···118 <xref linkend="opt-services.samba-wsdd.enable" /> Web Services Dynamic Discovery host daemon
119 </para>
120 </listitem>
121+ <listitem>
122+ <para>
123+ <link xlink:href="https://www.discourse.org/">Discourse</link>, a
124+ modern and open source discussion platform.
125+ </para>
126+ <para>
127+ See the <link linkend="module-services-discourse">Discourse
128+ section of the NixOS manual</link> for more information.
129+ </para>
130+ </listitem>
131 </itemizedlist>
132133 </section>
···50 # List of components used in config
51 extraComponents = filter useComponent availableComponents;
5253- package = if (cfg.autoExtraComponents && cfg.config != null)
54 then (cfg.package.override { inherit extraComponents; })
55 else cfg.package;
000005657 # If you are changing this, please update the description in applyDefaultConfig
58 defaultConfig = {
···183 };
184185 package = mkOption {
186- default = pkgs.home-assistant.overridePythonAttrs (oldAttrs: {
187- doCheck = false;
188- });
189 defaultText = literalExample ''
190- pkgs.home-assistant.overridePythonAttrs (oldAttrs: {
191- doCheck = false;
192- })
193 '';
194 type = types.package;
195 example = literalExample ''
···198 }
199 '';
200 description = ''
201- Home Assistant package to use. By default the tests are disabled, as they take a considerable amout of time to complete.
202 Override <literal>extraPackages</literal> or <literal>extraComponents</literal> in order to add additional dependencies.
203 If you specify <option>config</option> and do not set <option>autoExtraComponents</option>
204 to <literal>false</literal>, overriding <literal>extraComponents</literal> will have no effect.
00205 '';
206 };
207
···50 # List of components used in config
51 extraComponents = filter useComponent availableComponents;
5253+ testedPackage = if (cfg.autoExtraComponents && cfg.config != null)
54 then (cfg.package.override { inherit extraComponents; })
55 else cfg.package;
56+57+ # overridePythonAttrs has to be applied after override
58+ package = testedPackage.overridePythonAttrs (oldAttrs: {
59+ doCheck = false;
60+ });
6162 # If you are changing this, please update the description in applyDefaultConfig
63 defaultConfig = {
···188 };
189190 package = mkOption {
191+ default = pkgs.home-assistant;
00192 defaultText = literalExample ''
193+ pkgs.home-assistant
00194 '';
195 type = types.package;
196 example = literalExample ''
···199 }
200 '';
201 description = ''
202+ Home Assistant package to use. Tests are automatically disabled, as they take a considerable amout of time to complete.
203 Override <literal>extraPackages</literal> or <literal>extraComponents</literal> in order to add additional dependencies.
204 If you specify <option>config</option> and do not set <option>autoExtraComponents</option>
205 to <literal>false</literal>, overriding <literal>extraComponents</literal> will have no effect.
206+ Avoid <literal>home-assistant.overridePythonAttrs</literal> if you use
207+ <literal>autoExtraComponents</literal>.
208 '';
209 };
210
+1-1
nixos/modules/services/networking/gvpe.nix
···27 text = ''
28 #! /bin/sh
2930- export PATH=$PATH:${pkgs.iproute}/sbin
3132 ip link set $IFNAME up
33 ip address add ${cfg.ipAddress} dev $IFNAME
···27 text = ''
28 #! /bin/sh
2930+ export PATH=$PATH:${pkgs.iproute2}/sbin
3132 ip link set $IFNAME up
33 ip address add ${cfg.ipAddress} dev $IFNAME
···1+<chapter xmlns="http://docbook.org/ns/docbook"
2+ xmlns:xlink="http://www.w3.org/1999/xlink"
3+ xmlns:xi="http://www.w3.org/2001/XInclude"
4+ version="5.0"
5+ xml:id="module-services-discourse">
6+ <title>Discourse</title>
7+ <para>
8+ <link xlink:href="https://www.discourse.org/">Discourse</link> is a
9+ modern and open source discussion platform.
10+ </para>
11+12+ <section xml:id="module-services-discourse-basic-usage">
13+ <title>Basic usage</title>
14+ <para>
15+ A minimal configuration using Let's Encrypt for TLS certificates looks like this:
16+<programlisting>
17+services.discourse = {
18+ <link linkend="opt-services.discourse.enable">enable</link> = true;
19+ <link linkend="opt-services.discourse.hostname">hostname</link> = "discourse.example.com";
20+ admin = {
21+ <link linkend="opt-services.discourse.admin.email">email</link> = "admin@example.com";
22+ <link linkend="opt-services.discourse.admin.username">username</link> = "admin";
23+ <link linkend="opt-services.discourse.admin.fullName">fullName</link> = "Administrator";
24+ <link linkend="opt-services.discourse.admin.passwordFile">passwordFile</link> = "/path/to/password_file";
25+ };
26+ <link linkend="opt-services.discourse.secretKeyBaseFile">secretKeyBaseFile</link> = "/path/to/secret_key_base_file";
27+};
28+<link linkend="opt-security.acme.email">security.acme.email</link> = "me@example.com";
29+<link linkend="opt-security.acme.acceptTerms">security.acme.acceptTerms</link> = true;
30+</programlisting>
31+ </para>
32+33+ <para>
34+ Provided a proper DNS setup, you'll be able to connect to the
35+ instance at <literal>discourse.example.com</literal> and log in
36+ using the credentials provided in
37+ <literal>services.discourse.admin</literal>.
38+ </para>
39+ </section>
40+41+ <section xml:id="module-services-discourse-tls">
42+ <title>Using a regular TLS certificate</title>
43+ <para>
44+ To set up TLS using a regular certificate and key on file, use
45+ the <xref linkend="opt-services.discourse.sslCertificate" />
46+ and <xref linkend="opt-services.discourse.sslCertificateKey" />
47+ options:
48+49+<programlisting>
50+services.discourse = {
51+ <link linkend="opt-services.discourse.enable">enable</link> = true;
52+ <link linkend="opt-services.discourse.hostname">hostname</link> = "discourse.example.com";
53+ <link linkend="opt-services.discourse.sslCertificate">sslCertificate</link> = "/path/to/ssl_certificate";
54+ <link linkend="opt-services.discourse.sslCertificateKey">sslCertificateKey</link> = "/path/to/ssl_certificate_key";
55+ admin = {
56+ <link linkend="opt-services.discourse.admin.email">email</link> = "admin@example.com";
57+ <link linkend="opt-services.discourse.admin.username">username</link> = "admin";
58+ <link linkend="opt-services.discourse.admin.fullName">fullName</link> = "Administrator";
59+ <link linkend="opt-services.discourse.admin.passwordFile">passwordFile</link> = "/path/to/password_file";
60+ };
61+ <link linkend="opt-services.discourse.secretKeyBaseFile">secretKeyBaseFile</link> = "/path/to/secret_key_base_file";
62+};
63+</programlisting>
64+65+ </para>
66+ </section>
67+68+ <section xml:id="module-services-discourse-database">
69+ <title>Database access</title>
70+ <para>
71+ <productname>Discourse</productname> uses
72+ <productname>PostgreSQL</productname> to store most of its
73+ data. A database will automatically be enabled and a database
74+ and role created unless <xref
75+ linkend="opt-services.discourse.database.host" /> is changed from
76+ its default of <literal>null</literal> or <xref
77+ linkend="opt-services.discourse.database.createLocally" /> is set
78+ to <literal>false</literal>.
79+ </para>
80+81+ <para>
82+ External database access can also be configured by setting
83+ <xref linkend="opt-services.discourse.database.host" />, <xref
84+ linkend="opt-services.discourse.database.username" /> and <xref
85+ linkend="opt-services.discourse.database.passwordFile" /> as
86+ appropriate. Note that you need to manually create a database
87+ called <literal>discourse</literal> (or the name you chose in
88+ <xref linkend="opt-services.discourse.database.name" />) and
89+ allow the configured database user full access to it.
90+ </para>
91+ </section>
92+93+ <section xml:id="module-services-discourse-mail">
94+ <title>Email</title>
95+ <para>
96+ In addition to the basic setup, you'll want to configure an SMTP
97+ server <productname>Discourse</productname> can use to send user
98+ registration and password reset emails, among others. You can
99+ also optionally let <productname>Discourse</productname> receive
100+ email, which enables people to reply to threads and conversations
101+ via email.
102+ </para>
103+104+ <para>
105+ A basic setup which assumes you want to use your configured <link
106+ linkend="opt-services.discourse.hostname">hostname</link> as
107+ email domain can be done like this:
108+109+<programlisting>
110+services.discourse = {
111+ <link linkend="opt-services.discourse.enable">enable</link> = true;
112+ <link linkend="opt-services.discourse.hostname">hostname</link> = "discourse.example.com";
113+ <link linkend="opt-services.discourse.sslCertificate">sslCertificate</link> = "/path/to/ssl_certificate";
114+ <link linkend="opt-services.discourse.sslCertificateKey">sslCertificateKey</link> = "/path/to/ssl_certificate_key";
115+ admin = {
116+ <link linkend="opt-services.discourse.admin.email">email</link> = "admin@example.com";
117+ <link linkend="opt-services.discourse.admin.username">username</link> = "admin";
118+ <link linkend="opt-services.discourse.admin.fullName">fullName</link> = "Administrator";
119+ <link linkend="opt-services.discourse.admin.passwordFile">passwordFile</link> = "/path/to/password_file";
120+ };
121+ mail.outgoing = {
122+ <link linkend="opt-services.discourse.mail.outgoing.serverAddress">serverAddress</link> = "smtp.emailprovider.com";
123+ <link linkend="opt-services.discourse.mail.outgoing.port">port</link> = 587;
124+ <link linkend="opt-services.discourse.mail.outgoing.username">username</link> = "user@emailprovider.com";
125+ <link linkend="opt-services.discourse.mail.outgoing.passwordFile">passwordFile</link> = "/path/to/smtp_password_file";
126+ };
127+ <link linkend="opt-services.discourse.mail.incoming.enable">mail.incoming.enable</link> = true;
128+ <link linkend="opt-services.discourse.secretKeyBaseFile">secretKeyBaseFile</link> = "/path/to/secret_key_base_file";
129+};
130+</programlisting>
131+132+ This assumes you have set up an MX record for the address you've
133+ set in <link linkend="opt-services.discourse.hostname">hostname</link> and
134+ requires proper SPF, DKIM and DMARC configuration to be done for
135+ the domain you're sending from, in order for email to be reliably delivered.
136+ </para>
137+138+ <para>
139+ If you want to use a different domain for your outgoing email
140+ (for example <literal>example.com</literal> instead of
141+ <literal>discourse.example.com</literal>) you should set
142+ <xref linkend="opt-services.discourse.mail.notificationEmailAddress" /> and
143+ <xref linkend="opt-services.discourse.mail.contactEmailAddress" /> manually.
144+ </para>
145+146+ <note>
147+ <para>
148+ Setup of TLS for incoming email is currently only configured
149+ automatically when a regular TLS certificate is used, i.e. when
150+ <xref linkend="opt-services.discourse.sslCertificate" /> and
151+ <xref linkend="opt-services.discourse.sslCertificateKey" /> are
152+ set.
153+ </para>
154+ </note>
155+156+ </section>
157+158+ <section xml:id="module-services-discourse-settings">
159+ <title>Additional settings</title>
160+ <para>
161+ Additional site settings and backend settings, for which no
162+ explicit <productname>NixOS</productname> options are provided,
163+ can be set in <xref linkend="opt-services.discourse.siteSettings" /> and
164+ <xref linkend="opt-services.discourse.backendSettings" /> respectively.
165+ </para>
166+167+ <section xml:id="module-services-discourse-site-settings">
168+ <title>Site settings</title>
169+ <para>
170+ <quote>Site settings</quote> are the settings that can be
171+ changed through the <productname>Discourse</productname>
172+ UI. Their <emphasis>default</emphasis> values can be set using
173+ <xref linkend="opt-services.discourse.siteSettings" />.
174+ </para>
175+176+ <para>
177+ Settings are expressed as a Nix attribute set which matches the
178+ structure of the configuration in
179+ <link xlink:href="https://github.com/discourse/discourse/blob/master/config/site_settings.yml">config/site_settings.yml</link>.
180+ To find a setting's path, you only need to care about the first
181+ two levels; i.e. its category (e.g. <literal>login</literal>)
182+ and name (e.g. <literal>invite_only</literal>).
183+ </para>
184+185+ <para>
186+ Settings containing secret data should be set to an attribute
187+ set containing the attribute <literal>_secret</literal> - a
188+ string pointing to a file containing the value the option
189+ should be set to. See the example.
190+ </para>
191+ </section>
192+193+ <section xml:id="module-services-discourse-backend-settings">
194+ <title>Backend settings</title>
195+ <para>
196+ Settings are expressed as a Nix attribute set which matches the
197+ structure of the configuration in
198+ <link xlink:href="https://github.com/discourse/discourse/blob/stable/config/discourse_defaults.conf">config/discourse.conf</link>.
199+ Empty parameters can be defined by setting them to
200+ <literal>null</literal>.
201+ </para>
202+ </section>
203+204+ <section xml:id="module-services-discourse-settings-example">
205+ <title>Example</title>
206+ <para>
207+ The following example sets the title and description of the
208+ <productname>Discourse</productname> instance and enables
209+ <productname>GitHub</productname> login in the site settings,
210+ and changes a few request limits in the backend settings:
211+<programlisting>
212+services.discourse = {
213+ <link linkend="opt-services.discourse.enable">enable</link> = true;
214+ <link linkend="opt-services.discourse.hostname">hostname</link> = "discourse.example.com";
215+ <link linkend="opt-services.discourse.sslCertificate">sslCertificate</link> = "/path/to/ssl_certificate";
216+ <link linkend="opt-services.discourse.sslCertificateKey">sslCertificateKey</link> = "/path/to/ssl_certificate_key";
217+ admin = {
218+ <link linkend="opt-services.discourse.admin.email">email</link> = "admin@example.com";
219+ <link linkend="opt-services.discourse.admin.username">username</link> = "admin";
220+ <link linkend="opt-services.discourse.admin.fullName">fullName</link> = "Administrator";
221+ <link linkend="opt-services.discourse.admin.passwordFile">passwordFile</link> = "/path/to/password_file";
222+ };
223+ mail.outgoing = {
224+ <link linkend="opt-services.discourse.mail.outgoing.serverAddress">serverAddress</link> = "smtp.emailprovider.com";
225+ <link linkend="opt-services.discourse.mail.outgoing.port">port</link> = 587;
226+ <link linkend="opt-services.discourse.mail.outgoing.username">username</link> = "user@emailprovider.com";
227+ <link linkend="opt-services.discourse.mail.outgoing.passwordFile">passwordFile</link> = "/path/to/smtp_password_file";
228+ };
229+ <link linkend="opt-services.discourse.mail.incoming.enable">mail.incoming.enable</link> = true;
230+ <link linkend="opt-services.discourse.siteSettings">siteSettings</link> = {
231+ required = {
232+ title = "My Cats";
233+ site_description = "Discuss My Cats (and be nice plz)";
234+ };
235+ login = {
236+ enable_github_logins = true;
237+ github_client_id = "a2f6dfe838cb3206ce20";
238+ github_client_secret._secret = /run/keys/discourse_github_client_secret;
239+ };
240+ };
241+ <link linkend="opt-services.discourse.backendSettings">backendSettings</link> = {
242+ max_reqs_per_ip_per_minute = 300;
243+ max_reqs_per_ip_per_10_seconds = 60;
244+ max_asset_reqs_per_ip_per_10_seconds = 250;
245+ max_reqs_per_ip_mode = "warn+block";
246+ };
247+ <link linkend="opt-services.discourse.secretKeyBaseFile">secretKeyBaseFile</link> = "/path/to/secret_key_base_file";
248+};
249+</programlisting>
250+ </para>
251+ <para>
252+ In the resulting site settings file, the
253+ <literal>login.github_client_secret</literal> key will be set
254+ to the contents of the
255+ <filename>/run/keys/discourse_github_client_secret</filename>
256+ file.
257+ </para>
258+ </section>
259+ </section>
260+ <section xml:id="module-services-discourse-plugins">
261+ <title>Plugins</title>
262+ <para>
263+ You can install <productname>Discourse</productname> plugins
264+ using the <xref linkend="opt-services.discourse.plugins" />
265+ option. As long as a plugin supports the standard install
266+ method, packaging it should only require fetching its source
267+ with an appropriate fetcher.
268+ </para>
269+270+ <para>
271+ Some plugins provide <link
272+ linkend="module-services-discourse-site-settings">site
273+ settings</link>. Their defaults can be configured using <xref
274+ linkend="opt-services.discourse.siteSettings" />, just like
275+ regular site settings. To find the names of these settings, look
276+ in the <literal>config/settings.yml</literal> file of the plugin
277+ repo.
278+ </para>
279+280+ <para>
281+ For example, to add the <link
282+ xlink:href="https://github.com/discourse/discourse-spoiler-alert">discourse-spoiler-alert</link>
283+ plugin and disable it by default:
284+285+<programlisting>
286+services.discourse = {
287+ <link linkend="opt-services.discourse.enable">enable</link> = true;
288+ <link linkend="opt-services.discourse.hostname">hostname</link> = "discourse.example.com";
289+ <link linkend="opt-services.discourse.sslCertificate">sslCertificate</link> = "/path/to/ssl_certificate";
290+ <link linkend="opt-services.discourse.sslCertificateKey">sslCertificateKey</link> = "/path/to/ssl_certificate_key";
291+ admin = {
292+ <link linkend="opt-services.discourse.admin.email">email</link> = "admin@example.com";
293+ <link linkend="opt-services.discourse.admin.username">username</link> = "admin";
294+ <link linkend="opt-services.discourse.admin.fullName">fullName</link> = "Administrator";
295+ <link linkend="opt-services.discourse.admin.passwordFile">passwordFile</link> = "/path/to/password_file";
296+ };
297+ mail.outgoing = {
298+ <link linkend="opt-services.discourse.mail.outgoing.serverAddress">serverAddress</link> = "smtp.emailprovider.com";
299+ <link linkend="opt-services.discourse.mail.outgoing.port">port</link> = 587;
300+ <link linkend="opt-services.discourse.mail.outgoing.username">username</link> = "user@emailprovider.com";
301+ <link linkend="opt-services.discourse.mail.outgoing.passwordFile">passwordFile</link> = "/path/to/smtp_password_file";
302+ };
303+ <link linkend="opt-services.discourse.mail.incoming.enable">mail.incoming.enable</link> = true;
304+ <link linkend="opt-services.discourse.mail.incoming.enable">plugins</link> = [
305+ (pkgs.fetchFromGitHub {
306+ owner = "discourse";
307+ repo = "discourse-spoiler-alert";
308+ rev = "e200cfa571d252cab63f3d30d619b370986e4cee";
309+ sha256 = "0ya69ix5g77wz4c9x9gmng6l25ghb5xxlx3icr6jam16q14dzc33";
310+ })
311+ ];
312+ <link linkend="opt-services.discourse.siteSettings">siteSettings</link> = {
313+ plugins = {
314+ spoiler_enabled = false;
315+ };
316+ };
317+ <link linkend="opt-services.discourse.secretKeyBaseFile">secretKeyBaseFile</link> = "/path/to/secret_key_base_file";
318+};
319+</programlisting>
320+321+ </para>
322+ </section>
323+</chapter>
···397 default = pkgs.nginxStable;
398 defaultText = "pkgs.nginxStable";
399 type = types.package;
000400 description = "
401 Nginx package to use. This defaults to the stable version. Note
402 that the nginx team recommends to use the mainline version which
403 available in nixpkgs as <literal>nginxMainline</literal>.
404 ";
00000000000405 };
406407 logError = mkOption {
···397 default = pkgs.nginxStable;
398 defaultText = "pkgs.nginxStable";
399 type = types.package;
400+ apply = p: p.override {
401+ modules = p.modules ++ cfg.additionalModules;
402+ };
403 description = "
404 Nginx package to use. This defaults to the stable version. Note
405 that the nginx team recommends to use the mainline version which
406 available in nixpkgs as <literal>nginxMainline</literal>.
407 ";
408+ };
409+410+ additionalModules = mkOption {
411+ default = [];
412+ type = types.listOf (types.attrsOf types.anything);
413+ example = literalExample "[ pkgs.nginxModules.brotli ]";
414+ description = ''
415+ Additional <link xlink:href="https://www.nginx.com/resources/wiki/modules/">third-party nginx modules</link>
416+ to install. Packaged modules are available in
417+ <literal>pkgs.nginxModules</literal>.
418+ '';
419 };
420421 logError = mkOption {
+1-1
nixos/modules/system/boot/initrd-openvpn.nix
···55 # The shared libraries are required for DNS resolution
56 boot.initrd.extraUtilsCommands = ''
57 copy_bin_and_libs ${pkgs.openvpn}/bin/openvpn
58- copy_bin_and_libs ${pkgs.iproute}/bin/ip
5960 cp -pv ${pkgs.glibc}/lib/libresolv.so.2 $out/lib
61 cp -pv ${pkgs.glibc}/lib/libnss_dns.so.2 $out/lib
···55 # The shared libraries are required for DNS resolution
56 boot.initrd.extraUtilsCommands = ''
57 copy_bin_and_libs ${pkgs.openvpn}/bin/openvpn
58+ copy_bin_and_libs ${pkgs.iproute2}/bin/ip
5960 cp -pv ${pkgs.glibc}/lib/libresolv.so.2 $out/lib
61 cp -pv ${pkgs.glibc}/lib/libnss_dns.so.2 $out/lib
···43 # Everyone on the "isp" machine will be able to add routes to the kernel.
44 security.wrappers.add-dhcpd-lease = {
45 source = pkgs.writeShellScript "add-dhcpd-lease" ''
46- exec ${pkgs.iproute}/bin/ip -6 route replace "$1" via "$2"
47 '';
48 capabilities = "cap_net_admin+ep";
49 };
···43 # Everyone on the "isp" machine will be able to add routes to the kernel.
44 security.wrappers.add-dhcpd-lease = {
45 source = pkgs.writeShellScript "add-dhcpd-lease" ''
46+ exec ${pkgs.iproute2}/bin/ip -6 route replace "$1" via "$2"
47 '';
48 capabilities = "cap_net_admin+ep";
49 };
+32
pkgs/applications/misc/blucontrol/wrapper.nix
···00000000000000000000000000000000
···1+{ stdenv, lib, makeWrapper, ghcWithPackages, packages ? (_:[]) }:
2+let
3+ blucontrolEnv = ghcWithPackages (self: [ self.blucontrol ] ++ packages self);
4+in
5+ stdenv.mkDerivation {
6+ pname = "blucontrol-with-packages";
7+ version = blucontrolEnv.version;
8+9+ nativeBuildInputs = [ makeWrapper ];
10+11+ buildCommand = ''
12+ makeWrapper ${blucontrolEnv}/bin/blucontrol $out/bin/blucontrol \
13+ --prefix PATH : ${lib.makeBinPath [ blucontrolEnv ]}
14+ '';
15+16+ # trivial derivation
17+ preferLocalBuild = true;
18+ allowSubstitues = false;
19+20+ meta = with lib; {
21+ description = "Configurable blue light filter";
22+ longDescription = ''
23+ This application is a blue light filter, with the main focus on configurability.
24+ Configuration is done in Haskell in the style of xmonad.
25+ Blucontrol makes use of monad transformers and allows monadic calculation of gamma values and recoloring. The user chooses, what will be captured in the monadic state.
26+ '';
27+ license = licenses.bsd3;
28+ homepage = "https://github.com/jumper149/blucontrol";
29+ platforms = platforms.unix;
30+ maintainers = with maintainers; [ jumper149 ];
31+ };
32+ }
···56 lgpl2Plus # libfuse
57 ];
58 };
59+60+ passthru.warning = ''
61+ macFUSE is required for this package to work on macOS. To install macFUSE,
62+ use the installer from the <link xlink:href="https://osxfuse.github.io/">
63+ project website</link>.
64+ '';
65}
···4 # the frontend version corresponding to a specific home-assistant version can be found here
5 # https://github.com/home-assistant/home-assistant/blob/master/homeassistant/components/frontend/manifest.json
6 pname = "home-assistant-frontend";
7- version = "20210302.6";
89 src = fetchPypi {
10 inherit pname version;
11- sha256 = "sha256-h3jCqfAPg+z6vsdLm5Pdr+7PCEWW58GCG9viIz3Mi64=";
12 };
1314 # there is nothing to strip in this package
···4 # the frontend version corresponding to a specific home-assistant version can be found here
5 # https://github.com/home-assistant/home-assistant/blob/master/homeassistant/components/frontend/manifest.json
6 pname = "home-assistant-frontend";
7+ version = "20210407.1";
89 src = fetchPypi {
10 inherit pname version;
11+ sha256 = "sha256-7kgL6Ixlc1OZ+3sUAuvJd7vgY6FBgPFEKi6xhq7fiBc=";
12 };
1314 # there is nothing to strip in this package
···1+# frozen_string_literal: true
2+3+source 'https://rubygems.org'
4+# if there is a super emergency and rubygems is playing up, try
5+#source 'http://production.cf.rubygems.org'
6+7+gem 'bootsnap', require: false, platform: :mri
8+9+def rails_master?
10+ ENV["RAILS_MASTER"] == '1'
11+end
12+13+if rails_master?
14+ gem 'arel', git: 'https://github.com/rails/arel.git'
15+ gem 'rails', git: 'https://github.com/rails/rails.git'
16+else
17+ # NOTE: Until rubygems gives us optional dependencies we are stuck with this needing to be explicit
18+ # this allows us to include the bits of rails we use without pieces we do not.
19+ #
20+ # To issue a rails update bump the version number here
21+ gem 'actionmailer', '6.0.3.3'
22+ gem 'actionpack', '6.0.3.3'
23+ gem 'actionview', '6.0.3.3'
24+ gem 'activemodel', '6.0.3.3'
25+ gem 'activerecord', '6.0.3.3'
26+ gem 'activesupport', '6.0.3.3'
27+ gem 'railties', '6.0.3.3'
28+ gem 'sprockets-rails'
29+end
30+31+gem 'json'
32+33+# TODO: At the moment Discourse does not work with Sprockets 4, we would need to correct internals
34+# This is a desired upgrade we should get to.
35+gem 'sprockets', '3.7.2'
36+37+# this will eventually be added to rails,
38+# allows us to precompile all our templates in the unicorn master
39+gem 'actionview_precompiler', require: false
40+41+gem 'seed-fu'
42+43+gem 'mail', require: false
44+gem 'mini_mime'
45+gem 'mini_suffix'
46+47+gem 'redis'
48+49+# This is explicitly used by Sidekiq and is an optional dependency.
50+# We tell Sidekiq to use the namespace "sidekiq" which triggers this
51+# gem to be used. There is no explicit dependency in sidekiq cause
52+# redis namespace support is optional
53+# We already namespace stuff in DiscourseRedis, so we should consider
54+# just using a single implementation in core vs having 2 namespace implementations
55+gem 'redis-namespace'
56+57+# NOTE: AM serializer gets a lot slower with recent updates
58+# we used an old branch which is the fastest one out there
59+# are long term goal here is to fork this gem so we have a
60+# better maintained living fork
61+gem 'active_model_serializers', '~> 0.8.3'
62+63+gem 'onebox'
64+65+gem 'http_accept_language', require: false
66+67+# Ember related gems need to be pinned cause they control client side
68+# behavior, we will push these versions up when upgrading ember
69+gem 'discourse-ember-rails', '0.18.6', require: 'ember-rails'
70+gem 'discourse-ember-source', '~> 3.12.2'
71+gem 'ember-handlebars-template', '0.8.0'
72+gem 'discourse-fonts'
73+74+gem 'barber'
75+76+gem 'message_bus'
77+78+gem 'rails_multisite'
79+80+gem 'fast_xs', platform: :ruby
81+82+gem 'xorcist'
83+84+gem 'fastimage'
85+86+gem 'aws-sdk-s3', require: false
87+gem 'aws-sdk-sns', require: false
88+gem 'excon', require: false
89+gem 'unf', require: false
90+91+gem 'email_reply_trimmer'
92+93+# Forked until https://github.com/toy/image_optim/pull/162 is merged
94+# https://github.com/discourse/image_optim
95+gem 'discourse_image_optim', require: 'image_optim'
96+gem 'multi_json'
97+gem 'mustache'
98+gem 'nokogiri'
99+gem 'css_parser', require: false
100+101+gem 'omniauth'
102+gem 'omniauth-facebook'
103+gem 'omniauth-twitter'
104+gem 'omniauth-github'
105+106+gem 'omniauth-oauth2', require: false
107+108+gem 'omniauth-google-oauth2'
109+110+gem 'oj'
111+gem 'pg'
112+gem 'mini_sql'
113+gem 'pry-rails', require: false
114+gem 'pry-byebug', require: false
115+gem 'r2', require: false
116+gem 'rake'
117+118+gem 'thor', require: false
119+gem 'diffy', require: false
120+gem 'rinku'
121+gem 'sidekiq'
122+gem 'mini_scheduler'
123+124+gem 'execjs', require: false
125+gem 'mini_racer'
126+127+gem 'highline', require: false
128+129+gem 'rack'
130+131+gem 'rack-protection' # security
132+gem 'cbor', require: false
133+gem 'cose', require: false
134+gem 'addressable'
135+136+# Gems used only for assets and not required in production environments by default.
137+# Allow everywhere for now cause we are allowing asset debugging in production
138+group :assets do
139+ gem 'uglifier'
140+ gem 'rtlit', require: false # for css rtling
141+end
142+143+group :test do
144+ gem 'webmock', require: false
145+ gem 'fakeweb', require: false
146+ gem 'minitest', require: false
147+ gem 'simplecov', require: false
148+ gem "test-prof"
149+end
150+151+group :test, :development do
152+ gem 'rspec'
153+ gem 'mock_redis'
154+ gem 'listen', require: false
155+ gem 'certified', require: false
156+ gem 'fabrication', require: false
157+ gem 'mocha', require: false
158+159+ gem 'rb-fsevent', require: RUBY_PLATFORM =~ /darwin/i ? 'rb-fsevent' : false
160+161+ gem 'rspec-rails'
162+163+ gem 'shoulda-matchers', require: false
164+ gem 'rspec-html-matchers'
165+ gem 'byebug', require: ENV['RM_INFO'].nil?, platform: :mri
166+ gem "rubocop-discourse", require: false
167+ gem 'parallel_tests'
168+169+ gem 'rswag-specs'
170+end
171+172+group :development do
173+ gem 'ruby-prof', require: false, platform: :mri
174+ gem 'bullet', require: !!ENV['BULLET']
175+ gem 'better_errors', platform: :mri, require: !!ENV['BETTER_ERRORS']
176+ gem 'binding_of_caller'
177+ gem 'yaml-lint'
178+ gem 'annotate'
179+end
180+181+# this is an optional gem, it provides a high performance replacement
182+# to String#blank? a method that is called quite frequently in current
183+# ActiveRecord, this may change in the future
184+gem 'fast_blank', platform: :ruby
185+186+# this provides a very efficient lru cache
187+gem 'lru_redux'
188+189+gem 'htmlentities', require: false
190+191+# IMPORTANT: mini profiler monkey patches, so it better be required last
192+# If you want to amend mini profiler to do the monkey patches in the railties
193+# we are open to it. by deferring require to the initializer we can configure discourse installs without it
194+195+gem 'flamegraph', require: false
196+gem 'rack-mini-profiler', require: ['enable_rails_patches']
197+198+gem 'unicorn', require: false, platform: :ruby
199+gem 'puma', require: false
200+gem 'rbtrace', require: false, platform: :mri
201+gem 'gc_tracer', require: false, platform: :mri
202+203+# required for feed importing and embedding
204+gem 'ruby-readability', require: false
205+206+gem 'stackprof', require: false, platform: :mri
207+gem 'memory_profiler', require: false, platform: :mri
208+209+gem 'cppjieba_rb', require: false
210+211+gem 'lograge', require: false
212+gem 'logstash-event', require: false
213+gem 'logstash-logger', require: false
214+gem 'logster'
215+216+# NOTE: later versions of sassc are causing a segfault, possibly dependent on processer architecture
217+# and until resolved should be locked at 2.0.1
218+gem 'sassc', '2.0.1', require: false
219+gem "sassc-rails"
220+221+gem 'rotp', require: false
222+223+gem 'rqrcode'
224+225+gem 'rubyzip', require: false
226+227+gem 'sshkey', require: false
228+229+gem 'rchardet', require: false
230+gem 'lz4-ruby', require: false, platform: :ruby
231+232+if ENV["IMPORT"] == "1"
233+ gem 'mysql2'
234+ gem 'redcarpet'
235+236+ # NOTE: in import mode the version of sqlite can matter a lot, so we stick it to a specific one
237+ gem 'sqlite3', '~> 1.3', '>= 1.3.13'
238+ gem 'ruby-bbcode-to-md', git: 'https://github.com/nlalonde/ruby-bbcode-to-md'
239+ gem 'reverse_markdown'
240+ gem 'tiny_tds'
241+ gem 'csv'
242+end
243+244+gem 'webpush', require: false
245+gem 'colored2', require: false
246+gem 'maxminddb'
247+248+gem 'rails_failover', require: false
···1+diff --git a/config/unicorn.conf.rb b/config/unicorn.conf.rb
2+index 373e235b3f..57d4d7a55b 100644
3+--- a/config/unicorn.conf.rb
4++++ b/config/unicorn.conf.rb
5+@@ -27,18 +27,10 @@ pid (ENV["UNICORN_PID_PATH"] || "#{discourse_path}/tmp/pids/unicorn.pid")
6+7+ if ENV["RAILS_ENV"] == "development" || !ENV["RAILS_ENV"]
8+ logger Logger.new($stdout)
9+- # we want a longer timeout in dev cause first request can be really slow
10+- timeout (ENV["UNICORN_TIMEOUT"] && ENV["UNICORN_TIMEOUT"].to_i || 60)
11+-else
12+- # By default, the Unicorn logger will write to stderr.
13+- # Additionally, some applications/frameworks log to stderr or stdout,
14+- # so prevent them from going to /dev/null when daemonized here:
15+- stderr_path "#{discourse_path}/log/unicorn.stderr.log"
16+- stdout_path "#{discourse_path}/log/unicorn.stdout.log"
17+- # nuke workers after 30 seconds instead of 60 seconds (the default)
18+- timeout 30
19+ end
20+21++timeout (ENV["UNICORN_TIMEOUT"] && ENV["UNICORN_TIMEOUT"].to_i || 60)
22++
23+ # important for Ruby 2.0
24+ preload_app true
25+
···1+{ runCommandNoCC, openssh }:
2+3+runCommandNoCC "ssh-copy-id-${openssh.version}" {
4+ meta = openssh.meta // {
5+ description = "A tool to copy SSH public keys to a remote machine";
6+ priority = (openssh.meta.priority or 0) - 1;
7+ };
8+} ''
9+ install -Dm 755 {${openssh},$out}/bin/ssh-copy-id
10+ install -Dm 644 {${openssh},$out}/share/man/man1/ssh-copy-id.1.gz
11+''
+1-1
pkgs/top-level/aliases.nix
···620 qt-3 = throw "qt-3 has been removed from nixpkgs, as it's unmaintained and insecure"; # added 2021-02-15
621 rfkill = throw "rfkill has been removed, as it's included in util-linux"; # added 2020-08-23
622 riak-cs = throw "riak-cs is not maintained anymore"; # added 2020-10-14
623- radare2-cutter = cutter;
624 rkt = throw "rkt was archived by upstream"; # added 2020-05-16
625 ruby_2_0_0 = throw "ruby_2_0_0 was deprecated on 2018-02-13: use a newer version of ruby";
626 ruby_2_1_0 = throw "ruby_2_1_0 was deprecated on 2018-02-13: use a newer version of ruby";
···620 qt-3 = throw "qt-3 has been removed from nixpkgs, as it's unmaintained and insecure"; # added 2021-02-15
621 rfkill = throw "rfkill has been removed, as it's included in util-linux"; # added 2020-08-23
622 riak-cs = throw "riak-cs is not maintained anymore"; # added 2020-10-14
623+ radare2-cutter = cutter; # added 2021-03-30
624 rkt = throw "rkt was archived by upstream"; # added 2020-05-16
625 ruby_2_0_0 = throw "ruby_2_0_0 was deprecated on 2018-02-13: use a newer version of ruby";
626 ruby_2_1_0 = throw "ruby_2_1_0 was deprecated on 2018-02-13: use a newer version of ruby";