From: Ismaël Bouya Date: Sun, 5 Apr 2020 13:57:20 +0000 (+0200) Subject: Upgrade to nixos-unstable X-Git-Url: https://git.immae.eu/?p=perso%2FImmae%2FConfig%2FNix.git;a=commitdiff_plain;h=258dd18bac4bf5dd03cf1098ffa35cb954f9e015 Upgrade to nixos-unstable --- diff --git a/modules/naemon/default.nix b/modules/naemon/default.nix index 38e99a9..976de69 100644 --- a/modules/naemon/default.nix +++ b/modules/naemon/default.nix @@ -137,18 +137,18 @@ in } ]; - users.users = optionalAttrs (cfg.user == "naemon") (singleton - { - name = "naemon"; + users.users = optionalAttrs (cfg.user == "naemon") { + naemon = { group = cfg.group; uid = config.ids.uids.nagios; extraGroups = [ "keys" ]; - }); - users.groups = optionalAttrs (cfg.user == "naemon") (singleton - { - name = "naemon"; - gid = config.ids.gids.nagios; - }); + }; + }; + users.groups = optionalAttrs (cfg.user == "naemon") { + naemon = { + gid = config.ids.gids.nagios; + }; + }; services.filesWatcher.naemon = { paths = [ config.secrets.fullPaths."naemon/resources.cfg" ]; diff --git a/modules/opendmarc.nix b/modules/opendmarc.nix index e18ec82..6137d10 100644 --- a/modules/opendmarc.nix +++ b/modules/opendmarc.nix @@ -59,16 +59,18 @@ in { config = mkIf cfg.enable { - users.users = optionalAttrs (cfg.user == "opendmarc") (singleton - { name = "opendmarc"; + users.users = optionalAttrs (cfg.user == "opendmarc") { + opendmarc = { group = cfg.group; uid = config.ids.uids.opendmarc; - }); + }; + }; - users.groups = optionalAttrs (cfg.group == "opendmarc") (singleton - { name = "opendmarc"; + users.groups = optionalAttrs (cfg.group == "opendmarc") { + opendmarc = { gid = config.ids.gids.opendmarc; - }); + }; + }; environment.systemPackages = [ pkgs.opendmarc ]; diff --git a/modules/private/certificates.nix b/modules/private/certificates.nix index 2bf2730..82ff52f 100644 --- a/modules/private/certificates.nix +++ b/modules/private/certificates.nix @@ -12,7 +12,6 @@ (lib.optionalString config.services.httpd.Inte.enable "systemctl reload httpdInte.service") (lib.optionalString config.services.nginx.enable "systemctl reload nginx.service") ]; - plugins = [ "cert.pem" "chain.pem" "fullchain.pem" "full.pem" "key.pem" "account_key.json" "account_reg.json"]; }; description = "Default configuration for certificates"; }; @@ -30,6 +29,7 @@ myServices.databasesCerts = config.myServices.certificates.certConfig; myServices.ircCerts = config.myServices.certificates.certConfig; + security.acme.acceptTerms = true; security.acme.preliminarySelfsigned = true; security.acme.certs = { @@ -39,18 +39,16 @@ }; systemd.services = lib.attrsets.mapAttrs' (k: v: - lib.attrsets.nameValuePair "acme-selfsigned-${k}" (lib.mkBefore { script = - (lib.optionalString (builtins.elem "cert.pem" v.plugins) '' + lib.attrsets.nameValuePair "acme-selfsigned-${k}" { script = lib.mkBefore '' cp $workdir/server.crt ${config.security.acme.certs."${k}".directory}/cert.pem chown '${v.user}:${v.group}' ${config.security.acme.certs."${k}".directory}/cert.pem chmod ${if v.allowKeysForGroup then "750" else "700"} ${config.security.acme.certs."${k}".directory}/cert.pem - '') + - (lib.optionalString (builtins.elem "chain.pem" v.plugins) '' + cp $workdir/ca.crt ${config.security.acme.certs."${k}".directory}/chain.pem chown '${v.user}:${v.group}' ${config.security.acme.certs."${k}".directory}/chain.pem chmod ${if v.allowKeysForGroup then "750" else "700"} ${config.security.acme.certs."${k}".directory}/chain.pem - '') - ; }) + ''; + } ) config.security.acme.certs // lib.attrsets.mapAttrs' (k: data: lib.attrsets.nameValuePair "acme-${k}" { diff --git a/modules/private/databases/mariadb.nix b/modules/private/databases/mariadb.nix index 04e4bd6..36edaeb 100644 --- a/modules/private/databases/mariadb.nix +++ b/modules/private/databases/mariadb.nix @@ -94,26 +94,27 @@ in { enable = true; package = cfg.package; dataDir = cfg.dataDir; - extraOptions = '' - ssl_ca = ${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt - ssl_key = ${config.security.acme.certs.mysql.directory}/key.pem - ssl_cert = ${config.security.acme.certs.mysql.directory}/fullchain.pem + settings = { + mysqld = { + ssl_ca = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"; + ssl_key = "${config.security.acme.certs.mysql.directory}/key.pem"; + ssl_cert = "${config.security.acme.certs.mysql.directory}/fullchain.pem"; - # for replication - log-bin=mariadb-bin - server-id=1 + # for replication + log-bin = "mariadb-bin"; + server-id = "1"; - # this introduces a small delay before storing on disk, but - # makes it order of magnitudes quicker - innodb_flush_log_at_trx_commit = 0 - ''; + # this introduces a small delay before storing on disk, but + # makes it order of magnitudes quicker + innodb_flush_log_at_trx_commit = "0"; + }; + }; }; users.users.mysql.extraGroups = [ "keys" ]; security.acme.certs."mysql" = config.myServices.databasesCerts // { user = "mysql"; group = "mysql"; - plugins = [ "fullchain.pem" "key.pem" "account_key.json" "account_reg.json" ]; domain = "db-1.immae.eu"; postRun = '' systemctl restart mysql.service @@ -164,23 +165,21 @@ in { security.pam.services = let pam_ldap = "${pkgs.pam_ldap}/lib/security/pam_ldap.so"; - in [ - { - name = "mysql"; + in { + mysql = { text = '' # https://mariadb.com/kb/en/mariadb/pam-authentication-plugin/ auth required ${pam_ldap} config=${config.secrets.location}/mysql/pam account required ${pam_ldap} config=${config.secrets.location}/mysql/pam ''; - } - { - name = "mysql_replication"; + }; + mysql_replication = { text = '' auth required ${pam_ldap} config=${config.secrets.location}/mysql/pam_replication account required ${pam_ldap} config=${config.secrets.location}/mysql/pam_replication ''; - } - ]; + }; + }; }; } diff --git a/modules/private/databases/openldap/default.nix b/modules/private/databases/openldap/default.nix index efe9379..302aa04 100644 --- a/modules/private/databases/openldap/default.nix +++ b/modules/private/databases/openldap/default.nix @@ -107,7 +107,6 @@ in security.acme.certs."ldap" = config.myServices.databasesCerts // { user = "openldap"; group = "openldap"; - plugins = [ "fullchain.pem" "key.pem" "cert.pem" "account_key.json" "account_reg.json" ]; domain = "ldap.immae.eu"; postRun = '' systemctl restart openldap.service diff --git a/modules/private/databases/postgresql.nix b/modules/private/databases/postgresql.nix index d0b1a75..c442a63 100644 --- a/modules/private/databases/postgresql.nix +++ b/modules/private/databases/postgresql.nix @@ -100,7 +100,6 @@ in { security.acme.certs."postgresql" = config.myServices.databasesCerts // { user = "postgres"; group = "postgres"; - plugins = [ "fullchain.pem" "key.pem" "account_key.json" "account_reg.json" ]; domain = "db-1.immae.eu"; postRun = '' systemctl reload postgresql.service @@ -212,22 +211,20 @@ in { security.pam.services = let pam_ldap = "${pkgs.pam_ldap}/lib/security/pam_ldap.so"; - in [ - { - name = "postgresql"; + in { + postgresql = { text = '' auth required ${pam_ldap} config=${config.secrets.location}/postgresql/pam account required ${pam_ldap} config=${config.secrets.location}/postgresql/pam ''; - } - { - name = "postgresql_replication"; + }; + postgresql_replication = { text = '' auth required ${pam_ldap} config=${config.secrets.location}/postgresql/pam_replication account required ${pam_ldap} config=${config.secrets.location}/postgresql/pam_replication ''; - } - ]; + }; + }; }; } diff --git a/modules/private/ftp.nix b/modules/private/ftp.nix index 417af87..8ae4e65 100644 --- a/modules/private/ftp.nix +++ b/modules/private/ftp.nix @@ -32,16 +32,13 @@ in }; }; - users.users = [ - { - name = "ftp"; - uid = config.ids.uids.ftp; # 8 - group = "ftp"; - description = "Anonymous FTP user"; - home = "/homeless-shelter"; - extraGroups = [ "keys" ]; - } - ]; + users.users.ftp = { + uid = config.ids.uids.ftp; # 8 + group = "ftp"; + description = "Anonymous FTP user"; + home = "/homeless-shelter"; + extraGroups = [ "keys" ]; + }; users.groups.ftp.gid = config.ids.gids.ftp; diff --git a/modules/private/monitoring/status.nix b/modules/private/monitoring/status.nix index d25d934..7810a1f 100644 --- a/modules/private/monitoring/status.nix +++ b/modules/private/monitoring/status.nix @@ -34,7 +34,11 @@ locations."/".proxyPass = "http://unix:/run/naemon-status/socket.sock:/"; }; }; - security.acme.certs."${name}".extraDomains."status.immae.eu" = null; + security.acme.certs."${name}" = { + extraDomains."status.immae.eu" = null; + user = config.services.nginx.user; + group = config.services.nginx.group; + }; myServices.certificates.enable = true; networking.firewall.allowedTCPPorts = [ 80 443 ]; diff --git a/modules/private/system.nix b/modules/private/system.nix index 64fc2d9..70b74d0 100644 --- a/modules/private/system.nix +++ b/modules/private/system.nix @@ -65,21 +65,10 @@ users.mutableUsers = false; environment.etc.cnagios.source = "${pkgs.cnagios}/share/doc/cnagios"; - environment.systemPackages = - let - home-manager = builtins.fetchGit { - url = "https://github.com/rycee/home-manager.git"; - rev = "ef64bc598f28818d56c86629dad98b468af9c071"; - ref = "release-19.03"; - }; - in - [ - pkgs.git - pkgs.vim - ] ++ - (lib.optional - (builtins.length (config.hostEnv.users pkgs) > 0) - ((pkgs.callPackage home-manager {}).home-manager) - ); + environment.systemPackages = [ + pkgs.git + pkgs.vim + ] ++ + (lib.optional (builtins.length (config.hostEnv.users pkgs) > 0) pkgs.home-manager); }; } diff --git a/modules/private/system/backup-2.nix b/modules/private/system/backup-2.nix index 4e24c12..6829f1b 100644 --- a/modules/private/system/backup-2.nix +++ b/modules/private/system/backup-2.nix @@ -1,5 +1,5 @@ { privateFiles }: -{ config, pkgs, resources, ... }: +{ config, pkgs, resources, name, ... }: { boot.kernelPackages = pkgs.linuxPackages_latest; myEnv = import "${privateFiles}/environment.nix" // { inherit privateFiles; }; @@ -35,6 +35,10 @@ }; myServices.certificates.enable = true; + security.acme.certs."${name}" = { + user = config.services.nginx.user; + group = config.services.nginx.group; + }; services.nginx = { enable = true; recommendedOptimisation = true; diff --git a/modules/private/system/dilion.nix b/modules/private/system/dilion.nix index 788c2dc..911c76d 100644 --- a/modules/private/system/dilion.nix +++ b/modules/private/system/dilion.nix @@ -101,8 +101,8 @@ # This is equivalent to setting environment.sessionVariables.NIX_PATH nix.nixPath = [ - "home-manager=https://github.com/rycee/home-manager/archive/release-19.03.tar.gz" - "nixpkgs=https://nixos.org/channels/nixos-19.03/nixexprs.tar.xz" + "home-manager=https://github.com/rycee/home-manager/archive/master.tar.gz" + "nixpkgs=https://nixos.org/channels/nixos-unstable/nixexprs.tar.xz" ]; nix.binaryCaches = [ "https://hydra.iohk.io" "https://cache.nixos.org" ]; nix.binaryCachePublicKeys = [ "hydra.iohk.io:f/Ea+s+dFdN+3Y/G+FDgSq+a5NEWhJGzdjvKNGv0/EQ=" ]; diff --git a/modules/private/tasks/default.nix b/modules/private/tasks/default.nix index 42cc8d2..43d40d6 100644 --- a/modules/private/tasks/default.nix +++ b/modules/private/tasks/default.nix @@ -197,7 +197,6 @@ in { security.acme.certs."task" = config.myServices.certificates.certConfig // { inherit user group; - plugins = [ "fullchain.pem" "key.pem" "cert.pem" "account_key.json" "account_reg.json" ]; domain = fqdn; postRun = '' systemctl restart taskserver.service diff --git a/modules/webapps/diaspora.nix b/modules/webapps/diaspora.nix index 65599b7..d9e9989 100644 --- a/modules/webapps/diaspora.nix +++ b/modules/webapps/diaspora.nix @@ -108,19 +108,21 @@ in }; config = lib.mkIf cfg.enable { - users.users = lib.optionalAttrs (cfg.user == name) (lib.singleton { - inherit name; - inherit uid; - group = cfg.group; - description = "Diaspora user"; - home = cfg.dataDir; - packages = [ cfg.workdir.gems pkgs.nodejs cfg.workdir.gems.ruby ]; - useDefaultShell = true; - }); - users.groups = lib.optionalAttrs (cfg.group == name) (lib.singleton { - inherit name; - inherit gid; - }); + users.users = lib.optionalAttrs (cfg.user == name) { + "${name}" = { + inherit uid; + group = cfg.group; + description = "Diaspora user"; + home = cfg.dataDir; + packages = [ cfg.workdir.gems pkgs.nodejs cfg.workdir.gems.ruby ]; + useDefaultShell = true; + }; + }; + users.groups = lib.optionalAttrs (cfg.group == name) { + "${name}" = { + inherit gid; + }; + }; systemd.services.diaspora = { description = "Diaspora"; diff --git a/modules/webapps/mastodon.nix b/modules/webapps/mastodon.nix index 68531cf..cd550c0 100644 --- a/modules/webapps/mastodon.nix +++ b/modules/webapps/mastodon.nix @@ -96,18 +96,20 @@ in }; config = lib.mkIf cfg.enable { - users.users = lib.optionalAttrs (cfg.user == name) (lib.singleton { - inherit name; - inherit uid; - group = cfg.group; - description = "Mastodon user"; - home = cfg.dataDir; - useDefaultShell = true; - }); - users.groups = lib.optionalAttrs (cfg.group == name) (lib.singleton { - inherit name; - inherit gid; - }); + users.users = lib.optionalAttrs (cfg.user == name) { + "${name}" = { + inherit uid; + group = cfg.group; + description = "Mastodon user"; + home = cfg.dataDir; + useDefaultShell = true; + }; + }; + users.groups = lib.optionalAttrs (cfg.group == name) { + "${name}" = { + inherit gid; + }; + }; systemd.services.mastodon-streaming = { description = "Mastodon Streaming"; diff --git a/modules/webapps/mediagoblin.nix b/modules/webapps/mediagoblin.nix index 78bbef6..dbc4c2b 100644 --- a/modules/webapps/mediagoblin.nix +++ b/modules/webapps/mediagoblin.nix @@ -151,18 +151,20 @@ in }; config = lib.mkIf cfg.enable { - users.users = lib.optionalAttrs (cfg.user == name) (lib.singleton { - inherit name; - inherit uid; - group = cfg.group; - description = "Mediagoblin user"; - home = cfg.dataDir; - useDefaultShell = true; - }); - users.groups = lib.optionalAttrs (cfg.group == name) (lib.singleton { - inherit name; - inherit gid; - }); + users.users = lib.optionalAttrs (cfg.user == name) { + "${name}" = { + inherit uid; + group = cfg.group; + description = "Mediagoblin user"; + home = cfg.dataDir; + useDefaultShell = true; + }; + }; + users.groups = lib.optionalAttrs (cfg.group == name) { + "${name}" = { + inherit gid; + }; + }; systemd.services.mediagoblin-web = { description = "Mediagoblin service"; diff --git a/modules/webapps/peertube.nix b/modules/webapps/peertube.nix index 89dcc67..281ff8b 100644 --- a/modules/webapps/peertube.nix +++ b/modules/webapps/peertube.nix @@ -53,18 +53,20 @@ in }; config = lib.mkIf cfg.enable { - users.users = lib.optionalAttrs (cfg.user == name) (lib.singleton { - inherit name; - inherit uid; - group = cfg.group; - description = "Peertube user"; - home = cfg.dataDir; - useDefaultShell = true; - }); - users.groups = lib.optionalAttrs (cfg.group == name) (lib.singleton { - inherit name; - inherit gid; - }); + users.users = lib.optionalAttrs (cfg.user == name) { + "${name}" = { + inherit uid; + group = cfg.group; + description = "Peertube user"; + home = cfg.dataDir; + useDefaultShell = true; + }; + }; + users.groups = lib.optionalAttrs (cfg.group == name) { + "${name}" = { + inherit gid; + }; + }; systemd.services.peertube = { description = "Peertube"; diff --git a/modules/websites/httpd-service-builder.nix b/modules/websites/httpd-service-builder.nix index ec79a90..c5f72f9 100644 --- a/modules/websites/httpd-service-builder.nix +++ b/modules/websites/httpd-service-builder.nix @@ -470,7 +470,7 @@ in }; virtualHosts = mkOption { - type = with types; attrsOf (submodule (import ./vhost-options.nix)); + type = with types; attrsOf (submodule (import )); default = { localhost = { documentRoot = "${pkg}/htdocs"; diff --git a/modules/websites/location-options.nix b/modules/websites/location-options.nix deleted file mode 100644 index 8ea88f9..0000000 --- a/modules/websites/location-options.nix +++ /dev/null @@ -1,54 +0,0 @@ -{ config, lib, name, ... }: -let - inherit (lib) mkOption types; -in -{ - options = { - - proxyPass = mkOption { - type = with types; nullOr str; - default = null; - example = "http://www.example.org/"; - description = '' - Sets up a simple reverse proxy as described by . - ''; - }; - - index = mkOption { - type = with types; nullOr str; - default = null; - example = "index.php index.html"; - description = '' - Adds DirectoryIndex directive. See . - ''; - }; - - alias = mkOption { - type = with types; nullOr path; - default = null; - example = "/your/alias/directory"; - description = '' - Alias directory for requests. See . - ''; - }; - - extraConfig = mkOption { - type = types.lines; - default = ""; - description = '' - These lines go to the end of the location verbatim. - ''; - }; - - priority = mkOption { - type = types.int; - default = 1000; - description = '' - Order of this location block in relation to the others in the vhost. - The semantics are the same as with `lib.mkOrder`. Smaller values have - a greater priority. - ''; - }; - - }; -} diff --git a/modules/websites/vhost-options.nix b/modules/websites/vhost-options.nix deleted file mode 100644 index 263980a..0000000 --- a/modules/websites/vhost-options.nix +++ /dev/null @@ -1,275 +0,0 @@ -{ config, lib, name, ... }: -let - inherit (lib) literalExample mkOption nameValuePair types; -in -{ - options = { - - hostName = mkOption { - type = types.str; - default = name; - description = "Canonical hostname for the server."; - }; - - serverAliases = mkOption { - type = types.listOf types.str; - default = []; - example = ["www.example.org" "www.example.org:8080" "example.org"]; - description = '' - Additional names of virtual hosts served by this virtual host configuration. - ''; - }; - - listen = mkOption { - type = with types; listOf (submodule ({ - options = { - port = mkOption { - type = types.port; - description = "Port to listen on"; - }; - ip = mkOption { - type = types.str; - default = "*"; - description = "IP to listen on. 0.0.0.0 for IPv4 only, * for all."; - }; - ssl = mkOption { - type = types.bool; - default = false; - description = "Whether to enable SSL (https) support."; - }; - }; - })); - default = []; - example = [ - { ip = "195.154.1.1"; port = 443; ssl = true;} - { ip = "192.154.1.1"; port = 80; } - { ip = "*"; port = 8080; } - ]; - description = '' - Listen addresses and ports for this virtual host. - - This option overrides addSSL, forceSSL and onlySSL. - - ''; - }; - - enableSSL = mkOption { - type = types.bool; - visible = false; - default = false; - }; - - addSSL = mkOption { - type = types.bool; - default = false; - description = '' - Whether to enable HTTPS in addition to plain HTTP. This will set defaults for - listen to listen on all interfaces on the respective default - ports (80, 443). - ''; - }; - - onlySSL = mkOption { - type = types.bool; - default = false; - description = '' - Whether to enable HTTPS and reject plain HTTP connections. This will set - defaults for listen to listen on all interfaces on port 443. - ''; - }; - - forceSSL = mkOption { - type = types.bool; - default = false; - description = '' - Whether to add a separate nginx server block that permanently redirects (301) - all plain HTTP traffic to HTTPS. This will set defaults for - listen to listen on all interfaces on the respective default - ports (80, 443), where the non-SSL listens are used for the redirect vhosts. - ''; - }; - - enableACME = mkOption { - type = types.bool; - default = false; - description = '' - Whether to ask Let's Encrypt to sign a certificate for this vhost. - Alternately, you can use an existing certificate through . - ''; - }; - - useACMEHost = mkOption { - type = types.nullOr types.str; - default = null; - description = '' - A host of an existing Let's Encrypt certificate to use. - This is useful if you have many subdomains and want to avoid hitting the - rate limit. - Alternately, you can generate a certificate through . - Note that this option does not create any certificates, nor it does add subdomains to existing ones – you will need to create them manually using . - ''; - }; - - acmeRoot = mkOption { - type = types.str; - default = "/var/lib/acme/acme-challenges"; - description = "Directory for the acme challenge which is PUBLIC, don't put certs or keys in here"; - }; - - sslServerCert = mkOption { - type = types.path; - example = "/var/host.cert"; - description = "Path to server SSL certificate."; - }; - - sslServerKey = mkOption { - type = types.path; - example = "/var/host.key"; - description = "Path to server SSL certificate key."; - }; - - sslServerChain = mkOption { - type = types.nullOr types.path; - default = null; - example = "/var/ca.pem"; - description = "Path to server SSL chain file."; - }; - - http2 = mkOption { - type = types.bool; - default = false; - description = '' - Whether to enable HTTP 2. HTTP/2 is supported in all multi-processing modules that come with httpd. However, if you use the prefork mpm, there will - be severe restrictions. Refer to for details. - ''; - }; - - adminAddr = mkOption { - type = types.nullOr types.str; - default = null; - example = "admin@example.org"; - description = "E-mail address of the server administrator."; - }; - - documentRoot = mkOption { - type = types.nullOr types.path; - default = null; - example = "/data/webserver/docs"; - description = '' - The path of Apache's document root directory. If left undefined, - an empty directory in the Nix store will be used as root. - ''; - }; - - servedDirs = mkOption { - type = types.listOf types.attrs; - default = []; - example = [ - { urlPath = "/nix"; - dir = "/home/eelco/Dev/nix-homepage"; - } - ]; - description = '' - This option provides a simple way to serve static directories. - ''; - }; - - servedFiles = mkOption { - type = types.listOf types.attrs; - default = []; - example = [ - { urlPath = "/foo/bar.png"; - file = "/home/eelco/some-file.png"; - } - ]; - description = '' - This option provides a simple way to serve individual, static files. - - - This option has been deprecated and will be removed in a future - version of NixOS. You can achieve the same result by making use of - the locations.<name>.alias option. - - ''; - }; - - extraConfig = mkOption { - type = types.lines; - default = ""; - example = '' - - Options FollowSymlinks - AllowOverride All - - ''; - description = '' - These lines go to httpd.conf verbatim. They will go after - directories and directory aliases defined by default. - ''; - }; - - enableUserDir = mkOption { - type = types.bool; - default = false; - description = '' - Whether to enable serving ~/public_html as - /~username. - ''; - }; - - globalRedirect = mkOption { - type = types.nullOr types.str; - default = null; - example = http://newserver.example.org/; - description = '' - If set, all requests for this host are redirected permanently to - the given URL. - ''; - }; - - logFormat = mkOption { - type = types.str; - default = "common"; - example = "combined"; - description = '' - Log format for Apache's log files. Possible values are: combined, common, referer, agent. - ''; - }; - - robotsEntries = mkOption { - type = types.lines; - default = ""; - example = "Disallow: /foo/"; - description = '' - Specification of pages to be ignored by web crawlers. See for details. - ''; - }; - - locations = mkOption { - type = with types; attrsOf (submodule (import ./location-options.nix)); - default = {}; - example = literalExample '' - { - "/" = { - proxyPass = "http://localhost:3000"; - }; - "/foo/bar.png" = { - alias = "/home/eelco/some-file.png"; - }; - }; - ''; - description = '' - Declarative location config. See for details. - ''; - }; - - }; - - config = { - - locations = builtins.listToAttrs (map (elem: nameValuePair elem.urlPath { alias = elem.file; }) config.servedFiles); - - }; -} diff --git a/nix/sources.json b/nix/sources.json index 7c306c9..09c4455 100644 --- a/nix/sources.json +++ b/nix/sources.json @@ -18,27 +18,27 @@ "url_template": "https://github.com///archive/.tar.gz" }, "nixpkgs": { - "branch": "nixos-19.03", + "branch": "nixos-unstable", "description": "A read-only mirror of NixOS/nixpkgs tracking the released channels. Send issues and PRs to", "homepage": "https://github.com/NixOS/nixpkgs", "owner": "NixOS", "repo": "nixpkgs-channels", - "rev": "34c7eb7545d155cc5b6f499b23a7cb1c96ab4d59", - "sha256": "11z6ajj108fy2q5g8y4higlcaqncrbjm3dnv17pvif6avagw4mcb", + "rev": "ae6bdcc53584aaf20211ce1814bea97ece08a248", + "sha256": "0hjhznns1cxgl3hww2d5si6vhy36pnm53hms9h338v6r633dcy77", "type": "tarball", - "url": "https://github.com/NixOS/nixpkgs-channels/archive/34c7eb7545d155cc5b6f499b23a7cb1c96ab4d59.tar.gz", + "url": "https://github.com/NixOS/nixpkgs-channels/archive/ae6bdcc53584aaf20211ce1814bea97ece08a248.tar.gz", "url_template": "https://github.com///archive/.tar.gz" }, "nixpkgs-nixops": { - "branch": "nixos-19.09", + "branch": "nixos-unstable", "description": "A read-only mirror of NixOS/nixpkgs tracking the released channels. Send issues and PRs to", "homepage": "https://github.com/NixOS/nixpkgs", "owner": "NixOS", "repo": "nixpkgs-channels", - "rev": "856dbd1a5c7fd826cf3668ff12a7389be0686f41", - "sha256": "1d895i1lc25d2akniaqg2n1jrg2rcd1gih8rpmhyrlv4lpggfmsx", + "rev": "ae6bdcc53584aaf20211ce1814bea97ece08a248", + "sha256": "0hjhznns1cxgl3hww2d5si6vhy36pnm53hms9h338v6r633dcy77", "type": "tarball", - "url": "https://github.com/NixOS/nixpkgs-channels/archive/856dbd1a5c7fd826cf3668ff12a7389be0686f41.tar.gz", + "url": "https://github.com/NixOS/nixpkgs-channels/archive/ae6bdcc53584aaf20211ce1814bea97ece08a248.tar.gz", "url_template": "https://github.com///archive/.tar.gz" }, "nixpkgs-nixops-next": { diff --git a/nixops/Makefile b/nixops/Makefile index 8caf8b1..3cbf50b 100644 --- a/nixops/Makefile +++ b/nixops/Makefile @@ -55,10 +55,10 @@ dry-run: $(NIXOPS_PRIV) deploy --dry-run build: - $(NIXOPS_PRIV) deploy --build-only --max-jobs 1 + $(NIXOPS_PRIV) deploy --build-only --keep-going upload: - $(NIXOPS_PRIV) deploy --copy-only --max-concurrent-copy 1 + $(NIXOPS_PRIV) deploy --copy-only deploy: $(NIXOPS_PRIV) deploy diff --git a/overlays/bonfire/default.nix b/overlays/bonfire/default.nix new file mode 100644 index 0000000..68bde20 --- /dev/null +++ b/overlays/bonfire/default.nix @@ -0,0 +1,24 @@ +self: super: { + bonfire = let + click = self.python3Packages.click.overridePythonAttrs(old: rec { + version = "6.7"; + src = self.python3Packages.fetchPypi { + pname = "click"; + inherit version; + sha256 = "02qkfpykbq35id8glfgwc38yc430427yd05z1wc5cnld8zgicmgi"; + }; + }); + in + super.bonfire.overridePythonAttrs(old: { + version = "0.0.8"; + src = self.fetchFromGitHub { + owner = "blue-yonder"; + repo = "bonfire"; + rev = "0a0f18469d484aba6871fa7421bbb2c00ccefcb0"; + sha256 = "1y2r537ibghhmk6jngw0zwvh1vn2bihqcvji50ffh1j0qc6q3x6x"; + }; + postPatch = ""; + propagatedBuildInputs = self.lib.remove self.python3Packages.click old.propagatedBuildInputs ++ [ click ]; + meta.broken = false; + }); +} diff --git a/overlays/databases/mysql/default.nix b/overlays/databases/mysql/default.nix index 797332b..24bad1b 100644 --- a/overlays/databases/mysql/default.nix +++ b/overlays/databases/mysql/default.nix @@ -3,16 +3,5 @@ self: super: rec { mariadbPAM = super.mariadb.overrideAttrs(old: { cmakeFlags = old.cmakeFlags ++ [ "-DWITH_AUTHENTICATION_PAM=ON" ]; buildInputs = old.buildInputs ++ [ self.pam ]; - postInstall = old.postInstall + '' - # FIXME: hack because mariadb cannot find dialog.so - # fixed in 20.03: https://github.com/NixOS/nixpkgs/pull/80768 - ln -s /nix $out/nix - cp "$dev"/lib/mysql/plugin/{caching_sha2_password.so,dialog.so,mysql_clear_password.so,sha256_password.so} "$out"/lib/mysql/plugin - ''; - }) // (with super.mariadb; { - inherit client; - servier = super.mariadb; - inherit connector-c; - inherit galera; }); } diff --git a/overlays/default.nix b/overlays/default.nix index b488fd7..881083d 100644 --- a/overlays/default.nix +++ b/overlays/default.nix @@ -4,6 +4,7 @@ bitlbee = import ./bitlbee; bitlbee-discord = import ./bitlbee-discord; + bonfire = import ./bonfire; bundix = import ./bundix; dwm = import ./dwm; elinks = import ./elinks; @@ -13,24 +14,20 @@ ldapvi = import ./ldapvi; lesspipe = import ./lesspipe; mysql = import ./databases/mysql; - neomutt = import ./neomutt; nixops = import ./nixops; pass = import ./pass; pelican = import ./pelican; postgresql = import ./databases/postgresql; - profanity = import ./profanity; s6 = import ./s6; sc-im = import ./sc-im; shaarli = import ./shaarli; slrn = import ./slrn; taskwarrior = import ./taskwarrior; vcsh = import ./vcsh; - vit = import ./vit; weboob = import ./weboob; weechat = import ./weechat; ympd = import ./ympd; doing = import ./doing; xmr-stak = import ./xmr-stak; - simp_le = import ./simp_le; } // import ./python-packages diff --git a/overlays/neomutt/commands.patch b/overlays/neomutt/commands.patch deleted file mode 100644 index 6c910cf..0000000 --- a/overlays/neomutt/commands.patch +++ /dev/null @@ -1,87 +0,0 @@ -commit 763056828abe9716c4dfce754a47d8ecdefb3029 -Author: Ismaël Bouya -Date: Mon Feb 10 16:13:33 2020 +0100 - - Fix commands that don’t need to have a non-empty mailbox to be valid - - Some commands act on the whole mailbox (tag-pattern, delete-pattern, - search), and even though they don’t do anything when the mailbox is - empty, there is no reason to fail when it happens. This commit removes - the check that the mailbox is non-empty before doing said actions. - -diff --git a/index.c b/index.c -index 0f4b9f99f..0adfc19f1 100644 ---- a/index.c -+++ b/index.c -@@ -1642,7 +1642,7 @@ int mutt_index_menu(struct MuttWindow *dlg) - case OP_JUMP: - { - int msg_num = 0; -- if (!prereq(Context, menu, CHECK_IN_MAILBOX | CHECK_MSGCOUNT | CHECK_VISIBLE)) -+ if (!prereq(Context, menu, CHECK_IN_MAILBOX)) - break; - if (isdigit(LastKey)) - mutt_unget_event(LastKey, 0); -@@ -1687,7 +1687,7 @@ int mutt_index_menu(struct MuttWindow *dlg) - - case OP_MAIN_DELETE_PATTERN: - if (!prereq(Context, menu, -- CHECK_IN_MAILBOX | CHECK_MSGCOUNT | CHECK_VISIBLE | CHECK_READONLY | CHECK_ATTACH)) -+ CHECK_IN_MAILBOX | CHECK_READONLY | CHECK_ATTACH)) - { - break; - } -@@ -1852,12 +1852,17 @@ int mutt_index_menu(struct MuttWindow *dlg) - menu->redraw = REDRAW_FULL; - break; - -- case OP_SEARCH: -+ // Initiating a search can happen on an empty mailbox, but -+ // searching for next/previous/... needs to be on a message and -+ // thus a non-empty mailbox - case OP_SEARCH_REVERSE: - case OP_SEARCH_NEXT: - case OP_SEARCH_OPPOSITE: - if (!prereq(Context, menu, CHECK_IN_MAILBOX | CHECK_MSGCOUNT | CHECK_VISIBLE)) - break; -+ case OP_SEARCH: -+ if (!prereq(Context, menu, CHECK_IN_MAILBOX)) -+ break; - menu->current = mutt_search_command(menu->current, op); - if (menu->current == -1) - menu->current = menu->oldcurrent; -@@ -1926,14 +1931,14 @@ int mutt_index_menu(struct MuttWindow *dlg) - } - - case OP_MAIN_TAG_PATTERN: -- if (!prereq(Context, menu, CHECK_IN_MAILBOX | CHECK_MSGCOUNT | CHECK_VISIBLE)) -+ if (!prereq(Context, menu, CHECK_IN_MAILBOX)) - break; - mutt_pattern_func(MUTT_TAG, _("Tag messages matching: ")); - menu->redraw |= REDRAW_INDEX | REDRAW_STATUS; - break; - - case OP_MAIN_UNDELETE_PATTERN: -- if (!prereq(Context, menu, CHECK_IN_MAILBOX | CHECK_MSGCOUNT | CHECK_VISIBLE | CHECK_READONLY)) -+ if (!prereq(Context, menu, CHECK_IN_MAILBOX | CHECK_READONLY)) - break; - /* L10N: CHECK_ACL */ - /* L10N: Due to the implementation details we do not know whether we -@@ -1950,7 +1955,7 @@ int mutt_index_menu(struct MuttWindow *dlg) - break; - - case OP_MAIN_UNTAG_PATTERN: -- if (!prereq(Context, menu, CHECK_IN_MAILBOX | CHECK_MSGCOUNT | CHECK_VISIBLE)) -+ if (!prereq(Context, menu, CHECK_IN_MAILBOX)) - break; - if (mutt_pattern_func(MUTT_UNTAG, _("Untag messages matching: ")) == 0) - menu->redraw |= REDRAW_INDEX | REDRAW_STATUS; -@@ -3189,7 +3194,7 @@ int mutt_index_menu(struct MuttWindow *dlg) - } - - case OP_MAIN_COLLAPSE_ALL: -- if (!prereq(Context, menu, CHECK_IN_MAILBOX | CHECK_MSGCOUNT | CHECK_VISIBLE)) -+ if (!prereq(Context, menu, CHECK_IN_MAILBOX)) - break; - - if ((C_Sort & SORT_MASK) != SORT_THREADS) diff --git a/overlays/neomutt/default.nix b/overlays/neomutt/default.nix deleted file mode 100644 index 0b23734..0000000 --- a/overlays/neomutt/default.nix +++ /dev/null @@ -1,18 +0,0 @@ -self: super: { - neomutt = super.neomutt.overrideAttrs (old: - rec { - name = "neomutt-${version}"; - version = "20191207"; - src = self.fetchFromGitHub { - owner = "neomutt"; - repo = "neomutt"; - rev = version; - sha256 = "16xr7wdmjw0i72xbnyyh098wx4cr0m8w2cr1szdi1b14p4kpgr67"; - }; - patches = old.patches or [] ++ [ ./commands.patch ]; - buildInputs = old.buildInputs ++ [ self.gdbm ]; - configureFlags = old.configureFlags ++ [ "--gdbm" ]; - doCheck = false; - } - ); -} diff --git a/overlays/pelican/default.nix b/overlays/pelican/default.nix index 5a487aa..4f8aece 100644 --- a/overlays/pelican/default.nix +++ b/overlays/pelican/default.nix @@ -1,6 +1,7 @@ self: super: { pelican = with self.python3Packages; - pelican.overrideAttrs(old: self.mylibs.fetchedGithub ./pelican.json // { + pelican.overrideAttrs(old: { propagatedBuildInputs = old.propagatedBuildInputs ++ [ pyyaml markdown ]; + doInstallCheck = false; }); } diff --git a/overlays/pelican/pelican.json b/overlays/pelican/pelican.json deleted file mode 100644 index d8f4425..0000000 --- a/overlays/pelican/pelican.json +++ /dev/null @@ -1,15 +0,0 @@ -{ - "tag": "4.0.1", - "meta": { - "name": "pelican", - "url": "https://github.com/getpelican/pelican", - "branch": "refs/tags/4.0.1" - }, - "github": { - "owner": "getpelican", - "repo": "pelican", - "rev": "24d6efa9fda4ad45649ddf88c1c596193d589bf8", - "sha256": "09fcwnnfln0cl5v0qpxzrllj27znrg6dbhaksxrl0192c3mbyjvl", - "fetchSubmodules": true - } -} diff --git a/overlays/profanity/default.nix b/overlays/profanity/default.nix deleted file mode 100644 index 64fae49..0000000 --- a/overlays/profanity/default.nix +++ /dev/null @@ -1,20 +0,0 @@ -self: super: { - profanity = (super.profanity.override { - notifySupport = true; - inherit (self) libnotify gpgme gdk_pixbuf; - python = self.python3; - }).overrideAttrs (old: rec { - version = "0.7.1"; - pname = "profanity"; - name = "profanity-0.7.1"; - src = self.fetchFromGitHub { - owner = "profanity-im"; - repo = "profanity"; - rev = version; - sha256 = "1mcgr86wqyzqx7mqxfkk2jwx6cgnvrky3zi4v1ww0lh6j05wj9gf"; - }; - patches = builtins.tail old.patches; - buildInputs = old.buildInputs ++ [ self.libsignal-protocol-c self.libgcrypt ]; - configureFlags = old.configureFlags ++ [ "--enable-plugins" "--enable-omemo" ]; - }); -} diff --git a/overlays/simp_le/default.nix b/overlays/simp_le/default.nix deleted file mode 100644 index 76891ed..0000000 --- a/overlays/simp_le/default.nix +++ /dev/null @@ -1,3 +0,0 @@ -self: super: { - simp_le = self.simp_le_0_17; -} diff --git a/overlays/vit/default.nix b/overlays/vit/default.nix deleted file mode 100644 index 4624284..0000000 --- a/overlays/vit/default.nix +++ /dev/null @@ -1,8 +0,0 @@ -self: super: -{ - vit = (super.vit.override { inherit (self) taskwarrior; }).overrideAttrs (old: - self.mylibs.fetchedGithub ./vit.json // { - buildInputs = old.buildInputs ++ (with self.perlPackages; [ TryTiny TextCharWidth ]); - } - ); -} diff --git a/overlays/vit/vit.json b/overlays/vit/vit.json deleted file mode 100644 index d062f68..0000000 --- a/overlays/vit/vit.json +++ /dev/null @@ -1,15 +0,0 @@ -{ - "tag": "dbacada-1.3", - "meta": { - "name": "vit", - "url": "https://github.com/scottkosty/vit", - "branch": "1.3" - }, - "github": { - "owner": "scottkosty", - "repo": "vit", - "rev": "dbacada5867b238fdf35dbf00a3ca0daf7703038", - "sha256": "1wlk62cv6dc0dqv8265xcx2l7ydzg40xf6l4qbrf6h5156ncc90l", - "fetchSubmodules": true - } -} diff --git a/overlays/weechat/default.nix b/overlays/weechat/default.nix index 17faa0e..e8cc792 100644 --- a/overlays/weechat/default.nix +++ b/overlays/weechat/default.nix @@ -2,9 +2,7 @@ self: super: { weechat = super.weechat.override { configure = { availablePlugins, ... }: { plugins = with self; with availablePlugins; [ - # Make sure websocket_client is not 0.55.0, it provokes - # regular crashes - (python.withPackages (ps: with ps; assert websocket_client.version == "0.54.0"; [websocket_client emoji])) + (python.withPackages (ps: with ps; [websocket_client emoji])) perl ruby ]; diff --git a/pkgs/crypto/cardano-cli/default.nix b/pkgs/crypto/cardano-cli/default.nix index 4bd18d9..3cd5a4c 100644 --- a/pkgs/crypto/cardano-cli/default.nix +++ b/pkgs/crypto/cardano-cli/default.nix @@ -11,6 +11,6 @@ rustPlatform.buildRustPackage rec { fetchSubmodules = true; }; - cargoSha256 = "1jra0635inm95xp7vg8l7s7ybijcy28956cd6jl8qw2p8bw0z1p3"; + cargoSha256 = "0j68dsqahvgpa9ms62149530lbfa55lmpd56rgdxkrh2z32lshs8"; verifyCargoDeps = true; } diff --git a/pkgs/crypto/iota-cli-app/default.nix b/pkgs/crypto/iota-cli-app/default.nix index 1a9d3ed..17d7714 100644 --- a/pkgs/crypto/iota-cli-app/default.nix +++ b/pkgs/crypto/iota-cli-app/default.nix @@ -1,6 +1,6 @@ -{ stdenv, mylibs, fetchurl, fetchgit, callPackage, nodePackages, nodejs-8_x }: +{ stdenv, mylibs, fetchurl, fetchgit, callPackage, nodePackages, nodejs-10_x }: let - nodeEnv = callPackage mylibs.nodeEnv { nodejs = nodejs-8_x; }; + nodeEnv = callPackage mylibs.nodeEnv { nodejs = nodejs-10_x; }; # built using node2nix -8 -l package-lock.json # and changing "./." to "src" packageEnv = import ./node-packages.nix { diff --git a/pkgs/mtop/default.nix b/pkgs/mtop/default.nix index 4a89430..3f6b6bc 100644 --- a/pkgs/mtop/default.nix +++ b/pkgs/mtop/default.nix @@ -1,6 +1,6 @@ { buildPerlPackage, fetchurl, perlPackages, lib }: buildPerlPackage rec { - name = "mtop-${version}"; + pname = "mtop"; version = "0.6.6"; src = fetchurl { url = "http://downloads.sourceforge.net/project/mtop/mtop/v${version}/mtop-${version}.tar.gz"; diff --git a/pkgs/note/default.nix b/pkgs/note/default.nix index 0c422bc..d5fcccd 100644 --- a/pkgs/note/default.nix +++ b/pkgs/note/default.nix @@ -1,8 +1,9 @@ { lib, buildPerlPackage, fetchurl, perlPackages }: buildPerlPackage rec { - name = "note-1.3.26"; + pname = "note"; + version = "1.3.26"; src = fetchurl { - url = "mirror://cpan/authors/id/T/TL/TLINDEN/${name}.tar.gz"; + url = "mirror://cpan/authors/id/T/TL/TLINDEN/${pname}-${version}.tar.gz"; sha256 = "1h645rnb5vpms48fcyzvp7cwwcbf9k5xq49w2bpniyzzgk2brjrq"; }; outputs = ["out" "man"]; diff --git a/pkgs/private/webapps/aten/default.nix b/pkgs/private/webapps/aten/default.nix index 5a726e9..9c4e29f 100644 --- a/pkgs/private/webapps/aten/default.nix +++ b/pkgs/private/webapps/aten/default.nix @@ -22,7 +22,7 @@ let postInstall = let nodeHeaders = fetchurl { url = "https://nodejs.org/download/release/v${nodejs.version}/node-v${nodejs.version}-headers.tar.gz"; - sha256 = "1g6zi96k8sbim8wa8rzskxy44mgpcv1mn2bs8p4mq36w3kwglwyj"; + sha256 = "1df3yhlwlvai0m9kvjyknjg11hnw0kj0rnhyzbwvsfjnmr6z8r76"; }; in '' diff --git a/pkgs/python-packages/buildbot/plugins/buildslist/default.nix b/pkgs/python-packages/buildbot/plugins/buildslist/default.nix index e5087e4..dc6104e 100644 --- a/pkgs/python-packages/buildbot/plugins/buildslist/default.nix +++ b/pkgs/python-packages/buildbot/plugins/buildslist/default.nix @@ -1,4 +1,4 @@ -{ mylibs, stdenv, runCommand, writeScriptBin, buildBowerComponents, pythonPackages, libsass, python, python2, fetchurl, jq, yarn, nodejs }: +{ mylibs, stdenv, runCommand, writeScriptBin, buildBowerComponents, pythonPackages, libsass, python, fetchurl, jq, yarn, nodejs }: let buildslist_src = mylibs.fetchedGit ./buildslist.json; packagejson = runCommand "package.json" { buildInputs = [ jq ]; } '' @@ -6,7 +6,7 @@ let ''; nodeHeaders = fetchurl { url = "https://nodejs.org/download/release/v${nodejs.version}/node-v${nodejs.version}-headers.tar.gz"; - sha256 = "1g6zi96k8sbim8wa8rzskxy44mgpcv1mn2bs8p4mq36w3kwglwyj"; + sha256 = "1df3yhlwlvai0m9kvjyknjg11hnw0kj0rnhyzbwvsfjnmr6z8r76"; }; buildslist_yarn = mylibs.yarn2nixPackage.mkYarnModules rec { name = "buildslist-yarn-modules"; diff --git a/pkgs/python-packages/wokkel.nix b/pkgs/python-packages/wokkel.nix index b34caec..3237f2b 100644 --- a/pkgs/python-packages/wokkel.nix +++ b/pkgs/python-packages/wokkel.nix @@ -7,5 +7,5 @@ buildPythonPackage rec { sha256 = "1spq44gg8gsviqx1dvlmjpgfc0wk0jpyx4ap01y2pad1ai9cw016"; }; propagatedBuildInputs = [ twisted.extras.tls twisted incremental dateutil ]; - doChecks = false; + doCheck = false; } diff --git a/pkgs/simp_le/default.nix b/pkgs/simp_le/default.nix deleted file mode 100644 index eaefba3..0000000 --- a/pkgs/simp_le/default.nix +++ /dev/null @@ -1,32 +0,0 @@ -{ stdenv, python3Packages, bash }: - -python3Packages.buildPythonApplication rec { - pname = "simp_le-client"; - version = "0.17.0"; - - src = python3Packages.fetchPypi { - inherit pname version; - sha256 = "0m1jynar4calaffp2zdxr5yy9vnhw2qf2hsfxwzfwf8fqb5h7bjb"; - }; - - postPatch = '' - # drop upper bound of idna requirement - sed -ri "s/'(idna)<[^']+'/'\1'/" setup.py - substituteInPlace simp_le.py \ - --replace "/bin/sh" "${bash}/bin/sh" - ''; - - checkPhase = '' - $out/bin/simp_le --test - ''; - - propagatedBuildInputs = with python3Packages; [ acme setuptools_scm josepy idna ]; - - meta = with stdenv.lib; { - homepage = https://github.com/zenhack/simp_le; - description = "Simple Let's Encrypt client"; - license = licenses.gpl3; - maintainers = with maintainers; [ gebner makefu ]; - platforms = platforms.linux; - }; -} diff --git a/pkgs/telegram-cli/default.nix b/pkgs/telegram-cli/default.nix index 6987748..87c93e5 100644 --- a/pkgs/telegram-cli/default.nix +++ b/pkgs/telegram-cli/default.nix @@ -1,8 +1,5 @@ { stdenv, mylibs, pkgconfig, libevent, lua, jansson, openssl, readline, zlib, libconfig }: stdenv.mkDerivation (mylibs.fetchedGithub ./telegram-cli.json // { - patches = [ - ./telegram-cli.patch - ]; buildInputs = [ pkgconfig libevent lua jansson openssl readline zlib libconfig ]; preBuild = '' sed -i -e 's@"/etc/" PROG_NAME "/server.pub"@"'$out'/etc/server.pub"@' main.c diff --git a/pkgs/telegram-cli/telegram-cli.json b/pkgs/telegram-cli/telegram-cli.json index 53e0a7b..2e7ed9a 100644 --- a/pkgs/telegram-cli/telegram-cli.json +++ b/pkgs/telegram-cli/telegram-cli.json @@ -1,15 +1,15 @@ { - "tag": "6547c0b-master", + "tag": "3da0e4a-master", "meta": { "name": "telegram-cli", - "url": "https://github.com/vysheng/tg", + "url": "https://github.com/kenorb-contrib/tg/", "branch": "master" }, "github": { - "owner": "vysheng", + "owner": "kenorb-contrib", "repo": "tg", - "rev": "6547c0b21b977b327b3c5e8142963f4bc246187a", - "sha256": "07sss5cnw2ygd7mp8f5532lmj7qm6ywqf4cjaq5g13i8igzqzwzj", + "rev": "3da0e4a54c3a63cee11aae3c23f2077adfc4949d", + "sha256": "0pvswzajipzkk1x5cyf10dw18ka9jalar0aa2i7y23ifm4ddnif4", "fetchSubmodules": true } } diff --git a/pkgs/telegram-cli/telegram-cli.patch b/pkgs/telegram-cli/telegram-cli.patch deleted file mode 100644 index 2d2b7b0..0000000 --- a/pkgs/telegram-cli/telegram-cli.patch +++ /dev/null @@ -1,90 +0,0 @@ -diff --git a/tgl/crypto/rsa_pem_openssl.c b/tgl/crypto/rsa_pem_openssl.c -index db653f2..5e6a697 100644 ---- a/tgl/crypto/rsa_pem_openssl.c -+++ b/tgl/crypto/rsa_pem_openssl.c -@@ -36,6 +36,12 @@ TGLC_WRAPPER_ASSOC(rsa,RSA) - // TODO: Refactor crucial struct-identity into its own header. - TGLC_WRAPPER_ASSOC(bn,BIGNUM) - -+/* -+ * Since OpenSSL version 1.1.0 the RSA struct (rsa_st) is opaque, -+ * see also https://wiki.openssl.org/index.php/OpenSSL_1.1.0_Changes -+ */ -+#if (OPENSSL_VERSION_NUMBER < 0x10100000L) -+ - TGLC_rsa *TGLC_rsa_new (unsigned long e, int n_bytes, const unsigned char *n) { - RSA *ret = RSA_new (); - ret->e = unwrap_bn (TGLC_bn_new ()); -@@ -47,7 +53,30 @@ TGLC_rsa *TGLC_rsa_new (unsigned long e, int n_bytes, const unsigned char *n) { - #define RSA_GETTER(M) \ - TGLC_bn *TGLC_rsa_ ## M (TGLC_rsa *key) { \ - return wrap_bn (unwrap_rsa (key)->M); \ -- } \ -+ } -+ -+#else // OPENSSL_VERSION_NUMBER -+ -+TGLC_rsa *TGLC_rsa_new (unsigned long e, int n_bytes, const unsigned char *n) { -+ RSA *ret = RSA_new (); -+ BIGNUM *ret_e = unwrap_bn (TGLC_bn_new ()); -+ BIGNUM *ret_n = unwrap_bn (TGLC_bn_bin2bn (n, n_bytes, NULL)); -+ RSA_set0_key (ret, ret_n, ret_e, NULL); -+ TGLC_bn_set_word (wrap_bn (ret_e), e); -+ return wrap_rsa (ret); -+} -+ -+#define RSA_GETTER(M) \ -+TGLC_bn *TGLC_rsa_ ## M (TGLC_rsa *key) { \ -+ BIGNUM *rsa_n, *rsa_e, *rsa_d; \ -+ RSA_get0_key(unwrap_rsa (key), \ -+ (const BIGNUM **) &rsa_n, \ -+ (const BIGNUM **) &rsa_e, \ -+ (const BIGNUM **) &rsa_d); \ -+ return wrap_bn (rsa_ ## M); \ -+} -+ -+#endif // OPENSSL_VERSION_NUMBER - - RSA_GETTER(n); - RSA_GETTER(e); -@@ -60,4 +89,4 @@ TGLC_rsa *TGLC_pem_read_RSAPublicKey (FILE *fp) { - return wrap_rsa (PEM_read_RSAPublicKey (fp, NULL, NULL, NULL)); - } - --#endif -+#endif // TGL_AVOID_OPENSSL -diff --git a/tgl/mtproto-utils.c b/tgl/mtproto-utils.c -index 0948bc8..cfdb216 100644 ---- a/tgl/mtproto-utils.c -+++ b/tgl/mtproto-utils.c -@@ -98,7 +98,7 @@ static unsigned long long BN2ull (TGLC_bn *b) { - if (sizeof (unsigned long) == 8) { - return TGLC_bn_get_word (b); - } else if (sizeof (unsigned long long) == 8) { -- assert (0); // As long as nobody ever uses this code, assume it is broken. -+// assert (0); // As long as nobody ever uses this code, assume it is broken. - unsigned long long tmp; - /* Here be dragons, but it should be okay due to be64toh */ - TGLC_bn_bn2bin (b, (unsigned char *) &tmp); -@@ -112,7 +112,7 @@ static void ull2BN (TGLC_bn *b, unsigned long long val) { - if (sizeof (unsigned long) == 8 || val < (1ll << 32)) { - TGLC_bn_set_word (b, val); - } else if (sizeof (unsigned long long) == 8) { -- assert (0); // As long as nobody ever uses this code, assume it is broken. -+// assert (0); // As long as nobody ever uses this code, assume it is broken. - htobe64(val); - /* Here be dragons, but it should be okay due to htobe64 */ - TGLC_bn_bin2bn ((unsigned char *) &val, 8, b); -diff --git a/tgl/tl-parser/tl-parser.c b/tgl/tl-parser/tl-parser.c -index 524b196..aeadbd2 100644 ---- a/tgl/tl-parser/tl-parser.c -+++ b/tgl/tl-parser/tl-parser.c -@@ -1903,7 +1903,7 @@ struct tl_combinator_tree *tl_parse_args134 (struct tree *T) { - //assert (S->data); - char *name = S->data; - if (!name) { -- static char s[20]; -+ static char s[21]; - sprintf (s, "%lld", lrand48 () * (1ll << 32) + lrand48 ()); - name = s; - } diff --git a/pkgs/terminal-velocity/default.nix b/pkgs/terminal-velocity/default.nix index 9e79dee..1a015c0 100644 --- a/pkgs/terminal-velocity/default.nix +++ b/pkgs/terminal-velocity/default.nix @@ -15,6 +15,10 @@ buildPythonApplication rec { ./fix_build.patch ]; + preCheck = '' + # Needed for urwid test + export LC_ALL=en_US.UTF-8 + ''; propagatedBuildInputs = [ chardet urwid diff --git a/pkgs/tiv/default.nix b/pkgs/tiv/default.nix index c03aabe..3e7a56c 100644 --- a/pkgs/tiv/default.nix +++ b/pkgs/tiv/default.nix @@ -1,6 +1,6 @@ { buildPerlPackage, fetchurl, perlPackages }: buildPerlPackage rec { - name = "tiv-${version}"; + pname = "tiv"; version = "2015"; src = fetchurl { url = "http://xyne.archlinux.ca/projects/tiv/src/tiv-${version}.tar.xz"; diff --git a/pkgs/webapps/mediagoblin/default.nix b/pkgs/webapps/mediagoblin/default.nix index f6393fe..c20bcb4 100644 --- a/pkgs/webapps/mediagoblin/default.nix +++ b/pkgs/webapps/mediagoblin/default.nix @@ -28,6 +28,8 @@ let inherit (old) pname; sha256 = "02wxsc6bhqvzh8j6w758kvgqbnj14l796mvmrcms8fgfamd2lak9"; }; + doCheck = false; + doInstallCheck = false; }); amqp = super.amqp.overridePythonAttrs(old: rec { version = "1.4.9"; diff --git a/pkgs/webapps/peertube/default.nix b/pkgs/webapps/peertube/default.nix index 8995419..9929106 100644 --- a/pkgs/webapps/peertube/default.nix +++ b/pkgs/webapps/peertube/default.nix @@ -3,7 +3,7 @@ let nodeHeaders = fetchurl { url = "https://nodejs.org/download/release/v${nodejs.version}/node-v${nodejs.version}-headers.tar.gz"; - sha256 = "1g6zi96k8sbim8wa8rzskxy44mgpcv1mn2bs8p4mq36w3kwglwyj"; + sha256 = "1df3yhlwlvai0m9kvjyknjg11hnw0kj0rnhyzbwvsfjnmr6z8r76"; }; patchedPackages = stdenv.mkDerivation (mylibs.fetchedGithub ./peertube.json // rec { patches = if ldap then [ ./ldap.patch ././yarn_fix_bluebird_ldap.patch ] else [ ./yarn_fix_bluebird.patch ];