diff --git a/maintainers/maintainer-list.nix b/maintainers/maintainer-list.nix
index 397e15c3f0617..ce6ff26a819bd 100644
--- a/maintainers/maintainer-list.nix
+++ b/maintainers/maintainer-list.nix
@@ -6661,6 +6661,16 @@
githubId = 5837359;
name = "Adrian Pistol";
};
+ vika_nezrimaya = {
+ email = "vika@fireburn.ru";
+ github = "kisik21";
+ githubId = 7953163;
+ name = "Vika Shleina";
+ keys = [{
+ longkeyid = "rsa4096/0x5402B9B5497BACDB";
+ fingerprint = "A03C D09C 36CF D9F6 1ADF AF11 5402 B9B5 497B ACDB";
+ }];
+ };
vinymeuh = {
email = "vinymeuh@gmail.com";
github = "vinymeuh";
diff --git a/nixos/doc/manual/release-notes/rl-1909.xml b/nixos/doc/manual/release-notes/rl-1909.xml
index 93cc1f2a1384a..36bea28530be2 100644
--- a/nixos/doc/manual/release-notes/rl-1909.xml
+++ b/nixos/doc/manual/release-notes/rl-1909.xml
@@ -48,6 +48,15 @@
To gain root privileges use sudo -i without a password.
+
+
+ We've updated to Xfce 4.14, which brings a new module .
+ If you'd like to upgrade, please switch from the module as it
+ will be deprecated in a future release. They're incompatibilities with the current Xfce module; it doesn't support
+ and it isn't recommended to use
+ and simultaneously or to downgrade from Xfce 4.14 after upgrading.
+
+
diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix
index 6331e76c648fa..75df6c8d453cc 100644
--- a/nixos/modules/module-list.nix
+++ b/nixos/modules/module-list.nix
@@ -770,6 +770,7 @@
./services/system/uptimed.nix
./services/torrent/deluge.nix
./services/torrent/flexget.nix
+ ./services/torrent/magnetico.nix
./services/torrent/opentracker.nix
./services/torrent/peerflix.nix
./services/torrent/transmission.nix
diff --git a/nixos/modules/services/continuous-integration/gitlab-runner.nix b/nixos/modules/services/continuous-integration/gitlab-runner.nix
index 3ceaa6f5ff3e6..3d307b1abcf83 100644
--- a/nixos/modules/services/continuous-integration/gitlab-runner.nix
+++ b/nixos/modules/services/continuous-integration/gitlab-runner.nix
@@ -111,7 +111,10 @@ in
config = mkIf cfg.enable {
systemd.services.gitlab-runner = {
path = cfg.packages;
- environment = config.networking.proxy.envVars;
+ environment = config.networking.proxy.envVars // {
+ # Gitlab runner will not start if the HOME variable is not set
+ HOME = cfg.workDir;
+ };
description = "Gitlab Runner";
after = [ "network.target" ]
++ optional hasDocker "docker.service";
diff --git a/nixos/modules/services/torrent/magnetico.nix b/nixos/modules/services/torrent/magnetico.nix
new file mode 100644
index 0000000000000..02fa2ac0750a5
--- /dev/null
+++ b/nixos/modules/services/torrent/magnetico.nix
@@ -0,0 +1,214 @@
+{ config, lib, pkgs, ... }:
+
+with lib;
+
+let
+ cfg = config.services.magnetico;
+
+ dataDir = "/var/lib/magnetico";
+
+ credFile = with cfg.web;
+ if credentialsFile != null
+ then credentialsFile
+ else pkgs.writeText "magnetico-credentials"
+ (concatStrings (mapAttrsToList
+ (user: hash: "${user}:${hash}\n")
+ cfg.web.credentials));
+
+ # default options in magneticod/main.go
+ dbURI = concatStrings
+ [ "sqlite3://${dataDir}/database.sqlite3"
+ "?_journal_mode=WAL"
+ "&_busy_timeout=3000"
+ "&_foreign_keys=true"
+ ];
+
+ crawlerArgs = with cfg.crawler; escapeShellArgs
+ ([ "--database=${dbURI}"
+ "--indexer-addr=${address}:${toString port}"
+ "--indexer-max-neighbors=${toString maxNeighbors}"
+ "--leech-max-n=${toString maxLeeches}"
+ ] ++ extraOptions);
+
+ webArgs = with cfg.web; escapeShellArgs
+ ([ "--database=${dbURI}"
+ (if (cfg.web.credentialsFile != null || cfg.web.credentials != { })
+ then "--credentials=${toString credFile}"
+ else "--no-auth")
+ ] ++ extraOptions);
+
+in {
+
+ ###### interface
+
+ options.services.magnetico = {
+ enable = mkEnableOption "Magnetico, Bittorrent DHT crawler";
+
+ crawler.address = mkOption {
+ type = types.str;
+ default = "0.0.0.0";
+ example = "1.2.3.4";
+ description = ''
+ Address to be used for indexing DHT nodes.
+ '';
+ };
+
+ crawler.port = mkOption {
+ type = types.port;
+ default = 0;
+ description = ''
+ Port to be used for indexing DHT nodes.
+ This port should be added to
+ .
+ '';
+ };
+
+ crawler.maxNeighbors = mkOption {
+ type = types.ints.positive;
+ default = 1000;
+ description = ''
+ Maximum number of simultaneous neighbors of an indexer.
+ Be careful changing this number: high values can very
+ easily cause your network to be congested or even crash
+ your router.
+ '';
+ };
+
+ crawler.maxLeeches = mkOption {
+ type = types.ints.positive;
+ default = 200;
+ description = ''
+ Maximum number of simultaneous leeches.
+ '';
+ };
+
+ crawler.extraOptions = mkOption {
+ type = types.listOf types.str;
+ default = [];
+ description = ''
+ Extra command line arguments to pass to magneticod.
+ '';
+ };
+
+ web.address = mkOption {
+ type = types.str;
+ default = "localhost";
+ example = "1.2.3.4";
+ description = ''
+ Address the web interface will listen to.
+ '';
+ };
+
+ web.port = mkOption {
+ type = types.port;
+ default = 8080;
+ description = ''
+ Port the web interface will listen to.
+ '';
+ };
+
+ web.credentials = mkOption {
+ type = types.attrsOf types.str;
+ default = {};
+ example = lib.literalExample ''
+ {
+ myuser = "$2y$12$YE01LZ8jrbQbx6c0s2hdZO71dSjn2p/O9XsYJpz.5968yCysUgiaG";
+ }
+ '';
+ description = ''
+ The credentials to access the web interface, in case authentication is
+ enabled, in the format username:hash. If unset no
+ authentication will be required.
+
+ Usernames must start with a lowercase ([a-z]) ASCII character, might
+ contain non-consecutive underscores except at the end, and consists of
+ small-case a-z characters and digits 0-9. The
+ htpasswd tool from the apacheHttpd
+ package may be used to generate the hash: htpasswd
+ -bnBC 12 username password
+
+
+
+ The hashes will be stored world-readable in the nix store.
+ Consider using the credentialsFile option if you
+ don't want this.
+
+
+ '';
+ };
+
+ web.credentialsFile = mkOption {
+ type = types.nullOr types.path;
+ default = null;
+ description = ''
+ The path to the file holding the credentials to access the web
+ interface. If unset no authentication will be required.
+
+ The file must constain user names and password hashes in the format
+ username:hash , one for each line. Usernames must
+ start with a lowecase ([a-z]) ASCII character, might contain
+ non-consecutive underscores except at the end, and consists of
+ small-case a-z characters and digits 0-9.
+ The htpasswd tool from the apacheHttpd
+ package may be used to generate the hash:
+ htpasswd -bnBC 12 username password
+ '';
+ };
+
+ web.extraOptions = mkOption {
+ type = types.listOf types.str;
+ default = [];
+ description = ''
+ Extra command line arguments to pass to magneticow.
+ '';
+ };
+
+ };
+
+ ###### implementation
+
+ config = mkIf cfg.enable {
+
+ users.users.magnetico = {
+ description = "Magnetico daemons user";
+ };
+
+ systemd.services.magneticod = {
+ description = "Magnetico DHT crawler";
+ wantedBy = [ "multi-user.target" ];
+ after = [ "network-online.target" ];
+
+ serviceConfig = {
+ User = "magnetico";
+ Restart = "on-failure";
+ ExecStart = "${pkgs.magnetico}/bin/magneticod ${crawlerArgs}";
+ };
+ };
+
+ systemd.services.magneticow = {
+ description = "Magnetico web interface";
+ wantedBy = [ "multi-user.target" ];
+ after = [ "network-online.target" "magneticod.service"];
+
+ serviceConfig = {
+ User = "magnetico";
+ StateDirectory = "magnetico";
+ Restart = "on-failure";
+ ExecStart = "${pkgs.magnetico}/bin/magneticow ${webArgs}";
+ };
+ };
+
+ assertions =
+ [
+ {
+ assertion = cfg.web.credentialsFile != null || cfg.web.credentials != { };
+ message = ''
+ The options services.magnetico.web.credentialsFile and
+ services.magnetico.web.credentials are mutually exclusives.
+ '';
+ }
+ ];
+
+ };
+
+}
diff --git a/nixos/modules/virtualisation/containers.nix b/nixos/modules/virtualisation/containers.nix
index b65374c925776..b61558b220190 100644
--- a/nixos/modules/virtualisation/containers.nix
+++ b/nixos/modules/virtualisation/containers.nix
@@ -256,6 +256,10 @@ let
RestartForceExitStatus = "133";
SuccessExitStatus = "133";
+ # Some containers take long to start
+ # especially when you automatically start many at once
+ TimeoutStartSec = cfg.timeoutStartSec;
+
Restart = "on-failure";
Slice = "machine.slice";
@@ -423,6 +427,7 @@ let
extraVeths = {};
additionalCapabilities = [];
ephemeral = false;
+ timeoutStartSec = "15s";
allowedDevices = [];
hostAddress = null;
hostAddress6 = null;
@@ -595,6 +600,18 @@ in
'';
};
+ timeoutStartSec = mkOption {
+ type = types.str;
+ default = "1min";
+ description = ''
+ Time for the container to start. In case of a timeout,
+ the container processes get killed.
+ See systemd.time
+ 7
+ for more information about the format.
+ '';
+ };
+
bindMounts = mkOption {
type = with types; loaOf (submodule bindMountOpts);
default = {};
diff --git a/nixos/tests/magnetico.nix b/nixos/tests/magnetico.nix
new file mode 100644
index 0000000000000..bc7aef653ee52
--- /dev/null
+++ b/nixos/tests/magnetico.nix
@@ -0,0 +1,28 @@
+import ./make-test.nix ({ pkgs, ...} : {
+ name = "magnetico";
+ meta = with pkgs.stdenv.lib.maintainers; {
+ maintainers = [ rnhmjoj ];
+ };
+
+ machine = { ... }: {
+ imports = [ ../modules/profiles/minimal.nix ];
+
+ networking.firewall.allowedTCPPorts = [ 9000 ];
+
+ services.magnetico = {
+ enable = true;
+ crawler.port = 9000;
+ web.credentials.user = "$2y$12$P88ZF6soFthiiAeXnz64aOWDsY3Dw7Yw8fZ6GtiqFNjknD70zDmNe";
+ };
+ };
+
+ testScript =
+ ''
+ startAll;
+ $machine->waitForUnit("magneticod");
+ $machine->waitForUnit("magneticow");
+ $machine->succeed("${pkgs.curl}/bin/curl -u user:password http://localhost:8080");
+ $machine->succeed("${pkgs.curl}/bin/curl -u user:wrongpwd http://localhost:8080") =~ "Unauthorised." or die;
+ $machine->shutdown();
+ '';
+})
diff --git a/pkgs/applications/networking/p2p/magnetico/default.nix b/pkgs/applications/networking/p2p/magnetico/default.nix
new file mode 100644
index 0000000000000..1c266d247b7c1
--- /dev/null
+++ b/pkgs/applications/networking/p2p/magnetico/default.nix
@@ -0,0 +1,33 @@
+{ lib, fetchFromGitHub, buildGoModule, go-bindata }:
+
+buildGoModule rec {
+ pname = "magnetico";
+ version = "0.8.1";
+
+ src = fetchFromGitHub {
+ owner = "boramalper";
+ repo = "magnetico";
+ rev = "v${version}";
+ sha256 = "1f7y3z9ql079ix6ycihkmd3z3da3sfiqw2fap31pbvvjs65sg644";
+ };
+
+ modSha256 = "1h9fij8mxlxfw7kxix00n10fkhkvmf8529fxbk1n30cxc1bs2szf";
+
+ buildInputs = [ go-bindata ];
+ buildPhase = ''
+ make magneticow magneticod
+ '';
+
+ doCheck = true;
+ checkPhase = ''
+ make test
+ '';
+
+ meta = with lib; {
+ description = "Autonomous (self-hosted) BitTorrent DHT search engine suite.";
+ homepage = https://github.com/boramalper/magnetico;
+ license = licenses.agpl3;
+ badPlatforms = platforms.darwin;
+ maintainers = with maintainers; [ rnhmjoj ];
+ };
+}
diff --git a/pkgs/development/haskell-modules/configuration-ghc-8.8.x.nix b/pkgs/development/haskell-modules/configuration-ghc-8.8.x.nix
index 2209f5707323b..5debbff4707d1 100644
--- a/pkgs/development/haskell-modules/configuration-ghc-8.8.x.nix
+++ b/pkgs/development/haskell-modules/configuration-ghc-8.8.x.nix
@@ -138,7 +138,7 @@ self: super: {
sha256 = "1lhas4s2ms666prb475gaw2bqw1v4y8cxi66sy20j727sx7ppjs7";
});
unordered-containers = self.unordered-containers_0_2_10_0;
- attoparsec = appendPatch super.attoparsec (pkgs.fetchpatch {
+ attoparsec = appendPatch (doJailbreak super.attoparsec) (pkgs.fetchpatch {
url = "https://raw.githubusercontent.com/hvr/head.hackage/master/patches/attoparsec-0.13.2.2.patch";
sha256 = "13i1p5g0xzxnv966nlyb77mfmxvg9jzbym1d36h1ajn045yf4igl";
});
diff --git a/pkgs/development/libraries/libargon2/default.nix b/pkgs/development/libraries/libargon2/default.nix
index c0dd406dd31fc..9bf05a679cc08 100644
--- a/pkgs/development/libraries/libargon2/default.nix
+++ b/pkgs/development/libraries/libargon2/default.nix
@@ -1,4 +1,4 @@
-{ stdenv, fetchFromGitHub }:
+{ stdenv, fetchFromGitHub, fetchpatch }:
stdenv.mkDerivation rec {
pname = "libargon2";
@@ -11,18 +11,21 @@ stdenv.mkDerivation rec {
sha256 = "0p4ry9dn0mi9js0byijxdyiwx74p1nr8zj7wjpd1fjgqva4sk23i";
};
- installPhase = ''
- runHook preInstall
- mkdir -p $out/lib/pkgconfig
- substitute libargon2.pc $out/lib/pkgconfig/libargon2.pc \
- --replace @UPSTREAM_VER@ "${version}" \
- --replace @HOST_MULTIARCH@ "" \
- --replace 'prefix=/usr' "prefix=$out"
+ patches = [
+ # TODO: remove when https://github.com/P-H-C/phc-winner-argon2/pull/277 is merged + released
+ (fetchpatch {
+ url = "https://github.com/P-H-C/phc-winner-argon2/commit/cd1c1d8d204e4ec4557e358013567c097cb70562.patch";
+ sha256 = "0whqv8b6q9602n7vxpzbd8bk8wz22r1jz9x5lrm9z7ib3wz81c8a";
+ })
+ ];
- make install PREFIX=$out LIBRARY_REL=lib
- ln -s $out/lib/libargon2.so $out/lib/libargon2.so.0
- runHook postInstall
- '';
+ makeFlags = [
+ "AR=${stdenv.cc.targetPrefix}ar" # Fix cross-compilation
+ "PREFIX=${placeholder "out"}"
+ "ARGON2_VERSION=${version}"
+ "LIBRARY_REL=lib"
+ "PKGCONFIG_REL=lib"
+ ];
meta = with stdenv.lib; {
description = "A key derivation function that was selected as the winner of the Password Hashing Competition in July 2015";
diff --git a/pkgs/development/tools/continuous-integration/fly/default.nix b/pkgs/development/tools/continuous-integration/fly/default.nix
index 47af70b37029e..3f394472c40f6 100644
--- a/pkgs/development/tools/continuous-integration/fly/default.nix
+++ b/pkgs/development/tools/continuous-integration/fly/default.nix
@@ -2,16 +2,16 @@
buildGoModule rec {
pname = "fly";
- version = "5.3.0";
+ version = "5.4.1";
src = fetchFromGitHub {
owner = "concourse";
repo = "concourse";
rev = "v${version}";
- sha256 = "06ns98k47nafhkkj7gkmxp7msn4ssypyss6ll0fm6380vq2cavnj";
+ sha256 = "15lkhdvxqcryn5k7qflkby666ddj66gpqzga13yxjgjjp7zx2mi3";
};
- modSha256 = "11rnlmn5hp9nsgkmd716dsjmkr273035j9gzfhjxjsfpiax60i0a";
+ modSha256 = "0wz0v7w2di23cvqpg35zzqs2hvsbjgcrl7pr90ymmpsspq97fkf7";
subPackages = [ "fly" ];
diff --git a/pkgs/servers/mail/dovecot/plugins/pigeonhole/default.nix b/pkgs/servers/mail/dovecot/plugins/pigeonhole/default.nix
index 3d0f921409c64..dce0b91740926 100644
--- a/pkgs/servers/mail/dovecot/plugins/pigeonhole/default.nix
+++ b/pkgs/servers/mail/dovecot/plugins/pigeonhole/default.nix
@@ -2,11 +2,11 @@
stdenv.mkDerivation rec {
name = "dovecot-pigeonhole-${version}";
- version = "0.5.7.1";
+ version = "0.5.7.2";
src = fetchurl {
url = "https://pigeonhole.dovecot.org/releases/2.3/dovecot-2.3-pigeonhole-${version}.tar.gz";
- sha256 = "0a10mam68pmdh3fw8fnv5jff6xj1k770hvadym2c39vm3x6b4w1j";
+ sha256 = "1c0ijjmdskxydmvfk8ixxgg8ndnxx1smvycbp7jjd895a9f0r7fm";
};
buildInputs = [ dovecot openssl ];
diff --git a/pkgs/servers/monitoring/prometheus/cups-exporter.nix b/pkgs/servers/monitoring/prometheus/cups-exporter.nix
new file mode 100644
index 0000000000000..9ba73b3d21041
--- /dev/null
+++ b/pkgs/servers/monitoring/prometheus/cups-exporter.nix
@@ -0,0 +1,36 @@
+{ lib, fetchFromGitHub, python3Packages }:
+
+python3Packages.buildPythonApplication rec {
+ pname = "prometheus-cups-exporter-unstable";
+ version = "2019-03-17";
+
+ format = "other";
+
+ src = fetchFromGitHub {
+ owner = "ThoreKr";
+ repo = "cups_exporter";
+ rev = "8fd1c2517e9878b7b7c73a450e5e546f437954a9";
+ sha256 = "1cwk2gbw2svqjlzgwv5wqzhq7fxwrwsrr0kkbnqn4mfb0kq6pa8m";
+ };
+
+ propagatedBuildInputs = with python3Packages; [ prometheus_client pycups ];
+
+ installPhase = ''
+ mkdir -p $out/share/
+ cp cups_exporter.py $out/share/
+ '';
+
+ fixupPhase = ''
+ makeWrapper "${python3Packages.python.interpreter}" "$out/bin/prometheus-cups-exporter" \
+ --set PYTHONPATH "$PYTHONPATH" \
+ --add-flags "$out/share/cups_exporter.py"
+ '';
+
+ meta = with lib; {
+ description = "A simple prometheus exporter for cups implemented in python";
+ homepage = "https://github.com/ThoreKr/cups_exporter";
+ license = licenses.unfree;
+ maintainers = [ maintainers.mmahut ];
+ platforms = platforms.all;
+ };
+}
diff --git a/pkgs/tools/networking/zerotierone/default.nix b/pkgs/tools/networking/zerotierone/default.nix
index 59bab468c5366..367c518ad828f 100644
--- a/pkgs/tools/networking/zerotierone/default.nix
+++ b/pkgs/tools/networking/zerotierone/default.nix
@@ -2,13 +2,13 @@
stdenv.mkDerivation rec {
pname = "zerotierone";
- version = "1.4.2";
+ version = "1.4.4";
src = fetchFromGitHub {
owner = "zerotier";
repo = "ZeroTierOne";
rev = version;
- sha256 = "1b78jr33xawdkn8dcs884g6klj0zg4dazwhr1qhrj7x54bs7gizr";
+ sha256 = "1b9qm01ximz2j6yimp7bs86h4kaz8jsjxxb6c2js43dzp98k0m94";
};
preConfigure = ''
@@ -42,7 +42,7 @@ stdenv.mkDerivation rec {
meta = with stdenv.lib; {
description = "Create flat virtual Ethernet networks of almost unlimited size";
homepage = https://www.zerotier.com;
- license = licenses.gpl3;
+ license = licenses.bsl11;
maintainers = with maintainers; [ sjmackenzie zimbatm ehmry obadz ];
platforms = platforms.x86_64 ++ platforms.aarch64;
};
diff --git a/pkgs/tools/system/lr/default.nix b/pkgs/tools/system/lr/default.nix
index 38fe1e6347f9e..39cd429e1f932 100644
--- a/pkgs/tools/system/lr/default.nix
+++ b/pkgs/tools/system/lr/default.nix
@@ -18,6 +18,6 @@ stdenv.mkDerivation rec {
description = "List files recursively";
license = licenses.mit;
platforms = platforms.all;
- maintainers = [ ];
+ maintainers = with maintainers; [ vika_nezrimaya ];
};
}
diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix
index f19df2862c583..d290cb592e162 100644
--- a/pkgs/top-level/all-packages.nix
+++ b/pkgs/top-level/all-packages.nix
@@ -15019,6 +15019,7 @@ in
prometheus-bind-exporter = callPackage ../servers/monitoring/prometheus/bind-exporter.nix { };
prometheus-blackbox-exporter = callPackage ../servers/monitoring/prometheus/blackbox-exporter.nix { };
prometheus-collectd-exporter = callPackage ../servers/monitoring/prometheus/collectd-exporter.nix { };
+ prometheus-cups-exporter = callPackage ../servers/monitoring/prometheus/cups-exporter.nix { };
prometheus-consul-exporter = callPackage ../servers/monitoring/prometheus/consul-exporter.nix { };
prometheus-dnsmasq-exporter = callPackage ../servers/monitoring/prometheus/dnsmasq-exporter.nix { };
prometheus-dovecot-exporter = callPackage ../servers/monitoring/prometheus/dovecot-exporter.nix { };
@@ -19460,6 +19461,8 @@ in
marp = callPackage ../applications/office/marp { };
+ magnetico = callPackage ../applications/networking/p2p/magnetico { };
+
matchbox = callPackage ../applications/window-managers/matchbox { };
mblaze = callPackage ../applications/networking/mailreaders/mblaze { };