pkgs/build-support/fetchurl/default.nix at netboot-syslinux-multiplatform

Clone of https://github.com/NixOS/nixpkgs.git (to stress-test knotserver)
nixpkgs / pkgs / build-support / fetchurl / default.nix
at netboot-syslinux-multiplatform 188 lines 6.5 kB view raw
wrap content
  1{ lib, buildPackages ? { inherit stdenvNoCC; }, stdenvNoCC
  2, curl # Note that `curl' may be `null', in case of the native stdenvNoCC.
  3, cacert ? null }:
  4
  5let
  6
  7  mirrors = import ./mirrors.nix;
  8
  9  # Write the list of mirrors to a file that we can reuse between
 10  # fetchurl instantiations, instead of passing the mirrors to
 11  # fetchurl instantiations via environment variables.  This makes the
 12  # resulting store derivations (.drv files) much smaller, which in
 13  # turn makes nix-env/nix-instantiate faster.
 14  mirrorsFile =
 15    buildPackages.stdenvNoCC.mkDerivation ({
 16      name = "mirrors-list";
 17      strictDeps = true;
 18      builder = ./write-mirror-list.sh;
 19      preferLocalBuild = true;
 20    } // mirrors);
 21
 22  # Names of the master sites that are mirrored (i.e., "sourceforge",
 23  # "gnu", etc.).
 24  sites = builtins.attrNames mirrors;
 25
 26  impureEnvVars = lib.fetchers.proxyImpureEnvVars ++ [
 27    # This variable allows the user to pass additional options to curl
 28    "NIX_CURL_FLAGS"
 29
 30    # This variable allows the user to override hashedMirrors from the
 31    # command-line.
 32    "NIX_HASHED_MIRRORS"
 33
 34    # This variable allows overriding the timeout for connecting to
 35    # the hashed mirrors.
 36    "NIX_CONNECT_TIMEOUT"
 37  ] ++ (map (site: "NIX_MIRRORS_${site}") sites);
 38
 39in
 40
 41{ # URL to fetch.
 42  url ? ""
 43
 44, # Alternatively, a list of URLs specifying alternative download
 45  # locations.  They are tried in order.
 46  urls ? []
 47
 48, # Additional curl options needed for the download to succeed.
 49  # Warning: Each space (no matter the escaping) will start a new argument.
 50  # If you wish to pass arguments with spaces, use `curlOptsList`
 51  curlOpts ? ""
 52
 53, # Additional curl options needed for the download to succeed.
 54  curlOptsList ? []
 55
 56, # Name of the file.  If empty, use the basename of `url' (or of the
 57  # first element of `urls').
 58  name ? ""
 59
 60  # for versioned downloads optionally take pname + version.
 61, pname ? ""
 62, version ? ""
 63
 64, # SRI hash.
 65  hash ? ""
 66
 67, # Legacy ways of specifying the hash.
 68  outputHash ? ""
 69, outputHashAlgo ? ""
 70, md5 ? ""
 71, sha1 ? ""
 72, sha256 ? ""
 73, sha512 ? ""
 74
 75, recursiveHash ? false
 76
 77, # Shell code to build a netrc file for BASIC auth
 78  netrcPhase ? null
 79
 80, # Impure env vars (https://nixos.org/nix/manual/#sec-advanced-attributes)
 81  # needed for netrcPhase
 82  netrcImpureEnvVars ? []
 83
 84, # Shell code executed after the file has been fetched
 85  # successfully. This can do things like check or transform the file.
 86  postFetch ? ""
 87
 88, # Whether to download to a temporary path rather than $out. Useful
 89  # in conjunction with postFetch. The location of the temporary file
 90  # is communicated to postFetch via $downloadedFile.
 91  downloadToTemp ? false
 92
 93, # If true, set executable bit on downloaded file
 94  executable ? false
 95
 96, # If set, don't download the file, but write a list of all possible
 97  # URLs (resulting from resolving mirror:// URLs) to $out.
 98  showURLs ? false
 99
100, # Meta information, if any.
101  meta ? {}
102
103  # Passthru information, if any.
104, passthru ? {}
105  # Doing the download on a remote machine just duplicates network
106  # traffic, so don't do that by default
107, preferLocalBuild ? true
108
109  # Additional packages needed as part of a fetch
110, nativeBuildInputs ? [ ]
111}:
112
113let
114  urls_ =
115    if urls != [] && url == "" then
116      (if lib.isList urls then urls
117       else throw "`urls` is not a list")
118    else if urls == [] && url != "" then
119      (if lib.isString url then [url]
120       else throw "`url` is not a string")
121    else throw "fetchurl requires either `url` or `urls` to be set";
122
123  hash_ =
124    # Many other combinations don't make sense, but this is the most common one:
125    if hash != "" && sha256 != "" then throw "multiple hashes passed to fetchurl" else
126
127    if hash != "" then { outputHashAlgo = null; outputHash = hash; }
128    else if md5 != "" then throw "fetchurl does not support md5 anymore, please use sha256 or sha512"
129    else if (outputHash != "" && outputHashAlgo != "") then { inherit outputHashAlgo outputHash; }
130    else if sha512 != "" then { outputHashAlgo = "sha512"; outputHash = sha512; }
131    else if sha256 != "" then { outputHashAlgo = "sha256"; outputHash = sha256; }
132    else if sha1   != "" then { outputHashAlgo = "sha1";   outputHash = sha1; }
133    else if cacert != null then { outputHashAlgo = "sha256"; outputHash = ""; }
134    else throw "fetchurl requires a hash for fixed-output derivation: ${lib.concatStringsSep ", " urls_}";
135in
136
137stdenvNoCC.mkDerivation ((
138  if (pname != "" && version != "") then
139    { inherit pname version; }
140  else
141    { name =
142      if showURLs then "urls"
143      else if name != "" then name
144      else baseNameOf (toString (builtins.head urls_));
145    }
146) // {
147  builder = ./builder.sh;
148
149  nativeBuildInputs = [ curl ] ++ nativeBuildInputs;
150
151  urls = urls_;
152
153  # If set, prefer the content-addressable mirrors
154  # (http://tarballs.nixos.org) over the original URLs.
155  preferHashedMirrors = true;
156
157  # New-style output content requirements.
158  inherit (hash_) outputHashAlgo outputHash;
159
160  SSL_CERT_FILE = if (hash_.outputHash == "" || hash_.outputHash == lib.fakeSha256 || hash_.outputHash == lib.fakeSha512 || hash_.outputHash == lib.fakeHash)
161                  then "${cacert}/etc/ssl/certs/ca-bundle.crt"
162                  else "/no-cert-file.crt";
163
164  outputHashMode = if (recursiveHash || executable) then "recursive" else "flat";
165
166  curlOpts = lib.warnIf (lib.isList curlOpts) ''
167    fetchurl for ${toString (builtins.head urls_)}: curlOpts is a list (${lib.generators.toPretty { multiline = false; } curlOpts}), which is not supported anymore.
168    - If you wish to get the same effect as before, for elements with spaces (even if escaped) to expand to multiple curl arguments, use a string argument instead:
169      curlOpts = ${lib.strings.escapeNixString (toString curlOpts)};
170    - If you wish for each list element to be passed as a separate curl argument, allowing arguments to contain spaces, use curlOptsList instead:
171      curlOptsList = [ ${lib.concatMapStringsSep " " lib.strings.escapeNixString curlOpts} ];'' curlOpts;
172  curlOptsList = lib.escapeShellArgs curlOptsList;
173  inherit showURLs mirrorsFile postFetch downloadToTemp executable;
174
175  impureEnvVars = impureEnvVars ++ netrcImpureEnvVars;
176
177  nixpkgsVersion = lib.trivial.release;
178
179  inherit preferLocalBuild;
180
181  postHook = if netrcPhase == null then null else ''
182    ${netrcPhase}
183    curlOpts="$curlOpts --netrc-file $PWD/netrc"
184  '';
185
186  inherit meta;
187  passthru = { inherit url; } // passthru;
188})