diff --git a/packages/dotnet-pack.nix b/packages/dotnet-pack.nix
new file mode 100644
index 0000000..0e4a9b4
--- /dev/null
+++ b/packages/dotnet-pack.nix
@@ -0,0 +1,18 @@
+{
+ pkgs ? import <nixpkgs> { },
+}:
+
+pkgs.symlinkJoin {
+ name = "dotnet-pack";
+ paths = [
+ pkgs.dotnet-sdk_8
+ pkgs.dotnet-sdk_7
+ pkgs.dotnet-sdk
+ ];
+ postBuild = ''
+ rm -rfv $out/bin
+ rm -rfv $out/dotnet
+ cp -rv ${pkgs.dotnet-sdk_8}/dotnet $out/
+ cp -rv ${pkgs.dotnet-sdk_8}/bin $out/
+ '';
+}
diff --git a/packages/gitfs.nix b/packages/gitfs.nix
new file mode 100755
index 0000000..728e836
--- /dev/null
+++ b/packages/gitfs.nix
@@ -0,0 +1,17 @@
+{ pkgs, ... }:
+{
+ environment.systemPackages = with pkgs; [
+ (gitfs.overrideAttrs (old: {
+ # TODO: pls fix the nixpkgs derivation
+ patchPhase = null;
+ postPatch = old.patchPhase;
+ patches = (old.patches or [ ]) ++ [
+ (fetchpatch {
+ name = "fix-MutableMapping.patch";
+ url = "https://patch-diff.githubusercontent.com/raw/presslabs/gitfs/pull/382.diff";
+ hash = "sha256-ZaIEhv37sorSq3P+6GeH346u/5xh3qE+49D9FRNujMQ=";
+ })
+ ];
+ }))
+ ];
+}
diff --git a/packages/matrix-spec.nix b/packages/matrix-spec.nix
new file mode 100644
index 0000000..17cc4a3
--- /dev/null
+++ b/packages/matrix-spec.nix
@@ -0,0 +1,52 @@
+{
+ lib,
+ stdenv,
+ fetchFromGitHub,
+ buildGoModule,
+ hugo,
+ cacert,
+
+ pkgs,
+
+ matrixSpecSrc,
+}:
+let
+ src = matrixSpecSrc;
+
+ version = src.shortRev or (builtins.substring 0 7 src.dirtyRev);
+ rev = src.rev or src.dirtyRev;
+in
+buildGoModule {
+ inherit version;
+ pname = "matrix-spec";
+ src = src;
+ vendorHash = "sha256-4f04IS76JtH+I4Xpu6gF8JQSO3TM7p56mCs8BwyPo8U=";
+ buildInputs = [ cacert ];
+
+ nativeBuildInputs = [ hugo ];
+ # Nix doesn't play well with Hugo's "GitInfo" module, so disable it and inject
+ # the revision from the flake.
+ postPatch = ''
+ # substituteInPlace ./site/layouts/shortcodes/gitinfo.html \
+ # --replace "{{ .Page.GitInfo.Hash }}" "${rev}"
+
+ # substituteInPlace ./config/_default/config.yaml \
+ # --replace "enableGitInfo: true" "enableGitInfo: false"
+ ${lib.getExe pkgs.lsd} -lAh .
+ '';
+
+ # Generate the Hugo site before building the Go application which embeds the
+ # built site.
+ preBuild = ''
+ hugo --minify --gc --cleanDestinationDir -d spec
+ '';
+
+ ldflags = [ "-X main.commit=${rev}" ];
+
+ # Rename the main executable in the output directory
+ postInstall = ''
+ mv $out/bin/jnsgr.uk $out/bin/jnsgruk
+ '';
+
+ meta.mainProgram = "jnsgruk";
+}
diff --git a/packages/mtxclient-git.nix b/packages/mtxclient-git.nix
new file mode 100644
index 0000000..2392312
--- /dev/null
+++ b/packages/mtxclient-git.nix
@@ -0,0 +1,65 @@
+# This file was copied from NUR: https://github.com/nix-community/nur-combined/blob/master/repos/deeunderscore/pkgs/mtxclient/default.nix
+# This file is a modified version of nixpkgs/pkgs/development/libraries/mtxclient/default.nix (copied at 5c4b9be)
+
+{
+ lib,
+ stdenv,
+ fetchFromGitHub,
+ cmake,
+ pkg-config,
+ openssl,
+ olm,
+ spdlog,
+ nlohmann_json,
+ libevent,
+ curl,
+ coeurl,
+ re2,
+ mtxclientSrc,
+}:
+stdenv.mkDerivation {
+ pname = "mtxclient";
+ version = "git+master";
+ src = mtxclientSrc;
+
+ cmakeFlags = [
+ # Network requiring tests can't be disabled individually:
+ # https://github.com/Nheko-Reborn/mtxclient/issues/22
+ "-DBUILD_LIB_TESTS=OFF"
+ "-DBUILD_LIB_EXAMPLES=OFF"
+ ];
+
+ postPatch = ''
+ # See https://github.com/gabime/spdlog/issues/1897
+ sed -i '1a add_compile_definitions(SPDLOG_FMT_EXTERNAL)' CMakeLists.txt
+ '';
+
+ nativeBuildInputs = [
+ cmake
+ pkg-config
+ ];
+ buildInputs = [
+ spdlog
+ nlohmann_json
+ openssl
+ olm
+ libevent
+ curl
+ coeurl
+ re2
+ ];
+
+ meta = with lib; {
+ description = "Client API library for Matrix, built on top of Boost.Asio";
+ homepage = "https://github.com/Nheko-Reborn/mtxclient";
+ license = licenses.mit;
+ maintainers = with maintainers; [
+ fpletz
+ pstn
+ ];
+ platforms = platforms.all;
+ # Should be fixable if a higher clang version is used, see:
+ # https://github.com/NixOS/nixpkgs/pull/85922#issuecomment-619287177
+ broken = stdenv.targetPlatform.isDarwin;
+ };
+}
diff --git a/packages/nbtexplorer.nix b/packages/nbtexplorer.nix
new file mode 100644
index 0000000..567ba53
--- /dev/null
+++ b/packages/nbtexplorer.nix
@@ -0,0 +1,39 @@
+{
+ lib,
+ stdenvNoCC,
+ fetchFromGitHub,
+ dotnetPackages,
+ msbuild,
+ makeWrapper,
+ mono,
+ libGL,
+ gtk2,
+}:
+
+stdenvNoCC.mkDerivation rec {
+ pname = "nbt-explorer";
+ version = "2.8.0-win";
+
+ src = fetchFromGitHub {
+ owner = "jaquadro";
+ repo = "NBTExplorer";
+ rev = "v${version}";
+ hash = "sha256-uOoELun0keFYN1N2/a1IkCP1AZQvfDLiUdrLxxrhE/A=";
+ #buildCommand = ''
+ # touch $out
+ #'';
+ };
+
+ buildCommand = ''
+ touch $out
+ '';
+
+ meta = with lib; {
+ description = "A graphical NBT editor for all Minecraft NBT data sources";
+ homepage = "https://github.com/jaquadro/NBTExplorer.git";
+ license = licenses.mit;
+ maintainers = with maintainers; [ ];
+ mainProgram = "nbt-explorer";
+ platforms = platforms.all;
+ };
+}
diff --git a/packages/nginx/mime.types b/packages/nginx/mime.types
new file mode 100644
index 0000000..3ac8468
--- /dev/null
+++ b/packages/nginx/mime.types
@@ -0,0 +1,1028 @@
+types {
+application/A2L a2l;
+application/AML aml;
+application/andrew-inset ez;
+application/ATF atf;
+application/ATFX atfx;
+application/ATXML atxml;
+application/atom+xml atom;
+application/atomcat+xml atomcat;
+application/atomdeleted+xml atomdeleted;
+application/atomsvc+xml atomsvc;
+application/atsc-dwd+xml dwd;
+application/atsc-held+xml held;
+application/atsc-rsat+xml rsat;
+application/auth-policy+xml apxml;
+application/bacnet-xdd+zip xdd;
+application/calendar+xml xcs;
+application/cbor cbor;
+application/cccex c3ex;
+application/ccmp+xml ccmp;
+application/ccxml+xml ccxml;
+application/CDFX+XML cdfx;
+application/cdmi-capability cdmia;
+application/cdmi-container cdmic;
+application/cdmi-domain cdmid;
+application/cdmi-object cdmio;
+application/cdmi-queue cdmiq;
+application/CEA cea;
+application/cellml+xml cellml cml;
+application/clr 1clr;
+application/clue_info+xml clue;
+application/cms cmsc;
+application/cpl+xml cpl;
+application/csrattrs csrattrs;
+application/dash+xml mpd;
+application/dashdelta mpdd;
+application/davmount+xml davmount;
+application/DCD dcd;
+application/dicom dcm;
+application/DII dii;
+application/DIT dit;
+application/dskpp+xml xmls;
+application/dssc+der dssc;
+application/dssc+xml xdssc;
+application/dvcs dvc;
+application/ecmascript es;
+application/efi efi;
+application/emma+xml emma;
+application/emotionml+xml emotionml;
+application/epub+zip epub;
+application/exi exi;
+application/fastinfoset finf;
+application/fdt+xml fdt;
+application/font-tdpfr pfr;
+application/geo+json geojson;
+application/geopackage+sqlite3 gpkg;
+application/gltf-buffer glbin glbuf;
+application/gml+xml gml;
+application/gzip gz tgz;
+application/hyperstudio stk;
+application/inkml+xml ink inkml;
+application/ipfix ipfix;
+application/its+xml its;
+application/javascript js;
+application/jrd+json jrd;
+application/json json;
+application/json-patch+json json-patch;
+application/ld+json jsonld;
+application/lgr+xml lgr;
+application/link-format wlnk;
+application/lost+xml lostxml;
+application/lostsync+xml lostsyncxml;
+application/lpf+zip lpf;
+application/LXF lxf;
+application/mac-binhex40 hqx;
+application/mads+xml mads;
+application/marc mrc;
+application/marcxml+xml mrcx;
+application/mathematica nb ma mb;
+application/mathml+xml mml;
+application/mbox mbox;
+application/metalink4+xml meta4;
+application/mets+xml mets;
+application/MF4 mf4;
+application/mipc h5;
+application/mmt-aei+xml maei;
+application/mmt-usd+xml musd;
+application/mods+xml mods;
+application/mp21 m21 mp21;
+application/msword doc;
+application/mxf mxf;
+application/n-quads nq;
+application/n-triples nt;
+application/ocsp-request orq;
+application/ocsp-response ors;
+application/octet-stream bin lha lzh exe class so dll img iso;
+application/ODA oda;
+application/ODX odx;
+application/oebps-package+xml opf;
+application/ogg ogx;
+application/opc-nodeset+xml ;
+application/oxps oxps;
+application/p2p-overlay+xml relo;
+application/pdf pdf;
+application/PDX pdx;
+application/pem-certificate-chain pem;
+application/pgp-encrypted pgp;
+application/pgp-signature sig;
+application/pkcs10 p10;
+application/pkcs12 p12 pfx;
+application/pkcs7-mime p7m p7c;
+application/pkcs7-signature p7s;
+application/pkcs8 p8;
+application/pkcs8-encrypted p8e;
+application/pkix-cert cer;
+application/pkix-crl crl;
+application/pkix-pkipath pkipath;
+application/pkixcmp pki;
+application/pls+xml pls;
+application/postscript ps eps ai;
+application/provenance+xml provx;
+application/prs.cww cw cww;
+application/prs.hpub+zip hpub;
+application/prs.nprend rnd rct;
+application/prs.rdf-xml-crypt rdf-crypt;
+application/prs.xsf+xml xsf;
+application/pskc+xml pskcxml;
+application/rdf+xml rdf;
+application/route-apd+xml rapd;
+application/route-s-tsid+xml sls;
+application/route-usd+xml rusd;
+application/reginfo+xml rif;
+application/relax-ng-compact-syntax rnc;
+application/resource-lists-diff+xml rld;
+application/resource-lists+xml rl;
+application/rfc+xml rfcxml;
+application/rls-services+xml rs;
+application/rpki-ghostbusters gbr;
+application/rpki-manifest mft;
+application/rpki-roa roa;
+application/rtf rtf;
+application/sarif-external-properties+json sarif-external-properties sarif-external-properties.json;
+application/sarif+json sarif sarif.json;
+application/scim+json scim;
+application/scvp-cv-request scq;
+application/scvp-cv-response scs;
+application/scvp-vp-request spq;
+application/scvp-vp-response spp;
+application/sdp sdp;
+application/senml-etch+cbor senml-etchc;
+application/senml-etch+json senml-etchj;
+application/senml+cbor senmlc;
+application/senml+json senml;
+application/senml+xml senmlx;
+application/senml-exi senmle;
+application/sensml+cbor sensmlc;
+application/sensml+json sensml;
+application/sensml+xml sensmlx;
+application/sensml-exi sensmle;
+application/sgml-open-catalog soc;
+application/shf+xml shf;
+application/sieve siv sieve;
+application/simple-filter+xml cl;
+application/smil+xml smil smi sml;
+application/sparql-query rq;
+application/sparql-results+xml srx;
+application/sql sql;
+application/srgs gram;
+application/srgs+xml grxml;
+application/sru+xml sru;
+application/ssml+xml ssml;
+application/stix+json stix;
+application/swid+xml swidtag;
+application/tamp-apex-update tau;
+application/tamp-apex-update-confirm auc;
+application/tamp-community-update tcu;
+application/tamp-community-update-confirm cuc;
+application/td+json jsontd;
+application/tamp-error ter;
+application/tamp-sequence-adjust tsa;
+application/tamp-sequence-adjust-confirm sac;
+application/tamp-update tur;
+application/tamp-update-confirm tuc;
+application/tei+xml tei teiCorpus odd;
+application/thraud+xml tfi;
+application/timestamp-query tsq;
+application/timestamp-reply tsr;
+application/timestamped-data tsd;
+application/trig trig;
+application/ttml+xml ttml;
+application/urc-grpsheet+xml gsheet;
+application/urc-ressheet+xml rsheet;
+application/urc-targetdesc+xml td;
+application/urc-uisocketdesc+xml uis;
+application/vnd.1000minds.decision-model+xml 1km;
+application/vnd.3gpp.5gnas ;
+application/vnd.3gpp.pic-bw-large plb;
+application/vnd.3gpp.pic-bw-small psb;
+application/vnd.3gpp.pic-bw-var pvb;
+application/vnd.3gpp2.sms sms;
+application/vnd.3gpp2.tcap tcap;
+application/vnd.3lightssoftware.imagescal imgcal;
+application/vnd.3M.Post-it-Notes pwn;
+application/vnd.accpac.simply.aso aso;
+application/vnd.accpac.simply.imp imp;
+application/vnd.acucobol acu;
+application/vnd.acucorp atc acutc;
+application/vnd.adobe.flash.movie swf;
+application/vnd.adobe.formscentral.fcdt fcdt;
+application/vnd.adobe.fxp fxp fxpl;
+application/vnd.adobe.xdp+xml xdp;
+application/vnd.adobe.xfdf xfdf;
+application/vnd.afpc.modca list3820 listafp afp pseg3820;
+application/vnd.afpc.modca-overlay ovl;
+application/vnd.afpc.modca-pagesegment psg;
+application/vnd.ahead.space ahead;
+application/vnd.airzip.filesecure.azf azf;
+application/vnd.airzip.filesecure.azs azs;
+application/vnd.amazon.mobi8-ebook azw3;
+application/vnd.americandynamics.acc acc;
+application/vnd.amiga.ami ami;
+application/vnd.android.ota ota;
+application/vnd.anki apkg;
+application/vnd.anser-web-certificate-issue-initiation cii;
+application/vnd.anser-web-funds-transfer-initiation fti;
+application/vnd.apple.installer+xml dist distz pkg mpkg;
+application/vnd.apple.keynote keynote;
+application/vnd.apple.mpegurl m3u8;
+application/vnd.apple.numbers numbers;
+application/vnd.apple.pages pages;
+application/vnd.aristanetworks.swi swi;
+application/vnd.artisan+json artisan;
+application/vnd.astraea-software.iota iota;
+application/vnd.audiograph aep;
+application/vnd.autopackage package;
+application/vnd.balsamiq.bmml+xml bmml;
+application/vnd.banana-accounting ac2;
+application/vnd.balsamiq.bmpr bmpr;
+application/vnd.blueice.multipass mpm;
+application/vnd.bluetooth.ep.oob ep;
+application/vnd.bluetooth.le.oob le;
+application/vnd.bmi bmi;
+application/vnd.businessobjects rep;
+application/vnd.cendio.thinlinc.clientconf tlclient;
+application/vnd.chemdraw+xml cdxml;
+application/vnd.chess-pgn pgn;
+application/vnd.chipnuts.karaoke-mmd mmd;
+application/vnd.cinderella cdy;
+application/vnd.citationstyles.style+xml csl;
+application/vnd.claymore cla;
+application/vnd.cloanto.rp9 rp9;
+application/vnd.clonk.c4group c4g c4d c4f c4p c4u;
+application/vnd.cluetrust.cartomobile-config c11amc;
+application/vnd.cluetrust.cartomobile-config-pkg c11amz;
+application/vnd.coffeescript coffee;
+application/vnd.collabio.xodocuments.document xodt;
+application/vnd.collabio.xodocuments.document-template xott;
+application/vnd.collabio.xodocuments.presentation xodp;
+application/vnd.collabio.xodocuments.presentation-template xotp;
+application/vnd.collabio.xodocuments.spreadsheet xods;
+application/vnd.collabio.xodocuments.spreadsheet-template xots;
+application/vnd.comicbook-rar cbr;
+application/vnd.comicbook+zip cbz;
+application/vnd.commerce-battelle ica icf icd ic0 ic1 ic2 ic3 ic4 ic5 ic6 ic7 ic8;
+application/vnd.commonspace csp cst;
+application/vnd.contact.cmsg cdbcmsg;
+application/vnd.coreos.ignition+json ign ignition;
+application/vnd.cosmocaller cmc;
+application/vnd.crick.clicker clkx;
+application/vnd.crick.clicker.keyboard clkk;
+application/vnd.crick.clicker.palette clkp;
+application/vnd.crick.clicker.template clkt;
+application/vnd.crick.clicker.wordbank clkw;
+application/vnd.criticaltools.wbs+xml wbs;
+application/vnd.crypto-shade-file ssvc;
+application/vnd.cryptomator.encrypted c9r c9s;
+application/vnd.cryptomator.vault cryptomator;
+application/vnd.ctc-posml pml;
+application/vnd.cups-ppd ppd;
+application/vnd.curl curl;
+application/vnd.dart dart;
+application/vnd.data-vision.rdz rdz;
+application/vnd.dbf dbf;
+application/vnd.debian.binary-package deb udeb;
+application/vnd.dece.data uvf uvvf uvd uvvd;
+application/vnd.dece.ttml+xml uvt uvvt;
+application/vnd.dece.unspecified uvx uvvx;
+application/vnd.dece.zip uvz uvvz;
+application/vnd.denovo.fcselayout-link fe_launch;
+application/vnd.desmume.movie dsm;
+application/vnd.dna dna;
+application/vnd.document+json docjson;
+application/vnd.doremir.scorecloud-binary-document scld;
+application/vnd.dpgraph dpg mwc dpgraph;
+application/vnd.dreamfactory dfac;
+application/vnd.dtg.local.flash fla;
+application/vnd.dvb.ait ait;
+application/vnd.dvb.service svc;
+application/vnd.dynageo geo;
+application/vnd.dzr dzr;
+application/vnd.ecowin.chart mag;
+application/vnd.enliven nml;
+application/vnd.epson.esf esf;
+application/vnd.epson.msf msf;
+application/vnd.epson.quickanime qam;
+application/vnd.epson.salt slt;
+application/vnd.epson.ssf ssf;
+application/vnd.ericsson.quickcall qcall qca;
+application/vnd.espass-espass+zip espass;
+application/vnd.eszigno3+xml es3 et3;
+application/vnd.etsi.asic-e+zip asice sce;
+application/vnd.etsi.asic-s+zip asics;
+application/vnd.etsi.timestamp-token tst;
+application/vnd.exstream-empower+zip mpw;
+application/vnd.exstream-package pub;
+application/vnd.evolv.ecig.profile ecigprofile;
+application/vnd.evolv.ecig.settings ecig;
+application/vnd.evolv.ecig.theme ecigtheme;
+application/vnd.ezpix-album ez2;
+application/vnd.ezpix-package ez3;
+application/vnd.fastcopy-disk-image dim;
+application/vnd.fdf fdf;
+application/vnd.fdsn.mseed msd mseed;
+application/vnd.fdsn.seed seed dataless;
+application/vnd.ficlab.flb+zip flb;
+application/vnd.filmit.zfc zfc;
+application/vnd.FloGraphIt gph;
+application/vnd.fluxtime.clip ftc;
+application/vnd.font-fontforge-sfd sfd;
+application/vnd.framemaker fm;
+application/vnd.frogans.fnc fnc;
+application/vnd.frogans.ltf ltf;
+application/vnd.fsc.weblaunch fsc;
+application/vnd.fujitsu.oasys oas;
+application/vnd.fujitsu.oasys2 oa2;
+application/vnd.fujitsu.oasys3 oa3;
+application/vnd.fujitsu.oasysgp fg5;
+application/vnd.fujitsu.oasysprs bh2;
+application/vnd.fujixerox.ddd ddd;
+application/vnd.fujixerox.docuworks xdw;
+application/vnd.fujixerox.docuworks.binder xbd;
+application/vnd.fujixerox.docuworks.container xct;
+application/vnd.fuzzysheet fzs;
+application/vnd.genomatix.tuxedo txd;
+application/vnd.geocube+xml g3 g³;
+application/vnd.geogebra.file ggb;
+application/vnd.geogebra.slides ggs;
+application/vnd.geogebra.tool ggt;
+application/vnd.geometry-explorer gex gre;
+application/vnd.geonext gxt;
+application/vnd.geoplan g2w;
+application/vnd.geospace g3w;
+application/vnd.gmx gmx;
+application/vnd.google-earth.kml+xml kml;
+application/vnd.google-earth.kmz kmz;
+application/vnd.grafeq gqf gqs;
+application/vnd.groove-account gac;
+application/vnd.groove-help ghf;
+application/vnd.groove-identity-message gim;
+application/vnd.groove-injector grv;
+application/vnd.groove-tool-message gtm;
+application/vnd.groove-tool-template tpl;
+application/vnd.groove-vcard vcg;
+application/vnd.hal+xml hal;
+application/vnd.HandHeld-Entertainment+xml zmm;
+application/vnd.hbci hbci hbc kom upa pkd bpd;
+application/vnd.hdt hdt;
+application/vnd.hhe.lesson-player les;
+application/vnd.hp-HPGL hpgl;
+application/vnd.hp-hpid hpi hpid;
+application/vnd.hp-hps hps;
+application/vnd.hp-jlyt jlt;
+application/vnd.hp-PCL pcl;
+application/vnd.hydrostatix.sof-data sfd-hdstx;
+application/vnd.hzn-3d-crossword x3d;
+application/vnd.ibm.electronic-media emm;
+application/vnd.ibm.MiniPay mpy;
+application/vnd.ibm.rights-management irm;
+application/vnd.ibm.secure-container sc;
+application/vnd.iccprofile icc icm;
+application/vnd.ieee.1905 1905.1;
+application/vnd.igloader igl;
+application/vnd.imagemeter.folder+zip imf;
+application/vnd.imagemeter.image+zip imi;
+application/vnd.immervision-ivp ivp;
+application/vnd.immervision-ivu ivu;
+application/vnd.ims.imsccv1p1 imscc;
+application/vnd.insors.igm igm;
+application/vnd.intercon.formnet xpw xpx;
+application/vnd.intergeo i2g;
+application/vnd.intu.qbo qbo;
+application/vnd.intu.qfx qfx;
+application/vnd.ipunplugged.rcprofile rcprofile;
+application/vnd.irepository.package+xml irp;
+application/vnd.is-xpr xpr;
+application/vnd.isac.fcs fcs;
+application/vnd.jam jam;
+application/vnd.jcp.javame.midlet-rms rms;
+application/vnd.jisp jisp;
+application/vnd.joost.joda-archive joda;
+application/vnd.kahootz ktz ktr;
+application/vnd.kde.karbon karbon;
+application/vnd.kde.kchart chrt;
+application/vnd.kde.kformula kfo;
+application/vnd.kde.kivio flw;
+application/vnd.kde.kontour kon;
+application/vnd.kde.kpresenter kpr kpt;
+application/vnd.kde.kspread ksp;
+application/vnd.kde.kword kwd kwt;
+application/vnd.kenameaapp htke;
+application/vnd.kidspiration kia;
+application/vnd.Kinar kne knp sdf;
+application/vnd.koan skp skd skm skt;
+application/vnd.kodak-descriptor sse;
+application/vnd.las las;
+application/vnd.las.las+json lasjson;
+application/vnd.las.las+xml lasxml;
+application/vnd.llamagraphics.life-balance.desktop lbd;
+application/vnd.llamagraphics.life-balance.exchange+xml lbe;
+application/vnd.logipipe.circuit+zip lcs lca;
+application/vnd.loom loom;
+application/vnd.lotus-1-2-3 123 wk4 wk3 wk1;
+application/vnd.lotus-approach apr vew;
+application/vnd.lotus-freelance prz pre;
+application/vnd.lotus-notes nsf ntf ndl ns4 ns3 ns2 nsh nsg;
+application/vnd.lotus-organizer or3 or2 org;
+application/vnd.lotus-screencam scm;
+application/vnd.lotus-wordpro lwp sam;
+application/vnd.macports.portpkg portpkg;
+application/vnd.mapbox-vector-tile mvt;
+application/vnd.marlin.drm.mdcf mdc;
+application/vnd.maxmind.maxmind-db mmdb;
+application/vnd.mcd mcd;
+application/vnd.medcalcdata mc1;
+application/vnd.mediastation.cdkey cdkey;
+application/vnd.MFER mwf;
+application/vnd.mfmp mfm;
+application/vnd.micrografx.flo flo;
+application/vnd.micrografx.igx igx;
+application/vnd.mif mif;
+application/vnd.Mobius.DAF daf;
+application/vnd.Mobius.DIS dis;
+application/vnd.Mobius.MBK mbk;
+application/vnd.Mobius.MQY mqy;
+application/vnd.Mobius.MSL msl;
+application/vnd.Mobius.PLC plc;
+application/vnd.Mobius.TXF txf;
+application/vnd.mophun.application mpn;
+application/vnd.mophun.certificate mpc;
+application/vnd.mozilla.xul+xml xul;
+application/vnd.ms-3mfdocument 3mf;
+application/vnd.ms-artgalry cil;
+application/vnd.ms-asf asf;
+application/vnd.ms-cab-compressed cab;
+application/vnd.ms-excel xls xlm xla xlc xlt xlw;
+application/vnd.ms-excel.template.macroEnabled.12 xltm;
+application/vnd.ms-excel.addin.macroEnabled.12 xlam;
+application/vnd.ms-excel.sheet.binary.macroEnabled.12 xlsb;
+application/vnd.ms-excel.sheet.macroEnabled.12 xlsm;
+application/vnd.ms-fontobject eot;
+application/vnd.ms-htmlhelp chm;
+application/vnd.ms-ims ims;
+application/vnd.ms-lrm lrm;
+application/vnd.ms-officetheme thmx;
+application/vnd.ms-powerpoint ppt pps pot;
+application/vnd.ms-powerpoint.addin.macroEnabled.12 ppam;
+application/vnd.ms-powerpoint.presentation.macroEnabled.12 pptm;
+application/vnd.ms-powerpoint.slide.macroEnabled.12 sldm;
+application/vnd.ms-powerpoint.slideshow.macroEnabled.12 ppsm;
+application/vnd.ms-powerpoint.template.macroEnabled.12 potm;
+application/vnd.ms-project mpp mpt;
+application/vnd.ms-tnef tnef tnf;
+application/vnd.ms-word.document.macroEnabled.12 docm;
+application/vnd.ms-word.template.macroEnabled.12 dotm;
+application/vnd.ms-works wcm wdb wks wps;
+application/vnd.ms-wpl wpl;
+application/vnd.ms-xpsdocument xps;
+application/vnd.msa-disk-image msa;
+application/vnd.mseq mseq;
+application/vnd.multiad.creator crtr;
+application/vnd.multiad.creator.cif cif;
+application/vnd.musician mus;
+application/vnd.muvee.style msty;
+application/vnd.mynfc taglet;
+application/vnd.nebumind.line nebul line;
+application/vnd.nervana entity request bkm kcm;
+application/vnd.nimn nimn;
+application/vnd.nitf nitf;
+application/vnd.neurolanguage.nlu nlu;
+application/vnd.nintendo.nitro.rom nds;
+application/vnd.nintendo.snes.rom sfc smc;
+application/vnd.noblenet-directory nnd;
+application/vnd.noblenet-sealer nns;
+application/vnd.noblenet-web nnw;
+application/vnd.nokia.n-gage.ac+xml ac;
+application/vnd.nokia.n-gage.data ngdat;
+application/vnd.nokia.n-gage.symbian.install n-gage;
+application/vnd.nokia.radio-preset rpst;
+application/vnd.nokia.radio-presets rpss;
+application/vnd.novadigm.EDM edm;
+application/vnd.novadigm.EDX edx;
+application/vnd.novadigm.EXT ext;
+application/vnd.oasis.opendocument.chart odc;
+application/vnd.oasis.opendocument.chart-template otc;
+application/vnd.oasis.opendocument.database odb;
+application/vnd.oasis.opendocument.formula odf;
+application/vnd.oasis.opendocument.graphics odg;
+application/vnd.oasis.opendocument.graphics-template otg;
+application/vnd.oasis.opendocument.image odi;
+application/vnd.oasis.opendocument.image-template oti;
+application/vnd.oasis.opendocument.presentation odp;
+application/vnd.oasis.opendocument.presentation-template otp;
+application/vnd.oasis.opendocument.spreadsheet ods;
+application/vnd.oasis.opendocument.spreadsheet-template ots;
+application/vnd.oasis.opendocument.text odt;
+application/vnd.oasis.opendocument.text-master odm;
+application/vnd.oasis.opendocument.text-template ott;
+application/vnd.oasis.opendocument.text-web oth;
+application/vnd.olpc-sugar xo;
+application/vnd.oma.dd2+xml dd2;
+application/vnd.onepager tam;
+application/vnd.onepagertamp tamp;
+application/vnd.onepagertamx tamx;
+application/vnd.onepagertat tat;
+application/vnd.onepagertatp tatp;
+application/vnd.onepagertatx tatx;
+application/vnd.openblox.game+xml obgx;
+application/vnd.openblox.game-binary obg;
+application/vnd.openeye.oeb oeb;
+application/vnd.openofficeorg.extension oxt;
+application/vnd.openstreetmap.data+xml osm;
+application/vnd.openxmlformats-officedocument.presentationml.presentation pptx;
+application/vnd.openxmlformats-officedocument.presentationml.slide sldx;
+application/vnd.openxmlformats-officedocument.presentationml.slideshow ppsx;
+application/vnd.openxmlformats-officedocument.presentationml.template potx;
+application/vnd.openxmlformats-officedocument.spreadsheetml.sheet xlsx;
+application/vnd.openxmlformats-officedocument.spreadsheetml.template xltx;
+application/vnd.openxmlformats-officedocument.wordprocessingml.document docx;
+application/vnd.openxmlformats-officedocument.wordprocessingml.template dotx;
+application/vnd.osa.netdeploy ndc;
+application/vnd.osgeo.mapguide.package mgp;
+application/vnd.osgi.dp dp;
+application/vnd.osgi.subsystem esa;
+application/vnd.oxli.countgraph oxlicg;
+application/vnd.palm prc pdb pqa oprc;
+application/vnd.panoply plp;
+application/vnd.patentdive dive;
+application/vnd.pawaafile paw;
+application/vnd.pg.format str;
+application/vnd.pg.osasli ei6;
+application/vnd.piaccess.application-licence pil;
+application/vnd.picsel efif;
+application/vnd.pmi.widget wg;
+application/vnd.pocketlearn plf;
+application/vnd.powerbuilder6 pbd;
+application/vnd.preminet preminet;
+application/vnd.previewsystems.box box vbox;
+application/vnd.proteus.magazine mgz;
+application/vnd.psfs psfs;
+application/vnd.publishare-delta-tree qps;
+application/vnd.pvi.ptid1 ptid;
+application/vnd.qualcomm.brew-app-res bar;
+application/vnd.Quark.QuarkXPress qxd qxt qwd qwt qxl qxb;
+application/vnd.quobject-quoxdocument quox quiz;
+application/vnd.rainstor.data tree;
+application/vnd.rar rar;
+application/vnd.realvnc.bed bed;
+application/vnd.recordare.musicxml mxl;
+application/vnd.rig.cryptonote cryptonote;
+application/vnd.route66.link66+xml link66;
+application/vnd.sailingtracker.track st;
+application/vnd.sar SAR;
+application/vnd.scribus scd sla slaz;
+application/vnd.sealed.3df s3df;
+application/vnd.sealed.csf scsf;
+application/vnd.sealed.doc sdoc sdo s1w;
+application/vnd.sealed.eml seml sem;
+application/vnd.sealed.mht smht smh;
+application/vnd.sealed.ppt sppt s1p;
+application/vnd.sealed.tiff stif;
+application/vnd.sealed.xls sxls sxl s1e;
+application/vnd.sealedmedia.softseal.html stml s1h;
+application/vnd.sealedmedia.softseal.pdf spdf spd s1a;
+application/vnd.seemail see;
+application/vnd.sema sema;
+application/vnd.semd semd;
+application/vnd.semf semf;
+application/vnd.shade-save-file ssv;
+application/vnd.shana.informed.formdata ifm;
+application/vnd.shana.informed.formtemplate itp;
+application/vnd.shana.informed.interchange iif;
+application/vnd.shana.informed.package ipk;
+application/vnd.shp shp;
+application/vnd.shx shx;
+application/vnd.sigrok.session sr;
+application/vnd.SimTech-MindMapper twd twds;
+application/vnd.smaf mmf;
+application/vnd.smart.notebook notebook;
+application/vnd.smart.teacher teacher;
+application/vnd.snesdev-page-table ptrom pt;
+application/vnd.software602.filler.form+xml fo;
+application/vnd.software602.filler.form-xml-zip zfo;
+application/vnd.solent.sdkm+xml sdkm sdkd;
+application/vnd.spotfire.dxp dxp;
+application/vnd.spotfire.sfs sfs;
+application/vnd.sqlite3 sqlite sqlite3;
+application/vnd.stepmania.package smzip;
+application/vnd.stepmania.stepchart sm;
+application/vnd.sun.wadl+xml wadl;
+application/vnd.sus-calendar sus susp;
+application/vnd.sycle+xml scl;
+application/vnd.syncml+xml xsm;
+application/vnd.syncml.dm+wbxml bdm;
+application/vnd.syncml.dm+xml xdm;
+application/vnd.syncml.dmddf+xml ddf;
+application/vnd.tao.intent-module-archive tao;
+application/vnd.tcpdump.pcap pcap cap dmp;
+application/vnd.theqvd qvd;
+application/vnd.think-cell.ppttc+json ppttc;
+application/vnd.tml vfr viaframe;
+application/vnd.tmobile-livetv tmo;
+application/vnd.trid.tpt tpt;
+application/vnd.triscape.mxs mxs;
+application/vnd.trueapp tra;
+application/vnd.ufdl ufdl ufd frm;
+application/vnd.uiq.theme utz;
+application/vnd.umajin umj;
+application/vnd.unity unityweb;
+application/vnd.uoml+xml uoml uo;
+application/vnd.uri-map urim urimap;
+application/vnd.valve.source.material vmt;
+application/vnd.vcx vcx;
+application/vnd.vd-study mxi study-inter model-inter;
+application/vnd.vectorworks vwx;
+application/vnd.veryant.thin istc isws;
+application/vnd.ves.encrypted VES;
+application/vnd.vidsoft.vidconference vsc;
+application/vnd.visio vsd vst vsw vss;
+application/vnd.visionary vis;
+application/vnd.vsf vsf;
+application/vnd.wap.sic sic;
+application/vnd.wap.slc slc;
+application/vnd.wap.wbxml wbxml;
+application/vnd.wap.wmlc wmlc;
+application/vnd.wap.wmlscriptc wmlsc;
+application/vnd.webturbo wtb;
+application/vnd.wfa.p2p p2p;
+application/vnd.wfa.wsc wsc;
+application/vnd.wmc wmc;
+application/vnd.wolfram.mathematica.package m;
+application/vnd.wolfram.player nbp;
+application/vnd.wordperfect wpd;
+application/vnd.wqd wqd;
+application/vnd.wt.stf stf;
+application/vnd.wv.csp+wbxml wv;
+application/vnd.xara xar;
+application/vnd.xfdl xfdl xfd;
+application/vnd.xmpie.cpkg cpkg;
+application/vnd.xmpie.dpkg dpkg;
+application/vnd.xmpie.ppkg ppkg;
+application/vnd.xmpie.xlim xlim;
+application/vnd.yamaha.hv-dic hvd;
+application/vnd.yamaha.hv-script hvs;
+application/vnd.yamaha.hv-voice hvp;
+application/vnd.yamaha.openscoreformat osf;
+application/vnd.yamaha.smaf-audio saf;
+application/vnd.yamaha.smaf-phrase spf;
+application/vnd.yaoweme yme;
+application/vnd.yellowriver-custom-menu cmp;
+application/vnd.zul zir zirz;
+application/vnd.zzazz.deck+xml zaz;
+application/voicexml+xml vxml;
+application/voucher-cms+json vcj;
+application/wasm wasm;
+application/watcherinfo+xml wif;
+application/widget wgt;
+application/wsdl+xml wsdl;
+application/wspolicy+xml wspolicy;
+application/xcap-att+xml xav;
+application/xcap-caps+xml xca;
+application/xcap-diff+xml xdf;
+application/xcap-el+xml xel;
+application/xcap-error+xml xer;
+application/xcap-ns+xml xns;
+application/xhtml+xml xhtml xhtm xht;
+application/xliff+xml xlf;
+application/xml-dtd dtd;
+application/xop+xml xop;
+application/xslt+xml xsl xslt;
+application/xv+xml mxml xhvml xvml xvm;
+application/yang yang;
+application/yin+xml yin;
+application/zip zip;
+application/zstd zst;
+audio/32kadpcm 726;
+audio/aac adts aac ass;
+audio/ac3 ac3;
+audio/AMR amr;
+audio/AMR-WB awb;
+audio/asc acn;
+audio/ATRAC-ADVANCED-LOSSLESS aal;
+audio/ATRAC-X atx;
+audio/ATRAC3 at3 aa3 omg;
+audio/basic au snd;
+audio/dls dls;
+audio/EVRC evc;
+audio/EVRCB evb;
+audio/EVRCNW enw;
+audio/EVRCWB evw;
+audio/iLBC lbc;
+audio/L16 l16;
+audio/mhas mhas;
+audio/mobile-xmf mxmf;
+audio/mp4 m4a;
+audio/mpeg mp3 mpga mp1 mp2;
+audio/ogg oga ogg opus spx;
+audio/prs.sid sid psid;
+audio/QCELP qcp;
+audio/SMV smv;
+audio/sofa sofa;
+audio/usac loas xhe;
+audio/vnd.audiokoz koz;
+audio/vnd.dece.audio uva uvva;
+audio/vnd.digital-winds eol;
+audio/vnd.dolby.mlp mlp;
+audio/vnd.dts dts;
+audio/vnd.dts.hd dtshd;
+audio/vnd.everad.plj plj;
+audio/vnd.lucent.voice lvp;
+audio/vnd.ms-playready.media.pya pya;
+audio/vnd.nortel.vbk vbk;
+audio/vnd.nuera.ecelp4800 ecelp4800;
+audio/vnd.nuera.ecelp7470 ecelp7470;
+audio/vnd.nuera.ecelp9600 ecelp9600;
+audio/vnd.presonus.multitrack multitrack;
+audio/vnd.rip rip;
+audio/vnd.sealedmedia.softseal.mpeg smp3 smp s1m;
+font/collection ttc;
+font/otf otf;
+font/ttf ttf;
+font/woff woff;
+font/woff2 woff2;
+image/aces exr;
+image/avci avci;
+image/avcs avcs;
+image/avif avif hif;
+image/bmp bmp dib;
+image/cgm cgm;
+image/dicom-rle drle;
+image/emf emf;
+image/fits fits fit fts;
+image/heic heic;
+image/heic-sequence heics;
+image/heif heif;
+image/heif-sequence heifs;
+image/hej2k hej2;
+image/hsj2 hsj2;
+image/gif gif;
+image/ief ief;
+image/jls jls;
+image/jp2 jp2 jpg2;
+image/jph jph;
+image/jphc jhc;
+image/jpeg jpg jpeg jpe jfif;
+image/jpm jpm jpgm;
+image/jpx jpx jpf;
+image/jxl jxl;
+image/jxr jxr;
+image/jxrA jxra;
+image/jxrS jxrs;
+image/jxs jxs;
+image/jxsc jxsc;
+image/jxsi jxsi;
+image/jxss jxss;
+image/ktx ktx;
+image/ktx2 ktx2;
+image/png png;
+image/prs.btif btif btf;
+image/prs.pti pti;
+image/svg+xml svg svgz;
+image/t38 t38;
+image/tiff tiff tif;
+image/tiff-fx tfx;
+image/vnd.adobe.photoshop psd;
+image/vnd.airzip.accelerator.azv azv;
+image/vnd.dece.graphic uvi uvvi uvg uvvg;
+image/vnd.djvu djvu djv;
+image/vnd.dwg dwg;
+image/vnd.dxf dxf;
+image/vnd.fastbidsheet fbs;
+image/vnd.fpx fpx;
+image/vnd.fst fst;
+image/vnd.fujixerox.edmics-mmr mmr;
+image/vnd.fujixerox.edmics-rlc rlc;
+image/vnd.globalgraphics.pgb pgb;
+image/vnd.microsoft.icon ico;
+image/vnd.mozilla.apng apng;
+image/vnd.ms-modi mdi;
+image/vnd.pco.b16 b16;
+image/vnd.radiance hdr rgbe xyze;
+image/vnd.sealed.png spng spn s1n;
+image/vnd.sealedmedia.softseal.gif sgif sgi s1g;
+image/vnd.sealedmedia.softseal.jpg sjpg sjp s1j;
+image/vnd.tencent.tap tap;
+image/vnd.valve.source.texture vtf;
+image/vnd.wap.wbmp wbmp;
+image/vnd.xiff xif;
+image/vnd.zbrush.pcx pcx;
+image/wmf wmf;
+message/global u8msg;
+message/global-delivery-status u8dsn;
+message/global-disposition-notification u8mdn;
+message/global-headers u8hdr;
+message/rfc822 eml mail art;
+model/gltf-binary glb;
+model/gltf+json gltf;
+model/iges igs iges;
+model/mesh msh mesh silo;
+model/mtl mtl;
+model/obj obj;
+model/stl stl;
+model/vnd.collada+xml dae;
+model/vnd.dwf dwf;
+model/vnd.gdl gdl gsm win dor lmp rsm msm ism;
+model/vnd.gtw gtw;
+model/vnd.moml+xml moml;
+model/vnd.mts mts;
+model/vnd.opengex ogex;
+model/vnd.parasolid.transmit.binary x_b xmt_bin;
+model/vnd.parasolid.transmit.text x_t xmt_txt;
+model/vnd.pytha.pyox pyo pyox;
+model/vnd.sap.vds vds;
+model/vnd.usdz+zip usdz;
+model/vnd.valve.source.compiled-map bsp;
+model/vnd.vtu vtu;
+model/vrml wrl vrml;
+model/x3d+xml x3db;
+model/x3d-vrml x3dv x3dvz;
+multipart/vnd.bint.med-plus bmed;
+multipart/voice-message vpm;
+text/cache-manifest appcache manifest;
+text/calendar ics ifb;
+text/cql CQL;
+text/css css;
+text/csv csv;
+text/csv-schema csvs;
+text/dns soa zone;
+text/gff3 gff3;
+text/html html htm;
+text/jcr-cnd cnd;
+text/markdown markdown md;
+text/mizar miz;
+text/n3 n3;
+text/plain txt asc text pm el c h cc hh cxx hxx f90 conf log nix nginx sh cs sln razor csproj;
+text/provenance-notation provn;
+text/prs.fallenstein.rst rst;
+text/prs.lines.tag tag dsc;
+text/richtext rtx;
+text/SGML sgml sgm;
+text/shaclc shaclc shc;
+text/spdx spdx;
+text/tab-separated-values tsv;
+text/troff t tr roff;
+text/turtle ttl;
+text/uri-list uris uri;
+text/vcard vcf vcard;
+text/vnd.a a;
+text/vnd.abc abc;
+text/vnd.ascii-art ascii;
+text/vnd.debian.copyright copyright;
+text/vnd.DMClientScript dms;
+text/vnd.dvb.subtitle sub;
+text/vnd.esmertec.theme-descriptor jtd;
+text/vnd.ficlab.flt flt;
+text/vnd.fly fly;
+text/vnd.fmi.flexstor flx;
+text/vnd.graphviz gv dot;
+text/vnd.hans hans;
+text/vnd.hgl hgl;
+text/vnd.in3d.3dml 3dml 3dm;
+text/vnd.in3d.spot spot spo;
+text/vnd.ms-mediapackage mpf;
+text/vnd.net2phone.commcenter.command ccc;
+text/vnd.senx.warpscript mc2;
+text/vnd.si.uricatalogue uric;
+text/vnd.sun.j2me.app-descriptor jad;
+text/vnd.sosi sos;
+text/vnd.trolltech.linguist ts;
+text/vnd.wap.si si;
+text/vnd.wap.sl sl;
+text/vnd.wap.wml wml;
+text/vnd.wap.wmlscript wmls;
+text/vtt vtt;
+text/xml xml xsd rng;
+text/xml-external-parsed-entity ent;
+video/3gpp 3gp 3gpp;
+video/3gpp2 3g2 3gpp2;
+video/iso.segment m4s;
+video/mj2 mj2 mjp2;
+video/mp4 mp4 mpg4 m4v;
+video/mpeg mpeg mpg mpe m1v m2v;
+video/ogg ogv;
+video/quicktime mov qt;
+video/vnd.dece.hd uvh uvvh;
+video/vnd.dece.mobile uvm uvvm;
+video/vnd.dece.mp4 uvu uvvu;
+video/vnd.dece.pd uvp uvvp;
+video/vnd.dece.sd uvs uvvs;
+video/vnd.dece.video uvv uvvv;
+video/vnd.dvb.file dvb;
+video/vnd.fvt fvt;
+video/vnd.mpegurl mxu m4u;
+video/vnd.ms-playready.media.pyv pyv;
+video/vnd.nokia.interleaved-multimedia nim;
+video/vnd.radgamettools.bink bik bk2;
+video/vnd.radgamettools.smacker smk;
+video/vnd.sealed.mpeg1 smpg s11;
+video/vnd.sealed.mpeg4 s14;
+video/vnd.sealed.swf sswf ssw;
+video/vnd.sealedmedia.softseal.mov smov smo s1q;
+video/vnd.youtube.yt yt;
+video/vnd.vivo viv;
+application/mac-compactpro cpt;
+application/metalink+xml metalink;
+application/owl+xml owx;
+application/rss+xml rss;
+application/vnd.android.package-archive apk;
+application/vnd.oma.dd+xml dd;
+application/vnd.oma.drm.content dcf;
+application/vnd.oma.drm.dcf o4a o4v;
+application/vnd.oma.drm.message dm;
+application/vnd.oma.drm.rights+wbxml drc;
+application/vnd.oma.drm.rights+xml dr;
+application/vnd.sun.xml.calc sxc;
+application/vnd.sun.xml.calc.template stc;
+application/vnd.sun.xml.draw sxd;
+application/vnd.sun.xml.draw.template std;
+application/vnd.sun.xml.impress sxi;
+application/vnd.sun.xml.impress.template sti;
+application/vnd.sun.xml.math sxm;
+application/vnd.sun.xml.writer sxw;
+application/vnd.sun.xml.writer.global sxg;
+application/vnd.sun.xml.writer.template stw;
+application/vnd.symbian.install sis;
+application/vnd.wap.mms-message mms;
+application/x-annodex anx;
+application/x-bcpio bcpio;
+application/x-bittorrent torrent;
+application/x-bzip2 bz2;
+application/x-cdlink vcd;
+application/x-chrome-extension crx;
+application/x-cpio cpio;
+application/x-csh csh;
+application/x-director dcr dir dxr;
+application/x-dvi dvi;
+application/x-futuresplash spl;
+application/x-gtar gtar;
+application/x-hdf hdf;
+application/x-java-archive jar;
+application/x-java-jnlp-file jnlp;
+application/x-java-pack200 pack;
+application/x-killustrator kil;
+application/x-latex latex;
+application/x-netcdf nc cdf;
+application/x-perl pl;
+application/x-rpm rpm;
+application/x-sh sh;
+application/x-shar shar;
+application/x-stuffit sit;
+application/x-sv4cpio sv4cpio;
+application/x-sv4crc sv4crc;
+application/x-tar tar;
+application/x-tcl tcl;
+application/x-tex tex;
+application/x-texinfo texinfo texi;
+application/x-troff-man man 1 2 3 4 5 6 7 8;
+application/x-troff-me me;
+application/x-troff-ms ms;
+application/x-ustar ustar;
+application/x-wais-source src;
+application/x-xpinstall xpi;
+application/x-xspf+xml xspf;
+application/x-xz xz;
+audio/midi mid midi kar;
+audio/x-aiff aif aiff aifc;
+audio/x-annodex axa;
+audio/x-flac flac;
+audio/x-matroska mka;
+audio/x-mod mod ult uni m15 mtm 669 med;
+audio/x-mpegurl m3u;
+audio/x-ms-wax wax;
+audio/x-ms-wma wma;
+audio/x-pn-realaudio ram rm;
+audio/x-realaudio ra;
+audio/x-s3m s3m;
+audio/x-stm stm;
+audio/x-wav wav;
+chemical/x-xyz xyz;
+image/webp webp;
+image/x-cmu-raster ras;
+image/x-portable-anymap pnm;
+image/x-portable-bitmap pbm;
+image/x-portable-graymap pgm;
+image/x-portable-pixmap ppm;
+image/x-rgb rgb;
+image/x-targa tga;
+image/x-xbitmap xbm;
+image/x-xpixmap xpm;
+image/x-xwindowdump xwd;
+text/html-sandboxed sandboxed;
+text/x-pod pod;
+text/x-setext etx;
+video/webm webm;
+video/x-annodex axv;
+video/x-flv flv;
+video/x-javafx fxm;
+video/x-matroska mkv;
+video/x-matroska-3d mk3d;
+video/x-ms-asf asx;
+video/x-ms-wm wm;
+video/x-ms-wmv wmv;
+video/x-ms-wmx wmx;
+video/x-ms-wvx wvx;
+video/x-msvideo avi;
+video/x-sgi-movie movie;
+x-conference/x-cooltalk ice;
+x-epoc/x-sisx-app sisx;
+}
diff --git a/packages/nheko-git.nix b/packages/nheko-git.nix
new file mode 100644
index 0000000..c392d2f
--- /dev/null
+++ b/packages/nheko-git.nix
@@ -0,0 +1,105 @@
+# This file was copied from NUR: https://github.com/nix-community/nur-combined/blob/master/repos/deeunderscore/pkgs/nheko/default.nix#L93
+# This file is a modified version of nixpkgs/pkgs/applications/networking/instant-messengers/nheko/default.nix (copied at 2e896fce)
+
+{
+ lib,
+ stdenv,
+ fetchFromGitHub,
+ cmake,
+ #, wrapQtAppsHook
+ asciidoctor,
+ qt6,
+ qt6Packages,
+ #, qtmultimedia
+ #, qtimageformats
+ #, qtkeychain
+ cmark,
+ coeurl,
+ curl,
+ libevent,
+ lmdb,
+ lmdbxx,
+ #, mtxclient
+ nlohmann_json,
+ olm,
+ pkg-config,
+ re2,
+ spdlog,
+ httplib,
+ voipSupport ? true,
+ gst_all_1,
+ libnice,
+ kdsingleapplication,
+ pkgs,
+ nhekoSrc,
+ mtxclientSrc,
+}:
+
+stdenv.mkDerivation {
+ pname = "nheko";
+ version = "git+master";
+ src = nhekoSrc;
+
+ nativeBuildInputs = [
+ lmdbxx
+ cmake
+ pkg-config
+ asciidoctor
+ qt6.wrapQtAppsHook
+ ];
+
+ buildInputs =
+ [
+ qt6.qtbase
+ qt6.qttools
+ qt6.qtsvg
+ qt6.qtmultimedia
+ qt6.qtimageformats
+ qt6Packages.qtkeychain
+ kdsingleapplication
+ cmark
+ coeurl
+ curl
+ libevent
+ lmdb
+ (pkgs.callPackage ./mtxclient-git.nix { inherit mtxclientSrc; })
+ nlohmann_json
+ olm
+ re2
+ spdlog
+ httplib
+ ]
+ ++ lib.optionals voipSupport (
+ with gst_all_1;
+ [
+ gstreamer
+ gst-plugins-base
+ gst-plugins-good
+ gst-plugins-bad
+ libnice
+ ]
+ );
+
+ LC_ALL = lib.optionalString (!stdenv.isDarwin) "C.UTF-8";
+
+ cmakeFlags = [
+ "-DCOMPILE_QML=ON" # see https://github.com/Nheko-Reborn/nheko/issues/389
+ "-DCMAKE_BUILD_TYPE=Release"
+ "-DBUILD_SHARED_LIBS=OFF"
+ #Rory&
+ "-DMAN=OFF"
+
+ ] ++ lib.optionals (!voipSupport) [ "-DVOIP=OFF" ];
+
+ preFixup = lib.optionalString voipSupport ''
+ # add gstreamer plugins path to the wrapper
+ qtWrapperArgs+=(--prefix GST_PLUGIN_SYSTEM_PATH_1_0 : "$GST_PLUGIN_SYSTEM_PATH_1_0")
+ '';
+
+ meta = with lib; {
+ description = "Desktop client for the Matrix protocol";
+ homepage = "https://github.com/Nheko-Reborn/nheko";
+ platforms = platforms.all;
+ license = licenses.gpl3Plus;
+ };
+}
diff --git a/packages/overlays/haskell/basement/IntWord64.nix b/packages/overlays/haskell/basement/IntWord64.nix
new file mode 100644
index 0000000..d407bf0
--- /dev/null
+++ b/packages/overlays/haskell/basement/IntWord64.nix
@@ -0,0 +1,14 @@
+{ pkgs, ... }:
+{
+ nixpkgs.overlays = [
+ (self: super: {
+ haskellPackages = super.haskellPackages.override {
+ overrides = haskellPackages-self: haskellPackages-super: {
+ basement = haskellPackages-super.basement.overrideAttrs (oldAttrs: {
+ patches = [ ./IntWord64.patch ];
+ });
+ };
+ };
+ })
+ ];
+}
diff --git a/packages/overlays/haskell/basement/IntWord64.patch b/packages/overlays/haskell/basement/IntWord64.patch
new file mode 100644
index 0000000..0d1cdf7
--- /dev/null
+++ b/packages/overlays/haskell/basement/IntWord64.patch
@@ -0,0 +1,105 @@
+diff -up basement-0.0.15/Basement/Bits.hs~ basement-0.0.15/Basement/Bits.hs
+--- basement-0.0.15/Basement/Bits.hs~ 2022-02-28 12:00:48.000000000 +0800
++++ basement-0.0.15/Basement/Bits.hs 2023-02-16 18:50:32.947378064 +0800
+@@ -54,7 +54,7 @@ import GHC.Int
+ import Basement.Compat.Primitive
+
+ #if WORD_SIZE_IN_BITS < 64
+-import GHC.IntWord64
++import GHC.Exts
+ #endif
+
+ -- | operation over finite bits
+diff -up basement-0.0.15/Basement/Numerical/Additive.hs~ basement-0.0.15/Basement/Numerical/Additive.hs
+--- basement-0.0.15/Basement/Numerical/Additive.hs~ 2022-02-28 12:00:48.000000000 +0800
++++ basement-0.0.15/Basement/Numerical/Additive.hs 2023-02-16 18:52:14.547975419 +0800
+@@ -29,7 +29,7 @@ import qualified Basement.Types.Word128
+ import qualified Basement.Types.Word256 as Word256
+
+ #if WORD_SIZE_IN_BITS < 64
+-import GHC.IntWord64
++import GHC.Exts
+ #endif
+
+ -- | Represent class of things that can be added together,
+diff -up basement-0.0.15/Basement/Numerical/Conversion.hs~ basement-0.0.15/Basement/Numerical/Conversion.hs
+--- basement-0.0.15/Basement/Numerical/Conversion.hs~ 2022-02-28 12:00:48.000000000 +0800
++++ basement-0.0.15/Basement/Numerical/Conversion.hs 2023-02-16 18:28:38.844400110 +0800
+@@ -25,7 +25,7 @@ import GHC.Word
+ import Basement.Compat.Primitive
+
+ #if WORD_SIZE_IN_BITS < 64
+-import GHC.IntWord64
++import GHC.Exts
+ #endif
+
+ intToInt64 :: Int -> Int64
+@@ -114,7 +114,7 @@
+ #endif
+ #else
+ word64ToWord32s :: Word64 -> Word32x2
+-word64ToWord32s (W64# w64) = Word32x2 (W32# (word64ToWord# (uncheckedShiftRL64# w64 32#))) (W32# (word64ToWord# w64))
++word64ToWord32s (W64# w64) = Word32x2 (W32# (wordToWord32# (word64ToWord# (uncheckedShiftRL64# w64 32#)))) (W32# (wordToWord32# (word64ToWord# w64)))
+ #endif
+
+ wordToChar :: Word -> Char
+diff -up basement-0.0.15/Basement/PrimType.hs~ basement-0.0.15/Basement/PrimType.hs
+--- basement-0.0.15/Basement/PrimType.hs~ 2022-03-03 10:51:42.000000000 +0800
++++ basement-0.0.15/Basement/PrimType.hs 2023-02-16 18:52:13.884971521 +0800
+@@ -54,7 +54,7 @@ import Basement.Nat
+ import qualified Prelude (quot)
+
+ #if WORD_SIZE_IN_BITS < 64
+-import GHC.IntWord64
++import GHC.Exts
+ #endif
+
+ #ifdef FOUNDATION_BOUNDS_CHECK
+diff -up basement-0.0.15/Basement/Types/OffsetSize.hs~ basement-0.0.15/Basement/Types/OffsetSize.hs
+--- basement-0.0.15/Basement/Types/OffsetSize.hs~ 2019-09-02 11:58:08.000000000 +0800
++++ basement-0.0.15/Basement/Types/OffsetSize.hs 2023-02-16 18:49:45.703100306 +0800
+@@ -69,7 +69,7 @@ import Data.List (foldl')
+ import qualified Prelude
+
+ #if WORD_SIZE_IN_BITS < 64
+-import GHC.IntWord64
++import GHC.Exts
+ #endif
+
+ -- | File size in bytes
+@@ -225,7 +225,7 @@
+
+ csizeOfSize :: CountOf Word8 -> CSize
+ #if WORD_SIZE_IN_BITS < 64
+-csizeOfSize (CountOf (I# sz)) = CSize (W32# (int2Word# sz))
++csizeOfSize (CountOf (I# sz)) = CSize (W32# (wordToWord32# (int2Word# sz)))
+ #else
+ #if __GLASGOW_HASKELL__ >= 904
+ csizeOfSize (CountOf (I# sz)) = CSize (W64# (wordToWord64# (int2Word# sz)))
+@@ -238,7 +238,7 @@
+
+ csizeOfOffset :: Offset8 -> CSize
+ #if WORD_SIZE_IN_BITS < 64
+-csizeOfOffset (Offset (I# sz)) = CSize (W32# (int2Word# sz))
++csizeOfOffset (Offset (I# sz)) = CSize (W32# (wordToWord32# (int2Word# sz)))
+ #else
+ #if __GLASGOW_HASKELL__ >= 904
+ csizeOfOffset (Offset (I# sz)) = CSize (W64# (wordToWord64# (int2Word# sz)))
+@@ -250,7 +250,7 @@
+ sizeOfCSSize :: CSsize -> CountOf Word8
+ sizeOfCSSize (CSsize (-1)) = error "invalid size: CSSize is -1"
+ #if WORD_SIZE_IN_BITS < 64
+-sizeOfCSSize (CSsize (I32# sz)) = CountOf (I# sz)
++sizeOfCSSize (CSsize (I32# sz)) = CountOf (I# (int32ToInt# sz))
+ #else
+ #if __GLASGOW_HASKELL__ >= 904
+ sizeOfCSSize (CSsize (I64# sz)) = CountOf (I# (int64ToInt# sz))
+@@ -261,7 +261,7 @@
+
+ sizeOfCSize :: CSize -> CountOf Word8
+ #if WORD_SIZE_IN_BITS < 64
+-sizeOfCSize (CSize (W32# sz)) = CountOf (I# (word2Int# sz))
++sizeOfCSize (CSize (W32# sz)) = CountOf (I# (word2Int# (word32ToWord# sz)))
+ #else
+ #if __GLASGOW_HASKELL__ >= 904
+ sizeOfCSize (CSize (W64# sz)) = CountOf (I# (word2Int# (word64ToWord# sz)))
diff --git a/packages/overlays/jetbrains-plugins.nix b/packages/overlays/jetbrains-plugins.nix
new file mode 100644
index 0000000..50eb061
--- /dev/null
+++ b/packages/overlays/jetbrains-plugins.nix
@@ -0,0 +1,75 @@
+{ ... }:
+{
+ nixpkgs.overlays = [
+ (
+ # https://github.com/NixOS/nixpkgs/issues/400317
+ self: super:
+ let
+ file = "https://plugins.jetbrains.com/files/17718/743191/github-copilot-intellij-1.5.45-243.zip";
+ id = "17718";
+ in
+ {
+ jetbrains = super.lib.recursiveUpdate super.jetbrains {
+ plugins.github-copilot-fixed = super.stdenv.mkDerivation {
+ name = "jetbrains-plugin-${id}";
+ installPhase = ''
+ runHook preInstall
+ mkdir -p $out && cp -r . $out
+ runHook postInstall
+ '';
+ src = super.fetchzip {
+ url = "https://plugins.jetbrains.com/files/17718/743191/github-copilot-intellij-1.5.45-243.zip";
+ hash = "sha256-wSIGsDmgZV8o6F9ekf84b06Ul16rw+wXdQx/X4D/rCI=";
+ executable = false;
+ };
+
+ # prelude
+ # (function(process, require, console, EXECPATH_FD, PAYLOAD_POSITION, PAYLOAD_SIZE) { return (function (REQUIRE_COMMON, VIRTUAL_FILESYSTEM, DEFAULT_ENTRYPOINT, SYMLINKS, DICT, DOCOMPRESS) {
+ # payload
+ # grep -aobUam1 $'\x1f\x8b\x08\x00' copilot-language-server
+
+ buildPhase = ''
+ agent='copilot-agent/native/${super.lib.toLower super.stdenv.hostPlatform.uname.system}${
+ {
+ x86_64 = "-x64";
+ aarch64 = "-arm64";
+ }
+ .${super.stdenv.hostPlatform.uname.processor} or ""
+ }/copilot-language-server'
+
+ # Helper: find the offset of the payload by matching gzip magic bytes
+ find_payload_offset() {
+ grep -aobUam1 -f <(printf '\x1f\x8b\x08\x00') "$agent" | cut -d: -f1
+ }
+
+ # Helper: find the offset of the prelude by searching for function string start
+ find_prelude_offset() {
+ local prelude_string='(function(process, require, console, EXECPATH_FD, PAYLOAD_POSITION, PAYLOAD_SIZE) {'
+ grep -obUa -- "$prelude_string" "$agent" | cut -d: -f1
+ }
+
+ before_payload_position="$(find_payload_offset)"
+ before_prelude_position="$(find_prelude_offset)"
+
+ patchelf --set-interpreter "$(cat $NIX_CC/nix-support/dynamic-linker)" $agent
+ patchelf --set-rpath ${
+ super.lib.makeLibraryPath [
+ super.glibc
+ super.gcc-unwrapped
+ ]
+ } $agent
+ chmod +x $agent
+
+ after_payload_position="$(find_payload_offset)"
+ after_prelude_position="$(find_prelude_offset)"
+
+ # There are hardcoded positions in the binary, then it replaces the placeholders by himself
+ sed -i -e "s/$before_payload_position/$after_payload_position/g" "$agent"
+ sed -i -e "s/$before_prelude_position/$after_prelude_position/g" "$agent"
+ '';
+ };
+ };
+ }
+ )
+ ];
+}
diff --git a/packages/overlays/lldb.nix b/packages/overlays/lldb.nix
new file mode 100644
index 0000000..d76a34a
--- /dev/null
+++ b/packages/overlays/lldb.nix
@@ -0,0 +1,10 @@
+{ ... }:
+{
+ nixpkgs.overlays = [
+ (final: prev: {
+ lldb = prev.lldb.overrideAttrs (old: {
+ dontCheckForBrokenSymlinks = true;
+ });
+ })
+ ];
+}
diff --git a/packages/overlays/matrix-synapse/patches/0001-Fast-auth-links.patch b/packages/overlays/matrix-synapse/patches/0001-Fast-auth-links.patch
new file mode 100644
index 0000000..0d92e4e
--- /dev/null
+++ b/packages/overlays/matrix-synapse/patches/0001-Fast-auth-links.patch
@@ -0,0 +1,100 @@
+From 1b82f35b613e96c56bf18015e33f34328ad73188 Mon Sep 17 00:00:00 2001
+From: Rory& <root@rory.gay>
+Date: Tue, 22 Jul 2025 05:07:01 +0200
+Subject: [PATCH 01/11] Fast auth links
+
+---
+ synapse/storage/database.py | 43 +++++++++++++++++++
+ .../databases/main/event_federation.py | 8 ++--
+ 2 files changed, 47 insertions(+), 4 deletions(-)
+
+diff --git a/synapse/storage/database.py b/synapse/storage/database.py
+index 6188195614..79af139543 100644
+--- a/synapse/storage/database.py
++++ b/synapse/storage/database.py
+@@ -2558,6 +2558,49 @@ class DatabasePool:
+
+ return txn.fetchall()
+
++# requires database_engine.supports_using_any_list to be true
++def make_select_id_if_found_sql_clause(
++ database_engine: BaseDatabaseEngine,
++ column: str,
++ table: str,
++ iterable: Collection[Any],
++ *,
++ negative: bool = False,
++) -> Tuple[str, list]:
++ """Returns an SQL clause that checks the given column is in the iterable.
++
++ On SQLite this expands to `column IN (?, ?, ...)`, whereas on Postgres
++ it expands to `column = ANY(?)`. While both DBs support the `IN` form,
++ using the `ANY` form on postgres means that it views queries with
++ different length iterables as the same, helping the query stats.
++
++ Args:
++ database_engine
++ column: Name of the column
++ table: Name of the table
++ iterable: The values to check the column against.
++ negative: Whether we should check for inequality, i.e. `NOT IN`
++
++ Returns:
++ A tuple of SQL query and the args
++ """
++ # This should hopefully be faster, but also makes postgres query
++ # stats easier to understand.
++ if database_engine.supports_using_any_list:
++ if not negative:
++ clause = f"{column}_lookup AS {column} FROM UNNEST(?::bigint[]) {column}_lookup WHERE EXISTS(SELECT FROM {table} WHERE {column}={column}_lookup)"
++ else:
++ clause = f"{column}_lookup AS {column} FROM UNNEST(?::bigint[]) {column}_lookup WHERE NOT EXISTS(SELECT FROM {table} WHERE {column}={column}_lookup)"
++
++ return clause, [list(iterable)]
++ else:
++ params = ",".join("?" for _ in iterable)
++ if not negative:
++ clause = f"DISTINCT {column} FROM {table} WHERE {column} IN ({params})"
++ else:
++ clause = f"DISTINCT {column} FROM {table} WHERE {column} NOT IN ({params})"
++ return clause, list(iterable)
++
+
+ def make_in_list_sql_clause(
+ database_engine: BaseDatabaseEngine,
+diff --git a/synapse/storage/databases/main/event_federation.py b/synapse/storage/databases/main/event_federation.py
+index 46aa5902d8..026f0114ed 100644
+--- a/synapse/storage/databases/main/event_federation.py
++++ b/synapse/storage/databases/main/event_federation.py
+@@ -52,6 +52,7 @@ from synapse.storage.database import (
+ DatabasePool,
+ LoggingDatabaseConnection,
+ LoggingTransaction,
++ make_select_id_if_found_sql_clause,
+ )
+ from synapse.storage.databases.main.events_worker import EventsWorkerStore
+ from synapse.storage.databases.main.signatures import SignatureWorkerStore
+@@ -362,8 +363,7 @@ class EventFederationWorkerStore(SignatureWorkerStore, EventsWorkerStore, SQLBas
+ sql = """
+ WITH RECURSIVE links(chain_id) AS (
+ SELECT
+- DISTINCT origin_chain_id
+- FROM event_auth_chain_links WHERE %s
++ %s
+ UNION
+ SELECT
+ target_chain_id
+@@ -380,8 +380,8 @@ class EventFederationWorkerStore(SignatureWorkerStore, EventsWorkerStore, SQLBas
+ while chains_to_fetch:
+ batch2 = tuple(itertools.islice(chains_to_fetch, 1000))
+ chains_to_fetch.difference_update(batch2)
+- clause, args = make_in_list_sql_clause(
+- txn.database_engine, "origin_chain_id", batch2
++ clause, args = make_select_id_if_found_sql_clause(
++ txn.database_engine, "origin_chain_id", "event_auth_chain_links", batch2
+ )
+ txn.execute(sql % (clause,), args)
+
+--
+2.49.0
+
diff --git a/packages/overlays/matrix-synapse/patches/0002-Hotfix-ignore-rejected-events-in-delayed_events.patch b/packages/overlays/matrix-synapse/patches/0002-Hotfix-ignore-rejected-events-in-delayed_events.patch
new file mode 100644
index 0000000..3d5ea60
--- /dev/null
+++ b/packages/overlays/matrix-synapse/patches/0002-Hotfix-ignore-rejected-events-in-delayed_events.patch
@@ -0,0 +1,31 @@
+From 346fb5899fa42d4604b7bf0261c5e1774e6d2c04 Mon Sep 17 00:00:00 2001
+From: Rory& <root@rory.gay>
+Date: Sun, 20 Apr 2025 00:30:29 +0200
+Subject: [PATCH 02/11] Hotfix: ignore rejected events in delayed_events
+
+---
+ synapse/handlers/delayed_events.py | 7 ++++++-
+ 1 file changed, 6 insertions(+), 1 deletion(-)
+
+diff --git a/synapse/handlers/delayed_events.py b/synapse/handlers/delayed_events.py
+index 80cb1cec9b..cb2a34ff73 100644
+--- a/synapse/handlers/delayed_events.py
++++ b/synapse/handlers/delayed_events.py
+@@ -208,8 +208,13 @@ class DelayedEventsHandler:
+ )
+
+ event = await self._store.get_event(
+- delta.event_id, check_room_id=delta.room_id
++ delta.event_id, check_room_id=delta.room_id, allow_rejected=True, allow_none=True
+ )
++
++ if event is None or event.rejected_reason is not None:
++ # This event has been rejected, so we don't want to cancel any delayed events for it.
++ continue
++
+ sender = UserID.from_string(event.sender)
+
+ next_send_ts = await self._store.cancel_delayed_state_events(
+--
+2.49.0
+
diff --git a/packages/overlays/matrix-synapse/patches/0003-Add-too-much-logging-to-room-summary-over-federation.patch b/packages/overlays/matrix-synapse/patches/0003-Add-too-much-logging-to-room-summary-over-federation.patch
new file mode 100644
index 0000000..5f4e596
--- /dev/null
+++ b/packages/overlays/matrix-synapse/patches/0003-Add-too-much-logging-to-room-summary-over-federation.patch
@@ -0,0 +1,77 @@
+From 929d1e329ec26d2e351591206a82c6e235660437 Mon Sep 17 00:00:00 2001
+From: Rory& <root@rory.gay>
+Date: Wed, 23 Apr 2025 17:53:52 +0200
+Subject: [PATCH 03/11] Add too much logging to room summary over federation
+
+Signed-off-by: Rory& <root@rory.gay>
+---
+ synapse/handlers/room_summary.py | 40 ++++++++++++++++++++++++++++----
+ 1 file changed, 36 insertions(+), 4 deletions(-)
+
+diff --git a/synapse/handlers/room_summary.py b/synapse/handlers/room_summary.py
+index 1f322ac263..59b63b2e7c 100644
+--- a/synapse/handlers/room_summary.py
++++ b/synapse/handlers/room_summary.py
+@@ -715,23 +715,55 @@ class RoomSummaryHandler:
+ """
+ # The API doesn't return the room version so assume that a
+ # join rule of knock is valid.
++ join_rule = room.get("join_rule")
++ world_readable = room.get("world_readable")
++
++ logger.warning(
++ "[EMMA] Checking if room %s is accessible to %s: join_rule=%s, world_readable=%s",
++ room_id, requester, join_rule, world_readable
++ )
++
+ if (
+- room.get("join_rule", JoinRules.PUBLIC)
+- in (JoinRules.PUBLIC, JoinRules.KNOCK, JoinRules.KNOCK_RESTRICTED)
+- or room.get("world_readable") is True
++ join_rule in (JoinRules.PUBLIC, JoinRules.KNOCK, JoinRules.KNOCK_RESTRICTED)
++ or world_readable is True
+ ):
+ return True
+- elif not requester:
++ else:
++ logger.warning(
++ "[EMMA] Room %s is not accessible to %s: join_rule=%s, world_readable=%s, join_rule result=%s, world_readable result=%s",
++ room_id, requester, join_rule, world_readable,
++ join_rule in (JoinRules.PUBLIC, JoinRules.KNOCK, JoinRules.KNOCK_RESTRICTED),
++ world_readable is True
++ )
++
++ if not requester:
++ logger.warning(
++ "[EMMA] No requester, so room %s is not accessible",
++ room_id
++ )
+ return False
++
+
+ # Check if the user is a member of any of the allowed rooms from the response.
+ allowed_rooms = room.get("allowed_room_ids")
++ logger.warning(
++ "[EMMA] Checking if room %s is in allowed rooms for %s: join_rule=%s, allowed_rooms=%s",
++ requester,
++ room_id,
++ join_rule,
++ allowed_rooms
++ )
+ if allowed_rooms and isinstance(allowed_rooms, list):
+ if await self._event_auth_handler.is_user_in_rooms(
+ allowed_rooms, requester
+ ):
+ return True
+
++ logger.warning(
++ "[EMMA] Checking if room %s is accessble to %s via local state",
++ room_id,
++ requester
++ )
+ # Finally, check locally if we can access the room. The user might
+ # already be in the room (if it was a child room), or there might be a
+ # pending invite, etc.
+--
+2.49.0
+
diff --git a/packages/overlays/matrix-synapse/patches/0004-Log-entire-room-if-accessibility-check-fails.patch b/packages/overlays/matrix-synapse/patches/0004-Log-entire-room-if-accessibility-check-fails.patch
new file mode 100644
index 0000000..290f0da
--- /dev/null
+++ b/packages/overlays/matrix-synapse/patches/0004-Log-entire-room-if-accessibility-check-fails.patch
@@ -0,0 +1,28 @@
+From 0ce933278f77e272e2cc894229a1178e1b4fb552 Mon Sep 17 00:00:00 2001
+From: Rory& <root@rory.gay>
+Date: Wed, 23 Apr 2025 18:24:57 +0200
+Subject: [PATCH 04/11] Log entire room if accessibility check fails
+
+Signed-off-by: Rory& <root@rory.gay>
+---
+ synapse/handlers/room_summary.py | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/synapse/handlers/room_summary.py b/synapse/handlers/room_summary.py
+index 59b63b2e7c..b65ccdb510 100644
+--- a/synapse/handlers/room_summary.py
++++ b/synapse/handlers/room_summary.py
+@@ -931,6 +931,10 @@ class RoomSummaryHandler:
+ if not room_entry or not await self._is_remote_room_accessible(
+ requester, room_entry.room_id, room_entry.room
+ ):
++ logger.warning(
++ "[Emma] Room entry contents: %s",
++ room_entry.room if room_entry else None
++ )
+ raise NotFoundError("Room not found or is not accessible")
+
+ room = dict(room_entry.room)
+--
+2.49.0
+
diff --git a/packages/overlays/matrix-synapse/patches/0005-Log-policy-server-rejected-events.patch b/packages/overlays/matrix-synapse/patches/0005-Log-policy-server-rejected-events.patch
new file mode 100644
index 0000000..ae59e63
--- /dev/null
+++ b/packages/overlays/matrix-synapse/patches/0005-Log-policy-server-rejected-events.patch
@@ -0,0 +1,30 @@
+From 0b5d4c8104bf25f7bbb4e4e7db229742f04199b6 Mon Sep 17 00:00:00 2001
+From: Rory& <root@rory.gay>
+Date: Tue, 27 May 2025 05:21:46 +0200
+Subject: [PATCH 05/11] Log policy server rejected events
+
+---
+ synapse/handlers/room_policy.py | 7 +++++++
+ 1 file changed, 7 insertions(+)
+
+diff --git a/synapse/handlers/room_policy.py b/synapse/handlers/room_policy.py
+index 170c477d6f..df5585e4ee 100644
+--- a/synapse/handlers/room_policy.py
++++ b/synapse/handlers/room_policy.py
+@@ -87,6 +87,13 @@ class RoomPolicyHandler:
+ policy_server, event
+ )
+ if recommendation != RECOMMENDATION_OK:
++ logger.info(
++ "[POLICY] Policy server %s recommended not to allow event %s in room %s: %s",
++ policy_server,
++ event.event_id,
++ event.room_id,
++ recommendation,
++ )
+ return False
+
+ return True # default allow
+--
+2.49.0
+
diff --git a/packages/overlays/matrix-synapse/patches/0006-Use-parse_boolean-for-unredacted-content.patch b/packages/overlays/matrix-synapse/patches/0006-Use-parse_boolean-for-unredacted-content.patch
new file mode 100644
index 0000000..1c2841c
--- /dev/null
+++ b/packages/overlays/matrix-synapse/patches/0006-Use-parse_boolean-for-unredacted-content.patch
@@ -0,0 +1,29 @@
+From 07d72fd39ea3044577322647d5ed1dd8cb6f77d9 Mon Sep 17 00:00:00 2001
+From: Rory& <root@rory.gay>
+Date: Tue, 27 May 2025 06:14:26 +0200
+Subject: [PATCH 06/11] Use parse_boolean for unredacted content
+
+---
+ synapse/rest/client/room.py | 5 ++---
+ 1 file changed, 2 insertions(+), 3 deletions(-)
+
+diff --git a/synapse/rest/client/room.py b/synapse/rest/client/room.py
+index 4600a87778..e838341fde 100644
+--- a/synapse/rest/client/room.py
++++ b/synapse/rest/client/room.py
+@@ -915,10 +915,9 @@ class RoomEventServlet(RestServlet):
+ requester = await self.auth.get_user_by_req(request, allow_guest=True)
+
+ include_unredacted_content = self.msc2815_enabled and (
+- parse_string(
++ parse_boolean(
+ request,
+- "fi.mau.msc2815.include_unredacted_content",
+- allowed_values=("true", "false"),
++ "fi.mau.msc2815.include_unredacted_content"
+ )
+ == "true"
+ )
+--
+2.49.0
+
diff --git a/packages/overlays/matrix-synapse/patches/0007-Expose-tombstone-in-room-admin-api.patch b/packages/overlays/matrix-synapse/patches/0007-Expose-tombstone-in-room-admin-api.patch
new file mode 100644
index 0000000..719705e
--- /dev/null
+++ b/packages/overlays/matrix-synapse/patches/0007-Expose-tombstone-in-room-admin-api.patch
@@ -0,0 +1,114 @@
+From d3edb4aa9a225f521fdbc406c187fd40343b3963 Mon Sep 17 00:00:00 2001
+From: Rory& <root@rory.gay>
+Date: Tue, 27 May 2025 06:37:52 +0200
+Subject: [PATCH 07/11] Expose tombstone in room admin api
+
+---
+ synapse/rest/admin/rooms.py | 5 ++++
+ synapse/rest/client/room.py | 1 -
+ synapse/storage/databases/main/room.py | 36 +++++++++++++++++++++++++-
+ 3 files changed, 40 insertions(+), 2 deletions(-)
+
+diff --git a/synapse/rest/admin/rooms.py b/synapse/rest/admin/rooms.py
+index f8c5bf18d4..adac1f0362 100644
+--- a/synapse/rest/admin/rooms.py
++++ b/synapse/rest/admin/rooms.py
+@@ -251,6 +251,10 @@ class ListRoomRestServlet(RestServlet):
+ direction = parse_enum(request, "dir", Direction, default=Direction.FORWARDS)
+ reverse_order = True if direction == Direction.BACKWARDS else False
+
++ emma_include_tombstone = parse_boolean(
++ request, "emma_include_tombstone", default=False
++ )
++
+ # Return list of rooms according to parameters
+ rooms, total_rooms = await self.store.get_rooms_paginate(
+ start,
+@@ -260,6 +264,7 @@ class ListRoomRestServlet(RestServlet):
+ search_term,
+ public_rooms,
+ empty_rooms,
++ emma_include_tombstone = emma_include_tombstone
+ )
+
+ response = {
+diff --git a/synapse/rest/client/room.py b/synapse/rest/client/room.py
+index e838341fde..f61152c35b 100644
+--- a/synapse/rest/client/room.py
++++ b/synapse/rest/client/room.py
+@@ -919,7 +919,6 @@ class RoomEventServlet(RestServlet):
+ request,
+ "fi.mau.msc2815.include_unredacted_content"
+ )
+- == "true"
+ )
+ if include_unredacted_content and not await self.auth.is_server_admin(
+ requester
+diff --git a/synapse/storage/databases/main/room.py b/synapse/storage/databases/main/room.py
+index 58451d3ff1..66b79db4ed 100644
+--- a/synapse/storage/databases/main/room.py
++++ b/synapse/storage/databases/main/room.py
+@@ -610,6 +610,7 @@ class RoomWorkerStore(CacheInvalidationWorkerStore):
+ search_term: Optional[str],
+ public_rooms: Optional[bool],
+ empty_rooms: Optional[bool],
++ emma_include_tombstone: bool = False,
+ ) -> Tuple[List[Dict[str, Any]], int]:
+ """Function to retrieve a paginated list of rooms as json.
+
+@@ -629,6 +630,7 @@ class RoomWorkerStore(CacheInvalidationWorkerStore):
+ If true, empty rooms are queried.
+ if false, empty rooms are excluded from the query. When it is
+ none (the default), both empty rooms and none-empty rooms are queried.
++ emma_include_tombstone: If true, include tombstone events in the results.
+ Returns:
+ A list of room dicts and an integer representing the total number of
+ rooms that exist given this query
+@@ -797,11 +799,43 @@ class RoomWorkerStore(CacheInvalidationWorkerStore):
+ room_count = cast(Tuple[int], txn.fetchone())
+ return rooms, room_count[0]
+
+- return await self.db_pool.runInteraction(
++ result = await self.db_pool.runInteraction(
+ "get_rooms_paginate",
+ _get_rooms_paginate_txn,
+ )
+
++ if emma_include_tombstone:
++ room_id_sql, room_id_args = make_in_list_sql_clause(
++ self.database_engine, "cse.room_id", [r["room_id"] for r in result[0]]
++ )
++
++ tombstone_sql = """
++ SELECT cse.room_id, cse.event_id, ej.json
++ FROM current_state_events cse
++ JOIN event_json ej USING (event_id)
++ WHERE cse.type = 'm.room.tombstone'
++ AND {room_id_sql}
++ """.format(
++ room_id_sql=room_id_sql
++ )
++
++ def _get_tombstones_txn(
++ txn: LoggingTransaction,
++ ) -> Dict[str, JsonDict]:
++ txn.execute(tombstone_sql, room_id_args)
++ for room_id, event_id, json in txn:
++ for result_room in result[0]:
++ if result_room["room_id"] == room_id:
++ result_room["gay.rory.synapse_admin_extensions.tombstone"] = db_to_json(json)
++ break
++ return result[0], result[1]
++
++ result = await self.db_pool.runInteraction(
++ "get_rooms_tombstones", _get_tombstones_txn,
++ )
++
++ return result
++
+ @cached(max_entries=10000)
+ async def get_ratelimit_for_user(self, user_id: str) -> Optional[RatelimitOverride]:
+ """Check if there are any overrides for ratelimiting for the given user
+--
+2.49.0
+
diff --git a/packages/overlays/matrix-synapse/patches/0008-fix-Always-recheck-messages-pagination-data-if-a-bac.patch b/packages/overlays/matrix-synapse/patches/0008-fix-Always-recheck-messages-pagination-data-if-a-bac.patch
new file mode 100644
index 0000000..363204e
--- /dev/null
+++ b/packages/overlays/matrix-synapse/patches/0008-fix-Always-recheck-messages-pagination-data-if-a-bac.patch
@@ -0,0 +1,204 @@
+From afecddceaa6ece4cf797ce27e226a99acb8e8a6d Mon Sep 17 00:00:00 2001
+From: Jason Little <j.little@famedly.com>
+Date: Wed, 30 Apr 2025 09:29:42 -0500
+Subject: [PATCH 08/11] fix: Always recheck `/messages` pagination data if a
+ backfill might have been needed (#28)
+
+---
+ synapse/handlers/federation.py | 35 +++++++++++++--------------------
+ synapse/handlers/pagination.py | 36 +++++++++++++++++++---------------
+ 2 files changed, 34 insertions(+), 37 deletions(-)
+
+diff --git a/synapse/handlers/federation.py b/synapse/handlers/federation.py
+index 015fb3edca..a0bc955121 100644
+--- a/synapse/handlers/federation.py
++++ b/synapse/handlers/federation.py
+@@ -211,7 +211,7 @@ class FederationHandler:
+ @tag_args
+ async def maybe_backfill(
+ self, room_id: str, current_depth: int, limit: int, record_time: bool = True
+- ) -> bool:
++ ) -> None:
+ """Checks the database to see if we should backfill before paginating,
+ and if so do.
+
+@@ -225,8 +225,6 @@ class FederationHandler:
+ should back paginate.
+ record_time: Whether to record the time it takes to backfill.
+
+- Returns:
+- True if we actually tried to backfill something, otherwise False.
+ """
+ # Starting the processing time here so we can include the room backfill
+ # linearizer lock queue in the timing
+@@ -252,7 +250,7 @@ class FederationHandler:
+ limit: int,
+ *,
+ processing_start_time: Optional[int],
+- ) -> bool:
++ ) -> None:
+ """
+ Checks whether the `current_depth` is at or approaching any backfill
+ points in the room and if so, will backfill. We only care about
+@@ -326,7 +324,7 @@ class FederationHandler:
+ limit=1,
+ )
+ if not have_later_backfill_points:
+- return False
++ return None
+
+ logger.debug(
+ "_maybe_backfill_inner: all backfill points are *after* current depth. Trying again with later backfill points."
+@@ -346,15 +344,15 @@ class FederationHandler:
+ )
+ # We return `False` because we're backfilling in the background and there is
+ # no new events immediately for the caller to know about yet.
+- return False
++ return None
+
+ # Even after recursing with `MAX_DEPTH`, we didn't find any
+ # backward extremities to backfill from.
+ if not sorted_backfill_points:
+ logger.debug(
+- "_maybe_backfill_inner: Not backfilling as no backward extremeties found."
++ "_maybe_backfill_inner: Not backfilling as no backward extremities found."
+ )
+- return False
++ return None
+
+ # If we're approaching an extremity we trigger a backfill, otherwise we
+ # no-op.
+@@ -373,7 +371,7 @@ class FederationHandler:
+ current_depth,
+ limit,
+ )
+- return False
++ return None
+
+ # For performance's sake, we only want to paginate from a particular extremity
+ # if we can actually see the events we'll get. Otherwise, we'd just spend a lot
+@@ -441,7 +439,7 @@ class FederationHandler:
+ logger.debug(
+ "_maybe_backfill_inner: found no extremities which would be visible"
+ )
+- return False
++ return None
+
+ logger.debug(
+ "_maybe_backfill_inner: extremities_to_request %s", extremities_to_request
+@@ -464,7 +462,7 @@ class FederationHandler:
+ )
+ )
+
+- async def try_backfill(domains: StrCollection) -> bool:
++ async def try_backfill(domains: StrCollection) -> None:
+ # TODO: Should we try multiple of these at a time?
+
+ # Number of contacted remote homeservers that have denied our backfill
+@@ -487,7 +485,7 @@ class FederationHandler:
+ # If this succeeded then we probably already have the
+ # appropriate stuff.
+ # TODO: We can probably do something more intelligent here.
+- return True
++ return None
+ except NotRetryingDestination as e:
+ logger.info("_maybe_backfill_inner: %s", e)
+ continue
+@@ -511,7 +509,7 @@ class FederationHandler:
+ )
+ denied_count += 1
+ if denied_count >= max_denied_count:
+- return False
++ return None
+ continue
+
+ logger.info("Failed to backfill from %s because %s", dom, e)
+@@ -527,7 +525,7 @@ class FederationHandler:
+ )
+ denied_count += 1
+ if denied_count >= max_denied_count:
+- return False
++ return None
+ continue
+
+ logger.info("Failed to backfill from %s because %s", dom, e)
+@@ -539,7 +537,7 @@ class FederationHandler:
+ logger.exception("Failed to backfill from %s because %s", dom, e)
+ continue
+
+- return False
++ return None
+
+ # If we have the `processing_start_time`, then we can make an
+ # observation. We wouldn't have the `processing_start_time` in the case
+@@ -551,14 +549,9 @@ class FederationHandler:
+ (processing_end_time - processing_start_time) / 1000
+ )
+
+- success = await try_backfill(likely_domains)
+- if success:
+- return True
+-
+ # TODO: we could also try servers which were previously in the room, but
+ # are no longer.
+-
+- return False
++ return await try_backfill(likely_domains)
+
+ async def send_invite(self, target_host: str, event: EventBase) -> EventBase:
+ """Sends the invite to the remote server for signing.
+diff --git a/synapse/handlers/pagination.py b/synapse/handlers/pagination.py
+index 4070b74b7a..81cda38549 100644
+--- a/synapse/handlers/pagination.py
++++ b/synapse/handlers/pagination.py
+@@ -577,27 +577,31 @@ class PaginationHandler:
+ or missing_too_many_events
+ or not_enough_events_to_fill_response
+ ):
+- did_backfill = await self.hs.get_federation_handler().maybe_backfill(
++ # Historical Note: There used to be a check here for if backfill was
++ # successful or not
++ await self.hs.get_federation_handler().maybe_backfill(
+ room_id,
+ curr_topo,
+ limit=pagin_config.limit,
+ )
+
+- # If we did backfill something, refetch the events from the database to
+- # catch anything new that might have been added since we last fetched.
+- if did_backfill:
+- (
+- events,
+- next_key,
+- _,
+- ) = await self.store.paginate_room_events_by_topological_ordering(
+- room_id=room_id,
+- from_key=from_token.room_key,
+- to_key=to_room_key,
+- direction=pagin_config.direction,
+- limit=pagin_config.limit,
+- event_filter=event_filter,
+- )
++ # Regardless if we backfilled or not, another worker or even a
++ # simultaneous request may have backfilled for us while we were held
++ # behind the linearizer. This should not have too much additional
++ # database load as it will only be triggered if a backfill *might* have
++ # been needed
++ (
++ events,
++ next_key,
++ _,
++ ) = await self.store.paginate_room_events_by_topological_ordering(
++ room_id=room_id,
++ from_key=from_token.room_key,
++ to_key=to_room_key,
++ direction=pagin_config.direction,
++ limit=pagin_config.limit,
++ event_filter=event_filter,
++ )
+ else:
+ # Otherwise, we can backfill in the background for eventual
+ # consistency's sake but we don't need to block the client waiting
+--
+2.49.0
+
diff --git a/packages/overlays/matrix-synapse/patches/0009-Fix-pagination-with-large-gaps-of-rejected-events.patch b/packages/overlays/matrix-synapse/patches/0009-Fix-pagination-with-large-gaps-of-rejected-events.patch
new file mode 100644
index 0000000..ebed62e
--- /dev/null
+++ b/packages/overlays/matrix-synapse/patches/0009-Fix-pagination-with-large-gaps-of-rejected-events.patch
@@ -0,0 +1,50 @@
+From 2f2dd65326b8a8dc6b7ac99dbe7476abb2163469 Mon Sep 17 00:00:00 2001
+From: Nicolas Werner <nicolas.werner@hotmail.de>
+Date: Sun, 8 Jun 2025 23:14:31 +0200
+Subject: [PATCH 09/11] Fix pagination with large gaps of rejected events
+
+---
+ synapse/handlers/pagination.py | 13 +++++++++++--
+ 1 file changed, 11 insertions(+), 2 deletions(-)
+
+diff --git a/synapse/handlers/pagination.py b/synapse/handlers/pagination.py
+index 81cda38549..365c9cabcb 100644
+--- a/synapse/handlers/pagination.py
++++ b/synapse/handlers/pagination.py
+@@ -510,7 +510,7 @@ class PaginationHandler:
+ (
+ events,
+ next_key,
+- _,
++ limited,
+ ) = await self.store.paginate_room_events_by_topological_ordering(
+ room_id=room_id,
+ from_key=from_token.room_key,
+@@ -593,7 +593,7 @@ class PaginationHandler:
+ (
+ events,
+ next_key,
+- _,
++ limited,
+ ) = await self.store.paginate_room_events_by_topological_ordering(
+ room_id=room_id,
+ from_key=from_token.room_key,
+@@ -616,6 +616,15 @@ class PaginationHandler:
+
+ next_token = from_token.copy_and_replace(StreamKeyType.ROOM, next_key)
+
++ # We might have hit some internal filtering first, for example rejected
++ # events. Ensure we return a pagination token then.
++ if not events and limited:
++ return {
++ "chunk": [],
++ "start": await from_token.to_string(self.store),
++ "end": await next_token.to_string(self.store),
++ }
++
+ # if no events are returned from pagination, that implies
+ # we have reached the end of the available events.
+ # In that case we do not return end, to tell the client
+--
+2.49.0
+
diff --git a/packages/overlays/matrix-synapse/patches/0010-Fix-nix-flake.patch b/packages/overlays/matrix-synapse/patches/0010-Fix-nix-flake.patch
new file mode 100644
index 0000000..4df6090
--- /dev/null
+++ b/packages/overlays/matrix-synapse/patches/0010-Fix-nix-flake.patch
@@ -0,0 +1,189 @@
+From 448de6ea7bfe1c6073726f517988e5deeb510861 Mon Sep 17 00:00:00 2001
+From: Rory& <root@rory.gay>
+Date: Mon, 9 Jun 2025 17:38:34 +0200
+Subject: [PATCH 10/11] Fix nix flake
+
+---
+ flake.lock | 58 +++++++++++++++++++-----------------------------------
+ flake.nix | 10 +++++++++-
+ 2 files changed, 29 insertions(+), 39 deletions(-)
+
+diff --git a/flake.lock b/flake.lock
+index a6a2aea328..4e2f01153b 100644
+--- a/flake.lock
++++ b/flake.lock
+@@ -39,15 +39,12 @@
+ }
+ },
+ "flake-utils": {
+- "inputs": {
+- "systems": "systems"
+- },
+ "locked": {
+- "lastModified": 1685518550,
+- "narHash": "sha256-o2d0KcvaXzTrPRIo0kOLV0/QXHhDQ5DTi+OxcjO8xqY=",
++ "lastModified": 1667395993,
++ "narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=",
+ "owner": "numtide",
+ "repo": "flake-utils",
+- "rev": "a1720a10a6cfe8234c0e93907ffe81be440f4cef",
++ "rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f",
+ "type": "github"
+ },
+ "original": {
+@@ -152,27 +149,27 @@
+ },
+ "nixpkgs-stable": {
+ "locked": {
+- "lastModified": 1685801374,
+- "narHash": "sha256-otaSUoFEMM+LjBI1XL/xGB5ao6IwnZOXc47qhIgJe8U=",
++ "lastModified": 1678872516,
++ "narHash": "sha256-/E1YwtMtFAu2KUQKV/1+KFuReYPANM2Rzehk84VxVoc=",
+ "owner": "NixOS",
+ "repo": "nixpkgs",
+- "rev": "c37ca420157f4abc31e26f436c1145f8951ff373",
++ "rev": "9b8e5abb18324c7fe9f07cb100c3cd4a29cda8b8",
+ "type": "github"
+ },
+ "original": {
+ "owner": "NixOS",
+- "ref": "nixos-23.05",
++ "ref": "nixos-22.11",
+ "repo": "nixpkgs",
+ "type": "github"
+ }
+ },
+ "nixpkgs_2": {
+ "locked": {
+- "lastModified": 1729265718,
+- "narHash": "sha256-4HQI+6LsO3kpWTYuVGIzhJs1cetFcwT7quWCk/6rqeo=",
++ "lastModified": 1748217807,
++ "narHash": "sha256-P3u2PXxMlo49PutQLnk2PhI/imC69hFl1yY4aT5Nax8=",
+ "owner": "NixOS",
+ "repo": "nixpkgs",
+- "rev": "ccc0c2126893dd20963580b6478d1a10a4512185",
++ "rev": "3108eaa516ae22c2360928589731a4f1581526ef",
+ "type": "github"
+ },
+ "original": {
+@@ -184,11 +181,11 @@
+ },
+ "nixpkgs_3": {
+ "locked": {
+- "lastModified": 1728538411,
+- "narHash": "sha256-f0SBJz1eZ2yOuKUr5CA9BHULGXVSn6miBuUWdTyhUhU=",
++ "lastModified": 1744536153,
++ "narHash": "sha256-awS2zRgF4uTwrOKwwiJcByDzDOdo3Q1rPZbiHQg/N38=",
+ "owner": "NixOS",
+ "repo": "nixpkgs",
+- "rev": "b69de56fac8c2b6f8fd27f2eca01dcda8e0a4221",
++ "rev": "18dd725c29603f582cf1900e0d25f9f1063dbf11",
+ "type": "github"
+ },
+ "original": {
+@@ -213,11 +210,11 @@
+ "nixpkgs-stable": "nixpkgs-stable"
+ },
+ "locked": {
+- "lastModified": 1688056373,
+- "narHash": "sha256-2+SDlNRTKsgo3LBRiMUcoEUb6sDViRNQhzJquZ4koOI=",
++ "lastModified": 1686050334,
++ "narHash": "sha256-R0mczWjDzBpIvM3XXhO908X5e2CQqjyh/gFbwZk/7/Q=",
+ "owner": "cachix",
+ "repo": "pre-commit-hooks.nix",
+- "rev": "5843cf069272d92b60c3ed9e55b7a8989c01d4c7",
++ "rev": "6881eb2ae5d8a3516e34714e7a90d9d95914c4dc",
+ "type": "github"
+ },
+ "original": {
+@@ -231,7 +228,7 @@
+ "devenv": "devenv",
+ "nixpkgs": "nixpkgs_2",
+ "rust-overlay": "rust-overlay",
+- "systems": "systems_2"
++ "systems": "systems"
+ }
+ },
+ "rust-overlay": {
+@@ -239,11 +236,11 @@
+ "nixpkgs": "nixpkgs_3"
+ },
+ "locked": {
+- "lastModified": 1731897198,
+- "narHash": "sha256-Ou7vLETSKwmE/HRQz4cImXXJBr/k9gp4J4z/PF8LzTE=",
++ "lastModified": 1748313401,
++ "narHash": "sha256-x5UuDKP2Ui/TresAngUo9U4Ss9xfOmN8dAXU8OrkZmA=",
+ "owner": "oxalica",
+ "repo": "rust-overlay",
+- "rev": "0be641045af6d8666c11c2c40e45ffc9667839b5",
++ "rev": "9c8ea175cf9af29edbcff121512e44092a8f37e4",
+ "type": "github"
+ },
+ "original": {
+@@ -266,21 +263,6 @@
+ "repo": "default",
+ "type": "github"
+ }
+- },
+- "systems_2": {
+- "locked": {
+- "lastModified": 1681028828,
+- "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
+- "owner": "nix-systems",
+- "repo": "default",
+- "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
+- "type": "github"
+- },
+- "original": {
+- "owner": "nix-systems",
+- "repo": "default",
+- "type": "github"
+- }
+ }
+ },
+ "root": "root",
+diff --git a/flake.nix b/flake.nix
+index 4ff6518aed..76b3c1a4b0 100644
+--- a/flake.nix
++++ b/flake.nix
+@@ -82,7 +82,7 @@
+ #
+ # NOTE: We currently need to set the Rust version unnecessarily high
+ # in order to work around https://github.com/matrix-org/synapse/issues/15939
+- (rust-bin.stable."1.82.0".default.override {
++ (rust-bin.stable."1.87.0".default.override {
+ # Additionally install the "rust-src" extension to allow diving into the
+ # Rust source code in an IDE (rust-analyzer will also make use of it).
+ extensions = [ "rust-src" ];
+@@ -117,6 +117,8 @@
+ # For releasing Synapse
+ debian-devscripts # (`dch` for manipulating the Debian changelog)
+ libnotify # (the release script uses `notify-send` to tell you when CI jobs are done)
++
++ postgresql.pg_config
+ ];
+
+ # Install Python and manage a virtualenv with Poetry.
+@@ -139,6 +141,9 @@
+ # force compiling those binaries locally instead.
+ env.POETRY_INSTALLER_NO_BINARY = "ruff";
+
++ # Required to make git work
++ env.CARGO_NET_GIT_FETCH_WITH_CLI = "true";
++
+ # Install dependencies for the additional programming languages
+ # involved with Synapse development.
+ #
+@@ -159,6 +164,9 @@
+ services.postgres.initialDatabases = [
+ { name = "synapse"; }
+ ];
++
++ services.postgres.port = 5433;
++
+ # Create a postgres user called 'synapse_user' which has ownership
+ # over the 'synapse' database.
+ services.postgres.initialScript = ''
+--
+2.49.0
+
diff --git a/packages/overlays/matrix-synapse/patches/0011-Fix-gitignore-to-ignore-.venv.patch b/packages/overlays/matrix-synapse/patches/0011-Fix-gitignore-to-ignore-.venv.patch
new file mode 100644
index 0000000..82335db
--- /dev/null
+++ b/packages/overlays/matrix-synapse/patches/0011-Fix-gitignore-to-ignore-.venv.patch
@@ -0,0 +1,24 @@
+From e1b50954048039a23c538cd260644ccc63d82941 Mon Sep 17 00:00:00 2001
+From: Rory& <root@rory.gay>
+Date: Mon, 9 Jun 2025 17:46:10 +0200
+Subject: [PATCH 11/11] Fix gitignore to ignore .venv
+
+---
+ .gitignore | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/.gitignore b/.gitignore
+index e333f2320b..3aec96e75e 100644
+--- a/.gitignore
++++ b/.gitignore
+@@ -30,6 +30,7 @@ __pycache__/
+ /*.signing.key
+ /env/
+ /.venv*/
++/.venv
+ /homeserver*.yaml
+ /logs
+ /media_store/
+--
+2.49.0
+
diff --git a/packages/overlays/openvpn-iomanip.patch b/packages/overlays/openvpn-iomanip.patch
new file mode 100644
index 0000000..f334a34
--- /dev/null
+++ b/packages/overlays/openvpn-iomanip.patch
@@ -0,0 +1,13 @@
+diff --git a/src/tests/unit/machine-id.cpp b/src/tests/unit/machine-id.cpp
+index 8131947..a875743 100644
+--- a/src/tests/unit/machine-id.cpp
++++ b/src/tests/unit/machine-id.cpp
+@@ -15,6 +15,7 @@
+ #include "build-config.h"
+
+ #include <iostream>
++#include <iomanip>
+ #include <fstream>
+ #include <string>
+ #include <vector>
+
diff --git a/packages/overlays/openvpn.nix b/packages/overlays/openvpn.nix
new file mode 100644
index 0000000..0dc2af6
--- /dev/null
+++ b/packages/overlays/openvpn.nix
@@ -0,0 +1,12 @@
+{ ... }:
+{
+ nixpkgs.overlays = [
+ (final: prev: {
+ openvpn3 = prev.openvpn3.overrideAttrs (old: {
+ patches = (old.patches or [ ]) ++ [
+ ./openvpn-iomanip.patch
+ ];
+ });
+ })
+ ];
+}
diff --git a/packages/redpanda-connect/module.nix b/packages/redpanda-connect/module.nix
new file mode 100644
index 0000000..4a4c300
--- /dev/null
+++ b/packages/redpanda-connect/module.nix
@@ -0,0 +1,80 @@
+{
+ lib,
+ config,
+ pkgs,
+ ...
+}:
+let
+ cfg = config.services.redpanda-connect;
+in
+{
+ options.services.redpanda-connect = {
+ enable = lib.mkEnableOption "Enable Redpanda Connect";
+ package = lib.mkOption {
+ type = lib.types.package;
+ default = (pkgs.callPackage ./package.nix { });
+ description = "The Redpanda Connect package";
+ };
+ pipelines = lib.mkOption {
+ type = lib.types.attrsOf (
+ lib.types.submodule {
+ options = {
+ enable = lib.mkEnableOption "Enable the pipeline";
+ allowSudo = lib.mkEnableOption "Allow sudo";
+ config = lib.mkOption {
+ type = lib.types.attrs;
+ description = "The configuration for the pipeline";
+ };
+ };
+ }
+ );
+ };
+ };
+
+ config = lib.mkIf cfg.enable (
+ let
+ sudoEnabledServices = builtins.filter (pipeline: pipeline.value.allowSudo) (lib.attrsToList cfg.pipelines);
+ in
+ {
+ systemd.services = builtins.listToAttrs (
+ lib.mapAttrsToList (name: pipeline: {
+ name = "redpanda-connect-${name}";
+ value = {
+ wantedBy = [ "multi-user.target" ];
+ serviceConfig = {
+ Type = "simple";
+ ExecStart =
+ let
+ configFile = pkgs.writeText "redpanda-connect-${name}.json" (builtins.toJSON pipeline.config);
+ in
+ "${cfg.package}/bin/redpanda-connect run ${configFile}";
+ Restart = "always";
+ RestartSec = "5";
+ DynamicUser = !pipeline.allowSudo;
+ User = if pipeline.allowSudo then "root" else null;
+ };
+ };
+ }) cfg.pipelines
+ );
+
+ #security.polkit.extraConfig = builtins.concatStringsSep "\n" (
+ # builtins.map (value: ''
+ # polkit.addRule(function(action, subject) {
+ # if (action.id == "org.freedesktop.systemd1.manage-units" &&
+ # action.lookup("unit") == "redpanda-connect-${value.name}") {
+ # return polkit.Result.YES;
+ # }
+ # });
+ # '') sudoEnabledServices
+ #);
+
+ #users.users.redpanda-connect-sudo = {
+ # isSystemUser = true;
+ # description = "Redpanda Connect sudo user";
+ # createHome = false;
+ # shell = "/run/current-system/sw/bin/nologin";
+ # group = "nogroup"; # We don't need a group...
+ #};
+ }
+ );
+}
diff --git a/packages/redpanda-connect/package.nix b/packages/redpanda-connect/package.nix
new file mode 100644
index 0000000..2f9a6d9
--- /dev/null
+++ b/packages/redpanda-connect/package.nix
@@ -0,0 +1,43 @@
+{
+ lib,
+ buildGoModule,
+ fetchFromGitHub,
+ nix-update-script,
+}:
+
+buildGoModule rec {
+ pname = "redpanda-connect";
+ version = "4.44.0";
+
+ src = fetchFromGitHub {
+ owner = "redpanda-data";
+ repo = "connect";
+ rev = "refs/tags/v${version}";
+ hash = "sha256-pwtP1zybMvq1wQ50Ob20MVR3/v1yd7BjWe1nPFLO6mU=";
+ };
+
+ proxyVendor = true;
+
+ subPackages = [
+ "cmd/redpanda-connect"
+ ];
+
+ vendorHash = "sha256-5KXJiInuEX7fEl7y3iGvxQHptoM5z3TMmg6KZ2lx/fw=";
+
+ ldflags = [
+ "-s"
+ "-w"
+ "-X github.com/redpanda-data/connect/v4/internal/cli.Version=${version}"
+ ];
+
+ passthru.updateScript = nix-update-script { };
+
+ meta = {
+ description = "Fancy stream processing made operationally mundane";
+ mainProgram = "redpanda-connect";
+ homepage = "https://www.redpanda.com/connect";
+ changelog = "https://github.com/redpanda-data/connect/blob/v${version}/CHANGELOG.md";
+ # license = lib.licenses.mixed;
+ maintainers = with lib.maintainers; [ ];
+ };
+}
diff --git a/packages/vim.nix b/packages/vim.nix
new file mode 100755
index 0000000..1b7bb37
--- /dev/null
+++ b/packages/vim.nix
@@ -0,0 +1,29 @@
+{ pkgs, ... }:
+{
+ environment.variables = {
+ EDITOR = "vim";
+ };
+
+ environment.systemPackages = with pkgs; [
+ (neovim.override {
+ vimAlias = true;
+ configure = {
+ packages.myPlugins = with pkgs.vimPlugins; {
+ start = [
+ vim-lastplace
+ vim-nix
+ vim-airline
+ ];
+ opt = [ ];
+ };
+ customRC = ''
+ " your custom vimrc
+ set nocompatible
+ set backspace=indent,eol,start
+ colorscheme vim
+ " ...
+ '';
+ };
+ })
+ ];
+}
diff --git a/packages/xdg-desktop-portal-gtk.nix b/packages/xdg-desktop-portal-gtk.nix
new file mode 100644
index 0000000..c849b17
--- /dev/null
+++ b/packages/xdg-desktop-portal-gtk.nix
@@ -0,0 +1,63 @@
+{
+ stdenv,
+ lib,
+ fetchFromGitHub,
+ meson,
+ ninja,
+ pkg-config,
+ xdg-desktop-portal,
+ gtk3,
+ gnome-settings-daemon,
+ gnome-desktop,
+ glib,
+ wrapGAppsHook,
+ gsettings-desktop-schemas,
+ buildPortalsInGnome ? true,
+}:
+
+stdenv.mkDerivation (finalAttrs: {
+ pname = "xdg-desktop-portal-gtk";
+ version = "1.15.1";
+
+ src = fetchFromGitHub {
+ owner = "flatpak";
+ repo = "xdg-desktop-portal-gtk";
+ rev = finalAttrs.version;
+ sha256 = "sha256-uXVjKsqoIjqJilJq8ERRzEqGKbkzc+Zl6y+37CAcYro=";
+ };
+
+ nativeBuildInputs = [
+ meson
+ ninja
+ pkg-config
+ wrapGAppsHook
+ ];
+
+ buildInputs =
+ [
+ glib
+ gtk3
+ xdg-desktop-portal
+ gsettings-desktop-schemas # settings exposed by settings portal
+ #fontconfig
+ ]
+ ++ lib.optionals buildPortalsInGnome [
+ gsettings-desktop-schemas # settings exposed by settings portal
+ gnome-desktop
+ gnome-settings-daemon # schemas needed for settings api (mostly useless now that fonts were moved to g-d-s, just mouse and xsettings)
+ ];
+
+ mesonFlags = lib.optionals (!buildPortalsInGnome) [
+ "-Dwallpaper=disabled"
+ "-Dsettings=enabled"
+ "-Dappchooser=enabled"
+ "-Dlockdown=disabled"
+ ];
+
+ meta = with lib; {
+ description = "Desktop integration portals for sandboxed apps";
+ maintainers = with maintainers; [ jtojnar ];
+ platforms = platforms.linux;
+ license = licenses.lgpl21Plus;
+ };
+})
|
