commit b00dfff9f958ae46367158387d805a2b52ed5b23 · pyrox.dev/nixpkgs

+6 -6

maintainers/maintainer-list.nix

··· 9734 githubId = 36667224; 9735 name = "Yingchi Long"; 9736 }; 9737 indexyz = { 9738 email = "indexyz@pm.me"; 9739 github = "5aaee9"; ··· 14810 githubId = 65046942; 14811 name = "Marcin Mikuła"; 14812 keys = [ { fingerprint = "5547 2A56 AC30 69C9 15C8 B98D 997F 71FA 1D74 6E37"; } ]; 14813 - }; 14814 - milahu = { 14815 - email = "milahu@gmail.com"; 14816 - github = "milahu"; 14817 - githubId = 12958815; 14818 - name = "Milan Hauth"; 14819 }; 14820 milesbreslin = { 14821 email = "milesbreslin@gmail.com";

··· 9734 githubId = 36667224; 9735 name = "Yingchi Long"; 9736 }; 9737 + IncredibleLaser = { 9738 + github = "IncredibleLaser"; 9739 + githubId = 45564436; 9740 + matrix = "@incrediblelaser:tchncs.de"; 9741 + name = "Gereon Schomber"; 9742 + }; 9743 indexyz = { 9744 email = "indexyz@pm.me"; 9745 github = "5aaee9"; ··· 14816 githubId = 65046942; 14817 name = "Marcin Mikuła"; 14818 keys = [ { fingerprint = "5547 2A56 AC30 69C9 15C8 B98D 997F 71FA 1D74 6E37"; } ]; 14819 }; 14820 milesbreslin = { 14821 email = "milesbreslin@gmail.com";

+5

nixos/doc/manual/release-notes/rl-2505.section.md

··· 63 64 - [waagent](https://github.com/Azure/WALinuxAgent), the Microsoft Azure Linux Agent (waagent) manages Linux provisioning and VM interaction with the Azure Fabric Controller. Available with [services.waagent](options.html#opt-services.waagent.enable). 65 66 - [nostr-rs-relay](https://git.sr.ht/~gheartsfield/nostr-rs-relay/), This is a nostr relay, written in Rust. Available as [services.nostr-rs-relay](options.html#opt-services.nostr-rs-relay.enable). 67 68 - [Actual Budget](https://actualbudget.org/), a local-first personal finance app. Available as [services.actual](#opt-services.actual.enable). ··· 152 If you set custom Caddy options for a DokuWiki site, migrate these options by removing `http://` from `services.caddy.virtualHosts."http://example.com"`. 153 154 - `vscode-utils.buildVscodeExtension` now requires pname as an argument 155 156 - `nerdfonts` has been separated into individual font packages under the namespace `nerd-fonts`. The directories for font 157 files have changed from `$out/share/fonts/{opentype,truetype}/NerdFonts` to

··· 63 64 - [waagent](https://github.com/Azure/WALinuxAgent), the Microsoft Azure Linux Agent (waagent) manages Linux provisioning and VM interaction with the Azure Fabric Controller. Available with [services.waagent](options.html#opt-services.waagent.enable). 65 66 + - [duckdns](https://www.duckdns.org), free dynamic DNS. Available with [services.duckdns](options.html#opt-services.duckdns.enable) 67 + 68 - [nostr-rs-relay](https://git.sr.ht/~gheartsfield/nostr-rs-relay/), This is a nostr relay, written in Rust. Available as [services.nostr-rs-relay](options.html#opt-services.nostr-rs-relay.enable). 69 70 - [Actual Budget](https://actualbudget.org/), a local-first personal finance app. Available as [services.actual](#opt-services.actual.enable). ··· 154 If you set custom Caddy options for a DokuWiki site, migrate these options by removing `http://` from `services.caddy.virtualHosts."http://example.com"`. 155 156 - `vscode-utils.buildVscodeExtension` now requires pname as an argument 157 + 158 + - The behavior of `services.hostapd.radios.<name>.networks.<name>.authentication.enableRecommendedPairwiseCiphers` was changed to not include `CCMP-256` anymore. 159 + Since all configured pairwise ciphers have to be supported by the radio, this caused startup failures on many devices which is hard to debug in hostapd. 160 161 - `nerdfonts` has been separated into individual font packages under the namespace `nerd-fonts`. The directories for font 162 files have changed from `$out/share/fonts/{opentype,truetype}/NerdFonts` to

+1

nixos/modules/module-list.nix

··· 763 ./services/misc/disnix.nix 764 ./services/misc/docker-registry.nix 765 ./services/misc/domoticz.nix 766 ./services/misc/duckling.nix 767 ./services/misc/dwm-status.nix 768 ./services/misc/dysnomia.nix

··· 763 ./services/misc/disnix.nix 764 ./services/misc/docker-registry.nix 765 ./services/misc/domoticz.nix 766 + ./services/misc/duckdns.nix 767 ./services/misc/duckling.nix 768 ./services/misc/dwm-status.nix 769 ./services/misc/dysnomia.nix

+4 -6

nixos/modules/services/networking/hostapd.nix

··· 11 attrNames 12 attrValues 13 concatLists 14 - concatMap 15 concatMapStrings 16 concatStringsSep 17 count ··· 34 mkOption 35 mkPackageOption 36 mkRemovedOptionModule 37 - optional 38 optionalAttrs 39 optionalString 40 optionals 41 - singleton 42 stringLength 43 toLower 44 types ··· 710 711 pairwiseCiphers = mkOption { 712 default = ["CCMP"]; 713 - example = ["CCMP-256" "GCMP-256"]; 714 type = types.listOf types.str; 715 description = '' 716 Set of accepted cipher suites (encryption algorithms) for pairwise keys (unicast packets). ··· 719 720 Please refer to the hostapd documentation for allowed values. Generally, only 721 CCMP or GCMP modes should be considered safe options. Most devices support CCMP while 722 - GCMP is often only available with devices supporting WiFi 5 (IEEE 802.11ac) or higher. 723 ''; 724 }; 725 ··· 906 bssCfg = bssSubmod.config; 907 pairwiseCiphers = 908 concatStringsSep " " (unique (bssCfg.authentication.pairwiseCiphers 909 - ++ optionals bssCfg.authentication.enableRecommendedPairwiseCiphers ["CCMP" "CCMP-256" "GCMP" "GCMP-256"])); 910 in { 911 settings = { 912 ssid = bssCfg.ssid;

··· 11 attrNames 12 attrValues 13 concatLists 14 concatMapStrings 15 concatStringsSep 16 count ··· 33 mkOption 34 mkPackageOption 35 mkRemovedOptionModule 36 optionalAttrs 37 optionalString 38 optionals 39 stringLength 40 toLower 41 types ··· 707 708 pairwiseCiphers = mkOption { 709 default = ["CCMP"]; 710 + example = ["GCMP" "GCMP-256"]; 711 type = types.listOf types.str; 712 description = '' 713 Set of accepted cipher suites (encryption algorithms) for pairwise keys (unicast packets). ··· 716 717 Please refer to the hostapd documentation for allowed values. Generally, only 718 CCMP or GCMP modes should be considered safe options. Most devices support CCMP while 719 + GCMP and GCMP-256 is often only available with devices supporting WiFi 5 (IEEE 802.11ac) or higher. 720 + CCMP-256 support is rare. 721 ''; 722 }; 723 ··· 904 bssCfg = bssSubmod.config; 905 pairwiseCiphers = 906 concatStringsSep " " (unique (bssCfg.authentication.pairwiseCiphers 907 + ++ optionals bssCfg.authentication.enableRecommendedPairwiseCiphers ["CCMP" "GCMP" "GCMP-256"])); 908 in { 909 settings = { 910 ssid = bssCfg.ssid;

+208 -158

nixos/modules/services/web-apps/dolibarr.nix

··· 1 - { config, pkgs, lib, ... }: 2 let 3 - inherit (lib) any boolToString concatStringsSep isBool isString mapAttrsToList mkDefault mkEnableOption mkIf mkMerge mkOption optionalAttrs types mkPackageOption; 4 5 package = cfg.package.override { inherit (cfg) stateDir; }; 6 7 cfg = config.services.dolibarr; 8 vhostCfg = lib.optionalAttrs (cfg.nginx != null) config.services.nginx.virtualHosts."${cfg.domain}"; 9 10 - mkConfigFile = filename: settings: 11 let 12 # hack in special logic for secrets so we read them from a separate file avoiding the nix store 13 - secretKeys = [ "force_install_databasepass" "dolibarr_main_db_pass" "dolibarr_main_instance_unique_id" ]; 14 15 - toStr = k: v: 16 - if (any (str: k == str) secretKeys) then v 17 - else if isString v then "'${v}'" 18 - else if isBool v then boolToString v 19 - else if v == null then "null" 20 - else toString v 21 - ; 22 in 23 - pkgs.writeText filename '' 24 - <?php 25 - ${concatStringsSep "\n" (mapAttrsToList (k: v: "\$${k} = ${toStr k v};") settings)} 26 - ''; 27 28 # see https://github.com/Dolibarr/dolibarr/blob/develop/htdocs/install/install.forced.sample.php for all possible values 29 - install = { 30 - force_install_noedit = 2; 31 - force_install_main_data_root = "${cfg.stateDir}/documents"; 32 - force_install_nophpinfo = true; 33 - force_install_lockinstall = "444"; 34 - force_install_distrib = "nixos"; 35 - force_install_type = "mysqli"; 36 - force_install_dbserver = cfg.database.host; 37 - force_install_port = toString cfg.database.port; 38 - force_install_database = cfg.database.name; 39 - force_install_databaselogin = cfg.database.user; 40 41 - force_install_mainforcehttps = vhostCfg.forceSSL or false; 42 - force_install_createuser = false; 43 - force_install_dolibarrlogin = null; 44 - } // optionalAttrs (cfg.database.passwordFile != null) { 45 - force_install_databasepass = ''file_get_contents("${cfg.database.passwordFile}")''; 46 - }; 47 in 48 { 49 # interface ··· 131 }; 132 133 settings = mkOption { 134 - type = with types; (attrsOf (oneOf [ bool int str ])); 135 default = { }; 136 description = "Dolibarr settings, see <https://github.com/Dolibarr/dolibarr/blob/develop/htdocs/conf/conf.php.example> for details."; 137 }; 138 139 nginx = mkOption { 140 - type = types.nullOr (types.submodule ( 141 - lib.recursiveUpdate 142 - (import ../web-servers/nginx/vhost-options.nix { inherit config lib; }) 143 - { 144 # enable encryption by default, 145 # as sensitive login and Dolibarr (ERP) data should not be transmitted in clear text. 146 options.forceSSL.default = true; 147 options.enableACME.default = true; 148 } 149 - )); 150 default = null; 151 example = lib.literalExpression '' 152 { ··· 158 } 159 ''; 160 description = '' 161 - With this option, you can customize an nginx virtual host which already has sensible defaults for Dolibarr. 162 - Set to {} if you do not need any customization to the virtual host. 163 - If enabled, then by default, the {option}`serverName` is 164 - `''${domain}`, 165 - SSL is active, and certificates are acquired via ACME. 166 - If this is set to null (the default), no nginx virtualHost will be configured. 167 ''; 168 }; 169 170 poolConfig = mkOption { 171 - type = with types; attrsOf (oneOf [ str int bool ]); 172 default = { 173 "pm" = "dynamic"; 174 "pm.max_children" = 32; ··· 188 config = mkIf cfg.enable (mkMerge [ 189 { 190 191 - assertions = [ 192 - { assertion = cfg.database.createLocally -> cfg.database.user == cfg.user; 193 - message = "services.dolibarr.database.user must match services.dolibarr.user if the database is to be automatically provisioned"; 194 - } 195 - ]; 196 197 - services.dolibarr.settings = { 198 - dolibarr_main_url_root = "https://${cfg.domain}"; 199 - dolibarr_main_document_root = "${package}/htdocs"; 200 - dolibarr_main_url_root_alt = "/custom"; 201 - dolibarr_main_data_root = "${cfg.stateDir}/documents"; 202 203 - dolibarr_main_db_host = cfg.database.host; 204 - dolibarr_main_db_port = toString cfg.database.port; 205 - dolibarr_main_db_name = cfg.database.name; 206 - dolibarr_main_db_prefix = "llx_"; 207 - dolibarr_main_db_user = cfg.database.user; 208 - dolibarr_main_db_pass = mkIf (cfg.database.passwordFile != null) '' 209 - file_get_contents("${cfg.database.passwordFile}") 210 - ''; 211 - dolibarr_main_db_type = "mysqli"; 212 - dolibarr_main_db_character_set = mkDefault "utf8"; 213 - dolibarr_main_db_collation = mkDefault "utf8_unicode_ci"; 214 215 - # Authentication settings 216 - dolibarr_main_authentication = mkDefault "dolibarr"; 217 - 218 - # Security settings 219 - dolibarr_main_prod = true; 220 - dolibarr_main_force_https = vhostCfg.forceSSL or false; 221 - dolibarr_main_restrict_os_commands = "${pkgs.mariadb}/bin/mysqldump, ${pkgs.mariadb}/bin/mysql"; 222 - dolibarr_nocsrfcheck = false; 223 - dolibarr_main_instance_unique_id = '' 224 - file_get_contents("${cfg.stateDir}/dolibarr_main_instance_unique_id") 225 - ''; 226 - dolibarr_mailing_limit_sendbyweb = false; 227 - }; 228 229 - systemd.tmpfiles.rules = [ 230 - "d '${cfg.stateDir}' 0750 ${cfg.user} ${cfg.group}" 231 - "d '${cfg.stateDir}/documents' 0750 ${cfg.user} ${cfg.group}" 232 - "f '${cfg.stateDir}/conf.php' 0660 ${cfg.user} ${cfg.group}" 233 - "L '${cfg.stateDir}/install.forced.php' - ${cfg.user} ${cfg.group} - ${mkConfigFile "install.forced.php" install}" 234 - ]; 235 236 - services.mysql = mkIf cfg.database.createLocally { 237 - enable = mkDefault true; 238 - package = mkDefault pkgs.mariadb; 239 - ensureDatabases = [ cfg.database.name ]; 240 - ensureUsers = [ 241 - { name = cfg.database.user; 242 - ensurePermissions = { "${cfg.database.name}.*" = "ALL PRIVILEGES"; }; 243 - } 244 ]; 245 - }; 246 247 - services.nginx.enable = mkIf (cfg.nginx != null) true; 248 - services.nginx.virtualHosts."${cfg.domain}" = mkIf (cfg.nginx != null) (lib.mkMerge [ 249 - cfg.nginx 250 - ({ 251 - root = lib.mkForce "${package}/htdocs"; 252 - locations."/".index = "index.php"; 253 - locations."~ [^/]\\.php(/|$)" = { 254 extraConfig = '' 255 - fastcgi_split_path_info ^(.+?\.php)(/.*)$; 256 - fastcgi_pass unix:${config.services.phpfpm.pools.dolibarr.socket}; 257 ''; 258 }; 259 - }) 260 - ]); 261 262 - systemd.services."phpfpm-dolibarr".after = mkIf cfg.database.createLocally [ "mysql.service" ]; 263 - services.phpfpm.pools.dolibarr = { 264 - inherit (cfg) user group; 265 - phpPackage = pkgs.php.buildEnv { 266 - extensions = { enabled, all }: enabled ++ [ all.calendar ]; 267 - # recommended by dolibarr web application 268 - extraConfig = '' 269 - session.use_strict_mode = 1 270 - session.cookie_samesite = "Lax" 271 - ; open_basedir = "${package}/htdocs, ${cfg.stateDir}" 272 - allow_url_fopen = 0 273 - disable_functions = "pcntl_alarm, pcntl_fork, pcntl_waitpid, pcntl_wait, pcntl_wifexited, pcntl_wifstopped, pcntl_wifsignaled, pcntl_wifcontinued, pcntl_wexitstatus, pcntl_wtermsig, pcntl_wstopsig, pcntl_signal, pcntl_signal_get_handler, pcntl_signal_dispatch, pcntl_get_last_error, pcntl_strerror, pcntl_sigprocmask, pcntl_sigwaitinfo, pcntl_sigtimedwait, pcntl_exec, pcntl_getpriority, pcntl_setpriority, pcntl_async_signals" 274 - ''; 275 }; 276 277 - settings = { 278 - "listen.mode" = "0660"; 279 - "listen.owner" = cfg.user; 280 - "listen.group" = cfg.group; 281 - } // cfg.poolConfig; 282 - }; 283 284 - # there are several challenges with dolibarr and NixOS which we can address here 285 - # - the dolibarr installer cannot be entirely automated, though it can partially be by including a file called install.forced.php 286 - # - the dolibarr installer requires write access to its config file during installation, though not afterwards 287 - # - the dolibarr config file generally holds secrets generated by the installer, though the config file is a php file so we can read and write these secrets from an external file 288 - systemd.services.dolibarr-config = { 289 - description = "dolibarr configuration file management via NixOS"; 290 - wantedBy = [ "multi-user.target" ]; 291 292 - script = '' 293 - # extract the 'main instance unique id' secret that the dolibarr installer generated for us, store it in a file for use by our own NixOS generated configuration file 294 - ${pkgs.php}/bin/php -r "include '${cfg.stateDir}/conf.php'; file_put_contents('${cfg.stateDir}/dolibarr_main_instance_unique_id', \$dolibarr_main_instance_unique_id);" 295 296 - # replace configuration file generated by installer with the NixOS generated configuration file 297 - install -m 644 ${mkConfigFile "conf.php" cfg.settings} '${cfg.stateDir}/conf.php' 298 - ''; 299 300 - serviceConfig = { 301 - Type = "oneshot"; 302 - User = cfg.user; 303 - Group = cfg.group; 304 - RemainAfterExit = "yes"; 305 }; 306 307 - unitConfig = { 308 - ConditionFileNotEmpty = "${cfg.stateDir}/conf.php"; 309 }; 310 - }; 311 312 - users.users.dolibarr = mkIf (cfg.user == "dolibarr" ) { 313 - isSystemUser = true; 314 - group = cfg.group; 315 - }; 316 - 317 - users.groups = optionalAttrs (cfg.group == "dolibarr") { 318 - dolibarr = { }; 319 - }; 320 - } 321 - (mkIf (cfg.nginx != null) { 322 - users.users."${config.services.nginx.group}".extraGroups = mkIf (cfg.nginx != null) [ cfg.group ]; 323 - }) 324 - ]); 325 }

··· 1 + { 2 + config, 3 + pkgs, 4 + lib, 5 + ... 6 + }: 7 let 8 + inherit (lib) 9 + any 10 + boolToString 11 + concatStringsSep 12 + isBool 13 + isString 14 + mapAttrsToList 15 + mkDefault 16 + mkEnableOption 17 + mkIf 18 + mkMerge 19 + mkOption 20 + optionalAttrs 21 + types 22 + mkPackageOption 23 + ; 24 25 package = cfg.package.override { inherit (cfg) stateDir; }; 26 27 cfg = config.services.dolibarr; 28 vhostCfg = lib.optionalAttrs (cfg.nginx != null) config.services.nginx.virtualHosts."${cfg.domain}"; 29 30 + mkConfigFile = 31 + filename: settings: 32 let 33 # hack in special logic for secrets so we read them from a separate file avoiding the nix store 34 + secretKeys = [ 35 + "force_install_databasepass" 36 + "dolibarr_main_db_pass" 37 + "dolibarr_main_instance_unique_id" 38 + ]; 39 40 + toStr = 41 + k: v: 42 + if (any (str: k == str) secretKeys) then 43 + v 44 + else if isString v then 45 + "'${v}'" 46 + else if isBool v then 47 + boolToString v 48 + else if v == null then 49 + "null" 50 + else 51 + toString v; 52 in 53 + pkgs.writeText filename '' 54 + <?php 55 + ${concatStringsSep "\n" (mapAttrsToList (k: v: "\$${k} = ${toStr k v};") settings)} 56 + ''; 57 58 # see https://github.com/Dolibarr/dolibarr/blob/develop/htdocs/install/install.forced.sample.php for all possible values 59 + install = 60 + { 61 + force_install_noedit = 2; 62 + force_install_main_data_root = "${cfg.stateDir}/documents"; 63 + force_install_nophpinfo = true; 64 + force_install_lockinstall = "444"; 65 + force_install_distrib = "nixos"; 66 + force_install_type = "mysqli"; 67 + force_install_dbserver = cfg.database.host; 68 + force_install_port = toString cfg.database.port; 69 + force_install_database = cfg.database.name; 70 + force_install_databaselogin = cfg.database.user; 71 72 + force_install_mainforcehttps = vhostCfg.forceSSL or false; 73 + force_install_createuser = false; 74 + force_install_dolibarrlogin = null; 75 + } 76 + // optionalAttrs (cfg.database.passwordFile != null) { 77 + force_install_databasepass = ''file_get_contents("${cfg.database.passwordFile}")''; 78 + }; 79 in 80 { 81 # interface ··· 163 }; 164 165 settings = mkOption { 166 + type = 167 + with types; 168 + (attrsOf (oneOf [ 169 + bool 170 + int 171 + str 172 + ])); 173 default = { }; 174 description = "Dolibarr settings, see <https://github.com/Dolibarr/dolibarr/blob/develop/htdocs/conf/conf.php.example> for details."; 175 }; 176 177 nginx = mkOption { 178 + type = types.nullOr ( 179 + types.submodule ( 180 + lib.recursiveUpdate (import ../web-servers/nginx/vhost-options.nix { inherit config lib; }) { 181 # enable encryption by default, 182 # as sensitive login and Dolibarr (ERP) data should not be transmitted in clear text. 183 options.forceSSL.default = true; 184 options.enableACME.default = true; 185 } 186 + ) 187 + ); 188 default = null; 189 example = lib.literalExpression '' 190 { ··· 196 } 197 ''; 198 description = '' 199 + With this option, you can customize an nginx virtual host which already has sensible defaults for Dolibarr. 200 + Set to {} if you do not need any customization to the virtual host. 201 + If enabled, then by default, the {option}`serverName` is 202 + `''${domain}`, 203 + SSL is active, and certificates are acquired via ACME. 204 + If this is set to null (the default), no nginx virtualHost will be configured. 205 ''; 206 }; 207 208 poolConfig = mkOption { 209 + type = 210 + with types; 211 + attrsOf (oneOf [ 212 + str 213 + int 214 + bool 215 + ]); 216 default = { 217 "pm" = "dynamic"; 218 "pm.max_children" = 32; ··· 232 config = mkIf cfg.enable (mkMerge [ 233 { 234 235 + assertions = [ 236 + { 237 + assertion = cfg.database.createLocally -> cfg.database.user == cfg.user; 238 + message = "services.dolibarr.database.user must match services.dolibarr.user if the database is to be automatically provisioned"; 239 + } 240 + ]; 241 242 + services.dolibarr.settings = { 243 + dolibarr_main_url_root = "https://${cfg.domain}"; 244 + dolibarr_main_document_root = "${package}/htdocs"; 245 + dolibarr_main_url_root_alt = "/custom"; 246 + dolibarr_main_data_root = "${cfg.stateDir}/documents"; 247 248 + dolibarr_main_db_host = cfg.database.host; 249 + dolibarr_main_db_port = toString cfg.database.port; 250 + dolibarr_main_db_name = cfg.database.name; 251 + dolibarr_main_db_prefix = "llx_"; 252 + dolibarr_main_db_user = cfg.database.user; 253 + dolibarr_main_db_pass = mkIf (cfg.database.passwordFile != null) '' 254 + file_get_contents("${cfg.database.passwordFile}") 255 + ''; 256 + dolibarr_main_db_type = "mysqli"; 257 + dolibarr_main_db_character_set = mkDefault "utf8"; 258 + dolibarr_main_db_collation = mkDefault "utf8_unicode_ci"; 259 260 + # Authentication settings 261 + dolibarr_main_authentication = mkDefault "dolibarr"; 262 263 + # Security settings 264 + dolibarr_main_prod = true; 265 + dolibarr_main_force_https = vhostCfg.forceSSL or false; 266 + dolibarr_main_restrict_os_commands = "${pkgs.mariadb}/bin/mysqldump, ${pkgs.mariadb}/bin/mysql"; 267 + dolibarr_nocsrfcheck = false; 268 + dolibarr_main_instance_unique_id = '' 269 + file_get_contents("${cfg.stateDir}/dolibarr_main_instance_unique_id") 270 + ''; 271 + dolibarr_mailing_limit_sendbyweb = false; 272 + }; 273 274 + systemd.tmpfiles.rules = [ 275 + "d '${cfg.stateDir}' 0750 ${cfg.user} ${cfg.group}" 276 + "d '${cfg.stateDir}/documents' 0750 ${cfg.user} ${cfg.group}" 277 + "f '${cfg.stateDir}/conf.php' 0660 ${cfg.user} ${cfg.group}" 278 + "L '${cfg.stateDir}/install.forced.php' - ${cfg.user} ${cfg.group} - ${mkConfigFile "install.forced.php" install}" 279 ]; 280 281 + services.mysql = mkIf cfg.database.createLocally { 282 + enable = mkDefault true; 283 + package = mkDefault pkgs.mariadb; 284 + ensureDatabases = [ cfg.database.name ]; 285 + ensureUsers = [ 286 + { 287 + name = cfg.database.user; 288 + ensurePermissions = { 289 + "${cfg.database.name}.*" = "ALL PRIVILEGES"; 290 + }; 291 + } 292 + ]; 293 + }; 294 + 295 + services.nginx.enable = mkIf (cfg.nginx != null) true; 296 + services.nginx.virtualHosts."${cfg.domain}" = mkIf (cfg.nginx != null) ( 297 + lib.mkMerge [ 298 + cfg.nginx 299 + ({ 300 + root = lib.mkForce "${package}/htdocs"; 301 + locations."/".index = "index.php"; 302 + locations."~ [^/]\\.php(/|$)" = { 303 + extraConfig = '' 304 + fastcgi_split_path_info ^(.+?\.php)(/.*)$; 305 + fastcgi_pass unix:${config.services.phpfpm.pools.dolibarr.socket}; 306 + ''; 307 + }; 308 + }) 309 + ] 310 + ); 311 + 312 + systemd.services."phpfpm-dolibarr".after = mkIf cfg.database.createLocally [ "mysql.service" ]; 313 + services.phpfpm.pools.dolibarr = { 314 + inherit (cfg) user group; 315 + phpPackage = pkgs.php.buildEnv { 316 + extensions = { enabled, all }: enabled ++ [ all.calendar ]; 317 + # recommended by dolibarr web application 318 extraConfig = '' 319 + session.use_strict_mode = 1 320 + session.cookie_samesite = "Lax" 321 + ; open_basedir = "${package}/htdocs, ${cfg.stateDir}" 322 + allow_url_fopen = 0 323 + disable_functions = "pcntl_alarm, pcntl_fork, pcntl_waitpid, pcntl_wait, pcntl_wifexited, pcntl_wifstopped, pcntl_wifsignaled, pcntl_wifcontinued, pcntl_wexitstatus, pcntl_wtermsig, pcntl_wstopsig, pcntl_signal, pcntl_signal_get_handler, pcntl_signal_dispatch, pcntl_get_last_error, pcntl_strerror, pcntl_sigprocmask, pcntl_sigwaitinfo, pcntl_sigtimedwait, pcntl_exec, pcntl_getpriority, pcntl_setpriority, pcntl_async_signals" 324 ''; 325 }; 326 327 + settings = { 328 + "listen.mode" = "0660"; 329 + "listen.owner" = cfg.user; 330 + "listen.group" = cfg.group; 331 + } // cfg.poolConfig; 332 }; 333 334 + # there are several challenges with dolibarr and NixOS which we can address here 335 + # - the dolibarr installer cannot be entirely automated, though it can partially be by including a file called install.forced.php 336 + # - the dolibarr installer requires write access to its config file during installation, though not afterwards 337 + # - the dolibarr config file generally holds secrets generated by the installer, though the config file is a php file so we can read and write these secrets from an external file 338 + systemd.services.dolibarr-config = { 339 + description = "dolibarr configuration file management via NixOS"; 340 + wantedBy = [ "multi-user.target" ]; 341 342 + script = '' 343 + # extract the 'main instance unique id' secret that the dolibarr installer generated for us, store it in a file for use by our own NixOS generated configuration file 344 + ${pkgs.php}/bin/php -r "include '${cfg.stateDir}/conf.php'; file_put_contents('${cfg.stateDir}/dolibarr_main_instance_unique_id', \$dolibarr_main_instance_unique_id);" 345 346 + # replace configuration file generated by installer with the NixOS generated configuration file 347 + install -m 440 ${mkConfigFile "conf.php" cfg.settings} '${cfg.stateDir}/conf.php' 348 + ''; 349 350 + serviceConfig = { 351 + Type = "oneshot"; 352 + User = cfg.user; 353 + Group = cfg.group; 354 + RemainAfterExit = "yes"; 355 + }; 356 357 + unitConfig = { 358 + ConditionFileNotEmpty = "${cfg.stateDir}/conf.php"; 359 + }; 360 }; 361 362 + users.users.dolibarr = mkIf (cfg.user == "dolibarr") { 363 + isSystemUser = true; 364 + group = cfg.group; 365 }; 366 367 + users.groups = optionalAttrs (cfg.group == "dolibarr") { 368 + dolibarr = { }; 369 + }; 370 + } 371 + (mkIf (cfg.nginx != null) { 372 + users.users."${config.services.nginx.group}".extraGroups = mkIf (cfg.nginx != null) [ cfg.group ]; 373 + }) 374 + ]); 375 }

+1 -1

pkgs/applications/maui/booth.nix

··· 53 mainProgram = "booth"; 54 homepage = "https://invent.kde.org/maui/booth"; 55 license = licenses.gpl3Plus; 56 - maintainers = with maintainers; [ milahu ]; 57 }; 58 }

··· 53 mainProgram = "booth"; 54 homepage = "https://invent.kde.org/maui/booth"; 55 license = licenses.gpl3Plus; 56 + maintainers = with maintainers; [ ]; 57 }; 58 }

+3 -3

pkgs/by-name/ho/home-manager/package.nix

··· 19 20 stdenvNoCC.mkDerivation (finalAttrs: { 21 pname = "home-manager"; 22 - version = "0-unstable-2024-12-12"; 23 24 src = fetchFromGitHub { 25 name = "home-manager-source"; 26 owner = "nix-community"; 27 repo = "home-manager"; 28 - rev = "3066cc58f552421a2c5414e78407fa5603405b1e"; 29 - hash = "sha256-e9YAMReFV1fDPcZLFC2pa4k/8TloSXeX0z2VysNMAoA="; 30 }; 31 32 nativeBuildInputs = [

··· 19 20 stdenvNoCC.mkDerivation (finalAttrs: { 21 pname = "home-manager"; 22 + version = "0-unstable-2024-12-23"; 23 24 src = fetchFromGitHub { 25 name = "home-manager-source"; 26 owner = "nix-community"; 27 repo = "home-manager"; 28 + rev = "f1b1786ea77739dcd181b920d430e30fb1608b8a"; 29 + hash = "sha256-f9UyHMTb+BwF6RDZ8eO9HOkSlKeeSPBlcYhMmV1UNIk="; 30 }; 31 32 nativeBuildInputs = [

+9 -11

pkgs/by-name/ko/koboldcpp/package.nix

··· 3 fetchFromGitHub, 4 stdenv, 5 makeWrapper, 6 - gitUpdater, 7 python3Packages, 8 tk, 9 addDriverRunpath, 10 11 apple-sdk_12, 12 13 koboldLiteSupport ? true, 14 15 config, 16 cudaPackages ? { }, 17 - 18 - openblasSupport ? !stdenv.hostPlatform.isDarwin, 19 - openblas, 20 21 cublasSupport ? config.cudaSupport, 22 # You can find a full list here: https://arnon.dk/matching-sm-architectures-arch-and-gencode-for-various-nvidia-cards/ 23 - # For example if you're on an GTX 1080 that means you're using "Pascal" and you need to pass "sm_60" 24 cudaArches ? cudaPackages.cudaFlags.realArches or [ ], 25 26 clblastSupport ? stdenv.hostPlatform.isLinux, 27 clblast, 28 ocl-icd, 29 30 - vulkanSupport ? true, 31 vulkan-loader, 32 metalSupport ? stdenv.hostPlatform.isDarwin, 33 nix-update-script, ··· 44 in 45 effectiveStdenv.mkDerivation (finalAttrs: { 46 pname = "koboldcpp"; 47 - version = "1.79.1"; 48 49 src = fetchFromGitHub { 50 owner = "LostRuins"; 51 repo = "koboldcpp"; 52 rev = "refs/tags/v${finalAttrs.version}"; 53 - hash = "sha256-RHeEI6mJklGF7BQXxLwxSr1xD6GsI9+fio888UxKru0="; 54 }; 55 56 enableParallelBuilding = true; ··· 65 buildInputs = 66 [ tk ] 67 ++ finalAttrs.pythonInputs 68 - ++ lib.optionals stdenv.hostPlatform.isDarwin [ apple-sdk_12 ] 69 - ++ lib.optionals openblasSupport [ openblas ] 70 ++ lib.optionals cublasSupport [ 71 cudaPackages.libcublas 72 cudaPackages.cuda_nvcc ··· 82 pythonPath = finalAttrs.pythonInputs; 83 84 makeFlags = [ 85 - (makeBool "LLAMA_OPENBLAS" openblasSupport) 86 (makeBool "LLAMA_CUBLAS" cublasSupport) 87 (makeBool "LLAMA_CLBLAST" clblastSupport) 88 (makeBool "LLAMA_VULKAN" vulkanSupport)

··· 3 fetchFromGitHub, 4 stdenv, 5 makeWrapper, 6 python3Packages, 7 tk, 8 addDriverRunpath, 9 10 apple-sdk_12, 11 + darwinMinVersionHook, 12 13 koboldLiteSupport ? true, 14 15 config, 16 cudaPackages ? { }, 17 18 cublasSupport ? config.cudaSupport, 19 # You can find a full list here: https://arnon.dk/matching-sm-architectures-arch-and-gencode-for-various-nvidia-cards/ 20 + # For example if you're on an RTX 3060 that means you're using "Ampere" and you need to pass "sm_86" 21 cudaArches ? cudaPackages.cudaFlags.realArches or [ ], 22 23 clblastSupport ? stdenv.hostPlatform.isLinux, 24 clblast, 25 ocl-icd, 26 27 + vulkanSupport ? (!stdenv.hostPlatform.isDarwin), 28 vulkan-loader, 29 metalSupport ? stdenv.hostPlatform.isDarwin, 30 nix-update-script, ··· 41 in 42 effectiveStdenv.mkDerivation (finalAttrs: { 43 pname = "koboldcpp"; 44 + version = "1.80.1"; 45 46 src = fetchFromGitHub { 47 owner = "LostRuins"; 48 repo = "koboldcpp"; 49 rev = "refs/tags/v${finalAttrs.version}"; 50 + hash = "sha256-CgJzYF8FnHk0zKdysGJWLnNo/MND24AbQdjRbDtv0II="; 51 }; 52 53 enableParallelBuilding = true; ··· 62 buildInputs = 63 [ tk ] 64 ++ finalAttrs.pythonInputs 65 + ++ lib.optionals stdenv.hostPlatform.isDarwin [ 66 + apple-sdk_12 67 + (darwinMinVersionHook "10.15") 68 + ] 69 ++ lib.optionals cublasSupport [ 70 cudaPackages.libcublas 71 cudaPackages.cuda_nvcc ··· 81 pythonPath = finalAttrs.pythonInputs; 82 83 makeFlags = [ 84 (makeBool "LLAMA_CUBLAS" cublasSupport) 85 (makeBool "LLAMA_CLBLAST" clblastSupport) 86 (makeBool "LLAMA_VULKAN" vulkanSupport)

+30

pkgs/by-name/ma/managarr/package.nix

···

··· 1 + { 2 + lib, 3 + fetchFromGitHub, 4 + rustPlatform, 5 + perl, 6 + }: 7 + 8 + rustPlatform.buildRustPackage rec { 9 + pname = "managarr"; 10 + version = "0.4.2"; 11 + 12 + src = fetchFromGitHub { 13 + owner = "Dark-Alex-17"; 14 + repo = "managarr"; 15 + tag = "v${version}"; 16 + hash = "sha256-OxGFubtMsGnR8cWDKkeAgryY095uydA3LzE5SS0dspQ="; 17 + }; 18 + 19 + cargoHash = "sha256-bws4LwpJGfq0hCA2Fq51uCMvr0arbayppq1jvDrILZI="; 20 + 21 + nativeBuildInputs = [ perl ]; 22 + 23 + meta = { 24 + description = "TUI and CLI to manage your Servarrs"; 25 + homepage = "https://github.com/Dark-Alex-17/managarr"; 26 + license = lib.licenses.mit; 27 + maintainers = [ lib.maintainers.IncredibleLaser ]; 28 + mainProgram = "managarr"; 29 + }; 30 + }

+2 -2

pkgs/by-name/sq/sqlitestudio/package.nix

··· 11 }: 12 stdenv.mkDerivation rec { 13 pname = "sqlitestudio"; 14 - version = "3.4.10"; 15 16 src = fetchFromGitHub { 17 owner = "pawelsalawa"; 18 repo = "sqlitestudio"; 19 rev = version; 20 - hash = "sha256-M0k+DpHXl0UA7uGRlAz3ksUk5qI2olz9dd+jmuBZuXU="; 21 }; 22 23 nativeBuildInputs =

··· 11 }: 12 stdenv.mkDerivation rec { 13 pname = "sqlitestudio"; 14 + version = "3.4.12"; 15 16 src = fetchFromGitHub { 17 owner = "pawelsalawa"; 18 repo = "sqlitestudio"; 19 rev = version; 20 + hash = "sha256-KPHiJTAxRQ3ZNnkKpfj877vTHEPRKNwy7wHfseftukQ="; 21 }; 22 23 nativeBuildInputs =

+2 -2

pkgs/by-name/st/structorizer/package.nix

··· 11 12 stdenv.mkDerivation rec { 13 pname = "structorizer"; 14 - version = "3.32-23"; 15 16 desktopItems = [ 17 (makeDesktopItem { ··· 42 owner = "fesch"; 43 repo = "Structorizer.Desktop"; 44 rev = version; 45 - hash = "sha256-fqvQH4DRl+R0laGOnfWgFz67JSAdUzrws4k7gmQ3S7A="; 46 }; 47 48 patches = [

··· 11 12 stdenv.mkDerivation rec { 13 pname = "structorizer"; 14 + version = "3.32-24"; 15 16 desktopItems = [ 17 (makeDesktopItem { ··· 42 owner = "fesch"; 43 repo = "Structorizer.Desktop"; 44 rev = version; 45 + hash = "sha256-bzo8lUdjCPf22AF++Q9YnvuQp89M2T1cLixuEDHWX6U="; 46 }; 47 48 patches = [

+178

pkgs/by-name/ub/ubports-click/package.nix

···

··· 1 + { 2 + fetchFromGitLab, 3 + fetchpatch, 4 + gitUpdater, 5 + lib, 6 + stdenv, 7 + testers, 8 + autoreconfHook, 9 + dbus, 10 + dbus-test-runner, 11 + dpkg, 12 + getopt, 13 + glib, 14 + gobject-introspection, 15 + json-glib, 16 + libgee, 17 + perl, 18 + pkg-config, 19 + properties-cpp, 20 + python3Packages, 21 + vala, 22 + wrapGAppsHook3, 23 + }: 24 + 25 + let 26 + self = python3Packages.buildPythonApplication rec { 27 + pname = "click"; 28 + version = "0.5.2"; 29 + format = "other"; 30 + 31 + src = fetchFromGitLab { 32 + owner = "ubports"; 33 + repo = "development/core/click"; 34 + rev = version; 35 + hash = "sha256-AV3n6tghvpV/6Ew6Lokf8QAGBIMbHFAnp6G4pefVn+8="; 36 + }; 37 + 38 + patches = [ 39 + # Remove when version > 0.5.2 40 + (fetchpatch { 41 + name = "0001-click-fix-Wimplicit-function-declaration.patch"; 42 + url = "https://gitlab.com/ubports/development/core/click/-/commit/8f654978a12e6f9a0b6ff64296ec5565e3ff5cd0.patch"; 43 + hash = "sha256-kio+DdtuagUNYEosyQY3q3H+dJM3cLQRW9wUKUcpUTY="; 44 + }) 45 + 46 + # Remove when version > 0.5.2 47 + (fetchpatch { 48 + name = "0002-click-Add-uid_t-and-gid_t-to-the-ctypes-_typemap.patch"; 49 + url = "https://gitlab.com/ubports/development/core/click/-/commit/cbcd23b08b02fa122434e1edd69c2b3dcb6a8793.patch"; 50 + hash = "sha256-QaWRhxO61wAzULVqPLdJrLuBCr3+NhKmQlEPuYq843I="; 51 + }) 52 + ]; 53 + 54 + postPatch = '' 55 + # These should be proper Requires, using the header needs their headers 56 + substituteInPlace lib/click/click-*.pc.in \ 57 + --replace-fail 'Requires.private' 'Requires' 58 + 59 + # Don't completely override PKG_CONFIG_PATH 60 + substituteInPlace click_package/tests/Makefile.am \ 61 + --replace-fail 'PKG_CONFIG_PATH=$(top_builddir)/lib/click' 'PKG_CONFIG_PATH=$(top_builddir)/lib/click:$(PKG_CONFIG_PATH)' 62 + 63 + patchShebangs bin/click 64 + ''; 65 + 66 + strictDeps = true; 67 + 68 + pkgsBuildBuild = [ 69 + pkg-config 70 + ]; 71 + 72 + nativeBuildInputs = [ 73 + autoreconfHook 74 + dbus-test-runner # Always checking for this 75 + getopt 76 + gobject-introspection 77 + perl 78 + pkg-config 79 + vala 80 + wrapGAppsHook3 81 + ]; 82 + 83 + buildInputs = [ 84 + glib 85 + json-glib 86 + libgee 87 + properties-cpp 88 + ]; 89 + 90 + propagatedBuildInputs = with python3Packages; [ 91 + python-debian 92 + pygobject3 93 + setuptools 94 + ]; 95 + 96 + nativeCheckInputs = [ 97 + dbus 98 + dpkg 99 + python3Packages.unittestCheckHook 100 + ]; 101 + 102 + checkInputs = with python3Packages; [ 103 + python-apt 104 + six 105 + ]; 106 + 107 + preConfigure = '' 108 + export click_cv_perl_vendorlib=$out/${perl.libPrefix} 109 + export PYTHON_INSTALL_FLAGS="--prefix=$out" 110 + ''; 111 + 112 + configureFlags = [ 113 + "--with-systemdsystemunitdir=${placeholder "out"}/lib/systemd/system" 114 + "--with-systemduserunitdir=${placeholder "out"}/lib/systemd/user" 115 + ]; 116 + 117 + enableParallelBuilding = true; 118 + 119 + doCheck = stdenv.buildPlatform.canExecute stdenv.hostPlatform; 120 + 121 + disabledTestPaths = [ 122 + # From apt: Unable to determine a suitable packaging system type 123 + "click_package/tests/integration/test_signatures.py" 124 + "click_package/tests/test_build.py" 125 + "click_package/tests/test_install.py" 126 + "click_package/tests/test_scripts.py" 127 + ]; 128 + 129 + preCheck = '' 130 + export HOME=$TMP 131 + 132 + # tests recompile some files for loaded predefines, doesn't use any optimisation level for it 133 + # makes test output harder to read, so make the warning go away 134 + export NIX_CFLAGS_COMPILE+=" -U_FORTIFY_SOURCE" 135 + 136 + # Haven'tbeen able to get them excluded via disabledTest{s,Paths}, just deleting them 137 + for path in $disabledTestPaths; do 138 + rm -v $path 139 + done 140 + ''; 141 + 142 + preFixup = '' 143 + makeWrapperArgs+=( 144 + --prefix LD_LIBRARY_PATH : "$out/lib" 145 + ) 146 + ''; 147 + 148 + passthru = { 149 + updateScript = gitUpdater { }; 150 + }; 151 + 152 + meta = { 153 + description = "Tool to build click packages, mainly used for Ubuntu Touch"; 154 + homepage = "https://gitlab.com/ubports/development/core/click"; 155 + changelog = "https://gitlab.com/ubports/development/core/click/-/blob/${version}/ChangeLog"; 156 + license = lib.licenses.gpl3Only; 157 + mainProgram = "click"; 158 + maintainers = 159 + with lib.maintainers; 160 + [ 161 + ilyakooo0 162 + ] 163 + ++ lib.teams.lomiri.members; 164 + platforms = lib.platforms.linux; 165 + pkgConfigModules = [ 166 + "click-0.4" 167 + ]; 168 + }; 169 + }; 170 + in 171 + self 172 + // { 173 + passthru = self.passthru // { 174 + tests.pkg-config = testers.hasPkgConfigModules { 175 + package = self; 176 + }; 177 + }; 178 + }

+51

pkgs/by-name/wa/waymore/package.nix

···

··· 1 + { 2 + lib, 3 + fetchFromGitHub, 4 + python3Packages, 5 + waymore, 6 + testers, 7 + }: 8 + 9 + python3Packages.buildPythonApplication rec { 10 + pname = "waymore"; 11 + version = "4.7"; 12 + 13 + src = fetchFromGitHub { 14 + owner = "xnl-h4ck3r"; 15 + repo = "waymore"; 16 + tag = "v${version}"; 17 + hash = "sha256-oaswuXQPdAl2XExwEWnSN15roqNj9OVUr1Y1vsX461o="; 18 + }; 19 + 20 + preBuild = '' 21 + export HOME=$(mktemp -d) 22 + ''; 23 + 24 + build-system = with python3Packages; [ 25 + setuptools 26 + ]; 27 + 28 + dependencies = with python3Packages; [ 29 + requests 30 + termcolor 31 + pyyaml 32 + psutil 33 + uritools 34 + tldextract 35 + ]; 36 + 37 + passthru.tests.version = testers.testVersion { 38 + package = waymore; 39 + command = "waymore --version"; 40 + version = "Waymore - v${version}"; 41 + }; 42 + 43 + meta = { 44 + description = "Find way more from the Wayback Machine"; 45 + homepage = "https://github.com/xnl-h4ck3r/waymore"; 46 + changelog = "https://github.com/xnl-h4ck3r/waymore/releases/tag/v${version}"; 47 + license = lib.licenses.mit; 48 + maintainers = with lib.maintainers; [ genga898 ]; 49 + mainProgram = "waymore"; 50 + }; 51 + }

+2 -2

pkgs/desktops/deepin/apps/deepin-editor/default.nix

··· 16 17 stdenv.mkDerivation rec { 18 pname = "deepin-editor"; 19 - version = "6.5.2"; 20 21 src = fetchFromGitHub { 22 owner = "linuxdeepin"; 23 repo = pname; 24 rev = version; 25 - hash = "sha256-Z3fsnjo4Pcu1e8lKvWdWBhpoOFFy0dSrI2HehRYKJ0k="; 26 }; 27 28 nativeBuildInputs = [

··· 16 17 stdenv.mkDerivation rec { 18 pname = "deepin-editor"; 19 + version = "6.5.8"; 20 21 src = fetchFromGitHub { 22 owner = "linuxdeepin"; 23 repo = pname; 24 rev = version; 25 + hash = "sha256-QMq7DIggMhY4EseIa7/tvgxGwZn07OitOm1YjrzMFHg="; 26 }; 27 28 nativeBuildInputs = [

-1

pkgs/development/libraries/qt-6/modules/qtbase/default.nix

··· 322 lgpl3Plus 323 ]; 324 maintainers = with maintainers; [ 325 - milahu 326 nickcao 327 LunNova 328 ];

··· 322 lgpl3Plus 323 ]; 324 maintainers = with maintainers; [ 325 nickcao 326 LunNova 327 ];

+10

pkgs/development/libraries/qt-6/modules/qtwebengine/default.nix

··· 66 bootstrap_cmds, 67 cctools, 68 xcbuild, 69 }: 70 71 qtModule { ··· 114 115 # Override locales install path so they go to QtWebEngine's $out 116 ./locales-path.patch 117 ]; 118 119 postPatch =

··· 66 bootstrap_cmds, 67 cctools, 68 xcbuild, 69 + fetchpatch, 70 }: 71 72 qtModule { ··· 115 116 # Override locales install path so they go to QtWebEngine's $out 117 ./locales-path.patch 118 + 119 + # Fix build of vendored xnnpack on aarch64/gcc14 120 + # FIXME: remove when upstream updates 121 + (fetchpatch { 122 + url = "https://github.com/google/XNNPACK/commit/1b11a8b0620afe8c047304273674c4c57c289755.patch"; 123 + stripLen = 1; 124 + extraPrefix = "src/3rdparty/chromium/third_party/xnnpack/src/"; 125 + hash = "sha256-GUESVNR88I1K2V5xr0e09ec4j2eselMhNN06+PCcINM="; 126 + }) 127 ]; 128 129 postPatch =

-1

pkgs/development/libraries/qt-6/qtModule.nix

··· 66 lgpl3Plus 67 ]; 68 maintainers = with maintainers; [ 69 - milahu 70 nickcao 71 ]; 72 platforms = platforms.unix;

··· 66 lgpl3Plus 67 ]; 68 maintainers = with maintainers; [ 69 nickcao 70 ]; 71 platforms = platforms.unix;

+5

pkgs/development/python-modules/flask-security/default.nix

··· 64 hash = "sha256-RGRwgrDFe+0v8NYyajMikdoi1DQf1I+B5y8KJyF+cZs="; 65 }; 66 67 build-system = [ flit-core ]; 68 69 # flask-login>=0.6.2 not satisfied by version 0.7.0.dev0

··· 64 hash = "sha256-RGRwgrDFe+0v8NYyajMikdoi1DQf1I+B5y8KJyF+cZs="; 65 }; 66 67 + patches = [ 68 + # https://github.com/pallets-eco/flask-security/pull/1040 69 + ./fix_test_basic.patch 70 + ]; 71 + 72 build-system = [ flit-core ]; 73 74 # flask-login>=0.6.2 not satisfied by version 0.7.0.dev0

+13

pkgs/development/python-modules/flask-security/fix_test_basic.patch

···

··· 1 + diff --git a/tests/test_basic.py b/tests/test_basic.py 2 + index d52be429..09dfa8e4 100644 3 + --- a/tests/test_basic.py 4 + +++ b/tests/test_basic.py 5 + @@ -157,6 +157,8 @@ def test_authenticate_with_subdomain_next(app, client, get_message): 6 + 7 + @pytest.mark.settings(subdomain="auth") 8 + def test_authenticate_with_root_domain_next(app, client, get_message): 9 + + # As of Flask 3.1 this must be explicitly set. 10 + + app.subdomain_matching = True 11 + app.config["SERVER_NAME"] = "lp.com" 12 + app.config["SECURITY_REDIRECT_ALLOW_SUBDOMAINS"] = True 13 + data = dict(email="matt@lp.com", password="password")

+2 -2

pkgs/development/python-modules/httpx-oauth/default.nix

··· 15 16 buildPythonPackage rec { 17 pname = "httpx-oauth"; 18 - version = "0.16.0"; 19 pyproject = true; 20 21 src = fetchFromGitHub { 22 owner = "frankie567"; 23 repo = "httpx-oauth"; 24 tag = "v${version}"; 25 - hash = "sha256-KM+GaBC3jOhMsTVdUixsEjm47j28qeFmFKbI7fnVSG4="; 26 }; 27 28 build-system = [

··· 15 16 buildPythonPackage rec { 17 pname = "httpx-oauth"; 18 + version = "0.16.1"; 19 pyproject = true; 20 21 src = fetchFromGitHub { 22 owner = "frankie567"; 23 repo = "httpx-oauth"; 24 tag = "v${version}"; 25 + hash = "sha256-/2IBAEZrK0Do7t9g+MWsKuIlcg0ANCfOoagVwTbBso8="; 26 }; 27 28 build-system = [

+4 -3

pkgs/development/python-modules/kserve/default.nix

··· 49 50 buildPythonPackage rec { 51 pname = "kserve"; 52 - version = "0.14.0"; 53 pyproject = true; 54 55 src = fetchFromGitHub { 56 owner = "kserve"; 57 repo = "kserve"; 58 - rev = "refs/tags/v${version}"; 59 - hash = "sha256-N/IgiTiyBNw7WQWxcUJlXU+Q9o3UUaduD9ZBKwu0uRE="; 60 }; 61 62 sourceRoot = "${src.name}/python/kserve"; ··· 64 pythonRelaxDeps = [ 65 "fastapi" 66 "httpx" 67 "prometheus-client" 68 "protobuf" 69 "uvicorn"

··· 49 50 buildPythonPackage rec { 51 pname = "kserve"; 52 + version = "0.14.1"; 53 pyproject = true; 54 55 src = fetchFromGitHub { 56 owner = "kserve"; 57 repo = "kserve"; 58 + tag = "v${version}"; 59 + hash = "sha256-VwuUXANjshV4fN0i54Fs0zubHY81UtQcCV14JwMpXwA="; 60 }; 61 62 sourceRoot = "${src.name}/python/kserve"; ··· 64 pythonRelaxDeps = [ 65 "fastapi" 66 "httpx" 67 + "numpy" 68 "prometheus-client" 69 "protobuf" 70 "uvicorn"

+2 -2

pkgs/development/python-modules/libuuu/default.nix

··· 12 13 buildPythonPackage rec { 14 pname = "libuuu"; 15 - version = "1.5.182"; 16 pyproject = true; 17 18 src = fetchPypi { 19 inherit pname version; 20 - hash = "sha256-k6JwGxYeFbGNl7zcuKN6SbRq8Z4yD1dXXL3ORyGqhYE="; 21 }; 22 23 build-system = [

··· 12 13 buildPythonPackage rec { 14 pname = "libuuu"; 15 + version = "1.5.182.post1"; 16 pyproject = true; 17 18 src = fetchPypi { 19 inherit pname version; 20 + hash = "sha256-Hf0GwhrzKQL5w+OXQ39yuG4xmbk/1HgCCdCulIORSU8="; 21 }; 22 23 build-system = [

+1 -1

pkgs/development/python-modules/slugid/default.nix

··· 24 description = "URL-safe base64 UUID encoder for generating 22 character slugs"; 25 homepage = "https://github.com/taskcluster/slugid.py"; 26 license = licenses.mpl20; 27 - maintainers = with maintainers; [ milahu ]; 28 }; 29 }

··· 24 description = "URL-safe base64 UUID encoder for generating 22 character slugs"; 25 homepage = "https://github.com/taskcluster/slugid.py"; 26 license = licenses.mpl20; 27 + maintainers = with maintainers; [ ]; 28 }; 29 }

-23

pkgs/development/tools/click/dbus-test-runner.patch

··· 1 - diff --git a/click_package/Makefile.am b/click_package/Makefile.am 2 - index 4981d74..9df9e79 100644 3 - --- a/click_package/Makefile.am 4 - +++ b/click_package/Makefile.am 5 - @@ -1,5 +1,3 @@ 6 - -SUBDIRS = tests 7 - - 8 - noinst_SCRIPTS = paths.py 9 - CLEANFILES = $(noinst_SCRIPTS) 10 - 11 - diff --git a/configure.ac b/configure.ac 12 - index 8f4dc9e..adbd366 100644 13 - --- a/configure.ac 14 - +++ b/configure.ac 15 - @@ -52,8 +52,6 @@ PKG_CHECK_MODULES([SERVICE], [ 16 - AC_SUBST([SERVICE_CFLAGS]) 17 - AC_SUBST([SERVICE_LIBS]) 18 - 19 - -AC_CHECK_PROG(DBUS_TEST_RUNNER_CHECK,dbus-test-runner,yes) 20 - -AS_IF([test "${DBUS_TEST_RUNNER_CHECK}" != "yes"], [AC_MSG_ERROR([dbus-test-runner not found])]) 21 - AC_CHECK_PROG(GDBUS_CHECK,gdbus,yes) 22 - AS_IF([test "${GDBUS_CHECK}" != "yes"], [AC_MSG_ERROR([gdbus (glib) not found])]) 23 -

···

-96

pkgs/development/tools/click/default.nix

··· 1 - { 2 - lib, 3 - fetchFromGitLab, 4 - buildPythonApplication, 5 - autoreconfHook, 6 - python-debian, 7 - perl, 8 - vala, 9 - pkg-config, 10 - libgee, 11 - json-glib, 12 - properties-cpp, 13 - gobject-introspection, 14 - getopt, 15 - setuptools, 16 - pygobject3, 17 - wrapGAppsHook3, 18 - }: 19 - 20 - buildPythonApplication { 21 - pname = "click"; 22 - version = "unstable-2023-02-22"; 23 - format = "other"; 24 - 25 - src = fetchFromGitLab { 26 - owner = "ubports"; 27 - repo = "development/core/click"; 28 - rev = "aaf2735e8e6cbeaf2e429c70136733513a81718a"; 29 - hash = "sha256-pNu995/w3tbz15QQVdVYBnWnAoZmqWj1DN/5PZZ0iZw="; 30 - }; 31 - 32 - postPatch = '' 33 - # These should be proper Requires, using the header needs their headers 34 - substituteInPlace lib/click/click-*.pc.in \ 35 - --replace 'Requires.private' 'Requires' 36 - ''; 37 - 38 - configureFlags = [ 39 - "--with-systemdsystemunitdir=${placeholder "out"}/lib/systemd/system" 40 - "--with-systemduserunitdir=${placeholder "out"}/lib/systemd/user" 41 - ]; 42 - 43 - preFixup = '' 44 - makeWrapperArgs+=( 45 - --prefix LD_LIBRARY_PATH : "$out/lib" 46 - ) 47 - ''; 48 - 49 - preConfigure = '' 50 - export click_cv_perl_vendorlib=$out/${perl.libPrefix} 51 - export PYTHON_INSTALL_FLAGS="--prefix=$out" 52 - ''; 53 - 54 - nativeBuildInputs = [ 55 - autoreconfHook 56 - perl 57 - pkg-config 58 - gobject-introspection 59 - vala 60 - getopt 61 - wrapGAppsHook3 62 - ]; 63 - 64 - # Tests were omitted for time constraint reasons 65 - doCheck = false; 66 - 67 - enableParallelBuilding = true; 68 - 69 - patches = [ 70 - # dbus-test-runner not packaged yet, otherwise build-time dependency even when not running tests 71 - ./dbus-test-runner.patch 72 - ]; 73 - 74 - buildInputs = [ 75 - libgee 76 - json-glib 77 - properties-cpp 78 - ]; 79 - 80 - propagatedBuildInputs = [ 81 - python-debian 82 - pygobject3 83 - setuptools 84 - ]; 85 - 86 - meta = { 87 - description = "Tool to build click packages. Mainly used for Ubuntu Touch"; 88 - homepage = "https://gitlab.com/ubports/development/core/click"; 89 - license = lib.licenses.gpl3Only; 90 - maintainers = with lib.maintainers; [ 91 - ilyakooo0 92 - OPNA2608 93 - ]; 94 - platforms = lib.platforms.linux; 95 - }; 96 - }

···

-2

pkgs/top-level/all-packages.nix

··· 6940 llvmPackages = llvmPackages_18; 6941 }; 6942 6943 - ubports-click = python3Packages.callPackage ../development/tools/click { }; 6944 - 6945 urweb = callPackage ../development/compilers/urweb { 6946 icu = icu67; 6947 };

··· 6940 llvmPackages = llvmPackages_18; 6941 }; 6942 6943 urweb = callPackage ../development/compilers/urweb { 6944 icu = icu67; 6945 };