diff options
Diffstat (limited to 'pkgs/servers/dns/knot-resolver/default.nix')
-rw-r--r-- | pkgs/servers/dns/knot-resolver/default.nix | 39 |
1 files changed, 25 insertions, 14 deletions
diff --git a/pkgs/servers/dns/knot-resolver/default.nix b/pkgs/servers/dns/knot-resolver/default.nix index 3466fb776f0..b0f9dfd6c91 100644 --- a/pkgs/servers/dns/knot-resolver/default.nix +++ b/pkgs/servers/dns/knot-resolver/default.nix @@ -1,8 +1,9 @@ -{ stdenv, fetchurl, fetchpatch +{ lib, stdenv, fetchurl # native deps. -, runCommand, pkgconfig, meson, ninja, makeWrapper +, runCommand, pkg-config, meson, ninja, makeWrapper # build+runtime deps. -, knot-dns, luajitPackages, libuv, gnutls, lmdb, systemd, dns-root-data +, knot-dns, luajitPackages, libuv, gnutls, lmdb +, systemd, libcap_ng, dns-root-data, nghttp2 # optionals, in principle # test-only deps. , cmocka, which, cacert , extraFeatures ? false /* catch-all if defaults aren't enough */ @@ -11,16 +12,16 @@ let # un-indented, over the whole file result = if extraFeatures then wrapped-full else unwrapped; -inherit (stdenv.lib) optional optionals; +inherit (lib) optional optionals optionalString; lua = luajitPackages; unwrapped = stdenv.mkDerivation rec { pname = "knot-resolver"; - version = "5.1.2"; + version = "5.3.2"; src = fetchurl { url = "https://secure.nic.cz/files/knot-resolver/${pname}-${version}.tar.xz"; - sha256 = "caa4f941caf39080184554fb1310f383eba4b30d9c4c2215670d6b0a2de8f836"; + sha256 = "8b6f447d5fe93422d4c129a2d4004a977369c3aa6e55258ead1cbd488bc01436"; }; outputs = [ "out" "dev" ]; @@ -29,8 +30,8 @@ unwrapped = stdenv.mkDerivation rec { postPatch = '' patch meson.build <<EOF @@ -50,2 +50,2 @@ - -systemd_work_dir = join_paths(prefix, get_option('localstatedir'), 'lib', 'knot-resolver') - -systemd_cache_dir = join_paths(prefix, get_option('localstatedir'), 'cache', 'knot-resolver') + -systemd_work_dir = prefix / get_option('localstatedir') / 'lib' / 'knot-resolver' + -systemd_cache_dir = prefix / get_option('localstatedir') / 'cache' / 'knot-resolver' +systemd_work_dir = '/var/lib/knot-resolver' +systemd_cache_dir = '/var/cache/knot-resolver' EOF @@ -38,18 +39,25 @@ unwrapped = stdenv.mkDerivation rec { # ExecStart can't be overwritten in overrides. # We need that to use wrapped executable and correct config file. sed '/^ExecStart=/d' -i systemd/kresd@.service.in + '' + # some tests have issues with network sandboxing, apparently + + optionalString doInstallCheck '' + echo 'os.exit(77)' > daemon/lua/trust_anchors.test/bootstrap.test.lua + sed '/^[[:blank:]]*test_dstaddr,$/d' -i \ + tests/config/doh2.test.lua modules/http/http_doh.test.lua ''; preConfigure = '' patchShebangs scripts/ ''; - nativeBuildInputs = [ pkgconfig meson ninja ]; + nativeBuildInputs = [ pkg-config meson ninja ]; # http://knot-resolver.readthedocs.io/en/latest/build.html#requirements buildInputs = [ knot-dns lua.lua libuv gnutls lmdb ] - ++ optional stdenv.isLinux systemd # passing sockets, sd_notify - ## optional dependencies; TODO: libedit, dnstap + ++ optionals stdenv.isLinux [ systemd libcap_ng ] + ++ [ nghttp2 ] + ## optional dependencies; TODO: dnstap ; mesonFlags = [ @@ -67,15 +75,18 @@ unwrapped = stdenv.mkDerivation rec { postInstall = '' rm "$out"/lib/libkres.a rm "$out"/lib/knot-resolver/upgrade-4-to-5.lua # not meaningful on NixOS + '' + optionalString stdenv.targetPlatform.isLinux '' + rm -r "$out"/lib/sysusers.d/ # ATM more likely to harm than help ''; - doInstallCheck = with stdenv; hostPlatform == buildPlatform; - installCheckInputs = [ cmocka which cacert lua.cqueues lua.basexx ]; + doInstallCheck = with stdenv; hostPlatform == buildPlatform + && !(isDarwin && isAarch64); # avoid luarocks, as it's broken ATM on the platform + installCheckInputs = [ cmocka which cacert lua.cqueues lua.basexx lua.http ]; installCheckPhase = '' meson test --print-errorlogs ''; - meta = with stdenv.lib; { + meta = with lib; { description = "Caching validating DNS resolver, from .cz domain registry"; homepage = "https://knot-resolver.cz"; license = licenses.gpl3Plus; |