pyrox.dev
lol
Merge remote-tracking branch 'origin/master' into staging-next
+1
-1
maintainers/maintainer-list.nix
+1
-1
maintainers/maintainer-list.nix
+11
nixos/doc/manual/from_md/release-notes/rl-2111.section.xml
+11
nixos/doc/manual/from_md/release-notes/rl-2111.section.xml
···
239
239
<link xlink:href="options.html#opt-programs.git.enable">programs.git</link>.
240
240
</para>
241
241
</listitem>
242
+
<listitem>
243
+
<para>
244
+
<link xlink:href="https://domainaware.github.io/parsedmarc/">parsedmarc</link>,
245
+
a service which parses incoming
246
+
<link xlink:href="https://dmarc.org/">DMARC</link> reports and
247
+
stores or sends them to a downstream service for further
248
+
analysis. Documented in
249
+
<link linkend="module-services-parsedmarc">its manual
250
+
entry</link>.
251
+
</para>
252
+
</listitem>
242
253
</itemizedlist>
243
254
</section>
244
255
<section xml:id="sec-release-21.11-incompatibilities">
+5
nixos/doc/manual/release-notes/rl-2111.section.md
+5
nixos/doc/manual/release-notes/rl-2111.section.md
···
73
73
74
74
- [git](https://git-scm.com), a distributed version control system. Available as [programs.git](options.html#opt-programs.git.enable).
75
75
76
+
- [parsedmarc](https://domainaware.github.io/parsedmarc/), a service
77
+
which parses incoming [DMARC](https://dmarc.org/) reports and stores
78
+
or sends them to a downstream service for further analysis.
79
+
Documented in [its manual entry](#module-services-parsedmarc).
80
+
76
81
## Backward Incompatibilities {#sec-release-21.11-incompatibilities}
77
82
78
83
+1
nixos/modules/module-list.nix
+1
nixos/modules/module-list.nix
···
621
621
./services/monitoring/munin.nix
622
622
./services/monitoring/nagios.nix
623
623
./services/monitoring/netdata.nix
624
+
./services/monitoring/parsedmarc.nix
624
625
./services/monitoring/prometheus/default.nix
625
626
./services/monitoring/prometheus/alertmanager.nix
626
627
./services/monitoring/prometheus/exporters.nix
+113
nixos/modules/services/monitoring/parsedmarc.md
+113
nixos/modules/services/monitoring/parsedmarc.md
···
1
+
# parsedmarc {#module-services-parsedmarc}
2
+
[parsedmarc](https://domainaware.github.io/parsedmarc/) is a service
3
+
which parses incoming [DMARC](https://dmarc.org/) reports and stores
4
+
or sends them to a downstream service for further analysis. In
5
+
combination with Elasticsearch, Grafana and the included Grafana
6
+
dashboard, it provides a handy overview of DMARC reports over time.
7
+
8
+
## Basic usage {#module-services-parsedmarc-basic-usage}
9
+
A very minimal setup which reads incoming reports from an external
10
+
email address and saves them to a local Elasticsearch instance looks
11
+
like this:
12
+
13
+
```nix
14
+
services.parsedmarc = {
15
+
enable = true;
16
+
settings.imap = {
17
+
host = "imap.example.com";
18
+
user = "alice@example.com";
19
+
password = "/path/to/imap_password_file";
20
+
watch = true;
21
+
};
22
+
provision.geoIp = false; # Not recommended!
23
+
};
24
+
```
25
+
26
+
Note that GeoIP provisioning is disabled in the example for
27
+
simplicity, but should be turned on for fully functional reports.
28
+
29
+
## Local mail
30
+
Instead of watching an external inbox, a local inbox can be
31
+
automatically provisioned. The recipient's name is by default set to
32
+
`dmarc`, but can be configured in
33
+
[services.parsedmarc.provision.localMail.recipientName](options.html#opt-services.parsedmarc.provision.localMail.recipientName). You
34
+
need to add an MX record pointing to the host. More concretely: for
35
+
the example to work, an MX record needs to be set up for
36
+
`monitoring.example.com` and the complete email address that should be
37
+
configured in the domain's dmarc policy is
38
+
`dmarc@monitoring.example.com`.
39
+
40
+
```nix
41
+
services.parsedmarc = {
42
+
enable = true;
43
+
provision = {
44
+
localMail = {
45
+
enable = true;
46
+
hostname = monitoring.example.com;
47
+
};
48
+
geoIp = false; # Not recommended!
49
+
};
50
+
};
51
+
```
52
+
53
+
## Grafana and GeoIP
54
+
The reports can be visualized and summarized with parsedmarc's
55
+
official Grafana dashboard. For all views to work, and for the data to
56
+
be complete, GeoIP databases are also required. The following example
57
+
shows a basic deployment where the provisioned Elasticsearch instance
58
+
is automatically added as a Grafana datasource, and the dashboard is
59
+
added to Grafana as well.
60
+
61
+
```nix
62
+
services.parsedmarc = {
63
+
enable = true;
64
+
provision = {
65
+
localMail = {
66
+
enable = true;
67
+
hostname = url;
68
+
};
69
+
grafana = {
70
+
datasource = true;
71
+
dashboard = true;
72
+
};
73
+
};
74
+
};
75
+
76
+
# Not required, but recommended for full functionality
77
+
services.geoipupdate = {
78
+
settings = {
79
+
AccountID = 000000;
80
+
LicenseKey = "/path/to/license_key_file";
81
+
};
82
+
};
83
+
84
+
services.grafana = {
85
+
enable = true;
86
+
addr = "0.0.0.0";
87
+
domain = url;
88
+
rootUrl = "https://" + url;
89
+
protocol = "socket";
90
+
security = {
91
+
adminUser = "admin";
92
+
adminPasswordFile = "/path/to/admin_password_file";
93
+
secretKeyFile = "/path/to/secret_key_file";
94
+
};
95
+
};
96
+
97
+
services.nginx = {
98
+
enable = true;
99
+
recommendedTlsSettings = true;
100
+
recommendedOptimisation = true;
101
+
recommendedGzipSettings = true;
102
+
recommendedProxySettings = true;
103
+
upstreams.grafana.servers."unix:/${config.services.grafana.socket}" = {};
104
+
virtualHosts.${url} = {
105
+
root = config.services.grafana.staticRootPath;
106
+
enableACME = true;
107
+
forceSSL = true;
108
+
locations."/".tryFiles = "$uri @grafana";
109
+
locations."@grafana".proxyPass = "http://grafana";
110
+
};
111
+
};
112
+
users.users.nginx.extraGroups = [ "grafana" ];
113
+
```
+537
nixos/modules/services/monitoring/parsedmarc.nix
+537
nixos/modules/services/monitoring/parsedmarc.nix
···
1
+
{ config, lib, pkgs, ... }:
2
+
3
+
let
4
+
cfg = config.services.parsedmarc;
5
+
ini = pkgs.formats.ini {};
6
+
in
7
+
{
8
+
options.services.parsedmarc = {
9
+
10
+
enable = lib.mkEnableOption ''
11
+
parsedmarc, a DMARC report monitoring service
12
+
'';
13
+
14
+
provision = {
15
+
localMail = {
16
+
enable = lib.mkOption {
17
+
type = lib.types.bool;
18
+
default = false;
19
+
description = ''
20
+
Whether Postfix and Dovecot should be set up to receive
21
+
mail locally. parsedmarc will be configured to watch the
22
+
local inbox as the automatically created user specified in
23
+
<xref linkend="opt-services.parsedmarc.provision.localMail.recipientName" />
24
+
'';
25
+
};
26
+
27
+
recipientName = lib.mkOption {
28
+
type = lib.types.str;
29
+
default = "dmarc";
30
+
description = ''
31
+
The DMARC mail recipient name, i.e. the name part of the
32
+
email address which receives DMARC reports.
33
+
34
+
A local user with this name will be set up and assigned a
35
+
randomized password on service start.
36
+
'';
37
+
};
38
+
39
+
hostname = lib.mkOption {
40
+
type = lib.types.str;
41
+
default = config.networking.fqdn;
42
+
defaultText = "config.networking.fqdn";
43
+
example = "monitoring.example.com";
44
+
description = ''
45
+
The hostname to use when configuring Postfix.
46
+
47
+
Should correspond to the host's fully qualified domain
48
+
name and the domain part of the email address which
49
+
receives DMARC reports. You also have to set up an MX record
50
+
pointing to this domain name.
51
+
'';
52
+
};
53
+
};
54
+
55
+
geoIp = lib.mkOption {
56
+
type = lib.types.bool;
57
+
default = true;
58
+
description = ''
59
+
Whether to enable and configure the <link
60
+
linkend="opt-services.geoipupdate.enable">geoipupdate</link>
61
+
service to automatically fetch GeoIP databases. Not crucial,
62
+
but recommended for full functionality.
63
+
64
+
To finish the setup, you need to manually set the <xref
65
+
linkend="opt-services.geoipupdate.settings.AccountID" /> and
66
+
<xref linkend="opt-services.geoipupdate.settings.LicenseKey" />
67
+
options.
68
+
'';
69
+
};
70
+
71
+
elasticsearch = lib.mkOption {
72
+
type = lib.types.bool;
73
+
default = true;
74
+
description = ''
75
+
Whether to set up and use a local instance of Elasticsearch.
76
+
'';
77
+
};
78
+
79
+
grafana = {
80
+
datasource = lib.mkOption {
81
+
type = lib.types.bool;
82
+
default = cfg.provision.elasticsearch && config.services.grafana.enable;
83
+
apply = x: x && cfg.provision.elasticsearch;
84
+
description = ''
85
+
Whether the automatically provisioned Elasticsearch
86
+
instance should be added as a grafana datasource. Has no
87
+
effect unless
88
+
<xref linkend="opt-services.parsedmarc.provision.elasticsearch" />
89
+
is also enabled.
90
+
'';
91
+
};
92
+
93
+
dashboard = lib.mkOption {
94
+
type = lib.types.bool;
95
+
default = config.services.grafana.enable;
96
+
description = ''
97
+
Whether the official parsedmarc grafana dashboard should
98
+
be provisioned to the local grafana instance.
99
+
'';
100
+
};
101
+
};
102
+
};
103
+
104
+
settings = lib.mkOption {
105
+
description = ''
106
+
Configuration parameters to set in
107
+
<filename>parsedmarc.ini</filename>. For a full list of
108
+
available parameters, see
109
+
<link xlink:href="https://domainaware.github.io/parsedmarc/#configuration-file" />.
110
+
'';
111
+
112
+
type = lib.types.submodule {
113
+
freeformType = ini.type;
114
+
115
+
options = {
116
+
general = {
117
+
save_aggregate = lib.mkOption {
118
+
type = lib.types.bool;
119
+
default = true;
120
+
description = ''
121
+
Save aggregate report data to Elasticsearch and/or Splunk.
122
+
'';
123
+
};
124
+
125
+
save_forensic = lib.mkOption {
126
+
type = lib.types.bool;
127
+
default = true;
128
+
description = ''
129
+
Save forensic report data to Elasticsearch and/or Splunk.
130
+
'';
131
+
};
132
+
};
133
+
134
+
imap = {
135
+
host = lib.mkOption {
136
+
type = lib.types.str;
137
+
default = "localhost";
138
+
description = ''
139
+
The IMAP server hostname or IP address.
140
+
'';
141
+
};
142
+
143
+
port = lib.mkOption {
144
+
type = lib.types.port;
145
+
default = 993;
146
+
description = ''
147
+
The IMAP server port.
148
+
'';
149
+
};
150
+
151
+
ssl = lib.mkOption {
152
+
type = lib.types.bool;
153
+
default = true;
154
+
description = ''
155
+
Use an encrypted SSL/TLS connection.
156
+
'';
157
+
};
158
+
159
+
user = lib.mkOption {
160
+
type = with lib.types; nullOr str;
161
+
default = null;
162
+
description = ''
163
+
The IMAP server username.
164
+
'';
165
+
};
166
+
167
+
password = lib.mkOption {
168
+
type = with lib.types; nullOr path;
169
+
default = null;
170
+
description = ''
171
+
The path to a file containing the IMAP server password.
172
+
'';
173
+
};
174
+
175
+
watch = lib.mkOption {
176
+
type = lib.types.bool;
177
+
default = true;
178
+
description = ''
179
+
Use the IMAP IDLE command to process messages as they arrive.
180
+
'';
181
+
};
182
+
183
+
delete = lib.mkOption {
184
+
type = lib.types.bool;
185
+
default = false;
186
+
description = ''
187
+
Delete messages after processing them, instead of archiving them.
188
+
'';
189
+
};
190
+
};
191
+
192
+
smtp = {
193
+
host = lib.mkOption {
194
+
type = with lib.types; nullOr str;
195
+
default = null;
196
+
description = ''
197
+
The SMTP server hostname or IP address.
198
+
'';
199
+
};
200
+
201
+
port = lib.mkOption {
202
+
type = with lib.types; nullOr port;
203
+
default = null;
204
+
description = ''
205
+
The SMTP server port.
206
+
'';
207
+
};
208
+
209
+
ssl = lib.mkOption {
210
+
type = with lib.types; nullOr bool;
211
+
default = null;
212
+
description = ''
213
+
Use an encrypted SSL/TLS connection.
214
+
'';
215
+
};
216
+
217
+
user = lib.mkOption {
218
+
type = with lib.types; nullOr str;
219
+
default = null;
220
+
description = ''
221
+
The SMTP server username.
222
+
'';
223
+
};
224
+
225
+
password = lib.mkOption {
226
+
type = with lib.types; nullOr path;
227
+
default = null;
228
+
description = ''
229
+
The path to a file containing the SMTP server password.
230
+
'';
231
+
};
232
+
233
+
from = lib.mkOption {
234
+
type = with lib.types; nullOr str;
235
+
default = null;
236
+
description = ''
237
+
The <literal>From</literal> address to use for the
238
+
outgoing mail.
239
+
'';
240
+
};
241
+
242
+
to = lib.mkOption {
243
+
type = with lib.types; nullOr (listOf str);
244
+
default = null;
245
+
description = ''
246
+
The addresses to send outgoing mail to.
247
+
'';
248
+
};
249
+
};
250
+
251
+
elasticsearch = {
252
+
hosts = lib.mkOption {
253
+
default = [];
254
+
type = with lib.types; listOf str;
255
+
apply = x: if x == [] then null else lib.concatStringsSep "," x;
256
+
description = ''
257
+
A list of Elasticsearch hosts to push parsed reports
258
+
to.
259
+
'';
260
+
};
261
+
262
+
user = lib.mkOption {
263
+
type = with lib.types; nullOr str;
264
+
default = null;
265
+
description = ''
266
+
Username to use when connecting to Elasticsearch, if
267
+
required.
268
+
'';
269
+
};
270
+
271
+
password = lib.mkOption {
272
+
type = with lib.types; nullOr path;
273
+
default = null;
274
+
description = ''
275
+
The path to a file containing the password to use when
276
+
connecting to Elasticsearch, if required.
277
+
'';
278
+
};
279
+
280
+
ssl = lib.mkOption {
281
+
type = lib.types.bool;
282
+
default = false;
283
+
description = ''
284
+
Whether to use an encrypted SSL/TLS connection.
285
+
'';
286
+
};
287
+
288
+
cert_path = lib.mkOption {
289
+
type = lib.types.path;
290
+
default = "/etc/ssl/certs/ca-certificates.crt";
291
+
description = ''
292
+
The path to a TLS certificate bundle used to verify
293
+
the server's certificate.
294
+
'';
295
+
};
296
+
};
297
+
298
+
kafka = {
299
+
hosts = lib.mkOption {
300
+
default = [];
301
+
type = with lib.types; listOf str;
302
+
apply = x: if x == [] then null else lib.concatStringsSep "," x;
303
+
description = ''
304
+
A list of Apache Kafka hosts to publish parsed reports
305
+
to.
306
+
'';
307
+
};
308
+
309
+
user = lib.mkOption {
310
+
type = with lib.types; nullOr str;
311
+
default = null;
312
+
description = ''
313
+
Username to use when connecting to Kafka, if
314
+
required.
315
+
'';
316
+
};
317
+
318
+
password = lib.mkOption {
319
+
type = with lib.types; nullOr path;
320
+
default = null;
321
+
description = ''
322
+
The path to a file containing the password to use when
323
+
connecting to Kafka, if required.
324
+
'';
325
+
};
326
+
327
+
ssl = lib.mkOption {
328
+
type = with lib.types; nullOr bool;
329
+
default = null;
330
+
description = ''
331
+
Whether to use an encrypted SSL/TLS connection.
332
+
'';
333
+
};
334
+
335
+
aggregate_topic = lib.mkOption {
336
+
type = with lib.types; nullOr str;
337
+
default = null;
338
+
example = "aggregate";
339
+
description = ''
340
+
The Kafka topic to publish aggregate reports on.
341
+
'';
342
+
};
343
+
344
+
forensic_topic = lib.mkOption {
345
+
type = with lib.types; nullOr str;
346
+
default = null;
347
+
example = "forensic";
348
+
description = ''
349
+
The Kafka topic to publish forensic reports on.
350
+
'';
351
+
};
352
+
};
353
+
354
+
};
355
+
356
+
};
357
+
};
358
+
359
+
};
360
+
361
+
config = lib.mkIf cfg.enable {
362
+
363
+
services.elasticsearch.enable = lib.mkDefault cfg.provision.elasticsearch;
364
+
365
+
services.geoipupdate = lib.mkIf cfg.provision.geoIp {
366
+
enable = true;
367
+
settings = {
368
+
EditionIDs = [
369
+
"GeoLite2-ASN"
370
+
"GeoLite2-City"
371
+
"GeoLite2-Country"
372
+
];
373
+
DatabaseDirectory = "/var/lib/GeoIP";
374
+
};
375
+
};
376
+
377
+
services.dovecot2 = lib.mkIf cfg.provision.localMail.enable {
378
+
enable = true;
379
+
protocols = [ "imap" ];
380
+
};
381
+
382
+
services.postfix = lib.mkIf cfg.provision.localMail.enable {
383
+
enable = true;
384
+
origin = cfg.provision.localMail.hostname;
385
+
config = {
386
+
myhostname = cfg.provision.localMail.hostname;
387
+
mydestination = cfg.provision.localMail.hostname;
388
+
};
389
+
};
390
+
391
+
services.grafana = {
392
+
declarativePlugins = with pkgs.grafanaPlugins;
393
+
lib.mkIf cfg.provision.grafana.dashboard [
394
+
grafana-worldmap-panel
395
+
grafana-piechart-panel
396
+
];
397
+
398
+
provision = {
399
+
enable = cfg.provision.grafana.datasource || cfg.provision.grafana.dashboard;
400
+
datasources =
401
+
let
402
+
pkgVer = lib.getVersion config.services.elasticsearch.package;
403
+
esVersion =
404
+
if lib.versionOlder pkgVer "7" then
405
+
"60"
406
+
else if lib.versionOlder pkgVer "8" then
407
+
"70"
408
+
else
409
+
throw "When provisioning parsedmarc grafana datasources: unknown Elasticsearch version.";
410
+
in
411
+
lib.mkIf cfg.provision.grafana.datasource [
412
+
{
413
+
name = "dmarc-ag";
414
+
type = "elasticsearch";
415
+
access = "proxy";
416
+
url = "localhost:9200";
417
+
jsonData = {
418
+
timeField = "date_range";
419
+
inherit esVersion;
420
+
};
421
+
}
422
+
{
423
+
name = "dmarc-fo";
424
+
type = "elasticsearch";
425
+
access = "proxy";
426
+
url = "localhost:9200";
427
+
jsonData = {
428
+
timeField = "date_range";
429
+
inherit esVersion;
430
+
};
431
+
}
432
+
];
433
+
dashboards = lib.mkIf cfg.provision.grafana.dashboard [{
434
+
name = "parsedmarc";
435
+
options.path = "${pkgs.python3Packages.parsedmarc.dashboard}";
436
+
}];
437
+
};
438
+
};
439
+
440
+
services.parsedmarc.settings = lib.mkMerge [
441
+
(lib.mkIf cfg.provision.elasticsearch {
442
+
elasticsearch = {
443
+
hosts = [ "localhost:9200" ];
444
+
ssl = false;
445
+
};
446
+
})
447
+
(lib.mkIf cfg.provision.localMail.enable {
448
+
imap = {
449
+
host = "localhost";
450
+
port = 143;
451
+
ssl = false;
452
+
user = cfg.provision.localMail.recipientName;
453
+
password = "${pkgs.writeText "imap-password" "@imap-password@"}";
454
+
watch = true;
455
+
};
456
+
})
457
+
];
458
+
459
+
systemd.services.parsedmarc =
460
+
let
461
+
# Remove any empty attributes from the config, i.e. empty
462
+
# lists, empty attrsets and null. This makes it possible to
463
+
# list interesting options in `settings` without them always
464
+
# ending up in the resulting config.
465
+
filteredConfig = lib.converge (lib.filterAttrsRecursive (_: v: ! builtins.elem v [ null [] {} ])) cfg.settings;
466
+
parsedmarcConfig = ini.generate "parsedmarc.ini" filteredConfig;
467
+
mkSecretReplacement = file:
468
+
lib.optionalString (file != null) ''
469
+
replace-secret '${file}' '${file}' /run/parsedmarc/parsedmarc.ini
470
+
'';
471
+
in
472
+
{
473
+
wantedBy = [ "multi-user.target" ];
474
+
after = [ "postfix.service" "dovecot2.service" "elasticsearch.service" ];
475
+
path = with pkgs; [ replace-secret openssl shadow ];
476
+
serviceConfig = {
477
+
ExecStartPre = let
478
+
startPreFullPrivileges = ''
479
+
set -o errexit -o pipefail -o nounset -o errtrace
480
+
shopt -s inherit_errexit
481
+
482
+
umask u=rwx,g=,o=
483
+
cp ${parsedmarcConfig} /run/parsedmarc/parsedmarc.ini
484
+
chown parsedmarc:parsedmarc /run/parsedmarc/parsedmarc.ini
485
+
${mkSecretReplacement cfg.settings.smtp.password}
486
+
${mkSecretReplacement cfg.settings.imap.password}
487
+
${mkSecretReplacement cfg.settings.elasticsearch.password}
488
+
${mkSecretReplacement cfg.settings.kafka.password}
489
+
'' + lib.optionalString cfg.provision.localMail.enable ''
490
+
openssl rand -hex 64 >/run/parsedmarc/dmarc_user_passwd
491
+
replace-secret '@imap-password@' '/run/parsedmarc/dmarc_user_passwd' /run/parsedmarc/parsedmarc.ini
492
+
echo "Setting new randomized password for user '${cfg.provision.localMail.recipientName}'."
493
+
cat <(echo -n "${cfg.provision.localMail.recipientName}:") /run/parsedmarc/dmarc_user_passwd | chpasswd
494
+
'';
495
+
in
496
+
"+${pkgs.writeShellScript "parsedmarc-start-pre-full-privileges" startPreFullPrivileges}";
497
+
Type = "simple";
498
+
User = "parsedmarc";
499
+
Group = "parsedmarc";
500
+
DynamicUser = true;
501
+
RuntimeDirectory = "parsedmarc";
502
+
RuntimeDirectoryMode = 0700;
503
+
CapabilityBoundingSet = "";
504
+
PrivateDevices = true;
505
+
PrivateMounts = true;
506
+
PrivateUsers = true;
507
+
ProtectClock = true;
508
+
ProtectControlGroups = true;
509
+
ProtectHome = true;
510
+
ProtectHostname = true;
511
+
ProtectKernelLogs = true;
512
+
ProtectKernelModules = true;
513
+
ProtectKernelTunables = true;
514
+
ProtectProc = "invisible";
515
+
ProcSubset = "pid";
516
+
SystemCallFilter = [ "@system-service" "~@privileged" "~@resources" ];
517
+
RestrictAddressFamilies = [ "AF_UNIX" "AF_INET" "AF_INET6" ];
518
+
RestrictRealtime = true;
519
+
RestrictNamespaces = true;
520
+
MemoryDenyWriteExecute = true;
521
+
LockPersonality = true;
522
+
SystemCallArchitectures = "native";
523
+
ExecStart = "${pkgs.python3Packages.parsedmarc}/bin/parsedmarc -c /run/parsedmarc/parsedmarc.ini";
524
+
};
525
+
};
526
+
527
+
users.users.${cfg.provision.localMail.recipientName} = lib.mkIf cfg.provision.localMail.enable {
528
+
isNormalUser = true;
529
+
description = "DMARC mail recipient";
530
+
};
531
+
};
532
+
533
+
# Don't edit the docbook xml directly, edit the md and generate it:
534
+
# `pandoc parsedmarc.md -t docbook --top-level-division=chapter --extract-media=media -f markdown+smart > parsedmarc.xml`
535
+
meta.doc = ./parsedmarc.xml;
536
+
meta.maintainers = [ lib.maintainers.talyz ];
537
+
}
+125
nixos/modules/services/monitoring/parsedmarc.xml
+125
nixos/modules/services/monitoring/parsedmarc.xml
···
1
+
<chapter xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink" xml:id="module-services-parsedmarc">
2
+
<title>parsedmarc</title>
3
+
<para>
4
+
<link xlink:href="https://domainaware.github.io/parsedmarc/">parsedmarc</link>
5
+
is a service which parses incoming
6
+
<link xlink:href="https://dmarc.org/">DMARC</link> reports and
7
+
stores or sends them to a downstream service for further analysis.
8
+
In combination with Elasticsearch, Grafana and the included Grafana
9
+
dashboard, it provides a handy overview of DMARC reports over time.
10
+
</para>
11
+
<section xml:id="module-services-parsedmarc-basic-usage">
12
+
<title>Basic usage</title>
13
+
<para>
14
+
A very minimal setup which reads incoming reports from an external
15
+
email address and saves them to a local Elasticsearch instance
16
+
looks like this:
17
+
</para>
18
+
<programlisting language="bash">
19
+
services.parsedmarc = {
20
+
enable = true;
21
+
settings.imap = {
22
+
host = "imap.example.com";
23
+
user = "alice@example.com";
24
+
password = "/path/to/imap_password_file";
25
+
watch = true;
26
+
};
27
+
provision.geoIp = false; # Not recommended!
28
+
};
29
+
</programlisting>
30
+
<para>
31
+
Note that GeoIP provisioning is disabled in the example for
32
+
simplicity, but should be turned on for fully functional reports.
33
+
</para>
34
+
</section>
35
+
<section xml:id="local-mail">
36
+
<title>Local mail</title>
37
+
<para>
38
+
Instead of watching an external inbox, a local inbox can be
39
+
automatically provisioned. The recipient’s name is by default set
40
+
to <literal>dmarc</literal>, but can be configured in
41
+
<link xlink:href="options.html#opt-services.parsedmarc.provision.localMail.recipientName">services.parsedmarc.provision.localMail.recipientName</link>.
42
+
You need to add an MX record pointing to the host. More
43
+
concretely: for the example to work, an MX record needs to be set
44
+
up for <literal>monitoring.example.com</literal> and the complete
45
+
email address that should be configured in the domain’s dmarc
46
+
policy is <literal>dmarc@monitoring.example.com</literal>.
47
+
</para>
48
+
<programlisting language="bash">
49
+
services.parsedmarc = {
50
+
enable = true;
51
+
provision = {
52
+
localMail = {
53
+
enable = true;
54
+
hostname = monitoring.example.com;
55
+
};
56
+
geoIp = false; # Not recommended!
57
+
};
58
+
};
59
+
</programlisting>
60
+
</section>
61
+
<section xml:id="grafana-and-geoip">
62
+
<title>Grafana and GeoIP</title>
63
+
<para>
64
+
The reports can be visualized and summarized with parsedmarc’s
65
+
official Grafana dashboard. For all views to work, and for the
66
+
data to be complete, GeoIP databases are also required. The
67
+
following example shows a basic deployment where the provisioned
68
+
Elasticsearch instance is automatically added as a Grafana
69
+
datasource, and the dashboard is added to Grafana as well.
70
+
</para>
71
+
<programlisting language="bash">
72
+
services.parsedmarc = {
73
+
enable = true;
74
+
provision = {
75
+
localMail = {
76
+
enable = true;
77
+
hostname = url;
78
+
};
79
+
grafana = {
80
+
datasource = true;
81
+
dashboard = true;
82
+
};
83
+
};
84
+
};
85
+
86
+
# Not required, but recommended for full functionality
87
+
services.geoipupdate = {
88
+
settings = {
89
+
AccountID = 000000;
90
+
LicenseKey = "/path/to/license_key_file";
91
+
};
92
+
};
93
+
94
+
services.grafana = {
95
+
enable = true;
96
+
addr = "0.0.0.0";
97
+
domain = url;
98
+
rootUrl = "https://" + url;
99
+
protocol = "socket";
100
+
security = {
101
+
adminUser = "admin";
102
+
adminPasswordFile = "/path/to/admin_password_file";
103
+
secretKeyFile = "/path/to/secret_key_file";
104
+
};
105
+
};
106
+
107
+
services.nginx = {
108
+
enable = true;
109
+
recommendedTlsSettings = true;
110
+
recommendedOptimisation = true;
111
+
recommendedGzipSettings = true;
112
+
recommendedProxySettings = true;
113
+
upstreams.grafana.servers."unix:/${config.services.grafana.socket}" = {};
114
+
virtualHosts.${url} = {
115
+
root = config.services.grafana.staticRootPath;
116
+
enableACME = true;
117
+
forceSSL = true;
118
+
locations."/".tryFiles = "$uri @grafana";
119
+
locations."@grafana".proxyPass = "http://grafana";
120
+
};
121
+
};
122
+
users.users.nginx.extraGroups = [ "grafana" ];
123
+
</programlisting>
124
+
</section>
125
+
</chapter>
+7
nixos/modules/services/search/elasticsearch.nix
+7
nixos/modules/services/search/elasticsearch.nix
···
201
201
202
202
if [ "$(id -u)" = 0 ]; then chown -R elasticsearch:elasticsearch ${cfg.dataDir}; fi
203
203
'';
204
+
postStart = ''
205
+
# Make sure elasticsearch is up and running before dependents
206
+
# are started
207
+
while ! ${pkgs.curl}/bin/curl -sS -f http://localhost:${toString cfg.port} 2>/dev/null; do
208
+
sleep 1
209
+
done
210
+
'';
204
211
};
205
212
206
213
environment.systemPackages = [ cfg.package ];
+2
-2
nixos/modules/system/activation/top-level.nix
+2
-2
nixos/modules/system/activation/top-level.nix
···
61
61
substituteInPlace $out/dry-activate --subst-var out
62
62
chmod u+x $out/activate $out/dry-activate
63
63
unset activationScript dryActivationScript
64
-
${pkgs.runtimeShell} -n $out/activate
65
-
${pkgs.runtimeShell} -n $out/dry-activate
64
+
${pkgs.stdenv.shell} -n $out/activate
65
+
${pkgs.stdenv.shell} -n $out/dry-activate
66
66
67
67
cp ${config.system.build.bootStage2} $out/init
68
68
substituteInPlace $out/init --subst-var-by systemConfig $out
+1
nixos/tests/all-tests.nix
+1
nixos/tests/all-tests.nix
···
336
336
pam-u2f = handleTest ./pam-u2f.nix {};
337
337
pantheon = handleTest ./pantheon.nix {};
338
338
paperless-ng = handleTest ./paperless-ng.nix {};
339
+
parsedmarc = handleTest ./parsedmarc {};
339
340
pdns-recursor = handleTest ./pdns-recursor.nix {};
340
341
peerflix = handleTest ./peerflix.nix {};
341
342
pgjwt = handleTest ./pgjwt.nix {};
+224
nixos/tests/parsedmarc/default.nix
+224
nixos/tests/parsedmarc/default.nix
···
1
+
# This tests parsedmarc by sending a report to its monitored email
2
+
# address and reading the results out of Elasticsearch.
3
+
4
+
{ pkgs, ... }@args:
5
+
let
6
+
inherit (import ../../lib/testing-python.nix args) makeTest;
7
+
8
+
dmarcTestReport = builtins.fetchurl {
9
+
name = "dmarc-test-report";
10
+
url = "https://github.com/domainaware/parsedmarc/raw/f45ab94e0608088e0433557608d9f4e9517d3afe/samples/aggregate/estadocuenta1.infonacot.gob.mx!example.com!1536853302!1536939702!2940.xml.zip";
11
+
sha256 = "0dq64cj49711kbja27pjl2hy0d3azrjxg91kqrh40x46fkn1dwkx";
12
+
};
13
+
14
+
sendEmail = address:
15
+
pkgs.writeScriptBin "send-email" ''
16
+
#!${pkgs.python3.interpreter}
17
+
import smtplib
18
+
from email import encoders
19
+
from email.mime.base import MIMEBase
20
+
from email.mime.multipart import MIMEMultipart
21
+
from email.mime.text import MIMEText
22
+
23
+
sender_email = "dmarc_tester@fake.domain"
24
+
receiver_email = "${address}"
25
+
26
+
message = MIMEMultipart()
27
+
message["From"] = sender_email
28
+
message["To"] = receiver_email
29
+
message["Subject"] = "DMARC test"
30
+
31
+
message.attach(MIMEText("Testing parsedmarc", "plain"))
32
+
33
+
attachment = MIMEBase("application", "zip")
34
+
35
+
with open("${dmarcTestReport}", "rb") as report:
36
+
attachment.set_payload(report.read())
37
+
38
+
encoders.encode_base64(attachment)
39
+
40
+
attachment.add_header(
41
+
"Content-Disposition",
42
+
"attachment; filename= estadocuenta1.infonacot.gob.mx!example.com!1536853302!1536939702!2940.xml.zip",
43
+
)
44
+
45
+
message.attach(attachment)
46
+
text = message.as_string()
47
+
48
+
with smtplib.SMTP('localhost') as server:
49
+
server.sendmail(sender_email, receiver_email, text)
50
+
server.quit()
51
+
'';
52
+
in
53
+
{
54
+
localMail = makeTest
55
+
{
56
+
name = "parsedmarc-local-mail";
57
+
meta = with pkgs.lib.maintainers; {
58
+
maintainers = [ talyz ];
59
+
};
60
+
61
+
nodes.parsedmarc =
62
+
{ nodes, ... }:
63
+
{
64
+
virtualisation.memorySize = 2048;
65
+
66
+
services.postfix = {
67
+
enableSubmission = true;
68
+
enableSubmissions = true;
69
+
submissionsOptions = {
70
+
smtpd_sasl_auth_enable = "yes";
71
+
smtpd_client_restrictions = "permit";
72
+
};
73
+
};
74
+
75
+
services.parsedmarc = {
76
+
enable = true;
77
+
provision = {
78
+
geoIp = false;
79
+
localMail = {
80
+
enable = true;
81
+
hostname = "localhost";
82
+
};
83
+
};
84
+
};
85
+
86
+
services.elasticsearch.package = pkgs.elasticsearch7-oss;
87
+
88
+
environment.systemPackages = [
89
+
(sendEmail "dmarc@localhost")
90
+
pkgs.jq
91
+
];
92
+
};
93
+
94
+
testScript = { nodes }:
95
+
let
96
+
esPort = toString nodes.parsedmarc.config.services.elasticsearch.port;
97
+
in ''
98
+
parsedmarc.start()
99
+
parsedmarc.wait_for_unit("postfix.service")
100
+
parsedmarc.wait_for_unit("dovecot2.service")
101
+
parsedmarc.wait_for_unit("parsedmarc.service")
102
+
parsedmarc.wait_until_succeeds(
103
+
"curl -sS -f http://localhost:${esPort}"
104
+
)
105
+
106
+
parsedmarc.fail(
107
+
"curl -sS -f http://localhost:${esPort}/_search?q=report_id:2940 | jq -e 'if .hits.total.value > 0 then true else null end'"
108
+
)
109
+
parsedmarc.succeed("send-email")
110
+
parsedmarc.wait_until_succeeds(
111
+
"curl -sS -f http://localhost:${esPort}/_search?q=report_id:2940 | jq -e 'if .hits.total.value > 0 then true else null end'"
112
+
)
113
+
'';
114
+
};
115
+
116
+
externalMail =
117
+
let
118
+
certs = import ../common/acme/server/snakeoil-certs.nix;
119
+
mailDomain = certs.domain;
120
+
parsedmarcDomain = "parsedmarc.fake.domain";
121
+
in
122
+
makeTest {
123
+
name = "parsedmarc-external-mail";
124
+
meta = with pkgs.lib.maintainers; {
125
+
maintainers = [ talyz ];
126
+
};
127
+
128
+
nodes = {
129
+
parsedmarc =
130
+
{ nodes, ... }:
131
+
{
132
+
virtualisation.memorySize = 2048;
133
+
134
+
security.pki.certificateFiles = [
135
+
certs.ca.cert
136
+
];
137
+
138
+
networking.extraHosts = ''
139
+
127.0.0.1 ${parsedmarcDomain}
140
+
${nodes.mail.config.networking.primaryIPAddress} ${mailDomain}
141
+
'';
142
+
143
+
services.parsedmarc = {
144
+
enable = true;
145
+
provision.geoIp = false;
146
+
settings.imap = {
147
+
host = mailDomain;
148
+
port = 993;
149
+
ssl = true;
150
+
user = "alice";
151
+
password = "${pkgs.writeText "imap-password" "foobar"}";
152
+
watch = true;
153
+
};
154
+
};
155
+
156
+
services.elasticsearch.package = pkgs.elasticsearch7-oss;
157
+
158
+
environment.systemPackages = [
159
+
pkgs.jq
160
+
];
161
+
};
162
+
163
+
mail =
164
+
{ nodes, ... }:
165
+
{
166
+
imports = [ ../common/user-account.nix ];
167
+
168
+
networking.extraHosts = ''
169
+
127.0.0.1 ${mailDomain}
170
+
${nodes.parsedmarc.config.networking.primaryIPAddress} ${parsedmarcDomain}
171
+
'';
172
+
173
+
services.dovecot2 = {
174
+
enable = true;
175
+
protocols = [ "imap" ];
176
+
sslCACert = "${certs.ca.cert}";
177
+
sslServerCert = "${certs.${mailDomain}.cert}";
178
+
sslServerKey = "${certs.${mailDomain}.key}";
179
+
};
180
+
181
+
services.postfix = {
182
+
enable = true;
183
+
origin = mailDomain;
184
+
config = {
185
+
myhostname = mailDomain;
186
+
mydestination = mailDomain;
187
+
};
188
+
enableSubmission = true;
189
+
enableSubmissions = true;
190
+
submissionsOptions = {
191
+
smtpd_sasl_auth_enable = "yes";
192
+
smtpd_client_restrictions = "permit";
193
+
};
194
+
};
195
+
environment.systemPackages = [ (sendEmail "alice@${mailDomain}") ];
196
+
197
+
networking.firewall.allowedTCPPorts = [ 993 ];
198
+
};
199
+
};
200
+
201
+
testScript = { nodes }:
202
+
let
203
+
esPort = toString nodes.parsedmarc.config.services.elasticsearch.port;
204
+
in ''
205
+
mail.start()
206
+
mail.wait_for_unit("postfix.service")
207
+
mail.wait_for_unit("dovecot2.service")
208
+
209
+
parsedmarc.start()
210
+
parsedmarc.wait_for_unit("parsedmarc.service")
211
+
parsedmarc.wait_until_succeeds(
212
+
"curl -sS -f http://localhost:${esPort}"
213
+
)
214
+
215
+
parsedmarc.fail(
216
+
"curl -sS -f http://localhost:${esPort}/_search?q=report_id:2940 | jq -e 'if .hits.total.value > 0 then true else null end'"
217
+
)
218
+
mail.succeed("send-email")
219
+
parsedmarc.wait_until_succeeds(
220
+
"curl -sS -f http://localhost:${esPort}/_search?q=report_id:2940 | jq -e 'if .hits.total.value > 0 then true else null end'"
221
+
)
222
+
'';
223
+
};
224
+
}
+2
-2
pkgs/development/interpreters/php/7.4.nix
+2
-2
pkgs/development/interpreters/php/7.4.nix
+2
-2
pkgs/development/interpreters/php/8.0.nix
+2
-2
pkgs/development/interpreters/php/8.0.nix
+2
-2
pkgs/development/libraries/pangomm/2.48.nix
+2
-2
pkgs/development/libraries/pangomm/2.48.nix
···
14
14
15
15
stdenv.mkDerivation rec {
16
16
pname = "pangomm";
17
-
version= "2.48.0";
17
+
version= "2.48.1";
18
18
19
19
outputs = [ "out" "dev" ];
20
20
21
21
src = fetchurl {
22
22
url = "mirror://gnome/sources/${pname}/${lib.versions.majorMinor version}/${pname}-${version}.tar.xz";
23
-
sha256 = "sha256-ng7UdMM/jCACyp4rYcoNHz2OQJ4J6Z9NjBnur8z1W3g=";
23
+
sha256 = "sha256-d2rVPnkeQxBrf0D/CDS+5uTrHGrXy20hVUb3o98O3E0=";
24
24
};
25
25
26
26
nativeBuildInputs = [
+3
-3
pkgs/development/python-modules/azure-mgmt-batchai/default.nix
+3
-3
pkgs/development/python-modules/azure-mgmt-batchai/default.nix
···
2
2
, buildPythonPackage
3
3
, fetchPypi
4
4
, azure-common
5
+
, azure-mgmt-core
5
6
, azure-mgmt-nspkg
6
7
, msrestazure
7
-
, python
8
-
, isPy3k
9
8
}:
10
9
11
10
buildPythonPackage rec {
···
21
20
propagatedBuildInputs = [
22
21
msrestazure
23
22
azure-common
23
+
azure-mgmt-core
24
24
azure-mgmt-nspkg
25
-
];
25
+
];
26
26
27
27
pythonNamespaces = [ "azure.mgmt" ];
28
28
-1
pkgs/development/python-modules/azure-mgmt-iothubprovisioningservices/default.nix
-1
pkgs/development/python-modules/azure-mgmt-iothubprovisioningservices/default.nix
+7
-1
pkgs/development/python-modules/azure-mgmt-sqlvirtualmachine/default.nix
+7
-1
pkgs/development/python-modules/azure-mgmt-sqlvirtualmachine/default.nix
···
1
1
{ lib, buildPythonPackage, fetchPypi, isPy27
2
2
, azure-common
3
+
, azure-mgmt-core
3
4
, msrest
4
5
, msrestazure
5
6
}:
···
15
16
extension = "zip";
16
17
};
17
18
18
-
propagatedBuildInputs = [ azure-common msrest msrestazure ];
19
+
propagatedBuildInputs = [
20
+
azure-common
21
+
azure-mgmt-core
22
+
msrest
23
+
msrestazure
24
+
];
19
25
20
26
# no tests included
21
27
doCheck = false;
+33
pkgs/development/python-modules/azure-synapse-managedprivateendpoints/default.nix
+33
pkgs/development/python-modules/azure-synapse-managedprivateendpoints/default.nix
···
1
+
{ lib, buildPythonPackage, fetchPypi
2
+
, azure-common
3
+
, azure-core
4
+
, msrest
5
+
}:
6
+
7
+
buildPythonPackage rec {
8
+
pname = "azure-synapse-managedprivateendpoints";
9
+
version = "0.4.0";
10
+
11
+
src = fetchPypi {
12
+
inherit pname version;
13
+
extension = "zip";
14
+
sha256 = "900eaeaccffdcd01012b248a7d049008c92807b749edd1c9074ca9248554c17e";
15
+
};
16
+
17
+
propagatedBuildInputs = [
18
+
azure-common
19
+
azure-core
20
+
msrest
21
+
];
22
+
23
+
pythonNamespaces = [ "azure.synapse" ];
24
+
25
+
pythonImportsCheck = [ "azure.synapse.managedprivateendpoints" ];
26
+
27
+
meta = with lib; {
28
+
description = "Microsoft Azure Synapse Managed Private Endpoints Client Library for Python";
29
+
homepage = "https://github.com/Azure/azure-sdk-for-python";
30
+
license = licenses.mit;
31
+
maintainers = with maintainers; [ jonringer ];
32
+
};
33
+
}
+2
-2
pkgs/development/python-modules/google-cloud-audit-log/default.nix
+2
-2
pkgs/development/python-modules/google-cloud-audit-log/default.nix
···
2
2
3
3
buildPythonPackage rec {
4
4
pname = "google-cloud-audit-log";
5
-
version = "0.1.0";
5
+
version = "0.1.1";
6
6
7
7
src = fetchPypi {
8
8
inherit pname version;
9
-
sha256 = "5bf5a53c641b13828154ab21fb209669be69d71cd462f5d6456bf87722fc0eeb";
9
+
sha256 = "a87fdf3c393b830b35c8f7db09094790d0d7babb35068736bea64e1618d286fe";
10
10
};
11
11
12
12
propagatedBuildInputs = [ googleapis-common-protos protobuf ];
+39
pkgs/development/python-modules/mailsuite/default.nix
+39
pkgs/development/python-modules/mailsuite/default.nix
···
1
+
{ buildPythonPackage
2
+
, fetchPypi
3
+
, pythonOlder
4
+
, lib
5
+
6
+
# pythonPackages
7
+
, dnspython
8
+
, html2text
9
+
, mail-parser
10
+
, IMAPClient
11
+
}:
12
+
13
+
buildPythonPackage rec {
14
+
pname = "mailsuite";
15
+
version = "1.6.1";
16
+
17
+
disabled = pythonOlder "3.6";
18
+
19
+
src = fetchPypi {
20
+
inherit pname version;
21
+
sha256 = "17bsnfjjzv8hx5h397p5pa92l6cqc53i0zjjz2p7bjj3xqzhs45a";
22
+
};
23
+
24
+
propagatedBuildInputs = [
25
+
dnspython
26
+
html2text
27
+
mail-parser
28
+
IMAPClient
29
+
];
30
+
31
+
pythonImportsCheck = [ "mailsuite" ];
32
+
33
+
meta = {
34
+
description = "A Python package to simplify receiving, parsing, and sending email";
35
+
homepage = "https://seanthegeek.github.io/mailsuite/";
36
+
maintainers = with lib.maintainers; [ talyz ];
37
+
license = lib.licenses.asl20;
38
+
};
39
+
}
+74
pkgs/development/python-modules/parsedmarc/default.nix
+74
pkgs/development/python-modules/parsedmarc/default.nix
···
1
+
{ buildPythonPackage
2
+
, fetchPypi
3
+
, fetchurl
4
+
, pythonOlder
5
+
, lib
6
+
, nixosTests
7
+
8
+
# pythonPackages
9
+
, tqdm
10
+
, dnspython
11
+
, expiringdict
12
+
, urllib3
13
+
, requests
14
+
, publicsuffix2
15
+
, xmltodict
16
+
, geoip2
17
+
, IMAPClient
18
+
, dateparser
19
+
, elasticsearch-dsl
20
+
, kafka-python
21
+
, mailsuite
22
+
, lxml
23
+
, boto3
24
+
}:
25
+
26
+
let
27
+
dashboard = fetchurl {
28
+
url = "https://raw.githubusercontent.com/domainaware/parsedmarc/77331b55c54cb3269205295bd57d0ab680638964/grafana/Grafana-DMARC_Reports.json";
29
+
sha256 = "0wbihyqbb4ndjg79qs8088zgrcg88km8khjhv2474y7nzjzkf43i";
30
+
};
31
+
in
32
+
buildPythonPackage rec {
33
+
pname = "parsedmarc";
34
+
version = "7.0.1";
35
+
36
+
disabled = pythonOlder "3.7";
37
+
38
+
src = fetchPypi {
39
+
inherit pname version;
40
+
sha256 = "1mi4hx410y7ikpfy1582lm252si0c3yryj0idqgqbx417fm21jjc";
41
+
};
42
+
43
+
propagatedBuildInputs = [
44
+
tqdm
45
+
dnspython
46
+
expiringdict
47
+
urllib3
48
+
requests
49
+
publicsuffix2
50
+
xmltodict
51
+
geoip2
52
+
IMAPClient
53
+
dateparser
54
+
elasticsearch-dsl
55
+
kafka-python
56
+
mailsuite
57
+
lxml
58
+
boto3
59
+
];
60
+
61
+
pythonImportsCheck = [ "parsedmarc" ];
62
+
63
+
passthru = {
64
+
inherit dashboard;
65
+
tests = nixosTests.parsedmarc;
66
+
};
67
+
68
+
meta = {
69
+
description = "Python module and CLI utility for parsing DMARC reports";
70
+
homepage = "https://domainaware.github.io/parsedmarc/";
71
+
maintainers = with lib.maintainers; [ talyz ];
72
+
license = lib.licenses.asl20;
73
+
};
74
+
}
+3
-1
pkgs/development/r-modules/default.nix
+3
-1
pkgs/development/r-modules/default.nix
···
786
786
});
787
787
788
788
RMySQL = old.RMySQL.overrideDerivation (attrs: {
789
-
MYSQL_DIR="${pkgs.libmysqlclient}";
789
+
MYSQL_DIR = "${pkgs.libmysqlclient}";
790
+
PKGCONFIG_CFLAGS = "-I${pkgs.libmysqlclient.dev}/include/mysql";
791
+
NIX_CFLAGS_LINK = "-L${pkgs.libmysqlclient}/lib/mysql -lmysqlclient";
790
792
preConfigure = ''
791
793
patchShebangs configure
792
794
'';
+3
-3
pkgs/development/tools/pscale/default.nix
+3
-3
pkgs/development/tools/pscale/default.nix
···
2
2
3
3
buildGoModule rec {
4
4
pname = "pscale";
5
-
version = "0.65.0";
5
+
version = "0.68.0";
6
6
7
7
src = fetchFromGitHub {
8
8
owner = "planetscale";
9
9
repo = "cli";
10
10
rev = "v${version}";
11
-
sha256 = "sha256-RIyxO2nTysJLdYQvlmhZpS8R2kkwN+XeTlk4Ocbk9C8=";
11
+
sha256 = "sha256-SAKbz33Fpi3sQcqwD2UK5wloJqNs2HohsiGMl1gkfA0=";
12
12
};
13
13
14
-
vendorSha256 = "sha256-8zgWM5e+aKggGbLoL/Fmy7AuALVlLa74eHBxNGjTSy4=";
14
+
vendorSha256 = "sha256-dEkCJe6qiyB/pNh78o2/TTRmWQDsUV2TsXiuchC1JLA=";
15
15
16
16
meta = with lib; {
17
17
homepage = "https://www.planetscale.com/";
+3
-3
pkgs/misc/emulators/punes/default.nix
+3
-3
pkgs/misc/emulators/punes/default.nix
···
19
19
20
20
mkDerivation rec {
21
21
pname = "punes";
22
-
version = "unstable-2021-07-19";
22
+
version = "unstable-2021-09-11";
23
23
24
24
src = fetchFromGitHub {
25
25
owner = "punesemu";
26
26
repo = "puNES";
27
-
rev = "15ab85dabb220889419df0c249c06f3db2b09dc0";
28
-
sha256 = "1w0c5lfdl9ha4sxxva6hcpcaa444px6x25471q37l69n71rmjpy8";
27
+
rev = "60ca36fcb066c41d0b3f2b550ca94dc7d12d84d6";
28
+
sha256 = "JOi6AE1bpAc/wj9fQqHrUNc6vceeUyP0phT2f9kcJTY=";
29
29
};
30
30
31
31
postPatch = ''
+2
-2
pkgs/servers/http/nginx/mainline.nix
+2
-2
pkgs/servers/http/nginx/mainline.nix
+2
-2
pkgs/servers/irc/inspircd/default.nix
+2
-2
pkgs/servers/irc/inspircd/default.nix
···
142
142
143
143
stdenv.mkDerivation rec {
144
144
pname = "inspircd";
145
-
version = "3.10.0";
145
+
version = "3.11.0";
146
146
147
147
src = fetchFromGitHub {
148
148
owner = pname;
149
149
repo = pname;
150
150
rev = "v${version}";
151
-
sha256 = "1817gmxk4v7k5398d2fb6qkwadg0fd980gqmr80wdnppx450ikn7";
151
+
sha256 = "083fp69fi4nhrw9v1dan5m3mgb19a2gpqnap356xs9nnqy01sgv7";
152
152
};
153
153
154
154
outputs = [ "bin" "lib" "man" "doc" "out" ];
+3
-3
pkgs/servers/plex/raw.nix
+3
-3
pkgs/servers/plex/raw.nix
···
12
12
# server, and the FHS userenv and corresponding NixOS module should
13
13
# automatically pick up the changes.
14
14
stdenv.mkDerivation rec {
15
-
version = "1.24.1.4931-1a38e63c6";
15
+
version = "1.24.2.4973-2b1b51db9";
16
16
pname = "plexmediaserver";
17
17
18
18
# Fetch the source
19
19
src = if stdenv.hostPlatform.system == "aarch64-linux" then fetchurl {
20
20
url = "https://downloads.plex.tv/plex-media-server-new/${version}/debian/plexmediaserver_${version}_arm64.deb";
21
-
sha256 = "1vsg90rlhynfk8wlbf080fv9wah7w8244pl878hjbi6yrjmz2s7g";
21
+
sha256 = "12vs0d38z5w0vvs00jdgdsj3a4fsn1b0iclfaxsakr2hn0j8zmm0";
22
22
} else fetchurl {
23
23
url = "https://downloads.plex.tv/plex-media-server-new/${version}/debian/plexmediaserver_${version}_amd64.deb";
24
-
sha256 = "08xai0jcpmj1hwkkkgc87v9xwszd5bvwhn36kp6v73jnv1l5cmqb";
24
+
sha256 = "0m9kb5a2zgfglv07f6pw76kj8k39sswby3i48g4pkxzhs1v5qskw";
25
25
};
26
26
27
27
outputs = [ "out" "basedb" ];
+5
-2
pkgs/tools/admin/azure-cli/default.nix
+5
-2
pkgs/tools/admin/azure-cli/default.nix
···
1
1
{ stdenv, lib, python3, fetchFromGitHub, installShellFiles }:
2
2
3
3
let
4
-
version = "2.26.1";
4
+
version = "2.28.0";
5
5
srcName = "azure-cli-${version}-src";
6
6
7
7
src = fetchFromGitHub {
···
9
9
owner = "Azure";
10
10
repo = "azure-cli";
11
11
rev = "azure-cli-${version}";
12
-
sha256 = "sha256-AwchP0o3I2T37dLPNw51wldwYUmcRuWptyzrhOocEaQ=";
12
+
sha256 = "sha256-fTt6tIcc96f8t3NUaR0RG0JQ+LPgqSHuJSmVx4a6X7M=";
13
13
};
14
14
15
15
# put packages that needs to be overriden in the py package scope
···
28
28
substituteInPlace setup.py \
29
29
--replace "javaproperties==0.5.1" "javaproperties" \
30
30
--replace "pytz==2019.1" "pytz" \
31
+
--replace "scp~=0.13.2" "scp" \
31
32
--replace "jsondiff==1.2.0" "jsondiff~=1.2" \
32
33
--replace "antlr4-python3-runtime~=4.7.2" "antlr4-python3-runtime~=4.7" \
33
34
--replace "mock~=4.0" "mock"
···
125
126
azure-storage-blob
126
127
azure-synapse-accesscontrol
127
128
azure-synapse-artifacts
129
+
azure-synapse-managedprivateendpoints
128
130
azure-synapse-spark
129
131
colorama
130
132
cryptography
133
+
distro
131
134
Fabric
132
135
jsmin
133
136
knack
+67
-54
pkgs/tools/admin/azure-cli/python-packages.nix
+67
-54
pkgs/tools/admin/azure-cli/python-packages.nix
···
92
92
'';
93
93
94
94
doCheck = stdenv.isLinux;
95
-
# ignore tests that does network call
95
+
# ignore tests that does network call, or assume powershell
96
96
checkPhase = ''
97
97
rm azure/{,cli/}__init__.py
98
98
python -c 'import azure.common; print(azure.common)'
99
99
PYTHONPATH=$PWD:$PYTHONPATH HOME=$TMPDIR pytest \
100
100
--ignore=azure/cli/core/tests/test_profile.py \
101
101
--ignore=azure/cli/core/tests/test_generic_update.py \
102
-
-k 'not metadata_url and not test_send_raw_requests'
102
+
-k 'not metadata_url and not test_send_raw_requests and not test_format_styled_text_legacy_powershell'
103
103
'';
104
104
105
105
pythonImportsCheck = [
···
136
136
azure-appconfiguration = overrideAzureMgmtPackage super.azure-appconfiguration "1.1.1" "zip"
137
137
"sha256-uDzSy2PZMiXehOJ6u/wFkhL43id2b0xY3Tq7g53/C+Q=";
138
138
139
-
azure-batch = overrideAzureMgmtPackage super.azure-batch "10.0.0" "zip"
140
-
"83d7a2b0be42ca456ac2b56fa3dc6ce704c130e888d37d924072c1d3718f32d0";
139
+
azure-batch = overrideAzureMgmtPackage super.azure-batch "11.0.0" "zip"
140
+
"83d7a2b0be42ca456ac2b56fa3dc6ce704c130e888d37d924072c1d3718f32da";
141
141
142
142
azure-mgmt-apimanagement = overrideAzureMgmtPackage super.azure-mgmt-apimanagement "0.2.0" "zip"
143
143
"0whx3s8ri9939r3pdvjf8iqcslas1xy6cnccidmp10r5ng0023vr";
144
144
145
-
azure-mgmt-batch = overrideAzureMgmtPackage super.azure-mgmt-batch "15.0.0" "zip"
146
-
"9b793bb31a0d4dc8c29186db61db24d83795851a75846aadb187cf95bf853ccb";
145
+
azure-mgmt-batch = overrideAzureMgmtPackage super.azure-mgmt-batch "16.0.0" "zip"
146
+
"1b3cecd6f16813879c6ac1a1bb01f9a6f2752cd1f9157eb04d5e41e4a89f3c34";
147
+
148
+
azure-mgmt-batchai = overrideAzureMgmtPackage super.azure-mgmt-batchai "7.0.0b1" "zip"
149
+
"sha256-mT6vvjWbq0RWQidugR229E8JeVEiobPD3XA/nDM3I6Y=";
147
150
148
151
azure-mgmt-billing = overrideAzureMgmtPackage super.azure-mgmt-billing "6.0.0" "zip"
149
152
"d4f5c5a4188a456fe1eb32b6c45f55ca2069c74be41eb76921840b39f2f5c07f";
···
151
154
azure-mgmt-botservice = overrideAzureMgmtPackage super.azure-mgmt-botservice "0.3.0" "zip"
152
155
"f8318878a66a0685a01bf27b7d1409c44eb90eb72b0a616c1a2455c72330f2f1";
153
156
154
-
azure-mgmt-policyinsights = overrideAzureMgmtPackage super.azure-mgmt-policyinsights "0.5.0" "zip"
155
-
"1wxh7mgrknnhqyafdd7sbwx8plx0zga2af21vs6yhxy48lw9w8pd";
157
+
azure-mgmt-policyinsights = overrideAzureMgmtPackage super.azure-mgmt-policyinsights "1.0.0" "zip"
158
+
"75103fb4541aeae30bb687dee1fedd9ca65530e6b97b2d9ea87f74816905202a";
156
159
157
-
azure-mgmt-rdbms = overrideAzureMgmtPackage super.azure-mgmt-rdbms "8.1.0b4" "zip"
158
-
"sha256-39msNYlZeZdn8cJ4LjZw9oxzy0YrNSPVEIN21wnkMKs=";
160
+
azure-mgmt-rdbms = overrideAzureMgmtPackage super.azure-mgmt-rdbms "9.1.0b1" "zip"
161
+
"sha256-O/6dE6lUnowYTWwQLWt3u1dwV4jBof+Jok0PUhFEEs0=";
159
162
160
-
azure-mgmt-recoveryservices = overrideAzureMgmtPackage super.azure-mgmt-recoveryservices "1.0.0" "zip"
161
-
"sha256-q4cQjA1c4n2AWDtL+tlmrQcEncvA6awoxkqmu9rmTiI=";
163
+
azure-mgmt-recoveryservices = overrideAzureMgmtPackage super.azure-mgmt-recoveryservices "2.0.0" "zip"
164
+
"sha256-p9MTfVxGD1CsLUQGHWCnC08nedTKhEt3QZtXJeZeCb4=";
162
165
163
-
azure-mgmt-recoveryservicesbackup = overrideAzureMgmtPackage super.azure-mgmt-recoveryservicesbackup "0.12.0" "zip"
164
-
"sha256-mrw1Gs3LMOPFiL5mSSrm+g1/dxihplA6ItYHbwljJbM=";
166
+
azure-mgmt-recoveryservicesbackup = overrideAzureMgmtPackage super.azure-mgmt-recoveryservicesbackup "0.14.0" "zip"
167
+
"sha256-sXGUQEO6tba3m1l+0Iir/eptTt+XRXyTr8FxbDzr6I0=";
165
168
166
-
azure-mgmt-resource = overrideAzureMgmtPackage super.azure-mgmt-resource "18.0.0" "zip"
167
-
"551036e592f409ef477d30937ea7cc4dda5126576965d9c816fdb8401bbd774c";
169
+
azure-mgmt-resource = overrideAzureMgmtPackage super.azure-mgmt-resource "19.0.0" "zip"
170
+
"bbb60bb9419633c2339569d4e097908638c7944e782b5aef0f5d9535085a9100";
168
171
169
172
azure-mgmt-appconfiguration = overrideAzureMgmtPackage super.azure-mgmt-appconfiguration "2.0.0" "zip"
170
173
"b58bbe82a7429ba589292024896b58d96fe9fa732c578569cac349928dc2ca5f";
···
172
175
azure-mgmt-cognitiveservices = overrideAzureMgmtPackage super.azure-mgmt-cognitiveservices "12.0.0" "zip"
173
176
"73054bd19866577e7e327518afc8f47e1639a11aea29a7466354b81804f4a676";
174
177
175
-
azure-mgmt-compute = overrideAzureMgmtPackage super.azure-mgmt-compute "21.0.0" "zip"
176
-
"sha256-kifDdVpwvDd9cONeH8bx+rEJ3YiXT9LHEphnzKoQ+BM=";
178
+
azure-mgmt-compute = overrideAzureMgmtPackage super.azure-mgmt-compute "22.1.0" "zip"
179
+
"sha256-Kq1BSEOu4PVEJ/iH91NsxRVdaFJyjUTf7vYzrFITX9w=";
177
180
178
181
azure-mgmt-consumption = overrideAzureMgmtPackage super.azure-mgmt-consumption "2.0.0" "zip"
179
182
"12ai4qps73ivawh0yzvgb148ksx02r30pqlvfihx497j62gsi1cs";
180
183
181
-
azure-mgmt-containerinstance = overrideAzureMgmtPackage super.azure-mgmt-containerinstance "1.4.0" "zip"
182
-
"1qw6228bia5pimcijr755npli2l33jyfka1s2bzgl1w4h3prsji7";
184
+
azure-mgmt-containerinstance = overrideAzureMgmtPackage super.azure-mgmt-containerinstance "8.0.0" "zip"
185
+
"7aeb380af71fc35a71d6752fa25eb5b95fdb2a0027fa32e6f50bce87e2622916";
183
186
184
-
azure-mgmt-containerservice = overrideAzureMgmtPackage super.azure-mgmt-containerservice "16.0.0" "zip"
185
-
"d6aa95951d32fe2cb390b3d8ae4f6459746de51bbaad94b5d1842dd35c4d0c11";
187
+
azure-mgmt-containerservice = overrideAzureMgmtPackage super.azure-mgmt-containerservice "16.1.0" "zip"
188
+
"sha256-NlTIrOK4ho0OqcTHjHT1HobiMzDH2KY20TIlN0fm8/Q=";
186
189
187
190
azure-mgmt-cosmosdb = overrideAzureMgmtPackage super.azure-mgmt-cosmosdb "6.4.0" "zip"
188
191
"fb6b8ab80ab97214b94ae9e462ba1c459b68a3af296ffc26317ebd3ff500e00b";
189
192
190
-
azure-mgmt-databoxedge = overrideAzureMgmtPackage super.azure-mgmt-databoxedge "0.2.0" "zip"
191
-
"sha256-g8BtUpIGOse8Jrws48gQ/o7sgymlgX0XIxl1ThHS3XA=";
193
+
azure-mgmt-databoxedge = overrideAzureMgmtPackage super.azure-mgmt-databoxedge "1.0.0" "zip"
194
+
"04090062bc1e8f00c2f45315a3bceb0fb3b3479ec1474d71b88342e13499b087";
192
195
193
196
azure-mgmt-deploymentmanager = overrideAzureMgmtPackage super.azure-mgmt-deploymentmanager "0.2.0" "zip"
194
197
"0c6pyr36n9snx879vas5r6l25db6nlp2z96xn759mz4kg4i45qs6";
···
199
202
azure-mgmt-imagebuilder = overrideAzureMgmtPackage super.azure-mgmt-imagebuilder "0.4.0" "zip"
200
203
"0cqpjnkpid6a34ifd4vk4fn1h57pa1bg3r756wv082xl2szr34jc";
201
204
202
-
azure-mgmt-iothub = overrideAzureMgmtPackage super.azure-mgmt-iothub "2.0.0" "zip"
203
-
"653a765f0beb6af0c9ecbd290b4101e1b5e0f6450405faf28ab8234c15d8b38b";
205
+
azure-mgmt-iothub = overrideAzureMgmtPackage super.azure-mgmt-iothub "2.1.0" "zip"
206
+
"2724f48cadb1be7ee96fc26c7bfa178f82cea5d325e785e91d9f26965fa8e46f";
204
207
205
-
azure-mgmt-iothubprovisioningservices = overrideAzureMgmtPackage super.azure-mgmt-iothubprovisioningservices "0.2.0" "zip"
206
-
"sha256-jDes/Rwzq6hF8uAwLvcmbK0xy6UDzJkKSGhGWay3uR0=";
208
+
azure-mgmt-iothubprovisioningservices = overrideAzureMgmtPackage super.azure-mgmt-iothubprovisioningservices "0.3.0" "zip"
209
+
"sha256-0Bt3JfP2jFpv8CGEqb3ajHdYiK9mN43YMUkD0KRuMrk=";
207
210
208
-
azure-mgmt-iotcentral = overrideAzureMgmtPackage super.azure-mgmt-iotcentral "4.1.0" "zip"
209
-
"e6d4810f454c0d63a5e816eaa7e54a073a3f70b2256162ff1c234cfe91783ae6";
211
+
azure-mgmt-iotcentral = overrideAzureMgmtPackage super.azure-mgmt-iotcentral "9.0.0b1" "zip"
212
+
"sha256-WEF5HuiaUTnka/2w0cVX/VwRt8/GD0+5fqGkn1BVx4I=";
210
213
211
214
azure-mgmt-kusto = overrideAzureMgmtPackage super.azure-mgmt-kusto "0.3.0" "zip"
212
215
"1pmcdgimd66h964a3d5m2j2fbydshcwhrk87wblhwhfl3xwbgf4y";
···
220
223
azure-mgmt-dns = overrideAzureMgmtPackage super.azure-mgmt-dns "8.0.0" "zip"
221
224
"407c2dacb33513ffbe9ca4be5addb5e9d4bae0cb7efa613c3f7d531ef7bf8de8";
222
225
223
-
azure-mgmt-loganalytics = overrideAzureMgmtPackage super.azure-mgmt-loganalytics "8.0.0" "zip"
224
-
"3e7a93186594c328a6f34f0e0d9209a05021228baa85aa4c1c4ffdbf8005a45f";
226
+
azure-mgmt-loganalytics = overrideAzureMgmtPackage super.azure-mgmt-loganalytics "11.0.0" "zip"
227
+
"41671fc6e95180fb6147cb40567410c34b85fb69bb0a9b3e09feae1ff370ee9d";
225
228
226
229
azure-mgmt-network = overrideAzureMgmtPackage super.azure-mgmt-network "19.0.0" "zip"
227
230
"5e39a26ae81fa58c13c02029700f8c7b22c3fd832a294c543e3156a91b9459e8";
228
231
229
-
azure-mgmt-maps = overrideAzureMgmtPackage super.azure-mgmt-maps "0.1.0" "zip"
230
-
"sha256-wSDiELthdo2ineJNKLgvjUKuJOUjlutlabSZcJ4i8AY=";
232
+
azure-mgmt-maps = overrideAzureMgmtPackage super.azure-mgmt-maps "2.0.0" "zip"
233
+
"384e17f76a68b700a4f988478945c3a9721711c0400725afdfcb63cf84e85f0e";
231
234
232
235
azure-mgmt-managedservices = overrideAzureMgmtPackage super.azure-mgmt-managedservices "1.0.0" "zip"
233
236
"sha256-/tg5n8Z3Oq2jfB0ElqRvWUENd8lJTQyllnxTHDN2rRk=";
···
238
241
azure-mgmt-marketplaceordering = overrideAzureMgmtPackage super.azure-mgmt-marketplaceordering "1.1.0" "zip"
239
242
"68b381f52a4df4435dacad5a97e1c59ac4c981f667dcca8f9d04453417d60ad8";
240
243
241
-
azure-mgmt-media = overrideAzureMgmtPackage super.azure-mgmt-media "3.0.0" "zip"
242
-
"sha256-iUR3VyXFJTYU0ldXbYQe5or6NPVwsFwJJKf3Px2yiiQ=";
244
+
azure-mgmt-media = overrideAzureMgmtPackage super.azure-mgmt-media "7.0.0" "zip"
245
+
"sha256-tF6CpZTtkc1ap6XNXQHwOLesPPEiM+e6K+qqNHeQDo4=";
243
246
244
247
azure-mgmt-msi = overrideAzureMgmtPackage super.azure-mgmt-msi "0.2.0" "zip"
245
248
"0rvik03njz940x2hvqg6iiq8k0d88gyygsr86w8s0sa12sdbq8l6";
···
250
253
azure-mgmt-web = overrideAzureMgmtPackage super.azure-mgmt-web "2.0.0" "zip"
251
254
"0040e1c9c795f7bebe43647ff30b62cb0db7175175df5cbfa1e554a6a277b81e";
252
255
253
-
azure-mgmt-redhatopenshift = overrideAzureMgmtPackage super.azure-mgmt-redhatopenshift "0.1.0" "zip"
254
-
"1g65lbia1i1jw6qkyjz2ldyl3p90rbr78l8kfryg70sj7z3gnnjn";
256
+
azure-mgmt-redhatopenshift = overrideAzureMgmtPackage super.azure-mgmt-redhatopenshift "1.0.0" "zip"
257
+
"94cd41f1ebd82e40620fd3e6d88f666b5c19ac7cf8b4e8edadb9721bd7c80980";
255
258
256
-
azure-mgmt-redis = overrideAzureMgmtPackage super.azure-mgmt-redis "7.0.0rc1" "zip"
257
-
"086wk31wsl8dx14qpd0g1bly8i9a8fix007djlj9cybva2f2bk6k";
259
+
azure-mgmt-redis = overrideAzureMgmtPackage super.azure-mgmt-redis "13.0.0" "zip"
260
+
"283f776afe329472c20490b1f2c21c66895058cb06fb941eccda42cc247217f1";
258
261
259
262
azure-mgmt-reservations = overrideAzureMgmtPackage super.azure-mgmt-reservations "0.6.0" "zip"
260
263
"16ycni3cjl9c0mv419gy5rgbrlg8zp0vnr6aj8z8p2ypdw6sgac3";
···
262
265
azure-mgmt-search = overrideAzureMgmtPackage super.azure-mgmt-search "8.0.0" "zip"
263
266
"a96d50c88507233a293e757202deead980c67808f432b8e897c4df1ca088da7e";
264
267
265
-
azure-mgmt-security = overrideAzureMgmtPackage super.azure-mgmt-security "0.6.0" "zip"
266
-
"9f37d0151d730801222af111f0830905634795dbfd59ad1b89c35197421e74d3";
268
+
azure-mgmt-security = overrideAzureMgmtPackage super.azure-mgmt-security "1.0.0" "zip"
269
+
"ae1cff598dfe80e93406e524c55c3f2cbffced9f9b7a5577e3375008a4c3bcad";
267
270
268
271
azure-mgmt-signalr = overrideAzureMgmtPackage super.azure-mgmt-signalr "1.0.0b2" "zip"
269
272
"sha256-FTxY8qoihHG4OZuKT3sRRlKfORbIoqDqug9Ko+6S9dw=";
270
273
271
-
azure-mgmt-sql = overrideAzureMgmtPackage super.azure-mgmt-sql "0.29.0" "zip"
272
-
"sha256-a8epWPoGI4SA01DkjToaHmTx8lSPgwMB7dutI/zaoAA=";
274
+
azure-mgmt-sql = overrideAzureMgmtPackage super.azure-mgmt-sql "3.0.1" "zip"
275
+
"129042cc011225e27aee6ef2697d585fa5722e5d1aeb0038af6ad2451a285457";
273
276
274
-
azure-mgmt-sqlvirtualmachine = overrideAzureMgmtPackage super.azure-mgmt-sqlvirtualmachine "0.5.0" "zip"
275
-
"1b9am8raa17hxnz7d5pk2ix0309wsnhnchq1mi22icd728sl5adm";
277
+
azure-mgmt-sqlvirtualmachine = overrideAzureMgmtPackage super.azure-mgmt-sqlvirtualmachine "1.0.0b1" "zip"
278
+
"sha256-SrFTvU+67U3CpMLPZMawXuRdSIbTsfav2jFZIsZWPmw=";
276
279
277
280
azure-mgmt-synapse = overrideAzureMgmtPackage super.azure-mgmt-synapse "2.0.0" "zip"
278
281
"bec6bdfaeb55b4fdd159f2055e8875bf50a720bb0fce80a816e92a2359b898c8";
279
282
280
-
azure-mgmt-datamigration = overrideAzureMgmtPackage super.azure-mgmt-datamigration "4.1.0" "zip"
281
-
"c33d1deb0ee173a15c8ec21a1e714ba544fe5f4895d3b1d8b0581f3c1b2e8ce4";
283
+
azure-mgmt-datamigration = overrideAzureMgmtPackage super.azure-mgmt-datamigration "9.0.0" "zip"
284
+
"sha256-cDc9vrNad2ikc0G7O1cMVZGXvBujb8j4vxUTnkyLrXA=";
282
285
283
286
azure-mgmt-relay = overrideAzureMgmtPackage super.azure-mgmt-relay "0.1.0" "zip"
284
287
"1jss6qhvif8l5s0lblqw3qzijjf0h88agciiydaa7f4q577qgyfr";
···
286
289
azure-mgmt-eventhub = overrideAzureMgmtPackage super.azure-mgmt-eventhub "4.1.0" "zip"
287
290
"186g70slb259ybrr69zr2ibbmqgplnpncwxzg0nxp6rd7pml7d85";
288
291
289
-
azure-mgmt-keyvault = overrideAzureMgmtPackage super.azure-mgmt-keyvault "9.0.0" "zip"
290
-
"2890c489289b8a0bf833852014f2f494eb96873834896910ddfa58cfa97b90da";
292
+
azure-mgmt-keyvault = overrideAzureMgmtPackage super.azure-mgmt-keyvault "9.1.0" "zip"
293
+
"sha256-zTXoHEo8+BKt5L3PH3zPS1t4qAHvlnNAASpqyf5h3tI=";
291
294
292
295
azure-mgmt-cdn = overrideAzureMgmtPackage super.azure-mgmt-cdn "11.0.0" "zip"
293
296
"28e7070001e7208cdb6c2ad253ec78851abdd73be482230d2c0874eed5bc0907";
294
297
295
-
azure-mgmt-containerregistry = overrideAzureMgmtPackage super.azure-mgmt-containerregistry "8.0.0" "zip"
296
-
"480eb5d1bb910da4e87a5d7047e2f3e426083b14911ac64c48badd0218e9e756";
298
+
azure-mgmt-containerregistry = overrideAzureMgmtPackage super.azure-mgmt-containerregistry "8.1.0" "zip"
299
+
"62efbb03275d920894d79879ad0ed59605163abd32177dcf24e90c1862ebccbd";
297
300
298
301
azure-mgmt-monitor = overrideAzureMgmtPackage super.azure-mgmt-monitor "2.0.0" "zip"
299
302
"e7f7943fe8f0efe98b3b1996cdec47c709765257a6e09e7940f7838a0f829e82";
···
313
316
azure-mgmt-servicebus = overrideAzureMgmtPackage super.azure-mgmt-servicebus "6.0.0" "zip"
314
317
"f6c64ed97d22d0c03c4ca5fc7594bd0f3d4147659c10110160009b93f541298e";
315
318
316
-
azure-mgmt-servicefabric = overrideAzureMgmtPackage super.azure-mgmt-servicefabric "0.5.0" "zip"
317
-
"0x6wxb9zrvcayg3yw0nm99p10vvgc0x3zwk9amzs5m682r2z4wap";
319
+
azure-mgmt-servicefabric = overrideAzureMgmtPackage super.azure-mgmt-servicefabric "1.0.0" "zip"
320
+
"de35e117912832c1a9e93109a8d24cab94f55703a9087b2eb1c5b0655b3b1913";
318
321
319
322
azure-mgmt-hdinsight = overrideAzureMgmtPackage super.azure-mgmt-hdinsight "8.0.0" "zip"
320
323
"2c43f1a62e5b83304392b0ad7cfdaeef2ef2f47cb3fdfa2577b703b6ea126000";
···
367
370
inherit (oldAttrs) pname;
368
371
inherit version;
369
372
sha256 = "sha256-g14ySiByqPgkJGRH8EnIRJO9Q6H2usS5FOeMCQiUuwQ=";
373
+
extension = "zip";
374
+
};
375
+
});
376
+
377
+
azure-synapse-managedprivateendpoints = super.azure-synapse-managedprivateendpoints.overrideAttrs(oldAttrs: rec {
378
+
version = "0.3.0";
379
+
src = super.fetchPypi {
380
+
inherit (oldAttrs) pname;
381
+
inherit version;
382
+
sha256 = "sha256-fN1IuZ9fjxgRZv6qh9gg6v6KYpnKlXfnoLqfZCDXoRY=";
370
383
extension = "zip";
371
384
};
372
385
});
+1
-1
pkgs/tools/misc/ipxe/default.nix
+1
-1
pkgs/tools/misc/ipxe/default.nix
···
61
61
62
62
configurePhase = ''
63
63
runHook preConfigure
64
-
for opt in $enabledOptions; do echo "#define $opt" >> src/config/general.h; done
64
+
for opt in ${lib.escapeShellArgs enabledOptions}; do echo "#define $opt" >> src/config/general.h; done
65
65
sed -i '/cp \''${ISOLINUX_BIN}/s/$/ --no-preserve=mode/' src/util/geniso
66
66
substituteInPlace src/Makefile.housekeeping --replace '/bin/echo' echo
67
67
runHook postConfigure
+16
-3
pkgs/tools/misc/pv/default.nix
+16
-3
pkgs/tools/misc/pv/default.nix
···
1
-
{ lib, stdenv, fetchurl } :
1
+
{ lib
2
+
, stdenv
3
+
, fetchurl
4
+
, fetchpatch
5
+
}:
2
6
3
7
stdenv.mkDerivation rec {
4
8
pname = "pv";
5
-
version = "1.6.6";
9
+
version = "1.6.20";
10
+
name = "pv-1.6.20";
6
11
7
12
src = fetchurl {
8
13
url = "https://www.ivarch.com/programs/sources/pv-${version}.tar.bz2";
9
-
sha256 = "1wbk14xh9rfypiwyy68ssl8dliyji30ly70qki1y2xx3ywszk3k0";
14
+
sha256 = "00y6zla8h653sn4axgqz7rr0x79vfwl62a7gn6lzn607zwg9acg8";
10
15
};
16
+
17
+
patches = [
18
+
# Fix build on aarch64-darwin using patch from Homebrew
19
+
(fetchpatch {
20
+
url = "https://raw.githubusercontent.com/Homebrew/homebrew-core/0780f1df9fdbd8914ff50ac24eb0ec0d3561c1b7/Formula/pv.rb";
21
+
sha256 = "001xayskfprri4s2gd3bqwajw6nz6nv0ggb0835par7q7bsd0dzr";
22
+
})
23
+
];
11
24
12
25
meta = {
13
26
homepage = "http://www.ivarch.com/programs/pv";
+8
pkgs/tools/networking/mosh/default.nix
+8
pkgs/tools/networking/mosh/default.nix
···
31
31
./bash_completion_datadir.patch
32
32
];
33
33
postPatch = ''
34
+
# Fix build with Xcode 12.5 toolchain/case-insensitive filesystems
35
+
# Backport of https://github.com/mobile-shell/mosh/commit/12199114fe4234f791ef4c306163901643b40538;
36
+
# remove on next upstream release.
37
+
patch -p0 < ${fetchpatch {
38
+
url = "https://raw.githubusercontent.com/macports/macports-ports/70ca3f65e622c17582fd938602d800157ed951c3/net/mosh/files/patch-version-subdir.diff";
39
+
sha256 = "1yyh6d07y9zbdx4fb0r56zkq9nd9knwzj22v4dfi55k4k42qxapd";
40
+
}}
41
+
34
42
substituteInPlace scripts/mosh.pl \
35
43
--subst-var-by ssh "${openssh}/bin/ssh"
36
44
substituteInPlace scripts/mosh.pl \
+6
pkgs/top-level/python-packages.nix
+6
pkgs/top-level/python-packages.nix
···
961
961
962
962
azure-synapse-artifacts = callPackage ../development/python-modules/azure-synapse-artifacts { };
963
963
964
+
azure-synapse-managedprivateendpoints = callPackage ../development/python-modules/azure-synapse-managedprivateendpoints { };
965
+
964
966
azure-synapse-spark = callPackage ../development/python-modules/azure-synapse-spark { };
965
967
966
968
b2sdk = callPackage ../development/python-modules/b2sdk { };
···
4400
4402
4401
4403
makefun = callPackage ../development/python-modules/makefun { };
4402
4404
4405
+
mailsuite = callPackage ../development/python-modules/mailsuite { };
4406
+
4403
4407
Mako = callPackage ../development/python-modules/Mako { };
4404
4408
4405
4409
malduck= callPackage ../development/python-modules/malduck { };
···
5255
5259
parse = callPackage ../development/python-modules/parse { };
5256
5260
5257
5261
parsedatetime = callPackage ../development/python-modules/parsedatetime { };
5262
+
5263
+
parsedmarc = callPackage ../development/python-modules/parsedmarc { };
5258
5264
5259
5265
parsel = callPackage ../development/python-modules/parsel { };
5260
5266