commit
e866ce7680
@ -0,0 +1,162 @@ |
||||
{ config, pkgs, lib, ... }: |
||||
let |
||||
cfg = config.services.schleuder; |
||||
settingsFormat = pkgs.formats.yaml { }; |
||||
postfixMap = entries: lib.concatStringsSep "\n" (lib.mapAttrsToList (name: value: "${name} ${value}") entries); |
||||
writePostfixMap = name: entries: pkgs.writeText name (postfixMap entries); |
||||
configScript = pkgs.writeScript "schleuder-cfg" '' |
||||
#!${pkgs.runtimeShell} |
||||
set -exuo pipefail |
||||
umask 0077 |
||||
${pkgs.yq}/bin/yq \ |
||||
--slurpfile overrides <(${pkgs.yq}/bin/yq . <${lib.escapeShellArg cfg.extraSettingsFile}) \ |
||||
< ${settingsFormat.generate "schleuder.yml" cfg.settings} \ |
||||
'. * $overrides[0]' \ |
||||
> /etc/schleuder/schleuder.yml |
||||
chown schleuder: /etc/schleuder/schleuder.yml |
||||
''; |
||||
in |
||||
{ |
||||
options.services.schleuder = { |
||||
enable = lib.mkEnableOption "Schleuder secure remailer"; |
||||
enablePostfix = lib.mkEnableOption "automatic postfix integration" // { default = true; }; |
||||
lists = lib.mkOption { |
||||
description = '' |
||||
List of list addresses that should be handled by Schleuder. |
||||
|
||||
Note that this is only handled by the postfix integration, and |
||||
the setup of the lists, their members and their keys has to be |
||||
performed separately via schleuder's API, using a tool such as |
||||
schleuder-cli. |
||||
''; |
||||
type = lib.types.listOf lib.types.str; |
||||
default = [ ]; |
||||
example = [ "widget-team@example.com" "security@example.com" ]; |
||||
}; |
||||
/* maybe one day.... |
||||
domains = lib.mkOption { |
||||
description = "Domains for which all mail should be handled by Schleuder."; |
||||
type = lib.types.listOf lib.types.str; |
||||
default = []; |
||||
example = ["securelists.example.com"]; |
||||
}; |
||||
*/ |
||||
settings = lib.mkOption { |
||||
description = '' |
||||
Settings for schleuder.yml. |
||||
|
||||
Check the <link xlink:href="https://0xacab.org/schleuder/schleuder/blob/master/etc/schleuder.yml">example configuration</link> for possible values. |
||||
''; |
||||
type = lib.types.submodule { |
||||
freeformType = settingsFormat.type; |
||||
options.keyserver = lib.mkOption { |
||||
type = lib.types.str; |
||||
description = '' |
||||
Key server from which to fetch and update keys. |
||||
|
||||
Note that NixOS uses a different default from upstream, since the upstream default sks-keyservers.net is deprecated. |
||||
''; |
||||
default = "keys.openpgp.org"; |
||||
}; |
||||
}; |
||||
default = { }; |
||||
}; |
||||
extraSettingsFile = lib.mkOption { |
||||
description = "YAML file to merge into the schleuder config at runtime. This can be used for secrets such as API keys."; |
||||
type = lib.types.nullOr lib.types.path; |
||||
default = null; |
||||
}; |
||||
listDefaults = lib.mkOption { |
||||
description = '' |
||||
Default settings for lists (list-defaults.yml). |
||||
|
||||
Check the <link xlink:href="https://0xacab.org/schleuder/schleuder/-/blob/master/etc/list-defaults.yml">example configuration</link> for possible values. |
||||
''; |
||||
type = settingsFormat.type; |
||||
default = { }; |
||||
}; |
||||
}; |
||||
config = lib.mkIf cfg.enable { |
||||
assertions = [ |
||||
{ |
||||
assertion = !(cfg.settings.api ? valid_api_keys); |
||||
message = '' |
||||
services.schleuder.settings.api.valid_api_keys is set. Defining API keys via NixOS config results in them being copied to the world-readable Nix store. Please use the extraSettingsFile option to store API keys in a non-public location. |
||||
''; |
||||
} |
||||
{ |
||||
assertion = !(lib.any (db: db ? password) (lib.attrValues cfg.settings.database or {})); |
||||
message = '' |
||||
A password is defined for at least one database in services.schleuder.settings.database. Defining passwords via NixOS config results in them being copied to the world-readable Nix store. Please use the extraSettingsFile option to store database passwords in a non-public location. |
||||
''; |
||||
} |
||||
]; |
||||
users.users.schleuder.isSystemUser = true; |
||||
users.users.schleuder.group = "schleuder"; |
||||
users.groups.schleuder = {}; |
||||
environment.systemPackages = [ |
||||
pkgs.schleuder-cli |
||||
]; |
||||
services.postfix = lib.mkIf cfg.enablePostfix { |
||||
extraMasterConf = '' |
||||
schleuder unix - n n - - pipe |
||||
flags=DRhu user=schleuder argv=/${pkgs.schleuder}/bin/schleuder work ''${recipient} |
||||
''; |
||||
transport = lib.mkIf (cfg.lists != [ ]) (postfixMap (lib.genAttrs cfg.lists (_: "schleuder:"))); |
||||
extraConfig = '' |
||||
schleuder_destination_recipient_limit = 1 |
||||
''; |
||||
# review: does this make sense? |
||||
localRecipients = lib.mkIf (cfg.lists != [ ]) cfg.lists; |
||||
}; |
||||
systemd.services = let commonServiceConfig = { |
||||
# We would have liked to use DynamicUser, but since the default |
||||
# database is SQLite and lives in StateDirectory, and that same |
||||
# database needs to be readable from the postfix service, this |
||||
# isn't trivial to do. |
||||
User = "schleuder"; |
||||
StateDirectory = "schleuder"; |
||||
StateDirectoryMode = "0700"; |
||||
}; in |
||||
{ |
||||
schleuder-init = { |
||||
serviceConfig = commonServiceConfig // { |
||||
ExecStartPre = lib.mkIf (cfg.extraSettingsFile != null) [ |
||||
"+${configScript}" |
||||
]; |
||||
ExecStart = [ "${pkgs.schleuder}/bin/schleuder install" ]; |
||||
Type = "oneshot"; |
||||
}; |
||||
}; |
||||
schleuder-api-daemon = { |
||||
after = [ "local-fs.target" "network.target" "schleuder-init.service" ]; |
||||
wantedBy = [ "multi-user.target" ]; |
||||
requires = [ "schleuder-init.service" ]; |
||||
serviceConfig = commonServiceConfig // { |
||||
ExecStart = [ "${pkgs.schleuder}/bin/schleuder-api-daemon" ]; |
||||
}; |
||||
}; |
||||
schleuder-weekly-key-maintenance = { |
||||
after = [ "local-fs.target" "network.target" ]; |
||||
startAt = "weekly"; |
||||
serviceConfig = commonServiceConfig // { |
||||
ExecStart = [ |
||||
"${pkgs.schleuder}/bin/schleuder refresh_keys" |
||||
"${pkgs.schleuder}/bin/schleuder check_keys" |
||||
]; |
||||
}; |
||||
}; |
||||
}; |
||||
|
||||
environment.etc."schleuder/schleuder.yml" = lib.mkIf (cfg.extraSettingsFile == null) { |
||||
source = settingsFormat.generate "schleuder.yml" cfg.settings; |
||||
}; |
||||
environment.etc."schleuder/list-defaults.yml".source = settingsFormat.generate "list-defaults.yml" cfg.listDefaults; |
||||
|
||||
services.schleuder = { |
||||
#lists_dir = "/var/lib/schleuder.lists"; |
||||
settings.filters_dir = lib.mkDefault "/var/lib/schleuder/filters"; |
||||
settings.keyword_handlers_dir = lib.mkDefault "/var/lib/schleuder/keyword_handlers"; |
||||
}; |
||||
}; |
||||
} |
@ -0,0 +1,84 @@ |
||||
{ config |
||||
, lib |
||||
, pkgs |
||||
, ... |
||||
}: |
||||
|
||||
with lib; |
||||
|
||||
let |
||||
cfg = config.services.routedns; |
||||
settingsFormat = pkgs.formats.toml { }; |
||||
in |
||||
{ |
||||
options.services.routedns = { |
||||
enable = mkEnableOption "RouteDNS - DNS stub resolver, proxy and router"; |
||||
|
||||
settings = mkOption { |
||||
type = settingsFormat.type; |
||||
example = literalExpression '' |
||||
{ |
||||
resolvers.cloudflare-dot = { |
||||
address = "1.1.1.1:853"; |
||||
protocol = "dot"; |
||||
}; |
||||
groups.cloudflare-cached = { |
||||
type = "cache"; |
||||
resolvers = ["cloudflare-dot"]; |
||||
}; |
||||
listeners.local-udp = { |
||||
address = "127.0.0.1:53"; |
||||
protocol = "udp"; |
||||
resolver = "cloudflare-cached"; |
||||
}; |
||||
listeners.local-tcp = { |
||||
address = "127.0.0.1:53"; |
||||
protocol = "tcp"; |
||||
resolver = "cloudflare-cached"; |
||||
}; |
||||
} |
||||
''; |
||||
description = '' |
||||
Configuration for RouteDNS, see <link xlink:href="https://github.com/folbricht/routedns/blob/master/doc/configuration.md"/> |
||||
for more information. |
||||
''; |
||||
}; |
||||
|
||||
configFile = mkOption { |
||||
default = settingsFormat.generate "routedns.toml" cfg.settings; |
||||
defaultText = "A RouteDNS configuration file automatically generated by values from services.routedns.*"; |
||||
type = types.path; |
||||
example = literalExpression ''"''${pkgs.routedns}/cmd/routedns/example-config/use-case-1.toml"''; |
||||
description = "Path to RouteDNS TOML configuration file."; |
||||
}; |
||||
|
||||
package = mkOption { |
||||
default = pkgs.routedns; |
||||
defaultText = literalExpression "pkgs.routedns"; |
||||
type = types.package; |
||||
description = "RouteDNS package to use."; |
||||
}; |
||||
}; |
||||
|
||||
config = mkIf cfg.enable { |
||||
systemd.services.routedns = { |
||||
description = "RouteDNS - DNS stub resolver, proxy and router"; |
||||
after = [ "network.target" ]; # in case a bootstrap resolver is used, this might fail a few times until the respective server is actually reachable |
||||
wantedBy = [ "multi-user.target" ]; |
||||
wants = [ "network.target" ]; |
||||
startLimitIntervalSec = 30; |
||||
startLimitBurst = 5; |
||||
serviceConfig = { |
||||
Restart = "on-failure"; |
||||
RestartSec = "5s"; |
||||
LimitNPROC = 512; |
||||
LimitNOFILE = 1048576; |
||||
DynamicUser = true; |
||||
AmbientCapabilities = "CAP_NET_BIND_SERVICE"; |
||||
NoNewPrivileges = true; |
||||
ExecStart = "${getBin cfg.package}/bin/routedns -l 4 ${cfg.configFile}"; |
||||
}; |
||||
}; |
||||
}; |
||||
meta.maintainers = with maintainers; [ jsimonetti ]; |
||||
} |
@ -0,0 +1,128 @@ |
||||
let |
||||
certs = import ./common/acme/server/snakeoil-certs.nix; |
||||
domain = certs.domain; |
||||
in |
||||
import ./make-test-python.nix { |
||||
name = "schleuder"; |
||||
nodes.machine = { pkgs, ... }: { |
||||
imports = [ ./common/user-account.nix ]; |
||||
services.postfix = { |
||||
enable = true; |
||||
enableSubmission = true; |
||||
tlsTrustedAuthorities = "${certs.ca.cert}"; |
||||
sslCert = "${certs.${domain}.cert}"; |
||||
sslKey = "${certs.${domain}.key}"; |
||||
inherit domain; |
||||
destination = [ domain ]; |
||||
localRecipients = [ "root" "alice" "bob" ]; |
||||
}; |
||||
services.schleuder = { |
||||
enable = true; |
||||
# Don't do it like this in production! The point of this setting |
||||
# is to allow loading secrets from _outside_ the world-readable |
||||
# Nix store. |
||||
extraSettingsFile = pkgs.writeText "schleuder-api-keys.yml" '' |
||||
api: |
||||
valid_api_keys: |
||||
- fnord |
||||
''; |
||||
lists = [ "security@${domain}" ]; |
||||
settings.api = { |
||||
tls_cert_file = "${certs.${domain}.cert}"; |
||||
tls_key_file = "${certs.${domain}.key}"; |
||||
}; |
||||
}; |
||||
|
||||
environment.systemPackages = [ |
||||
pkgs.gnupg |
||||
pkgs.msmtp |
||||
(pkgs.writeScriptBin "do-test" '' |
||||
#!${pkgs.runtimeShell} |
||||
set -exuo pipefail |
||||
|
||||
# Generate a GPG key with no passphrase and export it |
||||
sudo -u alice gpg --passphrase-fd 0 --batch --yes --quick-generate-key 'alice@${domain}' rsa4096 sign,encr < <(echo) |
||||
sudo -u alice gpg --armor --export alice@${domain} > alice.asc |
||||
# Create a new mailing list with alice as the owner, and alice's key |
||||
schleuder-cli list new security@${domain} alice@${domain} alice.asc |
||||
|
||||
# Send an email from a non-member of the list. Use --auto-from so we don't have to specify who it's from twice. |
||||
msmtp --auto-from security@${domain} --host=${domain} --port=25 --tls --tls-starttls <<EOF |
||||
Subject: really big security issue!! |
||||
From: root@${domain} |
||||
|
||||
I found a big security problem! |
||||
EOF |
||||
|
||||
# Wait for delivery |
||||
(set +o pipefail; journalctl -f -n 1000 -u postfix | grep -m 1 'delivered to maildir') |
||||
|
||||
# There should be exactly one email |
||||
mail=(/var/spool/mail/alice/new/*) |
||||
[[ "''${#mail[@]}" = 1 ]] |
||||
|
||||
# Find the fingerprint of the mailing list key |
||||
read list_key_fp address < <(schleuder-cli keys list security@${domain} | grep security@) |
||||
schleuder-cli keys export security@${domain} $list_key_fp > list.asc |
||||
|
||||
# Import the key into alice's keyring, so we can verify it as well as decrypting |
||||
sudo -u alice gpg --import <list.asc |
||||
# And perform the decryption. |
||||
sudo -u alice gpg -d $mail >decrypted |
||||
# And check that the text matches. |
||||
grep "big security problem" decrypted |
||||
'') |
||||
|
||||
# For debugging: |
||||
# pkgs.vim pkgs.openssl pkgs.sqliteinteractive |
||||
]; |
||||
|
||||
security.pki.certificateFiles = [ certs.ca.cert ]; |
||||
|
||||
# Since we don't have internet here, use dnsmasq to provide MX records from /etc/hosts |
||||
services.dnsmasq = { |
||||
enable = true; |
||||
extraConfig = '' |
||||
selfmx |
||||
''; |
||||
}; |
||||
|
||||
networking.extraHosts = '' |
||||
127.0.0.1 ${domain} |
||||
''; |
||||
|
||||
# schleuder-cli's config is not quite optimal in several ways: |
||||
# - A fingerprint _must_ be pinned, it doesn't even have an option |
||||
# to trust the PKI |
||||
# - It compares certificate fingerprints rather than key |
||||
# fingerprints, so renewals break the pin (though that's not |
||||
# relevant for this test) |
||||
# - It compares them as strings, which means we need to match the |
||||
# expected format exactly. This means removing the :s and |
||||
# lowercasing it. |
||||
# Refs: |
||||
# https://0xacab.org/schleuder/schleuder-cli/-/issues/16 |
||||
# https://0xacab.org/schleuder/schleuder-cli/-/blob/f8895b9f47083d8c7b99a2797c93f170f3c6a3c0/lib/schleuder-cli/helper.rb#L230-238 |
||||
systemd.tmpfiles.rules = let cliconfig = pkgs.runCommand "schleuder-cli.yml" |
||||
{ |
||||
nativeBuildInputs = [ pkgs.jq pkgs.openssl ]; |
||||
} '' |
||||
fp=$(openssl x509 -in ${certs.${domain}.cert} -noout -fingerprint -sha256 | cut -d = -f 2 | tr -d : | tr 'A-Z' 'a-z') |
||||
cat > $out <<EOF |
||||
host: localhost |
||||
port: 4443 |
||||
tls_fingerprint: "$fp" |
||||
api_key: fnord |
||||
EOF |
||||
''; in |
||||
[ |
||||
"L+ /root/.schleuder-cli/schleuder-cli.yml - - - - ${cliconfig}" |
||||
]; |
||||
}; |
||||
|
||||
testScript = '' |
||||
machine.wait_for_unit("multi-user.target") |
||||
machine.wait_until_succeeds("nc -z localhost 4443") |
||||
machine.succeed("do-test") |
||||
''; |
||||
} |
@ -0,0 +1,119 @@ |
||||
{ lib |
||||
, stdenv |
||||
, fetchurl |
||||
, autoPatchelfHook |
||||
, dpkg |
||||
, makeWrapper |
||||
, alsa-lib |
||||
, at-spi2-atk |
||||
, at-spi2-core |
||||
, atk |
||||
, cairo |
||||
, cups |
||||
, dbus |
||||
, expat |
||||
, ffmpeg |
||||
, fontconfig |
||||
, freetype |
||||
, gdk-pixbuf |
||||
, glib |
||||
, gtk3 |
||||
, libappindicator-gtk3 |
||||
, libdbusmenu |
||||
, libdrm |
||||
, libnotify |
||||
, libpulseaudio |
||||
, libsecret |
||||
, libuuid |
||||
, libxkbcommon |
||||
, mesa |
||||
, nss |
||||
, pango |
||||
, systemd |
||||
, xdg-utils |
||||
, xorg |
||||
}: |
||||
|
||||
stdenv.mkDerivation rec { |
||||
pname = "tidal-hifi"; |
||||
version = "4.0.0"; |
||||
|
||||
src = fetchurl { |
||||
url = "https://github.com/Mastermindzh/tidal-hifi/releases/download/${version}/tidal-hifi_${version}_amd64.deb"; |
||||
sha256 = "19gx9x3v5ywlvg5vyqgj6pghzwinby0i8isavfrix798pfr98j5z"; |
||||
}; |
||||
|
||||
nativeBuildInputs = [ autoPatchelfHook dpkg makeWrapper ]; |
||||
|
||||
buildInputs = [ |
||||
alsa-lib |
||||
at-spi2-atk |
||||
at-spi2-core |
||||
atk |
||||
cairo |
||||
cups |
||||
dbus |
||||
expat |
||||
ffmpeg |
||||
fontconfig |
||||
freetype |
||||
gdk-pixbuf |
||||
glib |
||||
gtk3 |
||||
pango |
||||
systemd |
||||
mesa # for libgbm |
||||
nss |
||||
libuuid |
||||
libdrm |
||||
libnotify |
||||
libsecret |
||||
libpulseaudio |
||||
libxkbcommon |
||||
libappindicator-gtk3 |
||||
xorg.libX11 |
||||
xorg.libxcb |
||||
xorg.libXcomposite |
||||
xorg.libXcursor |
||||
xorg.libXdamage |
||||
xorg.libXext |
||||
xorg.libXfixes |
||||
xorg.libXi |
||||
xorg.libXrandr |
||||
xorg.libXrender |
||||
xorg.libXScrnSaver |
||||
xorg.libxshmfence |
||||
xorg.libXtst |
||||
]; |
||||
|
||||
runtimeDependencies = |
||||
[ (lib.getLib systemd) libnotify libdbusmenu xdg-utils ]; |
||||
|
||||
unpackPhase = "dpkg-deb -x $src ."; |
||||
|
||||
installPhase = '' |
||||
runHook preInstall |
||||
|
||||
mkdir -p "$out/bin" |
||||
cp -R "opt" "$out" |
||||
cp -R "usr/share" "$out/share" |
||||
chmod -R g-w "$out" |
||||
|
||||
runHook postInstall |
||||
''; |
||||
|
||||
postFixup = '' |
||||
makeWrapper $out/opt/tidal-hifi/tidal-hifi $out/bin/tidal-hifi \ |
||||
--prefix LD_LIBRARY_PATH : "${lib.makeLibraryPath buildInputs}" \ |
||||
"''${gappsWrapperArgs[@]}" |
||||
''; |
||||
|
||||
meta = with lib; { |
||||
description = "The web version of Tidal running in electron with hifi support thanks to widevine"; |
||||
homepage = "https://github.com/Mastermindzh/tidal-hifi"; |
||||
changelog = "https://github.com/Mastermindzh/tidal-hifi/releases/tag/${version}"; |
||||
license = licenses.mit; |
||||
maintainers = with maintainers; [ alternateved ]; |
||||
platforms = [ "x86_64-linux" ]; |
||||
}; |
||||
} |
@ -0,0 +1,42 @@ |
||||
{ lib, stdenv, fetchFromGitHub, nodejs, bash, nodePackages }: |
||||
|
||||
stdenv.mkDerivation rec { |
||||
version = "unstable-2022-06-10"; |
||||
pname = "openasar"; |
||||
|
||||
src = fetchFromGitHub { |
||||
owner = "GooseMod"; |
||||
repo = "OpenAsar"; |
||||
rev = "c6f2f5eb7827fea14cb4c54345af8ff6858c633a"; |
||||
sha256 = "m6e/WKGgkR8vjKcHSNdWE25MmDQM1Z3kgB24OJgbw/w="; |
||||
}; |
||||
|
||||
buildPhase = '' |
||||
runHook preBuild |
||||
|
||||
bash scripts/injectPolyfills.sh |
||||
substituteInPlace src/index.js --replace 'nightly' '${version}' |
||||
${nodejs}/bin/node scripts/strip.js |
||||
${nodePackages.asar}/bin/asar pack src app.asar |
||||
|
||||
runHook postBuild |
||||
''; |
||||
|
||||
installPhase = '' |
||||
runHook preInstall |
||||
|
||||
install app.asar $out |
||||
|
||||
runHook postInstall |
||||
''; |
||||
|
||||
doCheck = false; |
||||
|
||||
meta = with lib; { |
||||
description = "Open-source alternative of Discord desktop's \"app.asar\"."; |
||||
homepage = "https://openasar.dev"; |
||||
license = licenses.mit; |
||||
maintainers = with maintainers; [ pedrohlc ]; |
||||
platforms = nodejs.meta.platforms; |
||||
}; |
||||
} |
@ -0,0 +1,69 @@ |
||||
diff --git a/CMake/Modules/Findhamlib.cmake b/CMake/Modules/Findhamlib.cmake
|
||||
index 1590f05..e797851 100644
|
||||
--- a/CMake/Modules/Findhamlib.cmake
|
||||
+++ b/CMake/Modules/Findhamlib.cmake
|
||||
@@ -47,7 +47,7 @@ if (NOT PC_HAMLIB_FOUND)
|
||||
|
||||
# libusb-1.0 has no pkg-config file on Windows so we have to find it
|
||||
# ourselves
|
||||
- find_library (LIBUSB NAMES usb-1.0 PATH_SUFFIXES MinGW32/dll)
|
||||
+ find_library (LIBUSB NAMES libusb-1.0 usb-1.0 PATH_SUFFIXES MinGW32/dll)
|
||||
if (LIBUSB)
|
||||
set (hamlib_EXTRA_LIBRARIES ${LIBUSB} ${hamlib_EXTRA_LIBRARIES})
|
||||
get_filename_component (hamlib_libusb_path ${LIBUSB} PATH)
|
||||
diff --git a/CMakeLists.txt b/CMakeLists.txt
|
||||
index 75b80b3..7c04265 100644
|
||||
--- a/CMakeLists.txt
|
||||
+++ b/CMakeLists.txt
|
||||
@@ -558,7 +558,6 @@ find_package (FFTW3 COMPONENTS double single threads REQUIRED)
|
||||
#
|
||||
# libhamlib setup
|
||||
#
|
||||
-set (hamlib_STATIC 1)
|
||||
find_package (hamlib 3 REQUIRED)
|
||||
find_program (RIGCTL_EXE rigctl)
|
||||
find_program (RIGCTLD_EXE rigctld)
|
||||
@@ -576,6 +576,7 @@ message (STATUS "hamlib_LIBRARY_DIRS: ${hamlib_LIBRARY_DIRS}")
|
||||
find_package (Qt5Widgets 5 REQUIRED)
|
||||
find_package (Qt5Multimedia 5 REQUIRED)
|
||||
find_package (Qt5PrintSupport 5 REQUIRED)
|
||||
+find_package (Qt5SerialPort 5 REQUIRED)
|
||||
|
||||
if (WIN32)
|
||||
add_definitions (-DQT_NEEDS_QTMAIN)
|
||||
@@ -849,7 +850,7 @@ target_link_libraries (qcp Qt5::Widgets Qt5::PrintSupport)
|
||||
add_library (wsjt_qt STATIC ${wsjt_qt_CXXSRCS} ${wsjt_qt_GENUISRCS} ${GENAXSRCS})
|
||||
# set wsjtx_udp exports to static variants
|
||||
target_compile_definitions (wsjt_qt PUBLIC UDP_STATIC_DEFINE)
|
||||
-target_link_libraries (wsjt_qt qcp Qt5::Widgets Qt5::Network)
|
||||
+target_link_libraries (wsjt_qt qcp Qt5::Widgets Qt5::Network Qt5::SerialPort)
|
||||
target_include_directories (wsjt_qt BEFORE PRIVATE ${hamlib_INCLUDE_DIRS})
|
||||
if (WIN32)
|
||||
target_link_libraries (wsjt_qt Qt5::AxContainer Qt5::AxBase)
|
||||
@@ -959,7 +960,6 @@ else ()
|
||||
)
|
||||
endif ()
|
||||
endif ()
|
||||
-qt5_use_modules (js8call SerialPort) # not sure why the interface link library syntax above doesn't work
|
||||
|
||||
# if (UNIX)
|
||||
# if (NOT WSJT_SKIP_MANPAGES)
|
||||
@@ -1292,3 +1292,5 @@ configure_file ("${PROJECT_SOURCE_DIR}/CMakeCPackOptions.cmake.in"
|
||||
set (CPACK_PROJECT_CONFIG_FILE "${PROJECT_BINARY_DIR}/CMakeCPackOptions.cmake")
|
||||
|
||||
include (CPack)
|
||||
+
|
||||
+add_definitions (-DJS8_USE_HAMLIB_THREE)
|
||||
diff --git a/Configuration.cpp b/Configuration.cpp
|
||||
index 8258f97..63a29bb 100644
|
||||
--- a/Configuration.cpp
|
||||
+++ b/Configuration.cpp
|
||||
@@ -160,7 +160,7 @@
|
||||
#include <QFont>
|
||||
#include <QFontDialog>
|
||||
#include <QColorDialog>
|
||||
-#include <QSerialPortInfo>
|
||||
+#include <QtSerialPort/QSerialPortInfo>
|
||||
#include <QScopedPointer>
|
||||
#include <QDateTimeEdit>
|
||||
#include <QProcess>
|
@ -0,0 +1,65 @@ |
||||
{ lib |
||||
, stdenv |
||||
, fetchFromBitbucket |
||||
, wrapQtAppsHook |
||||
, pkg-config |
||||
, hamlib |
||||
, libusb1 |
||||
, cmake |
||||
, gfortran |
||||
, fftw |
||||
, fftwFloat |
||||
, qtbase |
||||
, qtmultimedia |
||||
, qtserialport |
||||
}: |
||||
|
||||
stdenv.mkDerivation rec { |
||||
pname = "js8call"; |
||||
version = "2.2.0"; |
||||
|
||||
src = fetchFromBitbucket { |
||||
owner = "widefido"; |
||||
repo = pname; |
||||
rev = "v${version}-ga"; |
||||
sha256 = "sha256-mFPhiAAibCiAkLrysAmIQalVCGd9ips2lqbAsowYprY="; |
||||
}; |
||||
|
||||
nativeBuildInputs = [ |
||||
wrapQtAppsHook |
||||
gfortran |
||||
pkg-config |
||||
cmake |
||||
]; |
||||
|
||||
buildInputs = [ |
||||
hamlib |
||||
libusb1 |
||||
fftw |
||||
fftwFloat |
||||
qtbase |
||||
qtmultimedia |
||||
qtserialport |
||||
]; |
||||
|
||||
prePatch = '' |
||||
substituteInPlace CMakeLists.txt \ |
||||
--replace "/usr/share/applications" "$out/share/applications" \ |
||||
--replace "/usr/share/pixmaps" "$out/share/pixmaps" \ |
||||
--replace "/usr/bin/" "$out/bin" |
||||
''; |
||||
|
||||
patches = [ ./cmake.patch ]; |
||||
|
||||
meta = with lib; { |
||||
description = "Weak-signal keyboard messaging for amateur radio"; |
||||
longDescription = '' |
||||
JS8Call is software using the JS8 Digital Mode providing weak signal |
||||
keyboard to keyboard messaging to Amateur Radio Operators. |
||||
''; |
||||
homepage = "http://js8call.com/"; |
||||
license = licenses.gpl3Plus; |
||||
platforms = platforms.linux; |
||||
maintainers = with maintainers; [ melling ]; |
||||
}; |
||||
} |
@ -0,0 +1,37 @@ |
||||
diff --git a/math/complex/+test.ha b/math/complex/+test.ha
|
||||
index a1cc0916..705a0a41 100644
|
||||
--- a/math/complex/+test.ha
|
||||
+++ b/math/complex/+test.ha
|
||||
@@ -567,8 +567,8 @@ const TEST_COSSC: [](c128, c128) = [
|
||||
(math::INF, math::NAN)), // real sign unspecified
|
||||
((math::INF, math::NAN),
|
||||
(math::NAN, math::NAN)),
|
||||
- ((math::NAN, 0f64),
|
||||
- (math::NAN, -0f64)), // imaginary sign unspecified
|
||||
+// ((math::NAN, 0f64),
|
||||
+// (math::NAN, -0f64)), // imaginary sign unspecified
|
||||
((math::NAN, 1f64),
|
||||
(math::NAN, math::NAN)),
|
||||
((math::NAN, math::INF),
|
||||
@@ -583,8 +583,8 @@ const TEST_COSHSC: [](c128, c128) = [
|
||||
(1f64, 0f64)),
|
||||
((0f64, math::INF),
|
||||
(math::NAN, 0f64)), // imaginary sign unspecified
|
||||
- ((0f64, math::NAN),
|
||||
- (math::NAN, 0f64)), // imaginary sign unspecified
|
||||
+// ((0f64, math::NAN),
|
||||
+// (math::NAN, 0f64)), // imaginary sign unspecified
|
||||
((1f64, math::INF),
|
||||
(math::NAN, math::NAN)),
|
||||
((1f64, math::NAN),
|
||||
@@ -627,8 +627,8 @@ const TEST_EXPSC: [](c128, c128) = [
|
||||
(0f64, 0f64)), // real and imaginary sign unspecified
|
||||
((math::INF, math::INF),
|
||||
(math::INF, math::NAN)), // real sign unspecified
|
||||
- ((-math::INF, math::NAN),
|
||||
- (0f64, 0f64)), // real and imaginary sign unspecified
|
||||
+// ((-math::INF, math::NAN),
|
||||
+// (0f64, 0f64)), // real and imaginary sign unspecified
|
||||
((math::INF, math::NAN),
|
||||
(math::INF, math::NAN)), // real sign unspecified
|
||||
((math::NAN, 0f64),
|
@ -0,0 +1,11 @@ |
||||
export HARECACHE="$NIX_BUILD_TOP/.harecache" |
||||
|
||||
addHarepath () { |
||||
for haredir in third-party stdlib; do |
||||
if [[ -d "$1/src/hare/$haredir" ]]; then |
||||
addToSearchPath HAREPATH "$1/src/hare/$haredir" |
||||
fi |
||||
done |
||||
} |
||||
|
||||
addEnvHooks "$hostOffset" addHarepath |
@ -0,0 +1,17 @@ |
||||
{ lib, buildGoModule, callPackage, fetchFromGitHub }: |
||||
let |
||||
common = callPackage ./common.nix { }; |
||||
in |
||||
buildGoModule { |
||||
pname = "woodpecker-agent"; |
||||
inherit (common) version src ldflags postBuild; |
||||
vendorSha256 = null; |
||||
|
||||
subPackages = "cmd/agent"; |
||||
|
||||
CGO_ENABLED = 0; |
||||
|
||||
meta = common.meta // { |
||||
description = "Woodpecker Continuous Integration agent"; |
||||
}; |
||||
} |
@ -0,0 +1,17 @@ |
||||
{ lib, buildGoModule, callPackage, fetchFromGitHub }: |
||||
let |
||||
common = callPackage ./common.nix { }; |
||||
in |
||||
buildGoModule { |
||||
pname = "woodpecker-cli"; |
||||
inherit (common) version src ldflags postBuild; |
||||
vendorSha256 = null; |
||||
|
||||
subPackages = "cmd/cli"; |
||||
|
||||
CGO_ENABLED = 0; |
||||
|
||||
meta = common.meta // { |
||||
description = "Command line client for the Woodpecker Continuous Integration server"; |
||||
}; |
||||
} |
@ -0,0 +1,36 @@ |
||||
{ lib, fetchFromGitHub }: |
||||
let |
||||
version = "0.15.3"; |
||||
srcSha256 = "sha256-HOOH3H2SXLcT2oW/xL80TO+ZSI+Haulnznpb4hlCQow="; |
||||
yarnSha256 = "sha256-x9g0vSoexfknqLejgcNIigmkFnqYsmhcQNTOStcj68o="; |
||||
in |
||||
{ |
||||
inherit version yarnSha256; |
||||
|
||||
src = fetchFromGitHub { |
||||
owner = "woodpecker-ci"; |
||||
repo = "woodpecker"; |
||||
rev = "v${version}"; |
||||
sha256 = srcSha256; |
||||
}; |
||||
|
||||
postBuild = '' |
||||
cd $GOPATH/bin |
||||
for f in *; do |
||||
mv -- "$f" "woodpecker-$f" |
||||
done |
||||
cd - |
||||
''; |
||||
|
||||
ldflags = [ |
||||
"-s" |
||||
"-w" |
||||
"-X github.com/woodpecker-ci/woodpecker/version.Version=${version}" |
||||
]; |
||||
|
||||
meta = with lib; { |
||||
homepage = "https://woodpecker-ci.org/"; |
||||
license = licenses.asl20; |
||||
maintainers = with maintainers; [ ambroisie ]; |
||||
}; |
||||
} |
@ -0,0 +1,40 @@ |
||||
{ lib, callPackage, fetchFromGitHub, fetchYarnDeps, mkYarnPackage }: |
||||
let |
||||
common = callPackage ./common.nix { }; |
||||
in |
||||
mkYarnPackage { |
||||
pname = "woodpecker-frontend"; |
||||
inherit (common) version; |
||||
|
||||
src = "${common.src}/web"; |
||||
|
||||
packageJSON = ./woodpecker-package.json; |
||||
offlineCache = fetchYarnDeps { |
||||
yarnLock = "${common.src}/web/yarn.lock"; |
||||
sha256 = common.yarnSha256; |
||||
}; |
||||
|
||||
buildPhase = '' |
||||
runHook preBuild |
||||
|
||||
yarn build |
||||
|
||||
runHook postBuild |
||||
''; |
||||
|
||||
installPhase = '' |
||||
runHook preInstall |
||||
|
||||
cp -R deps/woodpecker-ci/dist $out |
||||
echo "${common.version}" > "$out/version" |
||||
|
||||
runHook postInstall |
||||
''; |
||||
|
||||
# Do not attempt generating a tarball for woodpecker-frontend again. |
||||
doDist = false; |
||||
|
||||
meta = common.meta // { |
||||
description = "Woodpecker Continuous Integration server frontend"; |
||||
}; |
||||
} |
@ -0,0 +1,27 @@ |
||||
{ lib, buildGoModule, callPackage, fetchFromGitHub, woodpecker-frontend }: |
||||
let |
||||
common = callPackage ./common.nix { }; |
||||
in |
||||
buildGoModule { |
||||
pname = "woodpecker-server"; |
||||
inherit (common) version src ldflags postBuild; |
||||
vendorSha256 = null; |
||||
|
||||
postPatch = '' |
||||
cp -r ${woodpecker-frontend} web/dist |
||||
''; |
||||
|
||||
subPackages = "cmd/server"; |
||||
|
||||
CGO_ENABLED = 1; |
||||
|
||||
passthru = { |
||||
inherit woodpecker-frontend; |
||||
|
||||
updateScript = ./update.sh; |
||||
}; |
||||
|
||||
meta = common.meta // { |
||||
description = "Woodpecker Continuous Integration server"; |
||||
}; |
||||
} |
@ -0,0 +1,50 @@ |
||||
#!/usr/bin/env nix-shell |
||||
#!nix-shell -i bash -p nix wget prefetch-yarn-deps nix-prefetch-github jq |
||||
|
||||
# shellcheck shell=bash |
||||
|
||||
if [ -n "$GITHUB_TOKEN" ]; then |
||||
TOKEN_ARGS=(--header "Authorization: token $GITHUB_TOKEN") |
||||
fi |
||||
|
||||
if [[ $# -gt 1 || $1 == -* ]]; then |
||||
echo "Regenerates packaging data for the woodpecker packages." |
||||
echo "Usage: $0 [git release tag]" |
||||
exit 1 |
||||
fi |
||||
|
||||
set -x |
||||
|
||||
cd "$(dirname "$0")" |
||||
version="$1" |
||||
|
||||
set -euo pipefail |
||||
|
||||
if [ -z "$version" ]; then |
||||
version="$(wget -O- "${TOKEN_ARGS[@]}" "https://api.github.com/repos/woodpecker-ci/woodpecker/releases?per_page=1" | jq -r '.[0].tag_name')" |
||||
fi |
||||
|
||||
# strip leading "v" |
||||
version="${version#v}" |
||||
|
||||
# Woodpecker repository |
||||
src_hash=$(nix-prefetch-github woodpecker-ci woodpecker --rev "v${version}" | jq -r .sha256) |
||||
|
||||
# Front-end dependencies |
||||
woodpecker_src="https://raw.githubusercontent.com/woodpecker-ci/woodpecker/v$version" |
||||
wget "${TOKEN_ARGS[@]}" "$woodpecker_src/web/package.json" -O woodpecker-package.json |
||||
|
||||
web_tmpdir=$(mktemp -d) |
||||
trap 'rm -rf "$web_tmpdir"' EXIT |
||||
pushd "$web_tmpdir" |
||||
wget "${TOKEN_ARGS[@]}" "$woodpecker_src/web/yarn.lock" |
||||
yarn_hash=$(prefetch-yarn-deps yarn.lock) |
||||
popd |
||||
|
||||
# Use friendlier hashes |
||||
src_hash=$(nix hash to-sri --type sha256 "$src_hash") |
||||
yarn_hash=$(nix hash to-sri --type sha256 "$yarn_hash") |
||||
|
||||
sed -i -E -e "s#version = \".*\"#version = \"$version\"#" common.nix |
||||
sed -i -E -e "s#srcSha256 = \".*\"#srcSha256 = \"$src_hash\"#" common.nix |
||||
sed -i -E -e "s#yarnSha256 = \".*\"#yarnSha256 = \"$yarn_hash\"#" common.nix |
@ -0,0 +1,63 @@ |
||||
{ |
||||
"name": "woodpecker-ci", |
||||
"author": "Woodpecker CI", |
||||
"version": "0.0.0", |
||||
"license": "Apache-2.0", |
||||
"engines": { |
||||
"node": ">=14" |
||||
}, |
||||
"scripts": { |
||||
"start": "vite", |
||||
"build": "vite build", |
||||
"serve": "vite preview", |
||||
"lint": "eslint --max-warnings 0 --ext .js,.ts,.vue,.json .", |
||||
"formatcheck": "prettier -c .", |
||||
"format:fix": "prettier --write .", |
||||
"typecheck": "vue-tsc --noEmit", |
||||
"test": "echo 'No tests configured' && exit 0" |
||||
}, |
||||
"dependencies": { |
||||
"@kyvg/vue3-notification": "2.3.4", |
||||
"@meforma/vue-toaster": "1.2.2", |
||||
"ansi-to-html": "0.7.2", |
||||
"dayjs": "1.10.7", |
||||
"floating-vue": "2.0.0-beta.5", |
||||
"fuse.js": "6.4.6", |
||||
"humanize-duration": "3.27.0", |
||||
"javascript-time-ago": "2.3.10", |
||||
"node-emoji": "1.11.0", |
||||
"pinia": "2.0.0", |
||||
"vue": "v3.2.20", |
||||
"vue-router": "4.0.10" |
||||
}, |
||||
"devDependencies": { |
||||
"@iconify/json": "1.1.421", |
||||
"@types/humanize-duration": "3.27.0", |
||||
"@types/javascript-time-ago": "2.0.3", |
||||
"@types/node": "16.11.6", |
||||
"@types/node-emoji": "1.8.1", |
||||
"@typescript-eslint/eslint-plugin": "5.6.0", |
||||
"@typescript-eslint/parser": "5.6.0", |
||||
"@vitejs/plugin-vue": "1.9.4", |
||||
"@vue/compiler-sfc": "3.2.20", |
||||
"eslint": "7.32.0", |
||||
"eslint-config-airbnb-base": "15.0.0", |
||||
"eslint-config-airbnb-typescript": "16.1.0", |
||||
"eslint-config-prettier": "8.3.0", |
||||
"eslint-plugin-import": "2.25.3", |
||||
"eslint-plugin-prettier": "4.0.0", |
||||
"eslint-plugin-promise": "5.1.1", |
||||
"eslint-plugin-simple-import-sort": "7.0.0", |
||||
"eslint-plugin-vue": "7.18.0", |
||||
"eslint-plugin-vue-scoped-css": "1.3.0", |
||||
"prettier": "2.4.1", |
||||
"typescript": "4.4.4", |
||||
"unplugin-icons": "0.12.17", |
||||
"unplugin-vue-components": "0.17.0", |
||||
"vite": "2.6.13", |
||||
"vite-plugin-windicss": "1.4.12", |
||||
"vite-svg-loader": "3.0.0", |
||||
"vue-tsc": "0.28.10", |
||||
"windicss": "3.2.0" |
||||
} |
||||
} |
@ -1,24 +0,0 @@ |
||||
{ lib, writeShellScriptBin, steam-run, fetchurl }: |
||||
let |
||||
|
||||
pname = "itch-setup"; |
||||
version = "1.26.0"; |
||||
|
||||
src = fetchurl { |
||||
url = "https://broth.itch.ovh/itch-setup/linux-amd64/${version}/unpacked/default"; |
||||
hash = "sha256-bcJKqhgZK42Irx12BIvbTDMb/DHEOEXljetlDokF7x8="; |
||||
executable = true; |
||||
}; |
||||
|
||||
in |
||||
(writeShellScriptBin pname ''exec ${steam-run}/bin/steam-run ${src} "$@"'') // { |
||||
|
||||
passthru = { inherit pname version src; }; |
||||
meta = with lib; { |
||||
description = "An installer for the itch.io desktop app"; |
||||
homepage = "https://github.com/itchio/itch-setup"; |
||||
license = licenses.mit; |
||||
platforms = platforms.linux; |
||||
maintainers = with maintainers; [ pasqui23 ]; |
||||
}; |
||||
} |
@ -0,0 +1,29 @@ |
||||
{ lib |
||||
, buildGoModule |
||||
, fetchFromGitHub |
||||
}: |
||||
|
||||
buildGoModule rec { |
||||
pname = "butler"; |
||||
version = "15.21.0"; |
||||
|
||||
src = fetchFromGitHub { |
||||
owner = "itchio"; |
||||
repo = pname; |
||||
rev = "v${version}"; |
||||
sha256 = "sha256-vciSmXR3wI3KcnC+Uz36AgI/WUfztA05MJv1InuOjJM="; |
||||
}; |
||||
|
||||
proxyVendor = true; |
||||
|
||||
vendorSha256 = "sha256-EIl0ZFDKbZopUR22hp5a2vRUu0O1h1O953NrtoNa2x8="; |
||||
|
||||
doCheck = false; |
||||
|
||||
meta = with lib; { |
||||
description = "Command-line itch.io helper"; |
||||
homepage = "https://github.com/itchio/butler"; |
||||
license = licenses.mit; |
||||
maintainers = with maintainers; [ martfont ]; |
||||
}; |
||||
} |
@ -0,0 +1,38 @@ |
||||
{ lib, stdenv, fetchurl, unzip, jre, makeWrapper }: |
||||
|
||||
stdenv.mkDerivation rec { |
||||
pname = "geoserver"; |
||||
version = "2.21.0"; |
||||
|
||||
src = fetchurl { |
||||
url = "mirror://sourceforge/geoserver/GeoServer/${version}/geoserver-${version}-bin.zip"; |
||||
sha256 = "sha256-UCr22Ffhnux6eA0w5qoaf5Hvuypsl/FGpK+emi8G0Mc="; |
||||
}; |
||||
|
||||
sourceRoot = "."; |
||||
nativeBuildInputs = [ unzip makeWrapper ]; |
||||
|
||||
installPhase = '' |
||||
runHook preInstall |
||||
mkdir -p $out/share/geoserver |
||||
cp -r . $out/share/geoserver |
||||
rm -fr $out/share/geoserver/bin/*.bat |
||||
|
||||
makeWrapper $out/share/geoserver/bin/startup.sh $out/bin/geoserver-startup \ |
||||
--set JAVA_HOME "${jre}" \ |
||||
--set GEOSERVER_HOME "$out/share/geoserver" |
||||
makeWrapper $out/share/geoserver/bin/shutdown.sh $out/bin/geoserver-shutdown \ |
||||
--set JAVA_HOME "${jre}" \ |
||||
--set GEOSERVER_HOME "$out/share/geoserver" |
||||
runHook postInstall |
||||
''; |
||||
|
||||
meta = with lib; { |
||||
description = "Open source server for sharing geospatial data"; |
||||
homepage = "https://geoserver.org/"; |
||||
sourceProvenance = with sourceTypes; [ binaryBytecode ]; |
||||
license = licenses.gpl2Plus; |
||||
maintainers = with maintainers; [ sikmir ]; |
||||
platforms = platforms.all; |
||||
}; |
||||
} |
@ -1,26 +1,34 @@ |
||||
{ lib, buildGoPackage, fetchFromGitHub }: |
||||
{ lib |
||||
, buildGoModule |
||||
, fetchFromGitHub |
||||
, zfs |
||||
}: |
||||
|
||||
buildGoPackage rec { |
||||
buildGoModule rec { |
||||
pname = "zfsbackup"; |
||||
version = "unstable-2020-09-30"; |
||||
rev = "092f80846b23e02f99d2aa72d9d889eabfdcb053"; |
||||
|
||||
goPackagePath = "github.com/someone1/zfsbackup-go"; |
||||
version = "unstable-2021-05-26"; |
||||
rev = "2d4534b920d3c57552667e1c6da9978b3a9278f0"; |
||||
|
||||
src = fetchFromGitHub { |
||||
owner = "someone1"; |
||||
repo = "zfsbackup-go"; |
||||
inherit rev; |
||||
sha256 = "1xiacaf4r9jkx0m8wjfis14cq622yhljldwkflh9ni3khax7dlgi"; |
||||
sha256 = "sha256-slVwXXGLvq+eAlqzD8p1fnc17CGUBY0Z68SURBBuf2k="; |
||||
}; |
||||
|
||||
goDeps = ./deps.nix; |
||||
vendorSha256 = "sha256-jpxp8RKDBrkBBaY89QnKYGWFI/DUURUVX8cPJ/qoLrg="; |
||||
|
||||
ldflags = [ "-w" "-s" ]; |
||||
|
||||
# Tests require loading the zfs kernel module. |
||||
doCheck = false; |
||||
|
||||
meta = with lib; { |
||||
description = "Backup ZFS snapshots to cloud storage such as Google, Amazon, Azure, etc"; |
||||
homepage = "https://github.com/someone1/zfsbackup-go"; |
||||
license = licenses.mit; |
||||
maintainers = [ maintainers.xfix ]; |
||||
maintainers = with maintainers; [ xfix ]; |
||||
platforms = platforms.linux; |
||||
mainProgram = "zfsbackup-go"; |
||||
}; |
||||
} |
||||
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in new issue