diff options
70 files changed, 1403 insertions, 1566 deletions
diff --git a/maintainers/maintainer-list.nix b/maintainers/maintainer-list.nix index 24410905627b..d8eaff4a0d8d 100644 --- a/maintainers/maintainer-list.nix +++ b/maintainers/maintainer-list.nix @@ -4254,6 +4254,13 @@ fingerprint = "2F93 661D AC17 EA98 A104 F780 ECC7 55EE 583C 1672"; }]; }; + fleaz = { + email = "mail@felixbreidenstein.de"; + matrix = "@fleaz:rainbownerds.de"; + github = "fleaz"; + githubId = 2489598; + name = "Felix Breidenstein"; + }; flexagoon = { email = "flexagoon@pm.me"; github = "flexagoon"; @@ -5451,6 +5458,12 @@ githubId = 510202; name = "Ismaƫl Bouya"; }; + imsofi = { + email = "sofi+git@mailbox.org"; + github = "imsofi"; + githubId = 20756843; + name = "Sofi"; + }; imuli = { email = "i@imu.li"; github = "imuli"; diff --git a/nixos/doc/manual/from_md/release-notes/rl-2205.section.xml b/nixos/doc/manual/from_md/release-notes/rl-2205.section.xml index aafa9b831b66..a660e28af04a 100644 --- a/nixos/doc/manual/from_md/release-notes/rl-2205.section.xml +++ b/nixos/doc/manual/from_md/release-notes/rl-2205.section.xml @@ -233,6 +233,14 @@ </listitem> <listitem> <para> + <link xlink:href="https://github.com/fleaz/r53-ddns">r53-ddns</link>, + a small tool to run your own DDNS service via AWS Route53. + Available as + <link xlink:href="options.html#opt-services.r53-ddns.enable">services.r53-ddns</link>. + </para> + </listitem> + <listitem> + <para> <link xlink:href="https://ergo.chat">ergochat</link>, a modern IRC with IRCv3 features. Available as <link xlink:href="options.html#opt-services.ergochat.enable">services.ergochat</link>. diff --git a/nixos/doc/manual/release-notes/rl-2205.section.md b/nixos/doc/manual/release-notes/rl-2205.section.md index 52bcc2e80d99..96b138aa82e2 100644 --- a/nixos/doc/manual/release-notes/rl-2205.section.md +++ b/nixos/doc/manual/release-notes/rl-2205.section.md @@ -75,6 +75,8 @@ In addition to numerous new and upgraded packages, this release has the followin - [snowflake-proxy](https://snowflake.torproject.org/), a system to defeat internet censorship. Available as [services.snowflake-proxy](options.html#opt-services.snowflake-proxy.enable). +- [r53-ddns](https://github.com/fleaz/r53-ddns), a small tool to run your own DDNS service via AWS Route53. Available as [services.r53-ddns](options.html#opt-services.r53-ddns.enable). + - [ergochat](https://ergo.chat), a modern IRC with IRCv3 features. Available as [services.ergochat](options.html#opt-services.ergochat.enable). - [Snipe-IT](https://snipeitapp.com), a free open source IT asset/license management system. Available as [services.snipe-it](options.html#opt-services.snipe-it.enable). diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix index 35de34aac10c..2607e99d8459 100644 --- a/nixos/modules/module-list.nix +++ b/nixos/modules/module-list.nix @@ -877,6 +877,7 @@ ./services/networking/quassel.nix ./services/networking/quorum.nix ./services/networking/quicktun.nix + ./services/networking/r53-ddns.nix ./services/networking/radicale.nix ./services/networking/radvd.nix ./services/networking/rdnssd.nix diff --git a/nixos/modules/services/networking/r53-ddns.nix b/nixos/modules/services/networking/r53-ddns.nix new file mode 100644 index 000000000000..a8839762d530 --- /dev/null +++ b/nixos/modules/services/networking/r53-ddns.nix @@ -0,0 +1,72 @@ +{ config, lib, pkgs, ... }: + +with lib; + +let + cfg = config.services.r53-ddns; + pkg = pkgs.r53-ddns; +in +{ + options = { + services.r53-ddns = { + + enable = mkEnableOption "r53-ddyns"; + + interval = mkOption { + type = types.str; + default = "15min"; + description = "How often to update the entry"; + }; + + zoneID = mkOption { + type = types.str; + description = "The ID of your zone in Route53"; + }; + + domain = mkOption { + type = types.str; + description = "The name of your domain in Route53"; + }; + + hostname = mkOption { + type = types.str; + description = '' + Manually specify the hostname. Otherwise the tool will try to use the name + returned by the OS (Call to gethostname) + ''; + }; + + environmentFile = mkOption { + type = types.str; + description = '' + File containing the AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY + in the format of an EnvironmentFile as described by systemd.exec(5) + ''; + }; + + }; + }; + + config = mkIf cfg.enable { + + systemd.timers.r53-ddns = { + description = "r53-ddns timer"; + wantedBy = [ "timers.target" ]; + timerConfig = { + OnBootSec = cfg.interval; + OnUnitActiveSec = cfg.interval; + }; + }; + + systemd.services.r53-ddns = { + description = "r53-ddns service"; + serviceConfig = { + ExecStart = "${pkg}/bin/r53-ddns -zone-id ${cfg.zoneID} -domain ${cfg.domain}" + + lib.optionalString (cfg.hostname != null) " -hostname ${cfg.hostname}"; + EnvironmentFile = "${cfg.environmentFile}"; + DynamicUser = true; + }; + }; + + }; +} diff --git a/nixos/tests/all-tests.nix b/nixos/tests/all-tests.nix index 84433806b48c..0de71030c4fb 100644 --- a/nixos/tests/all-tests.nix +++ b/nixos/tests/all-tests.nix @@ -365,6 +365,7 @@ in nginx = handleTest ./nginx.nix {}; nginx-auth = handleTest ./nginx-auth.nix {}; nginx-etag = handleTest ./nginx-etag.nix {}; + nginx-http3 = handleTest ./nginx-http3.nix {}; nginx-modsecurity = handleTest ./nginx-modsecurity.nix {}; nginx-pubhtml = handleTest ./nginx-pubhtml.nix {}; nginx-sandbox = handleTestOn ["x86_64-linux"] ./nginx-sandbox.nix {}; diff --git a/nixos/tests/nginx-http3.nix b/nixos/tests/nginx-http3.nix new file mode 100644 index 000000000000..edd0759464c8 --- /dev/null +++ b/nixos/tests/nginx-http3.nix @@ -0,0 +1,90 @@ +import ./make-test-python.nix ({lib, pkgs, ...}: +let + hosts = '' + 192.168.2.101 acme.test + ''; + +in +{ + name = "nginx-http3"; + meta.maintainers = with pkgs.lib.maintainers; [ izorkin ]; + + nodes = { + server = { pkgs, ... }: { + networking = { + interfaces.eth1 = { + ipv4.addresses = [ + { address = "192.168.2.101"; prefixLength = 24; } + ]; + }; + extraHosts = hosts; + firewall.allowedTCPPorts = [ 443 ]; + firewall.allowedUDPPorts = [ 443 ]; + }; + + security.pki.certificates = [ + (builtins.readFile ./common/acme/server/ca.cert.pem) + ]; + + services.nginx = { + enable = true; + package = pkgs.nginxQuic; + + virtualHosts."acme.test" = { + onlySSL = true; + sslCertificate = ./common/acme/server/acme.test.cert.pem; + sslCertificateKey = ./common/acme/server/acme.test.key.pem; + http2 = true; + http3 = true; + reuseport = true; + root = lib.mkForce (pkgs.runCommandLocal "testdir2" {} '' + mkdir "$out" + cat > "$out/index.html" <<EOF + <html><body>Hello World!</body></html> + EOF + cat > "$out/example.txt" <<EOF + Check http3 protocol. + EOF + ''); + }; + }; + }; + + client = { pkgs, ... }: { + environment.systemPackages = [ pkgs.curlHTTP3 ]; + networking = { + interfaces.eth1 = { + ipv4.addresses = [ + { address = "192.168.2.201"; prefixLength = 24; } + ]; + }; + extraHosts = hosts; + }; + + security.pki.certificates = [ + (builtins.readFile ./common/acme/server/ca.cert.pem) + ]; + }; + }; + + testScript = '' + start_all() + + # Check http connections + client.succeed("curl --verbose --http3 https://acme.test | grep 'Hello World!'") + + # Check downloadings + client.succeed("curl --verbose --http3 https://acme.test/example.txt --output /tmp/example.txt") + client.succeed("cat /tmp/example.txt | grep 'Check http3 protocol.'") + + # Check header reading + client.succeed("curl --verbose --http3 --head https://acme.test | grep 'content-type'") + + # Check change User-Agent + client.succeed("curl --verbose --http3 --user-agent 'Curl test 3.0' https://acme.test") + server.succeed("cat /var/log/nginx/access.log | grep 'Curl test 3.0'") + + server.shutdown() + client.shutdown() + ''; +}) diff --git a/pkgs/applications/audio/amberol/default.nix b/pkgs/applications/audio/amberol/default.nix index 615a79644252..4f4b79b62006 100644 --- a/pkgs/applications/audio/amberol/default.nix +++ b/pkgs/applications/audio/amberol/default.nix @@ -19,20 +19,20 @@ stdenv.mkDerivation rec { pname = "amberol"; - version = "0.6.2"; + version = "0.6.3"; src = fetchFromGitLab { domain = "gitlab.gnome.org"; owner = "World"; repo = pname; rev = version; - hash = "sha256-cY4VZRtmDrIgjHa5pMOVO+lpPU+VHhLonpwTxKn834M="; + hash = "sha256-KV3nYJbLaQxpMpC7aCzfpNMe9bYpZKrdoOtYA++eC74="; }; cargoDeps = rustPlatform.fetchCargoTarball { inherit src; name = "${pname}-${version}"; - hash = "sha256-z3R2UG31s7lV6c+dNChMvzimXfPbxDvuOL+Nduxwawg="; + hash = "sha256-UjHL/5iVht2jPnOiYjoIKWJdvwQQkNuKfF8rpi48j3c="; }; postPatch = '' diff --git a/pkgs/applications/finance/irpf/default.nix b/pkgs/applications/finance/irpf/default.nix index 0cca2ea6cd35..2c821b73ba78 100644 --- a/pkgs/applications/finance/irpf/default.nix +++ b/pkgs/applications/finance/irpf/default.nix @@ -11,13 +11,13 @@ stdenvNoCC.mkDerivation rec { pname = "irpf"; - version = "2022-1.4"; + version = "2022-1.5"; src = let year = lib.head (lib.splitVersion version); in fetchzip { url = "https://downloadirpf.receita.fazenda.gov.br/irpf/${year}/irpf/arquivos/IRPF${version}.zip"; - sha256 = "sha256-AKBcBkoPDBknUOyndf9hNigzDHjjgi2v0n1Rs+//j/8="; + sha256 = "sha256-FJqLjERTVQC6KvLSrCzR9RTIiJEfHvOwX7CRdUmHf/U="; }; nativeBuildInputs = [ unzip makeWrapper copyDesktopItems ]; diff --git a/pkgs/applications/misc/ArchiSteamFarm/default.nix b/pkgs/applications/misc/ArchiSteamFarm/default.nix index 5b221384d038..951faaac4ded 100644 --- a/pkgs/applications/misc/ArchiSteamFarm/default.nix +++ b/pkgs/applications/misc/ArchiSteamFarm/default.nix @@ -12,13 +12,13 @@ buildDotnetModule rec { pname = "archisteamfarm"; # nixpkgs-update: no auto update - version = "5.2.2.4"; + version = "5.2.5.7"; src = fetchFromGitHub { owner = "justarchinet"; repo = pname; rev = version; - sha256 = "sha256-Q5gR+CbqoE9QwFjDpnKOzVZuRPUDBukJ0EpqhN5cAws="; + sha256 = "sha256-NXRHLE9Y7j10l8mAUY68+556wcxRXLfdKeCI+b4Xs7I="; }; dotnet-runtime = dotnetCorePackages.aspnetcore_6_0; diff --git a/pkgs/applications/misc/ArchiSteamFarm/deps-aarch64-linux.nix b/pkgs/applications/misc/ArchiSteamFarm/deps-aarch64-linux.nix index 51ed1def41db..a3fdcd928ede 100644 --- a/pkgs/applications/misc/ArchiSteamFarm/deps-aarch64-linux.nix +++ b/pkgs/applications/misc/ArchiSteamFarm/deps-aarch64-linux.nix @@ -3,58 +3,58 @@ (fetchNuGet { pname = "AngleSharp.XPath"; version = "1.1.7"; sha256 = "0lrk002nizq973zdmcm0wmcq17j5gizwp03xdv84hiqqd8cyy538"; }) (fetchNuGet { pname = "ConfigureAwaitChecker.Analyzer"; version = "5.0.0"; sha256 = "0sklcgan0w0afvmd4akq7wvdbx5j353ifbhg8z7bxs80yi6f9q17"; }) (fetchNuGet { pname = "CryptSharpStandard"; version = "1.0.0"; sha256 = "0nikzb92z4a2n969sz747ginwxsbrap5741bcwwxr4r6m2na9jz7"; }) - (fetchNuGet { pname = "Humanizer"; version = "2.13.14"; sha256 = "155g2700x6sbym2jd4dshm4rf3jjr8flx6w9xnw28zrrv7r2rdy8"; }) - (fetchNuGet { pname = "Humanizer.Core"; version = "2.13.14"; sha256 = "1ni4mcyhcs46ih9b8c8l3xq3iai56rdlcw0afwhji3hxwbxqbk7i"; }) - (fetchNuGet { pname = "Humanizer.Core.af"; version = "2.13.14"; sha256 = "0w7n9qfxlqayw2dwgajqjks5b2qxcy2853v5h0rbaq5r5yb84874"; }) - (fetchNuGet { pname = "Humanizer.Core.ar"; version = "2.13.14"; sha256 = "1nxdh3hg9hkvi7q0ffaflb738kkdl0kmpry9jxdkkvg4mhrmfs2i"; }) - (fetchNuGet { |