haskal
/
dragnpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

merge into: haskal:main
Branches Tags
haskal:main
haskal:nixos-25.05
haskal:wip/nixos-25.05-ghidra
haskal:nixos-24.11
haskal:mkflake
haskal:nixos-24.11-tmp
haskal:nixos-24.05
haskal:module/dbzfs
...
pull from: haskal:wip/nixos-25.05-ghidra
Branches Tags
haskal:nixos-25.05
haskal:main
haskal:wip/nixos-25.05-ghidra
haskal:nixos-24.11
haskal:mkflake
haskal:nixos-24.11-tmp
haskal:nixos-24.05
haskal:module/dbzfs

46 Commits
main ... wip/nixos-

Author SHA1 Message Date
xenia 4cbea3dc01 wip ghidra python packaging 2025-09-14 18:35:07 -04:00
xenia 7914014c1d alphabetize 2025-09-14 01:51:46 -04:00
xenia 13548ea5ed fix kaiju 2025-09-14 01:35:15 -04:00
xenia 5fd38d270e ghidra-extensions.kaiju: fix z3 java output 2025-09-13 23:28:58 -04:00
xenia 6d766dd63c fix ghidra extensions 2025-09-13 23:20:59 -04:00
xenia 6bba7ab0c4 fix binsync metadata 2025-09-13 23:20:31 -04:00
xenia 6b6dd9c66f ghidra: fix extension build issues 2025-09-13 22:57:45 -04:00
xenia 292b3bdcec update todo 2025-09-12 02:42:34 -04:00
xenia fda38bd2cf add programs.idapro 2025-09-12 02:38:04 -04:00
xenia cf817800f5 add ghidra binsync extension 2025-09-12 01:54:04 -04:00
xenia 29532b3561 fix python overrides 2025-09-12 01:00:01 -04:00
xenia 219b736565 add binsync 2025-09-12 00:46:37 -04:00
xenia d5835d211c update readme 2025-09-12 00:35:39 -04:00
xenia d67164126a add patdiff-bin 2025-09-12 00:34:11 -04:00
xenia 80299ca3d7 update todo 2025-09-12 00:30:01 -04:00
xenia 7d914c78d2 add idapro packaging 2025-09-12 00:28:46 -04:00
xenia fd2baa1c23 move ghidra location 2025-09-11 18:50:34 -04:00
xenia 8fe88edc61 meow 2025-09-11 18:10:27 -04:00
xenia f21591a29f add dragnpkgs version of programs.ghidra 2025-09-11 18:05:35 -04:00
xenia b420af3043 update readme 2025-09-11 16:01:43 -04:00
xenia 533960accd fix docs 2025-09-11 15:47:18 -04:00
xenia bf091ff8fe cleanup + docs 2025-09-11 15:45:52 -04:00
xenia 55078cdb82 satisfactory dedi: virtualize additional dir 2025-09-11 14:38:24 -04:00
xenia 6b8b667e48 update satisfactory dedi 2025-09-11 14:16:11 -04:00
xenia ac53b7145d remove kicad-xenia 2025-09-06 20:03:38 -04:00
xenia f1980a782f dual license ppx_unicode 2025-09-06 19:54:51 -04:00
xenia 567a47da23 fix ocaml pacakges 2025-09-06 19:47:57 -04:00
xenia f71b45c677 add new module for satisfactory server 1.0 2025-09-01 22:54:35 -04:00
xenia 3b71438ff4 update nixpkgs/lix 2025-08-31 17:44:41 -04:00
xenia 49a730f641 update nixpkgs 2025-08-03 16:19:57 -04:00
xenia de53bfd455 oops 2025-07-07 21:36:44 -04:00
xenia f71602bcff update nixpkgs and lix 2025-07-07 21:19:57 -04:00
xenia 1557fcbf00 rollback lix 2025-06-28 20:36:18 -04:00
xenia b157a5ca31 update to lix 2.92.2 2025-06-24 22:34:42 -04:00
xenia 83be7c5296 whoops 2025-06-22 18:21:43 -04:00
xenia d181eac6a3 pkgs: fix zbasefind 2025-06-18 23:34:47 -04:00
xenia c1bd5b32d6 pkgs: add moloch(-dragon) 2025-06-11 01:12:10 -04:00
xenia 76cbd04361 templates: beamer: use new style texlive syntax 2025-06-10 00:08:55 -04:00
xenia 6933e33e80 templates: update gitignore 2025-06-09 23:03:47 -04:00
xenia 9c6a46b398 templates: update beamer 2025-06-09 22:16:51 -04:00
xenia b33745acb8 templates: update beamer template 2025-06-09 22:16:04 -04:00
xenia 71af6415d2 templates: update beamer template 2025-06-09 22:03:56 -04:00
xenia 37050f846b templates: add beamer template 2025-06-09 21:19:03 -04:00
xenia 6223d67e8f flake: add `apps` to mkFlake transformed keys 2025-06-09 21:03:14 -04:00
xenia 8674b22d5c flake: rework the nixpkgs init code 2025-06-06 00:24:49 -04:00
xenia 946bbc1522 update nixpkgs to 25.05 2025-05-29 15:13:56 -04:00
64 changed files with 2255 additions and 1433 deletions
Show Stats Expand all files Collapse all files

657
README.md
View File

@ -6,28 +6,45 @@ include_toc: true
# dragnpkgs # dragnpkgs
this is my personal nixos modules and packages repository. while it was designed for my own use, this is my personal nixos modules and packages repository. while it was designed for my own use,
it's also intended to be flexible and reusable enough for general purpose usage. i might consider it's also intended to be flexible and reusable enough for general purpose usage
upstreaming into nixpkgs if there is sufficient interest
dragnpkgs provides the following
- a set of package definitions, in `pkgs/`, which provide packages not in `nixpkgs`, some of my own
libraries and utilities, and rewrites/patches of upstream packages to suit my needs
- the top level overlay is located in `overlay.nix`, in a similar style as nixpkgs
`all-packages.nix`
- a set of nixos modules, in `modules/`
- a module including all of the other modules is located at `module.nix`
- utilities, in `lib/` and contained within `flake.nix`
- flake templates, in `templates/`
- a full wrapper around `nixpkgs` which includes the package set and nixos modules by default, and
changes the default nix implementation to `lix`, so this repo can be used in place of the
`nixpkgs` flake
## licensing
this repository is NOT licensed under a "standard" FOSS license. instead, it uses [CC-BY-NC-SA
4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/deed.en). this means, in particular that
commercial use is forbidden. if you are, for whatever reason, interested in using this code
commercially, please contact me
additionally, several package definitions included in this repo point to packages which have their
own noteworthy licensing (including, for example, unfree and non-redistributable game server
software). make sure you are following the license requirements, which can be found in
`meta.license` for each package
## usage ## usage
dragnpkgs provides a set of nixos modules and a nixpkgs overlay containing custom packages. the
modules require the overlay
### non-flake
since i use flakes now (sigh!!!) i'm not supporting non-flake usage anymore. if you read the files since i use flakes now (sigh!!!) i'm not supporting non-flake usage anymore. if you read the files
in the repo there's a way to do it probably in the repo there's a way to do it probably
### flake
for flake usage, add this repo as an input and don't input nixpkgs at all, since we fully wrap it for flake usage, add this repo as an input and don't input nixpkgs at all, since we fully wrap it
```nix ```nix
{ {
inputs = { inputs = {
# for nixos-24.11 # for nixos-25.05
dragnpkgs.url = "git+https://git.lain.faith/haskal/dragnpkgs.git?ref=nixos-24.11"; dragnpkgs.url = "git+https://git.lain.faith/haskal/dragnpkgs.git?ref=nixos-25.05";
# for nixos-unstable # for nixos-unstable
dragnpkgs.url = "git+https://git.lain.faith/haskal/dragnpkgs.git?ref=main"; dragnpkgs.url = "git+https://git.lain.faith/haskal/dragnpkgs.git?ref=main";
@ -47,159 +64,81 @@ flake.nix for details
dragnpkgs-specific registration mechanism for these that is enabled by default, see dragnpkgs-specific registration mechanism for these that is enabled by default, see
`options.dragnpkgs` `options.dragnpkgs`
- in flake.nix but not in module.nix: disable channels - in flake.nix but not in module.nix: disable channels
- add lix cache and its keys to substitutors
- enable experimental features `nix-command flakes repl-flake` - enable experimental features `nix-command flakes repl-flake`
- disable the default flake registry. i think it's cringe - disable the default flake registry. i think it's cringe
- add a repl overlay that adds some useful utilities to `nix repl` -- see repl-overlay.nix for - add a repl overlay that adds some useful utilities to `nix repl` -- see repl-overlay.nix for
details details
- provides a flake pure eval mode bypass via a lix plugin for allowlisting certain unfree licenses
that can be enabled when the user has permission to use packages with those licenses. this allows
usage of those packages without needing to set `NIXPKGS_ALLOW_UNFREE=1` and passing `--impure`,
which i find very clunky
also note that overriding inputs to the flake won't necessarily work because of the way nixpkgs also note that overriding inputs to the flake won't necessarily work because of the way nixpkgs
registers itself with the system. this requires really annoying hacks to get working at all. if you registers itself with the system. this requires really annoying hacks to get working at all. if you
want to depend on `dragnpkgs` with a different version of `nixpkgs` (ie not 24.11 or unstable), want to depend on `dragnpkgs` with a different version of `nixpkgs` (ie not 24.11 or unstable),
clone the repo and recreate `flake.lock`. aren't flakes so cool and fun!!!! clone the repo and recreate `flake.lock`. aren't flakes so cool and fun!!!!
## options documentation ## flake lib documentation
documentation for options provided by dragnpkgs These utilities are provided by the dragnpkgs flake.
### `dragnpkgs.lib.mkFlake attrs`
### [`services.ghidra-server`](./modules/ghidra-server) This provides a small utility for defining flakes in a way that avoids some of the pain related to
the shared project server for [ghidra](https://ghidra-sre.org) flake attributes being keyed by `system`. `attrs` is an attribute set similar to what would normally
be returned for `outputs`, but the keys `packages`, `legacyPackages`, `devShells`, and `apps` are
written in `callPackage` style
For example:
example usage:
```nix ```nix
services.ghidra-server = { outputs = { self, dragnpkgs }: dragnpkgs.lib.mkFlake {
enable = true; devShells.default = {
host = "your.domain.or.ip"; mkShell,
hello,
}: mkShell {
packages = [
hello
];
};
}; };
``` ```
#### services.ghidra-server.enable Currently there is no mechanism to access `system`-keyed attributes from another `system`-keyed
attribute, so it must be done manually using `system` in the arguments to the `callPackage`-style
function. For example:
enables the ghidra server service ```nix
outputs = { self, dragnpkgs }: dragnpkgs.lib.mkFlake {
packages.default = {
stdenv,
mydependency,
}: stdenv.mkDerivation {
pname = "mypackage";
version = "DEV";
#### services.ghidra-server.enableAdminCli (`true`) src = ./.;
adds a system package for the CLI tool `ghidra-svrAdmin`, which allows anyone in the `ghidra` group buildInputs = [ mydependency ];
to administer the server (this corresponds to the `server/svrAdmin` tool in the stock ghidra };
distribution)
#### services.ghidra-server.{package, jdkPackage} (`ghidra_headless`, `openjdk21_headless`) devShells.default = {
mkShell,
allows overriding the ghidra package and jdk package used for the server system,
}: mkShell {
#### services.ghidra-server.host packages = [
self.packages.${system}.default
the server hostname or IP; this is typically required (by java RMI) for correct operation ];
};
#### services.ghidra-server.basePort (`13100`) };
the server will use 3 consecutive TCP ports starting from this port
#### services.ghidra-server.directory (`ghidra-server`)
the root directory for server files, as a subdirectory of `/var/lib`. this is needed because this
option is passed to systemd `StateDirectory=`
#### services.ghidra-server.{user,group} (`ghidra`)
the service user and group
### more coming soon(tm)
## packages documentation
### [`ghidra_headless`](./default.nix)
a variant of ghidra which does not have a dependency on any jdk, intended to
reduce closure size for server operation with a headless jdk (in particular,
the ghidra-server nixos module uses `ghidra_headless` with `openjdk21_headless`
by default
### [`ghidra`](./pkgs/ghidra-xenia/build.nix)
a version of ghidra that uses a split derivation, `lib` contains the core
ghidra distribution, `doc` contains all the documentation elements, and `out`
contains the bin folder, icons, and desktop file. only `out` has a dependency
on the build jdk, so `lib` and `doc` can be used with reduced closure size
### [`kicad`](./pkgs/kicad-xenia/default.nix)
preview version of kicad with my patches
### [`ocamlPackages.ppx_unicode`](./pkgs/ocaml/ppx_unicode)
opinionated ppx for string literals: <https://git.lain.faith/haskal/ppx_unicode>
### [`ocamlPackages.xlog`](./pkgs/ocaml/xlog)
logging for cats, in ocaml: <https://git.lain.faith/haskal/xlog>
### [`ocamlPackages.systemd-ml`](./pkgs/ocaml/systemd-ml)
libsystemd implementation in native ocaml: <https://git.lain.faith/haskal/systemd-ml>
### [`ocamlPackages.ocaml-manual`](./pkgs/ocaml/ocaml-manual)
the ocaml html docs package from opam
### [`python312Packages.feedvalidator` or `feedvalidator`](./pkgs/python/feedvalidator)
the W3C atom/RSS feed validator library, <https://github.com/w3c/feedvalidator>
this package comes with an additional CLI bin, `feedvalidator`, which is a simple wrapper around the
library that enables CLI usage
usage
```
usage: feedvalidator [-h] [-b BASE] file
W3C feedvalidator
positional arguments:
file File to validate
options:
-h, --help show this help message and exit
-b BASE, --base BASE Base URL of document
``` ```
example Future work is planned to make this easier.
```bash
feedvalidator --base "https://my-base-url/atom.xml" path/to/atom.xml
```
### [`outer-wilds-text-adventure`](./pkgs/games/outer-wilds-text-adventure)
nix packaging for the Outer Wilds text adventure game. it should work by default on NixOS. if using
the nix package manager on a non-NixOS computer, you also need the following when using pipewire or
another ALSA plugin that lives in a separate package
```bash
export ALSA_PLUGIN_DIR=$(nix eval -f '<nixpkgs>' --raw pipewire)/lib/alsa-lib
```
### [`eta`](./pkgs/cmdline/eta)
Generic tool for monitoring ETA and progress of an arbitrary process.
<https://github.com/aioobe/eta>
### [`zbasefind`](./pkgs/rust/zbasefind)
Command line tool to guess the base address of a raw firmware binary (zoomer edition).
<https://git.lain.faith/haskal/zbasefind.git>
### [`cado-nfs`](./pkgs/crypto/cado-nfs)
Cado-NFS, An Implementation of the Number Field Sieve Algorithm
<https://gitlab.inria.fr/cado-nfs/cado-nfs>
## lib documentation ## lib documentation
These utilities are provided by the dragnpkgs overlay
### [`fetchFromSteam`](./lib/fetchsteam) ### [`fetchFromSteam`](./lib/fetchsteam)
a fetcher that downloads binaries from [Steam](https://store.steampowered.com/) using a fetcher that downloads binaries from [Steam](https://store.steampowered.com/) using
@ -229,7 +168,8 @@ pkgs.fetchFromSteam {
### [`fetchb4`](./lib/fetchb4) ### [`fetchb4`](./lib/fetchb4)
A fetcher that uses `b4` to download patchsets from <https://lore.kernel.org> so that they can be applied in `boot.kernelPatches` A fetcher that uses `b4` to download patchsets from <https://lore.kernel.org> so that they can be
applied in `boot.kernelPatches`
Usage: Usage:
@ -244,7 +184,8 @@ pkgs.fetchb4 {
} }
``` ```
note that not specifying a version may make cause future invocations to return different output if a newer version is sent to the thread note that not specifying a version may make cause future invocations to return different output if a
newer version is sent to the thread
### [`mkNginxServer`](./lib/dev-nginx) ### [`mkNginxServer`](./lib/dev-nginx)
@ -263,24 +204,6 @@ pkgs.mkNginxServer {
} }
``` ```
### [`gitSource`](./lib/git-source)
for development package nix files, computes the source set of files tracked by git at the given root
path
arguments:
- `root`: the root of the git repo, where `.git` is located
- `subdir`, optional: a subdirectory within the git repo. if provided, only files in this
subdirectory will go into the final source set
example:
```nix
stdenv.mkDerivation {
# ...
src = gitSource { root = ./.; };
}
```
### [`makeSquashFs`](./lib/make-squashfs) ### [`makeSquashFs`](./lib/make-squashfs)
builds a squashfs image from the given derivations builds a squashfs image from the given derivations
@ -298,20 +221,412 @@ makeSquashFs {
create a packaged nix distribution with the given packages in it for weird HPC systems. go read the create a packaged nix distribution with the given packages in it for weird HPC systems. go read the
source to find out what it does; i don't recommend using this if you're not me source to find out what it does; i don't recommend using this if you're not me
## development ### [`lib.licenses.fyptl`](./lib/licenses/fyptl.nix)
structure of this repo The "Fuck You, Pirate This License" (FYPTL) is the author's version of a software non-license, which
- `default.nix`: the top level NixOS module, which can also be interpreted as a plain nix file explicitly does not grant any rights to use, modify, or redistribute a given piece of software, but
outside of NixOS for access to just the nixpkgs overlay. this contains all definitions for does disclaim warranty.
packages, library functions, and NixOS modules
- `lib/`: library functions (ie functions that get added to the overlay) go here
- `modules/`: NixOS modules go here
- `pkgs/`: packages that get added to the overlay go here
- `support/`: WIP support tools (eg generating documentation)
## licensing ## nixos options documentation
this repository is NOT licensed under a "standard" FOSS license. instead, it uses documentation for nixos options provided by dragnpkgs
[CC-BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/deed.en). this means, in
particular that commercial use is forbidden. if you are, for whatever reason, interested in using ### [`dragnpkgs`](./flake.nix)
this code commercially, please contact me
options for configuring dragnpkgs
### [`dragnpkgs.setFlakeRegistry`](./flake.nix) (`true`)
Set flake registry option pointing to self
### [`dragnpkgs.setNixPath`](./flake.nix) (`true`)
Set nix path entry pointing to self
### [`dragnpkgs.setNixpkgsFlakeAlias`](./flake.nix) (`true`)
Set flake registry entry for `nixpkgs` to self
### [`dragnpkgs.setTemplatesFlakeAlias`](./flake.nix) (`true`)
Set flake registry entry for `templates` to self
### [`dragnpkgs.possiblyCommitCrimes`](./flake.nix) (`false`)
Globally enable usage of packages marked as FYPTL. This installs a nix plugin, which is widely
considered to be a nix crime, and it also might be an actual crime to use these packages depending
on you jurisdiction. Use at your own risk
### [`services.ghidra-server`](./modules/ghidra-server)
the shared project server for [ghidra](https://github.com/NationalSecurityAgency/ghidra)
example usage:
```nix
services.ghidra-server = {
enable = true;
host = "your.domain.or.ip";
};
```
##### development notes
the module does the following:
- sets up unix permissions on the ghidra repositories location that allows anyone in the `ghidra`
group to run `ghidra-svrAdmin` to perform admin tasks
- only supports basic username/password authentication for the time being
- parses the classpath file for the ghidra server which is normally read by the launcher, and uses
it to launch the server directly, without using the launcher. this was done because the launcher
was doing several things that were unwanted / could be better handled by systemd and journald, and
it was complicated to turn them off. this also allows us to customize the jvm args more easily
- provides a log4j configuration that causes all logs to be sent to the system journal. this
effectively disables any ghidra-server-specific logfile management
- sets the most basic isolation parameters (`PrivateTmp=true` and `NoNewPrivileges=true`), but more
work could be done to secure the ghidra server service
#### `services.ghidra-server.enable`
enables the ghidra server service
#### `services.ghidra-server.enableAdminCli` (`true`)
adds a system package for the CLI tool `ghidra-svrAdmin`, which allows anyone in the `ghidra` group
to administer the server (this corresponds to the `server/svrAdmin` tool in the stock ghidra
distribution)
#### `services.ghidra-server.{package, jdkPackage}` (`ghidra_headless`, `openjdk21_headless`)
allows overriding the ghidra package and jdk package used for the server
#### `services.ghidra-server.host`
the server hostname or IP; this is typically required (by java RMI) for correct operation
#### `services.ghidra-server.basePort` (`13100`)
the server will use 3 consecutive TCP ports starting from this port
#### `services.ghidra-server.directory` (`ghidra-server`)
the root directory for server files, as a subdirectory of `/var/lib`. this is needed because this
option is passed to systemd `StateDirectory=`
#### `services.ghidra-server.{user,group}` (`ghidra`)
the service user and group
### [`programs.ghidra`](./modules/ghidra-client/default.nix)
like upstream, but patches an issue with loading python packages in the ghidra debug feature
additionally, provides a way to specify extensions
#### `programs.ghidra.extensions`
Ghidra extensions to be included in the installation.
example:
```
[ (ps: with ps; [ binsync ]) ]
```
#### `programs.ghidra.binsync.enable`
enable binsync integration
### [`programs.idapro`](./modules/idapro/default.nix)
Enables IDA Pro in the system environment, with optional plugin config.
This also directs IDA Pro to use `~/.config/idapro` as its main user config directory, instead of
`~/.idapro`. Unfortunately, as of IDA Pro 9.2, `~/.idapro` still gets created, though it will be
empty.
#### `programs.idapro.enable`
Whether to enable IDA Pro
#### `programs.idapro.package`
The IDA Pro package to use
#### `programs.idapro.binsync.enable`
Enables binsync integration with IDA Pro
### [`environment.machineInfo`](./modules/machine-info/default.nix)
provides options to customize the `/etc/machine-info` file on a NixOS system. See the module itself
and <https://www.freedesktop.org/software/systemd/man/latest/machine-info.html> for more info
### [`services.satisfactory`](./modules/satisfactory-dedicated-server/default.nix)
The dedicated server for the game [Satisfactory](https://satisfactorygame.com)
This module provides the needed runtime environment for the dedicated server to run on NixOS, as
well as settings which can be automatically applied to provision the server on the first start (eg
server name, admin password). This provisioning needs to be done at runtime, due to the way the
server works, but it will be performed securely, before the server is exposed to the network for the
first time. This means you can safely deploy the server to the public internet without worrying
about exposing the "unclaimed" initial server mode, where any user could gain full privileges.
##### development notes
this module does the following:
- sets up `satisfactory.service` with some systemd isolation options and
notably, a private mount namespace in which the nix store path for the server
is mounted together with some overmounts for read-write directories within
the installation. this allows the software to "write to its own install
directory" which is required for operation. the real location of the written
files is in `/var/lib/satisfactory`
- if certs are provided, the systemd credentials mechanism is used to make them
available to the server process. another bind overmount is used to put the
credentials dir in the place that the server binary expects. additionally,
`satisfactory-restart-certs.service` is configured to restart the dedicated
server whenever the cert is renewed
- when the first-run options are specified,
`satisfactory-first-time-setup.service` is configured as a dependency with a
condition on the data file the server uses to store its settings. if the file
exists, the first-run setup is skipped. in this service,
`PrivateNetwork=true` is used to isolate the service from the network while a
bash script executes HTTP API calls to perform the requested setup. once this
is done, the server is shut down and execution will proceed to the main
`satisfactory.service`
this is mostly still in line with [a blog post i wrote on the
topic](https://blog.awoo.systems/posts/2024-01-12-going-win32-scale-packaging-the-satisfactory-dedicated-server-on-nixos)
but there have been some changes since then that are not reflected in the post
#### `services.satisfactory.enable`
enables the satisfactory dedicated server service
#### `services.satisfactory.package` (`pkgs.satisfactory-dedicated-server`)
the package to use for the service
#### `services.satisfactory.directory` (`"/var/lib/satisfactory"`)
Directory where Satisfactory Dedicated Server data will be stored
#### `services.satisfactory.{user,group}` (`"satisfactory"`)
User account and group under which Satisfactory Dedicated Server runs
#### `services.satisfactory.useACMEHost` (`null`)
If set, the server will use the ACME-provided TLS certificate for the given host.
Note that this module does not actually provision the specified certificate; you must use additional
config (e.g., `services.nginx.virtualHosts.<name>.enableACME = true`) to provision the certificate
using a supported ACME method.
#### `services.satisfactory.port` (`7777`)
Server port number (TCP/UDP)
This corresponds to the `-Port` command line option.
#### `services.satisfactory.reliablePort` (`8888`)
Server reliable port number
This corresponds to the `-ReliablePort` command line option.
#### `services.satisfactory.externalReliablePort` (`null`)
Server reliable port number as seen outside NAT.
This corresponds to the `-ExternalReliablePort` command line option.
#### `services.satisfactory.disableSeasonalEvents` (`false`)
Whether to run the server with seasonal events disabled.
This corresponds to the `-DisableSeasonalEvents` command line option.
#### `services.satisfactory.extraIniOptions` (`{}`)
Run the server with additional ini configuration values.
This is a nested attribute set of values.
- The top level attribute specifies the ini file containing the value to set (i.e., the
first component of the `-ini` command line option), for example `Game` or `Engine`.
- The secondary level attribute specifies the ini file category, without brackets,
for example `/Script/Engine.GameSession`.
- The final level attribute specifies the option name to set, for example
`MaxPlayers`. The value of the attribute is the value to set on the command line.
This corresponds to the `-ini` command line option.
#### `services.satisfactory.initialSettings`
Settings to apply to the server via the server API on the first run.
#### `services.satisfactory.initialSettings.serverName` (`null`)
The name of the server.
If this is provided, `adminPasswordFile` must also be set.
#### `services.satisfactory.initialSettings.adminPasswordFile` (`null`)
Path to a file containing the initial admin password.
If this is provided, `serverName` must also be set.
#### `services.satisfactory.initialSettings.clientPasswordFile` (`null`)
Path to a file containing the initial client password. If not set, the server will
not be configured with a client password and will be accessible to any client.
### [`hardware.wirelessRegulatoryDomain`](./modules/regdom/default.nix)
The wireless regulatory domain to set in the kernel `cfg80211` module. This defaults to `"00"`
(international), but more bands (such as 6GHz, on supported hardware) can be enabled by setting this
to the jurisdiction in which the machine is located, for example `"US"`.
## packages documentation
### [`ghidra`](./pkgs/reverse-engineering/ghidra/build.nix)
a version of ghidra that uses a split derivation, `lib` contains the core ghidra distribution, `doc`
contains all the documentation elements, and `out` contains the bin folder, icons, and desktop file.
only `out` has a dependency on the build jdk, so `lib` and `doc` can be used with reduced closure
size
### [`ghidra_headless`](./pkgs/reverse-engineering/ghidra/build.nix)
a variant of ghidra which does not have a dependency on any jdk, intended to reduce closure size for
server operation with a headless jdk (in particular, the ghidra-server nixos module uses
`ghidra_headless` with `openjdk21_headless` by default
this is equivalent to the `lib` output of the split `ghidra` package
### [`ghidra-extensions`](./pkgs/reverse-engineering/ghidra/extensions)
like upstream, but contains additional extensions:
- `binsync-ghidra`: the binsync `ghidra_scripts` installation packaged as an extension, so it can be
installed at the system level
### [`ocamlPackages.ppx_unicode`](./pkgs/ocaml/ppx_unicode)
opinionated ppx for string literals: <https://git.lain.faith/haskal/ppx_unicode>
### [`ocamlPackages.xlog`](./pkgs/ocaml/xlog)
logging for cats, in ocaml: <https://git.lain.faith/haskal/xlog>
### [`ocamlPackages.systemd-ml`](./pkgs/ocaml/systemd-ml)
libsystemd implementation in native ocaml: <https://git.lain.faith/haskal/systemd-ml>
### [`ocamlPackages.ocaml-manual`](./pkgs/ocaml/ocaml-manual)
the ocaml html docs package from opam
### [`ocamlPackages.patdiff-bin`](./pkgs/ocaml/patdiff-bin)
a repackaged version of `ocamlPackages.patdiff` with a reduced closure size
### [`python312Packages.feedvalidator` or `feedvalidator`](./pkgs/python/feedvalidator)
the W3C atom/RSS feed validator library, <https://github.com/w3c/feedvalidator>
this package comes with an additional CLI bin, `feedvalidator`, which is a simple wrapper around the
library that enables CLI usage
usage
```
usage: feedvalidator [-h] [-b BASE] file
W3C feedvalidator
positional arguments:
file File to validate
options:
-h, --help show this help message and exit
-b BASE, --base BASE Base URL of document
```
example
```bash
feedvalidator --base "https://my-base-url/atom.xml" path/to/atom.xml
```
### [`python312Packages.megacom` or `megacom`](./pkgs/python/megacom)
a python utility to access serial ports from the command line
### [`python311Packages.binsync` and `python311Packages.libbs`](./pkgs/reverse-engineering/binsync)
packaged latest versions of binsync and libbs from git
### [`outer-wilds-text-adventure`](./pkgs/games/outer-wilds-text-adventure)
nix packaging for the Outer Wilds text adventure game. it should work by default on NixOS. if using
the nix package manager on a non-NixOS computer, you also need the following when using pipewire or
another ALSA plugin that lives in a separate package
```bash
export ALSA_PLUGIN_DIR=$(nix eval -f '<nixpkgs>' --raw pipewire)/lib/alsa-lib
```
### [`satisfactory-dedicated-server`](./pkgs/games/satisfactory-dedicated-server)
The dedicated server for [Satisfactory](https://satisfactorygame.com), with packaging steps to make
it run correctly on NixOS. This must be used together with the NixOS module
(`services.satisfactory`), which sets up the environment needed for the server to execute.
See
[`services.satisfactory`](#services-satisfactory-modules-satisfactory-dedicated-server-default-nix)
for further info and development notes
### [`eta`](./pkgs/cmdline/eta)
Generic tool for monitoring ETA and progress of an arbitrary process.
<https://github.com/aioobe/eta>
### [`zbasefind`](./pkgs/rust/zbasefind)
Command line tool to guess the base address of a raw firmware binary (zoomer edition).
<https://git.lain.faith/haskal/zbasefind.git>
### [`cado-nfs`](./pkgs/crypto/cado-nfs)
Cado-NFS, An Implementation of the Number Field Sieve Algorithm
<https://gitlab.inria.fr/cado-nfs/cado-nfs>
### [`lix-plugins`](./pkgs/lix/lix-plugins)
A plugin module for lix which provides the flake pure eval bypass which can be enabled using the
dragnpkgs flake.
### [`zfs_2_3`](./pkgs/zfs/)
A version of ZFS with a patch for the `zed` userspace daemon to enable desktop notifications on ZFS
errors. This makes ZFS a bit more reasonable to run on GUI systems
### [`pympress`](./pkgs/python/pympress)
A version of [pympress](https://cimbali.github.io/pympress/) with a patch to fix the window icon on
KDE
### [`texliveDragonPackages.moloch`](./pkgs/tex/moloch)
A version of the [moloch](https://jolars.co/blog/2024-05-30-moloch/) beamer theme with [some
patches](https://git.lain.faith/haskal/moloch-dragon/) to make it easier to use with pympress and
fix an issue with appendix slide numbering
### [`idapro`](./pkgs/reverse-engineering/idapro9/default.nix)
Nix packaging for IDA Pro (see the file for details on how to use it)

9
TODO.md
View File

@ -1,7 +1,12 @@
# TODO # TODO
## upstream ## `ghidra`
- fix kicad desktop file name
- wrap/expose pyghidraRun so it works correctly
- export passthru python packages
- pyghidra packages
- type stubs
- lower priority: gdb, lldb
## `ghidra-server` ## `ghidra-server`

33
flake.lock
View File

@ -1,52 +1,37 @@
{ {
"nodes": { "nodes": {
"lix": {
"flake": false,
"locked": {
"lastModified": 1737234286,
"narHash": "sha256-CCKIAE84dzkrnlxJCKFyffAxP3yfsOAbdvydUGqq24g=",
"rev": "2837da71ec1588c1187d2e554719b15904a46c8b",
"type": "tarball",
"url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/2837da71ec1588c1187d2e554719b15904a46c8b.tar.gz?rev=2837da71ec1588c1187d2e554719b15904a46c8b"
},
"original": {
"type": "tarball",
"url": "https://git.lix.systems/lix-project/lix/archive/2.92.0.tar.gz"
}
},
"lix-module": { "lix-module": {
"flake": false, "flake": false,
"locked": { "locked": {
"lastModified": 1742943028, "lastModified": 1756125859,
"narHash": "sha256-fprwZKE1uMzO9tiWWOrmLWBW3GPkMayQfb0xOvVFIno=", "narHash": "sha256-6a+PWILmqHCs9B5eIBLg6HSZ8jYweZpgOWO8FlyVwYI=",
"rev": "868d97695bab9d21f6070b03957bcace249fbe3c", "rev": "d3292125035b04df00d01549a26e948631fabe1e",
"type": "tarball", "type": "tarball",
"url": "https://git.lix.systems/api/v1/repos/lix-project/nixos-module/archive/868d97695bab9d21f6070b03957bcace249fbe3c.tar.gz?rev=868d97695bab9d21f6070b03957bcace249fbe3c" "url": "https://git.lix.systems/api/v1/repos/lix-project/nixos-module/archive/d3292125035b04df00d01549a26e948631fabe1e.tar.gz?rev=d3292125035b04df00d01549a26e948631fabe1e"
}, },
"original": { "original": {
"type": "tarball", "type": "tarball",
"url": "https://git.lix.systems/lix-project/nixos-module/archive/2.92.0-3.tar.gz" "url": "https://git.lix.systems/lix-project/nixos-module/archive/2.93.3-2.tar.gz"
} }
}, },
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1748370509, "lastModified": 1756617294,
"narHash": "sha256-QlL8slIgc16W5UaI3w7xHQEP+Qmv/6vSNTpoZrrSlbk=", "narHash": "sha256-aGnd4AHIYCWQKChAkHPpX+YYCt7pA6y2LFFA/s8q0wQ=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "4faa5f5321320e49a78ae7848582f684d64783e9", "rev": "b4c2c57c31e68544982226d07e4719a2d86302a8",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "NixOS", "owner": "NixOS",
"ref": "nixos-unstable", "ref": "nixos-25.05",
"repo": "nixpkgs", "repo": "nixpkgs",
"type": "github" "type": "github"
} }
}, },
"root": { "root": {
"inputs": { "inputs": {
"lix": "lix",
"lix-module": "lix-module", "lix-module": "lix-module",
"nixpkgs": "nixpkgs" "nixpkgs": "nixpkgs"
} }

110
flake.nix
View File

@ -2,26 +2,25 @@
description = "dragnpkgs together with nixpkgs and lix"; description = "dragnpkgs together with nixpkgs and lix";
inputs = { inputs = {
nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable"; nixpkgs.url = "github:NixOS/nixpkgs/nixos-25.05";
lix-module = { lix-module = {
url = "https://git.lix.systems/lix-project/nixos-module/archive/2.92.0-3.tar.gz"; url = "https://git.lix.systems/lix-project/nixos-module/archive/2.93.3-2.tar.gz";
flake = false;
};
lix = {
url = "https://git.lix.systems/lix-project/lix/archive/2.92.0.tar.gz";
flake = false; flake = false;
}; };
}; };
outputs = { self, nixpkgs, lix, lix-module }: outputs = { self, nixpkgs, lix-module }:
let let
overlays = [ overlays = [
(import ./overlay.nix) (import ./overlay.nix)
(import "${lix-module}/overlay.nix" { inherit lix; }) (import "${lix-module}/overlay.nix" { lix = null; })
]; ];
forAllSystems = nixpkgs.lib.genAttrs nixpkgs.lib.systems.flakeExposed; forAllSystems = nixpkgs.lib.genAttrs nixpkgs.lib.systems.flakeExposed;
libVersionInfoOverlay = import "${nixpkgs}/lib/flake-version-info.nix" nixpkgs;
# this is taken from upstream. if upstream changes, the code here needs to be updated to match
addLibVersionInfo = lib: lib.extend libVersionInfoOverlay;
lib-base = addLibVersionInfo (import "${nixpkgs}/lib");
in { in {
# we don't just use nix.registry.whatever.flake = self # we don't just use nix.registry.whatever.flake = self
# the reason for this is to be able to handle a flake.lock containing an entry for this # the reason for this is to be able to handle a flake.lock containing an entry for this
@ -29,21 +28,54 @@
# self reference in the registry to be downloadable by URL in case it makes it into a # self reference in the registry to be downloadable by URL in case it makes it into a
# flake.lock # flake.lock
meta.registry-entry = { meta.registry-entry = {
from = { id = "dragnpkgs-unstable"; type = "indirect"; }; from = { id = "dragnpkgs"; type = "indirect"; };
to = { to = {
type = "git"; type = "git";
url = "https://git.lain.faith/haskal/dragnpkgs.git"; url = "https://git.lain.faith/haskal/dragnpkgs.git";
ref = "main"; ref = "nixos-25.05";
} // self.lib.filterAttrs } // self.lib.filterAttrs
(n: _: n == "lastModified" || n == "rev" || n == "revCount" || n == "narHash") (n: _: n == "lastModified" || n == "rev" || n == "revCount" || n == "narHash")
self; self;
}; };
# the nix path entry for self # the nix path entry for self
meta.path-entry = "dragnpkgs-unstable=flake:dragnpkgs-unstable"; meta.path-entry = "dragnpkgs=flake:dragnpkgs";
lib = nixpkgs.lib.extend (final: prev: { lib = (lib-base.extend (import ./lib/overlay.nix)).extend (final: prev: {
licenses = prev.licenses // { fyptl = import ./lib/licenses/fyptl.nix; }; # initializes regular upstream nixpkgs with the given arguments
nixpkgs-custom = { system, ... } @ args: (
(import "${nixpkgs}" args).extend (final: prev: {
lib = addLibVersionInfo prev.lib;
})
);
# initializes dragnpkgs with its overlays and default config using the given arguments
dragnpkgs-custom = { system, ... } @ args: let
unsafeConf = if builtins.hasAttr "extraBuiltins" builtins then (
let conf = builtins.extraBuiltins; in
if builtins.isAttrs conf then conf else {}
) else {};
possiblyCommitCrimes =
if
builtins.hasAttr "dragnpkgs" unsafeConf &&
builtins.isAttrs unsafeConf.dragnpkgs &&
builtins.hasAttr "possiblyCommitCrimes" unsafeConf.dragnpkgs &&
builtins.isBool unsafeConf.dragnpkgs.possiblyCommitCrimes
then
unsafeConf.dragnpkgs.possiblyCommitCrimes
else
false;
in
final.nixpkgs-custom (args // {
overlays = overlays ++ (args.overlays or []);
config = (args.config or {}) // {
allowlistedLicenses = (final.optionals
possiblyCommitCrimes
[ final.licenses.fyptl ]) ++ (args.config.allowlistedLicenses or []);
};
});
nixos = import "${nixpkgs}/nixos/lib" { lib = final; };
nixosSystem = args: nixosSystem = args:
import "${nixpkgs}/nixos/lib/eval-config.nix" ( import "${nixpkgs}/nixos/lib/eval-config.nix" (
@ -122,17 +154,17 @@
}; };
}; };
config.nix.registry.dragnpkgs-unstable = config.nix.registry.dragnpkgs =
lib.mkIf config.dragnpkgs.setFlakeRegistry self.meta.registry-entry; lib.mkIf config.dragnpkgs.setFlakeRegistry self.meta.registry-entry;
config.nix.registry.nixpkgs = lib.mkIf config.dragnpkgs.setNixpkgsFlakeAlias { config.nix.registry.nixpkgs = lib.mkIf config.dragnpkgs.setNixpkgsFlakeAlias {
from = { id = "nixpkgs"; type = "indirect"; }; from = { id = "nixpkgs"; type = "indirect"; };
to = { id = "dragnpkgs-unstable"; type = "indirect"; }; to = { id = "dragnpkgs"; type = "indirect"; };
}; };
config.nix.registry.templates = lib.mkIf config.dragnpkgs.setTemplatesFlakeAlias { config.nix.registry.templates = lib.mkIf config.dragnpkgs.setTemplatesFlakeAlias {
from = { id = "templates"; type = "indirect"; }; from = { id = "templates"; type = "indirect"; };
to = { id = "dragnpkgs-unstable"; type = "indirect"; }; to = { id = "dragnpkgs"; type = "indirect"; };
}; };
config.nix.nixPath = lib.mkIf config.dragnpkgs.setNixPath [ config.nix.nixPath = lib.mkIf config.dragnpkgs.setNixPath [
@ -153,8 +185,8 @@
lib.mkForce "/etc/nix/extra-builtins.nix" lib.mkForce "/etc/nix/extra-builtins.nix"
); );
config.environment.etc."nix/extra-builtins.nix".text = config.environment.etc = lib.mkIf config.dragnpkgs.possiblyCommitCrimes {
lib.mkIf config.dragnpkgs.possiblyCommitCrimes ( "nix/extra-builtins.nix".text =
let let
possiblyCommitCrimes = possiblyCommitCrimes =
lib.boolToString config.dragnpkgs.possiblyCommitCrimes; lib.boolToString config.dragnpkgs.possiblyCommitCrimes;
@ -164,7 +196,8 @@
possiblyCommitCrimes = ${possiblyCommitCrimes}; possiblyCommitCrimes = ${possiblyCommitCrimes};
}; };
} }
''); '';
};
}) })
(import ./module.nix) (import ./module.nix)
@ -184,7 +217,8 @@
)); ));
in in
builtins.mapAttrs (name: value: builtins.mapAttrs (name: value:
if name == "packages" || name == "legacyPackages" || name == "devShells" then if name == "packages" || name == "legacyPackages" || name == "devShells" ||
name == "apps" then
rewritePerSystem value rewritePerSystem value
else else
value value
@ -192,41 +226,19 @@
}); });
legacyPackages = forAllSystems (system: legacyPackages = forAllSystems (system:
let self.lib.dragnpkgs-custom { inherit system; }
unsafeConf = if builtins.hasAttr "extraBuiltins" builtins then (
let conf = builtins.extraBuiltins; in
if builtins.isAttrs conf then conf else {}
) else {};
possiblyCommitCrimes =
if
builtins.hasAttr "dragnpkgs" unsafeConf &&
builtins.isAttrs unsafeConf.dragnpkgs &&
builtins.hasAttr "possiblyCommitCrimes" unsafeConf.dragnpkgs &&
builtins.isBool unsafeConf.dragnpkgs.possiblyCommitCrimes
then
unsafeConf.dragnpkgs.possiblyCommitCrimes
else
false;
in
nixpkgs.legacyPackages.${system}.appendOverlays (overlays ++
[(final: prev: {
stdenv = prev.stdenv.override {
config = prev.config // {
allowlistedLicenses = final.lib.optionals
possiblyCommitCrimes
[ final.lib.licenses.fyptl ];
};
};
})])
); );
nixosModules = nixpkgs.nixosModules;
templates = { templates = {
default = { default = {
path = ./templates/default; path = ./templates/default;
description = "A very basic flake (with dragnpkgs)"; description = "A very basic flake (with dragnpkgs)";
}; };
beamer = {
path = ./templates/beamer;
description = "A very basic presentation with Beamer";
};
}; };
defaultTemplate = self.templates.default; defaultTemplate = self.templates.default;

14
lib/git-source/default.nix
View File

@ -1,14 +0,0 @@
{ lib }: { root, subdir ? null }:
let
fs = lib.fileset;
sourceFiles = fs.difference
(fs.gitTracked root)
(fs.fileFilter (file: file.hasExt "nix") root);
finalSourceFiles =
if subdir == null then
sourceFiles
else
fs.intersection sourceFiles subdir;
finalRoot = if subdir == null then root else subdir;
in
fs.toSource { root = finalRoot; fileset = finalSourceFiles; }

3
lib/overlay.nix Normal file
View File

@ -0,0 +1,3 @@
final: prev: {
licenses = prev.licenses // { fyptl = import ./licenses/fyptl.nix; };
}

7
module.nix
View File

@ -1,14 +1,17 @@
{ ... }: { { ... }: {
imports = [ imports = [
./modules/ghidra-client
./modules/ghidra-server ./modules/ghidra-server
./modules/regdom ./modules/idapro
./modules/machine-info ./modules/machine-info
./modules/regdom
./modules/satisfactory-dedicated-server
]; ];
# set some nix settings defaults # set some nix settings defaults
config.nix.settings = { config.nix.settings = {
repl-overlays = [ ./repl-overlay.nix ]; repl-overlays = [ ./repl-overlay.nix ];
experimental-features = "nix-command flakes repl-flake pipe-operator"; experimental-features = "nix-command flakes pipe-operator";
temp-dir = "/var/tmp"; temp-dir = "/var/tmp";
# we're disabling the default flake registry because i don't like it # we're disabling the default flake registry because i don't like it

73
modules/ghidra-client/default.nix Normal file
View File

@ -0,0 +1,73 @@
{
config,
lib,
pkgs,
...
}:
let
cfg = config.programs.ghidra;
isSplit = lib.elem "lib" cfg.package.outputs;
libOutput = if isSplit then cfg.package.lib else cfg.package;
packageWithExts = cfg.package.withExtensions
(p: lib.concatMap (pl: pl p) cfg.extensions);
in
{
disabledModules = [ "programs/ghidra.nix" ];
options.programs.ghidra = {
enable = lib.mkEnableOption "Ghidra, a software reverse engineering (SRE) suite of tools";
gdb = lib.mkOption {
default = true;
type = lib.types.bool;
description = ''
Whether to add to gdbinit the python modules required to make Ghidra's debugger work.
'';
};
package = lib.mkPackageOption pkgs "ghidra" { example = "ghidra_headless"; };
extensions = lib.mkOption {
type = with lib.types; listOf (functionTo (listOf package));
default = [];
description = ''
Ghidra extensions to be included in the installation.
'';
example = lib.literalExpression "[ (ps: with ps; [ my_extension ]) ]";
};
binsync = {
enable = lib.mkEnableOption "Ghidra binsync integration";
};
};
config = lib.mkIf cfg.enable {
programs.ghidra.extensions = lib.mkIf (cfg.binsync.enable) [
(ps: [ ps.binsync ])
];
environment = {
systemPackages = [
packageWithExts
];
etc = lib.mkIf cfg.gdb {
"gdb/gdbinit.d/ghidra-modules.gdb".text = with pkgs.python3.pkgs; ''
python
import sys
[sys.path.append(p) for p in "${
(makePythonPath [
psutil
protobuf
])
}".split(":")]
sys.path.append("${libOutput}/lib/ghidra/Ghidra/Debug/Debugger-agent-gdb/pypkg/src")
sys.path.append("${libOutput}/lib/ghidra/Ghidra/Debug/Debugger-rmi-trace/pypkg/src")
end
'';
};
};
};
}

44
modules/idapro/default.nix Normal file
View File

@ -0,0 +1,44 @@
{
config,
lib,
pkgs,
...
}:
let
cfg = config.programs.idapro;
binsyncPkg = pkgs.python311.pkgs.binsync;
binsyncPath = "${pkgs.python311.pkgs.binsync}/${pkgs.python311.sitePackages}";
idaproConfigured = cfg.package.override {
pythonDeps = lib.optionals cfg.binsync.enable [binsyncPkg];
plugins = lib.optionals cfg.binsync.enable [
(pkgs.runCommand "binsync-ida" {} ''
mkdir -p $out/plugins
cp ${binsyncPath}/binsync/binsync_plugin.py $out/plugins
'')
];
};
in
{
options.programs.idapro = {
enable = lib.mkEnableOption "IDA Pro";
package = lib.mkPackageOption pkgs "idapro" {
example = lib.literalExpression "idapro.override { ... }";
};
binsync = {
enable = lib.mkEnableOption "IDA binsync integration";
};
};
config = lib.mkIf cfg.enable {
environment = {
systemPackages = [
idaproConfigured
];
sessionVariables.IDAUSR = "$HOME/.config/idapro";
};
};
}

420
modules/satisfactory-dedicated-server/default.nix Normal file
View File

@ -0,0 +1,420 @@
{ config, lib, pkgs, ... }:
let
cfg = config.services.satisfactory;
in {
options.services.satisfactory = with lib; {
enable = mkEnableOption "satisfactory";
package = mkPackageOption pkgs "satisfactory-dedicated-server" {};
directory = mkOption {
description = ''
Directory where Satisfactory Dedicated Server data will be stored
'';
default = "/var/lib/satisfactory";
type = types.str;
example = literalExpression "\"/data/games/satisfactory\"";
};
user = mkOption {
description = "User account under which Satisfactory Dedicated Server runs.";
default = "satisfactory";
type = types.str;
example = literalExpression "\"satisfactory2\"";
};
group = mkOption {
description = "Group under which Satisfactory Dedicated Server runs.";
default = "satisfactory";
type = types.str;
example = literalExpression "\"satisfactory2\"";
};
useACMEHost = mkOption {
description = ''
If set, the server will use the ACME-provided TLS certificate for the given host.
Note that this module does not actually provision the specified certificate; you must
use additional config (e.g., `services.nginx.virtualHosts.<name>.enableACME = true`) to
provision the certificate using a supported ACME method.
'';
default = null;
type = types.nullOr types.str;
example = literalExpression "\"myserver.example\"";
};
port = mkOption {
description = ''
Server port number (TCP/UDP)
This corresponds to the `-Port` command line option.
'';
default = 7777;
type = types.port;
example = literalExpression "7778";
};
reliablePort = mkOption {
description = ''
Server reliable port number
This corresponds to the `-ReliablePort` command line option.
'';
default = 8888;
type = types.port;
example = literalExpression "8889";
};
externalReliablePort = mkOption {
description = ''
Server reliable port number as seen outside NAT.
This corresponds to the `-ExternalReliablePort` command line option.
'';
default = null;
type = types.nullOr types.port;
example = literalExpression "12345";
};
disableSeasonalEvents = mkOption {
description = ''
Whether to run the server with seasonal events disabled.
This corresponds to the `-DisableSeasonalEvents` command line option.
'';
default = false;
type = types.bool;
example = literalExpression "true";
};
extraIniOptions = mkOption {
description = ''
Run the server with additional ini configuration values.
This is a nested attribute set of values.
- The top level attribute specifies the ini file containing the value to set (i.e., the
first component of the `-ini` command line option), for example `Game` or `Engine`.
- The secondary level attribute specifies the ini file category, without brackets,
for example `/Script/Engine.GameSession`.
- The final level attribute specifies the option name to set, for example
`MaxPlayers`. The value of the attribute is the value to set on the command line.
This corresponds to the `-ini` command line option.
'';
default = {};
type = with types; attrsOf (attrsOf (attrsOf str));
example = literalExpression ''
{
Game."/Script/Engine.GameSession".MaxPlayers = "8";
}
'';
};
initialSettings = mkOption {
description = ''
Settings to apply to the server via the server API on the first run.
'';
type = types.submodule {
options = {
serverName = mkOption {
description = ''
The name of the server.
If this is provided, `adminPasswordFile` must also be set.
'';
type = with types; nullOr str;
default = null;
example = literalExpression "\"My Dedicated Server\"";
};
adminPasswordFile = mkOption {
description = ''
Path to a file containing the initial admin password.
If this is provided, `serverName` must also be set.
'';
type = with types; nullOr path;
default = null;
example = literalExpression "\"/var/lib/secrets/admin-password.txt\"";
};
clientPasswordFile = mkOption {
description = ''
Path to a file containing the initial client password. If not set, the server will
not be configured with a client password and will be accessible to any client.
'';
type = with types; nullOr path;
default = null;
example = literalExpression "\"/var/lib/secrets/client-password.txt\"";
};
};
};
};
};
config = lib.mkIf cfg.enable {
assertions = [
{
assertion = with cfg.initialSettings; (serverName == null) == (adminPasswordFile == null);
message = ''
When either of services.satisfactory.initialSettings.serverName or
services.satisfactory.initialSettings.adminPasswordFile are set, the other must also be
set. The dedicated server API requires configuring both options simultaneously.
'';
}
{
assertion = with cfg.initialSettings; (clientPasswordFile == null) || (serverName != null);
message = ''
Option services.satisfactory.initialSettings.clientPasswordFile is set, but there are
no options set for the initial server claim data (i.e., serverName and adminPasswordFile).
Setting a client password is not possible without executing a server claim.
'';
}
];
users.users."${cfg.user}" = {
isSystemUser = true;
home = cfg.directory;
group = cfg.group;
createHome = false;
};
users.groups."${cfg.group}" = {};
systemd.tmpfiles.settings."satisfactory" = let
default = {
inherit (cfg) user group;
mode = "0755";
};
in {
"${cfg.directory}".d = default;
"${cfg.directory}/saves".d = default;
"${cfg.directory}/settings".d = default;
"${cfg.directory}/settings/game".d = default;
"${cfg.directory}/settings/engine".d = default;
};
systemd.services = let
base_url = "https://127.0.0.1:${builtins.toString cfg.port}/api/v1/";
binary = "${cfg.directory}/server/Engine/Binaries/Linux/FactoryServer-Linux-Shipping";
ini_list = lib.flatten (
lib.mapAttrsToList (filename: fileOpts:
lib.mapAttrsToList (section: sectionOpts:
lib.mapAttrsToList (key: value:
" -ini:${filename}:[${section}]:${key}=${value}"
) sectionOpts
) fileOpts
) cfg.extraIniOptions
);
ini_args = lib.concatStringsSep " " ini_list;
port = with builtins;
"-Port=${toString cfg.port} -ReliablePort=${toString cfg.reliablePort}";
extport =
if cfg.externalReliablePort == null then
""
else
" -ExternalReliablePort=${builtins.toString cfg.externalReliablePort}";
seasonalEvts =
if cfg.disableSeasonalEvents then
" -DisableSeasonalEvents"
else
"";
args = "${port}${extport}${seasonalEvts}${ini_args}";
server_command = "${binary} FactoryGame ${args}";
doSetup = cfg.initialSettings.serverName != null;
commonConfig = {
after = ["network.target"] ++ lib.optionals (cfg.useACMEHost != null) [
"acme-finished-${cfg.useACMEHost}.target"
];
unitConfig = {
RequiresMountsFor = cfg.directory;
};
serviceConfig = {
Nice = "-5";
User = cfg.user;
Group = cfg.user;
WorkingDirectory = cfg.directory;
StandardOutput = "journal";
LoadCredential = lib.mkIf (cfg.useACMEHost != null) (let
certDir = config.security.acme.certs.${cfg.useACMEHost}.directory;
in [
"cert_chain.pem:${certDir}/fullchain.pem"
"private_key.pem:${certDir}/key.pem"
]);
ProtectSystem = true;
ProtectHome = true;
NoNewPrivileges = true;
# virtualize the file system to synthesize what is read only with what is dedicated server
# game state
PrivateTmp = true;
TemporaryFileSystem = [
"${cfg.directory}:ro"
];
BindReadOnlyPaths = [
"${cfg.package}/opt:${cfg.directory}/server"
];
BindPaths = [
"${cfg.directory}/saves:${cfg.directory}/.config/Epic"
"/var/tmp:${cfg.directory}/server/FactoryGame/Intermediate"
"${cfg.directory}/settings/game:${cfg.directory}/server/FactoryGame/Saved"
"${cfg.directory}/settings/engine:${cfg.directory}/server/Engine/Saved"
] ++ lib.optionals (cfg.useACMEHost != null) [
"%d:${cfg.directory}/server/FactoryGame/Certificates"
];
Restart = "on-failure";
RestartSec = 60;
SuccessExitStatus = 143;
};
};
in {
"satisfactory" = lib.mkMerge [
commonConfig
{
description = "Satisfactory Dedicated Server";
wantedBy = [ "multi-user.target" ];
requires = lib.optionals doSetup ["satisfactory-first-time-setup.service"];
after = lib.optionals doSetup ["satisfactory-first-time-setup.service"];
serviceConfig = {
ExecStart = server_command;
};
}
];
"satisfactory-first-time-setup" = lib.mkIf doSetup (lib.mkMerge [
commonConfig
{
description = "Satisfactory Dedicated Server first-time setup";
path = with pkgs; [
curl
jq
];
unitConfig = {
ConditionPathExists =
"!${cfg.directory}/saves/FactoryGame/Saved/SaveGames/ServerSettings.${builtins.toString cfg.port}.sav";
};
serviceConfig = {
Type = "oneshot";
# isolate satisfactory during configuration
PrivateNetwork = true;
LoadCredential =
(lib.optionals (cfg.initialSettings.adminPasswordFile != null) [
"admin_password.txt:${cfg.initialSettings.adminPasswordFile}"
]) ++ (lib.optionals (cfg.initialSettings.clientPasswordFile != null) [
"client_password.txt:${cfg.initialSettings.clientPasswordFile}"
]);
};
script = ''
set -euo pipefail
set -m
echo Starting server...
${server_command} &
server_pid=$!
server_status=""
for i in {1..5}; do
server_status="$(curl -SsLk -XPOST -H "Content-Type: application/json" \
--data '{"function":"HealthCheck","data":{"clientCustomData":""}}' \
"${base_url}" | jq -r '.data.health' || true)"
if [ "$server_status" == "healthy" ]; then
break
fi
sleep 5
done
if [ "$server_status" != "healthy"; then
echo Server did not report healthy status in time
exit 1
fi
token="$(curl -SsLk -XPOST -H "Content-Type: application/json" \
--data '{"function":"PasswordlessLogin","data":{"MinimumPrivilegeLevel":"InitialAdmin"}}' \
"${base_url}" | jq -r '.data.authenticationToken')"
if [ "$token" == "null" ]; then
echo Server authentication failed
exit 2
fi
echo Executing server claim...
data="$(jq -n \
--arg "serverName" "${cfg.initialSettings.serverName}" \
--rawfile "password" "$CREDENTIALS_DIRECTORY/admin_password.txt" \
'{} |.function="ClaimServer" | .data.ServerName=$serverName | .data.AdminPassword=($password|rtrimstr("\n"))')"
new_token="$(curl -SsLk -XPOST -H "Content-Type: application/json" \
-H "Authorization: Bearer $token" \
--data "$data" \
"${base_url}" | jq -r '.data.authenticationToken')"
if [ "$new_token" == "null" ]; then
echo Server claim failed
exit 2
fi
token="$new_token"
if [ -f "$CREDENTIALS_DIRECTORY/client_password.txt" ]; then
echo Setting client password...
data="$(jq -n \
--rawfile "password" "$CREDENTIALS_DIRECTORY/client_password.txt" \
'{} |.function="SetClientPassword" | .data.Password=($password|rtrimstr("\n"))')"
result="$(curl -SsLk -XPOST -H "Content-Type: application/json" \
-H "Authorization: Bearer $token" \
--data "$data" \
"${base_url}" | jq -r '.data')"
if [ "$result" != "" ]; then
echo "Password set failed: $result"
exit 4
fi
fi
echo Setup complete
echo Stopping server...
kill -SIGTERM $server_pid
wait $server_pid
'';
}
]);
"satisfactory-restart-certs" = lib.mkIf (cfg.useACMEHost != null) {
description = "Restart Satisfactory Dedicated Server after cert provisioning";
wantedBy = ["acme-finished-${cfg.useACMEHost}.target"];
path = [config.systemd.package];
script = ''
systemctl try-restart satisfactory.service
'';
serviceConfig = {
Type = "simple";
};
};
};
};
}

33
overlay.nix
View File

@ -1,25 +1,22 @@
final: prev: { final: prev: {
lib = prev.lib.extend (lfinal: lprev: { lib = prev.lib.extend (import ./lib/overlay.nix);
licenses = lprev.licenses // { fyptl = import ./lib/licenses/fyptl.nix; };
});
fetchFromSteam = prev.callPackage ./lib/fetchsteam {}; fetchFromSteam = prev.callPackage ./lib/fetchsteam {};
fetchb4 = prev.callPackage ./lib/fetchb4 {}; fetchb4 = prev.callPackage ./lib/fetchb4 {};
gitSource = prev.callPackage ./lib/git-source {};
makeSquashFs = prev.callPackage ./lib/make-squashfs {}; makeSquashFs = prev.callPackage ./lib/make-squashfs {};
makeHpcDist = final.callPackage ./lib/make-hpc-dist {}; makeHpcDist = final.callPackage ./lib/make-hpc-dist {};
ghidra_headless = final.ghidra.lib; ghidra_headless = final.ghidra.lib;
# stuff that tracks upstream # stuff that tracks upstream
ghidra = final.callPackage ./pkgs/ghidra-xenia-v2/build.nix { ghidra = final.callPackage ./pkgs/reverse-engineering/ghidra/build.nix {
protobuf = final.protobuf_21; protobuf = final.protobuf_21;
}; };
ghidra-extensions = final.lib.recurseIntoAttrs (final.callPackage ./pkgs/ghidra-xenia-v2/extensions.nix { }); ghidra-extensions = final.lib.recurseIntoAttrs (final.callPackage ./pkgs/reverse-engineering/ghidra/extensions.nix { });
# end stuff that tracks upstream # end stuff that tracks upstream
idapro = final.callPackage ./pkgs/reverse-engineering/idapro9 {};
ocamlPackages = prev.ocamlPackages.overrideScope (ofinal: oprev: { ocamlPackages = prev.ocamlPackages.overrideScope (ofinal: oprev: {
ppx_unicode = ofinal.callPackage ./pkgs/ocaml/ppx_unicode {}; ppx_unicode = ofinal.callPackage ./pkgs/ocaml/ppx_unicode {};
@ -27,18 +24,32 @@ final: prev: {
systemd-ml = ofinal.callPackage ./pkgs/ocaml/systemd-ml {}; systemd-ml = ofinal.callPackage ./pkgs/ocaml/systemd-ml {};
ocaml-manual = ofinal.callPackage ./pkgs/ocaml/ocaml-manual {}; ocaml-manual = ofinal.callPackage ./pkgs/ocaml/ocaml-manual {};
patdiff-bin = ofinal.callPackage ./pkgs/ocaml/patdiff-bin {};
}); });
python312Packages = prev.python312Packages.overrideScope (pfinal: pprev: { python312 = prev.python312.override {
packageOverrides = pfinal: pprev: {
feedvalidator = pfinal.callPackage ./pkgs/python/feedvalidator {}; feedvalidator = pfinal.callPackage ./pkgs/python/feedvalidator {};
megacom = pfinal.callPackage ./pkgs/python/megacom {}; megacom = pfinal.callPackage ./pkgs/python/megacom {};
}); };
};
# add to top level because it has a binary # add to top level because it has a binary
feedvalidator = final.python312Packages.feedvalidator; feedvalidator = final.python312Packages.feedvalidator;
megacom = final.python312Packages.megacom; megacom = final.python312Packages.megacom;
python311 = prev.python311.override {
packageOverrides = pfinal: pprev: {
libbs = pfinal.callPackage ./pkgs/reverse-engineering/binsync/libbs.nix {};
binsync = pfinal.callPackage ./pkgs/reverse-engineering/binsync/binsync.nix {};
};
};
# temporary upgrade so we can actually download satisfactory
depotdownloader = prev.callPackage ./pkgs/temp/depotdownloader {};
outer-wilds-text-adventure = prev.callPackage ./pkgs/games/outer-wilds-text-adventure {}; outer-wilds-text-adventure = prev.callPackage ./pkgs/games/outer-wilds-text-adventure {};
satisfactory-dedicated-server = prev.callPackage ./pkgs/games/satisfactory-dedicated-server {};
mkNginxServer = prev.callPackage ./lib/dev-nginx {}; mkNginxServer = prev.callPackage ./lib/dev-nginx {};
@ -58,4 +69,8 @@ final: prev: {
pympress = prev.pympress.overrideDerivation (oldAttrs: { pympress = prev.pympress.overrideDerivation (oldAttrs: {
patches = [ ./pkgs/python/pympress/0001-Fix-KDE-window-icon.patch ]; patches = [ ./pkgs/python/pympress/0001-Fix-KDE-window-icon.patch ];
}); });
texliveDragonPackages = {
moloch = prev.callPackage ./pkgs/tex/moloch {};
};
} }

43
pkgs/games/satisfactory-dedicated-server/default.nix
View File

@ -7,45 +7,46 @@
}: }:
let let
appId = "1690800"; appId = "1690800";
buildId = "15636842"; buildId = "19876517";
steamworks_sdk = fetchFromSteam { steamworks_sdk = fetchFromSteam {
name = "steamworks-sdk"; name = "steamworks-sdk";
inherit appId; inherit appId;
depot = { depot = {
depotId = "1006"; depotId = "1006";
manifestId = "7138471031118904166"; manifestId = "5587033981095108078";
}; };
hash = "sha256-OtPI1kAx6+9G09IEr2kYchyvxlPl3rzx/ai/xEVG4oM="; hash = "sha256-CjrVpq5ztL6wTWIa63a/4xHM35DzgDR/O6qVf1YV5xw=";
}; };
server_dist = fetchFromSteam { server_dist = fetchFromSteam {
name = "satisfactory-dedicated-server"; name = "satisfactory-dedicated-server";
inherit appId; inherit appId;
depot = { depot = {
depotId = "1690802"; depotId = "1690802";
manifestId = "1910179703516567959"; manifestId = "7620210706575413121";
}; };
hash = "sha256-TxPegZFAwiAzuHgw9xLGr5sAP7KAVMMfPFYL7TRX1O0="; hash = "sha256-jQbtHSBFCDcdycrDjIJBY4DGV7EgITvwv3k3+htZ7io=";
}; };
in stdenv.mkDerivation { in stdenv.mkDerivation {
pname = "satisfactory-dedicated-server"; pname = "satisfactory-dedicated-server";
version = "build-${buildId}"; version = "build-${buildId}";
src = server_dist; src = server_dist;
buildInputs = [ steamworks_sdk ];
propagatedBuildInputs = [ SDL2 ];
dontConfigure = true; dontConfigure = true;
dontBuild = true; dontBuild = true;
installPhase = '' installPhase = ''
mkdir -p $out mkdir -p $out/opt
cp -r . $out/. cp -r . $out/opt/.
cp -r ${steamworks_sdk}/linux64 $out cp -r ${steamworks_sdk}/linux64 $out/opt
mkdir -p $out/FactoryGame/Intermediate mkdir -p $out/opt/FactoryGame/Intermediate
mkdir -p $out/FactoryGame/Saved mkdir -p $out/opt/FactoryGame/Saved
mkdir -p $out/opt/FactoryGame/Certificates
rm $out/FactoryServer.sh mkdir -p $out/opt/Engine/Saved
rm $out/opt/FactoryServer.sh
''; '';
dontStrip = true; dontStrip = true;
@ -56,19 +57,23 @@ in stdenv.mkDerivation {
preFixup = '' preFixup = ''
echo patching binaries echo patching binaries
chmod +x $out/Engine/Binaries/Linux/FactoryServer-Linux-Shipping chmod +x $out/opt/Engine/Binaries/Linux/FactoryServer-Linux-Shipping
patchelf --add-needed ${SDL2}/lib/libSDL2-2.0.so.0 \ patchelf \
$out/linux64/steamclient.so --add-needed ${SDL2}/lib/libSDL2-2.0.so.0 \
$out/opt/linux64/steamclient.so
patchelf --set-interpreter "$(cat $NIX_CC/nix-support/dynamic-linker)" \ patchelf \
--add-needed $out/linux64/steamclient.so \ --set-interpreter "$(cat $NIX_CC/nix-support/dynamic-linker)" \
$out/Engine/Binaries/Linux/FactoryServer-Linux-Shipping --add-needed $out/opt/linux64/steamclient.so \
$out/opt/Engine/Binaries/Linux/FactoryServer-Linux-Shipping
''; '';
meta = with lib; { meta = with lib; {
description = "Satisfactory Dedicated Server"; description = "Satisfactory Dedicated Server";
homepage = "https://www.satisfactorygame.com/";
license = licenses.unfree; license = licenses.unfree;
platforms = [ "x86_64-linux" ]; platforms = [ "x86_64-linux" ];
sourceProvenance = [ sourceTypes.binaryNativeCode ];
}; };
} }

5
pkgs/kicad-xenia/addons/default.nix
View File

@ -1,5 +0,0 @@
{ kicad }:
{
kikit = kicad.callPackage ./kikit.nix { addonName = "kikit"; };
kikit-library = kicad.callPackage ./kikit.nix { addonName = "kikit-library"; };
}

52
pkgs/kicad-xenia/addons/kikit.nix
View File

@ -1,52 +0,0 @@
# For building the multiple addons that are in the kikit repo.
{ stdenv
, bc
, kikit
, zip
, python3
, addonName
, addonPath
}:
let
# This python is only used when building the package, it's not the python
# environment that will ultimately run the code packaged here. The python env defined
# in KiCad will import the python code packaged here when KiCad starts up.
python = python3.withPackages (ps: with ps; [ click ]);
kikit-module = python3.pkgs.toPythonModule (kikit.override { inherit python3; });
# The following different addons can be built from the same source.
targetSpecs = {
"kikit" = {
makeTarget = "pcm-kikit";
resultZip = "pcm-kikit.zip";
description = "KiCad plugin and a CLI tool to automate several tasks in a standard KiCad workflow";
};
"kikit-library" = {
makeTarget = "pcm-lib";
resultZip = "pcm-kikit-lib.zip";
description = "KiKit uses these symbols and footprints to annotate your boards (e.g., to place a tab in a panel).";
};
};
targetSpec = targetSpecs.${addonName};
in
stdenv.mkDerivation {
name = "kicadaddon-${addonName}";
inherit (kikit-module) src version;
nativeBuildInputs = [ python bc zip ];
propagatedBuildInputs = [ kikit-module ];
buildPhase = ''
patchShebangs scripts/setJson.py
make ${targetSpec.makeTarget}
'';
installPhase = ''
mkdir $out
mv build/${targetSpec.resultZip} $out/${addonPath}
'';
meta = kikit-module.meta // {
description = targetSpec.description;
};
}

211
pkgs/kicad-xenia/base.nix
View File

@ -1,211 +0,0 @@
{ lib
, stdenv
, cmake
, libGLU
, libGL
, zlib
, wxGTK
, gtk3
, libX11
, gettext
, glew
, glm
, cairo
, curl
, openssl
, boost
, pkg-config
, doxygen
, graphviz
, pcre
, libpthreadstubs
, libXdmcp
, unixODBC
, libgit2
, libsecret
, libgcrypt
, libgpg-error
, util-linux
, libselinux
, libsepol
, libthai
, libdatrie
, libxkbcommon
, libepoxy
, dbus
, at-spi2-core
, libXtst
, pcre2
, libdeflate
, swig4
, python
, wxPython
, opencascade-occt_7_6
, libngspice
, valgrind
, stable
, testing
, baseName
, kicadSrc
, kicadVersion
, withNgspice
, withScripting
, withI18n
, debug
, sanitizeAddress
, sanitizeThreads
}:
assert lib.assertMsg (!(sanitizeAddress && sanitizeThreads))
"'sanitizeAddress' and 'sanitizeThreads' are mutually exclusive, use one.";
assert testing -> !stable
-> throw "testing implies stable and cannot be used with stable = false";
let
opencascade-occt = opencascade-occt_7_6;
inherit (lib) optional optionals optionalString;
in
stdenv.mkDerivation rec {
pname = "kicad-base";
version = if (stable) then kicadVersion else builtins.substring 0 10 src.rev;
src = kicadSrc;
patches = [
# upstream issue 12941 (attempted to upstream, but appreciably unacceptable)
./writable.patch
# https://gitlab.com/kicad/code/kicad/-/issues/15687
./runtime_stock_data_path.patch
];
# tagged releases don't have "unknown"
# kicad testing and nightlies use git describe --dirty
# nix removes .git, so its approximated here
postPatch = lib.optionalString (!stable || testing) ''
substituteInPlace cmake/KiCadVersion.cmake \
--replace "unknown" "${builtins.substring 0 10 src.rev}"
substituteInPlace cmake/CreateGitVersionHeader.cmake \
--replace "0000000000000000000000000000000000000000" "${src.rev}"
'';
makeFlags = optionals (debug) [ "CFLAGS+=-Og" "CFLAGS+=-ggdb" ];
cmakeFlags = [
"-DKICAD_USE_EGL=ON"
"-DOCC_INCLUDE_DIR=${opencascade-occt}/include/opencascade"
# https://gitlab.com/kicad/code/kicad/-/issues/17133
"-DCMAKE_CTEST_ARGUMENTS='--exclude-regex;qa_spice'"
]
++ optional (stdenv.hostPlatform.system == "aarch64-linux")
"-DCMAKE_CTEST_ARGUMENTS=--exclude-regex;'qa_spice|qa_cli'"
++ optional (stable && !withNgspice) "-DKICAD_SPICE=OFF"
++ optionals (!withScripting) [
"-DKICAD_SCRIPTING_WXPYTHON=OFF"
]
++ optionals (withI18n) [
"-DKICAD_BUILD_I18N=ON"
]
++ optionals (!doInstallCheck) [
"-DKICAD_BUILD_QA_TESTS=OFF"
]
++ optionals (debug) [
"-DKICAD_STDLIB_DEBUG=ON"
"-DKICAD_USE_VALGRIND=ON"
]
++ optionals (sanitizeAddress) [
"-DKICAD_SANITIZE_ADDRESS=ON"
]
++ optionals (sanitizeThreads) [
"-DKICAD_SANITIZE_THREADS=ON"
];
cmakeBuildType = if debug then "Debug" else "Release";
nativeBuildInputs = [
cmake
doxygen
graphviz
pkg-config
libgit2
libsecret
libgcrypt
libgpg-error
]
# wanted by configuration on linux, doesn't seem to affect performance
# no effect on closure size
++ optionals (stdenv.isLinux) [
util-linux
libselinux
libsepol
libthai
libdatrie
libxkbcommon
libepoxy
dbus
at-spi2-core
libXtst
pcre2
];
buildInputs = [
libGLU
libGL
zlib
libX11
wxGTK
gtk3
pcre
libXdmcp
gettext
glew
glm
libpthreadstubs
cairo
curl
openssl
boost
swig4
python
unixODBC
libdeflate
opencascade-occt
]
++ optional (withScripting) wxPython
++ optional (withNgspice) libngspice
++ optional (debug) valgrind;
# some ngspice tests attempt to write to $HOME/.cache/
# this could be and was resolved with XDG_CACHE_HOME = "$TMP";
# but failing tests still attempt to create $HOME
# and the newer CLI tests seem to also use $HOME...
HOME = "$TMP";
# debug builds fail all but the python test
doInstallCheck = !(debug);
installCheckTarget = "test";
nativeInstallCheckInputs = [
(python.withPackages(ps: with ps; [
numpy
pytest
cairosvg
pytest-image-diff
]))
];
dontStrip = debug;
meta = {
description = "Just the built source without the libraries";
longDescription = ''
Just the build products, the libraries are passed via an env var in the wrapper, default.nix
'';
homepage = "https://www.kicad.org/";
license = lib.licenses.gpl3Plus;
platforms = lib.platforms.all;
};
}

298
pkgs/kicad-xenia/default.nix
View File

@ -1,298 +0,0 @@
{ lib, stdenv
, runCommand
, newScope
, fetchFromGitLab
, fetchgit
, makeWrapper
, symlinkJoin
, callPackage
, callPackages
, gnome
, dconf
, gtk3
, wxGTK32
, librsvg
, cups
, gsettings-desktop-schemas
, hicolor-icon-theme
, unzip
, jq
, pname ? "kicad"
, stable ? true
, testing ? false
, withNgspice ? !stdenv.isDarwin
, libngspice
, withScripting ? true
, python3
, addons ? [ ]
, debug ? false
, sanitizeAddress ? false
, sanitizeThreads ? false
, with3d ? true
, withI18n ? true
, srcs ? { }
}:
# `addons`: https://dev-docs.kicad.org/en/addons/
#
# ```nix
# kicad = pkgs.kicad.override {
# addons = with pkgs.kicadAddons; [ kikit kikit-library ];
# };
# ```
# The `srcs` parameter can be used to override the kicad source code
# and all libraries, which are otherwise inaccessible
# to overlays since most of the kicad build expression has been
# refactored into base.nix, most of the library build expressions have
# been refactored into libraries.nix. Overrides are only applied when
# building `kicad-unstable`. The `srcs` parameter has
# no effect for stable `kicad`. `srcs` takes an attribute set in which
# any of the following attributes are meaningful (though none are
# mandatory): "kicad", "kicadVersion", "symbols", "templates",
# "footprints", "packages3d", and "libVersion". "kicadVersion" and
# "libVersion" should be set to a string with the desired value for
# the version attribute in kicad's `mkDerivation` and the version
# attribute in any of the library's `mkDerivation`, respectively.
# "kicad", "symbols", "templates", "footprints", and "packages3d"
# should be set to an appropriate fetcher (e.g. `fetchFromGitLab`).
# So, for example, a possible overlay for kicad is:
#
# final: prev:
# {
# kicad-unstable = (prev.kicad-unstable.override {
# srcs = {
# kicadVersion = "2020-10-08";
# kicad = prev.fetchFromGitLab {
# group = "kicad";
# owner = "code";
# repo = "kicad";
# rev = "fd22fe8e374ce71d57e9f683ba996651aa69fa4e";
# sha256 = "sha256-F8qugru/jU3DgZSpQXQhRGNFSk0ybFRkpyWb7HAGBdc=";
# };
# };
# });
# }
let
baseName = if (testing) then "kicad-testing"
else if (stable) then "kicad"
else "kicad-unstable";
versionsImport = import ./versions.nix;
# versions.nix does not provide us with version, src and rev. We
# need to turn this into approprate fetcher calls.
#kicadSrcFetch = fetchFromGitLab {
# group = "kicad";
# owner = "code";
# repo = "kicad";
# rev = versionsImport.${baseName}.kicadVersion.src.rev;
# sha256 = versionsImport.${baseName}.kicadVersion.src.sha256;
#};
kicadSrcFetch = fetchgit {
url = "https://git.lain.faith/haskal/kicad.git";
rev = versionsImport.${baseName}.kicadVersion.src.rev;
sha256 = versionsImport.${baseName}.kicadVersion.src.sha256;
};
libSrcFetch = name: fetchFromGitLab {
group = "kicad";
owner = "libraries";
repo = "kicad-${name}";
rev = versionsImport.${baseName}.libVersion.libSources.${name}.rev;
sha256 = versionsImport.${baseName}.libVersion.libSources.${name}.sha256;
};
# only override `src` or `version` if building `kicad-unstable` with
# the appropriate attribute defined in `srcs`.
srcOverridep = attr: (!stable && builtins.hasAttr attr srcs);
# use default source and version (as defined in versions.nix) by
# default, or use the appropriate attribute from `srcs` if building
# unstable with `srcs` properly defined.
kicadSrc =
if srcOverridep "kicad" then srcs.kicad
else kicadSrcFetch;
kicadVersion =
if srcOverridep "kicadVersion" then srcs.kicadVersion
else versionsImport.${baseName}.kicadVersion.version;
libSrc = name: if srcOverridep name then srcs.${name} else libSrcFetch name;
# TODO does it make sense to only have one version for all libs?
libVersion =
if srcOverridep "libVersion" then srcs.libVersion
else versionsImport.${baseName}.libVersion.version;
wxGTK = wxGTK32;
python = python3;
wxPython = python.pkgs.wxpython;
addonPath = "addon.zip";
addonsDrvs = map (pkg: pkg.override { inherit addonPath python3; }) addons;
addonsJoined =
runCommand "addonsJoined"
{
inherit addonsDrvs;
nativeBuildInputs = [ unzip jq ];
} ''
mkdir $out
for pkg in $addonsDrvs; do
unzip $pkg/addon.zip -d unpacked
folder_name=$(jq .identifier unpacked/metadata.json --raw-output | tr . _)
for d in unpacked/*; do
if [ -d "$d" ]; then
dest=$out/share/kicad/scripting/$(basename $d)/$folder_name
mkdir -p $(dirname $dest)
mv $d $dest
fi
done
rm -r unpacked
done
'';
inherit (lib) concatStringsSep flatten optionalString optionals;
in
stdenv.mkDerivation rec {
# Common libraries, referenced during runtime, via the wrapper.
passthru.libraries = callPackages ./libraries.nix { inherit libSrc; };
passthru.callPackage = newScope { inherit addonPath python3; };
base = callPackage ./base.nix {
inherit stable testing baseName;
inherit kicadSrc kicadVersion;
inherit wxGTK python wxPython;
inherit withNgspice withScripting withI18n;
inherit debug sanitizeAddress sanitizeThreads;
};
inherit pname;
version = if (stable) then kicadVersion else builtins.substring 0 10 src.src.rev;
src = base;
dontUnpack = true;
dontConfigure = true;
dontBuild = true;
dontFixup = true;
pythonPath = optionals (withScripting)
[ wxPython python.pkgs.six python.pkgs.requests ] ++ addonsDrvs;
nativeBuildInputs = [ makeWrapper ]
++ optionals (withScripting)
[ python.pkgs.wrapPython ];
# KICAD7_TEMPLATE_DIR only works with a single path (it does not handle : separated paths)
# but it's used to find both the templates and the symbol/footprint library tables
# https://gitlab.com/kicad/code/kicad/-/issues/14792
template_dir = symlinkJoin {
name = "KiCad_template_dir";
paths = with passthru.libraries; [
"${templates}/share/kicad/template"
"${footprints}/share/kicad/template"
"${symbols}/share/kicad/template"
];
};
# We are emulating wrapGAppsHook3, along with other variables to the wrapper
makeWrapperArgs = with passthru.libraries; [
"--prefix XDG_DATA_DIRS : ${base}/share"
"--prefix XDG_DATA_DIRS : ${hicolor-icon-theme}/share"
"--prefix XDG_DATA_DIRS : ${gnome.adwaita-icon-theme}/share"
"--prefix XDG_DATA_DIRS : ${gtk3}/share/gsettings-schemas/${gtk3.name}"
"--prefix XDG_DATA_DIRS : ${gsettings-desktop-schemas}/share/gsettings-schemas/${gsettings-desktop-schemas.name}"
# wrapGAppsHook3 did these two as well, no idea if it matters...
"--prefix XDG_DATA_DIRS : ${cups}/share"
"--prefix GIO_EXTRA_MODULES : ${dconf}/lib/gio/modules"
# required to open a bug report link in firefox-wayland
"--set-default MOZ_DBUS_REMOTE 1"
"--set-default KICAD8_FOOTPRINT_DIR ${footprints}/share/kicad/footprints"
"--set-default KICAD8_SYMBOL_DIR ${symbols}/share/kicad/symbols"
"--set-default KICAD8_TEMPLATE_DIR ${template_dir}"
]
++ optionals (addons != [ ]) (
let stockDataPath = symlinkJoin {
name = "kicad_stock_data_path";
paths = [
"${base}/share/kicad"
"${addonsJoined}/share/kicad"
];
};
in
[ "--set-default NIX_KICAD8_STOCK_DATA_PATH ${stockDataPath}" ]
)
++ optionals (with3d)
[
"--set-default KICAD8_3DMODEL_DIR ${packages3d}/share/kicad/3dmodels"
]
++ optionals (withNgspice) [ "--prefix LD_LIBRARY_PATH : ${libngspice}/lib" ]
# infinisil's workaround for #39493
++ [ "--set GDK_PIXBUF_MODULE_FILE ${librsvg}/lib/gdk-pixbuf-2.0/2.10.0/loaders.cache" ]
;
# why does $makeWrapperArgs have to be added explicitly?
# $out and $program_PYTHONPATH don't exist when makeWrapperArgs gets set?
installPhase =
let
bin = if stdenv.isDarwin then "*.app/Contents/MacOS" else "bin";
tools = [ "kicad" "pcbnew" "eeschema" "gerbview" "pcb_calculator" "pl_editor" "bitmap2component" ];
utils = [ "dxf2idf" "idf2vrml" "idfcyl" "idfrect" "kicad-cli" ];
in
(concatStringsSep "\n"
(flatten [
"runHook preInstall"
(optionalString (withScripting) "buildPythonPath \"${base} $pythonPath\" \n")
# wrap each of the directly usable tools
(map
(tool: "makeWrapper ${base}/${bin}/${tool} $out/bin/${tool} $makeWrapperArgs"
+ optionalString (withScripting) " --set PYTHONPATH \"$program_PYTHONPATH\""
)
tools)
# link in the CLI utils
(map (util: "ln -s ${base}/${bin}/${util} $out/bin/${util}") utils)
"runHook postInstall"
])
)
;
postInstall = ''
mkdir -p $out/share
ln -s ${base}/share/applications $out/share/applications
ln -s ${base}/share/icons $out/share/icons
ln -s ${base}/share/mime $out/share/mime
ln -s ${base}/share/metainfo $out/share/metainfo
'';
passthru.updateScript = {
command = [ ./update.sh "${pname}" ];
supportedFeatures = [ "commit" ];
};
meta = rec {
description = (if (stable)
then "Open Source Electronics Design Automation suite"
else if (testing) then "Open Source EDA suite, latest on stable branch"
else "Open Source EDA suite, latest on master branch")
+ (lib.optionalString (!with3d) ", without 3D models");
homepage = "https://www.kicad.org/";
longDescription = ''
KiCad is an open source software suite for Electronic Design Automation.
The Programs handle Schematic Capture, and PCB Layout with Gerber output.
'';
license = lib.licenses.gpl3Plus;
maintainers = with lib.maintainers; [ evils ];
platforms = lib.platforms.all;
broken = stdenv.isDarwin;
mainProgram = "kicad";
};
}

39
pkgs/kicad-xenia/libraries.nix
View File

@ -1,39 +0,0 @@
{ lib, stdenv
, cmake
, gettext
, libSrc
, stepreduce
, parallel
, zip
}:
let
mkLib = name:
stdenv.mkDerivation {
pname = "kicad-${name}";
version = builtins.substring 0 10 (libSrc name).rev;
src = libSrc name;
nativeBuildInputs = [ cmake ]
++ lib.optionals (name == "packages3d") [
stepreduce
parallel
zip
];
postInstall = lib.optional (name == "packages3d") ''
find $out -type f -name '*.step' | parallel 'stepreduce {} {} && zip -9 {.}.stpZ {} && rm {}'
'';
meta = rec {
license = lib.licenses.cc-by-sa-40;
platforms = lib.platforms.all;
};
};
in
{
symbols = mkLib "symbols";
templates = mkLib "templates";
footprints = mkLib "footprints";
packages3d = mkLib "packages3d";
}

15
pkgs/kicad-xenia/runtime_stock_data_path.patch
View File

@ -1,15 +0,0 @@
diff --git a/common/paths.cpp b/common/paths.cpp
index a74cdd9..790cc58 100644
--- a/common/paths.cpp
+++ b/common/paths.cpp
@@ -151,6 +151,10 @@ wxString PATHS::GetStockDataPath( bool aRespectRunFromBuildDir )
{
wxString path;
+ if( wxGetEnv( wxT( "NIX_KICAD8_STOCK_DATA_PATH" ), &path ) ) {
+ return path;
+ }
+
if( aRespectRunFromBuildDir && wxGetEnv( wxT( "KICAD_RUN_FROM_BUILD_DIR" ), nullptr ) )
{
// Allow debugging from build dir by placing relevant files/folders in the build root

260
pkgs/kicad-xenia/update.sh
View File

@ -1,260 +0,0 @@
#!/usr/bin/env nix-shell
#!nix-shell -i bash -p coreutils git nix curl jq
# shellcheck shell=bash enable=all
set -e
shopt -s inherit_errexit
# this script will generate versions.nix in the right location
# this should contain the versions' revs and hashes
# the stable revs are stored only for ease of skipping
# by default nix-prefetch-url uses XDG_RUNTIME_DIR as tmp
# which is /run/user/1000, which defaults to 10% of your RAM
# unless you have over 64GB of ram that'll be insufficient
# resulting in "tar: no space left on device" for packages3d
# hence:
export TMPDIR=/tmp
# if something goes unrepairably wrong, run 'update.sh all clean'
# TODO
# support parallel instances for each pname
# currently risks reusing old data
# no getting around manually checking if the build product works...
# if there is, default to commiting?
# won't work when running in parallel?
# remove items left in /nix/store?
# reuse hashes of already checked revs (to avoid redownloading testing's packages3d)
# nixpkgs' update.nix passes in UPDATE_NIX_PNAME to indicate which package is being updated
# assigning a default value to that as shellcheck doesn't like the use of unassigned variables
: "${UPDATE_NIX_PNAME:=""}"
# update.nix can also parse JSON output of this script to formulate a commit
# this requires we collect the version string in the old versions.nix for the updated package
old_version=""
new_version=""
# get the latest tag that isn't an RC or *.99
latest_tags="$(git ls-remote --tags --sort -version:refname https://gitlab.com/kicad/code/kicad.git)"
# using a scratch variable to ensure command failures get caught (SC2312)
scratch="$(grep -o 'refs/tags/[0-9]*\.[0-9]*\.[0-9]*$' <<< "${latest_tags}")"
scratch="$(grep -ve '\.99' -e '\.9\.9' <<< "${scratch}")"
scratch="$(sed -n '1p' <<< "${scratch}")"
latest_tag="$(cut -d '/' -f 3 <<< "${scratch}")"
# get the latest branch name for testing
branches="$(git ls-remote --heads --sort -version:refname https://gitlab.com/kicad/code/kicad.git)"
scratch="$(grep -o 'refs/heads/[0-9]*\.[0-9]*$' <<< "${branches}")"
scratch="$(sed -n '1p' <<< "${scratch}")"
testing_branch="$(cut -d '/' -f 3 <<< "${scratch}")"
# "latest_tag" and "master" directly refer to what we want
# "testing" uses "testing_branch" found above
all_versions=( "${latest_tag}" testing master )
prefetch="nix-prefetch-url --unpack --quiet"
clean=""
check_stable=""
check_testing=1
check_unstable=1
commit=""
for arg in "$@" "${UPDATE_NIX_PNAME}"; do
case "${arg}" in
help|-h|--help) echo "Read me!" >&2; exit 1; ;;
kicad|kicad-small|release|tag|stable|5*|6*|7*|8*) check_stable=1; check_testing=""; check_unstable="" ;;
*testing|kicad-testing-small) check_testing=1; check_unstable="" ;;
*unstable|*unstable-small|master|main) check_unstable=1; check_testing="" ;;
latest|now|today) check_unstable=1; check_testing=1 ;;
all|both|full) check_stable=1; check_testing=1; check_unstable=1 ;;
clean|fix|*fuck) check_stable=1; check_testing=1; check_unstable=1; clean=1 ;;
commit) commit=1 ;;
*) ;;
esac
done
here="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )"
commit_date() {
gitlab_json="$(curl -s https://gitlab.com/api/v4/projects/kicad%2Fcode%2Fkicad/repository/commits/"$1")"
commit_created="$(jq .created_at --raw-output <<< "${gitlab_json}")"
date --date="${commit_created}" --iso-8601 --utc
}
file="${here}/versions.nix"
# just in case this runs in parallel
tmp="${here}/,versions.nix.${RANDOM}"
libs=( symbols templates footprints packages3d )
get_rev() {
git ls-remote "$@"
}
gitlab="https://gitlab.com/kicad"
# append commit hash or tag
src_pre="https://gitlab.com/api/v4/projects/kicad%2Fcode%2Fkicad/repository/archive.tar.gz?sha="
lib_pre="https://gitlab.com/api/v4/projects/kicad%2Flibraries%2Fkicad-"
lib_mid="/repository/archive.tar.gz?sha="
# number of items updated
count=0
printf "Latest tag is %s\n" "${latest_tag}" >&2
if [[ ! -f ${file} ]]; then
echo "No existing file, generating from scratch" >&2
check_stable=1; check_testing=1; check_unstable=1; clean=1
fi
printf "Writing %s\n" "${tmp}" >&2
# not a dangling brace, grouping the output to redirect to file
{
printf "# This file was generated by update.sh\n\n"
printf "{\n"
for version in "${all_versions[@]}"; do
src_version=${version};
lib_version=${version};
# testing is the stable branch on the main repo
# but the libraries don't have such a branch
# only the latest release tag and a master branch
if [[ ${version} == "testing" ]]; then
src_version=${testing_branch};
lib_version=${latest_tag};
fi
if [[ ${version} == "master" ]]; then
pname="kicad-unstable"
elif [[ ${version} == "testing" ]]; then
pname="kicad-testing"
else
pname="kicad"
fi
# skip a version if we don't want to check it
if [[ (-n ${check_stable} && ${version} != "master" && ${version} != "testing") \
|| (-n ${check_testing} && ${version} == "testing") \
|| (-n ${check_unstable} && ${version} == "master" ) ]]; then
now=$(commit_date "${src_version}")
if [[ ${version} == "master" ]]; then
pname="kicad-unstable"
new_version="${now}"
elif [[ ${version} == "testing" ]]; then
pname="kicad-testing"
new_version="${testing_branch}-${now}"
else
pname="kicad"
new_version="${version}"
fi
printf "\nChecking %s\n" "${pname}" >&2
printf "%2s\"%s\" = {\n" "" "${pname}"
printf "%4skicadVersion = {\n" ""
printf "%6sversion =\t\t\t\"%s\";\n" "" "${new_version}"
printf "%6ssrc = {\n" ""
echo "Checking src" >&2
scratch="$(get_rev "${gitlab}"/code/kicad.git "${src_version}")"
src_rev="$(cut -f1 <<< "${scratch}")"
has_rev="$(grep -sm 1 "\"${pname}\"" -A 4 "${file}" | grep -sm 1 "${src_rev}" || true)"
has_hash="$(grep -sm 1 "\"${pname}\"" -A 5 "${file}" | grep -sm 1 "sha256" || true)"
old_version="$(grep -sm 1 "\"${pname}\"" -A 3 "${file}" | grep -sm 1 "version" | awk -F "\"" '{print $2}' || true)"
if [[ -n ${has_rev} && -n ${has_hash} && -z ${clean} ]]; then
echo "Reusing old ${pname}.src.sha256, already latest .rev at ${old_version}" >&2
scratch=$(grep -sm 1 "\"${pname}\"" -A 5 "${file}")
grep -sm 1 "rev" -A 1 <<< "${scratch}"
else
prefetched="$(${prefetch} "${src_pre}${src_rev}")"
printf "%8srev =\t\t\t\"%s\";\n" "" "${src_rev}"
printf "%8ssha256 =\t\t\"%s\";\n" "" "${prefetched}"
count=$((count+1))
fi
printf "%6s};\n" ""
printf "%4s};\n" ""
printf "%4slibVersion = {\n" ""
printf "%6sversion =\t\t\t\"%s\";\n" "" "${new_version}"
printf "%6slibSources = {\n" ""
for lib in "${libs[@]}"; do
echo "Checking ${lib}" >&2
url="${gitlab}/libraries/kicad-${lib}.git"
scratch="$(get_rev "${url}" "${lib_version}")"
scratch="$(cut -f1 <<< "${scratch}")"
lib_rev="$(tail -n1 <<< "${scratch}")"
has_rev="$(grep -sm 1 "\"${pname}\"" -A 19 "${file}" | grep -sm 1 "${lib_rev}" || true)"
has_hash="$(grep -sm 1 "\"${pname}\"" -A 20 "${file}" | grep -sm 1 "${lib}.sha256" || true)"
if [[ -n ${has_rev} && -n ${has_hash} && -z ${clean} ]]; then
echo "Reusing old kicad-${lib}-${new_version}.src.sha256, already latest .rev" >&2
scratch="$(grep -sm 1 "\"${pname}\"" -A 20 "${file}")"
grep -sm 1 "${lib}" -A 1 <<< "${scratch}"
else
prefetched="$(${prefetch} "${lib_pre}${lib}${lib_mid}${lib_rev}")"
printf "%8s%s.rev =\t" "" "${lib}"
case "${lib}" in
symbols|templates) printf "\t" ;; *) ;;
esac
printf "\"%s\";\n" "${lib_rev}"
printf "%8s%s.sha256 =\t\"%s\";\n" "" "${lib}" "${prefetched}"
count=$((count+1))
fi
done
printf "%6s};\n" ""
printf "%4s};\n" ""
printf "%2s};\n" ""
else
printf "\nReusing old %s\n" "${pname}" >&2
grep -sm 1 "\"${pname}\"" -A 21 "${file}"
fi
done
printf "}\n"
} > "${tmp}"
if grep '""' "${tmp}"; then
echo "empty value detected, out of space?" >&2
exit "1"
fi
mv "${tmp}" "${file}"
printf "\nFinished\nMoved output to %s\n\n" "${file}" >&2
if [[ ${count} -gt 0 ]]; then
if [[ ${count} -gt 1 ]]; then s="s"; else s=""; fi
echo "${count} revision${s} changed" >&2
if [[ -n ${commit} ]]; then
git commit -am "$(printf "kicad: automatic update of %s item%s\n" "${count}" "${s}")"
fi
echo "Please confirm the new versions.nix works before making a PR." >&2
else
echo "No changes, those checked are up to date" >&2
fi
# using UPDATE_NIX_ATTR_PATH to detect if this is being called from update.nix
# and output JSON to describe the changes
if [[ -n ${UPDATE_NIX_ATTR_PATH} ]]; then
if [[ ${count} -eq 0 ]]; then echo "[{}]"; exit 0; fi
jq -n \
--arg attrpath "${UPDATE_NIX_PNAME}" \
--arg oldversion "${old_version}" \
--arg newversion "${new_version}" \
--arg file "${file}" \
'[{
"attrPath": $attrpath,
"oldVersion": $oldversion,
"newVersion": $newversion,
"files": [ $file ]
}]'
fi

70
pkgs/kicad-xenia/versions.nix
View File

@ -1,70 +0,0 @@
# This file was generated by update.sh
{
"kicad" = {
kicadVersion = {
version = "8.0.2";
src = {
rev = "2d5434e9abf570ffd19b22c90963ea71cfb91d3d";
sha256 = "1n1jj7559xd4ib4c6ybya75a5hbarnkfy8gxzxfw58wdb4lxxmzz";
};
};
libVersion = {
version = "8.0.2";
libSources = {
symbols.rev = "099ac0c8ac402a685fde00b1369e34a116e29661";
symbols.sha256 = "0w333f89yw2m0zlpkg0k6hfwlj10snm8laihdjnsb22asyz4pbhn";
templates.rev = "2e2da58e02707d327d59d4101c401a82dc9a26f6";
templates.sha256 = "073a6cyvzzy0vmkj3ip4ziq7b7pcizs70nm5acw838dxghjfyv3v";
footprints.rev = "e8c30550cde4945cbe1bf30cccf0b3c1e2bda6c6";
footprints.sha256 = "10j8qjljc1fv8k4zp3zn0da33g57hn6pgrgmbgp18dsa539xvxcz";
packages3d.rev = "249f7947587529026e1676cd70c8d7493a8d8162";
packages3d.sha256 = "04gvfb54jhnww2qwrxc27wpyrvmjasdc4xhr0ridl7dglh4qcp35";
};
};
};
# "kicad-testing" = {
# kicadVersion = {
# version = "8.0-2024-02-23";
# src = {
# rev = "14d71c8ca6b48d2eb956bb069acf05a37b1b2652";
# sha256 = "0xqd0xbpnvsvba75526nwgzr8l2cfxy99sjmg13sjxfx7rq16kqi";
# };
# };
# libVersion = {
# version = "8.0-2024-02-23";
# libSources = {
# symbols.rev = "e228d4e8b295364e90e36c57f4023d8285ba88cd";
# symbols.sha256 = "049h2a7yn6ks8sybppixa872dbvyd0rwf9r6nixvdg6d13fl6rwf";
# templates.rev = "2e00c233b67e35323f90d04c190bf70237a252f2";
# templates.sha256 = "0m9bggz3cm27kqpjjwxy19mqzk0c69bywcjkqcni7kafr21c6k4z";
# footprints.rev = "6e5329a6d4aaa81290e23af3eba88f505c2f61b0";
# footprints.sha256 = "0ypjlbmzmcl3pha3q2361va70c988b1drxy8320gm66jkzfc21a1";
# packages3d.rev = "d1e521228d9f5888836b1a6a35fb05fb925456fa";
# packages3d.sha256 = "0lcy1av7ixg1f7arflk50jllpc1749sfvf3h62hkxsz97wkr97xj";
# };
# };
# };
# "kicad-unstable" = {
# kicadVersion = {
# version = "2024-02-23";
# src = {
# rev = "b7b64d959f37f00bb0d14b007c3b3908196e1024";
# sha256 = "1gl7mjqpmqq4m55z6crwb77983g00gi2161ichsc7hsfhs4c8grh";
# };
# };
# libVersion = {
# version = "2024-02-23";
# libSources = {
# symbols.rev = "8b0c343d8694fe0a968e5c4af69fd161bacf7da1";
# symbols.sha256 = "049h2a7yn6ks8sybppixa872dbvyd0rwf9r6nixvdg6d13fl6rwf";
# templates.rev = "0a6c4f798a68a5c639d54b4d3093460ab9267816";
# templates.sha256 = "0m9bggz3cm27kqpjjwxy19mqzk0c69bywcjkqcni7kafr21c6k4z";
# footprints.rev = "ded6b053460faae5783c538a38e91e2b4bddcf2e";
# footprints.sha256 = "035bf37n4vrihaj4zfdncisdx9fly1vya7lhkxhlsbv5blpi4a5y";
# packages3d.rev = "984667325076d4e50dab14e755aeacf97f42194c";
# packages3d.sha256 = "0lkaxv02h4sxrnm8zr17wl9d07mazlisad78r35gry741i362cdg";
# };
# };
# };
}

49
pkgs/kicad-xenia/writable.patch
View File

@ -1,49 +0,0 @@
commit 6a72fd032405515e468797be91b5a6ebcbbb5fd8
Author: Evils <evils.devils@protonmail.com>
Date: Wed Nov 23 19:49:13 2022 +0100
ensure new projects are writable
diff --git a/kicad/kicad_manager_frame.cpp b/kicad/kicad_manager_frame.cpp
index 7ee8090858..391514519c 100644
--- a/kicad/kicad_manager_frame.cpp
+++ b/kicad/kicad_manager_frame.cpp
@@ -638,6 +638,12 @@ void KICAD_MANAGER_FRAME::CreateNewProject( const wxFileName& aProjectFileName,
// wxFFile dtor will close the file
}
+
+ if( destFileName.IsOk() && !destFileName.IsFileWritable() )
+ {
+ destFileName.SetPermissions(0644);
+ }
+
}
}
diff --git a/kicad/project_template.cpp b/kicad/project_template.cpp
index bf951fcddb..2bef94326b 100644
--- a/kicad/project_template.cpp
+++ b/kicad/project_template.cpp
@@ -282,6 +282,21 @@ bool PROJECT_TEMPLATE::CreateProject( wxFileName& aNewProjectPath, wxString* aEr
result = false;
}
+ else if( !destFile.IsFileWritable() && !destFile.SetPermissions(0644) )
+ {
+ if( aErrorMsg )
+ {
+ if( !aErrorMsg->empty() )
+ *aErrorMsg += "\n";
+
+ wxString msg;
+
+ msg.Printf( _( "Cannot make file writable: '%s'." ), destFile.GetFullPath() );
+ *aErrorMsg += msg;
+ }
+
+ result = false;
+ }
}
return result;

25
pkgs/lix/lix-plugins/0001-implement-lix-support.patch
View File

@ -1,14 +1,14 @@
From 10a24d7831f51549d8c05193a0fbc329cc327fbe Mon Sep 17 00:00:00 2001 From d9e022548aff94e90914baa921ddb4cd939c0e5c Mon Sep 17 00:00:00 2001
From: xenia <xenia@awoo.systems> From: xenia <xenia@awoo.systems>
Date: Sat, 21 Dec 2024 15:33:10 -0500 Date: Sat, 21 Dec 2024 15:33:10 -0500
Subject: [PATCH] implement lix support Subject: [PATCH] implement lix support
--- ---
CMakeLists.txt | 27 ------------- CMakeLists.txt | 27 ------------
extra-builtins.cc | 87 ++++++++++++++++------------------------- extra-builtins.cc | 91 ++++++++++++++++-------------------------
meson.build | 18 +++++++++ meson.build | 18 ++++++++
nix-plugins-config.h.in | 3 -- nix-plugins-config.h.in | 3 --
4 files changed, 51 insertions(+), 84 deletions(-) 4 files changed, 53 insertions(+), 86 deletions(-)
delete mode 100644 CMakeLists.txt delete mode 100644 CMakeLists.txt
create mode 100644 meson.build create mode 100644 meson.build
delete mode 100644 nix-plugins-config.h.in delete mode 100644 nix-plugins-config.h.in
@ -47,7 +47,7 @@ index 9674fe8..0000000
- -
-install(TARGETS nix-extra-builtins DESTINATION lib/nix/plugins) -install(TARGETS nix-extra-builtins DESTINATION lib/nix/plugins)
diff --git a/extra-builtins.cc b/extra-builtins.cc diff --git a/extra-builtins.cc b/extra-builtins.cc
index 3a0f90e..f2978f8 100644 index 3a0f90e..95aef5e 100644
--- a/extra-builtins.cc --- a/extra-builtins.cc
+++ b/extra-builtins.cc +++ b/extra-builtins.cc
@@ -1,12 +1,8 @@ @@ -1,12 +1,8 @@
@ -68,8 +68,12 @@ index 3a0f90e..f2978f8 100644
using namespace nix; using namespace nix;
@@ -24,39 +20,38 @@ static GlobalConfig::Register rp(&extraBuiltinsSettings); @@ -21,42 +17,41 @@ static ExtraBuiltinsSettings extraBuiltinsSettings;
static void extraBuiltins(EvalState & state, const PosIdx pos,
static GlobalConfig::Register rp(&extraBuiltinsSettings);
-static void extraBuiltins(EvalState & state, const PosIdx pos,
+static void extraBuiltins(EvalState & state,
Value ** _args, Value & v) Value ** _args, Value & v)
{ {
- static auto extraBuiltinsFile = state.rootPath(CanonPath(extraBuiltinsSettings.extraBuiltinsFile.to_string())); - static auto extraBuiltinsFile = state.rootPath(CanonPath(extraBuiltinsSettings.extraBuiltinsFile.to_string()));
@ -130,8 +134,9 @@ index 3a0f90e..f2978f8 100644
+ Value* arg = state.ctx.mem.allocValue(); + Value* arg = state.ctx.mem.allocValue();
+ arg->mkAttrs(attrs); + arg->mkAttrs(attrs);
v.mkApp(fun, arg); v.mkApp(fun, arg);
state.forceValue(v, pos); - state.forceValue(v, pos);
- } catch (FileNotFound &) { - } catch (FileNotFound &) {
+ state.forceValue(v, noPos);
+ } catch (SysError &) { + } catch (SysError &) {
v.mkNull(); v.mkNull();
} }
@ -190,5 +195,5 @@ index 459fea8..0000000
-#define NIX_CFLAGS_OTHER "@NIX_CFLAGS_OTHER@" -#define NIX_CFLAGS_OTHER "@NIX_CFLAGS_OTHER@"
-#define BOOST_INCLUDE_DIR "@BOOST_INCLUDE_DIR@" -#define BOOST_INCLUDE_DIR "@BOOST_INCLUDE_DIR@"
-- --
2.47.2 2.49.0

2
pkgs/lix/lix-plugins/default.nix
View File

@ -7,6 +7,7 @@
pkg-config, pkg-config,
lix, lix,
capnproto,
boost182, boost182,
}: stdenv.mkDerivation { }: stdenv.mkDerivation {
name = "lix-plugins"; name = "lix-plugins";
@ -30,6 +31,7 @@
buildInputs = [ buildInputs = [
lix lix
boost182 boost182
capnproto
]; ];
meta = { meta = {

12
pkgs/ocaml/patdiff-bin/default.nix Normal file
View File

@ -0,0 +1,12 @@
{
runCommand,
patdiff,
}: runCommand "patdiff-bin-${patdiff.version}" {
nativeBuildInputs = [];
strictDeps = true;
meta.mainProgram = "patdiff";
} ''
mkdir -p $out
cp -r ${patdiff}/bin $out
cp -r ${patdiff}/share $out
''

3
pkgs/ocaml/ppx_unicode/default.nix
View File

@ -1,4 +1,5 @@
{ {
lib,
fetchgit, fetchgit,
buildDunePackage, buildDunePackage,
@ -24,7 +25,7 @@ buildDunePackage rec {
meta = { meta = {
description = "opinionated ppx for string literals"; description = "opinionated ppx for string literals";
homepage = "https://git.lain.faith/haskal/ppx_unicode"; homepage = "https://git.lain.faith/haskal/ppx_unicode";
license = lib.licenses.cc-by-nc-sa-40; license = lib.licenses.fyptl;
maintainers = []; maintainers = [];
platforms = with lib.platforms; linux ++ darwin; platforms = with lib.platforms; linux ++ darwin;
}; };

1
pkgs/ocaml/xlog/default.nix
View File

@ -1,4 +1,5 @@
{ {
lib,
fetchgit, fetchgit,
buildDunePackage, buildDunePackage,

75
pkgs/reverse-engineering/binsync/binsync.nix Normal file
View File

@ -0,0 +1,75 @@
{
lib,
fetchFromGitHub,
buildPythonPackage,
setuptools,
libbs,
filelock,
gitpython,
prompt-toolkit,
pycparser,
sortedcontainers,
toml,
tqdm,
ply,
wordfreq,
pyside6,
pytestCheckHook,
pytest-qt,
}: buildPythonPackage rec {
pname = "binsync";
version = "5.7.10+dev";
pyproject = true;
src = fetchFromGitHub {
owner = "binsync";
repo = "binsync";
rev = "e67da5ab9cddc2743f7462c9543ba7100e25eeb5";
hash = "sha256-QDOfbo2yjfjLsLILMhl/ckKwXDusXfE8+YmFpW5djN0=";
};
build-system = [ setuptools ];
dependencies = [
libbs
filelock
gitpython
prompt-toolkit
pycparser
sortedcontainers
toml
tqdm
ply
wordfreq
];
optional-dependencies = {
ghidra = [ pyside6 ];
};
nativeCheckInputs = [
pytestCheckHook
pytest-qt
pyside6
];
disabledTestPaths = [
# Test tries to import angrmanagement
"tests/test_angr_gui.py"
];
pythonImportsCheck = [ "binsync" ];
meta = {
description = "Reversing plugin for cross-decompiler collaboration, built on git";
homepage = "https://github.com/binsync/binsync";
changelog = "https://github.com/binsync/binsync/releases/tag/${src.tag}";
license = lib.licenses.bsd2;
};
}

77
pkgs/reverse-engineering/binsync/libbs.nix Normal file
View File

@ -0,0 +1,77 @@
{
lib,
fetchFromGitHub,
buildPythonPackage,
setuptools,
filelock,
ghidra-bridge,
jfx-bridge,
networkx,
platformdirs,
prompt-toolkit,
psutil,
pycparser,
pyhidra,
toml,
tqdm,
ply,
pytestCheckHook,
writableTmpDirAsHomeHook,
}: buildPythonPackage rec {
pname = "libbs";
version = "2.16.4+dev";
pyproject = true;
src = fetchFromGitHub {
owner = "binsync";
repo = "libbs";
rev = "0ce5c351cc81c1a0120f763aeba584fdb9dc2820";
hash = "sha256-if27Tg5S0Esrw9xHi6nr+kDIw4OTz7yZ2256/4Kbkeo=";
};
build-system = [ setuptools ];
dependencies = [
filelock
ghidra-bridge
jfx-bridge
networkx
platformdirs
prompt-toolkit
psutil
pycparser
pyhidra
toml
tqdm
ply
];
nativeCheckInputs = [
pytestCheckHook
writableTmpDirAsHomeHook
];
pythonImportsCheck = [ "libbs" ];
disabledTests = [
"test_change_watcher_plugin_cli"
"test_ghidra_artifact_watchers"
"TestHeadlessInterfaces"
];
disabledTestPaths = [
"tests/test_decompilers.py"
"tests/test_remote_ghidra.py"
];
meta = {
description = "Library for writing plugins in any decompiler: includes API lifting, common data formatting, and GUI abstraction";
homepage = "https://github.com/binsync/libbs";
changelog = "https://github.com/binsync/libbs/releases/tag/${src.tag}";
license = lib.licenses.bsd2;
};
}

0
pkgs/ghidra-xenia-v2/0001-Use-protobuf-gradle-plugin.patch → pkgs/reverse-engineering/ghidra/0001-Use-protobuf-gradle-plugin.patch
View File

0
pkgs/ghidra-xenia-v2/0002-Load-nix-extensions.patch → pkgs/reverse-engineering/ghidra/0002-Load-nix-extensions.patch
View File

0
pkgs/ghidra-xenia-v2/0003-Remove-build-datestamp.patch → pkgs/reverse-engineering/ghidra/0003-Remove-build-datestamp.patch
View File

4
pkgs/ghidra-xenia-v2/build-extension.nix → pkgs/reverse-engineering/ghidra/build-extension.nix
View File

@ -49,7 +49,7 @@ let
__darwinAllowLocalNetworking = true; __darwinAllowLocalNetworking = true;
gradleBuildTask = args.gradleBuildTask or "buildExtension"; gradleBuildTask = args.gradleBuildTask or "buildExtension";
gradleFlags = args.gradleFlags or [ ] ++ [ "-PGHIDRA_INSTALL_DIR=${ghidra}/lib/ghidra" ]; gradleFlags = args.gradleFlags or [ ] ++ [ "-PGHIDRA_INSTALL_DIR=${ghidra.lib}/lib/ghidra" ];
installPhase = installPhase =
args.installPhase or '' args.installPhase or ''
@ -82,7 +82,7 @@ let
cp -r . $GHIDRA_HOME/ghidra_scripts cp -r . $GHIDRA_HOME/ghidra_scripts
touch $GHIDRA_HOME/Module.manifest touch $GHIDRA_HOME/Module.manifest
cat <<'EOF' > extension.properties cat <<'EOF' > $GHIDRA_HOME/extension.properties
name=${pname} name=${pname}
description=${meta.description or ""} description=${meta.description or ""}
author= author=

21
pkgs/ghidra-xenia-v2/build.nix → pkgs/reverse-engineering/ghidra/build.nix
View File

@ -251,6 +251,23 @@ stdenv.mkDerivation (finalAttrs: {
; ;
withExtensions = callPackage ./with-extensions.nix { ghidra = finalAttrs.finalPackage; }; withExtensions = callPackage ./with-extensions.nix { ghidra = finalAttrs.finalPackage; };
pythonPackages = rec {
ghidratrace = python3Packages.callPackage ./python/ghidratrace.nix {
ghidra = finalAttrs.finalPackage;
};
ghidragdb = python3Packages.callPackage ./python/ghidragdb.nix {
ghidra = finalAttrs.finalPackage;
inherit ghidratrace;
};
ghidralldb = python3Packages.callPackage ./python/ghidralldb.nix {
ghidra = finalAttrs.finalPackage;
inherit ghidratrace;
};
pyghidra = python3Packages.callPackage ./python/pyghidra.nix {
ghidra = finalAttrs.finalPackage;
};
};
}; };
meta = with lib; { meta = with lib; {
@ -269,10 +286,6 @@ stdenv.mkDerivation (finalAttrs: {
binaryBytecode # deps binaryBytecode # deps
]; ];
license = licenses.asl20; license = licenses.asl20;
maintainers = with maintainers; [
roblabla
vringar
];
broken = stdenv.hostPlatform.isDarwin && stdenv.hostPlatform.isx86_64; broken = stdenv.hostPlatform.isDarwin && stdenv.hostPlatform.isx86_64;
}; };
}) })

0
pkgs/ghidra-xenia-v2/deps.json → pkgs/reverse-engineering/ghidra/deps.json
View File

6
pkgs/ghidra-xenia-v2/extensions.nix → pkgs/reverse-engineering/ghidra/extensions.nix
View File

@ -11,11 +11,11 @@ lib.makeScope newScope (self: {
buildGhidraScripts buildGhidraScripts
; ;
binsync = self.callPackage ./extensions/binsync {};
findcrypt = self.callPackage ./extensions/findcrypt { }; findcrypt = self.callPackage ./extensions/findcrypt { };
ghidra-delinker-extension = self.callPackage ./extensions/ghidra-delinker-extension { ghidra-delinker-extension = self.callPackage ./extensions/ghidra-delinker-extension { };
inherit ghidra;
};
ghidra-golanganalyzerextension = self.callPackage ./extensions/ghidra-golanganalyzerextension { }; ghidra-golanganalyzerextension = self.callPackage ./extensions/ghidra-golanganalyzerextension { };

46
pkgs/reverse-engineering/ghidra/extensions/binsync/default.nix Normal file
View File

@ -0,0 +1,46 @@
{
lib,
fetchFromGitHub,
buildGhidraScripts,
runCommand,
rsync,
python311,
}: let
python = python311;
libbs_path = "${python.pkgs.libbs}/${python.sitePackages}";
binsync_path = "${python.pkgs.binsync}/${python.sitePackages}";
binsync_env = python.withPackages (ps: with ps; ([
binsync
] ++ binsync.optional-dependencies.ghidra));
in buildGhidraScripts {
pname = "BinSync";
inherit (python.pkgs.binsync) version;
src = runCommand "binsync-ghidra-scripts" {
nativeBuildInputs = [ rsync ];
strictDeps = true;
} ''
mkdir -p $out
rsync -r \
--exclude='__pycache__' \
--exclude='/__init__.py' \
${libbs_path}/libbs/decompiler_stubs/ghidra_libbs/. $out/.
cp ${binsync_path}/binsync/binsync_plugin.py $out
'';
postPatch = ''
substituteInPlace binsync_plugin.py \
--replace-fail 'plugin_command = "binsync -s ghidra"' \
'plugin_command = "${lib.getExe' binsync_env "binsync"} -s ghidra"'
'';
meta = {
description = "Reversing plugin for cross-decompiler collaboration, built on git";
homepage = "https://github.com/binsync/binsync";
license = lib.licenses.bsd2;
};
}

0
pkgs/ghidra-xenia-v2/extensions/findcrypt/default.nix → pkgs/reverse-engineering/ghidra/extensions/findcrypt/default.nix
View File

4
pkgs/ghidra-xenia-v2/extensions/ghidra-delinker-extension/default.nix → pkgs/reverse-engineering/ghidra/extensions/ghidra-delinker-extension/default.nix
View File

@ -1,12 +1,12 @@
{ {
lib, lib,
ghidra, buildGhidraExtension,
gradle, gradle,
fetchFromGitHub, fetchFromGitHub,
}: }:
let let
version = "0.5.1"; version = "0.5.1";
self = ghidra.buildGhidraExtension { self = buildGhidraExtension {
pname = "ghidra-delinker-extension"; pname = "ghidra-delinker-extension";
inherit version; inherit version;

0
pkgs/ghidra-xenia-v2/extensions/ghidra-delinker-extension/deps.json → pkgs/reverse-engineering/ghidra/extensions/ghidra-delinker-extension/deps.json
View File

0
pkgs/ghidra-xenia-v2/extensions/ghidra-golanganalyzerextension/default.nix → pkgs/reverse-engineering/ghidra/extensions/ghidra-golanganalyzerextension/default.nix
View File

0
pkgs/ghidra-xenia-v2/extensions/ghidraninja-ghidra-scripts/default.nix → pkgs/reverse-engineering/ghidra/extensions/ghidraninja-ghidra-scripts/default.nix
View File

2
pkgs/ghidra-xenia-v2/extensions/gnudisassembler/default.nix → pkgs/reverse-engineering/ghidra/extensions/gnudisassembler/default.nix
View File

@ -25,7 +25,7 @@ buildGhidraExtension {
pname = "gnudisassembler"; pname = "gnudisassembler";
version = lib.getVersion ghidra; version = lib.getVersion ghidra;
src = "${ghidra}/lib/ghidra/Extensions/Ghidra/${ghidra.distroPrefix}_GnuDisassembler.zip"; src = "${ghidra.lib}/lib/ghidra/Extensions/Ghidra/${ghidra.distroPrefix}_GnuDisassembler.zip";
postPatch = '' postPatch = ''
ln -s ${binutils-src} binutils-${binutils-version}.tar.bz2 ln -s ${binutils-src} binutils-${binutils-version}.tar.bz2

13
pkgs/ghidra-xenia-v2/extensions/kaiju/default.nix → pkgs/reverse-engineering/ghidra/extensions/kaiju/default.nix
View File

@ -43,9 +43,18 @@ let
# https://github.com/CERTCC/kaiju/blob/c9dbb55484b3d2a6abd9dfca2197cd00fb7ee3c1/build.gradle#L189 # https://github.com/CERTCC/kaiju/blob/c9dbb55484b3d2a6abd9dfca2197cd00fb7ee3c1/build.gradle#L189
preBuild = '' preBuild = ''
mkdir -p build/cmake/z3/java-bindings mkdir -p build/cmake/z3/java-bindings
ln -s ${lib.getOutput "lib" z3_lib}/lib/com.microsoft.z3.jar build/cmake/z3/java-bindings ln -s ${lib.getOutput "java" z3_lib}/share/java/com.microsoft.z3.jar build/cmake/z3/java-bindings
mkdir -p os/${ghidraPlatformName} mkdir -p os/${ghidraPlatformName}
cp ${lib.getOutput "lib" z3_lib}/lib/* os/${ghidraPlatformName} cp ${lib.getOutput "java" z3_lib}/lib/* os/${ghidraPlatformName}
'';
postInstall = ''
kaiju_path=$out/lib/ghidra/Ghidra/Extensions/kaiju
rm $kaiju_path/os/linux_x86_64/*.so
rm $kaiju_path/lib/com.microsoft.z3.jar
ln -s ${lib.getOutput "java" z3_lib}/share/java/com.microsoft.z3.jar $kaiju_path/lib
ln -s ${lib.getOutput "java" z3_lib}/lib/libz3java.so $kaiju_path/os/linux_x86_64
ln -s ${lib.getOutput "lib" z3_lib}/lib/libz3.so $kaiju_path/os/linux_x86_64
''; '';
gradleFlags = [ "-PKAIJU_SKIP_Z3_BUILD=true" ]; gradleFlags = [ "-PKAIJU_SKIP_Z3_BUILD=true" ];

0
pkgs/ghidra-xenia-v2/extensions/kaiju/deps.json → pkgs/reverse-engineering/ghidra/extensions/kaiju/deps.json
View File

0
pkgs/ghidra-xenia-v2/extensions/lightkeeper/default.nix → pkgs/reverse-engineering/ghidra/extensions/lightkeeper/default.nix
View File

2
pkgs/ghidra-xenia-v2/extensions/machinelearning/default.nix → pkgs/reverse-engineering/ghidra/extensions/machinelearning/default.nix
View File

@ -8,7 +8,7 @@ buildGhidraExtension {
pname = "machinelearning"; pname = "machinelearning";
version = lib.getVersion ghidra; version = lib.getVersion ghidra;
src = "${ghidra}/lib/ghidra/Extensions/Ghidra/${ghidra.distroPrefix}_MachineLearning.zip"; src = "${ghidra.lib}/lib/ghidra/Extensions/Ghidra/${ghidra.distroPrefix}_MachineLearning.zip";
dontUnpack = true; dontUnpack = true;
# Built as part ghidra # Built as part ghidra

0
pkgs/ghidra-xenia-v2/extensions/ret-sync/default.nix → pkgs/reverse-engineering/ghidra/extensions/ret-sync/default.nix
View File

2
pkgs/ghidra-xenia-v2/extensions/sleighdevtools/default.nix → pkgs/reverse-engineering/ghidra/extensions/sleighdevtools/default.nix
View File

@ -9,7 +9,7 @@ buildGhidraExtension {
pname = "sleighdevtools"; pname = "sleighdevtools";
version = lib.getVersion ghidra; version = lib.getVersion ghidra;
src = "${ghidra}/lib/ghidra/Extensions/Ghidra/${ghidra.distroPrefix}_SleighDevTools.zip"; src = "${ghidra.lib}/lib/ghidra/Extensions/Ghidra/${ghidra.distroPrefix}_SleighDevTools.zip";
dontUnpack = true; dontUnpack = true;
# Built as part ghidra # Built as part ghidra

2
pkgs/ghidra-xenia-v2/extensions/wasm/default.nix → pkgs/reverse-engineering/ghidra/extensions/wasm/default.nix
View File

@ -26,7 +26,7 @@ buildGhidraExtension {
# this doesn't really compile, it compresses sinc into sla # this doesn't really compile, it compresses sinc into sla
pushd data pushd data
ant -f build.xml -Dghidra.install.dir=${ghidra}/lib/ghidra sleighCompile ant -f build.xml -Dghidra.install.dir=${ghidra.lib}/lib/ghidra sleighCompile
popd popd
runHook postConfigure runHook postConfigure

40
pkgs/reverse-engineering/ghidra/python/ghidragdb.nix Normal file
View File

@ -0,0 +1,40 @@
{
lib,
python,
buildPythonPackage,
ghidra,
setuptools,
psutil,
ghidratrace,
}: buildPythonPackage {
pname = "ghidragdb";
version = "11.3";
pyproject = true;
src = "${ghidra.lib}/lib/ghidra/Ghidra/Debug/Debugger-agent-gdb/pypkg";
postPatch = ''
rm -rf dist
'';
build-system = [
setuptools
];
dependencies = [
ghidratrace
psutil
];
# can't import because gdb is missing
# pythonImportsCheck = [
# "ghidragdb"
# ];
meta = (lib.removeAttrs ghidra.meta ["description" "mainProgram"]) // {
description = "Ghidra's Plugin for gdb";
};
}

40
pkgs/reverse-engineering/ghidra/python/ghidralldb.nix Normal file
View File

@ -0,0 +1,40 @@
{
lib,
python,
buildPythonPackage,
ghidra,
setuptools,
psutil,
ghidratrace,
}: buildPythonPackage {
pname = "ghidralldb";
version = "11.3";
pyproject = true;
src = "${ghidra.lib}/lib/ghidra/Ghidra/Debug/Debugger-agent-lldb/pypkg";
postPatch = ''
rm -rf dist
'';
build-system = [
setuptools
];
dependencies = [
ghidratrace
psutil
];
# can't import because lldb is missing
# pythonImportsCheck = [
# "ghidralldb"
# ];
meta = (lib.removeAttrs ghidra.meta ["description" "mainProgram"]) // {
description = "Ghidra's Plugin for lldb";
};
}

46
pkgs/reverse-engineering/ghidra/python/ghidratrace.nix Normal file
View File

@ -0,0 +1,46 @@
{
lib,
python,
buildPythonPackage,
pythonRelaxDepsHook,
ghidra,
setuptools,
protobuf,
}: buildPythonPackage {
pname = "ghidratrace";
version = "11.3";
pyproject = true;
src = "${ghidra.lib}/lib/ghidra/Ghidra/Debug/Debugger-rmi-trace/pypkg";
postPatch = ''
rm -rf dist
'';
build-system = [
setuptools
];
dependencies = [
protobuf
];
nativeBuildInputs = [
pythonRelaxDepsHook
];
pythonRelaxDeps = [
"protobuf"
];
pythonImportsCheck = [
"ghidratrace"
];
meta = (lib.removeAttrs ghidra.meta ["description" "mainProgram"]) // {
description = "Ghidra's TraceRmi for Python3";
};
}

43
pkgs/reverse-engineering/ghidra/python/pyghidra.nix Normal file
View File

@ -0,0 +1,43 @@
{
lib,
python,
buildPythonPackage,
ghidra,
setuptools,
jpype1,
}: buildPythonPackage {
pname = "pyghidra";
version = "2.1.0";
pyproject = true;
src = "${ghidra.lib}/lib/ghidra/Ghidra/Features/PyGhidra/pypkg";
# TODO: make a more involved wrapper or patch this package to change the launch system
# TODO: support launching a ghidra-with-extensions package
makeWrapperArgs = [
"--set" "GHIDRA_INSTALL_DIR" "${ghidra.lib}/lib/ghidra"
];
postPatch = ''
rm -rf dist
'';
build-system = [
setuptools
];
dependencies = [
jpype1
];
pythonImportsCheck = [
"pyghidra"
];
meta = (lib.removeAttrs ghidra.meta ["description" "mainProgram"]) // {
description = "Native CPython for Ghidra";
};
}

0
pkgs/ghidra-xenia-v2/with-extensions.nix → pkgs/reverse-engineering/ghidra/with-extensions.nix
View File

184
pkgs/reverse-engineering/idapro9/default.nix Normal file
View File

@ -0,0 +1,184 @@
{
lib,
stdenv,
fetchurl,
autoPatchelfHook,
copyDesktopItems,
python311,
qt6,
cairo,
dbus,
fontconfig,
freetype,
glib,
gtk3,
libdrm,
libGL,
libkrb5,
libsecret,
libunwind,
libxkbcommon,
openssl,
gcc,
clang,
xorg,
zlib,
curl,
gnutar,
makeDesktopItem,
makeBinaryWrapper,
runCommand,
_errorMessage ? builtins.throw ''
No source and/or version for package `idapro` was provided.
Please provide a source file and version number using, for example:
pkgs.idapro.override {
idaSource = pkgs.requireFile rec {
name = "my-idapro-source.tar.xz";
hash = "sha256-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=";
message = '''
Please run `nix store add-file ''${name}`
The value of `nix hash file ''${name}` should be ''${hash}
''';
};
idaVersion = "9.x.y";
}
The source file must be a tarball with a single directory inside containing the IDA Pro
installation. This will be extracted and patched to be able to run on NixOS.
Version 9.2 is currently supported by this derivation.
'',
# the IDA Pro tarball to extract, patch and repackage
# the reason i'm not providing an exact requireFile spec is that people's IDA Pro tarballs
# may vary, and this derivation nominally allows packaging many different versions of IDA Pro
# (though it's actually just 9.2 for now)
idaSource ? _errorMessage,
# the version of IDA pro being built
idaVersion ? _errorMessage,
# the python version to use for idapython
pythonPackage ? python311,
# additional python packages to make available to idapython
pythonDeps ? [],
# dirs to prepend to IDAUSR
plugins ? [],
}: let
defaultPythonDeps = ps: with ps; [
rpyc
];
pythonEnv =
pythonPackage.withPackages
(ps: (defaultPythonDeps ps) ++ pythonDeps);
in stdenv.mkDerivation (self: {
pname = "idapro";
version = idaVersion;
src = idaSource;
nativeBuildInputs = [
autoPatchelfHook
copyDesktopItems
makeBinaryWrapper
];
# Add everything to the RPATH, in case IDA decides to dlopen things.
runtimeDependencies = [
cairo
dbus
fontconfig
freetype
glib
gtk3
libdrm
libGL
libkrb5
libsecret
libunwind
libxkbcommon
openssl.out
(if stdenv.cc.isGNU then gcc else clang).cc
xorg.libICE
xorg.libSM
xorg.libX11
xorg.libXau
xorg.libxcb
xorg.libXext
xorg.libXi
xorg.libXrender
xorg.xcbutilimage
xorg.xcbutilkeysyms
xorg.xcbutilrenderutil
xorg.xcbutilwm
zlib
curl.out
qt6.qtwayland
pythonEnv
];
buildInputs = self.runtimeDependencies;
qtWrapperArgs = [];
installPhase = ''
runHook preInstall
mkdir -p $out/opt $out/lib $out/bin
cp -a * $out/opt
# Link the exported libraries to the output.
for lib in $out/opt/libida*; do
ln -s $lib $out/lib/$(basename $lib)
done
ln -s $out/opt/ida $out/bin/ida
mkdir -p $out/share/icons/hicolor/128x128/apps
cp $out/opt/appico.png $out/share/icons/hicolor/128x128/apps/idapro.png
runHook postInstall
'';
preFixup = ''
# Some libraries come with the installer.
addAutoPatchelfSearchPath $out/opt
# Manually patch libraries that dlopen stuff.
patchelf --add-needed libpython${pythonEnv.pythonVersion}.so $out/lib/libida.so
patchelf --add-needed libpython${pythonEnv.pythonVersion}.so $out/opt/plugins/idapython3.so
patchelf --add-needed libcrypto.so $out/lib/libida.so
patchelf --add-needed libcrypto.so $out/opt/plugins/idapython3.so
wrapProgram "$out/opt/ida" \
--prefix PYTHONPATH : $out/opt/idalib/python \
--prefix PATH : ${pythonEnv}/bin \
--suffix IDAUSR : "${lib.makeSearchPath "" plugins}"
'';
dontWrapQtApps = true;
desktopItem = makeDesktopItem {
name = "ida-pro";
exec = "ida";
icon = "idapro";
comment = self.meta.description;
desktopName = "IDA Pro";
genericName = "Interactive Disassembler";
categories = [ "Development" ];
startupWMClass = "IDA";
};
desktopItems = [ self.desktopItem ];
passthru = {
inherit pythonEnv;
};
meta = with lib; {
description = "A powerful disassembler, decompiler and a versatile debugger.";
homepage = "https://hex-rays.com/ida-pro";
mainProgram = "ida";
platforms = [ "x86_64-linux" ];
sourceProvenance = with sourceTypes; [ binaryNativeCode ];
license = lib.licenses.unfree;
};
})

2
pkgs/rust/zbasefind/default.nix
View File

@ -12,7 +12,7 @@ rustPlatform.buildRustPackage rec {
hash = "sha256-orvXNhM1WKlJ6j5Nuap0kZarydcujoEmF+OrdX7iFmA="; hash = "sha256-orvXNhM1WKlJ6j5Nuap0kZarydcujoEmF+OrdX7iFmA=";
}; };
cargoHash = "sha256-7/SP+drJWg2c4bsd3d4ge8E9BJZykbWfjgC2lSJhqas="; cargoHash = "sha256-m8lXHfj6W/qltK+WrT0rE0gDNvvhghcXkeiX3Slx9X8=";
meta = { meta = {
description = "A firmware base address search tool"; description = "A firmware base address search tool";

39
pkgs/temp/depotdownloader/default.nix Normal file
View File

@ -0,0 +1,39 @@
{
lib,
buildDotnetModule,
fetchFromGitHub,
dotnetCorePackages,
}:
buildDotnetModule rec {
pname = "depotdownloader";
version = "3.4.0";
src = fetchFromGitHub {
owner = "SteamRE";
repo = "DepotDownloader";
rev = "DepotDownloader_${version}";
hash = "sha256-zduNWIQi+ItNSh9RfRfY0giIw/tMQIMRh9woUzQ5pJw=";
};
projectFile = "DepotDownloader.sln";
nugetDeps = ./deps.json;
dotnet-sdk = dotnetCorePackages.sdk_9_0;
dotnet-runtime = dotnetCorePackages.runtime_9_0;
passthru.updateScript = ./update.sh;
meta = {
description = "Steam depot downloader utilizing the SteamKit2 library";
changelog = "https://github.com/SteamRE/DepotDownloader/releases/tag/DepotDownloader_${version}";
license = lib.licenses.gpl2Only;
maintainers = [ lib.maintainers.babbaj ];
platforms = [
"x86_64-linux"
"aarch64-linux"
"x86_64-darwin"
"aarch64-darwin"
];
mainProgram = "DepotDownloader";
};
}

72
pkgs/temp/depotdownloader/deps.json Normal file
View File

@ -0,0 +1,72 @@
[
{
"pname": "Microsoft.NETCore.Platforms",
"version": "5.0.0",
"hash": "sha256-LIcg1StDcQLPOABp4JRXIs837d7z0ia6+++3SF3jl1c="
},
{
"pname": "Microsoft.Win32.Registry",
"version": "5.0.0",
"hash": "sha256-9kylPGfKZc58yFqNKa77stomcoNnMeERXozWJzDcUIA="
},
{
"pname": "Microsoft.Windows.CsWin32",
"version": "0.3.183",
"hash": "sha256-bn0rHYoVLRTqiZqkkp6u3PMKtg0NNxA2F++1e/+3Jhw="
},
{
"pname": "Microsoft.Windows.SDK.Win32Docs",
"version": "0.1.42-alpha",
"hash": "sha256-6DvzmNzrGVfWmNJNqooj+Ya+7bAQlyeg7pmyKaUlIws="
},
{
"pname": "Microsoft.Windows.SDK.Win32Metadata",
"version": "61.0.15-preview",
"hash": "sha256-OB60ThIv8e7AMGaRRzJ8dWme5HjN+Q0HoUDquP2ejTg="
},
{
"pname": "Microsoft.Windows.WDK.Win32Metadata",
"version": "0.12.8-experimental",
"hash": "sha256-YaN6JlgnpIooLYu3NdFVHwoqFwZYTeePtekXCfTiLTo="
},
{
"pname": "protobuf-net",
"version": "3.2.52",
"hash": "sha256-phXeroBt5KbHYkApkkMa0mRCVkDY+dtOOXXNY+i50Ek="
},
{
"pname": "protobuf-net.Core",
"version": "3.2.52",
"hash": "sha256-/9Jj26tuSKeYJb9udwew5i5EVvaoeNu/vBCKS0VhSQQ="
},
{
"pname": "QRCoder",
"version": "1.6.0",
"hash": "sha256-2Ev/6d7PH6K4dVYQQHlZ+ZggkCnDtrlaGygs65mDo28="
},
{
"pname": "SteamKit2",
"version": "3.2.0",
"hash": "sha256-hB/36fP9kf+1mIx+hTELUMHe8ZkmSKxOK41ZzOaBa3E="
},
{
"pname": "System.IO.Hashing",
"version": "9.0.4",
"hash": "sha256-rbcQzEncB3VuUZIcsE1tq30suf5rvRE4HkE+0lR/skU="
},
{
"pname": "System.Security.AccessControl",
"version": "5.0.0",
"hash": "sha256-ueSG+Yn82evxyGBnE49N4D+ngODDXgornlBtQ3Omw54="
},
{
"pname": "System.Security.Principal.Windows",
"version": "5.0.0",
"hash": "sha256-CBOQwl9veFkrKK2oU8JFFEiKIh/p+aJO+q9Tc2Q/89Y="
},
{
"pname": "ZstdSharp.Port",
"version": "0.8.5",
"hash": "sha256-+UQFeU64md0LlSf9nMXif6hHnfYEKm+WRyYd0Vo2QvI="
}
]

94
pkgs/tex/moloch/default.nix Normal file
View File

@ -0,0 +1,94 @@
{
fetchFromGitea,
writeShellScript,
writableTmpDirAsHomeHook,
stdenvNoCC,
texlivePackages,
texliveBasic,
}:
let
texEnv = texliveBasic.withPackages (ps: with ps; [
# l3build
beamer
biblatex
enumitem
fileinfo
hypdoc
hyperref
listings
metalogo
parskip
pgf
pgfopts
setspace
xurl
microtype
latexmk
]);
in stdenvNoCC.mkDerivation rec {
pname = "moloch";
version = "1.0.2-DEV-xenia";
outputs = [
"tex"
"texdoc"
];
passthru.tlDeps = with texlivePackages; [ latex ];
src = fetchFromGitea {
domain = "git.lain.faith";
owner = "haskal";
repo = "${pname}-dragon";
rev = "v${version}";
hash = "sha256-eMlhJj4a2HTDhDzkS9KR+d76lt81iH7x//WZOA39tno=";
};
dontConfigure = true;
nativeBuildInputs = [
texEnv
# multiple-outputs.sh fails if $out is not defined
(writeShellScript "force-tex-output.sh" ''
out="''${tex-}"
'')
writableTmpDirAsHomeHook # Need a writable $HOME for latexmk
];
# we just build manually, but moloch's own method of building is using l3build
# i have no idea how to get that working, so for now just do it normal style
buildPhase = ''
runHook preBuild
# Generate the style files
cd src
latex beamertheme${pname}.ins
# Generate the documentation
cp ../doc/${pname}.tex .
latexmk -pdf ${pname}.tex
cd ..
runHook postBuild
'';
installPhase = ''
runHook preInstall
path="$tex/tex/latex/${pname}"
mkdir -p "$path"
cp src/*.{cls,def,clo,sty} "$path/"
path="$texdoc/doc/tex/latex/${pname}"
mkdir -p "$path"
cp src/${pname}.pdf "$path/"
runHook postInstall
'';
}

1
templates/beamer/.envrc Normal file
View File

@ -0,0 +1 @@
use flake

16
templates/beamer/.gitignore vendored Normal file
View File

@ -0,0 +1,16 @@
/my-beamer-presentation.pdf
*.aux
*.fdb_latexmk
*.fls
*.log
*.nav
*.out
*.snm
*.synctex.gz
*.toc
result
result-tex
.direnv

46
templates/beamer/flake.nix Normal file
View File

@ -0,0 +1,46 @@
{
description = "A very basic presentation with Beamer";
outputs = { self, dragnpkgs } @ inputs: dragnpkgs.lib.mkFlake {
# Define a texlive environment to use
packages.texlive-custom = { texliveMedium, texliveDragonPackages }:
texliveMedium.withPackages (ps: with ps; [
fontawesome5
texliveDragonPackages.moloch
]);
# Package definition for building the PDF
packages.default = { system, stdenvNoCC }: stdenvNoCC.mkDerivation rec {
pname = "my-beamer-presentation";
name = "${pname}.pdf";
nativeBuildInputs = [
self.packages.${system}.texlive-custom
];
src = self;
buildPhase = ''
latexmk -pdf ${pname}.tex
'';
installPhase = ''
cp ${pname}.pdf $out
'';
};
# Runnable package (ie `nix run`) to start the presentation
apps.default = { lib, system, writeShellScript, pympress }: {
type = "app";
program = "${writeShellScript "start-presentation" ''
exec ${lib.getExe pympress} ${self.packages.${system}.default}
''}";
};
# Devshell definition to expose the texlive environment to eg nvim
devShells.default = { mkShell, system }: mkShell {
packages = [ self.packages.${system}.texlive-custom ];
};
};
}

93
templates/beamer/my-beamer-presentation.tex Normal file
View File

@ -0,0 +1,93 @@
\documentclass[aspectratio=169]{beamer}
\usepackage[english]{babel}
\usepackage{fontawesome5}
\usepackage{tikz}
\usetikzlibrary{arrows,calc,fit,positioning}
\usetheme{moloch}
\usefonttheme[onlymath]{serif}
% this can be commented out to produce a slide deck with no notes
\setbeameroption{show notes}
% useful tikz styles from previous slide decks
\tikzset{%
icon/.value required,
icon/.style={%
node contents={\faIcon{#1}},
icon size=normal,
},
icon size/.is choice,
icon size/.default=normal,
icon size/normal/.style={%
font={\fontsize{20.74}{20.74}\selectfont}
},
icon size/small/.style={%
font={\fontsize{12}{12}\selectfont}
},
rounded box/.style={%
inner sep=0.3em,
draw,
rounded corners,
line width=0.1em
},
sequence diagram/.style={%
font=\small,
line width=1pt,
sequence/.style={%
every to/.style={%
to path={(\tikztostart) -- (\tikztostart -| \tikztotarget) \tikztonodes} % chktex 1 chktex 8
},
->/.style={-stealth,every node/.style={above}},
<-/.style={stealth-,every node/.style={below}},
},
note/.style={%
color=example text.fg,
},
},
}
\title{My Beamer Presentation}
\subtitle{(From the template)}
\author{You}
\institute{Institute of Swag Nix Templates}
\date{Now}
\begin{document}
\maketitle
\section{My Section}
\subsection{My Subsection}
\begin{frame}
\frametitle{Some Slide Title}
Sample text
\end{frame}
\begin{frame}
\frametitle{Some Other Slide Title}
Sample text 2
\end{frame}
\appendix
\begin{frame}[standout]
Backup Slides
\end{frame}
\begin{frame}
\frametitle{Backup slide 1}
Some backup slide content
\end{frame}
\end{document}