pyrox.dev
lol
1{ lib, fetchurl, fetchFromGitHub, fetchpatch, callPackage
2, storeDir ? "/nix/store"
3, stateDir ? "/nix/var"
4, confDir ? "/etc"
5, boehmgc
6, Security
7}:
8
9let
10
11common =
12 { lib, stdenv, perl, curl, bzip2, sqlite, openssl ? null, xz
13 , bash, coreutils, util-linuxMinimal, gzip, gnutar
14 , pkg-config, boehmgc, libsodium, brotli, boost, editline, nlohmann_json
15 , autoreconfHook, autoconf-archive, bison, flex
16 , jq, libarchive, libcpuid
17 , lowdown, mdbook
18 # Used by tests
19 , gtest
20 , busybox-sandbox-shell
21 , storeDir
22 , stateDir
23 , confDir
24 , withLibseccomp ? lib.meta.availableOn stdenv.hostPlatform libseccomp, libseccomp
25 , withAWS ? !enableStatic && (stdenv.isLinux || stdenv.isDarwin), aws-sdk-cpp
26 , enableStatic ? stdenv.hostPlatform.isStatic
27 , enableDocumentation ? lib.versionOlder version "2.4pre" ||
28 stdenv.hostPlatform == stdenv.buildPlatform
29 , pname, version, suffix ? "", src
30 , patches ? [ ]
31 }:
32 let
33 sh = busybox-sandbox-shell;
34 nix = stdenv.mkDerivation rec {
35 inherit pname version src patches;
36
37 is24 = lib.versionAtLeast version "2.4pre";
38
39 VERSION_SUFFIX = suffix;
40
41 outputs =
42 [ "out" "dev" ]
43 ++ lib.optionals enableDocumentation [ "man" "doc" ];
44
45 hardeningEnable = [ "pie" ];
46
47 nativeBuildInputs =
48 [ pkg-config ]
49 ++ lib.optionals stdenv.isLinux [ util-linuxMinimal ]
50 ++ lib.optionals (is24 && enableDocumentation) [
51 (lib.getBin lowdown) mdbook
52 ]
53 ++ lib.optionals is24
54 [ autoreconfHook
55 autoconf-archive
56 bison flex
57 jq
58 ];
59
60 buildInputs =
61 [ curl libsodium openssl sqlite xz bzip2
62 brotli boost editline
63 ]
64 ++ lib.optionals stdenv.isDarwin [ Security ]
65 ++ lib.optionals is24 [ libarchive gtest lowdown ]
66 ++ lib.optional (is24 && stdenv.isx86_64) libcpuid
67 ++ lib.optional withLibseccomp libseccomp
68 ++ lib.optional withAWS
69 ((aws-sdk-cpp.override {
70 apis = ["s3" "transfer"];
71 customMemoryManagement = false;
72 }).overrideDerivation (args: {
73 patches = args.patches or [] ++ [
74 ./aws-sdk-cpp-TransferManager-ContentEncoding.patch
75 ];
76 }));
77
78 propagatedBuildInputs = [ boehmgc ];
79
80 NIX_LDFLAGS = lib.optionals (!is24) [
81 # https://github.com/NixOS/nix/commit/3e85c57a6cbf46d5f0fe8a89b368a43abd26daba
82 (lib.optionalString enableStatic "-lssl -lbrotlicommon -lssh2 -lz -lnghttp2 -lcrypto")
83 # https://github.com/NixOS/nix/commits/74b4737d8f0e1922ef5314a158271acf81cd79f8
84 (lib.optionalString (stdenv.hostPlatform.system == "armv5tel-linux" || stdenv.hostPlatform.system == "armv6l-linux") "-latomic")
85 ];
86
87 preConfigure =
88 # Copy libboost_context so we don't get all of Boost in our closure.
89 # https://github.com/NixOS/nixpkgs/issues/45462
90 lib.optionalString (!enableStatic) ''
91 mkdir -p $out/lib
92 cp -pd ${boost}/lib/{libboost_context*,libboost_thread*,libboost_system*} $out/lib
93 rm -f $out/lib/*.a
94 ${lib.optionalString stdenv.isLinux ''
95 chmod u+w $out/lib/*.so.*
96 patchelf --set-rpath $out/lib:${stdenv.cc.cc.lib}/lib $out/lib/libboost_thread.so.*
97 ''}
98 '' +
99 # On all versions before c9f51e87057652db0013289a95deffba495b35e7, which
100 # removes config.nix entirely and is not present in 2.3.x, we need to
101 # patch around an issue where the Nix configure step pulls in the build
102 # system's bash and other utilities when cross-compiling.
103 lib.optionalString (
104 stdenv.buildPlatform != stdenv.hostPlatform && !is24
105 ) ''
106 mkdir tmp/
107 substitute corepkgs/config.nix.in tmp/config.nix.in \
108 --subst-var-by bash ${bash}/bin/bash \
109 --subst-var-by coreutils ${coreutils}/bin \
110 --subst-var-by bzip2 ${bzip2}/bin/bzip2 \
111 --subst-var-by gzip ${gzip}/bin/gzip \
112 --subst-var-by xz ${xz}/bin/xz \
113 --subst-var-by tar ${gnutar}/bin/tar \
114 --subst-var-by tr ${coreutils}/bin/tr
115 mv tmp/config.nix.in corepkgs/config.nix.in
116 '';
117
118 configureFlags =
119 [ "--with-store-dir=${storeDir}"
120 "--localstatedir=${stateDir}"
121 "--sysconfdir=${confDir}"
122 "--enable-gc"
123 ]
124 ++ lib.optional (!enableDocumentation) "--disable-doc-gen"
125 ++ lib.optionals (!is24) [
126 # option was removed in 2.4
127 "--disable-init-state"
128 ]
129 ++ lib.optionals stdenv.isLinux [
130 "--with-sandbox-shell=${sh}/bin/busybox"
131 ]
132 ++ lib.optional (
133 stdenv.hostPlatform != stdenv.buildPlatform && stdenv.hostPlatform ? nix && stdenv.hostPlatform.nix ? system
134 ) "--with-system=${stdenv.hostPlatform.nix.system}"
135 # RISC-V support in progress https://github.com/seccomp/libseccomp/pull/50
136 ++ lib.optional (!withLibseccomp) "--disable-seccomp-sandboxing";
137
138 makeFlags = [ "profiledir=$(out)/etc/profile.d" ]
139 ++ lib.optional (stdenv.hostPlatform != stdenv.buildPlatform) "PRECOMPILE_HEADERS=0";
140
141 installFlags = [ "sysconfdir=$(out)/etc" ];
142
143 doInstallCheck = true; # not cross
144
145 # socket path becomes too long otherwise
146 preInstallCheck = lib.optionalString stdenv.isDarwin ''
147 export TMPDIR=$NIX_BUILD_TOP
148 '';
149
150 separateDebugInfo = stdenv.isLinux && (is24 -> !enableStatic);
151
152 enableParallelBuilding = true;
153
154 meta = with lib; {
155 description = "Powerful package manager that makes package management reliable and reproducible";
156 longDescription = ''
157 Nix is a powerful package manager for Linux and other Unix systems that
158 makes package management reliable and reproducible. It provides atomic
159 upgrades and rollbacks, side-by-side installation of multiple versions of
160 a package, multi-user package management and easy setup of build
161 environments.
162 '';
163 homepage = "https://nixos.org/";
164 license = licenses.lgpl2Plus;
165 maintainers = with maintainers; [ eelco lovesegfault ];
166 platforms = platforms.unix;
167 outputsToInstall = [ "out" ] ++ optional enableDocumentation "man";
168 };
169
170 passthru = {
171 perl-bindings = perl.pkgs.toPerlModule (stdenv.mkDerivation {
172 pname = "nix-perl";
173 inherit version;
174
175 inherit src;
176
177 postUnpack = "sourceRoot=$sourceRoot/perl";
178
179 # This is not cross-compile safe, don't have time to fix right now
180 # but noting for future travellers.
181 nativeBuildInputs =
182 [ perl pkg-config curl nix libsodium boost autoreconfHook autoconf-archive nlohmann_json ];
183
184 configureFlags =
185 [ "--with-dbi=${perl.pkgs.DBI}/${perl.libPrefix}"
186 "--with-dbd-sqlite=${perl.pkgs.DBDSQLite}/${perl.libPrefix}"
187 ];
188
189 preConfigure = "export NIX_STATE_DIR=$TMPDIR";
190
191 preBuild = "unset NIX_INDENT_MAKE";
192 });
193 inherit boehmgc;
194 };
195 };
196 in nix;
197
198 boehmgc_nix = boehmgc.override {
199 enableLargeConfig = true;
200 };
201
202 boehmgc_nixUnstable = boehmgc_nix.overrideAttrs (drv: {
203 patches = (drv.patches or []) ++ [
204 # Part of the GC solution in https://github.com/NixOS/nix/pull/4944
205 (fetchpatch {
206 url = "https://github.com/hercules-ci/nix/raw/5c58d84a76d96f269e3ff1e72c9c9ba5f68576af/boehmgc-coroutine-sp-fallback.diff";
207 sha256 = "sha256-JvnWVTlkltmQUs/0qApv/LPZ690UX1/2hEP+LYRwKbI=";
208 })
209 ];
210 });
211
212 # master: https://github.com/NixOS/nix/pull/5536
213 # 2.4: https://github.com/NixOS/nix/pull/5537
214 installNlohmannJsonPatch = fetchpatch {
215 url = "https://github.com/NixOS/nix/pull/5536.diff";
216 sha256 = "sha256-SPnam4xNIjbMgnq6IP1AaM1V62X0yZNo4DEVmI8sHOo=";
217 };
218
219in rec {
220
221 nix = nixStable;
222
223 nixStable = nix_2_4;
224
225 nix_2_3 = callPackage common (rec {
226 pname = "nix";
227 version = "2.3.16";
228 src = fetchurl {
229 url = "https://nixos.org/releases/nix/${pname}-${version}/${pname}-${version}.tar.xz";
230 sha256 = "sha256-fuaBtp8FtSVJLSAsO+3Nne4ZYLuBj2JpD2xEk7fCqrw=";
231 };
232
233 boehmgc = boehmgc_nix;
234
235 inherit storeDir stateDir confDir;
236 });
237
238 nix_2_4 = callPackage common (rec {
239 pname = "nix";
240 version = "2.4";
241
242 src = fetchFromGitHub {
243 owner = "NixOS";
244 repo = "nix";
245 rev = version;
246 sha256 = "sha256-op48CCDgLHK0qV1Batz4Ln5FqBiRjlE6qHTiZgt3b6k=";
247 };
248
249 boehmgc = boehmgc_nixUnstable;
250
251 patches = [ installNlohmannJsonPatch ];
252
253 inherit storeDir stateDir confDir;
254 });
255
256 nixUnstable = lib.lowPrio (callPackage common rec {
257 pname = "nix";
258 version = "2.5${suffix}";
259 suffix = "pre20211007_${lib.substring 0 7 src.rev}";
260
261 src = fetchFromGitHub {
262 owner = "NixOS";
263 repo = "nix";
264 rev = "844dd901a7debe8b03ec93a7f717b6c4038dc572";
265 sha256 = "sha256-fe1B4lXkS6/UfpO0rJHwLC06zhOPrdSh4s9PmQ1JgPo=";
266 };
267
268 boehmgc = boehmgc_nixUnstable;
269
270 patches = [ installNlohmannJsonPatch ];
271
272 inherit storeDir stateDir confDir;
273
274 });
275
276}