about summary refs log tree commit diff
path: root/third_party/default.nix
AgeCommit message (Collapse)AuthorFilesLines
2021-12-16 r/3266 feat(ops/modules): Provide some modules to all nixosesGriffin Smith1-2/+5
For modules that are gated behind a mkEnableOption, it's reasonable to just provide them to all Depot-built nixos systems without requiring people to explicitly import them. This defines a special module called `default-imports.nix` which imports these modules (currently just tvl-cache.nix and automatic-gc.nix, as I'm being rather conservative adding things here to avoid breaking anyone's system), then provides that module as one of the `modules` passed at the top-level nixos/eval-config invocation. Change-Id: I3be299ab10ae4c451ef11c514edb3c89318a2278 Reviewed-on: https://cl.tvl.fyi/c/depot/+/4345 Tested-by: BuildkiteCI Autosubmit: grfn <grfn@gws.fyi> Reviewed-by: tazjin <mail@tazj.in>
2021-05-24 r/2626 refactor(ops/nixos): Pass `depot` as a special argumentVincent Ambo1-3/+32
This changes the evaluation order for the `depot` argument and ensures it is partially evaluated before the module system starts resolving imports. This way we can import modules from `depot.path` without `depot` having to come from readTree. Fixes b/129. Change-Id: Icf4dd2be15011055dac8b27e991a4ff6a12bf827 Reviewed-on: https://cl.tvl.fyi/c/depot/+/3156 Tested-by: BuildkiteCI Reviewed-by: grfn <grfn@gws.fyi>
2021-04-10 r/2470 refactor: Move nixpkgs attribute to `third_party.nixpkgs`Vincent Ambo1-72/+22
Please read b/108 to make sense of this. This gets rid of the explicit list of exposed packages from nixpkgs, and instead makes the entire package set available at `third_party.nixpkgs`. To accommodate this, a LOT of things have to be very slightly shuffled around. Some of this was done in already submitted CLs, but this change is unfortunately still quite noisy. Pay extra attention to: * overlay-like functionality that was partially moved to actual overlays (partially as in, the minimum required to get a green build) * modified uses of the package set path, esp. in NixOS systems Special notes: * xanthous has been disabled in CI because of issues with the Haskell overlay * //third_party/nix has been disabled because of other unclear dependency issues Both of these will be tackled in a followup CL. Change-Id: I2f9c60a4d275fdb5209264be0addfd7e06c53118 Reviewed-on: https://cl.tvl.fyi/c/depot/+/2910 Reviewed-by: glittershark <grfn@gws.fyi> Reviewed-by: sterni <sternenseemann@systemli.org> Tested-by: BuildkiteCI
2021-04-10 r/2465 refactor(3p/dhall): Move easy-dhall-nix import into separate folderVincent Ambo1-18/+0
This is part of paving the way for clearly distinguishing between packages from nixpkgs and //third_party. See also: b/108, cl/2910 Change-Id: I28b5abd1f0f9fa3c4478c9f255b2025f4a4139f1 Reviewed-on: https://cl.tvl.fyi/c/depot/+/2917 Tested-by: BuildkiteCI Reviewed-by: sterni <sternenseemann@systemli.org> Reviewed-by: Profpatsch <mail@profpatsch.de> Reviewed-by: tazjin <mail@tazj.in>
2021-04-01 r/2383 feat(third_party): add dhall packages from easy-dhall-nixProfpatsch1-1/+20
About to do some dhalllll! \o/ Change-Id: Ie58c335d80f4a5abeb8296ece5a24377f07e6369 Reviewed-on: https://cl.tvl.fyi/c/depot/+/2585 Tested-by: BuildkiteCI Reviewed-by: lukegb <lukegb@tvl.fyi>
2021-03-26 r/2330 chore(3p): bump NixOS channels to 2021-03-25sterni1-6/+6
OpenSSL released an update which fixes two severity high security issues: * https://mta.openssl.org/pipermail/openssl-announce/2021-March/000197.html * https://mta.openssl.org/pipermail/openssl-announce/2021-March/000198.html Update to the nixpkgs (currently still master) commits updating OpenSSL. Other changes: * Use GHC 8.8.4 for haskell-language-server as GHC 8.8.3 got removed from nixpkgs last friday. Change-Id: Ic1b2f49284e78193a4330da4bb4b718a797f5ab1 Reviewed-on: https://cl.tvl.fyi/c/depot/+/2653 Tested-by: BuildkiteCI Reviewed-by: tazjin <mail@tazj.in> Reviewed-by: lukegb <lukegb@tvl.fyi> Reviewed-by: glittershark <grfn@gws.fyi>
2021-03-19 r/2284 chore(3p): bump NixOS channels to 2021-03-18sterni1-6/+6
Making this a monthly service apparently. Necessary changes: * 3p: expose emacs27 instead of emacs26 which got removed users/tazjin/{camden, frog}: switch from emacs26 to emacs27 * 3p/lieer: google_api_python_client got renamed to google-api-python-client Change-Id: I1011665d10eebc99990addbef6a8a6b000b93896 Reviewed-on: https://cl.tvl.fyi/c/depot/+/2605 Tested-by: BuildkiteCI Reviewed-by: glittershark <grfn@gws.fyi> Reviewed-by: tazjin <mail@tazj.in>
2021-02-19 r/2221 chore(3p): Bump NixOS channels to 2021-02-18sterni1-6/+6
Main motivation for this is to get the openldap update that fixes 10 CVEs: CVE-2020-36221 to including CVE-2020-36230. See also this issue which lists them all: https://github.com/NixOS/nixpkgs/issues/113490 Someone should also redeploy whitby as soon as this lands in canon and all build failures have been fixed. Things done to resolve upstream breakages: * grpc no longer takes abseil-cpp as an input, it has also been removed in the override. * Upgrade glittershark's kernel to 5.11 since the linuxPackages_5_9 attribute has been removed by upstream and the patch used by them is available for 5.11 as well. * The fixed output hash for third_patry.apereo-cas changed for some reason. * Remove the pin of haskellPackages.vector from the haskell overlay. It broke as the most recent version of vector in nixos-unstable no longer depends on semigroups. This effectively updates vector from 0.12.1.2 to 0.12.2.0. * Align two comments in tvix/libstore/worker-protocol.hh because the updated clang-format now demands that. Change-Id: I2ecf10a98de935e9222acf1feaea447d4c11ed2d Reviewed-on: https://cl.tvl.fyi/c/depot/+/2538 Tested-by: BuildkiteCI Reviewed-by: tazjin <mail@tazj.in> Reviewed-by: glittershark <grfn@gws.fyi> Reviewed-by: sterni <sternenseemann@systemli.org>
2021-01-30 r/2159 chore(3p|nix): Remove typed GoVincent Ambo1-30/+0
Nobody has actually done any experimentation with typed Go, so we're getting rid of it for now - it's causing annoying IFD during build graph generation. Change-Id: Ibac3dea98ebed1b3ee08acda184d24c500cf695d Reviewed-on: https://cl.tvl.fyi/c/depot/+/2458 Tested-by: BuildkiteCI Reviewed-by: sterni <sternenseemann@systemli.org> Reviewed-by: lukegb <lukegb@tvl.fyi> Reviewed-by: Profpatsch <mail@profpatsch.de>
2021-01-26 r/2146 feat(3p/telega): Pin tdlib version used for telegaVincent Ambo1-4/+2
Recent channel updates have caused some issues for telega.el, mostly because the version of tdlib (the C++ library for Telegram) and the Emacs package are out of sync. This overrides the version used in the Emacs package to a "known good" commit. It would be useful to change the tdlib derivation in nixpkgs to make this version mismatch a hard build error. Change-Id: I9c994f783e1cc17e933432507cd13b65697efd4a Reviewed-on: https://cl.tvl.fyi/c/depot/+/2445 Tested-by: BuildkiteCI Reviewed-by: Profpatsch <mail@profpatsch.de>
2021-01-19 r/2134 chore(3p): Bump NixOS channels to 2021-01-19Vincent Ambo1-6/+6
Change-Id: I07b0d4991a07e15b1ab1ec8f371542868874eda5 Reviewed-on: https://cl.tvl.fyi/c/depot/+/2421 Tested-by: BuildkiteCI Reviewed-by: lukegb <lukegb@tvl.fyi> Reviewed-by: Profpatsch <mail@profpatsch.de>
2021-01-13 r/2078 chore(3p): Bump NixOS channels to 2021-01-09Vincent Ambo1-6/+9
Your regularly scheduled channel update, but slightly more regular than before. Included fixes: * 3p/emacs: Pick telega.el from stable channel, unstable is broken. * glittershark/fprintd: Compile with gcc9, since build fails with the new default of gcc10 * glittershark/fprintd: Use a global overlay for the fprintd package until https://github.com/NixOS/nixpkgs/pull/108962 lands in nixos-unstable * glittershark/home: Don't install rr, as it's not building with gcc10 Co-Author: Griffin Smith <grfn@gws.fyi> Change-Id: Ia715fef64a405a220049fc540017356fa7370e0b Reviewed-on: https://cl.tvl.fyi/c/depot/+/2341 Reviewed-by: tazjin <mail@tazj.in> Reviewed-by: glittershark <grfn@gws.fyi> Reviewed-by: lukegb <lukegb@tvl.fyi> Tested-by: BuildkiteCI
2021-01-11 r/2075 chore(third_party): move nixkpgs-exposed to subdir to fix OWNERSProfpatsch1-1/+1
The owners plugin should in theory be able to match on subdirs (at least according to its documentation, but it doesn’t and nobody has any idea how to debug it. We already know that subdirectories work just fine, so let’s go the path of least resistance because frankly, I couldn’t care any less. The haskell overlay also moves to the subdir, this way both can be changed in the same go by the same people. Change-Id: I7d98f48afa649ad2c58e38e674e1c4df09039c1c Reviewed-on: https://cl.tvl.fyi/c/depot/+/2347 Tested-by: BuildkiteCI Reviewed-by: kanepyork <rikingcoding@gmail.com> Reviewed-by: lukegb <lukegb@tvl.fyi>
2021-01-09 r/2065 chore(3p): Bump NixOS channels to 2020-12-28Vincent Ambo1-6/+6
Changes: * ops/nixos/tvl-slapd: The NixOS module for OpenLDAP has removed the ability to configure OpenLDAP directly and now forces users to use some kind of weird Nix->OLC mapping that is mostly undocumented. This moves the config we need to the new format in a way that may or may not work and does the other arbitrary dance steps that someone decided to impose on us. Note that this now throws lots of warnings, but I can't be bothered to fix them. * 3p: Random package removals accomodated * users/glittershark: Pin grfn's kernel to 5.9, because the CK patch is not yet updated for 5.10 * users/glittershark: Update vendor hash for pg-dump-upsert, I suspect this changed because of something in the Go build machinery in nixpkgs. The deleteVendor flag also has no effect anymore and has been removed. * users/glittershark: agda build is broken, commenting out development home-manager environment until it can be fixed * third_party/haskell_overlay: updating random needs upper boundarles of a few dependencies relaxed (curse them) * third_party/gerrit_plugins: for some cursed reason the fixed-output hash of the gerrit owners plugin fetchgit changed, updated. Same for the checks plugin. Change-Id: Ica37995fe8039d3ba80eab643867f98795c56734 Reviewed-on: https://cl.tvl.fyi/c/depot/+/2295 Tested-by: BuildkiteCI Reviewed-by: Profpatsch <mail@profpatsch.de> Reviewed-by: glittershark <grfn@gws.fyi> Reviewed-by: tazjin <mail@tazj.in>
2021-01-08 r/2064 feat(third_party): separate nixpkgs whitelist to allow more ownersProfpatsch1-178/+1
The exposed package list has to be changed/amended quite frequently, every time somebody wants to use a package not yet in that list and thus has to whitelist it here. This effectively requires a superowner review every single time, which is an unreasonable blocker for many CLs. I thus propose moving the list into a separate file (I called it `nixpkgs-whitelist.nix` which is more descriptive than `exposed.nix` and letting anybody add themselves to the OWNERS on that file. Change-Id: Ied8bac066e4b9a91ddd642db805fe33dc37872c9 Reviewed-on: https://cl.tvl.fyi/c/depot/+/2323 Tested-by: BuildkiteCI Reviewed-by: lukegb <lukegb@tvl.fyi>
2021-01-03 r/2056 feat(Profpatsch/writers): add rustSimple writersProfpatsch1-0/+1
A bunch of writer functions wrapping the `buildRustCrate` functionality of nixpkgs. Can be used to write inline rust code, or rust code read from files with `builtins.readFile`. Change-Id: I9d74e9381b858b485925e4dc3fbb7fc392877c0a Reviewed-on: https://cl.tvl.fyi/c/depot/+/2318 Reviewed-by: tazjin <mail@tazj.in> Reviewed-by: Profpatsch <mail@profpatsch.de> Tested-by: BuildkiteCI
2021-01-03 r/2051 feat(users/Profpatsch): add python3Lib writerProfpatsch1-0/+1
Smol writer to create a python lib directly from a nix string. The resulting library can be consumed by the writePython3 writer. Change-Id: Id3d793564d230b38a08f65140bda4287285e1a72 Reviewed-on: https://cl.tvl.fyi/c/depot/+/2310 Tested-by: BuildkiteCI Reviewed-by: tazjin <mail@tazj.in>
2021-01-01 r/2042 feat(users/Profpatsch): moving around via the tree-sitter parse treeProfpatsch1-0/+1
Has a little setup to get the cursor position and map it onto a tree sitter node. The current node is saved in a cursor variable, and a highlight overlay marks the range of the current node in the buffer. Change-Id: I0af56115f928732e993fbefe978a246ca7c757ee Reviewed-on: https://cl.tvl.fyi/c/depot/+/2258 Reviewed-by: lukegb <lukegb@tvl.fyi> Reviewed-by: tazjin <mail@tazj.in> Reviewed-by: Profpatsch <mail@profpatsch.de> Tested-by: BuildkiteCI
2020-11-30 r/1968 chore(3p): move quassel to the right inherit statementAndreas Rammhold1-1/+1
As the comment above the inherit statement says it is supposed to only contain packages required for //third_party/nix. As much as I like IRC I can't find a usage of Quassel within Nix itself. Perhaps a plugin to report build status at some point? Until that plugin mainfests we might as well move it to the correct location. Change-Id: I14fd6b698bb779b80829e7bebd5daa69cacdde78 Reviewed-on: https://cl.tvl.fyi/c/depot/+/2177 Reviewed-by: kanepyork <rikingcoding@gmail.com> Reviewed-by: glittershark <grfn@gws.fyi> Reviewed-by: tazjin <mail@tazj.in> Reviewed-by: lukegb <lukegb@tvl.fyi> Tested-by: BuildkiteCI
2020-11-29 r/1958 chore(3p): upgrade llvm to version 11Kane York1-6/+9
Additionally, anchor clang-tools to match the current llvmPackages version. Change-Id: I27a199cadb55907c3e2deabfd1d14a5b50fc541b Reviewed-on: https://cl.tvl.fyi/c/depot/+/2166 Tested-by: BuildkiteCI Reviewed-by: tazjin <mail@tazj.in> Reviewed-by: glittershark <grfn@gws.fyi>
2020-11-29 r/1957 chore(3p/gerrit): update to latest upstream HEADLuke Granger-Brown1-0/+1
Change-Id: Ia7b17ca83ace164881a4dd8b0288741489bc467c Reviewed-on: https://cl.tvl.fyi/c/depot/+/2164 Tested-by: BuildkiteCI Reviewed-by: glittershark <grfn@gws.fyi> Reviewed-by: tazjin <mail@tazj.in>
2020-11-21 r/1894 chore(3p): Bump nixpkgs to nixos-unstable from 2020-11-21Vincent Ambo1-5/+10
Included fixes for random breakage: * 3p/awscli: pick from the stable channel; it is broken on unstable * 3p/googletest: bumped version & removed patches that nixpkgs applies * 3p/lisp/cffi: bumped library version for SBCL compat * 3p/nix: fix libsystemd attribute * 3p/nix: reformatted (clang-format handling of ternaries changed) * glittershark/home: Use home-manager from nixkpgs * glittershark/kernel: bumped linux-ck patch hash * glittershark/kernel: removed "patch patch" * multi/whitby: Use home-manager from nixpkgs * tazjin/frog: drop Sourcetrail (it doesn't build currently) Note that in addition to these changes, some previous CLs updated the versions of git and cgit which was necessary for this channel bump, but which could not be done in the same commit due to the nature of the subtree merges. Change-Id: If2563e8a68e2750c4b913a976ff7b93b42e8b7f3 Reviewed-on: https://cl.tvl.fyi/c/depot/+/2110 Tested-by: BuildkiteCI Reviewed-by: multi <depot@in-addr.xyz> Reviewed-by: glittershark <grfn@gws.fyi>
2020-11-21 r/1890 merge(3p/git): Merge git subtree at v2.29.2Vincent Ambo1-4/+4
This also bumps the stable nixpkgs to 20.09 as of 2020-11-21, because there is some breakage in the git build related to the netrc credentials helper which someone has taken care of in nixpkgs. The stable channel is not used for anything other than git, so this should be fine. Change-Id: I3575a19dab09e1e9556cf8231d717de9890484fb
2020-08-19 r/1681 feat(tools/tvlc): init projectKane York1-0/+1
tvlc is a tool for managing sparse git worktrees of the TVL depot. It is still in development; near-term tasks include a setup script, Nix dependency resolution, worktree removal, and the dispatch script. See cs.tvl.fyi/depot/docs/designs/SPARSE_CHECKOUTS.md for more info. Change-Id: Iad96656f0206178980fe7dcadd3dffe70d690f8f Reviewed-on: https://cl.tvl.fyi/c/depot/+/1760 Tested-by: BuildkiteCI Reviewed-by: tazjin <mail@tazj.in>
2020-08-18 r/1675 chore(3p/emacs): Enable cairo for Emacs 27.1Vincent Ambo1-1/+4
... this in turn enables support for Harfbuzz, which enables support for ligatures - maybe this will make grfn happy! Change-Id: I331c5171a829800fe532ca0b0d4910478e63ef1b Reviewed-on: https://cl.tvl.fyi/c/depot/+/1783 Reviewed-by: glittershark <grfn@gws.fyi> Tested-by: BuildkiteCI
2020-08-17 r/1665 chore(3p): Provide Emacs 27.1Vincent Ambo1-0/+9
This is now available in the upstream channel, and I need it on one machine for $reasons. Normally the Emacs attribute is versioned to make it clear which version we're dealing with, but not in this case. I've added an assert to check that it is indeed 27. Change-Id: I827df0d36350066bf4e177150d32af0c8d123b9b Reviewed-on: https://cl.tvl.fyi/c/depot/+/1764 Tested-by: BuildkiteCI Reviewed-by: glittershark <grfn@gws.fyi>
2020-08-17 r/1662 chore(3p): Bump nixos-unstable channelVincent Ambo1-3/+3
This bumps the channel to a commit that includes fixes for an nginx issue we have been seeing: https://github.com/NixOS/nixpkgs/pull/95264 Includes the following compatibility fixes: - tests disabled in third_party.bufbuild: These were enabled unexpectedly by the update, but don't run in the sandbox because they want to download things from github Change-Id: I98a3b5de57f62f1fd3a37701fa1896eddeedff85 Reviewed-on: https://cl.tvl.fyi/c/depot/+/1759 Tested-by: BuildkiteCI Reviewed-by: glittershark <grfn@gws.fyi> Reviewed-by: tazjin <mail@tazj.in>
2020-08-15 r/1652 chore(3p): Pick Emacs & friends from the default channelVincent Ambo1-9/+6
I had previously pinned Emacs to the (older) stable channel, because of a heretofore undiagnosed issue in newer versions. It turns out that the older Emacs is linking against X11-related libraries, namely <unintelligible>, which cause even *weirder* undiagnosed issues if paired with the rest of the recent packages. This commit removes the exception for Emacs and just picks it from the same channel as everything else. Change-Id: Ifce21c99f0204d4cf131bacb366dd9617fc301b8 Reviewed-on: https://cl.tvl.fyi/c/depot/+/1751 Tested-by: BuildkiteCI Reviewed-by: tazjin <mail@tazj.in>
2020-08-06 r/1604 chore(3p): Bump nixpkgs channelsVincent Ambo1-6/+6
Bumps both nixos-unstable and nixos-20.03 to today's versions, as per status.nixos.org Contains minor fixes to things that broke because of the update: * tazjin/frog: hardware.u2f is a deprecated setting * glittershark/system: modSha256 in Go modules is now vendorSha256 * glittershark/owothia: removed version constraint on relude Change-Id: Ib3e9612b1b06ed547b90e4f8b0ffe5ed7fe0a5c4 Reviewed-on: https://cl.tvl.fyi/c/depot/+/1642 Tested-by: BuildkiteCI Reviewed-by: glittershark <grfn@gws.fyi>
2020-08-04 r/1575 fix(3p/nix): Properly configure SANDBOX_SHELLGriffin Smith1-0/+1
point the SANDBOX_SHELL macro at the actual path to busybox on the build machine, or allow it to be configured at build-time with a cmake option. Change-Id: I044a1315ba9baa3bc9ceddf29f36d14f9f9ccd96 Reviewed-on: https://cl.tvl.fyi/c/depot/+/1632 Tested-by: BuildkiteCI Reviewed-by: tazjin <mail@tazj.in>
2020-08-03 r/1553 feat(3p): Whitelist unzipedef1-0/+1
Change-Id: Iae7e661dc45f8bc8668c1aa4fe82b88e8868c22f Reviewed-on: https://cl.tvl.fyi/c/depot/+/1585 Tested-by: BuildkiteCI Reviewed-by: ericvolp12 <ericvolp12@gmail.com> Reviewed-by: lukegb <lukegb@tvl.fyi>
2020-07-26 r/1486 feat(web/panettone): Add dev helpers for postgres dbGriffin Smith1-0/+1
Add a docker-compose file and lorri-based direnv for aiding in running and connecting to a postgres database during development of panettone. Change-Id: I319eee52b52cd48e1f3d2e32c558989768dc19d8 Reviewed-on: https://cl.tvl.fyi/c/depot/+/1465 Tested-by: BuildkiteCI Reviewed-by: tazjin <mail@tazj.in> Reviewed-by: eta <eta@theta.eu.org>
2020-07-19 r/1399 chore(3p/nix): Enable clang-format check in derivation buildVincent Ambo1-0/+1
This is the easiest way to get the checks up and running for now, but we will probably want to separate out things like this into a separate build step in the future. Change-Id: I8e1a1095aef09b1eee97abad5b6240bc64d14b8c Reviewed-on: https://cl.tvl.fyi/c/depot/+/1287 Tested-by: BuildkiteCI Reviewed-by: glittershark <grfn@gws.fyi>
2020-07-17 r/1345 feat(3p/gtest): Bump version & override stdenv to libcxxVincent Ambo1-2/+2
Change-Id: I19a34e80f51add5a7c6cde2650aae60c1919ad43 Reviewed-on: https://cl.tvl.fyi/c/depot/+/1238 Tested-by: BuildkiteCI Reviewed-by: glittershark <grfn@gws.fyi>
2020-07-15 r/1304 feat(tools): Add script to flamegraph a commandGriffin Smith1-0/+2
Add tools.perf-flamegraph, which collects the base case execution of perf piped through stackcollapse-perf and flamegraph to flamegraph the execution of an external command via perf. Change-Id: I671fe254dc374b6cd7deca2d3bdea266164de025 Reviewed-on: https://cl.tvl.fyi/c/depot/+/1176 Reviewed-by: tazjin <mail@tazj.in> Tested-by: BuildkiteCI
2020-07-13 r/1273 feat(3p/rr): Add ThreadRipper compatibility patchVincent Ambo1-1/+1
Change-Id: Ia73883075e11bccaa234d3b1212f3ab9363f234c Reviewed-on: https://cl.tvl.fyi/c/depot/+/1129 Tested-by: BuildkiteCI Reviewed-by: lukegb <lukegb@tvl.fyi>
2020-07-08 r/1242 feat(tazjin/frog): Install Quassel client on frogVincent Ambo1-0/+1
Change-Id: I5abcf0768a84b2010acefef595d05d4f24f6d622 Reviewed-on: https://cl.tvl.fyi/c/depot/+/956 Tested-by: BuildkiteCI Reviewed-by: isomer <isomer@tvl.fyi>
2020-07-06 r/1231 feat(gs/keyboard): Integrate my layout with the depotGriffin Smith1-0/+7
Integrate the keyboard layout for my Ergodox EZ, which is a layout for QMK, with the depot, including exposing several cross-compilation packages necessary to compile qmk for avr in third_party. Change-Id: Idd43169a0a3cf0be2bd1a578fdaff70388a58bfc Reviewed-on: https://cl.tvl.fyi/c/depot/+/947 Tested-by: BuildkiteCI Reviewed-by: tazjin <mail@tazj.in>
2020-07-05 r/1219 feat(3p/apereo-cas): initial Nix derivation (no TVL-specific config yet)Luke Granger-Brown1-0/+15
Change-Id: Ie7d52370dd554b110bbfa041b943fcf246373b94 Reviewed-on: https://cl.tvl.fyi/c/depot/+/933 Tested-by: BuildkiteCI Reviewed-by: tazjin <mail@tazj.in>
2020-07-01 r/1148 feat(3p/openldap): Enable slapd-passwd-argon2 moduleVincent Ambo1-1/+1
This enables support for the Argon2 password hashing mechanism in OpenLDAP. Note that we also need to configure the LDAP module to load this, so this change is not yet sufficient for actually using Argon2 hashes. Change-Id: I151b854b777daa924b22224a43851432a88a2760 Reviewed-on: https://cl.tvl.fyi/c/depot/+/830 Reviewed-by: BuildkiteCI Reviewed-by: isomer <isomer@tvl.fyi> Tested-by: BuildkiteCI
2020-07-01 r/1147 chore(ci-builds): Move third_party builds to their own package groupVincent Ambo1-1/+0
... and remove a package that doesn't exist anymore (at this location) from the nixpkgs allowlist. Change-Id: I663c84c387fb04bb3b47448132ad768ed5352474 Reviewed-on: https://cl.tvl.fyi/c/depot/+/829 Reviewed-by: BuildkiteCI Reviewed-by: isomer <isomer@tvl.fyi> Tested-by: BuildkiteCI
2020-06-30 r/1134 refactor(overrides/writeElispBin): use writeScriptBinProfpatsch1-1/+0
Change-Id: Ib9793da985128b4a8f64b04086ea89ce81118188 Reviewed-on: https://cl.tvl.fyi/c/depot/+/705 Tested-by: BuildkiteCI Reviewed-by: Kane York <rikingcoding@gmail.com> Reviewed-by: tazjin <mail@tazj.in> Reviewed-by: BuildkiteCI
2020-06-30 r/1133 refactor(nix): use our own writeScript(Bin)Profpatsch1-2/+0
We have this nice `runExecline` now, so we don’t need to use `runCommand` (which spawns bash) just to write a simple script. Change-Id: I2941ed8c1448fa1d7cc02dc18b24a8a945b2c38b Reviewed-on: https://cl.tvl.fyi/c/depot/+/704 Tested-by: BuildkiteCI Reviewed-by: tazjin <mail@tazj.in> Reviewed-by: BuildkiteCI
2020-06-29 r/1124 feat(3p/haskellPackages): port in patches from xanthousGriffin Smith1-1/+4
Add a few relatively uncontroversial patches to fix some broken packages that I had developed for xanthous to the top-level third_party tree, so they can be reused by other people in the monorepo Change-Id: I68740477bda278c5dcc123080029ee4bd2cae37a Reviewed-on: https://cl.tvl.fyi/c/depot/+/740 Reviewed-by: Profpatsch <mail@profpatsch.de> Reviewed-by: tazjin <mail@tazj.in>
2020-06-29 r/1120 feat(3p): Add haskellPackages from nixpkgsGriffin Smith1-0/+1
Change-Id: Ic59e86ec2a36f5ee4eaf48592346a084fdef63ea Reviewed-on: https://cl.tvl.fyi/c/depot/+/735 Reviewed-by: glittershark <grfn@gws.fyi>
2020-06-28 r/1108 feat(nix/emptyDerivation) add emptyDerivationProfpatsch1-0/+1
The most trivial of all derivations. It is more useful than it looks. Can be used to bind nix expressions (e.g. test suites) to a derivation, so that `nix-build` does not crap itself. Change-Id: I61c24d8c129c9505733161207f3c30e820f5b15e Reviewed-on: https://cl.tvl.fyi/c/depot/+/665 Reviewed-by: tazjin <mail@tazj.in>
2020-06-28 r/1107 feat(nix/getBins): add getBinsProfpatsch1-0/+1
This is a simple-stupid “unix import system” for nix, for referencing binaries in `/bin/` by their name and lifting them to a Nix attrset. Allows for simple aliasing of executable names. Change-Id: Ifa23cb377201c3b08050c5026e9751e736afaf56 Reviewed-on: https://cl.tvl.fyi/c/depot/+/664 Reviewed-by: tazjin <mail@tazj.in>
2020-06-27 r/1100 feat(nix/writeExecline): add writeExeclineProfpatsch1-0/+2
This is a writer, similar to `pkgs.writeBashScript` or `pkgs.writers.writePython3`. The difference is that we can correctly write all execline scripts by using nix lists of lists, so the user doesn’t have to care about escaping arguments (like they have to in bash scripts with `lib.escapeShellArg` for example). Change-Id: I2f2874cf61170ddca07b89b692f762725f4a75dc Reviewed-on: https://cl.tvl.fyi/c/depot/+/625 Reviewed-by: Kane York <rikingcoding@gmail.com> Reviewed-by: tazjin <mail@tazj.in>
2020-06-27 r/1099 feat(ops/pipelines): Add Buildkite pipeline configurationVincent Ambo1-0/+1
This adds configuration which generates the structure expected for Buildkite pipelines, which can then be dynamically ingested by Buildkite when a pipeline is triggered. Change-Id: I61e3dc3affb19c1f2550ef827fa73b17f8d8ae47 Reviewed-on: https://cl.tvl.fyi/c/depot/+/627 Reviewed-by: ericvolp12 <ericvolp12@gmail.com> Reviewed-by: lukegb <lukegb@tvl.fyi>
2020-06-27 r/1097 feat(nix/binify): add binifyProfpatsch1-0/+1
Create a store path where the executable `exe` is linked to $out/bin/${name}. This is useful for e.g. including it as a “package” in `buildInputs` of a shell.nix. For example, if I have the exeutable /nix/store/…-hello, I can make it into /nix/store/…-binify-hello/bin/hello with `binify { exe = …; name = "hello" }`. Change-Id: I600bdcd8f143bca2dd8dfbb165a9a5a8d6397622 Reviewed-on: https://cl.tvl.fyi/c/depot/+/624 Reviewed-by: tazjin <mail@tazj.in>