pkgs/servers/dns/bind/default.nix at netboot-syslinux-multiplatform

Clone of https://github.com/NixOS/nixpkgs.git (to stress-test knotserver)
nixpkgs / pkgs / servers / dns / bind / default.nix
at netboot-syslinux-multiplatform 95 lines 3.0 kB view raw
wrap content
 1{ config, stdenv, lib, fetchurl, fetchpatch
 2, perl, pkg-config
 3, libcap, libtool, libxml2, openssl, libuv, nghttp2, jemalloc
 4, enablePython ? false, python3
 5, enableGSSAPI ? true, libkrb5
 6, buildPackages, nixosTests
 7, cmocka, tzdata
 8}:
 9
10stdenv.mkDerivation rec {
11  pname = "bind";
12  version = "9.18.14";
13
14  src = fetchurl {
15    url = "https://downloads.isc.org/isc/bind9/${version}/${pname}-${version}.tar.xz";
16    sha256 = "sha256-muEu32rDxDCzPs0afAwMYIddJVGF64eFD6ml55SmSgk=";
17  };
18
19  outputs = [ "out" "lib" "dev" "man" "dnsutils" "host" ];
20
21  patches = [
22    ./dont-keep-configure-flags.patch
23  ];
24
25  nativeBuildInputs = [ perl pkg-config ];
26  buildInputs = [ libtool libxml2 openssl libuv nghttp2 jemalloc ]
27    ++ lib.optional stdenv.isLinux libcap
28    ++ lib.optional enableGSSAPI libkrb5
29    ++ lib.optional enablePython (python3.withPackages (ps: with ps; [ ply ]));
30
31  depsBuildBuild = [ buildPackages.stdenv.cc ];
32
33  configureFlags = [
34    "--localstatedir=/var"
35    "--without-lmdb"
36  ] ++ lib.optional enableGSSAPI "--with-gssapi=${libkrb5.dev}/bin/krb5-config"
37    ++ lib.optional (stdenv.hostPlatform != stdenv.buildPlatform) "BUILD_CC=$(CC_FOR_BUILD)";
38
39  postInstall = ''
40    moveToOutput bin/bind9-config $dev
41
42    moveToOutput bin/host $host
43
44    moveToOutput bin/dig $dnsutils
45    moveToOutput bin/delv $dnsutils
46    moveToOutput bin/nslookup $dnsutils
47    moveToOutput bin/nsupdate $dnsutils
48
49    for f in "$lib/lib/"*.la "$dev/bin/"bind*-config; do
50      sed -i "$f" -e 's|-L${openssl.dev}|-L${lib.getLib openssl}|g'
51    done
52
53    cat <<EOF >$out/etc/rndc.conf
54    include "/etc/bind/rndc.key";
55    options {
56        default-key "rndc-key";
57        default-server 127.0.0.1;
58        default-port 953;
59    };
60    EOF
61  '';
62
63  enableParallelBuilding = true;
64  # TODO: investigate the aarch64-linux failures; see this and linked discussions:
65  # https://github.com/NixOS/nixpkgs/pull/192962
66  doCheck = with stdenv.hostPlatform; !isStatic && !(isAarch64 && isLinux);
67  checkTarget = "unit";
68  checkInputs = [
69    cmocka
70  ] ++ lib.optionals (!stdenv.hostPlatform.isMusl) [
71    tzdata
72  ];
73  preCheck = lib.optionalString stdenv.hostPlatform.isMusl ''
74    # musl doesn't respect TZDIR, skip timezone-related tests
75    sed -i '/^ISC_TEST_ENTRY(isc_time_formatISO8601L/d' tests/isc/time_test.c
76  '';
77
78  passthru.tests = {
79    inherit (nixosTests) bind;
80    prometheus-exporter = nixosTests.prometheus-exporters.bind;
81    kubernetes-dns-single-node = nixosTests.kubernetes.dns-single-node;
82    kubernetes-dns-multi-node = nixosTests.kubernetes.dns-multi-node;
83  };
84
85  meta = with lib; {
86    homepage = "https://www.isc.org/bind/";
87    description = "Domain name server";
88    license = licenses.mpl20;
89    changelog = "https://downloads.isc.org/isc/bind9/cur/${lib.versions.majorMinor version}/CHANGES";
90    maintainers = with maintainers; [ globin ];
91    platforms = platforms.unix;
92
93    outputsToInstall = [ "out" "dnsutils" "host" ];
94  };
95}