Skip to content
This repository was archived by the owner on Apr 12, 2021. It is now read-only.
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: NixOS/nixpkgs-channels
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: 991bbef68351
Choose a base ref
...
head repository: NixOS/nixpkgs-channels
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: 13e7a3e11272
Choose a head ref
42 contributors

Commits on Feb 6, 2020

  1. git-ftp: 1.5.2 -> 1.6.0

    @r-ryantm
    r-ryantm committed Feb 6, 2020

    Verified

    This commit was signed with the committer’s verified signature.
    eadwu Edmund Wu
    GPG key ID: F44F23D596B4F71D
    Verified
    Learn about vigilant mode
    Copy the full SHA
    6f51e7a View commit details

Commits on Mar 3, 2020

  1. R: 3.6.2 -> 3.6.3

    @r-ryantm
    r-ryantm committed Mar 3, 2020

    Verified

    This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
    GPG key ID: 4AEE18F83AFDEB23
    Expired
    Verified
    Learn about vigilant mode
    Copy the full SHA
    faa5c3b View commit details

  2. sqlite: 3.31.0 -> 3.31.1

    @r-ryantm
    r-ryantm committed Mar 3, 2020
    Copy the full SHA
    15b4beb View commit details

Commits on Mar 6, 2020

  1. cmake: 3.16.4 -> 3.16.5

    @r-ryantm
    r-ryantm committed Mar 6, 2020
    Copy the full SHA
    b3793e1 View commit details

  2. stdenv: Fix gcc multi line libc-cflags 

    which broke at least libstdc++5.

Closes #79761
    @clkamp
    clkamp committed Mar 6, 2020
    Copy the full SHA
    80729b6 View commit details

Commits on Mar 7, 2020

  1. mc: 4.8.23 -> 4.8.24

    @Izorkin
    Izorkin committed Mar 7, 2020
    Copy the full SHA
    784740a View commit details

  2. linuxPackages_{,_latest,_testing}_hardened: enable 32-bit emulation 

    Per discussion in #81943.

Resolves #79798.
    @emilazy
    emilazy committed Mar 7, 2020
    Copy the full SHA
    b628400 View commit details

  3. eigen: fetch source from gitlab

    @eadwu
    eadwu committed Mar 7, 2020
    Copy the full SHA
    805e068 View commit details

  4. libical: 3.0.7 -> 3.0.8

    @r-ryantm
    r-ryantm committed Mar 7, 2020
    Copy the full SHA
    d985dc8 View commit details

  5. libseccomp: 2.4.2 -> 2.4.3

    @r-ryantm
    r-ryantm committed Mar 7, 2020
    Copy the full SHA
    051637d View commit details

Commits on Mar 8, 2020

  1. Merge pull request #81998 from eadwu/eigen/gitlab-source 

    eigen: fetch source from gitlab
    @markuskowa
    markuskowa authored Mar 8, 2020
    Copy the full SHA
    fd48d9b View commit details

  2. Merge pull request #81191 from clkamp/stdenv-multi-line-libc-cflags 

    stdenv: Fix gcc multi line libc-cflags
    @Ericson2314
    Ericson2314 authored Mar 8, 2020
    Copy the full SHA
    5c4dd08 View commit details

  3. pantheon.elementary-music: 5.0.4 -> 5.0.5

    @r-ryantm
    r-ryantm committed Mar 8, 2020
    Copy the full SHA
    c7e617f View commit details

  4. Merge master into staging-next

    @FRidh
    FRidh committed Mar 8, 2020
    Copy the full SHA
    a7db7b5 View commit details

  5. Merge pull request #81869 from r-ryantm/auto-update/cmake 

    cmake: 3.16.4 -> 3.16.5
    @ttuegel
    ttuegel authored Mar 8, 2020
    Copy the full SHA
    65d5cc1 View commit details

  6. libgme: 0.6.2 -> 0.6.3

    @r-ryantm
    r-ryantm committed Mar 8, 2020
    Copy the full SHA
    8d612a3 View commit details

  7. libusb-compat: 0.1.5 -> 0.1.7 

    Also, change the source repository to the GitHub repository pointed to by the
official website.
    @lschuermann
    Leon Schuermann authored and lschuermann committed Mar 8, 2020
    Copy the full SHA
    54bab3f View commit details

  8. libusb: build from source instead of release tarball

    @lschuermann
    Leon Schuermann authored and lschuermann committed Mar 8, 2020
    Copy the full SHA
    aa63d51 View commit details

  9. Merge pull request #82024 from r-ryantm/auto-update/libical 

    libical: 3.0.7 -> 3.0.8
    @jtojnar
    jtojnar authored Mar 8, 2020
    Copy the full SHA
    71a76a4 View commit details

Commits on Mar 9, 2020

  1. Merge pull request #82025 from r-ryantm/auto-update/libseccomp 

    libseccomp: 2.4.2 -> 2.4.3
    @marsam
    marsam authored Mar 9, 2020
    Copy the full SHA
    824635f View commit details

  2. Merge pull request #48434 from lschuermann/libusb-mirror 

    libusb-compat: 0.1.5 -> 0.1.7 && change libusb source to GitHub
    @Mic92
    Mic92 authored Mar 9, 2020
    Copy the full SHA
    9f55c5e View commit details

  3. Merge pull request #82066 from r-ryantm/auto-update/libgme 

    libgme: 0.6.2 -> 0.6.3
    @lheckemann
    lheckemann authored Mar 9, 2020
    Copy the full SHA
    4eeb6f0 View commit details

Commits on Mar 10, 2020

  1. stdenv cc-wrapper: deal with edge-case regressions 

    Regression introduced in PR #81191 80729b6.  The file does not exist
somewhere during bootstrap of pkgsStatic.busybox which is used in nix
(by default).

I tested the builds.
    @vcunat
    vcunat committed Mar 10, 2020
    Copy the full SHA
    1d9c10c View commit details

  2. Merge branch 'staging-next' into staging

    @vcunat
    vcunat committed Mar 10, 2020
    Copy the full SHA
    0e3ad60 View commit details

  3. nss: 3.49.2 -> 3.51

    @KamilaBorowska
    KamilaBorowska committed Mar 10, 2020
    Copy the full SHA
    60c646c View commit details

  4. Merge branch 'staging' into staging-next

    @vcunat
    vcunat committed Mar 10, 2020
    Copy the full SHA
    1e579d1 View commit details

  5. Merge branch 'master' into staging-next 

    Hydra nixpkgs: ?compare=1574844
    @vcunat
    vcunat committed Mar 10, 2020
    Copy the full SHA
    f8d4120 View commit details

  6. rabbitmq-server: 3.8.2 -> 3.8.3

    @r-ryantm @Profpatsch
    r-ryantm authored and Profpatsch committed Mar 10, 2020
    Copy the full SHA
    cf2bba7 View commit details

  7. rabbitmq-server: add the VM test to passthru.tests

    @Profpatsch
    Profpatsch committed Mar 10, 2020
    Copy the full SHA
    967a5b3 View commit details

  8. Merge pull request #81648 from r-ryantm/auto-update/sqlite 

    sqlite: 3.31.0 -> 3.31.1
    @andir
    andir authored Mar 10, 2020
    Copy the full SHA
    4df9601 View commit details

  9. Merge branch 'staging' into staging-next 

    It turned out we additionally need sqlite bump for firefox 74.
    @vcunat
    vcunat committed Mar 10, 2020
    Copy the full SHA
    b693c8c View commit details

Commits on Mar 11, 2020

  1. sqlite-analyzer: 3.31.0 -> 3.31.1 

    This was forgotten in PR #81648.
It's a small bump, so I just tested that it builds.
    @vcunat
    vcunat committed Mar 11, 2020
    Copy the full SHA
    f8bf6f0 View commit details

Commits on Mar 12, 2020

  1. mysql-workbench: format with nixpkgs-fmt

    @jtojnar
    jtojnar committed Mar 12, 2020
    Copy the full SHA
    eacf018 View commit details

  2. libmysqlconnectorcpp: 1.1.9 → 8.0.19 

    This has been seriously outdated:

* https://dev.mysql.com/doc/relnotes/connector-cpp/en/news-1-1-10.html
* https://dev.mysql.com/doc/relnotes/connector-cpp/en/news-1-1-11.html
* https://dev.mysql.com/doc/relnotes/connector-cpp/en/news-1-1-12.html
* https://dev.mysql.com/doc/relnotes/connector-cpp/en/news-1-1-13.html
* https://dev.mysql.com/doc/relnotes/connector-cpp/en/news-2-0-1.html
* https://dev.mysql.com/doc/relnotes/connector-cpp/en/news-2-0-2.html
* https://dev.mysql.com/doc/relnotes/connector-cpp/en/news-2-0-3.html
* https://dev.mysql.com/doc/relnotes/connector-cpp/en/news-2-0-4.html
* https://dev.mysql.com/doc/relnotes/connector-cpp/en/news-8-0-5.html
* https://dev.mysql.com/doc/relnotes/connector-cpp/en/news-8-0-6.html
* https://dev.mysql.com/doc/relnotes/connector-cpp/en/news-8-0-7.html
* https://dev.mysql.com/doc/relnotes/connector-cpp/en/news-8-0-8-through-10.html
* https://dev.mysql.com/doc/relnotes/connector-cpp/en/news-8-0-11.html
* https://dev.mysql.com/doc/relnotes/connector-cpp/en/news-8-0-12.html
* https://dev.mysql.com/doc/relnotes/connector-cpp/en/news-8-0-13.html
* https://dev.mysql.com/doc/relnotes/connector-cpp/en/news-8-0-14.html
* https://dev.mysql.com/doc/relnotes/connector-cpp/en/news-8-0-15.html
* https://dev.mysql.com/doc/relnotes/connector-cpp/en/news-8-0-16.html
* https://dev.mysql.com/doc/relnotes/connector-cpp/en/news-8-0-17.html
* https://dev.mysql.com/doc/relnotes/connector-cpp/en/news-8-0-18.html
* https://dev.mysql.com/doc/relnotes/connector-cpp/en/news-8-0-19.html

Expression changes:

* Format with nixpkgs-fmt.
* Move cmake to nativeBuildInputs.
* Use OpenSSL from the system as using the bundled version is now optional.
* Use MysQL 8.0 since this is supposed to be used with that version.
* Explicitly enable the now legacy JDBC library used by mysql-workbench.
* Remove unnecessary MYSQL_LIB_DIR flag. MySQL will be found automatically.
    * We just need the build script know it is not a static library.
    @jtojnar
    jtojnar committed Mar 12, 2020
    Copy the full SHA
    23d6991 View commit details

  3. mysql-workbench: 8.0.15 → 8.0.19 

    * https://dev.mysql.com/doc/relnotes/workbench/en/news-8-0-16.html
* https://dev.mysql.com/doc/relnotes/workbench/en/news-8-0-17.html
* https://dev.mysql.com/doc/relnotes/workbench/en/news-8-0-18.html
* https://dev.mysql.com/doc/relnotes/workbench/en/news-8-0-19.html

The release notes contain the following:

Important Note: MySQL Workbench 8.0.19 is unable to open a new connection to MySQL Server from the home screen if the server is not started and you cannot start a server by using the Workbench Administration feature. Administrative and SQL editing tasks require an online server for the duration of this issue. Feature tasks that you performed with an offline server in previous releases now return an error message indicating that the server is unreachable.

but it is clearly better than having it broken.
    @jtojnar
    jtojnar committed Mar 12, 2020
    Copy the full SHA
    070b49e View commit details

  4. thonny: 3.2.6 -> 3.2.7

    @r-ryantm
    r-ryantm committed Mar 12, 2020
    Copy the full SHA
    d3f05c2 View commit details

  5. Merge master into staging-next

    @FRidh
    FRidh committed Mar 12, 2020
    Copy the full SHA
    8fa5eb4 View commit details

  6. firefox: 73.0.1 -> 74.0 (#82276) 

    https://www.mozilla.org/en-US/firefox/74.0/releasenotes/

Co-authored-by: Daniel Frank <git@danielfrank.net>
    @andir @tokudan
    andir and tokudan authored Mar 12, 2020
    Copy the full SHA
    ea8362e View commit details

  7. atlassian-jira: 8.7.0 -> 8.7.1

    @r-ryantm
    r-ryantm committed Mar 12, 2020
    Copy the full SHA
    26a31f8 View commit details

Commits on Mar 13, 2020

  1. nixos/kvmgt: fix driver option 

    extraModprobeConfig could be applied too late i.e. if the driver has been
loaded in initrd, while the harddrive is still encrypted.
Using a kernelParams works in all cases however.
    @Mic92
    Mic92 committed Mar 13, 2020
    Copy the full SHA
    85aae79 View commit details

  2. nixos/kvmgt: add udev rules for unprivileged access

    @Mic92
    Mic92 committed Mar 13, 2020
    Copy the full SHA
    505d241 View commit details

Commits on Mar 14, 2020

  1. nixos/firejail: use local runCommand 

    Also:

- use `runtimeShell`; and
- remove unused `makeWrapper` input; and
- `exec()` to shed wrapping shell
    @joachifm @alyssais
    joachifm authored and alyssais committed Mar 14, 2020
    Copy the full SHA
    1b575db View commit details

  2. nixos/lib: use removePrefix in escapeSystemdPath

    @florianjacob
    florianjacob authored Mar 14, 2020
    Copy the full SHA
    8b07500 View commit details

  3. qgroundcontrol: Fix build 

    This silences some warnings to not run into "Log limit exceeded" on
hydra.
    @knedlsepp @alyssais
    knedlsepp authored and alyssais committed Mar 14, 2020
    Copy the full SHA
    3a8d057 View commit details

  4. pythonPackages.psutil: fix build on darwin 

    Disable tests because it segfaults on darwin
    @marsam
    marsam authored and Jon committed Mar 14, 2020
    Copy the full SHA
    b860306 View commit details

  5. ipfs-cluster: 0.11.0 -> 0.12.1

    @lordcirth @alyssais
    lordcirth authored and alyssais committed Mar 14, 2020
    Copy the full SHA
    50c997c View commit details

  6. metamath: 0.180 -> 0.181

    @alyssais
    Nathan van Doorn authored and alyssais committed Mar 14, 2020
    Copy the full SHA
    dd938aa View commit details

  7. client-ip-echo: 0.1.0.4 -> 0.1.0.5

    @jerith666 @alyssais
    jerith666 authored and alyssais committed Mar 14, 2020
    Copy the full SHA
    38b77ca View commit details

  8. ddrescue: 1.24 -> 1.25 

    See https://lists.gnu.org/archive/html/info-gnu/2020-03/msg00002.html
for release information
    @lsix @alyssais
    lsix authored and alyssais committed Mar 14, 2020
    Copy the full SHA
    10132c6 View commit details

  9. maintainers: format with nixfmt 

    Vim cleaned up white space issues on its own from a hook so I decided to
take a look after running through nixfmt. The end result looks pretty
good to me, very minimal changes where everyting but the top-level
comment seems good to keep. I decided to keep the top-level comment
anyway so that future nixfmts would be minimal.
    @mmlb @alyssais
    mmlb authored and alyssais committed Mar 14, 2020
    Copy the full SHA
    fc5ba31 View commit details
Showing with 588 additions and 338 deletions.
  1. +63 −60 maintainers/maintainer-list.nix
  2. +1 −1 nixos/lib/utils.nix
  3. +10 −10 nixos/modules/programs/firejail.nix
  4. +21 −6 nixos/modules/services/monitoring/prometheus/default.nix
  5. +1 −1 nixos/modules/services/networking/firewall.nix
  6. +8 −8 nixos/modules/virtualisation/kvmgt.nix
  7. +2 −2 pkgs/applications/audio/elisa/default.nix
  8. +2 −2 pkgs/applications/audio/sunvox/default.nix
  9. +3 −3 pkgs/applications/editors/quilter/default.nix
  10. +3 −3 pkgs/applications/editors/thonny/default.nix
  11. +2 −2 pkgs/applications/misc/calibre/default.nix
  12. +97 −20 pkgs/applications/misc/mysql-workbench/default.nix
  13. +12 −0 pkgs/applications/misc/mysql-workbench/fix-swig-build.patch
  14. +3 −5 pkgs/applications/networking/browsers/firefox/common.nix
  15. +2 −2 pkgs/applications/networking/browsers/firefox/packages.nix
  16. +2 −2 pkgs/applications/networking/browsers/opera/default.nix
  17. +4 −4 pkgs/applications/networking/cluster/helmfile/default.nix
  18. +3 −3 pkgs/applications/networking/ipfs-cluster/default.nix
  19. +3 −3 pkgs/applications/networking/p2p/frostwire/frostwire-bin.nix
  20. +5 −6 pkgs/applications/networking/syncthing-gtk/default.nix
  21. +12 −6 pkgs/applications/office/abiword/default.nix
  22. +3 −3 pkgs/applications/science/math/R/default.nix
  23. +2 −0 pkgs/applications/science/robotics/qgroundcontrol/default.nix
  24. +3 −3 pkgs/applications/version-management/git-and-tools/lefthook/default.nix
  25. +3 −3 pkgs/applications/version-management/git-and-tools/stgit/default.nix
  26. +6 −0 pkgs/build-support/cc-wrapper/default.nix
  27. +3 −3 pkgs/data/misc/osinfo-db/default.nix
  28. +3 −3 pkgs/data/themes/plata/default.nix
  29. +3 −3 pkgs/desktops/pantheon/apps/elementary-music/default.nix
  30. +3 −3 pkgs/development/interpreters/metamath/default.nix
  31. +4 −0 pkgs/development/interpreters/python/default.nix
  32. +63 −0 pkgs/development/interpreters/python/tests.nix
  33. +50 −0 pkgs/development/interpreters/python/tests/test_python.py
  34. +3 −3 pkgs/development/libraries/audio/libgme/default.nix
  35. +2 −2 pkgs/development/libraries/audio/libmysofa/default.nix
  36. +10 −11 pkgs/development/libraries/eigen/2.0.nix
  37. +9 −11 pkgs/development/libraries/eigen/default.nix
  38. +3 −3 pkgs/development/libraries/java/jflex/default.nix
  39. +2 −2 pkgs/development/libraries/jemalloc/default.nix
  40. +3 −3 pkgs/development/libraries/libical/default.nix
  41. +26 −7 pkgs/development/libraries/libmysqlconnectorcpp/default.nix
  42. +2 −2 pkgs/development/libraries/libseccomp/default.nix
  43. +10 −7 pkgs/development/libraries/libusb/default.nix
  44. +12 −11 pkgs/development/libraries/libusb1/default.nix
  45. +2 −2 pkgs/development/libraries/lightstep-tracer-cpp/default.nix
  46. +2 −2 pkgs/development/libraries/msgpack/default.nix
  47. +2 −2 pkgs/development/libraries/nss/default.nix
  48. +1 −0 pkgs/development/libraries/openssl/default.nix
  49. +2 −2 pkgs/development/libraries/sqlite/analyzer.nix
  50. +3 −3 pkgs/development/libraries/sqlite/default.nix
  51. +2 −1 pkgs/development/python-modules/psutil/default.nix
  52. +4 −6 pkgs/development/python-modules/tensorflow/default.nix
  53. +2 −2 pkgs/development/python-modules/tensorflow/lift-gast-restriction.patch
  54. +7 −7 pkgs/development/tools/analysis/radare2/default.nix
  55. +3 −3 pkgs/development/tools/build-managers/cmake/default.nix
  56. +2 −2 pkgs/development/tools/continuous-integration/jenkins/default.nix
  57. +1 −1 pkgs/development/tools/database/cdb/default.nix
  58. +2 −2 pkgs/development/tools/git-ftp/default.nix
  59. +3 −3 pkgs/development/tools/hcloud/default.nix
  60. +2 −2 pkgs/development/tools/minizinc/ide.nix
  61. +2 −2 pkgs/development/tools/misc/cli11/default.nix
  62. +2 −2 pkgs/development/tools/omnisharp-roslyn/default.nix
  63. +1 −2 pkgs/os-specific/linux/kernel/hardened-config.nix
  64. +2 −2 pkgs/os-specific/linux/kernel/linux-5.4.nix
  65. +8 −3 pkgs/servers/amqp/rabbitmq-server/default.nix
  66. +2 −2 pkgs/servers/atlassian/jira.nix
  67. +3 −3 pkgs/servers/http/apache-modules/tomcat-connectors/default.nix
  68. +3 −3 pkgs/servers/misc/client-ip-echo/client-ip-echo.nix
  69. +2 −2 pkgs/servers/monitoring/munin/default.nix
  70. +2 −2 pkgs/servers/sickbeard/sickgear.nix
  71. +3 −3 pkgs/servers/sql/monetdb/default.nix
  72. +6 −12 pkgs/shells/xonsh/default.nix
  73. +3 −3 pkgs/shells/zsh/oh-my-zsh/default.nix
  74. +4 −4 pkgs/tools/misc/docui/default.nix
  75. +8 −7 pkgs/tools/misc/mc/default.nix
  76. +3 −3 pkgs/tools/networking/dnsproxy/default.nix
  77. +3 −3 pkgs/tools/package-management/xbps/default.nix
  78. +0 −1 pkgs/tools/security/b3sum/default.nix
  79. +3 −3 pkgs/tools/system/ddrescue/default.nix
  80. +1 −4 pkgs/top-level/all-packages.nix
123 changes: 63 additions & 60 deletions maintainers/maintainer-list.nix
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/* List of NixOS maintainers.
```nix
handle = {
# Required
name = "Your name";
@@ -13,32 +13,33 @@
fingerprint = "AAAA BBBB CCCC DDDD EEEE FFFF 0000 1111 2222 3333";
}];
};
```
where
where
- `handle` is the handle you are going to use in nixpkgs expressions,
- `name` is your, preferably real, name,
- `email` is your maintainer email address, and
- `github` is your GitHub handle (as it appears in the URL of your profile page, `https://github.com/<userhandle>`),
- `githubId` is your GitHub user ID, which can be found at `https://api.github.com/users/<userhandle>`,
- `keys` is a list of your PGP/GPG key IDs and fingerprints.
- `handle` is the handle you are going to use in nixpkgs expressions,
- `name` is your, preferably real, name,
- `email` is your maintainer email address, and
- `github` is your GitHub handle (as it appears in the URL of your profile page, `https://github.com/<userhandle>`),
- `githubId` is your GitHub user ID, which can be found at `https://api.github.com/users/<userhandle>`,
- `keys` is a list of your PGP/GPG key IDs and fingerprints.
`handle == github` is strongly preferred whenever `github` is an acceptable attribute name and is short and convenient.
`handle == github` is strongly preferred whenever `github` is an acceptable attribute name and is short and convenient.
Add PGP/GPG keys only if you actually use them to sign commits and/or mail.
Add PGP/GPG keys only if you actually use them to sign commits and/or mail.
To get the required PGP/GPG values for a key run
```shell
gpg --keyid-format 0xlong --fingerprint <email> | head -n 2
```
To get the required PGP/GPG values for a key run
```shell
gpg --keyid-format 0xlong --fingerprint <email> | head -n 2
```
!!! Note that PGP/GPG values stored here are for informational purposes only, don't use this file as a source of truth.
!!! Note that PGP/GPG values stored here are for informational purposes only, don't use this file as a source of truth.
More fields may be added in the future.
More fields may be added in the future.
Please keep the list alphabetically sorted.
See `./scripts/check-maintainer-github-handles.sh` for an example on how to work with this data.
*/
Please keep the list alphabetically sorted.
See `./scripts/check-maintainer-github-handles.sh` for an example on how to work with this data.
*/
{
"0x4A6F" = {
email = "0x4A6F@shackspace.de";
@@ -1572,10 +1573,12 @@
githubId = 2217136;
name = "Ștefan D. Mihăilă";
keys = [
{ longkeyid = "rsa4096/6E68A39BF16A3ECB";
{
longkeyid = "rsa4096/6E68A39BF16A3ECB";
fingerprint = "CBC9 C7CC 51F0 4A61 3901 C723 6E68 A39B F16A 3ECB";
}
{ longkeyid = "rsa4096/6220AD7846220A52";
{
longkeyid = "rsa4096/6220AD7846220A52";
fingerprint = "7EAB 1447 5BBA 7DDE 7092 7276 6220 AD78 4622 0A52";
}
];
@@ -1792,7 +1795,7 @@
name = "Didier J. Devroye";
};
devhell = {
email = "\"^\"@regexmail.net";
email = ''"^"@regexmail.net'';
github = "devhell";
githubId = 896182;
name = "devhell";
@@ -2131,7 +2134,7 @@
};
ehmry = {
email = "ehmry@posteo.net";
github= "ehmry";
github = "ehmry";
githubId = 537775;
name = "Emery Hemingway";
};
@@ -2219,10 +2222,10 @@
name = "Jack Kelly";
};
enorris = {
name = "Eric Norris";
email = "erictnorris@gmail.com";
github = "ericnorris";
githubId = 1906605;
name = "Eric Norris";
email = "erictnorris@gmail.com";
github = "ericnorris";
githubId = 1906605;
};
Enteee = {
email = "nix@duckpond.ch";
@@ -2891,7 +2894,7 @@
github = "hansjoergschurr";
githubId = 9850776;
name = "Hans-Jörg Schurr";
};
};
HaoZeke = {
email = "r95g10@gmail.com";
github = "haozeke";
@@ -4224,10 +4227,10 @@
}];
};
luis = {
email = "luis.nixos@gmail.com";
github = "Luis-Hebendanz";
githubId = 22085373;
name = "Luis Hebendanz";
email = "luis.nixos@gmail.com";
github = "Luis-Hebendanz";
githubId = 22085373;
name = "Luis Hebendanz";
};
lionello = {
email = "lio@lunesu.com";
@@ -4470,12 +4473,12 @@
githubId = 50230945;
name = "Marcus Boyd";
};
marenz = {
email = "marenz@arkom.men";
github = "marenz2569";
githubId = 12773269;
name = "Markus Schmidl";
};
marenz = {
email = "marenz@arkom.men";
github = "marenz2569";
githubId = 12773269;
name = "Markus Schmidl";
};
markus1189 = {
email = "markus1189@gmail.com";
github = "markus1189";
@@ -4725,7 +4728,7 @@
githubId = 668926;
name = "Maximilian Güntner";
};
mhaselsteiner = {
mhaselsteiner = {
email = "magdalena.haselsteiner@gmx.at";
github = "mhaselsteiner";
githubId = 20536514;
@@ -4894,7 +4897,7 @@
name = "Martin Milata";
};
mmlb = {
email = "me.mmlb@mmlb.me";
email = "manny@peekaboo.mmlb.icu";
github = "mmlb";
name = "Manuel Mendez";
};
@@ -5789,11 +5792,10 @@
github = "pradyuman";
githubId = 9904569;
name = "Pradyuman Vig";
keys = [
{ longkeyid = "rsa4096/4F74D5361C4CA31E";
fingerprint = "240B 57DE 4271 2480 7CE3 EAC8 4F74 D536 1C4C A31E";
}
];
keys = [{
longkeyid = "rsa4096/4F74D5361C4CA31E";
fingerprint = "240B 57DE 4271 2480 7CE3 EAC8 4F74 D536 1C4C A31E";
}];
};
prikhi = {
email = "pavan.rikhi@gmail.com";
@@ -5807,10 +5809,12 @@
githubId = 7537109;
name = "Michael Weiss";
keys = [
{ longkeyid = "ed25519/0x130826A6C2A389FD"; # Git only
{
longkeyid = "ed25519/0x130826A6C2A389FD"; # Git only
fingerprint = "86A7 4A55 07D0 58D1 322E 37FD 1308 26A6 C2A3 89FD";
}
{ longkeyid = "rsa3072/0xBCA9943DD1DF4C04"; # Email, etc.
{
longkeyid = "rsa3072/0xBCA9943DD1DF4C04"; # Email, etc.
fingerprint = "AF85 991C C950 49A2 4205 1933 BCA9 943D D1DF 4C04";
}
];
@@ -6176,12 +6180,10 @@
github = "rnhmjoj";
githubId = 2817565;
name = "Michele Guerini Rocco";
keys =
[
{ longkeyid = "ed25519/0xBFBAF4C975F76450";
fingerprint = "92B2 904F D293 C94D C4C9 3E6B BFBA F4C9 75F7 6450";
}
];
keys = [{
longkeyid = "ed25519/0xBFBAF4C975F76450";
fingerprint = "92B2 904F D293 C94D C4C9 3E6B BFBA F4C9 75F7 6450";
}];
};
rob = {
email = "rob.vermaas@gmail.com";
@@ -6386,10 +6388,10 @@
}];
};
samrose = {
email = "samuel.rose@gmail.com";
github = "samrose";
githubId = 115821;
name = "Sam Rose";
email = "samuel.rose@gmail.com";
github = "samrose";
githubId = 115821;
name = "Sam Rose";
};
samueldr = {
email = "samuel@dionne-riel.com";
@@ -7346,10 +7348,10 @@
github = "tkerber";
githubId = 5722198;
name = "Thomas Kerber";
keys = [ {
keys = [{
longkeyid = "rsa4096/0x8489B911F9ED617B";
fingerprint = "556A 403F B0A2 D423 F656 3424 8489 B911 F9ED 617B";
} ];
}];
};
tmplt = {
email = "tmplt@dragons.rocks";
@@ -7629,7 +7631,8 @@
};
vcunat = {
name = "Vladimír Čunát";
email = "v@cunat.cz"; # vcunat@gmail.com predominated in commits before 2019/03
# vcunat@gmail.com predominated in commits before 2019/03
email = "v@cunat.cz";
github = "vcunat";
githubId = 1785925;
keys = [{
2 changes: 1 addition & 1 deletion nixos/lib/utils.nix
View file
Original file line number Diff line number Diff line change
@@ -14,7 +14,7 @@ rec {
# becomes dev-xyzzy. FIXME: slow.
escapeSystemdPath = s:
replaceChars ["/" "-" " "] ["-" "\\x2d" "\\x20"]
(if hasPrefix "/" s then substring 1 (stringLength s) s else s);
(removePrefix "/" s);

# Returns a system path for a given shell package
toShellPath = shell:
20 changes: 10 additions & 10 deletions nixos/modules/programs/firejail.nix
View file
Original file line number Diff line number Diff line change
@@ -5,20 +5,20 @@ with lib;
let
cfg = config.programs.firejail;

wrappedBins = pkgs.stdenv.mkDerivation {
name = "firejail-wrapped-binaries";
nativeBuildInputs = with pkgs; [ makeWrapper ];
buildCommand = ''
wrappedBins = pkgs.runCommand "firejail-wrapped-binaries"
{ preferLocalBuild = true;
allowSubstitutes = false;
}
''
mkdir -p $out/bin
${lib.concatStringsSep "\n" (lib.mapAttrsToList (command: binary: ''
cat <<_EOF >$out/bin/${command}
#!${pkgs.stdenv.shell} -e
/run/wrappers/bin/firejail ${binary} "\$@"
_EOF
chmod 0755 $out/bin/${command}
cat <<_EOF >$out/bin/${command}
#! ${pkgs.runtimeShell} -e
exec /run/wrappers/bin/firejail ${binary} "\$@"
_EOF
chmod 0755 $out/bin/${command}
'') cfg.wrappedBinaries)}
'';
};

in {
options.programs.firejail = {
27 changes: 21 additions & 6 deletions nixos/modules/services/monitoring/prometheus/default.nix
View file
Original file line number Diff line number Diff line change
@@ -9,12 +9,13 @@ let

# a wrapper that verifies that the configuration is valid
promtoolCheck = what: name: file:
pkgs.runCommand
"${name}-${replaceStrings [" "] [""] what}-checked"
{ buildInputs = [ cfg.package ]; } ''
ln -s ${file} $out
promtool ${what} $out
'';
if cfg.checkConfig then
pkgs.runCommand
"${name}-${replaceStrings [" "] [""] what}-checked"
{ buildInputs = [ cfg.package ]; } ''
ln -s ${file} $out
promtool ${what} $out
'' else file;

# Pretty-print JSON to a file
writePrettyJSON = name: x:
@@ -601,6 +602,20 @@ in {
if Prometheus is served via a reverse proxy).
'';
};

checkConfig = mkOption {
type = types.bool;
default = true;
description = ''
Check configuration with <literal>promtool
check</literal>. The call to <literal>promtool</literal> is
subject to sandboxing by Nix. When credentials are stored in
external files (<literal>password_file</literal>,
<literal>bearer_token_file</literal>, etc), they will not be
visible to <literal>promtool</literal> and it will report
errors, despite a correct configuration.
'';
};
};

config = mkIf cfg.enable {
2 changes: 1 addition & 1 deletion nixos/modules/services/networking/firewall.nix
View file
Original file line number Diff line number Diff line change
@@ -546,7 +546,7 @@ in
options nf_conntrack nf_conntrack_helper=1
'';

assertions = [ { assertion = (cfg.checkReversePath != false) || kernelHasRPFilter;
assertions = [ { assertion = cfg.checkReversePath -> kernelHasRPFilter;
message = "This kernel does not support rpfilter"; }
];

16 changes: 8 additions & 8 deletions nixos/modules/virtualisation/kvmgt.nix
View file
Original file line number Diff line number Diff line change
@@ -19,7 +19,8 @@ in {
virtualisation.kvmgt = {
enable = mkEnableOption ''
KVMGT (iGVT-g) VGPU support. Allows Qemu/KVM guests to share host's Intel integrated graphics card.
Currently only one graphical device can be shared
Currently only one graphical device can be shared. To allow users to access the device without root add them
to the kvm group: <literal>users.extraUsers.&lt;yourusername&gt;.extraGroups = [ "kvm" ];</literal>
'';
# multi GPU support is under the question
device = mkOption {
@@ -35,9 +36,7 @@ in {
and find info about device via <command>cat /sys/bus/pci/devices/*/mdev_supported_types/i915-GVTg_V5_4/description</command>
'';
example = {
i915-GVTg_V5_8 = {
uuid = "a297db4a-f4c2-11e6-90f6-d3b88d6c9525";
};
i915-GVTg_V5_8.uuid = "a297db4a-f4c2-11e6-90f6-d3b88d6c9525";
};
};
};
@@ -50,10 +49,7 @@ in {
};

boot.kernelModules = [ "kvmgt" ];

boot.extraModprobeConfig = ''
options i915 enable_gvt=1
'';
boot.kernelParams = [ "i915.enable_gvt=1" ];

systemd.paths = mapAttrs' (name: value:
nameValuePair "kvmgt-${name}" {
@@ -65,6 +61,10 @@ in {
}
) cfg.vgpus;

services.udev.extraRules = ''
SUBSYSTEM=="vfio", OWNER="root", GROUP="kvm"
'';

systemd.services = mapAttrs' (name: value:
nameValuePair "kvmgt-${name}" {
description = "KVMGT VGPU ${name}";
Loading