mirror of
https://github.com/NixOS/nixpkgs.git
synced 2026-07-06 17:13:24 -05:00
Merge 538087c016 into haskell-updates
This commit is contained in:
commit
4d0ae93287
425 changed files with 39316 additions and 7712 deletions
10
ci/OWNERS
10
ci/OWNERS
|
|
@ -123,10 +123,6 @@ nixos/modules/installer/tools/nix-fallback-paths.nix @Artturin @Ericson2314 @lo
|
|||
/doc/redirects.json @GetPsyched
|
||||
/nixos/doc/manual/redirects.json @GetPsyched
|
||||
|
||||
# NixOS integration test driver
|
||||
/nixos/lib/test-driver @tfc
|
||||
/nixos/lib/testing @tfc
|
||||
|
||||
# NixOS QEMU virtualisation
|
||||
/nixos/modules/virtualisation/qemu-vm.nix @raitobezarius
|
||||
/nixos/modules/services/backup/libvirtd-autosnapshot.nix @6543
|
||||
|
|
@ -520,3 +516,9 @@ pkgs/by-name/wa/warp-terminal/ @emilytrau @imadnyc @FlameFlag @johnrtitor
|
|||
|
||||
# Zellij plugins
|
||||
/pkgs/by-name/ze/zellij/plugins/ @PerchunPak
|
||||
|
||||
# Test-driver
|
||||
/nixos/lib/test-driver @NixOS/test-driver
|
||||
/nixos/lib/testing @NixOS/test-driver
|
||||
/nixos/tests/nixos-test-driver @NixOS/test-driver
|
||||
/nixos/modules/virtualisation/nspawn-container/run-nspawn @NixOS/test-driver
|
||||
|
|
|
|||
|
|
@ -1,85 +0,0 @@
|
|||
# This expression will, as efficiently as possible, dump a
|
||||
# *superset* of all attrpaths of derivations which might be
|
||||
# part of a release on *any* platform.
|
||||
#
|
||||
# This expression runs single-threaded under all current Nix
|
||||
# implementations, but much faster and with much less memory
|
||||
# used than ./outpaths.nix itself.
|
||||
#
|
||||
# Once you have the list of attrnames you can split it up into
|
||||
# $NUM_CORES batches and evaluate the outpaths separately for each
|
||||
# batch, in parallel.
|
||||
#
|
||||
# To dump the attrnames:
|
||||
#
|
||||
# nix-instantiate --eval --strict --json ci/eval/attrpaths.nix -A names
|
||||
#
|
||||
{
|
||||
lib ? import (path + "/lib"),
|
||||
trace ? false,
|
||||
path ? ./../..,
|
||||
extraNixpkgsConfigJson ? "{}",
|
||||
}:
|
||||
let
|
||||
|
||||
# TODO: Use mapAttrsToListRecursiveCond when this PR lands:
|
||||
# https://github.com/NixOS/nixpkgs/pull/395160
|
||||
justAttrNames =
|
||||
path: value:
|
||||
let
|
||||
result =
|
||||
if path == [ "AAAAAASomeThingsFailToEvaluate" ] || !(lib.isAttrs value) then
|
||||
[ ]
|
||||
else if lib.isDerivation value then
|
||||
[ path ]
|
||||
else
|
||||
lib.pipe value [
|
||||
(lib.mapAttrsToList (
|
||||
name: value:
|
||||
lib.addErrorContext "while evaluating package set attribute path '${
|
||||
lib.showAttrPath (path ++ [ name ])
|
||||
}'" (justAttrNames (path ++ [ name ]) value)
|
||||
))
|
||||
lib.concatLists
|
||||
];
|
||||
in
|
||||
lib.traceIf trace "** ${lib.showAttrPath path}" result;
|
||||
|
||||
outpaths = import ./outpaths.nix {
|
||||
inherit path;
|
||||
extraNixpkgsConfig = builtins.fromJSON extraNixpkgsConfigJson;
|
||||
attrNamesOnly = true;
|
||||
};
|
||||
|
||||
paths = [
|
||||
# Some of the following are based on variants, which are disabled with `attrNamesOnly = true`.
|
||||
# Until these have been removed from release.nix / hydra, we manually add them to the list.
|
||||
[
|
||||
"pkgsLLVM"
|
||||
"stdenv"
|
||||
]
|
||||
[
|
||||
"pkgsArocc"
|
||||
"stdenv"
|
||||
]
|
||||
[
|
||||
"pkgsZig"
|
||||
"stdenv"
|
||||
]
|
||||
[
|
||||
"pkgsStatic"
|
||||
"stdenv"
|
||||
]
|
||||
[
|
||||
"pkgsMusl"
|
||||
"stdenv"
|
||||
]
|
||||
]
|
||||
++ justAttrNames [ ] outpaths;
|
||||
|
||||
names = map lib.showAttrPath paths;
|
||||
|
||||
in
|
||||
{
|
||||
inherit paths names;
|
||||
}
|
||||
|
|
@ -2,8 +2,8 @@
|
|||
{
|
||||
lib ? import ../../lib,
|
||||
path ? ../..,
|
||||
# The file containing all available attribute paths, which are split into chunks here
|
||||
attrpathFile,
|
||||
# The file containing the preEval result
|
||||
preEvalFile,
|
||||
chunkSize,
|
||||
myChunk,
|
||||
includeBroken,
|
||||
|
|
@ -12,12 +12,13 @@
|
|||
}:
|
||||
|
||||
let
|
||||
attrpaths = lib.importJSON attrpathFile;
|
||||
myAttrpaths = lib.sublist (chunkSize * myChunk) chunkSize attrpaths;
|
||||
preEvalResult = lib.importJSON preEvalFile;
|
||||
myAttrpaths = lib.sublist (chunkSize * myChunk) chunkSize preEvalResult.paths;
|
||||
|
||||
unfiltered = import ./outpaths.nix {
|
||||
inherit path;
|
||||
inherit includeBroken systems;
|
||||
inherit (preEvalResult) attrPathsDisallowedForInternalUse;
|
||||
extraNixpkgsConfig = builtins.fromJSON extraNixpkgsConfigJson;
|
||||
};
|
||||
|
||||
|
|
|
|||
|
|
@ -38,7 +38,7 @@ let
|
|||
fileset = unions (
|
||||
map (lib.path.append ../..) [
|
||||
".version"
|
||||
"ci/eval/attrpaths.nix"
|
||||
"ci/eval/pre-eval.nix"
|
||||
"ci/eval/chunk.nix"
|
||||
"ci/eval/outpaths.nix"
|
||||
"default.nix"
|
||||
|
|
@ -56,11 +56,11 @@ let
|
|||
builtins.readFile ../../pkgs/top-level/release-supported-systems.json
|
||||
);
|
||||
|
||||
attrpathsSuperset =
|
||||
preEval =
|
||||
{
|
||||
evalSystem,
|
||||
}:
|
||||
runCommand "attrpaths-superset.json"
|
||||
runCommand "pre-eval"
|
||||
{
|
||||
src = nixpkgs;
|
||||
# Don't depend on -dev outputs to reduce closure size for CI.
|
||||
|
|
@ -73,15 +73,15 @@ let
|
|||
export NIX_STATE_DIR=$(mktemp -d)
|
||||
mkdir $out
|
||||
export GC_INITIAL_HEAP_SIZE=4g
|
||||
command time -f "Attribute eval done [%MKB max resident, %Es elapsed] %C" \
|
||||
command time -f "Pre-eval done [%MKB max resident, %Es elapsed] %C" \
|
||||
nix-instantiate --eval --strict --json --show-trace \
|
||||
"$src/ci/eval/attrpaths.nix" \
|
||||
-A paths \
|
||||
"$src/ci/eval/pre-eval.nix" \
|
||||
-A result \
|
||||
-I "$src" \
|
||||
--argstr extraNixpkgsConfigJson ${lib.escapeShellArg (builtins.toJSON extraNixpkgsConfig)} \
|
||||
--option restrict-eval true \
|
||||
--option allow-import-from-derivation false \
|
||||
--option eval-system "${evalSystem}" > $out/paths.json
|
||||
--option eval-system "${evalSystem}" > $out/result.json
|
||||
'';
|
||||
|
||||
singleSystem =
|
||||
|
|
@ -90,8 +90,8 @@ let
|
|||
# Note that this is intentionally not called `system`,
|
||||
# because `--argstr system` would only be passed to the ci/default.nix file!
|
||||
evalSystem ? builtins.currentSystem,
|
||||
# The path to the `paths.json` file from `attrpathsSuperset`
|
||||
attrpathFile ? "${attrpathsSuperset { inherit evalSystem; }}/paths.json",
|
||||
# The path to the `result.json` file from `preEval`
|
||||
preEvalFile ? "${preEval { inherit evalSystem; }}/result.json",
|
||||
}:
|
||||
let
|
||||
singleChunk = writeShellScript "single-chunk" ''
|
||||
|
|
@ -121,12 +121,12 @@ let
|
|||
--show-trace \
|
||||
--arg chunkSize "$chunkSize" \
|
||||
--arg myChunk "$myChunk" \
|
||||
--arg attrpathFile "${attrpathFile}" \
|
||||
--arg preEvalFile "${preEvalFile}" \
|
||||
--arg systems "[ \"$system\" ]" \
|
||||
--arg includeBroken ${lib.boolToString includeBroken} \
|
||||
--argstr extraNixpkgsConfigJson ${lib.escapeShellArg (builtins.toJSON extraNixpkgsConfig)} \
|
||||
-I ${nixpkgs} \
|
||||
-I ${attrpathFile} \
|
||||
-I ${preEvalFile} \
|
||||
> "$outputDir/result/$myChunk" \
|
||||
2> "$outputDir/stderr/$myChunk"
|
||||
exitCode=$?
|
||||
|
|
@ -164,7 +164,7 @@ let
|
|||
echo "System: $evalSystem"
|
||||
cores=$NIX_BUILD_CORES
|
||||
echo "Cores: $cores"
|
||||
attrCount=$(jq length "${attrpathFile}")
|
||||
attrCount=$(jq '.paths | length' "${preEvalFile}")
|
||||
echo "Attribute count: $attrCount"
|
||||
echo "Chunk size: $chunkSize"
|
||||
# Same as `attrCount / chunkSize` but rounded up
|
||||
|
|
@ -316,7 +316,7 @@ let
|
|||
in
|
||||
{
|
||||
inherit
|
||||
attrpathsSuperset
|
||||
preEval
|
||||
singleSystem
|
||||
diff
|
||||
combine
|
||||
|
|
|
|||
|
|
@ -6,7 +6,7 @@
|
|||
includeBroken ? true, # set this to false to exclude meta.broken packages from the output
|
||||
path ? ./../..,
|
||||
|
||||
# used by ./attrpaths.nix
|
||||
# used by ./pre-eval.nix
|
||||
attrNamesOnly ? false,
|
||||
|
||||
# Set this to `null` to build for builtins.currentSystem only
|
||||
|
|
@ -14,6 +14,8 @@
|
|||
builtins.readFile (path + "/pkgs/top-level/release-supported-systems.json")
|
||||
),
|
||||
|
||||
attrPathsDisallowedForInternalUse ? [ ],
|
||||
|
||||
# Customize the config used to evaluate nixpkgs
|
||||
extraNixpkgsConfig ? { },
|
||||
}:
|
||||
|
|
@ -35,6 +37,22 @@ let
|
|||
allowVariants = !attrNamesOnly;
|
||||
checkMeta = true;
|
||||
|
||||
# We don't need to care about problems being caught using the
|
||||
# standard mechanism, because any problems whose kind is not
|
||||
# nixpkgsInternalUseAllowed cause the corresponding attributes to
|
||||
# be disallowed entirely for internal use with
|
||||
# attrPathsDisallowedForInternalUse, see also ./pre-eval.nix
|
||||
problems.matchers = lib.mkForce [
|
||||
# We only need to set the broken handler to error, so that CI
|
||||
# doesn't evaluate those. No reason it couldn't evaluate them
|
||||
# afaik, but this is how it's been before.
|
||||
{
|
||||
kind = "broken";
|
||||
handler = "error";
|
||||
}
|
||||
];
|
||||
inherit attrPathsDisallowedForInternalUse;
|
||||
|
||||
# Silence the `x86_64-darwin` deprecation warning.
|
||||
allowDeprecatedx86_64Darwin = true;
|
||||
|
||||
|
|
|
|||
128
ci/eval/pre-eval.nix
Normal file
128
ci/eval/pre-eval.nix
Normal file
|
|
@ -0,0 +1,128 @@
|
|||
# This file does a fast pre-evaluation of Nixpkgs to determine:
|
||||
# - paths: A *superset* of all attrpaths of derivations which might be part of a release on *any* platform.
|
||||
# - attrPathsDisallowedForInternalUse: Attribute paths whose meta.problems has problems whose kinds should not be used internally in Nixpkgs
|
||||
#
|
||||
# This expression runs single-threaded under all current Nix
|
||||
# implementations, but much faster and with much less memory
|
||||
# used than ./outpaths.nix itself.
|
||||
#
|
||||
# Once you have the list of attrnames you can split it up into
|
||||
# $NUM_CORES batches and evaluate the outpaths separately for each
|
||||
# batch, in parallel.
|
||||
#
|
||||
# To dump the result:
|
||||
#
|
||||
# nix-instantiate --eval --strict --json ci/eval/pre-eval.nix -A result
|
||||
#
|
||||
{
|
||||
lib ? import (path + "/lib"),
|
||||
trace ? false,
|
||||
path ? ./../..,
|
||||
extraNixpkgsConfigJson ? "{}",
|
||||
}:
|
||||
let
|
||||
|
||||
# TODO: Use mapAttrsToListRecursiveCond when this PR lands:
|
||||
# https://github.com/NixOS/nixpkgs/pull/395160
|
||||
listAttrs =
|
||||
path: value:
|
||||
let
|
||||
result =
|
||||
if path == [ "AAAAAASomeThingsFailToEvaluate" ] || !(lib.isAttrs value) then
|
||||
[ ]
|
||||
else if lib.isDerivation value then
|
||||
[
|
||||
{
|
||||
inherit path value;
|
||||
}
|
||||
]
|
||||
else
|
||||
lib.pipe value [
|
||||
(lib.mapAttrsToList (
|
||||
name: value:
|
||||
lib.addErrorContext "while evaluating package set attribute path '${
|
||||
lib.showAttrPath (path ++ [ name ])
|
||||
}'" (listAttrs (path ++ [ name ]) value)
|
||||
))
|
||||
lib.concatLists
|
||||
];
|
||||
in
|
||||
lib.traceIf trace "** ${lib.showAttrPath path}" result;
|
||||
|
||||
outpaths = import ./outpaths.nix {
|
||||
inherit path;
|
||||
extraNixpkgsConfig = builtins.fromJSON extraNixpkgsConfigJson;
|
||||
attrNamesOnly = true;
|
||||
};
|
||||
|
||||
list =
|
||||
map
|
||||
(path: {
|
||||
inherit path;
|
||||
# This looks a bit weird, but the only reason we care about this value
|
||||
# is for the meta.problems check below, and stdenv's certainly don't
|
||||
# have any problems, so this is fine :)
|
||||
value = { };
|
||||
})
|
||||
[
|
||||
# Some of the following are based on variants, which are disabled with `attrNamesOnly = true`.
|
||||
# Until these have been removed from release.nix / hydra, we manually add them to the list.
|
||||
[
|
||||
"pkgsLLVM"
|
||||
"stdenv"
|
||||
]
|
||||
[
|
||||
"pkgsArocc"
|
||||
"stdenv"
|
||||
]
|
||||
[
|
||||
"pkgsZig"
|
||||
"stdenv"
|
||||
]
|
||||
[
|
||||
"pkgsStatic"
|
||||
"stdenv"
|
||||
]
|
||||
[
|
||||
"pkgsMusl"
|
||||
"stdenv"
|
||||
]
|
||||
]
|
||||
++ listAttrs [ ] outpaths;
|
||||
paths = map (attrs: attrs.path) list;
|
||||
names = map lib.showAttrPath paths;
|
||||
|
||||
inherit (import ../../pkgs/stdenv/generic/problems.nix { inherit lib; })
|
||||
disallowNixpkgsInternalUseKinds
|
||||
;
|
||||
|
||||
# Determine the list of attributes whose packages have any meta.problems
|
||||
# with a kind that's disallowed from internal Nixpkgs use
|
||||
attrPathsDisallowedForInternalUse = lib.pipe list [
|
||||
(lib.map (
|
||||
attrs:
|
||||
attrs
|
||||
// {
|
||||
problematicProblems = builtins.tryEval (
|
||||
lib.filterAttrs (name: problem: disallowNixpkgsInternalUseKinds ? ${problem.kind}) (
|
||||
attrs.value.meta.problems or { }
|
||||
)
|
||||
);
|
||||
}
|
||||
))
|
||||
(lib.filter (attrs: attrs.problematicProblems.success && attrs.problematicProblems.value != { }))
|
||||
(lib.map (attrs: {
|
||||
attrPath = attrs.path;
|
||||
reason = "it has certain meta.problems whose kinds are disallowed: ${
|
||||
lib.generators.toPretty { } attrs.problematicProblems.value
|
||||
}";
|
||||
}))
|
||||
];
|
||||
in
|
||||
{
|
||||
# TODO: Do we still need these? Probably not
|
||||
inherit paths names;
|
||||
result = {
|
||||
inherit paths attrPathsDisallowedForInternalUse;
|
||||
};
|
||||
}
|
||||
|
|
@ -737,4 +737,102 @@ Notable attributes:
|
|||
|
||||
* `driverInteractive`: a script that launches an interactive Python session in the context of the `testScript`.
|
||||
|
||||
## `modularServiceCompliance` {#tester-modularServiceCompliance}
|
||||
|
||||
Compliance suite for [modular service](https://nixos.org/manual/nixos/unstable/#modular-services) integrations.
|
||||
|
||||
Tests that a service manager integration correctly handles the portable modular services contract: `process.argv`, sub-services, assertions, and warnings.
|
||||
|
||||
### Return value {#tester-modularServiceCompliance-return}
|
||||
|
||||
An attribute set of derivations which perform the tests during their build.
|
||||
|
||||
### Inputs {#tester-modularServiceCompliance-inputs}
|
||||
|
||||
`evalConfig` (function)
|
||||
|
||||
: `{ services } -> { config; checkDrv; }`.
|
||||
Function to evaluate the given services in the integration's full context.
|
||||
This function is called for evaluation checks on configurations that will not be run.
|
||||
- Input `services` is an attrset of modular service configurations. These should be used verbatim.
|
||||
- Output attribute `config` is the resulting evaluated services attrset (e.g., the value of the `system.services` option in NixOS).
|
||||
This attribute must be available even if `checkDrv` would fail.
|
||||
- Output attribute `checkDrv` is a representative derivation whose existence and buildability prove the eval is sound (e.g., `system.build.toplevel` in NixOS, but could perhaps be more specific in the case of another process manager integration).
|
||||
|
||||
`mkTest` (function)
|
||||
|
||||
: `{ name, services, testExe } -> derivation`.
|
||||
- Input `name` is a test name, suitable for use as a derivation name.
|
||||
- Input `services` is an attrset of modular service configurations, matching the structure of the integration's services option.
|
||||
- Input `testExe` is a store path to an executable that verifies the services.
|
||||
- Output: a derivation that runs the service manager with the provided configuration inputs and then calls `testExe` after starting the services. That executable must have access to `sharedDir`.
|
||||
|
||||
`sharedDir` (string)
|
||||
|
||||
: Path to a directory writable by service processes and readable by `testExe`.
|
||||
The integration must ensure this directory is available when the services and `testExe` run.
|
||||
|
||||
:::{.example #ex-modularServiceCompliance-nixos}
|
||||
|
||||
# NixOS invocation of the compliance suite
|
||||
|
||||
```nix
|
||||
# In nixos/tests/all-tests.nix:
|
||||
# modularServiceCompliance =
|
||||
recurseIntoAttrs (
|
||||
pkgs.testers.modularServiceCompliance {
|
||||
sharedDir = "/tmp/modular-service-compliance";
|
||||
evalConfig =
|
||||
{ services }:
|
||||
let
|
||||
machine = evalSystem (
|
||||
{ ... }:
|
||||
{
|
||||
system.services = services;
|
||||
system.stateVersion = "25.05";
|
||||
fileSystems."/" = {
|
||||
device = "/test/dummy";
|
||||
fsType = "auto";
|
||||
};
|
||||
boot.loader.grub.enable = false;
|
||||
}
|
||||
);
|
||||
in
|
||||
{
|
||||
config = machine.config.system.services;
|
||||
checkDrv = machine.config.system.build.toplevel;
|
||||
};
|
||||
mkTest =
|
||||
{
|
||||
name,
|
||||
services,
|
||||
testExe,
|
||||
}:
|
||||
runTest {
|
||||
_class = "nixosTest";
|
||||
inherit name;
|
||||
nodes.machine.system.services = services;
|
||||
testScript = ''
|
||||
machine.wait_for_unit("multi-user.target")
|
||||
machine.succeed("${testExe}")
|
||||
'';
|
||||
};
|
||||
}
|
||||
)
|
||||
```
|
||||
|
||||
:::
|
||||
|
||||
### Manual compliance items {#tester-modularServiceCompliance-manual}
|
||||
|
||||
The following compliance items are not yet automated and must be verified manually when implementing a new modular service integration.
|
||||
|
||||
- **Failing assertions prevent deployment.**
|
||||
A service with `assertions = [{ assertion = false; message = "..."; }]` must cause the deployment to fail.
|
||||
The mechanism is integration-specific (e.g., NixOS checks assertions during `system.build.toplevel` evaluation).
|
||||
|
||||
- **Warnings are visible to the user.**
|
||||
A service with `warnings = [ "..." ]` must surface the warning to the user.
|
||||
On NixOS these are `builtins.warn` messages emitted during evaluation.
|
||||
|
||||
[file system object]: https://nix.dev/manual/nix/latest/store/file-system-object
|
||||
|
|
|
|||
|
|
@ -248,6 +248,43 @@ You can install the standalone parsers and queries directly without installing `
|
|||
})
|
||||
```
|
||||
|
||||
### Treesitter setup using WASM parsers and queries {#neovim-plugin-treesitter-wasm}
|
||||
|
||||
Neovim can load WASM parsers when it is built with Wasmtime support.
|
||||
In nixpkgs, WASM parser plugins are available from the `wasi32` cross package set:
|
||||
|
||||
```nix
|
||||
(pkgs.wrapNeovim (pkgs.neovim-unwrapped.override { wasmSupport = true; }) {
|
||||
configure = {
|
||||
packages.myPlugins =
|
||||
with pkgs.pkgsCross.wasi32.vimPlugins;
|
||||
let
|
||||
# Select the grammars you need
|
||||
treesitter-grammars = with nvim-treesitter-parsers; [
|
||||
nix
|
||||
python
|
||||
];
|
||||
# Queries are needed for treesitter based syntax highlighting and folds.
|
||||
treesitter-queries = map (p: p.associatedQuery) treesitter-grammars;
|
||||
in
|
||||
{
|
||||
start = [
|
||||
# regular plugins
|
||||
]
|
||||
++ treesitter-grammars
|
||||
++ treesitter-queries;
|
||||
};
|
||||
};
|
||||
})
|
||||
```
|
||||
|
||||
Do not install both native and WASM parsers for the same language.
|
||||
For example, installing both `pkgs.vimPlugins.nvim-treesitter-parsers.nix` and
|
||||
`pkgs.pkgsCross.wasi32.vimPlugins.nvim-treesitter-parsers.nix` is invalid because Neovim
|
||||
loads the first `parser/nix.*` found on `runtimepath`.
|
||||
|
||||
Use `:checkhealth vim.treesitter` to verify Nix-managed WASM parsers.
|
||||
|
||||
You can enable treesitter features for installed grammars in a `FileType` autocommand
|
||||
or in an `ftplugin/<language>.lua` script, e.g.
|
||||
|
||||
|
|
|
|||
|
|
@ -105,6 +105,9 @@
|
|||
"ex-build-helpers-extendMkDerivation": [
|
||||
"index.html#ex-build-helpers-extendMkDerivation"
|
||||
],
|
||||
"ex-modularServiceCompliance-nixos": [
|
||||
"index.html#ex-modularServiceCompliance-nixos"
|
||||
],
|
||||
"ex-pkgs-replace-vars": [
|
||||
"index.html#ex-pkgs-replace-vars",
|
||||
"index.html#ex-pkgs-substituteAll",
|
||||
|
|
@ -221,6 +224,9 @@
|
|||
"neovim-luarocks-based-plugins": [
|
||||
"index.html#neovim-luarocks-based-plugins"
|
||||
],
|
||||
"neovim-plugin-treesitter-wasm": [
|
||||
"index.html#neovim-plugin-treesitter-wasm"
|
||||
],
|
||||
"nixpkgs-manual": [
|
||||
"index.html#nixpkgs-manual"
|
||||
],
|
||||
|
|
@ -902,6 +908,18 @@
|
|||
"glibcxxassertions": [
|
||||
"index.html#glibcxxassertions"
|
||||
],
|
||||
"tester-modularServiceCompliance": [
|
||||
"index.html#tester-modularServiceCompliance"
|
||||
],
|
||||
"tester-modularServiceCompliance-inputs": [
|
||||
"index.html#tester-modularServiceCompliance-inputs"
|
||||
],
|
||||
"tester-modularServiceCompliance-manual": [
|
||||
"index.html#tester-modularServiceCompliance-manual"
|
||||
],
|
||||
"tester-modularServiceCompliance-return": [
|
||||
"index.html#tester-modularServiceCompliance-return"
|
||||
],
|
||||
"tester-shfmt": [
|
||||
"index.html#tester-shfmt"
|
||||
],
|
||||
|
|
|
|||
|
|
@ -2863,7 +2863,7 @@
|
|||
azahi = {
|
||||
name = "Azat Bahawi";
|
||||
email = "azat@bahawi.net";
|
||||
matrix = "@azahi:azahi.cc";
|
||||
matrix = "@azahi:matrix.org";
|
||||
github = "azahi";
|
||||
githubId = 22211000;
|
||||
keys = [ { fingerprint = "2688 0377 C31D 9E81 9BDF 83A8 C8C6 BDDB 3847 F72B"; } ];
|
||||
|
|
@ -4396,6 +4396,13 @@
|
|||
githubId = 48105979;
|
||||
name = "Caitlin Davitt";
|
||||
};
|
||||
cakeforcat = {
|
||||
email = "julia@cakeforcat.dev";
|
||||
github = "cakeforcat";
|
||||
githubId = 37912991;
|
||||
name = "Julia Czarny";
|
||||
matrix = "@cakeforcat:matrix.org";
|
||||
};
|
||||
calavera = {
|
||||
email = "david.calavera@gmail.com";
|
||||
github = "calavera";
|
||||
|
|
@ -6651,6 +6658,12 @@
|
|||
githubId = 8864716;
|
||||
name = "Duarte David";
|
||||
};
|
||||
demic-dev = {
|
||||
email = "git@demic.dev";
|
||||
github = "demic-dev";
|
||||
githubId = 59309595;
|
||||
name = "Michele De Cillis";
|
||||
};
|
||||
demin-dmitriy = {
|
||||
email = "demindf@gmail.com";
|
||||
github = "demin-dmitriy";
|
||||
|
|
@ -27420,6 +27433,11 @@
|
|||
githubId = 3889585;
|
||||
name = "Cheng Shao";
|
||||
};
|
||||
terrorw0lf = {
|
||||
name = "duckling";
|
||||
github = "TERRORW0LF";
|
||||
githubId = 61637480;
|
||||
};
|
||||
terryg = {
|
||||
name = "Terry Garcia";
|
||||
email = "terry@terryg.org";
|
||||
|
|
|
|||
|
|
@ -747,10 +747,8 @@ with lib.maintainers;
|
|||
enableFeatureFreezePing = true;
|
||||
};
|
||||
|
||||
tests = {
|
||||
members = [ tfc ];
|
||||
scope = "Maintain the NixOS VM test runner.";
|
||||
shortName = "NixOS tests";
|
||||
test-driver = {
|
||||
github = "test-driver";
|
||||
enableFeatureFreezePing = true;
|
||||
};
|
||||
|
||||
|
|
|
|||
|
|
@ -22,10 +22,14 @@
|
|||
|
||||
- [Stump](https://www.stumpapp.dev/), a free and open source comics, manga and digital book server with OPDS support. Available as [services.stump](#opt-services.stump.enable).
|
||||
|
||||
- [Freescout](https://freescout.net/), a free, open source Helpdesk and shared mailbox. Available as [services.freescout](#opt-services.freescout.enable).
|
||||
|
||||
- [FlapAlerted](https://github.com/Kioubit/FlapAlerted), detects BGP flapping events and provides statistics based on BGP update messages. Available as [services.flap-alerted](#opt-services.flap-alerted.enable).
|
||||
|
||||
- [Unpackerr](https://unpackerr.zip), extracts downloads for Radarr, Sonarr, Lidarr, Readarr, and/or a Watch folder. Available as [services.unpackerr](#opt-services.unpackerr.enable).
|
||||
|
||||
- [Matrix Authentication Service](https://github.com/element-hq/matrix-authentication-service) is an OAuth2.0 and OpenID Connect provider for Matrix homeservers (such as Synapse). It replaces standard password authentication with modern OpenID Connect flows, and can delegate authentication to upstream OIDC providers. Available as [services.matrix-authentication-service](#opt-services.matrix-authentication-service.enable).
|
||||
|
||||
## Backward Incompatibilities {#sec-release-26.11-incompatibilities}
|
||||
|
||||
<!-- To avoid merge conflicts, consider adding your item at an arbitrary place in the list instead. -->
|
||||
|
|
@ -67,10 +71,14 @@
|
|||
|
||||
- `security.run0.enableSudoAlias` now uses the `run0-sudo-shim` instead of a shell-script to improve compatibility.
|
||||
|
||||
- With `system.etc.overlay.mutable = false`, NixOS now ships an empty `/etc/machine-id` in the image. Previously the file was absent and systemd logged `System cannot boot: Missing /etc/machine-id and /etc/ is read-only` while `ConditionFirstBoot` fired on every boot. With this change, systemd now overlays a transient ID from `/run/machine-id` for the session, and `systemd-machine-id-commit.service` has `ConditionFirstBoot` so it writes the machine-id through to a persistent backing file when one is bind-mounted over `/etc/machine-id`. To persist the machine-id across reboots, bind-mount a writable file containing `uninitialized` over `/etc/machine-id` from the initrd, or set `systemd.machine_id=` on the kernel command line (use `systemd.machine_id=firmware` to derive a stable ID on hardware that supports it).
|
||||
|
||||
- `security.run0.persistentAuth` options have been added to support persistent Authentication of session. Timeout configurable via `security.polkit.settings.Polkitd.ExpirationSeconds`.
|
||||
|
||||
- `boot.loader.systemd-boot` gained support for [Automatic Boot Assessment](https://systemd.io/AUTOMATIC_BOOT_ASSESSMENT/) via the new [`boot.loader.systemd-boot.bootCounting`](#opt-boot.loader.systemd-boot.bootCounting.enable) options, allowing automatic detection of and recovery from bad NixOS generations. As part of this change, boot loader entries on the ESP/XBOOTLDR partition are now named `nixos-<content-hash>.conf` instead of `nixos-generation-<n>.conf`; existing entries are migrated automatically on the next `nixos-rebuild boot`/`switch`.
|
||||
|
||||
- `services.nginx` gained a [`lua`](#opt-services.nginx.lua.enable) option to enable Lua scripting via OpenResty's lua-nginx-module on a stock nginx, configuring `lua_package_path`/`lua_package_cpath` from the packages listed in [`services.nginx.lua.extraPackages`](#opt-services.nginx.lua.extraPackages). Use this to add Lua to a regular nginx; for the full OpenResty platform (libraries that rely on its bundled lualib, such as `lua-resty-openidc`), set `services.nginx.package` to `pkgs.openresty` instead — the option configures the Lua search path for it too.
|
||||
|
||||
- `security.polkit.settings` added for RFC42 style configuration of the polkitd daemon.
|
||||
|
||||
- The `programs.fuse` module, which provides the `fusermount3` executable and the `/etc/fuse.conf` config file, is now opt-in. The obligation to enable it has been shifted to its various consumers (e.g. gvfs, flatpak, appimage, sshfs). This can break fuse consumers at runtime, that don't explicitly declare that dependency with a module, e.g the mounting functionality in various backup tools (borg, restic, rclone, ...).
|
||||
|
|
|
|||
|
|
@ -106,6 +106,11 @@ let
|
|||
description = "Path of the device or swap file.";
|
||||
};
|
||||
|
||||
isDevice = mkOption {
|
||||
default = lib.substring 0 5 config.device == "/dev/";
|
||||
internal = true;
|
||||
};
|
||||
|
||||
label = mkOption {
|
||||
example = "swap";
|
||||
type = types.str;
|
||||
|
|
@ -329,6 +334,7 @@ in
|
|||
)
|
||||
} ${sw.device} ${sw.deviceName}
|
||||
mkswap ${sw.realDevice}
|
||||
${lib.optionalString sw.isDevice "udevadm trigger ${sw.realDevice}"}
|
||||
''}
|
||||
'';
|
||||
enableStrictShellChecks = true;
|
||||
|
|
|
|||
|
|
@ -810,6 +810,7 @@
|
|||
./services/matrix/hookshot.nix
|
||||
./services/matrix/lk-jwt-service.nix
|
||||
./services/matrix/matrix-alertmanager.nix
|
||||
./services/matrix/matrix-authentication-service.nix
|
||||
./services/matrix/maubot.nix
|
||||
./services/matrix/mautrix-discord.nix
|
||||
./services/matrix/mautrix-meta.nix
|
||||
|
|
@ -1663,6 +1664,7 @@
|
|||
./services/web-apps/firefly-iii.nix
|
||||
./services/web-apps/flarum.nix
|
||||
./services/web-apps/fluidd.nix
|
||||
./services/web-apps/freescout.nix
|
||||
./services/web-apps/freshrss.nix
|
||||
./services/web-apps/froide-govplan.nix
|
||||
./services/web-apps/galene.nix
|
||||
|
|
@ -1914,6 +1916,7 @@
|
|||
./system/boot/clevis-luks-askpass.nix
|
||||
./system/boot/clevis.nix
|
||||
./system/boot/emergency-mode.nix
|
||||
./system/boot/extra-initrd.nix
|
||||
./system/boot/grow-partition.nix
|
||||
./system/boot/initrd-network.nix
|
||||
./system/boot/initrd-openvpn.nix
|
||||
|
|
|
|||
445
nixos/modules/services/matrix/matrix-authentication-service.nix
Normal file
445
nixos/modules/services/matrix/matrix-authentication-service.nix
Normal file
|
|
@ -0,0 +1,445 @@
|
|||
{
|
||||
config,
|
||||
lib,
|
||||
pkgs,
|
||||
...
|
||||
}:
|
||||
|
||||
let
|
||||
inherit (lib)
|
||||
concatMapStringsSep
|
||||
filter
|
||||
filterAttrs
|
||||
getExe
|
||||
isAttrs
|
||||
isList
|
||||
mapAttrs
|
||||
mkDefault
|
||||
mkEnableOption
|
||||
mkIf
|
||||
mkOption
|
||||
mkPackageOption
|
||||
optional
|
||||
optionalAttrs
|
||||
types
|
||||
;
|
||||
|
||||
cfg = config.services.matrix-authentication-service;
|
||||
format = pkgs.formats.yaml { };
|
||||
filterRecursiveNull =
|
||||
o:
|
||||
if isAttrs o then
|
||||
mapAttrs (_: v: filterRecursiveNull v) (filterAttrs (_: v: v != null) o)
|
||||
else if isList o then
|
||||
map filterRecursiveNull (filter (v: v != null) o)
|
||||
else
|
||||
o;
|
||||
|
||||
# remove null values from the final configuration
|
||||
finalSettings =
|
||||
let
|
||||
pruned = filterRecursiveNull cfg.settings;
|
||||
in
|
||||
if pruned ? upstream_oauth2 && pruned.upstream_oauth2 == { } then
|
||||
removeAttrs pruned [ "upstream_oauth2" ]
|
||||
else
|
||||
pruned;
|
||||
configFile = format.generate "config.yaml" finalSettings;
|
||||
in
|
||||
{
|
||||
meta.maintainers = with lib.maintainers; [
|
||||
eymeric
|
||||
flashonfire
|
||||
mkoppmann
|
||||
skowalak
|
||||
];
|
||||
meta.teams = [ lib.teams.matrix ];
|
||||
|
||||
options.services.matrix-authentication-service = {
|
||||
enable = mkEnableOption "Matrix Authentication Service";
|
||||
|
||||
package = mkPackageOption pkgs "matrix-authentication-service" { };
|
||||
|
||||
settings = mkOption {
|
||||
default = { };
|
||||
description = ''
|
||||
The primary mas configuration. See the
|
||||
[configuration reference](https://element-hq.github.io/matrix-authentication-service/usage/configuration.html)
|
||||
for possible values.
|
||||
|
||||
Secrets should be passed in by using the `extraConfigFiles` option.
|
||||
'';
|
||||
type = types.submodule {
|
||||
freeformType = format.type;
|
||||
|
||||
options = {
|
||||
http.public_base = mkOption {
|
||||
type = types.str;
|
||||
default = "http://[::]:8080/";
|
||||
description = ''
|
||||
Public URL base used when building absolute public URLs.
|
||||
'';
|
||||
};
|
||||
http.trusted_proxies = mkOption {
|
||||
type = types.listOf types.str;
|
||||
default = [
|
||||
"127.0.0.1/8"
|
||||
"::1/128"
|
||||
];
|
||||
description = ''
|
||||
MAS can infer the client IP address from the X-Forwarded-For header. It will trust the value for this header only if the request comes from a trusted reverse proxy listed here.
|
||||
'';
|
||||
};
|
||||
http.listeners = mkOption {
|
||||
type = types.listOf (
|
||||
types.submodule {
|
||||
freeformType = format.type;
|
||||
options = {
|
||||
name = mkOption {
|
||||
type = types.str;
|
||||
example = "web";
|
||||
description = ''
|
||||
The name of the listener, used in logs and metrics.
|
||||
'';
|
||||
};
|
||||
proxy_protocol = mkOption {
|
||||
type = types.bool;
|
||||
default = false;
|
||||
description = ''
|
||||
Whether to enable the PROXY protocol on the listener.
|
||||
'';
|
||||
};
|
||||
resources = mkOption {
|
||||
type = types.listOf (
|
||||
types.submodule {
|
||||
freeformType = format.type;
|
||||
options = {
|
||||
name = mkOption {
|
||||
type = types.str;
|
||||
description = ''
|
||||
Serve the given resource.
|
||||
'';
|
||||
};
|
||||
};
|
||||
}
|
||||
);
|
||||
description = ''
|
||||
List of resources to serve.
|
||||
'';
|
||||
};
|
||||
binds = mkOption {
|
||||
type = types.listOf (
|
||||
types.submodule {
|
||||
freeformType = format.type;
|
||||
options = {
|
||||
host = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
description = ''
|
||||
Listen on the given host.
|
||||
'';
|
||||
};
|
||||
port = mkOption {
|
||||
type = types.nullOr types.port;
|
||||
description = ''
|
||||
Listen on the given port.
|
||||
'';
|
||||
};
|
||||
};
|
||||
}
|
||||
);
|
||||
description = ''
|
||||
List of addresses and ports to listen to.
|
||||
'';
|
||||
};
|
||||
};
|
||||
}
|
||||
);
|
||||
default = [
|
||||
{
|
||||
name = "web";
|
||||
resources = [
|
||||
{ name = "discovery"; }
|
||||
{ name = "human"; }
|
||||
{ name = "oauth"; }
|
||||
{ name = "compat"; }
|
||||
{ name = "graphql"; }
|
||||
{ name = "assets"; }
|
||||
];
|
||||
binds = [
|
||||
{
|
||||
host = "0.0.0.0";
|
||||
port = 8080;
|
||||
}
|
||||
];
|
||||
proxy_protocol = false;
|
||||
}
|
||||
{
|
||||
name = "internal";
|
||||
resources = [
|
||||
{ name = "health"; }
|
||||
];
|
||||
binds = [
|
||||
{
|
||||
host = "0.0.0.0";
|
||||
port = 8081;
|
||||
}
|
||||
];
|
||||
proxy_protocol = false;
|
||||
}
|
||||
];
|
||||
description = ''
|
||||
Each listener can serve multiple resources, and listen on multiple TCP ports or UNIX sockets.
|
||||
'';
|
||||
};
|
||||
|
||||
database.uri = mkOption {
|
||||
type = types.str;
|
||||
default = "postgresql:///matrix-authentication-service?host=/run/postgresql";
|
||||
description = ''
|
||||
The postgres connection string.
|
||||
Refer to <https://www.postgresql.org/docs/current/libpq-connect.html#LIBPQ-CONNSTRING>.
|
||||
If you need to put secrets in the uri, please use the `extraConfigFiles` option.
|
||||
'';
|
||||
};
|
||||
|
||||
database.max_connections = mkOption {
|
||||
type = types.ints.unsigned;
|
||||
default = 10;
|
||||
description = ''
|
||||
Maximum number of connections for the connection pool.
|
||||
'';
|
||||
};
|
||||
|
||||
database.min_connections = mkOption {
|
||||
type = types.ints.unsigned;
|
||||
default = 0;
|
||||
description = ''
|
||||
Minimum number of connections for the connection pool.
|
||||
'';
|
||||
};
|
||||
|
||||
database.connect_timeout = mkOption {
|
||||
type = types.ints.unsigned;
|
||||
default = 30;
|
||||
description = ''
|
||||
Connection timeout for the connection pool.
|
||||
'';
|
||||
};
|
||||
|
||||
database.idle_timeout = mkOption {
|
||||
type = types.ints.unsigned;
|
||||
default = 600;
|
||||
description = ''
|
||||
Idle timeout for the connection pool.
|
||||
'';
|
||||
};
|
||||
|
||||
database.max_lifetime = mkOption {
|
||||
type = types.ints.unsigned;
|
||||
default = 1800;
|
||||
description = ''
|
||||
Maximum lifetime for the connection pool.
|
||||
'';
|
||||
};
|
||||
|
||||
passwords.enabled = mkOption {
|
||||
type = types.bool;
|
||||
default = true;
|
||||
description = ''
|
||||
Whether to enable the password database. If disabled, users will only be able to log in using upstream OIDC providers.
|
||||
'';
|
||||
};
|
||||
|
||||
passwords.schemes = mkOption {
|
||||
type = types.listOf (
|
||||
types.submodule {
|
||||
freeformType = format.type;
|
||||
options = {
|
||||
version = mkOption {
|
||||
type = types.ints.unsigned;
|
||||
description = ''
|
||||
Password scheme version.
|
||||
'';
|
||||
};
|
||||
algorithm = mkOption {
|
||||
type = types.str;
|
||||
description = ''
|
||||
Password scheme algorithm.
|
||||
'';
|
||||
};
|
||||
};
|
||||
}
|
||||
);
|
||||
default = [
|
||||
{
|
||||
version = 1;
|
||||
algorithm = "argon2id";
|
||||
}
|
||||
];
|
||||
description = ''
|
||||
List of password hashing schemes being used. Only change this if you know what you're doing.
|
||||
'';
|
||||
};
|
||||
|
||||
passwords.minimum_complexity = mkOption {
|
||||
type = types.enum [
|
||||
0
|
||||
1
|
||||
2
|
||||
3
|
||||
4
|
||||
];
|
||||
default = 3;
|
||||
description = ''
|
||||
Minimum complexity required for passwords, estimated by the zxcvbn algorithm.
|
||||
Must be between 0 and 4, default is 3. See <https://github.com/dropbox/zxcvbn#usage> for more information.
|
||||
'';
|
||||
};
|
||||
|
||||
matrix.homeserver = mkOption {
|
||||
type = types.str;
|
||||
default = "";
|
||||
description = ''
|
||||
Corresponds to the server_name in the Synapse configuration file.
|
||||
'';
|
||||
};
|
||||
matrix.endpoint = mkOption {
|
||||
type = types.str;
|
||||
default = "";
|
||||
description = ''
|
||||
The URL to which the homeserver is accessible from the service.
|
||||
'';
|
||||
};
|
||||
upstream_oauth2.providers = mkOption {
|
||||
default = null;
|
||||
type = types.nullOr (
|
||||
types.listOf (
|
||||
types.submodule {
|
||||
freeformType = format.type;
|
||||
options = {
|
||||
id = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
example = "01H8PKNWKKRPCBW4YGH1RWV279";
|
||||
default = null;
|
||||
description = ''
|
||||
Unique id for the provider, must be a ULID, and can be generated using online tools like <https://www.ulidtools.com>.
|
||||
'';
|
||||
};
|
||||
};
|
||||
}
|
||||
)
|
||||
);
|
||||
description = ''
|
||||
Configuration of upstream providers
|
||||
'';
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
createDatabase = mkOption {
|
||||
type = types.bool;
|
||||
default = false;
|
||||
description = ''
|
||||
Whether to enable and configure `services.postgresql` to ensure that the database user `matrix-authentication-service`
|
||||
and the database `matrix-authentication-service` exist.
|
||||
'';
|
||||
};
|
||||
|
||||
extraConfigFiles = mkOption {
|
||||
type = types.listOf types.str;
|
||||
default = [ ];
|
||||
description = ''
|
||||
Extra config files to include.
|
||||
|
||||
The configuration files will be included based on the command line
|
||||
argument --config. This allows to configure secrets without
|
||||
having to go through the Nix store, e.g. based on deployment keys if
|
||||
NixOps is in use.
|
||||
'';
|
||||
};
|
||||
|
||||
serviceDependencies = mkOption {
|
||||
type = types.listOf types.str;
|
||||
default = optional config.services.matrix-synapse.enable config.services.matrix-synapse.serviceUnit;
|
||||
defaultText = lib.literalExpression ''
|
||||
lib.optional config.services.matrix-synapse.enable config.services.matrix-synapse.serviceUnit
|
||||
'';
|
||||
description = ''
|
||||
List of Systemd services to require and wait for when starting the application service,
|
||||
such as the Matrix homeserver if it's running on the same host.
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
services.postgresql = mkIf cfg.createDatabase {
|
||||
enable = true;
|
||||
ensureDatabases = [ "matrix-authentication-service" ];
|
||||
ensureUsers = [
|
||||
{
|
||||
name = "matrix-authentication-service";
|
||||
ensureDBOwnership = true;
|
||||
}
|
||||
];
|
||||
};
|
||||
|
||||
systemd.services.matrix-authentication-service = rec {
|
||||
after = optional cfg.createDatabase "postgresql.service" ++ cfg.serviceDependencies;
|
||||
wants = after;
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
serviceConfig = {
|
||||
DynamicUser = true;
|
||||
ExecStartPre = ''
|
||||
${getExe cfg.package} config check \
|
||||
${concatMapStringsSep " " (x: "--config ${x}") ([ configFile ] ++ cfg.extraConfigFiles)}
|
||||
'';
|
||||
ExecStart = ''
|
||||
${getExe cfg.package} server \
|
||||
${concatMapStringsSep " " (x: "--config ${x}") ([ configFile ] ++ cfg.extraConfigFiles)}
|
||||
'';
|
||||
Restart = "on-failure";
|
||||
RestartSec = "1s";
|
||||
|
||||
# Security Hardening
|
||||
CapabilityBoundingSet = "";
|
||||
AmbientCapabilities = "";
|
||||
LockPersonality = true;
|
||||
NoNewPrivileges = true;
|
||||
PrivateTmp = true;
|
||||
PrivateDevices = true;
|
||||
PrivateMounts = true;
|
||||
ProtectClock = true;
|
||||
ProtectControlGroups = true;
|
||||
ProtectHome = true;
|
||||
ProtectHostname = true;
|
||||
ProtectKernelLogs = true;
|
||||
ProtectKernelModules = true;
|
||||
ProtectKernelTunables = true;
|
||||
ProtectProc = "invisible";
|
||||
ProcSubset = "pid";
|
||||
ProtectSystem = "strict";
|
||||
RemoveIPC = true;
|
||||
RestrictAddressFamilies = [
|
||||
"AF_UNIX"
|
||||
"AF_INET"
|
||||
"AF_INET6"
|
||||
];
|
||||
RestrictNamespaces = true;
|
||||
RestrictRealtime = true;
|
||||
RestrictSUIDSGID = true;
|
||||
SystemCallArchitectures = "native";
|
||||
SystemCallErrorNumber = "EPERM";
|
||||
SystemCallFilter = [
|
||||
"@system-service"
|
||||
];
|
||||
UMask = "0077";
|
||||
|
||||
# Working and state directories
|
||||
StateDirectory = "matrix-authentication-service";
|
||||
StateDirectoryMode = "0700";
|
||||
WorkingDirectory = "/var/lib/matrix-authentication-service";
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
@ -4,6 +4,7 @@
|
|||
lib,
|
||||
pkgs,
|
||||
utils,
|
||||
jdk25_headless,
|
||||
...
|
||||
}:
|
||||
let
|
||||
|
|
@ -29,21 +30,16 @@ let
|
|||
);
|
||||
in
|
||||
{
|
||||
|
||||
options = {
|
||||
services.unifi.enable = lib.mkEnableOption "UniFi controller service";
|
||||
|
||||
services.unifi.jrePackage = lib.mkOption {
|
||||
type = lib.types.package;
|
||||
default = cfg.unifiPackage.passthru.jrePackage or jdk25_headless;
|
||||
defaultText = lib.literalExpression "unifiPackage.passthru.jrePackage";
|
||||
|
||||
services.unifi.enable = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
default = false;
|
||||
description = ''
|
||||
Whether or not to enable the unifi controller service.
|
||||
'';
|
||||
};
|
||||
|
||||
services.unifi.jrePackage = lib.mkPackageOption pkgs "jdk" {
|
||||
default = "jdk25_headless";
|
||||
extraDescription = ''
|
||||
Check the UniFi controller release notes to ensure it is supported.
|
||||
Which Java runtime to use.
|
||||
'';
|
||||
};
|
||||
|
||||
|
|
@ -56,6 +52,7 @@ in
|
|||
services.unifi.openFirewall = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
default = false;
|
||||
|
||||
description = ''
|
||||
Whether or not to open the minimum required ports on the firewall.
|
||||
|
||||
|
|
@ -69,6 +66,7 @@ in
|
|||
type = with lib.types; nullOr int;
|
||||
default = null;
|
||||
example = 1024;
|
||||
|
||||
description = ''
|
||||
Set the initial heap size for the JVM in MB. If this option isn't set, the
|
||||
JVM will decide this value at runtime.
|
||||
|
|
@ -79,6 +77,7 @@ in
|
|||
type = with lib.types; nullOr int;
|
||||
default = null;
|
||||
example = 4096;
|
||||
|
||||
description = ''
|
||||
Set the maximum heap size for the JVM in MB. If this option isn't set, the
|
||||
JVM will decide this value at runtime.
|
||||
|
|
@ -89,15 +88,14 @@ in
|
|||
type = with lib.types; listOf str;
|
||||
default = [ ];
|
||||
example = lib.literalExpression ''["-Xlog:gc"]'';
|
||||
|
||||
description = ''
|
||||
Set extra options to pass to the JVM.
|
||||
'';
|
||||
};
|
||||
|
||||
};
|
||||
|
||||
config = lib.mkIf cfg.enable {
|
||||
|
||||
assertions = [
|
||||
{
|
||||
assertion =
|
||||
|
|
@ -128,16 +126,18 @@ in
|
|||
description = "UniFi controller daemon user";
|
||||
home = "${stateDir}";
|
||||
};
|
||||
|
||||
users.groups.unifi = { };
|
||||
|
||||
# https://help.ubnt.com/hc/en-us/articles/218506997
|
||||
networking.firewall = lib.mkIf cfg.openFirewall {
|
||||
# https://help.ubnt.com/hc/en-us/articles/218506997
|
||||
allowedTCPPorts = [
|
||||
8080 # Port for UAP to inform controller.
|
||||
8880 # Port for HTTP portal redirect, if guest portal is enabled.
|
||||
8843 # Port for HTTPS portal redirect, ditto.
|
||||
6789 # Port for UniFi mobile speed test.
|
||||
];
|
||||
|
||||
allowedUDPPorts = [
|
||||
3478 # UDP port used for STUN.
|
||||
10001 # UDP port used for device discovery.
|
||||
|
|
@ -151,6 +151,7 @@ in
|
|||
|
||||
# This a HACK to fix missing dependencies of dynamic libs extracted from jars
|
||||
environment.LD_LIBRARY_PATH = with pkgs.stdenv; "${cc.cc.lib}/lib";
|
||||
|
||||
# Make sure package upgrades trigger a service restart
|
||||
restartTriggers = [
|
||||
cfg.unifiPackage
|
||||
|
|
@ -220,12 +221,13 @@ in
|
|||
|
||||
# Needs network access
|
||||
PrivateNetwork = false;
|
||||
|
||||
# Cannot be true due to OpenJDK
|
||||
MemoryDenyWriteExecute = false;
|
||||
};
|
||||
};
|
||||
|
||||
};
|
||||
|
||||
imports = [
|
||||
(lib.mkRemovedOptionModule [
|
||||
"services"
|
||||
|
|
|
|||
|
|
@ -158,5 +158,5 @@ in
|
|||
networking.firewall.allowedTCPPorts = with cfg; lib.optionals openFirewall [ port ];
|
||||
};
|
||||
|
||||
meta.maintainers = with lib.maintainers; [ azahi ];
|
||||
meta.maintainers = [ ];
|
||||
}
|
||||
|
|
|
|||
487
nixos/modules/services/web-apps/freescout.nix
Normal file
487
nixos/modules/services/web-apps/freescout.nix
Normal file
|
|
@ -0,0 +1,487 @@
|
|||
{
|
||||
lib,
|
||||
config,
|
||||
pkgs,
|
||||
...
|
||||
}:
|
||||
|
||||
let
|
||||
# Simple alias variables
|
||||
user = "freescout";
|
||||
group = user;
|
||||
cfg = config.services.freescout;
|
||||
datadir = "/var/lib/freescout";
|
||||
cachedir = "/var/cache/freescout";
|
||||
fpmService = "phpfpm-${user}";
|
||||
|
||||
# Generated config and more complex templates / default variables
|
||||
autoDb = if !cfg.databaseSetup.enable then false else cfg.databaseSetup.kind;
|
||||
dbService = lib.optional (autoDb != false) (
|
||||
if autoDb == "mysql" then "mysql.service" else "postgresql.service"
|
||||
);
|
||||
db_config = lib.optionalAttrs (autoDb != false) (
|
||||
if autoDb == "mysql" then
|
||||
{
|
||||
DB_CONNECTION = "mysql";
|
||||
DB_HOST = "";
|
||||
DB_SOCKET = "/run/mysqld/mysqld.sock";
|
||||
DB_USERNAME = user;
|
||||
DB_DATABASE = user;
|
||||
}
|
||||
else
|
||||
{
|
||||
DB_CONNECTION = "pgsql";
|
||||
DB_HOST = "/run/postgresql";
|
||||
DB_DATABASE = user;
|
||||
DB_USERNAME = user;
|
||||
}
|
||||
);
|
||||
|
||||
raw_config = {
|
||||
APP_ENV = "production";
|
||||
APP_FORCE_HTTPS = true;
|
||||
APP_URL = "https://${cfg.domain}";
|
||||
APP_TIMEZONE = config.time.timeZone;
|
||||
APP_DISABLE_UPDATING = true;
|
||||
}
|
||||
// cfg.settings
|
||||
// db_config;
|
||||
app_config = dropNull raw_config;
|
||||
baseService = {
|
||||
path = [
|
||||
pkgs.ps
|
||||
artisanWrapped
|
||||
];
|
||||
requires = [
|
||||
# Using requires (instead of wants) since a failing config
|
||||
# is indeed critical and should not allow this service to continue
|
||||
"freescout-setup.service"
|
||||
]
|
||||
++ dbService;
|
||||
serviceConfig = {
|
||||
User = user;
|
||||
Group = group;
|
||||
};
|
||||
};
|
||||
|
||||
# Custom built packages / files / scripts
|
||||
phpPackage = cfg.phpPackage.buildEnv {
|
||||
# As of php8.5 opcache is required and automatically compiled in and thus is not available in
|
||||
# all anymore. To keep compatibility with older versions, still add if available.
|
||||
extensions =
|
||||
{ all, enabled }: enabled ++ [ all.iconv ] ++ (lib.optional (all ? opcache) all.opcache);
|
||||
# Don't log anything because we are not sure, if this may leak secrets
|
||||
# Logging can be increased, if we have time to check the logging library
|
||||
extraConfig = ''
|
||||
error_reporting = 0
|
||||
'';
|
||||
};
|
||||
|
||||
package = cfg.package.overrideAttrs (prev: {
|
||||
pname = "${prev.pname}-${cfg.domain}";
|
||||
postInstall = prev.postInstall or "" + ''
|
||||
ln -s ${datadir} $out/share/freescout/data
|
||||
'';
|
||||
});
|
||||
|
||||
artisanWrapped = pkgs.writeShellApplication {
|
||||
name = "artisan-wrapped";
|
||||
runtimeInputs = with pkgs; [
|
||||
util-linux
|
||||
];
|
||||
text = ''
|
||||
cd ${datadir}
|
||||
_runuser='exec'
|
||||
if [[ "$USER" != ${user} ]]; then
|
||||
_runuser='exec runuser --user ${user}'
|
||||
fi
|
||||
''${_runuser} ${lib.getExe phpPackage} ${package}/share/freescout/artisan "$@"
|
||||
'';
|
||||
};
|
||||
configFile = mkEnvFile "freescout.env" app_config;
|
||||
allSecrets = lib.catAttrs "_secret" (lib.collect isSecret app_config);
|
||||
|
||||
configSetupScript = pkgs.writeShellScript "freescout-config-setup" ''
|
||||
set -o errexit -o pipefail -o nounset -o errtrace
|
||||
shopt -s inherit_errexit
|
||||
PATH=${lib.makeBinPath [ pkgs.replace-secret ]}:$PATH
|
||||
cp ${configFile} "/tmp/raw.env";
|
||||
${mkSecretsReplacement "/tmp/raw.env" allSecrets}
|
||||
install -T --mode 400 -o ${user} -g ${group} "/tmp/raw.env" "${datadir}/.env"
|
||||
rm "/tmp/raw.env"
|
||||
'';
|
||||
|
||||
freescoutSetupScript =
|
||||
let
|
||||
rwPaths = [
|
||||
"storage/app"
|
||||
"storage/framework"
|
||||
"storage/framework/sessions"
|
||||
"storage/framework/views"
|
||||
"storage/framework/cache/data"
|
||||
"storage/logs"
|
||||
"bootstrap/cache"
|
||||
"public/css/builds"
|
||||
"public/js/builds"
|
||||
"Modules"
|
||||
"public/modules"
|
||||
];
|
||||
in
|
||||
''
|
||||
set -x
|
||||
umask 027
|
||||
# Working arround https://github.com/freescout-helpdesk/freescout/issues/2547
|
||||
# and having to manually clear cache when migrating from something around
|
||||
# ~1.8.159 (╯°□°)╯︵ ┻━┻
|
||||
# See: https://github.com/freescout-help-desk/freescout/issues/4366#issuecomment-2495993397
|
||||
rm -f ${datadir}/bootstrap/cache.php ${datadir}/bootstrap/cache/{config,packages,services}.php
|
||||
|
||||
ln -sf "${artisanWrapped}/bin/artisan-wrapped" "${datadir}/artisan"
|
||||
${lib.concatMapStringsSep "\n" (p: "mkdir -p ${datadir}/${p}") rwPaths}
|
||||
|
||||
# Migrate database and stuff
|
||||
# This does migrate, cache:clear, queue:restart
|
||||
${lib.getExe artisanWrapped} freescout:after-app-update
|
||||
'';
|
||||
|
||||
# Helper functions
|
||||
isSecret = v: lib.isAttrs v && v ? _secret && lib.strings.isConvertibleWithToString v._secret;
|
||||
hashSecret = p: builtins.hashString "sha256" (toString p);
|
||||
dropNull = lib.filterAttrsRecursive (
|
||||
_: v:
|
||||
!lib.elem v [
|
||||
null
|
||||
[ ]
|
||||
{ }
|
||||
]
|
||||
);
|
||||
mkEnvVars = lib.generators.toKeyValue {
|
||||
mkKeyValue =
|
||||
k: v:
|
||||
let
|
||||
value =
|
||||
with builtins;
|
||||
if isInt v then
|
||||
toString v
|
||||
else if isString v then
|
||||
v
|
||||
else if isBool v then
|
||||
lib.boolToString v
|
||||
else if isSecret v then
|
||||
hashSecret v._secret
|
||||
else
|
||||
throw "freescout: ${k} has unsupported type ${typeOf v}: ${(lib.generators.toPretty { }) v}";
|
||||
in
|
||||
"${k}=${value}";
|
||||
};
|
||||
mkEnvFile = fname: values: pkgs.writeText fname (mkEnvVars values);
|
||||
mkSecretsReplacement =
|
||||
filePath:
|
||||
lib.concatMapStringsSep "\n" (
|
||||
sp:
|
||||
"replace-secret ${
|
||||
lib.escapeShellArgs [
|
||||
(hashSecret sp)
|
||||
sp
|
||||
]
|
||||
} ${filePath}"
|
||||
);
|
||||
in
|
||||
{
|
||||
options.services.freescout = with lib; {
|
||||
enable = mkEnableOption "FreeScout helpdesk application";
|
||||
|
||||
package = mkPackageOption pkgs "freescout" { };
|
||||
|
||||
phpPackage = mkOption {
|
||||
type = types.package;
|
||||
default = pkgs.php;
|
||||
description = "The php package to use";
|
||||
defaultText = literalExpression "pkgs.php";
|
||||
};
|
||||
|
||||
domain = mkOption {
|
||||
type = types.str;
|
||||
description = "Domain the freescout installation will run under";
|
||||
example = "support.mydomain.net";
|
||||
};
|
||||
|
||||
settings = mkOption {
|
||||
type = with types; attrsOf anything;
|
||||
apply = mapAttrs' (
|
||||
k: v: {
|
||||
name = toUpper k;
|
||||
value = v;
|
||||
}
|
||||
);
|
||||
default = { };
|
||||
description = ''
|
||||
Settings to be set in the `.env` file. See
|
||||
<https://github.com/freescout-help-desk/freescout/blob/master/.env.example>
|
||||
for reference on available environment variables.
|
||||
|
||||
Will be merged with the shown defaults.
|
||||
'';
|
||||
defaultText = lib.literalExpression ''
|
||||
{
|
||||
APP_ENV = "production";
|
||||
APP_FORCE_HTTPS = true;
|
||||
APP_URL = "https://''${config.services.freescout.domain}";
|
||||
APP_TIMEZONE = config.time.timeZone;
|
||||
APP_DISABLE_UPDATING = true;
|
||||
}
|
||||
'';
|
||||
example = lib.literalExpression ''
|
||||
{
|
||||
# NOTE: MUST be 256 bits (32 bytes) in length, the form of base64:<base64 encoded key> is recommended.
|
||||
# You can generate a valid one using `echo "base64:$(openssl rand -base64 32)"`
|
||||
APP_KEY_FILE = "/run/secret/freescout/app_key";
|
||||
DB_CONNECTION = "mysql";
|
||||
DB_HOST = "localhost";
|
||||
DB_PORT = 3306;
|
||||
DB_DATABASE = "freescout";
|
||||
DB_USERNAME = "freescout";
|
||||
DB_PASSWORD._secret = "/run/secret/freescout/db_pass";
|
||||
}
|
||||
'';
|
||||
};
|
||||
|
||||
poolConfig = mkOption {
|
||||
type =
|
||||
with types;
|
||||
attrsOf (oneOf [
|
||||
str
|
||||
int
|
||||
bool
|
||||
]);
|
||||
default = {
|
||||
"pm" = "ondemand";
|
||||
"pm.max_children" = 32;
|
||||
"pm.process_idle_timeout" = "120s";
|
||||
"pm.max_requests" = 500;
|
||||
};
|
||||
description = ''
|
||||
Options for the freescout PHP pool. See the documentation on `php-fpm.conf`
|
||||
for details on configuration directives.
|
||||
'';
|
||||
};
|
||||
|
||||
databaseSetup = {
|
||||
enable = mkOption {
|
||||
type = types.bool;
|
||||
description = "Whether to enable automatic database setup and configuration";
|
||||
default = true;
|
||||
};
|
||||
|
||||
kind = mkOption {
|
||||
type = types.enum [
|
||||
"mysql"
|
||||
"pgsql"
|
||||
];
|
||||
default = "pgsql";
|
||||
example = "mysql";
|
||||
description = "Type of database to automatically set up";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
config = lib.mkIf cfg.enable {
|
||||
assertions = [
|
||||
{
|
||||
assertion = (app_config ? "APP_KEY" || app_config ? "APP_KEY_FILE");
|
||||
message = "`services.freescout.settings.APP_KEY_FILE` is required!";
|
||||
}
|
||||
];
|
||||
|
||||
warnings =
|
||||
lib.optional (app_config ? "APP_KEY" && lib.isString app_config.APP_KEY)
|
||||
"`services.freescout.settings.APP_KEY` will be stored in the world readable nix store. Use `APP_KEY._secret` or `APP_KEY_FILE` instead!";
|
||||
|
||||
users.users.${user} = {
|
||||
inherit group;
|
||||
isSystemUser = true;
|
||||
createHome = true;
|
||||
home = datadir;
|
||||
homeMode = "750";
|
||||
};
|
||||
users.users.${config.services.nginx.user}.extraGroups = [ group ];
|
||||
users.groups.${group} = { };
|
||||
|
||||
services.postgresql = lib.mkIf (autoDb == "pgsql") {
|
||||
enable = true;
|
||||
ensureUsers = [
|
||||
{
|
||||
name = user;
|
||||
ensureDBOwnership = true;
|
||||
}
|
||||
];
|
||||
ensureDatabases = [
|
||||
app_config.DB_DATABASE
|
||||
];
|
||||
};
|
||||
|
||||
services.mysql = lib.mkIf (autoDb == "mysql") {
|
||||
enable = true;
|
||||
package = lib.mkDefault pkgs.mariadb;
|
||||
ensureUsers = [
|
||||
{
|
||||
name = user;
|
||||
ensurePermissions = {
|
||||
"${app_config.DB_DATABASE}.*" = "ALL PRIVILEGES";
|
||||
};
|
||||
}
|
||||
];
|
||||
ensureDatabases = [
|
||||
app_config.DB_DATABASE
|
||||
];
|
||||
};
|
||||
|
||||
services.phpfpm.pools.${user} = {
|
||||
inherit phpPackage user group;
|
||||
|
||||
phpOptions = ''
|
||||
display_errors = On
|
||||
display_startup_errors = On
|
||||
'';
|
||||
settings = {
|
||||
"listen.owner" = user;
|
||||
"listen.group" = config.services.nginx.group;
|
||||
"catch_workers_output" = true;
|
||||
}
|
||||
// cfg.poolConfig;
|
||||
};
|
||||
|
||||
systemd.services.${fpmService} = {
|
||||
# Somehow the webinterface shows
|
||||
inherit (baseService) path;
|
||||
};
|
||||
|
||||
systemd.services.freescout-setup = lib.recursiveUpdate baseService {
|
||||
description = "Preparational tasks for freescout";
|
||||
requires = dbService;
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
after = dbService;
|
||||
script = freescoutSetupScript;
|
||||
serviceConfig = {
|
||||
PrivateTmp = true;
|
||||
Type = "oneshot";
|
||||
RemainAfterExit = true;
|
||||
ExecStartPre = "+${configSetupScript}";
|
||||
};
|
||||
};
|
||||
|
||||
# This needs to be manually started again and again
|
||||
# Freescout has its own scheduler built in to ensure tasks run at the desired frequency
|
||||
# --no-interaction makes sure, that the queue worker is not executed.
|
||||
# This is needed, because otherweise the queue worker process would continue running
|
||||
# thus block further schedule invocations until the queue worker terminates.
|
||||
# See https://github.com/freescout-help-desk/freescout/blob/74fa4b7d4f8288f8d3fb1d343308d3289c4d72e2/app/Console/Kernel.php#L195-L267
|
||||
systemd.services."freescout-schedule-run" = baseService // {
|
||||
startAt = "minutely";
|
||||
script = "${lib.getExe artisanWrapped} schedule:run --no-interaction";
|
||||
};
|
||||
|
||||
# This is both long-running but also stops quite frequently.
|
||||
# Seeing job restart counts in the thousands here is normal.
|
||||
systemd.services."freescout-queue" = lib.recursiveUpdate baseService {
|
||||
# Copying the output to storage/logs because it makes
|
||||
# debugging connection issues easier for the user.
|
||||
script = ''
|
||||
${lib.getExe artisanWrapped} \
|
||||
queue:work \
|
||||
--queue emails,default \
|
||||
--sleep=5 \
|
||||
-vv \
|
||||
--tries=20 \
|
||||
| tee -a ${datadir}/storage/logs/queue-jobs.log
|
||||
'';
|
||||
serviceConfig = {
|
||||
RestartSec = "15s";
|
||||
RuntimeMaxSec = "1h";
|
||||
Restart = "always";
|
||||
};
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
after = [ "freescout-setup.service" ] ++ dbService;
|
||||
};
|
||||
|
||||
services.nginx = {
|
||||
enable = true;
|
||||
virtualHosts.${cfg.domain} =
|
||||
let
|
||||
vhostCfg = config.services.nginx.virtualHosts.${cfg.domain};
|
||||
optSsl = lib.optionalString (vhostCfg.forceSSL || vhostCfg.onlySSL) "fastcgi_param HTTPS on;";
|
||||
in
|
||||
{
|
||||
root = lib.mkForce "${package}/share/freescout/public";
|
||||
|
||||
locations = {
|
||||
"/" = {
|
||||
index = "index.php";
|
||||
tryFiles = "$uri $uri/ /index.php$is_args$args";
|
||||
|
||||
extraConfig = ''
|
||||
# Defeats E-Mail open tracking or possibly "real" exploits
|
||||
add_header X-XSS-Protection "1; mode=block" always;
|
||||
add_header X-Content-Type-Options "nosniff" always;
|
||||
add_header Referrer-Policy "no-referrer-when-downgrade" always;
|
||||
add_header Content-Security-Policy "default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline'";
|
||||
'';
|
||||
};
|
||||
|
||||
"~ \\.php$" = {
|
||||
tryFiles = "$uri $uri/ =404";
|
||||
extraConfig = ''
|
||||
fastcgi_index index.php;
|
||||
include ${pkgs.nginx}/conf/fastcgi_params;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
fastcgi_pass unix:${config.services.phpfpm.pools.${user}.socket};
|
||||
${optSsl}
|
||||
|
||||
# Defeats E-Mail open tracking or possibly "real" exploits
|
||||
add_header X-XSS-Protection "1; mode=block" always;
|
||||
add_header X-Content-Type-Options "nosniff" always;
|
||||
add_header Referrer-Policy "no-referrer-when-downgrade" always;
|
||||
add_header Content-Security-Policy "default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline'";
|
||||
'';
|
||||
};
|
||||
|
||||
"~* ^/storage/attachment/" = {
|
||||
tryFiles = "$uri $uri/ /index.php?$query_string";
|
||||
extraConfig = ''
|
||||
expires 1M;
|
||||
access_log off;
|
||||
'';
|
||||
};
|
||||
|
||||
"~* ^/(?:css|js)/.*\\.(?:css|js)$".extraConfig = ''
|
||||
expires 2d;
|
||||
access_log off;
|
||||
add_header Cache-Control "public, must-revalidate";
|
||||
# Defeats E-Mail open tracking or possibly "real" exploits
|
||||
add_header X-XSS-Protection "1; mode=block" always;
|
||||
add_header X-Content-Type-Options "nosniff" always;
|
||||
add_header Referrer-Policy "no-referrer-when-downgrade" always;
|
||||
add_header Content-Security-Policy "default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline'";
|
||||
'';
|
||||
|
||||
"~* ^/(?:css|fonts|img|installer|js|modules)$".extraConfig = ''
|
||||
expires 1M;
|
||||
access_log off;
|
||||
add_header Cache-Control "public, must-revalidate";
|
||||
'';
|
||||
|
||||
"~ /\\.".extraConfig = ''
|
||||
deny all;
|
||||
'';
|
||||
"^~ /(css|js)/builds/".root = "${cachedir}/public/";
|
||||
"^~ /storage/app/attachment/" = {
|
||||
alias = "${datadir}/storage/app/attachment/";
|
||||
extraConfig = ''
|
||||
internal;
|
||||
'';
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
@ -126,6 +126,28 @@ let
|
|||
'') (filterAttrs (name: conf: conf.enable) cfg.proxyCachePath)
|
||||
);
|
||||
|
||||
# openresty bundles the lua module and resty.core; stock nginx needs them added.
|
||||
packageBundlesLua = p: lib.getName p == "openresty";
|
||||
luaEnv = pkgs.luajit_openresty.withPackages (
|
||||
ps:
|
||||
lib.optional (cfg.lua.enable && !packageBundlesLua cfg.package) ps.lua-resty-core
|
||||
++ cfg.lua.extraPackages ps
|
||||
);
|
||||
luaVersion = pkgs.luajit_openresty.luaversion;
|
||||
# Lua modules install under lib/lua or share/lua depending on the package; ;; keeps nginx's defaults.
|
||||
luaConfig = ''
|
||||
lua_package_path '${
|
||||
lib.concatMapStringsSep ";" (s: "${luaEnv}/${s}") [
|
||||
"lib/lua/${luaVersion}/?.lua"
|
||||
"lib/lua/${luaVersion}/?/init.lua"
|
||||
"share/lua/${luaVersion}/?.lua"
|
||||
"share/lua/${luaVersion}/?/init.lua"
|
||||
]
|
||||
};;';
|
||||
lua_package_cpath '${luaEnv}/lib/lua/${luaVersion}/?.so;;';
|
||||
lua_ssl_trusted_certificate ${config.security.pki.caBundle};
|
||||
'';
|
||||
|
||||
toUpstreamParameter =
|
||||
key: value:
|
||||
if builtins.isBool value then lib.optionalString value key else "${key}=${toString value}";
|
||||
|
|
@ -295,6 +317,8 @@ let
|
|||
|
||||
server_tokens ${if cfg.serverTokens then "on" else "off"};
|
||||
|
||||
${optionalString cfg.lua.enable luaConfig}
|
||||
|
||||
${cfg.commonHttpConfig}
|
||||
|
||||
${proxyCachePathConfig}
|
||||
|
|
@ -771,7 +795,11 @@ in
|
|||
apply =
|
||||
p:
|
||||
p.override {
|
||||
modules = lib.unique (p.modules ++ cfg.additionalModules);
|
||||
modules = lib.unique (
|
||||
p.modules
|
||||
++ cfg.additionalModules
|
||||
++ lib.optional (cfg.lua.enable && !packageBundlesLua p) pkgs.nginxModules.lua
|
||||
);
|
||||
};
|
||||
description = ''
|
||||
Nginx package to use. This defaults to the stable version. Note
|
||||
|
|
@ -791,6 +819,36 @@ in
|
|||
'';
|
||||
};
|
||||
|
||||
lua = {
|
||||
enable = mkEnableOption ''
|
||||
Lua scripting in nginx via OpenResty's lua-nginx-module,
|
||||
wiring up `lua_package_path`/`lua_package_cpath` for
|
||||
{option}`services.nginx.lua.extraPackages`.
|
||||
|
||||
Use this to add Lua to a stock nginx. For the full OpenResty platform —
|
||||
required by libraries that depend on its bundled lualib (for example
|
||||
`lua-resty-openidc`, which needs `resty.string` and friends) — set
|
||||
{option}`services.nginx.package` to `pkgs.openresty` instead; this option
|
||||
then only sets up the search path and leaves OpenResty's built-in Lua
|
||||
module in place
|
||||
'';
|
||||
|
||||
extraPackages = mkOption {
|
||||
type = types.functionTo (types.listOf types.package);
|
||||
default = ps: [ ];
|
||||
defaultText = literalExpression "ps: [ ]";
|
||||
example = literalExpression ''
|
||||
ps: with ps; [ lua-resty-openidc ]
|
||||
'';
|
||||
description = ''
|
||||
Extra Lua packages to put on `lua_package_path` / `lua_package_cpath`,
|
||||
for both stock nginx and `pkgs.openresty`. Packages are selected from
|
||||
`pkgs.luajit_openresty.pkgs`. `lua-resty-core`, which the Lua module
|
||||
requires to start, is added automatically.
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
||||
logError = mkOption {
|
||||
default = "stderr";
|
||||
type = types.str;
|
||||
|
|
|
|||
21
nixos/modules/system/boot/extra-initrd.nix
Normal file
21
nixos/modules/system/boot/extra-initrd.nix
Normal file
|
|
@ -0,0 +1,21 @@
|
|||
{ config, lib, ... }:
|
||||
{
|
||||
options.system.boot.extraInitrd = {
|
||||
paths = lib.mkOption {
|
||||
type = lib.types.listOf lib.types.str;
|
||||
default = [ ];
|
||||
description = ''
|
||||
List of paths relative to the ESP that are combined with the NixOS
|
||||
main initrd before being passed to the kernel.
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
||||
config = {
|
||||
boot.bootspec.extensions = lib.mkIf (config.system.boot.extraInitrd.paths != [ ]) {
|
||||
"org.nixos.extra-initrd.v1" = {
|
||||
inherit (config.system.boot.extraInitrd) paths;
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
||||
File diff suppressed because it is too large
Load diff
|
|
@ -205,6 +205,17 @@ in
|
|||
'';
|
||||
};
|
||||
|
||||
extraInstallCommands = lib.mkOption {
|
||||
default = "";
|
||||
type = lib.types.lines;
|
||||
description = ''
|
||||
Additional shell commands inserted in the bootloader installer
|
||||
script after generating menu entries. It can be used to expand
|
||||
on extra boot entries that cannot incorporate certain pieces of
|
||||
information (such as the resulting `init=` kernel parameter).
|
||||
'';
|
||||
};
|
||||
|
||||
secureBoot = {
|
||||
enable = lib.mkEnableOption null // {
|
||||
description = ''
|
||||
|
|
@ -443,14 +454,25 @@ in
|
|||
|
||||
system = {
|
||||
boot.loader.id = "limine";
|
||||
build.installBootLoader = pkgs.replaceVarsWith {
|
||||
src = ./limine-install.py;
|
||||
isExecutable = true;
|
||||
replacements = {
|
||||
python3 = pkgs.python3.withPackages (python-packages: [ python-packages.psutil ]);
|
||||
configPath = limineInstallConfig;
|
||||
};
|
||||
};
|
||||
build.installBootLoader =
|
||||
let
|
||||
install = pkgs.replaceVarsWith {
|
||||
src = ./limine-install.py;
|
||||
isExecutable = true;
|
||||
replacements = {
|
||||
python3 = pkgs.python3.withPackages (python-packages: [ python-packages.psutil ]);
|
||||
configPath = limineInstallConfig;
|
||||
};
|
||||
};
|
||||
|
||||
final = pkgs.writeScript "limine-install.sh" ''
|
||||
#!${pkgs.runtimeShell}
|
||||
set -euo pipefail
|
||||
${install} "$@"
|
||||
${cfg.extraInstallCommands}
|
||||
'';
|
||||
in
|
||||
final;
|
||||
};
|
||||
})
|
||||
(lib.mkIf (cfg.enable && cfg.secureBoot.enable) {
|
||||
|
|
|
|||
|
|
@ -45,6 +45,7 @@ BOOT_COUNTING = "@bootCounting@" == "True"
|
|||
class BootSpec:
|
||||
init: Path
|
||||
initrd: Path
|
||||
extraInitrdPaths: list[Path]
|
||||
kernel: Path
|
||||
kernelParams: list[str] # noqa: N815
|
||||
label: str
|
||||
|
|
@ -306,9 +307,7 @@ def get_bootspec(profile: str | None, generation: int) -> BootSpec | None:
|
|||
try:
|
||||
bootspec_json = json.load(f)
|
||||
except ValueError as e:
|
||||
print(
|
||||
f"error: Malformed Json: {e}, in {boot_json_path}", file=sys.stderr
|
||||
)
|
||||
print(f"error: Malformed Json: {e}, in {boot_json_path}", file=sys.stderr)
|
||||
sys.exit(1)
|
||||
return bootspec_from_json(bootspec_json)
|
||||
|
||||
|
|
@ -320,6 +319,11 @@ def bootspec_from_json(bootspec_json: dict[str, Any]) -> BootSpec:
|
|||
sortKey = systemdBootExtension.get("sortKey", "nixos")
|
||||
devicetree = systemdBootExtension.get("devicetree")
|
||||
|
||||
extraInitrdExtension = bootspec_json.get("org.nixos.extra-initrd.v1", {})
|
||||
extraInitrdPaths = list(
|
||||
map(lambda path: Path(path), extraInitrdExtension.get("paths", []))
|
||||
)
|
||||
|
||||
if devicetree:
|
||||
devicetree = Path(devicetree)
|
||||
|
||||
|
|
@ -332,6 +336,7 @@ def bootspec_from_json(bootspec_json: dict[str, Any]) -> BootSpec:
|
|||
specialisations=specialisations,
|
||||
sortKey=sortKey,
|
||||
devicetree=devicetree,
|
||||
extraInitrdPaths=extraInitrdPaths,
|
||||
)
|
||||
|
||||
|
||||
|
|
@ -374,16 +379,21 @@ def boot_file(
|
|||
specialisation=" (%s)" % specialisation if specialisation else "",
|
||||
)
|
||||
description = f"Generation {generation} {bootspec.label}, built on {build_date}"
|
||||
boot_entry = [
|
||||
f"title {title}",
|
||||
f"version {description}",
|
||||
f"linux /{str(kernel.path)}",
|
||||
f"initrd /{str(initrd.path)}",
|
||||
f"options {kernel_params}",
|
||||
f"machine-id {machine_id}" if machine_id is not None else None,
|
||||
f"devicetree /{str(devicetree.path)}" if devicetree is not None else None,
|
||||
f"sort-key {bootspec.sortKey}",
|
||||
]
|
||||
boot_entry = (
|
||||
[
|
||||
f"title {title}",
|
||||
f"version {description}",
|
||||
f"linux /{str(kernel.path)}",
|
||||
f"initrd /{str(initrd.path)}",
|
||||
]
|
||||
+ list(map(lambda initrd: f"initrd /{initrd}", bootspec.extraInitrdPaths))
|
||||
+ [
|
||||
f"options {kernel_params}",
|
||||
f"machine-id {machine_id}" if machine_id is not None else None,
|
||||
f"devicetree /{str(devicetree.path)}" if devicetree is not None else None,
|
||||
f"sort-key {bootspec.sortKey}",
|
||||
]
|
||||
)
|
||||
contents = "\n".join(filter(None, boot_entry))
|
||||
entry, bootctl_id = BootFile.from_entry(contents.encode("utf-8"))
|
||||
return (list(filter(None, [kernel, initrd, devicetree, entry])), bootctl_id)
|
||||
|
|
|
|||
|
|
@ -182,16 +182,37 @@
|
|||
})
|
||||
|
||||
(lib.mkIf (config.system.etc.overlay.enable && !config.system.etc.overlay.mutable) {
|
||||
# Systemd requires /etc/machine-id exists or can be initialized on first
|
||||
# boot. This file should not be part of an image or system config because
|
||||
# it is unique to the machine, so it is initialized at first boot and
|
||||
# persisted in the system state directory, /var/lib/nixos.
|
||||
environment.etc."machine-id".source = lib.mkDefault "/var/lib/nixos/machine-id";
|
||||
boot.initrd.systemd.tmpfiles.settings.machine-id."/sysroot/var/lib/nixos/machine-id".f =
|
||||
lib.mkDefault
|
||||
{
|
||||
argument = "uninitialized";
|
||||
};
|
||||
# An empty regular file means systemd will bind mount /run/machine-id
|
||||
# on top, and ConditionFirstBoot will be false (the file will never
|
||||
# change, so this makes sense). See machine-id(5) "First Boot
|
||||
# Semantics". It also serves as a target to bind mount an actually
|
||||
# persistent machine-id onto. A symlink doesn't work here since
|
||||
# systemd-machine-id-commit checks /etc/machine-id itself for being a
|
||||
# mountpoint without following symlinks, so it would never commit
|
||||
# through a symlink.
|
||||
environment.etc.machine-id = lib.mkDefault {
|
||||
text = "";
|
||||
mode = "0444";
|
||||
};
|
||||
|
||||
# The upstream unit has ConditionPathIsReadWrite=/etc, which is always
|
||||
# false here. Replace it with ConditionFirstBoot: with the empty
|
||||
# placeholder above first-boot is "no" and commit stays skipped, but
|
||||
# when a persistence module bind-mounts a writable file containing
|
||||
# "uninitialized" over /etc/machine-id, first-boot is "yes" once and
|
||||
# commit writes the generated ID through the bind mount.
|
||||
#
|
||||
# An empty Condition*= assignment resets *all* condition types, and
|
||||
# this attrset is serialised in key order, so the reset goes through
|
||||
# ConditionFirstBoot (sorts first) and we re-add the upstream
|
||||
# ConditionPathIsMountPoint afterwards.
|
||||
systemd.services.systemd-machine-id-commit.unitConfig = {
|
||||
ConditionFirstBoot = lib.mkDefault [
|
||||
""
|
||||
"true"
|
||||
];
|
||||
ConditionPathIsMountPoint = lib.mkDefault "/etc/machine-id";
|
||||
};
|
||||
})
|
||||
|
||||
];
|
||||
|
|
|
|||
|
|
@ -76,6 +76,19 @@
|
|||
with subtest("/etc is mounted as an overlay"):
|
||||
machine.succeed("findmnt --kernel --type overlay /etc")
|
||||
|
||||
with subtest("machine-id is set up without first-boot looping"):
|
||||
# The baked-in placeholder is an empty regular file; systemd overlays
|
||||
# /run/machine-id on top so the session has a valid ID while the
|
||||
# commit service is condition-skipped (no writable /etc to commit to).
|
||||
machine.succeed("stat --format '%F' /etc/machine-id | tee /dev/stderr | grep -q 'regular'")
|
||||
machine.succeed("grep -qE '^[0-9a-f]{32}$' /etc/machine-id")
|
||||
machine.fail("journalctl -b | grep -F 'System cannot boot: Missing /etc/machine-id'")
|
||||
machine.fail("journalctl -b | grep -F 'Detected first boot'")
|
||||
machine.fail("systemctl is-failed --quiet systemd-machine-id-commit.service")
|
||||
assert machine.succeed(
|
||||
"systemctl show -P ConditionResult systemd-machine-id-commit.service"
|
||||
).strip() == "no"
|
||||
|
||||
with subtest("modes work correctly"):
|
||||
machine.succeed("stat --format '%F' /etc/modetest | tee /dev/stderr | grep -q 'regular file'")
|
||||
machine.succeed("stat --format '%F' /etc/modetest2 | tee /dev/stderr | grep -q 'regular file'")
|
||||
|
|
|
|||
|
|
@ -554,6 +554,9 @@ in
|
|||
etebase-server = runTest ./etebase-server.nix;
|
||||
etesync-dav = runTest ./etesync-dav.nix;
|
||||
evcc = runTest ./evcc.nix;
|
||||
extra-initrd = import ./extra-initrd.nix {
|
||||
inherit runTest pkgs;
|
||||
};
|
||||
facter = runTest ./facter;
|
||||
fail2ban = runTest ./fail2ban.nix;
|
||||
fakeroute = runTest ./fakeroute.nix;
|
||||
|
|
@ -627,6 +630,9 @@ in
|
|||
forgejoPackage = pkgs.forgejo-lts;
|
||||
};
|
||||
freenet = runTest ./freenet.nix;
|
||||
freescout = import ./freescout {
|
||||
inherit runTest;
|
||||
};
|
||||
freeswitch = runTest ./freeswitch.nix;
|
||||
freetube = discoverTests (import ./freetube.nix);
|
||||
freshrss = import ./freshrss { inherit runTest; };
|
||||
|
|
@ -980,6 +986,7 @@ in
|
|||
matomo = runTest ./matomo.nix;
|
||||
matrix-alertmanager = runTest ./matrix/matrix-alertmanager.nix;
|
||||
matrix-appservice-irc = runTest ./matrix/appservice-irc.nix;
|
||||
matrix-authentication-service = runTest ./matrix/matrix-authentication-service.nix;
|
||||
matrix-conduit = runTest ./matrix/conduit.nix;
|
||||
matrix-continuwuity = runTest ./matrix/continuwuity.nix;
|
||||
matrix-synapse = runTest ./matrix/synapse.nix;
|
||||
|
|
@ -1125,6 +1132,7 @@ in
|
|||
nginx-etag-compression = runTest ./nginx-etag-compression.nix;
|
||||
nginx-globalredirect = runTest ./nginx-globalredirect.nix;
|
||||
nginx-http3 = import ./nginx-http3.nix { inherit pkgs runTest; };
|
||||
nginx-lua = runTest ./nginx-lua.nix;
|
||||
nginx-mime = runTest ./nginx-mime.nix;
|
||||
nginx-modsecurity = runTest ./nginx-modsecurity.nix;
|
||||
nginx-moreheaders = runTest ./nginx-moreheaders.nix;
|
||||
|
|
@ -1612,6 +1620,16 @@ in
|
|||
syncthing-relay = runTest ./syncthing/relay.nix;
|
||||
sysfs = runTest ./sysfs.nix;
|
||||
sysinit-reactivation = runTest ./sysinit-reactivation.nix;
|
||||
system-services-compliance = recurseIntoAttrs (
|
||||
import ./system-services-compliance.nix {
|
||||
inherit
|
||||
pkgs
|
||||
evalSystem
|
||||
runTest
|
||||
callTest
|
||||
;
|
||||
}
|
||||
);
|
||||
systemd = runTest ./systemd.nix;
|
||||
systemd-analyze = runTest ./systemd-analyze.nix;
|
||||
systemd-binfmt = handleTestOn [ "x86_64-linux" ] ./systemd-binfmt.nix { };
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
{ lib, pkgs, ... }:
|
||||
{
|
||||
name = "endlessh-go";
|
||||
meta.maintainers = with lib.maintainers; [ azahi ];
|
||||
meta.maintainers = [ ];
|
||||
|
||||
nodes = {
|
||||
server =
|
||||
|
|
|
|||
96
nixos/tests/extra-initrd.nix
Normal file
96
nixos/tests/extra-initrd.nix
Normal file
|
|
@ -0,0 +1,96 @@
|
|||
{
|
||||
runTest,
|
||||
...
|
||||
}:
|
||||
let
|
||||
common =
|
||||
{ config, pkgs, ... }:
|
||||
{
|
||||
virtualisation.useBootLoader = true;
|
||||
virtualisation.useEFIBoot = true;
|
||||
system.boot.extraInitrd.paths = [
|
||||
extraInitrdPath
|
||||
];
|
||||
|
||||
boot.loader.timeout = 2;
|
||||
|
||||
boot.initrd.systemd.mounts = [
|
||||
{
|
||||
what = "/canary.txt";
|
||||
where = "/sysroot/run/canary.txt";
|
||||
type = "none";
|
||||
options = "bind";
|
||||
unitConfig = {
|
||||
DefaultDependencies = false;
|
||||
};
|
||||
requiredBy = [ "initrd-fs.target" ];
|
||||
before = [ "initrd-fs.target" ];
|
||||
}
|
||||
];
|
||||
};
|
||||
|
||||
extraInitrdPath = "custom.cpio";
|
||||
canaryCpio =
|
||||
pkgs:
|
||||
pkgs.runCommand "canary.cpio"
|
||||
{
|
||||
nativeBuildInputs = [ pkgs.cpio ];
|
||||
}
|
||||
''
|
||||
echo canary > canary.txt
|
||||
find . -print0 | cpio --null -o --format=newc > $out
|
||||
'';
|
||||
|
||||
testScript =
|
||||
# python
|
||||
''
|
||||
machine.wait_for_unit("multi-user.target")
|
||||
|
||||
# Check that the extra cpio archive is on the ESP
|
||||
machine.succeed("test -e /boot/custom.cpio")
|
||||
|
||||
# Check that the initrd that we booted with contained the file from
|
||||
# the extra initrd and our initrd mount unit bound it into sysroot
|
||||
assert machine.succeed("cat /run/canary.txt").strip() == "canary"
|
||||
'';
|
||||
in
|
||||
{
|
||||
systemd-boot = runTest (
|
||||
{ pkgs, ... }: {
|
||||
name = "systemd-boot-extra-initrd";
|
||||
|
||||
nodes.machine = { config, ... }: {
|
||||
imports = [ common ];
|
||||
|
||||
boot.loader.systemd-boot = {
|
||||
enable = true;
|
||||
extraInstallCommands = ''
|
||||
cp ${canaryCpio pkgs} ${config.boot.loader.efi.efiSysMountPoint}/${extraInitrdPath}
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
||||
inherit testScript;
|
||||
}
|
||||
);
|
||||
|
||||
limine = runTest {
|
||||
name = "limine-extra-initrd";
|
||||
|
||||
nodes.machine = { pkgs, config, ... }: {
|
||||
imports = [ common ];
|
||||
|
||||
boot.loader.limine = {
|
||||
enable = true;
|
||||
efiSupport = true;
|
||||
enableEditor = true;
|
||||
extraInstallCommands = ''
|
||||
cp ${canaryCpio pkgs} ${config.boot.loader.efi.efiSysMountPoint}/${extraInitrdPath}
|
||||
'';
|
||||
};
|
||||
|
||||
};
|
||||
|
||||
inherit testScript;
|
||||
};
|
||||
}
|
||||
|
|
@ -6,20 +6,19 @@
|
|||
jtojnar
|
||||
];
|
||||
|
||||
nodes.machine =
|
||||
containers.machine =
|
||||
{ config, pkgs, ... }:
|
||||
{
|
||||
fonts.enableDefaultPackages = true; # Background fonts
|
||||
fonts.packages = with pkgs; [
|
||||
noto-fonts-color-emoji
|
||||
cantarell-fonts
|
||||
twitter-color-emoji
|
||||
source-code-pro
|
||||
gentium
|
||||
];
|
||||
fonts.fontconfig.defaultFonts = {
|
||||
serif = [ "Gentium" ];
|
||||
sansSerif = [ "Cantarell" ];
|
||||
sansSerif = [ "DejaVu Sans" ];
|
||||
monospace = [ "Source Code Pro" ];
|
||||
emoji = [ "Twitter Color Emoji" ];
|
||||
};
|
||||
|
|
@ -27,7 +26,7 @@
|
|||
|
||||
testScript = ''
|
||||
machine.succeed("fc-match serif | grep '\"Gentium\"'")
|
||||
machine.succeed("fc-match sans-serif | grep '\"Cantarell\"'")
|
||||
machine.succeed("fc-match sans-serif | grep '\"DejaVu Sans\"'")
|
||||
machine.succeed("fc-match monospace | grep '\"Source Code Pro\"'")
|
||||
machine.succeed("fc-match emoji | grep '\"Twitter Color Emoji\"'")
|
||||
'';
|
||||
|
|
|
|||
5
nixos/tests/freescout/default.nix
Normal file
5
nixos/tests/freescout/default.nix
Normal file
|
|
@ -0,0 +1,5 @@
|
|||
{ runTest }:
|
||||
{
|
||||
integration = runTest ./integration.nix;
|
||||
upgrade = runTest ./upgrade.nix;
|
||||
}
|
||||
195
nixos/tests/freescout/integration.nix
Normal file
195
nixos/tests/freescout/integration.nix
Normal file
|
|
@ -0,0 +1,195 @@
|
|||
# This tests runs freescout and performs the following tests:
|
||||
# - Create amin user via the CLI
|
||||
# - Create mailbox, configured for sending and receiving
|
||||
# - Test if receiving, sending and notifications work
|
||||
{ pkgs, lib, ... }:
|
||||
|
||||
let
|
||||
mailDomain = "freemail.local";
|
||||
freescoutDomain = "freescout.local";
|
||||
sendInitial = pkgs.writeShellScriptBin "send-initial" ''
|
||||
exec ${pkgs.dovecot}/libexec/dovecot/deliver -d freescout <<MAIL
|
||||
From: root@localhost
|
||||
To: freescout@localhost
|
||||
Subject: Hello NixOS!
|
||||
Message-ID: initialtestmail-$(date +%s)@localhost
|
||||
|
||||
I am just a test E-Mail to see if freescout is (somewhat) working.
|
||||
MAIL
|
||||
'';
|
||||
|
||||
keyFile = pkgs.writeText "freescout-app-key" "base64:J8ZgK5LZkhVKpmZvjjA700sNL7+Y6aQTus8ZnUNNAaE=";
|
||||
|
||||
baseTestNode =
|
||||
{
|
||||
config,
|
||||
...
|
||||
}:
|
||||
{
|
||||
virtualisation.memorySize = 1024;
|
||||
environment.systemPackages = with pkgs; [
|
||||
curl
|
||||
sendInitial
|
||||
jq
|
||||
];
|
||||
|
||||
networking.firewall.allowedTCPPorts = [
|
||||
80
|
||||
8025
|
||||
];
|
||||
networking.extraHosts = ''
|
||||
127.0.0.1 ${mailDomain} ${freescoutDomain}
|
||||
'';
|
||||
|
||||
services.mailhog = {
|
||||
enable = true;
|
||||
setSendmail = false;
|
||||
};
|
||||
|
||||
users.users.alice = {
|
||||
isNormalUser = true;
|
||||
description = "Alice Foobar";
|
||||
password = "foobar";
|
||||
uid = 1000;
|
||||
};
|
||||
|
||||
users.users.bob = {
|
||||
isNormalUser = true;
|
||||
description = "Bob Foobar";
|
||||
password = "foobar";
|
||||
};
|
||||
|
||||
# Taken from from the parsedmarc.nix test
|
||||
services.postfix.enable = true;
|
||||
services.dovecot2 = {
|
||||
enable = true;
|
||||
settings = {
|
||||
dovecot_config_version = "2.4.4";
|
||||
dovecot_storage_version = "2.4.4";
|
||||
mail_uid = "vmail";
|
||||
mail_gid = "vmail";
|
||||
protocols = [
|
||||
"imap"
|
||||
"lmtp"
|
||||
];
|
||||
mail_driver = "maildir";
|
||||
mail_home = "${config.services.postfix.settings.main.mail_spool_directory}/{user}";
|
||||
"passdb static" = {
|
||||
fields = {
|
||||
nopassword = true;
|
||||
allow_nets = "local,0.0.0.0/0,::/0";
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
users.users.freescout = {
|
||||
password = "foobar2342";
|
||||
};
|
||||
|
||||
services.freescout = {
|
||||
enable = true;
|
||||
domain = freescoutDomain;
|
||||
settings = {
|
||||
APP_KEY._secret = toString keyFile;
|
||||
APP_FORCE_HTTPS = false;
|
||||
APP_URL = "http://${freescoutDomain}";
|
||||
APP_REMOTE_HOST_WHITE_LIST = "localhost,127.0.0.1,::1";
|
||||
APP_DEBUG = true;
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
mkNode =
|
||||
dbType:
|
||||
{ config, pkgs, ... }:
|
||||
{
|
||||
imports = [
|
||||
baseTestNode
|
||||
];
|
||||
services.freescout.databaseSetup = {
|
||||
enable = true;
|
||||
kind = dbType;
|
||||
};
|
||||
};
|
||||
in
|
||||
{
|
||||
name = "freescout-integration";
|
||||
meta.maintainers = with lib.maintainers; [
|
||||
e1mo
|
||||
];
|
||||
|
||||
nodes = {
|
||||
# This may lead to duplicate tests, but ensures that
|
||||
# it's always tested on the current default version
|
||||
# even if the tests are not updated
|
||||
freescout_pgsql = mkNode "pgsql";
|
||||
|
||||
# Same as the freescout_pgsql_default node
|
||||
freescout_mysql = mkNode "mysql";
|
||||
};
|
||||
|
||||
testScript = ''
|
||||
start_all()
|
||||
|
||||
for machine in [freescout_pgsql]:
|
||||
machine.wait_for_unit("postgresql")
|
||||
|
||||
for machine in [freescout_mysql]:
|
||||
machine.wait_for_unit("mysql")
|
||||
|
||||
all=[
|
||||
freescout_pgsql,
|
||||
freescout_mysql
|
||||
]
|
||||
|
||||
for machine in all:
|
||||
machine.wait_for_unit("nginx")
|
||||
machine.wait_for_unit("dovecot")
|
||||
machine.wait_for_unit("mailhog")
|
||||
machine.wait_for_open_port(1025)
|
||||
machine.wait_for_open_port(8025)
|
||||
machine.wait_for_unit("freescout-setup")
|
||||
|
||||
with subtest("Login works"):
|
||||
machine.succeed("/var/lib/freescout/artisan freescout:create-user --role=admin --firstName=Xenia --lastName=TheFox --email xenia@${freescoutDomain} --no-interaction --password=foo | grep 'User created with id'")
|
||||
token=machine.succeed("curl -fsSL --cookie-jar cjar 'http://${freescoutDomain}/login' | grep -Po '(?<= name=\"_token\" value=\")(\\w+)(?=\")'").strip()
|
||||
data=f"email=xenia%40${freescoutDomain}&password=foo&_token={token}&remember=on"
|
||||
machine.succeed(f"curl -sSfX POST --cookie-jar cjar --cookie cjar --data-raw '{data}' 'http://${freescoutDomain}/login' | grep 'Redirecting to'")
|
||||
machine.succeed("curl -fsSL --cookie-jar cjar --cookie cjar 'http://${freescoutDomain}' | grep 'Dashboard'")
|
||||
# Enable all (most except following) notifications
|
||||
to_enable=list(range(1, 9))
|
||||
enable_data="&".join(map(lambda n: "subscriptions%5B1%5D%5B%5D=" + str(n), range(1,9)))
|
||||
data=f"_token={token}&{enable_data}"
|
||||
machine.succeed(f"curl -sSfX POST --cookie-jar cjar --cookie cjar --data-raw '{data}' 'http://${freescoutDomain}/users/notifications/1'")
|
||||
|
||||
with subtest("Create and edit Mailbox"):
|
||||
data=f"email=freescout%40${mailDomain}&name=Test+Mailbox&_token={token}"
|
||||
machine.succeed(f"curl -sSfX POST --cookie-jar cjar --cookie cjar --data-raw '{data}' 'http://${freescoutDomain}/mailbox/new'")
|
||||
machine.succeed("curl -fsSL --cookie-jar cjar --cookie cjar 'http://${freescoutDomain}' | grep 'Test Mailbox'")
|
||||
machine.succeed("curl -sSf --cookie-jar cjar --cookie cjar 'http://${freescoutDomain}/mailbox/1' | grep 'freescout@${mailDomain}'")
|
||||
data=f"out_method=3&out_server=localhost&out_port=1025&out_username=&out_password=&out_encryption=1&_token={token}"
|
||||
machine.succeed(f"curl -sSfX POST --cookie-jar cjar --cookie cjar --data-raw '{data}' 'http://${freescoutDomain}/mailbox/connection-settings/1/outgoing'")
|
||||
data=f"&in_protocol=1&in_server=localhost&in_port=143&in_username=freescout&in_password=super_secret&in_encryption=1&in_imap_folders%5B%5D=INBOX&imap_sent_folder=&_token={token}"
|
||||
machine.succeed(f"curl -fsSX POST --cookie-jar cjar --cookie cjar --data-raw '{data}' 'http://${freescoutDomain}/mailbox/connection-settings/1/incoming'")
|
||||
data="&action=fetch_test&mailbox_id=1"
|
||||
machine.succeed(f"test $(curl -sSfX POST --cookie-jar cjar --cookie cjar -H 'X-CSRF-TOKEN: {token}' --data-raw '{data}' 'http://${freescoutDomain}/mailbox/ajax' | jq -r '.status') = 'success'")
|
||||
|
||||
with subtest("Send E-Mails"):
|
||||
machine.succeed("send-initial")
|
||||
|
||||
# Doing a second loop so that we won't have to wait that much
|
||||
for machine in all:
|
||||
with subtest("E-Mails ae received"):
|
||||
machine.wait_until_succeeds("curl -sSf --cookie-jar cjar --cookie cjar 'http://${freescoutDomain}/mailbox/1' | grep 'Hello NixOS'", timeout=180)
|
||||
# Notifactions to users are being sent
|
||||
|
||||
for machine in all:
|
||||
with subtest("Notifications are sent"):
|
||||
machine.wait_until_succeeds("test $(curl -sSf http://127.0.0.1:8025/api/v2/messages | jq '.total') -eq 1", timeout=180)
|
||||
machine.succeed("curl -sSf http://127.0.0.1:8025/api/v2/messages | jq '.items[].Content.Headers[\"X-FreeScout-Mail-Type\"] | .[0]'")
|
||||
|
||||
with subtest("Ensure vars are being generated"):
|
||||
machine.succeed("curl -sSf 'http://${freescoutDomain}/'")
|
||||
machine.succeed("curl -sSf 'http://${freescoutDomain}/storage/js/vars.js'")
|
||||
'';
|
||||
}
|
||||
94
nixos/tests/freescout/upgrade.nix
Normal file
94
nixos/tests/freescout/upgrade.nix
Normal file
|
|
@ -0,0 +1,94 @@
|
|||
# This tests checks, wether upgrading between versions works fine
|
||||
# In the past, there have been releases that would require manual deletion of specific
|
||||
# cache files, otherwise bricking the installation.
|
||||
# This test should catch similar instances in the future.
|
||||
# The oldFreescoutVersion may need a bump from time to time as there may be incompatibilities
|
||||
# with up-to-date databases on older freescout versions.
|
||||
{
|
||||
pkgs,
|
||||
lib,
|
||||
...
|
||||
}:
|
||||
|
||||
let
|
||||
freescoutDomain = "freescout.local";
|
||||
|
||||
oldFreescoutVersion = pkgs.freescout.overrideAttrs (oa: rec {
|
||||
version = "1.8.220";
|
||||
src = pkgs.fetchFromGitHub {
|
||||
owner = "freescout-help-desk";
|
||||
repo = "freescout";
|
||||
tag = version;
|
||||
hash = "sha256-bOkazBcd9EKzQdZZA6YMn4+UNYhpDFV9hDMHR5kXke0=";
|
||||
};
|
||||
});
|
||||
newFreescoutVersion = pkgs.freescout;
|
||||
in
|
||||
{
|
||||
name = "freescout-upgrade";
|
||||
meta.maintainers = with lib.maintainers; [
|
||||
e1mo
|
||||
];
|
||||
|
||||
nodes.machine =
|
||||
{ config, lib, ... }:
|
||||
{
|
||||
networking.extraHosts = ''
|
||||
127.0.0.1 ${freescoutDomain}
|
||||
'';
|
||||
virtualisation.memorySize = 1024;
|
||||
environment.systemPackages = with pkgs; [
|
||||
curl
|
||||
jq
|
||||
];
|
||||
services.freescout = {
|
||||
package = oldFreescoutVersion;
|
||||
enable = true;
|
||||
domain = freescoutDomain;
|
||||
settings = {
|
||||
APP_KEY = "base64:J8ZgK5LZkhVKpmZvjjA700sNL7+Y6aQTus8ZnUNNAaE=";
|
||||
APP_FORCE_HTTPS = false;
|
||||
APP_URL = "http://${freescoutDomain}:8888";
|
||||
APP_DEBUG = true;
|
||||
};
|
||||
databaseSetup = {
|
||||
enable = true;
|
||||
kind = "pgsql";
|
||||
};
|
||||
};
|
||||
specialisation.upgrade.configuration.services.freescout.package = lib.mkForce newFreescoutVersion;
|
||||
};
|
||||
|
||||
testScript =
|
||||
{ nodes, ... }:
|
||||
let
|
||||
oldVersion = nodes.machine.services.freescout.package.version;
|
||||
newVersion = nodes.machine.specialisation.upgrade.configuration.services.freescout.package.version;
|
||||
in
|
||||
''
|
||||
machine.start()
|
||||
machine.wait_for_unit("nginx")
|
||||
machine.wait_for_unit("postgresql")
|
||||
machine.wait_for_unit("freescout-setup")
|
||||
|
||||
with subtest("Create user and log in"):
|
||||
# Create uesr
|
||||
machine.succeed("/var/lib/freescout/artisan freescout:create-user --role=admin --firstName=Xenia --lastName=TheFox --email xenia@${freescoutDomain} --no-interaction --password=foo | grep 'User created with id'")
|
||||
# Obtain CSRF token
|
||||
token=machine.succeed("curl -fsSL --cookie-jar cjar 'http://${freescoutDomain}/login' | grep -Po '(?<= name=\"_token\" value=\")(\w+)(?=\")'").strip()
|
||||
# Actually log in
|
||||
data=f"email=xenia%40${freescoutDomain}&password=foo&_token={token}&remember=on"
|
||||
machine.succeed(f"curl -sSfX POST --cookie-jar cjar --cookie cjar --data-raw '{data}' 'http://${freescoutDomain}/login' | grep 'Redirecting to'")
|
||||
|
||||
with subtest("Check old API version"):
|
||||
machine.succeed("curl -fsSL --cookie-jar cjar --cookie cjar 'http://${freescoutDomain}/system/status' | grep ${oldVersion}")
|
||||
|
||||
machine.execute("${nodes.machine.system.build.toplevel}/specialisation/upgrade/bin/switch-to-configuration test >&2")
|
||||
|
||||
machine.wait_for_unit("nginx")
|
||||
machine.wait_for_unit("freescout-setup")
|
||||
|
||||
with subtest("Check new API version"):
|
||||
machine.succeed("curl -fsSL --cookie-jar cjar --cookie cjar 'http://${freescoutDomain}/system/status' | grep ${newVersion}")
|
||||
'';
|
||||
}
|
||||
430
nixos/tests/matrix/matrix-authentication-service.nix
Normal file
430
nixos/tests/matrix/matrix-authentication-service.nix
Normal file
|
|
@ -0,0 +1,430 @@
|
|||
{ pkgs, lib, ... }:
|
||||
let
|
||||
mailerCerts = import ../common/acme/server/snakeoil-certs.nix;
|
||||
ca_key = mailerCerts.ca.key;
|
||||
ca_pem = mailerCerts.ca.cert;
|
||||
|
||||
mkBundle =
|
||||
domain:
|
||||
pkgs.runCommand "bundle-${domain}"
|
||||
{
|
||||
nativeBuildInputs = [ pkgs.minica ];
|
||||
}
|
||||
''
|
||||
minica -ca-cert ${ca_pem} -ca-key ${ca_key} \
|
||||
-domains ${domain}
|
||||
install -Dm444 -t $out ${domain}/{key,cert}.pem
|
||||
'';
|
||||
|
||||
mkDexConfig =
|
||||
domain: primaryIP:
|
||||
let
|
||||
bundle = mkBundle domain;
|
||||
in
|
||||
{
|
||||
enable = true;
|
||||
settings = {
|
||||
issuer = "https://${dexDomain}:5556";
|
||||
storage.type = "sqlite3";
|
||||
web = {
|
||||
https = "${primaryIP}:5556";
|
||||
tlsCert = "${bundle}/cert.pem";
|
||||
tlsKey = "${bundle}/key.pem";
|
||||
};
|
||||
oauth2.skipApprovalScreen = true;
|
||||
connectors = [
|
||||
{
|
||||
type = "mockPassword";
|
||||
id = "mock";
|
||||
name = "Example";
|
||||
config = {
|
||||
username = "${testUser}";
|
||||
password = "${testPassword}";
|
||||
};
|
||||
}
|
||||
];
|
||||
};
|
||||
};
|
||||
|
||||
testUser = "alice";
|
||||
testPassword = "AliceSuperSecretPassword123!";
|
||||
|
||||
matrixSecret = "test_matrix_shared_secret_0123456789abcdef";
|
||||
|
||||
synapseDomain = "hs1.test";
|
||||
|
||||
masDomain = "mas1.test";
|
||||
masULID = "01KVT6DSNT2MWD7WYMT2FY4SH5";
|
||||
|
||||
dexDomain = "dex1.test";
|
||||
oidcClientID = "matrix-authentication-service";
|
||||
oidcClientSecret = "lalalalalala";
|
||||
|
||||
loginCodeVerifier = "5kaYTTNVVehUrtJ8xi72ogdfwX8vxHMb3jEUBjyWcXQ";
|
||||
loginCodeChallenge = "FbNLCROaJHe4LJQ7FEm7XjqDoWazb3emTE89x6Nx0Ng";
|
||||
in
|
||||
{
|
||||
|
||||
name = "matrix-authentication-service-upstream";
|
||||
meta = {
|
||||
maintainers = pkgs.matrix-authentication-service.meta.maintainers ++ lib.teams.matrix.members;
|
||||
};
|
||||
|
||||
nodes = {
|
||||
hs1 =
|
||||
{
|
||||
lib,
|
||||
config,
|
||||
pkgs,
|
||||
nodes,
|
||||
...
|
||||
}:
|
||||
let
|
||||
bundle = mkBundle synapseDomain;
|
||||
in
|
||||
{
|
||||
networking = {
|
||||
hostName = lib.head (lib.strings.splitString "." synapseDomain);
|
||||
domain = lib.last (lib.strings.splitString "." synapseDomain);
|
||||
firewall.allowedTCPPorts = [
|
||||
80
|
||||
443
|
||||
8448
|
||||
];
|
||||
};
|
||||
|
||||
services.matrix-synapse = {
|
||||
enable = true;
|
||||
extras = [ "oidc" ];
|
||||
settings = {
|
||||
listeners = [
|
||||
{
|
||||
port = 8448;
|
||||
bind_addresses = [
|
||||
config.networking.primaryIPAddress
|
||||
];
|
||||
type = "http";
|
||||
tls = true;
|
||||
x_forwarded = false;
|
||||
resources = [
|
||||
{
|
||||
names = [
|
||||
"client"
|
||||
];
|
||||
compress = true;
|
||||
}
|
||||
{
|
||||
names = [
|
||||
"federation"
|
||||
];
|
||||
compress = false;
|
||||
}
|
||||
];
|
||||
}
|
||||
];
|
||||
|
||||
database = {
|
||||
name = "psycopg2";
|
||||
args.password = "synapse";
|
||||
};
|
||||
redis = {
|
||||
enabled = true;
|
||||
host = "localhost";
|
||||
port = config.services.redis.servers.matrix-synapse.port;
|
||||
};
|
||||
tls_certificate_path = "${bundle}/cert.pem";
|
||||
tls_private_key_path = "${bundle}/key.pem";
|
||||
public_baseurl = "https://${synapseDomain}:8448";
|
||||
|
||||
# Delegate authentication to MAS
|
||||
matrix_authentication_service = {
|
||||
enabled = true;
|
||||
endpoint = "https://${masDomain}:8080";
|
||||
force_http2 = true;
|
||||
secret = matrixSecret;
|
||||
};
|
||||
};
|
||||
};
|
||||
services.postgresql = {
|
||||
enable = true;
|
||||
authentication = pkgs.lib.mkOverride 10 ''
|
||||
local all all trust
|
||||
host all all 127.0.0.1/32 trust
|
||||
host all all ::1/128 trust
|
||||
'';
|
||||
|
||||
# The database name and user are configured by the following options:
|
||||
# - services.matrix-synapse.database_name
|
||||
# - services.matrix-synapse.database_user
|
||||
#
|
||||
# The values used here represent the default values of the module.
|
||||
initialScript = pkgs.writeText "synapse-init.sql" ''
|
||||
CREATE ROLE "matrix-synapse" WITH LOGIN PASSWORD 'synapse';
|
||||
CREATE DATABASE "matrix-synapse" WITH OWNER "matrix-synapse"
|
||||
TEMPLATE template0
|
||||
LC_COLLATE = "C"
|
||||
LC_CTYPE = "C";
|
||||
'';
|
||||
};
|
||||
services.redis.servers.matrix-synapse = {
|
||||
enable = true;
|
||||
port = 6379;
|
||||
};
|
||||
security.pki.certificateFiles = [
|
||||
ca_pem
|
||||
];
|
||||
networking.extraHosts = ''
|
||||
${nodes.mas1.networking.primaryIPAddress} ${masDomain}
|
||||
${nodes.dex1.networking.primaryIPAddress} ${dexDomain}
|
||||
${nodes.hs1.networking.primaryIPAddress} ${synapseDomain}
|
||||
'';
|
||||
|
||||
environment.systemPackages = [
|
||||
pkgs.matrix-synapse
|
||||
pkgs.matrix-authentication-service
|
||||
];
|
||||
};
|
||||
|
||||
mas1 =
|
||||
{ nodes, ... }:
|
||||
let
|
||||
bundle = mkBundle masDomain;
|
||||
in
|
||||
{
|
||||
services.matrix-authentication-service = {
|
||||
enable = true;
|
||||
createDatabase = true;
|
||||
settings = {
|
||||
http = {
|
||||
public_base = "https://${masDomain}:8080/";
|
||||
tls = {
|
||||
certificate_file = "${bundle}/cert.pem";
|
||||
key_file = "${bundle}/key.pem";
|
||||
};
|
||||
listeners = [
|
||||
{
|
||||
name = "web";
|
||||
binds = [ { address = "0.0.0.0:8080"; } ];
|
||||
resources = [
|
||||
{ name = "discovery"; }
|
||||
{ name = "human"; }
|
||||
{ name = "oauth"; }
|
||||
];
|
||||
tls = {
|
||||
certificate_file = "${bundle}/cert.pem";
|
||||
key_file = "${bundle}/key.pem";
|
||||
};
|
||||
}
|
||||
];
|
||||
};
|
||||
matrix = {
|
||||
homeserver = "hs1";
|
||||
endpoint = "https://${synapseDomain}:8448/";
|
||||
secret_file = "/var/lib/matrix-authentication-service/matrix_secret";
|
||||
};
|
||||
database.uri = "postgresql:///matrix-authentication-service?host=/run/postgresql&user=matrix-authentication-service";
|
||||
secrets = {
|
||||
encryption_file = "/var/lib/matrix-authentication-service/encryption";
|
||||
keys = [
|
||||
{
|
||||
kid = "rsa-4096";
|
||||
key_file = "/var/lib/matrix-authentication-service/key_rsa_4096";
|
||||
}
|
||||
];
|
||||
};
|
||||
policy.data.client_registration.allow_insecure_uris = true;
|
||||
upstream_oauth2.providers = [
|
||||
{
|
||||
id = masULID;
|
||||
client_id = oidcClientID;
|
||||
client_secret = oidcClientSecret;
|
||||
issuer = "https://${dexDomain}:5556";
|
||||
scope = "openid email profile";
|
||||
token_endpoint_auth_method = "client_secret_post";
|
||||
}
|
||||
];
|
||||
};
|
||||
};
|
||||
services.postgresql.authentication = pkgs.lib.mkOverride 10 ''
|
||||
local all all trust
|
||||
host all all 127.0.0.1/32 trust
|
||||
host all all ::1/128 trust
|
||||
'';
|
||||
systemd.services.matrix-authentication-service.preStart = ''
|
||||
echo -n '${matrixSecret}' > /var/lib/matrix-authentication-service/matrix_secret
|
||||
echo -n '0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef' > /var/lib/matrix-authentication-service/encryption
|
||||
${pkgs.openssl}/bin/openssl genrsa -out /var/lib/matrix-authentication-service/key_rsa_4096 4096
|
||||
'';
|
||||
security.pki.certificateFiles = [ ca_pem ];
|
||||
networking.extraHosts = ''
|
||||
${nodes.hs1.networking.primaryIPAddress} ${synapseDomain}
|
||||
${nodes.dex1.networking.primaryIPAddress} ${dexDomain}
|
||||
'';
|
||||
networking.firewall.allowedTCPPorts = [
|
||||
8080
|
||||
8081
|
||||
];
|
||||
};
|
||||
|
||||
dex1 =
|
||||
{
|
||||
lib,
|
||||
config,
|
||||
nodes,
|
||||
...
|
||||
}:
|
||||
{
|
||||
services.dex = lib.mkMerge [
|
||||
(mkDexConfig dexDomain config.networking.primaryIPAddress)
|
||||
{
|
||||
settings.staticClients = [
|
||||
{
|
||||
id = oidcClientID;
|
||||
name = "Matrix";
|
||||
redirectURIs = [ "https://${masDomain}:8080/upstream/callback/${masULID}" ];
|
||||
secret = oidcClientSecret;
|
||||
}
|
||||
];
|
||||
}
|
||||
];
|
||||
security.pki.certificateFiles = [ ca_pem ];
|
||||
networking.extraHosts = ''
|
||||
${nodes.hs1.networking.primaryIPAddress} ${synapseDomain}
|
||||
${nodes.mas1.networking.primaryIPAddress} ${masDomain}
|
||||
${nodes.dex1.networking.primaryIPAddress} ${dexDomain}
|
||||
'';
|
||||
networking.firewall.allowedTCPPorts = [ 5556 ];
|
||||
};
|
||||
};
|
||||
|
||||
testScript = ''
|
||||
import json
|
||||
import re
|
||||
|
||||
|
||||
COOKIES = "-c /tmp/cookies.txt -b /tmp/cookies.txt"
|
||||
|
||||
|
||||
def visit(url, *opts):
|
||||
"""Follow the whole redirect chain from `url`; return `effective_url` and response body."""
|
||||
out = dex1.succeed(
|
||||
f"curl -sL {COOKIES} {' '.join(opts)} -w '\\n%{{url_effective}}' '{url.strip()}'"
|
||||
)
|
||||
body, _, effective = out.rpartition("\n")
|
||||
return effective.strip(), body
|
||||
|
||||
|
||||
def location(url, *opts):
|
||||
"""Request `url` and return where it redirects, but don't follow it.
|
||||
|
||||
Used for the OAuth callback, which points at http://localhost:1234 where
|
||||
nothing is listening, so `curl --location` would ultimately fail.
|
||||
"""
|
||||
return dex1.succeed(
|
||||
f"curl -s {COOKIES} -w '%{{redirect_url}}' -o /dev/null "
|
||||
f"{' '.join(opts)} '{url.strip()}'"
|
||||
).strip()
|
||||
|
||||
|
||||
def extract_csrf(html):
|
||||
match = re.search(r'name="csrf" value="([^"]+)"', html)
|
||||
assert match is not None, f"unable to find csrf token in {html}"
|
||||
return match.group(1)
|
||||
|
||||
|
||||
def authorize():
|
||||
"""Start the OIDC flow and return the first redirect URL."""
|
||||
return dex1.succeed(
|
||||
"scope='openid urn:matrix:org.matrix.msc2967.client:api:*'; "
|
||||
"curl -fs -G -w '%{redirect_url}' -o /dev/null https://${masDomain}:8080/authorize "
|
||||
f"-d response_type=code -d client_id={client_id} "
|
||||
"-d redirect_uri=http://localhost:1234/callback "
|
||||
'--data-urlencode "scope=$scope" '
|
||||
"-d state=somestate -d code_challenge=${loginCodeChallenge} "
|
||||
"-d code_challenge_method=S256"
|
||||
)
|
||||
|
||||
|
||||
start_all()
|
||||
|
||||
# wait locally until units are ready
|
||||
dex1.wait_for_unit("dex.service")
|
||||
hs1.wait_for_unit("matrix-synapse.service")
|
||||
mas1.wait_for_unit("matrix-authentication-service.service")
|
||||
hs1.wait_until_succeeds("curl --fail -s --cacert ${ca_pem} https://${synapseDomain}:8448/")
|
||||
hs1.wait_until_succeeds("journalctl -u matrix-synapse.service | grep -q 'Connected to redis'")
|
||||
hs1.require_unit_state("postgresql.target")
|
||||
mas1.wait_for_open_port(8080)
|
||||
|
||||
# cross-node reachability
|
||||
mas1.wait_until_succeeds("curl --fail --silent --show-error --cacert ${ca_pem} https://${dexDomain}:5556/.well-known/openid-configuration")
|
||||
mas1.wait_until_succeeds("curl --fail --silent --show-error --cacert ${ca_pem} https://${synapseDomain}:8448/")
|
||||
hs1.wait_until_succeeds("curl --fail --silent --show-error https://${masDomain}:8080/.well-known/openid-configuration")
|
||||
|
||||
# Register a fresh OAuth client and grab its client_id
|
||||
client_id_resp = json.loads(dex1.succeed(
|
||||
"curl -s -X POST https://${masDomain}:8080/oauth2/registration "
|
||||
"-H 'Content-Type: application/json' "
|
||||
"-d '{ \"client_name\": \"test_client\", \"client_uri\": \"http://localhost:1234/\", \"redirect_uris\": [\"http://localhost:1234/callback\"], \"response_types\": [\"code\"], \"grant_types\": [ \"authorization_code\" ], \"token_endpoint_auth_method\": \"none\" }'"
|
||||
))
|
||||
t.assertIn("client_id", client_id_resp)
|
||||
client_id = client_id_resp["client_id"]
|
||||
|
||||
with subtest("Register"):
|
||||
location(authorize()) # follow /authorize to put the session cookie in the jar.
|
||||
|
||||
# To login with Upstream (Dex) the page returns a clickable link; we hardcode
|
||||
# it here since we already know its shape.
|
||||
upstream_url = f"https://${masDomain}:8080/upstream/authorize/${masULID}?id={client_id}&kind=continue_authorization_grant"
|
||||
_, mock_body = visit(upstream_url)
|
||||
_match = re.search(r'state=([^"&]+)', mock_body)
|
||||
assert _match is not None, f"unable to find state in {mock_body}"
|
||||
oidc_state = _match.group(1)
|
||||
|
||||
next_url, body = visit(
|
||||
f"https://${dexDomain}:5556/auth/mock/login?back=&state={oidc_state}",
|
||||
"-d 'login=${testUser}'",
|
||||
"-d 'password=${testPassword}'",
|
||||
)
|
||||
next_url, body = visit(next_url, f"-d 'csrf={extract_csrf(body)}&action=register&username=${testUser}'")
|
||||
visit(next_url, f"-d 'csrf={extract_csrf(body)}&action=set&display_name=Alice'")
|
||||
|
||||
with subtest("Login"):
|
||||
consent_url, body = visit(authorize())
|
||||
|
||||
# Alice already has a session cookie, so /consent redirects straight to the callback.
|
||||
callback_url = location(consent_url, f"-d 'csrf={extract_csrf(body)}&action=consent'")
|
||||
_match = re.search(r'code=([^&]+)', callback_url)
|
||||
assert _match is not None, f"unable to find code in {callback_url}"
|
||||
code = _match.group(1)
|
||||
|
||||
access_token_resp = json.loads(dex1.succeed(
|
||||
"curl -s -X POST https://${masDomain}:8080/oauth2/token "
|
||||
"-d 'grant_type=authorization_code' "
|
||||
f"-d 'client_id={client_id}' -d 'code={code}' "
|
||||
"-d 'redirect_uri=http://localhost:1234/callback' "
|
||||
"-d 'code_verifier=${loginCodeVerifier}'"
|
||||
))
|
||||
t.assertIn("access_token", access_token_resp)
|
||||
access_token = access_token_resp["access_token"]
|
||||
|
||||
with subtest("Create Room"):
|
||||
room_id_resp = json.loads(dex1.succeed(
|
||||
"curl --fail -s -X POST https://${synapseDomain}:8448/_matrix/client/v3/createRoom "
|
||||
"-H 'Content-Type: application/json' "
|
||||
f"-H 'Authorization: Bearer {access_token}' "
|
||||
"-d '{}'"
|
||||
))
|
||||
t.assertIn("room_id", room_id_resp)
|
||||
room_id = room_id_resp["room_id"]
|
||||
|
||||
with subtest("Send Message"):
|
||||
dex1.succeed(
|
||||
"curl -fs -X POST "
|
||||
f"https://${synapseDomain}:8448/_matrix/client/v3/rooms/{room_id}/send/m.room.message "
|
||||
f"-H 'Authorization: Bearer {access_token}' "
|
||||
"-H 'Content-Type: application/json' "
|
||||
"-d '{\"msgtype\":\"m.text\",\"body\":\"hello from alice\"}' | grep event_id"
|
||||
)
|
||||
'';
|
||||
}
|
||||
37
nixos/tests/nginx-lua.nix
Normal file
37
nixos/tests/nginx-lua.nix
Normal file
|
|
@ -0,0 +1,37 @@
|
|||
{ lib, ... }:
|
||||
{
|
||||
name = "nginx-lua";
|
||||
|
||||
meta.maintainers = [ lib.maintainers.kranzes ];
|
||||
|
||||
nodes.machine = {
|
||||
services.nginx = {
|
||||
enable = true;
|
||||
lua = {
|
||||
enable = true;
|
||||
extraPackages = p: [
|
||||
p.lua-resty-lrucache
|
||||
p.lua-cjson
|
||||
];
|
||||
};
|
||||
virtualHosts."localhost".locations."/" = {
|
||||
extraConfig = ''
|
||||
default_type text/plain;
|
||||
content_by_lua_block {
|
||||
local cache = require("resty.lrucache").new(8)
|
||||
cache:set("greeting", require("cjson").decode('"Hello world!"'))
|
||||
ngx.say((cache:get("greeting")))
|
||||
}
|
||||
'';
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
testScript = ''
|
||||
machine.wait_for_unit("nginx")
|
||||
machine.wait_for_open_port(80)
|
||||
|
||||
response = machine.wait_until_succeeds("curl -fsS http://127.0.0.1/").strip()
|
||||
assert response == "Hello world!", f"Expected 'Hello world!', got '{response}'"
|
||||
'';
|
||||
}
|
||||
|
|
@ -1,12 +1,4 @@
|
|||
{ pkgs, lib, ... }:
|
||||
let
|
||||
luaLibs = [
|
||||
pkgs.lua.pkgs.markdown
|
||||
];
|
||||
|
||||
getLuaPath = lib: "${lib}/share/lua/${pkgs.lua.luaversion}/?.lua";
|
||||
luaPath = lib.concatStringsSep ";" (map getLuaPath luaLibs);
|
||||
in
|
||||
{ pkgs, ... }:
|
||||
{
|
||||
name = "openresty-lua";
|
||||
meta = with pkgs.lib.maintainers; {
|
||||
|
|
@ -15,7 +7,7 @@ in
|
|||
|
||||
nodes = {
|
||||
webserver =
|
||||
{ pkgs, lib, ... }:
|
||||
{ pkgs, ... }:
|
||||
{
|
||||
networking = {
|
||||
extraHosts = ''
|
||||
|
|
@ -27,9 +19,10 @@ in
|
|||
enable = true;
|
||||
package = pkgs.openresty;
|
||||
|
||||
commonHttpConfig = ''
|
||||
lua_package_path '${luaPath};;';
|
||||
'';
|
||||
lua = {
|
||||
enable = true;
|
||||
extraPackages = p: [ p.markdown ];
|
||||
};
|
||||
|
||||
virtualHosts."default.test" = {
|
||||
default = true;
|
||||
|
|
|
|||
67
nixos/tests/system-services-compliance.nix
Normal file
67
nixos/tests/system-services-compliance.nix
Normal file
|
|
@ -0,0 +1,67 @@
|
|||
{
|
||||
pkgs,
|
||||
evalSystem,
|
||||
runTest,
|
||||
callTest,
|
||||
}:
|
||||
|
||||
let
|
||||
sharedDir = "/tmp/modular-service-compliance";
|
||||
in
|
||||
let
|
||||
suite = pkgs.testers.modularServiceCompliance {
|
||||
inherit sharedDir;
|
||||
namePrefix = "system-services-compliance";
|
||||
evalConfig =
|
||||
{ services }:
|
||||
let
|
||||
machine = evalSystem (
|
||||
{ ... }:
|
||||
{
|
||||
system.services = services;
|
||||
system.stateVersion = "25.05";
|
||||
fileSystems."/" = {
|
||||
device = "/test/dummy";
|
||||
fsType = "auto";
|
||||
};
|
||||
boot.loader.grub.enable = false;
|
||||
}
|
||||
);
|
||||
in
|
||||
{
|
||||
config = machine.config.system.services;
|
||||
checkDrv = machine.config.system.build.toplevel;
|
||||
};
|
||||
mkTest =
|
||||
{
|
||||
name,
|
||||
services,
|
||||
testExe,
|
||||
}:
|
||||
runTest {
|
||||
_class = "nixosTest";
|
||||
inherit name;
|
||||
nodes.machine.system.services = services;
|
||||
testScript = ''
|
||||
machine.wait_for_unit("multi-user.target")
|
||||
machine.succeed("${testExe}")
|
||||
'';
|
||||
meta.maintainers = with pkgs.lib.maintainers; [ roberth ];
|
||||
};
|
||||
};
|
||||
in
|
||||
|
||||
# Please the callTest pattern.
|
||||
#
|
||||
# runTest results already go through findTests/callTest.
|
||||
# For plain derivations like `eval`, we apply callTest directly.
|
||||
pkgs.lib.mapAttrs (
|
||||
_: v:
|
||||
if v ? test then
|
||||
v
|
||||
else
|
||||
callTest {
|
||||
test = v;
|
||||
driver = v;
|
||||
}
|
||||
) suite
|
||||
File diff suppressed because it is too large
Load diff
|
|
@ -9,10 +9,10 @@
|
|||
elpaBuild {
|
||||
pname = "a68-mode";
|
||||
ename = "a68-mode";
|
||||
version = "1.2";
|
||||
version = "1.3";
|
||||
src = fetchurl {
|
||||
url = "https://elpa.gnu.org/packages/a68-mode-1.2.tar";
|
||||
sha256 = "1x40j0w6kzjxxrj7qdvll1psackq526cfrihfmacmq97c9g8xwm6";
|
||||
url = "https://elpa.gnu.org/packages/a68-mode-1.3.tar";
|
||||
sha256 = "0x5jj95bk07wnl9aqf35hcm9ajdwbrg74xm90i5kfn6nrxmnjmyp";
|
||||
};
|
||||
packageRequires = [ ];
|
||||
meta = {
|
||||
|
|
@ -207,10 +207,10 @@
|
|||
elpaBuild {
|
||||
pname = "aggressive-completion";
|
||||
ename = "aggressive-completion";
|
||||
version = "1.7";
|
||||
version = "1.8";
|
||||
src = fetchurl {
|
||||
url = "https://elpa.gnu.org/packages/aggressive-completion-1.7.tar";
|
||||
sha256 = "0d388w0yjpjzhqlar9fjrxsjxma09j8as6758sswv01r084gpdbk";
|
||||
url = "https://elpa.gnu.org/packages/aggressive-completion-1.8.tar";
|
||||
sha256 = "07dqw6mvb1vp4fmii1y7wc074xxi9wfwalflszjpzcjbalklcqdq";
|
||||
};
|
||||
packageRequires = [ ];
|
||||
meta = {
|
||||
|
|
@ -527,10 +527,10 @@
|
|||
elpaBuild {
|
||||
pname = "auth-source-xoauth2-plugin";
|
||||
ename = "auth-source-xoauth2-plugin";
|
||||
version = "0.3.2";
|
||||
version = "0.4.1";
|
||||
src = fetchurl {
|
||||
url = "https://elpa.gnu.org/packages/auth-source-xoauth2-plugin-0.3.2.tar";
|
||||
sha256 = "1k48kg6n72vzxaiqidg4m0w69c2s6ynvgcr08p4i8x2fsgaigcp2";
|
||||
url = "https://elpa.gnu.org/packages/auth-source-xoauth2-plugin-0.4.1.tar";
|
||||
sha256 = "038wikkg4lmgjjnwkliwwx8iif55vlc6720qz55lkr7pkrzp5vas";
|
||||
};
|
||||
packageRequires = [ oauth2 ];
|
||||
meta = {
|
||||
|
|
@ -1085,10 +1085,10 @@
|
|||
elpaBuild {
|
||||
pname = "cape";
|
||||
ename = "cape";
|
||||
version = "2.6";
|
||||
version = "2.7";
|
||||
src = fetchurl {
|
||||
url = "https://elpa.gnu.org/packages/cape-2.6.tar";
|
||||
sha256 = "0n4j70w1q9ix9d8s276g4shkn1k7hv8d6wqpx65wchgilwbjx07z";
|
||||
url = "https://elpa.gnu.org/packages/cape-2.7.tar";
|
||||
sha256 = "0543x1j4pakdqm8vba0450yl9b30z527dx8x84mzjqkhksn40pzv";
|
||||
};
|
||||
packageRequires = [ compat ];
|
||||
meta = {
|
||||
|
|
@ -1245,6 +1245,28 @@
|
|||
};
|
||||
}
|
||||
) { };
|
||||
cm-mode = callPackage (
|
||||
{
|
||||
cl-lib ? null,
|
||||
elpaBuild,
|
||||
fetchurl,
|
||||
lib,
|
||||
}:
|
||||
elpaBuild {
|
||||
pname = "cm-mode";
|
||||
ename = "cm-mode";
|
||||
version = "1.10";
|
||||
src = fetchurl {
|
||||
url = "https://elpa.gnu.org/packages/cm-mode-1.10.tar";
|
||||
sha256 = "1lg9rzv9hk89qi43msrbmi1hyy8zgr75740h7kj7rbl41v808bd7";
|
||||
};
|
||||
packageRequires = [ cl-lib ];
|
||||
meta = {
|
||||
homepage = "https://elpa.gnu.org/packages/cm-mode.html";
|
||||
license = lib.licenses.free;
|
||||
};
|
||||
}
|
||||
) { };
|
||||
cobol-mode = callPackage (
|
||||
{
|
||||
cl-lib ? null,
|
||||
|
|
@ -1458,17 +1480,16 @@
|
|||
elpaBuild,
|
||||
fetchurl,
|
||||
lib,
|
||||
seq,
|
||||
}:
|
||||
elpaBuild {
|
||||
pname = "compat";
|
||||
ename = "compat";
|
||||
version = "30.1.0.1";
|
||||
version = "31.0.0.1";
|
||||
src = fetchurl {
|
||||
url = "https://elpa.gnu.org/packages/compat-30.1.0.1.tar";
|
||||
sha256 = "1rj5i709i0l7drr7f571gsk8d6b5slwrd2l9flayv63kwk1gizhn";
|
||||
url = "https://elpa.gnu.org/packages/compat-31.0.0.1.tar";
|
||||
sha256 = "1lraq5i8jk0wsrnkv66q6lxv314fm8c09hrfvm0gj2lpn8126f20";
|
||||
};
|
||||
packageRequires = [ seq ];
|
||||
packageRequires = [ ];
|
||||
meta = {
|
||||
homepage = "https://elpa.gnu.org/packages/compat.html";
|
||||
license = lib.licenses.free;
|
||||
|
|
@ -1527,10 +1548,10 @@
|
|||
elpaBuild {
|
||||
pname = "consult";
|
||||
ename = "consult";
|
||||
version = "3.4";
|
||||
version = "3.6";
|
||||
src = fetchurl {
|
||||
url = "https://elpa.gnu.org/packages/consult-3.4.tar";
|
||||
sha256 = "1silvwrss87fa5lss19a08bv72fwvnblkic24qn53c3z6zcd22zd";
|
||||
url = "https://elpa.gnu.org/packages/consult-3.6.tar";
|
||||
sha256 = "0c8pp537qv2zxkzk0nlrvzbn1v72v9ddhwf1nks3hwvwrff58db8";
|
||||
};
|
||||
packageRequires = [ compat ];
|
||||
meta = {
|
||||
|
|
@ -1550,10 +1571,10 @@
|
|||
elpaBuild {
|
||||
pname = "consult-denote";
|
||||
ename = "consult-denote";
|
||||
version = "0.4.2";
|
||||
version = "0.5.0";
|
||||
src = fetchurl {
|
||||
url = "https://elpa.gnu.org/packages/consult-denote-0.4.2.tar";
|
||||
sha256 = "1vz96mcfw23y84dibnj6r3d7l0qj191fcnvx2piwhm26n0j43q8m";
|
||||
url = "https://elpa.gnu.org/packages/consult-denote-0.5.0.tar";
|
||||
sha256 = "1qmfwmm4hi0z2lqn6ryfwckrivrlvy16y42w729q6pk0nd21j48k";
|
||||
};
|
||||
packageRequires = [
|
||||
consult
|
||||
|
|
@ -1575,10 +1596,10 @@
|
|||
elpaBuild {
|
||||
pname = "consult-hoogle";
|
||||
ename = "consult-hoogle";
|
||||
version = "0.6.0";
|
||||
version = "0.7.0";
|
||||
src = fetchurl {
|
||||
url = "https://elpa.gnu.org/packages/consult-hoogle-0.6.0.tar";
|
||||
sha256 = "0iln71qlmcfmlys5z5bs4304av91ick0wq1ckhffh7d6xkxy0rv5";
|
||||
url = "https://elpa.gnu.org/packages/consult-hoogle-0.7.0.tar";
|
||||
sha256 = "17slksxs1vx19djf5q772hwq1fpaqsd0xpbh6zrrvvgv18h2ac8l";
|
||||
};
|
||||
packageRequires = [ consult ];
|
||||
meta = {
|
||||
|
|
@ -1640,10 +1661,10 @@
|
|||
elpaBuild {
|
||||
pname = "corfu";
|
||||
ename = "corfu";
|
||||
version = "2.9";
|
||||
version = "2.10";
|
||||
src = fetchurl {
|
||||
url = "https://elpa.gnu.org/packages/corfu-2.9.tar";
|
||||
sha256 = "0h5vz8jyy06380m802jla9312h2rbn2k8fdskjfwkqd1v6dc0c8n";
|
||||
url = "https://elpa.gnu.org/packages/corfu-2.10.tar";
|
||||
sha256 = "0wp9jr1l81si8p1rxa5dkkwbx6k77rs0629q2lxk1l8lnb0j7h6n";
|
||||
};
|
||||
packageRequires = [ compat ];
|
||||
meta = {
|
||||
|
|
@ -1900,10 +1921,10 @@
|
|||
elpaBuild {
|
||||
pname = "dape";
|
||||
ename = "dape";
|
||||
version = "0.26.0";
|
||||
version = "0.27.1";
|
||||
src = fetchurl {
|
||||
url = "https://elpa.gnu.org/packages/dape-0.26.0.tar";
|
||||
sha256 = "0arid8qwaf7ic76hsjzj7grn41krsphnzvihmjbgm4im6b7zzb37";
|
||||
url = "https://elpa.gnu.org/packages/dape-0.27.1.tar";
|
||||
sha256 = "1na3080gaygw4fsaymjjx9jgh9ai5k7gb0jmlrkbqnmdypag3mb7";
|
||||
};
|
||||
packageRequires = [ jsonrpc ];
|
||||
meta = {
|
||||
|
|
@ -2034,10 +2055,10 @@
|
|||
elpaBuild {
|
||||
pname = "denote";
|
||||
ename = "denote";
|
||||
version = "4.1.3";
|
||||
version = "4.2.3";
|
||||
src = fetchurl {
|
||||
url = "https://elpa.gnu.org/packages/denote-4.1.3.tar";
|
||||
sha256 = "197m0bx1gxrzbqlfr5h52il3ivbixzg1pkhkrf488kidww8qmpvf";
|
||||
url = "https://elpa.gnu.org/packages/denote-4.2.3.tar";
|
||||
sha256 = "0r5p2iy7wssm6hl4dal1sav5x4vvijq54lyzqabg49v6lsbszf74";
|
||||
};
|
||||
packageRequires = [ ];
|
||||
meta = {
|
||||
|
|
@ -2056,10 +2077,10 @@
|
|||
elpaBuild {
|
||||
pname = "denote-journal";
|
||||
ename = "denote-journal";
|
||||
version = "0.2.2";
|
||||
version = "0.3.0";
|
||||
src = fetchurl {
|
||||
url = "https://elpa.gnu.org/packages/denote-journal-0.2.2.tar";
|
||||
sha256 = "00rav8kachy85npcr96dwzb4kbgym0p2m5aw3v3pmg278nmc73v3";
|
||||
url = "https://elpa.gnu.org/packages/denote-journal-0.3.0.tar";
|
||||
sha256 = "1l2zrr5nczxyqsmr73m93jqphp6s79f55grpahig0xj2kji8d6gk";
|
||||
};
|
||||
packageRequires = [ denote ];
|
||||
meta = {
|
||||
|
|
@ -2078,10 +2099,10 @@
|
|||
elpaBuild {
|
||||
pname = "denote-markdown";
|
||||
ename = "denote-markdown";
|
||||
version = "0.2.2";
|
||||
version = "0.3.0";
|
||||
src = fetchurl {
|
||||
url = "https://elpa.gnu.org/packages/denote-markdown-0.2.2.tar";
|
||||
sha256 = "1nb5rcjgkhw3nl2jva6lyblmfsl24cdryx3c16w8ydbx6fswhjpj";
|
||||
url = "https://elpa.gnu.org/packages/denote-markdown-0.3.0.tar";
|
||||
sha256 = "0adg2nr8s8rjynrpj0b37ni4jcm1igvls3zyyr313xifnrbiznym";
|
||||
};
|
||||
packageRequires = [ denote ];
|
||||
meta = {
|
||||
|
|
@ -2122,10 +2143,10 @@
|
|||
elpaBuild {
|
||||
pname = "denote-org";
|
||||
ename = "denote-org";
|
||||
version = "0.2.1";
|
||||
version = "0.3.0";
|
||||
src = fetchurl {
|
||||
url = "https://elpa.gnu.org/packages/denote-org-0.2.1.tar";
|
||||
sha256 = "1cs1ml38xhj0c921qdsvqhqg42lm5r0qb7nf7sj1krvw1r9913bn";
|
||||
url = "https://elpa.gnu.org/packages/denote-org-0.3.0.tar";
|
||||
sha256 = "0r3idn17875hzmidi1xjb9hddifzby9i23j35ywzn88h9a33845k";
|
||||
};
|
||||
packageRequires = [ denote ];
|
||||
meta = {
|
||||
|
|
@ -2188,10 +2209,10 @@
|
|||
elpaBuild {
|
||||
pname = "denote-sequence";
|
||||
ename = "denote-sequence";
|
||||
version = "0.2.0";
|
||||
version = "0.3.3";
|
||||
src = fetchurl {
|
||||
url = "https://elpa.gnu.org/packages/denote-sequence-0.2.0.tar";
|
||||
sha256 = "0i0vm1n48aw7j4y6laa8fvs0av5smimdky980qgp69pha6hcvph5";
|
||||
url = "https://elpa.gnu.org/packages/denote-sequence-0.3.3.tar";
|
||||
sha256 = "017h9bwaqv9lxv8ibbl739a9vkcknsv8ch2sqrbaybhri74a3mqk";
|
||||
};
|
||||
packageRequires = [ denote ];
|
||||
meta = {
|
||||
|
|
@ -2210,10 +2231,10 @@
|
|||
elpaBuild {
|
||||
pname = "denote-silo";
|
||||
ename = "denote-silo";
|
||||
version = "0.2.0";
|
||||
version = "0.3.0";
|
||||
src = fetchurl {
|
||||
url = "https://elpa.gnu.org/packages/denote-silo-0.2.0.tar";
|
||||
sha256 = "10n4xv179dl6zz1k28lcbrgyqx8k3hfh3isd7q3qg1vcahlw04vl";
|
||||
url = "https://elpa.gnu.org/packages/denote-silo-0.3.0.tar";
|
||||
sha256 = "1pwhn1k8cdb4n6v1l6d6ld5zm4gfzb5vl9fp1myqlfkjx756lglj";
|
||||
};
|
||||
packageRequires = [ denote ];
|
||||
meta = {
|
||||
|
|
@ -2296,10 +2317,10 @@
|
|||
elpaBuild {
|
||||
pname = "dicom";
|
||||
ename = "dicom";
|
||||
version = "1.3";
|
||||
version = "1.5";
|
||||
src = fetchurl {
|
||||
url = "https://elpa.gnu.org/packages/dicom-1.3.tar";
|
||||
sha256 = "05n9azzj0wskzd0jzyqhfk3blss31wjzp8wkqam79hq0j6daf6g5";
|
||||
url = "https://elpa.gnu.org/packages/dicom-1.5.tar";
|
||||
sha256 = "02i90769952g80f8fjj9phwwm7ln8q6w65pc065r5vln1knjm7gd";
|
||||
};
|
||||
packageRequires = [ compat ];
|
||||
meta = {
|
||||
|
|
@ -2473,10 +2494,10 @@
|
|||
elpaBuild {
|
||||
pname = "dired-preview";
|
||||
ename = "dired-preview";
|
||||
version = "0.6.0";
|
||||
version = "0.6.1";
|
||||
src = fetchurl {
|
||||
url = "https://elpa.gnu.org/packages/dired-preview-0.6.0.tar";
|
||||
sha256 = "1nlibx8jwyvb5n58sx8bg6vcazhnlj5dydmf36v7hzy0h4i460i0";
|
||||
url = "https://elpa.gnu.org/packages/dired-preview-0.6.1.tar";
|
||||
sha256 = "115cassm68rga9q8z7qr1ghi4f9j0immc8ccqwa21vnyvjj02q7a";
|
||||
};
|
||||
packageRequires = [ ];
|
||||
meta = {
|
||||
|
|
@ -2558,10 +2579,10 @@
|
|||
elpaBuild {
|
||||
pname = "dmsg";
|
||||
ename = "dmsg";
|
||||
version = "0.2";
|
||||
version = "0.3";
|
||||
src = fetchurl {
|
||||
url = "https://elpa.gnu.org/packages/dmsg-0.2.tar";
|
||||
sha256 = "18wnbkd707n2qh9an72wizs0yp71hys6vg0y02iclqmj7igjg28k";
|
||||
url = "https://elpa.gnu.org/packages/dmsg-0.3.tar";
|
||||
sha256 = "18r81rdpw0jnhxca3fr7bxpalabicbj2y55z5gb2llqrh9plarq6";
|
||||
};
|
||||
packageRequires = [ ];
|
||||
meta = {
|
||||
|
|
@ -2887,10 +2908,10 @@
|
|||
elpaBuild {
|
||||
pname = "ef-themes";
|
||||
ename = "ef-themes";
|
||||
version = "2.1.0";
|
||||
version = "2.2.0";
|
||||
src = fetchurl {
|
||||
url = "https://elpa.gnu.org/packages/ef-themes-2.1.0.tar";
|
||||
sha256 = "09rb5pkqz63mc86f8n7969f8x27jdrhz51rh6vl0v3j4nvivv3dx";
|
||||
url = "https://elpa.gnu.org/packages/ef-themes-2.2.0.tar";
|
||||
sha256 = "0jm3hqg53cq0dfvmszmwzwrfi9n2mgdbz176qzxhjqm16rw2bwds";
|
||||
};
|
||||
packageRequires = [ modus-themes ];
|
||||
meta = {
|
||||
|
|
@ -3089,10 +3110,10 @@
|
|||
elpaBuild {
|
||||
pname = "ellama";
|
||||
ename = "ellama";
|
||||
version = "1.13.0";
|
||||
version = "1.27.2";
|
||||
src = fetchurl {
|
||||
url = "https://elpa.gnu.org/packages/ellama-1.13.0.tar";
|
||||
sha256 = "0i3lzb68bwyr974wc0i8dn1kiryjs49zg79hli21wycm0j7a3six";
|
||||
url = "https://elpa.gnu.org/packages/ellama-1.27.2.tar";
|
||||
sha256 = "09l22c29vv8bd70vq681ashvlyqcq3ajk37nmdkcj7j4ik53l4bh";
|
||||
};
|
||||
packageRequires = [
|
||||
compat
|
||||
|
|
@ -3183,10 +3204,10 @@
|
|||
elpaBuild {
|
||||
pname = "embark-consult";
|
||||
ename = "embark-consult";
|
||||
version = "1.1";
|
||||
version = "1.2";
|
||||
src = fetchurl {
|
||||
url = "https://elpa.gnu.org/packages/embark-consult-1.1.tar";
|
||||
sha256 = "06yh6w4zgvvkfllmcr0szsgjrfhh9rpjwgmcrf6h2gai2ps9xdqr";
|
||||
url = "https://elpa.gnu.org/packages/embark-consult-1.2.tar";
|
||||
sha256 = "1m6i8f49qmzfvqz0mq3ga0gcdi364pqsdph6arpwl4rr59r6sfwn";
|
||||
};
|
||||
packageRequires = [
|
||||
compat
|
||||
|
|
@ -3336,10 +3357,10 @@
|
|||
elpaBuild {
|
||||
pname = "erc";
|
||||
ename = "erc";
|
||||
version = "5.6.1";
|
||||
version = "5.6.2";
|
||||
src = fetchurl {
|
||||
url = "https://elpa.gnu.org/packages/erc-5.6.1.tar";
|
||||
sha256 = "13dzip6xhj0mf8hs8wk08pfxny5gwpbzfsqkmz146xvl2d8m621x";
|
||||
url = "https://elpa.gnu.org/packages/erc-5.6.2.tar";
|
||||
sha256 = "0rm7aw6p8736ssp4z7vmfmwff93h4dwcv9pz3b83f9060i2svvvn";
|
||||
};
|
||||
packageRequires = [ compat ];
|
||||
meta = {
|
||||
|
|
@ -3383,10 +3404,10 @@
|
|||
elpaBuild {
|
||||
pname = "ess";
|
||||
ename = "ess";
|
||||
version = "26.1.0";
|
||||
version = "26.5.0";
|
||||
src = fetchurl {
|
||||
url = "https://elpa.gnu.org/packages/ess-26.1.0.tar";
|
||||
sha256 = "1spyys37b2rzqzpa7y5ajrrjzckrsbp3hrhsvn28qav3g5d17463";
|
||||
url = "https://elpa.gnu.org/packages/ess-26.5.0.tar";
|
||||
sha256 = "07mfjhcnq3wn6q0dxc4yn5aqnvb9sfnwgi581b5283pfbszhxd29";
|
||||
};
|
||||
packageRequires = [ ];
|
||||
meta = {
|
||||
|
|
@ -3535,6 +3556,27 @@
|
|||
};
|
||||
}
|
||||
) { };
|
||||
ffs = callPackage (
|
||||
{
|
||||
elpaBuild,
|
||||
fetchurl,
|
||||
lib,
|
||||
}:
|
||||
elpaBuild {
|
||||
pname = "ffs";
|
||||
ename = "ffs";
|
||||
version = "0.2.2";
|
||||
src = fetchurl {
|
||||
url = "https://elpa.gnu.org/packages/ffs-0.2.2.tar";
|
||||
sha256 = "1mwjk877qfccdrp046j431pawr9g489gdz803wg55j0r12whh94a";
|
||||
};
|
||||
packageRequires = [ ];
|
||||
meta = {
|
||||
homepage = "https://elpa.gnu.org/packages/ffs.html";
|
||||
license = lib.licenses.free;
|
||||
};
|
||||
}
|
||||
) { };
|
||||
filechooser = callPackage (
|
||||
{
|
||||
compat,
|
||||
|
|
@ -3731,6 +3773,28 @@
|
|||
};
|
||||
}
|
||||
) { };
|
||||
forgejo = callPackage (
|
||||
{
|
||||
elpaBuild,
|
||||
fetchurl,
|
||||
keymap-popup,
|
||||
lib,
|
||||
}:
|
||||
elpaBuild {
|
||||
pname = "forgejo";
|
||||
ename = "forgejo";
|
||||
version = "0.2.3";
|
||||
src = fetchurl {
|
||||
url = "https://elpa.gnu.org/packages/forgejo-0.2.3.tar";
|
||||
sha256 = "0q4y474acb759vx3d0xcqgikbq666nckka4hfashi1jwnas98qcg";
|
||||
};
|
||||
packageRequires = [ keymap-popup ];
|
||||
meta = {
|
||||
homepage = "https://elpa.gnu.org/packages/forgejo.html";
|
||||
license = lib.licenses.free;
|
||||
};
|
||||
}
|
||||
) { };
|
||||
frame-tabs = callPackage (
|
||||
{
|
||||
elpaBuild,
|
||||
|
|
@ -3830,10 +3894,10 @@
|
|||
elpaBuild {
|
||||
pname = "futur";
|
||||
ename = "futur";
|
||||
version = "1.4";
|
||||
version = "1.7";
|
||||
src = fetchurl {
|
||||
url = "https://elpa.gnu.org/packages/futur-1.4.tar";
|
||||
sha256 = "036b81cp5nbzhykfsj6rkhxb5b675k38njmb32bj20g9h7pkd1vl";
|
||||
url = "https://elpa.gnu.org/packages/futur-1.7.tar";
|
||||
sha256 = "1zb533jkhsi6p0ikx9jc7igz4yfq7b35apz9b8w7g0yrvq5jcl4i";
|
||||
};
|
||||
packageRequires = [ ];
|
||||
meta = {
|
||||
|
|
@ -4019,17 +4083,21 @@
|
|||
compat,
|
||||
elpaBuild,
|
||||
fetchurl,
|
||||
keymap-popup,
|
||||
lib,
|
||||
}:
|
||||
elpaBuild {
|
||||
pname = "gnosis";
|
||||
ename = "gnosis";
|
||||
version = "0.10.3";
|
||||
version = "0.10.6";
|
||||
src = fetchurl {
|
||||
url = "https://elpa.gnu.org/packages/gnosis-0.10.3.tar";
|
||||
sha256 = "0642xdgpljfmzi27gfbzhngpyc82blpyyvkvqqbm6khiqac9wdxz";
|
||||
url = "https://elpa.gnu.org/packages/gnosis-0.10.6.tar";
|
||||
sha256 = "1g8zbvid2l7wfyagqynjd1jcjnd0m3zkh9ww0dadppj24n37k57n";
|
||||
};
|
||||
packageRequires = [ compat ];
|
||||
packageRequires = [
|
||||
compat
|
||||
keymap-popup
|
||||
];
|
||||
meta = {
|
||||
homepage = "https://elpa.gnu.org/packages/gnosis.html";
|
||||
license = lib.licenses.free;
|
||||
|
|
@ -4232,10 +4300,10 @@
|
|||
elpaBuild {
|
||||
pname = "greader";
|
||||
ename = "greader";
|
||||
version = "0.17.0";
|
||||
version = "0.19.4";
|
||||
src = fetchurl {
|
||||
url = "https://elpa.gnu.org/packages/greader-0.17.0.tar";
|
||||
sha256 = "0kz9qvwkxfl3p4fwl235vxdv19iqrz2jrp9hk06z8bmwmdvj7nxd";
|
||||
url = "https://elpa.gnu.org/packages/greader-0.19.4.tar";
|
||||
sha256 = "1wg25481rdzfjshsjhaf2747hsy964gn1zc5gbmqak8y1vmsjb6h";
|
||||
};
|
||||
packageRequires = [
|
||||
compat
|
||||
|
|
@ -4852,10 +4920,10 @@
|
|||
elpaBuild {
|
||||
pname = "javaimp";
|
||||
ename = "javaimp";
|
||||
version = "0.9.1";
|
||||
version = "0.9.2";
|
||||
src = fetchurl {
|
||||
url = "https://elpa.gnu.org/packages/javaimp-0.9.1.tar";
|
||||
sha256 = "1gy7qys9mzpgbqm5798fncmblmi32b350q51ccsyydq67yh69s3z";
|
||||
url = "https://elpa.gnu.org/packages/javaimp-0.9.2.tar";
|
||||
sha256 = "0y756psqlb2rn0bbrdndddsy6d22arv5f4qzaxgzp5p323vzjp7w";
|
||||
};
|
||||
packageRequires = [ ];
|
||||
meta = {
|
||||
|
|
@ -4896,10 +4964,10 @@
|
|||
elpaBuild {
|
||||
pname = "jinx";
|
||||
ename = "jinx";
|
||||
version = "2.7";
|
||||
version = "2.8";
|
||||
src = fetchurl {
|
||||
url = "https://elpa.gnu.org/packages/jinx-2.7.tar";
|
||||
sha256 = "0ikyr5spj7vk0xycgmywr2sqn9gy1khg6h7kdlzjgy0mrjpxl32w";
|
||||
url = "https://elpa.gnu.org/packages/jinx-2.8.tar";
|
||||
sha256 = "0cxgj390zylr4lqjmfd7f8898z4zsjy1ln783fcjlhcpf94jjjmx";
|
||||
};
|
||||
packageRequires = [ compat ];
|
||||
meta = {
|
||||
|
|
@ -5110,10 +5178,10 @@
|
|||
elpaBuild {
|
||||
pname = "kubed";
|
||||
ename = "kubed";
|
||||
version = "0.6.1";
|
||||
version = "0.7.1";
|
||||
src = fetchurl {
|
||||
url = "https://elpa.gnu.org/packages/kubed-0.6.1.tar";
|
||||
sha256 = "1filhadwzdkrw2dsma28b10nx62qnhxkp8g483r0il986ipnnshp";
|
||||
url = "https://elpa.gnu.org/packages/kubed-0.7.1.tar";
|
||||
sha256 = "1c8jr0wi52waa1yrz1y16gpyqabpqpyymmdf8c4apsja0i6345fk";
|
||||
};
|
||||
packageRequires = [ ];
|
||||
meta = {
|
||||
|
|
@ -5154,10 +5222,10 @@
|
|||
elpaBuild {
|
||||
pname = "latex-table-wizard";
|
||||
ename = "latex-table-wizard";
|
||||
version = "1.5.5";
|
||||
version = "1.6.0";
|
||||
src = fetchurl {
|
||||
url = "https://elpa.gnu.org/packages/latex-table-wizard-1.5.5.tar";
|
||||
sha256 = "1fffbaqiz3f1f2ki26b8x0cmisqhaijpw5vrh73k769wqdv09g43";
|
||||
url = "https://elpa.gnu.org/packages/latex-table-wizard-1.6.0.tar";
|
||||
sha256 = "1zpf3x62ldqy12npypjk1x8dw7adfmqqhqj30cl2s659vq7gs4nb";
|
||||
};
|
||||
packageRequires = [
|
||||
auctex
|
||||
|
|
@ -5272,10 +5340,10 @@
|
|||
elpaBuild {
|
||||
pname = "lex";
|
||||
ename = "lex";
|
||||
version = "1.2";
|
||||
version = "1.3";
|
||||
src = fetchurl {
|
||||
url = "https://elpa.gnu.org/packages/lex-1.2.tar";
|
||||
sha256 = "1pqjrlw558l4z4k40jmli8lmcqlzddhkr0mfm38rbycp7ghdr4zx";
|
||||
url = "https://elpa.gnu.org/packages/lex-1.3.tar";
|
||||
sha256 = "162y483d1gczjfcbds50y7iqbxmx7sfxi5mbdxyrhc2my6nq40lx";
|
||||
};
|
||||
packageRequires = [ ];
|
||||
meta = {
|
||||
|
|
@ -5369,10 +5437,10 @@
|
|||
elpaBuild {
|
||||
pname = "llm";
|
||||
ename = "llm";
|
||||
version = "0.30.1";
|
||||
version = "0.31.1";
|
||||
src = fetchurl {
|
||||
url = "https://elpa.gnu.org/packages/llm-0.30.1.tar";
|
||||
sha256 = "11mmaw24dg9iwml8kx09xv8h9iyz9i9jw4m1kghq192fp9wy668i";
|
||||
url = "https://elpa.gnu.org/packages/llm-0.31.1.tar";
|
||||
sha256 = "1395rh5jk3c0hfszzvn9xp3qyyi48nvz1x1v3vljgx4qzzcakgh3";
|
||||
};
|
||||
packageRequires = [
|
||||
compat
|
||||
|
|
@ -5607,10 +5675,10 @@
|
|||
elpaBuild {
|
||||
pname = "marginalia";
|
||||
ename = "marginalia";
|
||||
version = "2.10";
|
||||
version = "2.11";
|
||||
src = fetchurl {
|
||||
url = "https://elpa.gnu.org/packages/marginalia-2.10.tar";
|
||||
sha256 = "12did4rn4dp7km6shq7jvab2xbr0wxks4h1by19qz10rm5b0jl71";
|
||||
url = "https://elpa.gnu.org/packages/marginalia-2.11.tar";
|
||||
sha256 = "0h7jqgx95f5km90qc4g06ib3mi4acwggvx9yiwwirxj2mqwivifk";
|
||||
};
|
||||
packageRequires = [ compat ];
|
||||
meta = {
|
||||
|
|
@ -5876,6 +5944,7 @@
|
|||
) { };
|
||||
minimail = callPackage (
|
||||
{
|
||||
compat,
|
||||
elpaBuild,
|
||||
fetchurl,
|
||||
lib,
|
||||
|
|
@ -5884,12 +5953,15 @@
|
|||
elpaBuild {
|
||||
pname = "minimail";
|
||||
ename = "minimail";
|
||||
version = "0.4.2";
|
||||
version = "0.5";
|
||||
src = fetchurl {
|
||||
url = "https://elpa.gnu.org/packages/minimail-0.4.2.tar";
|
||||
sha256 = "1ri424g6v55405d4zr4qhnvdswd5hc9n4hs2xds40ps0h6qp05hm";
|
||||
url = "https://elpa.gnu.org/packages/minimail-0.5.tar";
|
||||
sha256 = "1m1yn8f9mn3zqf7zc0691qaya5l504ry3afz2nmjycavzh8hzk5h";
|
||||
};
|
||||
packageRequires = [ transient ];
|
||||
packageRequires = [
|
||||
compat
|
||||
transient
|
||||
];
|
||||
meta = {
|
||||
homepage = "https://elpa.gnu.org/packages/minimail.html";
|
||||
license = lib.licenses.free;
|
||||
|
|
@ -5928,10 +6000,10 @@
|
|||
elpaBuild {
|
||||
pname = "minuet";
|
||||
ename = "minuet";
|
||||
version = "0.7.1";
|
||||
version = "0.8.0";
|
||||
src = fetchurl {
|
||||
url = "https://elpa.gnu.org/packages/minuet-0.7.1.tar";
|
||||
sha256 = "0g18hfpjryg2kjj5gqr4jf1vgfjglaczd4w19g76233m31kd8f0n";
|
||||
url = "https://elpa.gnu.org/packages/minuet-0.8.0.tar";
|
||||
sha256 = "0vk118qd7g2b7vsaygj0lwnzj818p5nlsm36s1c7cm5inz1h6mfc";
|
||||
};
|
||||
packageRequires = [
|
||||
dash
|
||||
|
|
@ -5974,10 +6046,10 @@
|
|||
elpaBuild {
|
||||
pname = "modus-themes";
|
||||
ename = "modus-themes";
|
||||
version = "5.2.0";
|
||||
version = "5.3.0";
|
||||
src = fetchurl {
|
||||
url = "https://elpa.gnu.org/packages/modus-themes-5.2.0.tar";
|
||||
sha256 = "1715x863mbvcc2lqf61lll5j50zhpc0jysdgd7v0ajznx40kqmxv";
|
||||
url = "https://elpa.gnu.org/packages/modus-themes-5.3.0.tar";
|
||||
sha256 = "04561ndfxq2y17drklkb3wl9kl6hdc05d4b6rrlqs3fdxcs6q6mx";
|
||||
};
|
||||
packageRequires = [ ];
|
||||
meta = {
|
||||
|
|
@ -6376,10 +6448,10 @@
|
|||
elpaBuild {
|
||||
pname = "oauth2";
|
||||
ename = "oauth2";
|
||||
version = "0.18.4";
|
||||
version = "0.19";
|
||||
src = fetchurl {
|
||||
url = "https://elpa.gnu.org/packages/oauth2-0.18.4.tar";
|
||||
sha256 = "1hhfk7glp3m9f4aqf1dvqs5f7qp4s2gvbxamyxjalw3sj6pbv92n";
|
||||
url = "https://elpa.gnu.org/packages/oauth2-0.19.tar";
|
||||
sha256 = "0fjs2wk2ayhzh9ba8fa8pki4c5cyavcw0vqsscj93894s7xv9xgz";
|
||||
};
|
||||
packageRequires = [ ];
|
||||
meta = {
|
||||
|
|
@ -6505,10 +6577,10 @@
|
|||
elpaBuild {
|
||||
pname = "orderless";
|
||||
ename = "orderless";
|
||||
version = "1.6";
|
||||
version = "1.7";
|
||||
src = fetchurl {
|
||||
url = "https://elpa.gnu.org/packages/orderless-1.6.tar";
|
||||
sha256 = "15gif01ivwg03h45azrj3kw2lgj7xnkr6p9r95m36fmfbg31csdh";
|
||||
url = "https://elpa.gnu.org/packages/orderless-1.7.tar";
|
||||
sha256 = "0g1klijlvv44fd7xjvlh6v97zjvca37710bxlgk629v6k4kl2rbz";
|
||||
};
|
||||
packageRequires = [ compat ];
|
||||
meta = {
|
||||
|
|
@ -6526,10 +6598,10 @@
|
|||
elpaBuild {
|
||||
pname = "org";
|
||||
ename = "org";
|
||||
version = "9.8.3";
|
||||
version = "9.8.6";
|
||||
src = fetchurl {
|
||||
url = "https://elpa.gnu.org/packages/org-9.8.3.tar";
|
||||
sha256 = "0csfrn0k1fysjfwf8xmdnmizfjz62scr3kjawpafwv58gvizk32z";
|
||||
url = "https://elpa.gnu.org/packages/org-9.8.6.tar";
|
||||
sha256 = "0qc9c49k8fcaa8c947wb7knn5lbm2bigvzxkbx8cdbyrj15pra4j";
|
||||
};
|
||||
packageRequires = [ ];
|
||||
meta = {
|
||||
|
|
@ -6673,10 +6745,10 @@
|
|||
elpaBuild {
|
||||
pname = "org-modern";
|
||||
ename = "org-modern";
|
||||
version = "1.13";
|
||||
version = "1.14";
|
||||
src = fetchurl {
|
||||
url = "https://elpa.gnu.org/packages/org-modern-1.13.tar";
|
||||
sha256 = "0cl6dqk8zq213j9ph07689dbzh1q1xr96kf512vvmgkln0himfqj";
|
||||
url = "https://elpa.gnu.org/packages/org-modern-1.14.tar";
|
||||
sha256 = "08rvxrr67ypvncrg7znl3in8c314l7x1a18m6hr458wqc1xb57zx";
|
||||
};
|
||||
packageRequires = [
|
||||
compat
|
||||
|
|
@ -6853,10 +6925,10 @@
|
|||
elpaBuild {
|
||||
pname = "osm";
|
||||
ename = "osm";
|
||||
version = "2.2";
|
||||
version = "2.3";
|
||||
src = fetchurl {
|
||||
url = "https://elpa.gnu.org/packages/osm-2.2.tar";
|
||||
sha256 = "0xq5gzhgxgv52kxprik15b5ijrdw7c5262ifzdcjg3vv3qv0hwy8";
|
||||
url = "https://elpa.gnu.org/packages/osm-2.3.tar";
|
||||
sha256 = "0x08qbdk7y05cm8kc35f2i6k5xnd9iyyhr0f0fyi489kbvd3n1nh";
|
||||
};
|
||||
packageRequires = [ compat ];
|
||||
meta = {
|
||||
|
|
@ -7087,10 +7159,10 @@
|
|||
elpaBuild {
|
||||
pname = "php-fill";
|
||||
ename = "php-fill";
|
||||
version = "1.1.1";
|
||||
version = "1.1.2";
|
||||
src = fetchurl {
|
||||
url = "https://elpa.gnu.org/packages/php-fill-1.1.1.tar";
|
||||
sha256 = "130q6nyx5837wvhvis0nlzsqky7hic00z1jakik66asqpyrl7ncj";
|
||||
url = "https://elpa.gnu.org/packages/php-fill-1.1.2.tar";
|
||||
sha256 = "0r1zmin3wv8sqzgw6zbvbb7wix7d6h6s798f9r05w6g9m1vf0r5r";
|
||||
};
|
||||
packageRequires = [ ];
|
||||
meta = {
|
||||
|
|
@ -7364,10 +7436,10 @@
|
|||
elpaBuild {
|
||||
pname = "posframe";
|
||||
ename = "posframe";
|
||||
version = "1.5.1";
|
||||
version = "1.5.2";
|
||||
src = fetchurl {
|
||||
url = "https://elpa.gnu.org/packages/posframe-1.5.1.tar";
|
||||
sha256 = "1g1pcf83w4fv299ykvx7b93kxkc58fkr6yk39sxny5g16d4gl80g";
|
||||
url = "https://elpa.gnu.org/packages/posframe-1.5.2.tar";
|
||||
sha256 = "0ywbcwm3sh01vc4nc2ra3b09gri2lgz838gjxgsflv9g3si1918x";
|
||||
};
|
||||
packageRequires = [ ];
|
||||
meta = {
|
||||
|
|
@ -8102,10 +8174,10 @@
|
|||
elpaBuild {
|
||||
pname = "rnc-mode";
|
||||
ename = "rnc-mode";
|
||||
version = "0.3";
|
||||
version = "0.4";
|
||||
src = fetchurl {
|
||||
url = "https://elpa.gnu.org/packages/rnc-mode-0.3.tar";
|
||||
sha256 = "1p03g451888v86k9z6g8gj375p1pcdvikgk1phxkhipwi5hbf5g8";
|
||||
url = "https://elpa.gnu.org/packages/rnc-mode-0.4.tar";
|
||||
sha256 = "1igg829mm6n35mpfp254276ib3x7x7wxdg9zm38yf5n3bmjq7cxf";
|
||||
};
|
||||
packageRequires = [ ];
|
||||
meta = {
|
||||
|
|
@ -8375,6 +8447,27 @@
|
|||
};
|
||||
}
|
||||
) { };
|
||||
shift-number = callPackage (
|
||||
{
|
||||
elpaBuild,
|
||||
fetchurl,
|
||||
lib,
|
||||
}:
|
||||
elpaBuild {
|
||||
pname = "shift-number";
|
||||
ename = "shift-number";
|
||||
version = "0.3";
|
||||
src = fetchurl {
|
||||
url = "https://elpa.gnu.org/packages/shift-number-0.3.tar";
|
||||
sha256 = "0vqwy0ai4f1ga4j2inl2s1ly0v9i3fmqyd0p28fgyx3f23c83jqn";
|
||||
};
|
||||
packageRequires = [ ];
|
||||
meta = {
|
||||
homepage = "https://elpa.gnu.org/packages/shift-number.html";
|
||||
license = lib.licenses.free;
|
||||
};
|
||||
}
|
||||
) { };
|
||||
show-font = callPackage (
|
||||
{
|
||||
elpaBuild,
|
||||
|
|
@ -9185,10 +9278,10 @@
|
|||
elpaBuild {
|
||||
pname = "tempel";
|
||||
ename = "tempel";
|
||||
version = "1.12";
|
||||
version = "1.13";
|
||||
src = fetchurl {
|
||||
url = "https://elpa.gnu.org/packages/tempel-1.12.tar";
|
||||
sha256 = "1ghlnf7533i6iarzmsgyc0d366bzc3jbyvn6bq650c10ci4wjzsm";
|
||||
url = "https://elpa.gnu.org/packages/tempel-1.13.tar";
|
||||
sha256 = "1sxyxz799nw56wqrm7hsr0dq2yaxckr9a1rynw2jsrfhbzcxpbfp";
|
||||
};
|
||||
packageRequires = [ compat ];
|
||||
meta = {
|
||||
|
|
@ -9206,10 +9299,10 @@
|
|||
elpaBuild {
|
||||
pname = "termint";
|
||||
ename = "termint";
|
||||
version = "0.2.2";
|
||||
version = "0.2.3";
|
||||
src = fetchurl {
|
||||
url = "https://elpa.gnu.org/packages/termint-0.2.2.tar";
|
||||
sha256 = "0iavnximqsx6vl6yx36n829h67x4pyfmm8xcp5fzjwphdmgfdann";
|
||||
url = "https://elpa.gnu.org/packages/termint-0.2.3.tar";
|
||||
sha256 = "1yir074lihlr2y78a58jm233a6s807j8d8fvlvv6b62wm0036frk";
|
||||
};
|
||||
packageRequires = [ ];
|
||||
meta = {
|
||||
|
|
@ -9312,10 +9405,10 @@
|
|||
elpaBuild {
|
||||
pname = "timeout";
|
||||
ename = "timeout";
|
||||
version = "2.1";
|
||||
version = "2.1.6";
|
||||
src = fetchurl {
|
||||
url = "https://elpa.gnu.org/packages/timeout-2.1.tar";
|
||||
sha256 = "1mm4yp1spw512dnav1p3wnxqrsyls918i14azg03by4v32r9945p";
|
||||
url = "https://elpa.gnu.org/packages/timeout-2.1.6.tar";
|
||||
sha256 = "08lijbbbx2wx64jn6l5820phkmi6cagym1239zj1hx25h28b2h0r";
|
||||
};
|
||||
packageRequires = [ ];
|
||||
meta = {
|
||||
|
|
@ -9465,10 +9558,10 @@
|
|||
elpaBuild {
|
||||
pname = "tramp";
|
||||
ename = "tramp";
|
||||
version = "2.8.1.3";
|
||||
version = "2.8.1.5";
|
||||
src = fetchurl {
|
||||
url = "https://elpa.gnu.org/packages/tramp-2.8.1.3.tar";
|
||||
sha256 = "1jjbgg48q6dlfp9rpn0pla4mlclw60079d51bgnb84q3pv3zdqwj";
|
||||
url = "https://elpa.gnu.org/packages/tramp-2.8.1.5.tar";
|
||||
sha256 = "04rhm5ijx3qs386ffxvp2117a4xn7zw6z5cqci77f6q07i5921zw";
|
||||
};
|
||||
packageRequires = [ ];
|
||||
meta = {
|
||||
|
|
@ -9574,10 +9667,10 @@
|
|||
elpaBuild {
|
||||
pname = "transient";
|
||||
ename = "transient";
|
||||
version = "0.13.0";
|
||||
version = "0.13.4";
|
||||
src = fetchurl {
|
||||
url = "https://elpa.gnu.org/packages/transient-0.13.0.tar";
|
||||
sha256 = "0rwb7l823d4nkk7zmnyi5j7id7kswxrc0h9crqyd63n14w78bksi";
|
||||
url = "https://elpa.gnu.org/packages/transient-0.13.4.tar";
|
||||
sha256 = "02142xcxv50bycshbl6qj47q6s9gi6sbagrnyjqi5ma74509zq6h";
|
||||
};
|
||||
packageRequires = [
|
||||
compat
|
||||
|
|
@ -9703,6 +9796,27 @@
|
|||
};
|
||||
}
|
||||
) { };
|
||||
trust-manager = callPackage (
|
||||
{
|
||||
elpaBuild,
|
||||
fetchurl,
|
||||
lib,
|
||||
}:
|
||||
elpaBuild {
|
||||
pname = "trust-manager";
|
||||
ename = "trust-manager";
|
||||
version = "0.4.1";
|
||||
src = fetchurl {
|
||||
url = "https://elpa.gnu.org/packages/trust-manager-0.4.1.tar";
|
||||
sha256 = "1azp3kzkw76xbwsn6j94liy33d3swajc1v2h8ghczvxv8sw8khgj";
|
||||
};
|
||||
packageRequires = [ ];
|
||||
meta = {
|
||||
homepage = "https://elpa.gnu.org/packages/trust-manager.html";
|
||||
license = lib.licenses.free;
|
||||
};
|
||||
}
|
||||
) { };
|
||||
ulisp-repl = callPackage (
|
||||
{
|
||||
elpaBuild,
|
||||
|
|
@ -10132,10 +10246,10 @@
|
|||
elpaBuild {
|
||||
pname = "verilog-mode";
|
||||
ename = "verilog-mode";
|
||||
version = "2026.1.18.88738971";
|
||||
version = "2026.4.14.10117132";
|
||||
src = fetchurl {
|
||||
url = "https://elpa.gnu.org/packages/verilog-mode-2026.1.18.88738971.tar";
|
||||
sha256 = "1m215m38mia2wiq1zzyy85k268pch10yzf3p4i0nk5s7ijxl6ls4";
|
||||
url = "https://elpa.gnu.org/packages/verilog-mode-2026.4.14.10117132.tar";
|
||||
sha256 = "0n699kpqhh1b023wswm938f7kxc983faw0bv4x70kq12y7h3slj1";
|
||||
};
|
||||
packageRequires = [ ];
|
||||
meta = {
|
||||
|
|
@ -10154,10 +10268,10 @@
|
|||
elpaBuild {
|
||||
pname = "vertico";
|
||||
ename = "vertico";
|
||||
version = "2.8";
|
||||
version = "2.10";
|
||||
src = fetchurl {
|
||||
url = "https://elpa.gnu.org/packages/vertico-2.8.tar";
|
||||
sha256 = "0v19z3sh4npjmvii03r5v9mbmg8g3bp1ay82ydalw864hlcwgb71";
|
||||
url = "https://elpa.gnu.org/packages/vertico-2.10.tar";
|
||||
sha256 = "1kwmlpfxjnjkv05hfqhxmxw5d1vlhqvdmyc3p34qhp3bj2xafwm0";
|
||||
};
|
||||
packageRequires = [ compat ];
|
||||
meta = {
|
||||
|
|
@ -10306,10 +10420,10 @@
|
|||
elpaBuild {
|
||||
pname = "wcheck-mode";
|
||||
ename = "wcheck-mode";
|
||||
version = "2026";
|
||||
version = "2026.5";
|
||||
src = fetchurl {
|
||||
url = "https://elpa.gnu.org/packages/wcheck-mode-2026.tar";
|
||||
sha256 = "019lsaihpl9w17qfhn8c5j8rp8nrvlmb16w6r8sb1iril31997sz";
|
||||
url = "https://elpa.gnu.org/packages/wcheck-mode-2026.5.tar";
|
||||
sha256 = "0yxg6s4s5103zfa8m82gaxc46d9gjpiknmvgm2lcb21dckdsay13";
|
||||
};
|
||||
packageRequires = [ ];
|
||||
meta = {
|
||||
|
|
@ -10761,10 +10875,10 @@
|
|||
elpaBuild {
|
||||
pname = "yaml";
|
||||
ename = "yaml";
|
||||
version = "1.2.3";
|
||||
version = "1.2.4";
|
||||
src = fetchurl {
|
||||
url = "https://elpa.gnu.org/packages/yaml-1.2.3.tar";
|
||||
sha256 = "0wyvhh4ij22wdd3g5jkg2mnyglbk2k7mf2jv48jkpb5jc4kf6jvr";
|
||||
url = "https://elpa.gnu.org/packages/yaml-1.2.4.tar";
|
||||
sha256 = "12ji680hjm1isc5k3yapvnp2m7pk23syfxwhi95bizhka02n0qly";
|
||||
};
|
||||
packageRequires = [ ];
|
||||
meta = {
|
||||
|
|
|
|||
|
|
@ -1536,6 +1536,8 @@ let
|
|||
|
||||
org-change = ignoreCompilationError super.org-change; # elisp error
|
||||
|
||||
org-cite-overlay = ignoreCompilationError super.org-cite-overlay; # native-ice
|
||||
|
||||
org-edit-latex = mkHome super.org-edit-latex;
|
||||
|
||||
# https://github.com/GuiltyDolphin/org-evil/issues/24
|
||||
|
|
|
|||
File diff suppressed because it is too large
Load diff
|
|
@ -9,10 +9,10 @@
|
|||
elpaBuild {
|
||||
pname = "adoc-mode";
|
||||
ename = "adoc-mode";
|
||||
version = "0.8.0";
|
||||
version = "0.9.0";
|
||||
src = fetchurl {
|
||||
url = "https://elpa.nongnu.org/nongnu/adoc-mode-0.8.0.tar";
|
||||
sha256 = "16459ial82gybqjm8ib0cxry6daipak4baxiz2wnldgy5vpgjnrd";
|
||||
url = "https://elpa.nongnu.org/nongnu/adoc-mode-0.9.0.tar";
|
||||
sha256 = "11anl5b9ka9aww2w2jv0clrvq98f2vsa9ri3n1xxdll5z77rvw56";
|
||||
};
|
||||
packageRequires = [ ];
|
||||
meta = {
|
||||
|
|
@ -75,10 +75,10 @@
|
|||
elpaBuild {
|
||||
pname = "aidermacs";
|
||||
ename = "aidermacs";
|
||||
version = "1.6";
|
||||
version = "1.7";
|
||||
src = fetchurl {
|
||||
url = "https://elpa.nongnu.org/nongnu/aidermacs-1.6.tar";
|
||||
sha256 = "07ql2kv7naza7jigmsw9x1k3md0hz2c302qrc0cy1a1h07567nli";
|
||||
url = "https://elpa.nongnu.org/nongnu/aidermacs-1.7.tar";
|
||||
sha256 = "17l7dlg218j63zwzi51wdczamvxlv54l0ivkip3h3kll386lkcm6";
|
||||
};
|
||||
packageRequires = [
|
||||
compat
|
||||
|
|
@ -142,10 +142,10 @@
|
|||
elpaBuild {
|
||||
pname = "annotate";
|
||||
ename = "annotate";
|
||||
version = "2.4.5";
|
||||
version = "2.5.0";
|
||||
src = fetchurl {
|
||||
url = "https://elpa.nongnu.org/nongnu/annotate-2.4.5.tar";
|
||||
sha256 = "0pdhwlz792sf5zipv8s449bah7xm9klbpicx9203fhsc0ad82d0j";
|
||||
url = "https://elpa.nongnu.org/nongnu/annotate-2.5.0.tar";
|
||||
sha256 = "0nydnnjx1p4fkiix70zg0apxxd0sprlzxk111lvgnamp3c4hxf93";
|
||||
};
|
||||
packageRequires = [ ];
|
||||
meta = {
|
||||
|
|
@ -566,10 +566,10 @@
|
|||
elpaBuild {
|
||||
pname = "casual";
|
||||
ename = "casual";
|
||||
version = "2.16.0";
|
||||
version = "2.16.2";
|
||||
src = fetchurl {
|
||||
url = "https://elpa.nongnu.org/nongnu/casual-2.16.0.tar";
|
||||
sha256 = "1s0d5c3aacyh1n5qy7ka4xwnmdbx3qrh0z0z41bc958zmay6mgpa";
|
||||
url = "https://elpa.nongnu.org/nongnu/casual-2.16.2.tar";
|
||||
sha256 = "0aqkxxds4paicn1r4hy13f71cl4qllf9dfijpl4mp5zizyx8a8a2";
|
||||
};
|
||||
packageRequires = [
|
||||
csv-mode
|
||||
|
|
@ -605,6 +605,7 @@
|
|||
cider = callPackage (
|
||||
{
|
||||
clojure-mode,
|
||||
compat,
|
||||
elpaBuild,
|
||||
fetchurl,
|
||||
lib,
|
||||
|
|
@ -618,13 +619,14 @@
|
|||
elpaBuild {
|
||||
pname = "cider";
|
||||
ename = "cider";
|
||||
version = "1.21.0";
|
||||
version = "1.22.2";
|
||||
src = fetchurl {
|
||||
url = "https://elpa.nongnu.org/nongnu/cider-1.21.0.tar";
|
||||
sha256 = "0rfjq6fqvam9v7mcx1459p377ryzi9wf7p2dn68nd51f324hx0gj";
|
||||
url = "https://elpa.nongnu.org/nongnu/cider-1.22.2.tar";
|
||||
sha256 = "0a7mcg1lazn1xyl3sxy0qpwd4qipf0ix56891ydjcv7i9yhggnpc";
|
||||
};
|
||||
packageRequires = [
|
||||
clojure-mode
|
||||
compat
|
||||
parseedn
|
||||
queue
|
||||
seq
|
||||
|
|
@ -733,10 +735,10 @@
|
|||
elpaBuild {
|
||||
pname = "cond-let";
|
||||
ename = "cond-let";
|
||||
version = "0.2.2";
|
||||
version = "1.1.2";
|
||||
src = fetchurl {
|
||||
url = "https://elpa.nongnu.org/nongnu/cond-let-0.2.2.tar";
|
||||
sha256 = "0ip5k8jhdgq1zkc6cj4ax8rv4236cxla2dapj83y526ra321gkzy";
|
||||
url = "https://elpa.nongnu.org/nongnu/cond-let-1.1.2.tar";
|
||||
sha256 = "04p2jf8nm1q00439r26vvg9549hld4spcabghwsgmf89gqjiv8mm";
|
||||
};
|
||||
packageRequires = [ ];
|
||||
meta = {
|
||||
|
|
@ -756,10 +758,10 @@
|
|||
elpaBuild {
|
||||
pname = "consult-flycheck";
|
||||
ename = "consult-flycheck";
|
||||
version = "1.1";
|
||||
version = "1.2";
|
||||
src = fetchurl {
|
||||
url = "https://elpa.nongnu.org/nongnu/consult-flycheck-1.1.tar";
|
||||
sha256 = "0nanxx0fbj6w9sxzz4ys8nxpv63al3m4lliy30y4ydiaig2a0abc";
|
||||
url = "https://elpa.nongnu.org/nongnu/consult-flycheck-1.2.tar";
|
||||
sha256 = "0g5lb3p4g91ax0c4zkkyvi2l4hkq5b9r2bciddgg1h4bsmrs6vhx";
|
||||
};
|
||||
packageRequires = [
|
||||
consult
|
||||
|
|
@ -828,10 +830,10 @@
|
|||
elpaBuild {
|
||||
pname = "csv2ledger";
|
||||
ename = "csv2ledger";
|
||||
version = "1.5.4";
|
||||
version = "1.5.5";
|
||||
src = fetchurl {
|
||||
url = "https://elpa.nongnu.org/nongnu/csv2ledger-1.5.4.tar";
|
||||
sha256 = "1h935g97fjrs1q0yz0q071zp91bhsb3yg13zqpp8il5gif20qqls";
|
||||
url = "https://elpa.nongnu.org/nongnu/csv2ledger-1.5.5.tar";
|
||||
sha256 = "09k7q33jxwrcf52csgf25kd9wqcs9bicl8azmkbrmm8d9jqgg3md";
|
||||
};
|
||||
packageRequires = [ csv-mode ];
|
||||
meta = {
|
||||
|
|
@ -1278,10 +1280,10 @@
|
|||
elpaBuild {
|
||||
pname = "eldoc-mouse";
|
||||
ename = "eldoc-mouse";
|
||||
version = "3.0.7";
|
||||
version = "3.0.8";
|
||||
src = fetchurl {
|
||||
url = "https://elpa.nongnu.org/nongnu/eldoc-mouse-3.0.7.tar";
|
||||
sha256 = "17s3iqkdswjfcdiyaa732v27pcpmxa96i17mwpzi34vw53a1r3wl";
|
||||
url = "https://elpa.nongnu.org/nongnu/eldoc-mouse-3.0.8.tar";
|
||||
sha256 = "1snacbxjqp8ykic5z1nzhg0fnd5fnafsgwxmfd9vy4rsm0ag9mrl";
|
||||
};
|
||||
packageRequires = [
|
||||
eglot
|
||||
|
|
@ -1319,6 +1321,56 @@
|
|||
};
|
||||
}
|
||||
) { };
|
||||
elfeed = callPackage (
|
||||
{
|
||||
compat,
|
||||
elpaBuild,
|
||||
fetchurl,
|
||||
lib,
|
||||
}:
|
||||
elpaBuild {
|
||||
pname = "elfeed";
|
||||
ename = "elfeed";
|
||||
version = "4.0.1";
|
||||
src = fetchurl {
|
||||
url = "https://elpa.nongnu.org/nongnu/elfeed-4.0.1.tar";
|
||||
sha256 = "1az6lj58j1kkxzpa7ik8irl3z2b9f7yxsm92pfqlcwplsnm2q8q2";
|
||||
};
|
||||
packageRequires = [ compat ];
|
||||
meta = {
|
||||
homepage = "https://elpa.nongnu.org/nongnu/elfeed.html";
|
||||
license = lib.licenses.free;
|
||||
};
|
||||
}
|
||||
) { };
|
||||
elfeed-web = callPackage (
|
||||
{
|
||||
compat,
|
||||
elfeed,
|
||||
elpaBuild,
|
||||
fetchurl,
|
||||
lib,
|
||||
simple-httpd,
|
||||
}:
|
||||
elpaBuild {
|
||||
pname = "elfeed-web";
|
||||
ename = "elfeed-web";
|
||||
version = "4.0.0";
|
||||
src = fetchurl {
|
||||
url = "https://elpa.nongnu.org/nongnu/elfeed-web-4.0.0.tar";
|
||||
sha256 = "0ah6zjcihxfra34zglqrj6pnxqnakgc58dlkgjzgrxdamx4dxfwg";
|
||||
};
|
||||
packageRequires = [
|
||||
compat
|
||||
elfeed
|
||||
simple-httpd
|
||||
];
|
||||
meta = {
|
||||
homepage = "https://elpa.nongnu.org/nongnu/elfeed-web.html";
|
||||
license = lib.licenses.free;
|
||||
};
|
||||
}
|
||||
) { };
|
||||
elixir-mode = callPackage (
|
||||
{
|
||||
elpaBuild,
|
||||
|
|
@ -1370,10 +1422,10 @@
|
|||
elpaBuild {
|
||||
pname = "emacsql";
|
||||
ename = "emacsql";
|
||||
version = "4.3.6";
|
||||
version = "4.4.1";
|
||||
src = fetchurl {
|
||||
url = "https://elpa.nongnu.org/nongnu/emacsql-4.3.6.tar";
|
||||
sha256 = "1zj04kqq3c5915n9pj5qx63rw8hnnpag2y5qca4d4y9h1lqnj2pp";
|
||||
url = "https://elpa.nongnu.org/nongnu/emacsql-4.4.1.tar";
|
||||
sha256 = "1gja15jyalzrlcs85ng98p6g7b0id4rayj4shwf7x1ic30sv12p3";
|
||||
};
|
||||
packageRequires = [ ];
|
||||
meta = {
|
||||
|
|
@ -1404,6 +1456,27 @@
|
|||
};
|
||||
}
|
||||
) { };
|
||||
eprolog = callPackage (
|
||||
{
|
||||
elpaBuild,
|
||||
fetchurl,
|
||||
lib,
|
||||
}:
|
||||
elpaBuild {
|
||||
pname = "eprolog";
|
||||
ename = "eprolog";
|
||||
version = "0.3.2";
|
||||
src = fetchurl {
|
||||
url = "https://elpa.nongnu.org/nongnu/eprolog-0.3.2.tar";
|
||||
sha256 = "1vbnbdpmxvqgay5m01bcm1wlsyz16nn4fydv7ipd8kzr4lw59qyg";
|
||||
};
|
||||
packageRequires = [ ];
|
||||
meta = {
|
||||
homepage = "https://elpa.nongnu.org/nongnu/eprolog.html";
|
||||
license = lib.licenses.free;
|
||||
};
|
||||
}
|
||||
) { };
|
||||
esxml = callPackage (
|
||||
{
|
||||
cl-lib ? null,
|
||||
|
|
@ -1719,16 +1792,20 @@
|
|||
evil,
|
||||
fetchurl,
|
||||
lib,
|
||||
shift-number,
|
||||
}:
|
||||
elpaBuild {
|
||||
pname = "evil-numbers";
|
||||
ename = "evil-numbers";
|
||||
version = "0.7";
|
||||
version = "0.8";
|
||||
src = fetchurl {
|
||||
url = "https://elpa.nongnu.org/nongnu/evil-numbers-0.7.tar";
|
||||
sha256 = "1k5vrh8bj9kldqq8kxn1qi3k82i7k4v4h6nkk9hng8p90zhac02i";
|
||||
url = "https://elpa.nongnu.org/nongnu/evil-numbers-0.8.tar";
|
||||
sha256 = "0l1ik0fz1bzpxnz9rnn0817j8ghpwhf3qv3lidzb3vpbynkas5a1";
|
||||
};
|
||||
packageRequires = [ evil ];
|
||||
packageRequires = [
|
||||
evil
|
||||
shift-number
|
||||
];
|
||||
meta = {
|
||||
homepage = "https://elpa.nongnu.org/nongnu/evil-numbers.html";
|
||||
license = lib.licenses.free;
|
||||
|
|
@ -1857,10 +1934,10 @@
|
|||
elpaBuild {
|
||||
pname = "fedi";
|
||||
ename = "fedi";
|
||||
version = "0.3";
|
||||
version = "0.4";
|
||||
src = fetchurl {
|
||||
url = "https://elpa.nongnu.org/nongnu/fedi-0.3.tar";
|
||||
sha256 = "1s1dn7n860b18cwyahc20lbl1bhv4y5h8jijs4iqbbgbk8w7hsjg";
|
||||
url = "https://elpa.nongnu.org/nongnu/fedi-0.4.tar";
|
||||
sha256 = "0zh2rkkj1wyj7csg72gg54mxlrd5kav54z3qhk6lp6j8h3zxkdvd";
|
||||
};
|
||||
packageRequires = [ markdown-mode ];
|
||||
meta = {
|
||||
|
|
@ -1882,10 +1959,10 @@
|
|||
elpaBuild {
|
||||
pname = "fj";
|
||||
ename = "fj";
|
||||
version = "0.34";
|
||||
version = "0.37";
|
||||
src = fetchurl {
|
||||
url = "https://elpa.nongnu.org/nongnu/fj-0.34.tar";
|
||||
sha256 = "0aqfipcpbsxp2pm05p44fdybhldpbvii2x2m0az9s3gkm7dvwg87";
|
||||
url = "https://elpa.nongnu.org/nongnu/fj-0.37.tar";
|
||||
sha256 = "1kya5xif5ffiqv9fk4mxwx6x6gqshkpji21z0q84q438hfbxpwl9";
|
||||
};
|
||||
packageRequires = [
|
||||
fedi
|
||||
|
|
@ -1899,6 +1976,27 @@
|
|||
};
|
||||
}
|
||||
) { };
|
||||
flamegraph = callPackage (
|
||||
{
|
||||
elpaBuild,
|
||||
fetchurl,
|
||||
lib,
|
||||
}:
|
||||
elpaBuild {
|
||||
pname = "flamegraph";
|
||||
ename = "flamegraph";
|
||||
version = "0.2";
|
||||
src = fetchurl {
|
||||
url = "https://elpa.nongnu.org/nongnu/flamegraph-0.2.tar";
|
||||
sha256 = "0zlji7iq7zrxix4mzw6z25rqgrmlnxnrc7skflkj0nv90z5w3fsh";
|
||||
};
|
||||
packageRequires = [ ];
|
||||
meta = {
|
||||
homepage = "https://elpa.nongnu.org/nongnu/flamegraph.html";
|
||||
license = lib.licenses.free;
|
||||
};
|
||||
}
|
||||
) { };
|
||||
flx = callPackage (
|
||||
{
|
||||
cl-lib ? null,
|
||||
|
|
@ -2158,10 +2256,10 @@
|
|||
elpaBuild {
|
||||
pname = "geiser";
|
||||
ename = "geiser";
|
||||
version = "0.32";
|
||||
version = "0.33.1";
|
||||
src = fetchurl {
|
||||
url = "https://elpa.nongnu.org/nongnu/geiser-0.32.tar";
|
||||
sha256 = "1mija2lp2fqhzi9bifl0ipkjhj3gx89qz41mk0phb5y5cws6nar1";
|
||||
url = "https://elpa.nongnu.org/nongnu/geiser-0.33.1.tar";
|
||||
sha256 = "0mh701hp587ahiqf0znnc4jm46i49z85nwac4bxn7sxxjid3xffl";
|
||||
};
|
||||
packageRequires = [ project ];
|
||||
meta = {
|
||||
|
|
@ -2291,10 +2389,10 @@
|
|||
elpaBuild {
|
||||
pname = "geiser-guile";
|
||||
ename = "geiser-guile";
|
||||
version = "0.28.3";
|
||||
version = "0.28.5";
|
||||
src = fetchurl {
|
||||
url = "https://elpa.nongnu.org/nongnu/geiser-guile-0.28.3.tar";
|
||||
sha256 = "163p8ll68qdgpz6l1ixwcmffcsv1kas095davgwgq001hfx9db5x";
|
||||
url = "https://elpa.nongnu.org/nongnu/geiser-guile-0.28.5.tar";
|
||||
sha256 = "078hmmqg6m428bg2sf640bwylrh4y64qanbz00prvjhgkrp1awnn";
|
||||
};
|
||||
packageRequires = [
|
||||
geiser
|
||||
|
|
@ -2434,10 +2532,10 @@
|
|||
elpaBuild {
|
||||
pname = "git-modes";
|
||||
ename = "git-modes";
|
||||
version = "1.4.8";
|
||||
version = "1.5.0";
|
||||
src = fetchurl {
|
||||
url = "https://elpa.nongnu.org/nongnu/git-modes-1.4.8.tar";
|
||||
sha256 = "08bgjpns90c36cdb6qbc24d41z1jg94mwsc91irpsmsvivxw1ksr";
|
||||
url = "https://elpa.nongnu.org/nongnu/git-modes-1.5.0.tar";
|
||||
sha256 = "0fxvv451pf8izn5q16ly21dxjax43l2p7qav11hi7qmygrrhxsc6";
|
||||
};
|
||||
packageRequires = [ compat ];
|
||||
meta = {
|
||||
|
|
@ -2528,10 +2626,10 @@
|
|||
elpaBuild {
|
||||
pname = "gnuplot";
|
||||
ename = "gnuplot";
|
||||
version = "0.11";
|
||||
version = "0.12";
|
||||
src = fetchurl {
|
||||
url = "https://elpa.nongnu.org/nongnu/gnuplot-0.11.tar";
|
||||
sha256 = "10zjkf0ba7jaqx41csa815apx58s0b87svvmzzld3i3xf91sash7";
|
||||
url = "https://elpa.nongnu.org/nongnu/gnuplot-0.12.tar";
|
||||
sha256 = "13pbnlwg9z7yc8s1hr1fq031cl9swld2jgxdd74jra49vvh6a3ar";
|
||||
};
|
||||
packageRequires = [ compat ];
|
||||
meta = {
|
||||
|
|
@ -2635,10 +2733,10 @@
|
|||
elpaBuild {
|
||||
pname = "gptel";
|
||||
ename = "gptel";
|
||||
version = "0.9.9.4";
|
||||
version = "0.9.9.5";
|
||||
src = fetchurl {
|
||||
url = "https://elpa.nongnu.org/nongnu/gptel-0.9.9.4.tar";
|
||||
sha256 = "0j410b0bynq91dxwakrrzp92m3p2lznzvmyq41viscjm0gjng4kn";
|
||||
url = "https://elpa.nongnu.org/nongnu/gptel-0.9.9.5.tar";
|
||||
sha256 = "1x1sd8g5fbgidj40ri9xg0rvyxdyjpxxnr45i0dj8d333nvssdq0";
|
||||
};
|
||||
packageRequires = [
|
||||
compat
|
||||
|
|
@ -2831,10 +2929,10 @@
|
|||
elpaBuild {
|
||||
pname = "helm";
|
||||
ename = "helm";
|
||||
version = "4.0.6";
|
||||
version = "4.0.7";
|
||||
src = fetchurl {
|
||||
url = "https://elpa.nongnu.org/nongnu/helm-4.0.6.tar";
|
||||
sha256 = "1nnkhffns1yj24slfln5rywqdw514jfklys3g5kmrl90i9apd5cp";
|
||||
url = "https://elpa.nongnu.org/nongnu/helm-4.0.7.tar";
|
||||
sha256 = "1x1wg3z6y5rb4r17ifwvz79pa3m6w9kkvxlfivznqh4ajgafrnn5";
|
||||
};
|
||||
packageRequires = [
|
||||
helm-core
|
||||
|
|
@ -2856,10 +2954,10 @@
|
|||
elpaBuild {
|
||||
pname = "helm-core";
|
||||
ename = "helm-core";
|
||||
version = "4.0.6";
|
||||
version = "4.0.7";
|
||||
src = fetchurl {
|
||||
url = "https://elpa.nongnu.org/nongnu/helm-core-4.0.6.tar";
|
||||
sha256 = "0b39k4wwl3sjw5c19g36a0lsxiascrqw23cf3hgksrpzp3amipbz";
|
||||
url = "https://elpa.nongnu.org/nongnu/helm-core-4.0.7.tar";
|
||||
sha256 = "1d7a61rbc7rlr144v9qm6c89dnchn7xwcv05gl6kdapb7gir9l8f";
|
||||
};
|
||||
packageRequires = [ async ];
|
||||
meta = {
|
||||
|
|
@ -3176,10 +3274,10 @@
|
|||
elpaBuild {
|
||||
pname = "isl";
|
||||
ename = "isl";
|
||||
version = "1.6";
|
||||
version = "1.7";
|
||||
src = fetchurl {
|
||||
url = "https://elpa.nongnu.org/nongnu/isl-1.6.tar";
|
||||
sha256 = "1bsqq3i7flpbihvcmvcwb1s3gabq6wslwpamcqhcf15j30znwhb1";
|
||||
url = "https://elpa.nongnu.org/nongnu/isl-1.7.tar";
|
||||
sha256 = "1nksczxv2bq6l8wg855a0ahzp1w3dhai4vwni8hyrp5fk2z0gcan";
|
||||
};
|
||||
packageRequires = [ ];
|
||||
meta = {
|
||||
|
|
@ -3348,6 +3446,7 @@
|
|||
keycast = callPackage (
|
||||
{
|
||||
compat,
|
||||
cond-let,
|
||||
elpaBuild,
|
||||
fetchurl,
|
||||
lib,
|
||||
|
|
@ -3355,12 +3454,15 @@
|
|||
elpaBuild {
|
||||
pname = "keycast";
|
||||
ename = "keycast";
|
||||
version = "1.4.7";
|
||||
version = "1.4.8";
|
||||
src = fetchurl {
|
||||
url = "https://elpa.nongnu.org/nongnu/keycast-1.4.7.tar";
|
||||
sha256 = "0ipjn0b9jr6m7a88f76mz6j5na20hix94h8c5ghv705izjlqla0w";
|
||||
url = "https://elpa.nongnu.org/nongnu/keycast-1.4.8.tar";
|
||||
sha256 = "0rgaqc2d7n8a498n8jb14890gp6z49nqnpzk1h0xw03hnh8smz90";
|
||||
};
|
||||
packageRequires = [ compat ];
|
||||
packageRequires = [
|
||||
compat
|
||||
cond-let
|
||||
];
|
||||
meta = {
|
||||
homepage = "https://elpa.nongnu.org/nongnu/keycast.html";
|
||||
license = lib.licenses.free;
|
||||
|
|
@ -3399,10 +3501,10 @@
|
|||
elpaBuild {
|
||||
pname = "lem";
|
||||
ename = "lem";
|
||||
version = "0.24";
|
||||
version = "0.25";
|
||||
src = fetchurl {
|
||||
url = "https://elpa.nongnu.org/nongnu/lem-0.24.tar";
|
||||
sha256 = "1ykyahpd7y43lf3vk3a0w9rjim4lsm35mlw1qqljbixci2izk797";
|
||||
url = "https://elpa.nongnu.org/nongnu/lem-0.25.tar";
|
||||
sha256 = "1hrnq46bmz10a3w89flhw85rqs58wpnywslx3p8g16196ln348sd";
|
||||
};
|
||||
packageRequires = [
|
||||
fedi
|
||||
|
|
@ -3424,10 +3526,10 @@
|
|||
elpaBuild {
|
||||
pname = "llama";
|
||||
ename = "llama";
|
||||
version = "1.0.4";
|
||||
version = "1.0.5";
|
||||
src = fetchurl {
|
||||
url = "https://elpa.nongnu.org/nongnu/llama-1.0.4.tar";
|
||||
sha256 = "0kxrbsck78f4r4npssywai2paf9mlyx59zpnfvmkgv50gphrwx7h";
|
||||
url = "https://elpa.nongnu.org/nongnu/llama-1.0.5.tar";
|
||||
sha256 = "10ysi2a7aifp9ixrhygfcas7zn9dfqy1zpiycwz3gamlzkvjzw2l";
|
||||
};
|
||||
packageRequires = [ compat ];
|
||||
meta = {
|
||||
|
|
@ -3477,10 +3579,10 @@
|
|||
elpaBuild {
|
||||
pname = "loopy";
|
||||
ename = "loopy";
|
||||
version = "0.15.0";
|
||||
version = "0.16.0";
|
||||
src = fetchurl {
|
||||
url = "https://elpa.nongnu.org/nongnu/loopy-0.15.0.tar";
|
||||
sha256 = "18l1bml8xiji0mgmm6fb669iwyidg7pay231kv14kbv1agiwfkbp";
|
||||
url = "https://elpa.nongnu.org/nongnu/loopy-0.16.0.tar";
|
||||
sha256 = "0bav318gimpv42y0ww9c0gm90pkma3ri0xp9mfimz9yriw2bjzyv";
|
||||
};
|
||||
packageRequires = [
|
||||
compat
|
||||
|
|
@ -3686,10 +3788,10 @@
|
|||
elpaBuild {
|
||||
pname = "mastodon";
|
||||
ename = "mastodon";
|
||||
version = "2.0.16";
|
||||
version = "2.0.17";
|
||||
src = fetchurl {
|
||||
url = "https://elpa.nongnu.org/nongnu/mastodon-2.0.16.tar";
|
||||
sha256 = "0zyqqfxg7b22pj8y181x30rhy81ijbm21ai70l7cq79dr2a3yr96";
|
||||
url = "https://elpa.nongnu.org/nongnu/mastodon-2.0.17.tar";
|
||||
sha256 = "1yg1fylz1dp7my8zfnscnvd1sdhjhi45xw10sqn3rmqmmrwd87d9";
|
||||
};
|
||||
packageRequires = [
|
||||
persist
|
||||
|
|
@ -4237,10 +4339,10 @@
|
|||
elpaBuild {
|
||||
pname = "orgit";
|
||||
ename = "orgit";
|
||||
version = "2.1.2";
|
||||
version = "2.1.3";
|
||||
src = fetchurl {
|
||||
url = "https://elpa.nongnu.org/nongnu/orgit-2.1.2.tar";
|
||||
sha256 = "10cc70538mq89ypwcb22x4797qa38z60mw0h67xdf2zisdiw5c6z";
|
||||
url = "https://elpa.nongnu.org/nongnu/orgit-2.1.3.tar";
|
||||
sha256 = "1brwy6jx7jxb8jlkr8jq8hsdzmizqs41hkb3p14rmqqd0m5ddapl";
|
||||
};
|
||||
packageRequires = [
|
||||
compat
|
||||
|
|
@ -4486,10 +4588,10 @@
|
|||
elpaBuild {
|
||||
pname = "pg";
|
||||
ename = "pg";
|
||||
version = "0.65";
|
||||
version = "0.67";
|
||||
src = fetchurl {
|
||||
url = "https://elpa.nongnu.org/nongnu/pg-0.65.tar";
|
||||
sha256 = "1gf93xsldhx105r5m03hiq3lzlzb3r5pjd3j99jl0gs3z8pmn8ic";
|
||||
url = "https://elpa.nongnu.org/nongnu/pg-0.67.tar";
|
||||
sha256 = "01q06yk011pn9pg9srilwy0k9nn8x5pl32k1mn9i54mbikf7ac5b";
|
||||
};
|
||||
packageRequires = [ peg ];
|
||||
meta = {
|
||||
|
|
@ -4910,10 +5012,10 @@
|
|||
elpaBuild {
|
||||
pname = "scad-mode";
|
||||
ename = "scad-mode";
|
||||
version = "98.0";
|
||||
version = "99.0";
|
||||
src = fetchurl {
|
||||
url = "https://elpa.nongnu.org/nongnu/scad-mode-98.0.tar";
|
||||
sha256 = "0ksiz8rxxykm2lnc2lil1qndpl0lxcw8fa9nlh420xva9m3s9sda";
|
||||
url = "https://elpa.nongnu.org/nongnu/scad-mode-99.0.tar";
|
||||
sha256 = "1wdb7ri2716r4m22asj370c3mnjchcsnxjwbw3m13rgvkj2ax6j4";
|
||||
};
|
||||
packageRequires = [ compat ];
|
||||
meta = {
|
||||
|
|
@ -5048,6 +5150,28 @@
|
|||
};
|
||||
}
|
||||
) { };
|
||||
simple-httpd = callPackage (
|
||||
{
|
||||
compat,
|
||||
elpaBuild,
|
||||
fetchurl,
|
||||
lib,
|
||||
}:
|
||||
elpaBuild {
|
||||
pname = "simple-httpd";
|
||||
ename = "simple-httpd";
|
||||
version = "1.6";
|
||||
src = fetchurl {
|
||||
url = "https://elpa.nongnu.org/nongnu/simple-httpd-1.6.tar";
|
||||
sha256 = "08rkqid2c11dl0sm8795jzkiilj02kbq6xy56b3bh83pc09wfmay";
|
||||
};
|
||||
packageRequires = [ compat ];
|
||||
meta = {
|
||||
homepage = "https://elpa.nongnu.org/nongnu/simple-httpd.html";
|
||||
license = lib.licenses.free;
|
||||
};
|
||||
}
|
||||
) { };
|
||||
slime = callPackage (
|
||||
{
|
||||
elpaBuild,
|
||||
|
|
@ -5269,10 +5393,10 @@
|
|||
elpaBuild {
|
||||
pname = "subed";
|
||||
ename = "subed";
|
||||
version = "1.4.2";
|
||||
version = "1.5.1";
|
||||
src = fetchurl {
|
||||
url = "https://elpa.nongnu.org/nongnu/subed-1.4.2.tar";
|
||||
sha256 = "0crpgxqk164z602iajhx7b0zxdjs5f9g8hv0q6n1vjrsby87pl1x";
|
||||
url = "https://elpa.nongnu.org/nongnu/subed-1.5.1.tar";
|
||||
sha256 = "0gk9r2dvmrxpz4gpypnnzjgph6xasn5f9i51cx1hnd9r5zim2qy3";
|
||||
};
|
||||
packageRequires = [ ];
|
||||
meta = {
|
||||
|
|
@ -5308,17 +5432,16 @@
|
|||
elpaBuild,
|
||||
fetchurl,
|
||||
lib,
|
||||
seq,
|
||||
}:
|
||||
elpaBuild {
|
||||
pname = "swift-mode";
|
||||
ename = "swift-mode";
|
||||
version = "9.4.0";
|
||||
version = "10.0.0";
|
||||
src = fetchurl {
|
||||
url = "https://elpa.nongnu.org/nongnu/swift-mode-9.4.0.tar";
|
||||
sha256 = "0zfwzz5n98svv1if9wwj37hraiw2in06ks7n3mnk1jjik54kmpxd";
|
||||
url = "https://elpa.nongnu.org/nongnu/swift-mode-10.0.0.tar";
|
||||
sha256 = "07wydsy8ihfmr1i4hya270f9v5dy9mfn6kzbmyj3kf9kx5grhybl";
|
||||
};
|
||||
packageRequires = [ seq ];
|
||||
packageRequires = [ ];
|
||||
meta = {
|
||||
homepage = "https://elpa.nongnu.org/nongnu/swift-mode.html";
|
||||
license = lib.licenses.free;
|
||||
|
|
@ -5576,10 +5699,10 @@
|
|||
elpaBuild {
|
||||
pname = "tp";
|
||||
ename = "tp";
|
||||
version = "0.8";
|
||||
version = "0.9";
|
||||
src = fetchurl {
|
||||
url = "https://elpa.nongnu.org/nongnu/tp-0.8.tar";
|
||||
sha256 = "1psa4sdia1vx3l2v1lklc8wy8nqbq6g83fyj46xii20rfm4db9hk";
|
||||
url = "https://elpa.nongnu.org/nongnu/tp-0.9.tar";
|
||||
sha256 = "0xaqynvw65l5dm3hxba6v8jrh2pvn6b2q0npsf9sdwryjg2zlk41";
|
||||
};
|
||||
packageRequires = [ transient ];
|
||||
meta = {
|
||||
|
|
@ -5872,10 +5995,10 @@
|
|||
elpaBuild {
|
||||
pname = "web-mode";
|
||||
ename = "web-mode";
|
||||
version = "17.3.23";
|
||||
version = "17.3.24";
|
||||
src = fetchurl {
|
||||
url = "https://elpa.nongnu.org/nongnu/web-mode-17.3.23.tar";
|
||||
sha256 = "17l0lda5p8nf239b0x43w8fx9a87rmk9rk282983nqi4f57iyzb2";
|
||||
url = "https://elpa.nongnu.org/nongnu/web-mode-17.3.24.tar";
|
||||
sha256 = "129hz6h2ygmqhn3bbjxx2gpdnvh0gifc4xaipsjz0716rj1s0k81";
|
||||
};
|
||||
packageRequires = [ ];
|
||||
meta = {
|
||||
|
|
@ -5976,6 +6099,7 @@
|
|||
with-editor = callPackage (
|
||||
{
|
||||
compat,
|
||||
cond-let,
|
||||
elpaBuild,
|
||||
fetchurl,
|
||||
lib,
|
||||
|
|
@ -5983,12 +6107,15 @@
|
|||
elpaBuild {
|
||||
pname = "with-editor";
|
||||
ename = "with-editor";
|
||||
version = "3.4.9";
|
||||
version = "3.5.1";
|
||||
src = fetchurl {
|
||||
url = "https://elpa.nongnu.org/nongnu/with-editor-3.4.9.tar";
|
||||
sha256 = "0bzwxy67x8yvs1qv2m5mzkcssk9r3dm1zvq2map6kpscqgc15gq8";
|
||||
url = "https://elpa.nongnu.org/nongnu/with-editor-3.5.1.tar";
|
||||
sha256 = "0p19n8kx9gkj87pr8rlac8b9vlrb57w7k5b62fx9dwx2m54dixh9";
|
||||
};
|
||||
packageRequires = [ compat ];
|
||||
packageRequires = [
|
||||
compat
|
||||
cond-let
|
||||
];
|
||||
meta = {
|
||||
homepage = "https://elpa.nongnu.org/nongnu/with-editor.html";
|
||||
license = lib.licenses.free;
|
||||
|
|
@ -6200,10 +6327,10 @@
|
|||
elpaBuild {
|
||||
pname = "zenburn-theme";
|
||||
ename = "zenburn-theme";
|
||||
version = "2.9.0";
|
||||
version = "2.10.0";
|
||||
src = fetchurl {
|
||||
url = "https://elpa.nongnu.org/nongnu/zenburn-theme-2.9.0.tar";
|
||||
sha256 = "0nldp5id0lkajnqpzw8agmpdjm0jfb70ma2wip06nh5zqcrrpg6s";
|
||||
url = "https://elpa.nongnu.org/nongnu/zenburn-theme-2.10.0.tar";
|
||||
sha256 = "0h1qd1xay2ci51y3vdq480afbx6hq40ywplsh76m85mr199pf751";
|
||||
};
|
||||
packageRequires = [ ];
|
||||
meta = {
|
||||
|
|
|
|||
File diff suppressed because it is too large
Load diff
|
|
@ -18,20 +18,20 @@ let
|
|||
# update-script-start: urls
|
||||
urls = {
|
||||
x86_64-linux = {
|
||||
url = "https://download.jetbrains.com/rustrover/RustRover-2026.1.2.tar.gz";
|
||||
hash = "sha256-INIz7nGar/oHh+CHfz4jm5t9/ARPcMfpnOl99Z3kg3I=";
|
||||
url = "https://download.jetbrains.com/rustrover/RustRover-2026.1.3.tar.gz";
|
||||
hash = "sha256-0+v05zxvFqXV13c8oV9dTTwtO+shgywD75cwUiZAab0=";
|
||||
};
|
||||
aarch64-linux = {
|
||||
url = "https://download.jetbrains.com/rustrover/RustRover-2026.1.2-aarch64.tar.gz";
|
||||
hash = "sha256-PmCDYM8nqySQm6cpUJQ9PyzSkKOR6V3LuXnYpE0i7fU=";
|
||||
url = "https://download.jetbrains.com/rustrover/RustRover-2026.1.3-aarch64.tar.gz";
|
||||
hash = "sha256-SZ4OkWgAGeSafFo1ml5dv5tN5su+HgzbEhQ5GzPqGdo=";
|
||||
};
|
||||
x86_64-darwin = {
|
||||
url = "https://download.jetbrains.com/rustrover/RustRover-2026.1.2.dmg";
|
||||
hash = "sha256-HI2qt6wTddANqdRuKQ4X7mXQyBA4dJYz9ewfI2iAYfw=";
|
||||
url = "https://download.jetbrains.com/rustrover/RustRover-2026.1.3.dmg";
|
||||
hash = "sha256-JA++mbKvRTvjHEblbgmjBzbWbxcV7ss3+W9M6i6ePu0=";
|
||||
};
|
||||
aarch64-darwin = {
|
||||
url = "https://download.jetbrains.com/rustrover/RustRover-2026.1.2-aarch64.dmg";
|
||||
hash = "sha256-JMg/vs3aVeHmr6tiZZTggRGpH9O6lKlyeP8Ot4mm24w=";
|
||||
url = "https://download.jetbrains.com/rustrover/RustRover-2026.1.3-aarch64.dmg";
|
||||
hash = "sha256-ndipMTztrYeUdo4MfOHjJHk3liHutWmMj+J6G8xjtWA=";
|
||||
};
|
||||
};
|
||||
# update-script-end: urls
|
||||
|
|
@ -45,8 +45,8 @@ in
|
|||
product = "RustRover";
|
||||
|
||||
# update-script-start: version
|
||||
version = "2026.1.2";
|
||||
buildNumber = "261.24374.182";
|
||||
version = "2026.1.3";
|
||||
buildNumber = "261.25134.134";
|
||||
# update-script-end: version
|
||||
|
||||
src = fetchurl (urls.${system} or (throw "Unsupported system: ${system}"));
|
||||
|
|
|
|||
|
|
@ -4,7 +4,11 @@ toNvimTreesitterGrammar() {
|
|||
echo "Executing toNvimTreesitterGrammar"
|
||||
|
||||
mkdir -p "$out/parser"
|
||||
ln -s "$origGrammar/parser" "$out/parser/$grammarName.so"
|
||||
if [ -e "$origGrammar/parser.wasm" ]; then
|
||||
ln -s "$origGrammar/parser.wasm" "$out/parser/$grammarName.wasm"
|
||||
else
|
||||
ln -s "$origGrammar/parser" "$out/parser/$grammarName.so"
|
||||
fi
|
||||
|
||||
if [ "$installQueries" != 1 ]; then
|
||||
echo "Installing queries is disabled: installQueries=$installQueries"
|
||||
|
|
|
|||
|
|
@ -230,13 +230,11 @@ stdenv.mkDerivation (finalAttrs: {
|
|||
"aarch64-linux"
|
||||
"x86_64-linux"
|
||||
];
|
||||
# FIXME: gated behind allowAliases to workaround https://github.com/NixOS/nixpkgs/issues/523712
|
||||
problems =
|
||||
lib.optionalAttrs config.allowAliases {
|
||||
removal.message = "We have removed Python 3.3 package support ahead of upstream schedule but if you do not use any old packages, this should just work.";
|
||||
}
|
||||
// lib.optionalAttrs (lib.versionOlder buildVersion "4205") {
|
||||
broken.message = "Packages, including core ones, do not run without plug-in host depending on insecure OpenSSL.";
|
||||
};
|
||||
problems = {
|
||||
removal.message = "We have removed Python 3.3 package support ahead of upstream schedule but if you do not use any old packages, this should just work.";
|
||||
}
|
||||
// lib.optionalAttrs (lib.versionOlder buildVersion "4205") {
|
||||
broken.message = "Packages, including core ones, do not run without plug-in host depending on insecure OpenSSL.";
|
||||
};
|
||||
};
|
||||
})
|
||||
|
|
|
|||
|
|
@ -9,15 +9,15 @@
|
|||
vimPlugins,
|
||||
vimUtils,
|
||||
makeWrapper,
|
||||
pkgs,
|
||||
perl,
|
||||
}:
|
||||
let
|
||||
version = "0.0.27-unstable-2026-03-11";
|
||||
version = "release-v0.1";
|
||||
src = fetchFromGitHub {
|
||||
owner = "yetone";
|
||||
repo = "avante.nvim";
|
||||
rev = "9a7793461549939f1d52b2b309a1aa44680170c8";
|
||||
hash = "sha256-EEkAoufj29P46RIUrRNG0xJL9Wu4X7LZCS1fer4/nZQ=";
|
||||
rev = "2033b42ab72fb9f27b35769f9cb7a9f4f1993db4";
|
||||
hash = "sha256-Ql/17DSHpBVbihUHssyZe3MGC5fgasbjgxdABp8xk24=";
|
||||
};
|
||||
avante-nvim-lib = rustPlatform.buildRustPackage {
|
||||
pname = "avante-nvim-lib";
|
||||
|
|
@ -28,7 +28,7 @@ let
|
|||
nativeBuildInputs = [
|
||||
pkg-config
|
||||
makeWrapper
|
||||
pkgs.perl
|
||||
perl
|
||||
];
|
||||
|
||||
buildInputs = [
|
||||
|
|
@ -66,15 +66,12 @@ vimUtils.buildVimPlugin {
|
|||
ext = stdenv.hostPlatform.extensions.sharedLibrary;
|
||||
in
|
||||
''
|
||||
mkdir -p $out/build
|
||||
cp ${avante-nvim-lib}/lib/libavante_repo_map${ext} $out/build/avante_repo_map${ext}
|
||||
cp ${avante-nvim-lib}/lib/libavante_templates${ext} $out/build/avante_templates${ext}
|
||||
cp ${avante-nvim-lib}/lib/libavante_tokenizers${ext} $out/build/avante_tokenizers${ext}
|
||||
cp ${avante-nvim-lib}/lib/libavante_html2md${ext} $out/build/avante_html2md${ext}
|
||||
|
||||
# Fixes PKCE auth flows not finding libcrypto
|
||||
substituteInPlace "$out/lua/avante/auth/pkce.lua" \
|
||||
--replace-fail 'pcall(ffi.load, "crypto")' 'pcall(ffi.load, "${lib.getLib openssl}/lib/libcrypto${ext}")'
|
||||
# place dynamic shared libraries directly into lua/ for native C-module discovery
|
||||
mkdir -p $out/lua
|
||||
cp ${avante-nvim-lib}/lib/libavante_repo_map${ext} $out/lua/avante_repo_map${ext}
|
||||
cp ${avante-nvim-lib}/lib/libavante_templates${ext} $out/lua/avante_templates${ext}
|
||||
cp ${avante-nvim-lib}/lib/libavante_tokenizers${ext} $out/lua/avante_tokenizers${ext}
|
||||
cp ${avante-nvim-lib}/lib/libavante_html2md${ext} $out/lua/avante_html2md${ext}
|
||||
'';
|
||||
|
||||
passthru = {
|
||||
|
|
|
|||
|
|
@ -21,26 +21,26 @@ vscode-utils.buildVscodeMarketplaceExtension (finalAttrs: {
|
|||
sources = {
|
||||
"x86_64-linux" = {
|
||||
arch = "linux-x64";
|
||||
hash = "sha256-bsb0OLDPKWnNnZ4tFedYFiFKmTih81oZnaV/BH4p6o4=";
|
||||
hash = "sha256-t5vsIeDjsChMxZVUjjn01J0YDxSzpSAafhZa1JssE70=";
|
||||
};
|
||||
"aarch64-linux" = {
|
||||
arch = "linux-arm64";
|
||||
hash = "sha256-PZBjzxg/kQbCiosd79YFDor1MvBHAdk167PmNIA8ANw=";
|
||||
hash = "sha256-gEe6jf9EgLnN+L6dzu/g9TarOnYZL20CeuBcJjDtcpI=";
|
||||
};
|
||||
"x86_64-darwin" = {
|
||||
arch = "darwin-x64";
|
||||
hash = "sha256-z4OekFyKQsbva5mlBPR6z8g6Is0fwL+xZg/fjKf42cI=";
|
||||
hash = "sha256-Tq2RGqcziPwHV/kRyz+KSbMgKHyUNWky605QkbdwRn4=";
|
||||
};
|
||||
"aarch64-darwin" = {
|
||||
arch = "darwin-arm64";
|
||||
hash = "sha256-gLFoIhxXKunB6ftLEq5p+rfjs8QM5PTOXElu3OtbeIo=";
|
||||
hash = "sha256-NSbcgKiIhFxozKIDy/rWXLgCk35w52LdH96UDSdyzck=";
|
||||
};
|
||||
};
|
||||
in
|
||||
{
|
||||
name = "claude-code";
|
||||
publisher = "anthropic";
|
||||
version = "2.1.191";
|
||||
version = "2.1.193";
|
||||
}
|
||||
// sources.${stdenvNoCC.hostPlatform.system}
|
||||
or (throw "Unsupported system ${stdenvNoCC.hostPlatform.system}");
|
||||
|
|
|
|||
|
|
@ -12,26 +12,26 @@ vscode-utils.buildVscodeMarketplaceExtension {
|
|||
sources = {
|
||||
"x86_64-linux" = {
|
||||
arch = "linux-x64";
|
||||
hash = "sha256-qXGdFXx8Vr9oVStBjaeWEsQjhQUbp9MnLUfJtyhgwkA=";
|
||||
hash = "sha256-lhDt8XEF90y4pj8RLUZgfZNmHkV1XlmHsYuT6sGJMRc=";
|
||||
};
|
||||
"x86_64-darwin" = {
|
||||
arch = "darwin-x64";
|
||||
hash = "sha256-Bd3ool5Ep8I5iiTMUHF48r/sf3F1dROx6Umns0pDGzE=";
|
||||
hash = "sha256-SqFRn5FVQ+LcpmYT7/AIdIKTOxbapaKvPi+I360dVW8=";
|
||||
};
|
||||
"aarch64-linux" = {
|
||||
arch = "linux-arm64";
|
||||
hash = "sha256-Jv2lrdvY0tthJM2fifUlCW/QBzEZAa8QDHj4o+a4KxY=";
|
||||
hash = "sha256-iuYVCG4YWPFI8o4GmuNjkbXvzJsAre0gSSEWq6CUk2E=";
|
||||
};
|
||||
"aarch64-darwin" = {
|
||||
arch = "darwin-arm64";
|
||||
hash = "sha256-VooAoTyysIFH1AaidcoRs7fJpID0LbmWnLdivGZfdrM=";
|
||||
hash = "sha256-wEp7kaEnkdBl44WjKuDBjR5SEjYNdgIX7DdJWKvv6I4=";
|
||||
};
|
||||
};
|
||||
in
|
||||
{
|
||||
name = "ruff";
|
||||
publisher = "charliermarsh";
|
||||
version = "2026.48.0";
|
||||
version = "2026.54.0";
|
||||
}
|
||||
// sources.${stdenvNoCC.hostPlatform.system}
|
||||
or (throw "Unsupported system ${stdenvNoCC.hostPlatform.system}");
|
||||
|
|
|
|||
|
|
@ -497,8 +497,8 @@ let
|
|||
mktplcRef = {
|
||||
publisher = "banacorn";
|
||||
name = "agda-mode";
|
||||
version = "0.8.0";
|
||||
hash = "sha256-2xYC+tStBXTL4koqUOcyxQUTDTipeUMTFLbrwqA6p7Q=";
|
||||
version = "0.10.0";
|
||||
hash = "sha256-rz3Ehq/2AewE5ADYHVk8pHICSWO58i8v+nBwzkFkGCY=";
|
||||
};
|
||||
meta = {
|
||||
changelog = "https://marketplace.visualstudio.com/items/banacorn.agda-mode/changelog";
|
||||
|
|
@ -727,8 +727,8 @@ let
|
|||
mktplcRef = {
|
||||
name = "vscode-intelephense-client";
|
||||
publisher = "bmewburn";
|
||||
version = "1.18.4";
|
||||
hash = "sha256-fGvQq8pGpDQc9q+uhouXNaWAHDGTl0cFla0qivhNaFQ=";
|
||||
version = "1.18.5";
|
||||
hash = "sha256-yLp7lBWjdH+KtBUlkjLWz5OmAvEQWJFIVCVsBt9BTeE=";
|
||||
};
|
||||
meta = {
|
||||
description = "PHP code intelligence for Visual Studio Code";
|
||||
|
|
@ -2031,8 +2031,8 @@ let
|
|||
mktplcRef = {
|
||||
name = "gleam";
|
||||
publisher = "gleam";
|
||||
version = "2.12.2";
|
||||
hash = "sha256-41HgkDcgyStJtyeE0x1H9rFOZ18imcKF7XQixDOmurE=";
|
||||
version = "2.13.0";
|
||||
hash = "sha256-eCiBbdKMeXcRS4kyI2rH1iAT0CmQmo2SybeW+Y7FRio=";
|
||||
};
|
||||
meta = {
|
||||
description = "Support for the Gleam programming language";
|
||||
|
|
|
|||
|
|
@ -7,19 +7,19 @@
|
|||
let
|
||||
supported = {
|
||||
x86_64-linux = {
|
||||
hash = "sha256-8KZE2+kpzU7fRRBsroZtCnJyPyUHPuysZrggZojpG98=";
|
||||
hash = "sha256-YLic8tKnb6WSx4rdwTu8B2ybfjoSbXc+QfEZ0Vc4umo=";
|
||||
arch = "linux-x64";
|
||||
};
|
||||
x86_64-darwin = {
|
||||
hash = "sha256-Zf/O2KRDlzCi4qWnmT5CctagjJoLiNgZfnh5+gQWRAA=";
|
||||
hash = "sha256-nbftXgjEAxGfT4sfTjd+bp+Ti/rWJGHLkaSXQWlRGBM=";
|
||||
arch = "darwin-x64";
|
||||
};
|
||||
aarch64-linux = {
|
||||
hash = "sha256-zN49L+gLrLNL7XM3+POgBgSX64IMUYtNZ54+i8lpLqE=";
|
||||
hash = "sha256-FG6OIoeeDenMbgwM/ZE8YyTySt/XcoFJj1RxvlrPsXc=";
|
||||
arch = "linux-arm64";
|
||||
};
|
||||
aarch64-darwin = {
|
||||
hash = "sha256-vTf86rNeS/97//1D2e1h5DpnAFb1cceIuF5XyCCq520=";
|
||||
hash = "sha256-FW+pmz8YTw6pYxx1x3UsT3Dtp00GT804MJX4HBarMZo=";
|
||||
arch = "darwin-arm64";
|
||||
};
|
||||
};
|
||||
|
|
@ -34,7 +34,7 @@ vscode-utils.buildVscodeMarketplaceExtension {
|
|||
mktplcRef = base // {
|
||||
name = "tombi";
|
||||
publisher = "tombi-toml";
|
||||
version = "1.1.3";
|
||||
version = "1.1.5";
|
||||
};
|
||||
meta = {
|
||||
description = "TOML Language Server";
|
||||
|
|
|
|||
|
|
@ -11,13 +11,13 @@
|
|||
}:
|
||||
mkLibretroCore {
|
||||
core = "pcsx2";
|
||||
version = "0-unstable-2026-06-01";
|
||||
version = "0-unstable-2026-06-24";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "libretro";
|
||||
repo = "ps2";
|
||||
rev = "65e8afb9e9ca0a3f3af32d9b35d7d8537cd3cbc1";
|
||||
hash = "sha256-H6lZLLO1+ir+vPchq3XGHKsepmYLbohQFvoA0+yiQo0=";
|
||||
rev = "6d11ca54728b0c9e0a4bf3da743d56c7d29abb4e";
|
||||
hash = "sha256-JE2EU/ugtXwEqYIzd0JSWXUy29X44hYHiC/LfaaOjkw=";
|
||||
fetchSubmodules = true;
|
||||
};
|
||||
|
||||
|
|
|
|||
|
|
@ -14,13 +14,13 @@
|
|||
}:
|
||||
mkLibretroCore {
|
||||
core = "play";
|
||||
version = "0-unstable-2026-06-06";
|
||||
version = "0-unstable-2026-06-22";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "jpd002";
|
||||
repo = "Play-";
|
||||
rev = "ee1334610cb2181bd9a84e837ba3ea667ebdb16a";
|
||||
hash = "sha256-oriF08elBRg8jTlPz1Qoc6SmKQPknkegJlOtcOV4RX8=";
|
||||
rev = "1e4f393f3c52581cdec7867ddadc47f6b4d20cec";
|
||||
hash = "sha256-a02AsJg7mm/fUBN/5IC2Q6NexLYsBYp74bfqfJosaxc=";
|
||||
fetchSubmodules = true;
|
||||
};
|
||||
|
||||
|
|
|
|||
|
|
@ -1,10 +1,10 @@
|
|||
{
|
||||
"chromium": {
|
||||
"version": "149.0.7827.196",
|
||||
"version": "149.0.7827.200",
|
||||
"chromedriver": {
|
||||
"version": "149.0.7827.197",
|
||||
"hash_darwin": "sha256-tN7s6s/pbfAGRCMcoT3QWYHD8QRq2gcHfFSXoSG9V5Y=",
|
||||
"hash_darwin_aarch64": "sha256-DZ8CZ4Obp67Zo2m4iyqUnShyhTK8+/75cJ/WmZZqQhE="
|
||||
"version": "149.0.7827.201",
|
||||
"hash_darwin": "sha256-MHCcid+7wdYm8uIdrUIlXrk8ADHNUUXzPyMPFGP98WY=",
|
||||
"hash_darwin_aarch64": "sha256-Gwmdo9qNyV/BnCj18f0BFpNgDf28e8vjNF98e5/vVjQ="
|
||||
},
|
||||
"deps": {
|
||||
"depot_tools": {
|
||||
|
|
@ -21,8 +21,8 @@
|
|||
"DEPS": {
|
||||
"src": {
|
||||
"url": "https://chromium.googlesource.com/chromium/src.git",
|
||||
"rev": "43eb30368c6ca3d14d540487954abb2780aeae3a",
|
||||
"hash": "sha256-pwSfASgR4SiQTJBERhOVyR8mANYJk67f+u2pmCCW6ko=",
|
||||
"rev": "c35c164b1b6d1adca9eddf914ed6d0d0743dba6a",
|
||||
"hash": "sha256-b2gBRUzRjqVZEb/tWUL1JF6Afq5gHJ3aOM02My1FyYU=",
|
||||
"recompress": true
|
||||
},
|
||||
"src/third_party/clang-format/script": {
|
||||
|
|
@ -823,7 +823,7 @@
|
|||
}
|
||||
},
|
||||
"ungoogled-chromium": {
|
||||
"version": "149.0.7827.196",
|
||||
"version": "149.0.7827.200",
|
||||
"deps": {
|
||||
"depot_tools": {
|
||||
"rev": "45dedc4c3b87c982fd846b3dc599b233ed3aff90",
|
||||
|
|
@ -835,16 +835,16 @@
|
|||
"hash": "sha256-oFs7fZAZEs/gQ7X1A4uigo9+Y+iEN9sMMQYwAjEuD04="
|
||||
},
|
||||
"ungoogled-patches": {
|
||||
"rev": "149.0.7827.196-1",
|
||||
"hash": "sha256-nRcMTP+su+mFP/JkyLBIDrG+dKYhvPANFw0Y8qVWzrA="
|
||||
"rev": "149.0.7827.200-1",
|
||||
"hash": "sha256-D7c1ToAoUzAMpXoe60YPimRqe6/LRe0T95TduXUeTFo="
|
||||
},
|
||||
"npmHash": "sha256-pF0JtwFpPC4/fodbhSJnQKkczA9WlDg4VqEAy9aDVLg="
|
||||
},
|
||||
"DEPS": {
|
||||
"src": {
|
||||
"url": "https://chromium.googlesource.com/chromium/src.git",
|
||||
"rev": "43eb30368c6ca3d14d540487954abb2780aeae3a",
|
||||
"hash": "sha256-pwSfASgR4SiQTJBERhOVyR8mANYJk67f+u2pmCCW6ko=",
|
||||
"rev": "c35c164b1b6d1adca9eddf914ed6d0d0743dba6a",
|
||||
"hash": "sha256-b2gBRUzRjqVZEb/tWUL1JF6Afq5gHJ3aOM02My1FyYU=",
|
||||
"recompress": true
|
||||
},
|
||||
"src/third_party/clang-format/script": {
|
||||
|
|
|
|||
File diff suppressed because it is too large
Load diff
|
|
@ -9,10 +9,10 @@
|
|||
|
||||
buildMozillaMach rec {
|
||||
pname = "firefox";
|
||||
version = "152.0.2";
|
||||
version = "152.0.3";
|
||||
src = fetchurl {
|
||||
url = "mirror://mozilla/firefox/releases/${version}/source/firefox-${version}.source.tar.xz";
|
||||
sha512 = "e4e54cffffcfd5751eac5817a7b74b0ef0aa43fc00ef29397cc9df9aa52572b2272b96e60373a70d712be4dc849170d8d5c1b449f3ea978b4ab28dee19056b03";
|
||||
sha512 = "f0b63f4a0d4bb0080761f1a7ecb949696b4f805a33fef322ceef3b59a492e1403ea4b8cfbc7f5d4b70cf5b3c5a66ddcc988654fa77fd3021b65f452ca190bf63";
|
||||
};
|
||||
|
||||
meta = {
|
||||
|
|
|
|||
|
|
@ -54,13 +54,13 @@
|
|||
"vendorHash": "sha256-sESuNlWNyjjGYb7z+tQF7RGBgicnPISuwXRzB+QJ7E4="
|
||||
},
|
||||
"aminueza_minio": {
|
||||
"hash": "sha256-TLwOp7dSMjwOjlxEzYbFgw/S+Zkv+tCdknSjonmsRJo=",
|
||||
"hash": "sha256-DfpZjIkjo5bEZ2BtHJoBLtjEDAD6ZiqpoCOMbmd1Jvo=",
|
||||
"homepage": "https://registry.terraform.io/providers/aminueza/minio",
|
||||
"owner": "aminueza",
|
||||
"repo": "terraform-provider-minio",
|
||||
"rev": "v3.38.0",
|
||||
"rev": "v3.38.1",
|
||||
"spdx": "AGPL-3.0",
|
||||
"vendorHash": "sha256-BShrfr4EUvcpn0cLaohm1r5XqER4ba7bokHKuHxcW+g="
|
||||
"vendorHash": "sha256-OLabFXYTe+Yhlf0Ja63tCcrc5mvPeXfN7yLoRZCkdvg="
|
||||
},
|
||||
"argoproj-labs_argocd": {
|
||||
"hash": "sha256-c6+WY4oXL8evvPk/RzVrwtgq4XLB/LzAH5tpjErbE60=",
|
||||
|
|
@ -200,13 +200,13 @@
|
|||
"vendorHash": "sha256-b27UcoNuaX3PxNlJLdU9njCl5JymBQhxD6rq8yT3gi4="
|
||||
},
|
||||
"cloudamqp_cloudamqp": {
|
||||
"hash": "sha256-LAQ5MVZe4OSIJb7X6gdx1lPmgAEKZIm/7lL/93NTP6I=",
|
||||
"hash": "sha256-n78nZ01ley9ueYBZ7+bi0BLJ/RIc66HHjcmhFwDem3E=",
|
||||
"homepage": "https://registry.terraform.io/providers/cloudamqp/cloudamqp",
|
||||
"owner": "cloudamqp",
|
||||
"repo": "terraform-provider-cloudamqp",
|
||||
"rev": "v1.45.3",
|
||||
"rev": "v1.46.0",
|
||||
"spdx": "MPL-2.0",
|
||||
"vendorHash": "sha256-59bhibkok4w7dLTf96jZGk2di6TpR6IAqp0i3xmtlyI="
|
||||
"vendorHash": "sha256-rCWeetM6nhNb1I1PmB66E5K1ku9ODRqN87MU9y6W/dc="
|
||||
},
|
||||
"cloudflare_cloudflare": {
|
||||
"hash": "sha256-y3GAU5wLLETSrmYqGZs2I0qg8jnGcu32Xt/UHGS1NTA=",
|
||||
|
|
@ -373,11 +373,11 @@
|
|||
"vendorHash": "sha256-RtS88NqkO1nG/8znM0sQqsAIfDc+sOMy8N4T4hmvaVA="
|
||||
},
|
||||
"e-breuninger_netbox": {
|
||||
"hash": "sha256-e9244MaxEcmtYHT9zN4Nct2xpgBv8JOMe1VOW5y/2OQ=",
|
||||
"hash": "sha256-rCDopABF6BDJo4sdwfy+GrU9EPAIldjddj+j7opf8FA=",
|
||||
"homepage": "https://registry.terraform.io/providers/e-breuninger/netbox",
|
||||
"owner": "e-breuninger",
|
||||
"repo": "terraform-provider-netbox",
|
||||
"rev": "v5.6.1",
|
||||
"rev": "v5.6.2",
|
||||
"spdx": "MPL-2.0",
|
||||
"vendorHash": "sha256-WaeRXTqXakFTYMHio+VLIKS4kS5wHQdY5zdJYwrlVjE="
|
||||
},
|
||||
|
|
@ -508,13 +508,13 @@
|
|||
"vendorHash": "sha256-ikBqIxD5aTOcwNHCMN6EaOwSHCAP5n/SULuqQXPLpOc="
|
||||
},
|
||||
"hashicorp_aws": {
|
||||
"hash": "sha256-kWA/cpYQ8MynW/vxnj7Yys6lsFdRAmfC8N6bmEIOW70=",
|
||||
"hash": "sha256-710i6mRyieTzltcaC23OXZm8mtqjyOc5Fk9fmcqkXY4=",
|
||||
"homepage": "https://registry.terraform.io/providers/hashicorp/aws",
|
||||
"owner": "hashicorp",
|
||||
"repo": "terraform-provider-aws",
|
||||
"rev": "v6.50.0",
|
||||
"rev": "v6.52.0",
|
||||
"spdx": "MPL-2.0",
|
||||
"vendorHash": "sha256-Msl/Mn0GK3D+QyLnSFU3m9ux/ThkwDCDh85b0Yzpnjo="
|
||||
"vendorHash": "sha256-COWHnLR6aRwcGJVo6IFvqQLwAYxFpqUGQbZVvEo/b/I="
|
||||
},
|
||||
"hashicorp_awscc": {
|
||||
"hash": "sha256-ZQaBYZTsF68IjbRYa3Z7VRqKfaHCvOtMkJHsybJn+ec=",
|
||||
|
|
@ -715,13 +715,13 @@
|
|||
"vendorHash": null
|
||||
},
|
||||
"hetznercloud_hcloud": {
|
||||
"hash": "sha256-yIzI1p4U8klNqqFqiMuKhVb8njoslJ+vDXFOv+9EmFw=",
|
||||
"hash": "sha256-Clbg0LS5SYpaEyevbZ+oDG3xFXEWjV376JvStPi3MnU=",
|
||||
"homepage": "https://registry.terraform.io/providers/hetznercloud/hcloud",
|
||||
"owner": "hetznercloud",
|
||||
"repo": "terraform-provider-hcloud",
|
||||
"rev": "v1.64.0",
|
||||
"rev": "v1.66.0",
|
||||
"spdx": "MPL-2.0",
|
||||
"vendorHash": "sha256-f49amYWzWSG9tzY6wvpxtTFiyJ8zC/Lc1hIQtzdgJRs="
|
||||
"vendorHash": "sha256-6knIcS3hkzt3R1IC1hA6EKOceJl51/pJXpftEaZjgtY="
|
||||
},
|
||||
"huaweicloud_huaweicloud": {
|
||||
"hash": "sha256-Ao3CkaQBe172Ookcgl+ugeHH5ClbyOsSpLb4+j9DAZQ=",
|
||||
|
|
@ -1067,11 +1067,11 @@
|
|||
"vendorHash": null
|
||||
},
|
||||
"ovh_ovh": {
|
||||
"hash": "sha256-rNJ6ibD8VbvUopKYc6Ao6I7lJqTw6gw8A71YzW8OYJE=",
|
||||
"hash": "sha256-JaZdCten+5mV8aKCRhkoifqP4EwNrytK25TLJl1eQjQ=",
|
||||
"homepage": "https://registry.terraform.io/providers/ovh/ovh",
|
||||
"owner": "ovh",
|
||||
"repo": "terraform-provider-ovh",
|
||||
"rev": "v2.14.0",
|
||||
"rev": "v2.15.0",
|
||||
"spdx": "MPL-2.0",
|
||||
"vendorHash": null
|
||||
},
|
||||
|
|
@ -1319,11 +1319,11 @@
|
|||
"vendorHash": "sha256-7ZoJg1HEVj5Nygr46lmBZeJDfZuU4F90yntrgkBVgGg="
|
||||
},
|
||||
"tencentcloudstack_tencentcloud": {
|
||||
"hash": "sha256-nv+X3mptE51m7WwYzRqyvvrVR5tUikOYM06axtZIznk=",
|
||||
"hash": "sha256-p8AW+AzezOP6N3wzlLZOMoTbSwb/cil7cmXkdwheXtE=",
|
||||
"homepage": "https://registry.terraform.io/providers/tencentcloudstack/tencentcloud",
|
||||
"owner": "tencentcloudstack",
|
||||
"repo": "terraform-provider-tencentcloud",
|
||||
"rev": "v1.83.2",
|
||||
"rev": "v1.83.6",
|
||||
"spdx": "MPL-2.0",
|
||||
"vendorHash": null
|
||||
},
|
||||
|
|
|
|||
|
|
@ -108,6 +108,8 @@
|
|||
|
||||
obs-vnc = callPackage ./obs-vnc.nix { };
|
||||
|
||||
obs-wayland-hotkeys = qt6Packages.callPackage ./obs-wayland-hotkeys { };
|
||||
|
||||
obs-websocket = qt6Packages.callPackage ./obs-websocket.nix { }; # Websocket 4.x compatibility for OBS Studio 28+
|
||||
|
||||
pixel-art = callPackage ./pixel-art.nix { };
|
||||
|
|
|
|||
|
|
@ -0,0 +1,41 @@
|
|||
{
|
||||
stdenv,
|
||||
lib,
|
||||
fetchFromGitHub,
|
||||
cmake,
|
||||
obs-studio,
|
||||
pkg-config,
|
||||
qtbase,
|
||||
}:
|
||||
|
||||
stdenv.mkDerivation (finalAttr: {
|
||||
pname = "obs-wayland-hotkeys";
|
||||
version = "1.1.0";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "leia-uwu";
|
||||
repo = "obs-wayland-hotkeys";
|
||||
tag = "v${finalAttr.version}";
|
||||
hash = "sha256-vOQfOEAnxn5vCaWpwDED1C107BB/d7T10kmKTXJ4k8k=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [
|
||||
cmake
|
||||
pkg-config
|
||||
];
|
||||
|
||||
buildInputs = [
|
||||
obs-studio
|
||||
qtbase
|
||||
];
|
||||
|
||||
dontWrapQtApps = true;
|
||||
|
||||
meta = {
|
||||
description = "OBS Studio plugin to integrate OBS hotkeys with the Wayland global shortcuts portal";
|
||||
homepage = "https://github.com/leia-uwu/obs-wayland-hotkeys";
|
||||
maintainers = with lib.maintainers; [ terrorw0lf ];
|
||||
license = lib.licenses.gpl2;
|
||||
platforms = lib.platforms.linux;
|
||||
};
|
||||
})
|
||||
|
|
@ -7,13 +7,13 @@
|
|||
|
||||
mkHyprlandPlugin (finalAttrs: {
|
||||
pluginName = "hypr-darkwindow";
|
||||
version = "0.55.2";
|
||||
version = "0.55.4";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "micha4w";
|
||||
repo = "Hypr-DarkWindow";
|
||||
tag = "v${finalAttrs.version}";
|
||||
hash = "sha256-8Ht9yhlwOtDWFvL6VYlryNxyRethFqc0iWtBetP0xws=";
|
||||
hash = "sha256-By/4CmpJvVvcBoyTtelH7MSLCKRaoXLCpiSfrbZIePc=";
|
||||
};
|
||||
|
||||
installPhase = ''
|
||||
|
|
|
|||
|
|
@ -209,10 +209,7 @@ in
|
|||
|
||||
passthru = args.passthru or { } // {
|
||||
inherit fetcherVersion;
|
||||
serve = callPackage ./serve.nix {
|
||||
inherit pnpm; # from args
|
||||
pnpmDeps = finalAttrs.finalPackage;
|
||||
};
|
||||
serve = throw "fetchPnpmDeps: `serve` has been deprecated as it was removed in pnpm 11 and only had a niche use case."; # Added 2026-06-04
|
||||
};
|
||||
|
||||
dontConfigure = true;
|
||||
|
|
|
|||
|
|
@ -1,43 +0,0 @@
|
|||
{
|
||||
writeShellApplication,
|
||||
pnpm,
|
||||
pnpmDeps,
|
||||
zstd,
|
||||
lib,
|
||||
}:
|
||||
|
||||
writeShellApplication {
|
||||
name = "serve-pnpm-store";
|
||||
|
||||
runtimeInputs = [
|
||||
pnpm
|
||||
zstd
|
||||
];
|
||||
|
||||
text = ''
|
||||
storePath=$(mktemp -d)
|
||||
|
||||
clean() {
|
||||
echo "Cleaning up temporary store at '$storePath'..."
|
||||
|
||||
rm -rf "$storePath"
|
||||
}
|
||||
|
||||
echo "Copying pnpm store '${pnpmDeps}' to temporary store..."
|
||||
|
||||
tar --zstd -xf "${pnpmDeps}/pnpm-store.tar.zst" -C "$storePath"
|
||||
|
||||
chmod -R +w "$storePath"
|
||||
|
||||
echo "Run 'pnpm install --store-dir \"$storePath\"' to install packages from this store."
|
||||
|
||||
trap clean EXIT
|
||||
|
||||
pnpm server start \
|
||||
--store-dir "$storePath"
|
||||
'';
|
||||
|
||||
meta = {
|
||||
broken = lib.versionAtLeast pnpm.version "11";
|
||||
};
|
||||
}
|
||||
|
|
@ -260,4 +260,6 @@
|
|||
shellcheck = callPackage ./shellcheck/tester.nix { };
|
||||
|
||||
shfmt = callPackage ./shfmt { };
|
||||
|
||||
modularServiceCompliance = callPackage ./modular-service-compliance.nix { };
|
||||
}
|
||||
|
|
|
|||
251
pkgs/build-support/testers/modular-service-compliance.nix
Normal file
251
pkgs/build-support/testers/modular-service-compliance.nix
Normal file
|
|
@ -0,0 +1,251 @@
|
|||
{
|
||||
lib,
|
||||
coreutils,
|
||||
gnugrep,
|
||||
writeShellScript,
|
||||
writeShellApplication,
|
||||
stdenvNoCC,
|
||||
}:
|
||||
|
||||
/**
|
||||
See https://nixos.org/manual/nixpkgs/unstable/#tester-modularServiceCompliance
|
||||
or doc/build-helpers/testers.chapter.md
|
||||
*/
|
||||
{
|
||||
evalConfig,
|
||||
mkTest,
|
||||
sharedDir,
|
||||
namePrefix ? "modular-service-compliance",
|
||||
}:
|
||||
|
||||
let
|
||||
|
||||
/**
|
||||
A successful evaluation to be probed by evalTestDefs
|
||||
*/
|
||||
# Try use only few evalConfig calls for performance.
|
||||
evalResult = evalConfig {
|
||||
services = {
|
||||
svc = {
|
||||
process.argv = [ "${coreutils}/bin/true" ];
|
||||
assertions = [
|
||||
{
|
||||
assertion = true;
|
||||
message = "compliance test assertion";
|
||||
}
|
||||
];
|
||||
warnings = [ "compliance test warning" ];
|
||||
services.child = {
|
||||
process.argv = [ "${coreutils}/bin/true" ];
|
||||
assertions = [
|
||||
{
|
||||
assertion = true;
|
||||
message = "compliance child assertion";
|
||||
}
|
||||
];
|
||||
warnings = [ "compliance child warning" ];
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
evalTestDefs =
|
||||
let
|
||||
c = evalResult.config.svc;
|
||||
in
|
||||
{
|
||||
testProcessArgv = {
|
||||
expr = c.process.argv;
|
||||
expected = [ "${coreutils}/bin/true" ];
|
||||
};
|
||||
|
||||
testSubServiceArgv = {
|
||||
expr = c.services.child.process.argv;
|
||||
expected = [ "${coreutils}/bin/true" ];
|
||||
};
|
||||
|
||||
testAssertions = {
|
||||
expr = builtins.elem {
|
||||
assertion = true;
|
||||
message = "compliance test assertion";
|
||||
} c.assertions;
|
||||
expected = true;
|
||||
};
|
||||
|
||||
testWarnings = {
|
||||
expr = builtins.elem "compliance test warning" c.warnings;
|
||||
expected = true;
|
||||
};
|
||||
|
||||
testSubServiceAssertions = {
|
||||
expr = builtins.elem {
|
||||
assertion = true;
|
||||
message = "compliance child assertion";
|
||||
} c.services.child.assertions;
|
||||
expected = true;
|
||||
};
|
||||
|
||||
testSubServiceWarnings = {
|
||||
expr = builtins.elem "compliance child warning" c.services.child.warnings;
|
||||
expected = true;
|
||||
};
|
||||
|
||||
# Separate eval for a failing assertion — checkDrv would fail here,
|
||||
# so we only access config.
|
||||
testFailingAssertionValue = {
|
||||
expr = builtins.elem {
|
||||
assertion = false;
|
||||
message = "compliance failing assertion";
|
||||
} failingEval.config.failing.assertions;
|
||||
expected = true;
|
||||
};
|
||||
};
|
||||
|
||||
failingEval = evalConfig {
|
||||
services = {
|
||||
failing = {
|
||||
process.argv = [ "${coreutils}/bin/true" ];
|
||||
assertions = [
|
||||
{
|
||||
assertion = false;
|
||||
message = "compliance failing assertion";
|
||||
}
|
||||
];
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
/**
|
||||
A service script that records its received arguments, then sleeps forever.
|
||||
The first argument is a service identifier used to namespace its comms
|
||||
subdirectory; the remaining arguments are recorded as the service's args.
|
||||
*/
|
||||
svc = writeShellScript "${namePrefix}-svc" ''
|
||||
id="$1"; shift
|
||||
dir="${sharedDir}/$id"
|
||||
mkdir -p "$dir"
|
||||
echo "$$" > "$dir/pid"
|
||||
printf '%s\n' "$@" > "$dir/args"
|
||||
exec "${coreutils}/bin/sleep" infinity
|
||||
'';
|
||||
|
||||
mkArgv =
|
||||
id: extraArgs:
|
||||
[
|
||||
svc
|
||||
id
|
||||
]
|
||||
++ extraArgs;
|
||||
|
||||
/**
|
||||
Shell snippet: wait for a service to write its pid file, verify the
|
||||
process is still alive, then check that each expected argument appears
|
||||
in the recorded args file.
|
||||
*/
|
||||
waitAndCheck =
|
||||
id: expectedArgs:
|
||||
''
|
||||
echo "waiting for ${id}..."
|
||||
timeout=30; elapsed=0
|
||||
while [ ! -f "${sharedDir}/${id}/pid" ] && [ "$elapsed" -lt "$timeout" ]; do
|
||||
sleep 1; elapsed=$((elapsed + 1))
|
||||
done
|
||||
test -f "${sharedDir}/${id}/pid" || { echo "${id}: no pid file after ''${timeout}s"; exit 1; }
|
||||
pid=$(cat "${sharedDir}/${id}/pid")
|
||||
kill -0 "$pid" || { echo "${id}: pid $pid is not running"; exit 1; }
|
||||
echo "${id}: started (pid $pid)"
|
||||
''
|
||||
+ lib.concatMapStrings (arg: ''
|
||||
grep -qxF -- ${lib.escapeShellArg arg} "${sharedDir}/${id}/args" \
|
||||
|| { echo "${id}: expected arg ${lib.escapeShellArg arg} not found"; cat "${sharedDir}/${id}/args"; exit 1; }
|
||||
'') expectedArgs;
|
||||
|
||||
mkTestScript =
|
||||
name: text:
|
||||
lib.getExe (writeShellApplication {
|
||||
name = "${namePrefix}-${name}";
|
||||
runtimeInputs = [
|
||||
coreutils
|
||||
gnugrep
|
||||
];
|
||||
inherit text;
|
||||
});
|
||||
|
||||
in
|
||||
{
|
||||
# Eval-level tests: config structure, evaluated in the integration's
|
||||
# full context (one whole-system eval).
|
||||
# TODO: generalize with
|
||||
# - pkgs/test/buildenv.nix
|
||||
# - pkgs/test/overriding.nix
|
||||
eval = stdenvNoCC.mkDerivation (finalAttrs: {
|
||||
__structuredAttrs = true;
|
||||
name = "${namePrefix}-eval-report";
|
||||
# Depend on the integration's representative derivation to prove that
|
||||
# the system builds with these services.
|
||||
representative = evalResult.checkDrv;
|
||||
passthru = {
|
||||
tests = evalTestDefs;
|
||||
failures = lib.runTests finalAttrs.passthru.tests;
|
||||
};
|
||||
testResults = lib.mapAttrs (_: test: test.expr == test.expected) finalAttrs.passthru.tests;
|
||||
buildCommand = ''
|
||||
touch $out
|
||||
for testName in "''${!testResults[@]}"; do
|
||||
if [[ -n "''${testResults[$testName]}" ]]; then
|
||||
echo "PASS $testName"
|
||||
else
|
||||
echo "FAIL $testName"
|
||||
fi
|
||||
done
|
||||
''
|
||||
+ lib.optionalString (lib.any (v: !v) (lib.attrValues finalAttrs.testResults)) ''
|
||||
{
|
||||
echo ""
|
||||
echo "Eval-level compliance failures:"
|
||||
for testName in "''${!testResults[@]}"; do
|
||||
if [[ -z "''${testResults[$testName]}" ]]; then
|
||||
echo "- $testName"
|
||||
fi
|
||||
done
|
||||
echo ""
|
||||
echo 'Inspect with: nix eval .#<path>.tests.''${testName}'
|
||||
} >&2
|
||||
exit 1
|
||||
'';
|
||||
});
|
||||
|
||||
# Integration tests: verify that services actually run.
|
||||
|
||||
basic-argv = mkTest {
|
||||
name = "${namePrefix}-basic-argv";
|
||||
services.test.process.argv = mkArgv "test" [
|
||||
"--greeting"
|
||||
"hello"
|
||||
];
|
||||
testExe = mkTestScript "basic-argv" (
|
||||
waitAndCheck "test" [
|
||||
"--greeting"
|
||||
"hello"
|
||||
]
|
||||
);
|
||||
};
|
||||
|
||||
sub-services = mkTest {
|
||||
name = "${namePrefix}-sub-services";
|
||||
services.a = {
|
||||
process.argv = mkArgv "a" [ "--depth=0" ];
|
||||
services.b = {
|
||||
process.argv = mkArgv "b" [ "--depth=1" ];
|
||||
services.c.process.argv = mkArgv "c" [ "--depth=2" ];
|
||||
};
|
||||
};
|
||||
testExe = mkTestScript "sub-services" ''
|
||||
${waitAndCheck "a" [ "--depth=0" ]}
|
||||
${waitAndCheck "b" [ "--depth=1" ]}
|
||||
${waitAndCheck "c" [ "--depth=2" ]}
|
||||
'';
|
||||
};
|
||||
|
||||
# See also the manual compliance items in doc/build-helpers/testers.chapter.md.
|
||||
}
|
||||
|
|
@ -8,16 +8,16 @@
|
|||
|
||||
rustPlatform.buildRustPackage (finalAttrs: {
|
||||
pname = "ab-av1";
|
||||
version = "0.11.3";
|
||||
version = "0.11.4";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "alexheretic";
|
||||
repo = "ab-av1";
|
||||
tag = "v${finalAttrs.version}";
|
||||
hash = "sha256-lLZAECwF8V19Qx/FugbjLeVns7lhVlwWDTK9cdYb0xo=";
|
||||
hash = "sha256-830STu0YfEhsYr4EU3ATF6kgH5J/tUEhm4b47VOwMEQ=";
|
||||
};
|
||||
|
||||
cargoHash = "sha256-AONJz1BoDi6weHT7W9DmzwoPW5khfgYjDqLNl7OM5bY=";
|
||||
cargoHash = "sha256-mKtP+QoG0MjbBB4kMLlioyxshlgVyhqLH4C5GKx9Hes=";
|
||||
|
||||
nativeBuildInputs = [ installShellFiles ];
|
||||
|
||||
|
|
|
|||
|
|
@ -6,13 +6,13 @@
|
|||
|
||||
stdenv.mkDerivation (finalAttrs: {
|
||||
pname = "abcmidi";
|
||||
version = "2026.06.06";
|
||||
version = "2026.06.16";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "sshlien";
|
||||
repo = "abcmidi";
|
||||
tag = finalAttrs.version;
|
||||
hash = "sha256-2XPtLjvj+gyXTOOvUWzAO0magnjF3CWC7ZDCCuYN6vE=";
|
||||
hash = "sha256-GkCvIZSspqwV3Q0+GZh08pQt5RFgPTdJ4fS9OaV+jXs=";
|
||||
};
|
||||
|
||||
# TODO: remove once https://github.com/sshlien/abcmidi/pull/15 merged
|
||||
|
|
|
|||
|
|
@ -44,7 +44,7 @@ python3Packages.buildPythonApplication (finalAttrs: {
|
|||
|
||||
dependencies = with python3Packages; [
|
||||
configobj
|
||||
gpgme
|
||||
gpg
|
||||
notmuch2
|
||||
python-magic
|
||||
standard-mailcap
|
||||
|
|
|
|||
|
|
@ -9,14 +9,14 @@
|
|||
|
||||
python3Packages.buildPythonApplication (finalAttrs: {
|
||||
pname = "ansible-doctor";
|
||||
version = "8.3.2";
|
||||
version = "8.3.3";
|
||||
pyproject = true;
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "thegeeklab";
|
||||
repo = "ansible-doctor";
|
||||
tag = "v${finalAttrs.version}";
|
||||
hash = "sha256-Asp26tGyzFPOCLESXe2Je4i+0u8OGX2GSaGy/cQC3AI=";
|
||||
hash = "sha256-3xdMTuy6Rtb2VwfzN6SV73UZmp+9fmU9SfPySHCayJg=";
|
||||
};
|
||||
|
||||
build-system = with python3Packages; [
|
||||
|
|
|
|||
|
|
@ -4,8 +4,8 @@
|
|||
fetchurl,
|
||||
makeWrapper,
|
||||
makeDesktopItem,
|
||||
genericUpdater,
|
||||
writeShellScript,
|
||||
jq,
|
||||
atk,
|
||||
cairo,
|
||||
gdk-pixbuf,
|
||||
|
|
@ -164,24 +164,7 @@ stdenv.mkDerivation (finalAttrs: {
|
|||
'';
|
||||
|
||||
passthru = {
|
||||
updateScript = genericUpdater {
|
||||
versionLister =
|
||||
let
|
||||
arch =
|
||||
if system == "x86_64-linux" then
|
||||
"amd64"
|
||||
else if system == "aarch64-linux" then
|
||||
"arm64"
|
||||
else
|
||||
throw "cannot update AnyDesk on ${system}";
|
||||
in
|
||||
writeShellScript "anydesk-versionLister" ''
|
||||
curl -s https://anydesk.com/en/downloads/linux \
|
||||
| grep "https://[a-z0-9._/-]*-${arch}.tar.gz" -o \
|
||||
| uniq \
|
||||
| sed 's,.*/anydesk-\(.*\)-${arch}.tar.gz,\1,g'
|
||||
'';
|
||||
};
|
||||
updateScript = ./update.sh;
|
||||
};
|
||||
|
||||
meta = {
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
{
|
||||
"version": "8.0.2",
|
||||
"x86_64-linux": "sha256-6noMPfe0x6kx/whyd66qcmk7WhEivx3xK5q58Se9Ij0=",
|
||||
"aarch64-linux": "sha256-wfY+OCx9OyLCmiA29RjnYzcg/pApMIXWT5UrcdcyRYM="
|
||||
"version": "8.0.3",
|
||||
"x86_64-linux": "sha256-Mjl17hh5A/pwRAi7giL1SJYlQ61O0SXX+KeH8STZ4bs=",
|
||||
"aarch64-linux": "sha256-MhAj5cy81uBMoNeFPvOyhBOlJzBgNRHXyCXrpdvF8nE="
|
||||
}
|
||||
|
|
|
|||
39
pkgs/by-name/an/anydesk/update.sh
Executable file
39
pkgs/by-name/an/anydesk/update.sh
Executable file
|
|
@ -0,0 +1,39 @@
|
|||
#!/usr/bin/env -S nix shell nixpkgs#curl nixpkgs#jq nixpkgs#nix --command bash
|
||||
|
||||
set -euo pipefail
|
||||
|
||||
directory="$(dirname $0 | xargs realpath)"
|
||||
|
||||
new_version=$(
|
||||
curl -s https://rpm.anydesk.com/rhel/x86_64/Packages/ \
|
||||
| grep -oP 'anydesk_\K[0-9]+\.[0-9]+\.[0-9]+(?=-[0-9]+_x86_64\.rpm)' \
|
||||
| sort -V \
|
||||
| tail -1
|
||||
)
|
||||
|
||||
old_version=$(jq -r '.version' "$directory/pin.json")
|
||||
|
||||
if [[ "$new_version" == "$old_version" ]]; then
|
||||
echo "anydesk is already up to date ($old_version)"
|
||||
exit 0
|
||||
fi
|
||||
|
||||
echo "Updating anydesk: $old_version -> $new_version"
|
||||
|
||||
hash_amd64=$(nix hash to-sri --type sha256 \
|
||||
"$(nix-prefetch-url --type sha256 \
|
||||
"https://download.anydesk.com/linux/anydesk-${new_version}-amd64.tar.gz")")
|
||||
|
||||
hash_arm64=$(nix hash to-sri --type sha256 \
|
||||
"$(nix-prefetch-url --type sha256 \
|
||||
"https://download.anydesk.com/rpi/anydesk-${new_version}-arm64.tar.gz")")
|
||||
|
||||
cat > "$directory/pin.json" << EOF
|
||||
{
|
||||
"version": "$new_version",
|
||||
"x86_64-linux": "$hash_amd64",
|
||||
"aarch64-linux": "$hash_arm64"
|
||||
}
|
||||
EOF
|
||||
|
||||
cat "$directory/pin.json"
|
||||
|
|
@ -11,13 +11,13 @@
|
|||
|
||||
buildGoModule (finalAttrs: {
|
||||
pname = "apko";
|
||||
version = "1.2.17";
|
||||
version = "1.2.19";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "chainguard-dev";
|
||||
repo = "apko";
|
||||
tag = "v${finalAttrs.version}";
|
||||
hash = "sha256-6Z+1LpgvdRpcy2PmgSFeKHuMLh3jeA03KhfS2j2AhKQ=";
|
||||
hash = "sha256-Iia0U/oibPuUYC3adeXvL5m4nhEPHqBvHw7J7Uxn88s=";
|
||||
# populate values that require us to use git. By doing this in postFetch we
|
||||
# can delete .git afterwards and maintain better reproducibility of the src.
|
||||
leaveDotGit = true;
|
||||
|
|
@ -29,7 +29,7 @@ buildGoModule (finalAttrs: {
|
|||
find "$out" -name .git -print0 | xargs -0 rm -rf
|
||||
'';
|
||||
};
|
||||
vendorHash = "sha256-K2fqDAzex0EgrGPK5I4Bp5oqmIOnnuI1sztlySrX1Pc=";
|
||||
vendorHash = "sha256-vYUxwtqGUDbJhbhlajPtlUZKD4TKreHEGR1dCSuSiA4=";
|
||||
|
||||
excludedPackages = [
|
||||
"internal/gen-jsonschema"
|
||||
|
|
|
|||
|
|
@ -14,16 +14,16 @@
|
|||
|
||||
buildGoModule (finalAttrs: {
|
||||
pname = "aptly";
|
||||
version = "1.6.2";
|
||||
version = "1.6.3";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "aptly-dev";
|
||||
repo = "aptly";
|
||||
tag = "v${finalAttrs.version}";
|
||||
hash = "sha256-Jkljg05C4GJ4F9l6mKAU4JCH8I0/bjzfb74X714z4UI=";
|
||||
hash = "sha256-fjNN8EffY9G8YX/uME5ehs2zZj/YRA62y/muqigWSnE=";
|
||||
};
|
||||
|
||||
vendorHash = "sha256-3pFVAVvIpJut2YYxvnCQbBpdwwmUbZIyrx0WoQrU+nQ=";
|
||||
vendorHash = "sha256-QPYKdiEiV1iS3xJ3A66ILUXAlj0TGXuGf11wzdX3Z7Y=";
|
||||
|
||||
nativeBuildInputs = [
|
||||
installShellFiles
|
||||
|
|
|
|||
|
|
@ -7,14 +7,14 @@
|
|||
|
||||
python3Packages.buildPythonApplication (finalAttrs: {
|
||||
pname = "asciimol";
|
||||
version = "1.2.5";
|
||||
version = "1.2.7";
|
||||
pyproject = true;
|
||||
|
||||
__structuredAttrs = true;
|
||||
|
||||
src = fetchPypi {
|
||||
inherit (finalAttrs) pname version;
|
||||
hash = "sha256-sB8hHtjfCv5jFHXEoUG7zNn3d3QKihPLbgnR+Jyz4GQ=";
|
||||
hash = "sha256-SqwViOnVx1TcpY8Kd5VQCg1A8KQnBhL8aq9Gsrwer3k=";
|
||||
};
|
||||
|
||||
build-system = with python3Packages; [ setuptools ];
|
||||
|
|
|
|||
|
|
@ -7,13 +7,13 @@
|
|||
|
||||
buildGoModule (finalAttrs: {
|
||||
pname = "atlantis";
|
||||
version = "0.44.0";
|
||||
version = "0.44.1";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "runatlantis";
|
||||
repo = "atlantis";
|
||||
tag = "v${finalAttrs.version}";
|
||||
hash = "sha256-ZHd/RSzFXbcZ7324Bbgtx681zwdHi5xYgqVlTR4glHY=";
|
||||
hash = "sha256-CMMsW0VFUi5c2AsuvH5uxggzJ3wD1k24Zrk4tjlBczo=";
|
||||
};
|
||||
|
||||
ldflags = [
|
||||
|
|
|
|||
|
|
@ -9,13 +9,13 @@
|
|||
|
||||
buildGoModule (finalAttrs: {
|
||||
pname = "atlas";
|
||||
version = "1.2.2";
|
||||
version = "1.2.3";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "ariga";
|
||||
repo = "atlas";
|
||||
tag = "v${finalAttrs.version}";
|
||||
hash = "sha256-2wmmvNezi/AJ86r5m0rZOskqxfaT49870Pe615QycHg=";
|
||||
hash = "sha256-Ox/EgTSz0ONEJqLyiJsvpgUNfHyV2rQYXrIAImDwrLo=";
|
||||
};
|
||||
|
||||
modRoot = "cmd/atlas";
|
||||
|
|
|
|||
|
|
@ -62,4 +62,8 @@ stdenv.mkDerivation (finalAttrs: {
|
|||
|
||||
runHook postInstall
|
||||
'';
|
||||
|
||||
# (node:24500) Warning: File descriptor 19 closed but not opened in unmanaged mode
|
||||
# (node:24500) Warning: File descriptor 19 opened in unmanaged mode twice
|
||||
meta.broken = stdenv.hostPlatform.isDarwin;
|
||||
})
|
||||
|
|
|
|||
|
|
@ -7,16 +7,16 @@
|
|||
}:
|
||||
rustPlatform.buildRustPackage (finalAttrs: {
|
||||
pname = "basalt";
|
||||
version = "0.12.4";
|
||||
version = "0.12.6";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "erikjuhani";
|
||||
repo = "basalt";
|
||||
tag = "basalt/v${finalAttrs.version}";
|
||||
hash = "sha256-fijpPGPeF3f81WMWj1tIc0ht8hUIubAe19ja3iBNOh0=";
|
||||
hash = "sha256-MlKrVxNU9PNakIA9hiv5ll7ImkPDekQnassWFO/smkE=";
|
||||
};
|
||||
|
||||
cargoHash = "sha256-jY3EDM+jYwCsMpd5cA5WKzmhdS4rVCLz3h5gfshzhOQ=";
|
||||
cargoHash = "sha256-sTU0AUwR5xdnqLvrRycxuMk+KNcsEcYU3XvyODKT1Ns=";
|
||||
|
||||
nativeInstallCheckInputs = [ versionCheckHook ];
|
||||
doInstallCheck = true;
|
||||
|
|
|
|||
|
|
@ -49,6 +49,8 @@ buildNpmPackage rec {
|
|||
mv "$out/bin/pyright-langserver" "$out/bin/basedpyright-langserver"
|
||||
# Remove dangling symlinks created during installation (remove -delete to just see the files, or -print '%l\n' to see the target
|
||||
find -L $out -type l -print -delete
|
||||
# Remove native module build artifacts that reference nodejs source
|
||||
rm -rf "$out/lib/node_modules/pyright-root/node_modules/keytar/build"
|
||||
'';
|
||||
|
||||
nativeInstallCheckInputs = [ versionCheckHook ];
|
||||
|
|
|
|||
|
|
@ -14,31 +14,24 @@
|
|||
|
||||
buildNpmPackage (finalAttrs: {
|
||||
pname = "bitwarden-cli";
|
||||
version = "2026.5.0";
|
||||
version = "2026.6.0";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "bitwarden";
|
||||
repo = "clients";
|
||||
tag = "cli-v${finalAttrs.version}";
|
||||
hash = "sha256-R00wt5W4kKmFIODEaGoUqDwfGyHH/2PpiRaC8Gq3d88=";
|
||||
hash = "sha256-JIIis3wW0cU33ovRQfJi3HlB2YdLZ5IPvueq1dGFbas=";
|
||||
};
|
||||
|
||||
postPatch = ''
|
||||
# remove code under unfree license
|
||||
rm -r bitwarden_license
|
||||
|
||||
# Upstream cli-v2026.4.1 bumps @napi-rs/cli to 3.5.1 in the desktop workspace,
|
||||
# but the root lockfile still points that entry at 3.2.0.
|
||||
substituteInPlace package-lock.json \
|
||||
--replace-fail \
|
||||
$' "apps/desktop/node_modules/@napi-rs/cli": {\n "version": "3.2.0",\n "resolved": "https://registry.npmjs.org/@napi-rs/cli/-/cli-3.2.0.tgz",\n "integrity": "sha512-heyXt/9OBPv/WrTFW2+PxIMzH6MCeqP9ZsvOg0LN6pLngBnszcxFsdhCAh5I6sddzQsvru53zj59GUzvmpWk8Q==",' \
|
||||
$' "apps/desktop/node_modules/@napi-rs/cli": {\n "version": "3.5.1",\n "resolved": "https://registry.npmjs.org/@napi-rs/cli/-/cli-3.5.1.tgz",\n "integrity": "sha512-XBfLQRDcB3qhu6bazdMJsecWW55kR85l5/k0af9BIBELXQSsCFU0fzug7PX8eQp6vVdm7W/U3z6uP5WmITB2Gw==",'
|
||||
'';
|
||||
|
||||
nodejs = nodejs_22;
|
||||
npmDepsFetcherVersion = 2;
|
||||
|
||||
npmDepsHash = "sha256-SU4HjfNshjRwa8mXPnmG2xVIwYkbQ7g8j3NZ43Ap76k=";
|
||||
npmDepsHash = "sha256-sXFSjQw9iM5Ye03BX+ZzpDfeAyLTJoG/k46NiI3O8+A=";
|
||||
|
||||
nativeBuildInputs = lib.optionals stdenv.hostPlatform.isDarwin [
|
||||
perl
|
||||
|
|
|
|||
|
|
@ -10,16 +10,16 @@
|
|||
|
||||
buildGoModule (finalAttrs: {
|
||||
pname = "buf";
|
||||
version = "1.70.0";
|
||||
version = "1.71.0";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "bufbuild";
|
||||
repo = "buf";
|
||||
tag = "v${finalAttrs.version}";
|
||||
hash = "sha256-C06/5a4icjgI35ADQKvlZ6JmCCyW/9e0aF9VIpLCqn0=";
|
||||
hash = "sha256-GrGtJzZoyyEoIyqc8iItH7/LhXNEuTKbDl+gdB/5bHw=";
|
||||
};
|
||||
|
||||
vendorHash = "sha256-Vveg7rBno66IPinVs9RJtzVJdtAJE55QZfWA3WIXGDQ=";
|
||||
vendorHash = "sha256-8FJtJ/mHldia6t5yIPUfCvOlsKJSzT/vVcF+WxRO1Mo=";
|
||||
|
||||
patches = [
|
||||
# Skip a test that requires networking to be available to work.
|
||||
|
|
|
|||
|
|
@ -7,13 +7,13 @@
|
|||
|
||||
buildGoModule (finalAttrs: {
|
||||
pname = "buildkit";
|
||||
version = "0.31.0";
|
||||
version = "0.31.1";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "moby";
|
||||
repo = "buildkit";
|
||||
rev = "v${finalAttrs.version}";
|
||||
hash = "sha256-mTYNyz2H980l7/Vcyf9wnEgmi2j6S63C9ZcwOaK/+YY=";
|
||||
hash = "sha256-lpcbCPsnvwMULeZgo1eQ0AqlfsyOMO/7b3ZOCoVTDKk=";
|
||||
};
|
||||
|
||||
vendorHash = null;
|
||||
|
|
|
|||
|
|
@ -47,7 +47,7 @@ python3.pkgs.buildPythonApplication (finalAttrs: {
|
|||
propagatedBuildInputs = with python3.pkgs; [
|
||||
anytree
|
||||
fuzzyfinder
|
||||
gpgme
|
||||
gpg
|
||||
pygobject3
|
||||
];
|
||||
|
||||
|
|
|
|||
|
|
@ -7,14 +7,14 @@
|
|||
|
||||
rustPlatform.buildRustPackage (finalAttrs: {
|
||||
pname = "cargo-hack";
|
||||
version = "0.6.44";
|
||||
version = "0.6.45";
|
||||
|
||||
src = fetchCrate {
|
||||
inherit (finalAttrs) pname version;
|
||||
hash = "sha256-f45zkLoj4gZ7U+2B560lLEpYYrGyXjiaMd6XMEzF2NE=";
|
||||
hash = "sha256-WehLSSE1g6mu8GNJQzyVeu80pqswE+SModgwOAP//bE=";
|
||||
};
|
||||
|
||||
cargoHash = "sha256-dG5MTWPcBGnOBthF1V8jbcOLXSb/O34N8slpIXR+2c8=";
|
||||
cargoHash = "sha256-YlM89NaI+9iDb4KiTYAhCJtN3G+j6q44xo79ZcyKr6M=";
|
||||
|
||||
# some necessary files are absent in the crate version
|
||||
doCheck = false;
|
||||
|
|
|
|||
|
|
@ -30,6 +30,7 @@ buildGoModule (finalAttrs: {
|
|||
meta = {
|
||||
description = "Skip YouTube sponsorships (and sometimes ads) on all local Google Cast devices";
|
||||
homepage = "https://github.com/gabe565/CastSponsorSkip";
|
||||
mainProgram = "castsponsorskip";
|
||||
changelog = "https://github.com/gabe565/CastSponsorSkip/releases";
|
||||
license = lib.licenses.asl20;
|
||||
maintainers = with lib.maintainers; [
|
||||
|
|
|
|||
107
pkgs/by-name/cc/ccusage/package.nix
Normal file
107
pkgs/by-name/cc/ccusage/package.nix
Normal file
|
|
@ -0,0 +1,107 @@
|
|||
{
|
||||
lib,
|
||||
stdenv,
|
||||
rustPlatform,
|
||||
fetchFromGitHub,
|
||||
fetchurl,
|
||||
pkg-config,
|
||||
apple-sdk_15,
|
||||
libiconv,
|
||||
versionCheckHook,
|
||||
nix-update-script,
|
||||
runCommand,
|
||||
jq,
|
||||
}:
|
||||
|
||||
let
|
||||
# ccusage embeds the LiteLLM model-pricing table at build time. Its build
|
||||
# script otherwise downloads this file from the network, which fails in the
|
||||
# sandbox. Upstream pins the data via a flake input and points
|
||||
# CCUSAGE_PRICING_JSON_PATH at it; mirror that exact revision here so the
|
||||
# build is offline and reproducible (see package.nix + flake.lock in the
|
||||
# upstream repo at tag v20.0.6). Bump this revision together with the package
|
||||
# version; nix-update only refreshes the src and cargo hashes.
|
||||
litellmPricing = fetchurl {
|
||||
url = "https://raw.githubusercontent.com/BerriAI/litellm/f27df8d516802ce4c1b32973992154fe83b851cf/model_prices_and_context_window.json";
|
||||
hash = "sha256-zJa6H2EwP9s+hMVs78Y+hwo4UX1dHRtvX5J3MdGh5aI=";
|
||||
};
|
||||
in
|
||||
rustPlatform.buildRustPackage (finalAttrs: {
|
||||
pname = "ccusage";
|
||||
version = "20.0.6";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "ryoppippi";
|
||||
repo = "ccusage";
|
||||
tag = "v${finalAttrs.version}";
|
||||
hash = "sha256-uf/FlPprxx4jh74YwjmYMtoIHpTkKrWTLetbNoYiFv4=";
|
||||
};
|
||||
|
||||
# The Cargo workspace lives in rust/, not at the repo root.
|
||||
cargoRoot = "rust";
|
||||
buildAndTestSubdir = "rust";
|
||||
|
||||
cargoHash = "sha256-izA2Gs5nPmt0zn6/e1xM80vyyQHYKGEUDpUFRpyFiB8=";
|
||||
|
||||
__structuredAttrs = true;
|
||||
strictDeps = true;
|
||||
|
||||
nativeBuildInputs = [ pkg-config ];
|
||||
|
||||
buildInputs = lib.optionals stdenv.hostPlatform.isDarwin [
|
||||
apple-sdk_15
|
||||
libiconv
|
||||
];
|
||||
|
||||
env.CCUSAGE_PRICING_JSON_PATH = "${litellmPricing}";
|
||||
|
||||
# Build only the ccusage binary out of the multi-crate workspace.
|
||||
cargoBuildFlags = [
|
||||
"-p"
|
||||
"ccusage"
|
||||
"--bin"
|
||||
"ccusage"
|
||||
];
|
||||
|
||||
# Upstream disables the test suite in its own Nix build; parts of it rely on
|
||||
# network access and live pricing data. versionCheckHook still exercises the
|
||||
# built binary below.
|
||||
doCheck = false;
|
||||
|
||||
nativeInstallCheckInputs = [ versionCheckHook ];
|
||||
doInstallCheck = true;
|
||||
|
||||
passthru = {
|
||||
updateScript = nix-update-script { };
|
||||
|
||||
tests = {
|
||||
# With no agent data on disk, ccusage must still emit a valid, empty JSON
|
||||
# report. --offline keeps it from reaching the network, exercising the
|
||||
# pricing table baked in at build time. This guards the data discovery,
|
||||
# JSON serialization, and offline-pricing paths without needing fixtures.
|
||||
smoke =
|
||||
runCommand "ccusage-smoke-test"
|
||||
{
|
||||
nativeBuildInputs = [
|
||||
finalAttrs.finalPackage
|
||||
jq
|
||||
];
|
||||
}
|
||||
''
|
||||
export HOME="$(mktemp -d)"
|
||||
ccusage daily --json --offline > report.json
|
||||
jq -e '.daily == [] and .totals.totalTokens == 0' report.json
|
||||
touch "$out"
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
||||
meta = {
|
||||
description = "Analyze coding agent CLI token usage and costs from local data";
|
||||
homepage = "https://github.com/ryoppippi/ccusage";
|
||||
changelog = "https://github.com/ryoppippi/ccusage/releases/tag/v${finalAttrs.version}";
|
||||
license = lib.licenses.mit;
|
||||
maintainers = with lib.maintainers; [ thrix ];
|
||||
mainProgram = "ccusage";
|
||||
};
|
||||
})
|
||||
|
|
@ -11,13 +11,13 @@
|
|||
|
||||
buildGoModule (finalAttrs: {
|
||||
pname = "cilium-cli";
|
||||
version = "0.19.4";
|
||||
version = "0.19.5";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "cilium";
|
||||
repo = "cilium-cli";
|
||||
tag = "v${finalAttrs.version}";
|
||||
hash = "sha256-DDNs9cJrurTA2yNrm0AJTfl7m6tiWwERmdgKzceiK9I=";
|
||||
hash = "sha256-2MxIqKuuzSEzmhdmWqYxinHKzlP7io7Tw6Ini2Sl3wQ=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ installShellFiles ];
|
||||
|
|
|
|||
|
|
@ -1,47 +1,47 @@
|
|||
{
|
||||
"version": "2.1.191",
|
||||
"commit": "397db5e73d569118815b8037ca9ff2483a06bbfe",
|
||||
"buildDate": "2026-06-24T11:32:23Z",
|
||||
"version": "2.1.193",
|
||||
"commit": "a1938d2a07a2e4fecbef4eeac813221929e97d22",
|
||||
"buildDate": "2026-06-25T18:25:46Z",
|
||||
"platforms": {
|
||||
"darwin-arm64": {
|
||||
"binary": "claude",
|
||||
"checksum": "99fdfb552a5260e649aedd06c024d0a4105b09cefec0bf67d558e017ee66c400",
|
||||
"size": 219856224
|
||||
"checksum": "f7513a30385ad9019c237226fd6ec46508b3062ebefca8aedbe397d111a818ff",
|
||||
"size": 222248240
|
||||
},
|
||||
"darwin-x64": {
|
||||
"binary": "claude",
|
||||
"checksum": "6e83aad5fc4fd459fd74539cda06d2279105eac2befc603d2fba6494974cb2a4",
|
||||
"size": 229178416
|
||||
"checksum": "cba5c3bdca8ab5f8e7590406702d418f6114d9b39f48f16876680e881abf1ee8",
|
||||
"size": 230317808
|
||||
},
|
||||
"linux-arm64": {
|
||||
"binary": "claude",
|
||||
"checksum": "1a31a7cbcfd784f8c073bfc8a0a1583fb6e93e60ef70b76d7fcf663ffed8949b",
|
||||
"size": 236305136
|
||||
"checksum": "39454ce62e795eeb4871a81f6453cda96e926e2db9a4dd41d0ec1b60b0153448",
|
||||
"size": 237419248
|
||||
},
|
||||
"linux-x64": {
|
||||
"binary": "claude",
|
||||
"checksum": "1038dba88bdf1b80941dc3e383e93b088325b00497329ac50da460c8786d5bee",
|
||||
"size": 239438648
|
||||
"checksum": "c9f04d929f18bd9a101f3897f27de4e1e0f15ebe8400d4aaf02983d73dd66b1d",
|
||||
"size": 240556856
|
||||
},
|
||||
"linux-arm64-musl": {
|
||||
"binary": "claude",
|
||||
"checksum": "7e5d3ac86e28dbd224f84d9349372b74bed39ad6392408df63356fd8a810c96e",
|
||||
"size": 229553336
|
||||
"checksum": "658bbae05441c2d3792f9870a5001a1dfa7a62956abffc151aed7cae0adf9f7d",
|
||||
"size": 230667448
|
||||
},
|
||||
"linux-x64-musl": {
|
||||
"binary": "claude",
|
||||
"checksum": "b80e0066fb208cbd50fe539ed9c03dadd24fcc058bb67774fd36a316bca396ad",
|
||||
"size": 234123648
|
||||
"checksum": "b37861314ace243d8425ebce503c657c5d9f76af361f9bd8ca3bd34b2e71474a",
|
||||
"size": 235258240
|
||||
},
|
||||
"win32-x64": {
|
||||
"binary": "claude.exe",
|
||||
"checksum": "83397a6a029c7da663fb1ce27211e05174a3546d8b151e42451bf4590b8343d7",
|
||||
"size": 230281888
|
||||
"checksum": "ffea22269bf66ce778ce845ea0c15cb5b21d39be82601a065c3eca6f7368da3e",
|
||||
"size": 231359136
|
||||
},
|
||||
"win32-arm64": {
|
||||
"binary": "claude.exe",
|
||||
"checksum": "ec8c342e835ee8891ef2c6d0eb9ac460f2d5e6a668788c8a03faa3451748c275",
|
||||
"size": 224756384
|
||||
"checksum": "0bea15edaf5791220c646f9066bda84397a73053d88f225c7622c7a2ab45ff59",
|
||||
"size": 225839264
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -9,14 +9,14 @@
|
|||
|
||||
stdenv.mkDerivation (finalAttrs: {
|
||||
pname = "clpeak";
|
||||
version = "2.0.0";
|
||||
version = "2.0.13";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "krrishnarraj";
|
||||
repo = "clpeak";
|
||||
tag = finalAttrs.version;
|
||||
fetchSubmodules = true;
|
||||
hash = "sha256-e6r9kGjSWnhgODKtIIjXBA63L9JGQFHIsacfH0IJAGo=";
|
||||
hash = "sha256-tybt85jxoaWLUuZNFAla+2t0rLSanapc9w3lgez9uPI=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ cmake ];
|
||||
|
|
|
|||
|
|
@ -6,18 +6,18 @@
|
|||
|
||||
buildGoModule (finalAttrs: {
|
||||
pname = "cnspec";
|
||||
version = "13.23.0";
|
||||
version = "13.24.2";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "mondoohq";
|
||||
repo = "cnspec";
|
||||
tag = "v${finalAttrs.version}";
|
||||
hash = "sha256-HXTbvd7VC9osmh2NREpdKpMZV2M5WOdc9uRTeDljzzQ=";
|
||||
hash = "sha256-+po6fgqtNRKozQ/nampYOpLdzU+0Cz5b93kDzofLnHw=";
|
||||
};
|
||||
|
||||
proxyVendor = true;
|
||||
|
||||
vendorHash = "sha256-QoiE4dvEB+eX8SrneRzQ3kFq6JBMzlpV2OVCkolZzIs=";
|
||||
vendorHash = "sha256-AIhjFjXBEtukTaOnIATEzT3HrXTio3ayc/YovoRU7j8=";
|
||||
|
||||
subPackages = [ "apps/cnspec" ];
|
||||
|
||||
|
|
|
|||
|
|
@ -1,22 +1,22 @@
|
|||
{
|
||||
"version": "3.7.42",
|
||||
"version": "3.9.8",
|
||||
"vscodeVersion": "1.105.1",
|
||||
"sources": {
|
||||
"x86_64-linux": {
|
||||
"url": "https://downloads.cursor.com/production/5702c9cfca656d8710fad58402fe37f14345e3ac/linux/x64/Cursor-3.7.42-x86_64.AppImage",
|
||||
"hash": "sha256-o7c220esGj2qrLDt88zQ+XpAMbhJGoky5iNFB/qhvtU="
|
||||
"url": "https://downloads.cursor.com/production/4aa8ff1b7877ed7bd01bcba308698f71a6735380/linux/x64/Cursor-3.9.8-x86_64.AppImage",
|
||||
"hash": "sha256-xcyFowrW5yzIDCwbFGmpDRSNa3OUXsHwpLkbyNcSzqM="
|
||||
},
|
||||
"aarch64-linux": {
|
||||
"url": "https://downloads.cursor.com/production/5702c9cfca656d8710fad58402fe37f14345e3ac/linux/arm64/Cursor-3.7.42-aarch64.AppImage",
|
||||
"hash": "sha256-PjVgVemRY66zY/gXcgYCVzSwkC5aCJeMsNreceQzWI4="
|
||||
"url": "https://downloads.cursor.com/production/4aa8ff1b7877ed7bd01bcba308698f71a6735380/linux/arm64/Cursor-3.9.8-aarch64.AppImage",
|
||||
"hash": "sha256-ZhRMvfJkt8NZT45tYxfO2gBFaVw6hR2nVeRzmrxQfeE="
|
||||
},
|
||||
"x86_64-darwin": {
|
||||
"url": "https://downloads.cursor.com/production/5702c9cfca656d8710fad58402fe37f14345e3ac/darwin/x64/Cursor-darwin-x64.dmg",
|
||||
"hash": "sha256-AiS0Iswdp8DAZV6cFA7uIYSE24ystuqJRz0YGJkkmDE="
|
||||
"url": "https://downloads.cursor.com/production/4aa8ff1b7877ed7bd01bcba308698f71a6735380/darwin/x64/Cursor-darwin-x64.dmg",
|
||||
"hash": "sha256-IOQsZQAncDgZGEnCZWg/LQqD/PquFifBmuk2hnJ1L/s="
|
||||
},
|
||||
"aarch64-darwin": {
|
||||
"url": "https://downloads.cursor.com/production/5702c9cfca656d8710fad58402fe37f14345e3ac/darwin/arm64/Cursor-darwin-arm64.dmg",
|
||||
"hash": "sha256-e6VrLs/tj+FkEbUJN4RpQKNAbWCS/mEo1drVQFErXU0="
|
||||
"url": "https://downloads.cursor.com/production/4aa8ff1b7877ed7bd01bcba308698f71a6735380/darwin/arm64/Cursor-darwin-arm64.dmg",
|
||||
"hash": "sha256-GxpBKyx0Yo3e8AUS9Oxei/hHm1m3JdxMKjX7qAxUGm4="
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
|||
41
pkgs/by-name/co/codebase-memory-mcp/package.nix
Normal file
41
pkgs/by-name/co/codebase-memory-mcp/package.nix
Normal file
|
|
@ -0,0 +1,41 @@
|
|||
{
|
||||
lib,
|
||||
stdenv,
|
||||
fetchFromGitHub,
|
||||
gnumake,
|
||||
zlib,
|
||||
}:
|
||||
stdenv.mkDerivation (finalAttrs: {
|
||||
pname = "codebase-memory-mcp";
|
||||
version = "0.8.1";
|
||||
src = fetchFromGitHub {
|
||||
owner = "DeusData";
|
||||
repo = "codebase-memory-mcp";
|
||||
rev = "v${finalAttrs.version}";
|
||||
hash = "sha256-H0l8H2JhPT1Rs0p+CJC1a1qYtnZNgLGe6n7PmM+WvE4=";
|
||||
};
|
||||
nativeBuildInputs = [ gnumake ];
|
||||
buildInputs = [ zlib ];
|
||||
strictDeps = true;
|
||||
__structuredAttrs = true;
|
||||
# scripts/build.sh verifies CC via `file`, which fails on Nix's compiler wrapper.
|
||||
# Call make directly — mirrors upstream flake.nix.
|
||||
buildPhase = ''
|
||||
runHook preBuild
|
||||
make -j$NIX_BUILD_CORES -f Makefile.cbm cbm CFLAGS_EXTRA='-DCBM_VERSION=\"${finalAttrs.version}\"'
|
||||
runHook postBuild
|
||||
'';
|
||||
installPhase = ''
|
||||
runHook preInstall
|
||||
install -Dm755 build/c/codebase-memory-mcp $out/bin/codebase-memory-mcp
|
||||
runHook postInstall
|
||||
'';
|
||||
meta = {
|
||||
homepage = "https://github.com/DeusData/codebase-memory-mcp";
|
||||
description = "High-performance C11 MCP server that indexes codebases into a persistent knowledge graph";
|
||||
mainProgram = "codebase-memory-mcp";
|
||||
license = lib.licenses.mit;
|
||||
maintainers = with lib.maintainers; [ gdifolco ];
|
||||
platforms = lib.platforms.linux ++ lib.platforms.darwin;
|
||||
};
|
||||
})
|
||||
|
|
@ -15,21 +15,21 @@ let
|
|||
|
||||
channels = {
|
||||
stable = {
|
||||
version = "2.28.6";
|
||||
version = "2.33.9";
|
||||
hash = {
|
||||
x86_64-linux = "sha256-OBnEOR6uNCzfsnWIQupSN9JMykNbrojrkb5lcPXL1W8=";
|
||||
x86_64-darwin = "sha256-ixI5BPxq7spPk1Un6eYVke+IkhqoIxTqDTXo5FehaEk=";
|
||||
aarch64-linux = "sha256-w+5PMff13nUp7jAYGSQlozShWqjsF+NLKQiquxD07wc=";
|
||||
aarch64-darwin = "sha256-nrx0Z1NdzkeQbeWzwOhpATIYnCCucG5lKRoUaRVjiQE=";
|
||||
x86_64-linux = "sha256-/X1/1xlPV/86MyAXv7MJU8YtEemRNYdasBP6lH586DM=";
|
||||
x86_64-darwin = "sha256-9ns+EzDMgyo+zgfQ3867AhTQ1qENPjtHXCYWtmP00mU=";
|
||||
aarch64-linux = "sha256-4hrV9va+c3VvQXIQ2j6CGZ19ZFCFDEsHhfZu/kQfhwA=";
|
||||
aarch64-darwin = "sha256-5k15Rf09/n/eKvVD0VxDWWWgJK7U0DDNAf0p923BGLs=";
|
||||
};
|
||||
};
|
||||
mainline = {
|
||||
version = "2.29.1";
|
||||
version = "2.34.3";
|
||||
hash = {
|
||||
x86_64-linux = "sha256-LxYADRdkiIsvHBaMy+MtJuUo8p5MLDKDL6pMtHaqokw=";
|
||||
x86_64-darwin = "sha256-OwZpCTjEVzTu4M9jf0vOuTuiyn66qRc/pEO/DLD8pvg=";
|
||||
aarch64-linux = "sha256-hNPimwzopC2Hj8i0I6KJAtvKXANACpmcN+onGvAaMvc=";
|
||||
aarch64-darwin = "sha256-AuNFtvnG40Toll/hmEXeGuV6ZcxfuVuUTFqdtTLXRn8=";
|
||||
x86_64-linux = "sha256-j7r5qupAsjkA11KJpdTIVtogWvSxz59nMKtTS92NMDk=";
|
||||
x86_64-darwin = "sha256-MJJK0NeXHfd/ipmPUrdhrcCOArafYH3sq+MW7GiLVnY=";
|
||||
aarch64-linux = "sha256-avDUA/3RLcoyt6QZ3CllvjNp8O65g+0CkAJjMOOVKLg=";
|
||||
aarch64-darwin = "sha256-qCHsK0zOqJO/ECb9afaEwNia9R/AJMgtRpIFUfZeY1Y=";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
|
|
|||
|
|
@ -100,7 +100,7 @@ maven.buildMavenPackage {
|
|||
homepage = "https://github.com/Athou/commafeed";
|
||||
license = lib.licenses.asl20;
|
||||
mainProgram = "commafeed";
|
||||
maintainers = [ ];
|
||||
maintainers = with lib.maintainers; [ svrana ];
|
||||
broken = stdenv.hostPlatform.isDarwin || stdenv.hostPlatform.isAarch64;
|
||||
};
|
||||
}
|
||||
|
|
|
|||
|
|
@ -10,16 +10,16 @@
|
|||
}:
|
||||
rustPlatform.buildRustPackage (finalAttrs: {
|
||||
pname = "concord-tui";
|
||||
version = "2.2.2";
|
||||
version = "2.2.7";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "chojs23";
|
||||
repo = "concord";
|
||||
tag = "v${finalAttrs.version}";
|
||||
hash = "sha256-oKaP5ff19RYg73LsilD1Hxaz7nSr8QK/08jM1TylbWU=";
|
||||
hash = "sha256-WSZsN1+ZhFWTHl9BvKERrr0lQj06N392Jo2nYjNm5QY=";
|
||||
};
|
||||
|
||||
cargoHash = "sha256-jJkAXzmZAUHLIO2uVeR3KNTBYAnp31m49mk66/lKHHY=";
|
||||
cargoHash = "sha256-LJnwO9507nLptKARCih58+wKrHzLGu+qQ/guf1oezX8=";
|
||||
|
||||
buildInputs = [
|
||||
opus
|
||||
|
|
|
|||
|
|
@ -1,17 +1,30 @@
|
|||
From 0cfacb99db5940dabc385e7bc4534dfefa60fcfd Mon Sep 17 00:00:00 2001
|
||||
From: fliiiix <hi@l33t.name>
|
||||
Date: Thu, 25 Jun 2026 10:46:35 +0200
|
||||
Subject: [PATCH] cpm
|
||||
|
||||
---
|
||||
CMakeLists.txt | 4 ----
|
||||
tests/CMakeLists.txt | 11 +----------
|
||||
2 files changed, 1 insertion(+), 14 deletions(-)
|
||||
|
||||
diff --git a/CMakeLists.txt b/CMakeLists.txt
|
||||
index 7dbc2c3..cfdd98d 100644
|
||||
index 51fade9b4..1b93bffd2 100644
|
||||
--- a/CMakeLists.txt
|
||||
+++ b/CMakeLists.txt
|
||||
@@ -11,7 +11,6 @@ project(Crow
|
||||
@@ -60,10 +60,6 @@ option(CROW_ENABLE_SSL "Enable Crow's SSL feature for supporting https" OFF)
|
||||
option(CROW_ENABLE_COMPRESSION "Enable Crow's Compression feature for supporting compressed http content" OFF)
|
||||
option(CROW_ENABLE_TSAN "Enable ThreadSanitizer" OFF)
|
||||
|
||||
set(CMAKE_EXPORT_COMPILE_COMMANDS ON)
|
||||
|
||||
-include(${CMAKE_CURRENT_SOURCE_DIR}/cmake/CPM.cmake)
|
||||
|
||||
# Make sure Findasio.cmake module is found
|
||||
list(APPEND CMAKE_MODULE_PATH ${CMAKE_CURRENT_SOURCE_DIR}/cmake)
|
||||
-if(CROW_GENERATE_SBOM OR CROW_BUILD_TESTS)
|
||||
- include(${CMAKE_CURRENT_SOURCE_DIR}/cmake/CPM.cmake)
|
||||
-endif ()
|
||||
-
|
||||
if(CROW_GENERATE_SBOM)
|
||||
CPMAddPackage(
|
||||
NAME cmake-sbom
|
||||
diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt
|
||||
index 67c458c..2873530 100644
|
||||
index 80f6dd364..e01adeb2f 100644
|
||||
--- a/tests/CMakeLists.txt
|
||||
+++ b/tests/CMakeLists.txt
|
||||
@@ -5,18 +5,9 @@ set(CMAKE_POLICY_DEFAULT_CMP0077 new)
|
||||
|
|
@ -23,7 +36,7 @@ index 67c458c..2873530 100644
|
|||
+find_package(Catch2 REQUIRED)
|
||||
|
||||
-CPMAddPackage(Catch2
|
||||
- VERSION 3.10.0
|
||||
- VERSION 3.12.0
|
||||
- GITHUB_REPOSITORY catchorg/Catch2
|
||||
- OPTIONS
|
||||
- "CATCH_INSTALL_DOCS Off"
|
||||
|
|
@ -34,3 +47,6 @@ index 67c458c..2873530 100644
|
|||
enable_testing()
|
||||
|
||||
# list the test sources
|
||||
--
|
||||
2.43.0
|
||||
|
||||
|
|
|
|||
|
|
@ -10,13 +10,13 @@
|
|||
|
||||
stdenv.mkDerivation (finalAttrs: {
|
||||
pname = "crow";
|
||||
version = "1.3.0.0";
|
||||
version = "1.3.2";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "CrowCpp";
|
||||
repo = "Crow";
|
||||
tag = "v${finalAttrs.version}";
|
||||
hash = "sha256-QLYQ0RouqDDvhnBF79O/9M7IwlF0eQ3HTqR6bXWm574=";
|
||||
hash = "sha256-MN2x1hgJ9TziZFPSZn6RuAEfl4mZv3ijU9LqQJkw6UM=";
|
||||
};
|
||||
|
||||
patches = [
|
||||
|
|
|
|||
|
|
@ -7,13 +7,13 @@
|
|||
|
||||
buildGoModule (finalAttrs: {
|
||||
pname = "cruise";
|
||||
version = "1.1.0";
|
||||
version = "2.2.2";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "NucleoFusion";
|
||||
repo = "cruise";
|
||||
tag = "v${finalAttrs.version}";
|
||||
hash = "sha256-0xIugbLlKlMODbMvsFzQXjKNNGY61tF4P/0loPlfs6o=";
|
||||
hash = "sha256-AhLSzynNvtHK3URTd1034/2ToGcJUDp7rGMtr3kyees=";
|
||||
};
|
||||
|
||||
vendorHash = "sha256-Zx1rZl5ljlsBNV1eQKPtQ+SgJV9l5rS8hwBe8nX9dYQ=";
|
||||
|
|
@ -23,7 +23,7 @@ buildGoModule (finalAttrs: {
|
|||
meta = {
|
||||
description = "TUI for managing Docker containers, images, volumes, networks, and more";
|
||||
homepage = "https://github.com/NucleoFusion/cruise";
|
||||
license = lib.licenses.mit;
|
||||
license = lib.licenses.asl20;
|
||||
maintainers = with lib.maintainers; [ greatnatedev ];
|
||||
mainProgram = "cruise";
|
||||
platforms = lib.platforms.linux;
|
||||
|
|
|
|||
|
|
@ -11,16 +11,16 @@
|
|||
|
||||
buildGo126Module (finalAttrs: {
|
||||
pname = "crush";
|
||||
version = "0.74.1";
|
||||
version = "0.80.0";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "charmbracelet";
|
||||
repo = "crush";
|
||||
tag = "v${finalAttrs.version}";
|
||||
hash = "sha256-JnELv8Q2GlOKhYbBRUDY8m8XuyyoD71Tw5qbnpbNxVY=";
|
||||
hash = "sha256-joSzU5+gufb9cEsIOVVSnEO9+Xoy1g+gqzvmpbkIky8=";
|
||||
};
|
||||
|
||||
vendorHash = "sha256-D2GJ3ORyJy5Dn0MZJWgB3Wv1FyDoAWqLI3W0yU1q5Lw=";
|
||||
vendorHash = "sha256-cA39djwy7NOBeJELvrPSW2mRcyDEhsghPOzzQ9O180c=";
|
||||
|
||||
ldflags = [
|
||||
"-s"
|
||||
|
|
|
|||
|
|
@ -35,6 +35,13 @@ rustPlatform.buildRustPackage (finalAttrs: {
|
|||
pname = "deno";
|
||||
version = "2.8.3";
|
||||
|
||||
__structuredAttrs = true;
|
||||
|
||||
outputs = [
|
||||
"out"
|
||||
"denort"
|
||||
];
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "denoland";
|
||||
repo = "deno";
|
||||
|
|
@ -225,7 +232,9 @@ rustPlatform.buildRustPackage (finalAttrs: {
|
|||
'';
|
||||
|
||||
postInstall = ''
|
||||
# Remove non-essential binaries like denort and test_server
|
||||
moveToOutput "bin/denort" "$denort"
|
||||
|
||||
# Remove non-essential binaries like test_server
|
||||
find $out/bin/* -not -name "deno" -delete
|
||||
|
||||
# Do what `deno x --install-alias` would do (it doesn't work with Nix-packaged Deno)
|
||||
|
|
@ -279,6 +288,7 @@ rustPlatform.buildRustPackage (finalAttrs: {
|
|||
jk
|
||||
ofalvai
|
||||
mynacol
|
||||
anish
|
||||
];
|
||||
maxSilent = 14400; # 4h, double the default of 7200s; sometimes needed for x86_64-darwin on hydra
|
||||
platforms = [
|
||||
|
|
|
|||
|
|
@ -7,13 +7,13 @@
|
|||
}:
|
||||
buildGoModule (finalAttrs: {
|
||||
pname = "devbox";
|
||||
version = "0.17.3";
|
||||
version = "0.17.5";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "jetify-com";
|
||||
repo = "devbox";
|
||||
tag = finalAttrs.version;
|
||||
hash = "sha256-nG/6qRhoCYUCxNXYHj7zyeOSaQBqguaIjEip9HVZbp8=";
|
||||
hash = "sha256-m7FMUjKZZsmnjtnjPyyq0YUIjDQiyb5zBbpGiH4cdyw=";
|
||||
};
|
||||
|
||||
ldflags = [
|
||||
|
|
|
|||
Some files were not shown because too many files have changed in this diff Show more
Loading…
Add table
Add a link
Reference in a new issue