Commit graph

3414 commits

Author SHA1 Message Date
Eelco Dolstra 74ca70da3a Add 'mk/' from commit '1eff3ad37fdb9dcf9f8528fdacea0ebf0e79d545'
git-subtree-dir: mk
git-subtree-mainline: 6ef32bddc1
git-subtree-split: 1eff3ad37f
2014-02-01 14:38:28 +01:00
Eelco Dolstra 6ef32bddc1 Fix "make dist" 2014-02-01 14:38:12 +01:00
Eelco Dolstra 1eff3ad37f Add missing file 2014-02-01 14:36:44 +01:00
Eelco Dolstra 6f8aa145d4 Improve "make dist" 2014-02-01 14:22:08 +01:00
Eelco Dolstra 0c6d62cf27 Remove Automakefiles 2014-02-01 13:54:38 +01:00
Eelco Dolstra 16e7d69209 Update Makefile variable names 2014-02-01 13:54:38 +01:00
Eelco Dolstra ec1738589a Make variable names more regular 2014-02-01 12:20:06 +01:00
Eelco Dolstra 35107038f7 Support adding "make help" text 2014-02-01 11:47:34 +01:00
Eelco Dolstra f324b49ea1 Change dependency file names from foo.dep to .foo.o.dep 2014-02-01 11:31:25 +01:00
Eelco Dolstra ac8c2ef1aa Build/install manual 2014-02-01 11:30:21 +01:00
Eelco Dolstra 4271927c5b Add support for installing man-pages 2014-01-31 15:33:12 +01:00
Eelco Dolstra e0234dfddc Rename Makefile -> local.mk 2014-01-30 12:11:06 +01:00
Eelco Dolstra 4a2ec9c659 Install nix-worker symlink 2014-01-30 12:08:26 +01:00
Eelco Dolstra 5311b2b250 Clang doesn't know the "-z defs" flag 2014-01-23 10:49:53 +01:00
Eelco Dolstra 94f9c14d52 Fix some clang warnings 2014-01-21 18:29:55 +01:00
Eelco Dolstra a26307b281 Fix build 2014-01-21 17:39:19 +01:00
Eelco Dolstra 625ffd441d Ugly hack to fix building with clang 2014-01-21 16:38:03 +01:00
Eelco Dolstra 68cde53c47 Fix building against Bison 3.0.2 2014-01-21 15:34:04 +01:00
Eelco Dolstra 81628a6ccc Merge branch 'master' into make
Conflicts:
	src/libexpr/eval.cc
2014-01-21 15:30:01 +01:00
Eelco Dolstra 5ef8508a92 Remove unused type 2014-01-21 15:11:57 +01:00
Eelco Dolstra c8fff6a77f Fix evaluation 2014-01-21 15:09:59 +01:00
Eelco Dolstra 0e2ca26818 nix.spec: Remove "make check" since it's a no-op 2014-01-20 14:23:07 +01:00
Eelco Dolstra 0f2f44bb0f Build Fedora 20 RPMs 2014-01-20 14:22:59 +01:00
Eelco Dolstra bf0ad8aabc nix-profile.sh: Add the Nixpkgs channel to $NIX_PATH 2014-01-15 14:34:49 +01:00
Shea Levy f5e5793cd2 Bare dynamic attrs: Match interpolation semantics
Signed-off-by: Shea Levy <shea@shealevy.com>
2014-01-14 14:00:15 +01:00
Shea Levy f9913f4422 Allow "bare" dynamic attrs
Now, in addition to a."${b}".c, you can write a.${b}.c (applicable
wherever dynamic attributes are valid).

Signed-off-by: Shea Levy <shea@shealevy.com>
2014-01-14 14:00:15 +01:00
Eelco Dolstra e640d67144 Document nulls 2014-01-13 13:50:12 +01:00
Eelco Dolstra f1357059a4 nix-shell: Don't set NIX_INDENT_MAKE
It generally is not useful in interactive environments (and messes up
some non-ANSI-compliant terminals).
2014-01-13 13:46:44 +01:00
Eelco Dolstra ea59f39326 nix-shell: Set $IN_NIX_SHELL before evaluating 2014-01-13 13:43:31 +01:00
Eelco Dolstra ca73c0102f Nicer Make output
E.g.

  CXX    src/nix-log2xml/log2xml.o
  CC     src/bsdiff-4.3/bsdiff.o
  GEN    scripts/nix-channel
  LD     src/libmain/libnixmain.so
2014-01-10 22:31:38 +01:00
Eelco Dolstra e991ab942b Add support for building shared libraries on Mac OS X 2014-01-09 22:14:34 +01:00
Eelco Dolstra b1db599dd0 Generate schema.sql.hh 2014-01-09 22:10:35 +01:00
Eelco Dolstra cf918b889b Handle systems where "echo -n" doesn't work 2014-01-09 17:33:55 +01:00
Eelco Dolstra 70d8e8fdde Declare template_files as a simply expanded variable 2014-01-09 16:57:38 +01:00
Eelco Dolstra 814a73227f Remove duplicate elements from *_SOURCES
This is useful when you do:

  foo_SOURCES := $(wildcard *.cc) foo.cc

where foo.cc is a generated file.  In this case, if foo.cc already
exists, you get foo.cc twice in foo_SOURCES, leading to a link error.
2014-01-09 16:54:01 +01:00
Eelco Dolstra b4c684e0f9 Update Makefiles 2014-01-09 16:53:47 +01:00
Eelco Dolstra 568b1b0a8a Remove mk subdirectory in preparation for "git subtree" 2014-01-09 16:15:16 +01:00
Eelco Dolstra 55c9a40613 Move stuff to top-level
This makes it easier to use with "git subtree".
2014-01-09 16:12:02 +01:00
Eelco Dolstra f4013b6189 Fix signed-binary-caches test 2014-01-08 17:57:22 +01:00
Eelco Dolstra ea38e39a20 Test whether Nix correctly checks the hash of downloaded NARs 2014-01-08 17:56:30 +01:00
Eelco Dolstra 11cb4bfb25 Fix checking of NAR hashes
*headdesk*
*headdesk*
*headdesk*

So since commit 22144afa8d, Nix hasn't
actually checked whether the content of a downloaded NAR matches the
hash specified in the manifest / NAR info file.  Urghhh...
2014-01-08 17:35:49 +01:00
Eelco Dolstra 0fdf4da0e9 Support cryptographically signed binary caches
NAR info files in binary caches can now have a cryptographic signature
that Nix will verify before using the corresponding NAR file.

To create a private/public key pair for signing and verifying a binary
cache, do:

  $ openssl genrsa -out ./cache-key.sec 2048
  $ openssl rsa -in ./cache-key.sec -pubout > ./cache-key.pub

You should also come up with a symbolic name for the key, such as
"cache.example.org-1".  This will be used by clients to look up the
public key.  (It's a good idea to number keys, in case you ever need
to revoke/replace one.)

To create a binary cache signed with the private key:

  $ nix-push --dest /path/to/binary-cache --key ./cache-key.sec --key-name cache.example.org-1

The public key (cache-key.pub) should be distributed to the clients.
They should have a nix.conf should contain something like:

  signed-binary-caches = *
  binary-cache-public-key-cache.example.org-1 = /path/to/cache-key.pub

If all works well, then if Nix fetches something from the signed
binary cache, you will see a message like:

  *** Downloading ‘http://cache.example.org/nar/7dppcj5sc1nda7l54rjc0g5l1hamj09j-subversion-1.7.11’ (signed by ‘cache.example.org-1’) to ‘/nix/store/7dppcj5sc1nda7l54rjc0g5l1hamj09j-subversion-1.7.11’...

On the other hand, if the signature is wrong, you get a message like

  NAR info file `http://cache.example.org/7dppcj5sc1nda7l54rjc0g5l1hamj09j.narinfo' has an invalid signature; ignoring

Signatures are implemented as a single line appended to the NAR info
file, which looks like this:

  Signature: 1;cache.example.org-1;HQ9Xzyanq9iV...muQ==

Thus the signature has 3 fields: a version (currently "1"), the ID of
key, and the base64-encoded signature of the SHA-256 hash of the
contents of the NAR info file up to but not including the Signature
line.

Issue #75.
2014-01-08 15:42:53 +01:00
Eelco Dolstra 405434e084 Revert "nix-shell: Set $IN_NIX_SHELL before evaluation"
This reverts commit 0c1198cf08.
2014-01-06 17:38:04 +01:00
Eelco Dolstra 7a61c88dbb Merge branch 'dynamic-attrs-no-sugar' of github.com:shlevy/nix 2014-01-06 15:46:18 +01:00
Domen Kožar 485f4740ee wording 2014-01-06 11:38:24 +01:00
Eelco Dolstra fe23e28f12 Disable FreeBSD tests for now
The FreeBSD machines in the build farm are currently unreachable.
2014-01-06 11:35:42 +01:00
Eelco Dolstra 4252b5a645 Disable the tail call test
On i686-linux, GCC stubbornly refuses to do tail-call optimisation.
Don't know why.

http://hydra.nixos.org/build/7300170
2014-01-06 11:32:22 +01:00
Shea Levy cd49fe4f9b Don't use any syntactic sugar for dynamic attrs
This doesn't change any functionality but moves some behavior out of the
parser and into the evaluator in order to simplify the code.

Signed-off-by: Shea Levy <shea@shealevy.com>
2013-12-31 23:56:26 +00:00
Shea Levy 6f3a51809a Fold dynamic binds handling into addAttr
Since addAttr has to iterate through the AttrPath we pass it, it makes
more sense to just iterate through the AttrNames in addAttr instead. As
an added bonus, this allows attrsets where two dynamic attribute paths
have the same static leading part (see added test case for an example
that failed previously).

Signed-off-by: Shea Levy <shea@shealevy.com>
2013-12-31 17:57:10 -05:00
Shea Levy 18fefacf7d Dynamic attrs
This adds new syntax for attribute names:

* attrs."${name}" => getAttr name attrs
* attrs ? "${name}" => isAttrs attrs && hasAttr attrs name
* attrs."${name}" or def => if attrs ? "${name}" then attrs."${name}" else def
* { "${name}" = value; } => listToAttrs [{ inherit name value; }]

Of course, it's a bit more complicated than that. The attribute chains
can be arbitrarily long and contain combinations of static and dynamic
parts (e.g. attrs."${foo}".bar."${baz}" or qux), which is relatively
straightforward for the getAttrs/hasAttrs cases but is more complex for
the listToAttrs case due to rules about duplicate attribute definitions.

For attribute sets with dynamic attribute names, duplicate static
attributes are detected at parse time while duplicate dynamic attributes
are detected when the attribute set is forced. So, for example, { a =
null; a.b = null; "${"c"}" = true; } will be a parse-time error, while
{ a = {}; "${"a"}".b = null; c = true; } will be an eval-time error
(technically that case could theoretically be detected at parse time,
but the general case would require full evaluation). Moreover, duplicate
dynamic attributes are not allowed even in cases where they would be
with static attributes ({ a.b.d = true; a.b.c = false; } is legal, but {
a."${"b"}".d = true; a."${"b"}".c = false; } is not). This restriction
might be relaxed in the future in cases where the static variant would
not be an error, but it is not obvious that that is desirable.

Finally, recursive attribute sets with dynamic attributes have the
static attributes in scope but not the dynamic ones. So rec { a = true;
"${"b"}" = a; } is equivalent to { a = true; b = true; } but rec {
"${"a"}" = true; b = a; } would be an error or use a from the
surrounding scope if it exists.

Note that the getAttr, getAttr or default, and hasAttr are all
implemented purely in the parser as syntactic sugar, while attribute
sets with dynamic attribute names required changes to the AST to be
implemented cleanly.

This is an alternative solution to and closes #167

Signed-off-by: Shea Levy <shea@shealevy.com>
2013-12-31 20:59:49 +00:00