pyrox.dev
lol
Merge master into staging-next
authored by
github-actions[bot]
and committed by
GitHub
f5149932
54c2bcdf
+3
-3
nixos/modules/config/update-users-groups.pl
+3
-3
nixos/modules/config/update-users-groups.pl
···
223
}
224
225
# Ensure home directory incl. ownership and permissions.
226
-
if ($u->{createHome}) {
227
-
make_path($u->{home}, { mode => 0700 }) if ! -e $u->{home} and ! $is_dry;
228
chown $u->{uid}, $u->{gid}, $u->{home};
229
-
chmod 0700, $u->{home};
230
}
231
232
if (defined $u->{passwordFile}) {
···
223
}
224
225
# Ensure home directory incl. ownership and permissions.
226
+
if ($u->{createHome} and !$is_dry) {
227
+
make_path($u->{home}, { mode => oct($u->{homeMode}) }) if ! -e $u->{home};
228
chown $u->{uid}, $u->{gid}, $u->{home};
229
+
chmod oct($u->{homeMode}), $u->{home};
230
}
231
232
if (defined $u->{passwordFile}) {
+9
-2
nixos/modules/config/users-groups.nix
+9
-2
nixos/modules/config/users-groups.nix
···
48
services such as SSH, or indirectly via <command>su</command> or
49
<command>sudo</command>). This should only be used for e.g. bootable
50
live systems. Note: this is different from setting an empty password,
51
-
which ca be achieved using <option>users.users.<name?>.password</option>.
52
53
If set to <literal>null</literal> (default) this user will not
54
be able to log in using a password (i.e. via <command>login</command>
···
139
description = "The user's home directory.";
140
};
141
142
cryptHomeLuks = mkOption {
143
type = with types; nullOr str;
144
default = null;
···
319
group = mkDefault "users";
320
createHome = mkDefault true;
321
home = mkDefault "/home/${config.name}";
322
useDefaultShell = mkDefault true;
323
isSystemUser = mkDefault false;
324
})
···
430
inherit (cfg) mutableUsers;
431
users = mapAttrsToList (_: u:
432
{ inherit (u)
433
-
name uid group description home createHome isSystemUser
434
password passwordFile hashedPassword
435
autoSubUidGidRange subUidRanges subGidRanges
436
initialPassword initialHashedPassword;
···
48
services such as SSH, or indirectly via <command>su</command> or
49
<command>sudo</command>). This should only be used for e.g. bootable
50
live systems. Note: this is different from setting an empty password,
51
+
which can be achieved using <option>users.users.<name?>.password</option>.
52
53
If set to <literal>null</literal> (default) this user will not
54
be able to log in using a password (i.e. via <command>login</command>
···
139
description = "The user's home directory.";
140
};
141
142
+
homeMode = mkOption {
143
+
type = types.strMatching "[0-7]{1,5}";
144
+
default = "700";
145
+
description = "The user's home directory mode in numeric format. See chmod(1). The mode is only applied if <option>users.users.<name>.createHome</option> is true.";
146
+
};
147
+
148
cryptHomeLuks = mkOption {
149
type = with types; nullOr str;
150
default = null;
···
325
group = mkDefault "users";
326
createHome = mkDefault true;
327
home = mkDefault "/home/${config.name}";
328
+
homeMode = mkDefault "700";
329
useDefaultShell = mkDefault true;
330
isSystemUser = mkDefault false;
331
})
···
437
inherit (cfg) mutableUsers;
438
users = mapAttrsToList (_: u:
439
{ inherit (u)
440
+
name uid group description home homeMode createHome isSystemUser
441
password passwordFile hashedPassword
442
autoSubUidGidRange subUidRanges subGidRanges
443
initialPassword initialHashedPassword;
+6
-4
nixos/modules/services/networking/mosquitto.nix
+6
-4
nixos/modules/services/networking/mosquitto.nix
···
199
allow_anonymous = 1;
200
allow_zero_length_clientid = 1;
201
auto_id_prefix = 1;
202
cafile = 1;
203
capath = 1;
204
certfile = 1;
···
295
};
296
297
listenerAsserts = prefix: listener:
298
-
assertKeysValid prefix freeformListenerKeys listener.settings
299
++ userAsserts prefix listener.users
300
++ imap0
301
(i: v: authAsserts "${prefix}.authPlugins.${toString i}" v)
···
397
};
398
399
bridgeAsserts = prefix: bridge:
400
-
assertKeysValid prefix freeformBridgeKeys bridge.settings
401
++ [ {
402
assertion = length bridge.addresses > 0;
403
message = "Bridge ${prefix} needs remote broker addresses";
···
526
527
globalAsserts = prefix: cfg:
528
flatten [
529
-
(assertKeysValid prefix freeformGlobalKeys cfg.settings)
530
(imap0 (n: l: listenerAsserts "${prefix}.listener.${toString n}" l) cfg.listeners)
531
(mapAttrsToList (n: b: bridgeAsserts "${prefix}.bridge.${n}" b) cfg.bridges)
532
];
···
629
]));
630
RemoveIPC = true;
631
RestrictAddressFamilies = [
632
-
"AF_UNIX" # for sd_notify() call
633
"AF_INET"
634
"AF_INET6"
635
];
636
RestrictNamespaces = true;
637
RestrictRealtime = true;
···
199
allow_anonymous = 1;
200
allow_zero_length_clientid = 1;
201
auto_id_prefix = 1;
202
+
bind_interface = 1;
203
cafile = 1;
204
capath = 1;
205
certfile = 1;
···
296
};
297
298
listenerAsserts = prefix: listener:
299
+
assertKeysValid "${prefix}.settings" freeformListenerKeys listener.settings
300
++ userAsserts prefix listener.users
301
++ imap0
302
(i: v: authAsserts "${prefix}.authPlugins.${toString i}" v)
···
398
};
399
400
bridgeAsserts = prefix: bridge:
401
+
assertKeysValid "${prefix}.settings" freeformBridgeKeys bridge.settings
402
++ [ {
403
assertion = length bridge.addresses > 0;
404
message = "Bridge ${prefix} needs remote broker addresses";
···
527
528
globalAsserts = prefix: cfg:
529
flatten [
530
+
(assertKeysValid "${prefix}.settings" freeformGlobalKeys cfg.settings)
531
(imap0 (n: l: listenerAsserts "${prefix}.listener.${toString n}" l) cfg.listeners)
532
(mapAttrsToList (n: b: bridgeAsserts "${prefix}.bridge.${n}" b) cfg.bridges)
533
];
···
630
]));
631
RemoveIPC = true;
632
RestrictAddressFamilies = [
633
+
"AF_UNIX"
634
"AF_INET"
635
"AF_INET6"
636
+
"AF_NETLINK"
637
];
638
RestrictNamespaces = true;
639
RestrictRealtime = true;
+12
-5
nixos/modules/system/boot/systemd.nix
+12
-5
nixos/modules/system/boot/systemd.nix
···
35
"nss-lookup.target"
36
"nss-user-lookup.target"
37
"time-sync.target"
38
-
] ++ (optionals cfg.package.withCryptsetup [
39
"cryptsetup.target"
40
"cryptsetup-pre.target"
41
"remote-cryptsetup.target"
42
-
]) ++ [
43
"sigpwr.target"
44
"timers.target"
45
"paths.target"
···
133
134
# Slices / containers.
135
"slices.target"
136
"machine.slice"
137
"machines.target"
138
-
"systemd-importd.service"
139
"systemd-machined.service"
140
"systemd-nspawn@.service"
141
142
# Misc.
143
"systemd-sysctl.service"
144
"dbus-org.freedesktop.timedate1.service"
145
"dbus-org.freedesktop.locale1.service"
146
-
"dbus-org.freedesktop.hostname1.service"
147
-
"systemd-timedated.service"
148
"systemd-localed.service"
149
"systemd-hostnamed.service"
150
"systemd-exit.service"
151
"systemd-update-done.service"
152
] ++ cfg.additionalUpstreamSystemUnits;
···
35
"nss-lookup.target"
36
"nss-user-lookup.target"
37
"time-sync.target"
38
+
] ++ optionals cfg.package.withCryptsetup [
39
"cryptsetup.target"
40
"cryptsetup-pre.target"
41
"remote-cryptsetup.target"
42
+
] ++ [
43
"sigpwr.target"
44
"timers.target"
45
"paths.target"
···
133
134
# Slices / containers.
135
"slices.target"
136
+
] ++ optionals cfg.package.withImportd [
137
+
"systemd-importd.service"
138
+
] ++ optionals cfg.package.withMachined [
139
"machine.slice"
140
"machines.target"
141
"systemd-machined.service"
142
+
] ++ [
143
"systemd-nspawn@.service"
144
145
# Misc.
146
"systemd-sysctl.service"
147
+
] ++ optionals cfg.package.withTimedated [
148
"dbus-org.freedesktop.timedate1.service"
149
+
"systemd-timedated.service"
150
+
] ++ optionals cfg.package.withLocaled [
151
"dbus-org.freedesktop.locale1.service"
152
"systemd-localed.service"
153
+
] ++ optionals cfg.package.withHostnamed [
154
+
"dbus-org.freedesktop.hostname1.service"
155
"systemd-hostnamed.service"
156
+
] ++ [
157
"systemd-exit.service"
158
"systemd-update-done.service"
159
] ++ cfg.additionalUpstreamSystemUnits;
+3
nixos/modules/system/boot/systemd/logind.nix
+3
nixos/modules/system/boot/systemd/logind.nix
···
81
"systemd-logind.service"
82
"autovt@.service"
83
"systemd-user-sessions.service"
84
+
] ++ optionals config.systemd.package.withImportd [
85
"dbus-org.freedesktop.import1.service"
86
+
] ++ optionals config.systemd.package.withMachined [
87
"dbus-org.freedesktop.machine1.service"
88
+
] ++ [
89
"dbus-org.freedesktop.login1.service"
90
"user@.service"
91
"user-runtime-dir@.service"
+1
nixos/tests/all-tests.nix
+1
nixos/tests/all-tests.nix
···
580
uptermd = handleTest ./uptermd.nix {};
581
usbguard = handleTest ./usbguard.nix {};
582
user-activation-scripts = handleTest ./user-activation-scripts.nix {};
583
+
user-home-mode = handleTest ./user-home-mode.nix {};
584
uwsgi = handleTest ./uwsgi.nix {};
585
v2ray = handleTest ./v2ray.nix {};
586
vault = handleTest ./vault.nix {};
+28
nixos/tests/mosquitto.nix
+28
nixos/tests/mosquitto.nix
···
4
port = 1888;
5
tlsPort = 1889;
6
anonPort = 1890;
7
password = "VERY_secret";
8
hashedPassword = "$7$101$/WJc4Mp+I+uYE9sR$o7z9rD1EYXHPwEP5GqQj6A7k4W1yVbePlb8TqNcuOLV9WNCiDgwHOB0JHC1WCtdkssqTBduBNUnUGd6kmZvDSw==";
9
topic = "test/foo";
···
125
};
126
};
127
}
128
];
129
};
130
};
···
134
};
135
136
testScript = ''
137
def mosquitto_cmd(binary, user, topic, port):
138
return (
139
"mosquitto_{} "
···
161
162
start_all()
163
server.wait_for_unit("mosquitto.service")
164
165
with subtest("check passwords"):
166
client1.succeed(publish("-m test", "password_store"))
···
4
port = 1888;
5
tlsPort = 1889;
6
anonPort = 1890;
7
+
bindTestPort = 1891;
8
password = "VERY_secret";
9
hashedPassword = "$7$101$/WJc4Mp+I+uYE9sR$o7z9rD1EYXHPwEP5GqQj6A7k4W1yVbePlb8TqNcuOLV9WNCiDgwHOB0JHC1WCtdkssqTBduBNUnUGd6kmZvDSw==";
10
topic = "test/foo";
···
126
};
127
};
128
}
129
+
{
130
+
settings.bind_interface = "eth0";
131
+
port = bindTestPort;
132
+
}
133
];
134
};
135
};
···
139
};
140
141
testScript = ''
142
+
import json
143
+
144
def mosquitto_cmd(binary, user, topic, port):
145
return (
146
"mosquitto_{} "
···
168
169
start_all()
170
server.wait_for_unit("mosquitto.service")
171
+
172
+
with subtest("bind_interface"):
173
+
addrs = dict()
174
+
for iface in json.loads(server.succeed("ip -json address show")):
175
+
for addr in iface['addr_info']:
176
+
# don't want to deal with multihoming here
177
+
assert addr['local'] not in addrs
178
+
addrs[addr['local']] = (iface['ifname'], addr['family'])
179
+
180
+
# mosquitto grabs *one* random address per type for bind_interface
181
+
(has4, has6) = (False, False)
182
+
for line in server.succeed("ss -HlptnO sport = ${toString bindTestPort}").splitlines():
183
+
items = line.split()
184
+
if "mosquitto" not in items[5]: continue
185
+
listener = items[3].rsplit(':', maxsplit=1)[0].strip('[]')
186
+
assert listener in addrs
187
+
assert addrs[listener][0] == "eth0"
188
+
has4 |= addrs[listener][1] == 'inet'
189
+
has6 |= addrs[listener][1] == 'inet6'
190
+
assert has4
191
+
assert has6
192
193
with subtest("check passwords"):
194
client1.succeed(publish("-m test", "password_store"))
+27
nixos/tests/user-home-mode.nix
+27
nixos/tests/user-home-mode.nix
···
···
1
+
import ./make-test-python.nix ({ lib, ... }: {
2
+
name = "user-home-mode";
3
+
meta = with lib.maintainers; { maintainers = [ fbeffa ]; };
4
+
5
+
nodes.machine = {
6
+
users.users.alice = {
7
+
initialPassword = "pass1";
8
+
isNormalUser = true;
9
+
};
10
+
users.users.bob = {
11
+
initialPassword = "pass2";
12
+
isNormalUser = true;
13
+
homeMode = "750";
14
+
};
15
+
};
16
+
17
+
testScript = ''
18
+
machine.wait_for_unit("multi-user.target")
19
+
machine.wait_for_unit("getty@tty1.service")
20
+
machine.wait_until_tty_matches(1, "login: ")
21
+
machine.send_chars("alice\n")
22
+
machine.wait_until_tty_matches(1, "Password: ")
23
+
machine.send_chars("pass1\n")
24
+
machine.succeed('[ "$(stat -c %a /home/alice)" == "700" ]')
25
+
machine.succeed('[ "$(stat -c %a /home/bob)" == "750" ]')
26
+
'';
27
+
})
+232
pkgs/applications/blockchains/sparrow/default.nix
+232
pkgs/applications/blockchains/sparrow/default.nix
···
···
1
+
{ stdenv
2
+
, lib
3
+
, makeWrapper
4
+
, fetchurl
5
+
, makeDesktopItem
6
+
, copyDesktopItems
7
+
, autoPatchelfHook
8
+
, openjdk17
9
+
, gtk3
10
+
, gsettings-desktop-schemas
11
+
, writeScript
12
+
, bash
13
+
, gnugrep
14
+
, tor
15
+
, zlib
16
+
, openimajgrabber
17
+
, hwi
18
+
, imagemagick
19
+
}:
20
+
21
+
let
22
+
pname = "sparrow";
23
+
version = "1.6.4";
24
+
25
+
src = fetchurl {
26
+
url = "https://github.com/sparrowwallet/${pname}/releases/download/${version}/${pname}-${version}.tar.gz";
27
+
sha256 = "1wdibpbhv3g6qk42ddfc5vyqkkwprczy45w5wi115qg3g1rf1in7";
28
+
};
29
+
30
+
launcher = writeScript "sparrow" ''
31
+
#! ${bash}/bin/bash
32
+
params=(
33
+
--module-path @out@/lib:@jdkModules@/modules
34
+
--add-opens javafx.graphics/com.sun.javafx.css=org.controlsfx.controls
35
+
--add-opens javafx.graphics/javafx.scene=org.controlsfx.controls
36
+
--add-opens javafx.controls/com.sun.javafx.scene.control.behavior=org.controlsfx.controls
37
+
--add-opens javafx.controls/com.sun.javafx.scene.control.inputmap=org.controlsfx.controls
38
+
--add-opens javafx.graphics/com.sun.javafx.scene.traversal=org.controlsfx.controls
39
+
--add-opens javafx.base/com.sun.javafx.event=org.controlsfx.controls
40
+
--add-opens javafx.controls/javafx.scene.control.cell=com.sparrowwallet.sparrow
41
+
--add-opens org.controlsfx.controls/impl.org.controlsfx.skin=com.sparrowwallet.sparrow
42
+
--add-opens org.controlsfx.controls/impl.org.controlsfx.skin=javafx.fxml
43
+
--add-opens javafx.graphics/com.sun.javafx.tk=centerdevice.nsmenufx
44
+
--add-opens javafx.graphics/com.sun.javafx.tk.quantum=centerdevice.nsmenufx
45
+
--add-opens javafx.graphics/com.sun.glass.ui=centerdevice.nsmenufx
46
+
--add-opens javafx.controls/com.sun.javafx.scene.control=centerdevice.nsmenufx
47
+
--add-opens javafx.graphics/com.sun.javafx.menu=centerdevice.nsmenufx
48
+
--add-opens javafx.graphics/com.sun.glass.ui=com.sparrowwallet.sparrow
49
+
--add-opens javafx.graphics/com.sun.javafx.application=com.sparrowwallet.sparrow
50
+
--add-opens java.base/java.net=com.sparrowwallet.sparrow
51
+
--add-opens java.base/java.io=com.google.gson
52
+
--add-reads com.sparrowwallet.merged.module=java.desktop
53
+
--add-reads com.sparrowwallet.merged.module=java.sql
54
+
--add-reads com.sparrowwallet.merged.module=com.sparrowwallet.sparrow
55
+
--add-reads com.sparrowwallet.merged.module=logback.classic
56
+
--add-reads com.sparrowwallet.merged.module=com.fasterxml.jackson.databind
57
+
--add-reads com.sparrowwallet.merged.module=com.fasterxml.jackson.annotation
58
+
--add-reads com.sparrowwallet.merged.module=com.fasterxml.jackson.core
59
+
--add-reads com.sparrowwallet.merged.module=co.nstant.in.cbor
60
+
-m com.sparrowwallet.sparrow
61
+
)
62
+
63
+
XDG_DATA_DIRS=${gsettings-desktop-schemas}/share/gsettings-schemas/${gsettings-desktop-schemas.name}:${gtk3}/share/gsettings-schemas/${gtk3.name}:$XDG_DATA_DIRS ${openjdk17}/bin/java ''${params[@]} $@
64
+
'';
65
+
66
+
torWrapper = writeScript "tor-wrapper" ''
67
+
#! ${bash}/bin/bash
68
+
69
+
exec ${tor}/bin/tor "$@"
70
+
'';
71
+
72
+
jdk-modules = stdenv.mkDerivation {
73
+
name = "jdk-modules";
74
+
nativeBuildInputs = [ openjdk17 ];
75
+
dontUnpack = true;
76
+
77
+
buildPhase = ''
78
+
# Extract the JDK's JIMAGE and generate a list of modules.
79
+
mkdir modules
80
+
pushd modules
81
+
jimage extract ${openjdk17}/lib/openjdk/lib/modules
82
+
ls | xargs -d " " -- echo > ../manifest.txt
83
+
popd
84
+
'';
85
+
86
+
installPhase = ''
87
+
mkdir -p $out
88
+
cp manifest.txt $out/
89
+
cp -r modules/ $out/
90
+
'';
91
+
};
92
+
93
+
sparrow-modules = stdenv.mkDerivation {
94
+
pname = "sparrow-modules";
95
+
inherit version src;
96
+
nativeBuildInputs = [ makeWrapper gnugrep openjdk17 autoPatchelfHook stdenv.cc.cc.lib zlib ];
97
+
98
+
buildPhase = ''
99
+
# Extract Sparrow's JIMAGE and generate a list of them.
100
+
mkdir modules
101
+
pushd modules
102
+
jimage extract ../lib/runtime/lib/modules
103
+
104
+
# Delete JDK modules
105
+
cat ${jdk-modules}/manifest.txt | xargs -I {} -- rm -fR {}
106
+
107
+
# Delete unneeded native libs.
108
+
109
+
rm -fR com.sparrowwallet.merged.module/com/sun/jna/freebsd-x86-64
110
+
rm -fR com.sparrowwallet.merged.module/com/sun/jna/freebsd-x86
111
+
rm -fR com.sparrowwallet.merged.module/com/sun/jna/linux-aarch64
112
+
rm -fR com.sparrowwallet.merged.module/com/sun/jna/linux-arm
113
+
rm -fR com.sparrowwallet.merged.module/com/sun/jna/linux-armel
114
+
rm -fR com.sparrowwallet.merged.module/com/sun/jna/linux-mips64el
115
+
rm -fR com.sparrowwallet.merged.module/com/sun/jna/linux-ppc
116
+
rm -fR com.sparrowwallet.merged.module/com/sun/jna/linux-ppc64le
117
+
rm -fR com.sparrowwallet.merged.module/com/sun/jna/linux-s390x
118
+
rm -fR com.sparrowwallet.merged.module/com/sun/jna/linux-x86
119
+
rm -fR com.sparrowwallet.merged.module/com/sun/jna/openbsd-x86-64
120
+
rm -fR com.sparrowwallet.merged.module/com/sun/jna/openbsd-x86
121
+
rm -fR com.sparrowwallet.merged.module/com/sun/jna/sunos-sparc
122
+
rm -fR com.sparrowwallet.merged.module/com/sun/jna/sunos-sparcv9
123
+
rm -fR com.sparrowwallet.merged.module/com/sun/jna/sunos-x86-64
124
+
rm -fR com.sparrowwallet.merged.module/com/sun/jna/sunos-x86
125
+
rm -fR com.github.sarxos.webcam.capture/com/github/sarxos/webcam/ds/buildin/lib/linux_armel
126
+
rm -fR com.github.sarxos.webcam.capture/com/github/sarxos/webcam/ds/buildin/lib/linux_armhf
127
+
rm -fR com.github.sarxos.webcam.capture/com/github/sarxos/webcam/ds/buildin/lib/linux_x86
128
+
rm com.github.sarxos.webcam.capture/com/github/sarxos/webcam/ds/buildin/lib/linux_x64/OpenIMAJGrabber.so
129
+
rm -fR com.nativelibs4java.bridj/org/bridj/lib/linux_arm32_armel
130
+
rm -fR com.nativelibs4java.bridj/org/bridj/lib/linux_armel
131
+
rm -fR com.nativelibs4java.bridj/org/bridj/lib/linux_armhf
132
+
rm -fR com.nativelibs4java.bridj/org/bridj/lib/linux_x86
133
+
rm -fR com.nativelibs4java.bridj/org/bridj/lib/sunos_x64
134
+
rm -fR com.nativelibs4java.bridj/org/bridj/lib/sunos_x86
135
+
rm -fR com.sparrowwallet.merged.module/linux-aarch64
136
+
rm -fR com.sparrowwallet.merged.module/linux-arm
137
+
rm -fR com.sparrowwallet.merged.module/linux-x86
138
+
rm com.sparrowwallet.sparrow/native/linux/x64/hwi
139
+
140
+
ls | xargs -d " " -- echo > ../manifest.txt
141
+
find . | grep "\.so$" | xargs -- chmod ugo+x
142
+
popd
143
+
144
+
# Replace the embedded Tor binary (which is in a Tar archive)
145
+
# with one from Nixpkgs.
146
+
cp ${torWrapper} ./tor
147
+
tar -cJf tor.tar.xz tor
148
+
cp tor.tar.xz modules/netlayer.jpms/native/linux/x64/tor.tar.xz
149
+
'';
150
+
151
+
installPhase = ''
152
+
mkdir -p $out
153
+
cp manifest.txt $out/
154
+
cp -r modules/ $out/
155
+
ln -s ${openimajgrabber}/lib/OpenIMAJGrabber.so $out/modules/com.github.sarxos.webcam.capture/com/github/sarxos/webcam/ds/buildin/lib/linux_x64/OpenIMAJGrabber.so
156
+
ln -s ${hwi}/bin/hwi $out/modules/com.sparrowwallet.sparrow/native/linux/x64/hwi
157
+
'';
158
+
};
159
+
160
+
# To use the udev rules for connected hardware wallets,
161
+
# add "pkgs.sparrow" to "services.udev.packages" and add user accounts to the user group "plugdev".
162
+
udev-rules = stdenv.mkDerivation {
163
+
name = "sparrow-udev";
164
+
165
+
src = let version = "2.0.2"; in
166
+
fetchurl {
167
+
url = "https://github.com/bitcoin-core/HWI/releases/download/${version}/hwi-${version}.tar.gz";
168
+
sha256 = "sha256-di1fRsMbwpHcBFNTCVivfxpwhUoUKLA3YTnJxKq/jHM=";
169
+
};
170
+
171
+
installPhase = ''
172
+
mkdir -p $out/etc/udev/rules.d
173
+
cp -a hwilib/udev/* $out/etc/udev/rules.d
174
+
rm $out/etc/udev/rules.d/README.md
175
+
'';
176
+
};
177
+
in
178
+
stdenv.mkDerivation rec {
179
+
inherit pname version src;
180
+
nativeBuildInputs = [ makeWrapper copyDesktopItems ];
181
+
182
+
desktopItems = [
183
+
(makeDesktopItem {
184
+
name = "Sparrow";
185
+
exec = pname;
186
+
icon = pname;
187
+
desktopName = "Sparrow Bitcoin Wallet";
188
+
genericName = "Bitcoin Wallet";
189
+
categories = [ "Finance" ];
190
+
})
191
+
];
192
+
193
+
sparrow-icons = stdenv.mkDerivation {
194
+
inherit version src;
195
+
pname = "sparrow-icons";
196
+
nativeBuildInputs = [ imagemagick ];
197
+
198
+
installPhase = ''
199
+
for n in 16 24 32 48 64 96 128 256; do
200
+
size=$n"x"$n
201
+
mkdir -p $out/hicolor/$size/apps
202
+
convert lib/Sparrow.png -resize $size $out/hicolor/$size/apps/sparrow.png
203
+
done;
204
+
'';
205
+
};
206
+
207
+
installPhase = ''
208
+
runHook preInstall
209
+
210
+
mkdir -p $out/bin $out
211
+
ln -s ${sparrow-modules}/modules $out/lib
212
+
install -D -m 777 ${launcher} $out/bin/sparrow
213
+
substituteAllInPlace $out/bin/sparrow
214
+
substituteInPlace $out/bin/sparrow --subst-var-by jdkModules ${jdk-modules}
215
+
216
+
mkdir -p $out/share/icons
217
+
ln -s ${sparrow-icons}/hicolor $out/share/icons
218
+
219
+
mkdir -p $out/etc/udev
220
+
ln -s ${udev-rules}/etc/udev/rules.d $out/etc/udev/rules.d
221
+
222
+
runHook postInstall
223
+
'';
224
+
225
+
meta = with lib; {
226
+
description = "A modern desktop Bitcoin wallet application supporting most hardware wallets and built on common standards such as PSBT, with an emphasis on transparency and usability.";
227
+
homepage = "https://sparrowwallet.com";
228
+
license = licenses.asl20;
229
+
maintainers = with maintainers; [ emmanuelrosa _1000101 ];
230
+
platforms = [ "x86_64-linux" ];
231
+
};
232
+
}
+40
pkgs/applications/blockchains/sparrow/openimajgrabber.nix
+40
pkgs/applications/blockchains/sparrow/openimajgrabber.nix
···
···
1
+
{ stdenv
2
+
, lib
3
+
, fetchFromGitHub
4
+
, libv4l
5
+
}:
6
+
stdenv.mkDerivation rec {
7
+
pname = "openimajgrabber";
8
+
version = "1.3.10";
9
+
10
+
src = fetchFromGitHub {
11
+
owner = "openimaj";
12
+
repo = "openimaj";
13
+
rev = "openimaj-${version}";
14
+
sha256 = "sha256-Y8707ovE7f6Fk3cJ+PtwvzNpopgH5vlF55m2Xm4hjYM=";
15
+
};
16
+
17
+
buildInputs = [ libv4l ];
18
+
19
+
# These build instructions come from build.sh
20
+
buildPhase = ''
21
+
pushd hardware/core-video-capture/src-native/linux
22
+
g++ -fPIC -g -c OpenIMAJGrabber.cpp
23
+
g++ -fPIC -g -c capture.cpp
24
+
g++ -shared -Wl,-soname,OpenIMAJGrabber.so -o OpenIMAJGrabber.so OpenIMAJGrabber.o capture.o -lv4l2 -lrt -lv4lconvert
25
+
popd
26
+
'';
27
+
28
+
installPhase = ''
29
+
mkdir -p $out/lib
30
+
cp hardware/core-video-capture/src-native/linux/OpenIMAJGrabber.so $out/lib
31
+
'';
32
+
33
+
meta = with lib; {
34
+
description = "A collection of libraries and tools for multimedia (images, text, video, audio, etc.) content analysis and content generation. This package only builds the OpenIMAJGrabber for Linux.";
35
+
homepage = "http://www.openimaj.org";
36
+
license = licenses.bsd0;
37
+
maintainers = with maintainers; [ emmanuelrosa _1000101 ];
38
+
platforms = platforms.linux;
39
+
};
40
+
}
+5
-5
pkgs/applications/graphics/scantailor/advanced.nix
+5
-5
pkgs/applications/graphics/scantailor/advanced.nix
···
4
5
mkDerivation rec {
6
pname = "scantailor-advanced";
7
-
version = "1.0.16";
8
9
src = fetchFromGitHub {
10
-
owner = "4lex4";
11
repo = "scantailor-advanced";
12
rev = "v${version}";
13
-
sha256 = "0lc9lzbpiy5hgimyhl4s4q67pb9gacpy985gl6iy8pl79zxhmcyp";
14
};
15
16
nativeBuildInputs = [ cmake qttools ];
17
buildInputs = [ libjpeg libpng libtiff boost qtbase ];
18
19
meta = with lib; {
20
-
homepage = "https://github.com/4lex4/scantailor-advanced";
21
-
description = "Interactive post-processing tool for scanned pages";
22
license = licenses.gpl3Plus;
23
maintainers = with maintainers; [ jfrankenau ];
24
platforms = with platforms; gnu ++ linux ++ darwin;
···
4
5
mkDerivation rec {
6
pname = "scantailor-advanced";
7
+
version = "1.0.18";
8
9
src = fetchFromGitHub {
10
+
owner = "vigri";
11
repo = "scantailor-advanced";
12
rev = "v${version}";
13
+
sha256 = "sha256-4/QSjgHvRgIduS/AXbT7osRTdOdgR7On3CbjRnGbwHU=";
14
};
15
16
nativeBuildInputs = [ cmake qttools ];
17
buildInputs = [ libjpeg libpng libtiff boost qtbase ];
18
19
meta = with lib; {
20
+
homepage = "https://github.com/vigri/scantailor-advanced";
21
+
description = "Interactive post-processing tool for scanned pages (vigri's fork)";
22
license = licenses.gpl3Plus;
23
maintainers = with maintainers; [ jfrankenau ];
24
platforms = with platforms; gnu ++ linux ++ darwin;
+21
-1
pkgs/development/libraries/gecode/default.nix
+21
-1
pkgs/development/libraries/gecode/default.nix
···
1
-
{ lib, stdenv, fetchFromGitHub, bison, flex, perl, gmp, mpfr, enableGist ? true, qtbase }:
2
3
stdenv.mkDerivation rec {
4
pname = "gecode";
···
10
rev = "release-${version}";
11
sha256 = "0b1cq0c810j1xr2x9y9996p894571sdxng5h74py17c6nr8c6dmk";
12
};
13
14
enableParallelBuilding = true;
15
dontWrapQtApps = true;
···
1
+
{ lib
2
+
, stdenv
3
+
, fetchFromGitHub
4
+
, fetchpatch
5
+
, bison
6
+
, flex
7
+
, perl
8
+
, gmp
9
+
, mpfr
10
+
, qtbase
11
+
, enableGist ? true
12
+
}:
13
14
stdenv.mkDerivation rec {
15
pname = "gecode";
···
21
rev = "release-${version}";
22
sha256 = "0b1cq0c810j1xr2x9y9996p894571sdxng5h74py17c6nr8c6dmk";
23
};
24
+
25
+
patches = [
26
+
# https://github.com/Gecode/gecode/pull/74
27
+
(fetchpatch {
28
+
name = "fix-const-weights-clang.patch";
29
+
url = "https://github.com/Gecode/gecode/commit/c810c96b1ce5d3692e93439f76c4fa7d3daf9fbb.patch";
30
+
sha256 = "0270msm22q5g5sqbdh8kmrihlxnnxqrxszk9a49hdxd72736p4fc";
31
+
})
32
+
];
33
34
enableParallelBuilding = true;
35
dontWrapQtApps = true;
-1
pkgs/development/python-modules/lektor/default.nix
-1
pkgs/development/python-modules/lektor/default.nix
+30
-12
pkgs/development/python-modules/pamqp/default.nix
+30
-12
pkgs/development/python-modules/pamqp/default.nix
···
1
{ lib
2
, buildPythonPackage
3
-
, fetchPypi
4
-
, mock
5
-
, nose
6
-
, pep8
7
-
, pylint
8
-
, mccabe
9
}:
10
11
buildPythonPackage rec {
12
version = "3.1.0";
13
pname = "pamqp";
14
15
-
src = fetchPypi {
16
-
inherit pname version;
17
-
sha256 = "e4f0886d72c6166637a5513626148bf5a7e818073a558980e9aaed8b4ccf30da";
18
};
19
20
-
buildInputs = [ mock nose pep8 pylint mccabe ];
21
22
meta = with lib; {
23
description = "RabbitMQ Focused AMQP low-level library";
24
-
homepage = "https://pypi.python.org/pypi/pamqp";
25
license = licenses.bsd3;
26
};
27
-
28
}
···
1
{ lib
2
, buildPythonPackage
3
+
, pythonOlder
4
+
, fetchFromGitHub
5
+
, pytestCheckHook
6
}:
7
8
buildPythonPackage rec {
9
version = "3.1.0";
10
pname = "pamqp";
11
12
+
disabled = pythonOlder "3.7";
13
+
14
+
format = "setuptools";
15
+
16
+
src = fetchFromGitHub {
17
+
owner = "gmr";
18
+
repo = "pamqp";
19
+
rev = version;
20
+
hash = "sha256-qiYfQsyYvG6pyRFDt3pyYKNNWNP88maj+VAeGD68OmY=";
21
};
22
23
+
checkInputs = [
24
+
pytestCheckHook
25
+
];
26
+
27
+
pythonImportsCheck = [
28
+
"pamqp.base"
29
+
"pamqp.body"
30
+
"pamqp.commands"
31
+
"pamqp.common"
32
+
"pamqp.decode"
33
+
"pamqp.encode"
34
+
"pamqp.exceptions"
35
+
"pamqp.frame"
36
+
"pamqp.header"
37
+
"pamqp.heartbeat"
38
+
];
39
40
meta = with lib; {
41
description = "RabbitMQ Focused AMQP low-level library";
42
+
homepage = "https://github.com/gmr/pamqp";
43
license = licenses.bsd3;
44
+
maintainers = with maintainers; [ dotlambda ];
45
};
46
}
+44
pkgs/development/python-modules/pulumi-aws/default.nix
+44
pkgs/development/python-modules/pulumi-aws/default.nix
···
···
1
+
{ lib
2
+
, buildPythonPackage
3
+
, fetchFromGitHub
4
+
, fetchpatch
5
+
, pulumi
6
+
, parver
7
+
, semver
8
+
, isPy27
9
+
}:
10
+
11
+
buildPythonPackage rec {
12
+
pname = "pulumi-aws";
13
+
# version is independant of pulumi's.
14
+
version = "5.3.0";
15
+
disabled = isPy27;
16
+
17
+
src = fetchFromGitHub {
18
+
owner = "pulumi";
19
+
repo = "pulumi-aws";
20
+
rev = "v${version}";
21
+
sha256 = "sha256-LrWiNYJeQQvXJDOxklRO86VSiaadvkOepQVPhh2BBkk=";
22
+
};
23
+
24
+
propagatedBuildInputs = [
25
+
pulumi
26
+
parver
27
+
semver
28
+
];
29
+
30
+
postPatch = ''
31
+
cd sdk/python
32
+
'';
33
+
34
+
# checks require cloud resources
35
+
doCheck = false;
36
+
pythonImportsCheck = ["pulumi_aws"];
37
+
38
+
meta = with lib; {
39
+
description = "Pulumi python amazon web services provider";
40
+
homepage = "https://github.com/pulumi/pulumi-aws";
41
+
license = licenses.asl20;
42
+
maintainers = with maintainers; [ costrouc ];
43
+
};
44
+
}
+89
pkgs/development/python-modules/pulumi/default.nix
+89
pkgs/development/python-modules/pulumi/default.nix
···
···
1
+
{ lib
2
+
, buildPythonPackage
3
+
, fetchpatch
4
+
, fetchFromGitHub
5
+
, protobuf
6
+
, dill
7
+
, grpcio
8
+
, pulumi-bin
9
+
, isPy27
10
+
, semver
11
+
, pyyaml
12
+
, six
13
+
14
+
15
+
# for tests
16
+
, tox
17
+
, go
18
+
, pulumictl
19
+
, bash
20
+
, pylint
21
+
, pytest
22
+
, pytest-timeout
23
+
, coverage
24
+
, black
25
+
, wheel
26
+
, pytest-asyncio
27
+
28
+
, mypy
29
+
}:
30
+
let
31
+
data = import ./data.nix {};
32
+
in
33
+
buildPythonPackage rec {
34
+
pname = "pulumi";
35
+
version = pulumi-bin.version;
36
+
disabled = isPy27;
37
+
38
+
src = fetchFromGitHub {
39
+
owner = "pulumi";
40
+
repo = "pulumi";
41
+
rev = "v${pulumi-bin.version}";
42
+
sha256 = "sha256-vqEZEHTpJV65a3leWwYhyi3dzAsN67BXOvk5hnTPeuI=";
43
+
};
44
+
45
+
propagatedBuildInputs = [
46
+
semver
47
+
protobuf
48
+
dill
49
+
grpcio
50
+
pyyaml
51
+
six
52
+
];
53
+
54
+
checkInputs = [
55
+
pulumi-bin
56
+
pulumictl
57
+
mypy
58
+
bash
59
+
go
60
+
tox
61
+
pytest
62
+
pytest-timeout
63
+
coverage
64
+
pytest-asyncio
65
+
wheel
66
+
black
67
+
];
68
+
69
+
pythonImportsCheck = ["pulumi"];
70
+
71
+
postPatch = ''
72
+
cp README.md sdk/python/lib
73
+
patchShebangs .
74
+
cd sdk/python/lib
75
+
76
+
substituteInPlace setup.py \
77
+
--replace "{VERSION}" "${version}"
78
+
'';
79
+
80
+
# disabled because tests try to fetch go packages from the net
81
+
doCheck = false;
82
+
83
+
meta = with lib; {
84
+
description = "Modern Infrastructure as Code. Any cloud, any language";
85
+
homepage = "https://github.com/pulumi/pulumi";
86
+
license = licenses.asl20;
87
+
maintainers = with maintainers; [ teto ];
88
+
};
89
+
}
-2
pkgs/development/python-modules/pytile/default.nix
-2
pkgs/development/python-modules/pytile/default.nix
+1
-1
pkgs/os-specific/linux/systemd/default.nix
+1
-1
pkgs/os-specific/linux/systemd/default.nix
+2
-3
pkgs/servers/home-assistant/default.nix
+2
-3
pkgs/servers/home-assistant/default.nix
···
282
respx
283
stdlib-list
284
tqdm
285
-
# required by tests/pylint
286
-
astroid
287
-
pylint
288
# required by tests/auth/mfa_modules
289
pyotp
290
] ++ lib.concatMap (component: getPackages component python.pkgs) [
···
308
];
309
310
disabledTestPaths = [
311
# don't bulk test all components
312
"tests/components"
313
# pyotp since v2.4.0 complains about the short mock keys, hass pins v2.3.0
···
282
respx
283
stdlib-list
284
tqdm
285
# required by tests/auth/mfa_modules
286
pyotp
287
] ++ lib.concatMap (component: getPackages component python.pkgs) [
···
305
];
306
307
disabledTestPaths = [
308
+
# we don't care about code quality
309
+
"tests/pylint"
310
# don't bulk test all components
311
"tests/components"
312
# pyotp since v2.4.0 complains about the short mock keys, hass pins v2.3.0
+8
pkgs/tools/admin/pulumi/update-pulumi-shell.nix
+8
pkgs/tools/admin/pulumi/update-pulumi-shell.nix
+1
-1
pkgs/tools/admin/pulumi/update.sh
+1
-1
pkgs/tools/admin/pulumi/update.sh
+9
-4
pkgs/tools/filesystems/yandex-disk/default.nix
+9
-4
pkgs/tools/filesystems/yandex-disk/default.nix
···
4
p = if stdenv.is64bit then {
5
arch = "x86_64";
6
gcclib = "${stdenv.cc.cc.lib}/lib64";
7
-
sha256 = "e4f579963199f05476657f0066beaa32d1261aef2203382f3919e1ed4bc4594e";
8
}
9
else {
10
arch = "i386";
11
gcclib = "${stdenv.cc.cc.lib}/lib";
12
-
sha256 = "69113bf33ba0c57a363305b76361f2866c3b8394b173eed0f49db1f50bfe0373";
13
};
14
in
15
stdenv.mkDerivation rec {
16
17
pname = "yandex-disk";
18
-
version = "0.1.6.1074";
19
20
src = fetchurl {
21
-
url = "https://repo.yandex.ru/yandex-disk/rpm/stable/${p.arch}/${pname}-${version}-1.fedora.${p.arch}.rpm";
22
sha256 = p.sha256;
23
};
24
···
4
p = if stdenv.is64bit then {
5
arch = "x86_64";
6
gcclib = "${stdenv.cc.cc.lib}/lib64";
7
+
sha256 = "sha256-HH/pLZmDr6m/B3e6MHafDGnNWR83oR2y1ijVMR/LOF0=";
8
+
webarchive = "20220519080155";
9
}
10
else {
11
arch = "i386";
12
gcclib = "${stdenv.cc.cc.lib}/lib";
13
+
sha256 = "sha256-28dmdnJf+qh9r3F0quwlYXB/UqcOzcHzuzFq8vt2bf0=";
14
+
webarchive = "20220519080430";
15
};
16
in
17
stdenv.mkDerivation rec {
18
19
pname = "yandex-disk";
20
+
version = "0.1.6.1080";
21
22
src = fetchurl {
23
+
urls = [
24
+
"https://repo.yandex.ru/yandex-disk/rpm/stable/${p.arch}/${pname}-${version}-1.fedora.${p.arch}.rpm"
25
+
"https://web.archive.org/web/${p.webarchive}/https://repo.yandex.ru/yandex-disk/rpm/stable/${p.arch}/${pname}-${version}-1.fedora.${p.arch}.rpm"
26
+
];
27
sha256 = p.sha256;
28
};
29
+1
pkgs/tools/networking/isync/default.nix
+1
pkgs/tools/networking/isync/default.nix
+5
-1
pkgs/top-level/all-packages.nix
+5
-1
pkgs/top-level/all-packages.nix
···
10424
10425
sozu = callPackage ../servers/sozu { };
10426
10427
sparsehash = callPackage ../development/libraries/sparsehash { };
10428
10429
spectre-meltdown-checker = callPackage ../tools/security/spectre-meltdown-checker { };
···
29363
29364
scantailor = callPackage ../applications/graphics/scantailor { };
29365
29366
-
scantailor-advanced = libsForQt514.callPackage ../applications/graphics/scantailor/advanced.nix { };
29367
29368
sc-im = callPackage ../applications/misc/sc-im { };
29369
···
10424
10425
sozu = callPackage ../servers/sozu { };
10426
10427
+
sparrow = callPackage ../applications/blockchains/sparrow {
10428
+
openimajgrabber = callPackage ../applications/blockchains/sparrow/openimajgrabber.nix {};
10429
+
};
10430
+
10431
sparsehash = callPackage ../development/libraries/sparsehash { };
10432
10433
spectre-meltdown-checker = callPackage ../tools/security/spectre-meltdown-checker { };
···
29367
29368
scantailor = callPackage ../applications/graphics/scantailor { };
29369
29370
+
scantailor-advanced = libsForQt515.callPackage ../applications/graphics/scantailor/advanced.nix { };
29371
29372
sc-im = callPackage ../applications/misc/sc-im { };
29373
+4
pkgs/top-level/python-packages.nix
+4
pkgs/top-level/python-packages.nix
···
1105
1106
babelgladeextractor = callPackage ../development/python-modules/babelgladeextractor { };
1107
1108
+
pulumi = callPackage ../development/python-modules/pulumi { };
1109
+
1110
+
pulumi-aws = callPackage ../development/python-modules/pulumi-aws { };
1111
+
1112
backcall = callPackage ../development/python-modules/backcall { };
1113
1114
backoff = callPackage ../development/python-modules/backoff { };