targetTarget might be missing when native build

flake.lock

@@ -2,16 +2,16 @@
   "nodes": {
     "nixpkgs": {
       "locked": {
-        "lastModified": 1767634882,
+        "lastModified": 1752436162,
-        "narHash": "sha256-2GffSfQxe3sedHzK+sTKlYo/NTIAGzbFCIsNMUPAAnk=",
+        "narHash": "sha256-Kt1UIPi7kZqkSc5HVj6UY5YLHHEzPBkgpNUByuyxtlw=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "3c9db02515ef1d9b6b709fc60ba9a540957f661c",
+        "rev": "dfcd5b901dbab46c9c6e80b265648481aafb01f8",
         "type": "github"
       },
       "original": {
         "owner": "NixOS",
-        "ref": "nixos-25.11",
+        "ref": "nixos-25.05",
         "repo": "nixpkgs",
         "type": "github"
       }

flake.nix

@@ -1,6 +1,6 @@
 {
   inputs = {
-    nixpkgs.url = "github:NixOS/nixpkgs/nixos-25.11";
+    nixpkgs.url = "github:NixOS/nixpkgs/nixos-25.05";
   };
 
   outputs = { self, nixpkgs, ... }:

m/bay/configuration.nix

@@ -24,7 +24,7 @@
       address = "10.0.40.40";
       prefixLength = 24;
     } ];
-    interfaces.ibs785.ipv4.addresses = [ {
+    interfaces.ibp5s0.ipv4.addresses = [ {
       address = "10.0.42.40";
       prefixLength = 24;
     } ];

m/common/base/env.nix

@@ -1,37 +1,12 @@
-{ pkgs, ... }:
+{ pkgs, config, ... }:
 
 {
   environment.systemPackages = with pkgs; [
-    cmake
+    vim wget git htop tmux pciutils tcpdump ripgrep nix-index nixos-option
-    ethtool
+    nix-diff ipmitool freeipmi ethtool lm_sensors cmake gnumake file tree
-    file
+    ncdu config.boot.kernelPackages.perf ldns pv
-    freeipmi
-    git
-    gnumake
-    home-manager
-    htop
-    ipmitool
-    ldns
-    lm_sensors
-    ncdu
-    nix-diff
-    nix-index
-    nix-output-monitor
-    nixfmt-tree
-    nixos-option
-    pciutils
-    perf
-    pv
-    ripgrep
-    tcpdump
-    tmux
-    tree
-    vim
-    wget
-
     # From jungle overlay
-    nixgen
+    osumb nixgen
-    osumb
   ];
 
   programs.direnv.enable = true;

m/common/base/users.nix

@@ -194,32 +194,6 @@
           "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOlRX7ZCnqtUJYCxKgWmgSrFCYuA2LHY96rVwqxXPl86 aaguirre@BSC-8488184117"
         ];
       };
-
-      emonteir = {
-        uid = 9656;
-        isNormalUser = true;
-        home = "/home/Computational/emonteir";
-        description = "Erwin Royson Monteiro";
-        group = "Computational";
-        hosts = [ "apex" "fox" ];
-        hashedPassword = "$6$0mU88zd3ZuK5NiJQ$DFWL5RMLH6esQM5UyhBCiiNryw4lDDmvJp7Usz3tmevnsiSJr6u0RsUKAnR/K8GRBFrV1.GocrgNjKjik5GY//";
-        openssh.authorizedKeys.keys = [
-          "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOKZKot/Y3F5Wq9pQIXlCbyvQuVVeWMCsAC96Nd+LTcG erwin@Oreo"
-        ];
-      };
-
-      ssanzmar = {
-        uid = 9657;
-        isNormalUser = true;
-        home = "/home/Computational/ssanzmar";
-        description = "Sergio Sanz Martínez";
-        group = "Computational";
-        hosts = [ "apex" "fox" ];
-        hashedPassword = "$6$HUjNDJeJMmNQ6M64$laXSOZcXg6o4v2r8Jm8Xj9kmqw7veCY32po3TVDPRR4WlyxvOeqwoKr4NjlUlPPpKN55Oot3ZYHi.9iNXsH5E1";
-        openssh.authorizedKeys.keys = [
-          "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIELrsRRHXryrdA2ZBx5XmdGxL4DC5bmJydhBeTWQ0SQ sergio.sanz.martinez@estudiantat.upc.edu"
-        ];
-      };
     };
 
     groups = {

m/common/base/watchdog.nix

@@ -5,5 +5,5 @@
   boot.kernelModules = [ "ipmi_watchdog" ];
 
   # Enable systemd watchdog with 30 s interval
-  systemd.settings.Manager.RuntimeWatchdogSec = 30;
+  systemd.watchdog.runtimeTime = "30s";
 }

m/eudy/kernel/perf.nix

@@ -1,6 +1,11 @@
-{ pkgs, lib, ... }:
+{ config, pkgs, lib, ... }:
 
 {
+  # add the perf tool
+  environment.systemPackages = with pkgs; [
+    config.boot.kernelPackages.perf
+  ];
+
   # allow non-root users to read tracing data from the kernel
   boot.kernel.sysctl."kernel.perf_event_paranoid" = -2;
   boot.kernel.sysctl."kernel.kptr_restrict" = 0;

m/hut/configuration.nix

@@ -45,7 +45,7 @@
       address = "10.0.40.7";
       prefixLength = 24;
     } ];
-    interfaces.ibs785.ipv4.addresses = [ {
+    interfaces.ibp5s0.ipv4.addresses = [ {
       address = "10.0.42.7";
       prefixLength = 24;
     } ];

m/hut/nginx.nix

@@ -4,8 +4,8 @@ let
     name = "jungle-web";
     src = pkgs.fetchgit {
       url = "https://jungle.bsc.es/git/rarias/jungle-website.git";
-      rev = "5f18335d14126d2fef134c0cd441771436f7dfa1";
+      rev = "52abaf4d71652a9ef77a0b098db14ca33bffff4c";
-      hash = "sha256-s9VBF91sQ7hg9+lrwNFPYgoXTTyXaQcAulCiGJgWERo=";
+      hash = "sha256-/ul9GazbOrOkmlvSgDz/+2W+V+ir5725Y7mVLc3rb0M=";
     };
     buildInputs = [ pkgs.hugo ];
     buildPhase = ''

m/lake2/configuration.nix

@@ -46,7 +46,7 @@
       address = "10.0.40.42";
       prefixLength = 24;
     } ];
-    interfaces.ibs785.ipv4.addresses = [ {
+    interfaces.ibp5s0.ipv4.addresses = [ {
       address = "10.0.42.42";
       prefixLength = 24;
     } ];

m/module/debuginfod.nix

@@ -1,10 +1,3 @@
 {
-  services.nixseparatedebuginfod2 = {
+  services.nixseparatedebuginfod.enable = true;
-    enable = true;
-    substituters = [
-      "local:"
-      "https://cache.nixos.org"
-      "http://hut/cache"
-    ];
-  };
 }

m/module/tc1-board.nix

@@ -1,27 +0,0 @@
-{ lib, pkgs, ... }:
-
-{
-  # Allow user access to FTDI USB device
-  services.udev.packages = lib.singleton (pkgs.writeTextFile {
-    # Needs to be < 73
-    name = "60-ftdi-tc1.rules";
-    text = ''
-      # Bus 003 Device 003: ID 0403:6011 Future Technology Devices International, Ltd FT4232H Quad HS USB-UART/FIFO IC
-      # Use := to make sure it doesn't get changed later
-      SUBSYSTEMS=="usb", ATTRS{idVendor}=="0403", ATTRS{idProduct}=="6011", MODE:="0666"
-    '';
-    destination = "/etc/udev/rules.d/60-ftdi-tc1.rules";
-  });
-
-  # Allow access to USB for docker in GitLab runner
-  services.gitlab-runner = {
-    services.gitlab-bsc-docker = {
-      registrationFlags = [
-        # We need raw access to the USB port to reboot the board
-        "--docker-devices /dev/bus/usb/003/003"
-        # And TTY access for the serial port
-        "--docker-devices /dev/ttyUSB2"
-      ];
-    };
-  };
-}

m/owl1/configuration.nix

@@ -20,7 +20,7 @@
       address = "10.0.40.1";
       prefixLength = 24;
     } ];
-    interfaces.ibs785.ipv4.addresses = [ {
+    interfaces.ibp5s0.ipv4.addresses = [ {
       address = "10.0.42.1";
       prefixLength = 24;
     } ];

m/owl2/configuration.nix

@@ -21,7 +21,7 @@
       prefixLength = 24;
     } ];
     # Watch out! The OmniPath device is not in the same place here:
-    interfaces.ibs801.ipv4.addresses = [ {
+    interfaces.ibp129s0.ipv4.addresses = [ {
       address = "10.0.42.2";
       prefixLength = 24;
     } ];

m/tent/configuration.nix

@@ -16,7 +16,6 @@
     ../module/p.nix
     ../module/vpn-dac.nix
     ../module/hut-substituter.nix
-    ../module/tc1-board.nix
   ];
 
   # Select the this using the ID to avoid mismatches

m/tent/gitea.nix

@@ -27,7 +27,4 @@
       };
     };
   };
-
-  # Allow gitea user to send mail
-  users.users.gitea.extraGroups = [ "mail-robot" ];
 }

m/tent/gitlab-runner.nix

@@ -43,7 +43,6 @@
         registrationFlags = [
           # Increase build log length to 64 MiB
           "--output-limit 65536"
-          "--docker-network-mode host"
         ];
         preBuildScript = pkgs.writeScript "setup-container" ''
           mkdir -p -m 0755 /nix/var/log/nix/drvs

m/tent/nginx.nix

@@ -4,8 +4,8 @@ let
     name = "jungle-web";
     src = pkgs.fetchgit {
       url = "https://jungle.bsc.es/git/rarias/jungle-website.git";
-      rev = "5f18335d14126d2fef134c0cd441771436f7dfa1";
+      rev = "52abaf4d71652a9ef77a0b098db14ca33bffff4c";
-      hash = "sha256-s9VBF91sQ7hg9+lrwNFPYgoXTTyXaQcAulCiGJgWERo=";
+      hash = "sha256-/ul9GazbOrOkmlvSgDz/+2W+V+ir5725Y7mVLc3rb0M=";
     };
     buildInputs = [ pkgs.hugo ];
     buildPhase = ''

m/weasel/configuration.nix

@@ -25,7 +25,7 @@
       address = "10.0.40.6";
       prefixLength = 24;
     } ];
-    interfaces.ibs785.ipv4.addresses = [ {
+    interfaces.ibp5s0.ipv4.addresses = [ {
       address = "10.0.42.6";
       prefixLength = 24;
     } ];

overlay.nix

@@ -12,9 +12,9 @@ let
     bench6 = callPackage ./pkgs/bench6/default.nix { };
     bigotes = callPackage ./pkgs/bigotes/default.nix { };
     clangOmpss2 = callPackage ./pkgs/llvm-ompss2/default.nix { };
-    clangOmpss2Nanos6 = callPackage ./pkgs/llvm-ompss2/default.nix { ompss2rt = final.nanos6; };
+    clangOmpss2Nanos6 = callPackage ./pkgs/llvm-ompss2/default.nix { useNanos6 = true; };
-    clangOmpss2Nodes = callPackage ./pkgs/llvm-ompss2/default.nix { ompss2rt = final.nodes; openmp = final.openmp; };
+    clangOmpss2Nodes = callPackage ./pkgs/llvm-ompss2/default.nix { useNodes = true; useOpenmp = true; };
-    clangOmpss2NodesOmpv = callPackage ./pkgs/llvm-ompss2/default.nix { ompss2rt = final.nodes; openmp = final.openmpv; };
+    clangOmpss2NodesOmpv = callPackage ./pkgs/llvm-ompss2/default.nix { useNodes = true; useOpenmpV = true; };
     clangOmpss2Unwrapped = callPackage ./pkgs/llvm-ompss2/clang.nix { };
     cudainfo = prev.callPackage ./pkgs/cudainfo/default.nix { };
     #extrae = callPackage ./pkgs/extrae/default.nix { }; # Broken and outdated
@@ -30,8 +30,7 @@ let
       amd-uprof-driver = _prev.callPackage ./pkgs/amd-uprof/driver.nix { };
     });
     lmbench = callPackage ./pkgs/lmbench/default.nix { };
-    # Broken and unmantained
+    mcxx = callPackage ./pkgs/mcxx/default.nix { };
-    # mcxx = callPackage ./pkgs/mcxx/default.nix { };
     meteocat-exporter = prev.callPackage ./pkgs/meteocat-exporter/default.nix { };
     mpi = final.mpich; # Set MPICH as default
     mpich = callPackage ./pkgs/mpich/default.nix { mpich = prev.mpich; };
@@ -39,16 +38,9 @@ let
     nanos6Debug = final.nanos6.override { enableDebug = true; };
     nixtools = callPackage ./pkgs/nixtools/default.nix { };
     nixgen = callPackage ./pkgs/nixgen/default.nix { };
-    nix-portable = callPackage ./pkgs/nix-portable/default.nix {
+    # Broken because of pkgsStatic.libcap
-      busybox = final.pkgsStatic.busybox;
+    # See: https://github.com/NixOS/nixpkgs/pull/268791
-      bwrap = final.pkgsStatic.bubblewrap;
+    #nix-wrap = callPackage ./pkgs/nix-wrap/default.nix { };
-      gnutar = final.pkgsStatic.gnutar;
-      perl = final.pkgsBuildBuild.perl;
-      xz = final.pkgsStatic.xz;
-      zstd = final.pkgsStatic.zstd;
-      bashInteractive = final.pkgsStatic.bashInteractive;
-    };
-    nix-wrap = callPackage ./pkgs/nix-wrap/default.nix { };
     nodes = callPackage ./pkgs/nodes/default.nix { };
     nosv = callPackage ./pkgs/nosv/default.nix { };
     openmp = callPackage ./pkgs/llvm-ompss2/openmp.nix { monorepoSrc = final.clangOmpss2Unwrapped.src; version = final.clangOmpss2Unwrapped.version; };
@@ -62,10 +54,10 @@ let
     #psmpi = callPackage ./pkgs/parastation/psmpi.nix { }; # Unmaintaned
     slurm = import ./pkgs/slurm/default.nix { slurm = prev.slurm; };
     sonar = callPackage ./pkgs/sonar/default.nix { };
-    stdenvClangOmpss2 = final.stdenv.override { cc = final.clangOmpss2; allowedRequisites = null; };
+    stdenvClangOmpss2 = final.stdenv.override { cc = final.buildPackages.clangOmpss2; allowedRequisites = null; };
-    stdenvClangOmpss2Nanos6 = final.stdenv.override { cc = final.clangOmpss2Nanos6; allowedRequisites = null; };
+    stdenvClangOmpss2Nanos6 = final.stdenv.override { cc = final.buildPackages.clangOmpss2Nanos6; allowedRequisites = null; };
-    stdenvClangOmpss2Nodes = final.stdenv.override { cc = final.clangOmpss2Nodes; allowedRequisites = null; };
+    stdenvClangOmpss2Nodes = final.stdenv.override { cc = final.buildPackages.clangOmpss2Nodes; allowedRequisites = null; };
-    stdenvClangOmpss2NodesOmpv = final.stdenv.override { cc = final.clangOmpss2NodesOmpv; allowedRequisites = null; };
+    stdenvClangOmpss2NodesOmpv = final.stdenv.override { cc = final.buildPackages.clangOmpss2NodesOmpv; allowedRequisites = null; };
     tagaspi = callPackage ./pkgs/tagaspi/default.nix { };
     tampi = callPackage ./pkgs/tampi/default.nix { };
     upc-qaire-exporter = prev.callPackage ./pkgs/upc-qaire-exporter/default.nix { };

pkgs/amd-uprof/default.nix

@@ -1,6 +1,8 @@
 { stdenv
 , lib
-, fetchurl
+, curl
+, cacert
+, runCommandLocal
 , autoPatchelfHook
 , elfutils
 , glib
@@ -24,26 +26,26 @@ let
   tarball = "AMDuProf_Linux_x64_${version}.tar.bz2";
 
   # NOTE: Remember to update the radare2 patch below if AMDuProfPcm changes.
-  src = fetchurl {
+  uprofSrc = runCommandLocal tarball {
-    url = "https://download.amd.com/developer/eula/uprof/uprof-5-1/${tarball}";
+    nativeBuildInputs = [ curl ];
-    sha256 = "sha256-jAmsw/xmctJ2r7BKyuA+9exLgZbu3cvrYtyRUUTt8sM=";
+    outputHash = "sha256-j9gxcBcIg6Zhc5FglUXf/VV9bKSo+PAKeootbN7ggYk=";
-    curlOptsList = [
+    SSL_CERT_FILE="${cacert}/etc/ssl/certs/ca-bundle.crt";
-      "-H" "User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:139.0) Gecko/20100101 Firefox/139.0"
+  } ''
-      "-H" "'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8'"
+    curl \
-      "-H" "Accept-Language: en-US,en;q=0.5"
+    -o $out \
-      "-H" "Accept-Encoding: gzip, deflate, br, zstd"
+    'https://download.amd.com/developer/eula/uprof/uprof-5-1/${tarball}' \
-      "-H" "Referer: https://www.amd.com/"
+    -H 'User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:139.0) Gecko/20100101 Firefox/139.0' \
-    ];
+    -H 'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8' \
-    downloadToTemp = true;
+    -H 'Accept-Language: en-US,en;q=0.5' \
-    postFetch = ''
+    -H 'Accept-Encoding: gzip, deflate, br, zstd' \
-      cat "$downloadedFile" | tr '\r' '\n' > "$out"
+    -H 'Referer: https://www.amd.com/' 2>&1 | tr '\r' '\n'
-    '';
+  '';
-  };
 
 in
   stdenv.mkDerivation {
     pname = "AMD-uProf";
-    inherit src version;
+    inherit version;
+    src = uprofSrc;
     dontStrip = true;
     phases = [ "installPhase" "fixupPhase" ];
     nativeBuildInputs = [ autoPatchelfHook radare2 ];

pkgs/amd-uprof/driver.nix

@@ -19,7 +19,7 @@ in stdenv.mkDerivation {
   '';
   hardeningDisable = [ "pic" "format" ];
   nativeBuildInputs = kernel.moduleBuildDependencies;
-  patches = [ ./makefile.patch ./hrtimer.patch ./remove-wr-rdmsrq.patch ];
+  patches = [ ./makefile.patch ./hrtimer.patch ];
   makeFlags = [
     "KERNEL_VERSION=${kernel.modDirVersion}"
     "KERNEL_DIR=${kernel.dev}/lib/modules/${kernel.modDirVersion}/build"

pkgs/amd-uprof/remove-wr-rdmsrq.patch

@@ -1,20 +0,0 @@
-diff --git a/inc/PwrProfAsm.h b/inc/PwrProfAsm.h
-index d77770a..c93a0e9 100644
---- a/inc/PwrProfAsm.h
-+++ b/inc/PwrProfAsm.h
-@@ -347,6 +347,7 @@
- 
- #endif
- 
-+/*
- #define rdmsrq(msr,val1,val2,val3,val4) ({ \
-         __asm__ __volatile__( \
-                               "rdmsr\n" \
-@@ -362,6 +363,7 @@
-                               :"c"(msr), "a"(val1), "d"(val2), "S"(val3), "D"(val4) \
-                             ); \
-     })
-+*/
- 
- #define rdmsrpw(msr,val1,val2,val3,val4) ({ \
-         __asm__ __volatile__( \

pkgs/cudainfo/default.nix

@@ -12,7 +12,7 @@ stdenv.mkDerivation (finalAttrs: {
   src = ./.;
   buildInputs = [
     cudatoolkit # Required for nvcc
-    (lib.getOutput "static" cudaPackages.cuda_cudart) # Required for -lcudart_static
+    cudaPackages.cuda_cudart.static # Required for -lcudart_static
     autoAddDriverRunpath
   ];
   installPhase = ''

pkgs/intel-oneapi/2023.nix

@@ -10,7 +10,7 @@
 , zlib
 , autoPatchelfHook
 , libfabric
-, gcc
+, gcc13
 , wrapCCWith
 }:
 
@@ -33,6 +33,8 @@ let
     maintainers = with lib.maintainers.bsc; [ abonerib ];
   };
 
+  gcc = gcc13;
+
   v = {
     hpckit   = "2023.1.0";
     compiler = "2023.1.0";

pkgs/llvm-ompss2/clang.nix

@@ -1,9 +1,9 @@
 {
-  llvmPackages_latest
+  stdenv
+, llvmPackages_latest
 , lib
 , fetchFromGitHub
 , cmake
-, bash
 , python3
 , perl
 , which
@@ -11,7 +11,6 @@
 , libffi
 , zlib
 , pkg-config
-, gcc # needed to set the rpath of libstdc++ for clang-tblgen
 , enableDebug ? false
 , useGit ? false
 , gitUrl ? "ssh://git@bscpm04.bsc.es/llvm-ompss/llvm-mono.git"
@@ -20,7 +19,10 @@
 }:
 
 let
-  stdenv = llvmPackages_latest.stdenv;
+  llvmPackages = llvmPackages_latest;
+  llvmStdenv = llvmPackages.stdenv;
+  # needed to set the rpath of libstdc++ for clang-tblgen
+  gcc = stdenv.cc;
 
   release = rec {
     version = "2025.11";
@@ -43,7 +45,7 @@ let
 
   source = if (useGit) then git else release;
 
-in stdenv.mkDerivation {
+in llvmStdenv.mkDerivation {
   pname = "clang-ompss2";
   inherit (source) src version;
 
@@ -60,13 +62,12 @@ in stdenv.mkDerivation {
   };
 
   nativeBuildInputs = [
-    bash
     cmake
     elfutils
-    llvmPackages_latest.lld
+    llvmPackages.lld
+    perl
     pkg-config
     python3
-    perl
     which
     zlib
   ];
@@ -97,8 +98,13 @@ in stdenv.mkDerivation {
     cd build
     cmakeDir="../llvm"
     cmakeFlagsArray=(
-      "-DLLVM_HOST_TRIPLE=${stdenv.targetPlatform.config}"
+      "-DLLVM_HOST_TRIPLE=${llvmStdenv.targetPlatform.config}"
+    '' + (if "${llvmStdenv.targetPlatform.config}" == "riscv64-unknown-linux-gnu" then ''
+      "-DLLVM_DEFAULT_TARGET_TRIPLE=riscv64-unknown-linux-gnu"
+      "-DLLVM_TARGETS_TO_BUILD=RISCV"
+    '' else ''
       "-DLLVM_TARGETS_TO_BUILD=host"
+    '') + ''
       "-DLLVM_BUILD_LLVM_DYLIB=ON"
       "-DLLVM_LINK_LLVM_DYLIB=ON"
       # Required to run clang-ast-dump and clang-tblgen during build
@@ -107,7 +113,8 @@ in stdenv.mkDerivation {
       "-DCMAKE_CXX_FLAGS_DEBUG=-g -ggnu-pubnames"
       "-DCMAKE_EXE_LINKER_FLAGS_DEBUG=-Wl,--gdb-index"
       "-DLLVM_LIT_ARGS=-sv --xunit-xml-output=xunit.xml"
-      "-DLLVM_ENABLE_PROJECTS=clang;compiler-rt;lld"
+      "-DLLVM_ENABLE_PROJECTS=clang;lld"
+      #"-DLLVM_ENABLE_PROJECTS=clang;compiler-rt;lld"
       "-DLLVM_ENABLE_ASSERTIONS=ON"
       "-DLLVM_INSTALL_TOOLCHAIN_ONLY=ON"
       "-DCMAKE_INSTALL_BINDIR=bin"
@@ -117,8 +124,8 @@ in stdenv.mkDerivation {
       # install
       "-DCMAKE_INSTALL_RPATH_USE_LINK_PATH=ON"
       "-DCMAKE_INSTALL_RPATH=${zlib}/lib:${gcc.cc.lib}/lib"
-      "-DLLVM_APPEND_VC_REV=ON"
+      #"-DLLVM_APPEND_VC_REV=ON"
-      "-DLLVM_FORCE_VC_REVISION=${source.version}"
+      #"-DLLVM_FORCE_VC_REVISION=${source.version}"
     )
   '';
 

pkgs/llvm-ompss2/default.nix

@@ -3,46 +3,65 @@
 , lib
 , gcc
 , clangOmpss2Unwrapped
-, openmp ? null
+
+, openmp
+, useOpenmp  ? false
+, openmpv
+, useOpenmpV ? false
+, nanos6
+, useNanos6 ? false
+, nodes
+, useNodes ? false
+
 , wrapCCWith
 , llvmPackages_latest
-, ompss2rt ? null
 }:
 
 with lib;
 
 let
-  usingNodesAndOmpv = (openmp.pname == "openmp-v" && ompss2rt.pname == "nodes");
+  getSplice = target: pkg: if pkg ? "__spliced" && pkg.__spliced ? target then pkg.__spliced."${target}" else pkg;
-  sameNosv = openmp.nosv == ompss2rt.nosv;
+  #getSpliceTargetTarget = pkg: if pkg ? "__spliced" && pkg.__spliced ? "targetTarget" then pkg.__spliced.targetTarget else pkg;
+  getSpliceTargetTarget = getSplice "targetTarget";
+  omp = if useOpenmp then openmp else if useOpenmpV then openmpv else null;
+  ompss2rtUnspliced = if useNanos6 then nanos6 else if useNodes then nodes else null;
+  ompss2rt = getSpliceTargetTarget ompss2rtUnspliced;
+  usingNodesAndOmpv = (omp.pname == "openmp-v" && ompss2rt.pname == "nodes");
+  sameNosvUnspliced = omp.nosv == ompss2rtUnspliced.nosv;
+  sameNosvSpliced = (getSpliceTargetTarget omp.nosv) == ompss2rt.nosv;
 in
 
-assert assertMsg (usingNodesAndOmpv -> sameNosv) "OpenMP-V and NODES must share the same nOS-V";
+assert assertMsg (usingNodesAndOmpv -> sameNosvUnspliced) "OpenMP-V and NODES must share the same nOS-V before splice";
+assert assertMsg (usingNodesAndOmpv -> sameNosvSpliced) "OpenMP-V and NODES must share the same nOS-V after splice";
+assert assertMsg (useOpenmp -> !useOpenmpV) "Either OpenMP or OpenMP-V may be enabled, but not both";
+assert assertMsg (useNanos6 -> !useNodes) "Either Nanos6 or NODES may be enabled, but not both";
 
 let
   homevar = if ompss2rt.pname == "nanos6" then "NANOS6_HOME" else "NODES_HOME";
   rtname  = if ompss2rt.pname == "nanos6" then "libnanos6" else "libnodes";
-  ompname = if openmp.pname == "openmp-v" then  "libompv" else "libomp";
+  ompname = if omp.pname == "openmp-v" then  "libompv" else "libomp";
 
 
   # We need to replace the lld linker from bintools with our linker just built,
   # otherwise we run into incompatibility issues when mixing compiler and linker
   # versions.
-  bintools-unwrapped = llvmPackages_latest.bintools-unwrapped.override {
+  bintools-unwrapped = llvmPackages_latest.tools.bintools-unwrapped.override {
     lld = clangOmpss2Unwrapped;
   };
-  bintools = llvmPackages_latest.bintools.override {
+  bintools = llvmPackages_latest.tools.bintools.override {
     bintools = bintools-unwrapped;
   };
   targetConfig = stdenv.targetPlatform.config;
   inherit gcc;
   cc = clangOmpss2Unwrapped;
   gccVersion = with versions; let v = gcc.version; in concatStringsSep "." [(major v) (minor v) (patch v)];
-in wrapCCWith {
+in (wrapCCWith {
   inherit cc bintools;
   # extraPackages adds packages to depsTargetTargetPropagated
-  extraPackages = optional (openmp != null) openmp;
+  extraPackages = optional (omp != null) omp;
   extraBuildCommands = ''
     echo "-target ${targetConfig}" >> $out/nix-support/cc-cflags
+    #echo "-fuse-ld=lld" >> $out/nix-support/cc-cflags
     echo "-B${gcc.cc}/lib/gcc/${targetConfig}/${gccVersion}" >> $out/nix-support/cc-cflags
     echo "-L${gcc.cc}/lib/gcc/${targetConfig}/${gccVersion}" >> $out/nix-support/cc-ldflags
     echo "-L${gcc.cc.lib}/lib" >> $out/nix-support/cc-ldflags
@@ -56,15 +75,17 @@ in wrapCCWith {
 
     echo "--gcc-toolchain=${gcc}" >> $out/nix-support/cc-cflags
 
-    wrap clang++  $wrapper $ccPath/clang++
+    wrap ${targetConfig}clang++  $wrapper $ccPath/clang++
+    wrap ${targetConfig}clang    $wrapper $ccPath/clang
 
-  '' + optionalString (openmp != null) ''
+  '' + optionalString (omp != null) ''
     echo "export OPENMP_RUNTIME=${ompname}" >> $out/nix-support/cc-wrapper-hook
   '' + optionalString (ompss2rt != null) ''
     echo "export OMPSS2_RUNTIME=${rtname}" >> $out/nix-support/cc-wrapper-hook
     echo "export ${homevar}=${ompss2rt}"   >> $out/nix-support/cc-wrapper-hook
   '' + optionalString (ompss2rt != null && ompss2rt.pname == "nodes") ''
-    echo "export NOSV_HOME=${ompss2rt.nosv}" >> $out/nix-support/cc-wrapper-hook
+    echo "export NOSV_HOME=${ompss2rt}" >> $out/nix-support/cc-wrapper-hook
   '';
-}
+}) // { inherit ompss2rt; }
+
 

pkgs/llvm-ompss2/openmp.nix

@@ -39,6 +39,9 @@ stdenv.mkDerivation rec {
     perl
     pkg-config
     python3
+  ];
+
+  buildInputs = [
   ] ++ lib.optionals enableNosv [
     nosv
   ] ++ lib.optionals enableOvni [

pkgs/mcxx/default.nix

@@ -65,7 +65,6 @@ stdenv.mkDerivation rec {
   ];
 
   meta = {
-    broken = true;
     homepage = "https://github.com/bsc-pm/mcxx";
     description = "C/C++/Fortran source-to-source compilation infrastructure aimed at fast prototyping";
     maintainers = with lib.maintainers.bsc; [ rpenacob ];

pkgs/meteocat-exporter/default.nix

@@ -1,11 +1,9 @@
 { python3Packages, lib }:
 
-python3Packages.buildPythonApplication {
+python3Packages.buildPythonApplication rec {
   pname = "meteocat-exporter";
   version = "1.0";
 
-  pyproject = true;
-
   src = ./.;
 
   doCheck = false;

pkgs/nanos6/jemalloc.nix

@@ -5,7 +5,6 @@ jemalloc.overrideAttrs (old: {
     "--with-jemalloc-prefix=nanos6_je_"
     "--enable-stats"
   ];
-  enableParallelBuilding = true;
   hardeningDisable = [ "all" ];
   meta = old.meta // {
     description = old.meta.description + " (for Nanos6)";

pkgs/nix-portable/default.nix

@@ -1,671 +0,0 @@
-with builtins;
-{
-  bwrap,
-  nix,
-  proot,
-  unzip,
-  zip,
-  unixtools,
-  stdenv,
-  buildPackages,
-  upx,
-
-  bootstrapPrograms ? [
-    "gitMinimal"
-    "netcat-openbsd"
-    "openssh"
-    "bashInteractive"
-  ],
-
-  busybox,
-  cacert ? pkgs.cacert,
-  compression ? "zstd -19 -T0",
-  gnutar ? pkgs.pkgsStatic.gnutar,
-  lib ? pkgs.lib,
-  perl ? pkgs.perl,
-  pkgs ? import <nixpkgs> {},
-  xz ? pkgs.pkgsStatic.xz,
-  zstd ? pkgs.pkgsStatic.zstd,
-  nixStatic,
-  # hardcode executable to run. Useful when creating a bundle.
-  bundledPackage ? null,
-  ...
-}@inp:
-with lib;
-let
-
-  pname =
-    if bundledPackage == null
-    then "nix-portable"
-    else lib.getName bundledPackage;
-
-  bundledExe = lib.getExe bundledPackage;
-
-  nixpkgsSrc = pkgs.path;
-
-  maketar = targets:
-    let
-      closureInfo = buildPackages.closureInfo { rootPaths = targets; };
-    in
-    stdenv.mkDerivation {
-      name = "nix-portable-store-tarball";
-      nativeBuildInputs = [ perl zstd ];
-      exportReferencesGraph = map (x: [("closure-" + baseNameOf x) x]) targets;
-      buildCommand = ''
-        storePaths=$(cat ${closureInfo}/store-paths)
-        mkdir $out
-        echo $storePaths > $out/index
-        cp -r ${closureInfo} $out/closureInfo
-
-        tar -cf - \
-          --owner=0 --group=0 --mode=u+rw,uga+r \
-          --hard-dereference \
-          $storePaths | ${compression} > $out/tar
-      '';
-    };
-
-  packStaticBin = binPath: let
-      binName = (last (splitString "/" binPath)); in
-    pkgs.runCommand
-    binName
-    { nativeBuildInputs = [ upx ]; }
-    ''
-      mkdir -p $out/bin
-      theBinPath=${binPath}
-
-      if [[ -L "$theBinPath" ]]; then
-        theBinPath=$(readlink -f "$theBinPath")
-      fi
-
-      upx -9 -o $out/bin/${binName} $theBinPath
-    '';
-
-  installBin = pkg: bin: ''
-    unzip -qqoj "\$self" ${ lib.removePrefix "/" "${pkg}/bin/${bin}"} -d \$dir/bin
-    chmod +wx \$dir/bin/${bin};
-  '';
-
-  installDynamic = pkgname: let
-    out = pkgs.${pkgname}.out;
-  in ''
-    if [ ! -e \$store${lib.removePrefix "/nix/store" pkgs.${pkgname}.out} ] ; then
-      debug "Installing ${pkgname}"
-      \$run \$store${lib.removePrefix "/nix/store" nix}/bin/nix build --impure --no-link --expr "
-        (import ${nixpkgsSrc} {}).${pkgname}.out
-      "
-    else
-      debug "${pkgname} already installed"
-    fi
-
-    export PATH="${out}/bin:\$PATH"
-  '';
-
-  caBundleZstd = pkgs.runCommand "cacerts" {} "cat ${cacert}/etc/ssl/certs/ca-bundle.crt | ${inp.zstd}/bin/zstd -19 > $out";
-
-  bwrap = packStaticBin "${inp.bwrap}/bin/bwrap";
-  nixStatic = packStaticBin "${inp.nixStatic}/bin/nix";
-  proot = packStaticBin "${inp.proot}/bin/proot";
-  zstd = packStaticBin "${inp.zstd}/bin/zstd";
-
-  # the default nix store contents to extract when first used
-  storeTar = maketar ([ cacert nix nixpkgsSrc ] ++ lib.optional (bundledPackage != null) bundledPackage);
-
-
-  # The runtime script which unpacks the necessary files to $HOME/.nix-portable
-  # and then executes nix via proot or bwrap
-  # Some shell expressions will be evaluated at build time and some at run time.
-  # Variables/expressions escaped via `\$` will be evaluated at run time
-  runtimeScript = ''
-    #!/usr/bin/env bash
-
-    set -eo pipefail
-
-    start=\$(date +%s%N)  # start time in nanoseconds
-
-    # dump environment on exit if debug is enabled
-    if [ -n "\$NP_DEBUG" ] && [ "\$NP_DEBUG" -ge 1 ]; then
-      trap "declare -p > \''${TMPDIR:-/tmp}/np_env" EXIT
-    fi
-
-    # there seem to be less issues with proot when disabling seccomp
-    # though on android it is needed
-    if [ -n "\$TERMUX_VERSION" ]; then
-      unset LD_PRELOAD
-      NP_RUNTIME=\''${NP_RUNTIME:-proot}
-      export PROOT_TMP_DIR="\$TMPDIR/proot"
-      mkdir -p "\$PROOT_TMP_DIR"
-    else
-      export PROOT_NO_SECCOMP=\''${PROOT_NO_SECCOMP:-1}
-    fi
-
-    set -e
-    if [ -n "\$NP_DEBUG" ] && [ "\$NP_DEBUG" -ge 2 ]; then
-      set -x
-    fi
-
-    # &3 is our error out which we either forward to &2 or to /dev/null
-    # depending on the setting
-    if [ -n "\$NP_DEBUG" ] && [ "\$NP_DEBUG" -ge 1 ]; then
-      debug(){
-        echo \$@ || true
-      }
-      exec 3>&2
-    else
-      debug(){
-        true
-      }
-      exec 3>/dev/null
-    fi
-
-    # to reference this script's file
-    self="\$(realpath \''${BASH_SOURCE[0]})"
-
-    # fingerprint will be inserted by builder
-    fingerprint="_FINGERPRINT_PLACEHOLDER_"
-
-    # user specified location for program files and nix store
-    [ -z "\$NP_LOCATION" ] && NP_LOCATION="\$HOME"
-    NP_LOCATION="\$(readlink -f "\$NP_LOCATION")"
-    dir="\$NP_LOCATION/.nix-portable"
-
-    # Create NP_LOCATION and remove sgid bit
-    mkdir -p \$dir
-    if [ ! -z "\$BSC_MACHINE" ]; then
-      # Attempt to avoid issues with sgid folders
-      chmod g-s \$dir
-      chgrp bsc \$dir
-    fi
-
-    store="\$dir/nix/store"
-    # create /nix/var/nix to prevent nix from falling back to chroot store.
-    mkdir -p \$dir/{bin,nix/var/nix,nix/store}
-
-    # create minimal drv file for nix to spawn a nix shell
-    echo 'builtins.derivation {name="foo"; builder="/bin/sh"; args = ["-c" "echo hello \> \\\$out"]; system=builtins.currentSystem;}' > "\$dir/mini-drv.nix"
-
-    # the fingerprint being present inside a file indicates that
-    # this version of nix-portable has already been initialized
-    if test -e \$dir/conf/fingerprint && [ "\$(cat \$dir/conf/fingerprint)" == "\$fingerprint" ]; then
-      newNPVersion=false
-    else
-      newNPVersion=true
-    fi
-
-    # Nix portable ships its own nix.conf
-    export NIX_CONF_DIR=\$dir/conf/
-
-    NP_CONF_SANDBOX=\''${NP_CONF_SANDBOX:-false}
-    NP_CONF_STORE=\''${NP_CONF_STORE:-auto}
-
-
-    recreate_nix_conf(){
-      mkdir -p "\$NIX_CONF_DIR"
-      rm -f "\$NIX_CONF_DIR/nix.conf"
-
-      # static config
-      echo "build-users-group = " >> \$dir/conf/nix.conf
-      echo "experimental-features = nix-command flakes" >> \$dir/conf/nix.conf
-      echo "ignored-acls = security.selinux system.nfs4_acl" >> \$dir/conf/nix.conf
-      echo "sandbox-paths = /bin/sh=\$dir/busybox/bin/busybox" >> \$dir/conf/nix.conf
-      echo "extra-substituters = https://jungle.bsc.es/cache">> \$dir/conf/nix.conf
-      echo "extra-trusted-public-keys = jungle.bsc.es:pEc7MlAT0HEwLQYPtpkPLwRsGf80ZI26aj29zMw/HH0=" >> \$dir/conf/nix.conf
-
-      echo "extra-system-features = sys-devices" >> \$dir/conf/nix.conf
-      echo "extra-sandbox-paths = /sys/devices/system/cpu=/sys/devices/system/cpu /sys/devices/system/node=/sys/devices/system/node" >> \$dir/conf/nix.conf
-      echo "extra-trusted-users = @bsc" >> \$dir/conf/nix.conf
-
-
-      # configurable config
-      echo "sandbox = \$NP_CONF_SANDBOX" >> \$dir/conf/nix.conf
-      echo "store = \$NP_CONF_STORE" >> \$dir/conf/nix.conf
-    }
-
-
-    ### install files
-
-    PATH_OLD="\$PATH"
-
-    # as soon as busybox is unpacked, restrict PATH to busybox to ensure reproducibility of this script
-    # only unpack binaries if necessary
-    if [ "\$newNPVersion" == "false" ]; then
-
-      debug "binaries already installed"
-      # our busybox does not run on termux, therefore we suffix the PATH only on termux
-      export PATH="\''${TERMUX_VERSION:+\$PATH:}\$dir/busybox/bin"
-
-    else
-
-      debug "installing files"
-
-      mkdir -p \$dir/emptyroot
-
-      # install busybox
-      mkdir -p \$dir/busybox/bin
-      (base64 -d> "\$dir/busybox/bin/busybox" && chmod +x "\$dir/busybox/bin/busybox") << END
-    $(cat ${busybox}/bin/busybox | base64)
-    END
-      busyBins="${toString (attrNames (filterAttrs (d: type: type == "symlink") (readDir "${inp.busybox}/bin")))}"
-      for bin in \$busyBins; do
-        [ ! -e "\$dir/busybox/bin/\$bin" ] && ln -s busybox "\$dir/busybox/bin/\$bin"
-      done
-
-      # our busybox does not run on termux, therefore we suffix the PATH only on termux
-      export PATH="\''${TERMUX_VERSION:+\$PATH:}\$dir/busybox/bin"
-
-      # install other binaries
-      ${installBin zstd "zstd"}
-      ${installBin proot "proot"}
-      ${installBin bwrap "bwrap"}
-      ${installBin nixStatic "nix"}
-
-      # install ssl cert bundle
-      unzip -poj "\$self" ${ lib.removePrefix "/" "${caBundleZstd}"} | \$dir/bin/zstd -d > \$dir/ca-bundle.crt
-
-      recreate_nix_conf
-    fi
-
-    # Override $SHELL with nix bashInteractive
-    export SHELL="${pkgs.bashInteractive.out}/bin/bash"
-    export PS1="\n\[\033[1;32m\][\[\e]0;\u@\h: \w\a\]\u@\h:\w]\$\[\033[0m\] "
-
-    ### setup SSL
-    # find ssl certs or use from nixpkgs
-    debug "figuring out ssl certs"
-    if [ -z "\$SSL_CERT_FILE" ]; then
-      debug "SSL_CERT_FILE not defined. trying to find certs automatically"
-      if [ -e /etc/ssl/certs/ca-bundle.crt ]; then
-        export SSL_CERT_FILE=\$(realpath /etc/ssl/certs/ca-bundle.crt)
-        debug "found /etc/ssl/certs/ca-bundle.crt with real path \$SSL_CERT_FILE"
-      elif [ -e /etc/ssl/certs/ca-certificates.crt ]; then
-        export SSL_CERT_FILE=\$(realpath /etc/ssl/certs/ca-certificates.crt)
-        debug "found /etc/ssl/certs/ca-certificates.crt with real path \$SSL_CERT_FILE"
-      elif [ ! -e /etc/ssl/certs ]; then
-        debug "/etc/ssl/certs does not exist. Will use certs from nixpkgs."
-        export SSL_CERT_FILE=\$dir/ca-bundle.crt
-      else
-        debug "certs seem to reside in /etc/ssl/certs. No need to set up anything"
-      fi
-    fi
-    if [ -n "\$SSL_CERT_FILE" ]; then
-      sslBind="\$(realpath \$SSL_CERT_FILE) \$dir/ca-bundle.crt"
-      export SSL_CERT_FILE="\$dir/ca-bundle.crt"
-    else
-      sslBind="/etc/ssl /etc/ssl"
-    fi
-
-    if [ -n "\$NP_GIT" ]; then
-      echo "WARN: NP_GIT is not supported, using nix version instead"
-    fi
-
-
-
-    storePathOfFile(){
-      file=\$(realpath \$1)
-      sPath="\$(echo \$file | awk -F "/" 'BEGIN{OFS="/";}{print \$2,\$3,\$4}')"
-      echo "/\$sPath"
-    }
-
-
-    collectBinds(){
-      pathsTopLevel="/boot /run /sys \$PWD /gpfs /tmp /scratch"
-
-      toBind=""
-      for p in \$pathsTopLevel; do
-        if [ -e "\$p" ]; then
-          real=\$(realpath \$p)
-          if [ -e "\$real" ]; then
-            if [[ "\$real" == /nix/store/* ]]; then
-              storePath=\$(storePathOfFile \$real)
-              toBind="\$toBind \$storePath \$storePath"
-            else
-              toBind="\$toBind \$real \$p"
-            fi
-          fi
-        fi
-      done
-
-
-      # TODO: add /var/run/dbus/system_bus_socket
-      paths="/etc/host.conf /etc/hosts /etc/hosts.equiv /etc/mtab /etc/netgroup /etc/networks /etc/passwd /etc/group /etc/nsswitch.conf /etc/resolv.conf /etc/localtime \$HOME"
-
-      for p in \$paths; do
-        if [ -e "\$p" ]; then
-          real=\$(realpath \$p)
-          if [ -e "\$real" ]; then
-            if [[ "\$real" == /nix/store/* ]]; then
-              storePath=\$(storePathOfFile \$real)
-              toBind="\$toBind \$storePath \$storePath"
-            else
-              toBind="\$toBind \$real \$real"
-            fi
-          fi
-        fi
-      done
-
-      toBind="\$toBind \$dir/busybox/bin /bin"
-      # provide /bin/sh via the shipped busybox
-      toBind="\$toBind \$dir/busybox/bin/busybox /bin/sh"
-      toBind="\$toBind \$dir/busybox/bin/busybox /usr/bin/env"
-
-      # on termux, make sure termux packages still work inside the nix-portable environment
-      if [ -n "\$TERMUX_VERSION" ]; then
-        # binds required so termux native packages still run inside the nix-portable sandbox
-        # TODO: this doesn't quite work yet. debug and fix
-        toBind="\$toBind /system/lib64/libc.so /system/lib64/libc.so"
-        toBind="\$toBind /system/lib64/ld-android.so /system/lib64/ld-android.so"
-        toBind="\$toBind /system/lib64/libdl.so /system/lib64/libdl.so"
-        toBind="\$toBind /system/bin /system/bin"
-        toBind="\$toBind /system/lib64 /system/lib64"
-        toBind="\$toBind /apex/com.android.runtime/bin /apex/com.android.runtime/bin"
-        toBind="\$toBind /linkerconfig/ld.config.txt /linkerconfig/ld.config.txt"
-        toBind="\$toBind \$dir/ca-bundle.crt /etc/ssl/certs/ca-certificates.crt"
-        toBind="\$toBind \$(realpath \$HOME/../usr/etc/resolv.conf) /etc/resolv.conf"
-      fi
-
-    }
-
-
-    makeBindArgs(){
-      arg=\$1; shift
-      sep=\$1; shift
-      binds=""
-      while :; do
-        if [ -n "\$1" ]; then
-          from="\$1"; shift
-          to="\$1"; shift || { echo "no bind destination provided for \$from!"; exit 3; }
-          binds="\$binds \$arg \$from\$sep\$to";
-        else
-          break
-        fi
-      done
-    }
-
-
-
-    ### select container runtime
-    debug "figuring out which runtime to use"
-    [ -z "\$NP_BWRAP" ] && NP_BWRAP=\$dir/bin/bwrap
-    debug "bwrap executable: \$NP_BWRAP"
-    [ -z "\$NP_NIX" ] && NP_NIX=\$dir/bin/nix
-    debug "nix executable: \$NP_NIX"
-    [ -z "\$NP_PROOT" ] && NP_PROOT=\$(PATH="\$PATH_OLD:\$PATH" which proot 2>/dev/null) || true
-    [ -z "\$NP_PROOT" ] && NP_PROOT=\$dir/bin/proot
-    debug "proot executable: \$NP_PROOT"
-    debug "testing all available runtimes..."
-    if [ -z "\$NP_RUNTIME" ]; then
-      # read last automatic selected runtime from disk
-      if [ "\$newNPVersion" == "true" ]; then
-        debug "removing cached auto selected runtime"
-        rm -f "\$dir/conf/last_auto_runtime"
-      fi
-      if [ -f "\$dir/conf/last_auto_runtime" ]; then
-        last_auto_runtime="\$(cat "\$dir/conf/last_auto_runtime")"
-      else
-        last_auto_runtime=
-      fi
-      debug "last auto selected runtime: \$last_auto_runtime"
-      if [ "\$last_auto_runtime" != "" ]; then
-        NP_RUNTIME="\$last_auto_runtime"
-      # check if nix --store works
-      elif \\
-          debug "testing nix --store" \\
-          && mkdir -p \$dir/tmp/ \\
-          && touch \$dir/tmp/testfile \\
-          && "\$NP_NIX" --store "\$dir/tmp/__store" shell -f "\$dir/mini-drv.nix" -c "\$dir/bin/nix" store add-file --store "\$dir/tmp/__store" "\$dir/tmp/testfile" >/dev/null 2>&3; then
-        chmod -R +w \$dir/tmp/__store
-        rm -r \$dir/tmp/__store
-        debug "nix --store works on this system -> will use nix as runtime"
-        NP_RUNTIME=nix
-      # check if bwrap works properly
-      elif \\
-          debug "nix --store failed -> testing bwrap" \\
-          && \$NP_BWRAP --bind \$dir/emptyroot / --bind \$dir/ /nix --bind \$dir/busybox/bin/busybox "\$dir/true" "\$dir/true" 2>&3 ; then
-        debug "bwrap seems to work on this system -> will use bwrap"
-        NP_RUNTIME=bwrap
-      else
-        debug "bwrap doesn't work on this system -> will use proot"
-        NP_RUNTIME=proot
-      fi
-      echo -n "\$NP_RUNTIME" > "\$dir/conf/last_auto_runtime"
-    else
-      debug "runtime selected via NP_RUNTIME: \$NP_RUNTIME"
-    fi
-    debug "NP_RUNTIME: \$NP_RUNTIME"
-    if [ "\$NP_RUNTIME" == "nix" ]; then
-      run="\$NP_NIX shell -f \$dir/mini-drv.nix -c"
-      export PATH="\$PATH:\$store${lib.removePrefix "/nix/store" nix}/bin"
-      NP_CONF_STORE="\$dir"
-      recreate_nix_conf
-    elif [ "\$NP_RUNTIME" == "bwrap" ]; then
-      collectBinds
-      makeBindArgs --bind " " \$toBind \$sslBind
-      run="\$NP_BWRAP \$BWRAP_ARGS \\
-        --bind \$dir/emptyroot /\\
-        --dev-bind /dev /dev\\
-        --proc /proc\\
-        --bind \$dir/nix /nix\\
-        \$binds"
-        # --bind \$dir/busybox/bin/busybox /bin/sh\\
-    else
-      # proot
-      collectBinds
-      makeBindArgs -b ":" \$toBind \$sslBind
-      run="\$NP_PROOT \$PROOT_ARGS\\
-        -r \$dir/emptyroot\\
-        -b /dev:/dev\\
-        -b \$dir/nix:/nix\\
-        \$binds"
-        # -b \$dir/busybox/bin/busybox:/bin/sh\\
-    fi
-    debug "base command will be: \$run"
-
-
-
-    ### setup environment
-    export NIX_PATH="\$dir/channels:nixpkgs=\$dir/channels/nixpkgs"
-    mkdir -p \$dir/channels
-    [ -h \$dir/channels/nixpkgs ] || ln -s ${nixpkgsSrc} \$dir/channels/nixpkgs
-
-
-    ### install nix store
-    # Install all the nix store paths necessary for the current nix-portable version
-    # We only unpack missing store paths from the tar archive.
-    index="$(cat ${storeTar}/index)"
-
-    export missing=\$(
-      for path in \$index; do
-        basepath=\$(basename \$path)
-        if [ ! -e \$store/\$basepath ]; then
-          echo "nix/store/\$basepath"
-        fi
-      done
-    )
-
-    if [ -n "\$missing" ]; then
-      debug "extracting missing store paths"
-      (
-        mkdir -p \$dir/tmp \$store/
-        rm -rf \$dir/tmp/*
-        cd \$dir/tmp
-        unzip -qqp "\$self" ${ lib.removePrefix "/" "${storeTar}/tar"} \
-          | \$dir/bin/zstd -d \
-          | tar -x \$missing --strip-components 2
-        mv \$dir/tmp/* \$store/
-      )
-      rm -rf \$dir/tmp
-    fi
-
-    if [ -n "\$missing" ]; then
-      debug "registering new store paths to DB"
-      reg="$(cat ${storeTar}/closureInfo/registration)"
-      cmd="\$run \$store${lib.removePrefix "/nix/store" nix}/bin/nix-store --load-db"
-      debug "running command: \$cmd"
-      echo "\$reg" | \$cmd
-    fi
-
-
-    ### select executable
-    # the executable can either be selected by
-    # - executing './nix-portable BIN_NAME',
-    # - symlinking to nix-portable, in which case the name of the symlink selects the nix executable
-    # Alternatively the executable can be hardcoded by specifying the argument 'executable' of nix-portable's default.nix file.
-    executable="${if bundledPackage == null then "" else bundledExe}"
-    if [ "\$executable" != "" ]; then
-      bin="\$executable"
-      debug "executable is hardcoded to: \$bin"
-
-    elif [[ "\$(basename \$0)" == nix-portable* ]]; then\
-      if [ -z "\$1" ]; then
-        echo "Error: please specify the nix binary to execute"
-        echo "Alternatively symlink against \$0"
-        exit 1
-      elif [ "\$1" == "debug" ]; then
-        bin="\$(which \$2)"
-        shift; shift
-      else
-        bin="\$store${lib.removePrefix "/nix/store" nix}/bin/\$1"
-        shift
-      fi
-    # for binary selection via symlink
-    else
-      bin="\$store${lib.removePrefix "/nix/store" nix}/bin/\$(basename \$0)"
-    fi
-
-
-
-    ### check which runtime has been used previously
-    if [ -f "\$dir/conf/last_runtime" ]; then
-      lastRuntime=\$(cat "\$dir/conf/last_runtime")
-    else
-      lastRuntime=
-    fi
-
-
-
-    ### check if nix is functional with or without sandbox
-    # sandbox-fallback is not reliable: https://github.com/NixOS/nix/issues/4719
-    if [ "\$newNPVersion" == "true" ] || [ "\$lastRuntime" != "\$NP_RUNTIME" ]; then
-      nixBin="\$(dirname \$bin)/nix"
-      debug "Testing if nix can build stuff without sandbox"
-      if ! \$run "\$nixBin" build --no-link -f "\$dir/mini-drv.nix" --option sandbox false >&3 2>&3; then
-        echo "Fatal error: nix is unable to build packages"
-        exit 1
-      fi
-
-      debug "Testing if nix sandbox is functional"
-      if ! \$run "\$nixBin" build --no-link -f "\$dir/mini-drv.nix" --option sandbox true >&3 2>&3; then
-        debug "Sandbox doesn't work -> disabling sandbox"
-        NP_CONF_SANDBOX=false
-        recreate_nix_conf
-      else
-        debug "Sandboxed builds work -> enabling sandbox"
-        NP_CONF_SANDBOX=true
-        recreate_nix_conf
-      fi
-
-    fi
-
-
-    ### save fingerprint and lastRuntime
-    if [ "\$newNPVersion" == "true" ]; then
-      echo -n "\$fingerprint" > "\$dir/conf/fingerprint"
-    fi
-    if [ "\$lastRuntime" != \$NP_RUNTIME ]; then
-      echo -n \$NP_RUNTIME > "\$dir/conf/last_runtime"
-    fi
-
-
-
-    ### set PATH
-    # restore original PATH and append busybox
-    export PATH="\$PATH_OLD:\$dir/busybox/bin"
-
-    ### install programs via nix
-    ${concatMapStringsSep "\n" installDynamic bootstrapPrograms}
-
-    ### print elapsed time
-    end=\$(date +%s%N)  # end time in nanoseconds
-    # time elapsed in millis with two decimal places
-
-    # print stats about initialization time of nix-portable
-    # skipt for termux, as it doesn't have bc installed
-    if [ -z "\$TERMUX_VERSION" ]; then
-      elapsed=\$(echo "scale=2; (\$end - \$start)/1000000" | bc)
-      debug "Time to initialize nix-portable: \$elapsed millis"
-    fi
-
-
-    ### run commands
-    [ -z "\$NP_RUN" ] && NP_RUN="\$run"
-    if [ "\$NP_RUNTIME" == "proot" ]; then
-      debug "running command: \$NP_RUN \$bin \$@"
-      exec \$NP_RUN \$bin "\$@"
-    else
-      cmd="\$NP_RUN \$bin \$@"
-      debug "running command: \$cmd"
-      exec \$NP_RUN \$bin "\$@"
-    fi
-    exit
-  '';
-
-  runtimeScriptEscaped = replaceStrings ["\""] ["\\\""] runtimeScript;
-
-  nixPortable = pkgs.runCommand pname {
-    nativeBuildInputs = [unixtools.xxd unzip];
-
-    meta = {
-      homepage = "https://github.com/DavHau/nix-portable";
-      description = "Nix - Static, Permissionless, Installation-free, Pre-configured for mn5";
-      maintainers = with lib.maintainers.bsc; [ abonerib ];
-      platforms = lib.platforms.linux;
-      license = lib.licenses.mit;
-    };
-  } ''
-    mkdir -p $out/bin
-    echo "${runtimeScriptEscaped}" > $out/bin/nix-portable.zip
-    xxd $out/bin/nix-portable.zip | tail
-
-    sizeA=$(printf "%08x" `stat -c "%s" $out/bin/nix-portable.zip` | tac -rs ..)
-    echo 504b 0304 0000 0000 0000 0000 0000 0000 | xxd -r -p >> $out/bin/nix-portable.zip
-    echo 0000 0000 0000 0000 0000 0200 0000 4242 | xxd -r -p >> $out/bin/nix-portable.zip
-
-    sizeB=$(printf "%08x" `stat -c "%s" $out/bin/nix-portable.zip` | tac -rs ..)
-    echo 504b 0102 0000 0000 0000 0000 0000 0000 | xxd -r -p >> $out/bin/nix-portable.zip
-    echo 0000 0000 0000 0000 0000 0000 0200 0000 | xxd -r -p >> $out/bin/nix-portable.zip
-    echo 0000 0000 0000 0000 0000 $sizeA 4242 | xxd -r -p >> $out/bin/nix-portable.zip
-
-    echo 504b 0506 0000 0000 0000 0100 3000 0000 | xxd -r -p >> $out/bin/nix-portable.zip
-    echo $sizeB 0000 0000 0000 0000 0000 0000 | xxd -r -p >> $out/bin/nix-portable.zip
-
-    unzip -vl $out/bin/nix-portable.zip
-
-    zip="${zip}/bin/zip -0"
-    $zip $out/bin/nix-portable.zip ${bwrap}/bin/bwrap
-    $zip $out/bin/nix-portable.zip ${nixStatic}/bin/nix
-    $zip $out/bin/nix-portable.zip ${proot}/bin/proot
-    $zip $out/bin/nix-portable.zip ${zstd}/bin/zstd
-    $zip $out/bin/nix-portable.zip ${storeTar}/tar
-    $zip $out/bin/nix-portable.zip ${caBundleZstd}
-
-    # create fingerprint
-    fp=$(sha256sum $out/bin/nix-portable.zip | cut -d " "  -f 1)
-    sed -i "s/_FINGERPRINT_PLACEHOLDER_/$fp/g" $out/bin/nix-portable.zip
-    # fix broken zip header due to manual modification
-    ${zip}/bin/zip -F $out/bin/nix-portable.zip --out $out/bin/nix-portable-fixed.zip
-
-    rm $out/bin/nix-portable.zip
-    executable=${if bundledPackage == null then "" else bundledExe}
-    if [ "$executable" == "" ]; then
-      target="$out/bin/nix-portable"
-    else
-      target="$out/bin/$(basename "$executable")"
-    fi
-    mv $out/bin/nix-portable-fixed.zip "$target"
-    chmod +x "$target"
-  '';
-in
-nixPortable.overrideAttrs (prev: {
-  passthru = (prev.passthru or {}) // {
-    inherit bwrap proot;
-  };
-})

pkgs/nix-wrap/default.nix

@@ -14,7 +14,7 @@ let
   nixConfDir = "share";
   nix_wrap_sh = writeText "nix-wrap.sh" ''
     #!/usr/bin/env bash
-
+    #
     busybox_bin="${nixPrefix}${busybox}/bin"
     bubblewrap_bin="${nixPrefix}/${bubblewrap}/bin"
 
@@ -69,6 +69,7 @@ stdenv.mkDerivation rec {
   name = "nix-wrap";
   buildInputs = [
     bashInteractive
+    busybox
     nix
   ];
   src = null;
@@ -91,6 +92,7 @@ stdenv.mkDerivation rec {
     homepage = null;
     description = "nix bubblewrap wrapper";
     maintainers = [ ];
+    broken = true;
     platforms = lib.platforms.linux;
     license = lib.licenses.mit;
   };

pkgs/paraver/default.nix

@@ -12,7 +12,7 @@
 , paraverKernel
 , openssl
 , glibcLocales
-, wrapGAppsHook3
+, wrapGAppsHook
 }:
 
 let
@@ -64,7 +64,7 @@ stdenv.mkDerivation rec {
     autoconf
     automake
     autoreconfHook
-    wrapGAppsHook3
+    wrapGAppsHook
   ];
 
   buildInputs = [

pkgs/upc-qaire-exporter/default.nix

@@ -1,11 +1,9 @@
 { python3Packages, lib }:
 
-python3Packages.buildPythonApplication {
+python3Packages.buildPythonApplication rec {
   pname = "upc-qaire-exporter";
   version = "1.0";
 
-  pyproject = true;
-
   src = ./.;
 
   doCheck = false;