diff options
-rw-r--r-- | nixos/modules/virtualisation/openvswitch.nix | 13 | ||||
-rw-r--r-- | pkgs/os-specific/linux/openvswitch/default.nix | 26 | ||||
-rw-r--r-- | pkgs/os-specific/linux/openvswitch/lts.nix | 77 | ||||
-rw-r--r-- | pkgs/top-level/all-packages.nix | 2 |
4 files changed, 97 insertions, 21 deletions
diff --git a/nixos/modules/virtualisation/openvswitch.nix b/nixos/modules/virtualisation/openvswitch.nix index edec3740230..6b8ad83661f 100644 --- a/nixos/modules/virtualisation/openvswitch.nix +++ b/nixos/modules/virtualisation/openvswitch.nix @@ -42,6 +42,9 @@ in { default = false; description = '' Whether to start racoon service for openvswitch. + Supported only if openvswitch version is less than 2.6.0. + Use <literal>virtualisation.vswitch.package = pkgs.openvswitch-lts</literal> + for a version that supports ipsec over GRE. ''; }; }; @@ -89,6 +92,13 @@ in { "${cfg.package}/share/openvswitch/vswitch.ovsschema" fi chmod -R +w /var/db/openvswitch + if ${cfg.package}/bin/ovsdb-tool needs-conversion /var/db/openvswitch/conf.db | grep -q "yes" + then + echo "Performing database upgrade" + ${cfg.package}/bin/ovsdb-tool convert /var/db/openvswitch/conf.db + else + echo "Database already up to date" + fi ''; serviceConfig = { ExecStart = @@ -133,7 +143,7 @@ in { }; } - (mkIf cfg.ipsec { + (mkIf (cfg.ipsec && (versionOlder cfg.package.version "2.6.0")) { services.racoon.enable = true; services.racoon.configPath = "${runDir}/ipsec/etc/racoon/racoon.conf"; @@ -172,5 +182,4 @@ in { ''; }; })])); - } diff --git a/pkgs/os-specific/linux/openvswitch/default.nix b/pkgs/os-specific/linux/openvswitch/default.nix index bf26b9e2b28..516672f3197 100644 --- a/pkgs/os-specific/linux/openvswitch/default.nix +++ b/pkgs/os-specific/linux/openvswitch/default.nix @@ -6,19 +6,20 @@ with stdenv.lib; let _kernel = kernel; + python = python27.withPackages (ps: with ps; [ six ]); in stdenv.mkDerivation rec { - version = "2.5.4"; + version = "2.12.0"; pname = "openvswitch"; src = fetchurl { url = "http://openvswitch.org/releases/${pname}-${version}.tar.gz"; - sha256 = "1lji87wg953lqcdf02f1zv2m54vhd2x9jd03bb91lnlb4qlhifiv"; + sha256 = "1y78ix5inhhcvicbvyy2ij38am1215nr55vydhab3d4065q45z8k"; }; kernel = optional (_kernel != null) _kernel.dev; nativeBuildInputs = [ pkgconfig ]; - buildInputs = [ makeWrapper utillinux openssl libcap_ng python27 + buildInputs = [ makeWrapper utillinux openssl libcap_ng python perl procps which ]; configureFlags = [ @@ -36,27 +37,13 @@ in stdenv.mkDerivation rec { postBuild = '' # fix tests - substituteInPlace xenserver/opt_xensource_libexec_interface-reconfigure --replace '/usr/bin/env python' '${python27.interpreter}' - substituteInPlace vtep/ovs-vtep --replace '/usr/bin/env python' '${python27.interpreter}' + substituteInPlace xenserver/opt_xensource_libexec_interface-reconfigure --replace '/usr/bin/env python' '${python.interpreter}' + substituteInPlace vtep/ovs-vtep --replace '/usr/bin/env python' '${python.interpreter}' ''; enableParallelBuilding = true; doCheck = false; # bash-completion test fails with "compgen: command not found" - postInstall = '' - cp debian/ovs-monitor-ipsec $out/share/openvswitch/scripts - makeWrapper \ - $out/share/openvswitch/scripts/ovs-monitor-ipsec \ - $out/bin/ovs-monitor-ipsec \ - --prefix PYTHONPATH : "$out/share/openvswitch/python" - substituteInPlace $out/share/openvswitch/scripts/ovs-monitor-ipsec \ - --replace "UnixctlServer.create(None)" "UnixctlServer.create(os.environ['UNIXCTLPATH'])" - substituteInPlace $out/share/openvswitch/scripts/ovs-monitor-ipsec \ - --replace "self.psk_file" "root_prefix + self.psk_file" - substituteInPlace $out/share/openvswitch/scripts/ovs-monitor-ipsec \ - --replace "self.cert_dir" "root_prefix + self.cert_dir" - ''; - meta = with stdenv.lib; { platforms = platforms.linux; description = "A multilayer virtual switch"; @@ -73,5 +60,6 @@ in stdenv.mkDerivation rec { ''; homepage = http://openvswitch.org/; license = licenses.asl20; + maintainers = [ maintainers.netixx ]; }; } diff --git a/pkgs/os-specific/linux/openvswitch/lts.nix b/pkgs/os-specific/linux/openvswitch/lts.nix new file mode 100644 index 00000000000..8e9a006735e --- /dev/null +++ b/pkgs/os-specific/linux/openvswitch/lts.nix @@ -0,0 +1,77 @@ +{ stdenv, fetchurl, makeWrapper, pkgconfig, utillinux, which +, procps, libcap_ng, openssl, python27, iproute , perl +, kernel ? null }: + +with stdenv.lib; + +let + _kernel = kernel; +in stdenv.mkDerivation rec { + version = "2.5.6"; + pname = "openvswitch"; + + src = fetchurl { + url = "http://openvswitch.org/releases/${pname}-${version}.tar.gz"; + sha256 = "14zjcd0ddjv90rwb24l3cac6psd34a9r04jjghn1av0kf6b76zj4"; + }; + + kernel = optional (_kernel != null) _kernel.dev; + + nativeBuildInputs = [ pkgconfig ]; + buildInputs = [ makeWrapper utillinux openssl libcap_ng python27 + perl procps which ]; + + configureFlags = [ + "--localstatedir=/var" + "--sharedstatedir=/var" + "--sbindir=$(out)/bin" + ] ++ (optionals (_kernel != null) ["--with-linux"]); + + # Leave /var out of this! + installFlags = [ + "LOGDIR=$(TMPDIR)/dummy" + "RUNDIR=$(TMPDIR)/dummy" + "PKIDIR=$(TMPDIR)/dummy" + ]; + + postBuild = '' + # fix tests + substituteInPlace xenserver/opt_xensource_libexec_interface-reconfigure --replace '/usr/bin/env python' '${python27.interpreter}' + substituteInPlace vtep/ovs-vtep --replace '/usr/bin/env python' '${python27.interpreter}' + ''; + + enableParallelBuilding = true; + doCheck = false; # bash-completion test fails with "compgen: command not found" + + postInstall = '' + cp debian/ovs-monitor-ipsec $out/share/openvswitch/scripts + makeWrapper \ + $out/share/openvswitch/scripts/ovs-monitor-ipsec \ + $out/bin/ovs-monitor-ipsec \ + --prefix PYTHONPATH : "$out/share/openvswitch/python" + substituteInPlace $out/share/openvswitch/scripts/ovs-monitor-ipsec \ + --replace "UnixctlServer.create(None)" "UnixctlServer.create(os.environ['UNIXCTLPATH'])" + substituteInPlace $out/share/openvswitch/scripts/ovs-monitor-ipsec \ + --replace "self.psk_file" "root_prefix + self.psk_file" + substituteInPlace $out/share/openvswitch/scripts/ovs-monitor-ipsec \ + --replace "self.cert_dir" "root_prefix + self.cert_dir" + ''; + + meta = with stdenv.lib; { + platforms = platforms.linux; + description = "A multilayer virtual switch"; + longDescription = + '' + Open vSwitch is a production quality, multilayer virtual switch + licensed under the open source Apache 2.0 license. It is + designed to enable massive network automation through + programmatic extension, while still supporting standard + management interfaces and protocols (e.g. NetFlow, sFlow, SPAN, + RSPAN, CLI, LACP, 802.1ag). In addition, it is designed to + support distribution across multiple physical servers similar + to VMware's vNetwork distributed vswitch or Cisco's Nexus 1000V. + ''; + homepage = http://openvswitch.org/; + license = licenses.asl20; + }; +} diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index c62a1822f24..cb74c2d0866 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -5273,6 +5273,8 @@ in openssl = openssl_1_0_2; }; + openvswitch-lts = callPackage ../os-specific/linux/openvswitch/lts.nix { }; + optipng = callPackage ../tools/graphics/optipng { libpng = libpng12; }; |