pyrox.dev / nixpkgs
lol
0
fork

Configure Feed

Select the types of activity you want to include in your feed.

Merge staging-next into staging

authored by

github-actions[bot] and committed by
GitHub 2c2c0379 1026189b

+395 -249
+1 -1
nixos/modules/programs/browserpass.nix
··· 27 27 "opt/brave/native-messaging-hosts/${appId}".source = source "hosts/chromium"; 28 28 "opt/brave/policies/managed/${appId}".source = source "policies/chromium"; 29 29 }; 30 - programs.firefox.wrapperConfig.enableBrowserpass = true; 30 + programs.firefox.nativeMessagingHosts.packages = [ pkgs.browserpass ]; 31 31 }; 32 32 }
+65 -38
nixos/modules/programs/firefox.nix
··· 5 5 let 6 6 cfg = config.programs.firefox; 7 7 8 - nmh = cfg.nativeMessagingHosts; 9 - 10 8 policyFormat = pkgs.formats.json { }; 11 9 12 10 organisationInfo = '' ··· 17 15 given control of your browser, unless of course they also control your 18 16 NixOS configuration. 19 17 ''; 18 + 19 + # deprecated per-native-messaging-host options 20 + nmhOptions = { 21 + browserpass = { 22 + name = "Browserpass"; 23 + package = pkgs.browserpass; 24 + }; 25 + bukubrow = { 26 + name = "Bukubrow"; 27 + package = pkgs.bukubrow; 28 + }; 29 + euwebid = { 30 + name = "Web eID"; 31 + package = pkgs.web-eid-app; 32 + }; 33 + ff2mpv = { 34 + name = "ff2mpv"; 35 + package = pkgs.ff2mpv; 36 + }; 37 + fxCast = { 38 + name = "fx_cast"; 39 + package = pkgs.fx-cast-bridge; 40 + }; 41 + gsconnect = { 42 + name = "GSConnect"; 43 + package = pkgs.gnomeExtensions.gsconnect; 44 + }; 45 + jabref = { 46 + name = "JabRef"; 47 + package = pkgs.jabref; 48 + }; 49 + passff = { 50 + name = "PassFF"; 51 + package = pkgs.passff-host; 52 + }; 53 + tridactyl = { 54 + name = "Tridactyl"; 55 + package = pkgs.tridactyl-native; 56 + }; 57 + ugetIntegrator = { 58 + name = "Uget Integrator"; 59 + package = pkgs.uget-integrator; 60 + }; 61 + }; 20 62 in 21 63 { 22 64 options.programs.firefox = { ··· 204 246 ''; 205 247 }; 206 248 207 - nativeMessagingHosts = mapAttrs (_: v: mkEnableOption (mdDoc v)) { 208 - browserpass = "Browserpass support"; 209 - bukubrow = "Bukubrow support"; 210 - euwebid = "Web eID support"; 211 - ff2mpv = "ff2mpv support"; 212 - fxCast = "fx_cast support"; 213 - gsconnect = "GSConnect support"; 214 - jabref = "JabRef support"; 215 - passff = "PassFF support"; 216 - tridactyl = "Tridactyl support"; 217 - ugetIntegrator = "Uget Integrator support"; 218 - }; 249 + nativeMessagingHosts = ({ 250 + packages = mkOption { 251 + type = types.listOf types.package; 252 + default = []; 253 + description = mdDoc '' 254 + Additional packages containing native messaging hosts that should be made available to Firefox extensions. 255 + ''; 256 + }; 257 + }) // (mapAttrs (k: v: mkEnableOption (mdDoc "${v.name} support")) nmhOptions); 219 258 }; 220 259 221 - config = mkIf cfg.enable { 260 + config = let 261 + forEachEnabledNmh = fn: flatten (mapAttrsToList (k: v: lib.optional cfg.nativeMessagingHosts.${k} (fn k v)) nmhOptions); 262 + in mkIf cfg.enable { 263 + warnings = forEachEnabledNmh (k: v: 264 + "The `programs.firefox.nativeMessagingHosts.${k}` option is deprecated, " + 265 + "please add `${v.package.pname}` to `programs.firefox.nativeMessagingHosts.packages` instead." 266 + ); 267 + programs.firefox.nativeMessagingHosts.packages = forEachEnabledNmh (_: v: v.package); 268 + 222 269 environment.systemPackages = [ 223 270 (cfg.package.override (old: { 224 - extraPrefs = cfg.autoConfig; 225 - extraNativeMessagingHosts = 226 - old.extraNativeMessagingHosts or [] 227 - ++ optional nmh.ff2mpv pkgs.ff2mpv 228 - ++ optional nmh.euwebid pkgs.web-eid-app 229 - ++ optional nmh.gsconnect pkgs.gnomeExtensions.gsconnect 230 - ++ optional nmh.jabref pkgs.jabref 231 - ++ optional nmh.passff pkgs.passff-host; 232 - cfg = let 233 - # copy-pasted from the wrapper; TODO: figure out fix 234 - applicationName = cfg.package.binaryName or (lib.getName cfg.package); 235 - 236 - oldCfg = old.cfg or {}; 237 - nixpkgsConfig = pkgs.config.${applicationName} or {}; 238 - optionConfig = cfg.wrapperConfig; 239 - nmhConfig = { 240 - enableBrowserpass = nmh.browserpass; 241 - enableBukubrow = nmh.bukubrow; 242 - enableTridactylNative = nmh.tridactyl; 243 - enableUgetIntegrator = nmh.ugetIntegrator; 244 - enableFXCastBridge = nmh.fxCast; 245 - }; 246 - in oldCfg // nixpkgsConfig // optionConfig // nmhConfig; 271 + extraPrefsFiles = old.extraPrefsFiles or [] ++ [(pkgs.writeText "firefox-autoconfig.js" cfg.autoConfig)]; 272 + nativeMessagingHosts = old.nativeMessagingHosts or [] ++ cfg.nativeMessagingHosts.packages; 273 + cfg = (old.cfg or {}) // cfg.wrapperConfig; 247 274 })) 248 275 ]; 249 276
+1 -1
nixos/modules/services/desktops/gnome/gnome-browser-connector.nix
··· 42 42 43 43 services.dbus.packages = [ pkgs.gnome-browser-connector ]; 44 44 45 - programs.firefox.wrapperConfig.enableGnomeExtensions = true; 45 + programs.firefox.nativeMessagingHosts.packages = [ pkgs.gnome-browser-connector ]; 46 46 }; 47 47 }
-2
nixos/modules/services/matrix/synapse.nix
··· 60 60 ++ lib.optional (cfg.settings ? oidc_providers) "oidc" 61 61 ++ lib.optional (cfg.settings ? jwt_config) "jwt" 62 62 ++ lib.optional (cfg.settings ? saml2_config) "saml2" 63 - ++ lib.optional (cfg.settings ? opentracing) "opentracing" 64 63 ++ lib.optional (cfg.settings ? redis) "redis" 65 64 ++ lib.optional (cfg.settings ? sentry) "sentry" 66 65 ++ lib.optional (cfg.settings ? user_directory) "user-search" ··· 334 333 [ 335 334 "cache-memory" # Provide statistics about caching memory consumption 336 335 "jwt" # JSON Web Token authentication 337 - "opentracing" # End-to-end tracing support using Jaeger 338 336 "oidc" # OpenID Connect authentication 339 337 "postgres" # PostgreSQL database backend 340 338 "redis" # Redis support for the replication stream between worker processes
+4 -1
nixos/modules/services/web-servers/nginx/vhost-options.nix
··· 35 35 }; 36 36 port = mkOption { 37 37 type = types.nullOr port; 38 - description = lib.mdDoc "Port number."; 38 + description = lib.mdDoc '' 39 + Port number to listen on. 40 + If unset and the listen address is not a socket then nginx defaults to 80. 41 + ''; 39 42 default = null; 40 43 }; 41 44 ssl = mkOption {
+1 -1
nixos/modules/services/x11/desktop-managers/plasma5.nix
··· 379 379 # Update the start menu for each user that is currently logged in 380 380 system.userActivationScripts.plasmaSetup = activationScript; 381 381 382 - programs.firefox.wrapperConfig.enablePlasmaBrowserIntegration = true; 382 + programs.firefox.nativeMessagingHosts.packages = [ pkgs.plasma5Packages.plasma-browser-integration ]; 383 383 }) 384 384 385 385 (mkIf (cfg.kwinrc != {}) {
+1 -1
nixos/modules/system/boot/loader/systemd-boot/systemd-boot.nix
··· 49 49 ''; 50 50 }; 51 51 52 - checkedSystemdBootBuilder = pkgs.runCommandLocal "systemd-boot" { 52 + checkedSystemdBootBuilder = pkgs.runCommand "systemd-boot" { 53 53 nativeBuildInputs = [ pkgs.mypy ]; 54 54 } '' 55 55 install -m755 ${systemdBootBuilder} $out
+66 -1
nixos/modules/virtualisation/qemu-vm.nix
··· 198 198 fi 199 199 ''} 200 200 201 + ${lib.optionalString cfg.tpm.enable '' 202 + NIX_SWTPM_DIR=$(readlink -f "''${NIX_SWTPM_DIR:-${config.system.name}-swtpm}") 203 + mkdir -p "$NIX_SWTPM_DIR" 204 + ${lib.getExe cfg.tpm.package} \ 205 + socket \ 206 + --tpmstate dir="$NIX_SWTPM_DIR" \ 207 + --ctrl type=unixio,path="$NIX_SWTPM_DIR"/socket,terminate \ 208 + --pid file="$NIX_SWTPM_DIR"/pid --daemon \ 209 + --tpm2 \ 210 + --log file="$NIX_SWTPM_DIR"/stdout,level=6 211 + 212 + # Enable `fdflags` builtin in Bash 213 + # We will need it to perform surgical modification of the file descriptor 214 + # passed in the coprocess to remove `FD_CLOEXEC`, i.e. close the file descriptor 215 + # on exec. 216 + # If let alone, it will trigger the coprocess to read EOF when QEMU is `exec` 217 + # at the end of this script. To work around that, we will just clear 218 + # the `FD_CLOEXEC` bits as a first step. 219 + enable -f ${hostPkgs.bash}/lib/bash/fdflags fdflags 220 + # leave a dangling subprocess because the swtpm ctrl socket has 221 + # "terminate" when the last connection disconnects, it stops swtpm. 222 + # When qemu stops, or if the main shell process ends, the coproc will 223 + # get signaled by virtue of the pipe between main and coproc ending. 224 + # Which in turns triggers a socat connect-disconnect to swtpm which 225 + # will stop it. 226 + coproc waitingswtpm { 227 + read || : 228 + echo "" | ${lib.getExe hostPkgs.socat} STDIO UNIX-CONNECT:"$NIX_SWTPM_DIR"/socket 229 + } 230 + # Clear `FD_CLOEXEC` on the coprocess' file descriptor stdin. 231 + fdflags -s-cloexec ''${waitingswtpm[1]} 232 + ''} 233 + 201 234 cd "$TMPDIR" 202 235 203 236 ${lib.optionalString (cfg.emptyDiskImages != []) "idx=0"} ··· 863 896 }; 864 897 }; 865 898 899 + virtualisation.tpm = { 900 + enable = mkEnableOption "a TPM device in the virtual machine with a driver, using swtpm."; 901 + 902 + package = mkPackageOptionMD cfg.host.pkgs "swtpm" { }; 903 + 904 + deviceModel = mkOption { 905 + type = types.str; 906 + default = ({ 907 + "i686-linux" = "tpm-tis"; 908 + "x86_64-linux" = "tpm-tis"; 909 + "ppc64-linux" = "tpm-spapr"; 910 + "armv7-linux" = "tpm-tis-device"; 911 + "aarch64-linux" = "tpm-tis-device"; 912 + }.${pkgs.hostPlatform.system} or (throw "Unsupported system for TPM2 emulation in QEMU")); 913 + defaultText = '' 914 + Based on the guest platform Linux system: 915 + 916 + - `tpm-tis` for (i686, x86_64) 917 + - `tpm-spapr` for ppc64 918 + - `tpm-tis-device` for (armv7, aarch64) 919 + ''; 920 + example = "tpm-tis-device"; 921 + description = lib.mdDoc "QEMU device model for the TPM, uses the appropriate default based on th guest platform system and the package passed."; 922 + }; 923 + }; 924 + 866 925 virtualisation.useDefaultFilesystems = 867 926 mkOption { 868 927 type = types.bool; ··· 1028 1087 1029 1088 boot.initrd.availableKernelModules = 1030 1089 optional cfg.writableStore "overlay" 1031 - ++ optional (cfg.qemu.diskInterface == "scsi") "sym53c8xx"; 1090 + ++ optional (cfg.qemu.diskInterface == "scsi") "sym53c8xx" 1091 + ++ optional (cfg.tpm.enable) "tpm_tis"; 1032 1092 1033 1093 virtualisation.additionalPaths = [ config.system.build.toplevel ]; 1034 1094 ··· 1098 1158 ]) 1099 1159 (mkIf (!cfg.graphics) [ 1100 1160 "-nographic" 1161 + ]) 1162 + (mkIf (cfg.tpm.enable) [ 1163 + "-chardev socket,id=chrtpm,path=\"$NIX_SWTPM_DIR\"/socket" 1164 + "-tpmdev emulator,id=tpm_dev_0,chardev=chrtpm" 1165 + "-device ${cfg.tpm.deviceModel},tpmdev=tpm_dev_0" 1101 1166 ]) 1102 1167 ]; 1103 1168
+14 -16
nixos/tests/firefox.nix
··· 1 1 import ./make-test-python.nix ({ pkgs, firefoxPackage, ... }: 2 - let firefoxPackage' = firefoxPackage.override (args: { 3 - extraPrefsFiles = (args.extraPrefsFiles or []) ++ [ 4 - # make sure that autoplay is enabled by default for the audio test 5 - (builtins.toString (builtins.toFile "autoplay-pref.js" ''defaultPref("media.autoplay.default",0);'')) 6 - ]; 7 - }); 2 + { 3 + name = firefoxPackage.pname; 8 4 9 - in 10 - { 11 - name = firefoxPackage'.unwrapped.pname; 12 5 meta = with pkgs.lib.maintainers; { 13 6 maintainers = [ eelco shlevy ]; 14 7 }; ··· 17 10 { pkgs, ... }: 18 11 19 12 { imports = [ ./common/x11.nix ]; 20 - environment.systemPackages = [ 21 - firefoxPackage' 22 - pkgs.xdotool 23 - ]; 13 + environment.systemPackages = [ pkgs.xdotool ]; 14 + 15 + programs.firefox = { 16 + enable = true; 17 + preferences."media.autoplay.default" = 0; 18 + package = firefoxPackage; 19 + }; 24 20 25 21 # Create a virtual sound device, with mixing 26 22 # and all, for recording audio. ··· 58 54 59 55 }; 60 56 61 - testScript = '' 57 + testScript = let 58 + exe = firefoxPackage.unwrapped.binaryName; 59 + in '' 62 60 from contextlib import contextmanager 63 61 64 62 ··· 97 95 98 96 with subtest("Wait until Firefox has finished loading the Valgrind docs page"): 99 97 machine.execute( 100 - "xterm -e '${firefoxPackage'.unwrapped.binaryName} file://${pkgs.valgrind.doc}/share/doc/valgrind/html/index.html' >&2 &" 98 + "xterm -e '${exe} file://${pkgs.valgrind.doc}/share/doc/valgrind/html/index.html' >&2 &" 101 99 ) 102 100 machine.wait_for_window("Valgrind") 103 101 machine.sleep(40) ··· 105 103 with subtest("Check whether Firefox can play sound"): 106 104 with record_audio(machine): 107 105 machine.succeed( 108 - "${firefoxPackage'.unwrapped.binaryName} file://${pkgs.sound-theme-freedesktop}/share/sounds/freedesktop/stereo/phone-incoming-call.oga >&2 &" 106 + "${exe} file://${pkgs.sound-theme-freedesktop}/share/sounds/freedesktop/stereo/phone-incoming-call.oga >&2 &" 109 107 ) 110 108 wait_for_sound(machine) 111 109 machine.copy_from_vm("/tmp/record.wav")
+2 -57
nixos/tests/systemd-credentials-tpm2.nix
··· 1 - import ./make-test-python.nix ({ lib, pkgs, system, ... }: 2 - 3 - let 4 - tpmSocketPath = "/tmp/swtpm-sock"; 5 - tpmDeviceModels = { 6 - x86_64-linux = "tpm-tis"; 7 - aarch64-linux = "tpm-tis-device"; 8 - }; 9 - in 10 - 1 + import ./make-test-python.nix ({ lib, pkgs, ... }: 11 2 { 12 3 name = "systemd-credentials-tpm2"; 13 4 ··· 16 7 }; 17 8 18 9 nodes.machine = { pkgs, ... }: { 19 - virtualisation = { 20 - qemu.options = [ 21 - "-chardev socket,id=chrtpm,path=${tpmSocketPath}" 22 - "-tpmdev emulator,id=tpm_dev_0,chardev=chrtpm" 23 - "-device ${tpmDeviceModels.${system}},tpmdev=tpm_dev_0" 24 - ]; 25 - }; 26 - 27 - boot.initrd.availableKernelModules = [ "tpm_tis" ]; 28 - 10 + virtualisation.tpm.enable = true; 29 11 environment.systemPackages = with pkgs; [ diffutils ]; 30 12 }; 31 13 32 14 testScript = '' 33 - import subprocess 34 - from tempfile import TemporaryDirectory 35 - 36 - # From systemd-initrd-luks-tpm2.nix 37 - class Tpm: 38 - def __init__(self): 39 - self.state_dir = TemporaryDirectory() 40 - self.start() 41 - 42 - def start(self): 43 - self.proc = subprocess.Popen(["${pkgs.swtpm}/bin/swtpm", 44 - "socket", 45 - "--tpmstate", f"dir={self.state_dir.name}", 46 - "--ctrl", "type=unixio,path=${tpmSocketPath}", 47 - "--tpm2", 48 - ]) 49 - 50 - # Check whether starting swtpm failed 51 - try: 52 - exit_code = self.proc.wait(timeout=0.2) 53 - if exit_code is not None and exit_code != 0: 54 - raise Exception("failed to start swtpm") 55 - except subprocess.TimeoutExpired: 56 - pass 57 - 58 - """Check whether the swtpm process exited due to an error""" 59 - def check(self): 60 - exit_code = self.proc.poll() 61 - if exit_code is not None and exit_code != 0: 62 - raise Exception("swtpm process died") 63 - 64 15 CRED_NAME = "testkey" 65 16 CRED_RAW_FILE = f"/root/{CRED_NAME}" 66 17 CRED_FILE = f"/root/{CRED_NAME}.cred" ··· 84 35 raise Exception(f"systemd_run failed (status {status})") 85 36 86 37 machine.log("systemd-run finished successfully") 87 - 88 - tpm = Tpm() 89 - 90 - @polling_condition 91 - def swtpm_running(): 92 - tpm.check() 93 38 94 39 machine.wait_for_unit("multi-user.target") 95 40
+20 -33
nixos/tests/systemd-cryptenroll.nix
··· 8 8 environment.systemPackages = [ pkgs.cryptsetup ]; 9 9 virtualisation = { 10 10 emptyDiskImages = [ 512 ]; 11 - qemu.options = [ 12 - "-chardev socket,id=chrtpm,path=/tmp/swtpm-sock" 13 - "-tpmdev emulator,id=tpm0,chardev=chrtpm" 14 - "-device tpm-tis,tpmdev=tpm0" 15 - ]; 11 + tpm.enable = true; 16 12 }; 17 13 }; 18 14 19 15 testScript = '' 20 - import subprocess 21 - import tempfile 16 + machine.start() 22 17 23 - def start_swtpm(tpmstate): 24 - subprocess.Popen(["${pkgs.swtpm}/bin/swtpm", "socket", "--tpmstate", "dir="+tpmstate, "--ctrl", "type=unixio,path=/tmp/swtpm-sock", "--log", "level=0", "--tpm2"]) 18 + # Verify the TPM device is available and accessible by systemd-cryptenroll 19 + machine.succeed("test -e /dev/tpm0") 20 + machine.succeed("test -e /dev/tpmrm0") 21 + machine.succeed("systemd-cryptenroll --tpm2-device=list") 25 22 26 - with tempfile.TemporaryDirectory() as tpmstate: 27 - start_swtpm(tpmstate) 28 - machine.start() 23 + # Create LUKS partition 24 + machine.succeed("echo -n lukspass | cryptsetup luksFormat -q /dev/vdb -") 25 + # Enroll new LUKS key and bind it to Secure Boot state 26 + # For more details on PASSWORD variable, check the following issue: 27 + # https://github.com/systemd/systemd/issues/20955 28 + machine.succeed("PASSWORD=lukspass systemd-cryptenroll --tpm2-device=auto --tpm2-pcrs=7 /dev/vdb") 29 + # Add LUKS partition to /etc/crypttab to test auto unlock 30 + machine.succeed("echo 'luks /dev/vdb - tpm2-device=auto' >> /etc/crypttab") 29 31 30 - # Verify the TPM device is available and accessible by systemd-cryptenroll 31 - machine.succeed("test -e /dev/tpm0") 32 - machine.succeed("test -e /dev/tpmrm0") 33 - machine.succeed("systemd-cryptenroll --tpm2-device=list") 34 - 35 - # Create LUKS partition 36 - machine.succeed("echo -n lukspass | cryptsetup luksFormat -q /dev/vdb -") 37 - # Enroll new LUKS key and bind it to Secure Boot state 38 - # For more details on PASSWORD variable, check the following issue: 39 - # https://github.com/systemd/systemd/issues/20955 40 - machine.succeed("PASSWORD=lukspass systemd-cryptenroll --tpm2-device=auto --tpm2-pcrs=7 /dev/vdb") 41 - # Add LUKS partition to /etc/crypttab to test auto unlock 42 - machine.succeed("echo 'luks /dev/vdb - tpm2-device=auto' >> /etc/crypttab") 43 - machine.shutdown() 32 + machine.shutdown() 33 + machine.start() 44 34 45 - start_swtpm(tpmstate) 46 - machine.start() 47 - 48 - # Test LUKS partition automatic unlock on boot 49 - machine.wait_for_unit("systemd-cryptsetup@luks.service") 50 - # Wipe TPM2 slot 51 - machine.succeed("systemd-cryptenroll --wipe-slot=tpm2 /dev/vdb") 35 + # Test LUKS partition automatic unlock on boot 36 + machine.wait_for_unit("systemd-cryptsetup@luks.service") 37 + # Wipe TPM2 slot 38 + machine.succeed("systemd-cryptenroll --wipe-slot=tpm2 /dev/vdb") 52 39 ''; 53 40 }) 54 41
+1 -26
nixos/tests/systemd-initrd-luks-tpm2.nix
··· 9 9 # Booting off the TPM2-encrypted device requires an available init script 10 10 mountHostNixStore = true; 11 11 useEFIBoot = true; 12 - qemu.options = ["-chardev socket,id=chrtpm,path=/tmp/mytpm1/swtpm-sock -tpmdev emulator,id=tpm0,chardev=chrtpm -device tpm-tis,tpmdev=tpm0"]; 12 + tpm.enable = true; 13 13 }; 14 14 boot.loader.systemd-boot.enable = true; 15 15 ··· 33 33 }; 34 34 35 35 testScript = '' 36 - import subprocess 37 - import os 38 - import time 39 - 40 - 41 - class Tpm: 42 - def __init__(self): 43 - os.mkdir("/tmp/mytpm1") 44 - self.start() 45 - 46 - def start(self): 47 - self.proc = subprocess.Popen(["${pkgs.swtpm}/bin/swtpm", "socket", "--tpmstate", "dir=/tmp/mytpm1", "--ctrl", "type=unixio,path=/tmp/mytpm1/swtpm-sock", "--log", "level=20", "--tpm2"]) 48 - 49 - def wait_for_death_then_restart(self): 50 - while self.proc.poll() is None: 51 - print("waiting for tpm to die") 52 - time.sleep(1) 53 - assert self.proc.returncode == 0 54 - self.start() 55 - 56 - tpm = Tpm() 57 - 58 - 59 36 # Create encrypted volume 60 37 machine.wait_for_unit("multi-user.target") 61 38 machine.succeed("echo -n supersecret | cryptsetup luksFormat -q --iter-time=1 /dev/vdb -") ··· 65 42 machine.succeed("bootctl set-default nixos-generation-1-specialisation-boot-luks.conf") 66 43 machine.succeed("sync") 67 44 machine.crash() 68 - 69 - tpm.wait_for_death_then_restart() 70 45 71 46 # Boot and decrypt the disk 72 47 machine.wait_for_unit("multi-user.target")
+24 -13
pkgs/applications/networking/browsers/firefox/wrapper.nix
··· 34 34 , nameSuffix ? "" 35 35 , icon ? applicationName 36 36 , wmClass ? applicationName 37 + , nativeMessagingHosts ? [] 37 38 , extraNativeMessagingHosts ? [] 38 39 , pkcs11Modules ? [] 39 40 , useGlvnd ? true ··· 62 63 # PCSC-Lite daemon (services.pcscd) also must be enabled for firefox to access smartcards 63 64 smartcardSupport = cfg.smartcardSupport or false; 64 65 65 - nativeMessagingHosts = 66 - [ ] 67 - ++ lib.optional (cfg.enableBrowserpass or false) (lib.getBin browserpass) 68 - ++ lib.optional (cfg.enableBukubrow or false) bukubrow 69 - ++ lib.optional (cfg.enableTridactylNative or false) tridactyl-native 70 - ++ lib.optional (cfg.enableGnomeExtensions or false) gnome-browser-connector 71 - ++ lib.optional (cfg.enableUgetIntegrator or false) uget-integrator 72 - ++ lib.optional (cfg.enablePlasmaBrowserIntegration or false) plasma5Packages.plasma-browser-integration 73 - ++ lib.optional (cfg.enableFXCastBridge or false) fx-cast-bridge 74 - ++ lib.optional (cfg.enableKeePassXC or false) keepassxc 75 - ++ extraNativeMessagingHosts 76 - ; 66 + deprecatedNativeMessagingHost = option: pkg: 67 + if (cfg.${option} or false) 68 + then 69 + lib.warn "The cfg.${option} argument for `firefox.override` is deprecated, please add `pkgs.${pkg.pname}` to `nativeMessagingHosts` instead" 70 + [pkg] 71 + else []; 72 + 73 + allNativeMessagingHosts = builtins.map lib.getBin ( 74 + nativeMessagingHosts 75 + ++ deprecatedNativeMessagingHost "enableBrowserpass" browserpass 76 + ++ deprecatedNativeMessagingHost "enableBukubrow" bukubrow 77 + ++ deprecatedNativeMessagingHost "enableTridactylNative" tridactyl-native 78 + ++ deprecatedNativeMessagingHost "enableGnomeExtensions" gnome-browser-connector 79 + ++ deprecatedNativeMessagingHost "enableUgetIntegrator" uget-integrator 80 + ++ deprecatedNativeMessagingHost "enablePlasmaBrowserIntegration" plasma5Packages.plasma-browser-integration 81 + ++ deprecatedNativeMessagingHost "enableFXCastBridge" fx-cast-bridge 82 + ++ deprecatedNativeMessagingHost "enableKeePassXC" keepassxc 83 + ++ (if extraNativeMessagingHosts != [] 84 + then lib.warn "The extraNativeMessagingHosts argument for the Firefox wrapper is deprecated, please use `nativeMessagingHosts`" extraNativeMessagingHosts 85 + else []) 86 + ); 87 + 77 88 libs = lib.optionals stdenv.isLinux [ udev libva mesa libnotify xorg.libXScrnSaver cups pciutils ] 78 89 ++ lib.optional pipewireSupport pipewire 79 90 ++ lib.optional ffmpegSupport ffmpeg_5 ··· 338 349 install -D -t $out/share/applications $desktopItem/share/applications/* 339 350 340 351 mkdir -p $out/lib/mozilla/native-messaging-hosts 341 - for ext in ${toString nativeMessagingHosts}; do 352 + for ext in ${toString allNativeMessagingHosts}; do 342 353 ln -sLt $out/lib/mozilla/native-messaging-hosts $ext/lib/mozilla/native-messaging-hosts/* 343 354 done 344 355
+2 -2
pkgs/applications/science/electronics/verilator/default.nix
··· 4 4 5 5 stdenv.mkDerivation rec { 6 6 pname = "verilator"; 7 - version = "5.012"; 7 + version = "5.016"; 8 8 9 9 src = fetchFromGitHub { 10 10 owner = pname; 11 11 repo = pname; 12 12 rev = "v${version}"; 13 - hash = "sha256-Y6GkIgkauayJmGhOQg2kWjbcxYVIob6InMopv555Lb8="; 13 + hash = "sha256-MVQbAZXSIdzX7+yKbSrFLLd0j6dfLSXpES3uu6bcPt8="; 14 14 }; 15 15 16 16 enableParallelBuilding = true;
+1
pkgs/applications/video/mediathekview/default.nix
··· 42 42 homepage = "https://mediathekview.de/"; 43 43 sourceProvenance = with sourceTypes; [ binaryBytecode ]; 44 44 license = licenses.gpl3Plus; 45 + mainProgram = "mediathek"; 45 46 maintainers = with maintainers; [ moredread ]; 46 47 platforms = platforms.all; 47 48 };
+4
pkgs/build-support/rust/build-rust-crate/default.nix
··· 366 366 367 367 meta = { 368 368 mainProgram = crateName; 369 + badPlatforms = [ 370 + # Rust is currently unable to target the n32 ABI 371 + lib.systems.inspect.patterns.isMips64n32 372 + ]; 369 373 }; 370 374 } // extraDerivationAttrs 371 375 )
+4
pkgs/build-support/rust/build-rust-package/default.nix
··· 162 162 "x86_64-redox" 163 163 "wasm32-wasi" 164 164 ]; 165 + badPlatforms = [ 166 + # Rust is currently unable to target the n32 ABI 167 + lib.systems.inspect.patterns.isMips64n32 168 + ]; 165 169 } // meta; 166 170 })
+42
pkgs/by-name/ri/river-bnf/package.nix
··· 1 + { lib 2 + , stdenv 3 + , fetchFromSourcehut 4 + , wayland 5 + , wayland-scanner 6 + , unstableGitUpdater 7 + }: 8 + 9 + stdenv.mkDerivation rec { 10 + pname = "river-bnf"; 11 + version = "unstable-2023-10-10"; 12 + 13 + src = fetchFromSourcehut { 14 + owner = "~leon_plickat"; 15 + repo = pname; 16 + rev = "bb8ded380ed5d539777533065b4fd33646ad5603"; 17 + hash = "sha256-rm9Nt3WLgq9QOXzrkYBGp45EALNYFTQGInxfYIN0XcU="; 18 + }; 19 + 20 + nativeBuildInputs = [ 21 + wayland-scanner 22 + ]; 23 + 24 + buildInputs = [ 25 + wayland.dev 26 + ]; 27 + 28 + postPatch = '' 29 + substituteInPlace Makefile --replace '/usr/local' $out 30 + ''; 31 + 32 + passthru.updateScript = unstableGitUpdater { }; 33 + 34 + meta = { 35 + description = "Switch back'n'forth between river tags"; 36 + homepage = "https://git.sr.ht/~leon_plickat/river-bnf"; 37 + license = lib.licenses.gpl3Only; 38 + maintainers = with lib.maintainers; [ adamcstephens ]; 39 + mainProgram = "river-bnf"; 40 + platforms = lib.platforms.linux; 41 + }; 42 + }
+2
pkgs/development/libraries/gtk/2.x.nix
··· 66 66 ] ++ lib.optionals stdenv.isDarwin [ 67 67 ./patches/2.0-gnome_bugzilla_557780_306776_freeciv_darwin.patch 68 68 ./patches/2.0-darwin-x11.patch 69 + # Fixes an incompatible function pointer conversion and implicit int errors with clang 16. 70 + ./patches/2.0-clang.patch 69 71 ]; 70 72 71 73 propagatedBuildInputs = [
+49
pkgs/development/libraries/gtk/patches/2.0-clang.patch
··· 1 + diff --git a/gtk/gtkscale.c b/gtk/gtkscale.c 2 + index 4317523fb8..3c09cd3ae8 100644 3 + --- a/gtk/gtkscale.c 4 + +++ b/gtk/gtkscale.c 5 + @@ -1471,7 +1471,7 @@ gtk_scale_add_mark (GtkScale *scale, 6 + mark->position = position; 7 + 8 + priv->marks = g_slist_insert_sorted_with_data (priv->marks, mark, 9 + - (GCompareFunc) compare_marks, 10 + + (GCompareDataFunc) compare_marks, 11 + GINT_TO_POINTER ( 12 + gtk_range_get_inverted (GTK_RANGE (scale)) 13 + )); 14 + diff --git a/tests/testmenubars.c b/tests/testmenubars.c 15 + index 416a939861..c65e82be26 100644 16 + --- a/tests/testmenubars.c 17 + +++ b/tests/testmenubars.c 18 + @@ -21,7 +21,7 @@ 19 + #include <gtk/gtk.h> 20 + 21 + static GtkWidget * 22 + -create_menu (depth) 23 + +create_menu (int depth, gboolean _unused) 24 + { 25 + GtkWidget *menu; 26 + GtkWidget *menuitem; 27 + @@ -35,19 +35,19 @@ create_menu (depth) 28 + gtk_menu_shell_append (GTK_MENU_SHELL (menu), menuitem); 29 + gtk_widget_show (menuitem); 30 + gtk_menu_item_set_submenu (GTK_MENU_ITEM (menuitem), 31 + - create_menu (depth - 1)); 32 + + create_menu (depth - 1, _unused)); 33 + 34 + menuitem = gtk_menu_item_new_with_mnemonic ("Two"); 35 + gtk_menu_shell_append (GTK_MENU_SHELL (menu), menuitem); 36 + gtk_widget_show (menuitem); 37 + gtk_menu_item_set_submenu (GTK_MENU_ITEM (menuitem), 38 + - create_menu (depth - 1)); 39 + + create_menu (depth - 1, _unused)); 40 + 41 + menuitem = gtk_menu_item_new_with_mnemonic ("Three"); 42 + gtk_menu_shell_append (GTK_MENU_SHELL (menu), menuitem); 43 + gtk_widget_show (menuitem); 44 + gtk_menu_item_set_submenu (GTK_MENU_ITEM (menuitem), 45 + - create_menu (depth - 1)); 46 + + create_menu (depth - 1, _unused)); 47 + 48 + return menu; 49 + }
+1 -1
pkgs/development/libraries/lzlib/default.nix
··· 16 16 substituteInPlace Makefile.in --replace '-Wl,--soname=' '-Wl,-install_name,$(out)/lib/' 17 17 ''; 18 18 19 - makeFlags = [ "CC:=$(CC)" ]; 19 + makeFlags = [ "CC:=$(CC)" "AR:=$(AR)" ]; 20 20 doCheck = true; 21 21 22 22 configureFlags = [ "--enable-shared" ];
+2 -3
pkgs/development/ocaml-modules/carton/default.nix
··· 8 8 9 9 buildDunePackage rec { 10 10 pname = "carton"; 11 - version = "0.6.0"; 11 + version = "0.7.0"; 12 12 13 13 minimalOCamlVersion = "4.08"; 14 - duneVersion = "3"; 15 14 16 15 src = fetchurl { 17 16 url = "https://github.com/mirage/ocaml-git/releases/download/${pname}-v${version}/git-${pname}-v${version}.tbz"; 18 - hash = "sha256-NAm4Xq7L0Dgynr8cKZQ356M4GR6D19LbCRxvnSlIf1U="; 17 + hash = "sha256-vWkBJdP4ZpRCEwzrFMzsdHay4VyiXix/+1qzk+7yDvk="; 19 18 }; 20 19 21 20 patches = [
+2 -2
pkgs/development/python-modules/aiowithings/default.nix
··· 13 13 14 14 buildPythonPackage rec { 15 15 pname = "aiowithings"; 16 - version = "0.4.4"; 16 + version = "1.0.0"; 17 17 pyproject = true; 18 18 19 19 disabled = pythonOlder "3.11"; ··· 22 22 owner = "joostlek"; 23 23 repo = "python-withings"; 24 24 rev = "refs/tags/v${version}"; 25 - hash = "sha256-YmTYwj3Udo1Pev25LLvY7757BR0h44aefqIe8b8FlTc="; 25 + hash = "sha256-3necwO/EpjWD1fAItqsZJKgv0CIBklxcM1jNRPxhSVY="; 26 26 }; 27 27 28 28 postPatch = ''
+2 -2
pkgs/development/python-modules/pyfibaro/default.nix
··· 11 11 12 12 buildPythonPackage rec { 13 13 pname = "pyfibaro"; 14 - version = "0.7.5"; 14 + version = "0.7.6"; 15 15 format = "pyproject"; 16 16 17 17 disabled = pythonOlder "3.9"; ··· 20 20 owner = "rappenze"; 21 21 repo = pname; 22 22 rev = "refs/tags/${version}"; 23 - hash = "sha256-hllYxPPbLu3dpjHwXfIvTMW0LWtcglTVfN7youZaXTw="; 23 + hash = "sha256-yE9HkAlGj1t90FwmwHDsk3ea2UOl0bG3UtYXxz/SWbI="; 24 24 }; 25 25 26 26 nativeBuildInputs = [
+2 -2
pkgs/development/python-modules/pywemo/default.nix
··· 14 14 15 15 buildPythonPackage rec { 16 16 pname = "pywemo"; 17 - version = "1.3.0"; 17 + version = "1.3.1"; 18 18 format = "pyproject"; 19 19 20 20 disabled = pythonOlder "3.7"; ··· 23 23 owner = pname; 24 24 repo = pname; 25 25 rev = "refs/tags/${version}"; 26 - hash = "sha256-+AdNT7ClT8JkYLkwk+IVNWgXGS04WNtENOtqmbjv7nQ="; 26 + hash = "sha256-RZeg6/xAGRumd4aM/mQQnIrIXB/rUrdeQQxk2c1mJNI="; 27 27 }; 28 28 29 29 nativeBuildInputs = [
+2 -2
pkgs/development/python-modules/qbittorrent-api/default.nix
··· 11 11 12 12 buildPythonPackage rec { 13 13 pname = "qbittorrent-api"; 14 - version = "2023.9.53"; 14 + version = "2023.10.54"; 15 15 format = "pyproject"; 16 16 17 17 src = fetchPypi { 18 18 inherit pname version; 19 - hash = "sha256-/q0bL1WxIn6giOp9kLUCLZRpS/2d2Rdr61rRwZXQRP8="; 19 + hash = "sha256-xCHB/pPURc1+vje6IhBHZ6HogUsmYfBE9977Qtwoc2w="; 20 20 }; 21 21 22 22 propagatedBuildInputs = [
+2 -2
pkgs/development/python-modules/rotary-embedding-torch/default.nix
··· 13 13 14 14 buildPythonPackage rec { 15 15 pname = "rotary-embedding-torch"; 16 - version = "0.3.2"; 16 + version = "0.3.3"; 17 17 pyproject = true; 18 18 19 19 src = fetchFromGitHub { 20 20 owner = "lucidrains"; 21 21 repo = "rotary-embedding-torch"; 22 22 rev = version; 23 - hash = "sha256-EozW8J1i/2ym1hwUMciaWVtp7kSWfG+mC5RkWLJdK3g="; 23 + hash = "sha256-uTOKdxqbSLRJl0gnz3TvpVwhrfqflAp0wfn6d13+YrM="; 24 24 }; 25 25 26 26 nativeBuildInputs = [
+13 -5
pkgs/development/tools/rust/crate2nix/default.nix
··· 10 10 11 11 rustPlatform.buildRustPackage rec { 12 12 pname = "crate2nix"; 13 - version = "0.10.0"; 13 + version = "0.11.0"; 14 14 15 15 src = fetchFromGitHub { 16 - owner = "kolloch"; 16 + owner = "nix-community"; 17 17 repo = pname; 18 18 rev = version; 19 - sha256 = "sha256-JaF9/H3m4Wrc5MtXcONkOAgKVkswLVw0yZe0dBr2e4Y="; 19 + sha256 = "sha256-nyX1lfaA0eBSB/BaxPzCsyD8p/hxCwNIvr4Ru3i/YX0="; 20 20 }; 21 21 22 22 sourceRoot = "${src.name}/crate2nix"; 23 23 24 - cargoSha256 = "sha256-PD7R1vcb3FKd4hfpViKyvfCExJ5H1Xo2HPYden5zpxQ="; 24 + cargoSha256 = "sha256-3+emOr3hh+DDkboJbYyJFZgkzmcdA9jdronz7wM4x28="; 25 25 26 26 nativeBuildInputs = [ makeWrapper ]; 27 27 ··· 32 32 postFixup = '' 33 33 wrapProgram $out/bin/crate2nix \ 34 34 --suffix PATH ":" ${lib.makeBinPath [ cargo nix nix-prefetch-git ]} 35 + 36 + rm -rf $out/lib $out/bin/crate2nix.d 37 + mkdir -p \ 38 + $out/share/bash-completion/completions \ 39 + $out/share/zsh/vendor-completions 40 + $out/bin/crate2nix completions -s 'bash' -o $out/share/bash-completion/completions 41 + $out/bin/crate2nix completions -s 'zsh' -o $out/share/zsh/vendor-completions 35 42 ''; 36 43 37 44 meta = with lib; { ··· 40 47 Crate2nix generates Nix files from Cargo.toml/lock files 41 48 so that you can build every crate individually in a Nix sandbox. 42 49 ''; 43 - homepage = "https://github.com/kolloch/crate2nix"; 50 + homepage = "https://github.com/nix-community/crate2nix"; 44 51 license = licenses.asl20; 45 52 maintainers = with maintainers; [ kolloch cole-h ]; 46 53 platforms = platforms.all; 47 54 }; 48 55 } 56 +
+3 -3
pkgs/os-specific/linux/zfs/generic.nix
··· 202 202 changelog = "https://github.com/openzfs/zfs/releases/tag/zfs-${version}"; 203 203 license = lib.licenses.cddl; 204 204 205 - # The case-block for TARGET_CPU has branches for only five CPU families, 205 + # The case-block for TARGET_CPU has branches for only some CPU families, 206 206 # which prevents ZFS from building on any other platform. Since the NixOS 207 207 # `boot.zfs.enabled` property is `readOnly`, excluding platforms where ZFS 208 208 # does not build is the only way to produce a NixOS installer on such 209 209 # platforms. 210 - # https://github.com/openzfs/zfs/blob/6a6bd493988c75331deab06e5352a9bed035a87d/config/always-arch.m4#L16 210 + # https://github.com/openzfs/zfs/blob/6723d1110f6daf93be93db74d5ea9f6b64c9bce5/config/always-arch.m4#L12 211 211 platforms = 212 212 with lib.systems.inspect.patterns; 213 - map (p: p // isLinux) [ isx86_32 isx86_64 isPower isAarch64 isSparc ]; 213 + map (p: p // isLinux) ([ isx86_32 isx86_64 isPower isAarch64 isSparc ] ++ isArmv7); 214 214 215 215 maintainers = with lib.maintainers; [ jcumming jonringer globin raitobezarius ]; 216 216 mainProgram = "zfs";
-4
pkgs/servers/matrix-synapse/default.nix
··· 113 113 sentry = [ 114 114 sentry-sdk 115 115 ]; 116 - opentracing = [ 117 - jaeger-client 118 - opentracing 119 - ]; 120 116 jwt = [ 121 117 authlib 122 118 ];
+2 -1
pkgs/servers/mpd/default.nix
··· 9 9 , audiofile, faad2, ffmpeg, flac, fluidsynth, game-music-emu 10 10 , libmad, libmikmod, mpg123, libopus, libvorbis, lame 11 11 # Filters 12 - , libsamplerate 12 + , libsamplerate, soxr 13 13 # Outputs 14 14 , alsa-lib, libjack2, libpulseaudio, libshout, pipewire 15 15 # Misc ··· 62 62 lame = [ lame ]; 63 63 # Filter plugins 64 64 libsamplerate = [ libsamplerate ]; 65 + soxr = [ soxr ]; 65 66 # Output plugins 66 67 alsa = [ alsa-lib ]; 67 68 jack = [ libjack2 ];
+10 -1
pkgs/servers/tracing/tempo/default.nix
··· 1 - { lib, buildGoModule, fetchFromGitHub }: 1 + { lib, buildGoModule, fetchFromGitHub, fetchpatch }: 2 2 3 3 buildGoModule rec { 4 4 pname = "tempo"; ··· 11 11 fetchSubmodules = true; 12 12 hash = "sha256-23wjD8HTSEGonIMAWCoKORMLIISASxlN4FeY+Bmt/+I="; 13 13 }; 14 + 15 + patches = [ 16 + # Backport patch for Go 1.21 compatibility 17 + # FIXME: remove after 2.3.0 18 + (fetchpatch { 19 + url = "https://github.com/grafana/tempo/commit/0d37e8f0edd8a96876b0a5f5ab97ef79ff04608f.patch"; 20 + hash = "sha256-YC59g5pdcrwJeQ4raS0Oq+fZvRBKFj4johZtGTAYpEs="; 21 + }) 22 + ]; 14 23 15 24 vendorHash = null; 16 25
+18 -20
pkgs/tools/misc/rpi-imager/default.nix
··· 3 3 , fetchFromGitHub 4 4 , wrapQtAppsHook 5 5 , cmake 6 + , pkg-config 6 7 , util-linux 7 8 , curl 8 9 , libarchive ··· 12 13 , qttools 13 14 , qtquickcontrols2 14 15 , qtgraphicaleffects 16 + , xz 17 + , testers 15 18 , nix-update-script 16 19 , enableTelemetry ? false 17 20 }: 18 21 19 - stdenv.mkDerivation rec { 22 + stdenv.mkDerivation (finalAttrs: { 20 23 pname = "rpi-imager"; 21 - version = "1.7.5"; 24 + version = "1.8.1"; 22 25 23 26 src = fetchFromGitHub { 24 27 owner = "raspberrypi"; 25 - repo = pname; 26 - rev = "v${version}"; 27 - sha256 = "sha256-yB+H1zWL40KzxOrBuvg7nBC3zmWilsOgOW7ndiDWuDA="; 28 + repo = finalAttrs.pname; 29 + rev = "refs/tags/v${finalAttrs.version}"; 30 + sha256 = "sha256-drHiZ0eYYvJg6/v3oEozGAbBKm1KLpec+kYZWwpT9yM="; 28 31 }; 29 32 30 33 nativeBuildInputs = [ 31 34 cmake 35 + pkg-config 32 36 util-linux 33 37 wrapQtAppsHook 34 38 ]; ··· 48 52 qttools 49 53 qtquickcontrols2 50 54 qtgraphicaleffects 55 + xz 51 56 ]; 52 57 53 - sourceRoot = "${src.name}/src"; 58 + sourceRoot = "${finalAttrs.src.name}/src"; 54 59 55 60 /* By default, the builder checks for JSON support in lsblk by running "lsblk --json", 56 61 but that throws an error, as /sys/dev doesn't exist in the sandbox. 57 62 This patch removes the check. */ 58 63 patches = [ ./lsblkCheckFix.patch ]; 59 64 60 - doInstallCheck = true; 61 - 62 - installCheckPhase = '' 63 - runHook preInstallCheck 64 - 65 - # Without this, the tests fail because they cannot create the QT Window 66 - export QT_QPA_PLATFORM=offscreen 67 - $out/bin/rpi-imager --version 68 - 69 - runHook postInstallCheck 70 - ''; 71 - 72 65 passthru = { 66 + tests.version = testers.testVersion { 67 + package = finalAttrs.finalPackage; 68 + command = "QT_QPA_PLATFORM=offscreen rpi-imager --version"; 69 + }; 73 70 updateScript = nix-update-script { }; 74 71 }; 75 72 76 73 meta = with lib; { 77 74 description = "Raspberry Pi Imaging Utility"; 78 75 homepage = "https://www.raspberrypi.com/software/"; 79 - changelog = "https://github.com/raspberrypi/rpi-imager/releases/tag/v${version}"; 76 + changelog = "https://github.com/raspberrypi/rpi-imager/releases/tag/v${finalAttrs.version}"; 80 77 downloadPage = "https://github.com/raspberrypi/rpi-imager/"; 81 78 license = licenses.asl20; 79 + mainProgram = "rpi-imager"; 82 80 maintainers = with maintainers; [ ymarkus anthonyroussel ]; 83 81 platforms = platforms.all; 84 82 # does not build on darwin 85 83 broken = stdenv.isDarwin; 86 84 }; 87 - } 85 + })
+2 -2
pkgs/tools/misc/ttyplot/default.nix
··· 2 2 3 3 stdenv.mkDerivation rec { 4 4 pname = "ttyplot"; 5 - version = "1.4"; 5 + version = "1.5"; 6 6 7 7 src = fetchFromGitHub { 8 8 owner = "tenox7"; 9 9 repo = "ttyplot"; 10 10 rev = version; 11 - sha256 = "19qm0hx9ljdw9qg78lydn3c627xy7xnx3knq5f7caw9lf0cdp7kf"; 11 + sha256 = "sha256-COnqzWqah1J/q64XrOBhMOsrafAs/BptqNvrjHJ9edQ="; 12 12 }; 13 13 14 14 buildInputs = [ ncurses ];
+16 -6
pkgs/tools/networking/nqptp/default.nix
··· 3 3 , fetchFromGitHub 4 4 , autoreconfHook 5 5 , pkg-config 6 + , gitUpdater 6 7 }: 7 8 8 9 stdenv.mkDerivation rec { 9 - version = "1.2.3"; 10 + version = "1.2.4"; 10 11 pname = "nqptp"; 11 12 12 13 src = fetchFromGitHub { 13 14 owner = "mikebrady"; 14 15 repo = pname; 15 16 rev = "refs/tags/${version}"; 16 - hash = "sha256-Ppsz3hDG6sEf6LJ2WdbTdJ8Gi53f0YmvaUU8TOfVMz4="; 17 + hash = "sha256-roTNcr3v2kzE6vQ5plAVtlw1+2yJplltOYsGGibtoZo="; 17 18 }; 18 19 20 + patches = [ 21 + # this patch should be removed when > 1.2.4 22 + ./remove-setcap.patch 23 + ]; 24 + 19 25 nativeBuildInputs = [ autoreconfHook pkg-config ]; 20 26 21 - meta = with lib; { 27 + passthru.updateScript = gitUpdater { 28 + ignoredVersions = ".*(-dev|d0)"; 29 + }; 30 + 31 + meta = { 22 32 homepage = "https://github.com/mikebrady/nqptp"; 23 33 description = "Daemon and companion application to Shairport Sync that monitors timing data from any PTP clocks"; 24 - license = licenses.gpl2Only; 25 - maintainers = with maintainers; [ jordanisaacs ]; 26 - platforms = platforms.linux ++ platforms.freebsd; 34 + license = lib.licenses.gpl2Only; 35 + maintainers = with lib.maintainers; [ jordanisaacs adamcstephens ]; 36 + platforms = lib.platforms.linux ++ lib.platforms.freebsd; 27 37 }; 28 38 }
+13
pkgs/tools/networking/nqptp/remove-setcap.patch
··· 1 + diff --git a/Makefile.am b/Makefile.am 2 + index 78f36d7..8dc4e4f 100644 3 + --- a/Makefile.am 4 + +++ b/Makefile.am 5 + @@ -19,8 +19,6 @@ endif 6 + 7 + install-exec-hook: 8 + if BUILD_FOR_LINUX 9 + -# NQPTP runs as user/group nqptp/nqptp on Linux and uses setcap to access ports 319 and 320 10 + - setcap 'cap_net_bind_service=+ep' $(bindir)/nqptp 11 + # no installer for System V 12 + if INSTALL_SYSTEMD_STARTUP 13 + getent group nqptp &>/dev/null || groupadd -r nqptp &>/dev/null
+1
pkgs/top-level/all-packages.nix
··· 14039 14039 14040 14040 trezord = callPackage ../servers/trezord { 14041 14041 inherit (darwin.apple_sdk.frameworks) AppKit; 14042 + buildGoModule = buildGo120Module; 14042 14043 }; 14043 14044 14044 14045 trezor_agent = with python3Packages; toPythonApplication trezor_agent;