativeBuildInputs = [

View File

@ -2,7 +2,6 @@
, buildNpmPackage
, cargo
, copyDesktopItems
, dbus
, electron_32
, fetchFromGitHub
, glib
@ -135,7 +134,6 @@ in buildNpmPackage rec {
doCheck = true;
nativeCheckInputs = [
dbus
(gnome-keyring.override { useWrappedDaemon = false; })
];
@ -146,14 +144,12 @@ in buildNpmPackage rec {
checkPhase = ''
runHook preCheck
pushd ${cargoRoot}
export HOME=$(mktemp -d)
export -f cargoCheckHook runHook _eval _callImplicitHook _logHook
export cargoCheckType=release
dbus-run-session \
--config-file=${dbus}/share/dbus-1/session.conf \
-- bash -e -c cargoCheckHook
popd
(
cd ${cargoRoot}
HOME=$(mktemp -d)
cargoCheckType=release
cargoCheckHook
)
runHook postCheck
'';

View File

@ -6,7 +6,7 @@
stdenv.mkDerivation rec {
pname = "boundary";
version = "0.17.1";
version = "0.18.0";
src =
let
@ -19,10 +19,10 @@ stdenv.mkDerivation rec {
aarch64-darwin = "darwin_arm64";
};
hash = selectSystem {
x86_64-linux = "sha256-U7ZCmpmcZpgLkf2jwc35Q9jezxUzaKp85WX2Tqs5IFI=";
aarch64-linux = "sha256-gYbeC+f/EXfhzUtwojjvyEATri1XpHpu+JPQtj4oRb4=";
x86_64-darwin = "sha256-N6Uy5JiU9mW1/muHYF6Rf1KLX1iXYt/5ct1IHeFUgds=";
aarch64-darwin = "sha256-Oxfzy/9ggcJXS+tXiYmJXSiqbMKw4vv9RMquUuOlJ08=";
x86_64-linux = "sha256-Wp1gPFQkOv+ZCEy0D2Tw9l6aCZekdpkXYcTZNheJHEg=";
aarch64-linux = "sha256-jBYu4m3L+j/coJ4D9cPA8mSBYiLiUyVKp98x6mdrrrk=";
x86_64-darwin = "sha256-OuiF1pgutt69ghlkLkEwkWMIFjvAsY7YUZERHNiToMs=";
aarch64-darwin = "sha256-sYKA02euri/K8FM8GoY7Y/WWLE2nBSoiNoxSdUPunWA=";
};
in
fetchzip {

View File

@ -32,24 +32,21 @@ stdenv.mkDerivation (finalAttrs: {
nativeBuildInputs = [ cmake ] ++ lib.optionals (withManual || withHTML) [ sphinx ];
buildInputs = [
libclang
libffi
libxml2
llvm
zlib
] ++ lib.optionals (!stdenv.hostPlatform.isDarwin) [ libclang ];
];
cmakeFlags =
[
(lib.cmakeOptionType "path" "CLANG_RESOURCE_DIR"
"${lib.getLib libclang}/lib/clang/${lib.versions.major libclang.version}"
)
cmakeFlags = [
(lib.cmakeOptionType "path" "CLANG_RESOURCE_DIR"
"${lib.getLib libclang}/lib/clang/${lib.versions.major libclang.version}"
)
(lib.cmakeBool "SPHINX_HTML" withHTML)
(lib.cmakeBool "SPHINX_MAN" withManual)
]
++ lib.optionals stdenv.hostPlatform.isDarwin [
(lib.cmakeOptionType "path" "Clang_DIR" "${lib.getDev libclang}/lib/cmake/clang")
];
(lib.cmakeBool "SPHINX_HTML" withHTML)
(lib.cmakeBool "SPHINX_MAN" withManual)
];
doCheck = true;

View File

@ -9,13 +9,13 @@
stdenv.mkDerivation rec {
pname = "dinit";
version = "0.19.0";
version = "0.19.1";
src = fetchFromGitHub {
owner = "davmac314";
repo = "dinit";
rev = "v${version}";
hash = "sha256-ApB0pEFSyawNASF/rqRmhT4FLofZzYmNdNmG2FGpnnk=";
hash = "sha256-z5qfC+aUwSK7UJ2RcyNHcUAUYXKbMrWmqmcn7fJVLD8=";
};
postPatch = ''

View File

@ -66,9 +66,7 @@ stdenv.mkDerivation {
description = "Structural Netlist API (and more) for EDA post synthesis flow development";
homepage = "https://github.com/najaeda/naja";
license = lib.licenses.asl20;
maintainers = [
# maintained by the team working on NGI-supported software, no group for this yet
];
maintainers = lib.teams.ngi.members;
mainProgram = "naja_edit";
platforms = lib.platforms.all;
};

View File

@ -52,9 +52,7 @@ buildGoModule {
description = "A webpage bookmarking and snapshotting service";
homepage = "https://github.com/asciimoo/omnom";
license = lib.licenses.agpl3Only;
maintainers = [
# maintained by the team working on NGI-supported software, no group for this yet
];
maintainers = lib.teams.ngi.members;
mainProgram = "omnom";
};
}

View File

@ -10,14 +10,14 @@
python3Packages.buildPythonApplication rec {
pname = "pdfarranger";
version = "1.11.0";
version = "1.11.1";
pyproject = true;
src = fetchFromGitHub {
owner = "pdfarranger";
repo = "pdfarranger";
rev = "refs/tags/${version}";
hash = "sha256-bHV6EluA7xp+HyejnSWJwfRBDcTuZq5Gzz0KWIs0qhA=";
hash = "sha256-94qziqJaKW8/L/6+U1yojxdG8BmeAStn+qbfGemTrVA=";
};
nativeBuildInputs = [ wrapGAppsHook3 ];

View File

@ -99,9 +99,9 @@ checksum = "1fd0f2584146f6f2ef48085050886acf353beff7305ebd1ae69500e27c67f64b"
[[package]]
name = "cc"
version = "1.1.27"
version = "1.1.30"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "677207f6eaec43fcfd092a718c847fc38aa261d0e19b8ef6797e0ccbe789e738"
checksum = "b16803a61b81d9eabb7eae2588776c4c1e584b738ede45fdbb4c972cec1e9945"
dependencies = [
"shlex",
]
@ -145,23 +145,25 @@ checksum = "60b1af1c220855b6ceac025d3f6ecdd2b7c4894bfe9cd9bda4fbb4bc7c0d4cf0"
[[package]]
name = "els"
version = "0.1.58-nightly.4"
version = "0.1.58"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "82ca64c7e007a801f3c026026d4f7c65193ca2ccfab19018cf47b0946ed1de86"
checksum = "ab76dea4883a3e75fab38a6cd6c761346fec5909850c557fcbd683f7bd30b54e"
dependencies = [
"erg_common",
"erg_compiler",
"libc",
"lsp-types",
"molc",
"serde",
"serde_json",
"windows",
]
[[package]]
name = "erg_common"
version = "0.6.46-nightly.4"
version = "0.6.46"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "c91d7308be743f27d0bcb6778d85d76bfad86fc54ae53ae5fab06b37bd54fd74"
checksum = "9cef7281a06474cd12e7eb653d164777023440b13a28c8834124770c4b8f65fa"
dependencies = [
"backtrace-on-stack-overflow",
"erg_proc_macros",
@ -172,9 +174,9 @@ dependencies = [
[[package]]
name = "erg_compiler"
version = "0.6.46-nightly.4"
version = "0.6.46"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "a2ca9d5eb0b29b60d7ac8d7d639add33a4b331b35e4739775f0bd0f1e94be764"
checksum = "0bf1c1e83a364fafbcec194a27affd02bf4538740c34c1617c45d960d4a3e33c"
dependencies = [
"erg_common",
"erg_parser",
@ -182,9 +184,9 @@ dependencies = [
[[package]]
name = "erg_parser"
version = "0.6.46-nightly.4"
version = "0.6.46"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "f0d0f70495239bd721afb1be7ba33c9146cbd7d4d578bd65fcb86e52561224e0"
checksum = "9c65037a0c9b890d8f810f7a827b897fba6ae950b34258b1450c9ab1e310813c"
dependencies = [
"erg_common",
"erg_proc_macros",
@ -193,9 +195,9 @@ dependencies = [
[[package]]
name = "erg_proc_macros"
version = "0.6.46-nightly.4"
version = "0.6.46"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "61073a06b84b2e9c36b3645494102780936b560ba80f8c466cf2cdc374740f3e"
checksum = "29d7235082b39bf55cdec52da8c010c2d2d9ff7d41dde051158b7815f560f321"
dependencies = [
"quote",
"syn 1.0.109",
@ -552,16 +554,16 @@ dependencies = [
[[package]]
name = "proc-macro2"
version = "1.0.86"
version = "1.0.87"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "5e719e8df665df0d1c8fbfd238015744736151d4445ec0836b8e628aae103b77"
checksum = "b3e4daa0dcf6feba26f985457cdf104d4b4256fc5a09547140f3631bb076b19a"
dependencies = [
"unicode-ident",
]
[[package]]
name = "py2erg"
version = "0.0.65"
version = "0.0.66"
dependencies = [
"erg_common",
"erg_compiler",
@ -571,7 +573,7 @@ dependencies = [
[[package]]
name = "pylyzer"
version = "0.0.65"
version = "0.0.66"
dependencies = [
"els",
"erg_common",
@ -581,7 +583,7 @@ dependencies = [
[[package]]
name = "pylyzer_core"
version = "0.0.65"
version = "0.0.66"
dependencies = [
"erg_common",
"erg_compiler",
@ -592,7 +594,7 @@ dependencies = [
[[package]]
name = "pylyzer_wasm"
version = "0.0.65"
version = "0.0.66"
dependencies = [
"erg_common",
"erg_compiler",
@ -1005,9 +1007,9 @@ checksum = "9c8d87e72b64a3b4db28d11ce29237c246188f4f51057d65a7eab63b7987e423"
[[package]]
name = "wasm-bindgen"
version = "0.2.93"
version = "0.2.95"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "a82edfc16a6c469f5f44dc7b571814045d60404b55a0ee849f9bcfa2e63dd9b5"
checksum = "128d1e363af62632b8eb57219c8fd7877144af57558fb2ef0368d0087bddeb2e"
dependencies = [
"cfg-if",
"once_cell",
@ -1016,9 +1018,9 @@ dependencies = [
[[package]]
name = "wasm-bindgen-backend"
version = "0.2.93"
version = "0.2.95"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "9de396da306523044d3302746f1208fa71d7532227f15e347e2d93e4145dd77b"
checksum = "cb6dd4d3ca0ddffd1dd1c9c04f94b868c37ff5fac97c30b97cff2d74fce3a358"
dependencies = [
"bumpalo",
"log",
@ -1031,9 +1033,9 @@ dependencies = [
[[package]]
name = "wasm-bindgen-macro"
version = "0.2.93"
version = "0.2.95"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "585c4c91a46b072c92e908d99cb1dcdf95c5218eeb6f3bf1efa991ee7a68cccf"
checksum = "e79384be7f8f5a9dd5d7167216f022090cf1f9ec128e6e6a482a2cb5c5422c56"
dependencies = [
"quote",
"wasm-bindgen-macro-support",
@ -1041,9 +1043,9 @@ dependencies = [
[[package]]
name = "wasm-bindgen-macro-support"
version = "0.2.93"
version = "0.2.95"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "afc340c74d9005395cf9dd098506f7f44e38f2b4a21c6aaacf9a105ea5e1e836"
checksum = "26c6ab57572f7a24a4985830b120de1594465e5d500f24afe89e16b4e833ef68"
dependencies = [
"proc-macro2",
"quote",
@ -1054,9 +1056,9 @@ dependencies = [
[[package]]
name = "wasm-bindgen-shared"
version = "0.2.93"
version = "0.2.95"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "c62a0a307cb4a311d3a07867860911ca130c3494e8c2719593806c08bc5d0484"
checksum = "65fc09f10666a9f147042251e0dda9c18f166ff7de300607007e96bdebc1068d"
[[package]]
name = "windows"

View File

@ -15,13 +15,13 @@
rustPlatform.buildRustPackage rec {
pname = "pylyzer";
version = "0.0.65";
version = "0.0.66";
src = fetchFromGitHub {
owner = "mtshiba";
repo = "pylyzer";
rev = "refs/tags/v${version}";
hash = "sha256-pHFsrC5SefXEnxgIk/OkRdOOAuYZLhZYVYu41MYtxJs=";
hash = "sha256-vDeQ7IuECykBtcu4qvKKhcr/3vCXjN1JyL3/D4kwnng=";
};
cargoLock = {

View File

@ -0,0 +1,32 @@
{
lib,
fetchFromGitHub,
python3Packages,
}:
let
self = python3Packages.buildPythonApplication {
pname = "setconf";
version = "0.7.7";
src = fetchFromGitHub {
owner = "xyproto";
repo = "setconf";
rev = self.version;
hash = "sha256-HYZdDtDlGrT3zssDdMW3559hhC+cPy8qkmM8d9zEa1A=";
};
build-system = with python3Packages; [ setuptools ];
pyproject = true;
meta = {
homepage = "https://github.com/xyproto/setconf";
description = "Small utility for changing settings in configuration textfiles";
changelog = "https://github.com/xyproto/setconf/releases/tag/${self.src.rev}";
mainProgram = "setconf";
maintainers = with lib.maintainers; [ AndersonTorres ];
};
};
in
self

View File

@ -48,8 +48,6 @@ rustPlatform.buildRustPackage {
description = "Wire gateway for Bitcoin/Ethereum";
homepage = "https://git.taler.net/depolymerization.git/";
license = lib.licenses.agpl3Only;
maintainers = [
# maintained by the team working on NGI-supported software, no group for this yet
];
maintainers = lib.teams.ngi.members;
};
}

View File

@ -101,9 +101,7 @@ stdenv.mkDerivation (finalAttrs: {
homepage = "https://git.taler.net/wallet-core.git/";
description = "CLI wallet for GNU Taler written in TypeScript and Anastasis Web UI";
license = lib.licenses.gpl3Plus;
maintainers = [
# maintained by the team working on NGI-supported software, no group for this yet
];
maintainers = lib.teams.ngi.members;
platforms = lib.platforms.linux;
mainProgram = "taler-wallet-cli";
};

View File

@ -22,6 +22,7 @@
, valgrind
, python3
, nixosTests
, wayland-scanner
}:
let
@ -86,6 +87,7 @@ stdenv.mkDerivation rec {
cairo
glib
gtk3
wayland-scanner
];
propagatedBuildInputs = [

View File

@ -1,33 +1,36 @@
{ lib, stdenv
, fetchFromGitHub
, perl
, python3
{
lib,
stdenv,
fetchFromGitHub,
perl,
python3,
# Enable BLAS interface with 64-bit integer width.
, blas64 ? false
# Enable BLAS interface with 64-bit integer width.
blas64 ? false,
# Target architecture. "amdzen" compiles kernels for all Zen
# generations. To build kernels for specific Zen generations,
# use "zen", "zen2", "zen3", or "zen4".
, withArchitecture ? "amdzen"
# Target architecture. "amdzen" compiles kernels for all Zen
# generations. To build kernels for specific Zen generations,
# use "zen", "zen2", "zen3", or "zen4".
withArchitecture ? "amdzen",
# Enable OpenMP-based threading.
, withOpenMP ? true
# Enable OpenMP-based threading.
withOpenMP ? true,
}:
let
threadingSuffix = lib.optionalString withOpenMP "-mt";
blasIntSize = if blas64 then "64" else "32";
in stdenv.mkDerivation rec {
in
stdenv.mkDerivation rec {
pname = "amd-blis";
version = "4.2";
version = "5.0";
src = fetchFromGitHub {
owner = "amd";
repo = "blis";
rev = version;
hash = "sha256-mLigzaA2S7qFCQT8UWC6bHWAvBjgpqvtgabPyFWBYT0=";
hash = "sha256-E6JmV4W0plFJfOAPK1Vn7qkmFalwl6OjqSpxYnhAPmw=";
};
inherit blas64;
@ -47,8 +50,7 @@ in stdenv.mkDerivation rec {
configureFlags = [
"--enable-cblas"
"--blas-int-size=${blasIntSize}"
] ++ lib.optionals withOpenMP [ "--enable-threading=openmp" ]
++ [ withArchitecture ];
] ++ lib.optionals withOpenMP [ "--enable-threading=openmp" ] ++ [ withArchitecture ];
postPatch = ''
patchShebangs configure build/flatten-headers.py

View File

@ -6,7 +6,6 @@
# build-system
setuptools,
versioningit,
wheel,
# dependencies
broadbean,
@ -45,8 +44,6 @@
sphinx,
sphinx-issues,
towncrier,
opencensus,
opencensus-ext-azure,
# checks
deepdiff,
@ -62,20 +59,19 @@
buildPythonPackage rec {
pname = "qcodes";
version = "0.48.0";
version = "0.49.0";
pyproject = true;
src = fetchFromGitHub {
owner = "microsoft";
repo = "Qcodes";
rev = "refs/tags/v${version}";
hash = "sha256-Q1WyuK1mCbs75kGY1Aaw7S5EfFRjwqzZnhNyeSx7qc8=";
hash = "sha256-AlrQH0yKbEz+ICdvWWjMD7LQvWl36cFWlp+fegAmtL8=";
};
build-system = [
setuptools
versioningit
wheel
];
dependencies = [
@ -125,10 +121,6 @@ buildPythonPackage rec {
loop = [
# qcodes-loop
];
opencensus = [
opencensus
opencensus-ext-azure
];
refactor = [
libcst
];

View File

@ -5,13 +5,13 @@
buildGoModule rec {
pname = "jq-lsp";
version = "0.1.3";
version = "0.1.4";
src = fetchFromGitHub {
owner = "wader";
repo = "jq-lsp";
rev = "refs/tags/v${version}";
hash = "sha256-c7uK8WPM/h2PLVLFGeN66SztvzjBCgJje7L14+oErVU=";
hash = "sha256-ueSf32C4BznDKBQD0OIJKZhrwLq1xpn6WWEnsqoWkl8=";
};
vendorHash = "sha256-8sZGnoP7l09ZzLJqq8TUCquTOPF0qiwZcFhojUnnEIY=";

View File

@ -8,16 +8,16 @@
rustPlatform.buildRustPackage rec {
pname = "cargo-ndk";
version = "3.5.6";
version = "3.5.7";
src = fetchFromGitHub {
owner = "bbqsrc";
repo = pname;
rev = "v${version}";
sha256 = "sha256-piNKtmDssDeB+DznLl0uufT5BFiVCMmYGuRmBUr5QWQ=";
sha256 = "sha256-tzjiq1jjluWqTl+8MhzFs47VRp3jIRJ7EOLhUP8ydbM=";
};
cargoHash = "sha256-sIKan8LnGv4sGVrGOUOKSD3R4fNRu5yBFATm5MWDTSU=";
cargoHash = "sha256-UthI01fLC35BPp550LaDLoo1kjisUmQZqSud8JM/kqM=";
buildInputs = lib.optionals stdenv.hostPlatform.isDarwin [
CoreGraphics

View File

@ -103,11 +103,11 @@ while [ "$#" -gt 0 ]; do
--use-substitutes|--substitute-on-destination|-s)
copyFlags+=("-s")
;;
--builders)
-I|--builders)
j="$1"; shift 1
extraBuildFlags+=("$i" "$j")
;;
--I|--max-jobs|-j|--cores|--log-format)
--max-jobs|-j|--cores|--log-format)
j="$1"; shift 1
extraBuildFlags+=("$i" "$j")
copyFlags+=("$i" "$j")

View File

@ -1,25 +0,0 @@
{ lib
, buildPythonApplication
, fetchFromGitHub
}:
buildPythonApplication rec {
pname = "setconf";
version = "0.7.7";
format = "setuptools";
src = fetchFromGitHub {
owner = "xyproto";
repo = "setconf";
rev = version;
hash = "sha256-HYZdDtDlGrT3zssDdMW3559hhC+cPy8qkmM8d9zEa1A=";
};
meta = {
homepage = "https://github.com/xyproto/setconf";
description = "Small utility for changing settings in configuration textfiles";
changelog = "https://github.com/xyproto/setconf/releases/tag/${version}";
maintainers = [ lib.maintainers.AndersonTorres ];
mainProgram = "setconf";
};
}

View File

@ -32376,8 +32376,6 @@ with pkgs;
secretscanner = callPackage ../tools/security/secretscanner { };
setconf = python3.pkgs.callPackage ../tools/misc/setconf { };
semiphemeral = callPackage ../tools/misc/semiphemeral { };
semver = callPackage ../applications/misc/semver { };

View File

@ -22390,6 +22390,22 @@ with self; {
};
};
SeleniumRemoteDriver = buildPerlPackage {
pname = "Selenium-Remote-Driver";
version = "1.49";
src = fetchurl {
url = "mirror://cpan/authors/id/T/TE/TEODESIAN/Selenium-Remote-Driver-1.49.tar.gz";
hash = "sha256-yg7/7s6kK72vOVqI5j5EkoWKAAZAfJTRz8QY1BOX+mI=";
};
buildInputs = [ TestDeep TestFatal TestLWPUserAgent TestMockModule ];
propagatedBuildInputs = [ ArchiveZip Clone FileWhich HTTPMessage IOString JSON LWP Moo SubInstall TestLongString TryTiny XMLSimple namespaceclean ];
meta = {
homepage = "https://github.com/teodesian/Selenium-Remote-Driver";
description = "Perl Client for Selenium Remote Driver";
license = lib.licenses.asl20;
};
};
SerealDecoder = buildPerlPackage {
pname = "Sereal-Decoder";
version = "5.004";