diff options
author | Daiderd Jordan <daiderd@gmail.com> | 2017-12-27 21:26:36 +0100 |
---|---|---|
committer | Daiderd Jordan <daiderd@gmail.com> | 2017-12-27 21:36:32 +0100 |
commit | 091c2b9f04189301f18ff0bc8336541d137f1d61 (patch) | |
tree | 808197fe6e9bca7e6e84a65530d9c0e2a58c81ad | |
parent | bfccf8e42cb42a3876b4ed7c4514552f53e66d90 (diff) | |
download | nixpkgs-091c2b9f04189301f18ff0bc8336541d137f1d61.tar nixpkgs-091c2b9f04189301f18ff0bc8336541d137f1d61.tar.gz nixpkgs-091c2b9f04189301f18ff0bc8336541d137f1d61.tar.bz2 nixpkgs-091c2b9f04189301f18ff0bc8336541d137f1d61.tar.lz nixpkgs-091c2b9f04189301f18ff0bc8336541d137f1d61.tar.xz nixpkgs-091c2b9f04189301f18ff0bc8336541d137f1d61.tar.zst nixpkgs-091c2b9f04189301f18ff0bc8336541d137f1d61.zip |
cacert: cleanup exporting SSL_CERT_FILE
-rw-r--r-- | pkgs/build-support/fetchbower/default.nix | 3 | ||||
-rw-r--r-- | pkgs/build-support/fetchdarcs/default.nix | 3 | ||||
-rw-r--r-- | pkgs/build-support/fetchgx/default.nix | 4 | ||||
-rw-r--r-- | pkgs/build-support/rust/default.nix | 3 | ||||
-rw-r--r-- | pkgs/build-support/rust/fetchcargo.nix | 1 | ||||
-rw-r--r-- | pkgs/development/compilers/go/1.7.nix | 4 | ||||
-rw-r--r-- | pkgs/development/compilers/go/1.8.nix | 4 | ||||
-rw-r--r-- | pkgs/development/compilers/go/1.9.nix | 4 | ||||
-rw-r--r-- | pkgs/development/compilers/rust/cargo.nix | 4 | ||||
-rw-r--r-- | pkgs/development/r-modules/default.nix | 6 | ||||
-rw-r--r-- | pkgs/os-specific/linux/firmware/firmware-linux-nonfree/default.nix | 3 |
11 files changed, 11 insertions, 28 deletions
diff --git a/pkgs/build-support/fetchbower/default.nix b/pkgs/build-support/fetchbower/default.nix index 3e1f0eff84a..ba1c8420e91 100644 --- a/pkgs/build-support/fetchbower/default.nix +++ b/pkgs/build-support/fetchbower/default.nix @@ -11,7 +11,6 @@ let fetchbower = name: version: target: outputHash: stdenv.mkDerivation { name = "${cleanName name}-${bowerVersion version}"; - SSL_CERT_FILE = "${cacert}/etc/ssl/certs/ca-bundle.crt"; buildCommand = '' fetch-bower --quiet --out=$PWD/out "${name}" "${target}" "${version}" # In some cases, the result of fetchBower is different depending @@ -23,7 +22,7 @@ let outputHashMode = "recursive"; outputHashAlgo = "sha256"; inherit outputHash; - buildInputs = [ bower2nix ]; + buildInputs = [ cacert bower2nix ]; }; in fetchbower diff --git a/pkgs/build-support/fetchdarcs/default.nix b/pkgs/build-support/fetchdarcs/default.nix index 2df1b136c55..48d87cc5d10 100644 --- a/pkgs/build-support/fetchdarcs/default.nix +++ b/pkgs/build-support/fetchdarcs/default.nix @@ -7,9 +7,8 @@ if md5 != "" then else stdenv.mkDerivation { name = "fetchdarcs"; - NIX_SSL_CERT_FILE = "${cacert}/etc/ssl/certs/ca-bundle.crt"; builder = ./builder.sh; - buildInputs = [darcs]; + buildInputs = [cacert darcs]; outputHashAlgo = "sha256"; outputHashMode = "recursive"; diff --git a/pkgs/build-support/fetchgx/default.nix b/pkgs/build-support/fetchgx/default.nix index ea91a0854d1..65061ce0f63 100644 --- a/pkgs/build-support/fetchgx/default.nix +++ b/pkgs/build-support/fetchgx/default.nix @@ -6,7 +6,7 @@ stdenv.mkDerivation { name = "${name}-gxdeps"; inherit src; - buildInputs = [ go gx gx-go ]; + buildInputs = [ cacert go gx gx-go ]; outputHashAlgo = "sha256"; outputHashMode = "recursive"; @@ -14,8 +14,6 @@ stdenv.mkDerivation { phases = [ "unpackPhase" "buildPhase" "installPhase" ]; - NIX_SSL_CERT_FILE = "${cacert}/etc/ssl/certs/ca-bundle.crt"; - buildPhase = '' export GOPATH=$(pwd)/vendor mkdir -p vendor diff --git a/pkgs/build-support/rust/default.nix b/pkgs/build-support/rust/default.nix index 57948c33bbc..d720532e147 100644 --- a/pkgs/build-support/rust/default.nix +++ b/pkgs/build-support/rust/default.nix @@ -32,7 +32,7 @@ in stdenv.mkDerivation (args // { patchRegistryDeps = ./patch-registry-deps; - buildInputs = [ git rust.cargo rust.rustc ] ++ buildInputs; + buildInputs = [ cacert git rust.cargo rust.rustc ] ++ buildInputs; configurePhase = args.configurePhase or '' runHook preConfigure @@ -60,7 +60,6 @@ in stdenv.mkDerivation (args // { unset cargoDepsCopy export RUST_LOG=${logLevel} - export SSL_CERT_FILE=${cacert}/etc/ssl/certs/ca-bundle.crt '' + (args.postUnpack or ""); buildPhase = with builtins; args.buildPhase or '' diff --git a/pkgs/build-support/rust/fetchcargo.nix b/pkgs/build-support/rust/fetchcargo.nix index 9b3ba530339..8c136d86488 100644 --- a/pkgs/build-support/rust/fetchcargo.nix +++ b/pkgs/build-support/rust/fetchcargo.nix @@ -19,7 +19,6 @@ stdenv.mkDerivation { exit 1 fi - export SSL_CERT_FILE=${cacert}/etc/ssl/certs/ca-bundle.crt export CARGO_HOME=$(mktemp -d cargo-home.XXX) cargo vendor diff --git a/pkgs/development/compilers/go/1.7.nix b/pkgs/development/compilers/go/1.7.nix index b1230da5a14..82ed9b53c60 100644 --- a/pkgs/development/compilers/go/1.7.nix +++ b/pkgs/development/compilers/go/1.7.nix @@ -35,7 +35,7 @@ stdenv.mkDerivation rec { # perl is used for testing go vet nativeBuildInputs = [ perl which pkgconfig patch ]; - buildInputs = [ pcre ]; + buildInputs = [ cacert pcre ]; propagatedBuildInputs = optionals stdenv.isDarwin [ Security Foundation ]; hardeningDisable = [ "all" ]; @@ -116,8 +116,6 @@ stdenv.mkDerivation rec { }) ]; - NIX_SSL_CERT_FILE = "${cacert}/etc/ssl/certs/ca-bundle.crt"; - GOOS = if stdenv.isDarwin then "darwin" else "linux"; GOARCH = if stdenv.isDarwin then "amd64" else if stdenv.system == "i686-linux" then "386" diff --git a/pkgs/development/compilers/go/1.8.nix b/pkgs/development/compilers/go/1.8.nix index 210f259df89..050a2f3c865 100644 --- a/pkgs/development/compilers/go/1.8.nix +++ b/pkgs/development/compilers/go/1.8.nix @@ -37,7 +37,7 @@ stdenv.mkDerivation rec { # perl is used for testing go vet nativeBuildInputs = [ perl which pkgconfig patch makeWrapper ] ++ optionals stdenv.isLinux [ procps ]; - buildInputs = [ pcre ] + buildInputs = [ cacert pcre ] ++ optionals stdenv.isLinux [ stdenv.glibc.out stdenv.glibc.static ]; propagatedBuildInputs = optionals stdenv.isDarwin [ Security Foundation ]; @@ -122,8 +122,6 @@ stdenv.mkDerivation rec { substituteInPlace "src/cmd/link/internal/ld/lib.go" --replace dsymutil ${llvm}/bin/llvm-dsymutil ''; - NIX_SSL_CERT_FILE = "${cacert}/etc/ssl/certs/ca-bundle.crt"; - GOOS = if stdenv.isDarwin then "darwin" else "linux"; GOARCH = if stdenv.isDarwin then "amd64" else if stdenv.system == "i686-linux" then "386" diff --git a/pkgs/development/compilers/go/1.9.nix b/pkgs/development/compilers/go/1.9.nix index 8708bd762c4..8b8481c2656 100644 --- a/pkgs/development/compilers/go/1.9.nix +++ b/pkgs/development/compilers/go/1.9.nix @@ -37,7 +37,7 @@ stdenv.mkDerivation rec { # perl is used for testing go vet nativeBuildInputs = [ perl which pkgconfig patch makeWrapper ] ++ optionals stdenv.isLinux [ procps ]; - buildInputs = [ pcre ] + buildInputs = [ cacert pcre ] ++ optionals stdenv.isLinux [ stdenv.glibc.out stdenv.glibc.static ]; propagatedBuildInputs = optionals stdenv.isDarwin [ Security Foundation ]; @@ -128,8 +128,6 @@ stdenv.mkDerivation rec { substituteInPlace "src/cmd/link/internal/ld/lib.go" --replace dsymutil ${llvm}/bin/llvm-dsymutil ''; - NIX_SSL_CERT_FILE = "${cacert}/etc/ssl/certs/ca-bundle.crt"; - GOOS = if stdenv.isDarwin then "darwin" else "linux"; GOARCH = if stdenv.isDarwin then "amd64" else if stdenv.system == "i686-linux" then "386" diff --git a/pkgs/development/compilers/rust/cargo.nix b/pkgs/development/compilers/rust/cargo.nix index fb3001bbf17..386ffa62294 100644 --- a/pkgs/development/compilers/rust/cargo.nix +++ b/pkgs/development/compilers/rust/cargo.nix @@ -24,7 +24,7 @@ rustPlatform.buildRustPackage rec { passthru.rustc = rustc; nativeBuildInputs = [ pkgconfig ]; - buildInputs = [ file curl python openssl cmake zlib makeWrapper libgit2 ] + buildInputs = [ cacert file curl python openssl cmake zlib makeWrapper libgit2 ] ++ stdenv.lib.optionals stdenv.isDarwin [ CoreFoundation libiconv ]; LIBGIT2_SYS_USE_PKG_CONFIG=1; @@ -48,8 +48,6 @@ rustPlatform.buildRustPackage rec { ''; checkPhase = '' - # Export SSL_CERT_FILE as without it one test fails with SSL verification error - export SSL_CERT_FILE=${cacert}/etc/ssl/certs/ca-bundle.crt # Disable cross compilation tests export CFG_DISABLE_CROSS_TESTS=1 cargo test diff --git a/pkgs/development/r-modules/default.nix b/pkgs/development/r-modules/default.nix index 76c0e522777..de800f701e3 100644 --- a/pkgs/development/r-modules/default.nix +++ b/pkgs/development/r-modules/default.nix @@ -3,7 +3,7 @@ { R, pkgs, overrides }: let - inherit (pkgs) fetchurl stdenv lib; + inherit (pkgs) cacert fetchurl stdenv lib; buildRPackage = pkgs.callPackage ./generic-builder.nix { inherit R; @@ -912,9 +912,7 @@ let }); geojsonio = old.geojsonio.overrideDerivation (attrs: { - preConfigure = '' - export SSL_CERT_FILE=${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt - ''; + buildInputs = [ cacert ] ++ attrs.buildInputs; }); rstan = old.rstan.overrideDerivation (attrs: { diff --git a/pkgs/os-specific/linux/firmware/firmware-linux-nonfree/default.nix b/pkgs/os-specific/linux/firmware/firmware-linux-nonfree/default.nix index 0044a3f6f4a..3bd03d7b40c 100644 --- a/pkgs/os-specific/linux/firmware/firmware-linux-nonfree/default.nix +++ b/pkgs/os-specific/linux/firmware/firmware-linux-nonfree/default.nix @@ -32,8 +32,7 @@ stdenv.mkDerivation rec { # traffic, so don't do that. preferLocalBuild = true; - buildInputs = [ git gnupg ]; - NIX_SSL_CERT_FILE = "${cacert}/etc/ssl/certs/ca-bundle.crt"; + buildInputs = [ cacert git gnupg ]; } '' git init src && ( cd src |