diff options
Diffstat (limited to 'pkgs/tools/package-management/nix')
6 files changed, 551 insertions, 0 deletions
diff --git a/pkgs/tools/package-management/nix/common.nix b/pkgs/tools/package-management/nix/common.nix new file mode 100644 index 00000000000..2161ea3c309 --- /dev/null +++ b/pkgs/tools/package-management/nix/common.nix @@ -0,0 +1,214 @@ +{ lib, fetchFromGitHub +, version +, suffix ? "" +, sha256 ? null +, src ? fetchFromGitHub { owner = "NixOS"; repo = "nix"; rev = version; inherit sha256; } +, patches ? [ ] +}: +assert (sha256 == null) -> (src != null); +let + atLeast24 = lib.versionAtLeast version "2.4pre"; + atLeast25 = lib.versionAtLeast version "2.5pre"; + atLeast27 = lib.versionAtLeast version "2.7pre"; +in +{ stdenv +, autoconf-archive +, autoreconfHook +, bash +, bison +, boehmgc +, boost +, brotli +, busybox-sandbox-shell +, bzip2 +, callPackage +, coreutils +, curl +, editline +, flex +, gnutar +, gtest +, gzip +, jq +, lib +, libarchive +, libcpuid +, libsodium +, lowdown +, mdbook +, nlohmann_json +, openssl +, perl +, pkg-config +, Security +, sqlite +, util-linuxMinimal +, xz + +, enableDocumentation ? !atLeast24 || stdenv.hostPlatform == stdenv.buildPlatform +, enableStatic ? stdenv.hostPlatform.isStatic +, withAWS ? !enableStatic && (stdenv.isLinux || stdenv.isDarwin), aws-sdk-cpp +, withLibseccomp ? lib.meta.availableOn stdenv.hostPlatform libseccomp, libseccomp + +, confDir +, stateDir +, storeDir +}: +stdenv.mkDerivation { + pname = "nix"; + + version = "${version}${suffix}"; + VERSION_SUFFIX = suffix; + + inherit src patches; + + outputs = + [ "out" "dev" ] + ++ lib.optionals enableDocumentation [ "man" "doc" ]; + + hardeningEnable = lib.optionals (!stdenv.isDarwin) [ "pie" ]; + + nativeBuildInputs = [ + pkg-config + ] ++ lib.optionals atLeast24 [ + autoconf-archive + autoreconfHook + bison + flex + jq + ] ++ lib.optionals (atLeast24 && enableDocumentation) [ + (lib.getBin lowdown) + mdbook + ] ++ lib.optionals stdenv.isLinux [ + util-linuxMinimal + ]; + + buildInputs = [ + boost + brotli + bzip2 + curl + editline + libsodium + openssl + sqlite + xz + ] ++ lib.optionals stdenv.isDarwin [ + Security + ] ++ lib.optionals atLeast24 [ + gtest + libarchive + lowdown + ] ++ lib.optionals (atLeast24 && stdenv.isx86_64) [ + libcpuid + ] ++ lib.optionals withLibseccomp [ + libseccomp + ] ++ lib.optionals withAWS [ + aws-sdk-cpp + ]; + + propagatedBuildInputs = [ + boehmgc + ] ++ lib.optional (atLeast27) [ + nlohmann_json + ]; + + NIX_LDFLAGS = lib.optionals (!atLeast24) [ + # https://github.com/NixOS/nix/commit/3e85c57a6cbf46d5f0fe8a89b368a43abd26daba + (lib.optionalString enableStatic "-lssl -lbrotlicommon -lssh2 -lz -lnghttp2 -lcrypto") + # https://github.com/NixOS/nix/commits/74b4737d8f0e1922ef5314a158271acf81cd79f8 + (lib.optionalString (stdenv.hostPlatform.system == "armv5tel-linux" || stdenv.hostPlatform.system == "armv6l-linux") "-latomic") + ]; + + preConfigure = + # Copy libboost_context so we don't get all of Boost in our closure. + # https://github.com/NixOS/nixpkgs/issues/45462 + lib.optionalString (!enableStatic) '' + mkdir -p $out/lib + cp -pd ${boost}/lib/{libboost_context*,libboost_thread*,libboost_system*} $out/lib + rm -f $out/lib/*.a + ${lib.optionalString stdenv.isLinux '' + chmod u+w $out/lib/*.so.* + patchelf --set-rpath $out/lib:${stdenv.cc.cc.lib}/lib $out/lib/libboost_thread.so.* + ''} + '' + + # On all versions before c9f51e87057652db0013289a95deffba495b35e7, which + # removes config.nix entirely and is not present in 2.3.x, we need to + # patch around an issue where the Nix configure step pulls in the build + # system's bash and other utilities when cross-compiling. + lib.optionalString (stdenv.buildPlatform != stdenv.hostPlatform && !atLeast24) '' + mkdir tmp/ + substitute corepkgs/config.nix.in tmp/config.nix.in \ + --subst-var-by bash ${bash}/bin/bash \ + --subst-var-by coreutils ${coreutils}/bin \ + --subst-var-by bzip2 ${bzip2}/bin/bzip2 \ + --subst-var-by gzip ${gzip}/bin/gzip \ + --subst-var-by xz ${xz}/bin/xz \ + --subst-var-by tar ${gnutar}/bin/tar \ + --subst-var-by tr ${coreutils}/bin/tr + mv tmp/config.nix.in corepkgs/config.nix.in + ''; + + configureFlags = [ + "--with-store-dir=${storeDir}" + "--localstatedir=${stateDir}" + "--sysconfdir=${confDir}" + "--enable-gc" + ] ++ lib.optionals (!enableDocumentation) [ + "--disable-doc-gen" + ] ++ lib.optionals (!atLeast24) [ + # option was removed in 2.4 + "--disable-init-state" + ] ++ lib.optionals stdenv.isLinux [ + "--with-sandbox-shell=${busybox-sandbox-shell}/bin/busybox" + ] ++ lib.optionals (stdenv.hostPlatform != stdenv.buildPlatform && stdenv.hostPlatform ? nix && stdenv.hostPlatform.nix ? system) [ + "--with-system=${stdenv.hostPlatform.nix.system}" + ] ++ lib.optionals (!withLibseccomp) [ + # RISC-V support in progress https://github.com/seccomp/libseccomp/pull/50 + "--disable-seccomp-sandboxing" + ]; + + makeFlags = [ + "profiledir=$(out)/etc/profile.d" + ] ++ lib.optional (stdenv.hostPlatform != stdenv.buildPlatform) "PRECOMPILE_HEADERS=0" + ++ lib.optional (stdenv.hostPlatform.isDarwin) "PRECOMPILE_HEADERS=1"; + + installFlags = [ "sysconfdir=$(out)/etc" ]; + + doInstallCheck = true; + + # socket path becomes too long otherwise + preInstallCheck = lib.optionalString stdenv.isDarwin '' + export TMPDIR=$NIX_BUILD_TOP + '' + # See https://github.com/NixOS/nix/issues/5687 + + lib.optionalString (atLeast25 && stdenv.isDarwin) '' + echo "exit 99" > tests/gc-non-blocking.sh + ''; + + separateDebugInfo = stdenv.isLinux && (atLeast24 -> !enableStatic); + + enableParallelBuilding = true; + + meta = with lib; { + description = "Powerful package manager that makes package management reliable and reproducible"; + longDescription = '' + Nix is a powerful package manager for Linux and other Unix systems that + makes package management reliable and reproducible. It provides atomic + upgrades and rollbacks, side-by-side installation of multiple versions of + a package, multi-user package management and easy setup of build + environments. + ''; + homepage = "https://nixos.org/"; + license = licenses.lgpl2Plus; + maintainers = with maintainers; [ eelco lovesegfault ]; + platforms = platforms.unix; + outputsToInstall = [ "out" ] ++ optional enableDocumentation "man"; + }; + + passthru = { + inherit aws-sdk-cpp boehmgc; + + perl-bindings = perl.pkgs.toPerlModule (callPackage ./nix-perl.nix { inherit src version; }); + }; +} diff --git a/pkgs/tools/package-management/nix/default.nix b/pkgs/tools/package-management/nix/default.nix new file mode 100644 index 00000000000..8eb8fef8298 --- /dev/null +++ b/pkgs/tools/package-management/nix/default.nix @@ -0,0 +1,85 @@ +{ lib +, aws-sdk-cpp +, boehmgc +, callPackage +, fetchFromGitHub +, fetchurl +, fetchpatch +, Security + +, storeDir ? "/nix/store" +, stateDir ? "/nix/var" +, confDir ? "/etc" +}: +let + boehmgc-nix_2_3 = boehmgc.override { enableLargeConfig = true; }; + + boehmgc-nix = boehmgc-nix_2_3.overrideAttrs (drv: { + # Part of the GC solution in https://github.com/NixOS/nix/pull/4944 + patches = (drv.patches or [ ]) ++ [ ./patches/boehmgc-coroutine-sp-fallback.patch ]; + }); + + aws-sdk-cpp-nix = (aws-sdk-cpp.override { + apis = [ "s3" "transfer" ]; + customMemoryManagement = false; + }).overrideDerivation (args: { + patches = (args.patches or [ ]) ++ [ ./patches/aws-sdk-cpp-TransferManager-ContentEncoding.patch ]; + + # only a stripped down version is build which takes a lot less resources to build + requiredSystemFeatures = null; + }); + + common = args: + callPackage + (import ./common.nix ({ inherit lib fetchFromGitHub; } // args)) + { + inherit Security storeDir stateDir confDir; + boehmgc = boehmgc-nix; + aws-sdk-cpp = aws-sdk-cpp-nix; + }; +in lib.makeExtensible (self: { + nix_2_3 = (common rec { + version = "2.3.16"; + src = fetchurl { + url = "https://nixos.org/releases/nix/nix-${version}/nix-${version}.tar.xz"; + sha256 = "sha256-fuaBtp8FtSVJLSAsO+3Nne4ZYLuBj2JpD2xEk7fCqrw="; + }; + }).override { boehmgc = boehmgc-nix_2_3; }; + + nix_2_4 = common { + version = "2.4"; + sha256 = "sha256-op48CCDgLHK0qV1Batz4Ln5FqBiRjlE6qHTiZgt3b6k="; + # https://github.com/NixOS/nix/pull/5537 + patches = [ ./patches/install-nlohmann_json-headers.patch ]; + }; + + nix_2_5 = common { + version = "2.5.1"; + sha256 = "sha256-GOsiqy9EaTwDn2PLZ4eFj1VkXcBUbqrqHehRE9GuGdU="; + # https://github.com/NixOS/nix/pull/5536 + patches = [ ./patches/install-nlohmann_json-headers.patch ]; + }; + + nix_2_6 = common { + version = "2.6.1"; + sha256 = "sha256-E9iQ7f+9Z6xFcUvvfksTEfn8LsDfzmwrcRBC//5B3V0="; + }; + + nix_2_7 = common { + version = "2.7.0"; + sha256 = "sha256-m8tqCS6uHveDon5GSro5yZor9H+sHeh+v/veF1IGw24="; + }; + + stable = self.nix_2_7; + + unstable = lib.lowPrio (common rec { + version = "2.8"; + suffix = "pre20220311_${lib.substring 0 7 src.rev}"; + src = fetchFromGitHub { + owner = "NixOS"; + repo = "nix"; + rev = "d5322698a2abbc6d141e1d244e17b0d226a2f18b"; + sha256 = "sha256-7rQSktGC8+DmeyGOnzFMy1QwAYnw4JJphv+lEwFCwfU="; + }; + }); +}) diff --git a/pkgs/tools/package-management/nix/nix-perl.nix b/pkgs/tools/package-management/nix/nix-perl.nix new file mode 100644 index 00000000000..069a22d3a85 --- /dev/null +++ b/pkgs/tools/package-management/nix/nix-perl.nix @@ -0,0 +1,44 @@ +{ stdenv +, perl +, pkg-config +, curl +, nix +, libsodium +, boost +, autoreconfHook +, autoconf-archive +, nlohmann_json + +, version +, src +}: + +stdenv.mkDerivation { + pname = "nix-perl"; + inherit version src; + + postUnpack = "sourceRoot=$sourceRoot/perl"; + + # This is not cross-compile safe, don't have time to fix right now + # but noting for future travellers. + nativeBuildInputs = [ + autoconf-archive + autoreconfHook + boost + curl + libsodium + nix + nlohmann_json + perl + pkg-config + ]; + + configureFlags = [ + "--with-dbi=${perl.pkgs.DBI}/${perl.libPrefix}" + "--with-dbd-sqlite=${perl.pkgs.DBDSQLite}/${perl.libPrefix}" + ]; + + preConfigure = "export NIX_STATE_DIR=$TMPDIR"; + + preBuild = "unset NIX_INDENT_MAKE"; +} diff --git a/pkgs/tools/package-management/nix/patches/aws-sdk-cpp-TransferManager-ContentEncoding.patch b/pkgs/tools/package-management/nix/patches/aws-sdk-cpp-TransferManager-ContentEncoding.patch new file mode 100644 index 00000000000..59cc305a60b --- /dev/null +++ b/pkgs/tools/package-management/nix/patches/aws-sdk-cpp-TransferManager-ContentEncoding.patch @@ -0,0 +1,127 @@ +From 7d58e303159b2fb343af9a1ec4512238efa147c7 Mon Sep 17 00:00:00 2001 +From: Eelco Dolstra <edolstra@gmail.com> +Date: Mon, 6 Aug 2018 17:15:04 +0200 +Subject: [PATCH] TransferManager: Allow setting a content-encoding for S3 uploads + +--- a/aws-cpp-sdk-transfer/include/aws/transfer/TransferHandle.h ++++ b/aws-cpp-sdk-transfer/include/aws/transfer/TransferHandle.h +@@ -297,6 +297,14 @@ namespace Aws + * Content type of the object being transferred + */ + inline void SetContentType(const Aws::String& value) { std::lock_guard<std::mutex> locker(m_getterSetterLock); m_contentType = value; } ++ /** ++ * Content encoding of the object being transferred ++ */ ++ inline const Aws::String GetContentEncoding() const { std::lock_guard<std::mutex> locker(m_getterSetterLock); return m_contentEncoding; } ++ /** ++ * Content type of the object being transferred ++ */ ++ inline void SetContentEncoding(const Aws::String& value) { std::lock_guard<std::mutex> locker(m_getterSetterLock); m_contentEncoding = value; } + /** + * In case of an upload, this is the metadata that was placed on the object when it was uploaded. + * In the case of a download, this is the object metadata from the GetObject operation. +@@ -383,6 +391,7 @@ namespace Aws + Aws::String m_key; + Aws::String m_fileName; + Aws::String m_contentType; ++ Aws::String m_contentEncoding; + Aws::String m_versionId; + Aws::Map<Aws::String, Aws::String> m_metadata; + TransferStatus m_status; +--- a/aws-cpp-sdk-transfer/include/aws/transfer/TransferManager.h ++++ b/aws-cpp-sdk-transfer/include/aws/transfer/TransferManager.h +@@ -154,7 +154,8 @@ namespace Aws + const Aws::String& keyName, + const Aws::String& contentType, + const Aws::Map<Aws::String, Aws::String>& metadata, +- const std::shared_ptr<const Aws::Client::AsyncCallerContext>& context = nullptr); ++ const std::shared_ptr<const Aws::Client::AsyncCallerContext>& context = nullptr, ++ const Aws::String& contentEncoding = ""); + + /** + * Downloads the contents of bucketName/keyName in S3 to the file specified by writeToFile. This will perform a GetObject operation. +@@ -246,7 +247,8 @@ namespace Aws + const Aws::Map<Aws::String, + Aws::String>& metadata, + const std::shared_ptr<const Aws::Client::AsyncCallerContext>& context, +- const Aws::String& fileName = ""); ++ const Aws::String& fileName = "", ++ const Aws::String& contentEncoding = ""); + + /** + * Submits the actual task to task schecduler +@@ -262,7 +264,8 @@ namespace Aws + const Aws::String& keyName, + const Aws::String& contentType, + const Aws::Map<Aws::String, Aws::String>& metadata, +- const std::shared_ptr<const Aws::Client::AsyncCallerContext>& context); ++ const std::shared_ptr<const Aws::Client::AsyncCallerContext>& context, ++ const Aws::String& contentEncoding); + + /** + * Uploads the contents of file, to bucketName/keyName in S3. contentType and metadata will be added to the object. If the object is larger than the configured bufferSize, +--- a/aws-cpp-sdk-transfer/source/transfer/TransferManager.cpp ++++ b/aws-cpp-sdk-transfer/source/transfer/TransferManager.cpp +@@ -87,9 +87,10 @@ namespace Aws + const Aws::String& bucketName, + const Aws::String& keyName, const Aws::String& contentType, + const Aws::Map<Aws::String, Aws::String>& metadata, +- const std::shared_ptr<const Aws::Client::AsyncCallerContext>& context) ++ const std::shared_ptr<const Aws::Client::AsyncCallerContext>& context, ++ const Aws::String& contentEncoding) + { +- return this->DoUploadFile(fileStream, bucketName, keyName, contentType, metadata, context); ++ return this->DoUploadFile(fileStream, bucketName, keyName, contentType, metadata, context, contentEncoding); + } + + std::shared_ptr<TransferHandle> TransferManager::DownloadFile(const Aws::String& bucketName, +@@ -286,6 +287,9 @@ namespace Aws + createMultipartRequest.WithKey(handle->GetKey()); + createMultipartRequest.WithMetadata(handle->GetMetadata()); + ++ if (handle->GetContentEncoding() != "") ++ createMultipartRequest.WithContentEncoding(handle->GetContentEncoding()); ++ + auto createMultipartResponse = m_transferConfig.s3Client->CreateMultipartUpload(createMultipartRequest); + if (createMultipartResponse.IsSuccess()) + { +@@ -441,6 +445,9 @@ namespace Aws + + putObjectRequest.SetContentType(handle->GetContentType()); + ++ if (handle->GetContentEncoding() != "") ++ putObjectRequest.SetContentEncoding(handle->GetContentEncoding()); ++ + auto buffer = m_bufferManager.Acquire(); + + auto lengthToWrite = (std::min)(m_transferConfig.bufferSize, handle->GetBytesTotalSize()); +@@ -1140,12 +1147,15 @@ namespace Aws + const Aws::String& contentType, + const Aws::Map<Aws::String, Aws::String>& metadata, + const std::shared_ptr<const Aws::Client::AsyncCallerContext>& context, +- const Aws::String& fileName) ++ const Aws::String& fileName, ++ const Aws::String& contentEncoding) + { + auto handle = Aws::MakeShared<TransferHandle>(CLASS_TAG, bucketName, keyName, 0, fileName); + handle->SetContentType(contentType); + handle->SetMetadata(metadata); + handle->SetContext(context); ++ if (contentEncoding != "") ++ handle->SetContentEncoding(contentEncoding); + + if (!fileStream->good()) + { +@@ -1213,9 +1223,10 @@ namespace Aws + const Aws::String& keyName, + const Aws::String& contentType, + const Aws::Map<Aws::String, Aws::String>& metadata, +- const std::shared_ptr<const Aws::Client::AsyncCallerContext>& context) ++ const std::shared_ptr<const Aws::Client::AsyncCallerContext>& context, ++ const Aws::String& contentEncoding) + { +- auto handle = CreateUploadFileHandle(fileStream.get(), bucketName, keyName, contentType, metadata, context); ++ auto handle = CreateUploadFileHandle(fileStream.get(), bucketName, keyName, contentType, metadata, context, "", contentEncoding); + return SubmitUpload(handle, fileStream); + } + diff --git a/pkgs/tools/package-management/nix/patches/boehmgc-coroutine-sp-fallback.patch b/pkgs/tools/package-management/nix/patches/boehmgc-coroutine-sp-fallback.patch new file mode 100644 index 00000000000..e659bf470d3 --- /dev/null +++ b/pkgs/tools/package-management/nix/patches/boehmgc-coroutine-sp-fallback.patch @@ -0,0 +1,45 @@ +diff --git a/pthread_stop_world.c b/pthread_stop_world.c +index 4b2c429..1fb4c52 100644 +--- a/pthread_stop_world.c ++++ b/pthread_stop_world.c +@@ -673,6 +673,8 @@ GC_INNER void GC_push_all_stacks(void) + struct GC_traced_stack_sect_s *traced_stack_sect; + pthread_t self = pthread_self(); + word total_size = 0; ++ size_t stack_limit; ++ pthread_attr_t pattr; + + if (!EXPECT(GC_thr_initialized, TRUE)) + GC_thr_init(); +@@ -722,6 +724,31 @@ GC_INNER void GC_push_all_stacks(void) + hi = p->altstack + p->altstack_size; + /* FIXME: Need to scan the normal stack too, but how ? */ + /* FIXME: Assume stack grows down */ ++ } else { ++ if (pthread_getattr_np(p->id, &pattr)) { ++ ABORT("GC_push_all_stacks: pthread_getattr_np failed!"); ++ } ++ if (pthread_attr_getstacksize(&pattr, &stack_limit)) { ++ ABORT("GC_push_all_stacks: pthread_attr_getstacksize failed!"); ++ } ++ if (pthread_attr_destroy(&pattr)) { ++ ABORT("GC_push_all_stacks: pthread_attr_destroy failed!"); ++ } ++ // When a thread goes into a coroutine, we lose its original sp until ++ // control flow returns to the thread. ++ // While in the coroutine, the sp points outside the thread stack, ++ // so we can detect this and push the entire thread stack instead, ++ // as an approximation. ++ // We assume that the coroutine has similarly added its entire stack. ++ // This could be made accurate by cooperating with the application ++ // via new functions and/or callbacks. ++ #ifndef STACK_GROWS_UP ++ if (lo >= hi || lo < hi - stack_limit) { // sp outside stack ++ lo = hi - stack_limit; ++ } ++ #else ++ #error "STACK_GROWS_UP not supported in boost_coroutine2 (as of june 2021), so we don't support it in Nix." ++ #endif + } + GC_push_all_stack_sections(lo, hi, traced_stack_sect); + # ifdef STACK_GROWS_UP diff --git a/pkgs/tools/package-management/nix/patches/install-nlohmann_json-headers.patch b/pkgs/tools/package-management/nix/patches/install-nlohmann_json-headers.patch new file mode 100644 index 00000000000..8b92de22903 --- /dev/null +++ b/pkgs/tools/package-management/nix/patches/install-nlohmann_json-headers.patch @@ -0,0 +1,36 @@ +From 3884f7a69a57d8ecfcbcaae476ec2ff53ffbd549 Mon Sep 17 00:00:00 2001 +From: Robert Hensing <robert@roberthensing.nl> +Date: Thu, 11 Nov 2021 11:03:21 +0100 +Subject: [PATCH] Install nlohmann_json headers + +These headers are included by the libexpr, libfetchers, libstore +and libutil headers. +Considering that these are vendored sources, Nix should expose them, +as it is not a good idea for reverse dependencies to rely on a +potentially different source that can go out of sync. +--- + Makefile | 1 + + src/nlohmann/local.mk | 2 ++ + 2 files changed, 3 insertions(+) + create mode 100644 src/nlohmann/local.mk + +diff --git a/Makefile b/Makefile +index 5040d288485..e6ce50cbdb7 100644 +--- a/Makefile ++++ b/Makefile +@@ -10,6 +10,7 @@ makefiles = \ + src/libexpr/local.mk \ + src/libcmd/local.mk \ + src/nix/local.mk \ ++ src/nlohmann/local.mk \ + src/resolve-system-dependencies/local.mk \ + scripts/local.mk \ + misc/bash/local.mk \ +diff --git a/src/nlohmann/local.mk b/src/nlohmann/local.mk +new file mode 100644 +index 00000000000..63c427e000e +--- /dev/null ++++ b/src/nlohmann/local.mk +@@ -0,0 +1,2 @@ ++$(foreach i, $(wildcard src/nlohmann/*.hpp), \ ++ $(eval $(call install-file-in, $(i), $(includedir)/nlohmann, 0644))) |