commit 77e81dbfc2721991c88a57ea7336a0e267a2f84a · pyrox.dev/nixpkgs

+2 -3

lib/filesystem.nix

···

       385
       385
        
               recurseIntoAttrs

     

       386
       386
        
               removeSuffix

     

       387
       387
        
               ;

     

       388
       388
       -
             inherit (lib.path) append;

     

       389
       388
        
       

     

       390
       389
        
             # Generate an attrset corresponding to a given directory.

     

       391
       390
        
             # This function is outside `packagesFromDirectoryRecursive`'s lambda expression,

     
···

       396
       395
        
                 name: type:

     

       397
       396
        
                 # for each directory entry

     

       398
       397
        
                 let

     

       399
       399
       -
                   path = append directory name;

     

       398
       398
       +
                   path = directory + "/${name}";

     

       400
       399
        
                 in

     

       401
       400
        
                 if type == "directory" then

     

       402
       401
        
                   {

     
···

       429
       428
        
             directory,

     

       430
       429
        
           }@args:

     

       431
       430
        
           let

     

       432
       432
       -
             defaultPath = append directory "package.nix";

     

       431
       431
       +
             defaultPath = directory + "/package.nix";

     

       433
       432
        
           in

     

       434
       433
        
           if pathExists defaultPath then

     

       435
       434
        
             # if `${directory}/package.nix` exists, call it directly

+28

lib/tests/misc.nix

···

       4158
       4158
        
           };

     

       4159
       4159
        
         };

     

       4160
       4160
        
       

     

       4161
       4161
       +
         # Make sure that passing a string for the `directory` works.

     

       4162
       4162
       +
         #

     

       4163
       4163
       +
         # See: https://github.com/NixOS/nixpkgs/pull/361424#discussion_r1934813568

     

       4164
       4164
       +
         # See: https://github.com/NixOS/nix/issues/9428

     

       4165
       4165
       +
         testPackagesFromDirectoryRecursiveStringDirectory = {

     

       4166
       4166
       +
           expr = packagesFromDirectoryRecursive {

     

       4167
       4167
       +
             callPackage = path: overrides: import path overrides;

     

       4168
       4168
       +
             # Do NOT remove the `builtins.toString` call here!!!

     

       4169
       4169
       +
             directory = builtins.toString ./packages-from-directory/plain;

     

       4170
       4170
       +
           };

     

       4171
       4171
       +
           expected = {

     

       4172
       4172
       +
             a = "a";

     

       4173
       4173
       +
             b = "b";

     

       4174
       4174
       +
             # Note: Other files/directories in `./test-data/c/` are ignored and can be

     

       4175
       4175
       +
             # used by `package.nix`.

     

       4176
       4176
       +
             c = "c";

     

       4177
       4177
       +
             my-namespace = {

     

       4178
       4178
       +
               d = "d";

     

       4179
       4179
       +
               e = "e";

     

       4180
       4180
       +
               f = "f";

     

       4181
       4181
       +
               my-sub-namespace = {

     

       4182
       4182
       +
                 g = "g";

     

       4183
       4183
       +
                 h = "h";

     

       4184
       4184
       +
               };

     

       4185
       4185
       +
             };

     

       4186
       4186
       +
           };

     

       4187
       4187
       +
         };

     

       4188
       4188
       +
       

     

       4161
       4189
        
         # Check that `packagesFromDirectoryRecursive` can process a directory with a

     

       4162
       4190
        
         # top-level `package.nix` file into a single package.

     

       4163
       4191
        
         testPackagesFromDirectoryRecursiveTopLevelPackageNix = {

nixos/doc/manual/release-notes/rl-2505.section.md

···

       222
       222
        
       

     

       223
       223
        
       - [Limine](https://github.com/limine-bootloader/limine) a modern, advanced, portable, multiprotocol bootloader and boot manager. Available as [boot.loader.limine](#opt-boot.loader.limine.enable).

     

       224
       224
        
       

     

       225
       225
       +
       - [tee-supplicant](https://github.com/OP-TEE/optee_client), a userspace supplicant for OP-TEE OS. Available as [services.tee-supplicant](#opt-services.tee-supplicant.enable).

     

       226
       226
       +
       

     

       225
       227
        
       - [Orthanc](https://orthanc.uclouvain.be/) a lightweight, RESTful DICOM server for healthcare and medical research. Available as [services.orthanc](#opt-services.orthanc.enable).

     

       226
       228
        
       

     

       227
       229
        
       - [Docling Serve](https://github.com/docling-project/docling-serve) running [Docling](https://github.com/docling-project/docling) as an API service. Available as [services.docling-serve](#opt-services.docling-serve.enable).

nixos/modules/module-list.nix

···

       930
       930
        
         ./services/misc/taskchampion-sync-server.nix

     

       931
       931
        
         ./services/misc/taskserver

     

       932
       932
        
         ./services/misc/tautulli.nix

     

       933
       933
       +
         ./services/misc/tee-supplicant

     

       933
       934
        
         ./services/misc/tiddlywiki.nix

     

       934
       935
        
         ./services/misc/tp-auto-kbbl.nix

     

       935
       936
        
         ./services/misc/transfer-sh.nix

     
···

       1413
       1414
        
         ./services/search/hound.nix

     

       1414
       1415
        
         ./services/search/manticore.nix

     

       1415
       1416
        
         ./services/search/meilisearch.nix

     

       1417
       1417
       +
         ./services/search/nominatim.nix

     

       1416
       1418
        
         ./services/search/opensearch.nix

     

       1417
       1419
        
         ./services/search/qdrant.nix

     

       1418
       1420
        
         ./services/search/quickwit.nix

+3 -11

nixos/modules/services/hardware/nvidia-container-toolkit/cdi-generate.nix

···

       10
       10
        
         nvidia-driver,

     

       11
       11
        
         runtimeShell,

     

       12
       12
        
         writeScriptBin,

     

       13
       13
       +
         extraArgs,

     

       13
       14
        
       }:

     

       14
       15
        
       let

     

       15
       15
       -
         mkMount =

     

       16
       16
       -
           {

     

       17
       17
       -
             hostPath,

     

       18
       18
       -
             containerPath,

     

       19
       19
       -
             mountOptions,

     

       20
       20
       -
           }:

     

       21
       21
       -
           {

     

       22
       22
       -
             inherit hostPath containerPath;

     

       23
       23
       -
             options = mountOptions;

     

       24
       24
       -
           };

     

       25
       16
        
         mountToCommand =

     

       26
       17
        
           mount:

     

       27
       18
        
           "additionalMount \"${mount.hostPath}\" \"${mount.containerPath}\" '${builtins.toJSON mount.mountOptions}'";

     
···

       48
       39
        
             --device-name-strategy ${device-name-strategy} \

     

       49
       40
        
             --ldconfig-path ${lib.getExe' glibc "ldconfig"} \

     

       50
       41
        
             --library-search-path ${lib.getLib nvidia-driver}/lib \

     

       51
       51
       -
             --nvidia-cdi-hook-path ${lib.getExe' nvidia-container-toolkit.tools "nvidia-cdi-hook"}

     

       42
       42
       +
             --nvidia-cdi-hook-path ${lib.getExe' nvidia-container-toolkit.tools "nvidia-cdi-hook"} \

     

       43
       43
       +
             ${lib.escapeShellArgs extraArgs}

     

       52
       44
        
         }

     

       53
       45
        
       

     

       54
       46
        
         function additionalMount {

nixos/modules/services/hardware/nvidia-container-toolkit/default.nix

···

       120
       120
        
               };

     

       121
       121
        
       

     

       122
       122
        
               package = lib.mkPackageOption pkgs "nvidia-container-toolkit" { };

     

       123
       123
       +
       

     

       124
       124
       +
               extraArgs = lib.mkOption {

     

       125
       125
       +
                 type = lib.types.listOf lib.types.str;

     

       126
       126
       +
                 default = [ ];

     

       127
       127
       +
                 description = ''

     

       128
       128
       +
                   Extra arguments to be passed to nvidia-ctk.

     

       129
       129
       +
                 '';

     

       130
       130
       +
               };

     

       123
       131
        
             };

     

       124
       132
        
       

     

       125
       133
        
           };

     
···

       241
       249
        
                       device-name-strategy

     

       242
       250
        
                       discovery-mode

     

       243
       251
        
                       mounts

     

       252
       252
       +
                       extraArgs

     

       244
       253
        
                       ;

     

       245
       254
        
                     nvidia-container-toolkit = config.hardware.nvidia-container-toolkit.package;

     

       246
       255
        
                     nvidia-driver = config.hardware.nvidia.package;

+95

nixos/modules/services/misc/tee-supplicant/default.nix

···

       1
       1
       +
       {

     

       2
       2
       +
         config,

     

       3
       3
       +
         pkgs,

     

       4
       4
       +
         lib,

     

       5
       5
       +
         ...

     

       6
       6
       +
       }:

     

       7
       7
       +
       let

     

       8
       8
       +
         inherit (lib)

     

       9
       9
       +
           getExe'

     

       10
       10
       +
           mkEnableOption

     

       11
       11
       +
           mkIf

     

       12
       12
       +
           mkOption

     

       13
       13
       +
           mkPackageOption

     

       14
       14
       +
           types

     

       15
       15
       +
           ;

     

       16
       16
       +
       

     

       17
       17
       +
         cfg = config.services.tee-supplicant;

     

       18
       18
       +
       

     

       19
       19
       +
         taDir = "optee_armtz";

     

       20
       20
       +
       

     

       21
       21
       +
         trustedApplications = pkgs.linkFarm "runtime-trusted-applications" (

     

       22
       22
       +
           map (

     

       23
       23
       +
             ta:

     

       24
       24
       +
             let

     

       25
       25
       +
               # This is safe since we are using it as the path value, so the context

     

       26
       26
       +
               # will still ensure that this nix store path exists on the running

     

       27
       27
       +
               # system.

     

       28
       28
       +
               taFile = builtins.baseNameOf (builtins.unsafeDiscardStringContext ta);

     

       29
       29
       +
             in

     

       30
       30
       +
             {

     

       31
       31
       +
               name = "lib/${taDir}/${taFile}";

     

       32
       32
       +
               path = ta;

     

       33
       33
       +
             }

     

       34
       34
       +
           ) cfg.trustedApplications

     

       35
       35
       +
         );

     

       36
       36
       +
       in

     

       37
       37
       +
       {

     

       38
       38
       +
         options.services.tee-supplicant = {

     

       39
       39
       +
           enable = mkEnableOption "OP-TEE userspace supplicant";

     

       40
       40
       +
       

     

       41
       41
       +
           package = mkPackageOption pkgs "optee-client" { };

     

       42
       42
       +
       

     

       43
       43
       +
           trustedApplications = mkOption {

     

       44
       44
       +
             type = types.listOf types.path;

     

       45
       45
       +
             default = [ ];

     

       46
       46
       +
             description = ''

     

       47
       47
       +
               A list of full paths to trusted applications that will be loaded at

     

       48
       48
       +
               runtime by tee-supplicant.

     

       49
       49
       +
             '';

     

       50
       50
       +
           };

     

       51
       51
       +
       

     

       52
       52
       +
           pluginPath = mkOption {

     

       53
       53
       +
             type = types.path;

     

       54
       54
       +
             default = "/run/current-system/sw/lib/tee-supplicant/plugins";

     

       55
       55
       +
             description = ''

     

       56
       56
       +
               The directory where plugins will be loaded from on startup.

     

       57
       57
       +
             '';

     

       58
       58
       +
           };

     

       59
       59
       +
       

     

       60
       60
       +
           reeFsParentPath = mkOption {

     

       61
       61
       +
             type = types.path;

     

       62
       62
       +
             default = "/var/lib/tee";

     

       63
       63
       +
             description = ''

     

       64
       64
       +
               The directory where the secure filesystem will be stored in the rich

     

       65
       65
       +
               execution environment (REE FS).

     

       66
       66
       +
             '';

     

       67
       67
       +
           };

     

       68
       68
       +
         };

     

       69
       69
       +
       

     

       70
       70
       +
         config = mkIf cfg.enable {

     

       71
       71
       +
           environment = mkIf (cfg.trustedApplications != [ ]) {

     

       72
       72
       +
             systemPackages = [ trustedApplications ];

     

       73
       73
       +
             pathsToLink = [ "/lib/${taDir}" ];

     

       74
       74
       +
           };

     

       75
       75
       +
       

     

       76
       76
       +
           systemd.services.tee-supplicant = {

     

       77
       77
       +
             description = "Userspace supplicant for OPTEE-OS";

     

       78
       78
       +
       

     

       79
       79
       +
             serviceConfig = {

     

       80
       80
       +
               ExecStart = toString [

     

       81
       81
       +
                 (getExe' cfg.package "tee-supplicant")

     

       82
       82
       +
                 "--ta-dir ${taDir}"

     

       83
       83
       +
                 "--fs-parent-path ${cfg.reeFsParentPath}"

     

       84
       84
       +
                 "--plugin-path ${cfg.pluginPath}"

     

       85
       85
       +
               ];

     

       86
       86
       +
               Restart = "always";

     

       87
       87
       +
             };

     

       88
       88
       +
       

     

       89
       89
       +
             after = [ "modprobe@optee.service" ];

     

       90
       90
       +
             wants = [ "modprobe@optee.service" ];

     

       91
       91
       +
       

     

       92
       92
       +
             wantedBy = [ "multi-user.target" ];

     

       93
       93
       +
           };

     

       94
       94
       +
         };

     

       95
       95
       +
       }

+2 -1

nixos/modules/services/networking/syncthing.nix

···

       847
       847
        
             ];

     

       848
       848
        
           };

     

       849
       849
        
       

     

       850
       850
       -
           systemd.packages = [ pkgs.syncthing ];

     

       850
       850
       +
           environment.systemPackages = [ cfg.package ];

     

       851
       851
       +
           systemd.packages = [ cfg.package ];

     

       851
       852
        
       

     

       852
       853
        
           users.users = mkIf (cfg.systemService && cfg.user == defaultUser) {

     

       853
       854
        
             ${defaultUser} = {

+324

nixos/modules/services/search/nominatim.nix

···

       1
       1
       +
       {

     

       2
       2
       +
         lib,

     

       3
       3
       +
         config,

     

       4
       4
       +
         pkgs,

     

       5
       5
       +
         ...

     

       6
       6
       +
       }:

     

       7
       7
       +
       

     

       8
       8
       +
       let

     

       9
       9
       +
         cfg = config.services.nominatim;

     

       10
       10
       +
       

     

       11
       11
       +
         localDb = cfg.database.host == "localhost";

     

       12
       12
       +
         uiPackage = cfg.ui.package.override { customConfig = cfg.ui.config; };

     

       13
       13
       +
       in

     

       14
       14
       +
       {

     

       15
       15
       +
         options.services.nominatim = {

     

       16
       16
       +
           enable = lib.mkOption {

     

       17
       17
       +
             type = lib.types.bool;

     

       18
       18
       +
             default = false;

     

       19
       19
       +
             description = ''

     

       20
       20
       +
               Whether to enable nominatim.

     

       21
       21
       +
       

     

       22
       22
       +
               Also enables nginx virtual host management. Further nginx configuration

     

       23
       23
       +
               can be done by adapting `services.nginx.virtualHosts.<name>`.

     

       24
       24
       +
               See [](#opt-services.nginx.virtualHosts).

     

       25
       25
       +
             '';

     

       26
       26
       +
           };

     

       27
       27
       +
       

     

       28
       28
       +
           package = lib.mkPackageOption pkgs.python3Packages "nominatim-api" { };

     

       29
       29
       +
       

     

       30
       30
       +
           hostName = lib.mkOption {

     

       31
       31
       +
             type = lib.types.str;

     

       32
       32
       +
             description = "Hostname to use for the nginx vhost.";

     

       33
       33
       +
             example = "nominatim.example.com";

     

       34
       34
       +
           };

     

       35
       35
       +
       

     

       36
       36
       +
           settings = lib.mkOption {

     

       37
       37
       +
             default = { };

     

       38
       38
       +
             type = lib.types.attrsOf lib.types.str;

     

       39
       39
       +
             example = lib.literalExpression ''

     

       40
       40
       +
               {

     

       41
       41
       +
                 NOMINATIM_REPLICATION_URL = "https://planet.openstreetmap.org/replication/minute";

     

       42
       42
       +
                 NOMINATIM_REPLICATION_MAX_DIFF = "100";

     

       43
       43
       +
               }

     

       44
       44
       +
             '';

     

       45
       45
       +
             description = ''

     

       46
       46
       +
               Nominatim configuration settings.

     

       47
       47
       +
               For the list of available configuration options see

     

       48
       48
       +
               <https://nominatim.org/release-docs/latest/customize/Settings>.

     

       49
       49
       +
             '';

     

       50
       50
       +
           };

     

       51
       51
       +
       

     

       52
       52
       +
           ui = {

     

       53
       53
       +
             package = lib.mkPackageOption pkgs "nominatim-ui" { };

     

       54
       54
       +
       

     

       55
       55
       +
             config = lib.mkOption {

     

       56
       56
       +
               type = lib.types.nullOr lib.types.str;

     

       57
       57
       +
               default = null;

     

       58
       58
       +
               description = ''

     

       59
       59
       +
                 Nominatim UI configuration placed to theme/config.theme.js file.

     

       60
       60
       +
       

     

       61
       61
       +
                 For the list of available configuration options see

     

       62
       62
       +
                 <https://github.com/osm-search/nominatim-ui/blob/master/dist/config.defaults.js>.

     

       63
       63
       +
               '';

     

       64
       64
       +
               example = ''

     

       65
       65
       +
                 Nominatim_Config.Page_Title='My Nominatim instance';

     

       66
       66
       +
                 Nominatim_Config.Nominatim_API_Endpoint='https://localhost/';

     

       67
       67
       +
               '';

     

       68
       68
       +
             };

     

       69
       69
       +
           };

     

       70
       70
       +
       

     

       71
       71
       +
           database = {

     

       72
       72
       +
             host = lib.mkOption {

     

       73
       73
       +
               type = lib.types.str;

     

       74
       74
       +
               default = "localhost";

     

       75
       75
       +
               description = ''

     

       76
       76
       +
                 Host of the postgresql server. If not set to `localhost`, Nominatim

     

       77
       77
       +
                 database and postgresql superuser with appropriate permissions must

     

       78
       78
       +
                 exist on target host.

     

       79
       79
       +
               '';

     

       80
       80
       +
             };

     

       81
       81
       +
       

     

       82
       82
       +
             port = lib.mkOption {

     

       83
       83
       +
               type = lib.types.port;

     

       84
       84
       +
               default = 5432;

     

       85
       85
       +
               description = "Port of the postgresql database.";

     

       86
       86
       +
             };

     

       87
       87
       +
       

     

       88
       88
       +
             dbname = lib.mkOption {

     

       89
       89
       +
               type = lib.types.str;

     

       90
       90
       +
               default = "nominatim";

     

       91
       91
       +
               description = "Name of the postgresql database.";

     

       92
       92
       +
             };

     

       93
       93
       +
       

     

       94
       94
       +
             superUser = lib.mkOption {

     

       95
       95
       +
               type = lib.types.str;

     

       96
       96
       +
               default = "nominatim";

     

       97
       97
       +
               description = ''

     

       98
       98
       +
                 Postgresql database superuser used to create Nominatim database and

     

       99
       99
       +
                 import data. If `database.host` is set to `localhost`, a unix user and

     

       100
       100
       +
                 group of the same name will be automatically created.

     

       101
       101
       +
               '';

     

       102
       102
       +
             };

     

       103
       103
       +
       

     

       104
       104
       +
             apiUser = lib.mkOption {

     

       105
       105
       +
               type = lib.types.str;

     

       106
       106
       +
               default = "nominatim-api";

     

       107
       107
       +
               description = ''

     

       108
       108
       +
                 Postgresql database user with read-only permissions used for Nominatim

     

       109
       109
       +
                 web API service.

     

       110
       110
       +
               '';

     

       111
       111
       +
             };

     

       112
       112
       +
       

     

       113
       113
       +
             passwordFile = lib.mkOption {

     

       114
       114
       +
               type = lib.types.nullOr lib.types.path;

     

       115
       115
       +
               default = null;

     

       116
       116
       +
               description = ''

     

       117
       117
       +
                 Password file used for Nominatim database connection.

     

       118
       118
       +
                 Must be readable only for the Nominatim web API user.

     

       119
       119
       +
       

     

       120
       120
       +
                 The file must be a valid `.pgpass` file as described in:

     

       121
       121
       +
                 <https://www.postgresql.org/docs/current/libpq-pgpass.html>

     

       122
       122
       +
       

     

       123
       123
       +
                 In most cases, the following will be enough:

     

       124
       124
       +
                 ```

     

       125
       125
       +
                 *:*:*:*:<password>

     

       126
       126
       +
                 ```

     

       127
       127
       +
               '';

     

       128
       128
       +
             };

     

       129
       129
       +
       

     

       130
       130
       +
             extraConnectionParams = lib.mkOption {

     

       131
       131
       +
               type = lib.types.nullOr lib.types.str;

     

       132
       132
       +
               default = null;

     

       133
       133
       +
               description = ''

     

       134
       134
       +
                 Extra Nominatim database connection parameters.

     

       135
       135
       +
       

     

       136
       136
       +
                 Format:

     

       137
       137
       +
                 <param1>=<value1>;<param2>=<value2>

     

       138
       138
       +
       

     

       139
       139
       +
                 See <https://www.postgresql.org/docs/current/libpq-connect.html#LIBPQ-PARAMKEYWORDS>.

     

       140
       140
       +
               '';

     

       141
       141
       +
             };

     

       142
       142
       +
           };

     

       143
       143
       +
         };

     

       144
       144
       +
       

     

       145
       145
       +
         config =

     

       146
       146
       +
           let

     

       147
       147
       +
             nominatimSuperUserDsn =

     

       148
       148
       +
               "pgsql:dbname=${cfg.database.dbname};"

     

       149
       149
       +
               + "user=${cfg.database.superUser}"

     

       150
       150
       +
               + lib.optionalString (cfg.database.extraConnectionParams != null) (

     

       151
       151
       +
                 ";" + cfg.database.extraConnectionParams

     

       152
       152
       +
               );

     

       153
       153
       +
       

     

       154
       154
       +
             nominatimApiDsn =

     

       155
       155
       +
               "pgsql:dbname=${cfg.database.dbname}"

     

       156
       156
       +
               + lib.optionalString (!localDb) (

     

       157
       157
       +
                 ";host=${cfg.database.host};"

     

       158
       158
       +
                 + "port=${toString cfg.database.port};"

     

       159
       159
       +
                 + "user=${cfg.database.apiUser}"

     

       160
       160
       +
               )

     

       161
       161
       +
               + lib.optionalString (cfg.database.extraConnectionParams != null) (

     

       162
       162
       +
                 ";" + cfg.database.extraConnectionParams

     

       163
       163
       +
               );

     

       164
       164
       +
           in

     

       165
       165
       +
           lib.mkIf cfg.enable {

     

       166
       166
       +
             # CLI package

     

       167
       167
       +
             environment.systemPackages = [ pkgs.nominatim ];

     

       168
       168
       +
       

     

       169
       169
       +
             # Database

     

       170
       170
       +
             users.users.${cfg.database.superUser} = lib.mkIf localDb {

     

       171
       171
       +
               group = cfg.database.superUser;

     

       172
       172
       +
               isSystemUser = true;

     

       173
       173
       +
               createHome = false;

     

       174
       174
       +
             };

     

       175
       175
       +
             users.groups.${cfg.database.superUser} = lib.mkIf localDb { };

     

       176
       176
       +
       

     

       177
       177
       +
             services.postgresql = lib.mkIf localDb {

     

       178
       178
       +
               enable = true;

     

       179
       179
       +
               extensions = ps: with ps; [ postgis ];

     

       180
       180
       +
               ensureUsers = [

     

       181
       181
       +
                 {

     

       182
       182
       +
                   name = cfg.database.superUser;

     

       183
       183
       +
                   ensureClauses.superuser = true;

     

       184
       184
       +
                 }

     

       185
       185
       +
                 {

     

       186
       186
       +
                   name = cfg.database.apiUser;

     

       187
       187
       +
                 }

     

       188
       188
       +
               ];

     

       189
       189
       +
             };

     

       190
       190
       +
       

     

       191
       191
       +
             # TODO: add nominatim-update service

     

       192
       192
       +
       

     

       193
       193
       +
             systemd.services.nominatim-init = lib.mkIf localDb {

     

       194
       194
       +
               after = [ "postgresql-setup.service" ];

     

       195
       195
       +
               requires = [ "postgresql-setup.service" ];

     

       196
       196
       +
               wantedBy = [ "multi-user.target" ];

     

       197
       197
       +
               serviceConfig = {

     

       198
       198
       +
                 Type = "oneshot";

     

       199
       199
       +
                 User = cfg.database.superUser;

     

       200
       200
       +
                 RemainAfterExit = true;

     

       201
       201
       +
                 PrivateTmp = true;

     

       202
       202
       +
               };

     

       203
       203
       +
               script = ''

     

       204
       204
       +
                 sql="SELECT COUNT(*) FROM pg_database WHERE datname='${cfg.database.dbname}'"

     

       205
       205
       +
                 db_exists=$(${pkgs.postgresql}/bin/psql --dbname postgres -tAc "$sql")

     

       206
       206
       +
       

     

       207
       207
       +
                 if [ "$db_exists" == "0" ]; then

     

       208
       208
       +
                   ${lib.getExe pkgs.nominatim} import --prepare-database

     

       209
       209
       +
                 else

     

       210
       210
       +
                   echo "Database ${cfg.database.dbname} already exists. Skipping ..."

     

       211
       211
       +
                 fi

     

       212
       212
       +
               '';

     

       213
       213
       +
               path = [

     

       214
       214
       +
                 pkgs.postgresql

     

       215
       215
       +
               ];

     

       216
       216
       +
               environment = {

     

       217
       217
       +
                 NOMINATIM_DATABASE_DSN = nominatimSuperUserDsn;

     

       218
       218
       +
                 NOMINATIM_DATABASE_WEBUSER = cfg.database.apiUser;

     

       219
       219
       +
               } // cfg.settings;

     

       220
       220
       +
             };

     

       221
       221
       +
       

     

       222
       222
       +
             # Web API service

     

       223
       223
       +
             users.users.${cfg.database.apiUser} = {

     

       224
       224
       +
               group = cfg.database.apiUser;

     

       225
       225
       +
               isSystemUser = true;

     

       226
       226
       +
               createHome = false;

     

       227
       227
       +
             };

     

       228
       228
       +
             users.groups.${cfg.database.apiUser} = { };

     

       229
       229
       +
       

     

       230
       230
       +
             systemd.services.nominatim = {

     

       231
       231
       +
               after = [ "network.target" ] ++ lib.optionals localDb [ "nominatim-init.service" ];

     

       232
       232
       +
               requires = lib.optionals localDb [ "nominatim-init.service" ];

     

       233
       233
       +
               bindsTo = lib.optionals localDb [ "postgresql.service" ];

     

       234
       234
       +
               wantedBy = [ "multi-user.target" ];

     

       235
       235
       +
               wants = [ "network.target" ];

     

       236
       236
       +
               serviceConfig = {

     

       237
       237
       +
                 Type = "simple";

     

       238
       238
       +
                 User = cfg.database.apiUser;

     

       239
       239
       +
                 ExecStart = ''

     

       240
       240
       +
                   ${pkgs.python3Packages.gunicorn}/bin/gunicorn \

     

       241
       241
       +
                     --bind unix:/run/nominatim.sock \

     

       242
       242
       +
                     --workers 4 \

     

       243
       243
       +
                     --worker-class uvicorn.workers.UvicornWorker "nominatim_api.server.falcon.server:run_wsgi()"

     

       244
       244
       +
                 '';

     

       245
       245
       +
                 Environment = lib.optional (

     

       246
       246
       +
                   cfg.database.passwordFile != null

     

       247
       247
       +
                 ) "PGPASSFILE=${cfg.database.passwordFile}";

     

       248
       248
       +
                 ExecReload = "${pkgs.procps}/bin/kill -s HUP $MAINPID";

     

       249
       249
       +
                 KillMode = "mixed";

     

       250
       250
       +
                 TimeoutStopSec = 5;

     

       251
       251
       +
               };

     

       252
       252
       +
               environment = {

     

       253
       253
       +
                 PYTHONPATH =

     

       254
       254
       +
                   with pkgs.python3Packages;

     

       255
       255
       +
                   pkgs.python3Packages.makePythonPath [

     

       256
       256
       +
                     cfg.package

     

       257
       257
       +
                     falcon

     

       258
       258
       +
                     uvicorn

     

       259
       259
       +
                   ];

     

       260
       260
       +
                 NOMINATIM_DATABASE_DSN = nominatimApiDsn;

     

       261
       261
       +
                 NOMINATIM_DATABASE_WEBUSER = cfg.database.apiUser;

     

       262
       262
       +
               } // cfg.settings;

     

       263
       263
       +
             };

     

       264
       264
       +
       

     

       265
       265
       +
             systemd.sockets.nominatim = {

     

       266
       266
       +
               before = [ "nominatim.service" ];

     

       267
       267
       +
               wantedBy = [ "sockets.target" ];

     

       268
       268
       +
               socketConfig = {

     

       269
       269
       +
                 ListenStream = "/run/nominatim.sock";

     

       270
       270
       +
                 SocketUser = cfg.database.apiUser;

     

       271
       271
       +
                 SocketGroup = config.services.nginx.group;

     

       272
       272
       +
               };

     

       273
       273
       +
             };

     

       274
       274
       +
       

     

       275
       275
       +
             services.nginx = {

     

       276
       276
       +
               enable = true;

     

       277
       277
       +
               appendHttpConfig = ''

     

       278
       278
       +
                 map $args $format {

     

       279
       279
       +
                     default                  default;

     

       280
       280
       +
                     ~(^|&)format=html(&|$)   html;

     

       281
       281
       +
                 }

     

       282
       282
       +
       

     

       283
       283
       +
                 map $uri/$format $forward_to_ui {

     

       284
       284
       +
                     default               0;   # No forwarding by default.

     

       285
       285
       +
       

     

       286
       286
       +
                     # Redirect to HTML UI if explicitly requested.

     

       287
       287
       +
                     ~/reverse.*/html      1;

     

       288
       288
       +
                     ~/search.*/html       1;

     

       289
       289
       +
                     ~/lookup.*/html       1;

     

       290
       290
       +
                     ~/details.*/html      1;

     

       291
       291
       +
                 }

     

       292
       292
       +
               '';

     

       293
       293
       +
               upstreams.nominatim = {

     

       294
       294
       +
                 servers = {

     

       295
       295
       +
                   "unix:/run/nominatim.sock" = { };

     

       296
       296
       +
                 };

     

       297
       297
       +
               };

     

       298
       298
       +
               virtualHosts = {

     

       299
       299
       +
                 ${cfg.hostName} = {

     

       300
       300
       +
                   forceSSL = lib.mkDefault true;

     

       301
       301
       +
                   enableACME = lib.mkDefault true;

     

       302
       302
       +
                   locations = {

     

       303
       303
       +
                     "= /" = {

     

       304
       304
       +
                       extraConfig = ''

     

       305
       305
       +
                         return 301 $scheme://$http_host/ui/search.html;

     

       306
       306
       +
                       '';

     

       307
       307
       +
                     };

     

       308
       308
       +
                     "/" = {

     

       309
       309
       +
                       proxyPass = "http://nominatim";

     

       310
       310
       +
                       extraConfig = ''

     

       311
       311
       +
                         if ($forward_to_ui) {

     

       312
       312
       +
                             rewrite ^(/[^/.]*) /ui$1.html redirect;

     

       313
       313
       +
                         }

     

       314
       314
       +
                       '';

     

       315
       315
       +
                     };

     

       316
       316
       +
                     "/ui/" = {

     

       317
       317
       +
                       alias = "${uiPackage}/";

     

       318
       318
       +
                     };

     

       319
       319
       +
                   };

     

       320
       320
       +
                 };

     

       321
       321
       +
               };

     

       322
       322
       +
             };

     

       323
       323
       +
           };

     

       324
       324
       +
       }

+26 -11

nixos/tests/all-tests.nix

···

       605
       605
        
         gns3-server = runTest ./gns3-server.nix;

     

       606
       606
        
         gnupg = runTest ./gnupg.nix;

     

       607
       607
        
         goatcounter = runTest ./goatcounter.nix;

     

       608
       608
       -
         go-camo = handleTest ./go-camo.nix { };

     

       608
       608
       +
         go-camo = runTest ./go-camo.nix;

     

       609
       609
        
         go-neb = runTest ./go-neb.nix;

     

       610
       610
        
         gobgpd = runTest ./gobgpd.nix;

     

       611
       611
        
         gocd-agent = runTest ./gocd-agent.nix;

     
···

       649
       649
        
         harmonia = runTest ./harmonia.nix;

     

       650
       650
        
         headscale = runTest ./headscale.nix;

     

       651
       651
        
         healthchecks = runTest ./web-apps/healthchecks.nix;

     

       652
       652
       -
         hbase2 = handleTest ./hbase.nix { package = pkgs.hbase2; };

     

       653
       653
       -
         hbase_2_5 = handleTest ./hbase.nix { package = pkgs.hbase_2_5; };

     

       654
       654
       -
         hbase_2_4 = handleTest ./hbase.nix { package = pkgs.hbase_2_4; };

     

       655
       655
       -
         hbase3 = handleTest ./hbase.nix { package = pkgs.hbase3; };

     

       652
       652
       +
         hbase2 = runTest {

     

       653
       653
       +
           imports = [ ./hbase.nix ];

     

       654
       654
       +
           _module.args.getPackage = pkgs: pkgs.hbase2;

     

       655
       655
       +
         };

     

       656
       656
       +
         hbase_2_5 = runTest {

     

       657
       657
       +
           imports = [ ./hbase.nix ];

     

       658
       658
       +
           _module.args.getPackage = pkgs: pkgs.hbase_2_5;

     

       659
       659
       +
         };

     

       660
       660
       +
         hbase_2_4 = runTest {

     

       661
       661
       +
           imports = [ ./hbase.nix ];

     

       662
       662
       +
           _module.args.getPackage = pkgs: pkgs.hbase_2_4;

     

       663
       663
       +
         };

     

       664
       664
       +
         hbase3 = runTest {

     

       665
       665
       +
           imports = [ ./hbase.nix ];

     

       666
       666
       +
           _module.args.getPackage = pkgs: pkgs.hbase3;

     

       667
       667
       +
         };

     

       656
       668
        
         hedgedoc = runTest ./hedgedoc.nix;

     

       657
       669
        
         herbstluftwm = runTest ./herbstluftwm.nix;

     

       658
       670
        
         homebox = runTest ./homebox.nix;

     
···

       1014
       1026
        
         nixseparatedebuginfod = runTest ./nixseparatedebuginfod.nix;

     

       1015
       1027
        
         node-red = runTest ./node-red.nix;

     

       1016
       1028
        
         nomad = runTest ./nomad.nix;

     

       1029
       1029
       +
         nominatim = runTest ./nominatim.nix;

     

       1017
       1030
        
         non-default-filesystems = handleTest ./non-default-filesystems.nix { };

     

       1018
       1031
        
         non-switchable-system = runTest ./non-switchable-system.nix;

     

       1019
       1032
        
         noto-fonts = runTest ./noto-fonts.nix;

     
···

       1067
       1080
        
         openvscode-server = runTest ./openvscode-server.nix;

     

       1068
       1081
        
         open-webui = runTest ./open-webui.nix;

     

       1069
       1082
        
         openvswitch = runTest ./openvswitch.nix;

     

       1083
       1083
       +
         optee = handleTestOn [ "aarch64-linux" ] ./optee.nix { };

     

       1070
       1084
        
         orangefs = runTest ./orangefs.nix;

     

       1071
       1085
        
         os-prober = handleTestOn [ "x86_64-linux" ] ./os-prober.nix { };

     

       1072
       1086
        
         osquery = handleTestOn [ "x86_64-linux" ] ./osquery.nix { };

     
···

       1319
       1333
        
         stratis = handleTest ./stratis { };

     

       1320
       1334
        
         strongswan-swanctl = runTest ./strongswan-swanctl.nix;

     

       1321
       1335
        
         stub-ld = handleTestOn [ "x86_64-linux" "aarch64-linux" ] ./stub-ld.nix { };

     

       1322
       1322
       -
         stunnel = handleTest ./stunnel.nix { };

     

       1336
       1336
       +
         stunnel = import ./stunnel.nix { inherit runTest; };

     

       1323
       1337
        
         sudo = runTest ./sudo.nix;

     

       1324
       1338
        
         sudo-rs = runTest ./sudo-rs.nix;

     

       1325
       1339
        
         sunshine = runTest ./sunshine.nix;

     
···

       1364
       1378
        
         systemd-initrd-luks-tpm2 = runTest ./systemd-initrd-luks-tpm2.nix;

     

       1365
       1379
        
         systemd-initrd-luks-unl0kr = runTest ./systemd-initrd-luks-unl0kr.nix;

     

       1366
       1380
        
         systemd-initrd-modprobe = runTest ./systemd-initrd-modprobe.nix;

     

       1367
       1367
       -
         systemd-initrd-networkd = handleTest ./systemd-initrd-networkd.nix { };

     

       1381
       1381
       +
         systemd-initrd-networkd = import ./systemd-initrd-networkd.nix { inherit runTest; };

     

       1368
       1382
        
         systemd-initrd-networkd-ssh = runTest ./systemd-initrd-networkd-ssh.nix;

     

       1369
       1383
        
         systemd-initrd-networkd-openvpn = handleTestOn [

     

       1370
       1384
        
           "x86_64-linux"

     
···

       1386
       1400
        
         systemd-networkd = runTest ./systemd-networkd.nix;

     

       1387
       1401
        
         systemd-networkd-bridge = runTest ./systemd-networkd-bridge.nix;

     

       1388
       1402
        
         systemd-networkd-dhcpserver = runTest ./systemd-networkd-dhcpserver.nix;

     

       1389
       1389
       -
         systemd-networkd-dhcpserver-static-leases =

     

       1390
       1390
       -
           handleTest ./systemd-networkd-dhcpserver-static-leases.nix

     

       1391
       1391
       -
             { };

     

       1403
       1403
       +
         systemd-networkd-dhcpserver-static-leases = runTest ./systemd-networkd-dhcpserver-static-leases.nix;

     

       1392
       1404
        
         systemd-networkd-ipv6-prefix-delegation =

     

       1393
       1405
        
           handleTest ./systemd-networkd-ipv6-prefix-delegation.nix

     

       1394
       1406
        
             { };

     
···

       1555
       1567
        
         xterm = runTest ./xterm.nix;

     

       1556
       1568
        
         xxh = runTest ./xxh.nix;

     

       1557
       1569
        
         yarr = runTest ./yarr.nix;

     

       1558
       1558
       -
         ydotool = handleTest ./ydotool.nix { };

     

       1570
       1570
       +
         ydotool = import ./ydotool.nix {

     

       1571
       1571
       +
           inherit (pkgs) lib;

     

       1572
       1572
       +
           inherit runTest;

     

       1573
       1573
       +
         };

     

       1559
       1574
        
         yggdrasil = runTest ./yggdrasil.nix;

     

       1560
       1575
        
         your_spotify = runTest ./your_spotify.nix;

     

       1561
       1576
        
         zammad = runTest ./zammad.nix;

+21 -31

nixos/tests/go-camo.nix

···

       1
       1
       +
       { lib, ... }:

     

       2
       2
       +
       let

     

       3
       3
       +
         key_val = "12345678";

     

       4
       4
       +
       in

     

       1
       5
        
       {

     

       2
       2
       -
         system ? builtins.currentSystem,

     

       3
       3
       -
         config ? { },

     

       4
       4
       -
         pkgs ? import ../.. { inherit system config; },

     

       5
       5
       -
       }:

     

       6
       6
       -
       

     

       7
       7
       -
       with import ../lib/testing-python.nix { inherit system pkgs; };

     

       6
       6
       +
         name = "go-camo-file-key";

     

       7
       7
       +
         meta = {

     

       8
       8
       +
           maintainers = [ lib.maintainers.viraptor ];

     

       9
       9
       +
         };

     

       8
       10
        
       

     

       9
       9
       -
       {

     

       10
       10
       -
         gocamo_file_key =

     

       11
       11
       -
           let

     

       12
       12
       -
             key_val = "12345678";

     

       13
       13
       -
           in

     

       14
       14
       -
           makeTest {

     

       15
       15
       -
             name = "go-camo-file-key";

     

       16
       16
       -
             meta = {

     

       17
       17
       -
               maintainers = [ pkgs.lib.maintainers.viraptor ];

     

       11
       11
       +
         nodes.machine =

     

       12
       12
       +
           { pkgs, ... }:

     

       13
       13
       +
           {

     

       14
       14
       +
             services.go-camo = {

     

       15
       15
       +
               enable = true;

     

       16
       16
       +
               keyFile = pkgs.writeText "foo" key_val;

     

       18
       17
        
             };

     

       19
       19
       -
       

     

       20
       20
       -
             nodes.machine =

     

       21
       21
       -
               { config, pkgs, ... }:

     

       22
       22
       -
               {

     

       23
       23
       -
                 services.go-camo = {

     

       24
       24
       -
                   enable = true;

     

       25
       25
       -
                   keyFile = pkgs.writeText "foo" key_val;

     

       26
       26
       -
                 };

     

       27
       27
       -
               };

     

       28
       28
       -
       

     

       29
       29
       -
             # go-camo responds to http requests

     

       30
       30
       -
             testScript = ''

     

       31
       31
       -
               machine.wait_for_unit("go-camo.service")

     

       32
       32
       -
               machine.wait_for_open_port(8080)

     

       33
       33
       -
               machine.succeed("curl http://localhost:8080")

     

       34
       34
       -
             '';

     

       35
       18
        
           };

     

       19
       19
       +
       

     

       20
       20
       +
         # go-camo responds to http requests

     

       21
       21
       +
         testScript = ''

     

       22
       22
       +
           machine.wait_for_unit("go-camo.service")

     

       23
       23
       +
           machine.wait_for_open_port(8080)

     

       24
       24
       +
           machine.succeed("curl http://localhost:8080")

     

       25
       25
       +
         '';

     

       36
       26
        
       }

+29 -35

nixos/tests/hbase.nix

···

       1
       1
       -
       import ./make-test-python.nix (

     

       2
       2
       -
         {

     

       3
       3
       -
           pkgs,

     

       4
       4
       -
           lib,

     

       5
       5
       -
           package ? pkgs.hbase,

     

       6
       6
       -
           ...

     

       7
       7
       -
         }:

     

       8
       8
       -
         {

     

       9
       9
       -
           name = "hbase-standalone";

     

       1
       1
       +
       { getPackage, lib, ... }:

     

       2
       2
       +
       {

     

       3
       3
       +
         name = "hbase-standalone";

     

       10
       4
        
       

     

       11
       11
       -
           meta = with lib.maintainers; {

     

       12
       12
       -
             maintainers = [ illustris ];

     

       13
       13
       -
           };

     

       5
       5
       +
         meta = with lib.maintainers; {

     

       6
       6
       +
           maintainers = [ illustris ];

     

       7
       7
       +
         };

     

       14
       8
        
       

     

       15
       15
       -
           nodes = {

     

       16
       16
       -
             hbase =

     

       17
       17
       -
               { pkgs, ... }:

     

       18
       18
       -
               {

     

       19
       19
       -
                 services.hbase-standalone = {

     

       20
       20
       -
                   enable = true;

     

       21
       21
       -
                   inherit package;

     

       22
       22
       -
                   # Needed for standalone mode in hbase 2+

     

       23
       23
       -
                   # This setting and standalone mode are not suitable for production

     

       24
       24
       -
                   settings."hbase.unsafe.stream.capability.enforce" = "false";

     

       25
       25
       -
                 };

     

       26
       26
       -
                 environment.systemPackages = with pkgs; [

     

       27
       27
       -
                   package

     

       28
       28
       -
                 ];

     

       29
       29
       -
               };

     

       9
       9
       +
         nodes.hbase =

     

       10
       10
       +
           { pkgs, ... }:

     

       11
       11
       +
           let

     

       12
       12
       +
             package = getPackage pkgs;

     

       13
       13
       +
           in

     

       14
       14
       +
           {

     

       15
       15
       +
             services.hbase-standalone = {

     

       16
       16
       +
               enable = true;

     

       17
       17
       +
               inherit package;

     

       18
       18
       +
               # Needed for standalone mode in hbase 2+

     

       19
       19
       +
               # This setting and standalone mode are not suitable for production

     

       20
       20
       +
               settings."hbase.unsafe.stream.capability.enforce" = "false";

     

       21
       21
       +
             };

     

       22
       22
       +
             environment.systemPackages = [

     

       23
       23
       +
               package

     

       24
       24
       +
             ];

     

       30
       25
        
           };

     

       31
       26
        
       

     

       32
       32
       -
           testScript = ''

     

       33
       33
       -
             start_all()

     

       34
       34
       -
             hbase.wait_for_unit("hbase.service")

     

       35
       35
       -
             hbase.wait_until_succeeds("echo \"create 't1','f1'\" | sudo -u hbase hbase shell -n")

     

       36
       36
       -
             assert "NAME => 'f1'" in hbase.succeed("echo \"describe 't1'\" | sudo -u hbase hbase shell -n")

     

       37
       37
       -
           '';

     

       38
       38
       -
         }

     

       39
       39
       -
       )

     

       27
       27
       +
         testScript = ''

     

       28
       28
       +
           start_all()

     

       29
       29
       +
           hbase.wait_for_unit("hbase.service")

     

       30
       30
       +
           hbase.wait_until_succeeds("echo \"create 't1','f1'\" | sudo -u hbase hbase shell -n")

     

       31
       31
       +
           assert "NAME => 'f1'" in hbase.succeed("echo \"describe 't1'\" | sudo -u hbase hbase shell -n")

     

       32
       32
       +
         '';

     

       33
       33
       +
       }

+187

nixos/tests/nominatim.nix

···

       1
       1
       +
       { pkgs, lib, ... }:

     

       2
       2
       +
       

     

       3
       3
       +
       let

     

       4
       4
       +
         # Andorra - the smallest dataset in Europe (3.1 MB)

     

       5
       5
       +
         osmData = pkgs.fetchurl {

     

       6
       6
       +
           url = "https://web.archive.org/web/20250430211212/https://download.geofabrik.de/europe/andorra-latest.osm.pbf";

     

       7
       7
       +
           hash = "sha256-Ey+ipTOFUm80rxBteirPW5N4KxmUsg/pCE58E/2rcyE=";

     

       8
       8
       +
         };

     

       9
       9
       +
       in

     

       10
       10
       +
       {

     

       11
       11
       +
         name = "nominatim";

     

       12
       12
       +
         meta = {

     

       13
       13
       +
           maintainers = with lib.teams; [

     

       14
       14
       +
             geospatial

     

       15
       15
       +
             ngi

     

       16
       16
       +
           ];

     

       17
       17
       +
         };

     

       18
       18
       +
       

     

       19
       19
       +
         nodes = {

     

       20
       20
       +
           # nominatim - self contained host

     

       21
       21
       +
           nominatim =

     

       22
       22
       +
             { config, pkgs, ... }:

     

       23
       23
       +
             {

     

       24
       24
       +
               # Nominatim

     

       25
       25
       +
               services.nominatim = {

     

       26
       26
       +
                 enable = true;

     

       27
       27
       +
                 hostName = "nominatim";

     

       28
       28
       +
                 settings = {

     

       29
       29
       +
                   NOMINATIM_IMPORT_STYLE = "admin";

     

       30
       30
       +
                 };

     

       31
       31
       +
                 ui = {

     

       32
       32
       +
                   config = ''

     

       33
       33
       +
                     Nominatim_Config.Page_Title='Test Nominatim instance';

     

       34
       34
       +
                     Nominatim_Config.Nominatim_API_Endpoint='https://localhost/';

     

       35
       35
       +
                   '';

     

       36
       36
       +
                 };

     

       37
       37
       +
               };

     

       38
       38
       +
       

     

       39
       39
       +
               # Disable SSL

     

       40
       40
       +
               services.nginx.virtualHosts.nominatim = {

     

       41
       41
       +
                 forceSSL = false;

     

       42
       42
       +
                 enableACME = false;

     

       43
       43
       +
               };

     

       44
       44
       +
       

     

       45
       45
       +
               # Database

     

       46
       46
       +
               services.postgresql = {

     

       47
       47
       +
                 enableTCPIP = true;

     

       48
       48
       +
                 authentication = lib.mkForce ''

     

       49
       49
       +
                   local all all            trust

     

       50
       50
       +
                   host  all all 0.0.0.0/0  md5

     

       51
       51
       +
                   host  all all ::0/0      md5

     

       52
       52
       +
                 '';

     

       53
       53
       +
               };

     

       54
       54
       +
               systemd.services.postgresql-setup.postStart = ''

     

       55
       55
       +
                 psql --command "ALTER ROLE \"nominatim-api\" WITH PASSWORD 'password';"

     

       56
       56
       +
               '';

     

       57
       57
       +
               networking.firewall.allowedTCPPorts = [ config.services.postgresql.settings.port ];

     

       58
       58
       +
             };

     

       59
       59
       +
       

     

       60
       60
       +
           # api - web API only

     

       61
       61
       +
           api =

     

       62
       62
       +
             { config, pkgs, ... }:

     

       63
       63
       +
             {

     

       64
       64
       +
               # Database password

     

       65
       65
       +
               system.activationScripts = {

     

       66
       66
       +
                 passwordFile.text = with config.services.nominatim.database; ''

     

       67
       67
       +
                   mkdir -p /run/secrets

     

       68
       68
       +
                   echo "${host}:${toString port}:${dbname}:${apiUser}:password" \

     

       69
       69
       +
                     > /run/secrets/pgpass

     

       70
       70
       +
                   chown nominatim-api:nominatim-api /run/secrets/pgpass

     

       71
       71
       +
                   chmod 0600 /run/secrets/pgpass

     

       72
       72
       +
                 '';

     

       73
       73
       +
               };

     

       74
       74
       +
       

     

       75
       75
       +
               # Nominatim

     

       76
       76
       +
               services.nominatim = {

     

       77
       77
       +
                 enable = true;

     

       78
       78
       +
                 hostName = "nominatim";

     

       79
       79
       +
                 settings = {

     

       80
       80
       +
                   NOMINATIM_LOG_DB = "yes";

     

       81
       81
       +
                 };

     

       82
       82
       +
                 database = {

     

       83
       83
       +
                   host = "nominatim";

     

       84
       84
       +
                   passwordFile = "/run/secrets/pgpass";

     

       85
       85
       +
                   extraConnectionParams = "application_name=nominatim;connect_timeout=2";

     

       86
       86
       +
                 };

     

       87
       87
       +
               };

     

       88
       88
       +
       

     

       89
       89
       +
               # Disable SSL

     

       90
       90
       +
               services.nginx.virtualHosts.nominatim = {

     

       91
       91
       +
                 forceSSL = false;

     

       92
       92
       +
                 enableACME = false;

     

       93
       93
       +
               };

     

       94
       94
       +
             };

     

       95
       95
       +
         };

     

       96
       96
       +
       

     

       97
       97
       +
         testScript = ''

     

       98
       98
       +
           # Test nominatim host

     

       99
       99
       +
           nominatim.start()

     

       100
       100
       +
           nominatim.wait_for_unit("nominatim.service")

     

       101
       101
       +
       

     

       102
       102
       +
           # Import OSM data

     

       103
       103
       +
           nominatim.succeed("""

     

       104
       104
       +
             cd /tmp

     

       105
       105
       +
             sudo -u nominatim \

     

       106
       106
       +
               NOMINATIM_DATABASE_WEBUSER=nominatim-api \

     

       107
       107
       +
               NOMINATIM_IMPORT_STYLE=admin \

     

       108
       108
       +
               nominatim import --continue import-from-file --osm-file ${osmData}

     

       109
       109
       +
           """)

     

       110
       110
       +
           nominatim.succeed("systemctl restart nominatim.service")

     

       111
       111
       +
       

     

       112
       112
       +
           # Test CLI

     

       113
       113
       +
           nominatim.succeed("sudo -u nominatim-api nominatim search --query Andorra")

     

       114
       114
       +
       

     

       115
       115
       +
           # Test web API

     

       116
       116
       +
           nominatim.succeed("curl 'http://localhost/status' | grep OK")

     

       117
       117
       +
       

     

       118
       118
       +
           nominatim.succeed("""

     

       119
       119
       +
             curl "http://localhost/search?q=Andorra&format=geojson" | grep "Andorra"

     

       120
       120
       +
             curl "http://localhost/reverse?lat=42.5407167&lon=1.5732033&format=geojson"

     

       121
       121
       +
           """)

     

       122
       122
       +
       

     

       123
       123
       +
           # Test UI

     

       124
       124
       +
           nominatim.succeed("""

     

       125
       125
       +
             curl "http://localhost/ui/search.html" \

     

       126
       126
       +
             | grep "<title>Nominatim Demo</title>"

     

       127
       127
       +
           """)

     

       128
       128
       +
       

     

       129
       129
       +
       

     

       130
       130
       +
           # Test api host

     

       131
       131
       +
           api.start()

     

       132
       132
       +
           api.wait_for_unit("nominatim.service")

     

       133
       133
       +
       

     

       134
       134
       +
           # Test web API

     

       135
       135
       +
           api.succeed("""

     

       136
       136
       +
             curl "http://localhost/search?q=Andorra&format=geojson" | grep "Andorra"

     

       137
       137
       +
             curl "http://localhost/reverse?lat=42.5407167&lon=1.5732033&format=geojson"

     

       138
       138
       +
           """)

     

       139
       139
       +
       

     

       140
       140
       +
       

     

       141
       141
       +
           # Test format rewrites

     

       142
       142
       +
           # Redirect / to search

     

       143
       143
       +
           nominatim.succeed("""

     

       144
       144
       +
             curl --verbose "http://localhost" 2>&1 \

     

       145
       145
       +
             | grep "Location: http://localhost/ui/search.html"

     

       146
       146
       +
           """)

     

       147
       147
       +
       

     

       148
       148
       +
           # Return text by default

     

       149
       149
       +
           nominatim.succeed("""

     

       150
       150
       +
             curl --verbose "http://localhost/status" 2>&1 \

     

       151
       151
       +
             | grep "Content-Type: text/plain"

     

       152
       152
       +
           """)

     

       153
       153
       +
       

     

       154
       154
       +
           # Return JSON by default

     

       155
       155
       +
           nominatim.succeed("""

     

       156
       156
       +
             curl --verbose "http://localhost/search?q=Andorra" 2>&1 \

     

       157
       157
       +
             | grep "Content-Type: application/json"

     

       158
       158
       +
           """)

     

       159
       159
       +
       

     

       160
       160
       +
           # Return XML by default

     

       161
       161
       +
           nominatim.succeed("""

     

       162
       162
       +
             curl --verbose "http://localhost/lookup" 2>&1 \

     

       163
       163
       +
             | grep "Content-Type: text/xml"

     

       164
       164
       +
       

     

       165
       165
       +
             curl --verbose "http://localhost/reverse?lat=0&lon=0" 2>&1 \

     

       166
       166
       +
             | grep "Content-Type: text/xml"

     

       167
       167
       +
           """)

     

       168
       168
       +
       

     

       169
       169
       +
           # Redirect explicitly requested HTML format

     

       170
       170
       +
           nominatim.succeed("""

     

       171
       171
       +
             curl --verbose "http://localhost/search?format=html" 2>&1 \

     

       172
       172
       +
             | grep "Location: http://localhost/ui/search.html"

     

       173
       173
       +
       

     

       174
       174
       +
             curl --verbose "http://localhost/reverse?format=html" 2>&1 \

     

       175
       175
       +
             | grep "Location: http://localhost/ui/reverse.html"

     

       176
       176
       +
           """)

     

       177
       177
       +
       

     

       178
       178
       +
           # Return explicitly requested JSON format

     

       179
       179
       +
           nominatim.succeed("""

     

       180
       180
       +
             curl --verbose "http://localhost/search?format=json" 2>&1 \

     

       181
       181
       +
             | grep "Content-Type: application/json"

     

       182
       182
       +
       

     

       183
       183
       +
             curl --verbose "http://localhost/reverse?format=json" 2>&1 \

     

       184
       184
       +
             | grep "Content-Type: application/json"

     

       185
       185
       +
           """)

     

       186
       186
       +
         '';

     

       187
       187
       +
       }

+72

nixos/tests/optee.nix

···

       1
       1
       +
       import ./make-test-python.nix (

     

       2
       2
       +
         { pkgs, lib, ... }:

     

       3
       3
       +
         {

     

       4
       4
       +
           name = "optee";

     

       5
       5
       +
       

     

       6
       6
       +
           meta = with pkgs.lib.maintainers; {

     

       7
       7
       +
             maintainers = [ jmbaur ];

     

       8
       8
       +
           };

     

       9
       9
       +
       

     

       10
       10
       +
           nodes.machine =

     

       11
       11
       +
             { config, pkgs, ... }:

     

       12
       12
       +
             let

     

       13
       13
       +
               inherit (pkgs) armTrustedFirmwareQemu opteeQemuAarch64 ubootQemuAarch64;

     

       14
       14
       +
       

     

       15
       15
       +
               # Default environment for qemu-arm64 uboot does not work well with

     

       16
       16
       +
               # large nixos kernel/initrds.

     

       17
       17
       +
               uboot = ubootQemuAarch64.overrideAttrs (old: {

     

       18
       18
       +
                 postPatch =

     

       19
       19
       +
                   (old.postPatch or "")

     

       20
       20
       +
                   + ''

     

       21
       21
       +
                     substituteInPlace board/emulation/qemu-arm/qemu-arm.env \

     

       22
       22
       +
                       --replace-fail "ramdisk_addr_r=0x44000000" "ramdisk_addr_r=0x46000000"

     

       23
       23
       +
                   '';

     

       24
       24
       +
               });

     

       25
       25
       +
       

     

       26
       26
       +
               bios = armTrustedFirmwareQemu.override {

     

       27
       27
       +
                 extraMakeFlags = [

     

       28
       28
       +
                   "SPD=opteed"

     

       29
       29
       +
                   "BL32=${opteeQemuAarch64}/tee-header_v2.bin"

     

       30
       30
       +
                   "BL32_EXTRA1=${opteeQemuAarch64}/tee-pager_v2.bin"

     

       31
       31
       +
                   "BL32_EXTRA2=${opteeQemuAarch64}/tee-pageable_v2.bin"

     

       32
       32
       +
                   "BL33=${uboot}/u-boot.bin"

     

       33
       33
       +
                   "all"

     

       34
       34
       +
                   "fip"

     

       35
       35
       +
                 ];

     

       36
       36
       +
                 filesToInstall = [

     

       37
       37
       +
                   "build/qemu/release/bl1.bin"

     

       38
       38
       +
                   "build/qemu/release/fip.bin"

     

       39
       39
       +
                 ];

     

       40
       40
       +
                 postInstall = ''

     

       41
       41
       +
                   dd if=$out/bl1.bin of=$out/bios.bin bs=4096 conv=notrunc

     

       42
       42
       +
                   dd if=$out/fip.bin of=$out/bios.bin seek=64 bs=4096 conv=notrunc

     

       43
       43
       +
                 '';

     

       44
       44
       +
               };

     

       45
       45
       +
             in

     

       46
       46
       +
             {

     

       47
       47
       +
               virtualisation = {

     

       48
       48
       +
                 inherit bios;

     

       49
       49
       +
                 cores = 2;

     

       50
       50
       +
                 qemu.options = [

     

       51
       51
       +
                   "-machine virt,secure=on,accel=tcg,gic-version=2"

     

       52
       52
       +
                   "-cpu cortex-a57"

     

       53
       53
       +
                 ];

     

       54
       54
       +
               };

     

       55
       55
       +
       

     

       56
       56
       +
               # VM boots up via qfw

     

       57
       57
       +
               boot.loader.grub.enable = false;

     

       58
       58
       +
       

     

       59
       59
       +
               services.tee-supplicant = {

     

       60
       60
       +
                 enable = true;

     

       61
       61
       +
                 # pkcs11 trusted application

     

       62
       62
       +
                 trustedApplications = [ "${opteeQemuAarch64.devkit}/ta/fd02c9da-306c-48c7-a49c-bbd827ae86ee.ta" ];

     

       63
       63
       +
               };

     

       64
       64
       +
             };

     

       65
       65
       +
           testScript = ''

     

       66
       66
       +
             machine.wait_for_unit("tee-supplicant.service")

     

       67
       67
       +
             out = machine.succeed("${pkgs.opensc}/bin/pkcs11-tool --module ${lib.getLib pkgs.optee-client}/lib/libckteec.so --list-token-slots")

     

       68
       68
       +
             if out.find("OP-TEE PKCS11 TA") < 0:

     

       69
       69
       +
                 raise Exception("optee pkcs11 token not found")

     

       70
       70
       +
           '';

     

       71
       71
       +
         }

     

       72
       72
       +
       )

+13 -16

nixos/tests/stunnel.nix

···

       1
       1
       -
       {

     

       2
       2
       -
         system ? builtins.currentSystem,

     

       3
       3
       -
         config ? { },

     

       4
       4
       -
         pkgs ? import ../.. { inherit system config; },

     

       5
       5
       -
       }:

     

       6
       6
       -
       

     

       7
       7
       -
       with import ../lib/testing-python.nix { inherit system pkgs; };

     

       8
       8
       -
       with pkgs.lib;

     

       1
       1
       +
       { runTest }:

     

       9
       2
        
       

     

       10
       3
        
       let

     

       11
       4
        
         stunnelCommon = {

     
···

       20
       13
        
           };

     

       21
       14
        
         };

     

       22
       15
        
         makeCert =

     

       23
       23
       -
           { config, pkgs, ... }:

     

       16
       16
       +
           {

     

       17
       17
       +
             config,

     

       18
       18
       +
             lib,

     

       19
       19
       +
             pkgs,

     

       20
       20
       +
             ...

     

       21
       21
       +
           }:

     

       24
       22
        
           {

     

       25
       23
        
             systemd.services.create-test-cert = {

     

       26
       24
        
               wantedBy = [ "sysinit.target" ];

     
···

       32
       30
        
               unitConfig.DefaultDependencies = false;

     

       33
       31
        
               serviceConfig.Type = "oneshot";

     

       34
       32
        
               script = ''

     

       35
       35
       -
                 ${pkgs.openssl}/bin/openssl req -batch -x509 -newkey rsa -nodes -out /test-cert.pem -keyout /test-key.pem -subj /CN=${config.networking.hostName}

     

       33
       33
       +
                 ${lib.getExe pkgs.openssl} req -batch -x509 -newkey rsa -nodes -out /test-cert.pem -keyout /test-key.pem -subj /CN=${config.networking.hostName}

     

       36
       34
        
                 ( umask 077; cat /test-key.pem /test-cert.pem > /test-key-and-cert.pem )

     

       37
       35
        
                 chown stunnel /test-key.pem /test-key-and-cert.pem

     

       38
       36
        
               '';

     

       39
       37
        
             };

     

       40
       38
        
           };

     

       41
       39
        
         serverCommon =

     

       42
       42
       -
           { pkgs, ... }:

     

       40
       40
       +
           { lib, pkgs, ... }:

     

       43
       41
        
           {

     

       44
       42
        
             networking.firewall.allowedTCPPorts = [ 443 ];

     

       45
       43
        
             services.stunnel.servers.https = {

     
···

       51
       49
        
               wantedBy = [ "multi-user.target" ];

     

       52
       50
        
               script = ''

     

       53
       51
        
                 cd /etc/webroot

     

       54
       54
       -
                 ${pkgs.python3}/bin/python -m http.server 80

     

       52
       52
       +
                 ${lib.getExe' pkgs.python3 "python"} -m http.server 80

     

       55
       53
        
               '';

     

       56
       54
        
             };

     

       57
       55
        
           };

     
···

       61
       59
        
           server_cert = ${src}.succeed("cat /test-cert.pem")

     

       62
       60
        
           ${dest}.succeed("echo %s > ${filename}" % quote(server_cert))

     

       63
       61
        
         '';

     

       64
       64
       -
       

     

       65
       62
        
       in

     

       66
       63
        
       {

     

       67
       67
       -
         basicServer = makeTest {

     

       64
       64
       +
         basicServer = runTest {

     

       68
       65
        
           name = "basicServer";

     

       69
       66
        
       

     

       70
       67
        
           nodes = {

     
···

       92
       89
        
           '';

     

       93
       90
        
         };

     

       94
       91
        
       

     

       95
       95
       -
         serverAndClient = makeTest {

     

       92
       92
       +
         serverAndClient = runTest {

     

       96
       93
        
           name = "serverAndClient";

     

       97
       94
        
       

     

       98
       95
        
           nodes = {

     
···

       150
       147
        
           '';

     

       151
       148
        
         };

     

       152
       149
        
       

     

       153
       153
       -
         mutualAuth = makeTest {

     

       150
       150
       +
         mutualAuth = runTest {

     

       154
       151
        
           name = "mutualAuth";

     

       155
       152
        
       

     

       156
       153
        
           nodes = rec {

+75 -75

nixos/tests/systemd-initrd-networkd.nix

···

       1
       1
       -
       {

     

       2
       2
       -
         system ? builtins.currentSystem,

     

       3
       3
       -
         config ? { },

     

       4
       4
       -
         pkgs ? import ../.. { inherit system config; },

     

       5
       5
       -
         lib ? pkgs.lib,

     

       6
       6
       -
       }:

     

       7
       7
       -
       

     

       8
       8
       -
       with import ../lib/testing-python.nix { inherit system pkgs; };

     

       1
       1
       +
       { runTest }:

     

       9
       2
        
       

     

       10
       3
        
       let

     

       11
       11
       -
         inherit (lib.maintainers) elvishjerricco;

     

       12
       12
       -
       

     

       13
       13
       -
         common = {

     

       14
       14
       -
           boot.initrd.systemd = {

     

       15
       15
       -
             enable = true;

     

       16
       16
       -
             network.wait-online.timeout = 10;

     

       17
       17
       -
             network.wait-online.anyInterface = true;

     

       18
       18
       -
             targets.network-online.requiredBy = [ "initrd.target" ];

     

       19
       19
       -
             services.systemd-networkd-wait-online.requiredBy = [ "network-online.target" ];

     

       20
       20
       -
             initrdBin = [

     

       21
       21
       -
               pkgs.iproute2

     

       22
       22
       -
               pkgs.iputils

     

       23
       23
       -
               pkgs.gnugrep

     

       24
       24
       -
             ];

     

       4
       4
       +
         common =

     

       5
       5
       +
           { pkgs, ... }:

     

       6
       6
       +
           {

     

       7
       7
       +
             boot.initrd.systemd = {

     

       8
       8
       +
               enable = true;

     

       9
       9
       +
               network.wait-online.timeout = 10;

     

       10
       10
       +
               network.wait-online.anyInterface = true;

     

       11
       11
       +
               targets.network-online.requiredBy = [ "initrd.target" ];

     

       12
       12
       +
               services.systemd-networkd-wait-online.requiredBy = [ "network-online.target" ];

     

       13
       13
       +
               initrdBin = [

     

       14
       14
       +
                 pkgs.iproute2

     

       15
       15
       +
                 pkgs.iputils

     

       16
       16
       +
                 pkgs.gnugrep

     

       17
       17
       +
               ];

     

       18
       18
       +
             };

     

       19
       19
       +
             testing.initrdBackdoor = true;

     

       20
       20
       +
             boot.initrd.network.enable = true;

     

       25
       21
        
           };

     

       26
       26
       -
           testing.initrdBackdoor = true;

     

       27
       27
       -
           boot.initrd.network.enable = true;

     

       28
       28
       -
         };

     

       29
       22
        
       

     

       30
       23
        
         mkFlushTest =

     

       31
       24
        
           flush: script:

     

       32
       32
       -
           makeTest {

     

       33
       33
       -
             name = "systemd-initrd-network-${lib.optionalString (!flush) "no-"}flush";

     

       34
       34
       -
             meta.maintainers = [ elvishjerricco ];

     

       25
       25
       +
           runTest (

     

       26
       26
       +
             { lib, ... }:

     

       27
       27
       +
             {

     

       28
       28
       +
               name = "systemd-initrd-network-${lib.optionalString (!flush) "no-"}flush";

     

       29
       29
       +
               meta.maintainers = with lib.maintainers; [ elvishjerricco ];

     

       35
       30
        
       

     

       36
       36
       -
             nodes.machine = {

     

       37
       37
       -
               imports = [ common ];

     

       31
       31
       +
               nodes.machine =

     

       32
       32
       +
                 { pkgs, ... }:

     

       33
       33
       +
                 {

     

       34
       34
       +
                   imports = [ common ];

     

       38
       35
        
       

     

       39
       39
       -
               boot.initrd.network.flushBeforeStage2 = flush;

     

       40
       40
       -
               systemd.services.check-flush = {

     

       41
       41
       -
                 requiredBy = [ "multi-user.target" ];

     

       42
       42
       -
                 before = [

     

       43
       43
       -
                   "network-pre.target"

     

       44
       44
       -
                   "multi-user.target"

     

       45
       45
       -
                   "shutdown.target"

     

       46
       46
       -
                 ];

     

       47
       47
       -
                 conflicts = [ "shutdown.target" ];

     

       48
       48
       -
                 wants = [ "network-pre.target" ];

     

       49
       49
       -
                 unitConfig.DefaultDependencies = false;

     

       50
       50
       -
                 serviceConfig.Type = "oneshot";

     

       51
       51
       -
                 path = [

     

       52
       52
       -
                   pkgs.iproute2

     

       53
       53
       -
                   pkgs.iputils

     

       54
       54
       -
                   pkgs.gnugrep

     

       55
       55
       -
                 ];

     

       56
       56
       -
                 inherit script;

     

       57
       57
       -
               };

     

       58
       58
       -
             };

     

       36
       36
       +
                   boot.initrd.network.flushBeforeStage2 = flush;

     

       37
       37
       +
                   systemd.services.check-flush = {

     

       38
       38
       +
                     requiredBy = [ "multi-user.target" ];

     

       39
       39
       +
                     before = [

     

       40
       40
       +
                       "network-pre.target"

     

       41
       41
       +
                       "multi-user.target"

     

       42
       42
       +
                       "shutdown.target"

     

       43
       43
       +
                     ];

     

       44
       44
       +
                     conflicts = [ "shutdown.target" ];

     

       45
       45
       +
                     wants = [ "network-pre.target" ];

     

       46
       46
       +
                     unitConfig.DefaultDependencies = false;

     

       47
       47
       +
                     serviceConfig.Type = "oneshot";

     

       48
       48
       +
                     path = [

     

       49
       49
       +
                       pkgs.iproute2

     

       50
       50
       +
                       pkgs.iputils

     

       51
       51
       +
                       pkgs.gnugrep

     

       52
       52
       +
                     ];

     

       53
       53
       +
                     inherit script;

     

       54
       54
       +
                   };

     

       55
       55
       +
                 };

     

       56
       56
       +
       

     

       57
       57
       +
               testScript = ''

     

       58
       58
       +
                 machine.wait_for_unit("network-online.target")

     

       59
       59
       +
                 machine.succeed(

     

       60
       60
       +
                     "ip addr | grep 10.0.2.15",

     

       61
       61
       +
                     "ping -c1 10.0.2.2",

     

       62
       62
       +
                 )

     

       63
       63
       +
                 machine.switch_root()

     

       64
       64
       +
       

     

       65
       65
       +
                 machine.wait_for_unit("multi-user.target")

     

       66
       66
       +
               '';

     

       67
       67
       +
             }

     

       68
       68
       +
           );

     

       69
       69
       +
       in

     

       70
       70
       +
       {

     

       71
       71
       +
         basic = runTest (

     

       72
       72
       +
           { lib, ... }:

     

       73
       73
       +
           {

     

       74
       74
       +
             name = "systemd-initrd-network";

     

       75
       75
       +
             meta.maintainers = with lib.maintainers; [ elvishjerricco ];

     

       76
       76
       +
       

     

       77
       77
       +
             nodes.machine = common;

     

       59
       78
        
       

     

       60
       79
        
             testScript = ''

     

       61
       80
        
               machine.wait_for_unit("network-online.target")

     
···

       65
       84
        
               )

     

       66
       85
        
               machine.switch_root()

     

       67
       86
        
       

     

       87
       87
       +
               # Make sure the systemd-network user was set correctly in initrd

     

       68
       88
        
               machine.wait_for_unit("multi-user.target")

     

       89
       89
       +
               machine.succeed("[ $(stat -c '%U,%G' /run/systemd/netif/links) = systemd-network,systemd-network ]")

     

       90
       90
       +
               machine.succeed("ip addr show >&2")

     

       91
       91
       +
               machine.succeed("ip route show >&2")

     

       69
       92
        
             '';

     

       70
       70
       -
           };

     

       71
       71
       -
       

     

       72
       72
       -
       in

     

       73
       73
       -
       {

     

       74
       74
       -
         basic = makeTest {

     

       75
       75
       -
           name = "systemd-initrd-network";

     

       76
       76
       -
           meta.maintainers = [ elvishjerricco ];

     

       77
       77
       -
       

     

       78
       78
       -
           nodes.machine = common;

     

       79
       79
       -
       

     

       80
       80
       -
           testScript = ''

     

       81
       81
       -
             machine.wait_for_unit("network-online.target")

     

       82
       82
       -
             machine.succeed(

     

       83
       83
       -
                 "ip addr | grep 10.0.2.15",

     

       84
       84
       -
                 "ping -c1 10.0.2.2",

     

       85
       85
       -
             )

     

       86
       86
       -
             machine.switch_root()

     

       87
       87
       -
       

     

       88
       88
       -
             # Make sure the systemd-network user was set correctly in initrd

     

       89
       89
       -
             machine.wait_for_unit("multi-user.target")

     

       90
       90
       -
             machine.succeed("[ $(stat -c '%U,%G' /run/systemd/netif/links) = systemd-network,systemd-network ]")

     

       91
       91
       -
             machine.succeed("ip addr show >&2")

     

       92
       92
       -
             machine.succeed("ip route show >&2")

     

       93
       93
       -
           '';

     

       94
       94
       -
         };

     

       93
       93
       +
           }

     

       94
       94
       +
         );

     

       95
       95
        
       

     

       96
       96
        
         doFlush = mkFlushTest true ''

     

       97
       97
        
           if ip addr | grep 10.0.2.15; then

+80 -82

nixos/tests/systemd-networkd-dhcpserver-static-leases.nix

···

       1
       1
        
       # In contrast to systemd-networkd-dhcpserver, this test configures

     

       2
       2
        
       # the router with a static DHCP lease for the client's MAC address.

     

       3
       3
       -
       import ./make-test-python.nix (

     

       4
       4
       -
         { lib, ... }:

     

       5
       5
       -
         {

     

       6
       6
       -
           name = "systemd-networkd-dhcpserver-static-leases";

     

       7
       7
       -
           meta = with lib.maintainers; {

     

       8
       8
       -
             maintainers = [ veehaitch ];

     

       9
       9
       -
           };

     

       10
       10
       -
           nodes = {

     

       11
       11
       -
             router = {

     

       12
       12
       -
               virtualisation.vlans = [ 1 ];

     

       13
       13
       -
               systemd.services.systemd-networkd.environment.SYSTEMD_LOG_LEVEL = "debug";

     

       14
       14
       -
               networking = {

     

       15
       15
       -
                 useNetworkd = true;

     

       16
       16
       -
                 useDHCP = false;

     

       17
       17
       -
                 firewall.enable = false;

     

       18
       18
       -
               };

     

       19
       19
       -
               systemd.network = {

     

       20
       20
       -
                 networks = {

     

       21
       21
       -
                   # systemd-networkd will load the first network unit file

     

       22
       22
       -
                   # that matches, ordered lexiographically by filename.

     

       23
       23
       -
                   # /etc/systemd/network/{40-eth1,99-main}.network already

     

       24
       24
       -
                   # exists. This network unit must be loaded for the test,

     

       25
       25
       -
                   # however, hence why this network is named such.

     

       26
       26
       -
                   "01-eth1" = {

     

       27
       27
       -
                     name = "eth1";

     

       28
       28
       -
                     networkConfig = {

     

       29
       29
       -
                       DHCPServer = true;

     

       30
       30
       -
                       Address = "10.0.0.1/24";

     

       31
       31
       -
                     };

     

       32
       32
       -
                     dhcpServerStaticLeases = [

     

       33
       33
       -
                       {

     

       34
       34
       -
                         MACAddress = "02:de:ad:be:ef:01";

     

       35
       35
       -
                         Address = "10.0.0.10";

     

       36
       36
       -
                       }

     

       37
       37
       -
                     ];

     

       3
       3
       +
       { lib, ... }:

     

       4
       4
       +
       {

     

       5
       5
       +
         name = "systemd-networkd-dhcpserver-static-leases";

     

       6
       6
       +
         meta = with lib.maintainers; {

     

       7
       7
       +
           maintainers = [ veehaitch ];

     

       8
       8
       +
         };

     

       9
       9
       +
         nodes = {

     

       10
       10
       +
           router = {

     

       11
       11
       +
             virtualisation.vlans = [ 1 ];

     

       12
       12
       +
             systemd.services.systemd-networkd.environment.SYSTEMD_LOG_LEVEL = "debug";

     

       13
       13
       +
             networking = {

     

       14
       14
       +
               useNetworkd = true;

     

       15
       15
       +
               useDHCP = false;

     

       16
       16
       +
               firewall.enable = false;

     

       17
       17
       +
             };

     

       18
       18
       +
             systemd.network = {

     

       19
       19
       +
               networks = {

     

       20
       20
       +
                 # systemd-networkd will load the first network unit file

     

       21
       21
       +
                 # that matches, ordered lexiographically by filename.

     

       22
       22
       +
                 # /etc/systemd/network/{40-eth1,99-main}.network already

     

       23
       23
       +
                 # exists. This network unit must be loaded for the test,

     

       24
       24
       +
                 # however, hence why this network is named such.

     

       25
       25
       +
                 "01-eth1" = {

     

       26
       26
       +
                   name = "eth1";

     

       27
       27
       +
                   networkConfig = {

     

       28
       28
       +
                     DHCPServer = true;

     

       29
       29
       +
                     Address = "10.0.0.1/24";

     

       38
       30
        
                   };

     

       31
       31
       +
                   dhcpServerStaticLeases = [

     

       32
       32
       +
                     {

     

       33
       33
       +
                       MACAddress = "02:de:ad:be:ef:01";

     

       34
       34
       +
                       Address = "10.0.0.10";

     

       35
       35
       +
                     }

     

       36
       36
       +
                   ];

     

       39
       37
        
                 };

     

       40
       38
        
               };

     

       41
       39
        
             };

     

       40
       40
       +
           };

     

       42
       41
        
       

     

       43
       43
       -
             client = {

     

       44
       44
       -
               virtualisation.vlans = [ 1 ];

     

       45
       45
       -
               systemd.services.systemd-networkd.environment.SYSTEMD_LOG_LEVEL = "debug";

     

       46
       46
       -
               systemd.network = {

     

       47
       47
       -
                 enable = true;

     

       48
       48
       -
                 links."10-eth1" = {

     

       49
       49
       -
                   matchConfig.OriginalName = "eth1";

     

       50
       50
       -
                   linkConfig.MACAddress = "02:de:ad:be:ef:01";

     

       51
       51
       -
                 };

     

       52
       52
       -
                 networks."40-eth1" = {

     

       53
       53
       -
                   matchConfig.Name = "eth1";

     

       54
       54
       -
                   networkConfig = {

     

       55
       55
       -
                     DHCP = "ipv4";

     

       56
       56
       -
                     IPv6AcceptRA = false;

     

       57
       57
       -
                   };

     

       58
       58
       -
                   # This setting is important to have the router assign the

     

       59
       59
       -
                   # configured lease based on the client's MAC address. Also see:

     

       60
       60
       -
                   # https://github.com/systemd/systemd/issues/21368#issuecomment-982193546

     

       61
       61
       -
                   dhcpV4Config.ClientIdentifier = "mac";

     

       62
       62
       -
                   linkConfig.RequiredForOnline = "routable";

     

       42
       42
       +
           client = {

     

       43
       43
       +
             virtualisation.vlans = [ 1 ];

     

       44
       44
       +
             systemd.services.systemd-networkd.environment.SYSTEMD_LOG_LEVEL = "debug";

     

       45
       45
       +
             systemd.network = {

     

       46
       46
       +
               enable = true;

     

       47
       47
       +
               links."10-eth1" = {

     

       48
       48
       +
                 matchConfig.OriginalName = "eth1";

     

       49
       49
       +
                 linkConfig.MACAddress = "02:de:ad:be:ef:01";

     

       50
       50
       +
               };

     

       51
       51
       +
               networks."40-eth1" = {

     

       52
       52
       +
                 matchConfig.Name = "eth1";

     

       53
       53
       +
                 networkConfig = {

     

       54
       54
       +
                   DHCP = "ipv4";

     

       55
       55
       +
                   IPv6AcceptRA = false;

     

       63
       56
        
                 };

     

       64
       64
       -
               };

     

       65
       65
       -
               networking = {

     

       66
       66
       -
                 useDHCP = false;

     

       67
       67
       -
                 firewall.enable = false;

     

       68
       68
       -
                 interfaces.eth1 = lib.mkForce { };

     

       57
       57
       +
                 # This setting is important to have the router assign the

     

       58
       58
       +
                 # configured lease based on the client's MAC address. Also see:

     

       59
       59
       +
                 # https://github.com/systemd/systemd/issues/21368#issuecomment-982193546

     

       60
       60
       +
                 dhcpV4Config.ClientIdentifier = "mac";

     

       61
       61
       +
                 linkConfig.RequiredForOnline = "routable";

     

       69
       62
        
               };

     

       70
       63
        
             };

     

       64
       64
       +
             networking = {

     

       65
       65
       +
               useDHCP = false;

     

       66
       66
       +
               firewall.enable = false;

     

       67
       67
       +
               interfaces.eth1 = lib.mkForce { };

     

       68
       68
       +
             };

     

       71
       69
        
           };

     

       72
       72
       -
           testScript = ''

     

       73
       73
       -
             start_all()

     

       70
       70
       +
         };

     

       71
       71
       +
         testScript = ''

     

       72
       72
       +
           start_all()

     

       74
       73
        
       

     

       75
       75
       -
             with subtest("check router network configuration"):

     

       76
       76
       -
               router.systemctl("start systemd-networkd-wait-online.service")

     

       77
       77
       -
               router.wait_for_unit("systemd-networkd-wait-online.service")

     

       78
       78
       -
               eth1_status = router.succeed("networkctl status eth1")

     

       79
       79
       -
               assert "Network File: /etc/systemd/network/01-eth1.network" in eth1_status, \

     

       80
       80
       -
                 "The router interface eth1 is not using the expected network file"

     

       81
       81
       -
               assert "10.0.0.1" in eth1_status, "Did not find expected router IPv4"

     

       74
       74
       +
           with subtest("check router network configuration"):

     

       75
       75
       +
             router.systemctl("start systemd-networkd-wait-online.service")

     

       76
       76
       +
             router.wait_for_unit("systemd-networkd-wait-online.service")

     

       77
       77
       +
             eth1_status = router.succeed("networkctl status eth1")

     

       78
       78
       +
             assert "Network File: /etc/systemd/network/01-eth1.network" in eth1_status, \

     

       79
       79
       +
               "The router interface eth1 is not using the expected network file"

     

       80
       80
       +
             assert "10.0.0.1" in eth1_status, "Did not find expected router IPv4"

     

       82
       81
        
       

     

       83
       83
       -
             with subtest("check client network configuration"):

     

       84
       84
       -
               client.systemctl("start systemd-networkd-wait-online.service")

     

       85
       85
       -
               client.wait_for_unit("systemd-networkd-wait-online.service")

     

       86
       86
       -
               eth1_status = client.succeed("networkctl status eth1")

     

       87
       87
       -
               assert "Network File: /etc/systemd/network/40-eth1.network" in eth1_status, \

     

       88
       88
       -
                 "The client interface eth1 is not using the expected network file"

     

       89
       89
       -
               assert "10.0.0.10" in eth1_status, "Did not find expected client IPv4"

     

       82
       82
       +
           with subtest("check client network configuration"):

     

       83
       83
       +
             client.systemctl("start systemd-networkd-wait-online.service")

     

       84
       84
       +
             client.wait_for_unit("systemd-networkd-wait-online.service")

     

       85
       85
       +
             eth1_status = client.succeed("networkctl status eth1")

     

       86
       86
       +
             assert "Network File: /etc/systemd/network/40-eth1.network" in eth1_status, \

     

       87
       87
       +
               "The client interface eth1 is not using the expected network file"

     

       88
       88
       +
             assert "10.0.0.10" in eth1_status, "Did not find expected client IPv4"

     

       90
       89
        
       

     

       91
       91
       -
             with subtest("router and client can reach each other"):

     

       92
       92
       -
               client.wait_until_succeeds("ping -c 5 10.0.0.1")

     

       93
       93
       -
               router.wait_until_succeeds("ping -c 5 10.0.0.10")

     

       94
       94
       -
           '';

     

       95
       95
       -
         }

     

       96
       96
       -
       )

     

       90
       90
       +
           with subtest("router and client can reach each other"):

     

       91
       91
       +
             client.wait_until_succeeds("ping -c 5 10.0.0.1")

     

       92
       92
       +
             router.wait_until_succeeds("ping -c 5 10.0.0.10")

     

       93
       93
       +
         '';

     

       94
       94
       +
       }

+138 -126

nixos/tests/ydotool.nix

···

       1
       1
       -
       {

     

       2
       2
       -
         system ? builtins.currentSystem,

     

       3
       3
       -
         config ? { },

     

       4
       4
       -
         pkgs ? import ../.. { inherit system config; },

     

       5
       5
       -
         lib ? pkgs.lib,

     

       6
       6
       -
       }:

     

       1
       1
       +
       { runTest, lib }:

     

       7
       2
        
       let

     

       8
       8
       -
         makeTest = import ./make-test-python.nix;

     

       9
       3
        
         textInput = "This works.";

     

       10
       4
        
         inputBoxText = "Enter input";

     

       11
       11
       -
         inputBox = pkgs.writeShellScript "zenity-input" ''

     

       12
       12
       -
           ${lib.getExe pkgs.zenity} --entry --text '${inputBoxText}:' > /tmp/output &

     

       13
       13
       -
         '';

     

       5
       5
       +
         inputBox =

     

       6
       6
       +
           pkgs:

     

       7
       7
       +
           pkgs.writeShellScript "zenity-input" ''

     

       8
       8
       +
             ${lib.getExe pkgs.zenity} --entry --text '${inputBoxText}:' > /tmp/output &

     

       9
       9
       +
           '';

     

       14
       10
        
         asUser = ''

     

       15
       11
        
           def as_user(cmd: str):

     

       16
       12
        
               """

     
···

       20
       16
        
         '';

     

       21
       17
        
       in

     

       22
       18
        
       {

     

       23
       23
       -
         headless = makeTest {

     

       24
       24
       -
           name = "headless";

     

       19
       19
       +
         headless = runTest (

     

       20
       20
       +
           { lib, ... }:

     

       21
       21
       +
           {

     

       22
       22
       +
             name = "headless";

     

       25
       23
        
       

     

       26
       26
       -
           enableOCR = true;

     

       24
       24
       +
             enableOCR = true;

     

       27
       25
        
       

     

       28
       28
       -
           nodes.machine = {

     

       29
       29
       -
             imports = [ ./common/user-account.nix ];

     

       26
       26
       +
             nodes.machine = {

     

       27
       27
       +
               imports = [ ./common/user-account.nix ];

     

       30
       28
        
       

     

       31
       31
       -
             users.users.alice.extraGroups = [ "ydotool" ];

     

       29
       29
       +
               users.users.alice.extraGroups = [ "ydotool" ];

     

       32
       30
        
       

     

       33
       33
       -
             programs.ydotool.enable = true;

     

       31
       31
       +
               programs.ydotool.enable = true;

     

       34
       32
        
       

     

       35
       35
       -
             services.getty.autologinUser = "alice";

     

       36
       36
       -
           };

     

       33
       33
       +
               services.getty.autologinUser = "alice";

     

       34
       34
       +
             };

     

       37
       35
        
       

     

       38
       38
       -
           testScript =

     

       39
       39
       -
             asUser

     

       40
       40
       -
             + ''

     

       41
       41
       -
               start_all()

     

       36
       36
       +
             testScript =

     

       37
       37
       +
               asUser

     

       38
       38
       +
               + ''

     

       39
       39
       +
                 start_all()

     

       42
       40
        
       

     

       43
       43
       -
               machine.wait_for_unit("multi-user.target")

     

       44
       44
       -
               machine.wait_for_text("alice")

     

       45
       45
       -
               machine.succeed(as_user("ydotool type 'echo ${textInput} > /tmp/output'")) # text input

     

       46
       46
       -
               machine.succeed(as_user("ydotool key 28:1 28:0")) # text input

     

       47
       47
       -
               machine.screenshot("headless_input")

     

       48
       48
       -
               machine.wait_for_file("/tmp/output")

     

       49
       49
       -
               machine.wait_until_succeeds("grep '${textInput}' /tmp/output") # text input

     

       50
       50
       -
             '';

     

       41
       41
       +
                 machine.wait_for_unit("multi-user.target")

     

       42
       42
       +
                 machine.wait_for_text("alice")

     

       43
       43
       +
                 machine.succeed(as_user("ydotool type 'echo ${textInput} > /tmp/output'")) # text input

     

       44
       44
       +
                 machine.succeed(as_user("ydotool key 28:1 28:0")) # text input

     

       45
       45
       +
                 machine.screenshot("headless_input")

     

       46
       46
       +
                 machine.wait_for_file("/tmp/output")

     

       47
       47
       +
                 machine.wait_until_succeeds("grep '${textInput}' /tmp/output") # text input

     

       48
       48
       +
               '';

     

       51
       49
        
       

     

       52
       52
       -
           meta.maintainers = with lib.maintainers; [

     

       53
       53
       -
             OPNA2608

     

       54
       54
       -
             quantenzitrone

     

       55
       55
       -
           ];

     

       56
       56
       -
         };

     

       50
       50
       +
             meta.maintainers = with lib.maintainers; [

     

       51
       51
       +
               OPNA2608

     

       52
       52
       +
               quantenzitrone

     

       53
       53
       +
             ];

     

       54
       54
       +
           }

     

       55
       55
       +
         );

     

       57
       56
        
       

     

       58
       58
       -
         x11 = makeTest {

     

       59
       59
       -
           name = "x11";

     

       57
       57
       +
         x11 = runTest (

     

       58
       58
       +
           { config, lib, ... }:

     

       59
       59
       +
           {

     

       60
       60
       +
             name = "x11";

     

       60
       61
        
       

     

       61
       61
       -
           enableOCR = true;

     

       62
       62
       +
             enableOCR = true;

     

       62
       63
        
       

     

       63
       63
       -
           nodes.machine = {

     

       64
       64
       -
             imports = [

     

       65
       65
       -
               ./common/user-account.nix

     

       66
       66
       -
               ./common/auto.nix

     

       67
       67
       -
               ./common/x11.nix

     

       68
       68
       -
             ];

     

       64
       64
       +
             nodes.machine =

     

       65
       65
       +
               { lib, ... }:

     

       66
       66
       +
               {

     

       67
       67
       +
                 imports = [

     

       68
       68
       +
                   ./common/user-account.nix

     

       69
       69
       +
                   ./common/auto.nix

     

       70
       70
       +
                   ./common/x11.nix

     

       71
       71
       +
                 ];

     

       69
       72
        
       

     

       70
       70
       -
             users.users.alice.extraGroups = [ "ydotool" ];

     

       73
       73
       +
                 users.users.alice.extraGroups = [ "ydotool" ];

     

       71
       74
        
       

     

       72
       72
       -
             programs.ydotool.enable = true;

     

       75
       75
       +
                 programs.ydotool.enable = true;

     

       73
       76
        
       

     

       74
       74
       -
             test-support.displayManager.auto = {

     

       75
       75
       -
               enable = true;

     

       76
       76
       -
               user = "alice";

     

       77
       77
       -
             };

     

       77
       77
       +
                 test-support.displayManager.auto = {

     

       78
       78
       +
                   enable = true;

     

       79
       79
       +
                   user = "alice";

     

       80
       80
       +
                 };

     

       78
       81
        
       

     

       79
       79
       -
             services.xserver.windowManager.dwm.enable = true;

     

       80
       80
       -
             services.displayManager.defaultSession = lib.mkForce "none+dwm";

     

       81
       81
       -
           };

     

       82
       82
       +
                 services.xserver.windowManager.dwm.enable = true;

     

       83
       83
       +
                 services.displayManager.defaultSession = lib.mkForce "none+dwm";

     

       84
       84
       +
               };

     

       82
       85
        
       

     

       83
       83
       -
           testScript =

     

       84
       84
       -
             asUser

     

       85
       85
       -
             + ''

     

       86
       86
       -
               start_all()

     

       86
       86
       +
             testScript =

     

       87
       87
       +
               asUser

     

       88
       88
       +
               + ''

     

       89
       89
       +
                 start_all()

     

       87
       90
        
       

     

       88
       88
       -
               machine.wait_for_x()

     

       89
       89
       -
               machine.execute(as_user("${inputBox}"))

     

       90
       90
       -
               machine.wait_for_text("${inputBoxText}")

     

       91
       91
       -
               machine.succeed(as_user("ydotool type '${textInput}'")) # text input

     

       92
       92
       -
               machine.screenshot("x11_input")

     

       93
       93
       -
               machine.succeed(as_user("ydotool mousemove -a 400 110")) # mouse input

     

       94
       94
       -
               machine.succeed(as_user("ydotool click 0xC0")) # mouse input

     

       95
       95
       -
               machine.wait_for_file("/tmp/output")

     

       96
       96
       -
               machine.wait_until_succeeds("grep '${textInput}' /tmp/output") # text input

     

       97
       97
       -
             '';

     

       91
       91
       +
                 machine.wait_for_x()

     

       92
       92
       +
                 machine.execute(as_user("${inputBox config.node.pkgs}"))

     

       93
       93
       +
                 machine.wait_for_text("${inputBoxText}")

     

       94
       94
       +
                 machine.succeed(as_user("ydotool type '${textInput}'")) # text input

     

       95
       95
       +
                 machine.screenshot("x11_input")

     

       96
       96
       +
                 machine.succeed(as_user("ydotool mousemove -a 400 110")) # mouse input

     

       97
       97
       +
                 machine.succeed(as_user("ydotool click 0xC0")) # mouse input

     

       98
       98
       +
                 machine.wait_for_file("/tmp/output")

     

       99
       99
       +
                 machine.wait_until_succeeds("grep '${textInput}' /tmp/output") # text input

     

       100
       100
       +
               '';

     

       98
       101
        
       

     

       99
       99
       -
           meta.maintainers = with lib.maintainers; [

     

       100
       100
       -
             OPNA2608

     

       101
       101
       -
             quantenzitrone

     

       102
       102
       -
           ];

     

       103
       103
       -
         };

     

       102
       102
       +
             meta.maintainers = with lib.maintainers; [

     

       103
       103
       +
               OPNA2608

     

       104
       104
       +
               quantenzitrone

     

       105
       105
       +
             ];

     

       106
       106
       +
           }

     

       107
       107
       +
         );

     

       104
       108
        
       

     

       105
       105
       -
         wayland = makeTest {

     

       106
       106
       -
           name = "wayland";

     

       109
       109
       +
         wayland = runTest (

     

       110
       110
       +
           { lib, ... }:

     

       111
       111
       +
           {

     

       112
       112
       +
             name = "wayland";

     

       107
       113
        
       

     

       108
       108
       -
           enableOCR = true;

     

       114
       114
       +
             enableOCR = true;

     

       109
       115
        
       

     

       110
       110
       -
           nodes.machine = {

     

       111
       111
       -
             imports = [ ./common/user-account.nix ];

     

       116
       116
       +
             nodes.machine =

     

       117
       117
       +
               { pkgs, ... }:

     

       118
       118
       +
               {

     

       119
       119
       +
                 imports = [ ./common/user-account.nix ];

     

       112
       120
        
       

     

       113
       113
       -
             services.cage = {

     

       114
       114
       -
               enable = true;

     

       115
       115
       -
               user = "alice";

     

       116
       116
       -
             };

     

       121
       121
       +
                 services.cage = {

     

       122
       122
       +
                   enable = true;

     

       123
       123
       +
                   user = "alice";

     

       124
       124
       +
                 };

     

       117
       125
        
       

     

       118
       118
       -
             programs.ydotool.enable = true;

     

       126
       126
       +
                 programs.ydotool.enable = true;

     

       119
       127
        
       

     

       120
       120
       -
             services.cage.program = inputBox;

     

       121
       121
       -
           };

     

       128
       128
       +
                 services.cage.program = inputBox pkgs;

     

       129
       129
       +
               };

     

       122
       130
        
       

     

       123
       123
       -
           testScript = ''

     

       124
       124
       -
             start_all()

     

       131
       131
       +
             testScript = ''

     

       132
       132
       +
               start_all()

     

       125
       133
        
       

     

       126
       126
       -
             machine.wait_for_unit("graphical.target")

     

       127
       127
       -
             machine.wait_for_text("${inputBoxText}")

     

       128
       128
       -
             machine.succeed("ydotool type '${textInput}'") # text input

     

       129
       129
       -
             machine.screenshot("wayland_input")

     

       130
       130
       -
             machine.succeed("ydotool mousemove -a 100 100") # mouse input

     

       131
       131
       -
             machine.succeed("ydotool click 0xC0") # mouse input

     

       132
       132
       -
             machine.wait_for_file("/tmp/output")

     

       133
       133
       -
             machine.wait_until_succeeds("grep '${textInput}' /tmp/output") # text input

     

       134
       134
       -
           '';

     

       134
       134
       +
               machine.wait_for_unit("graphical.target")

     

       135
       135
       +
               machine.wait_for_text("${inputBoxText}")

     

       136
       136
       +
               machine.succeed("ydotool type '${textInput}'") # text input

     

       137
       137
       +
               machine.screenshot("wayland_input")

     

       138
       138
       +
               machine.succeed("ydotool mousemove -a 100 100") # mouse input

     

       139
       139
       +
               machine.succeed("ydotool click 0xC0") # mouse input

     

       140
       140
       +
               machine.wait_for_file("/tmp/output")

     

       141
       141
       +
               machine.wait_until_succeeds("grep '${textInput}' /tmp/output") # text input

     

       142
       142
       +
             '';

     

       135
       143
        
       

     

       136
       136
       -
           meta.maintainers = with lib.maintainers; [

     

       137
       137
       -
             OPNA2608

     

       138
       138
       -
             quantenzitrone

     

       139
       139
       -
           ];

     

       140
       140
       -
         };

     

       144
       144
       +
             meta.maintainers = with lib.maintainers; [

     

       145
       145
       +
               OPNA2608

     

       146
       146
       +
               quantenzitrone

     

       147
       147
       +
             ];

     

       148
       148
       +
           }

     

       149
       149
       +
         );

     

       141
       150
        
       

     

       142
       151
        
         customGroup =

     

       143
       152
        
           let

     
···

       147
       156
        
             outsideGroupUsername = "other-user";

     

       148
       157
        
             groupName = "custom-group";

     

       149
       158
        
           in

     

       150
       150
       -
           makeTest {

     

       151
       151
       -
             inherit name;

     

       159
       159
       +
           runTest (

     

       160
       160
       +
             { lib, ... }:

     

       161
       161
       +
             {

     

       162
       162
       +
               inherit name;

     

       152
       163
        
       

     

       153
       153
       -
             nodes."${nodeName}" = {

     

       154
       154
       -
               programs.ydotool = {

     

       155
       155
       -
                 enable = true;

     

       156
       156
       -
                 group = groupName;

     

       157
       157
       -
               };

     

       164
       164
       +
               nodes."${nodeName}" = {

     

       165
       165
       +
                 programs.ydotool = {

     

       166
       166
       +
                   enable = true;

     

       167
       167
       +
                   group = groupName;

     

       168
       168
       +
                 };

     

       158
       169
        
       

     

       159
       159
       -
               users.users = {

     

       160
       160
       -
                 "${insideGroupUsername}" = {

     

       161
       161
       -
                   isNormalUser = true;

     

       162
       162
       -
                   extraGroups = [ groupName ];

     

       170
       170
       +
                 users.users = {

     

       171
       171
       +
                   "${insideGroupUsername}" = {

     

       172
       172
       +
                     isNormalUser = true;

     

       173
       173
       +
                     extraGroups = [ groupName ];

     

       174
       174
       +
                   };

     

       175
       175
       +
                   "${outsideGroupUsername}".isNormalUser = true;

     

       163
       176
        
                 };

     

       164
       164
       -
                 "${outsideGroupUsername}".isNormalUser = true;

     

       165
       177
        
               };

     

       166
       166
       -
             };

     

       167
       178
        
       

     

       168
       168
       -
             testScript = ''

     

       169
       169
       -
               start_all()

     

       179
       179
       +
               testScript = ''

     

       180
       180
       +
                 start_all()

     

       170
       181
        
       

     

       171
       171
       -
               # Wait for service to start

     

       172
       172
       -
               ${nodeName}.wait_for_unit("multi-user.target")

     

       173
       173
       -
               ${nodeName}.wait_for_unit("ydotoold.service")

     

       182
       182
       +
                 # Wait for service to start

     

       183
       183
       +
                 ${nodeName}.wait_for_unit("multi-user.target")

     

       184
       184
       +
                 ${nodeName}.wait_for_unit("ydotoold.service")

     

       174
       185
        
       

     

       175
       175
       -
               # Verify that user with the configured group can use the service

     

       176
       176
       -
               ${nodeName}.succeed("sudo --login --user=${insideGroupUsername} ydotool type 'Hello, World!'")

     

       186
       186
       +
                 # Verify that user with the configured group can use the service

     

       187
       187
       +
                 ${nodeName}.succeed("sudo --login --user=${insideGroupUsername} ydotool type 'Hello, World!'")

     

       177
       188
        
       

     

       178
       178
       -
               # Verify that user without the configured group can't use the service

     

       179
       179
       -
               ${nodeName}.fail("sudo --login --user=${outsideGroupUsername} ydotool type 'Hello, World!'")

     

       180
       180
       -
             '';

     

       189
       189
       +
                 # Verify that user without the configured group can't use the service

     

       190
       190
       +
                 ${nodeName}.fail("sudo --login --user=${outsideGroupUsername} ydotool type 'Hello, World!'")

     

       191
       191
       +
               '';

     

       181
       192
        
       

     

       182
       182
       -
             meta.maintainers = with lib.maintainers; [ l0b0 ];

     

       183
       183
       -
           };

     

       193
       193
       +
               meta.maintainers = with lib.maintainers; [ l0b0 ];

     

       194
       194
       +
             }

     

       195
       195
       +
           );

     

       184
       196
        
       }

+7 -7

pkgs/applications/networking/browsers/chromium/info.json

···

       802
       802
        
           }

     

       803
       803
        
         },

     

       804
       804
        
         "ungoogled-chromium": {

     

       805
       805
       -
           "version": "138.0.7204.96",

     

       805
       805
       +
           "version": "138.0.7204.100",

     

       806
       806
        
           "deps": {

     

       807
       807
        
             "depot_tools": {

     

       808
       808
        
               "rev": "a8900cc0f023d6a662eb66b317e8ddceeb113490",

     
···

       813
       813
        
               "hash": "sha256-UB9a7Fr1W0yYld6WbXyRR8dFqWsj/zx4KumDZ5JQKSM="

     

       814
       814
        
             },

     

       815
       815
        
             "ungoogled-patches": {

     

       816
       816
       -
               "rev": "138.0.7204.96-1",

     

       817
       817
       -
               "hash": "sha256-tOQSvdwK3lMN/7l23rbw7txJ/ovRguSXe9oMeol63Cs="

     

       816
       816
       +
               "rev": "138.0.7204.100-1",

     

       817
       817
       +
               "hash": "sha256-zIBOQlW8UAE7n8x6R5LLjiNUquLOiTPvyxx4sM9r85Y="

     

       818
       818
        
             },

     

       819
       819
        
             "npmHash": "sha256-8d5VTHutv51libabhxv7SqPRcHfhVmGDSOvTSv013rE="

     

       820
       820
        
           },

     

       821
       821
        
           "DEPS": {

     

       822
       822
        
             "src": {

     

       823
       823
        
               "url": "https://chromium.googlesource.com/chromium/src.git",

     

       824
       824
       -
               "rev": "f01343ee86bdb55cc999f82381f038cdbf20db62",

     

       825
       825
       -
               "hash": "sha256-9Ryxv2DvnIKVk4ZvjXegubFDUNzJ3YXGPuYHlntC3RU=",

     

       824
       824
       +
               "rev": "5f45b4744e3d5ba82c2ca6d942f1e7a516110752",

     

       825
       825
       +
               "hash": "sha256-bI75IXPl6YeauK2oTnUURh1ch1H7KKw/QzKYZ/q6htI=",

     

       826
       826
        
               "recompress": true

     

       827
       827
        
             },

     

       828
       828
        
             "src/third_party/clang-format/script": {

     
···

       1047
       1047
        
             },

     

       1048
       1048
        
             "src/third_party/devtools-frontend/src": {

     

       1049
       1049
        
               "url": "https://chromium.googlesource.com/devtools/devtools-frontend",

     

       1050
       1050
       -
               "rev": "f8dfe8b36e516cef8a5a169e88d16480d8abdc68",

     

       1051
       1051
       -
               "hash": "sha256-7ygnGBAeiLxwbTx5s7LRs9+ZOe06tr8VFcSY5cVHnS4="

     

       1050
       1050
       +
               "rev": "a6dbe06dafbad00ef4b0ea139ece1a94a5e2e6d8",

     

       1051
       1051
       +
               "hash": "sha256-XkyJFRxo3ZTBGfKdTwSIo14SLNPQAKQvY4lEX03j6LM="

     

       1052
       1052
        
             },

     

       1053
       1053
        
             "src/third_party/dom_distiller_js/dist": {

     

       1054
       1054
        
               "url": "https://chromium.googlesource.com/chromium/dom-distiller/dist.git",

pkgs/build-support/dart/build-dart-application/default.nix

···

       101
       101
        
           } // sdkSourceBuilders;

     

       102
       102
        
         };

     

       103
       103
        
         packageConfig = generators.linkPackageConfig {

     

       104
       104
       +
           inherit pubspecLock;

     

       104
       105
        
           packageConfig = pub2nix.generatePackageConfig {

     

       105
       106
        
             pname = if args.pname != null then "${args.pname}-${args.version}" else null;

     

       106
       107

+20 -7

pkgs/build-support/dart/build-dart-application/generators.nix

···

       49
       49
        
         # Adds the root package to a dependency package_config.json file from pub2nix.

     

       50
       50
        
         linkPackageConfig =

     

       51
       51
        
           {

     

       52
       52
       +
             pubspecLock,

     

       52
       53
        
             packageConfig,

     

       53
       54
        
             extraSetupCommands ? "",

     

       54
       55
        
           }:

     
···

       67
       68
        
       

     

       68
       69
        
               dontBuild = true;

     

       69
       70
        
       

     

       70
       70
       -
               installPhase = ''

     

       71
       71
       -
                 runHook preInstall

     

       71
       71
       +
               installPhase =

     

       72
       72
       +
                 let

     

       73
       73
       +
                   m = builtins.match "^[[:space:]]*(\\^|>=|>)?[[:space:]]*([0-9]+\\.[0-9]+)\\.[0-9]+.*$" pubspecLock.sdks.dart;

     

       74
       74
       +
                   languageVersion =

     

       75
       75
       +
                     if m != null then

     

       76
       76
       +
                       (builtins.elemAt m 1)

     

       77
       77
       +
                     else if pubspecLock.sdks.dart == "any" then

     

       78
       78
       +
                       "null"

     

       79
       79
       +
                     else

     

       80
       80
       +
                       # https://github.com/dart-lang/pub/blob/15b96589066884300a30bdc356566f3398794857/lib/src/language_version.dart#L109

     

       81
       81
       +
                       "2.7";

     

       82
       82
       +
                 in

     

       83
       83
       +
                 ''

     

       84
       84
       +
                   runHook preInstall

     

       72
       85
        
       

     

       73
       73
       -
                 packageName="$(yq --raw-output .name pubspec.yaml)"

     

       74
       74
       -
                 jq --arg name "$packageName" '.packages |= . + [{ name: $name, rootUri: "../", packageUri: "lib/" }]' '${packageConfig}' > "$out"

     

       75
       75
       -
                 ${extraSetupCommands}

     

       86
       86
       +
                   packageName="$(yq --raw-output .name pubspec.yaml)"

     

       87
       87
       +
                   jq --arg name "$packageName" --arg languageVersion ${languageVersion} '.packages |= . + [{ name: $name, rootUri: "../", packageUri: "lib/", languageVersion: (if $languageVersion == "null" then null else $languageVersion end) }]' '${packageConfig}' > "$out"

     

       88
       88
       +
                   ${extraSetupCommands}

     

       76
       89
        
       

     

       77
       77
       -
                 runHook postInstall

     

       78
       78
       -
               '';

     

       90
       90
       +
                   runHook postInstall

     

       91
       91
       +
                 '';

     

       79
       92
        
             }

     

       80
       93
        
           );

     

       81
       94
        
       in

+8 -10

pkgs/build-support/fetchhg/default.nix

···

       30
       30
        
       

     

       31
       31
        
             outputHashAlgo = if finalAttrs.hash != null && finalAttrs.hash != "" then null else "sha256";

     

       32
       32
        
             outputHashMode = "recursive";

     

       33
       33
       -
             outputHash =

     

       34
       34
       -
               lib.throwIf (finalAttrs.hash != null && sha256 != null) "Only one of sha256 or hash can be set"

     

       35
       35
       -
                 (

     

       36
       36
       -
                   if finalAttrs.hash != null then

     

       37
       37
       -
                     finalAttrs.hash

     

       38
       38
       -
                   else if sha256 != null then

     

       39
       39
       -
                     sha256

     

       40
       40
       -
                   else

     

       41
       41
       -
                     ""

     

       42
       42
       -
                 );

     

       33
       33
       +
             outputHash = lib.throwIf (hash != null && sha256 != null) "Only one of sha256 or hash can be set" (

     

       34
       34
       +
               if finalAttrs.hash != null then

     

       35
       35
       +
                 finalAttrs.hash

     

       36
       36
       +
               else if sha256 != null then

     

       37
       37
       +
                 sha256

     

       38
       38
       +
               else

     

       39
       39
       +
                 ""

     

       40
       40
       +
             );

     

       43
       41
        
       

     

       44
       42
        
             inherit url rev hash;

     

       45
       43
        
             inherit preferLocalBuild;

+3 -3

pkgs/by-name/ac/act/package.nix

···

       8
       8
        
       }:

     

       9
       9
        
       

     

       10
       10
        
       let

     

       11
       11
       -
         version = "0.2.78";

     

       11
       11
       +
         version = "0.2.79";

     

       12
       12
        
       in

     

       13
       13
        
       buildGoModule {

     

       14
       14
        
         pname = "act";

     
···

       18
       18
        
           owner = "nektos";

     

       19
       19
        
           repo = "act";

     

       20
       20
        
           tag = "v${version}";

     

       21
       21
       -
           hash = "sha256-S4Ev7MszuvlsUstnjOltYnZTuhzeqP/GDqMEWsFLe5Y=";

     

       21
       21
       +
           hash = "sha256-tIp9iG8SCppg+tX/KdvAON5fKAHAlU01GSJEgvm2JSg=";

     

       22
       22
        
         };

     

       23
       23
        
       

     

       24
       24
       -
         vendorHash = "sha256-YH5SIZ73VYqg7+sSJpvqkIlBUy1rs3uNEWiEBDRdkQw=";

     

       24
       24
       +
         vendorHash = "sha256-wMtRpFUOMia7ZbuKUUkkcr2Gi88fiZydqFSVSAdiKdo=";

     

       25
       25
        
       

     

       26
       26
        
         doCheck = false;

     

       27
       27

+2 -2

pkgs/by-name/aw/aws-lc/package.nix

···

       10
       10
        
       }:

     

       11
       11
        
       stdenv.mkDerivation (finalAttrs: {

     

       12
       12
        
         pname = "aws-lc";

     

       13
       13
       -
         version = "1.53.1";

     

       13
       13
       +
         version = "1.55.0";

     

       14
       14
        
       

     

       15
       15
        
         src = fetchFromGitHub {

     

       16
       16
        
           owner = "aws";

     

       17
       17
        
           repo = "aws-lc";

     

       18
       18
        
           rev = "v${finalAttrs.version}";

     

       19
       19
       -
           hash = "sha256-1liZ1xellboNNsL7D6vqYk9sHFpWN5c0o8B1S9B5Gnc=";

     

       19
       19
       +
           hash = "sha256-Ul+PoOItv7FU7v7NkpaCrZrr/ULnI9FSv6T8ePzTMCs=";

     

       20
       20
        
         };

     

       21
       21
        
       

     

       22
       22
        
         outputs = [

+3 -3

pkgs/by-name/bi/bibiman/package.nix

···

       8
       8
        
       

     

       9
       9
        
       rustPlatform.buildRustPackage rec {

     

       10
       10
        
         pname = "bibiman";

     

       11
       11
       -
         version = "0.12.4";

     

       11
       11
       +
         version = "0.13.1";

     

       12
       12
        
       

     

       13
       13
        
         src = fetchFromGitea {

     

       14
       14
        
           domain = "codeberg.org";

     

       15
       15
        
           owner = "lukeflo";

     

       16
       16
        
           repo = "bibiman";

     

       17
       17
        
           tag = "v${version}";

     

       18
       18
       -
           hash = "sha256-6duqLBPm6GlBHm3Kr4foHF1MKodYOYKKDITk/BiX6mA=";

     

       18
       18
       +
           hash = "sha256-MdUabJQ5x3/n7dfbIjAqK9hDQ+lLNOtXknY4fTSW67Q=";

     

       19
       19
        
         };

     

       20
       20
        
       

     

       21
       21
        
         useFetchCargoVendor = true;

     

       22
       22
       -
         cargoHash = "sha256-tbgzjTsK88+G4Wxex4Tl0K5Ii99tPNud3UEDzAHaI0M=";

     

       22
       22
       +
         cargoHash = "sha256-FARk/BCssI35aS4yxUnfGoV6C3i4/a/LQcEMIKD29Ac=";

     

       23
       23
        
       

     

       24
       24
        
         nativeInstallCheckInputs = [

     

       25
       25
        
           versionCheckHook

+3 -3

pkgs/by-name/br/bruno/package.nix

···

       19
       19
        
       

     

       20
       20
        
       buildNpmPackage rec {

     

       21
       21
        
         pname = "bruno";

     

       22
       22
       -
         version = "2.6.1";

     

       22
       22
       +
         version = "2.7.0";

     

       23
       23
        
       

     

       24
       24
        
         src = fetchFromGitHub {

     

       25
       25
        
           owner = "usebruno";

     

       26
       26
        
           repo = "bruno";

     

       27
       27
        
           tag = "v${version}";

     

       28
       28
       -
           hash = "sha256-GR/TmBuZbt/8cB9gtRPgzSVnzdrB1BKhYjahfJ3ErgQ=";

     

       28
       28
       +
           hash = "sha256-qNZCLd4FixJ+I5xaIIQ9EIKfCXnPOZFGbXHkgagBbFE=";

     

       29
       29
        
       

     

       30
       30
        
           postFetch = ''

     

       31
       31
        
             ${lib.getExe npm-lockfile-fix} $out/package-lock.json

     

       32
       32
        
           '';

     

       33
       33
        
         };

     

       34
       34
        
       

     

       35
       35
       -
         npmDepsHash = "sha256-/u7xyd1+RXNN7khVOglzYGMCI+fPjyiuSF2BSZAqEtI=";

     

       35
       35
       +
         npmDepsHash = "sha256-osdjtn9jn6T1YizQM7I9cfiHvIkrZ8HRDNjsR+FS/DE=";

     

       36
       36
        
         npmFlags = [ "--legacy-peer-deps" ];

     

       37
       37
        
       

     

       38
       38
        
         nativeBuildInputs =

+2 -2

pkgs/by-name/by/byedpi/package.nix

···

       6
       6
        
       }:

     

       7
       7
        
       stdenv.mkDerivation (finalAttrs: {

     

       8
       8
        
         pname = "byedpi";

     

       9
       9
       -
         version = "0.17";

     

       9
       9
       +
         version = "0.17.1";

     

       10
       10
        
       

     

       11
       11
        
         src = fetchFromGitHub {

     

       12
       12
        
           owner = "hufrea";

     

       13
       13
        
           repo = "byedpi";

     

       14
       14
        
           tag = "v${finalAttrs.version}";

     

       15
       15
       -
           hash = "sha256-JedtEgkj21pDnNM19Oq6asI7iMIHZqf3ZolDlUDhHg8=";

     

       15
       15
       +
           hash = "sha256-an0UmsAZw5DJMuM4WpAWBVVN0ZVBpXhn0cbZ0ZbfBjo=";

     

       16
       16
        
         };

     

       17
       17
        
       

     

       18
       18
        
         installPhase = ''

+3 -3

pkgs/by-name/ca/cargo-mobile2/package.nix

···

       10
       10
        
       

     

       11
       11
        
       let

     

       12
       12
        
         pname = "cargo-mobile2";

     

       13
       13
       -
         version = "0.20.1";

     

       13
       13
       +
         version = "0.20.2";

     

       14
       14
        
       in

     

       15
       15
        
       rustPlatform.buildRustPackage {

     

       16
       16
        
         inherit pname version;

     
···

       18
       18
        
           owner = "tauri-apps";

     

       19
       19
        
           repo = "cargo-mobile2";

     

       20
       20
        
           rev = "cargo-mobile2-v${version}";

     

       21
       21
       -
           hash = "sha256-gKqGmd34nNKMc3fl5lMH09oOGnmRaMDBwsbHhAeUMBc=";

     

       21
       21
       +
           hash = "sha256-mXedzfAN40IG8ivcSa/tf/Ys/rKcwkCmxU7/ja9ec2U=";

     

       22
       22
        
         };

     

       23
       23
        
       

     

       24
       24
        
         # Manually specify the sourceRoot since this crate depends on other crates in the workspace. Relevant info at

     
···

       26
       26
        
         # sourceRoot = "${src.name}/tooling/cli";

     

       27
       27
        
       

     

       28
       28
        
         useFetchCargoVendor = true;

     

       29
       29
       -
         cargoHash = "sha256-QEZe+7/i0XygXxs7pwdS9WtYbE2pfrUuRQC0dm+WqTo=";

     

       29
       29
       +
         cargoHash = "sha256-Y1ykz7QU48AJVKBcYdrWEuNcahontkaJyFmrrh4eQs0=";

     

       30
       30
        
       

     

       31
       31
        
         preBuild = ''

     

       32
       32
        
           mkdir -p $out/share/

+4 -4

pkgs/by-name/cl/claude-code/package-lock.json

···

       6
       6
        
         "packages": {

     

       7
       7
        
           "": {

     

       8
       8
        
             "dependencies": {

     

       9
       9
       -
               "@anthropic-ai/claude-code": "^1.0.44"

     

       9
       9
       +
               "@anthropic-ai/claude-code": "^1.0.48"

     

       10
       10
        
             }

     

       11
       11
        
           },

     

       12
       12
        
           "node_modules/@anthropic-ai/claude-code": {

     

       13
       13
       -
             "version": "1.0.44",

     

       14
       14
       -
             "resolved": "https://registry.npmjs.org/@anthropic-ai/claude-code/-/claude-code-1.0.44.tgz",

     

       15
       15
       -
             "integrity": "sha512-GCX0KeMcyhLlfs/dLWlMiHShAMmjt8d7xcVUS53z7VnV6s3cIIrRPsKQ/xX/Q9rFm5dSVmRnzU88Ku28fb3QKQ==",

     

       13
       13
       +
             "version": "1.0.48",

     

       14
       14
       +
             "resolved": "https://registry.npmjs.org/@anthropic-ai/claude-code/-/claude-code-1.0.48.tgz",

     

       15
       15
       +
             "integrity": "sha512-h63VBAZZ6Pl/DlYW2PjbfUeicZ4r9VSl8dymD3d+1lZEHwCPgfMpu3g+30+FDMs79Xqc7qSDm6CRnMApxhbjqw==",

     

       16
       16
        
             "hasInstallScript": true,

     

       17
       17
        
             "license": "SEE LICENSE IN README.md",

     

       18
       18
        
             "bin": {

+3 -3

pkgs/by-name/cl/claude-code/package.nix

···

       7
       7
        
       

     

       8
       8
        
       buildNpmPackage rec {

     

       9
       9
        
         pname = "claude-code";

     

       10
       10
       -
         version = "1.0.44";

     

       10
       10
       +
         version = "1.0.48";

     

       11
       11
        
       

     

       12
       12
        
         nodejs = nodejs_20; # required for sandboxed Nix builds on Darwin

     

       13
       13
        
       

     

       14
       14
        
         src = fetchzip {

     

       15
       15
        
           url = "https://registry.npmjs.org/@anthropic-ai/claude-code/-/claude-code-${version}.tgz";

     

       16
       16
       -
           hash = "sha256-Dnooy0KNfhirTu7hv6DfwL7SHwf++CKtG8VHptNhcxU=";

     

       16
       16
       +
           hash = "sha256-nl7NGiREuFpbr0if273FfbSpjD/BG8a/uMXfYtiZgbE=";

     

       17
       17
        
         };

     

       18
       18
        
       

     

       19
       19
       -
         npmDepsHash = "sha256-Q3m4q0g/H5ZWmnMXSipRt3FUFu+SgDAJutVelQsv9ls=";

     

       19
       19
       +
         npmDepsHash = "sha256-ppsyT+VXXaIP1ncuJx1I8M6eLTk7zP1KStf5nnWSwSo=";

     

       20
       20
        
       

     

       21
       21
        
         postPatch = ''

     

       22
       22
        
           cp ${./package-lock.json} package-lock.json

+3 -3

pkgs/by-name/cl/clorinde/package.nix

···

       8
       8
        
       

     

       9
       9
        
       rustPlatform.buildRustPackage (finalAttrs: {

     

       10
       10
        
         pname = "clorinde";

     

       11
       11
       -
         version = "0.16.0";

     

       11
       11
       +
         version = "1.0.0";

     

       12
       12
        
       

     

       13
       13
        
         src = fetchFromGitHub {

     

       14
       14
        
           owner = "halcyonnouveau";

     

       15
       15
        
           repo = "clorinde";

     

       16
       16
        
           tag = "clorinde-v${finalAttrs.version}";

     

       17
       17
       -
           hash = "sha256-ze/PEML1buh3HlVgz6ifMPWfZnr6eT3VpIXf7jR68jw=";

     

       17
       17
       +
           hash = "sha256-AYoSs3rDZ5j8Xt6E4X7RmgccM3bng3rgWzVLFjhmfR0=";

     

       18
       18
        
         };

     

       19
       19
        
       

     

       20
       20
        
         useFetchCargoVendor = true;

     

       21
       21
       -
         cargoHash = "sha256-dp5m/PLVG8xUM6LCq48NKK0P8di44keB/YZ9ocfL0Bg=";

     

       21
       21
       +
         cargoHash = "sha256-hxOVocfQvBlaYh227SVLYncfVZ80bDxIvoMtthaqQqc=";

     

       22
       22
        
       

     

       23
       23
        
         cargoBuildFlags = [ "--package=clorinde" ];

     

       24
       24

+2 -2

pkgs/by-name/fa/fantomas/package.nix

···

       2
       2
        
       

     

       3
       3
        
       buildDotnetGlobalTool {

     

       4
       4
        
         pname = "fantomas";

     

       5
       5
       -
         version = "7.0.2";

     

       5
       5
       +
         version = "7.0.3";

     

       6
       6
        
       

     

       7
       7
       -
         nugetHash = "sha256-BAaENIm/ksTiXrUImRgKoIXTGIlgsX7ch6ayoFjhJXA=";

     

       7
       7
       +
         nugetHash = "sha256-0XlfV7SxXPDnk/CjkUesJSaH0cxlNHJ+Jj86zNUhkNA=";

     

       8
       8
        
       

     

       9
       9
        
         meta = with lib; {

     

       10
       10
        
           description = "F# source code formatter";

+2 -2

pkgs/by-name/gi/gitaly/package.nix

···

       7
       7
        
       }:

     

       8
       8
        
       

     

       9
       9
        
       let

     

       10
       10
       -
         version = "18.1.1";

     

       10
       10
       +
         version = "18.1.2";

     

       11
       11
        
         package_version = "v${lib.versions.major version}";

     

       12
       12
        
         gitaly_package = "gitlab.com/gitlab-org/gitaly/${package_version}";

     

       13
       13
        
       

     
···

       21
       21
        
             owner = "gitlab-org";

     

       22
       22
        
             repo = "gitaly";

     

       23
       23
        
             rev = "v${version}";

     

       24
       24
       -
             hash = "sha256-R79UV6QIEO/B7xQ3ds4scm7twHmalziksKBJ97tYVJM=";

     

       24
       24
       +
             hash = "sha256-ErA04W6rWsjSay02bst0ur1mztrdo8SW/mpGtln4unI=";

     

       25
       25
        
           };

     

       26
       26
        
       

     

       27
       27
        
           vendorHash = "sha256-BTpcnaHNyLgdAA9KqqA+mBo18fmQ0+OwLGNOPHRJ/IE=";

+3 -3

pkgs/by-name/gi/gitlab-container-registry/package.nix

···

       6
       6
        
       

     

       7
       7
        
       buildGoModule rec {

     

       8
       8
        
         pname = "gitlab-container-registry";

     

       9
       9
       -
         version = "4.23.1";

     

       9
       9
       +
         version = "4.24.0";

     

       10
       10
        
         rev = "v${version}-gitlab";

     

       11
       11
        
       

     

       12
       12
        
         # nixpkgs-update: no auto update

     
···

       14
       14
        
           owner = "gitlab-org";

     

       15
       15
        
           repo = "container-registry";

     

       16
       16
        
           inherit rev;

     

       17
       17
       -
           hash = "sha256-eCuSuQXtzd2jLJf9G8DO1KGXdT8bYGe9tcKw6BZNiiI=";

     

       17
       17
       +
           hash = "sha256-GNL7L6DKIKEgDEZQkeHNOn4R5SnWnHvNoUIs2YLjoR8=";

     

       18
       18
        
         };

     

       19
       19
        
       

     

       20
       20
       -
         vendorHash = "sha256-OrdlQp+USRf+Yc7UDjIncDpbuRu5ui6TUoYY2MMc8Ro=";

     

       20
       20
       +
         vendorHash = "sha256-zisadCxyfItD/n7VGbtbvhl8MRHiqdw0Kkrg6ebgS/8=";

     

       21
       21
        
       

     

       22
       22
        
         checkFlags =

     

       23
       23
        
           let

+2 -2

pkgs/by-name/gi/gitlab-pages/package.nix

···

       6
       6
        
       

     

       7
       7
        
       buildGoModule rec {

     

       8
       8
        
         pname = "gitlab-pages";

     

       9
       9
       -
         version = "18.1.1";

     

       9
       9
       +
         version = "18.1.2";

     

       10
       10
        
       

     

       11
       11
        
         # nixpkgs-update: no auto update

     

       12
       12
        
         src = fetchFromGitLab {

     

       13
       13
        
           owner = "gitlab-org";

     

       14
       14
        
           repo = "gitlab-pages";

     

       15
       15
        
           rev = "v${version}";

     

       16
       16
       -
           hash = "sha256-tqT+ARebnBhBHzOenkL/o7/tf4/urxKFAOFMwCQSzeA=";

     

       16
       16
       +
           hash = "sha256-XY/WK19nujQPdsicGDHS5gEZf3uJZdW41R4xK9hDML0=";

     

       17
       17
        
         };

     

       18
       18
        
       

     

       19
       19
        
         vendorHash = "sha256-6ZHKwPhC3N813kiw1NnPOMVc2CBSIClwc4MunDi0gCk=";

+6 -6

pkgs/by-name/gi/gitlab/data.json

···

       1
       1
        
       {

     

       2
       2
       -
         "version": "18.1.1",

     

       3
       3
       -
         "repo_hash": "1agw51d1qvvx6yyzz71sz4mkx04ic8hmql8lggz3x5scnhglnzjq",

     

       2
       2
       +
         "version": "18.1.2",

     

       3
       3
       +
         "repo_hash": "072ib6rc7mw9pdzql8514k4z76i1ahssyj5kypgyvf9qj4naym0b",

     

       4
       4
        
         "yarn_hash": "0c5pp3dpvw0q0nfl6w1lpdmk7dvkfinwb7z7a3vq22wgzca23x2m",

     

       5
       5
        
         "owner": "gitlab-org",

     

       6
       6
        
         "repo": "gitlab",

     

       7
       7
       -
         "rev": "v18.1.1-ee",

     

       7
       7
       +
         "rev": "v18.1.2-ee",

     

       8
       8
        
         "passthru": {

     

       9
       9
       -
           "GITALY_SERVER_VERSION": "18.1.1",

     

       10
       10
       -
           "GITLAB_PAGES_VERSION": "18.1.1",

     

       9
       9
       +
           "GITALY_SERVER_VERSION": "18.1.2",

     

       10
       10
       +
           "GITLAB_PAGES_VERSION": "18.1.2",

     

       11
       11
        
           "GITLAB_SHELL_VERSION": "14.42.0",

     

       12
       12
        
           "GITLAB_ELASTICSEARCH_INDEXER_VERSION": "5.6.0",

     

       13
       13
       -
           "GITLAB_WORKHORSE_VERSION": "18.1.1"

     

       13
       13
       +
           "GITLAB_WORKHORSE_VERSION": "18.1.2"

     

       14
       14
        
         }

     

       15
       15
        
       }

+1 -1

pkgs/by-name/gi/gitlab/gitlab-workhorse/default.nix

···

       10
       10
        
       buildGoModule rec {

     

       11
       11
        
         pname = "gitlab-workhorse";

     

       12
       12
        
       

     

       13
       13
       -
         version = "18.1.1";

     

       13
       13
       +
         version = "18.1.2";

     

       14
       14
        
       

     

       15
       15
        
         # nixpkgs-update: no auto update

     

       16
       16
        
         src = fetchFromGitLab {

+3 -1

pkgs/by-name/gi/gitlab/rubyEnv/Gemfile

···

       648
       648
        
       # KAS GRPC protocol definitions

     

       649
       649
        
       gem 'gitlab-kas-grpc', '~> 17.11.0', feature_category: :deployment_management

     

       650
       650
        
       

     

       651
       651
       -
       gem 'grpc', '~> 1.72.0', feature_category: :shared

     

       651
       651
       +
       # Lock until 1.74.0 is available

     

       652
       652
       +
       # https://gitlab.com/gitlab-com/gl-infra/production/-/issues/20067

     

       653
       653
       +
       gem 'grpc', '= 1.63.0', feature_category: :shared

     

       652
       654
        
       

     

       653
       655
        
       gem 'google-protobuf', '~> 3.25', '>= 3.25.3', feature_category: :shared

     

       654
       656

+4 -4

pkgs/by-name/gi/gitlab/rubyEnv/Gemfile.lock

···

       48
       48
        
             google-cloud-storage_transfer (~> 1.2.0)

     

       49
       49
        
             google-protobuf (~> 3.25, >= 3.25.3)

     

       50
       50
        
             googleauth (~> 1.8.1)

     

       51
       51
       -
             grpc (~> 1.72.0)

     

       51
       51
       +
             grpc (= 1.63.0)

     

       52
       52
        
             json (~> 2.7)

     

       53
       53
        
             jwt (~> 2.5)

     

       54
       54
        
             logger (~> 1.5)

     
···

       956
       956
        
             graphql (~> 2.0)

     

       957
       957
        
             html-pipeline (~> 2.14, >= 2.14.3)

     

       958
       958
        
             sass-embedded (~> 1.58)

     

       959
       959
       -
           grpc (1.72.0)

     

       960
       960
       -
             google-protobuf (>= 3.25, < 5.0)

     

       959
       959
       +
           grpc (1.63.0)

     

       960
       960
       +
             google-protobuf (~> 3.25)

     

       961
       961
        
             googleapis-common-protos-types (~> 1.0)

     

       962
       962
        
           grpc-google-iam-v1 (1.5.0)

     

       963
       963
        
             google-protobuf (~> 3.18)

     
···

       2210
       2210
        
         graphlyte (~> 1.0.0)

     

       2211
       2211
        
         graphql (= 2.4.13)

     

       2212
       2212
        
         graphql-docs (~> 5.0.0)

     

       2213
       2213
       -
         grpc (~> 1.72.0)

     

       2213
       2213
       +
         grpc (= 1.63.0)

     

       2214
       2214
        
         gssapi (~> 1.3.1)

     

       2215
       2215
        
         guard-rspec

     

       2216
       2216
        
         haml_lint (~> 0.58)

+2 -2

pkgs/by-name/gi/gitlab/rubyEnv/gemset.nix

···

       3886
       3886
        
           platforms = [ ];

     

       3887
       3887
        
           source = {

     

       3888
       3888
        
             remotes = [ "https://rubygems.org" ];

     

       3889
       3889
       -
             sha256 = "02gakdhvpl777b41i8cgkrj7gk0jlq4fza9hjksp2r7ryji0vyjn";

     

       3889
       3889
       +
             sha256 = "11ink0ayf14qgs3msn5a7dpg49vm3ck2415r64nfk1i8xv286hsz";

     

       3890
       3890
        
             type = "gem";

     

       3891
       3891
        
           };

     

       3892
       3892
       -
           version = "1.72.0";

     

       3892
       3892
       +
           version = "1.63.0";

     

       3893
       3893
        
         };

     

       3894
       3894
        
         grpc-google-iam-v1 = {

     

       3895
       3895
        
           dependencies = [

pkgs/by-name/go/go-camo/package.nix

···

       3
       3
        
         buildGo124Module,

     

       4
       4
        
         fetchFromGitHub,

     

       5
       5
        
         installShellFiles,

     

       6
       6
       +
         nixosTests,

     

       6
       7
        
         scdoc,

     

       7
       8
        
       }:

     

       8
       9
        
       

     
···

       42
       43
        
           # requires network access

     

       43
       44
        
           rm pkg/camo/proxy_{,filter_}test.go

     

       44
       45
        
         '';

     

       46
       46
       +
       

     

       47
       47
       +
         passthru.tests = {

     

       48
       48
       +
           inherit (nixosTests) go-camo;

     

       49
       49
       +
         };

     

       45
       50
        
       

     

       46
       51
        
         meta = {

     

       47
       52
        
           description = "Camo server is a special type of image proxy that proxies non-secure images over SSL/TLS";

+2 -2

pkgs/by-name/go/go-musicfox/package.nix

···

       11
       11
        
       

     

       12
       12
        
       buildGoModule rec {

     

       13
       13
        
         pname = "go-musicfox";

     

       14
       14
       -
         version = "4.6.2";

     

       14
       14
       +
         version = "4.6.3";

     

       15
       15
        
       

     

       16
       16
        
         src = fetchFromGitHub {

     

       17
       17
        
           owner = "go-musicfox";

     

       18
       18
        
           repo = "go-musicfox";

     

       19
       19
        
           rev = "v${version}";

     

       20
       20
       -
           hash = "sha256-GpzbHShQvsgPNnUjk52PSDhvmxEuJVXNXI7z8ESv6QQ=";

     

       20
       20
       +
           hash = "sha256-TxBd+Q7tEyJpcUwOWAl2U1gmdNRYrBkGCtT961/8K1E=";

     

       21
       21
        
         };

     

       22
       22
        
       

     

       23
       23
        
         deleteVendor = true;

+2 -2

pkgs/by-name/ja/janus-gateway/package.nix

···

       34
       34
        
       

     

       35
       35
        
       stdenv.mkDerivation rec {

     

       36
       36
        
         pname = "janus-gateway";

     

       37
       37
       -
         version = "1.3.1";

     

       37
       37
       +
         version = "1.3.2";

     

       38
       38
        
       

     

       39
       39
        
         src = fetchFromGitHub {

     

       40
       40
        
           owner = "meetecho";

     

       41
       41
        
           repo = "janus-gateway";

     

       42
       42
        
           rev = "v${version}";

     

       43
       43
       -
           sha256 = "sha256-Y4MdbB706aziKPxM9y/3uCKpc60dMDlV0xgugDjfa7A=";

     

       43
       43
       +
           sha256 = "sha256-FvTNe2lpDBchhVLTD+fKtwTcuqsuSEeNWcRAbLibLbc=";

     

       44
       44
        
         };

     

       45
       45
        
       

     

       46
       46
        
         nativeBuildInputs = [

+2 -2

pkgs/by-name/li/limine/package.nix

···

       42
       42
        
       # as bootloader for various platforms and corresponding binary and helper files.

     

       43
       43
        
       stdenv.mkDerivation (finalAttrs: {

     

       44
       44
        
         pname = "limine";

     

       45
       45
       -
         version = "9.3.4";

     

       45
       45
       +
         version = "9.4.0";

     

       46
       46
        
       

     

       47
       47
        
         # We don't use the Git source but the release tarball, as the source has a

     

       48
       48
        
         # `./bootstrap` script performing network access to download resources.

     

       49
       49
        
         # Packaging that in Nix is very cumbersome.

     

       50
       50
        
         src = fetchurl {

     

       51
       51
        
           url = "https://github.com/limine-bootloader/limine/releases/download/v${finalAttrs.version}/limine-${finalAttrs.version}.tar.gz";

     

       52
       52
       -
           hash = "sha256-GXArMxm7vDyUShTIM1O8/4M8h/ol/b8YcsXdodxJqeM=";

     

       52
       52
       +
           hash = "sha256-ddQB0wKMhKSnPrJflgsDfyWCzOiFehf/2CijPiVk65U=";

     

       53
       53
        
         };

     

       54
       54
        
       

     

       55
       55
        
         enableParallelBuilding = true;

+2 -2

pkgs/by-name/ll/llama-cpp/package.nix

···

       72
       72
        
       in

     

       73
       73
        
       effectiveStdenv.mkDerivation (finalAttrs: {

     

       74
       74
        
         pname = "llama-cpp";

     

       75
       75
       -
         version = "5760";

     

       75
       75
       +
         version = "5836";

     

       76
       76
        
       

     

       77
       77
        
         src = fetchFromGitHub {

     

       78
       78
        
           owner = "ggml-org";

     

       79
       79
        
           repo = "llama.cpp";

     

       80
       80
        
           tag = "b${finalAttrs.version}";

     

       81
       81
       -
           hash = "sha256-sl1lhj40c546YRuCTn6BlmS60Rd2TBKNx4TaQ0I6110=";

     

       81
       81
       +
           hash = "sha256-fo6wnwN3a4xZamwm68EVLNVfQkk+vSxgEoORQKLzdH8=";

     

       82
       82
        
           leaveDotGit = true;

     

       83
       83
        
           postFetch = ''

     

       84
       84
        
             git -C "$out" rev-parse --short HEAD > $out/COMMIT

+2 -7

pkgs/by-name/ni/nixos-rebuild-ng/src/tests/test_models.py

···

       108
       108
        
                   return_value=True,

     

       109
       109
        
               ),

     

       110
       110
        
               patch(

     

       111
       111
       -
                   "pathlib.Path.is_symlink",

     

       111
       111
       +
                   "pathlib.Path.resolve",

     

       112
       112
        
                   autospec=True,

     

       113
       113
       -
                   return_value=False,

     

       113
       113
       +
                   return_value=Path("/etc/nixos/flake.nix"),

     

       114
       114
        
               ),

     

       115
       115
        
           ):

     

       116
       116
        
               assert m.Flake.from_arg(None, None) == m.Flake(

     
···

       120
       120
        
           with (

     

       121
       121
        
               patch(

     

       122
       122
        
                   "pathlib.Path.exists",

     

       123
       123
       -
                   autospec=True,

     

       124
       124
       -
                   return_value=True,

     

       125
       125
       -
               ),

     

       126
       126
       -
               patch(

     

       127
       127
       -
                   "pathlib.Path.is_symlink",

     

       128
       123
        
                   autospec=True,

     

       129
       124
        
                   return_value=True,

     

       130
       125
        
               ),

+6 -1

pkgs/by-name/no/nominatim-ui/package.nix

···

       3
       3
        
         stdenv,

     

       4
       4
        
         fetchFromGitHub,

     

       5
       5
        
         fetchYarnDeps,

     

       6
       6
       +
         nixosTests,

     

       6
       7
        
         writableTmpDirAsHomeHook,

     

       7
       8
        
         writeText,

     

       8
       9
        
       

     
···

       10
       11
        
         nodejs,

     

       11
       12
        
         yarn,

     

       12
       13
        
       

     

       13
       13
       -
         # Custom application configuration placed to theme/config.theme.js file

     

       14
       14
       +
         # Custom application configuration placed to theme/config.theme.js file.

     

       14
       15
        
         # For the list of available configuration options see

     

       15
       16
        
         # https://github.com/osm-search/nominatim-ui/blob/master/dist/config.defaults.js

     

       16
       17
        
         customConfig ? null,

     
···

       82
       83
        
       

     

       83
       84
        
           runHook postInstall

     

       84
       85
        
         '';

     

       86
       86
       +
       

     

       87
       87
       +
         passthru.tests = {

     

       88
       88
       +
           inherit (nixosTests) nominatim;

     

       89
       89
       +
         };

     

       85
       90
        
       

     

       86
       91
        
         meta = {

     

       87
       92
        
           description = "Debugging user interface for Nominatim geocoder";

+4 -2

pkgs/by-name/no/nominatim/package.nix

···

       7
       7
        
         python3Packages,

     

       8
       8
        
       

     

       9
       9
        
         nominatim, # required for testVersion

     

       10
       10
       +
         nixosTests,

     

       10
       11
        
         testers,

     

       11
       12
        
       }:

     

       12
       13
        
       

     
···

       64
       65
        
       

     

       65
       66
        
         pythonImportsCheck = [ "nominatim_db" ];

     

       66
       67
        
       

     

       67
       67
       -
         passthru = {

     

       68
       68
       -
           tests.version = testers.testVersion { package = nominatim; };

     

       68
       68
       +
         passthru.tests = {

     

       69
       69
       +
           version = testers.testVersion { package = nominatim; };

     

       70
       70
       +
           inherit (nixosTests) nominatim;

     

       69
       71
        
         };

     

       70
       72
        
       

     

       71
       73
        
         meta = {

+72

pkgs/by-name/op/optee-client/package.nix

···

       1
       1
       +
       {

     

       2
       2
       +
         fetchFromGitHub,

     

       3
       3
       +
         isNixOS ? true,

     

       4
       4
       +
         lib,

     

       5
       5
       +
         libuuid,

     

       6
       6
       +
         pkg-config,

     

       7
       7
       +
         stdenv,

     

       8
       8
       +
         which,

     

       9
       9
       +
       }:

     

       10
       10
       +
       

     

       11
       11
       +
       stdenv.mkDerivation (finalAttrs: {

     

       12
       12
       +
         pname = "optee-client";

     

       13
       13
       +
         version = "4.6.0";

     

       14
       14
       +
       

     

       15
       15
       +
         src = fetchFromGitHub {

     

       16
       16
       +
           owner = "OP-TEE";

     

       17
       17
       +
           repo = "optee_client";

     

       18
       18
       +
           rev = finalAttrs.version;

     

       19
       19
       +
           hash = "sha256-hHEIn0WU4XfqwZbOdg9kwSDxDcvK7Tvxtelamfc3IRM=";

     

       20
       20
       +
         };

     

       21
       21
       +
       

     

       22
       22
       +
         outputs = [

     

       23
       23
       +
           "out"

     

       24
       24
       +
           "lib"

     

       25
       25
       +
           "dev"

     

       26
       26
       +
         ];

     

       27
       27
       +
       

     

       28
       28
       +
         strictDeps = true;

     

       29
       29
       +
       

     

       30
       30
       +
         enableParallelBuilding = true;

     

       31
       31
       +
       

     

       32
       32
       +
         nativeBuildInputs = [

     

       33
       33
       +
           which

     

       34
       34
       +
           pkg-config

     

       35
       35
       +
         ];

     

       36
       36
       +
         buildInputs = [ libuuid ];

     

       37
       37
       +
       

     

       38
       38
       +
         makeFlags =

     

       39
       39
       +
           [

     

       40
       40
       +
             "CROSS_COMPILE=${stdenv.cc.targetPrefix}"

     

       41
       41
       +
             "DESTDIR=$(out)"

     

       42
       42
       +
             "SBINDIR=/bin"

     

       43
       43
       +
             "INCLUDEDIR=/include"

     

       44
       44
       +
             "LIBDIR=/lib"

     

       45
       45
       +
           ]

     

       46
       46
       +
           ++

     

       47
       47
       +
           # If we are building for NixOS, change default optee config to use paths

     

       48
       48
       +
           # that will work well with NixOS.

     

       49
       49
       +
           lib.optionals isNixOS [

     

       50
       50
       +
             "CFG_TEE_CLIENT_LOAD_PATH=/run/current-system/sw/lib"

     

       51
       51
       +
             "CFG_TEE_PLUGIN_LOAD_PATH=/run/current-system/sw/lib/tee-supplicant/plugins"

     

       52
       52
       +
             "CFG_TEE_FS_PARENT_PATH=/var/lib/tee"

     

       53
       53
       +
           ];

     

       54
       54
       +
       

     

       55
       55
       +
         preFixup = ''

     

       56
       56
       +
           mkdir -p "$lib" "$dev"

     

       57
       57
       +
           mv "$out/lib" "$lib"

     

       58
       58
       +
           mv "$out/include" "$dev"

     

       59
       59
       +
         '';

     

       60
       60
       +
       

     

       61
       61
       +
         meta = {

     

       62
       62
       +
           description = "Normal world client for OPTEE OS";

     

       63
       63
       +
           homepage = "https://github.com/OP-TEE/optee_client";

     

       64
       64
       +
           changelog = "https://github.com/OP-TEE/optee_client/releases/tag/${finalAttrs.version}";

     

       65
       65
       +
           license = lib.licenses.bsd2;

     

       66
       66
       +
           maintainers = [ lib.maintainers.jmbaur ];

     

       67
       67
       +
           platforms = [

     

       68
       68
       +
             "aarch64-linux"

     

       69
       69
       +
             "armv7l-linux"

     

       70
       70
       +
           ];

     

       71
       71
       +
         };

     

       72
       72
       +
       })

+3 -3

pkgs/by-name/pi/pimsync/package.nix

···

       12
       12
        
       

     

       13
       13
        
       rustPlatform.buildRustPackage (finalAttrs: {

     

       14
       14
        
         pname = "pimsync";

     

       15
       15
       -
         version = "0.4.2";

     

       15
       15
       +
         version = "0.4.3";

     

       16
       16
        
       

     

       17
       17
        
         src = fetchFromSourcehut {

     

       18
       18
        
           owner = "~whynothugo";

     

       19
       19
        
           repo = "pimsync";

     

       20
       20
        
           rev = "v${finalAttrs.version}";

     

       21
       21
       -
           hash = "sha256-6oV9E6Q6FmCh24xT9+lsQ47GVs70sSujsn54dX6CPgY=";

     

       21
       21
       +
           hash = "sha256-VPrEY3aJKhn96oaehJ8MrrUj0XoSOMWC7APbnw6OrsQ=";

     

       22
       22
        
         };

     

       23
       23
        
       

     

       24
       24
        
         useFetchCargoVendor = true;

     

       25
       25
       -
         cargoHash = "sha256-vnBk0uojWDM9PS8v5Qda2UflmIFZ09Qp9l25qTTWGMc=";

     

       25
       25
       +
         cargoHash = "sha256-m5tg50C6DMFuBrCW9sxYfeRRZv6Sncp8X40fzaKEsi0=";

     

       26
       26
        
       

     

       27
       27
        
         PIMSYNC_VERSION = finalAttrs.version;

     

       28
       28

+35

pkgs/by-name/ru/rustical/package.nix

···

       1
       1
       +
       {

     

       2
       2
       +
         lib,

     

       3
       3
       +
         rustPlatform,

     

       4
       4
       +
         fetchFromGitHub,

     

       5
       5
       +
         pkg-config,

     

       6
       6
       +
         openssl,

     

       7
       7
       +
       }:

     

       8
       8
       +
       

     

       9
       9
       +
       rustPlatform.buildRustPackage (finalAttrs: {

     

       10
       10
       +
         pname = "rustical";

     

       11
       11
       +
         version = "0.4.11";

     

       12
       12
       +
       

     

       13
       13
       +
         src = fetchFromGitHub {

     

       14
       14
       +
           owner = "lennart-k";

     

       15
       15
       +
           repo = "rustical";

     

       16
       16
       +
           tag = "v${finalAttrs.version}";

     

       17
       17
       +
           hash = "sha256-QWuJKEc6hBA2rdbaqdhrah+WyRwVd91Y8/BIOaKlW28=";

     

       18
       18
       +
         };

     

       19
       19
       +
       

     

       20
       20
       +
         cargoHash = "sha256-dQF+6my+TxZ6niFO5OnLXcPt0LGEymaXE9NqZWU5HJk=";

     

       21
       21
       +
       

     

       22
       22
       +
         nativeBuildInputs = [ pkg-config ];

     

       23
       23
       +
         buildInputs = [ openssl ];

     

       24
       24
       +
       

     

       25
       25
       +
         env.OPENSSL_NO_VENDOR = true;

     

       26
       26
       +
       

     

       27
       27
       +
         meta = {

     

       28
       28
       +
           description = "Yet another calendar server aiming to be simple, fast and passwordless";

     

       29
       29
       +
           homepage = "https://github.com/lennart-k/rustical";

     

       30
       30
       +
           changelog = "https://github.com/lennart-k/rustical/releases/tag/v${finalAttrs.version}";

     

       31
       31
       +
           license = lib.licenses.agpl3Plus;

     

       32
       32
       +
           maintainers = with lib.maintainers; [ PopeRigby ];

     

       33
       33
       +
           mainProgram = "rustical";

     

       34
       34
       +
         };

     

       35
       35
       +
       })

+2 -2

pkgs/by-name/si/signal-export/package.nix

···

       7
       7
        
       

     

       8
       8
        
       python3.pkgs.buildPythonApplication rec {

     

       9
       9
        
         pname = "signal-export";

     

       10
       10
       -
         version = "3.5.1";

     

       10
       10
       +
         version = "3.6.0";

     

       11
       11
        
         pyproject = true;

     

       12
       12
        
       

     

       13
       13
        
         src = fetchPypi {

     

       14
       14
        
           inherit version;

     

       15
       15
        
           pname = "signal_export";

     

       16
       16
       -
           hash = "sha256-UhLWSYdJEDhZ1zI3nxhJoqeH8JfR4s9Hdp6fJ4UNROQ=";

     

       16
       16
       +
           hash = "sha256-lflRY6EC9fqgdYwQ9Incc2PJ22okZC9Juu6X7pxGJ8w=";

     

       17
       17
        
         };

     

       18
       18
        
       

     

       19
       19
        
         build-system = with python3.pkgs; [

+17 -17

pkgs/by-name/up/upbound/sources-main.json

···

       8
       8
        
         "fetchurlAttrSet": {

     

       9
       9
        
           "docker-credential-up": {

     

       10
       10
        
             "aarch64-darwin": {

     

       11
       11
       -
               "hash": "sha256-ByiFy8k6qwKXTp7iLoojUNNKhhZnbqc6ms6g+r4f9u0=",

     

       12
       12
       -
               "url": "https://cli.upbound.io/main/v0.39.0-87.g20595f83/bundle/docker-credential-up/darwin_arm64.tar.gz"

     

       11
       11
       +
               "hash": "sha256-9X6D0WI9Vru/M3oQ/yK0AJjth6MTGfxeEf5Axx2rAlc=",

     

       12
       12
       +
               "url": "https://cli.upbound.io/main/v0.39.0-115.gbdd4b5af/bundle/docker-credential-up/darwin_arm64.tar.gz"

     

       13
       13
        
             },

     

       14
       14
        
             "aarch64-linux": {

     

       15
       15
       -
               "hash": "sha256-qis91nt43HGEfuqcCH5ri/s4QiHiMrRMTinSUjQeI3o=",

     

       16
       16
       -
               "url": "https://cli.upbound.io/main/v0.39.0-87.g20595f83/bundle/docker-credential-up/linux_arm64.tar.gz"

     

       15
       15
       +
               "hash": "sha256-g7AzAp4cdJIsZ3mtkYF2MzlLHgwauFORaIkQ6mdwkuI=",

     

       16
       16
       +
               "url": "https://cli.upbound.io/main/v0.39.0-115.gbdd4b5af/bundle/docker-credential-up/linux_arm64.tar.gz"

     

       17
       17
        
             },

     

       18
       18
        
             "x86_64-darwin": {

     

       19
       19
       -
               "hash": "sha256-s2ORdd3G87Vo9I5zSZXGisjSMr0x86sCu6WOxOZBWTk=",

     

       20
       20
       -
               "url": "https://cli.upbound.io/main/v0.39.0-87.g20595f83/bundle/docker-credential-up/darwin_amd64.tar.gz"

     

       19
       19
       +
               "hash": "sha256-8F7r3o3e3Mo+GDicS+5Hg6qNz5B+Tt8OHcosHzpZUQM=",

     

       20
       20
       +
               "url": "https://cli.upbound.io/main/v0.39.0-115.gbdd4b5af/bundle/docker-credential-up/darwin_amd64.tar.gz"

     

       21
       21
        
             },

     

       22
       22
        
             "x86_64-linux": {

     

       23
       23
       -
               "hash": "sha256-5q/XactXioaOqUYwrojg5xgZg+pKjqnxR9tB8ILaaHg=",

     

       24
       24
       -
               "url": "https://cli.upbound.io/main/v0.39.0-87.g20595f83/bundle/docker-credential-up/linux_amd64.tar.gz"

     

       23
       23
       +
               "hash": "sha256-3TduM86fAb3cIFhb8SNrAFisu9RjQ7H0gtd7csJfSb0=",

     

       24
       24
       +
               "url": "https://cli.upbound.io/main/v0.39.0-115.gbdd4b5af/bundle/docker-credential-up/linux_amd64.tar.gz"

     

       25
       25
        
             }

     

       26
       26
        
           },

     

       27
       27
        
           "up": {

     

       28
       28
        
             "aarch64-darwin": {

     

       29
       29
       -
               "hash": "sha256-Rud8CPSlxl08cRjChFsZFG6Mfro8BiRWN7f2+DRwUsE=",

     

       30
       30
       -
               "url": "https://cli.upbound.io/main/v0.39.0-87.g20595f83/bundle/up/darwin_arm64.tar.gz"

     

       29
       29
       +
               "hash": "sha256-xLIdYSR+ILRY2qf5lPMroxZDvDEfDYxrz3cX4ZI0+h0=",

     

       30
       30
       +
               "url": "https://cli.upbound.io/main/v0.39.0-115.gbdd4b5af/bundle/up/darwin_arm64.tar.gz"

     

       31
       31
        
             },

     

       32
       32
        
             "aarch64-linux": {

     

       33
       33
       -
               "hash": "sha256-KN84vzXue9Tc8O9Ci/4emI7GOX8pETcVc/hpFuBJmy4=",

     

       34
       34
       -
               "url": "https://cli.upbound.io/main/v0.39.0-87.g20595f83/bundle/up/linux_arm64.tar.gz"

     

       33
       33
       +
               "hash": "sha256-nUOTdWTUJe8eyHTIF4b/00Q9J0Qb4QaAIdAz90h4yHo=",

     

       34
       34
       +
               "url": "https://cli.upbound.io/main/v0.39.0-115.gbdd4b5af/bundle/up/linux_arm64.tar.gz"

     

       35
       35
        
             },

     

       36
       36
        
             "x86_64-darwin": {

     

       37
       37
       -
               "hash": "sha256-qHN7PSqU5nK5Dh8k4HEjwTmjN/yIoJh7VBoQ/dJS3/s=",

     

       38
       38
       -
               "url": "https://cli.upbound.io/main/v0.39.0-87.g20595f83/bundle/up/darwin_amd64.tar.gz"

     

       37
       37
       +
               "hash": "sha256-qn2cfprwaLP7chMcWN+zw8+G/tHGNlJtPMX6iB9XjCY=",

     

       38
       38
       +
               "url": "https://cli.upbound.io/main/v0.39.0-115.gbdd4b5af/bundle/up/darwin_amd64.tar.gz"

     

       39
       39
        
             },

     

       40
       40
        
             "x86_64-linux": {

     

       41
       41
       -
               "hash": "sha256-mw80qJ+9CRQFFKF7bhWiEYcW1P7Jm4dqkXTN+F8erPM=",

     

       42
       42
       -
               "url": "https://cli.upbound.io/main/v0.39.0-87.g20595f83/bundle/up/linux_amd64.tar.gz"

     

       41
       41
       +
               "hash": "sha256-AAmdDWW0MmLYP5viRJ0BpXIVpmU7R6iSN5hwGm6HIuc=",

     

       42
       42
       +
               "url": "https://cli.upbound.io/main/v0.39.0-115.gbdd4b5af/bundle/up/linux_amd64.tar.gz"

     

       43
       43
        
             }

     

       44
       44
        
           }

     

       45
       45
        
         },

     
···

       49
       49
        
           "x86_64-darwin",

     

       50
       50
        
           "x86_64-linux"

     

       51
       51
        
         ],

     

       52
       52
       -
         "version": "0.39.0-87.g20595f83"

     

       52
       52
       +
         "version": "0.39.0-115.gbdd4b5af"

     

       53
       53
        
       }

+2 -2

pkgs/by-name/wi/wireless-regdb/package.nix

···

       7
       7
        
       

     

       8
       8
        
       stdenvNoCC.mkDerivation rec {

     

       9
       9
        
         pname = "wireless-regdb";

     

       10
       10
       -
         version = "2025.02.20";

     

       10
       10
       +
         version = "2025.07.10";

     

       11
       11
        
       

     

       12
       12
        
         src = fetchurl {

     

       13
       13
        
           url = "https://www.kernel.org/pub/software/network/${pname}/${pname}-${version}.tar.xz";

     

       14
       14
       -
           hash = "sha256-V/jnchz1qIDBOuDCAu27IQkqBg1F+enFm80qgnK/pFY=";

     

       14
       14
       +
           hash = "sha256-qDQLzc0bXbbHkUmHnRIrFw87sHU4FxjU9Cmtgxpvoo0=";

     

       15
       15
        
         };

     

       16
       16
        
       

     

       17
       17
        
         dontBuild = true;

+2 -2

pkgs/development/python-modules/arviz/default.nix

···

       39
       39
        
       

     

       40
       40
        
       buildPythonPackage rec {

     

       41
       41
        
         pname = "arviz";

     

       42
       42
       -
         version = "0.21.0";

     

       42
       42
       +
         version = "0.22.0";

     

       43
       43
        
         pyproject = true;

     

       44
       44
        
       

     

       45
       45
        
         src = fetchFromGitHub {

     

       46
       46
        
           owner = "arviz-devs";

     

       47
       47
        
           repo = "arviz";

     

       48
       48
        
           tag = "v${version}";

     

       49
       49
       -
           hash = "sha256-rrOvdyZE0wo3iiiQ2hHklAtLU38mXs3hLsb+Fwy9eAk=";

     

       49
       49
       +
           hash = "sha256-ZzZZKEtpVy44119H+upU36VLriZjjwPz3gqgKrL+gRI=";

     

       50
       50
        
         };

     

       51
       51
        
       

     

       52
       52
        
         build-system = [

+2 -5

pkgs/development/python-modules/mmengine/default.nix

···

       9
       9
        
       

     

       10
       10
        
         # dependencies

     

       11
       11
        
         addict,

     

       12
       12
       +
         distutils,

     

       12
       13
        
         matplotlib,

     

       13
       14
        
         numpy,

     

       14
       15
        
         opencv4,

     
···

       67
       68
        
           + ''

     

       68
       69
        
             substituteInPlace tests/test_config/test_lazy.py \

     

       69
       70
        
               --replace-fail "import numpy.compat" ""

     

       70
       70
       -
       

     

       71
       71
       -
             substituteInPlace mmengine/utils/dl_utils/collect_env.py \

     

       72
       72
       -
               --replace-fail \

     

       73
       73
       -
                 "from distutils" \

     

       74
       74
       -
                 "from setuptools._distutils"

     

       75
       71
        
           '';

     

       76
       72
        
       

     

       77
       73
        
         build-system = [ setuptools ];

     

       78
       74
        
       

     

       79
       75
        
         dependencies = [

     

       80
       76
        
           addict

     

       77
       77
       +
           distutils

     

       81
       78
        
           matplotlib

     

       82
       79
        
           numpy

     

       83
       80
        
           opencv4

+2 -2

pkgs/development/python-modules/orbax-checkpoint/default.nix

···

       35
       35
        
       

     

       36
       36
        
       buildPythonPackage rec {

     

       37
       37
        
         pname = "orbax-checkpoint";

     

       38
       38
       -
         version = "0.11.18";

     

       38
       38
       +
         version = "0.11.19";

     

       39
       39
        
         pyproject = true;

     

       40
       40
        
       

     

       41
       41
        
         src = fetchFromGitHub {

     

       42
       42
        
           owner = "google";

     

       43
       43
        
           repo = "orbax";

     

       44
       44
        
           tag = "v${version}";

     

       45
       45
       -
           hash = "sha256-Uosd2TfC3KJMp46SnNnodPBc+G1nNdqFOwPQA+aVyrQ=";

     

       45
       45
       +
           hash = "sha256-j15E4jGvxIjEdWG6Lwr9mvPXr9WifrD1zFF6Vj+7wik=";

     

       46
       46
        
         };

     

       47
       47
        
       

     

       48
       48
        
         sourceRoot = "${src.name}/checkpoint";

+88

pkgs/development/python-modules/sqlite-vec/default.nix

···

       1
       1
       +
       {

     

       2
       2
       +
         lib,

     

       3
       3
       +
         buildPythonPackage,

     

       4
       4
       +
         fetchpatch,

     

       5
       5
       +
       

     

       6
       6
       +
         # build-system

     

       7
       7
       +
         setuptools,

     

       8
       8
       +
         setuptools-scm,

     

       9
       9
       +
       

     

       10
       10
       +
         # dependencies

     

       11
       11
       +
         sqlite-vec-c, # alias for pkgs.sqlite-vec

     

       12
       12
       +
       

     

       13
       13
       +
         # optional dependencies

     

       14
       14
       +
         numpy,

     

       15
       15
       +
       

     

       16
       16
       +
         # check inputs

     

       17
       17
       +
         openai,

     

       18
       18
       +
         pytestCheckHook,

     

       19
       19
       +
       }:

     

       20
       20
       +
       

     

       21
       21
       +
       buildPythonPackage rec {

     

       22
       22
       +
         inherit (sqlite-vec-c) pname version src;

     

       23
       23
       +
         pyproject = true;

     

       24
       24
       +
       

     

       25
       25
       +
         # The actual source root is bindings/python but the patches

     

       26
       26
       +
         # apply to the bindings directory.

     

       27
       27
       +
         # This is a known issue, see https://discourse.nixos.org/t/how-to-apply-patches-with-sourceroot/59727

     

       28
       28
       +
         sourceRoot = "${src.name}/bindings";

     

       29
       29
       +
       

     

       30
       30
       +
         patches = [

     

       31
       31
       +
           (fetchpatch {

     

       32
       32
       +
             # https://github.com/asg017/sqlite-vec/pull/233

     

       33
       33
       +
             name = "add-python-build-files.patch";

     

       34
       34
       +
             url = "https://github.com/asg017/sqlite-vec/commit/c1917deb11aa79dcac32440679345b93e13b1b86.patch";

     

       35
       35
       +
             hash = "sha256-4/9QLKuM/1AbD8AQHwJ14rhWVYVc+MILvK6+tWwWQlw=";

     

       36
       36
       +
             stripLen = 1;

     

       37
       37
       +
           })

     

       38
       38
       +
           (fetchpatch {

     

       39
       39
       +
             # https://github.com/asg017/sqlite-vec/pull/233

     

       40
       40
       +
             name = "add-python-test.patch";

     

       41
       41
       +
             url = "https://github.com/asg017/sqlite-vec/commit/608972c9dcbfc7f4583e99fd8de6e5e16da11081.patch";

     

       42
       42
       +
             hash = "sha256-8dfw7zs7z2FYh8DoAxurMYCDMOheg8Zl1XGcPw1A1BM=";

     

       43
       43
       +
             stripLen = 1;

     

       44
       44
       +
           })

     

       45
       45
       +
         ];

     

       46
       46
       +
       

     

       47
       47
       +
         # Change into the proper directory for building, move `extra_init.py` into its proper location,

     

       48
       48
       +
         # and supply the path to the library.

     

       49
       49
       +
         postPatch = ''

     

       50
       50
       +
           cd python

     

       51
       51
       +
           mv extra_init.py sqlite_vec/

     

       52
       52
       +
           substituteInPlace sqlite_vec/__init__.py \

     

       53
       53
       +
             --replace-fail "@libpath@" "${lib.getLib sqlite-vec-c}/lib/"

     

       54
       54
       +
         '';

     

       55
       55
       +
       

     

       56
       56
       +
         build-system = [

     

       57
       57
       +
           setuptools

     

       58
       58
       +
           setuptools-scm

     

       59
       59
       +
         ];

     

       60
       60
       +
       

     

       61
       61
       +
         dependencies = [

     

       62
       62
       +
           sqlite-vec-c

     

       63
       63
       +
         ];

     

       64
       64
       +
       

     

       65
       65
       +
         optional-dependencies = {

     

       66
       66
       +
           numpy = [

     

       67
       67
       +
             numpy

     

       68
       68
       +
           ];

     

       69
       69
       +
         };

     

       70
       70
       +
       

     

       71
       71
       +
         nativeCheckInputs = [

     

       72
       72
       +
           numpy

     

       73
       73
       +
           openai

     

       74
       74
       +
           pytestCheckHook

     

       75
       75
       +
           sqlite-vec-c

     

       76
       76
       +
         ];

     

       77
       77
       +
       

     

       78
       78
       +
         pythonImportsCheck = [ "sqlite_vec" ];

     

       79
       79
       +
       

     

       80
       80
       +
         meta = sqlite-vec-c.meta // {

     

       81
       81
       +
           description = "Python bindings for sqlite-vec";

     

       82
       82
       +
           maintainers = [ lib.maintainers.sarahec ];

     

       83
       83
       +
           badPlatforms = [

     

       84
       84
       +
             # segfaults during test

     

       85
       85
       +
             "x86_64-darwin"

     

       86
       86
       +
           ];

     

       87
       87
       +
         };

     

       88
       88
       +
       }

+2 -2

pkgs/development/python-modules/timm/default.nix

···

       22
       22
        
       

     

       23
       23
        
       buildPythonPackage rec {

     

       24
       24
        
         pname = "timm";

     

       25
       25
       -
         version = "1.0.16";

     

       25
       25
       +
         version = "1.0.17";

     

       26
       26
        
         pyproject = true;

     

       27
       27
        
       

     

       28
       28
        
         src = fetchFromGitHub {

     

       29
       29
        
           owner = "huggingface";

     

       30
       30
        
           repo = "pytorch-image-models";

     

       31
       31
        
           tag = "v${version}";

     

       32
       32
       -
           hash = "sha256-8z23KQvb+wAlM/IXDC9j6OV8ioZE1dx0xhITSzdHoeY=";

     

       32
       32
       +
           hash = "sha256-NWWKDWcwRrQ2lrNSbkA2xepAoPP7+0G7g7eIjGLZSCw=";

     

       33
       33
        
         };

     

       34
       34
        
       

     

       35
       35
        
         build-system = [ pdm-backend ];

+2 -2

pkgs/development/python-modules/txtai/default.nix

···

       24
       24
        
         hnswlib,

     

       25
       25
        
         pgvector,

     

       26
       26
        
         sqlalchemy,

     

       27
       27
       -
         sqlite-vec,

     

       27
       27
       +
         sqlite-vec-c,

     

       28
       28
        
         # api

     

       29
       29
        
         aiohttp,

     

       30
       30
        
         fastapi,

     
···

       103
       103
        
           hnswlib

     

       104
       104
        
           pgvector

     

       105
       105
        
           sqlalchemy

     

       106
       106
       -
           sqlite-vec

     

       106
       106
       +
           sqlite-vec-c

     

       107
       107
        
         ];

     

       108
       108
        
         api = [

     

       109
       109
        
           aiohttp

+5 -9

pkgs/development/tools/analysis/flow/default.nix

···

       7
       7
        
       

     

       8
       8
        
       stdenv.mkDerivation rec {

     

       9
       9
        
         pname = "flow";

     

       10
       10
       -
         version = "0.238.3";

     

       10
       10
       +
         version = "0.274.2";

     

       11
       11
        
       

     

       12
       12
        
         src = fetchFromGitHub {

     

       13
       13
        
           owner = "facebook";

     

       14
       14
        
           repo = "flow";

     

       15
       15
       -
           rev = "v${version}";

     

       16
       16
       -
           hash = "sha256-WlHta/wXTULehopXeIUdNAQb12Lf0SJnm1HIVHTDshA=";

     

       15
       15
       +
           tag = "v${version}";

     

       16
       16
       +
           hash = "sha256-ZktRFFgPvIfbsAY3C6g3s3zqX3wES+QShu811m183cA=";

     

       17
       17
        
         };

     

       18
       18
       -
       

     

       19
       19
       -
         postPatch = ''

     

       20
       20
       -
           substituteInPlace src/services/inference/check_cache.ml --replace 'Core_kernel' 'Core'

     

       21
       21
       -
         '';

     

       22
       18
        
       

     

       23
       19
        
         makeFlags = [ "FLOW_RELEASE=1" ];

     

       24
       20
        
       

     
···

       39
       35
        
         buildInputs = (

     

       40
       36
        
           with ocamlPackages;

     

       41
       37
        
           [

     

       42
       42
       -
             core_kernel

     

       38
       38
       +
             camlp-streams

     

       43
       39
        
             dtoa

     

       44
       40
        
             fileutils

     

       45
       41
        
             lwt_log

     

       46
       42
        
             lwt_ppx

     

       47
       47
       -
             ocaml_lwt

     

       43
       43
       +
             lwt

     

       48
       44
        
             ppx_deriving

     

       49
       45
        
             ppx_gen_rec

     

       50
       46
        
             ppx_let

+8 -4

pkgs/misc/arm-trusted-firmware/default.nix

···

       18
       18
        
       }:

     

       19
       19
        
       

     

       20
       20
        
       let

     

       21
       21
       -
         buildArmTrustedFirmware =

     

       21
       21
       +
         buildArmTrustedFirmware = lib.makeOverridable (

     

       22
       22
        
           {

     

       23
       23
        
             filesToInstall,

     

       24
       24
        
             installDir ? "$out",

     
···

       59
       59
        
       

     

       60
       60
        
               depsBuildBuild = [ buildPackages.stdenv.cc ];

     

       61
       61
        
       

     

       62
       62
       -
               # For Cortex-M0 firmware in RK3399

     

       63
       63
       -
               nativeBuildInputs = [ pkgsCross.arm-embedded.stdenv.cc ];

     

       62
       62
       +
               nativeBuildInputs = [

     

       63
       63
       +
                 pkgsCross.arm-embedded.stdenv.cc # For Cortex-M0 firmware in RK3399

     

       64
       64
       +
                 openssl # For fiptool

     

       65
       65
       +
               ];

     

       66
       66
       +
       

     

       64
       67
        
               # Make the new toolchain guessing (from 2.11+) happy

     

       65
       68
        
               # https://github.com/ARM-software/arm-trusted-firmware/blob/4ec2948fe3f65dba2f19e691e702f7de2949179c/make_helpers/toolchains/rk3399-m0.mk#L21-L22

     

       66
       69
        
               rk3399-m0-oc = "${pkgsCross.arm-embedded.stdenv.cc.targetPrefix}objcopy";

     
···

       112
       115
        
                 // extraMeta;

     

       113
       116
        
             }

     

       114
       117
        
             // builtins.removeAttrs args [ "extraMeta" ]

     

       115
       115
       -
           );

     

       118
       118
       +
           )

     

       119
       119
       +
         );

     

       116
       120
        
       

     

       117
       121
        
       in

     

       118
       122
        
       {

+127

pkgs/misc/optee-os/default.nix

···

       1
       1
       +
       {

     

       2
       2
       +
         dtc,

     

       3
       3
       +
         fetchFromGitHub,

     

       4
       4
       +
         lib,

     

       5
       5
       +
         pkgsBuildBuild,

     

       6
       6
       +
         stdenv,

     

       7
       7
       +
       }:

     

       8
       8
       +
       

     

       9
       9
       +
       let

     

       10
       10
       +
         defaultVersion = "4.6.0";

     

       11
       11
       +
       

     

       12
       12
       +
         defaultSrc = fetchFromGitHub {

     

       13
       13
       +
           owner = "OP-TEE";

     

       14
       14
       +
           repo = "optee_os";

     

       15
       15
       +
           rev = defaultVersion;

     

       16
       16
       +
           hash = "sha256-4z706DNfZE+CAPOa362CNSFhAN1KaNyKcI9C7+MRccs=";

     

       17
       17
       +
         };

     

       18
       18
       +
       

     

       19
       19
       +
         buildOptee = lib.makeOverridable (

     

       20
       20
       +
           {

     

       21
       21
       +
             version ? null,

     

       22
       22
       +
             src ? null,

     

       23
       23
       +
             platform,

     

       24
       24
       +
             extraMakeFlags ? [ ],

     

       25
       25
       +
             extraMeta ? { },

     

       26
       26
       +
             ...

     

       27
       27
       +
           }@args:

     

       28
       28
       +
       

     

       29
       29
       +
           let

     

       30
       30
       +
             inherit (stdenv.hostPlatform) is32bit is64bit;

     

       31
       31
       +
       

     

       32
       32
       +
             taTarget =

     

       33
       33
       +
               {

     

       34
       34
       +
                 "arm" = "ta_arm32";

     

       35
       35
       +
                 "arm64" = "ta_arm64";

     

       36
       36
       +
               }

     

       37
       37
       +
               .${stdenv.hostPlatform.linuxArch};

     

       38
       38
       +
           in

     

       39
       39
       +
           stdenv.mkDerivation (

     

       40
       40
       +
             {

     

       41
       41
       +
               pname = "optee-os-${platform}";

     

       42
       42
       +
       

     

       43
       43
       +
               version = if src == null then defaultVersion else version;

     

       44
       44
       +
       

     

       45
       45
       +
               src = if src == null then defaultSrc else src;

     

       46
       46
       +
       

     

       47
       47
       +
               postPatch = ''

     

       48
       48
       +
                 patchShebangs $(find -type d -name scripts -printf '%p ')

     

       49
       49
       +
               '';

     

       50
       50
       +
       

     

       51
       51
       +
               outputs = [

     

       52
       52
       +
                 "out"

     

       53
       53
       +
                 "devkit"

     

       54
       54
       +
               ];

     

       55
       55
       +
       

     

       56
       56
       +
               strictDeps = true;

     

       57
       57
       +
       

     

       58
       58
       +
               enableParallelBuilding = true;

     

       59
       59
       +
       

     

       60
       60
       +
               depsBuildBuild = [ pkgsBuildBuild.stdenv.cc ];

     

       61
       61
       +
       

     

       62
       62
       +
               nativeBuildInputs = [

     

       63
       63
       +
                 dtc

     

       64
       64
       +
                 (pkgsBuildBuild.python3.withPackages (

     

       65
       65
       +
                   p: with p; [

     

       66
       66
       +
                     pyelftools

     

       67
       67
       +
                     cryptography

     

       68
       68
       +
                   ]

     

       69
       69
       +
                 ))

     

       70
       70
       +
               ];

     

       71
       71
       +
       

     

       72
       72
       +
               makeFlags =

     

       73
       73
       +
                 [

     

       74
       74
       +
                   "O=out"

     

       75
       75
       +
                   "PLATFORM=${platform}"

     

       76
       76
       +
                   "CFG_USER_TA_TARGETS=${taTarget}"

     

       77
       77
       +
                 ]

     

       78
       78
       +
                 ++ (lib.optionals (is32bit) [

     

       79
       79
       +
                   "CFG_ARM32_core=y"

     

       80
       80
       +
                   "CROSS_COMPILE32=${stdenv.cc.targetPrefix}"

     

       81
       81
       +
                 ])

     

       82
       82
       +
                 ++ (lib.optionals (is64bit) [

     

       83
       83
       +
                   "CFG_ARM64_core=y"

     

       84
       84
       +
                   "CROSS_COMPILE64=${stdenv.cc.targetPrefix}"

     

       85
       85
       +
                 ])

     

       86
       86
       +
                 ++ extraMakeFlags;

     

       87
       87
       +
       

     

       88
       88
       +
               installPhase = ''

     

       89
       89
       +
                 runHook preInstall

     

       90
       90
       +
       

     

       91
       91
       +
                 mkdir -p $out

     

       92
       92
       +
                 cp out/core/{tee.elf,tee-pageable_v2.bin,tee.bin,tee-header_v2.bin,tee-pager_v2.bin,tee-raw.bin} $out

     

       93
       93
       +
                 cp -r out/export-${taTarget} $devkit

     

       94
       94
       +
       

     

       95
       95
       +
                 runHook postInstall

     

       96
       96
       +
               '';

     

       97
       97
       +
       

     

       98
       98
       +
               meta =

     

       99
       99
       +
                 with lib;

     

       100
       100
       +
                 {

     

       101
       101
       +
                   description = "A Trusted Execution Environment for ARM";

     

       102
       102
       +
                   homepage = "https://github.com/OP-TEE/optee_os";

     

       103
       103
       +
                   changelog = "https://github.com/OP-TEE/optee_os/blob/${defaultVersion}/CHANGELOG.md";

     

       104
       104
       +
                   license = licenses.bsd2;

     

       105
       105
       +
                   maintainers = [ maintainers.jmbaur ];

     

       106
       106
       +
                 }

     

       107
       107
       +
                 // extraMeta;

     

       108
       108
       +
             }

     

       109
       109
       +
             // removeAttrs args [ "extraMeta" ]

     

       110
       110
       +
           )

     

       111
       111
       +
         );

     

       112
       112
       +
       in

     

       113
       113
       +
       {

     

       114
       114
       +
         inherit buildOptee;

     

       115
       115
       +
       

     

       116
       116
       +
         opteeQemuArm = buildOptee {

     

       117
       117
       +
           platform = "vexpress";

     

       118
       118
       +
           extraMakeFlags = [ "PLATFORM_FLAVOR=qemu_virt" ];

     

       119
       119
       +
           extraMeta.platforms = [ "armv7l-linux" ];

     

       120
       120
       +
         };

     

       121
       121
       +
       

     

       122
       122
       +
         opteeQemuAarch64 = buildOptee {

     

       123
       123
       +
           platform = "vexpress";

     

       124
       124
       +
           extraMakeFlags = [ "PLATFORM_FLAVOR=qemu_armv8a" ];

     

       125
       125
       +
           extraMeta.platforms = [ "aarch64-linux" ];

     

       126
       126
       +
         };

     

       127
       127
       +
       }

+3 -3

pkgs/servers/home-assistant/custom-lovelace-modules/hourly-weather/package.nix

···

       6
       6
        
       

     

       7
       7
        
       buildNpmPackage rec {

     

       8
       8
        
         pname = "hourly-weather";

     

       9
       9
       -
         version = "6.6.1";

     

       9
       9
       +
         version = "6.7.0";

     

       10
       10
        
       

     

       11
       11
        
         src = fetchFromGitHub {

     

       12
       12
        
           owner = "decompil3d";

     

       13
       13
        
           repo = "lovelace-hourly-weather";

     

       14
       14
        
           rev = version;

     

       15
       15
       -
           hash = "sha256-D2kCUcUgLyMVeba3xc02q/5PrEzXrBVCX+75F58j8y0=";

     

       15
       15
       +
           hash = "sha256-VrHgFup2hAnoxqJQGw23ZiPFpAwfgSLC97U+KHV3PKQ=";

     

       16
       16
        
         };

     

       17
       17
        
       

     

       18
       18
       -
         npmDepsHash = "sha256-gpyqQd4pRF4xKgfT9gRAVnXLSFThjfJV2yu4zOCvVpg=";

     

       18
       18
       +
         npmDepsHash = "sha256-wXL1wLdBp8gkAfY29AS1fM/ZpCCoP1u9PTxDIahy1cg=";

     

       19
       19
        
       

     

       20
       20
        
         env.CYPRESS_INSTALL_BINARY = "0";

     

       21
       21

+7 -3

pkgs/top-level/all-packages.nix

···

       7232
       7232
        
           haskellPackages.callPackage ../tools/misc/fffuu { }

     

       7233
       7233
        
         );

     

       7234
       7234
        
       

     

       7235
       7235
       -
         flow = callPackage ../development/tools/analysis/flow {

     

       7236
       7236
       -
           ocamlPackages = ocaml-ng.ocamlPackages_4_14;

     

       7237
       7237
       -
         };

     

       7235
       7235
       +
         flow = callPackage ../development/tools/analysis/flow { };

     

       7238
       7236
        
       

     

       7239
       7237
        
         framac = callPackage ../by-name/fr/framac/package.nix {

     

       7240
       7238
        
           ocamlPackages = ocaml-ng.ocamlPackages_5_2;

     
···

       7433
       7431
        
         oprofile = callPackage ../development/tools/profiling/oprofile {

     

       7434
       7432
        
           libiberty_static = libiberty.override { staticBuild = true; };

     

       7435
       7433
        
         };

     

       7434
       7434
       +
       

     

       7435
       7435
       +
         inherit (callPackage ../misc/optee-os { })

     

       7436
       7436
       +
           buildOptee

     

       7437
       7437
       +
           opteeQemuArm

     

       7438
       7438
       +
           opteeQemuAarch64

     

       7439
       7439
       +
           ;

     

       7436
       7440
        
       

     

       7437
       7441
        
         patchelf = callPackage ../development/tools/misc/patchelf { };

     

       7438
       7442

+5 -1

pkgs/top-level/python-packages.nix

···

       17031
       17031
        
       

     

       17032
       17032
        
         sqlite-utils = callPackage ../development/python-modules/sqlite-utils { };

     

       17033
       17033
        
       

     

       17034
       17034
       +
         sqlite-vec = callPackage ../development/python-modules/sqlite-vec {

     

       17035
       17035
       +
           sqlite-vec-c = pkgs.sqlite-vec;

     

       17036
       17036
       +
         };

     

       17037
       17037
       +
       

     

       17034
       17038
        
         sqlitedict = callPackage ../development/python-modules/sqlitedict { };

     

       17035
       17039
        
       

     

       17036
       17040
        
         sqliteschema = callPackage ../development/python-modules/sqliteschema { };

     
···

       18332
       18336
        
       

     

       18333
       18337
        
         txrequests = callPackage ../development/python-modules/txrequests { };

     

       18334
       18338
        
       

     

       18335
       18335
       -
         txtai = callPackage ../development/python-modules/txtai { };

     

       18339
       18339
       +
         txtai = callPackage ../development/python-modules/txtai { sqlite-vec-c = pkgs.sqlite-vec; };

     

       18336
       18340
        
       

     

       18337
       18341
        
         txtorcon = callPackage ../development/python-modules/txtorcon { };

     

       18338
       18342