25cb1a6343
Honestly could probably use busybox here instead, but at least with utillinuxMinimal there's no build-time dependency on systemd.
73 lines
1.5 KiB
Nix
73 lines
1.5 KiB
Nix
{ pkgs }:
|
|
|
|
with pkgs;
|
|
|
|
rec {
|
|
# Use "busybox-sandbox-shell" if present,
|
|
# if not (legacy) fallback and hope it's sufficient.
|
|
sh = pkgs.busybox-sandbox-shell or (busybox.override {
|
|
useMusl = true;
|
|
enableStatic = true;
|
|
enableMinimal = true;
|
|
extraConfig = ''
|
|
CONFIG_FEATURE_FANCY_ECHO y
|
|
CONFIG_FEATURE_SH_MATH y
|
|
CONFIG_FEATURE_SH_MATH_64 y
|
|
|
|
CONFIG_ASH y
|
|
CONFIG_ASH_OPTIMIZE_FOR_SIZE y
|
|
|
|
CONFIG_ASH_ALIAS y
|
|
CONFIG_ASH_BASH_COMPAT y
|
|
CONFIG_ASH_CMDCMD y
|
|
CONFIG_ASH_ECHO y
|
|
CONFIG_ASH_GETOPTS y
|
|
CONFIG_ASH_INTERNAL_GLOB y
|
|
CONFIG_ASH_JOB_CONTROL y
|
|
CONFIG_ASH_PRINTF y
|
|
CONFIG_ASH_TEST y
|
|
'';
|
|
});
|
|
|
|
configureFlags =
|
|
[ "--disable-init-state"
|
|
"--enable-gc"
|
|
] ++ lib.optionals stdenv.isLinux [
|
|
"--with-sandbox-shell=${sh}/bin/busybox"
|
|
];
|
|
|
|
tarballDeps =
|
|
[ bison
|
|
flex
|
|
libxml2
|
|
libxslt
|
|
docbook5
|
|
docbook5_xsl
|
|
autoconf-archive
|
|
autoreconfHook
|
|
];
|
|
|
|
buildDeps =
|
|
[ curl
|
|
bzip2 xz brotli
|
|
openssl pkgconfig sqlite boehmgc
|
|
boost
|
|
|
|
# Tests
|
|
git
|
|
mercurial
|
|
]
|
|
++ lib.optionals stdenv.isLinux [libseccomp utillinuxMinimal]
|
|
++ lib.optional (stdenv.isLinux || stdenv.isDarwin) libsodium
|
|
++ lib.optional (stdenv.isLinux || stdenv.isDarwin)
|
|
(aws-sdk-cpp.override {
|
|
apis = ["s3" "transfer"];
|
|
customMemoryManagement = false;
|
|
});
|
|
|
|
perlDeps =
|
|
[ perl
|
|
perlPackages.DBDSQLite
|
|
];
|
|
}
|