From 46f22c92556738a8b730c74082b84974ddaac271 Mon Sep 17 00:00:00 2001 From: "R. RyanTM" Date: Wed, 18 Aug 2021 02:27:42 +0000 Subject: [PATCH 01/56] super-productivity: 7.2.1 -> 7.5.1 --- pkgs/applications/office/super-productivity/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/applications/office/super-productivity/default.nix b/pkgs/applications/office/super-productivity/default.nix index 7cb9a9b7e9928..2b3ee7ddc23e8 100644 --- a/pkgs/applications/office/super-productivity/default.nix +++ b/pkgs/applications/office/super-productivity/default.nix @@ -5,11 +5,11 @@ let in stdenv.mkDerivation rec { pname = "super-productivity"; - version = "7.2.1"; + version = "7.5.1"; src = fetchurl { url = "https://github.com/johannesjo/super-productivity/releases/download/v${version}/superProductivity-${version}.AppImage"; - sha256 = "93eeb56fe923c48a9384cde0633e98a9d9dc5c0869fce63b9724ff74bb400049"; + sha256 = "sha256-ezJN/t0iNk0haMLPioEQSNXU4ugVeJe44GNVGd+cOF4="; name = "${pname}-${version}.AppImage"; }; From 0d93d297796610e7a222f48444adcf9b8bcb57fc Mon Sep 17 00:00:00 2001 From: Johannes Schleifenbaum Date: Thu, 26 Aug 2021 13:24:25 +0200 Subject: [PATCH 02/56] protoc-gen-twirp_php: 0.7.1 -> 0.7.5 --- pkgs/development/tools/protoc-gen-twirp_php/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/development/tools/protoc-gen-twirp_php/default.nix b/pkgs/development/tools/protoc-gen-twirp_php/default.nix index 08c8214c637e4..62d0274bf073f 100644 --- a/pkgs/development/tools/protoc-gen-twirp_php/default.nix +++ b/pkgs/development/tools/protoc-gen-twirp_php/default.nix @@ -2,16 +2,16 @@ buildGoModule rec { pname = "protoc-gen-twirp_php"; - version = "0.7.1"; + version = "0.7.5"; # fetchFromGitHub currently not possible, because go.mod and go.sum are export-ignored src = fetchgit { url = "https://github.com/twirphp/twirp.git"; rev = "v${version}"; - sha256 = "sha256-94GN/Gq3RXXg83eUsmIcdF4VuK4syCgD0Zkc5eDiVYE="; + sha256 = "sha256-pHGGZaMBggBUu2CZCxWrZ592K5V93vPI2sZnFkqku2k="; }; - vendorSha256 = "sha256-gz4JELCffuh7dyFdBex8/SFZ1/PDXuC/93m3WNHwRss="; + vendorSha256 = "sha256-p7t+2QgPkcTmsK+jKcPCPDCchNup9F326yKc6JbJHOE="; subPackages = [ "protoc-gen-twirp_php" ]; From d7c262d057cdeb25290405c261176fc7dd6d5efb Mon Sep 17 00:00:00 2001 From: "R. RyanTM" Date: Tue, 14 Sep 2021 00:06:49 +0000 Subject: [PATCH 03/56] symengine: 0.7.0 -> 0.8.1 --- pkgs/development/libraries/symengine/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/libraries/symengine/default.nix b/pkgs/development/libraries/symengine/default.nix index 01ec3a4fba292..92ecf3e494e18 100644 --- a/pkgs/development/libraries/symengine/default.nix +++ b/pkgs/development/libraries/symengine/default.nix @@ -9,13 +9,13 @@ stdenv.mkDerivation rec { pname = "symengine"; - version = "0.7.0"; + version = "0.8.1"; src = fetchFromGitHub { owner = "symengine"; repo = "symengine"; rev = "v${version}"; - sha256 = "sha256-aoitTT9fwTIs3ovfqQjKGgrU+kT5mj+vDHt5lg49JHU="; + sha256 = "sha256-HTDOSgdWo9MWmKeXOkOHAJjgvihUAkSXoYTeMz9XXLI="; }; nativeBuildInputs = [ cmake ]; From 6169b45fd4f2780e3fdcba464a6a618adb1d78d5 Mon Sep 17 00:00:00 2001 From: Robert Scott Date: Tue, 14 Sep 2021 21:40:20 +0100 Subject: [PATCH 04/56] python3Packages.symengine: 0.7.2 -> 0.8.1 patching out cython version requirement as their choice seems to have been arbitrary ("the latest") --- pkgs/development/python-modules/symengine/default.nix | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/pkgs/development/python-modules/symengine/default.nix b/pkgs/development/python-modules/symengine/default.nix index c20f2338fa2a0..673e2682660b4 100644 --- a/pkgs/development/python-modules/symengine/default.nix +++ b/pkgs/development/python-modules/symengine/default.nix @@ -11,18 +11,19 @@ buildPythonPackage rec { pname = "symengine"; - version = "0.7.2"; + version = "0.8.1"; src = fetchFromGitHub { owner = "symengine"; repo = "symengine.py"; rev = "v${version}"; - sha256 = "1xaclpvk7m6mbp70zrsvi3blz4v89pbsf7b6rpmx5903m6kxqr4m"; + sha256 = "0yyi3w03fk19i32jmns1baq3rpmf7xfykzkivc7dmnxmjmxvq2gr"; }; postConfigure = '' substituteInPlace setup.py \ - --replace "\"cmake\"" "\"${cmake}/bin/cmake\"" + --replace "\"cmake\"" "\"${cmake}/bin/cmake\"" \ + --replace "'cython>=0.29.24'" "'cython'" substituteInPlace cmake/FindCython.cmake \ --replace "SET(CYTHON_BIN cython" "SET(CYTHON_BIN ${cython}/bin/cython" From 99cb7f40bbea6e017fbafff478fdb45f8d21c801 Mon Sep 17 00:00:00 2001 From: Pavol Rusnak Date: Mon, 20 Sep 2021 19:12:30 +0200 Subject: [PATCH 05/56] electrs: 0.8.11 -> 0.8.12 --- pkgs/applications/blockchains/electrs/default.nix | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/pkgs/applications/blockchains/electrs/default.nix b/pkgs/applications/blockchains/electrs/default.nix index 527d368bf825c..f688dc1bc25cd 100644 --- a/pkgs/applications/blockchains/electrs/default.nix +++ b/pkgs/applications/blockchains/electrs/default.nix @@ -6,21 +6,21 @@ rustPlatform.buildRustPackage rec { pname = "electrs"; - version = "0.8.11"; + version = "0.8.12"; src = fetchFromGitHub { owner = "romanz"; repo = pname; rev = "v${version}"; - sha256 = "024sdyvrx7s4inldamq4c8lv0iijjyd18j1mm9x6xf2clmvicaa6"; + sha256 = "0kd5zki9f1pnwscnvd921dw0lc45nfkwk23l33nzdjn005lmsw7v"; }; + cargoSha256 = "1l8dwjwj21crxampzj5c0k98xnisgy3d9c3dkgf5vaybrcp04k85"; + # needed for librocksdb-sys nativeBuildInputs = [ llvmPackages.clang ]; LIBCLANG_PATH = "${llvmPackages.libclang.lib}/lib"; - cargoSha256 = "0yl50ryxidbs9wkabz919mgbmsgsqjp1bjw792l1lkgncq8z9r5b"; - meta = with lib; { description = "An efficient re-implementation of Electrum Server in Rust"; homepage = "https://github.com/romanz/electrs"; From 9baf54d902b13309f2b8fd135e12f1f19ecf9561 Mon Sep 17 00:00:00 2001 From: Pavol Rusnak Date: Mon, 20 Sep 2021 19:13:53 +0200 Subject: [PATCH 06/56] electrs: link rocksdb dynamically --- pkgs/applications/blockchains/electrs/default.nix | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/pkgs/applications/blockchains/electrs/default.nix b/pkgs/applications/blockchains/electrs/default.nix index f688dc1bc25cd..ec135b7e931d8 100644 --- a/pkgs/applications/blockchains/electrs/default.nix +++ b/pkgs/applications/blockchains/electrs/default.nix @@ -2,6 +2,7 @@ , rustPlatform , fetchFromGitHub , llvmPackages +, rocksdb }: rustPlatform.buildRustPackage rec { @@ -21,6 +22,11 @@ rustPlatform.buildRustPackage rec { nativeBuildInputs = [ llvmPackages.clang ]; LIBCLANG_PATH = "${llvmPackages.libclang.lib}/lib"; + # link rocksdb dynamically + ROCKSDB_INCLUDE_DIR = "${rocksdb}/include"; + ROCKSDB_LIB_DIR = "${rocksdb}/lib"; + cargoBuildFlags = "--no-default-features"; + meta = with lib; { description = "An efficient re-implementation of Electrum Server in Rust"; homepage = "https://github.com/romanz/electrs"; From f36df15fe54367c11fa909aabbe14e499f20ec3b Mon Sep 17 00:00:00 2001 From: Michael Weiss Date: Tue, 21 Sep 2021 23:47:59 +0200 Subject: [PATCH 07/56] mesa: 21.2.1 -> 21.2.2 --- pkgs/development/libraries/mesa/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/libraries/mesa/default.nix b/pkgs/development/libraries/mesa/default.nix index 62e95dc8e9934..81d553547c3f8 100644 --- a/pkgs/development/libraries/mesa/default.nix +++ b/pkgs/development/libraries/mesa/default.nix @@ -31,7 +31,7 @@ with lib; let # Release calendar: https://www.mesa3d.org/release-calendar.html # Release frequency: https://www.mesa3d.org/releasing.html#schedule - version = "21.2.1"; + version = "21.2.2"; branch = versions.major version; self = stdenv.mkDerivation { @@ -45,7 +45,7 @@ self = stdenv.mkDerivation { "ftp://ftp.freedesktop.org/pub/mesa/${version}/mesa-${version}.tar.xz" "ftp://ftp.freedesktop.org/pub/mesa/older-versions/${branch}.x/${version}/mesa-${version}.tar.xz" ]; - sha256 = "11qpq16xbxymcgiy0wk787dk4yw2pv8fzgj8d92ng6s11dqycr9c"; + sha256 = "1i75k6gh76f49vy6kksbsikf593jmgk6slqwbs1fs5s2jyzz3an4"; }; # TODO: From 81d51629fdee89af0e9f4271755bdad67ecceaea Mon Sep 17 00:00:00 2001 From: "R. RyanTM" Date: Wed, 22 Sep 2021 02:22:44 +0000 Subject: [PATCH 08/56] cargo-watch: 8.0.0 -> 8.1.0 --- pkgs/development/tools/rust/cargo-watch/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/development/tools/rust/cargo-watch/default.nix b/pkgs/development/tools/rust/cargo-watch/default.nix index 46bd0a591a048..bc416cc656e6a 100644 --- a/pkgs/development/tools/rust/cargo-watch/default.nix +++ b/pkgs/development/tools/rust/cargo-watch/default.nix @@ -2,16 +2,16 @@ rustPlatform.buildRustPackage rec { pname = "cargo-watch"; - version = "8.0.0"; + version = "8.1.0"; src = fetchFromGitHub { owner = "passcod"; repo = pname; rev = "v${version}"; - sha256 = "sha256-3IgzMUCkcKUkhTb/ZNRONdvB6Ci0OBB1dcjtc65U8xE="; + sha256 = "sha256-Vvr/O0Xk9hmUVUFoOk/MzTlEvR0Spx5n/9lsE2HfkF8="; }; - cargoSha256 = "sha256-Xp/pxPKs41TXO/EUY5x8Bha7NUioMabbb73///fFr6U="; + cargoSha256 = "sha256-kX9CE95Z2nLb6VM19bu+UkOZ/hsjHUo/JMu0Y0xont0="; buildInputs = lib.optionals stdenv.isDarwin [ CoreServices Foundation libiconv ]; From 0978fb7417aab7465b0fa18df30d5991bec4a558 Mon Sep 17 00:00:00 2001 From: "R. RyanTM" Date: Wed, 22 Sep 2021 02:35:52 +0000 Subject: [PATCH 09/56] wike: 1.5.6 -> 1.5.7 --- pkgs/applications/misc/wike/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/applications/misc/wike/default.nix b/pkgs/applications/misc/wike/default.nix index fac8ac2886d32..41722edc4c202 100644 --- a/pkgs/applications/misc/wike/default.nix +++ b/pkgs/applications/misc/wike/default.nix @@ -14,13 +14,13 @@ let ]); in stdenv.mkDerivation rec { pname = "wike"; - version = "1.5.6"; + version = "1.5.7"; src = fetchFromGitHub { owner = "hugolabe"; repo = "Wike"; rev = version; - sha256 = "1qnxzxqjj0sn522k15plskwa7nlhhbcipfc3w17fbq3k2zhpr1yy"; + sha256 = "sha256-SB+ApuSovqQCaZYPhH+duf+c07JDSSCRz8hTVhEa4gY="; }; nativeBuildInputs = [ From f0380192311f0d907290e80e8fee4895640b942b Mon Sep 17 00:00:00 2001 From: "R. RyanTM" Date: Wed, 22 Sep 2021 02:41:36 +0000 Subject: [PATCH 10/56] vieb: 6.0.0 -> 6.1.0 --- pkgs/applications/networking/browsers/vieb/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/applications/networking/browsers/vieb/default.nix b/pkgs/applications/networking/browsers/vieb/default.nix index 78d08100dfa18..781163050944a 100644 --- a/pkgs/applications/networking/browsers/vieb/default.nix +++ b/pkgs/applications/networking/browsers/vieb/default.nix @@ -2,13 +2,13 @@ mkYarnPackage rec { pname = "vieb"; - version = "6.0.0"; + version = "6.1.0"; src = fetchFromGitHub { owner = "Jelmerro"; repo = pname; rev = version; - sha256 = "sha256-3mX6z/CRUQdyQxYK50yqCZIrhPgitsyus4oLkbPqNvM="; + sha256 = "sha256-MJJeHnwfXouBygRT/wFWFMRHxQVf/3k2c7vp/tkD5co="; }; packageJSON = ./package.json; From 000ae67128762df86cfac70b242d7e0894db9ffb Mon Sep 17 00:00:00 2001 From: superherointj <5861043+superherointj@users.noreply.github.com> Date: Tue, 21 Sep 2021 09:05:57 -0300 Subject: [PATCH 11/56] k3s: add updateScript --- .../networking/cluster/k3s/default.nix | 16 +++-- .../networking/cluster/k3s/update.sh | 62 +++++++++++++++++++ 2 files changed, 74 insertions(+), 4 deletions(-) create mode 100755 pkgs/applications/networking/cluster/k3s/update.sh diff --git a/pkgs/applications/networking/cluster/k3s/default.nix b/pkgs/applications/networking/cluster/k3s/default.nix index 4b60ec6ea2dd4..445483c1ecdeb 100644 --- a/pkgs/applications/networking/cluster/k3s/default.nix +++ b/pkgs/applications/networking/cluster/k3s/default.nix @@ -45,10 +45,16 @@ with lib; let k3sVersion = "1.21.4+k3s1"; # k3s git tag k3sCommit = "3e250fdbab72d88f7e6aae57446023a0567ffc97"; # k3s git commit at the above version + k3sRepoSha256 = "1w7drvk0bmlmqrxh1y6dxjy7dk6bdrl72pkd25lc1ir6wbzb05h9"; traefikChartVersion = "9.18.2"; # taken from ./scripts/download at TRAEFIK_VERSION + traefikChartSha256 = "sha256-9d7p0ngyMN27u4OPgz7yI14Zj9y36t9o/HMX5wyDpUI="; + k3sRootVersion = "0.9.1"; # taken from ./scripts/download at ROOT_VERSION + k3sRootSha256 = "sha256-qI84KYJKY/T6pqWZW9lOTq5NzZiu//v1zrMzUCiRTGQ="; + k3sCNIVersion = "0.8.6-k3s1"; # taken from ./scripts/version.sh at VERSION_CNIPLUGINS + k3sCNISha256 = "sha256-uAy17eRRAXPCcnh481KxFMvFQecnnBs24jn5YnVNfY4="; baseMeta = { description = "A lightweight Kubernetes distribution"; @@ -61,7 +67,7 @@ let # bundled into the k3s binary traefikChart = fetchurl { url = "https://helm.traefik.io/traefik/traefik-${traefikChartVersion}.tgz"; - sha256 = "sha256-9d7p0ngyMN27u4OPgz7yI14Zj9y36t9o/HMX5wyDpUI="; + sha256 = traefikChartSha256; }; # so, k3s is a complicated thing to package # This derivation attempts to avoid including any random binaries from the @@ -75,7 +81,7 @@ let k3sRoot = fetchzip { # Note: marked as apache 2.0 license url = "https://github.com/k3s-io/k3s-root/releases/download/v${k3sRootVersion}/k3s-root-amd64.tar"; - sha256 = "sha256-qI84KYJKY/T6pqWZW9lOTq5NzZiu//v1zrMzUCiRTGQ="; + sha256 = k3sRootSha256; stripRoot = false; }; k3sPlugins = buildGoPackage rec { @@ -89,7 +95,7 @@ let owner = "rancher"; repo = "plugins"; rev = "v${version}"; - sha256 = "sha256-uAy17eRRAXPCcnh481KxFMvFQecnnBs24jn5YnVNfY4="; + sha256 = k3sCNISha256; }; meta = baseMeta // { @@ -101,7 +107,7 @@ let k3sRepo = fetchgit { url = "https://github.com/k3s-io/k3s"; rev = "v${k3sVersion}"; - sha256 = "1w7drvk0bmlmqrxh1y6dxjy7dk6bdrl72pkd25lc1ir6wbzb05h9"; + sha256 = k3sRepoSha256; }; # Stage 1 of the k3s build: # Let's talk about how k3s is structured. @@ -280,5 +286,7 @@ stdenv.mkDerivation rec { $out/bin/k3s --version | grep v${k3sVersion} > /dev/null ''; + passthru.updateScript = ./update.sh; + meta = baseMeta; } diff --git a/pkgs/applications/networking/cluster/k3s/update.sh b/pkgs/applications/networking/cluster/k3s/update.sh new file mode 100755 index 0000000000000..db895af71c6a1 --- /dev/null +++ b/pkgs/applications/networking/cluster/k3s/update.sh @@ -0,0 +1,62 @@ +#!/usr/bin/env nix-shell +#!nix-shell -i bash -p curl gnugrep gnused jq + +set -eu -o pipefail + +WORKDIR=$(mktemp -d) +trap "rm -rf ${WORKDIR}" EXIT + +cd $(dirname "${BASH_SOURCE[0]}") + +LATEST_TAG_RAWFILE=${WORKDIR}/latest_tag.json +curl --silent ${GITHUB_TOKEN:+"-u \":$GITHUB_TOKEN\""} \ + https://api.github.com/repos/k3s-io/k3s/releases/latest > ${LATEST_TAG_RAWFILE} + +LATEST_TAG_NAME=$(jq -r '.tag_name' ${LATEST_TAG_RAWFILE}) + +K3S_VERSION=$(echo ${LATEST_TAG_NAME} | sed 's/^v//') + +LATEST_TAG_TARBALL_URL=$(jq -r '.tarball_url' ${LATEST_TAG_RAWFILE}) + +K3S_COMMIT=$(curl --silent ${GITHUB_TOKEN:+"-u \":$GITHUB_TOKEN\""} \ + https://api.github.com/repos/k3s-io/k3s/tags \ + | jq -r "map(select(.name == \"${LATEST_TAG_NAME}\")) | .[0] | .commit.sha") + +K3S_REPO_SHA256=$(nix-prefetch-url --quiet --unpack ${LATEST_TAG_TARBALL_URL}) + +FILE_SCRIPTS_DOWNLOAD=${WORKDIR}/scripts-download +curl --silent https://raw.githubusercontent.com/k3s-io/k3s/${K3S_COMMIT}/scripts/download > $FILE_SCRIPTS_DOWNLOAD + +FILE_SCRIPTS_VERSION=${WORKDIR}/scripts-version.sh +curl --silent https://raw.githubusercontent.com/k3s-io/k3s/${K3S_COMMIT}/scripts/version.sh > $FILE_SCRIPTS_VERSION + +TRAEFIK_CHART_VERSION=$(grep TRAEFIK_VERSION= $FILE_SCRIPTS_DOWNLOAD \ + | cut -d'=' -f2 | cut -d' ' -f1) +TRAEFIK_CHART_SHA256=$(nix-prefetch-url --quiet "https://helm.traefik.io/traefik/traefik-${TRAEFIK_CHART_VERSION}.tgz") + +K3S_ROOT_VERSION=$(grep ROOT_VERSION= $FILE_SCRIPTS_DOWNLOAD \ + | cut -d'=' -f2 | cut -d' ' -f1 | sed 's/^v//') +K3S_ROOT_SHA256=$(nix-prefetch-url --quiet --unpack \ + "https://github.com/k3s-io/k3s-root/releases/download/v${K3S_ROOT_VERSION}/k3s-root-amd64.tar") + +CNIPLUGINS_VERSION=$(grep VERSION_CNIPLUGINS= $FILE_SCRIPTS_VERSION \ + | cut -d'=' -f2 | cut -d' ' -f1 | sed -e 's/"//g' -e 's/^v//') +CNIPLUGINS_SHA256=$(nix-prefetch-url --quiet --unpack \ + "https://github.com/rancher/plugins/archive/refs/tags/v${CNIPLUGINS_VERSION}.tar.gz") + +setKV () { + sed -i "s/$1 = \".*\"/$1 = \"$2\"/" ./default.nix +} + +setKV k3sVersion ${K3S_VERSION} +setKV k3sCommit ${K3S_COMMIT} +setKV k3sRepoSha256 ${K3S_REPO_SHA256} + +setKV traefikChartVersion ${TRAEFIK_CHART_VERSION} +setKV traefikChartSha256 ${TRAEFIK_CHART_SHA256} + +setKV k3sRootVersion ${K3S_ROOT_VERSION} +setKV k3sRootSha256 ${K3S_ROOT_SHA256} + +setKV k3sCNIVersion ${CNIPLUGINS_VERSION} +setKV k3sCNISha256 ${CNIPLUGINS_SHA256} From 455c8b51a9208c5025a02955a03eb62c7942dac6 Mon Sep 17 00:00:00 2001 From: "R. RyanTM" Date: Wed, 22 Sep 2021 05:08:29 +0000 Subject: [PATCH 12/56] dolt: 0.27.4.2 -> 0.28.4 --- pkgs/servers/sql/dolt/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/servers/sql/dolt/default.nix b/pkgs/servers/sql/dolt/default.nix index e9fdf3d31b000..fb24a33c8625c 100644 --- a/pkgs/servers/sql/dolt/default.nix +++ b/pkgs/servers/sql/dolt/default.nix @@ -2,18 +2,18 @@ buildGoModule rec { pname = "dolt"; - version = "0.27.4.2"; + version = "0.28.4"; src = fetchFromGitHub { owner = "liquidata-inc"; repo = "dolt"; rev = "v${version}"; - sha256 = "sha256-nEIYt9yPDxPbJ/IHH8eQpVSNtC5pYiagCC5TliqX11M="; + sha256 = "sha256-J/4YEiSmoWhs+pnJN21CwNwpujZ1cldLmgwajBB+IRU="; }; modRoot = "./go"; subPackages = [ "cmd/dolt" "cmd/git-dolt" "cmd/git-dolt-smudge" ]; - vendorSha256 = "sha256-XbKaPbPIgUxqJB8kgd3fJIESO9XvNREExdp06Th2bu0="; + vendorSha256 = "sha256-l3jRQ4Z7xku1nMfYfc6nJ3qF6A1maY0tRfZpHCtsujI="; doCheck = false; From add1980208df72b706901d1f6331131b37b2badc Mon Sep 17 00:00:00 2001 From: "R. RyanTM" Date: Wed, 22 Sep 2021 05:18:53 +0000 Subject: [PATCH 13/56] du-dust: 0.6.2 -> 0.7.5 --- pkgs/tools/misc/dust/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/tools/misc/dust/default.nix b/pkgs/tools/misc/dust/default.nix index 01c0ff4315e19..f5ce9db110276 100644 --- a/pkgs/tools/misc/dust/default.nix +++ b/pkgs/tools/misc/dust/default.nix @@ -2,13 +2,13 @@ rustPlatform.buildRustPackage rec { pname = "du-dust"; - version = "0.6.2"; + version = "0.7.5"; src = fetchFromGitHub { owner = "bootandy"; repo = "dust"; rev = "v${version}"; - sha256 = "sha256-5GhoL3by4sXhFJrNZi/UlERBa+s2oqDVVJODY0kdfxI="; + sha256 = "sha256-0r0cDzW18uF7DHvzkUCHHHN+2M21xdi2ffPwDGMtyw8="; # Remove unicode file names which leads to different checksums on HFS+ # vs. other filesystems because of unicode normalisation. extraPostFetch = '' @@ -16,7 +16,7 @@ rustPlatform.buildRustPackage rec { ''; }; - cargoSha256 = "sha256-cgH3jrZPGUHiBDeJ9qj80dU+Vbz+wHMOsCaGAvJY6mg="; + cargoSha256 = "sha256-LAow4DVqON5vrYBU8v8wzg/HcHxm1GqS9DMre3y12Jo="; doCheck = false; From 137a4f7b438ca5debef83c8ccb60f6ad9f5ffaf9 Mon Sep 17 00:00:00 2001 From: "R. RyanTM" Date: Wed, 22 Sep 2021 06:04:54 +0000 Subject: [PATCH 14/56] svtplay-dl: 4.3 -> 4.5 --- pkgs/tools/misc/svtplay-dl/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/tools/misc/svtplay-dl/default.nix b/pkgs/tools/misc/svtplay-dl/default.nix index 37462910dcfe4..360e16b1fc18e 100644 --- a/pkgs/tools/misc/svtplay-dl/default.nix +++ b/pkgs/tools/misc/svtplay-dl/default.nix @@ -9,13 +9,13 @@ let in stdenv.mkDerivation rec { pname = "svtplay-dl"; - version = "4.3"; + version = "4.5"; src = fetchFromGitHub { owner = "spaam"; repo = "svtplay-dl"; rev = version; - sha256 = "04gmiqg6mq96fw4v1v6947i216fsf0vcnjp3ya8bbii5na91y1aa"; + sha256 = "sha256-TiJWy5WU1VsseodfgfemAsUc5/hDwSlM03ITRYTvJbg="; }; pythonPaths = [ cryptography pyyaml requests ]; From 5b4f8afae40cdbea52a8256d772c0795dd938351 Mon Sep 17 00:00:00 2001 From: rnhmjoj Date: Wed, 22 Sep 2021 08:33:38 +0200 Subject: [PATCH 15/56] nixos/tests: stdenv.lib -> lib These must have been reintroduced by mistake after the deprecation. --- nixos/tests/postfixadmin.nix | 2 +- nixos/tests/tigervnc.nix | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/nixos/tests/postfixadmin.nix b/nixos/tests/postfixadmin.nix index aba5e3eed1021..b2712f4699aea 100644 --- a/nixos/tests/postfixadmin.nix +++ b/nixos/tests/postfixadmin.nix @@ -1,6 +1,6 @@ import ./make-test-python.nix ({ pkgs, ...} : { name = "postfixadmin"; - meta = with pkgs.stdenv.lib.maintainers; { + meta = with pkgs.lib.maintainers; { maintainers = [ globin ]; }; diff --git a/nixos/tests/tigervnc.nix b/nixos/tests/tigervnc.nix index c0a52808b2791..092eaf238d804 100644 --- a/nixos/tests/tigervnc.nix +++ b/nixos/tests/tigervnc.nix @@ -6,7 +6,7 @@ with import ../lib/testing-python.nix { inherit system pkgs; }; makeTest { name = "tigervnc"; - meta = with pkgs.stdenv.lib.maintainers; { + meta = with pkgs.lib.maintainers; { maintainers = [ lheckemann ]; }; From 78b0883e2f6838907e51055be8cb7db49310aafb Mon Sep 17 00:00:00 2001 From: rnhmjoj Date: Wed, 22 Sep 2021 08:39:57 +0200 Subject: [PATCH 16/56] nixos/tests/prometheus-exporters: fix nogroup Add a group after the removal of the nogroup default in #133166. --- nixos/tests/prometheus-exporters.nix | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/nixos/tests/prometheus-exporters.nix b/nixos/tests/prometheus-exporters.nix index c6e8fa5a9ee1c..b1a44798555df 100644 --- a/nixos/tests/prometheus-exporters.nix +++ b/nixos/tests/prometheus-exporters.nix @@ -554,7 +554,11 @@ let WorkingDirectory = "/var/spool/mail"; }; }; - users.users.mailexporter.isSystemUser = true; + users.users.mailexporter = { + isSystemUser = true; + group = "mailexporter"; + }; + users.groups.mailexporter = {}; }; exporterTest = '' wait_for_unit("postfix.service") From 169cd512d4cf2ec70e4631e7e4d89677a3cf262c Mon Sep 17 00:00:00 2001 From: rnhmjoj Date: Wed, 22 Sep 2021 08:43:58 +0200 Subject: [PATCH 17/56] nixos/tests/cntr: fix evaluation The maintainer email address is srk@48.io, hence srk, but the attribute name in the maintainer list is actually sorki. --- nixos/tests/cntr.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nixos/tests/cntr.nix b/nixos/tests/cntr.nix index 8cffd97459d00..668470756209a 100644 --- a/nixos/tests/cntr.nix +++ b/nixos/tests/cntr.nix @@ -9,7 +9,7 @@ let makeTest { name = "cntr-${backend}"; - meta = { maintainers = with lib.maintainers; [ srk mic92 ]; }; + meta = { maintainers = with lib.maintainers; [ sorki mic92 ]; }; nodes = { ${backend} = { pkgs, ... }: { From 88e3f20774ec11ba7e7b0dc72ab7cef77198b955 Mon Sep 17 00:00:00 2001 From: "R. RyanTM" Date: Wed, 22 Sep 2021 07:08:30 +0000 Subject: [PATCH 18/56] svgbob: 0.5.4 -> 0.6.2 --- pkgs/tools/graphics/svgbob/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/tools/graphics/svgbob/default.nix b/pkgs/tools/graphics/svgbob/default.nix index 389f6415e9be7..2e3740dabb7c3 100644 --- a/pkgs/tools/graphics/svgbob/default.nix +++ b/pkgs/tools/graphics/svgbob/default.nix @@ -2,15 +2,15 @@ rustPlatform.buildRustPackage rec { pname = "svgbob"; - version = "0.5.4"; + version = "0.6.2"; src = fetchCrate { inherit version; crateName = "svgbob_cli"; - sha256 = "0qq7hkg32bqyw3vz3ibip7yrjg5m2ch9kdnwqrzaqqy9wb8d7154"; + sha256 = "sha256-9JASoUN/VzZS8ihepTQL2SXZitxKBMSJEv+13vzQd3w="; }; - cargoSha256 = "0p37qkgh1xpqmkr2p88njwhifpyqfh27qcwmmhwxdqcpzmmmkjhr"; + cargoSha256 = "sha256-pkdiow+9gsQ9rrSHwukd17r5CfsaJgYj6KA4wYKbtA0="; meta = with lib; { description = "Convert your ascii diagram scribbles into happy little SVG"; From cf8ce8f269d2fb2ab17bf280ccc11f9120d59bfc Mon Sep 17 00:00:00 2001 From: Fabian Affolter Date: Wed, 22 Sep 2021 10:43:07 +0200 Subject: [PATCH 19/56] python3Packages.pyspnego: 0.1.6 -> 0.2.0 --- .../python-modules/pyspnego/default.nix | 18 +++++++++++++++--- 1 file changed, 15 insertions(+), 3 deletions(-) diff --git a/pkgs/development/python-modules/pyspnego/default.nix b/pkgs/development/python-modules/pyspnego/default.nix index 2f8e775e34043..a1793118d28d6 100644 --- a/pkgs/development/python-modules/pyspnego/default.nix +++ b/pkgs/development/python-modules/pyspnego/default.nix @@ -2,6 +2,9 @@ , buildPythonPackage , cryptography , fetchFromGitHub +, gssapi +, krb5 +, ruamel-yaml , pytest-mock , pytestCheckHook , pythonOlder @@ -10,18 +13,22 @@ buildPythonPackage rec { pname = "pyspnego"; - version = "0.1.6"; - disabled = pythonOlder "3.6"; + version = "0.2.0"; + + disabled = pythonOlder "3.7"; src = fetchFromGitHub { owner = "jborean93"; repo = pname; rev = "v${version}"; - sha256 = "0pfh2x0539f0k2qi2pbjm64b2fqp64c63xxpinvg1yfaw915kgpb"; + sha256 = "sha256-puv9aq53NbjSuN561XFou404N9pIxvvMjZMgnNx3SjM="; }; propagatedBuildInputs = [ cryptography + gssapi + krb5 + ruamel-yaml ]; checkInputs = [ @@ -30,6 +37,11 @@ buildPythonPackage rec { pytestCheckHook ]; + disabledTests = [ + # struct.error: unpack requires a buffer of 1 bytes + "test_credssp_invalid_client_authentication" + ]; + LC_ALL = "en_US.UTF-8"; pythonImportsCheck = [ "spnego" ]; From b51ce741065958799177dc8aaef1a2b7cde4731a Mon Sep 17 00:00:00 2001 From: Fabian Affolter Date: Wed, 22 Sep 2021 11:11:24 +0200 Subject: [PATCH 20/56] python3Packages.notus-scanner: init at unstable-2021-09-05 --- .../python-modules/notus-scanner/default.nix | 56 +++++++++++++++++++ pkgs/top-level/all-packages.nix | 2 + pkgs/top-level/python-packages.nix | 2 + 3 files changed, 60 insertions(+) create mode 100644 pkgs/development/python-modules/notus-scanner/default.nix diff --git a/pkgs/development/python-modules/notus-scanner/default.nix b/pkgs/development/python-modules/notus-scanner/default.nix new file mode 100644 index 0000000000000..dbf01f3698d51 --- /dev/null +++ b/pkgs/development/python-modules/notus-scanner/default.nix @@ -0,0 +1,56 @@ +{ lib +, buildPythonPackage +, fetchFromGitHub +, fetchpatch +, paho-mqtt +, poetry-core +, psutil +, pytestCheckHook +, pythonOlder +}: + +buildPythonPackage rec { + pname = "notus-scanner"; + version = "unstable-2021-09-05"; + format = "pyproject"; + + disabled = pythonOlder "3.7"; + + src = fetchFromGitHub { + owner = "greenbone"; + repo = pname; + rev = "049f9a5e6439e4e5113e3b8f30b25ead12d42a56"; + sha256 = "1fjxyn8wg2kf6xy3pbh7d7yn20dk529p03xpqyz7s40n9nsxhnza"; + }; + + nativeBuildInputs = [ + poetry-core + ]; + + propagatedBuildInputs = [ + paho-mqtt + psutil + ]; + + checkInputs = [ + pytestCheckHook + ]; + + patches = [ + # Switch to poetry-core, https://github.com/greenbone/notus-scanner/pull/31 + (fetchpatch { + name = "switch-to-poetry-core.patch"; + url = "https://github.com/greenbone/notus-scanner/commit/b52eea317faca30d411096044f9e5ea20b58da65.patch"; + sha256 = "0q11aslhva47kkpsnpayra7spa849j894vqv34pjqhcnlyipqw6d"; + }) + ]; + + pythonImportsCheck = [ "notus.scanner" ]; + + meta = with lib; { + description = "Helper to create results from local security checks"; + homepage = "https://github.com/greenbone/notus-scanner"; + license = with licenses; [ agpl3Plus ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 122658d0848df..3016b2f7e34db 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -30655,6 +30655,8 @@ with pkgs; nota = haskellPackages.callPackage ../applications/science/math/nota { }; + notus-scanner = with python3Packages; toPythonApplication notus-scanner; + openblas = callPackage ../development/libraries/science/math/openblas { }; # A version of OpenBLAS using 32-bit integers on all platforms for compatibility with diff --git a/pkgs/top-level/python-packages.nix b/pkgs/top-level/python-packages.nix index 924b56765e6d0..cf34cc8693fec 100644 --- a/pkgs/top-level/python-packages.nix +++ b/pkgs/top-level/python-packages.nix @@ -4956,6 +4956,8 @@ in { nototools = callPackage ../data/fonts/noto-fonts/tools.nix { }; + notus-scanner = callPackage ../development/python-modules/notus-scanner { }; + nplusone = callPackage ../development/python-modules/nplusone { }; npyscreen = callPackage ../development/python-modules/npyscreen { }; From 56ad0a49c83eabac02a4c4a24dc01bfb4f6681dc Mon Sep 17 00:00:00 2001 From: rnhmjoj Date: Wed, 22 Sep 2021 08:48:29 +0200 Subject: [PATCH 21/56] nixos/dnscrypt-wrapper: fix nogroup The group was actually there but I didn't add it by mistake. This fixes the evaluation after for #133166. --- nixos/modules/services/networking/dnscrypt-wrapper.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/nixos/modules/services/networking/dnscrypt-wrapper.nix b/nixos/modules/services/networking/dnscrypt-wrapper.nix index 89360f4bf3732..400d6e67044e2 100644 --- a/nixos/modules/services/networking/dnscrypt-wrapper.nix +++ b/nixos/modules/services/networking/dnscrypt-wrapper.nix @@ -217,6 +217,7 @@ in { home = "${dataDir}"; createHome = true; isSystemUser = true; + group = "dnscrypt-wrapper"; }; users.groups.dnscrypt-wrapper = { }; From e2a668224fbd0a577bcf5a89d9e10a95cceeffc3 Mon Sep 17 00:00:00 2001 From: rnhmjoj Date: Wed, 22 Sep 2021 09:04:59 +0200 Subject: [PATCH 22/56] nixos/tests/enlightenment: fix renamed options All program-specific `autoLogin` options have been unified under `displayManager.autoLogin`. --- nixos/tests/enlightenment.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/nixos/tests/enlightenment.nix b/nixos/tests/enlightenment.nix index cc1da649d493e..4623574ce92e6 100644 --- a/nixos/tests/enlightenment.nix +++ b/nixos/tests/enlightenment.nix @@ -11,8 +11,8 @@ import ./make-test-python.nix ({ pkgs, ...} : imports = [ ./common/user-account.nix ]; services.xserver.enable = true; services.xserver.desktopManager.enlightenment.enable = true; - services.xserver.displayManager.lightdm = { - enable = true; + services.xserver.displayManager = { + lightdm.enable = true; autoLogin = { enable = true; user = "alice"; From 1f826a71645203bbf6f6f6ec0d5e6973d7f0464a Mon Sep 17 00:00:00 2001 From: rnhmjoj Date: Wed, 22 Sep 2021 09:19:46 +0200 Subject: [PATCH 23/56] nixos/tests/ec2: fix conflicting option values --- nixos/tests/ec2.nix | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/nixos/tests/ec2.nix b/nixos/tests/ec2.nix index df06724801684..aa3c2b7051f6c 100644 --- a/nixos/tests/ec2.nix +++ b/nixos/tests/ec2.nix @@ -24,6 +24,11 @@ let ln -s vda1 /dev/xvda1 ''; + # In a NixOS test the serial console is occupied by the "backdoor" + # (see testing/test-instrumentation.nix) and is incompatible with + # the configuration in virtualisation/amazon-image.nix. + systemd.services."serial-getty@ttyS0".enable = mkForce false; + # Needed by nixos-rebuild due to the lack of network # access. Determined by trial and error. system.extraDependencies = with pkgs; ( [ From 3f10924949681e88220394a4e3604b327f876e39 Mon Sep 17 00:00:00 2001 From: rnhmjoj Date: Wed, 22 Sep 2021 09:27:22 +0200 Subject: [PATCH 24/56] nixos/flannel: pkgs.etcdctl -> pkgs.etcd The package has been renamed in 2018-04-25. --- nixos/modules/services/networking/flannel.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nixos/modules/services/networking/flannel.nix b/nixos/modules/services/networking/flannel.nix index 32a7eb3ed69e8..2d67a2a2ad227 100644 --- a/nixos/modules/services/networking/flannel.nix +++ b/nixos/modules/services/networking/flannel.nix @@ -164,7 +164,7 @@ in { path = [ pkgs.iptables ]; preStart = optionalString (cfg.storageBackend == "etcd") '' echo "setting network configuration" - until ${pkgs.etcdctl}/bin/etcdctl set /coreos.com/network/config '${builtins.toJSON networkConfig}' + until ${pkgs.etcd}/bin/etcdctl set /coreos.com/network/config '${builtins.toJSON networkConfig}' do echo "setting network configuration, retry" sleep 1 From 88b3c29cf1ddb7582b11d89af16b750e44b5bc67 Mon Sep 17 00:00:00 2001 From: rnhmjoj Date: Wed, 22 Sep 2021 09:39:34 +0200 Subject: [PATCH 25/56] nixos: heimdalFull -> heimdal The package has been renamed in 2018-05-01. --- nixos/modules/config/krb5/default.nix | 2 +- nixos/modules/services/system/kerberos/heimdal.nix | 2 +- nixos/tests/kerberos/heimdal.nix | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/nixos/modules/config/krb5/default.nix b/nixos/modules/config/krb5/default.nix index c2302451d702f..6db2a7e40391e 100644 --- a/nixos/modules/config/krb5/default.nix +++ b/nixos/modules/config/krb5/default.nix @@ -84,7 +84,7 @@ in { type = types.package; default = pkgs.krb5Full; defaultText = "pkgs.krb5Full"; - example = literalExample "pkgs.heimdalFull"; + example = literalExample "pkgs.heimdal"; description = '' The Kerberos implementation that will be present in environment.systemPackages after enabling this diff --git a/nixos/modules/services/system/kerberos/heimdal.nix b/nixos/modules/services/system/kerberos/heimdal.nix index f0e56c7951a49..837c59caa5620 100644 --- a/nixos/modules/services/system/kerberos/heimdal.nix +++ b/nixos/modules/services/system/kerberos/heimdal.nix @@ -27,7 +27,7 @@ in { # No documentation about correct triggers, so guessing at them. - config = mkIf (cfg.enable && kerberos == pkgs.heimdalFull) { + config = mkIf (cfg.enable && kerberos == pkgs.heimdal) { systemd.services.kadmind = { description = "Kerberos Administration Daemon"; wantedBy = [ "multi-user.target" ]; diff --git a/nixos/tests/kerberos/heimdal.nix b/nixos/tests/kerberos/heimdal.nix index 8abae667d043f..391a61cc9a90b 100644 --- a/nixos/tests/kerberos/heimdal.nix +++ b/nixos/tests/kerberos/heimdal.nix @@ -9,7 +9,7 @@ import ../make-test-python.nix ({pkgs, ...}: { }; krb5 = { enable = true; - kerberos = pkgs.heimdalFull; + kerberos = pkgs.heimdal; libdefaults = { default_realm = "FOO.BAR"; }; From 1f55c7e02213082673f7b6d09a1efaf16be5a794 Mon Sep 17 00:00:00 2001 From: rnhmjoj Date: Wed, 22 Sep 2021 11:06:17 +0200 Subject: [PATCH 26/56] nixos/tests: drop latestKernel.hardened The latest kernel does not guarantee a hardened version anymore, see ga5341beb for the motivation. --- nixos/tests/all-tests.nix | 1 - nixos/tests/hardened.nix | 4 +--- 2 files changed, 1 insertion(+), 4 deletions(-) diff --git a/nixos/tests/all-tests.nix b/nixos/tests/all-tests.nix index 325caba07ea30..66b0f4f258d36 100644 --- a/nixos/tests/all-tests.nix +++ b/nixos/tests/all-tests.nix @@ -223,7 +223,6 @@ in krb5 = discoverTests (import ./krb5 {}); ksm = handleTest ./ksm.nix {}; kubernetes = handleTestOn ["x86_64-linux"] ./kubernetes {}; - latestKernel.hardened = handleTest ./hardened.nix { latestKernel = true; }; latestKernel.login = handleTest ./login.nix { latestKernel = true; }; leaps = handleTest ./leaps.nix {}; libreddit = handleTest ./libreddit.nix {}; diff --git a/nixos/tests/hardened.nix b/nixos/tests/hardened.nix index b76ae83a32874..da7e0972e131a 100644 --- a/nixos/tests/hardened.nix +++ b/nixos/tests/hardened.nix @@ -1,4 +1,4 @@ -import ./make-test-python.nix ({ pkgs, latestKernel ? false, ... } : { +import ./make-test-python.nix ({ pkgs, ... } : { name = "hardened"; meta = with pkgs.lib.maintainers; { maintainers = [ joachifm ]; @@ -10,8 +10,6 @@ import ./make-test-python.nix ({ pkgs, latestKernel ? false, ... } : { { users.users.alice = { isNormalUser = true; extraGroups = [ "proc" ]; }; users.users.sybil = { isNormalUser = true; group = "wheel"; }; imports = [ ../modules/profiles/hardened.nix ]; - boot.kernelPackages = - lib.mkIf latestKernel pkgs.linuxPackages_latest_hardened; environment.memoryAllocator.provider = "graphene-hardened"; nix.useSandbox = false; virtualisation.emptyDiskImages = [ 4096 ]; From 08cd8667eeef874dc99c2d0f5ecdb88d6f454a14 Mon Sep 17 00:00:00 2001 From: rnhmjoj Date: Wed, 22 Sep 2021 11:18:05 +0200 Subject: [PATCH 27/56] nixos: filalex77 -> Br1ght0ne The maintainers has changed username in 512c3c0a. --- nixos/modules/services/search/meilisearch.nix | 2 +- nixos/tests/meilisearch.nix | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/nixos/modules/services/search/meilisearch.nix b/nixos/modules/services/search/meilisearch.nix index 913a885993ca7..9ed1a0e9053e4 100644 --- a/nixos/modules/services/search/meilisearch.nix +++ b/nixos/modules/services/search/meilisearch.nix @@ -8,7 +8,7 @@ let in { - meta.maintainers = with maintainers; [ filalex77 ]; + meta.maintainers = with maintainers; [ Br1ght0ne ]; ###### interface diff --git a/nixos/tests/meilisearch.nix b/nixos/tests/meilisearch.nix index ef5781458ffdb..c379bda74c59a 100644 --- a/nixos/tests/meilisearch.nix +++ b/nixos/tests/meilisearch.nix @@ -10,7 +10,7 @@ import ./make-test-python.nix ({ pkgs, lib, ... }: ''; in { name = "meilisearch"; - meta.maintainers = with lib.maintainers; [ filalex77 ]; + meta.maintainers = with lib.maintainers; [ Br1ght0ne ]; machine = { ... }: { environment.systemPackages = with pkgs; [ curl jq ]; From 87d76b1783f5c34c2402a8d9c635341e011df220 Mon Sep 17 00:00:00 2001 From: rnhmjoj Date: Wed, 22 Sep 2021 11:19:26 +0200 Subject: [PATCH 28/56] nixos/tests/mysql: fix nogroup This fixes the evaluation after for #133166. --- nixos/tests/mysql/mysql.nix | 36 +++++++++++++++++++++++++++++------- 1 file changed, 29 insertions(+), 7 deletions(-) diff --git a/nixos/tests/mysql/mysql.nix b/nixos/tests/mysql/mysql.nix index 2ec9c3d50a3c5..dce5fa26acf7f 100644 --- a/nixos/tests/mysql/mysql.nix +++ b/nixos/tests/mysql/mysql.nix @@ -1,4 +1,26 @@ -import ./../make-test-python.nix ({ pkgs, ...} : { +import ./../make-test-python.nix ({ pkgs, ...}: + + +let + # Setup common users + users = { ... }: + { + users.groups.testusers = { }; + + users.users.testuser = { + isSystemUser = true; + group = "testusers"; + }; + + users.users.testuser2 = { + isSystemUser = true; + group = "testusers"; + }; + }; + +in + +{ name = "mysql"; meta = with pkgs.lib.maintainers; { maintainers = [ eelco shlevy ]; @@ -9,8 +31,8 @@ import ./../make-test-python.nix ({ pkgs, ...} : { { pkgs, ... }: { - users.users.testuser = { isSystemUser = true; }; - users.users.testuser2 = { isSystemUser = true; }; + imports = [ users ]; + services.mysql.enable = true; services.mysql.initialDatabases = [ { name = "testdb3"; schema = ./testdb.sql; } @@ -40,12 +62,12 @@ import ./../make-test-python.nix ({ pkgs, ...} : { { pkgs, ... }: { + imports = [ users ]; + # prevent oom: # Kernel panic - not syncing: Out of memory: compulsory panic_on_oom is enabled virtualisation.memorySize = 1024; - users.users.testuser = { isSystemUser = true; }; - users.users.testuser2 = { isSystemUser = true; }; services.mysql.enable = true; services.mysql.initialDatabases = [ { name = "testdb3"; schema = ./testdb.sql; } @@ -75,8 +97,8 @@ import ./../make-test-python.nix ({ pkgs, ...} : { { pkgs, ... }: { - users.users.testuser = { isSystemUser = true; }; - users.users.testuser2 = { isSystemUser = true; }; + imports = [ users ]; + services.mysql.enable = true; services.mysql.initialScript = pkgs.writeText "mariadb-init.sql" '' ALTER USER root@localhost IDENTIFIED WITH unix_socket; From 20ad669618616588089013e48a0b9d61aea09611 Mon Sep 17 00:00:00 2001 From: rnhmjoj Date: Wed, 22 Sep 2021 11:35:22 +0200 Subject: [PATCH 29/56] nixos/tests/minio: fix deprecation warning The `accessKey` and `secretKey` options have been deprecated in favour of the new `rootCredentialsFile`. --- nixos/tests/minio.nix | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/nixos/tests/minio.nix b/nixos/tests/minio.nix index e49c517098aea..ad51f738d4901 100644 --- a/nixos/tests/minio.nix +++ b/nixos/tests/minio.nix @@ -28,7 +28,10 @@ in { machine = { pkgs, ... }: { services.minio = { enable = true; - inherit accessKey secretKey; + rootCredentialsFile = pkgs.writeText "minio-credentials" '' + MINIO_ROOT_USER=${accessKey} + MINIO_ROOT_PASSWORD=${secretKey} + ''; }; environment.systemPackages = [ pkgs.minio-client ]; From 113cc7b13614a6228dc5b4edab117a162e05f68a Mon Sep 17 00:00:00 2001 From: rnhmjoj Date: Wed, 22 Sep 2021 11:46:30 +0200 Subject: [PATCH 30/56] nixos/tests/mariadb-galera-mariabackup: fix nogroup This fixes the evaluation after for #133166. --- nixos/tests/mysql/mariadb-galera-mariabackup.nix | 16 +++++++++++++--- 1 file changed, 13 insertions(+), 3 deletions(-) diff --git a/nixos/tests/mysql/mariadb-galera-mariabackup.nix b/nixos/tests/mysql/mariadb-galera-mariabackup.nix index 1c73bc854a57b..10682c361d1d7 100644 --- a/nixos/tests/mysql/mariadb-galera-mariabackup.nix +++ b/nixos/tests/mysql/mariadb-galera-mariabackup.nix @@ -4,6 +4,16 @@ let mysqlenv-common = pkgs.buildEnv { name = "mysql-path-env-common"; pathsToLink = [ "/bin" ]; paths = with pkgs; [ bash gawk gnutar inetutils which ]; }; mysqlenv-mariabackup = pkgs.buildEnv { name = "mysql-path-env-mariabackup"; pathsToLink = [ "/bin" ]; paths = with pkgs; [ gzip iproute2 netcat procps pv socat ]; }; + # Common user configuration + users = { ... }: + { + users.users.testuser = { + isSystemUser = true; + group = "testusers"; + }; + users.groups.testusers = { }; + }; + in { name = "mariadb-galera-mariabackup"; meta = with pkgs.lib.maintainers; { @@ -17,6 +27,7 @@ in { galera_01 = { pkgs, ... }: { + imports = [ users ]; networking = { interfaces.eth1 = { ipv4.addresses = [ @@ -31,7 +42,6 @@ in { firewall.allowedTCPPorts = [ 3306 4444 4567 4568 ]; firewall.allowedUDPPorts = [ 4567 ]; }; - users.users.testuser = { isSystemUser = true; }; systemd.services.mysql = with pkgs; { path = [ mysqlenv-common mysqlenv-mariabackup ]; }; @@ -75,6 +85,7 @@ in { galera_02 = { pkgs, ... }: { + imports = [ users ]; networking = { interfaces.eth1 = { ipv4.addresses = [ @@ -89,7 +100,6 @@ in { firewall.allowedTCPPorts = [ 3306 4444 4567 4568 ]; firewall.allowedUDPPorts = [ 4567 ]; }; - users.users.testuser = { isSystemUser = true; }; systemd.services.mysql = with pkgs; { path = [ mysqlenv-common mysqlenv-mariabackup ]; }; @@ -122,6 +132,7 @@ in { galera_03 = { pkgs, ... }: { + imports = [ users ]; networking = { interfaces.eth1 = { ipv4.addresses = [ @@ -136,7 +147,6 @@ in { firewall.allowedTCPPorts = [ 3306 4444 4567 4568 ]; firewall.allowedUDPPorts = [ 4567 ]; }; - users.users.testuser = { isSystemUser = true; }; systemd.services.mysql = with pkgs; { path = [ mysqlenv-common mysqlenv-mariabackup ]; }; From 196621010c23b201735881a8512abf6a1999d037 Mon Sep 17 00:00:00 2001 From: rnhmjoj Date: Wed, 22 Sep 2021 11:49:11 +0200 Subject: [PATCH 31/56] nixos/tests/mariadb-galera-rsync: fix nogroup This fixes the evaluation after for #133166. --- nixos/tests/mysql/mariadb-galera-rsync.nix | 16 +++++++++++++--- 1 file changed, 13 insertions(+), 3 deletions(-) diff --git a/nixos/tests/mysql/mariadb-galera-rsync.nix b/nixos/tests/mysql/mariadb-galera-rsync.nix index 709a8b5085cb0..701e01e887181 100644 --- a/nixos/tests/mysql/mariadb-galera-rsync.nix +++ b/nixos/tests/mysql/mariadb-galera-rsync.nix @@ -4,6 +4,16 @@ let mysqlenv-common = pkgs.buildEnv { name = "mysql-path-env-common"; pathsToLink = [ "/bin" ]; paths = with pkgs; [ bash gawk gnutar inetutils which ]; }; mysqlenv-rsync = pkgs.buildEnv { name = "mysql-path-env-rsync"; pathsToLink = [ "/bin" ]; paths = with pkgs; [ lsof procps rsync stunnel ]; }; + # Common user configuration + users = { ... }: + { + users.users.testuser = { + isSystemUser = true; + group = "testusers"; + }; + users.groups.testusers = { }; + }; + in { name = "mariadb-galera-rsync"; meta = with pkgs.lib.maintainers; { @@ -17,6 +27,7 @@ in { galera_04 = { pkgs, ... }: { + imports = [ users ]; networking = { interfaces.eth1 = { ipv4.addresses = [ @@ -31,7 +42,6 @@ in { firewall.allowedTCPPorts = [ 3306 4444 4567 4568 ]; firewall.allowedUDPPorts = [ 4567 ]; }; - users.users.testuser = { isSystemUser = true; }; systemd.services.mysql = with pkgs; { path = [ mysqlenv-common mysqlenv-rsync ]; }; @@ -70,6 +80,7 @@ in { galera_05 = { pkgs, ... }: { + imports = [ users ]; networking = { interfaces.eth1 = { ipv4.addresses = [ @@ -84,7 +95,6 @@ in { firewall.allowedTCPPorts = [ 3306 4444 4567 4568 ]; firewall.allowedUDPPorts = [ 4567 ]; }; - users.users.testuser = { isSystemUser = true; }; systemd.services.mysql = with pkgs; { path = [ mysqlenv-common mysqlenv-rsync ]; }; @@ -116,6 +126,7 @@ in { galera_06 = { pkgs, ... }: { + imports = [ users ]; networking = { interfaces.eth1 = { ipv4.addresses = [ @@ -130,7 +141,6 @@ in { firewall.allowedTCPPorts = [ 3306 4444 4567 4568 ]; firewall.allowedUDPPorts = [ 4567 ]; }; - users.users.testuser = { isSystemUser = true; }; systemd.services.mysql = with pkgs; { path = [ mysqlenv-common mysqlenv-rsync ]; }; From b53a5b91b98dd6669c45a0d9c539f210a3f34558 Mon Sep 17 00:00:00 2001 From: rnhmjoj Date: Wed, 22 Sep 2021 12:38:19 +0200 Subject: [PATCH 32/56] nixos/atop: fix broken wrapper The setuid,owner,group options are mandatory after #126289. --- nixos/modules/programs/atop.nix | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/nixos/modules/programs/atop.nix b/nixos/modules/programs/atop.nix index b45eb16e3eaf6..918c228b3f52d 100644 --- a/nixos/modules/programs/atop.nix +++ b/nixos/modules/programs/atop.nix @@ -141,8 +141,15 @@ in // mkService cfg.atopgpu.enable "atopgpu" [ atop ]; timers = mkTimer cfg.atopRotateTimer.enable "atop-rotate" [ atop ]; }; - security.wrappers = - lib.mkIf cfg.setuidWrapper.enable { atop = { source = "${atop}/bin/atop"; }; }; + + security.wrappers = lib.mkIf cfg.setuidWrapper.enable { + atop = + { setuid = true; + owner = "root"; + group = "root"; + source = "${atop}/bin/atop"; + }; + }; } ); } From c744ecb69fe7ec6b0d07697a782a61873148c184 Mon Sep 17 00:00:00 2001 From: rnhmjoj Date: Wed, 22 Sep 2021 12:40:03 +0200 Subject: [PATCH 33/56] nixos/tests/systemd-networkd-ipv6-prefix-delegation: fix wrapper The owner,group options are mandatory after #126289. --- nixos/tests/systemd-networkd-ipv6-prefix-delegation.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/nixos/tests/systemd-networkd-ipv6-prefix-delegation.nix b/nixos/tests/systemd-networkd-ipv6-prefix-delegation.nix index 94f17605e0013..68836c7307297 100644 --- a/nixos/tests/systemd-networkd-ipv6-prefix-delegation.nix +++ b/nixos/tests/systemd-networkd-ipv6-prefix-delegation.nix @@ -42,6 +42,8 @@ import ./make-test-python.nix ({pkgs, ...}: { # DO NOT COPY THIS TO PRODUCTION AS IS. Think about it at least twice. # Everyone on the "isp" machine will be able to add routes to the kernel. security.wrappers.add-dhcpd-lease = { + owner = "root"; + group = "root"; source = pkgs.writeShellScript "add-dhcpd-lease" '' exec ${pkgs.iproute2}/bin/ip -6 route replace "$1" via "$2" ''; From df49f6565ca0039da31d0c34bec9320bfbfec535 Mon Sep 17 00:00:00 2001 From: rnhmjoj Date: Wed, 22 Sep 2021 12:59:09 +0200 Subject: [PATCH 34/56] nixos/tests/pantheon: fix missing lib --- nixos/tests/pantheon.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nixos/tests/pantheon.nix b/nixos/tests/pantheon.nix index 07588ddc31760..20aee2eb7a4ca 100644 --- a/nixos/tests/pantheon.nix +++ b/nixos/tests/pantheon.nix @@ -1,4 +1,4 @@ -import ./make-test-python.nix ({ pkgs, ...} : +import ./make-test-python.nix ({ pkgs, lib, ...} : { name = "pantheon"; From a124ea43a1ef3de7918ac24d03ae57db72ca5271 Mon Sep 17 00:00:00 2001 From: Luflosi Date: Wed, 22 Sep 2021 13:11:53 +0200 Subject: [PATCH 35/56] java-service-wrapper: 3.5.45 -> 3.5.46 --- pkgs/tools/system/java-service-wrapper/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/tools/system/java-service-wrapper/default.nix b/pkgs/tools/system/java-service-wrapper/default.nix index 4d1417b4b831f..5d4df37a2b660 100644 --- a/pkgs/tools/system/java-service-wrapper/default.nix +++ b/pkgs/tools/system/java-service-wrapper/default.nix @@ -5,11 +5,11 @@ stdenv.mkDerivation rec { pname = "java-service-wrapper"; - version = "3.5.45"; + version = "3.5.46"; src = fetchurl { url = "https://wrapper.tanukisoftware.com/download/${version}/wrapper_${version}_src.tar.gz"; - sha256 = "sha256-rnlloa0DicWT1RlP2szDvBINvT5/RZ17GOarUzvX1AI="; + sha256 = "sha256-guHQyFSI0TidAuOr4zWaf3WRGeNW4+Or1sbWdhWuWtg="; }; buildInputs = [ jdk ]; From 6a814b8ba8237c91141b5fc0e1b1e5309b9aa9c1 Mon Sep 17 00:00:00 2001 From: Fabian Affolter Date: Wed, 22 Sep 2021 13:55:12 +0200 Subject: [PATCH 36/56] python3Packages.cmd2: add license --- pkgs/development/python-modules/cmd2/default.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/pkgs/development/python-modules/cmd2/default.nix b/pkgs/development/python-modules/cmd2/default.nix index 7d979d1f0216d..f74cf77c5e4a7 100644 --- a/pkgs/development/python-modules/cmd2/default.nix +++ b/pkgs/development/python-modules/cmd2/default.nix @@ -68,6 +68,7 @@ buildPythonPackage rec { meta = with lib; { description = "Enhancements for standard library's cmd module"; homepage = "https://github.com/python-cmd2/cmd2"; + license = with licenses; [ mit ]; maintainers = with maintainers; [ teto ]; }; } From 8f7978fb9f2b34b9340cd8227354dab63a935bb5 Mon Sep 17 00:00:00 2001 From: Fabian Affolter Date: Wed, 22 Sep 2021 14:10:04 +0200 Subject: [PATCH 37/56] kubescape: 1.0.77 -> 1.0.85 --- pkgs/tools/security/kubescape/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/tools/security/kubescape/default.nix b/pkgs/tools/security/kubescape/default.nix index 4863cd36ad145..2bf6bb8cad661 100644 --- a/pkgs/tools/security/kubescape/default.nix +++ b/pkgs/tools/security/kubescape/default.nix @@ -5,16 +5,16 @@ buildGoModule rec { pname = "kubescape"; - version = "1.0.77"; + version = "1.0.85"; src = fetchFromGitHub { owner = "armosec"; repo = pname; rev = "v${version}"; - sha256 = "sha256-g2Mco4NuPVjS4/6KNhtb8864e7RiuzlrdIbM6NLJK7I="; + sha256 = "19r7dgr0y1k9qa4llxbgaf69j88vs9h2gx29bwbh6dq17q58sfdl"; }; - vendorSha256 = "sha256-FtglYTCLjQfDKxdnQZnpWm3QjJCiHGsPC/gW88DZu6I="; + vendorSha256 = "18mvv70g65pq1c7nn752j26d0vasx6cl2rqp5g1hg3cb61hjbn0n"; # One test is failing, disabling for now doCheck = false; From 699b8d671da815a5105529da405b0b4de2a8a0a0 Mon Sep 17 00:00:00 2001 From: rnhmjoj Date: Wed, 22 Sep 2021 14:48:14 +0200 Subject: [PATCH 38/56] nixos/tests/wasabibackend: fix bitcoind config Since c6017d98 services.bitcoind is submodule. --- nixos/tests/wasabibackend.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nixos/tests/wasabibackend.nix b/nixos/tests/wasabibackend.nix index 1832698ab698c..75730fe24d096 100644 --- a/nixos/tests/wasabibackend.nix +++ b/nixos/tests/wasabibackend.nix @@ -14,7 +14,7 @@ import ./make-test-python.nix ({ pkgs, ... }: { port = 18332; }; }; - services.bitcoind = { + services.bitcoind."testnet" = { enable = true; testnet = true; rpc.users = { From cbd515e44cd3990d2bed07ebc487b38701755ae7 Mon Sep 17 00:00:00 2001 From: rnhmjoj Date: Wed, 22 Sep 2021 15:07:15 +0200 Subject: [PATCH 39/56] nixos/tests/atop: remove top-level string Attributes in the top-level of a test should be derivations, otherwise they will cause an evaluation failure in hydra. --- nixos/tests/atop.nix | 2 -- 1 file changed, 2 deletions(-) diff --git a/nixos/tests/atop.nix b/nixos/tests/atop.nix index 1f8b005041f0b..f7a90346f3d74 100644 --- a/nixos/tests/atop.nix +++ b/nixos/tests/atop.nix @@ -105,8 +105,6 @@ let assertions = rec { }; in { - name = "atop"; - justThePackage = makeTest { name = "atop-justThePackage"; machine = { From a8576d4053a1bd5789748090aef475ff958627b4 Mon Sep 17 00:00:00 2001 From: rnhmjoj Date: Wed, 22 Sep 2021 15:40:59 +0200 Subject: [PATCH 40/56] nixos/tests/mpv: remove deprecated mpv-with-scripts It has been replaced by wrapMpv in 2020-05-22. --- nixos/tests/mpv.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nixos/tests/mpv.nix b/nixos/tests/mpv.nix index bcfc17cf33286..9e44862cb1b45 100644 --- a/nixos/tests/mpv.nix +++ b/nixos/tests/mpv.nix @@ -14,7 +14,7 @@ in { environment.systemPackages = [ pkgs.curl - (pkgs.mpv-with-scripts.override { + (pkgs.wrapMpv pkgs.mpv-unwrapped { scripts = [ pkgs.mpvScripts.simple-mpv-webui ]; }) ]; From 22d05f8fa2bb4ed7d6371dd3d1b7b21c28c78f27 Mon Sep 17 00:00:00 2001 From: rnhmjoj Date: Wed, 22 Sep 2021 15:53:29 +0200 Subject: [PATCH 41/56] nixos/plotinus: fix evaluation Apparently setting a variable via `environment.variables` when the same is already present in `environment.sessionVariables` (that is merged into the former option) creates a conflict. For reference: this started with the change in #101274. --- nixos/modules/programs/plotinus.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nixos/modules/programs/plotinus.nix b/nixos/modules/programs/plotinus.nix index e3549c79588b2..2c90a41ba0296 100644 --- a/nixos/modules/programs/plotinus.nix +++ b/nixos/modules/programs/plotinus.nix @@ -30,7 +30,7 @@ in ###### implementation config = mkIf cfg.enable { - environment.variables.XDG_DATA_DIRS = [ "${pkgs.plotinus}/share/gsettings-schemas/${pkgs.plotinus.name}" ]; + environment.sessionVariables.XDG_DATA_DIRS = [ "${pkgs.plotinus}/share/gsettings-schemas/${pkgs.plotinus.name}" ]; environment.variables.GTK3_MODULES = [ "${pkgs.plotinus}/lib/libplotinus.so" ]; }; } From 1e54b5a2fc900c2545e0075da1764a3f23c43f7e Mon Sep 17 00:00:00 2001 From: TredwellGit Date: Wed, 22 Sep 2021 12:44:03 +0000 Subject: [PATCH 42/56] linux: 4.14.246 -> 4.14.247 --- pkgs/os-specific/linux/kernel/linux-4.14.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/os-specific/linux/kernel/linux-4.14.nix b/pkgs/os-specific/linux/kernel/linux-4.14.nix index 8869d0cf653c7..4fd140a361c5d 100644 --- a/pkgs/os-specific/linux/kernel/linux-4.14.nix +++ b/pkgs/os-specific/linux/kernel/linux-4.14.nix @@ -3,7 +3,7 @@ with lib; buildLinux (args // rec { - version = "4.14.246"; + version = "4.14.247"; # modDirVersion needs to be x.y.z, will automatically add .0 if needed modDirVersion = if (modDirVersionArg == null) then concatStringsSep "." (take 3 (splitVersion "${version}.0")) else modDirVersionArg; @@ -13,6 +13,6 @@ buildLinux (args // rec { src = fetchurl { url = "mirror://kernel/linux/kernel/v4.x/linux-${version}.tar.xz"; - sha256 = "0fpgig84shpas1jc0h4s3aw9brkcq1as84gjbk4bfhc48bpi4mlw"; + sha256 = "1kdhlsqpmw68xnfiyx98id8wis6kkxca2d4n7w2ncax0kyzrwyz7"; }; } // (args.argsOverride or {})) From 9eddcf0c15ccc2a85ff9d0465782f7046ea8ef01 Mon Sep 17 00:00:00 2001 From: TredwellGit Date: Wed, 22 Sep 2021 12:44:13 +0000 Subject: [PATCH 43/56] linux: 4.19.206 -> 4.19.207 --- pkgs/os-specific/linux/kernel/linux-4.19.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/os-specific/linux/kernel/linux-4.19.nix b/pkgs/os-specific/linux/kernel/linux-4.19.nix index d081f92332b2b..ada819f4850d7 100644 --- a/pkgs/os-specific/linux/kernel/linux-4.19.nix +++ b/pkgs/os-specific/linux/kernel/linux-4.19.nix @@ -3,7 +3,7 @@ with lib; buildLinux (args // rec { - version = "4.19.206"; + version = "4.19.207"; # modDirVersion needs to be x.y.z, will automatically add .0 if needed modDirVersion = if (modDirVersionArg == null) then concatStringsSep "." (take 3 (splitVersion "${version}.0")) else modDirVersionArg; @@ -13,6 +13,6 @@ buildLinux (args // rec { src = fetchurl { url = "mirror://kernel/linux/kernel/v4.x/linux-${version}.tar.xz"; - sha256 = "1h44lvzxd0cngj71bk8qba9dz7jlqj68ir6xjwfafglb81ppgsxp"; + sha256 = "1fb658n89xf9asnaqi0bnh64ir2f78bdqyjvfb983qad9wqsadym"; }; } // (args.argsOverride or {})) From 0931ea2be7af1cc91c387e36be128759fb66ff68 Mon Sep 17 00:00:00 2001 From: TredwellGit Date: Wed, 22 Sep 2021 12:44:17 +0000 Subject: [PATCH 44/56] linux: 4.4.283 -> 4.4.284 --- pkgs/os-specific/linux/kernel/linux-4.4.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/os-specific/linux/kernel/linux-4.4.nix b/pkgs/os-specific/linux/kernel/linux-4.4.nix index 1469508eb0e3c..f1e4329c2d418 100644 --- a/pkgs/os-specific/linux/kernel/linux-4.4.nix +++ b/pkgs/os-specific/linux/kernel/linux-4.4.nix @@ -1,12 +1,12 @@ { buildPackages, fetchurl, perl, buildLinux, nixosTests, stdenv, ... } @ args: buildLinux (args // rec { - version = "4.4.283"; + version = "4.4.284"; extraMeta.branch = "4.4"; extraMeta.broken = stdenv.isAarch64; src = fetchurl { url = "mirror://kernel/linux/kernel/v4.x/linux-${version}.tar.xz"; - sha256 = "1d9v4h4cbc4i371lhhwpxbmg88gna6xyi2ahfvv0clz60802y982"; + sha256 = "00xkd2p181cfkys4nri93xy7snmn8g2481x3qz0js7g9p3kz5bqf"; }; } // (args.argsOverride or {})) From 217af32349606039bde34df4891c5ebbbd87d356 Mon Sep 17 00:00:00 2001 From: TredwellGit Date: Wed, 22 Sep 2021 12:44:24 +0000 Subject: [PATCH 45/56] linux: 4.9.282 -> 4.9.283 --- pkgs/os-specific/linux/kernel/linux-4.9.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/os-specific/linux/kernel/linux-4.9.nix b/pkgs/os-specific/linux/kernel/linux-4.9.nix index 89f45b8021a2e..22f506f56581a 100644 --- a/pkgs/os-specific/linux/kernel/linux-4.9.nix +++ b/pkgs/os-specific/linux/kernel/linux-4.9.nix @@ -1,12 +1,12 @@ { buildPackages, fetchurl, perl, buildLinux, nixosTests, stdenv, ... } @ args: buildLinux (args // rec { - version = "4.9.282"; + version = "4.9.283"; extraMeta.branch = "4.9"; extraMeta.broken = stdenv.isAarch64; src = fetchurl { url = "mirror://kernel/linux/kernel/v4.x/linux-${version}.tar.xz"; - sha256 = "059fin4si93ya13xy831w84q496ksxidpd3kyw38918sfy4p6wk7"; + sha256 = "0pdh1lyhdp5c5n39wpr622kgchgf30iqk853a2rv9m3s3fry50lm"; }; } // (args.argsOverride or {})) From afc93c11bb1004269981e3e6a42b4e182217a59b Mon Sep 17 00:00:00 2001 From: TredwellGit Date: Wed, 22 Sep 2021 12:44:37 +0000 Subject: [PATCH 46/56] linux: 5.10.67 -> 5.10.68 --- pkgs/os-specific/linux/kernel/linux-5.10.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/os-specific/linux/kernel/linux-5.10.nix b/pkgs/os-specific/linux/kernel/linux-5.10.nix index e2320c99315dd..720b619049a01 100644 --- a/pkgs/os-specific/linux/kernel/linux-5.10.nix +++ b/pkgs/os-specific/linux/kernel/linux-5.10.nix @@ -3,7 +3,7 @@ with lib; buildLinux (args // rec { - version = "5.10.67"; + version = "5.10.68"; # modDirVersion needs to be x.y.z, will automatically add .0 if needed modDirVersion = if (modDirVersionArg == null) then concatStringsSep "." (take 3 (splitVersion "${version}.0")) else modDirVersionArg; @@ -13,6 +13,6 @@ buildLinux (args // rec { src = fetchurl { url = "mirror://kernel/linux/kernel/v5.x/linux-${version}.tar.xz"; - sha256 = "10lap66d84s1cfakbgfsbabgxm42060c4wcvpzxbi4r5g2m40mwc"; + sha256 = "08cl4bg9k331apj5fjl3jx6s6l543dnbjc1cfvin951m7l787ahv"; }; } // (args.argsOverride or {})) From 6e1498613f9599e880e1e432fe13a05f451dba6b Mon Sep 17 00:00:00 2001 From: TredwellGit Date: Wed, 22 Sep 2021 12:44:48 +0000 Subject: [PATCH 47/56] linux: 5.14.6 -> 5.14.7 --- pkgs/os-specific/linux/kernel/linux-5.14.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/os-specific/linux/kernel/linux-5.14.nix b/pkgs/os-specific/linux/kernel/linux-5.14.nix index 66c23ec161790..45d39795db6f2 100644 --- a/pkgs/os-specific/linux/kernel/linux-5.14.nix +++ b/pkgs/os-specific/linux/kernel/linux-5.14.nix @@ -3,7 +3,7 @@ with lib; buildLinux (args // rec { - version = "5.14.6"; + version = "5.14.7"; # modDirVersion needs to be x.y.z, will automatically add .0 if needed modDirVersion = if (modDirVersionArg == null) then concatStringsSep "." (take 3 (splitVersion "${version}.0")) else modDirVersionArg; @@ -13,6 +13,6 @@ buildLinux (args // rec { src = fetchurl { url = "mirror://kernel/linux/kernel/v5.x/linux-${version}.tar.xz"; - sha256 = "1v6cicakpg0fdp74r2a4h46sj7rzpjdf4cscbr8y67kpd098r12l"; + sha256 = "1avypasvic298823xzpzzkjbmfv9s8bjnmq92ri62qbakx23j9dg"; }; } // (args.argsOverride or { })) From 3cd2a4032b5e03763a3e8989a618b97561733ec9 Mon Sep 17 00:00:00 2001 From: TredwellGit Date: Wed, 22 Sep 2021 12:44:59 +0000 Subject: [PATCH 48/56] linux: 5.4.147 -> 5.4.148 --- pkgs/os-specific/linux/kernel/linux-5.4.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/os-specific/linux/kernel/linux-5.4.nix b/pkgs/os-specific/linux/kernel/linux-5.4.nix index f0da183e76b70..ff4f019fc51cf 100644 --- a/pkgs/os-specific/linux/kernel/linux-5.4.nix +++ b/pkgs/os-specific/linux/kernel/linux-5.4.nix @@ -3,7 +3,7 @@ with lib; buildLinux (args // rec { - version = "5.4.147"; + version = "5.4.148"; # modDirVersion needs to be x.y.z, will automatically add .0 if needed modDirVersion = if (modDirVersionArg == null) then concatStringsSep "." (take 3 (splitVersion "${version}.0")) else modDirVersionArg; @@ -13,6 +13,6 @@ buildLinux (args // rec { src = fetchurl { url = "mirror://kernel/linux/kernel/v5.x/linux-${version}.tar.xz"; - sha256 = "07242nlxf4s73ffdir3dsi37cjmm6bw9w7kac0j7x1s1j8sh9h7n"; + sha256 = "1cwibh0y112hip5yd0n692rv44jh4sk2g6mj5n44g754k4i366a6"; }; } // (args.argsOverride or {})) From 5abd562a1867c0f77de2531d652c24f709ed86e8 Mon Sep 17 00:00:00 2001 From: rnhmjoj Date: Wed, 22 Sep 2021 16:11:49 +0200 Subject: [PATCH 49/56] nixos/kubernetes: fix deprecation warning The option `containerd.configFile` has been replaced by an equivalent `settings` attribute set. --- .../services/cluster/kubernetes/default.nix | 43 +++++++++++-------- 1 file changed, 24 insertions(+), 19 deletions(-) diff --git a/nixos/modules/services/cluster/kubernetes/default.nix b/nixos/modules/services/cluster/kubernetes/default.nix index 33d217ba60eda..f2c76a56d8d7e 100644 --- a/nixos/modules/services/cluster/kubernetes/default.nix +++ b/nixos/modules/services/cluster/kubernetes/default.nix @@ -5,28 +5,33 @@ with lib; let cfg = config.services.kubernetes; - defaultContainerdConfigFile = pkgs.writeText "containerd.toml" '' - version = 2 - root = "/var/lib/containerd" - state = "/run/containerd" - oom_score = 0 - - [grpc] - address = "/run/containerd/containerd.sock" + defaultContainerdSettings = { + version = 2; + root = "/var/lib/containerd"; + state = "/run/containerd"; + oom_score = 0; + + grpc = { + address = "/run/containerd/containerd.sock"; + }; - [plugins."io.containerd.grpc.v1.cri"] - sandbox_image = "pause:latest" + plugins."io.containerd.grpc.v1.cri" = { + sandbox_image = "pause:latest"; - [plugins."io.containerd.grpc.v1.cri".cni] - bin_dir = "/opt/cni/bin" - max_conf_num = 0 + cni = { + bin_dir = "/opt/cni/bin"; + max_conf_num = 0; + }; - [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc] - runtime_type = "io.containerd.runc.v2" + containerd.runtimes.runc = { + runtime_type = "io.containerd.runc.v2"; + }; - [plugins."io.containerd.grpc.v1.cri".containerd.runtimes."io.containerd.runc.v2".options] - SystemdCgroup = true - ''; + containerd.runtimes."io.containerd.runc.v2".options = { + SystemdCgroup = true; + }; + }; + }; mkKubeConfig = name: conf: pkgs.writeText "${name}-kubeconfig" (builtins.toJSON { apiVersion = "v1"; @@ -248,7 +253,7 @@ in { (mkIf cfg.kubelet.enable { virtualisation.containerd = { enable = mkDefault true; - configFile = mkDefault defaultContainerdConfigFile; + settings = mkDefault defaultContainerdSettings; }; }) From d4214c4d800c625148ad936e1428d609afcb09a5 Mon Sep 17 00:00:00 2001 From: Caleb Maclennan Date: Wed, 22 Sep 2021 18:09:43 +0300 Subject: [PATCH 50/56] =?UTF-8?q?sile:=200.11.1=20=E2=86=92=200.12.0?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- pkgs/tools/typesetting/sile/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/tools/typesetting/sile/default.nix b/pkgs/tools/typesetting/sile/default.nix index 049938581b679..27c8aada14c9f 100644 --- a/pkgs/tools/typesetting/sile/default.nix +++ b/pkgs/tools/typesetting/sile/default.nix @@ -38,11 +38,11 @@ in stdenv.mkDerivation rec { pname = "sile"; - version = "0.11.1"; + version = "0.12.0"; src = fetchurl { url = "https://github.com/sile-typesetter/sile/releases/download/v${version}/${pname}-${version}.tar.xz"; - sha256 = "06bx94zx6skhizk2bbrid82sldwgxfycvjh6zx1zy1xz8gajgrm3"; + sha256 = "1rkdzf4khyvsn5qg455mdhnlacxlqgi9vchy369a66qp5nrs50y9"; }; configureFlags = [ From 6d9eed42d997e605f657a049c7e3a31b66777afc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Wed, 22 Sep 2021 17:37:09 +0200 Subject: [PATCH 51/56] pkgsStatic.redis: fix build --- pkgs/servers/nosql/redis/default.nix | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/pkgs/servers/nosql/redis/default.nix b/pkgs/servers/nosql/redis/default.nix index 77eae32e27f49..90de16b3ea168 100644 --- a/pkgs/servers/nosql/redis/default.nix +++ b/pkgs/servers/nosql/redis/default.nix @@ -1,6 +1,7 @@ { lib, stdenv, fetchurl, lua, pkg-config, nixosTests , withSystemd ? stdenv.isLinux && !stdenv.hostPlatform.isMusl, systemd -, tlsSupport ? true, openssl +# dependency ordering is broken at the moment when building with openssl +, tlsSupport ? !stdenv.hostPlatform.isStatic, openssl }: stdenv.mkDerivation rec { From 240faba8b9ce8356ea77f835b764ea4e11ac0151 Mon Sep 17 00:00:00 2001 From: superherointj <5861043+superherointj@users.noreply.github.com> Date: Thu, 2 Sep 2021 10:02:08 -0300 Subject: [PATCH 52/56] git-machete: fix tests --- .../git-and-tools/git-machete/default.nix | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) diff --git a/pkgs/applications/version-management/git-and-tools/git-machete/default.nix b/pkgs/applications/version-management/git-and-tools/git-machete/default.nix index d73ae5c960f43..34a1c2528df2e 100644 --- a/pkgs/applications/version-management/git-and-tools/git-machete/default.nix +++ b/pkgs/applications/version-management/git-and-tools/git-machete/default.nix @@ -1,6 +1,6 @@ { lib, buildPythonApplication, fetchPypi , installShellFiles, pbr -, flake8, mock, pycodestyle, pylint, tox +, flake8, mock, pycodestyle, pylint, stestr, tox , nix-update-script , testVersion, git-machete }: @@ -16,10 +16,7 @@ buildPythonApplication rec { nativeBuildInputs = [ installShellFiles pbr ]; - # TODO: Add missing check inputs (2019-11-22): - # - stestr - doCheck = false; - checkInputs = [ flake8 mock pycodestyle pylint tox ]; + checkInputs = [ flake8 mock pycodestyle pylint stestr tox ]; postInstall = '' installShellCompletion --bash --name git-machete completion/git-machete.completion.bash @@ -43,6 +40,6 @@ buildPythonApplication rec { description = "Git repository organizer and rebase/merge workflow automation tool"; license = licenses.mit; platforms = platforms.all; - maintainers = [ maintainers.blitz ]; + maintainers = with maintainers; [ blitz ]; }; } From bc68bde9740191cb04027133112c7b824ce3dc30 Mon Sep 17 00:00:00 2001 From: Martin Weinelt Date: Tue, 21 Sep 2021 21:27:02 +0200 Subject: [PATCH 53/56] python3Packages.maxcube-api: init at 0.4.3 --- .../python-modules/maxcube-api/default.nix | 42 +++++++++++++++++++ pkgs/top-level/python-packages.nix | 2 + 2 files changed, 44 insertions(+) create mode 100644 pkgs/development/python-modules/maxcube-api/default.nix diff --git a/pkgs/development/python-modules/maxcube-api/default.nix b/pkgs/development/python-modules/maxcube-api/default.nix new file mode 100644 index 0000000000000..36bcc35fc036d --- /dev/null +++ b/pkgs/development/python-modules/maxcube-api/default.nix @@ -0,0 +1,42 @@ +{ lib +, buildPythonPackage +, pythonOlder +, fetchFromGitHub +, python +}: + +buildPythonPackage rec { + pname = "maxcube-api"; + version = "0.4.3"; + format = "setuptools"; + disabled = pythonOlder "3.7"; + + src = fetchFromGitHub { + owner = "hackercowboy"; + repo = "python-${pname}"; + rev = "V${version}"; + sha256 = "10k61gfpnqljf3p3qxr97xq7j67a9cr4ivd9v72hdni0znrbx6ym"; + }; + + postPatch = '' + substituteInPlace setup.py --replace "license=license" "license='MIT'" + ''; + + pythonImportsCheck = [ + "maxcube" + "maxcube.cube" + ]; + + checkPhase = '' + runHook preCheck + ${python.interpreter} -m unittest discover + runHook postCheck + ''; + + meta = with lib; { + description = "eQ-3/ELV MAX! Cube Python API"; + homepage = "https://github.com/hackercowboy/python-maxcube-api"; + license = licenses.mit; + maintainers = with maintainers; [ hexa ]; + }; +} diff --git a/pkgs/top-level/python-packages.nix b/pkgs/top-level/python-packages.nix index 9501372063950..32f200f273066 100644 --- a/pkgs/top-level/python-packages.nix +++ b/pkgs/top-level/python-packages.nix @@ -4492,6 +4492,8 @@ in { mautrix-appservice = self.mautrix; # alias 2019-12-28 + maxcube-api = callPackage ../development/python-modules/maxcube-api { }; + maxminddb = callPackage ../development/python-modules/maxminddb { }; maya = callPackage ../development/python-modules/maya { }; From dc08bc825801858d43f261b2462bd0685aba8729 Mon Sep 17 00:00:00 2001 From: Martin Weinelt Date: Tue, 21 Sep 2021 21:27:59 +0200 Subject: [PATCH 54/56] home-assistant: update component packages --- pkgs/servers/home-assistant/component-packages.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkgs/servers/home-assistant/component-packages.nix b/pkgs/servers/home-assistant/component-packages.nix index 287f19e52bbc8..b1363880f9f89 100644 --- a/pkgs/servers/home-assistant/component-packages.nix +++ b/pkgs/servers/home-assistant/component-packages.nix @@ -493,7 +493,7 @@ "marytts" = ps: with ps; [ ]; # missing inputs: speak2mary "mastodon" = ps: with ps; [ mastodon-py ]; "matrix" = ps: with ps; [ matrix-client ]; - "maxcube" = ps: with ps; [ ]; # missing inputs: maxcube-api + "maxcube" = ps: with ps; [ maxcube-api ]; "mazda" = ps: with ps; [ pymazda ]; "mcp23017" = ps: with ps; [ ]; # missing inputs: RPi.GPIO adafruit-circuitpython-mcp230xx "media_extractor" = ps: with ps; [ aiohttp-cors youtube-dl-light ]; From c9520b0d1abf8605c9049f387e57579ff9f7c950 Mon Sep 17 00:00:00 2001 From: Martin Weinelt Date: Tue, 21 Sep 2021 21:39:49 +0200 Subject: [PATCH 55/56] home-assistant: test maxcube component --- pkgs/servers/home-assistant/default.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/pkgs/servers/home-assistant/default.nix b/pkgs/servers/home-assistant/default.nix index 70adadedc2458..ed8d34db28b71 100644 --- a/pkgs/servers/home-assistant/default.nix +++ b/pkgs/servers/home-assistant/default.nix @@ -486,6 +486,7 @@ in with py.pkgs; buildPythonApplication rec { "mailbox" "manual" "manual_mqtt" + "maxcube" "mazda" "media_player" "media_source" From 946a529bb913c0182ff3ddd5bd5febdfca1aff8b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Andr=C3=A9=20Silva?= Date: Wed, 22 Sep 2021 17:32:08 +0100 Subject: [PATCH 56/56] ledger-live-desktop: 2.32.1 -> 2.33.1 --- pkgs/applications/blockchains/ledger-live-desktop/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/applications/blockchains/ledger-live-desktop/default.nix b/pkgs/applications/blockchains/ledger-live-desktop/default.nix index 4b3ba00fb9606..acf03368d3c63 100644 --- a/pkgs/applications/blockchains/ledger-live-desktop/default.nix +++ b/pkgs/applications/blockchains/ledger-live-desktop/default.nix @@ -2,12 +2,12 @@ let pname = "ledger-live-desktop"; - version = "2.32.2"; + version = "2.33.1"; name = "${pname}-${version}"; src = fetchurl { url = "https://github.com/LedgerHQ/${pname}/releases/download/v${version}/${pname}-${version}-linux-x86_64.AppImage"; - sha256 = "14agkl6xf0f9s5qldla6p6kzl8zlx61q5m8qy63lq215hrzh9d50"; + sha256 = "1k1h37fbpsib9h8867m2dsfacdjs78gdm61gvrin5gpw1zj10syz"; }; appimageContents = appimageTools.extractType2 {