pkgs/by-name/po/postfix/package.nix at python-updates

tjh.dev / nixpkgs
fork atom
nixpkgs mirror (for testing) github.com/NixOS/nixpkgs
nix
fork atom
nixpkgs / pkgs / by-name / po / postfix / package.nix
at python-updates 206 lines 5.3 kB view raw
wrap content
  1{
  2  stdenv,
  3  lib,
  4  fetchurl,
  5  makeWrapper,
  6  gnused,
  7  db,
  8  openssl,
  9  cyrus_sasl,
 10  libnsl,
 11  coreutils,
 12  findutils,
 13  gnugrep,
 14  gawk,
 15  icu,
 16  pcre2,
 17  m4,
 18  fetchpatch,
 19  buildPackages,
 20  nixosTests,
 21  withLDAP ? true,
 22  openldap,
 23  withPgSQL ? false,
 24  libpq,
 25  withMySQL ? false,
 26  libmysqlclient,
 27  withSQLite ? false,
 28  sqlite,
 29  withTLSRPT ? true,
 30  libtlsrpt,
 31}:
 32
 33let
 34  ccargs = lib.concatStringsSep " " (
 35    [
 36      "-DUSE_TLS"
 37      "-DUSE_SASL_AUTH"
 38      "-DUSE_CYRUS_SASL"
 39      "-I${cyrus_sasl.dev}/include/sasl"
 40      "-DHAS_DB_BYPASS_MAKEDEFS_CHECK"
 41      # Fix build with gcc15, no upstream fix for stable releases:
 42      # https://www.mail-archive.com/postfix-devel@postfix.org/msg01270.html
 43      "-std=gnu17"
 44    ]
 45    ++ lib.optional withPgSQL "-DHAS_PGSQL"
 46    ++ lib.optionals withMySQL [
 47      "-DHAS_MYSQL"
 48      "-I${libmysqlclient.dev}/include/mysql"
 49      "-L${libmysqlclient}/lib/mysql"
 50    ]
 51    ++ lib.optional withSQLite "-DHAS_SQLITE"
 52    ++ lib.optionals withLDAP [
 53      "-DHAS_LDAP"
 54      "-DUSE_LDAP_SASL"
 55    ]
 56    ++ lib.optional withTLSRPT "-DUSE_TLSRPT"
 57  );
 58  auxlibs = lib.concatStringsSep " " (
 59    [
 60      "-ldb"
 61      "-lnsl"
 62      "-lresolv"
 63      "-lsasl2"
 64      "-lcrypto"
 65      "-lssl"
 66    ]
 67    ++ lib.optional withPgSQL "-lpq"
 68    ++ lib.optional withMySQL "-lmysqlclient"
 69    ++ lib.optional withSQLite "-lsqlite3"
 70    ++ lib.optional withLDAP "-lldap"
 71    ++ lib.optional withTLSRPT "-ltlsrpt"
 72  );
 73
 74in
 75stdenv.mkDerivation (finalAttrs: {
 76  pname = "postfix";
 77  version = "3.10.7";
 78
 79  src = fetchurl {
 80    url = "https://de.postfix.org/ftpmirror/official/postfix-${finalAttrs.version}.tar.gz";
 81    hash = "sha256-/NP/cIBq5/CoLntcMB4vT8+mpomi27Oz8bXlIIEVeIo=";
 82  };
 83
 84  nativeBuildInputs = [
 85    makeWrapper
 86    m4
 87  ];
 88  buildInputs = [
 89    db
 90    openssl
 91    cyrus_sasl
 92    icu
 93    libnsl
 94    pcre2
 95  ]
 96  ++ lib.optional withPgSQL libpq
 97  ++ lib.optional withMySQL libmysqlclient
 98  ++ lib.optional withSQLite sqlite
 99  ++ lib.optional withLDAP openldap
100  ++ lib.optional withTLSRPT libtlsrpt;
101
102  hardeningDisable = [ "format" ];
103
104  patches = [
105    ./postfix-script-shell.patch
106    ./post-install-script.patch
107    ./postfix-3.0-no-warnings.patch
108    ./relative-symlinks.patch
109
110    # glibc 2.34 compat
111    (fetchpatch {
112      url = "https://src.fedoraproject.org/rpms/postfix/raw/2f9d42453e67ebc43f786d98262a249037f80a77/f/postfix-3.6.2-glibc-234-build-fix.patch";
113      sha256 = "sha256-xRUL5gaoIt6HagGlhsGwvwrAfYvzMgydsltYMWvl9BI=";
114    })
115  ];
116
117  postPatch =
118    lib.optionalString (stdenv.hostPlatform != stdenv.buildPlatform) ''
119      sed -e 's!bin/postconf!${buildPackages.postfix}/bin/postconf!' -i postfix-install
120    ''
121    + ''
122      sed -e '/^PATH=/d' -i postfix-install
123      sed -e "s|@PACKAGE@|$out|" -i conf/post-install
124
125      # post-install need skip permissions check/set on all symlinks following to /nix/store
126      sed -e "s|@NIX_STORE@|$NIX_STORE|" -i conf/post-install
127    '';
128
129  postConfigure = ''
130    export command_directory=$out/sbin
131    export config_directory=/etc/postfix
132    export meta_directory=$out/etc/postfix
133    export daemon_directory=$out/libexec/postfix
134    export data_directory=/var/lib/postfix/data
135    export html_directory=$out/share/postfix/doc/html
136    export mailq_path=$out/bin/mailq
137    export manpage_directory=$out/share/man
138    export newaliases_path=$out/bin/newaliases
139    export queue_directory=/var/lib/postfix/queue
140    export readme_directory=$out/share/postfix/doc
141    export sendmail_path=$out/bin/sendmail
142
143    makeFlagsArray+=(AR=$AR _AR=$AR RANLIB=$RANLIB _RANLIB=$RANLIB)
144
145    make makefiles CCARGS='${ccargs}' AUXLIBS='${auxlibs}'
146  '';
147
148  enableParallelBuilding = true;
149
150  NIX_LDFLAGS = lib.optionalString withLDAP "-llber";
151
152  installTargets = [ "non-interactive-package" ];
153
154  installFlags = [ "install_root=installdir" ];
155
156  postInstall = ''
157    mkdir -p $out
158    mv -v installdir/$out/* $out/
159    cp -rv installdir/etc $out
160    sed -e '/^PATH=/d' -i $out/libexec/postfix/post-install
161    wrapProgram $out/libexec/postfix/post-install \
162      --prefix PATH ":" ${
163        lib.makeBinPath [
164          coreutils
165          findutils
166          gnugrep
167        ]
168      }
169    wrapProgram $out/libexec/postfix/postfix-script \
170      --prefix PATH ":" ${
171        lib.makeBinPath [
172          coreutils
173          findutils
174          gnugrep
175          gawk
176          gnused
177        ]
178      }
179
180    # Avoid dev-only outputs from being retained in final closure.
181    # `makedefs.out` is a documenttation-only file. It should be safe
182    # to store invalid store paths there.
183    sed -e "s|$NIX_STORE/[a-z0-9]\{32\}-|$NIX_STORE/eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee-|g" -i $out/etc/postfix/makedefs.out
184  '';
185
186  passthru = {
187    tests = { inherit (nixosTests) postfix postfix-raise-smtpd-tls-security-level; };
188
189    updateScript = ./update.sh;
190  };
191
192  meta = {
193    homepage = "http://www.postfix.org/";
194    changelog = "https://www.postfix.org/announcements/postfix-${finalAttrs.version}.html";
195    description = "Fast, easy to administer, and secure mail server";
196    license = with lib.licenses; [
197      ipl10
198      epl20
199    ];
200    platforms = lib.platforms.linux;
201    maintainers = with lib.maintainers; [
202      dotlambda
203      lewo
204    ];
205  };
206})