Skip to content
This repository was archived by the owner on Apr 12, 2021. It is now read-only.
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: NixOS/nixpkgs-channels
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: f2b55f28271c
Choose a base ref
...
head repository: NixOS/nixpkgs-channels
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: a7a8bf9040c8
Choose a head ref
21 contributors

Commits on Dec 10, 2019

  1. wrapGAppsHook: don't add empty variables 

    Adding empty variables can lead to this problem:

```diff
 wrapProgram \
     ./pye_menu_shell \
     --prefix PATH : /nix/store/4c3z5r6yxsf2cxwwyazhdn92xixn4j5b-python3-3.7.5/bin:/nix/store/b3l3niilvqcxcsbxmd6sgqk1dy1rk81c-pye-menu-1.0/bin:/nix/store/y8j1cfj8d9r5rbbxc22w7hnfjw5f4fd3-cairo-1.16.0-dev/bin:/nix/store/6mg7lfbdh9pgx7pbxr3544qqbrigdl1q-freetype-2.10.1-dev/bin:/nix/store/gpszqcy0xi0lavbbjdq82zkkjp3jbp2a-bzip2-1.0.6.0.1-bin/bin:/nix/store/031c5pk5lzabgmpqpyd46hzi625as6bp-libpng-apng-1.6.37-dev/bin:/nix/store/f8kl7kmpv130aw9zm542p74a3hg0yc13-fontconfig-2.12.6-bin/bin:/nix/store/bqp30vkncmm222mjvwggz0s7p318sflj-expat-2.2.7-dev/bin:/nix/store/w57xa8g4s4aviwmqwgra7m5hwj2b005m-glib-2.60.7-dev/bin:/nix/store/v5d4966ahvfir2hwpv003022f3pb7vik-gettext-0.19.8.1/bin:/nix/store/qpvxhl1jr0fxnrx9idnpdagqs00m5m2z-glib-2.60.7/bin \
     --set PYTHONNOUSERSITE true \
     --set GDK_PIXBUF_MODULE_FILE /nix/store/7ddlakx6xjczqbfs80xjd14f30fzadws-gdk-pixbuf-2.38.1/lib/gdk-pixbuf-2.0/2.10.0/loaders.cache \
     --prefix XDG_DATA_DIRS : /nix/store/0snjc1qg89zqn3v35l9d55xrykh9nj5c-gtk+3-3.24.10/share/gsettings-schemas/gtk+3-3.24.10:/nix/store/b41z51vdv11n6df8ki5vj8dynxw98f9l-gsettings-desktop-schemas-3.32.0/share/gsettings-schemas/gsettings-desktop-schemas-3.32.0:/nix/store/0snjc1qg89zqn3v35l9d55xrykh9nj5c-gtk+3-3.24.10/share/gsettings-schemas/gtk+3-3.24.10 \
-     --prefix GST_PLUGIN_SYSTEM_PATH_1_0 : \
+     --prefix GST_PLUGIN_SYSTEM_PATH_1_0 : "" \
     --prefix GI_TYPELIB_PATH : /nix/store/0snjc1qg89zqn3v35l9d55xrykh9nj5c-gtk+3-3.24.10/lib/girepository-1.0:/nix/store/z29l5xaaxh1s0697mcldj71ab0zshry1-librsvg-2.44.15/lib/girepository-1.0:/nix/store/pija1xzm7izxfb5m2hvhvlwp1l38ffxa-gobject-introspection-1.60.2/lib/girepository-1.0 \
-     --prefix GRL_PLUGIN_PATH :
+     --prefix GRL_PLUGIN_PATH : ""
```
Where the diff is to highlight the problem: we don't have a valid value
for GST_PLUGIN_SYSTEM_PATH_1_0 or GRL_PLUGIN_PATH, and instead of
passing the empy string, the empty string gets unquoted somewhere, so we
end up passing no arguments, thus the parser in wrapProgram takes
--prefix as the argument of GST_PLUGIN_SYSTEM_PATH_1_0, and then
GI_TYPELIB_PATH is missing it's --prefix so wrapProgram complains/dies.

The easiest change is to not add empty arguments to the wrapper
    Kovacsics Robert committed Dec 10, 2019
    Copy the full SHA
    2c8c8f2 View commit details

Commits on Dec 11, 2019

  1. bluez: enable checkPhase on x86_64-linux

    @worldofpeace
    worldofpeace committed Dec 11, 2019
    Copy the full SHA
    b5a3336 View commit details

  2. Merge pull request #75317 from worldofpeace/bluez-docheck 

    bluez: enable checkPhase on x86_64-linux
    @worldofpeace
    worldofpeace authored Dec 11, 2019

    Verified

    This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
    GPG key ID: 4AEE18F83AFDEB23
    Expired
    Verified
    Learn about vigilant mode
    Copy the full SHA
    fb390ed View commit details

  3. python3Packages.astor: 0.8.0 -> 0.8.1

    Jonathan Ringer committed Dec 11, 2019
    Copy the full SHA
    c0ea42c View commit details

  4. Merge pull request #75450 from KoviRobi/fix-wrap-gapps-hook-shell-quo… 

    …ting

wrapGAppsHook: don't add empty variables (see also #75443)
    @worldofpeace
    worldofpeace authored Dec 11, 2019

    Verified

    This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
    GPG key ID: 4AEE18F83AFDEB23
    Expired
    Verified
    Learn about vigilant mode
    Copy the full SHA
    25879b3 View commit details

Commits on Dec 12, 2019

  1. nixos/nfs: convert test to python

    @kwohlfahrt
    kwohlfahrt committed Dec 12, 2019
    Copy the full SHA
    59a0e58 View commit details

  2. nfs-utils: build svcgssd 

    Necessary for nfs server with kerberos auth
    @kwohlfahrt
    kwohlfahrt committed Dec 12, 2019
    Copy the full SHA
    7b83883 View commit details

  3. linux: patch request-key binary path 

    This is necessary for id mapping to work with NFS + Kerberos, and also
touches #68106 and 634638.
    @kwohlfahrt
    kwohlfahrt committed Dec 12, 2019
    Copy the full SHA
    ea55a2d View commit details

  4. nixos/nfs: test nfs with kerberos authentication

    @kwohlfahrt
    kwohlfahrt committed Dec 12, 2019
    Copy the full SHA
    0dce66a View commit details

  5. nfs: set up request-key for id mapping 

    A patch is necessary upstream to support multiple configs via symlinks
in /etc/request-key.d

Once that is done, we can add support for CIFS as well
    @kwohlfahrt
    kwohlfahrt committed Dec 12, 2019
    Copy the full SHA
    b1c10bc View commit details

  6. keyutils: patch to allow symlinks in config dir

    @kwohlfahrt
    kwohlfahrt committed Dec 12, 2019
    Copy the full SHA
    e0b9b5f View commit details

Commits on Dec 13, 2019

  1. nfs-utils: link nfs tests

    @Mic92
    Mic92 committed Dec 13, 2019

    Verified

    This commit was signed with the committer’s verified signature. The key has expired.
    Mic92 Jörg Thalheim
    GPG key ID: B3F5D81B0C6967C4
    Expired
    Verified
    Learn about vigilant mode
    Copy the full SHA
    e71bd33 View commit details

  2. nixos/nfs: Allow Kerberized NFS (#73989) 

    nixos/nfs: Allow Kerberized NFS
    @Mic92
    Mic92 authored Dec 13, 2019

    Verified

    This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
    GPG key ID: 4AEE18F83AFDEB23
    Expired
    Verified
    Learn about vigilant mode
    Copy the full SHA
    1c329c9 View commit details

Commits on Dec 14, 2019

  1. python3.pkgs.pygobject2: 2.28.6 -> 2.28.7 

    https://download.gnome.org/sources/pygobject/2.28/pygobject-2.28.7.news
    @jtojnar
    jtojnar committed Dec 14, 2019

    Verified

    This commit was signed with the committer’s verified signature.
    jtojnar Jan Tojnar
    GPG key ID: 7FAB2A15F7A607A4
    Verified
    Learn about vigilant mode
    Copy the full SHA
    4b8db05 View commit details

  2. Merge pull request #75627 from jtojnar/pygobject-2.28.7 

    python3.pkgs.pygobject2: 2.28.6 -> 2.28.7
    @jtojnar
    jtojnar authored Dec 14, 2019

    Verified

    This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
    GPG key ID: 4AEE18F83AFDEB23
    Expired
    Verified
    Learn about vigilant mode
    Copy the full SHA
    025e4fd View commit details

  3. Merge branch 'staging-next' into staging

    @jtojnar
    jtojnar committed Dec 14, 2019

    Verified

    This commit was signed with the committer’s verified signature.
    jtojnar Jan Tojnar
    GPG key ID: 7FAB2A15F7A607A4
    Verified
    Learn about vigilant mode
    Copy the full SHA
    aa3cb8b View commit details

  4. openh264: 1.8.0 -> 2.0.0 (#64100) 

    * openh264: 1.8.0 -> 2.0.0

Semi-automatic update generated by
https://github.com/ryantm/nixpkgs-update tools. This update was made
based on information from
https://repology.org/metapackage/openh264/versions
    @r-ryantm @c0bw3b
    r-ryantm authored and c0bw3b committed Dec 14, 2019
    Copy the full SHA
    5aae6ee View commit details

Commits on Dec 15, 2019

  1. Merge staging-next into staging

    @FRidh
    FRidh committed Dec 15, 2019
    Copy the full SHA
    7266f3a View commit details

  2. python: Rtree: 0.9.1 -> 0.9.2

    @FRidh
    FRidh committed Dec 15, 2019
    Copy the full SHA
    7cdaf6a View commit details

  3. python: aresponses: 1.1.1 -> 1.1.2

    @FRidh
    FRidh committed Dec 15, 2019
    Copy the full SHA
    8d0e95e View commit details

  4. python: argcomplete: 1.10.2 -> 1.10.3

    @FRidh
    FRidh committed Dec 15, 2019
    Copy the full SHA
    37b6860 View commit details

  5. python: awkward: 0.12.16 -> 0.12.17

    @FRidh
    FRidh committed Dec 15, 2019
    Copy the full SHA
    bdeb6a0 View commit details

  6. python: aws-xray-sdk: 2.4.2 -> 2.4.3

    @FRidh
    FRidh committed Dec 15, 2019
    Copy the full SHA
    433b811 View commit details

  7. python: bottle: 0.12.17 -> 0.12.18

    @FRidh
    FRidh committed Dec 15, 2019
    Copy the full SHA
    6fe277d View commit details

  8. python: caldav: 0.6.1 -> 0.6.2

    @FRidh
    FRidh committed Dec 15, 2019
    Copy the full SHA
    d9724d7 View commit details

  9. python: catalogue: 0.0.7 -> 0.0.8

    @FRidh
    FRidh committed Dec 15, 2019
    Copy the full SHA
    c432c43 View commit details

  10. python: cmd2: 0.9.21 -> 0.9.22

    @FRidh
    FRidh committed Dec 15, 2019
    Copy the full SHA
    b08de9f View commit details

  11. python: colorama: 0.4.1 -> 0.4.3

    @FRidh
    FRidh committed Dec 15, 2019
    Copy the full SHA
    6afc1eb View commit details

  12. python: ConfigArgParse: 0.15.1 -> 0.15.2

    @FRidh
    FRidh committed Dec 15, 2019
    Copy the full SHA
    9b2d1c3 View commit details

  13. python: ddt: 1.2.1 -> 1.2.2

    @FRidh
    FRidh committed Dec 15, 2019
    Copy the full SHA
    ee848a8 View commit details

  14. python: django-mailman3: 1.3.0 -> 1.3.1

    @FRidh
    FRidh committed Dec 15, 2019
    Copy the full SHA
    3f1e613 View commit details

  15. python: Django: 2.1.14 -> 2.1.15

    @FRidh
    FRidh committed Dec 15, 2019
    Copy the full SHA
    32edac5 View commit details

  16. python: django-contrib-comments: 1.9.1 -> 1.9.2

    @FRidh
    FRidh committed Dec 15, 2019
    Copy the full SHA
    d6af560 View commit details

  17. python: django-reversion: 3.0.4 -> 3.0.5

    @FRidh
    FRidh committed Dec 15, 2019
    Copy the full SHA
    2315e1b View commit details

  18. python: dulwich: 0.19.13 -> 0.19.14

    @FRidh
    FRidh committed Dec 15, 2019
    Copy the full SHA
    2e5df9f View commit details

  19. python: Faker: 2.0.4 -> 2.0.5

    @FRidh
    FRidh committed Dec 15, 2019
    Copy the full SHA
    22d1506 View commit details

  20. python: Fiona: 1.8.11 -> 1.8.13

    @FRidh
    FRidh committed Dec 15, 2019
    Copy the full SHA
    bc28079 View commit details

  21. python: FoxDot: 0.8.3 -> 0.8.4

    @FRidh
    FRidh committed Dec 15, 2019
    Copy the full SHA
    dacd463 View commit details

  22. python: hdbscan: 0.8.23 -> 0.8.24

    @FRidh
    FRidh committed Dec 15, 2019
    Copy the full SHA
    567c5ac View commit details

  23. python: holoviews: 1.12.6 -> 1.12.7

    @FRidh
    FRidh committed Dec 15, 2019
    Copy the full SHA
    8328360 View commit details

  24. python: homeassistant_pyozw: 0.1.4 -> 0.1.7

    @FRidh
    FRidh committed Dec 15, 2019
    Copy the full SHA
    a5a00be View commit details

  25. python: identify: 1.4.7 -> 1.4.8

    @FRidh
    FRidh committed Dec 15, 2019
    Copy the full SHA
    4f66e96 View commit details

  26. python: joblib: 0.14.0 -> 0.14.1

    @FRidh
    FRidh committed Dec 15, 2019
    Copy the full SHA
    755f960 View commit details

  27. python: junos-eznc: 2.3.0 -> 2.3.1

    @FRidh
    FRidh committed Dec 15, 2019
    Copy the full SHA
    a453c12 View commit details

  28. python: Kajiki: 0.8.1 -> 0.8.2

    @FRidh
    FRidh committed Dec 15, 2019
    Copy the full SHA
    606433e View commit details

  29. python: kombu: 4.6.6 -> 4.6.7

    @FRidh
    FRidh committed Dec 15, 2019
    Copy the full SHA
    6c9da10 View commit details

  30. python: lightgbm: 2.3.0 -> 2.3.1

    @FRidh
    FRidh committed Dec 15, 2019
    Copy the full SHA
    8446c55 View commit details

  31. python: mozdevice: 3.0.5 -> 3.0.6

    @FRidh
    FRidh committed Dec 15, 2019
    Copy the full SHA
    b577cf2 View commit details

  32. python: matplotlib: 3.1.1 -> 3.1.2

    @FRidh
    FRidh committed Dec 15, 2019
    Copy the full SHA
    250363d View commit details

  33. python: mysqlclient: 1.4.5 -> 1.4.6

    @FRidh
    FRidh committed Dec 15, 2019
    Copy the full SHA
    84e0764 View commit details
Showing with 553 additions and 448 deletions.
  1. +6 −0 nixos/modules/tasks/filesystems/nfs.nix
  2. +2 −2 nixos/release-combined.nix
  3. +3 −2 nixos/tests/all-tests.nix
  4. +0 −90 nixos/tests/nfs.nix
  5. +9 −0 nixos/tests/nfs/default.nix
  6. +133 −0 nixos/tests/nfs/kerberos.nix
  7. +94 −0 nixos/tests/nfs/simple.nix
  8. +2 −2 pkgs/applications/graphics/drawio/default.nix
  9. +2 −2 pkgs/applications/networking/instant-messengers/signal-desktop/default.nix
  10. +2 −2 pkgs/applications/networking/mailreaders/mutt/default.nix
  11. +3 −1 pkgs/build-support/setup-hooks/wrap-gapps-hook.sh
  12. +2 −2 pkgs/development/libraries/gstreamer/bad/default.nix
  13. +2 −2 pkgs/development/libraries/gstreamer/base/default.nix
  14. +2 −2 pkgs/development/libraries/gstreamer/core/default.nix
  15. +2 −2 pkgs/development/libraries/gstreamer/ges/default.nix
  16. +2 −2 pkgs/development/libraries/gstreamer/good/default.nix
  17. +2 −2 pkgs/development/libraries/gstreamer/libav/default.nix
  18. +2 −2 pkgs/development/libraries/gstreamer/rtsp-server/default.nix
  19. +2 −2 pkgs/development/libraries/gstreamer/ugly/default.nix
  20. +2 −2 pkgs/development/libraries/gstreamer/vaapi/default.nix
  21. +2 −2 pkgs/development/libraries/gstreamer/validate/default.nix
  22. +2 −2 pkgs/development/libraries/libuv/default.nix
  23. +2 −2 pkgs/development/libraries/nghttp2/default.nix
  24. +7 −9 pkgs/development/libraries/openh264/default.nix
  25. +2 −2 pkgs/development/python-modules/Rtree/default.nix
  26. +2 −2 pkgs/development/python-modules/aresponses/default.nix
  27. +2 −2 pkgs/development/python-modules/argcomplete/default.nix
  28. +4 −12 pkgs/development/python-modules/astor/default.nix
  29. +2 −2 pkgs/development/python-modules/awkward/default.nix
  30. +2 −2 pkgs/development/python-modules/aws-xray-sdk/default.nix
  31. +2 −2 pkgs/development/python-modules/bottle/default.nix
  32. +17 −9 pkgs/development/python-modules/bottleneck/default.nix
  33. +2 −2 pkgs/development/python-modules/caldav/default.nix
  34. +2 −2 pkgs/development/python-modules/catalogue/default.nix
  35. +2 −2 pkgs/development/python-modules/cmd2/default.nix
  36. +2 −2 pkgs/development/python-modules/colorama/default.nix
  37. +2 −2 pkgs/development/python-modules/configargparse/default.nix
  38. +2 −2 pkgs/development/python-modules/dask/default.nix
  39. +2 −2 pkgs/development/python-modules/ddt/default.nix
  40. +2 −2 pkgs/development/python-modules/django-mailman3/default.nix
  41. +2 −2 pkgs/development/python-modules/django/2_1.nix
  42. +2 −2 pkgs/development/python-modules/django_contrib_comments/default.nix
  43. +2 −2 pkgs/development/python-modules/django_reversion/default.nix
  44. +2 −2 pkgs/development/python-modules/dulwich/default.nix
  45. +2 −2 pkgs/development/python-modules/faker/default.nix
  46. +2 −2 pkgs/development/python-modules/fiona/default.nix
  47. +2 −2 pkgs/development/python-modules/foxdot/default.nix
  48. +2 −2 pkgs/development/python-modules/hdbscan/default.nix
  49. +2 −2 pkgs/development/python-modules/holoviews/default.nix
  50. +2 −2 pkgs/development/python-modules/homeassistant-pyozw/default.nix
  51. +2 −2 pkgs/development/python-modules/identify/default.nix
  52. +2 −2 pkgs/development/python-modules/joblib/default.nix
  53. +2 −2 pkgs/development/python-modules/junos-eznc/default.nix
  54. +2 −2 pkgs/development/python-modules/kajiki/default.nix
  55. +2 −2 pkgs/development/python-modules/kombu/default.nix
  56. +2 −2 pkgs/development/python-modules/lightgbm/default.nix
  57. +2 −2 pkgs/development/python-modules/marionette-harness/mozdevice.nix
  58. +2 −2 pkgs/development/python-modules/matplotlib/default.nix
  59. +1 −1 pkgs/development/python-modules/mysqlclient/default.nix
  60. +2 −2 pkgs/development/python-modules/nest-asyncio/default.nix
  61. +2 −2 pkgs/development/python-modules/nipype/neurdflib.nix
  62. +2 −2 pkgs/development/python-modules/openpyxl/default.nix
  63. +2 −2 pkgs/development/python-modules/pafy/default.nix
  64. +2 −2 pkgs/development/python-modules/parameterized/default.nix
  65. +2 −2 pkgs/development/python-modules/passlib/default.nix
  66. +2 −2 pkgs/development/python-modules/pbr/default.nix
  67. +2 −2 pkgs/development/python-modules/pgspecial/default.nix
  68. +2 −2 pkgs/development/python-modules/pluggy/default.nix
  69. +2 −2 pkgs/development/python-modules/preggy/default.nix
  70. +2 −2 pkgs/development/python-modules/psd-tools/default.nix
  71. +2 −2 pkgs/development/python-modules/psutil/default.nix
  72. +2 −2 pkgs/development/python-modules/publicsuffix/default.nix
  73. +2 −2 pkgs/development/python-modules/pybullet/default.nix
  74. +2 −2 pkgs/development/python-modules/pyfaidx/default.nix
  75. +5 −9 pkgs/development/python-modules/pygobject/default.nix
  76. +0 −50 pkgs/development/python-modules/pygobject/pygobject-2.28.6-gio-types-2.32.patch
  77. +0 −28 pkgs/development/python-modules/pygobject/pygobject-2.28.6-set_qdata.patch
  78. +2 −2 pkgs/development/python-modules/pyhomematic/default.nix
  79. +4 −3 pkgs/development/python-modules/pyopengl/default.nix
  80. +2 −2 pkgs/development/python-modules/pyrsistent/default.nix
  81. +2 −2 pkgs/development/python-modules/pytest/4.nix
  82. +2 −2 pkgs/development/python-modules/pyvcd/default.nix
  83. +2 −2 pkgs/development/python-modules/pywebpush/default.nix
  84. +2 −2 pkgs/development/python-modules/responses/default.nix
  85. +2 −2 pkgs/development/python-modules/runsnakerun/default.nix
  86. +2 −2 pkgs/development/python-modules/runway-python/default.nix
  87. +2 −2 pkgs/development/python-modules/scipy/default.nix
  88. +2 −2 pkgs/development/python-modules/semantic-version/default.nix
  89. +2 −2 pkgs/development/python-modules/sentry-sdk/default.nix
  90. +2 −2 pkgs/development/python-modules/setuptools/default.nix
  91. +2 −2 pkgs/development/python-modules/sqlmap/default.nix
  92. +2 −2 pkgs/development/python-modules/squaremap/default.nix
  93. +2 −2 pkgs/development/python-modules/statsmodels/default.nix
  94. +2 −2 pkgs/development/python-modules/testfixtures/default.nix
  95. +2 −2 pkgs/development/python-modules/tifffile/default.nix
  96. +2 −2 pkgs/development/python-modules/tox/default.nix
  97. +2 −2 pkgs/development/python-modules/uamqp/default.nix
  98. +2 −2 pkgs/development/python-modules/validators/default.nix
  99. +2 −2 pkgs/development/python-modules/virtualenv/default.nix
  100. +2 −2 pkgs/development/python-modules/wasabi/default.nix
  101. +2 −2 pkgs/development/python-modules/xarray/default.nix
  102. +2 −2 pkgs/development/python-modules/xattr/default.nix
  103. +1 −1 pkgs/development/tools/misc/hydra/default.nix
  104. +4 −3 pkgs/misc/drivers/hplip/default.nix
  105. +2 −0 pkgs/os-specific/linux/bluez/default.nix
  106. +5 −0 pkgs/os-specific/linux/kernel/patches.nix
  107. +13 −0 pkgs/os-specific/linux/kernel/request-key-helper.patch
  108. +13 −0 pkgs/os-specific/linux/keyutils/conf-symlink.patch
  109. +1 −0 pkgs/os-specific/linux/keyutils/default.nix
  110. +8 −1 pkgs/os-specific/linux/nfs-utils/default.nix
  111. +3 −1 pkgs/servers/matrix-synapse/default.nix
  112. +14 −9 pkgs/tools/networking/libreswan/default.nix
  113. +0 −36 pkgs/tools/networking/libreswan/libreswan-3.18-glibc-2.26.patch
  114. +4 −0 pkgs/tools/networking/unbound/default.nix
  115. +2 −2 pkgs/tools/networking/wireguard-tools/default.nix
  116. +2 −2 pkgs/tools/security/vault/default.nix
  117. +7 −5 pkgs/tools/text/mdcat/default.nix
  118. +14 −0 pkgs/top-level/all-packages.nix
6 changes: 6 additions & 0 deletions nixos/modules/tasks/filesystems/nfs.nix
View file
Original file line number Diff line number Diff line change
@@ -25,6 +25,9 @@ let
'';

nfsConfFile = pkgs.writeText "nfs.conf" cfg.extraConfig;
requestKeyConfFile = pkgs.writeText "request-key.conf" ''
create id_resolver * * ${pkgs.nfs-utils}/bin/nfsidmap -t 600 %k %d
'';

cfg = config.services.nfs;

@@ -57,9 +60,12 @@ in

systemd.packages = [ pkgs.nfs-utils ];

environment.systemPackages = [ pkgs.keyutils ];

environment.etc = {
"idmapd.conf".source = idmapdConfFile;
"nfs.conf".source = nfsConfFile;
"request-key.conf".source = requestKeyConfFile;
};

systemd.services.nfs-blkmap =
4 changes: 2 additions & 2 deletions nixos/release-combined.nix
View file
Original file line number Diff line number Diff line change
@@ -120,8 +120,8 @@ in rec {
(all nixos.tests.networking.scripted.macvlan)
(all nixos.tests.networking.scripted.sit)
(all nixos.tests.networking.scripted.vlan)
(all nixos.tests.nfs3)
(all nixos.tests.nfs4)
(all nixos.tests.nfs3.simple)
(all nixos.tests.nfs4.simple)
(all nixos.tests.openssh)
(all nixos.tests.php-pcre)
(all nixos.tests.predictable-interface-names.predictable)
5 changes: 3 additions & 2 deletions nixos/tests/all-tests.nix
View file
Original file line number Diff line number Diff line change
@@ -190,8 +190,9 @@ in
networkingProxy = handleTest ./networking-proxy.nix {};
nextcloud = handleTest ./nextcloud {};
nexus = handleTest ./nexus.nix {};
nfs3 = handleTest ./nfs.nix { version = 3; };
nfs4 = handleTest ./nfs.nix { version = 4; };
# TODO: Test nfsv3 + Kerberos
nfs3 = handleTest ./nfs { version = 3; };
nfs4 = handleTest ./nfs { version = 4; };
nghttpx = handleTest ./nghttpx.nix {};
nginx = handleTest ./nginx.nix {};
nginx-sso = handleTest ./nginx-sso.nix {};
90 changes: 0 additions & 90 deletions nixos/tests/nfs.nix
View file

This file was deleted.

9 changes: 9 additions & 0 deletions nixos/tests/nfs/default.nix
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
{ version ? 4
, system ? builtins.currentSystem
, pkgs ? import ../../.. { inherit system; }
}: {
simple = import ./simple.nix { inherit version system pkgs; };
} // pkgs.lib.optionalAttrs (version == 4) {
# TODO: Test kerberos + nfsv3
kerberos = import ./kerberos.nix { inherit version system pkgs; };
}
133 changes: 133 additions & 0 deletions nixos/tests/nfs/kerberos.nix
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,133 @@
import ../make-test-python.nix ({ pkgs, lib, ... }:

with lib;

let
krb5 =
{ enable = true;
domain_realm."nfs.test" = "NFS.TEST";
libdefaults.default_realm = "NFS.TEST";
realms."NFS.TEST" =
{ admin_server = "server.nfs.test";
kdc = "server.nfs.test";
};
};

hosts =
''
192.168.1.1 client.nfs.test
192.168.1.2 server.nfs.test
'';

users = {
users.alice = {
isNormalUser = true;
name = "alice";
uid = 1000;
};
};

in

{
name = "nfsv4-with-kerberos";

nodes = {
client = { lib, ... }:
{ inherit krb5 users;

networking.extraHosts = hosts;
networking.domain = "nfs.test";
networking.hostName = "client";

fileSystems = lib.mkVMOverride
{ "/data" = {
device = "server.nfs.test:/";
fsType = "nfs";
options = [ "nfsvers=4" "sec=krb5p" "noauto" ];
};
};
};

server = { lib, ...}:
{ inherit krb5 users;

networking.extraHosts = hosts;
networking.domain = "nfs.test";
networking.hostName = "server";

networking.firewall.allowedTCPPorts = [
111 # rpc
2049 # nfs
88 # kerberos
749 # kerberos admin
];

services.kerberos_server.enable = true;
services.kerberos_server.realms =
{ "NFS.TEST".acl =
[ { access = "all"; principal = "admin/admin"; } ];
};

services.nfs.server.enable = true;
services.nfs.server.createMountPoints = true;
services.nfs.server.exports =
''
/data *(rw,no_root_squash,fsid=0,sec=krb5p)
'';
};
};

testScript =
''
server.succeed("mkdir -p /data/alice")
server.succeed("chown alice:users /data/alice")
# set up kerberos database
server.succeed(
"kdb5_util create -s -r NFS.TEST -P master_key",
"systemctl restart kadmind.service kdc.service",
)
server.wait_for_unit(f"kadmind.service")
server.wait_for_unit(f"kdc.service")
# create principals
server.succeed(
"kadmin.local add_principal -randkey nfs/server.nfs.test",
"kadmin.local add_principal -randkey nfs/client.nfs.test",
"kadmin.local add_principal -pw admin_pw admin/admin",
"kadmin.local add_principal -pw alice_pw alice",
)
# add principals to server keytab
server.succeed("kadmin.local ktadd nfs/server.nfs.test")
server.succeed("systemctl start rpc-gssd.service rpc-svcgssd.service")
server.wait_for_unit(f"rpc-gssd.service")
server.wait_for_unit(f"rpc-svcgssd.service")
client.wait_for_unit("network-online.target")
# add principals to client keytab
client.succeed("echo admin_pw | kadmin -p admin/admin ktadd nfs/client.nfs.test")
client.succeed("systemctl start rpc-gssd.service")
client.wait_for_unit("rpc-gssd.service")
with subtest("nfs share mounts"):
client.succeed("systemctl restart data.mount")
client.wait_for_unit("data.mount")
with subtest("permissions on nfs share are enforced"):
client.fail("su alice -c 'ls /data'")
client.succeed("su alice -c 'echo alice_pw | kinit'")
client.succeed("su alice -c 'ls /data'")
client.fail("su alice -c 'echo bla >> /data/foo'")
client.succeed("su alice -c 'echo bla >> /data/alice/foo'")
server.succeed("test -e /data/alice/foo")
with subtest("uids/gids are mapped correctly on nfs share"):
ids = client.succeed("stat -c '%U %G' /data/alice").split()
expected = ["alice", "users"]
assert ids == expected, f"ids incorrect: got {ids} expected {expected}"
'';
})
94 changes: 94 additions & 0 deletions nixos/tests/nfs/simple.nix
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,94 @@
import ../make-test-python.nix ({ pkgs, version ? 4, ... }:

let

client =
{ pkgs, ... }:
{ fileSystems = pkgs.lib.mkVMOverride
[ { mountPoint = "/data";
# nfs4 exports the export with fsid=0 as a virtual root directory
device = if (version == 4) then "server:/" else "server:/data";
fsType = "nfs";
options = [ "vers=${toString version}" ];
}
];
networking.firewall.enable = false; # FIXME: only open statd
};

in

{
name = "nfs";
meta = with pkgs.stdenv.lib.maintainers; {
maintainers = [ eelco ];
};

nodes =
{ client1 = client;
client2 = client;

server =
{ ... }:
{ services.nfs.server.enable = true;
services.nfs.server.exports =
''
/data 192.168.1.0/255.255.255.0(rw,no_root_squash,no_subtree_check,fsid=0)
'';
services.nfs.server.createMountPoints = true;
networking.firewall.enable = false; # FIXME: figure out what ports need to be allowed
};
};

testScript =
''
import time
server.wait_for_unit("nfs-server")
server.succeed("systemctl start network-online.target")
server.wait_for_unit("network-online.target")
start_all()
client1.wait_for_unit("data.mount")
client1.succeed("echo bla > /data/foo")
server.succeed("test -e /data/foo")
client2.wait_for_unit("data.mount")
client2.succeed("echo bla > /data/bar")
server.succeed("test -e /data/bar")
with subtest("restarting 'nfs-server' works correctly"):
server.succeed("systemctl restart nfs-server")
# will take 90 seconds due to the NFS grace period
client2.succeed("echo bla >> /data/bar")
with subtest("can get a lock"):
client2.succeed("time flock -n -s /data/lock true")
with subtest("client 2 fails to acquire lock held by client 1"):
client1.succeed("flock -x /data/lock -c 'touch locked; sleep 100000' &")
client1.wait_for_file("locked")
client2.fail("flock -n -s /data/lock true")
with subtest("client 2 obtains lock after resetting client 1"):
client2.succeed(
"flock -x /data/lock -c 'echo acquired; touch locked; sleep 100000' >&2 &"
)
client1.crash()
client1.start()
client2.wait_for_file("locked")
with subtest("locks survive server reboot"):
client1.wait_for_unit("data.mount")
server.shutdown()
server.start()
client1.succeed("touch /data/xyzzy")
client1.fail("time flock -n -s /data/lock true")
with subtest("unmounting during shutdown happens quickly"):
t1 = time.monotonic()
client1.shutdown()
duration = time.monotonic() - t1
assert duration < 30, f"shutdown took too long ({duration} seconds)"
'';
})
4 changes: 2 additions & 2 deletions pkgs/applications/graphics/drawio/default.nix
View file
Original file line number Diff line number Diff line change
@@ -11,11 +11,11 @@

stdenv.mkDerivation rec {
pname = "drawio";
version = "12.3.2";
version = "12.4.2";

src = fetchurl {
url = "https://github.com/jgraph/drawio-desktop/releases/download/v${version}/draw.io-x86_64-${version}.rpm";
sha256 = "1hh4616dbq0fqldlph7vyl8vkibwc3xpcv9r1m2v949kn84yi2j3";
sha256 = "1mngn90cn9hixa0xkhk7mb02gjp480wnipjy2jzkq8kwpai1gm1m";
};

nativeBuildInputs = [
Loading