···

       
11
       
11
       
 
       
 <xi:include href="images/snaptools.section.xml" />

     

       
12
       
12
       
 
       
 <xi:include href="images/portableservice.section.xml" />

     

       
13
       
13
       
 
       
 <xi:include href="images/makediskimage.section.xml" />

     

       
14
       
14
       
+
       
 <xi:include href="images/binarycache.section.xml" />

     

       
14
       
15
       
 
       
</chapter>

     

···

       
1
       
1
       
+
       
# pkgs.mkBinaryCache {#sec-pkgs-binary-cache}

     

       
2
       
2
       
+
       


     

       
3
       
3
       
+
       
`pkgs.mkBinaryCache` is a function for creating Nix flat-file binary caches. Such a cache exists as a directory on disk, and can be used as a Nix substituter by passing `--substituter file:///path/to/cache` to Nix commands.

     

       
4
       
4
       
+
       


     

       
5
       
5
       
+
       
Nix packages are most commonly shared between machines using [HTTP, SSH, or S3](https://nixos.org/manual/nix/stable/package-management/sharing-packages.html), but a flat-file binary cache can still be useful in some situations. For example, you can copy it directly to another machine, or make it available on a network file system. It can also be a convenient way to make some Nix packages available inside a container via bind-mounting.

     

       
6
       
6
       
+
       


     

       
7
       
7
       
+
       
Note that this function is meant for advanced use-cases. The more idiomatic way to work with flat-file binary caches is via the [nix-copy-closure](https://nixos.org/manual/nix/stable/command-ref/nix-copy-closure.html) command. You may also want to consider [dockerTools](#sec-pkgs-dockerTools) for your containerization needs.

     

       
8
       
8
       
+
       


     

       
9
       
9
       
+
       
## Example

     

       
10
       
10
       
+
       


     

       
11
       
11
       
+
       
The following derivation will construct a flat-file binary cache containing the closure of `hello`.

     

       
12
       
12
       
+
       


     

       
13
       
13
       
+
       
```nix

     

       
14
       
14
       
+
       
mkBinaryCache {

     

       
15
       
15
       
+
       
  rootPaths = [hello];

     

       
16
       
16
       
+
       
}

     

       
17
       
17
       
+
       
```

     

       
18
       
18
       
+
       


     

       
19
       
19
       
+
       
- `rootPaths` specifies a list of root derivations. The transitive closure of these derivations' outputs will be copied into the cache.

     

       
20
       
20
       
+
       


     

       
21
       
21
       
+
       
Here's an example of building and using the cache.

     

       
22
       
22
       
+
       


     

       
23
       
23
       
+
       
Build the cache on one machine, `host1`:

     

       
24
       
24
       
+
       


     

       
25
       
25
       
+
       
```shellSession

     

       
26
       
26
       
+
       
nix-build -E 'with import <nixpkgs> {}; mkBinaryCache { rootPaths = [hello]; }'

     

       
27
       
27
       
+
       
```

     

       
28
       
28
       
+
       


     

       
29
       
29
       
+
       
```shellSession

     

       
30
       
30
       
+
       
/nix/store/cc0562q828rnjqjyfj23d5q162gb424g-binary-cache

     

       
31
       
31
       
+
       
```

     

       
32
       
32
       
+
       


     

       
33
       
33
       
+
       
Copy the resulting directory to the other machine, `host2`:

     

       
34
       
34
       
+
       


     

       
35
       
35
       
+
       
```shellSession

     

       
36
       
36
       
+
       
scp result host2:/tmp/hello-cache

     

       
37
       
37
       
+
       
```

     

       
38
       
38
       
+
       


     

       
39
       
39
       
+
       
Substitute the derivation using the flat-file binary cache on the other machine, `host2`:

     

       
40
       
40
       
+
       
```shellSession

     

       
41
       
41
       
+
       
nix-build -A hello '<nixpkgs>' \

     

       
42
       
42
       
+
       
  --option require-sigs false \

     

       
43
       
43
       
+
       
  --option trusted-substituters file:///tmp/hello-cache \

     

       
44
       
44
       
+
       
  --option substituters file:///tmp/hello-cache

     

       
45
       
45
       
+
       
```

     

       
46
       
46
       
+
       


     

       
47
       
47
       
+
       
```shellSession

     

       
48
       
48
       
+
       
/nix/store/gl5a41azbpsadfkfmbilh9yk40dh5dl0-hello-2.12.1

     

       
49
       
49
       
+
       
```

     

···

       
16108
       
16108
       
 
       
    githubId = 2242427;

     

       
16109
       
16109
       
 
       
    name = "Yoann Ono";

     

       
16110
       
16110
       
 
       
  };

     

       
16111
       
16111
       
+
       
  yajo = {

     

       
16112
       
16112
       
+
       
    email = "yajo.sk8@gmail.com";

     

       
16113
       
16113
       
+
       
    github = "yajo";

     

       
16114
       
16114
       
+
       
    githubId = 973709;

     

       
16115
       
16115
       
+
       
    name = "Jairo Llopis";

     

       
16116
       
16116
       
+
       
  };

     

       
16111
       
16117
       
 
       
  yana = {

     

       
16112
       
16118
       
 
       
    email = "yana@riseup.net";

     

       
16113
       
16119
       
 
       
    github = "yanalunaterra";

     

···

       
92
       
92
       
 
       
  bcachefs = handleTestOn ["x86_64-linux" "aarch64-linux"] ./bcachefs.nix {};

     

       
93
       
93
       
 
       
  beanstalkd = handleTest ./beanstalkd.nix {};

     

       
94
       
94
       
 
       
  bees = handleTest ./bees.nix {};

     

       
95
       
95
       
+
       
  binary-cache = handleTest ./binary-cache.nix {};

     

       
95
       
96
       
 
       
  bind = handleTest ./bind.nix {};

     

       
96
       
97
       
 
       
  bird = handleTest ./bird.nix {};

     

       
97
       
98
       
 
       
  bitcoind = handleTest ./bitcoind.nix {};

     

···

       
1
       
1
       
+
       
import ./make-test-python.nix ({ lib, ... }:

     

       
2
       
2
       
+
       


     

       
3
       
3
       
+
       
with lib;

     

       
4
       
4
       
+
       


     

       
5
       
5
       
+
       
{

     

       
6
       
6
       
+
       
  name = "binary-cache";

     

       
7
       
7
       
+
       
  meta.maintainers = with maintainers; [ thomasjm ];

     

       
8
       
8
       
+
       


     

       
9
       
9
       
+
       
  nodes.machine =

     

       
10
       
10
       
+
       
    { pkgs, ... }: {

     

       
11
       
11
       
+
       
      imports = [ ../modules/installer/cd-dvd/channel.nix ];

     

       
12
       
12
       
+
       
      environment.systemPackages = with pkgs; [python3];

     

       
13
       
13
       
+
       
      system.extraDependencies = with pkgs; [hello.inputDerivation];

     

       
14
       
14
       
+
       
      nix.extraOptions = ''

     

       
15
       
15
       
+
       
        experimental-features = nix-command

     

       
16
       
16
       
+
       
      '';

     

       
17
       
17
       
+
       
    };

     

       
18
       
18
       
+
       


     

       
19
       
19
       
+
       
  testScript = ''

     

       
20
       
20
       
+
       
    # Build the cache, then remove it from the store

     

       
21
       
21
       
+
       
    cachePath = machine.succeed("nix-build --no-out-link -E 'with import <nixpkgs> {}; mkBinaryCache { rootPaths = [hello]; }'").strip()

     

       
22
       
22
       
+
       
    machine.succeed("cp -r %s/. /tmp/cache" % cachePath)

     

       
23
       
23
       
+
       
    machine.succeed("nix-store --delete " + cachePath)

     

       
24
       
24
       
+
       


     

       
25
       
25
       
+
       
    # Sanity test of cache structure

     

       
26
       
26
       
+
       
    status, stdout = machine.execute("ls /tmp/cache")

     

       
27
       
27
       
+
       
    cache_files = stdout.split()

     

       
28
       
28
       
+
       
    assert ("nix-cache-info" in cache_files)

     

       
29
       
29
       
+
       
    assert ("nar" in cache_files)

     

       
30
       
30
       
+
       


     

       
31
       
31
       
+
       
    # Nix store ping should work

     

       
32
       
32
       
+
       
    machine.succeed("nix store ping --store file:///tmp/cache")

     

       
33
       
33
       
+
       


     

       
34
       
34
       
+
       
    # Cache should contain a .narinfo referring to "hello"

     

       
35
       
35
       
+
       
    grepLogs = machine.succeed("grep -l 'StorePath: /nix/store/[[:alnum:]]*-hello-.*' /tmp/cache/*.narinfo")

     

       
36
       
36
       
+
       


     

       
37
       
37
       
+
       
    # Get the store path referenced by the .narinfo

     

       
38
       
38
       
+
       
    narInfoFile = grepLogs.strip()

     

       
39
       
39
       
+
       
    narInfoContents = machine.succeed("cat " + narInfoFile)

     

       
40
       
40
       
+
       
    import re

     

       
41
       
41
       
+
       
    match = re.match(r"^StorePath: (/nix/store/[a-z0-9]*-hello-.*)$", narInfoContents, re.MULTILINE)

     

       
42
       
42
       
+
       
    if not match: raise Exception("Couldn't find hello store path in cache")

     

       
43
       
43
       
+
       
    storePath = match[1]

     

       
44
       
44
       
+
       


     

       
45
       
45
       
+
       
    # Delete the store path

     

       
46
       
46
       
+
       
    machine.succeed("nix-store --delete " + storePath)

     

       
47
       
47
       
+
       
    machine.succeed("[ ! -d %s ] || exit 1" % storePath)

     

       
48
       
48
       
+
       


     

       
49
       
49
       
+
       
    # Should be able to build hello using the cache

     

       
50
       
50
       
+
       
    logs = machine.succeed("nix-build -A hello '<nixpkgs>' --option require-sigs false --option trusted-substituters file:///tmp/cache --option substituters file:///tmp/cache 2>&1")

     

       
51
       
51
       
+
       
    logLines = logs.split("\n")

     

       
52
       
52
       
+
       
    if not "this path will be fetched" in logLines[0]: raise Exception("Unexpected first log line")

     

       
53
       
53
       
+
       
    def shouldBe(got, desired):

     

       
54
       
54
       
+
       
      if got != desired: raise Exception("Expected '%s' but got '%s'" % (desired, got))

     

       
55
       
55
       
+
       
    shouldBe(logLines[1], "  " + storePath)

     

       
56
       
56
       
+
       
    shouldBe(logLines[2], "copying path '%s' from 'file:///tmp/cache'..." % storePath)

     

       
57
       
57
       
+
       
    shouldBe(logLines[3], storePath)

     

       
58
       
58
       
+
       


     

       
59
       
59
       
+
       
    # Store path should exist in the store now

     

       
60
       
60
       
+
       
    machine.succeed("[ -d %s ] || exit 1" % storePath)

     

       
61
       
61
       
+
       
  '';

     

       
62
       
62
       
+
       
})

     

···

       
2
       
2
       
 
       


     

       
3
       
3
       
 
       
stdenv.mkDerivation rec {

     

       
4
       
4
       
 
       
  pname = "praat";

     

       
5
       
5
       
-
       
  version = "6.3.06";

     

       
5
       
5
       
+
       
  version = "6.3.07";

     

       
6
       
6
       
 
       


     

       
7
       
7
       
 
       
  src = fetchFromGitHub {

     

       
8
       
8
       
 
       
    owner = "praat";

     

       
9
       
9
       
 
       
    repo = "praat";

     

       
10
       
10
       
 
       
    rev = "v${version}";

     

       
11
       
11
       
-
       
    sha256 = "sha256-KwJ8ia1yQmmG+N44ipvGCbuoR2cL03STSTKzUwlDqms=";

     

       
11
       
11
       
+
       
    sha256 = "sha256-hWR6mYD0vBJbX07D/HtFE9qwdbxMliHLCsNDXVYcm1Y=";

     

       
12
       
12
       
 
       
  };

     

       
13
       
13
       
 
       


     

       
14
       
14
       
 
       
  configurePhase = ''

     

···

       
23
       
23
       
 
       
in

     

       
24
       
24
       
 
       
stdenv.mkDerivation rec {

     

       
25
       
25
       
 
       
  pname = "reaper";

     

       
26
       
26
       
-
       
  version = "6.73";

     

       
26
       
26
       
+
       
  version = "6.75";

     

       
27
       
27
       
 
       


     

       
28
       
28
       
 
       
  src = fetchurl {

     

       
29
       
29
       
 
       
    url = url_for_platform version stdenv.hostPlatform.qemuArch;

     

       
30
       
30
       
 
       
    hash = {

     

       
31
       
31
       
-
       
      x86_64-linux = "sha256-omQ2XdL4C78BQRuYKy90QlMko2XYHoVhd4X0C+Zyp8E=";

     

       
32
       
32
       
-
       
      aarch64-linux = "sha256-XHohznrfFMHHgif4iFrpXb0FNddYiBb0gB7ZznlU834=";

     

       
31
       
31
       
+
       
      x86_64-linux = "sha256-wtXClHL+SeuLxMROaZKZOwYnLo6MXC7lAiwCj80X0Ck=";

     

       
32
       
32
       
+
       
      aarch64-linux = "sha256-xCkAbKzXH7E1Ud6iGsnzgZT/2Sy6qpRItYUHFF6ggpQ=";

     

       
33
       
33
       
 
       
    }.${stdenv.hostPlatform.system};

     

       
34
       
34
       
 
       
  };

     

       
35
       
35
       
 
       


     

···

       
10
       
10
       
 
       
, nixosTests

     

       
11
       
11
       
 
       
}:

     

       
12
       
12
       
 
       


     

       
13
       
13
       
-
       
let serenity = fetchFromGitHub {

     

       
14
       
14
       
-
       
  owner = "SerenityOS";

     

       
15
       
15
       
-
       
  repo = "serenity";

     

       
16
       
16
       
-
       
  rev = "a0f3e2c9a2b82117aa7c1a3444ad0d31baa070d5";

     

       
17
       
17
       
-
       
  hash = "sha256-8Xde59ZfdkTD39mYSv0lfFjBHFDWTUwfozE+Q9Yq6C8=";

     

       
18
       
18
       
-
       
};

     

       
19
       
19
       
-
       
in

     

       
20
       
13
       
 
       
stdenv.mkDerivation {

     

       
21
       
14
       
 
       
  pname = "ladybird";

     

       
22
       
22
       
-
       
  version = "unstable-2022-09-29";

     

       
15
       
15
       
+
       
  version = "unstable-2023-01-17";

     

       
23
       
16
       
 
       


     

       
24
       
24
       
-
       
  # Remember to update `serenity` too!

     

       
25
       
17
       
 
       
  src = fetchFromGitHub {

     

       
26
       
18
       
 
       
    owner = "SerenityOS";

     

       
27
       
27
       
-
       
    repo = "ladybird";

     

       
28
       
28
       
-
       
    rev = "d69ad7332477de33bfd1963026e057d55c6f222d";

     

       
29
       
29
       
-
       
    hash = "sha256-XQj2Bohk8F6dGCAManOmmDP5b/SqEeZXZbLDYPfvi2E=";

     

       
19
       
19
       
+
       
    repo = "serenity";

     

       
20
       
20
       
+
       
    rev = "45e85d20b64862df119f643f24e2d500c76c58f3";

     

       
21
       
21
       
+
       
    hash = "sha256-n2mLg9wNfdMGsJuGj+ukjto9qYjGOIz4cZjgvMGQUrY=";

     

       
30
       
22
       
 
       
  };

     

       
31
       
23
       
 
       


     

       
24
       
24
       
+
       
  sourceRoot = "source/Ladybird";

     

       
25
       
25
       
+
       


     

       
32
       
26
       
 
       
  postPatch = ''

     

       
33
       
27
       
 
       
    substituteInPlace CMakeLists.txt \

     

       
34
       
28
       
 
       
      --replace "MACOSX_BUNDLE TRUE" "MACOSX_BUNDLE FALSE"

     

       
29
       
29
       
+
       
    # https://github.com/SerenityOS/serenity/issues/17062

     

       
30
       
30
       
+
       
    substituteInPlace main.cpp \

     

       
31
       
31
       
+
       
      --replace "./SQLServer/SQLServer" "$out/bin/SQLServer"

     

       
35
       
32
       
 
       
  '';

     

       
36
       
33
       
 
       


     

       
37
       
34
       
 
       
  nativeBuildInputs = [

     
···

       
47
       
44
       
 
       
  ];

     

       
48
       
45
       
 
       


     

       
49
       
46
       
 
       
  cmakeFlags = [

     

       
50
       
50
       
-
       
    "-DSERENITY_SOURCE_DIR=${serenity}"

     

       
51
       
47
       
 
       
    # Disable network operations

     

       
52
       
48
       
 
       
    "-DENABLE_TIME_ZONE_DATABASE_DOWNLOAD=false"

     

       
53
       
49
       
 
       
    "-DENABLE_UNICODE_DATABASE_DOWNLOAD=false"

     

       
54
       
50
       
 
       
  ];

     

       
55
       
51
       
 
       


     

       
56
       
56
       
-
       
  # error: use of undeclared identifier 'aligned_alloc'

     

       
57
       
57
       
-
       
  NIX_CFLAGS_COMPILE = toString (lib.optionals (stdenv.isDarwin && lib.versionOlder stdenv.targetPlatform.darwinSdkVersion "11.0") [

     

       
52
       
52
       
+
       
  NIX_CFLAGS_COMPILE = [

     

       
53
       
53
       
+
       
    "-Wno-error"

     

       
54
       
54
       
+
       
  ] ++ lib.optionals (stdenv.isDarwin && lib.versionOlder stdenv.targetPlatform.darwinSdkVersion "11.0") [

     

       
55
       
55
       
+
       
    # error: use of undeclared identifier 'aligned_alloc'

     

       
58
       
56
       
 
       
    "-include mm_malloc.h"

     

       
59
       
57
       
 
       
    "-Daligned_alloc=_mm_malloc"

     

       
60
       
60
       
-
       
  ]);

     

       
58
       
58
       
+
       
  ];

     

       
61
       
59
       
 
       


     

       
62
       
60
       
 
       
  # https://github.com/NixOS/nixpkgs/issues/201254

     

       
63
       
61
       
 
       
  NIX_LDFLAGS = lib.optionalString (stdenv.isLinux && stdenv.isAarch64 && stdenv.cc.isGNU) "-lgcc";

     

···

       
2
       
2
       
 
       


     

       
3
       
3
       
 
       
buildGoModule rec {

     

       
4
       
4
       
 
       
  pname = "glooctl";

     

       
5
       
5
       
-
       
  version = "1.13.5";

     

       
5
       
5
       
+
       
  version = "1.13.6";

     

       
6
       
6
       
 
       


     

       
7
       
7
       
 
       
  src = fetchFromGitHub {

     

       
8
       
8
       
 
       
    owner = "solo-io";

     

       
9
       
9
       
 
       
    repo = "gloo";

     

       
10
       
10
       
 
       
    rev = "v${version}";

     

       
11
       
11
       
-
       
    hash = "sha256-mBmjGP7O1uX+uVM4/us4RWeJcXB1lSEvZQWT/3Ygzik=";

     

       
11
       
11
       
+
       
    hash = "sha256-CBWKKW5VIkRgl7wY63OCm/CowWHO389se3kEraqaDCI=";

     

       
12
       
12
       
 
       
  };

     

       
13
       
13
       
 
       


     

       
14
       
14
       
 
       
  subPackages = [ "projects/gloo/cli/cmd" ];

     

···

       
1
       
1
       
-
       
From 6f53bd36a40da4c71486e3b79f6e32d53d6eea5d Mon Sep 17 00:00:00 2001

     

       
2
       
2
       
-
       
From: Euan Kemp <euank@euank.com>

     

       
3
       
3
       
-
       
Date: Thu, 3 Feb 2022 23:50:40 -0800

     

       
4
       
4
       
-
       
Subject: [PATCH 2/2] scrips/download: strip downloading, just package CRD

     

       
5
       
5
       
-
       


     

       
6
       
6
       
-
       
The CRD packaging is a complicated set of commands, so let's reuse it.

     

       
7
       
7
       
-
       
---

     

       
8
       
8
       
-
       
 scripts/download | 10 ++--------

     

       
9
       
9
       
-
       
 1 file changed, 2 insertions(+), 8 deletions(-)

     

       
10
       
10
       
-
       


     

       
11
       
11
       
-
       
diff --git a/scripts/download b/scripts/download

     

       
12
       
12
       
-
       
index 5effc0562a..82361803ee 100755

     

       
13
       
13
       
-
       
--- a/scripts/download

     

       
14
       
14
       
-
       
+++ b/scripts/download

     

       
15
       
15
       
-
       
@@ -24,12 +24,6 @@ rm -rf ${CONTAINERD_DIR}

     

       
16
       
16
       
-
       
 mkdir -p ${CHARTS_DIR}

     

       
17
       
17
       
-
       
 mkdir -p ${DATA_DIR}

     

       
18
       
18
       
-
       
 

     

       
19
       
19
       
-
       
-curl --compressed -sfL https://github.com/k3s-io/k3s-root/releases/download/${VERSION_ROOT}/k3s-root-${ARCH}.tar | tar xf - --exclude=bin/socat

     

       
20
       
20
       
-
       
-

     

       
21
       
21
       
-
       
-git clone --single-branch --branch=${VERSION_RUNC} --depth=1 https://github.com/opencontainers/runc ${RUNC_DIR}

     

       
22
       
22
       
-
       
-

     

       
23
       
23
       
-
       
-git clone --single-branch --branch=${VERSION_CONTAINERD} --depth=1 https://github.com/k3s-io/containerd ${CONTAINERD_DIR}

     

       
24
       
24
       
-
       
-

     

       
25
       
25
       
-
       
 setup_tmp() {

     

       
26
       
26
       
-
       
     TMP_DIR=$(mktemp -d --tmpdir=${CHARTS_DIR})

     

       
27
       
27
       
-
       
     cleanup() {

     

       
28
       
28
       
-
       
@@ -44,8 +38,8 @@ setup_tmp() {

     

       
29
       
29
       
-
       
 

     

       
30
       
30
       
-
       
 download_and_package_traefik () {

     

       
31
       
31
       
-
       
   echo "Downloading Traefik Helm chart from ${TRAEFIK_URL}"

     

       
32
       
32
       
-
       
-  curl -sfL ${TRAEFIK_URL} -o ${TMP_DIR}/${TRAEFIK_FILE}

     

       
33
       
33
       
-
       
-  code=$?

     

       
34
       
34
       
-
       
+  # nixpkgs: copy in our known traefik chart instead

     

       
35
       
35
       
-
       
+  cp $TRAEFIK_CHART_FILE ${TMP_DIR}/${TRAEFIK_FILE}

     

       
36
       
36
       
-
       
 

     

       
37
       
37
       
-
       
   if [ $code -ne 0 ]; then

     

       
38
       
38
       
-
       
     echo "Error: Failed to download Traefik Helm chart!"

     

       
39
       
39
       
-
       
-- 

     

       
40
       
40
       
-
       
2.34.1

     

       
41
       
41
       
-
       


     

···

       
1
       
1
       
+
       
{

     

       
2
       
2
       
+
       
    traefik-crd  = {

     

       
3
       
3
       
+
       
        url = "https://k3s.io/k3s-charts/assets/traefik-crd/traefik-crd-20.3.1+up20.3.0.tgz";

     

       
4
       
4
       
+
       
        sha256 = "1775vjldvqvhzdbzanxhbaqbmkih09yb91im651q8bc7z5sb9ckn";

     

       
5
       
5
       
+
       
    };

     

       
6
       
6
       
+
       
    traefik = {

     

       
7
       
7
       
+
       
        url = "https://k3s.io/k3s-charts/assets/traefik/traefik-20.3.1+up20.3.0.tgz";

     

       
8
       
8
       
+
       
        sha256 = "1rj0f0n0vgjcbzfwzhqmsd501i2f6vw145w9plbp8gwdyzmg2nc6";

     

       
9
       
9
       
+
       
    };

     

       
10
       
10
       
+
       
}

     

···

       
48
       
48
       
 
       
# Those pieces of software we entirely ignore upstream's handling of, and just

     

       
49
       
49
       
 
       
# make sure they're in the path if desired.

     

       
50
       
50
       
 
       
let

     

       
51
       
51
       
-
       
  k3sVersion = "1.23.6+k3s1";     # k3s git tag

     

       
52
       
52
       
-
       
  k3sCommit = "418c3fa858b69b12b9cefbcff0526f666a6236b9"; # k3s git commit at the above version

     

       
53
       
53
       
-
       
  k3sRepoSha256 = "0fmw491dn5mpi058mr7sij51i5m4qg2grx30cnl3h2v4s0sdkx2i";

     

       
54
       
54
       
-
       
  k3sVendorSha256 = "sha256-iHg5ySMaiSWXs98YGmxPwdZr4zdBIFma12dNEuf30Hs=";

     

       
51
       
51
       
+
       
  k3sVersion = "1.23.16+k3s1";     # k3s git tag

     

       
52
       
52
       
+
       
  k3sCommit = "64b0feeb36c2a26976a364a110f23ebcf971f976"; # k3s git commit at the above version

     

       
53
       
53
       
+
       
  k3sRepoSha256 = "sha256-H6aaYa5OYAaD5hjSi8+RNXiP1zhRZCgKXQA6eU7AWBk=";

     

       
54
       
54
       
+
       
  k3sVendorSha256 = "sha256-+xygljXp27NahsHSgoigMANBQCRwGFYwGHQEwlI9YsQ=";

     

       
55
       
55
       
 
       


     

       
56
       
56
       
-
       
  # taken from ./manifests/traefik.yaml, extracted from '.spec.chart' https://github.com/k3s-io/k3s/blob/v1.23.3%2Bk3s1/scripts/download#L9

     

       
57
       
57
       
-
       
  # The 'patch' and 'minor' versions are currently hardcoded as single digits only, so ignore the trailing two digits. Weird, I know.

     

       
58
       
58
       
-
       
  traefikChartVersion = "10.19.3";

     

       
59
       
59
       
-
       
  traefikChartSha256 = "04zg5li957svgscdmkzmzjkwljaljyav68rzxmhakkwgav6q9058";

     

       
56
       
56
       
+
       
  # Based on the traefik charts here: https://github.com/k3s-io/k3s/blob/v1.23.16%2Bk3s1/scripts/download#L29-L32

     

       
57
       
57
       
+
       
  # see also https://github.com/k3s-io/k3s/blob/v1.23.16%2Bk3s1/manifests/traefik.yaml#L8-L16

     

       
58
       
58
       
+
       
  # At the time of writing, there are two traefik charts, and that's it

     

       
59
       
59
       
+
       
  charts = import ./chart-versions.nix;

     

       
60
       
60
       
 
       


     

       
61
       
61
       
-
       
  # taken from ./scripts/version.sh VERSION_ROOT https://github.com/k3s-io/k3s/blob/v1.23.3%2Bk3s1/scripts/version.sh#L47

     

       
62
       
62
       
-
       
  k3sRootVersion = "0.11.0";

     

       
63
       
63
       
-
       
  k3sRootSha256 = "016n56vi09xkvjph7wgzb2m86mhd5x65fs4d11pmh20hl249r620";

     

       
61
       
61
       
+
       
  # taken from ./scripts/version.sh VERSION_ROOT https://github.com/k3s-io/k3s/blob/v1.23.16%2Bk3s1/scripts/version.sh#L54

     

       
62
       
62
       
+
       
  k3sRootVersion = "0.12.1";

     

       
63
       
63
       
+
       
  k3sRootSha256 = "sha256-xCXbarWztnvW2xn3cGa84hie3OevVZeGEDWh+Uf3RBw=";

     

       
64
       
64
       
 
       


     

       
65
       
65
       
-
       
  # taken from ./scripts/version.sh VERSION_CNIPLUGINS https://github.com/k3s-io/k3s/blob/v1.23.3%2Bk3s1/scripts/version.sh#L45

     

       
66
       
66
       
-
       
  k3sCNIVersion = "1.0.1-k3s1";

     

       
67
       
67
       
-
       
  k3sCNISha256 = "11ihlzzdnqf9p21y0a4ckpbxac016nm7746dcykhj26ym9zxyv92";

     

       
65
       
65
       
+
       
  # taken from ./scripts/version.sh VERSION_CNIPLUGINS https://github.com/k3s-io/k3s/blob/v1.23.16%2Bk3s1/scripts/version.sh#L47

     

       
66
       
66
       
+
       
  k3sCNIVersion = "1.1.1-k3s1";

     

       
67
       
67
       
+
       
  k3sCNISha256 = "sha256-1Br7s+iMtfiPjM0EcNPuFdSlp9dVPjSG1UGuiPUfq5I=";

     

       
68
       
68
       
 
       


     

       
69
       
69
       
 
       
  # taken from go.mod, the 'github.com/containerd/containerd' line

     

       
70
       
70
       
 
       
  # run `grep github.com/containerd/containerd go.mod | head -n1 | awk '{print $4}'`

     

       
71
       
71
       
-
       
  containerdVersion = "1.5.11-k3s2";

     

       
72
       
72
       
-
       
  containerdSha256 = "16132snvrg8r0vwm6c0lz0q6fx686s2ix53nm3aka9a83xs75vf2";

     

       
71
       
71
       
+
       
  # https://github.com/k3s-io/k3s/blob/v1.23.16%2Bk3s1/go.mod#L9

     

       
72
       
72
       
+
       
  containerdVersion = "1.5.16-k3s2-1-22";

     

       
73
       
73
       
+
       
  containerdSha256 = "sha256-PRrp05Jgx368Ox4hTC66lbCInWuex0OtAuCY4l8geqA=";

     

       
73
       
74
       
 
       


     

       
74
       
75
       
 
       
  # run `grep github.com/kubernetes-sigs/cri-tools go.mod | head -n1 | awk '{print $4}'` in the k3s repo at the tag

     

       
76
       
76
       
+
       
  # https://github.com/k3s-io/k3s/blob/v1.23.16%2Bk3s1/go.mod#L19

     

       
75
       
77
       
 
       
  criCtlVersion = "1.22.0-k3s1";

     

       
76
       
78
       
 
       


     

       
77
       
79
       
 
       
  baseMeta = k3s.meta;

     
···

       
94
       
96
       
 
       
  ];

     

       
95
       
97
       
 
       


     

       
96
       
98
       
 
       
  # bundled into the k3s binary

     

       
97
       
97
       
-
       
  traefikChart = fetchurl {

     

       
98
       
98
       
-
       
    url = "https://helm.traefik.io/traefik/traefik-${traefikChartVersion}.tgz";

     

       
99
       
99
       
-
       
    sha256 = traefikChartSha256;

     

       
100
       
100
       
-
       
  };

     

       
99
       
99
       
+
       
  traefikChart = fetchurl charts.traefik;

     

       
100
       
100
       
+
       
  traefik-crdChart = fetchurl charts.traefik-crd;

     

       
101
       
101
       
+
       


     

       
101
       
102
       
 
       
  # so, k3s is a complicated thing to package

     

       
102
       
103
       
 
       
  # This derivation attempts to avoid including any random binaries from the

     

       
103
       
104
       
 
       
  # internet. k3s-root is _mostly_ binaries built to be bundled in k3s (which

     
···

       
181
       
182
       
 
       
    postInstall = ''

     

       
182
       
183
       
 
       
      mv $out/bin/server $out/bin/k3s

     

       
183
       
184
       
 
       
      pushd $out

     

       
184
       
184
       
-
       
      # taken verbatim from https://github.com/k3s-io/k3s/blob/v1.23.3%2Bk3s1/scripts/build#L105-L113

     

       
185
       
185
       
+
       
      # taken verbatim from https://github.com/k3s-io/k3s/blob/v1.23.16%2Bk3s1/scripts/build#L123-L131

     

       
185
       
186
       
 
       
      ln -s k3s ./bin/k3s-agent

     

       
186
       
187
       
 
       
      ln -s k3s ./bin/k3s-server

     

       
187
       
188
       
 
       
      ln -s k3s ./bin/k3s-etcd-snapshot

     

       
188
       
189
       
 
       
      ln -s k3s ./bin/k3s-secrets-encrypt

     

       
189
       
190
       
 
       
      ln -s k3s ./bin/k3s-certificate

     

       
191
       
191
       
+
       
      ln -s k3s ./bin/k3s-completion

     

       
190
       
192
       
 
       
      ln -s k3s ./bin/kubectl

     

       
191
       
193
       
 
       
      ln -s k3s ./bin/crictl

     

       
192
       
194
       
 
       
      ln -s k3s ./bin/ctr

     
···

       
218
       
220
       
 
       


     

       
219
       
221
       
 
       
  src = k3sRepo;

     

       
220
       
222
       
 
       
  vendorSha256 = k3sVendorSha256;

     

       
221
       
221
       
-
       


     

       
222
       
222
       
-
       
  patches = [

     

       
223
       
223
       
-
       
    ./0001-script-download-strip-downloading-just-package-CRD.patch

     

       
224
       
224
       
-
       
  ];

     

       
225
       
223
       
 
       


     

       
226
       
224
       
 
       
  postPatch = ''

     

       
227
       
225
       
 
       
    # Nix prefers dynamically linked binaries over static binary.

     
···

       
290
       
288
       
 
       
    ln -vsf ${k3sContainerd}/bin/* ./bin/

     

       
291
       
289
       
 
       
    rsync -a --no-perms --chmod u=rwX ${k3sRoot}/etc/ ./etc/

     

       
292
       
290
       
 
       
    mkdir -p ./build/static/charts

     

       
293
       
293
       
-
       
    # Note, upstream's chart has a 00 suffix. This seems to not matter though, so we're ignoring that naming detail.

     

       
294
       
294
       
-
       
    export TRAEFIK_CHART_FILE=${traefikChart}

     

       
295
       
295
       
-
       
    # place the traefik chart using their code since it's complicated

     

       
296
       
296
       
-
       
    # We trim the actual download, see patches

     

       
297
       
297
       
-
       
    ./scripts/download

     

       
291
       
291
       
+
       


     

       
292
       
292
       
+
       
    cp ${traefikChart} ./build/static/charts

     

       
293
       
293
       
+
       
    cp ${traefik-crdChart} ./build/static/charts

     

       
298
       
294
       
 
       


     

       
299
       
295
       
 
       
    export ARCH=$GOARCH

     

       
300
       
296
       
 
       
    export DRONE_TAG="v${k3sVersion}"

     

···

       
75
       
75
       
 
       
    description = "A lightweight Kubernetes distribution";

     

       
76
       
76
       
 
       
    license = licenses.asl20;

     

       
77
       
77
       
 
       
    homepage = "https://k3s.io";

     

       
78
       
78
       
-
       
    maintainers = with maintainers; [ euank mic92 superherointj ];

     

       
78
       
78
       
+
       
    maintainers = with maintainers; [ euank mic92 superherointj yajo ];

     

       
79
       
79
       
 
       
    platforms = platforms.linux;

     

       
80
       
80
       
 
       
  };

     

       
81
       
81
       
 
       


     

···

       
1
       
1
       
+
       
{ stdenv, buildPackages }:

     

       
2
       
2
       
+
       


     

       
3
       
3
       
+
       
# This function is for creating a flat-file binary cache, i.e. the kind created by

     

       
4
       
4
       
+
       
# nix copy --to file:///some/path and usable as a substituter (with the file:// prefix).

     

       
5
       
5
       
+
       


     

       
6
       
6
       
+
       
# For example, in the Nixpkgs repo:

     

       
7
       
7
       
+
       
# nix-build -E 'with import ./. {}; mkBinaryCache { rootPaths = [hello]; }'

     

       
8
       
8
       
+
       


     

       
9
       
9
       
+
       
{ name ? "binary-cache"

     

       
10
       
10
       
+
       
, rootPaths

     

       
11
       
11
       
+
       
}:

     

       
12
       
12
       
+
       


     

       
13
       
13
       
+
       
stdenv.mkDerivation {

     

       
14
       
14
       
+
       
  inherit name;

     

       
15
       
15
       
+
       


     

       
16
       
16
       
+
       
  __structuredAttrs = true;

     

       
17
       
17
       
+
       


     

       
18
       
18
       
+
       
  exportReferencesGraph.closure = rootPaths;

     

       
19
       
19
       
+
       


     

       
20
       
20
       
+
       
  preferLocalBuild = true;

     

       
21
       
21
       
+
       


     

       
22
       
22
       
+
       
  PATH = "${buildPackages.coreutils}/bin:${buildPackages.jq}/bin:${buildPackages.python3}/bin:${buildPackages.nix}/bin:${buildPackages.xz}/bin";

     

       
23
       
23
       
+
       


     

       
24
       
24
       
+
       
  builder = builtins.toFile "builder" ''

     

       
25
       
25
       
+
       
    . .attrs.sh

     

       
26
       
26
       
+
       


     

       
27
       
27
       
+
       
    export out=''${outputs[out]}

     

       
28
       
28
       
+
       


     

       
29
       
29
       
+
       
    mkdir $out

     

       
30
       
30
       
+
       
    mkdir $out/nar

     

       
31
       
31
       
+
       


     

       
32
       
32
       
+
       
    python ${./make-binary-cache.py}

     

       
33
       
33
       
+
       


     

       
34
       
34
       
+
       
    # These directories must exist, or Nix might try to create them in LocalBinaryCacheStore::init(),

     

       
35
       
35
       
+
       
    # which fails if mounted read-only

     

       
36
       
36
       
+
       
    mkdir $out/realisations

     

       
37
       
37
       
+
       
    mkdir $out/debuginfo

     

       
38
       
38
       
+
       
    mkdir $out/log

     

       
39
       
39
       
+
       
  '';

     

       
40
       
40
       
+
       
}

     

···

       
1
       
1
       
+
       


     

       
2
       
2
       
+
       
import json

     

       
3
       
3
       
+
       
import os

     

       
4
       
4
       
+
       
import subprocess

     

       
5
       
5
       
+
       


     

       
6
       
6
       
+
       
with open(".attrs.json", "r") as f:

     

       
7
       
7
       
+
       
  closures = json.load(f)["closure"]

     

       
8
       
8
       
+
       


     

       
9
       
9
       
+
       
os.chdir(os.environ["out"])

     

       
10
       
10
       
+
       


     

       
11
       
11
       
+
       
nixPrefix = os.environ["NIX_STORE"] # Usually /nix/store

     

       
12
       
12
       
+
       


     

       
13
       
13
       
+
       
with open("nix-cache-info", "w") as f:

     

       
14
       
14
       
+
       
  f.write("StoreDir: " + nixPrefix + "\n")

     

       
15
       
15
       
+
       


     

       
16
       
16
       
+
       
def dropPrefix(path):

     

       
17
       
17
       
+
       
  return path[len(nixPrefix + "/"):]

     

       
18
       
18
       
+
       


     

       
19
       
19
       
+
       
for item in closures:

     

       
20
       
20
       
+
       
  narInfoHash = dropPrefix(item["path"]).split("-")[0]

     

       
21
       
21
       
+
       


     

       
22
       
22
       
+
       
  xzFile = "nar/" + narInfoHash + ".nar.xz"

     

       
23
       
23
       
+
       
  with open(xzFile, "w") as f:

     

       
24
       
24
       
+
       
    subprocess.run("nix-store --dump %s | xz -c" % item["path"], stdout=f, shell=True)

     

       
25
       
25
       
+
       


     

       
26
       
26
       
+
       
  fileHash = subprocess.run(["nix-hash", "--base32", "--type", "sha256", item["path"]], capture_output=True).stdout.decode().strip()

     

       
27
       
27
       
+
       
  fileSize = os.path.getsize(xzFile)

     

       
28
       
28
       
+
       


     

       
29
       
29
       
+
       
  # Rename the .nar.xz file to its own hash to match "nix copy" behavior

     

       
30
       
30
       
+
       
  finalXzFile = "nar/" + fileHash + ".nar.xz"

     

       
31
       
31
       
+
       
  os.rename(xzFile, finalXzFile)

     

       
32
       
32
       
+
       


     

       
33
       
33
       
+
       
  with open(narInfoHash + ".narinfo", "w") as f:

     

       
34
       
34
       
+
       
    f.writelines((x + "\n" for x in [

     

       
35
       
35
       
+
       
      "StorePath: " + item["path"],

     

       
36
       
36
       
+
       
      "URL: " + finalXzFile,

     

       
37
       
37
       
+
       
      "Compression: xz",

     

       
38
       
38
       
+
       
      "FileHash: sha256:" + fileHash,

     

       
39
       
39
       
+
       
      "FileSize: " + str(fileSize),

     

       
40
       
40
       
+
       
      "NarHash: " + item["narHash"],

     

       
41
       
41
       
+
       
      "NarSize: " + str(item["narSize"]),

     

       
42
       
42
       
+
       
      "References: " + " ".join(dropPrefix(ref) for ref in item["references"]),

     

       
43
       
43
       
+
       
    ]))

     

···

       
196
       
196
       
 
       
      major = "3";

     

       
197
       
197
       
 
       
      minor = "12";

     

       
198
       
198
       
 
       
      patch = "0";

     

       
199
       
199
       
-
       
      suffix = "a3";

     

       
199
       
199
       
+
       
      suffix = "a5";

     

       
200
       
200
       
 
       
    };

     

       
201
       
201
       
-
       
    sha256 = "sha256-G2SzB14KkkGXTlgOCbCckRehxOK+aYA5IB7x2Kc0U9E=";

     

       
201
       
201
       
+
       
    sha256 = "sha256-1m73o0L+OjVvnO47uXrcHl+0hA9rbP994P991JX4Mjs=";

     

       
202
       
202
       
 
       
    inherit (darwin) configd;

     

       
203
       
203
       
 
       
    inherit passthruFun;

     

       
204
       
204
       
 
       
  };

     

···

       
16
       
16
       
 
       


     

       
17
       
17
       
 
       
stdenv.mkDerivation rec {

     

       
18
       
18
       
 
       
  pname = "ldb";

     

       
19
       
19
       
-
       
  version = "2.3.0";

     

       
19
       
19
       
+
       
  version = "2.6.1";

     

       
20
       
20
       
 
       


     

       
21
       
21
       
 
       
  src = fetchurl {

     

       
22
       
22
       
 
       
    url = "mirror://samba/ldb/${pname}-${version}.tar.gz";

     

       
23
       
23
       
-
       
    sha256 = "0bcjj4gv48ddg44wyxpsvrs26xry6yy9x9k16qgz0bljs2rhilx4";

     

       
23
       
23
       
+
       
    sha256 = "sha256-RnQD9334Z4LDlluxdUQLqi7XUan+uVYBlL2MBr8XNsk=";

     

       
24
       
24
       
 
       
  };

     

       
25
       
25
       
 
       


     

       
26
       
26
       
 
       
  outputs = [ "out" "dev" ];

     
···

       
43
       
43
       
 
       
    popt

     

       
44
       
44
       
 
       
    cmocka

     

       
45
       
45
       
 
       
  ];

     

       
46
       
46
       
+
       


     

       
47
       
47
       
+
       
  # otherwise the configure script fails with

     

       
48
       
48
       
+
       
  # PYTHONHASHSEED=1 missing! Don't use waf directly, use ./configure and make!

     

       
49
       
49
       
+
       
  preConfigure = ''

     

       
50
       
50
       
+
       
    export PKGCONFIG="$PKG_CONFIG"

     

       
51
       
51
       
+
       
    export PYTHONHASHSEED=1

     

       
52
       
52
       
+
       
  '';

     

       
46
       
53
       
 
       


     

       
47
       
54
       
 
       
  wafPath = "buildtools/bin/waf";

     

       
48
       
55
       
 
       


     

···

       
13
       
13
       
 
       


     

       
14
       
14
       
 
       
stdenv.mkDerivation rec {

     

       
15
       
15
       
 
       
  pname = "talloc";

     

       
16
       
16
       
-
       
  version = "2.3.3";

     

       
16
       
16
       
+
       
  version = "2.3.4";

     

       
17
       
17
       
 
       


     

       
18
       
18
       
 
       
  src = fetchurl {

     

       
19
       
19
       
 
       
    url = "mirror://samba/talloc/${pname}-${version}.tar.gz";

     

       
20
       
20
       
-
       
    sha256 = "sha256-a+lbI2i9CvHEzXqIFG62zuoY5Gw//JMwv2JitA0diqo=";

     

       
20
       
20
       
+
       
    sha256 = "sha256-F5+eviZeZ+SrLCbK0rfeS2p3xsIS+WaQM4KGnwa+ZQU=";

     

       
21
       
21
       
 
       
  };

     

       
22
       
22
       
 
       


     

       
23
       
23
       
 
       
  nativeBuildInputs = [

     
···

       
36
       
36
       
 
       
    libxslt

     

       
37
       
37
       
 
       
    libxcrypt

     

       
38
       
38
       
 
       
  ];

     

       
39
       
39
       
+
       


     

       
40
       
40
       
+
       
  # otherwise the configure script fails with

     

       
41
       
41
       
+
       
  # PYTHONHASHSEED=1 missing! Don't use waf directly, use ./configure and make!

     

       
42
       
42
       
+
       
  preConfigure = ''

     

       
43
       
43
       
+
       
    export PKGCONFIG="$PKG_CONFIG"

     

       
44
       
44
       
+
       
    export PYTHONHASHSEED=1

     

       
45
       
45
       
+
       
  '';

     

       
39
       
46
       
 
       


     

       
40
       
47
       
 
       
  wafPath = "buildtools/bin/waf";

     

       
41
       
48
       
 
       


     

···

       
12
       
12
       
 
       


     

       
13
       
13
       
 
       
stdenv.mkDerivation rec {

     

       
14
       
14
       
 
       
  pname = "tdb";

     

       
15
       
15
       
-
       
  version = "1.4.6";

     

       
15
       
15
       
+
       
  version = "1.4.7";

     

       
16
       
16
       
 
       


     

       
17
       
17
       
 
       
  src = fetchurl {

     

       
18
       
18
       
 
       
    url = "mirror://samba/tdb/${pname}-${version}.tar.gz";

     

       
19
       
19
       
-
       
    sha256 = "sha256-1okr2L7+BKd2QqHdVuSoeTSb8c9bLAv1+4QQYZON7ws=";

     

       
19
       
19
       
+
       
    sha256 = "sha256-pPsWje9TPzH/LAf32YRLsxMeZ5nwlOvnfQOArcmHwg4=";

     

       
20
       
20
       
 
       
  };

     

       
21
       
21
       
 
       


     

       
22
       
22
       
 
       
  nativeBuildInputs = [

     
···

       
33
       
33
       
 
       
    readline # required to build python

     

       
34
       
34
       
 
       
    libxcrypt

     

       
35
       
35
       
 
       
  ];

     

       
36
       
36
       
+
       


     

       
37
       
37
       
+
       
  # otherwise the configure script fails with

     

       
38
       
38
       
+
       
  # PYTHONHASHSEED=1 missing! Don't use waf directly, use ./configure and make!

     

       
39
       
39
       
+
       
  preConfigure = ''

     

       
40
       
40
       
+
       
    export PKGCONFIG="$PKG_CONFIG"

     

       
41
       
41
       
+
       
    export PYTHONHASHSEED=1

     

       
42
       
42
       
+
       
  '';

     

       
36
       
43
       
 
       


     

       
37
       
44
       
 
       
  wafPath = "buildtools/bin/waf";

     

       
38
       
45
       
 
       


     

···

       
2
       
2
       
 
       
, fetchurl

     

       
3
       
3
       
 
       
, python3

     

       
4
       
4
       
 
       
, pkg-config

     

       
5
       
5
       
+
       
, cmocka

     

       
5
       
6
       
 
       
, readline

     

       
6
       
7
       
 
       
, talloc

     

       
7
       
8
       
 
       
, libxslt

     
···

       
13
       
14
       
 
       


     

       
14
       
15
       
 
       
stdenv.mkDerivation rec {

     

       
15
       
16
       
 
       
  pname = "tevent";

     

       
16
       
16
       
-
       
  version = "0.10.2";

     

       
17
       
17
       
+
       
  version = "0.13.0";

     

       
17
       
18
       
 
       


     

       
18
       
19
       
 
       
  src = fetchurl {

     

       
19
       
20
       
 
       
    url = "mirror://samba/tevent/${pname}-${version}.tar.gz";

     

       
20
       
20
       
-
       
    sha256 = "15k6i8ad5lpxfjsjyq9h64zlyws8d3cm0vwdnaw8z1xjwli7hhpq";

     

       
21
       
21
       
+
       
    sha256 = "sha256-uUN6kX+lU0Q2G+tk7J4AQumcroh5iCpi3Tj2q+I3HQw=";

     

       
21
       
22
       
 
       
  };

     

       
22
       
23
       
 
       


     

       
23
       
24
       
 
       
  nativeBuildInputs = [

     
···

       
32
       
33
       
 
       


     

       
33
       
34
       
 
       
  buildInputs = [

     

       
34
       
35
       
 
       
    python3

     

       
36
       
36
       
+
       
    cmocka

     

       
35
       
37
       
 
       
    readline # required to build python

     

       
36
       
38
       
 
       
    talloc

     

       
37
       
39
       
 
       
  ];

     

       
40
       
40
       
+
       


     

       
41
       
41
       
+
       
  # otherwise the configure script fails with

     

       
42
       
42
       
+
       
  # PYTHONHASHSEED=1 missing! Don't use waf directly, use ./configure and make!

     

       
43
       
43
       
+
       
  preConfigure = ''

     

       
44
       
44
       
+
       
    export PKGCONFIG="$PKG_CONFIG"

     

       
45
       
45
       
+
       
    export PYTHONHASHSEED=1

     

       
46
       
46
       
+
       
  '';

     

       
38
       
47
       
 
       


     

       
39
       
48
       
 
       
  wafPath = "buildtools/bin/waf";

     

       
40
       
49
       
 
       


     

···

       
49
       
49
       
 
       
    done

     

       
50
       
50
       
 
       


     

       
51
       
51
       
 
       
    # Patch executables

     

       
52
       
52
       
-
       
    if [ -d prebuild/linux-x86_64 ]; then

     

       
52
       
52
       
+
       
    if [ -d prebuilt/linux-x86_64 ]; then

     

       
53
       
53
       
 
       
        autoPatchelf prebuilt/linux-x86_64

     

       
54
       
54
       
 
       
    fi

     

       
55
       
55
       
 
       


     

···

       
10
       
10
       
 
       


     

       
11
       
11
       
 
       
buildPythonPackage rec {

     

       
12
       
12
       
 
       
  pname = "gbulb";

     

       
13
       
13
       
-
       
  version = "0.6.3";

     

       
13
       
13
       
+
       
  version = "0.6.4";

     

       
14
       
14
       
 
       


     

       
15
       
15
       
 
       
  src = fetchFromGitHub {

     

       
16
       
16
       
 
       
    owner = "beeware";

     

       
17
       
17
       
 
       
    repo = "gbulb";

     

       
18
       
18
       
-
       
    rev = "v${version}";

     

       
19
       
19
       
-
       
    sha256 = "sha256-QNpZf1zfe6r6MtmYMWSrXPsXm5iX36oMx4GnXiTYPaQ=";

     

       
18
       
18
       
+
       
    rev = "refs/tags/v${version}";

     

       
19
       
19
       
+
       
    sha256 = "sha256-AdZSvxix0cpoFQSrslGl+hB/s6Nh0EsWMQmXZAJVJOg=";

     

       
20
       
20
       
 
       
  };

     

       
21
       
21
       
 
       


     

       
22
       
22
       
 
       
  propagatedBuildInputs = [

     

···

       
14
       
14
       
 
       


     

       
15
       
15
       
 
       
buildPythonPackage rec {

     

       
16
       
16
       
 
       
  pname = "google-cloud-error-reporting";

     

       
17
       
17
       
-
       
  version = "1.8.1";

     

       
17
       
17
       
+
       
  version = "1.8.2";

     

       
18
       
18
       
 
       
  format = "setuptools";

     

       
19
       
19
       
 
       


     

       
20
       
20
       
 
       
  disabled = pythonOlder "3.7";

     

       
21
       
21
       
 
       


     

       
22
       
22
       
 
       
  src = fetchPypi {

     

       
23
       
23
       
 
       
    inherit pname version;

     

       
24
       
24
       
-
       
    hash = "sha256-Xl+Jc05daQZPh4xggf/JYYlJ5Lx6LafqWhMcVdk/r6o=";

     

       
24
       
24
       
+
       
    hash = "sha256-bwl1gWLux5LJMZIS/tJFMhHs1LcaDVCTgNrke6ASiBI=";

     

       
25
       
25
       
 
       
  };

     

       
26
       
26
       
 
       


     

       
27
       
27
       
 
       
  propagatedBuildInputs = [

     

···

       
3
       
3
       
 
       
, fetchFromGitHub

     

       
4
       
4
       
 
       
, karton-core

     

       
5
       
5
       
 
       
, unittestCheckHook

     

       
6
       
6
       
+
       
, pythonOlder

     

       
6
       
7
       
 
       
}:

     

       
7
       
8
       
 
       


     

       
8
       
9
       
 
       
buildPythonPackage rec {

     

       
9
       
10
       
 
       
  pname = "karton-asciimagic";

     

       
10
       
11
       
 
       
  version = "1.2.0";

     

       
12
       
12
       
+
       
  format = "setuptools";

     

       
13
       
13
       
+
       


     

       
14
       
14
       
+
       
  disabled = pythonOlder "3.7";

     

       
11
       
15
       
 
       


     

       
12
       
16
       
 
       
  src = fetchFromGitHub {

     

       
13
       
17
       
 
       
    owner = "CERT-Polska";

     

       
14
       
18
       
 
       
    repo = pname;

     

       
15
       
15
       
-
       
    rev = "v${version}";

     

       
16
       
16
       
-
       
    sha256 = "sha256-sY5ik9efzLBa6Fbh17Vh4q7PlwOGYjuodU9yvp/8E3k=";

     

       
19
       
19
       
+
       
    rev = "refs/tags/v${version}";

     

       
20
       
20
       
+
       
    hash = "sha256-sY5ik9efzLBa6Fbh17Vh4q7PlwOGYjuodU9yvp/8E3k=";

     

       
17
       
21
       
 
       
  };

     

       
18
       
22
       
 
       


     

       
19
       
23
       
 
       
  propagatedBuildInputs = [

     

       
20
       
24
       
 
       
    karton-core

     

       
21
       
25
       
 
       
  ];

     

       
22
       
26
       
 
       


     

       
23
       
23
       
-
       
  nativeCheckInputs = [ unittestCheckHook ];

     

       
27
       
27
       
+
       
  nativeCheckInputs = [

     

       
28
       
28
       
+
       
    unittestCheckHook

     

       
29
       
29
       
+
       
  ];

     

       
24
       
30
       
 
       


     

       
25
       
25
       
-
       
  pythonImportsCheck = [ "karton.asciimagic" ];

     

       
31
       
31
       
+
       
  pythonImportsCheck = [

     

       
32
       
32
       
+
       
    "karton.asciimagic"

     

       
33
       
33
       
+
       
  ];

     

       
26
       
34
       
 
       


     

       
27
       
35
       
 
       
  meta = with lib; {

     

       
28
       
36
       
 
       
    description = "Decoders for ascii-encoded executables for the Karton framework";

     

       
29
       
37
       
 
       
    homepage = "https://github.com/CERT-Polska/karton-asciimagic";

     

       
38
       
38
       
+
       
    changelog = "https://github.com/CERT-Polska/karton-asciimagic/releases/tag/v${version}";

     

       
30
       
39
       
 
       
    license = with licenses; [ bsd3 ];

     

       
31
       
40
       
 
       
    maintainers = with maintainers; [ fab ];

     

       
32
       
41
       
 
       
  };

     

···

       
18
       
18
       
 
       
  src = fetchFromGitHub {

     

       
19
       
19
       
 
       
    owner = "CERT-Polska";

     

       
20
       
20
       
 
       
    repo = pname;

     

       
21
       
21
       
-
       
    rev = "v${version}";

     

       
22
       
22
       
-
       
    sha256 = "sha256-D+M3JsIN8LUWg8GVweEzySHI7KaBb6cNHHn4pXoq55M=";

     

       
21
       
21
       
+
       
    rev = "refs/tags/v${version}";

     

       
22
       
22
       
+
       
    hash = "sha256-D+M3JsIN8LUWg8GVweEzySHI7KaBb6cNHHn4pXoq55M=";

     

       
23
       
23
       
 
       
  };

     

       
24
       
24
       
 
       


     

       
25
       
25
       
 
       
  propagatedBuildInputs = [

     
···

       
46
       
46
       
 
       
  meta = with lib; {

     

       
47
       
47
       
 
       
    description = "AutoIt script ripper for Karton framework";

     

       
48
       
48
       
 
       
    homepage = "https://github.com/CERT-Polska/karton-autoit-ripper";

     

       
49
       
49
       
+
       
    changelog = "https://github.com/CERT-Polska/karton-autoit-ripper/releases/tag/v${version}";

     

       
49
       
50
       
 
       
    license = with licenses; [ bsd3 ];

     

       
50
       
51
       
 
       
    maintainers = with maintainers; [ fab ];

     

       
51
       
52
       
 
       
  };

     

···

       
18
       
18
       
 
       
  src = fetchFromGitHub {

     

       
19
       
19
       
 
       
    owner = "CERT-Polska";

     

       
20
       
20
       
 
       
    repo = pname;

     

       
21
       
21
       
-
       
    rev = "v${version}";

     

       
21
       
21
       
+
       
    rev = "refs/tags/v${version}";

     

       
22
       
22
       
 
       
    hash = "sha256-TRmAin0TAOIwR5EBMwTOJ9QaHO+mOx/eAjgqvyQZDj4=";

     

       
23
       
23
       
 
       
  };

     

       
24
       
24
       
 
       


     
···

       
51
       
51
       
 
       
  meta = with lib; {

     

       
52
       
52
       
 
       
    description = "File type classifier for the Karton framework";

     

       
53
       
53
       
 
       
    homepage = "https://github.com/CERT-Polska/karton-classifier";

     

       
54
       
54
       
+
       
    changelog = "https://github.com/CERT-Polska/karton-classifier/releases/tag/v${version}";

     

       
54
       
55
       
 
       
    license = with licenses; [ bsd3 ];

     

       
55
       
56
       
 
       
    maintainers = with maintainers; [ fab ];

     

       
56
       
57
       
 
       
  };

     

···

       
16
       
16
       
 
       
  src = fetchFromGitHub {

     

       
17
       
17
       
 
       
    owner = "CERT-Polska";

     

       
18
       
18
       
 
       
    repo = pname;

     

       
19
       
19
       
-
       
    rev = "v${version}";

     

       
20
       
20
       
-
       
    sha256 = "sha256-ep69Rrm8Ek0lkgctz6vDAZ1MZ8kWKZSyIvMMAmzTngA=";

     

       
19
       
19
       
+
       
    rev = "refs/tags/v${version}";

     

       
20
       
20
       
+
       
    hash = "sha256-ep69Rrm8Ek0lkgctz6vDAZ1MZ8kWKZSyIvMMAmzTngA=";

     

       
21
       
21
       
 
       
  };

     

       
22
       
22
       
 
       


     

       
23
       
23
       
 
       
  propagatedBuildInputs = [

     
···

       
40
       
40
       
 
       
  meta = with lib; {

     

       
41
       
41
       
 
       
    description = "Static configuration extractor for the Karton framework";

     

       
42
       
42
       
 
       
    homepage = "https://github.com/CERT-Polska/karton-config-extractor";

     

       
43
       
43
       
+
       
    changelog = "https://github.com/CERT-Polska/karton-config-extractor/releases/tag/v${version}";

     

       
43
       
44
       
 
       
    license = with licenses; [ bsd3 ];

     

       
44
       
45
       
 
       
    maintainers = with maintainers; [ fab ];

     

       
45
       
46
       
 
       
  };

     

···

       
3
       
3
       
 
       
, buildPythonPackage

     

       
4
       
4
       
 
       
, fetchFromGitHub

     

       
5
       
5
       
 
       
, unittestCheckHook

     

       
6
       
6
       
+
       
, pythonOlder

     

       
6
       
7
       
 
       
, redis

     

       
7
       
8
       
 
       
}:

     

       
8
       
9
       
 
       


     

       
9
       
10
       
 
       
buildPythonPackage rec {

     

       
10
       
11
       
 
       
  pname = "karton-core";

     

       
11
       
12
       
 
       
  version = "5.0.1";

     

       
13
       
13
       
+
       
  format = "setuptools";

     

       
14
       
14
       
+
       


     

       
15
       
15
       
+
       
  disabled = pythonOlder "3.7";

     

       
12
       
16
       
 
       


     

       
13
       
17
       
 
       
  src = fetchFromGitHub {

     

       
14
       
18
       
 
       
    owner = "CERT-Polska";

     
···

       
22
       
26
       
 
       
    redis

     

       
23
       
27
       
 
       
  ];

     

       
24
       
28
       
 
       


     

       
25
       
25
       
-
       
  nativeCheckInputs = [ unittestCheckHook ];

     

       
29
       
29
       
+
       
  nativeCheckInputs = [

     

       
30
       
30
       
+
       
    unittestCheckHook

     

       
31
       
31
       
+
       
  ];

     

       
26
       
32
       
 
       


     

       
27
       
33
       
 
       
  pythonImportsCheck = [

     

       
28
       
34
       
 
       
    "karton.core"

     
···

       
31
       
37
       
 
       
  meta = with lib; {

     

       
32
       
38
       
 
       
    description = "Distributed malware processing framework";

     

       
33
       
39
       
 
       
    homepage = "https://karton-core.readthedocs.io/";

     

       
40
       
40
       
+
       
    changelog = "https://github.com/CERT-Polska/karton/releases/tag/v${version}";

     

       
34
       
41
       
 
       
    license = licenses.bsd3;

     

       
35
       
42
       
 
       
    maintainers = with maintainers; [ chivay fab ];

     

       
36
       
43
       
 
       
  };

     

···

       
53
       
53
       
 
       
  meta = with lib; {

     

       
54
       
54
       
 
       
    description = "Web application that allows for Karton task and queue introspection";

     

       
55
       
55
       
 
       
    homepage = "https://github.com/CERT-Polska/karton-dashboard";

     

       
56
       
56
       
+
       
    changelog = "https://github.com/CERT-Polska/karton-dashboard/releases/tag/v${version}";

     

       
56
       
57
       
 
       
    license = with licenses; [ bsd3 ];

     

       
57
       
58
       
 
       
    maintainers = with maintainers; [ fab ];

     

       
58
       
59
       
 
       
  };

     

···

       
16
       
16
       
 
       
  src = fetchFromGitHub {

     

       
17
       
17
       
 
       
    owner = "CERT-Polska";

     

       
18
       
18
       
 
       
    repo = pname;

     

       
19
       
19
       
-
       
    rev = "v${version}";

     

       
19
       
19
       
+
       
    rev = "refs/tags/v${version}";

     

       
20
       
20
       
 
       
    hash = "sha256-QVxczXT74Xt0AtCSDm4nhIK4qtHQ6bqmVNb/CALZSE4=";

     

       
21
       
21
       
 
       
  };

     

       
22
       
22
       
 
       


     
···

       
35
       
35
       
 
       
  meta = with lib; {

     

       
36
       
36
       
 
       
    description = "Karton service that uploads analyzed artifacts and metadata to MWDB Core";

     

       
37
       
37
       
 
       
    homepage = "https://github.com/CERT-Polska/karton-mwdb-reporter";

     

       
38
       
38
       
+
       
    changelog = "https://github.com/CERT-Polska/karton-mwdb-reporter/releases/tag/v${version}";

     

       
38
       
39
       
 
       
    license = with licenses; [ bsd3 ];

     

       
39
       
40
       
 
       
    maintainers = with maintainers; [ fab ];

     

       
40
       
41
       
 
       
  };

     

···

       
3
       
3
       
 
       
, fetchFromGitHub

     

       
4
       
4
       
 
       
, karton-core

     

       
5
       
5
       
 
       
, unittestCheckHook

     

       
6
       
6
       
+
       
, pythonOlder

     

       
6
       
7
       
 
       
, yara-python

     

       
7
       
8
       
 
       
}:

     

       
8
       
9
       
 
       


     

       
9
       
10
       
 
       
buildPythonPackage rec {

     

       
10
       
11
       
 
       
  pname = "karton-yaramatcher";

     

       
11
       
12
       
 
       
  version = "1.2.0";

     

       
13
       
13
       
+
       
  format = "setuptools";

     

       
14
       
14
       
+
       


     

       
15
       
15
       
+
       
  disabled = pythonOlder "3.7";

     

       
12
       
16
       
 
       


     

       
13
       
17
       
 
       
  src = fetchFromGitHub {

     

       
14
       
18
       
 
       
    owner = "CERT-Polska";

     

       
15
       
19
       
 
       
    repo = pname;

     

       
16
       
16
       
-
       
    rev = "v${version}";

     

       
17
       
17
       
-
       
    sha256 = "sha256-ulWwPXbjqQXwSRi8MFdcx7vC7P19yu66Ll8jkuTesao=";

     

       
20
       
20
       
+
       
    rev = "refs/tags/v${version}";

     

       
21
       
21
       
+
       
    hash = "sha256-ulWwPXbjqQXwSRi8MFdcx7vC7P19yu66Ll8jkuTesao=";

     

       
18
       
22
       
 
       
  };

     

       
19
       
23
       
 
       


     

       
20
       
24
       
 
       
  propagatedBuildInputs = [

     
···

       
22
       
26
       
 
       
    yara-python

     

       
23
       
27
       
 
       
  ];

     

       
24
       
28
       
 
       


     

       
25
       
25
       
-
       
  nativeCheckInputs = [ unittestCheckHook ];

     

       
29
       
29
       
+
       
  nativeCheckInputs = [

     

       
30
       
30
       
+
       
    unittestCheckHook

     

       
31
       
31
       
+
       
  ];

     

       
26
       
32
       
 
       


     

       
27
       
27
       
-
       
  pythonImportsCheck = [ "karton.yaramatcher" ];

     

       
33
       
33
       
+
       
  pythonImportsCheck = [

     

       
34
       
34
       
+
       
    "karton.yaramatcher"

     

       
35
       
35
       
+
       
  ];

     

       
28
       
36
       
 
       


     

       
29
       
37
       
 
       
  meta = with lib; {

     

       
30
       
38
       
 
       
    description = "File and analysis artifacts yara matcher for the Karton framework";

     

       
31
       
39
       
 
       
    homepage = "https://github.com/CERT-Polska/karton-yaramatcher";

     

       
40
       
40
       
+
       
    changelog = "https://github.com/CERT-Polska/karton-yaramatcher/releases/tag/v${version}";

     

       
32
       
41
       
 
       
    license = with licenses; [ bsd3 ];

     

       
33
       
42
       
 
       
    maintainers = with maintainers; [ fab ];

     

       
34
       
43
       
 
       
  };

     

···

       
10
       
10
       
 
       


     

       
11
       
11
       
 
       
buildPythonPackage rec {

     

       
12
       
12
       
 
       
  pname = "nomadnet";

     

       
13
       
13
       
-
       
  version = "0.3.2";

     

       
13
       
13
       
+
       
  version = "0.3.3";

     

       
14
       
14
       
 
       
  format = "setuptools";

     

       
15
       
15
       
 
       


     

       
16
       
16
       
 
       
  disabled = pythonOlder "3.7";

     
···

       
19
       
19
       
 
       
    owner = "markqvist";

     

       
20
       
20
       
 
       
    repo = "NomadNet";

     

       
21
       
21
       
 
       
    rev = "refs/tags/${version}";

     

       
22
       
22
       
-
       
    hash = "sha256-QIme76Y7rhPCooazX+pr5ETbAmShVHZ9polJ964NLFg=";

     

       
22
       
22
       
+
       
    hash = "sha256-7EiAvWYhYJ7S/quME6B4Iw5nw+xOnL7PMCWXLPx0O+4=";

     

       
23
       
23
       
 
       
  };

     

       
24
       
24
       
 
       


     

       
25
       
25
       
 
       
  propagatedBuildInputs = [

     

···

       
2
       
2
       
 
       


     

       
3
       
3
       
 
       
buildGoModule rec {

     

       
4
       
4
       
 
       
  pname = "dagger";

     

       
5
       
5
       
-
       
  version = "0.3.10";

     

       
5
       
5
       
+
       
  version = "0.3.12";

     

       
6
       
6
       
 
       


     

       
7
       
7
       
 
       
  src = fetchFromGitHub {

     

       
8
       
8
       
 
       
    owner = "dagger";

     

       
9
       
9
       
 
       
    repo = "dagger";

     

       
10
       
10
       
 
       
    rev = "v${version}";

     

       
11
       
11
       
-
       
    hash = "sha256-/JbKnDjC3C0mF4WHOmmvblrr/e1MhOws3Q/oXZCgdEM=";

     

       
11
       
11
       
+
       
    hash = "sha256-70qN5cZb0EjBPE5xpeKUv46JD+B8rYaDejAfaqC0Y4M=";

     

       
12
       
12
       
 
       
  };

     

       
13
       
13
       
 
       


     

       
14
       
14
       
-
       
  vendorHash = "sha256-wufztmiOwgY0Q6x9oMrJo28JGx8iprC1gr9zZjSWwuw=";

     

       
14
       
14
       
+
       
  vendorHash = "sha256-9a5W8+tQ5rhtq4uul84AtxcKOc25lfe7bMpgbhRT9/Y=";

     

       
15
       
15
       
 
       
  proxyVendor = true;

     

       
16
       
16
       
 
       


     

       
17
       
17
       
 
       
  subPackages = [

     

···

       
5
       
5
       
 
       


     

       
6
       
6
       
 
       
buildGoModule rec {

     

       
7
       
7
       
 
       
  pname = "gosec";

     

       
8
       
8
       
-
       
  version = "2.14.0";

     

       
8
       
8
       
+
       
  version = "2.15.0";

     

       
9
       
9
       
 
       


     

       
10
       
10
       
 
       
  src = fetchFromGitHub {

     

       
11
       
11
       
 
       
    owner = "securego";

     

       
12
       
12
       
 
       
    repo = pname;

     

       
13
       
13
       
 
       
    rev = "v${version}";

     

       
14
       
14
       
-
       
    sha256 = "sha256-OPMXU24INpdeQrNlRIPJBag6TtHFFIdxlBTfMgRZc2U=";

     

       
14
       
14
       
+
       
    sha256 = "sha256-GB+BAGIVPtyY2Bsm/yDTYjJixLGvGwsIoOLCyy/0AJk=";

     

       
15
       
15
       
 
       
  };

     

       
16
       
16
       
 
       


     

       
17
       
17
       
-
       
  vendorSha256 = "sha256-F/wtDYPF4qUujU+fJx2v9uwlkxQ1LMPECKxHR4EB1zk=";

     

       
17
       
17
       
+
       
  vendorHash = "sha256-5LIIXf+8ZN7WcFSPzsJ5Tt+d40AgF5YI3O1oXms1WgI=";

     

       
18
       
18
       
 
       


     

       
19
       
19
       
 
       
  subPackages = [

     

       
20
       
20
       
 
       
    "cmd/gosec"

     

···

       
2
       
2
       
 
       


     

       
3
       
3
       
 
       
stdenv.mkDerivation rec {

     

       
4
       
4
       
 
       
  pname = "micronaut";

     

       
5
       
5
       
-
       
  version = "3.8.3";

     

       
5
       
5
       
+
       
  version = "3.8.4";

     

       
6
       
6
       
 
       


     

       
7
       
7
       
 
       
  src = fetchzip {

     

       
8
       
8
       
 
       
    url = "https://github.com/micronaut-projects/micronaut-starter/releases/download/v${version}/micronaut-cli-${version}.zip";

     

       
9
       
9
       
-
       
    sha256 = "sha256-IrgypySq5RUi9X3pVC0t+Ezw7aNu8mIKZYY4CEaKhU4=";

     

       
9
       
9
       
+
       
    sha256 = "sha256-PbTuhJ+l3s+vwo5Y93GpQIah71zah5aFgV/pBSyJDKY=";

     

       
10
       
10
       
 
       
  };

     

       
11
       
11
       
 
       


     

       
12
       
12
       
 
       
  nativeBuildInputs = [ makeWrapper installShellFiles ];

     

···

       
11
       
11
       
 
       
in

     

       
12
       
12
       
 
       
stdenv.mkDerivation rec {

     

       
13
       
13
       
 
       
  pname = "grails";

     

       
14
       
14
       
-
       
  version = "5.2.5";

     

       
14
       
14
       
+
       
  version = "5.3.0";

     

       
15
       
15
       
 
       


     

       
16
       
16
       
 
       
  src = fetchurl {

     

       
17
       
17
       
 
       
    url = "https://github.com/grails/grails-core/releases/download/v${version}/grails-${version}.zip";

     

       
18
       
18
       
-
       
    sha256 = "sha256-RI1O10kObIaEjOuUFuAchjIgjrNDKmwRY0+Vep6UT54=";

     

       
18
       
18
       
+
       
    sha256 = "sha256-0Ow3G0QbKXQSpjLf371CYNxC3XoO5sv1SQD4MlHeOQ4=";

     

       
19
       
19
       
 
       
  };

     

       
20
       
20
       
 
       


     

       
21
       
21
       
 
       
  nativeBuildInputs = [ unzip ];

     

···

       
12
       
12
       
 
       


     

       
13
       
13
       
 
       
mkDerivation rec {

     

       
14
       
14
       
 
       
  pname = "chessx";

     

       
15
       
15
       
-
       
  version = "1.5.7";

     

       
15
       
15
       
+
       
  version = "1.5.8";

     

       
16
       
16
       
 
       


     

       
17
       
17
       
 
       
  src = fetchurl {

     

       
18
       
18
       
 
       
    url = "mirror://sourceforge/chessx/chessx-${version}.tgz";

     

       
19
       
19
       
-
       
    sha256 = "sha256-wadIO3iNvj8LgIzExHTmeXxXnWOI+ViLrdhAlzZ79Jw=";

     

       
19
       
19
       
+
       
    sha256 = "sha256-ev+tK1CHLFt/RvmzyPVZ2c0nxfRwwb9ke7uTmm7REaM=";

     

       
20
       
20
       
 
       
  };

     

       
21
       
21
       
 
       


     

       
22
       
22
       
 
       
  nativeBuildInputs = [

     

···

       
25
       
25
       
 
       
  stable = if stdenv.hostPlatform.system == "i686-linux" then legacy_390 else latest;

     

       
26
       
26
       
 
       


     

       
27
       
27
       
 
       
  production = generic {

     

       
28
       
28
       
-
       
    version = "525.85.05";

     

       
29
       
29
       
-
       
    sha256_64bit = "sha256-6mO0JTQDsiS7cxOol3qSDf6dID1mHdX2/CZYWnAXkUA=";

     

       
30
       
30
       
-
       
    openSha256 = "sha256-iI41eex/pQhWdQwk9qc9AlnVYcO0HRA9ISoqNdVKN7g=";

     

       
31
       
31
       
-
       
    settingsSha256 = "sha256-ck6ra8y8nn5kA3L9/VcRR2W2RaWvfVbgBiOh2dRJr/8=";

     

       
32
       
32
       
-
       
    persistencedSha256 = "sha256-dt/Tqxp7ZfnbLel9BavjWDoEdLJvdJRwFjTFOBYYKLI=";

     

       
28
       
28
       
+
       
    version = "525.89.02";

     

       
29
       
29
       
+
       
    sha256_64bit = "sha256-DkEsiMW9mPhCqDmm9kYU8g5MCVDvfP+xKxWKcWM1k+k=";

     

       
30
       
30
       
+
       
    openSha256 = "sha256-MP9ir0Fuodar239r3PbqVxIHd0vHvpDj8Rw55TeFtZM=";

     

       
31
       
31
       
+
       
    settingsSha256 = "sha256-7rHaJWm0XHJXsKL8VnU9XT15t/DU8jdsCXQwQT+KaV0=";

     

       
32
       
32
       
+
       
    persistencedSha256 = "sha256-4AmOL6b3GKCjGs6bRDpQAkEG4n41X395znyQF1x9VEs=";

     

       
33
       
33
       
 
       
  };

     

       
34
       
34
       
 
       


     

       
35
       
35
       
 
       
  latest = selectHighestVersion production (generic {

     

···

       
9
       
9
       
 
       


     

       
10
       
10
       
 
       
buildNpmPackage rec {

     

       
11
       
11
       
 
       
  pname = "matrix-appservice-irc";

     

       
12
       
12
       
-
       
  version = "0.36.0";

     

       
12
       
12
       
+
       
  version = "0.37.0";

     

       
13
       
13
       
 
       


     

       
14
       
14
       
 
       
  src = fetchFromGitHub {

     

       
15
       
15
       
 
       
    owner = "matrix-org";

     

       
16
       
16
       
 
       
    repo = "matrix-appservice-irc";

     

       
17
       
17
       
 
       
    rev = "refs/tags/${version}";

     

       
18
       
18
       
-
       
    hash = "sha256-8/jLONqf+0JRAK/SLj3qlG6Dm0VRl4h6YWeZnz4pVXc=";

     

       
18
       
18
       
+
       
    hash = "sha256-krF/eUyGHB4M3sQVaBh7+OaHnM/g9XVaBa8gizPkLKE=";

     

       
19
       
19
       
 
       
  };

     

       
20
       
20
       
 
       


     

       
21
       
21
       
-
       
  npmDepsHash = "sha256-fGft7au5js9DRoXYccBPdJyaZ3zfsuCwUwWPOxwAodo=";

     

       
21
       
21
       
+
       
  npmDepsHash = "sha256-VkVpFt3cwnBkN0AGDaE5Bd6xINGL6XugZ4TBsDONWCg=";

     

       
22
       
22
       
 
       


     

       
23
       
23
       
 
       
  nativeBuildInputs = [

     

       
24
       
24
       
 
       
    python3

     

···

       
20
       
20
       
 
       
, gnutls

     

       
21
       
21
       
 
       
, systemd

     

       
22
       
22
       
 
       
, samba

     

       
23
       
23
       
+
       
, talloc

     

       
23
       
24
       
 
       
, jansson

     

       
25
       
25
       
+
       
, ldb

     

       
24
       
26
       
 
       
, libtasn1

     

       
25
       
27
       
 
       
, tdb

     

       
28
       
28
       
+
       
, tevent

     

       
26
       
29
       
 
       
, libxcrypt

     

       
27
       
30
       
 
       
, cmocka

     

       
28
       
31
       
 
       
, rpcsvc-proto

     
···

       
100
       
103
       
 
       
    libarchive

     

       
101
       
104
       
 
       
    zlib

     

       
102
       
105
       
 
       
    gnutls

     

       
106
       
106
       
+
       
    ldb

     

       
107
       
107
       
+
       
    talloc

     

       
103
       
108
       
 
       
    libtasn1

     

       
104
       
109
       
 
       
    tdb

     

       
110
       
110
       
+
       
    tevent

     

       
105
       
111
       
 
       
    libxcrypt

     

       
106
       
112
       
 
       
  ] ++ optionals stdenv.isLinux [ liburing systemd ]

     

       
107
       
113
       
 
       
    ++ optionals stdenv.isDarwin [ libiconv ]

     
···

       
143
       
149
       
 
       
  ++ optionals (!enableLDAP) [

     

       
144
       
150
       
 
       
    "--without-ldap"

     

       
145
       
151
       
 
       
    "--without-ads"

     

       
152
       
152
       
+
       
    "--bundled-libraries=!ldb,!pyldb-util!talloc,!pytalloc-util,!tevent,!tdb,!pytdb"

     

       
146
       
153
       
 
       
  ] ++ optional enableLibunwind "--with-libunwind"

     

       
147
       
154
       
 
       
    ++ optional enableProfiling "--with-profiling-data"

     

       
148
       
155
       
 
       
    ++ optional (!enableAcl) "--without-acl-support"

     

···

       
15
       
15
       
 
       


     

       
16
       
16
       
 
       
rustPlatform.buildRustPackage rec {

     

       
17
       
17
       
 
       
  pname = "broot";

     

       
18
       
18
       
-
       
  version = "1.20.0";

     

       
18
       
18
       
+
       
  version = "1.20.1";

     

       
19
       
19
       
 
       


     

       
20
       
20
       
 
       
  src = fetchFromGitHub {

     

       
21
       
21
       
 
       
    owner = "Canop";

     

       
22
       
22
       
 
       
    repo = pname;

     

       
23
       
23
       
 
       
    rev = "v${version}";

     

       
24
       
24
       
-
       
    hash = "sha256-+bOdUjBMxYT4qbZ8g5l0pDZJhXaeuYVygb13sx7mg28=";

     

       
24
       
24
       
+
       
    hash = "sha256-W8B4e8x9IoINR4NSm8jVBqXZbe1T/4z3RVmNrLVzV1M=";

     

       
25
       
25
       
 
       
  };

     

       
26
       
26
       
 
       


     

       
27
       
27
       
-
       
  cargoHash = "sha256-r/oj5ZgBjJXowFa95GKPACruH3bnPHjjyaSRewogXHQ=";

     

       
27
       
27
       
+
       
  cargoHash = "sha256-XEvIqzSkusOv+boNZbTRxXVN566SduNDcZSkomJRMsk=";

     

       
28
       
28
       
 
       


     

       
29
       
29
       
 
       
  nativeBuildInputs = [

     

       
30
       
30
       
 
       
    installShellFiles

     

···

       
2
       
2
       
 
       


     

       
3
       
3
       
 
       
stdenv.mkDerivation rec {

     

       
4
       
4
       
 
       
  pname = "nb";

     

       
5
       
5
       
-
       
  version = "7.3.0";

     

       
5
       
5
       
+
       
  version = "7.4.1";

     

       
6
       
6
       
 
       


     

       
7
       
7
       
 
       
  src = fetchFromGitHub {

     

       
8
       
8
       
 
       
    owner = "xwmx";

     

       
9
       
9
       
 
       
    repo = "nb";

     

       
10
       
10
       
 
       
    rev = version;

     

       
11
       
11
       
-
       
    sha256 = "sha256-R5B49648X9UP2al4VRRAl/T9clgvCztYxpbDHwQmDM8=";

     

       
11
       
11
       
+
       
    sha256 = "sha256-5QuNv6sRr/pfw0Vk+jfSjpowWfsD4kh7c2YoEEuUeKE=";

     

       
12
       
12
       
 
       
  };

     

       
13
       
13
       
 
       


     

       
14
       
14
       
 
       
  nativeBuildInputs = [ installShellFiles ];