forked from lix-project/lix
Compare commits
3 commits
main
...
sb/fuck/wh
Author | SHA1 | Date | |
---|---|---|---|
Rebecca Turner | cf89bfc499 | ||
Rebecca Turner | e7316a8e99 | ||
Rebecca Turner | 7b3ef56094 |
|
@ -48,4 +48,3 @@ PointerAlignment: Middle
|
|||
SortIncludes: Never
|
||||
SpaceAfterCStyleCast: true
|
||||
SpaceAfterTemplateKeyword: false
|
||||
|
||||
|
|
1
.github/workflows/hydra_status.yml
vendored
1
.github/workflows/hydra_status.yml
vendored
|
@ -17,4 +17,3 @@ jobs:
|
|||
with:
|
||||
fetch-depth: 0
|
||||
- run: bash scripts/check-hydra-status.sh
|
||||
|
||||
|
|
2
.gitignore
vendored
2
.gitignore
vendored
|
@ -159,3 +159,5 @@ result-*
|
|||
buildtime.bin
|
||||
|
||||
.envrc.local
|
||||
# We generate this with a Nix shell hook
|
||||
/.pre-commit-config.yaml
|
||||
|
|
22
COPYING
22
COPYING
|
@ -55,7 +55,7 @@ modified by someone else and passed on, the recipients should know
|
|||
that what they have is not the original version, so that the original
|
||||
author's reputation will not be affected by problems that might be
|
||||
introduced by others.
|
||||
|
||||
|
||||
Finally, software patents pose a constant threat to the existence of
|
||||
any free program. We wish to make sure that a company cannot
|
||||
effectively restrict the users of a free program by obtaining a
|
||||
|
@ -111,7 +111,7 @@ modification follow. Pay close attention to the difference between a
|
|||
"work based on the library" and a "work that uses the library". The
|
||||
former contains code derived from the library, whereas the latter must
|
||||
be combined with the library in order to run.
|
||||
|
||||
|
||||
GNU LESSER GENERAL PUBLIC LICENSE
|
||||
TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
|
||||
|
||||
|
@ -146,7 +146,7 @@ such a program is covered only if its contents constitute a work based
|
|||
on the Library (independent of the use of the Library in a tool for
|
||||
writing it). Whether that is true depends on what the Library does
|
||||
and what the program that uses the Library does.
|
||||
|
||||
|
||||
1. You may copy and distribute verbatim copies of the Library's
|
||||
complete source code as you receive it, in any medium, provided that
|
||||
you conspicuously and appropriately publish on each copy an
|
||||
|
@ -158,7 +158,7 @@ Library.
|
|||
You may charge a fee for the physical act of transferring a copy,
|
||||
and you may at your option offer warranty protection in exchange for a
|
||||
fee.
|
||||
|
||||
|
||||
2. You may modify your copy or copies of the Library or any portion
|
||||
of it, thus forming a work based on the Library, and copy and
|
||||
distribute such modifications or work under the terms of Section 1
|
||||
|
@ -216,7 +216,7 @@ instead of to this License. (If a newer version than version 2 of the
|
|||
ordinary GNU General Public License has appeared, then you can specify
|
||||
that version instead if you wish.) Do not make any other change in
|
||||
these notices.
|
||||
|
||||
|
||||
Once this change is made in a given copy, it is irreversible for
|
||||
that copy, so the ordinary GNU General Public License applies to all
|
||||
subsequent copies and derivative works made from that copy.
|
||||
|
@ -267,7 +267,7 @@ Library will still fall under Section 6.)
|
|||
distribute the object code for the work under the terms of Section 6.
|
||||
Any executables containing that work also fall under Section 6,
|
||||
whether or not they are linked directly with the Library itself.
|
||||
|
||||
|
||||
6. As an exception to the Sections above, you may also combine or
|
||||
link a "work that uses the Library" with the Library to produce a
|
||||
work containing portions of the Library, and distribute that work
|
||||
|
@ -329,7 +329,7 @@ restrictions of other proprietary libraries that do not normally
|
|||
accompany the operating system. Such a contradiction means you cannot
|
||||
use both them and the Library together in an executable that you
|
||||
distribute.
|
||||
|
||||
|
||||
7. You may place library facilities that are a work based on the
|
||||
Library side-by-side in a single library together with other library
|
||||
facilities not covered by this License, and distribute such a combined
|
||||
|
@ -370,7 +370,7 @@ subject to these terms and conditions. You may not impose any further
|
|||
restrictions on the recipients' exercise of the rights granted herein.
|
||||
You are not responsible for enforcing compliance by third parties with
|
||||
this License.
|
||||
|
||||
|
||||
11. If, as a consequence of a court judgment or allegation of patent
|
||||
infringement or for any other reason (not limited to patent issues),
|
||||
conditions are imposed on you (whether by court order, agreement or
|
||||
|
@ -422,7 +422,7 @@ conditions either of that version or of any later version published by
|
|||
the Free Software Foundation. If the Library does not specify a
|
||||
license version number, you may choose any version ever published by
|
||||
the Free Software Foundation.
|
||||
|
||||
|
||||
14. If you wish to incorporate parts of the Library into other free
|
||||
programs whose distribution conditions are incompatible with these,
|
||||
write to the author to ask for permission. For software which is
|
||||
|
@ -456,7 +456,7 @@ SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH
|
|||
DAMAGES.
|
||||
|
||||
END OF TERMS AND CONDITIONS
|
||||
|
||||
|
||||
How to Apply These Terms to Your New Libraries
|
||||
|
||||
If you develop a new library, and you want it to be of the greatest
|
||||
|
@ -500,5 +500,3 @@ necessary. Here is a sample; alter the names:
|
|||
Ty Coon, President of Vice
|
||||
|
||||
That's all there is to it!
|
||||
|
||||
|
||||
|
|
|
@ -9,7 +9,7 @@ index 0468aaec..b348d869 100644
|
|||
+ size_t stack_limit;
|
||||
if (!EXPECT(GC_thr_initialized, TRUE))
|
||||
GC_thr_init();
|
||||
|
||||
|
||||
@@ -411,6 +412,19 @@ GC_INNER void GC_push_all_stacks(void)
|
||||
GC_push_all_stack_sections(lo, hi, p->traced_stack_sect);
|
||||
}
|
||||
|
@ -37,7 +37,7 @@ index edab6c22..f2c61282 100644
|
|||
@@ -2172,6 +2172,11 @@ GC_API void GC_CALL GC_win32_free_heap(void);
|
||||
(*GC_amiga_allocwrapper_do)(a,GC_malloc_atomic_ignore_off_page)
|
||||
#endif /* _AMIGA && !GC_AMIGA_MAKINGLIB */
|
||||
|
||||
|
||||
+#if !__APPLE__
|
||||
+/* Patch doesn't work on apple */
|
||||
+#define NIX_BOEHM_PATCH_VERSION 1
|
||||
|
|
|
@ -3,7 +3,7 @@ index 597c7f13..587286be 100644
|
|||
--- a/include/gc_allocator.h
|
||||
+++ b/include/gc_allocator.h
|
||||
@@ -312,6 +312,7 @@ public:
|
||||
|
||||
|
||||
template<>
|
||||
class traceable_allocator<void> {
|
||||
+public:
|
||||
|
|
19
default.nix
19
default.nix
|
@ -1,10 +1,9 @@
|
|||
(import
|
||||
(
|
||||
let lock = builtins.fromJSON (builtins.readFile ./flake.lock); in
|
||||
fetchTarball {
|
||||
url = "https://github.com/edolstra/flake-compat/archive/${lock.nodes.flake-compat.locked.rev}.tar.gz";
|
||||
sha256 = lock.nodes.flake-compat.locked.narHash;
|
||||
}
|
||||
)
|
||||
{ src = ./.; }
|
||||
).defaultNix
|
||||
(import (
|
||||
let
|
||||
lock = builtins.fromJSON (builtins.readFile ./flake.lock);
|
||||
in
|
||||
fetchTarball {
|
||||
url = "https://github.com/edolstra/flake-compat/archive/${lock.nodes.flake-compat.locked.rev}.tar.gz";
|
||||
sha256 = lock.nodes.flake-compat.locked.narHash;
|
||||
}
|
||||
) { src = ./.; }).defaultNix
|
||||
|
|
0
doc/manual/anchors.jq
Executable file → Normal file
0
doc/manual/anchors.jq
Executable file → Normal file
|
@ -2,10 +2,15 @@ let
|
|||
inherit (builtins) concatStringsSep attrValues mapAttrs;
|
||||
inherit (import ./utils.nix) optionalString squash;
|
||||
in
|
||||
|
||||
builtinsInfo:
|
||||
let
|
||||
showBuiltin = name: { doc, type, impure-only }:
|
||||
showBuiltin =
|
||||
name:
|
||||
{
|
||||
doc,
|
||||
type,
|
||||
impure-only,
|
||||
}:
|
||||
let
|
||||
type' = optionalString (type != null) " (${type})";
|
||||
|
||||
|
|
|
@ -2,10 +2,16 @@ let
|
|||
inherit (builtins) concatStringsSep attrValues mapAttrs;
|
||||
inherit (import ./utils.nix) optionalString squash;
|
||||
in
|
||||
|
||||
builtinsInfo:
|
||||
let
|
||||
showBuiltin = name: { doc, args, arity, experimental-feature }:
|
||||
showBuiltin =
|
||||
name:
|
||||
{
|
||||
doc,
|
||||
args,
|
||||
arity,
|
||||
experimental-feature,
|
||||
}:
|
||||
let
|
||||
experimentalNotice = optionalString (experimental-feature != null) ''
|
||||
This function is only available if the [${experimental-feature}](@docroot@/contributing/experimental-features.md#xp-feature-${experimental-feature}) experimental feature is enabled.
|
||||
|
|
|
@ -1,19 +1,39 @@
|
|||
let
|
||||
inherit (builtins)
|
||||
attrNames attrValues fromJSON listToAttrs mapAttrs
|
||||
concatStringsSep concatMap length lessThan replaceStrings sort;
|
||||
inherit (import ./utils.nix) concatStrings optionalString filterAttrs trim squash unique showSettings;
|
||||
attrNames
|
||||
attrValues
|
||||
fromJSON
|
||||
listToAttrs
|
||||
mapAttrs
|
||||
concatStringsSep
|
||||
concatMap
|
||||
length
|
||||
lessThan
|
||||
replaceStrings
|
||||
sort
|
||||
;
|
||||
inherit (import ./utils.nix)
|
||||
concatStrings
|
||||
optionalString
|
||||
filterAttrs
|
||||
trim
|
||||
squash
|
||||
unique
|
||||
showSettings
|
||||
;
|
||||
in
|
||||
|
||||
inlineHTML: commandDump:
|
||||
|
||||
let
|
||||
|
||||
commandInfo = fromJSON commandDump;
|
||||
|
||||
showCommand = { command, details, filename, toplevel }:
|
||||
showCommand =
|
||||
{
|
||||
command,
|
||||
details,
|
||||
filename,
|
||||
toplevel,
|
||||
}:
|
||||
let
|
||||
|
||||
result = ''
|
||||
> **Warning** \
|
||||
> This program is
|
||||
|
@ -35,26 +55,27 @@ let
|
|||
${maybeOptions}
|
||||
'';
|
||||
|
||||
showSynopsis = command: args:
|
||||
showSynopsis =
|
||||
command: args:
|
||||
let
|
||||
showArgument = arg: "*${arg.label}*" + optionalString (! arg ? arity) "...";
|
||||
showArgument = arg: "*${arg.label}*" + optionalString (!arg ? arity) "...";
|
||||
arguments = concatStringsSep " " (map showArgument args);
|
||||
in ''
|
||||
`${command}` [*option*...] ${arguments}
|
||||
in
|
||||
''
|
||||
`${command}` [*option*...] ${arguments}
|
||||
'';
|
||||
|
||||
maybeSubcommands = optionalString (details ? commands && details.commands != {})
|
||||
''
|
||||
where *subcommand* is one of the following:
|
||||
maybeSubcommands = optionalString (details ? commands && details.commands != { }) ''
|
||||
where *subcommand* is one of the following:
|
||||
|
||||
${subcommands}
|
||||
'';
|
||||
${subcommands}
|
||||
'';
|
||||
|
||||
subcommands = if length categories > 1
|
||||
then listCategories
|
||||
else listSubcommands details.commands;
|
||||
subcommands = if length categories > 1 then listCategories else listSubcommands details.commands;
|
||||
|
||||
categories = sort (x: y: x.id < y.id) (unique (map (cmd: cmd.category) (attrValues details.commands)));
|
||||
categories = sort (x: y: x.id < y.id) (
|
||||
unique (map (cmd: cmd.category) (attrValues details.commands))
|
||||
);
|
||||
|
||||
listCategories = concatStrings (map showCategory categories);
|
||||
|
||||
|
@ -71,11 +92,11 @@ let
|
|||
'';
|
||||
|
||||
# TODO: move this confusing special case out of here when implementing #8496
|
||||
maybeStoreDocs = optionalString
|
||||
(details ? doc)
|
||||
(replaceStrings ["@stores@"] [storeDocs] details.doc);
|
||||
maybeStoreDocs = optionalString (details ? doc) (
|
||||
replaceStrings [ "@stores@" ] [ storeDocs ] details.doc
|
||||
);
|
||||
|
||||
maybeOptions = optionalString (details.flags != {}) ''
|
||||
maybeOptions = optionalString (details.flags != { }) ''
|
||||
# Options
|
||||
|
||||
${showOptions details.flags toplevel.flags}
|
||||
|
@ -85,51 +106,70 @@ let
|
|||
> See [`man nix.conf`](@docroot@/command-ref/conf-file.md#command-line-flags) for overriding configuration settings with command line flags.
|
||||
'';
|
||||
|
||||
showOptions = options: commonOptions:
|
||||
showOptions =
|
||||
options: commonOptions:
|
||||
let
|
||||
allOptions = options // commonOptions;
|
||||
showCategory = cat: ''
|
||||
${optionalString (cat != "") "**${cat}:**"}
|
||||
|
||||
${listOptions (filterAttrs (n: v: v.category == cat) allOptions)}
|
||||
'';
|
||||
'';
|
||||
listOptions = opts: concatStringsSep "\n" (attrValues (mapAttrs showOption opts));
|
||||
showOption = name: option:
|
||||
showOption =
|
||||
name: option:
|
||||
let
|
||||
result = trim ''
|
||||
- ${item}
|
||||
${option.description}
|
||||
'';
|
||||
item = if inlineHTML
|
||||
then ''<span id="opt-${name}">[`--${name}`](#opt-${name})</span> ${shortName} ${labels}''
|
||||
else "`--${name}` ${shortName} ${labels}";
|
||||
shortName = optionalString
|
||||
(option ? shortName)
|
||||
("/ `-${option.shortName}`");
|
||||
labels = optionalString
|
||||
(option ? labels)
|
||||
(concatStringsSep " " (map (s: "*${s}*") option.labels));
|
||||
in result;
|
||||
item =
|
||||
if inlineHTML then
|
||||
''<span id="opt-${name}">[`--${name}`](#opt-${name})</span> ${shortName} ${labels}''
|
||||
else
|
||||
"`--${name}` ${shortName} ${labels}";
|
||||
shortName = optionalString (option ? shortName) "/ `-${option.shortName}`";
|
||||
labels = optionalString (option ? labels) (concatStringsSep " " (map (s: "*${s}*") option.labels));
|
||||
in
|
||||
result;
|
||||
categories = sort lessThan (unique (map (cmd: cmd.category) (attrValues allOptions)));
|
||||
in concatStrings (map showCategory categories);
|
||||
in squash result;
|
||||
in
|
||||
concatStrings (map showCategory categories);
|
||||
in
|
||||
squash result;
|
||||
|
||||
appendName = filename: name: (if filename == "nix" then "nix3" else filename) + "-" + name;
|
||||
|
||||
processCommand = { command, details, filename, toplevel }:
|
||||
processCommand =
|
||||
{
|
||||
command,
|
||||
details,
|
||||
filename,
|
||||
toplevel,
|
||||
}:
|
||||
let
|
||||
cmd = {
|
||||
inherit command;
|
||||
name = filename + ".md";
|
||||
value = showCommand { inherit command details filename toplevel; };
|
||||
value = showCommand {
|
||||
inherit
|
||||
command
|
||||
details
|
||||
filename
|
||||
toplevel
|
||||
;
|
||||
};
|
||||
};
|
||||
subcommand = subCmd: processCommand {
|
||||
command = command + " " + subCmd;
|
||||
details = details.commands.${subCmd};
|
||||
filename = appendName filename subCmd;
|
||||
inherit toplevel;
|
||||
};
|
||||
in [ cmd ] ++ concatMap subcommand (attrNames details.commands or {});
|
||||
subcommand =
|
||||
subCmd:
|
||||
processCommand {
|
||||
command = command + " " + subCmd;
|
||||
details = details.commands.${subCmd};
|
||||
filename = appendName filename subCmd;
|
||||
inherit toplevel;
|
||||
};
|
||||
in
|
||||
[ cmd ] ++ concatMap subcommand (attrNames details.commands or { });
|
||||
|
||||
manpages = processCommand {
|
||||
command = "nix";
|
||||
|
@ -138,14 +178,21 @@ let
|
|||
toplevel = commandInfo.args;
|
||||
};
|
||||
|
||||
tableOfContents = let
|
||||
showEntry = page:
|
||||
" - [${page.command}](command-ref/new-cli/${page.name})";
|
||||
in concatStringsSep "\n" (map showEntry manpages) + "\n";
|
||||
tableOfContents =
|
||||
let
|
||||
showEntry = page: " - [${page.command}](command-ref/new-cli/${page.name})";
|
||||
in
|
||||
concatStringsSep "\n" (map showEntry manpages) + "\n";
|
||||
|
||||
storeDocs =
|
||||
let
|
||||
showStore = name: { settings, doc, experimentalFeature }:
|
||||
showStore =
|
||||
name:
|
||||
{
|
||||
settings,
|
||||
doc,
|
||||
experimentalFeature,
|
||||
}:
|
||||
let
|
||||
experimentalFeatureNote = optionalString (experimentalFeature != null) ''
|
||||
> **Warning**
|
||||
|
@ -161,7 +208,8 @@ let
|
|||
extra-experimental-features = ${experimentalFeature}
|
||||
```
|
||||
'';
|
||||
in ''
|
||||
in
|
||||
''
|
||||
## ${name}
|
||||
|
||||
${doc}
|
||||
|
@ -172,6 +220,7 @@ let
|
|||
|
||||
${showSettings { inherit inlineHTML; } settings}
|
||||
'';
|
||||
in concatStrings (attrValues (mapAttrs showStore commandInfo.stores));
|
||||
|
||||
in (listToAttrs manpages) // { "SUMMARY.md" = tableOfContents; }
|
||||
in
|
||||
concatStrings (attrValues (mapAttrs showStore commandInfo.stores));
|
||||
in
|
||||
(listToAttrs manpages) // { "SUMMARY.md" = tableOfContents; }
|
||||
|
|
|
@ -1,9 +1,8 @@
|
|||
with builtins;
|
||||
with import ./utils.nix;
|
||||
|
||||
let
|
||||
showExperimentalFeature = name: doc:
|
||||
''
|
||||
- [`${name}`](@docroot@/contributing/experimental-features.md#xp-feature-${name})
|
||||
'';
|
||||
in xps: indent " " (concatStrings (attrValues (mapAttrs showExperimentalFeature xps)))
|
||||
showExperimentalFeature = name: doc: ''
|
||||
- [`${name}`](@docroot@/contributing/experimental-features.md#xp-feature-${name})
|
||||
'';
|
||||
in
|
||||
xps: indent " " (concatStrings (attrValues (mapAttrs showExperimentalFeature xps)))
|
||||
|
|
|
@ -1,11 +1,12 @@
|
|||
with builtins;
|
||||
with import ./utils.nix;
|
||||
|
||||
let
|
||||
showExperimentalFeature = name: doc:
|
||||
showExperimentalFeature =
|
||||
name: doc:
|
||||
squash ''
|
||||
## [`${name}`]{#xp-feature-${name}}
|
||||
|
||||
${doc}
|
||||
'';
|
||||
in xps: (concatStringsSep "\n" (attrValues (mapAttrs showExperimentalFeature xps)))
|
||||
in
|
||||
xps: (concatStringsSep "\n" (attrValues (mapAttrs showExperimentalFeature xps)))
|
||||
|
|
|
@ -37,4 +37,3 @@ error:
|
|||
|
||||
error: uh oh!
|
||||
```
|
||||
|
||||
|
|
|
@ -27,4 +27,3 @@
|
|||
/package-management/channels* /command-ref/nix-channel 301!
|
||||
|
||||
/package-management/s3-substituter* /command-ref/new-cli/nix3-help-stores#s3-binary-cache-store 301!
|
||||
|
||||
|
|
|
@ -102,13 +102,13 @@ In particular, notice the
|
|||
has copied the build results to that directory where you can examine it.
|
||||
|
||||
> []{#check-dirs-are-unregistered} **Note**
|
||||
>
|
||||
>
|
||||
> Check paths are not protected against garbage collection, and this
|
||||
> path will be deleted on the next garbage collection.
|
||||
>
|
||||
>
|
||||
> The path is guaranteed to be alive for the duration of
|
||||
> the `diff-hook`'s execution, but may be deleted any time after.
|
||||
>
|
||||
>
|
||||
> If the comparison is performed as part of automated tooling, please
|
||||
> use the diff-hook or author your tooling to handle the case where the
|
||||
> build was not deterministic and also a check path does not exist.
|
||||
|
@ -117,7 +117,7 @@ has copied the build results to that directory where you can examine it.
|
|||
already. If the derivation has not been built Nix will fail with the
|
||||
error:
|
||||
|
||||
error: some outputs of '/nix/store/hzi1h60z2qf0nb85iwnpvrai3j2w7rr6-unstable.drv'
|
||||
error: some outputs of '/nix/store/hzi1h60z2qf0nb85iwnpvrai3j2w7rr6-unstable.drv'
|
||||
are not valid, so checking is not possible
|
||||
|
||||
Run the build without `--check`, and then try with `--check` again.
|
||||
|
|
|
@ -112,4 +112,3 @@ Build inputs used as instructions to a build task are marked accordingly:
|
|||
| |
|
||||
+--------------------------------------------------------------------+
|
||||
```
|
||||
|
||||
|
|
|
@ -67,4 +67,3 @@ Configuration options can be set on the command line, overriding the values set
|
|||
The `extra-` prefix is supported for settings that take a list of items (e.g. `--extra-trusted users alice` or `--option extra-trusted-users alice`).
|
||||
|
||||
# Available settings
|
||||
|
||||
|
|
|
@ -184,4 +184,3 @@ channel:
|
|||
```console
|
||||
$ nix-env --file https://github.com/NixOS/nixpkgs/archive/nixos-14.12.tar.gz --install --attr firefox
|
||||
```
|
||||
|
||||
|
|
|
@ -30,4 +30,3 @@ $ nix-env --list-generations
|
|||
97 2004-02-06 16:22:45
|
||||
98 2004-02-06 16:24:33 (current)
|
||||
```
|
||||
|
||||
|
|
|
@ -212,4 +212,3 @@ To show all packages in the latest revision of the Nixpkgs repository:
|
|||
```console
|
||||
$ nix-env --file https://github.com/NixOS/nixpkgs/archive/master.tar.gz --query --available
|
||||
```
|
||||
|
||||
|
|
|
@ -79,4 +79,3 @@ To make files from `binutils` take precedence over files from `gcc`:
|
|||
$ nix-env --set-flag priority 5 binutils
|
||||
$ nix-env --set-flag priority 10 gcc
|
||||
```
|
||||
|
||||
|
|
|
@ -27,4 +27,3 @@ contain just Firefox:
|
|||
```console
|
||||
$ nix-env --profile /nix/var/nix/profiles/browser --set firefox
|
||||
```
|
||||
|
||||
|
|
|
@ -30,4 +30,3 @@ Switching will fail if the specified generation does not exist.
|
|||
$ nix-env --switch-generation 42
|
||||
switching from generation 50 to 42
|
||||
```
|
||||
|
||||
|
|
|
@ -138,4 +138,3 @@ This is illustrated by the following examples:
|
|||
2.3a < 2.3c
|
||||
2.3pre1 < 2.3c
|
||||
2.3pre1 < 2.3q
|
||||
|
||||
|
|
|
@ -32,4 +32,3 @@ This operation has the following options:
|
|||
$ nix-store --add-fixed sha256 ./hello-2.10.tar.gz
|
||||
/nix/store/3x7dwzq014bblazs7kq20p9hyzz0qh8g-hello-2.10.tar.gz
|
||||
```
|
||||
|
||||
|
|
|
@ -69,4 +69,3 @@ To delete at least 100 MiBs of unreachable paths:
|
|||
```console
|
||||
$ nix-store --gc --max-freed $((100 * 1024 * 1024))
|
||||
```
|
||||
|
||||
|
|
|
@ -33,4 +33,3 @@ The following options are allowed for all `nix-store` operations, but may not al
|
|||
If there are multiple results, then multiple symlinks will be
|
||||
created by sequentially numbering symlinks beyond the first one
|
||||
(e.g., `foo`, `foo-2`, `foo-3`, and so on).
|
||||
|
||||
|
|
|
@ -37,4 +37,3 @@ hashing files in `/nix/store/qhqx7l2f1kmwihc9bnxs7rc159hsxnf3-gcc-4.1.1'
|
|||
541838819 bytes (516.74 MiB) freed by hard-linking 54143 files;
|
||||
there are 114486 files with equal contents out of 215894 files in total
|
||||
```
|
||||
|
||||
|
|
|
@ -28,4 +28,3 @@ export stdenv; stdenv='/nix/store/7c8asx3yfrg5dg1gzhzyq2236zfgibnn-stdenv'
|
|||
export system; system='x86_64-linux'
|
||||
export _args; _args='-e /nix/store/9krlzvny65gdc8s7kpb6lkx8cd02c25c-default-builder.sh'
|
||||
```
|
||||
|
||||
|
|
|
@ -225,4 +225,3 @@ $ nix-store --query --roots $(which svn)
|
|||
/nix/var/nix/profiles/default-82-link
|
||||
/home/eelco/.local/state/nix/profiles/profile-97-link
|
||||
```
|
||||
|
||||
|
|
|
@ -35,4 +35,3 @@ ktorrent-2.2.1/
|
|||
ktorrent-2.2.1/NEWS
|
||||
...
|
||||
```
|
||||
|
||||
|
|
|
@ -32,4 +32,3 @@ $ nix-store --repair-path /nix/store/dj7a81wsm1ijwwpkks3725661h3263p5-glibc-2.13
|
|||
fetching path `/nix/store/d7a81wsm1ijwwpkks3725661h3263p5-glibc-2.13'...
|
||||
…
|
||||
```
|
||||
|
||||
|
|
|
@ -35,4 +35,3 @@ $ cat <<EOF >>/root/.ssh/authorized_keys
|
|||
command="nice -n20 nix-store --serve --write" ssh-rsa AAAAB3NzaC1yc2EAAAA...
|
||||
EOF
|
||||
```
|
||||
|
||||
|
|
|
@ -26,4 +26,3 @@ To verify the integrity of the `svn` command and all its dependencies:
|
|||
```console
|
||||
$ nix-store --verify-path $(nix-store --query --requisites $(which svn))
|
||||
```
|
||||
|
||||
|
|
|
@ -37,7 +37,7 @@ Most Nix commands accept the following command-line options:
|
|||
Print even more informational messages.
|
||||
|
||||
- `4` “Debug”
|
||||
|
||||
|
||||
Print debug information.
|
||||
|
||||
- `5` “Vomit”
|
||||
|
|
|
@ -289,4 +289,3 @@ search/replaced in it for each new build.
|
|||
The installer now supports a `--tarball-url-prefix` flag which _may_ have
|
||||
solved this need?
|
||||
-->
|
||||
|
||||
|
|
|
@ -21,7 +21,7 @@ Nix keeps its *store* (the place where packages are stored) in
|
|||
`--with-store-dir=path`.
|
||||
|
||||
> **Warning**
|
||||
>
|
||||
>
|
||||
> It is best *not* to change the Nix store from its default, since doing
|
||||
> so makes it impossible to use pre-built binaries from the standard
|
||||
> Nixpkgs channels — that is, all packages will need to be built from
|
||||
|
|
|
@ -14,7 +14,7 @@ builds) are forwarded to a *Nix daemon* running under the owner of the
|
|||
Nix store/database that performs the operation.
|
||||
|
||||
> **Note**
|
||||
>
|
||||
>
|
||||
> Multi-user mode has one important limitation: only root and a set of
|
||||
> trusted users specified in `nix.conf` can specify arbitrary binary
|
||||
> caches. So while unprivileged users may install packages from
|
||||
|
|
|
@ -145,4 +145,3 @@ which you may remove.
|
|||
> complete. macOS (Catalina+) directly controls root directories and its
|
||||
> read-only root will prevent you from manually deleting the empty `/nix`
|
||||
> mountpoint.
|
||||
|
||||
|
|
|
@ -146,65 +146,65 @@ three kinds of patterns:
|
|||
|
||||
- If a pattern is a single identifier, then the function matches any
|
||||
argument. Example:
|
||||
|
||||
|
||||
```nix
|
||||
let negate = x: !x;
|
||||
concat = x: y: x + y;
|
||||
in if negate true then concat "foo" "bar" else ""
|
||||
```
|
||||
|
||||
|
||||
Note that `concat` is a function that takes one argument and returns
|
||||
a function that takes another argument. This allows partial
|
||||
parameterisation (i.e., only filling some of the arguments of a
|
||||
function); e.g.,
|
||||
|
||||
|
||||
```nix
|
||||
map (concat "foo") [ "bar" "bla" "abc" ]
|
||||
```
|
||||
|
||||
|
||||
evaluates to `[ "foobar" "foobla" "fooabc" ]`.
|
||||
|
||||
- A *set pattern* of the form `{ name1, name2, …, nameN }` matches a
|
||||
set containing the listed attributes, and binds the values of those
|
||||
attributes to variables in the function body. For example, the
|
||||
function
|
||||
|
||||
|
||||
```nix
|
||||
{ x, y, z }: z + y + x
|
||||
```
|
||||
|
||||
|
||||
can only be called with a set containing exactly the attributes `x`,
|
||||
`y` and `z`. No other attributes are allowed. If you want to allow
|
||||
additional arguments, you can use an ellipsis (`...`):
|
||||
|
||||
|
||||
```nix
|
||||
{ x, y, z, ... }: z + y + x
|
||||
```
|
||||
|
||||
|
||||
This works on any set that contains at least the three named
|
||||
attributes.
|
||||
|
||||
|
||||
It is possible to provide *default values* for attributes, in
|
||||
which case they are allowed to be missing. A default value is
|
||||
specified by writing `name ? e`, where *e* is an arbitrary
|
||||
expression. For example,
|
||||
|
||||
|
||||
```nix
|
||||
{ x, y ? "foo", z ? "bar" }: z + y + x
|
||||
```
|
||||
|
||||
|
||||
specifies a function that only requires an attribute named `x`, but
|
||||
optionally accepts `y` and `z`.
|
||||
|
||||
- An `@`-pattern provides a means of referring to the whole value
|
||||
being matched:
|
||||
|
||||
|
||||
```nix
|
||||
args@{ x, y, z, ... }: z + y + x + args.a
|
||||
```
|
||||
|
||||
|
||||
but can also be written as:
|
||||
|
||||
|
||||
```nix
|
||||
{ x, y, z, ... } @ args: z + y + x + args.a
|
||||
```
|
||||
|
|
|
@ -24,22 +24,22 @@ the attributes of which specify the inputs of the build.
|
|||
|
||||
- Every attribute is passed as an environment variable to the builder.
|
||||
Attribute values are translated to environment variables as follows:
|
||||
|
||||
|
||||
- Strings and numbers are just passed verbatim.
|
||||
|
||||
|
||||
- A *path* (e.g., `../foo/sources.tar`) causes the referenced file
|
||||
to be copied to the store; its location in the store is put in
|
||||
the environment variable. The idea is that all sources should
|
||||
reside in the Nix store, since all inputs to a derivation should
|
||||
reside in the Nix store.
|
||||
|
||||
|
||||
- A *derivation* causes that derivation to be built prior to the
|
||||
present derivation; its default output path is put in the
|
||||
environment variable.
|
||||
|
||||
|
||||
- Lists of the previous types are also allowed. They are simply
|
||||
concatenated, separated by spaces.
|
||||
|
||||
|
||||
- `true` is passed as the string `1`, `false` and `null` are
|
||||
passed as an empty string.
|
||||
|
||||
|
@ -56,36 +56,36 @@ the attributes of which specify the inputs of the build.
|
|||
library doesn’t need the header files and documentation at runtime,
|
||||
and it doesn’t need the documentation at build time. Thus, the
|
||||
library package could specify:
|
||||
|
||||
|
||||
```nix
|
||||
outputs = [ "lib" "headers" "doc" ];
|
||||
```
|
||||
|
||||
|
||||
This will cause Nix to pass environment variables `lib`, `headers`
|
||||
and `doc` to the builder containing the intended store paths of each
|
||||
output. The builder would typically do something like
|
||||
|
||||
|
||||
```bash
|
||||
./configure \
|
||||
--libdir=$lib/lib \
|
||||
--includedir=$headers/include \
|
||||
--docdir=$doc/share/doc
|
||||
```
|
||||
|
||||
|
||||
for an Autoconf-style package. You can refer to each output of a
|
||||
derivation by selecting it as an attribute, e.g.
|
||||
|
||||
|
||||
```nix
|
||||
buildInputs = [ pkg.lib pkg.headers ];
|
||||
```
|
||||
|
||||
|
||||
The first element of `outputs` determines the *default output*.
|
||||
Thus, you could also write
|
||||
|
||||
|
||||
```nix
|
||||
buildInputs = [ pkg pkg.headers ];
|
||||
```
|
||||
|
||||
|
||||
since `pkg` is equivalent to `pkg.lib`.
|
||||
|
||||
The function `mkDerivation` in the Nixpkgs standard environment is a
|
||||
|
@ -103,24 +103,24 @@ The builder is executed as follows:
|
|||
specified above.
|
||||
|
||||
- In addition, the following variables are set:
|
||||
|
||||
|
||||
- `NIX_BUILD_TOP` contains the path of the temporary directory for
|
||||
this build.
|
||||
|
||||
|
||||
- Also, `TMPDIR`, `TEMPDIR`, `TMP`, `TEMP` are set to point to the
|
||||
temporary directory. This is to prevent the builder from
|
||||
accidentally writing temporary files anywhere else. Doing so
|
||||
might cause interference by other processes.
|
||||
|
||||
|
||||
- `PATH` is set to `/path-not-set` to prevent shells from
|
||||
initialising it to their built-in default value.
|
||||
|
||||
|
||||
- `HOME` is set to `/homeless-shelter` to prevent programs from
|
||||
using `/etc/passwd` or the like to find the user's home
|
||||
directory, which could cause impurity. Usually, when `HOME` is
|
||||
set, it is used as the location of the home directory, even if
|
||||
it points to a non-existent path.
|
||||
|
||||
|
||||
- `NIX_STORE` is set to the path of the top-level Nix store
|
||||
directory (typically, `/nix/store`).
|
||||
|
||||
|
@ -128,7 +128,7 @@ The builder is executed as follows:
|
|||
is set to `true` for the dervation. A detailed explanation of this
|
||||
behavior can be found in the
|
||||
[section about structured attrs](./advanced-attributes.md#adv-attr-structuredAttrs).
|
||||
|
||||
|
||||
- For each output declared in `outputs`, the corresponding
|
||||
environment variable is set to point to the intended path in the
|
||||
Nix store for that output. Each output path is a concatenation
|
||||
|
|
|
@ -161,4 +161,3 @@ All comparison operators are implemented in terms of `<`, and the following equi
|
|||
Equivalent to `!`*b1* `||` *b2*.
|
||||
|
||||
[Logical implication]: #logical-implication
|
||||
|
||||
|
|
|
@ -37,7 +37,7 @@ $ nix-channel --update
|
|||
```
|
||||
|
||||
> **Note**
|
||||
>
|
||||
>
|
||||
> On NixOS, you’re automatically subscribed to a NixOS channel
|
||||
> corresponding to your NixOS major release (e.g.
|
||||
> <http://nixos.org/channels/nixos-21.11>). A NixOS channel is identical
|
||||
|
@ -120,7 +120,7 @@ will install the package called `subversion` from `nixpkgs` channel (which is, o
|
|||
[Subversion version management system](http://subversion.tigris.org/)).
|
||||
|
||||
> **Note**
|
||||
>
|
||||
>
|
||||
> When you ask Nix to install a package, it will first try to get it in
|
||||
> pre-compiled form from a *binary cache*. By default, Nix will use the
|
||||
> binary cache <https://cache.nixos.org>; it contains binaries for most
|
||||
|
|
|
@ -16,7 +16,7 @@ it will fall back to using the binary cache substituter, and then to
|
|||
building from source.
|
||||
|
||||
> **Note**
|
||||
>
|
||||
>
|
||||
> The SSH substituter currently does not allow you to enter an SSH
|
||||
> passphrase interactively. Therefore, you should use `ssh-add` to load
|
||||
> the decrypted private key into `ssh-agent`.
|
||||
|
|
|
@ -1,67 +1,67 @@
|
|||
# Release 0.10 (2006-10-06)
|
||||
|
||||
> **Note**
|
||||
>
|
||||
>
|
||||
> This version of Nix uses Berkeley DB 4.4 instead of 4.3. The database
|
||||
> is upgraded automatically, but you should be careful not to use old
|
||||
> versions of Nix that still use Berkeley DB 4.3. In particular, if you
|
||||
> use a Nix installed through Nix, you should run
|
||||
>
|
||||
>
|
||||
> $ nix-store --clear-substitutes
|
||||
>
|
||||
>
|
||||
> first.
|
||||
|
||||
> **Warning**
|
||||
>
|
||||
>
|
||||
> Also, the database schema has changed slighted to fix a performance
|
||||
> issue (see below). When you run any Nix 0.10 command for the first
|
||||
> time, the database will be upgraded automatically. This is
|
||||
> irreversible.
|
||||
|
||||
- `nix-env` usability improvements:
|
||||
|
||||
|
||||
- An option `--compare-versions` (or `-c`) has been added to
|
||||
`nix-env
|
||||
--query` to allow you to compare installed versions of packages
|
||||
to available versions, or vice versa. An easy way to see if you
|
||||
are up to date with what’s in your subscribed channels is
|
||||
`nix-env -qc \*`.
|
||||
|
||||
|
||||
- `nix-env --query` now takes as arguments a list of package names
|
||||
about which to show information, just like `--install`, etc.:
|
||||
for example, `nix-env -q gcc`. Note that to show all
|
||||
derivations, you need to specify `\*`.
|
||||
|
||||
|
||||
- `nix-env -i
|
||||
pkgname` will now install the highest available version of
|
||||
*pkgname*, rather than installing all available versions (which
|
||||
would probably give collisions) (`NIX-31`).
|
||||
|
||||
|
||||
- `nix-env (-i|-u) --dry-run` now shows exactly which missing
|
||||
paths will be built or substituted.
|
||||
|
||||
|
||||
- `nix-env -qa --description` shows human-readable descriptions of
|
||||
packages, provided that they have a `meta.description` attribute
|
||||
(which most packages in Nixpkgs don’t have yet).
|
||||
|
||||
- New language features:
|
||||
|
||||
|
||||
- Reference scanning (which happens after each build) is much
|
||||
faster and takes a constant amount of memory.
|
||||
|
||||
|
||||
- String interpolation. Expressions like
|
||||
|
||||
|
||||
"--with-freetype2-library=" + freetype + "/lib"
|
||||
|
||||
|
||||
can now be written as
|
||||
|
||||
|
||||
"--with-freetype2-library=${freetype}/lib"
|
||||
|
||||
|
||||
You can write arbitrary expressions within `${...}`, not just
|
||||
identifiers.
|
||||
|
||||
|
||||
- Multi-line string literals.
|
||||
|
||||
|
||||
- String concatenations can now involve derivations, as in the
|
||||
example `"--with-freetype2-library="
|
||||
+ freetype + "/lib"`. This was not previously possible because
|
||||
|
@ -69,17 +69,17 @@
|
|||
dependent on `freetype`. The evaluator now properly propagates
|
||||
this information. Consequently, the subpath operator (`~`) has
|
||||
been deprecated.
|
||||
|
||||
|
||||
- Default values of function arguments can now refer to other
|
||||
function arguments; that is, all arguments are in scope in the
|
||||
default values (`NIX-45`).
|
||||
|
||||
|
||||
- Lots of new built-in primitives, such as functions for list
|
||||
manipulation and integer arithmetic. See the manual for a
|
||||
complete list. All primops are now available in the set
|
||||
`builtins`, allowing one to test for the availability of primop
|
||||
in a backwards-compatible way.
|
||||
|
||||
|
||||
- Real let-expressions: `let x = ...;
|
||||
... z = ...; in ...`.
|
||||
|
||||
|
@ -89,15 +89,15 @@
|
|||
your machine and you want to copy it somewhere else.
|
||||
|
||||
- XML support:
|
||||
|
||||
|
||||
- `nix-env -q --xml` prints the installed or available packages in
|
||||
an XML representation for easy processing by other tools.
|
||||
|
||||
|
||||
- `nix-instantiate --eval-only
|
||||
--xml` prints an XML representation of the resulting term. (The
|
||||
new flag `--strict` forces ‘deep’ evaluation of the result,
|
||||
i.e., list elements and attributes are evaluated recursively.)
|
||||
|
||||
|
||||
- In Nix expressions, the primop `builtins.toXML` converts a term
|
||||
to an XML representation. This is primarily useful for passing
|
||||
structured information to builders.
|
||||
|
@ -133,21 +133,21 @@
|
|||
something other than `result`.
|
||||
|
||||
- Platform support:
|
||||
|
||||
|
||||
- Support for 64-bit platforms, provided a [suitably patched ATerm
|
||||
library](http://bugzilla.sen.cwi.nl:8080/show_bug.cgi?id=606) is
|
||||
used. Also, files larger than 2 GiB are now supported.
|
||||
|
||||
|
||||
- Added support for Cygwin (Windows, `i686-cygwin`), Mac OS X on
|
||||
Intel (`i686-darwin`) and Linux on PowerPC (`powerpc-linux`).
|
||||
|
||||
|
||||
- Users of SMP and multicore machines will appreciate that the
|
||||
number of builds to be performed in parallel can now be
|
||||
specified in the configuration file in the `build-max-jobs`
|
||||
setting.
|
||||
|
||||
- Garbage collector improvements:
|
||||
|
||||
|
||||
- Open files (such as running programs) are now used as roots of
|
||||
the garbage collector. This prevents programs that have been
|
||||
uninstalled from being garbage collected while they are still
|
||||
|
@ -155,17 +155,17 @@
|
|||
(`find-runtime-roots.pl`) is inherently system-specific, but it
|
||||
should work on Linux and on all platforms that have the `lsof`
|
||||
utility.
|
||||
|
||||
|
||||
- `nix-store --gc` (a.k.a. `nix-collect-garbage`) prints out the
|
||||
number of bytes freed on standard output. `nix-store
|
||||
--gc --print-dead` shows how many bytes would be freed by an
|
||||
actual garbage collection.
|
||||
|
||||
|
||||
- `nix-collect-garbage -d` removes all old generations of *all*
|
||||
profiles before calling the actual garbage collector (`nix-store
|
||||
--gc`). This is an easy way to get rid of all old packages in
|
||||
the Nix store.
|
||||
|
||||
|
||||
- `nix-store` now has an operation `--delete` to delete specific
|
||||
paths from the Nix store. It won’t delete reachable
|
||||
(non-garbage) paths unless `--ignore-liveness` is specified.
|
||||
|
@ -192,13 +192,13 @@
|
|||
memoisation of path hashing.
|
||||
|
||||
- Lots of bug fixes, notably:
|
||||
|
||||
|
||||
- Make sure that the garbage collector can run successfully when
|
||||
the disk is full (`NIX-18`).
|
||||
|
||||
|
||||
- `nix-env` now locks the profile to prevent races between
|
||||
concurrent `nix-env` operations on the same profile (`NIX-7`).
|
||||
|
||||
|
||||
- Removed misleading messages from `nix-env -i` (e.g.,
|
||||
``installing
|
||||
`foo'`` followed by ``uninstalling
|
||||
|
|
|
@ -50,7 +50,7 @@ on Nix. Here is an (incomplete) list:
|
|||
multiple packages with the same name, then pick the package with the
|
||||
highest priority, and only use the version if there are multiple
|
||||
packages with the same priority.
|
||||
|
||||
|
||||
This makes it possible to mark specific versions/variant in Nixpkgs
|
||||
more or less desirable than others. A typical example would be a
|
||||
beta version of some package (e.g., `gcc-4.2.0rc1`) which should not
|
||||
|
@ -62,14 +62,14 @@ on Nix. Here is an (incomplete) list:
|
|||
be modified. There are several attributes that can be usefully
|
||||
modified, because they affect the behaviour of `nix-env` or the user
|
||||
environment build script:
|
||||
|
||||
|
||||
- `meta.priority` can be changed to resolve filename clashes (see
|
||||
above).
|
||||
|
||||
|
||||
- `meta.keep` can be set to `true` to prevent the package from
|
||||
being upgraded or replaced. Useful if you want to hang on to an
|
||||
older version of a package.
|
||||
|
||||
|
||||
- `meta.active` can be set to `false` to “disable” the package.
|
||||
That is, no symlinks will be generated to the files of the
|
||||
package, but it remains part of the profile (so it won’t be
|
||||
|
|
|
@ -7,23 +7,23 @@
|
|||
Nix process crashes; no write access is needed for read-only
|
||||
operations; no more running out of Berkeley DB locks on certain
|
||||
operations.
|
||||
|
||||
|
||||
You still need to compile Nix with Berkeley DB support if you want
|
||||
Nix to automatically convert your old Nix store to the new schema.
|
||||
If you don’t need this, you can build Nix with the `configure`
|
||||
option `--disable-old-db-compat`.
|
||||
|
||||
|
||||
After the automatic conversion to the new schema, you can delete the
|
||||
old Berkeley DB files:
|
||||
|
||||
|
||||
$ cd /nix/var/nix/db
|
||||
$ rm __db* log.* derivers references referrers reserved validpaths DB_CONFIG
|
||||
|
||||
|
||||
The new metadata is stored in the directories `/nix/var/nix/db/info`
|
||||
and `/nix/var/nix/db/referrer`. Though the metadata is stored in
|
||||
human-readable plain-text files, they are not intended to be
|
||||
human-editable, as Nix is rather strict about the format.
|
||||
|
||||
|
||||
The new storage schema may or may not require less disk space than
|
||||
the Berkeley DB environment, mostly depending on the cluster size of
|
||||
your file system. With 1 KiB clusters (which seems to be the `ext3`
|
||||
|
@ -50,11 +50,11 @@
|
|||
last access time. This allows non-recently used stuff to be deleted.
|
||||
The option `--max-atime time` specifies an upper limit to the last
|
||||
accessed time of paths that may be deleted. For instance,
|
||||
|
||||
```
|
||||
|
||||
```
|
||||
$ nix-store --gc -v --max-atime $(date +%s -d "2 months ago")
|
||||
```
|
||||
|
||||
|
||||
deletes everything that hasn’t been accessed in two months.
|
||||
|
||||
- `nix-env` now uses optimistic profile locking when performing an
|
||||
|
@ -73,7 +73,7 @@
|
|||
now always shown by `nix-env`, `nix-store -r` and `nix-build`. The
|
||||
total download size of substitutable paths is now also shown. For
|
||||
instance, a build will show something like
|
||||
|
||||
|
||||
the following derivations will be built:
|
||||
/nix/store/129sbxnk5n466zg6r1qmq1xjv9zymyy7-activate-configuration.sh.drv
|
||||
/nix/store/7mzy971rdm8l566ch8hgxaf89x7lr7ik-upstart-jobs.drv
|
||||
|
@ -84,24 +84,24 @@
|
|||
...
|
||||
|
||||
- Language features:
|
||||
|
||||
|
||||
- @-patterns as in Haskell. For instance, in a function definition
|
||||
|
||||
|
||||
f = args @ {x, y, z}: ...;
|
||||
|
||||
|
||||
`args` refers to the argument as a whole, which is further
|
||||
pattern-matched against the attribute set pattern `{x, y, z}`.
|
||||
|
||||
|
||||
- “`...`” (ellipsis) patterns. An attribute set pattern can now
|
||||
say `...` at the end of the attribute name list to specify that
|
||||
the function takes *at least* the listed attributes, while
|
||||
ignoring additional attributes. For instance,
|
||||
|
||||
|
||||
{stdenv, fetchurl, fuse, ...}: ...
|
||||
|
||||
|
||||
defines a function that accepts any attribute set that includes
|
||||
at least the three listed attributes.
|
||||
|
||||
|
||||
- New primops: `builtins.parseDrvName` (split a package name
|
||||
string like `"nix-0.12pre12876"` into its name and version
|
||||
components, e.g. `"nix"` and `"0.12pre12876"`),
|
||||
|
|
|
@ -3,7 +3,7 @@
|
|||
This is primarily a bug fix release. It has some new features:
|
||||
|
||||
- Syntactic sugar for writing nested attribute sets. Instead of
|
||||
|
||||
|
||||
{
|
||||
foo = {
|
||||
bar = 123;
|
||||
|
@ -11,15 +11,15 @@ This is primarily a bug fix release. It has some new features:
|
|||
};
|
||||
a = { b = { c = "d"; }; };
|
||||
}
|
||||
|
||||
|
||||
you can write
|
||||
|
||||
|
||||
{
|
||||
foo.bar = 123;
|
||||
foo.xyzzy = true;
|
||||
a.b.c = "d";
|
||||
}
|
||||
|
||||
|
||||
This is useful, for instance, in NixOS configuration files.
|
||||
|
||||
- Support for Nix channels generated by Hydra, the Nix-based
|
||||
|
|
|
@ -1,15 +1,15 @@
|
|||
# Release 0.6 (2004-11-14)
|
||||
|
||||
- Rewrite of the normalisation engine.
|
||||
|
||||
|
||||
- Multiple builds can now be performed in parallel (option `-j`).
|
||||
|
||||
|
||||
- Distributed builds. Nix can now call a shell script to forward
|
||||
builds to Nix installations on remote machines, which may or may
|
||||
not be of the same platform type.
|
||||
|
||||
|
||||
- Option `--fallback` allows recovery from broken substitutes.
|
||||
|
||||
|
||||
- Option `--keep-going` causes building of other (unaffected)
|
||||
derivations to continue if one failed.
|
||||
|
||||
|
@ -28,32 +28,32 @@
|
|||
- Manual updates.
|
||||
|
||||
- `nix-env` changes:
|
||||
|
||||
|
||||
- Derivations for other platforms are filtered out (which can be
|
||||
overridden using `--system-filter`).
|
||||
|
||||
|
||||
- `--install` by default now uninstall previous derivations with
|
||||
the same name.
|
||||
|
||||
|
||||
- `--upgrade` allows upgrading to a specific version.
|
||||
|
||||
|
||||
- New operation `--delete-generations` to remove profile
|
||||
generations (necessary for effective garbage collection).
|
||||
|
||||
|
||||
- Nicer output (sorted, columnised).
|
||||
|
||||
- More sensible verbosity levels all around (builder output is now
|
||||
shown always, unless `-Q` is given).
|
||||
|
||||
- Nix expression language changes:
|
||||
|
||||
|
||||
- New language construct: `with
|
||||
E1;
|
||||
E2` brings all attributes defined in the attribute set *E1* in
|
||||
scope in *E2*.
|
||||
|
||||
|
||||
- Added a `map` function.
|
||||
|
||||
|
||||
- Various new operators (e.g., string concatenation).
|
||||
|
||||
- Expression evaluation is much faster.
|
||||
|
|
|
@ -39,29 +39,29 @@ Nix 0.8 has the following improvements:
|
|||
notion of “closure store expressions” is gone (and so is the notion
|
||||
of “successors”); the file system references of a store path are now
|
||||
just stored in the database.
|
||||
|
||||
|
||||
For instance, given any store path, you can query its closure:
|
||||
|
||||
|
||||
$ nix-store -qR $(which firefox)
|
||||
... lots of paths ...
|
||||
|
||||
|
||||
Also, Nix now remembers for each store path the derivation that
|
||||
built it (the “deriver”):
|
||||
|
||||
|
||||
$ nix-store -qR $(which firefox)
|
||||
/nix/store/4b0jx7vq80l9aqcnkszxhymsf1ffa5jd-firefox-1.0.1.drv
|
||||
|
||||
|
||||
So to see the build-time dependencies, you can do
|
||||
|
||||
|
||||
$ nix-store -qR $(nix-store -qd $(which firefox))
|
||||
|
||||
|
||||
or, in a nicer format:
|
||||
|
||||
|
||||
$ nix-store -q --tree $(nix-store -qd $(which firefox))
|
||||
|
||||
|
||||
File system references are also stored in reverse. For instance, you
|
||||
can query all paths that directly or indirectly use a certain Glibc:
|
||||
|
||||
|
||||
$ nix-store -q --referrers-closure \
|
||||
/nix/store/8lz9yc6zgmc0vlqmn2ipcpkjlmbi51vv-glibc-2.3.4
|
||||
|
||||
|
@ -92,28 +92,28 @@ Nix 0.8 has the following improvements:
|
|||
- `nix-channel` has new operations `--list` and `--remove`.
|
||||
|
||||
- New ways of installing components into user environments:
|
||||
|
||||
|
||||
- Copy from another user environment:
|
||||
|
||||
|
||||
$ nix-env -i --from-profile .../other-profile firefox
|
||||
|
||||
|
||||
- Install a store derivation directly (bypassing the Nix
|
||||
expression language entirely):
|
||||
|
||||
|
||||
$ nix-env -i /nix/store/z58v41v21xd3...-aterm-2.3.1.drv
|
||||
|
||||
|
||||
(This is used to implement `nix-install-package`, which is
|
||||
therefore immune to evolution in the Nix expression language.)
|
||||
|
||||
|
||||
- Install an already built store path directly:
|
||||
|
||||
|
||||
$ nix-env -i /nix/store/hsyj5pbn0d9i...-aterm-2.3.1
|
||||
|
||||
|
||||
- Install the result of a Nix expression specified as a
|
||||
command-line argument:
|
||||
|
||||
|
||||
$ nix-env -f .../i686-linux.nix -i -E 'x: x.firefoxWrapper'
|
||||
|
||||
|
||||
The difference with the normal installation mode is that `-E`
|
||||
does not use the `name` attributes of derivations. Therefore,
|
||||
this can be used to disambiguate multiple derivations with the
|
||||
|
@ -127,7 +127,7 @@ Nix 0.8 has the following improvements:
|
|||
- Implemented a concurrent garbage collector. It is now always safe to
|
||||
run the garbage collector, even if other Nix operations are
|
||||
happening simultaneously.
|
||||
|
||||
|
||||
However, there can still be GC races if you use `nix-instantiate`
|
||||
and `nix-store
|
||||
--realise` directly to build things. To prevent races, use the
|
||||
|
@ -147,13 +147,13 @@ Nix 0.8 has the following improvements:
|
|||
|
||||
- The behaviour of the garbage collector can be changed globally by
|
||||
setting options in `/nix/etc/nix/nix.conf`.
|
||||
|
||||
|
||||
- `gc-keep-derivations` specifies whether deriver links should be
|
||||
followed when searching for live paths.
|
||||
|
||||
|
||||
- `gc-keep-outputs` specifies whether outputs of derivations
|
||||
should be followed when searching for live paths.
|
||||
|
||||
|
||||
- `env-keep-derivations` specifies whether user environments
|
||||
should store the paths of derivations when they are added (thus
|
||||
keeping the derivations alive).
|
||||
|
|
|
@ -18,36 +18,36 @@ first.
|
|||
derivations can mutually refer to each other (as long as there are
|
||||
no data dependencies on the `outPath` and `drvPath` attributes
|
||||
computed by `derivation`).
|
||||
|
||||
|
||||
For example, the expression `derivation
|
||||
attrs` now evaluates to (essentially)
|
||||
|
||||
|
||||
attrs // {
|
||||
type = "derivation";
|
||||
outPath = derivation! attrs;
|
||||
drvPath = derivation! attrs;
|
||||
}
|
||||
|
||||
|
||||
where `derivation!` is a primop that does the actual derivation
|
||||
instantiation (i.e., it does what `derivation` used to do). The
|
||||
advantage is that it allows commands such as `nix-env -qa` and
|
||||
`nix-env -i` to be much faster since they no longer need to
|
||||
instantiate all derivations, just the `name` attribute.
|
||||
|
||||
|
||||
Also, it allows derivations to cyclically reference each other, for
|
||||
example,
|
||||
|
||||
|
||||
webServer = derivation {
|
||||
...
|
||||
hostName = "svn.cs.uu.nl";
|
||||
services = [svnService];
|
||||
};
|
||||
|
||||
|
||||
svnService = derivation {
|
||||
...
|
||||
hostName = webServer.hostName;
|
||||
};
|
||||
|
||||
|
||||
Previously, this would yield a black hole (infinite recursion).
|
||||
|
||||
- `nix-build` now defaults to using `./default.nix` if no Nix
|
||||
|
|
|
@ -5,26 +5,26 @@ This release has the following improvements:
|
|||
- On Linux, when doing a chroot build, Nix now uses various namespace
|
||||
features provided by the Linux kernel to improve build isolation.
|
||||
Namely:
|
||||
|
||||
|
||||
- The private network namespace ensures that builders cannot talk
|
||||
to the outside world (or vice versa): each build only sees a
|
||||
private loopback interface. This also means that two concurrent
|
||||
builds can listen on the same port (e.g. as part of a test)
|
||||
without conflicting with each other.
|
||||
|
||||
|
||||
- The PID namespace causes each build to start as PID 1. Processes
|
||||
outside of the chroot are not visible to those on the inside. On
|
||||
the other hand, processes inside the chroot *are* visible from
|
||||
the outside (though with different PIDs).
|
||||
|
||||
|
||||
- The IPC namespace prevents the builder from communicating with
|
||||
outside processes using SysV IPC mechanisms (shared memory,
|
||||
message queues, semaphores). It also ensures that all IPC
|
||||
objects are destroyed when the builder exits.
|
||||
|
||||
|
||||
- The UTS namespace ensures that builders see a hostname of
|
||||
`localhost` rather than the actual hostname.
|
||||
|
||||
|
||||
- The private mount namespace was already used by Nix to ensure
|
||||
that the bind-mounts used to set up the chroot are cleaned up
|
||||
automatically.
|
||||
|
|
|
@ -5,23 +5,23 @@ features:
|
|||
|
||||
- `nix-prefetch-url` can now download URLs specified in a Nix
|
||||
expression. For example,
|
||||
|
||||
|
||||
$ nix-prefetch-url -A hello.src
|
||||
|
||||
|
||||
will prefetch the file specified by the `fetchurl` call in the
|
||||
attribute `hello.src` from the Nix expression in the current
|
||||
directory, and print the cryptographic hash of the resulting file on
|
||||
stdout. This differs from `nix-build -A
|
||||
hello.src` in that it doesn't verify the hash, and is thus useful
|
||||
when you’re updating a Nix expression.
|
||||
|
||||
|
||||
You can also prefetch the result of functions that unpack a tarball,
|
||||
such as `fetchFromGitHub`. For example:
|
||||
|
||||
|
||||
$ nix-prefetch-url --unpack https://github.com/NixOS/patchelf/archive/0.8.tar.gz
|
||||
|
||||
|
||||
or from a Nix expression:
|
||||
|
||||
|
||||
$ nix-prefetch-url -A nix-repl.src
|
||||
|
||||
- The builtin function `<nix/fetchurl.nix>` now supports downloading
|
||||
|
@ -49,12 +49,12 @@ features:
|
|||
same derivation and `-K` is given, will make the output of the other
|
||||
run available under `store-path-check`. This makes it easier to
|
||||
investigate the non-determinism using tools like `diffoscope`, e.g.,
|
||||
|
||||
|
||||
$ nix-build pkgs/stdenv/linux -A stage1.pkgs.zlib --check -K
|
||||
error: derivation ‘/nix/store/l54i8wlw2265…-zlib-1.2.8.drv’ may not
|
||||
be deterministic: output ‘/nix/store/11a27shh6n2i…-zlib-1.2.8’
|
||||
differs from ‘/nix/store/11a27shh6n2i…-zlib-1.2.8-check’
|
||||
|
||||
|
||||
$ diffoscope /nix/store/11a27shh6n2i…-zlib-1.2.8 /nix/store/11a27shh6n2i…-zlib-1.2.8-check
|
||||
…
|
||||
├── lib/libz.a
|
||||
|
|
|
@ -8,9 +8,9 @@ This release has the following improvements and changes:
|
|||
binary caches to see if any of them has a pre-built binary of that
|
||||
path. The configuration setting `binary-caches` contains a list of
|
||||
URLs of binary caches. For instance, doing
|
||||
|
||||
|
||||
$ nix-env -i thunderbird --option binary-caches http://cache.nixos.org
|
||||
|
||||
|
||||
will install Thunderbird and its dependencies, using the available
|
||||
pre-built binaries in <http://cache.nixos.org>. The main advantage
|
||||
over the old “manifest”-based method of getting pre-built binaries
|
||||
|
@ -19,12 +19,12 @@ This release has the following improvements and changes:
|
|||
need to run `nix-pull` to update your manifest. It’s also more
|
||||
scalable because you don’t need to redownload a giant manifest file
|
||||
every time.
|
||||
|
||||
|
||||
A Nix channel can provide a binary cache URL that will be used
|
||||
automatically if you subscribe to that channel. If you use the
|
||||
Nixpkgs or NixOS channels (<http://nixos.org/channels>) you
|
||||
automatically get the cache <http://cache.nixos.org>.
|
||||
|
||||
|
||||
Binary caches are created using `nix-push`. For details on the
|
||||
operation and format of binary caches, see the `nix-push` manpage.
|
||||
More details are provided in [this nix-dev
|
||||
|
@ -33,16 +33,16 @@ This release has the following improvements and changes:
|
|||
- Multiple output support should now be usable. A derivation can
|
||||
declare that it wants to produce multiple store paths by saying
|
||||
something like
|
||||
|
||||
|
||||
outputs = [ "lib" "headers" "doc" ];
|
||||
|
||||
|
||||
This will cause Nix to pass the intended store path of each output
|
||||
to the builder through the environment variables `lib`, `headers`
|
||||
and `doc`. Other packages can refer to a specific output by
|
||||
referring to `pkg.output`, e.g.
|
||||
|
||||
|
||||
buildInputs = [ pkg.lib pkg.headers ];
|
||||
|
||||
|
||||
If you install a package with multiple outputs using `nix-env`, each
|
||||
output path will be symlinked into the user environment.
|
||||
|
||||
|
@ -60,10 +60,10 @@ This release has the following improvements and changes:
|
|||
Instead, the recommended way to guard the Nix store against
|
||||
accidental modification on Linux is to make it a read-only bind
|
||||
mount, like this:
|
||||
|
||||
|
||||
$ mount --bind /nix/store /nix/store
|
||||
$ mount -o remount,ro,bind /nix/store
|
||||
|
||||
|
||||
Nix will automatically make `/nix/store` writable as needed (using a
|
||||
private mount namespace) to allow modifications.
|
||||
|
||||
|
|
|
@ -25,28 +25,28 @@ features:
|
|||
declarative package management similar to NixOS’s
|
||||
`environment.systemPackages`. For instance, if you have a
|
||||
specification `my-packages.nix` like this:
|
||||
|
||||
|
||||
with import <nixpkgs> {};
|
||||
[ thunderbird
|
||||
geeqie
|
||||
...
|
||||
]
|
||||
|
||||
|
||||
then after any change to this file, you can run:
|
||||
|
||||
|
||||
$ nix-env -f my-packages.nix -ir
|
||||
|
||||
|
||||
to update your profile to match the specification.
|
||||
|
||||
- The ‘`with`’ language construct is now more lazy. It only evaluates
|
||||
its argument if a variable might actually refer to an attribute in
|
||||
the argument. For instance, this now works:
|
||||
|
||||
|
||||
let
|
||||
pkgs = with pkgs; { foo = "old"; bar = foo; } // overrides;
|
||||
overrides = { foo = "new"; };
|
||||
in pkgs.bar
|
||||
|
||||
|
||||
This evaluates to `"new"`, while previously it gave an “infinite
|
||||
recursion” error.
|
||||
|
||||
|
|
|
@ -25,7 +25,7 @@ features:
|
|||
builds a previously built derivation again, and prints an error
|
||||
message if the output is not exactly the same. This helps to verify
|
||||
whether a derivation is truly deterministic. For example:
|
||||
|
||||
|
||||
$ nix-build '<nixpkgs>' -A patchelf
|
||||
…
|
||||
$ nix-build '<nixpkgs>' -A patchelf --check
|
||||
|
@ -43,31 +43,31 @@ features:
|
|||
'1 + 2'` will print `3`.
|
||||
|
||||
- `nix-shell` improvements:
|
||||
|
||||
|
||||
- It has a new flag, `--packages` (or `-p`), that sets up a build
|
||||
environment containing the specified packages from Nixpkgs. For
|
||||
example, the command
|
||||
|
||||
|
||||
$ nix-shell -p sqlite xorg.libX11 hello
|
||||
|
||||
|
||||
will start a shell in which the given packages are present.
|
||||
|
||||
|
||||
- It now uses `shell.nix` as the default expression, falling back
|
||||
to `default.nix` if the former doesn’t exist. This makes it
|
||||
convenient to have a `shell.nix` in your project to set up a
|
||||
nice development environment.
|
||||
|
||||
|
||||
- It evaluates the derivation attribute `shellHook`, if set. Since
|
||||
`stdenv` does not normally execute this hook, it allows you to
|
||||
do `nix-shell`-specific setup.
|
||||
|
||||
|
||||
- It preserves the user’s timezone setting.
|
||||
|
||||
- In chroots, Nix now sets up a `/dev` containing only a minimal set
|
||||
of devices (such as `/dev/null`). Note that it only does this if you
|
||||
*don’t* have `/dev` listed in your `build-chroot-dirs` setting;
|
||||
otherwise, it will bind-mount the `/dev` from outside the chroot.
|
||||
|
||||
|
||||
Similarly, if you don’t have `/dev/pts` listed in
|
||||
`build-chroot-dirs`, Nix will mount a private `devpts` filesystem on
|
||||
the chroot’s `/dev/pts`.
|
||||
|
@ -82,7 +82,7 @@ features:
|
|||
such as attribute sets.
|
||||
|
||||
- The `-A` flag now allows attribute names with dots in them, e.g.
|
||||
|
||||
|
||||
$ nix-instantiate --eval '<nixos>' -A 'config.systemd.units."nscd.service".text'
|
||||
|
||||
- The `--max-freed` option to `nix-store --gc` now accepts a unit
|
||||
|
@ -106,7 +106,7 @@ features:
|
|||
`unsafeGetAttrPos`, that returns the position of an attribute. This
|
||||
is used by Nixpkgs to provide location information in error
|
||||
messages, e.g.
|
||||
|
||||
|
||||
$ nix-build '<nixpkgs>' -A libreoffice --argstr system x86_64-darwin
|
||||
error: the package ‘libreoffice-4.0.5.2’ in ‘.../applications/office/libreoffice/default.nix:263’
|
||||
is not supported on ‘x86_64-darwin’
|
||||
|
@ -116,12 +116,12 @@ features:
|
|||
|
||||
- The binary tarball installer has been improved. You can now install
|
||||
Nix by running:
|
||||
|
||||
|
||||
$ bash <(curl -L https://nixos.org/nix/install)
|
||||
|
||||
- More evaluation errors include position information. For instance,
|
||||
selecting a missing attribute will print something like
|
||||
|
||||
|
||||
error: attribute `nixUnstabl' missing, at /etc/nixos/configurations/misc/eelco/mandark.nix:216:15
|
||||
|
||||
- The command `nix-setuid-helper` is gone.
|
||||
|
|
|
@ -10,24 +10,24 @@
|
|||
|
||||
- `nix-env` selectors are now regular expressions. For instance, you
|
||||
can do
|
||||
|
||||
|
||||
$ nix-env -qa '.*zip.*'
|
||||
|
||||
|
||||
to query all packages with a name containing `zip`.
|
||||
|
||||
- `nix-store --read-log` can now fetch remote build logs. If a build
|
||||
log is not available locally, then ‘nix-store -l’ will now try to
|
||||
download it from the servers listed in the ‘log-servers’ option in
|
||||
nix.conf. For instance, if you have the configuration option
|
||||
|
||||
|
||||
log-servers = http://hydra.nixos.org/log
|
||||
|
||||
|
||||
then it will try to get logs from `http://hydra.nixos.org/log/base
|
||||
name of the
|
||||
store path`. This allows you to do things like:
|
||||
|
||||
|
||||
$ nix-store -l $(which xterm)
|
||||
|
||||
|
||||
and get a log even if `xterm` wasn't built locally.
|
||||
|
||||
- New builtin functions: `attrValues`, `deepSeq`, `fromJSON`,
|
||||
|
|
|
@ -5,17 +5,17 @@ features:
|
|||
|
||||
- Signed binary cache support. You can enable signature checking by
|
||||
adding the following to `nix.conf`:
|
||||
|
||||
|
||||
signed-binary-caches = *
|
||||
binary-cache-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=
|
||||
|
||||
|
||||
This will prevent Nix from downloading any binary from the cache
|
||||
that is not signed by one of the keys listed in
|
||||
`binary-cache-public-keys`.
|
||||
|
||||
|
||||
Signature checking is only supported if you built Nix with the
|
||||
`libsodium` package.
|
||||
|
||||
|
||||
Note that while Nix has had experimental support for signed binary
|
||||
caches since version 1.7, this release changes the signature format
|
||||
in a backwards-incompatible way.
|
||||
|
@ -24,79 +24,79 @@ features:
|
|||
you can now specify the URL of a tarball containing Nix expressions
|
||||
(such as Nixpkgs), which will be downloaded and unpacked
|
||||
automatically. For example:
|
||||
|
||||
|
||||
- In `nix-env`:
|
||||
|
||||
|
||||
$ nix-env -f https://github.com/NixOS/nixpkgs-channels/archive/nixos-14.12.tar.gz -iA firefox
|
||||
|
||||
|
||||
This installs Firefox from the latest tested and built revision
|
||||
of the NixOS 14.12 channel.
|
||||
|
||||
|
||||
- In `nix-build` and `nix-shell`:
|
||||
|
||||
|
||||
$ nix-build https://github.com/NixOS/nixpkgs/archive/master.tar.gz -A hello
|
||||
|
||||
|
||||
This builds GNU Hello from the latest revision of the Nixpkgs
|
||||
master branch.
|
||||
|
||||
|
||||
- In the Nix search path (as specified via `NIX_PATH` or `-I`).
|
||||
For example, to start a shell containing the Pan package from a
|
||||
specific version of Nixpkgs:
|
||||
|
||||
|
||||
$ nix-shell -p pan -I nixpkgs=https://github.com/NixOS/nixpkgs-channels/archive/8a3eea054838b55aca962c3fbde9c83c102b8bf2.tar.gz
|
||||
|
||||
|
||||
- In `nixos-rebuild` (on NixOS):
|
||||
|
||||
|
||||
$ nixos-rebuild test -I nixpkgs=https://github.com/NixOS/nixpkgs-channels/archive/nixos-unstable.tar.gz
|
||||
|
||||
|
||||
- In Nix expressions, via the new builtin function `fetchTarball`:
|
||||
|
||||
|
||||
with import (fetchTarball https://github.com/NixOS/nixpkgs-channels/archive/nixos-14.12.tar.gz) {}; …
|
||||
|
||||
|
||||
(This is not allowed in restricted mode.)
|
||||
|
||||
- `nix-shell` improvements:
|
||||
|
||||
|
||||
- `nix-shell` now has a flag `--run` to execute a command in the
|
||||
`nix-shell` environment, e.g. `nix-shell --run make`. This is
|
||||
like the existing `--command` flag, except that it uses a
|
||||
non-interactive shell (ensuring that hitting Ctrl-C won’t drop
|
||||
you into the child shell).
|
||||
|
||||
|
||||
- `nix-shell` can now be used as a `#!`-interpreter. This allows
|
||||
you to write scripts that dynamically fetch their own
|
||||
dependencies. For example, here is a Haskell script that, when
|
||||
invoked, first downloads GHC and the Haskell packages on which
|
||||
it depends:
|
||||
|
||||
|
||||
#! /usr/bin/env nix-shell
|
||||
#! nix-shell -i runghc -p haskellPackages.ghc haskellPackages.HTTP
|
||||
|
||||
|
||||
import Network.HTTP
|
||||
|
||||
|
||||
main = do
|
||||
resp <- Network.HTTP.simpleHTTP (getRequest "http://nixos.org/")
|
||||
body <- getResponseBody resp
|
||||
print (take 100 body)
|
||||
|
||||
|
||||
Of course, the dependencies are cached in the Nix store, so the
|
||||
second invocation of this script will be much faster.
|
||||
|
||||
- Chroot improvements:
|
||||
|
||||
|
||||
- Chroot builds are now supported on Mac OS X (using its sandbox
|
||||
mechanism).
|
||||
|
||||
|
||||
- If chroots are enabled, they are now used for all derivations,
|
||||
including fixed-output derivations (such as `fetchurl`). The
|
||||
latter do have network access, but can no longer access the host
|
||||
filesystem. If you need the old behaviour, you can set the
|
||||
option `build-use-chroot` to `relaxed`.
|
||||
|
||||
|
||||
- On Linux, if chroots are enabled, builds are performed in a
|
||||
private PID namespace once again. (This functionality was lost
|
||||
in Nix 1.8.)
|
||||
|
||||
|
||||
- Store paths listed in `build-chroot-dirs` are now automatically
|
||||
expanded to their closure. For instance, if you want
|
||||
`/nix/store/…-bash/bin/sh` mounted in your chroot as `/bin/sh`,
|
||||
|
|
|
@ -8,13 +8,13 @@ The following incompatible changes have been made:
|
|||
It has been superseded by the binary cache substituter mechanism
|
||||
since several years. As a result, the following programs have been
|
||||
removed:
|
||||
|
||||
|
||||
- `nix-pull`
|
||||
|
||||
|
||||
- `nix-generate-patches`
|
||||
|
||||
|
||||
- `bsdiff`
|
||||
|
||||
|
||||
- `bspatch`
|
||||
|
||||
- The “copy from other stores” substituter mechanism
|
||||
|
@ -58,26 +58,26 @@ This release has the following new features:
|
|||
`nix-build`, `nix-shell -p`, `nix-env -qa`, `nix-instantiate
|
||||
--eval`, `nix-push` and `nix-copy-closure`. It has the following
|
||||
major features:
|
||||
|
||||
|
||||
- Unlike the legacy commands, it has a consistent way to refer to
|
||||
packages and package-like arguments (like store paths). For
|
||||
example, the following commands all copy the GNU Hello package
|
||||
to a remote machine:
|
||||
|
||||
|
||||
nix copy --to ssh://machine nixpkgs.hello
|
||||
|
||||
|
||||
nix copy --to ssh://machine /nix/store/0i2jd68mp5g6h2sa5k9c85rb80sn8hi9-hello-2.10
|
||||
|
||||
|
||||
nix copy --to ssh://machine '(with import <nixpkgs> {}; hello)'
|
||||
|
||||
|
||||
By contrast, `nix-copy-closure` only accepted store paths as
|
||||
arguments.
|
||||
|
||||
|
||||
- It is self-documenting: `--help` shows all available
|
||||
command-line arguments. If `--help` is given after a subcommand,
|
||||
it shows examples for that subcommand. `nix
|
||||
--help-config` shows all configuration options.
|
||||
|
||||
|
||||
- It is much less verbose. By default, it displays a single-line
|
||||
progress indicator that shows how many packages are left to be
|
||||
built or downloaded, and (if there are running builds) the most
|
||||
|
@ -85,7 +85,7 @@ This release has the following new features:
|
|||
last few lines of builder output. The full build log can be
|
||||
retrieved using `nix
|
||||
log`.
|
||||
|
||||
|
||||
- It
|
||||
[provides](https://github.com/NixOS/nix/commit/b8283773bd64d7da6859ed520ee19867742a03ba)
|
||||
all `nix.conf` configuration options as command line flags. For
|
||||
|
@ -93,122 +93,122 @@ This release has the following new features:
|
|||
http-connections 100` you can write `--http-connections 100`.
|
||||
Boolean options can be written as `--foo` or `--no-foo` (e.g.
|
||||
`--no-auto-optimise-store`).
|
||||
|
||||
|
||||
- Many subcommands have a `--json` flag to write results to stdout
|
||||
in JSON format.
|
||||
|
||||
|
||||
> **Warning**
|
||||
>
|
||||
>
|
||||
> Please note that the `nix` command is a work in progress and the
|
||||
> interface is subject to change.
|
||||
|
||||
|
||||
It provides the following high-level (“porcelain”) subcommands:
|
||||
|
||||
|
||||
- `nix build` is a replacement for `nix-build`.
|
||||
|
||||
|
||||
- `nix run` executes a command in an environment in which the
|
||||
specified packages are available. It is (roughly) a replacement
|
||||
for `nix-shell
|
||||
-p`. Unlike that command, it does not execute the command in a
|
||||
shell, and has a flag (`-c`) that specifies the unquoted command
|
||||
line to be executed.
|
||||
|
||||
|
||||
It is particularly useful in conjunction with chroot stores,
|
||||
allowing Linux users who do not have permission to install Nix
|
||||
in `/nix/store` to still use binary substitutes that assume
|
||||
`/nix/store`. For example,
|
||||
|
||||
|
||||
nix run --store ~/my-nix nixpkgs.hello -c hello --greeting 'Hi everybody!'
|
||||
|
||||
|
||||
downloads (or if not substitutes are available, builds) the GNU
|
||||
Hello package into `~/my-nix/nix/store`, then runs `hello` in a
|
||||
mount namespace where `~/my-nix/nix/store` is mounted onto
|
||||
`/nix/store`.
|
||||
|
||||
|
||||
- `nix search` replaces `nix-env
|
||||
-qa`. It searches the available packages for occurrences of a
|
||||
search string in the attribute name, package name or
|
||||
description. Unlike `nix-env -qa`, it has a cache to speed up
|
||||
subsequent searches.
|
||||
|
||||
|
||||
- `nix copy` copies paths between arbitrary Nix stores,
|
||||
generalising `nix-copy-closure` and `nix-push`.
|
||||
|
||||
|
||||
- `nix repl` replaces the external program `nix-repl`. It provides
|
||||
an interactive environment for evaluating and building Nix
|
||||
expressions. Note that it uses `linenoise-ng` instead of GNU
|
||||
Readline.
|
||||
|
||||
|
||||
- `nix upgrade-nix` upgrades Nix to the latest stable version.
|
||||
This requires that Nix is installed in a profile. (Thus it won’t
|
||||
work on NixOS, or if it’s installed outside of the Nix store.)
|
||||
|
||||
|
||||
- `nix verify` checks whether store paths are unmodified and/or
|
||||
“trusted” (see below). It replaces `nix-store --verify` and
|
||||
`nix-store
|
||||
--verify-path`.
|
||||
|
||||
|
||||
- `nix log` shows the build log of a package or path. If the
|
||||
build log is not available locally, it will try to obtain it
|
||||
from the configured substituters (such as
|
||||
[cache.nixos.org](https://cache.nixos.org/), which now
|
||||
provides build logs).
|
||||
|
||||
|
||||
- `nix edit` opens the source code of a package in your editor.
|
||||
|
||||
|
||||
- `nix eval` replaces `nix-instantiate --eval`.
|
||||
|
||||
|
||||
- `nix
|
||||
why-depends` shows why one store path has another in its
|
||||
closure. This is primarily useful to finding the causes of
|
||||
closure bloat. For example,
|
||||
|
||||
|
||||
nix why-depends nixpkgs.vlc nixpkgs.libdrm.dev
|
||||
|
||||
|
||||
shows a chain of files and fragments of file contents that cause
|
||||
the VLC package to have the “dev” output of `libdrm` in its
|
||||
closure — an undesirable situation.
|
||||
|
||||
|
||||
- `nix path-info` shows information about store paths, replacing
|
||||
`nix-store -q`. A useful feature is the option `--closure-size`
|
||||
(`-S`). For example, the following command show the closure
|
||||
sizes of every path in the current NixOS system closure, sorted
|
||||
by size:
|
||||
|
||||
|
||||
nix path-info -rS /run/current-system | sort -nk2
|
||||
|
||||
|
||||
- `nix optimise-store` replaces `nix-store --optimise`. The main
|
||||
difference is that it has a progress indicator.
|
||||
|
||||
|
||||
A number of low-level (“plumbing”) commands are also available:
|
||||
|
||||
|
||||
- `nix ls-store` and `nix
|
||||
ls-nar` list the contents of a store path or NAR file. The
|
||||
former is primarily useful in conjunction with remote stores,
|
||||
e.g.
|
||||
|
||||
|
||||
nix ls-store --store https://cache.nixos.org/ -lR /nix/store/0i2jd68mp5g6h2sa5k9c85rb80sn8hi9-hello-2.10
|
||||
|
||||
|
||||
lists the contents of path in a binary cache.
|
||||
|
||||
|
||||
- `nix cat-store` and `nix
|
||||
cat-nar` allow extracting a file from a store path or NAR file.
|
||||
|
||||
|
||||
- `nix dump-path` writes the contents of a store path to stdout in
|
||||
NAR format. This replaces `nix-store --dump`.
|
||||
|
||||
|
||||
- `nix
|
||||
show-derivation` displays a store derivation in JSON format.
|
||||
This is an alternative to `pp-aterm`.
|
||||
|
||||
|
||||
- `nix
|
||||
add-to-store` replaces `nix-store
|
||||
--add`.
|
||||
|
||||
|
||||
- `nix sign-paths` signs store paths.
|
||||
|
||||
|
||||
- `nix copy-sigs` copies signatures from one store to another.
|
||||
|
||||
|
||||
- `nix show-config` shows all configuration options and their
|
||||
current values.
|
||||
|
||||
|
@ -224,11 +224,11 @@ This release has the following new features:
|
|||
`nix-copy-closure`, `nix-push` and substitution are all instances
|
||||
of the general notion of copying paths between different kinds of
|
||||
Nix stores.
|
||||
|
||||
|
||||
Stores are specified using an URI-like syntax, e.g.
|
||||
<https://cache.nixos.org/> or <ssh://machine>. The following store
|
||||
types are supported:
|
||||
|
||||
|
||||
- `LocalStore` (stori URI `local` or an absolute path) and the
|
||||
misnamed `RemoteStore` (`daemon`) provide access to a local Nix
|
||||
store, the latter via the Nix daemon. You can use `auto` or the
|
||||
|
@ -236,63 +236,63 @@ This release has the following new features:
|
|||
whether you have write permission to the Nix store. It is no
|
||||
longer necessary to set the `NIX_REMOTE` environment variable to
|
||||
use the Nix daemon.
|
||||
|
||||
|
||||
As noted above, `LocalStore` now supports chroot builds,
|
||||
allowing the “physical” location of the Nix store (e.g.
|
||||
`/home/alice/nix/store`) to differ from its “logical” location
|
||||
(typically `/nix/store`). This allows non-root users to use Nix
|
||||
while still getting the benefits from prebuilt binaries from
|
||||
[cache.nixos.org](https://cache.nixos.org/).
|
||||
|
||||
|
||||
- `BinaryCacheStore` is the abstract superclass of all binary
|
||||
cache stores. It supports writing build logs and NAR content
|
||||
listings in JSON format.
|
||||
|
||||
|
||||
- `HttpBinaryCacheStore` (`http://`, `https://`) supports binary
|
||||
caches via HTTP or HTTPS. If the server supports `PUT` requests,
|
||||
it supports uploading store paths via commands such as `nix
|
||||
copy`.
|
||||
|
||||
|
||||
- `LocalBinaryCacheStore` (`file://`) supports binary caches in
|
||||
the local filesystem.
|
||||
|
||||
|
||||
- `S3BinaryCacheStore` (`s3://`) supports binary caches stored in
|
||||
Amazon S3, if enabled at compile time.
|
||||
|
||||
|
||||
- `LegacySSHStore` (`ssh://`) is used to implement remote builds
|
||||
and `nix-copy-closure`.
|
||||
|
||||
|
||||
- `SSHStore` (`ssh-ng://`) supports arbitrary Nix operations on a
|
||||
remote machine via the same protocol used by `nix-daemon`.
|
||||
|
||||
- Security has been improved in various ways:
|
||||
|
||||
|
||||
- Nix now stores signatures for local store paths. When paths are
|
||||
copied between stores (e.g., copied from a binary cache to a
|
||||
local store), signatures are propagated.
|
||||
|
||||
|
||||
Locally-built paths are signed automatically using the secret
|
||||
keys specified by the `secret-key-files` store option.
|
||||
Secret/public key pairs can be generated using `nix-store
|
||||
--generate-binary-cache-key`.
|
||||
|
||||
|
||||
In addition, locally-built store paths are marked as “ultimately
|
||||
trusted”, but this bit is not propagated when paths are copied
|
||||
between stores.
|
||||
|
||||
|
||||
- Content-addressable store paths no longer require signatures —
|
||||
they can be imported into a store by unprivileged users even if
|
||||
they lack signatures.
|
||||
|
||||
|
||||
- The command `nix verify` checks whether the specified paths are
|
||||
trusted, i.e., have a certain number of trusted signatures, are
|
||||
ultimately trusted, or are content-addressed.
|
||||
|
||||
|
||||
- Substitutions from binary caches
|
||||
[now](https://github.com/NixOS/nix/commit/ecbc3fedd3d5bdc5a0e1a0a51b29062f2874ac8b)
|
||||
require signatures by default. This was already the case on
|
||||
NixOS.
|
||||
|
||||
|
||||
- In Linux sandbox builds, we
|
||||
[now](https://github.com/NixOS/nix/commit/eba840c8a13b465ace90172ff76a0db2899ab11b)
|
||||
use `/build` instead of `/tmp` as the temporary build directory.
|
||||
|
@ -309,7 +309,7 @@ This release has the following new features:
|
|||
hash or commit hash is specified. For example, calls to
|
||||
`builtins.fetchGit` are only allowed if a `rev` attribute is
|
||||
specified.
|
||||
|
||||
|
||||
The goal of this feature is to enable true reproducibility and
|
||||
traceability of builds (including NixOS system configurations) at
|
||||
the evaluation level. For example, in the future, `nixos-rebuild`
|
||||
|
@ -367,21 +367,21 @@ This release has the following new features:
|
|||
log will be shown if a build fails.
|
||||
|
||||
- Networking has been improved:
|
||||
|
||||
|
||||
- HTTP/2 is now supported. This makes binary cache lookups [much
|
||||
more
|
||||
efficient](https://github.com/NixOS/nix/commit/90ad02bf626b885a5dd8967894e2eafc953bdf92).
|
||||
|
||||
|
||||
- We now retry downloads on many HTTP errors, making binary caches
|
||||
substituters more resilient to temporary failures.
|
||||
|
||||
|
||||
- HTTP credentials can now be configured via the standard `netrc`
|
||||
mechanism.
|
||||
|
||||
|
||||
- If S3 support is enabled at compile time, <s3://> URIs are
|
||||
[supported](https://github.com/NixOS/nix/commit/9ff9c3f2f80ba4108e9c945bbfda2c64735f987b)
|
||||
in all places where Nix allows URIs.
|
||||
|
||||
|
||||
- Brotli compression is now supported. In particular,
|
||||
[cache.nixos.org](https://cache.nixos.org/) build logs are now compressed
|
||||
using Brotli.
|
||||
|
@ -431,9 +431,9 @@ The Nix language has the following new features:
|
|||
- Derivation attributes can now reference the outputs of the
|
||||
derivation using the `placeholder` builtin function. For example,
|
||||
the attribute
|
||||
|
||||
|
||||
configureFlags = "--prefix=${placeholder "out"} --includedir=${placeholder "dev"}";
|
||||
|
||||
|
||||
will cause the `configureFlags` environment variable to contain the
|
||||
actual store paths corresponding to the `out` and `dev` outputs.
|
||||
|
||||
|
@ -444,7 +444,7 @@ The following builtin functions are new or extended:
|
|||
Nixpkgs, which fetches at build time and cannot be used to fetch Nix
|
||||
expressions during evaluation. A typical use case is to import
|
||||
external NixOS modules from your configuration, e.g.
|
||||
|
||||
|
||||
imports = [ (builtins.fetchGit https://github.com/edolstra/dwarffs + "/module.nix") ];
|
||||
|
||||
- Similarly, `builtins.fetchMercurial` allows you to fetch Mercurial
|
||||
|
@ -485,7 +485,7 @@ The Nix build environment has the following changes:
|
|||
builder via the file `.attrs.json` in the builder’s temporary
|
||||
directory. This obviates the need for `passAsFile` since JSON files
|
||||
have no size restrictions, unlike process environments.
|
||||
|
||||
|
||||
[As a convenience to Bash
|
||||
builders](https://github.com/NixOS/nix/commit/2d5b1b24bf70a498e4c0b378704cfdb6471cc699),
|
||||
Nix writes a script named `.attrs.sh` to the builder’s directory
|
||||
|
|
|
@ -6,15 +6,15 @@ This is primarily a bug fix release. It also has the following changes:
|
|||
the `__structuredAttrs` attribute to `true` to cause all attributes
|
||||
to be passed to the builder in JSON format), you can now specify
|
||||
closure checks per output, e.g.:
|
||||
|
||||
|
||||
outputChecks."out" = {
|
||||
# The closure of 'out' must not be larger than 256 MiB.
|
||||
maxClosureSize = 256 * 1024 * 1024;
|
||||
|
||||
|
||||
# It must not refer to C compiler or to the 'dev' output.
|
||||
disallowedRequisites = [ stdenv.cc "dev" ];
|
||||
};
|
||||
|
||||
|
||||
outputChecks."dev" = {
|
||||
# The 'dev' output must not be larger than 128 KiB.
|
||||
maxSize = 128 * 1024;
|
||||
|
@ -24,7 +24,7 @@ This is primarily a bug fix release. It also has the following changes:
|
|||
for local builds, and not just to route builds to remote builders.
|
||||
The supported features of a machine can be specified through the
|
||||
configuration setting `system-features`.
|
||||
|
||||
|
||||
By default, `system-features` includes `kvm` if `/dev/kvm` exists.
|
||||
For compatibility, it also includes the pseudo-features
|
||||
`nixos-test`, `benchmark` and `big-parallel` which are used by
|
||||
|
@ -45,22 +45,22 @@ This is primarily a bug fix release. It also has the following changes:
|
|||
- Nix now supports [SRI hashes](https://www.w3.org/TR/SRI/), allowing
|
||||
the hash algorithm and hash to be specified in a single string. For
|
||||
example, you can write:
|
||||
|
||||
|
||||
import <nix/fetchurl.nix> {
|
||||
url = https://nixos.org/releases/nix/nix-2.1.3/nix-2.1.3.tar.xz;
|
||||
hash = "sha256-XSLa0FjVyADWWhFfkZ2iKTjFDda6mMXjoYMXLRSYQKQ=";
|
||||
};
|
||||
|
||||
|
||||
instead of
|
||||
|
||||
|
||||
import <nix/fetchurl.nix> {
|
||||
url = https://nixos.org/releases/nix/nix-2.1.3/nix-2.1.3.tar.xz;
|
||||
sha256 = "5d22dad058d5c800d65a115f919da22938c50dd6ba98c5e3a183172d149840a4";
|
||||
};
|
||||
|
||||
|
||||
In fixed-output derivations, the `outputHashAlgo` attribute is no
|
||||
longer mandatory if `outputHash` specifies the hash.
|
||||
|
||||
|
||||
`nix hash-file` and `nix
|
||||
hash-path` now print hashes in SRI format by default. They also use
|
||||
SHA-256 by default instead of SHA-512 because that's what we use
|
||||
|
|
File diff suppressed because one or more lines are too long
|
@ -1,14 +1,18 @@
|
|||
with builtins;
|
||||
|
||||
rec {
|
||||
splitLines = s: filter (x: !isList x) (split "\n" s);
|
||||
|
||||
concatStrings = concatStringsSep "";
|
||||
|
||||
attrsToList = a:
|
||||
map (name: { inherit name; value = a.${name}; }) (builtins.attrNames a);
|
||||
attrsToList =
|
||||
a:
|
||||
map (name: {
|
||||
inherit name;
|
||||
value = a.${name};
|
||||
}) (builtins.attrNames a);
|
||||
|
||||
replaceStringsRec = from: to: string:
|
||||
replaceStringsRec =
|
||||
from: to: string:
|
||||
# recursively replace occurrences of `from` with `to` within `string`
|
||||
# example:
|
||||
# replaceStringRec "--" "-" "hello-----world"
|
||||
|
@ -16,14 +20,16 @@ rec {
|
|||
let
|
||||
replaced = replaceStrings [ from ] [ to ] string;
|
||||
in
|
||||
if replaced == string then string else replaceStringsRec from to replaced;
|
||||
if replaced == string then string else replaceStringsRec from to replaced;
|
||||
|
||||
squash = replaceStringsRec "\n\n\n" "\n\n";
|
||||
|
||||
trim = string:
|
||||
trim =
|
||||
string:
|
||||
# trim trailing spaces and squash non-leading spaces
|
||||
let
|
||||
trimLine = line:
|
||||
trimLine =
|
||||
line:
|
||||
let
|
||||
# separate leading spaces from the rest
|
||||
parts = split "(^ *)" line;
|
||||
|
@ -31,76 +37,102 @@ rec {
|
|||
rest = elemAt parts 2;
|
||||
# drop trailing spaces
|
||||
body = head (split " *$" rest);
|
||||
in spaces + replaceStringsRec " " " " body;
|
||||
in concatStringsSep "\n" (map trimLine (splitLines string));
|
||||
in
|
||||
spaces + replaceStringsRec " " " " body;
|
||||
in
|
||||
concatStringsSep "\n" (map trimLine (splitLines string));
|
||||
|
||||
# FIXME: O(n^2)
|
||||
unique = foldl' (acc: e: if elem e acc then acc else acc ++ [ e ]) [];
|
||||
unique = foldl' (acc: e: if elem e acc then acc else acc ++ [ e ]) [ ];
|
||||
|
||||
nameValuePair = name: value: { inherit name value; };
|
||||
|
||||
filterAttrs = pred: set:
|
||||
listToAttrs (concatMap (name: let v = set.${name}; in if pred name v then [(nameValuePair name v)] else []) (attrNames set));
|
||||
filterAttrs =
|
||||
pred: set:
|
||||
listToAttrs (
|
||||
concatMap (
|
||||
name:
|
||||
let
|
||||
v = set.${name};
|
||||
in
|
||||
if pred name v then [ (nameValuePair name v) ] else [ ]
|
||||
) (attrNames set)
|
||||
);
|
||||
|
||||
optionalString = cond: string: if cond then string else "";
|
||||
|
||||
showSetting = { inlineHTML }: name: { description, documentDefault, defaultValue, aliases, value, experimentalFeature }:
|
||||
showSetting =
|
||||
{ inlineHTML }:
|
||||
name:
|
||||
{
|
||||
description,
|
||||
documentDefault,
|
||||
defaultValue,
|
||||
aliases,
|
||||
value,
|
||||
experimentalFeature,
|
||||
}:
|
||||
let
|
||||
result = squash ''
|
||||
- ${if inlineHTML
|
||||
then ''<span id="conf-${name}">[`${name}`](#conf-${name})</span>''
|
||||
else ''`${name}`''}
|
||||
- ${
|
||||
if inlineHTML then ''<span id="conf-${name}">[`${name}`](#conf-${name})</span>'' else ''`${name}`''
|
||||
}
|
||||
|
||||
${indent " " body}
|
||||
'';
|
||||
${indent " " body}
|
||||
'';
|
||||
|
||||
experimentalFeatureNote = optionalString (experimentalFeature != null) ''
|
||||
> **Warning**
|
||||
> This setting is part of an
|
||||
> [experimental feature](@docroot@/contributing/experimental-features.md).
|
||||
> **Warning**
|
||||
> This setting is part of an
|
||||
> [experimental feature](@docroot@/contributing/experimental-features.md).
|
||||
|
||||
To change this setting, you need to make sure the corresponding experimental feature,
|
||||
[`${experimentalFeature}`](@docroot@/contributing/experimental-features.md#xp-feature-${experimentalFeature}),
|
||||
is enabled.
|
||||
For example, include the following in [`nix.conf`](#):
|
||||
To change this setting, you need to make sure the corresponding experimental feature,
|
||||
[`${experimentalFeature}`](@docroot@/contributing/experimental-features.md#xp-feature-${experimentalFeature}),
|
||||
is enabled.
|
||||
For example, include the following in [`nix.conf`](#):
|
||||
|
||||
```
|
||||
extra-experimental-features = ${experimentalFeature}
|
||||
${name} = ...
|
||||
```
|
||||
'';
|
||||
```
|
||||
extra-experimental-features = ${experimentalFeature}
|
||||
${name} = ...
|
||||
```
|
||||
'';
|
||||
|
||||
# separate body to cleanly handle indentation
|
||||
body = ''
|
||||
${description}
|
||||
${description}
|
||||
|
||||
${experimentalFeatureNote}
|
||||
${experimentalFeatureNote}
|
||||
|
||||
**Default:** ${showDefault documentDefault defaultValue}
|
||||
**Default:** ${showDefault documentDefault defaultValue}
|
||||
|
||||
${showAliases aliases}
|
||||
'';
|
||||
${showAliases aliases}
|
||||
'';
|
||||
|
||||
showDefault = documentDefault: defaultValue:
|
||||
showDefault =
|
||||
documentDefault: defaultValue:
|
||||
if documentDefault then
|
||||
# a StringMap value type is specified as a string, but
|
||||
# this shows the value type. The empty stringmap is `null` in
|
||||
# JSON, but that converts to `{ }` here.
|
||||
if defaultValue == "" || defaultValue == [] || isAttrs defaultValue
|
||||
then "*empty*"
|
||||
else if isBool defaultValue then
|
||||
if defaultValue then "`true`" else "`false`"
|
||||
else "`${toString defaultValue}`"
|
||||
else "*machine-specific*";
|
||||
if defaultValue == "" || defaultValue == [ ] || isAttrs defaultValue then
|
||||
"*empty*"
|
||||
else if isBool defaultValue then
|
||||
if defaultValue then "`true`" else "`false`"
|
||||
else
|
||||
"`${toString defaultValue}`"
|
||||
else
|
||||
"*machine-specific*";
|
||||
|
||||
showAliases = aliases:
|
||||
optionalString (aliases != [])
|
||||
"**Deprecated alias:** ${(concatStringsSep ", " (map (s: "`${s}`") aliases))}";
|
||||
showAliases =
|
||||
aliases:
|
||||
optionalString (aliases != [ ])
|
||||
"**Deprecated alias:** ${(concatStringsSep ", " (map (s: "`${s}`") aliases))}";
|
||||
in
|
||||
result;
|
||||
|
||||
in result;
|
||||
indent =
|
||||
prefix: s: concatStringsSep "\n" (map (x: if x == "" then x else "${prefix}${x}") (splitLines s));
|
||||
|
||||
indent = prefix: s:
|
||||
concatStringsSep "\n" (map (x: if x == "" then x else "${prefix}${x}") (splitLines s));
|
||||
|
||||
showSettings = args: settingsInfo: concatStrings (attrValues (mapAttrs (showSetting args) settingsInfo));
|
||||
showSettings =
|
||||
args: settingsInfo: concatStrings (attrValues (mapAttrs (showSetting args) settingsInfo));
|
||||
}
|
||||
|
|
381
docker.nix
381
docker.nix
|
@ -1,70 +1,70 @@
|
|||
{ pkgs ? import <nixpkgs> { }
|
||||
, lib ? pkgs.lib
|
||||
, name ? "nix"
|
||||
, tag ? "latest"
|
||||
, bundleNixpkgs ? true
|
||||
, channelName ? "nixpkgs"
|
||||
, channelURL ? "https://nixos.org/channels/nixpkgs-unstable"
|
||||
, extraPkgs ? []
|
||||
, maxLayers ? 100
|
||||
, nixConf ? {}
|
||||
, flake-registry ? null
|
||||
{
|
||||
pkgs ? import <nixpkgs> { },
|
||||
lib ? pkgs.lib,
|
||||
name ? "nix",
|
||||
tag ? "latest",
|
||||
bundleNixpkgs ? true,
|
||||
channelName ? "nixpkgs",
|
||||
channelURL ? "https://nixos.org/channels/nixpkgs-unstable",
|
||||
extraPkgs ? [ ],
|
||||
maxLayers ? 100,
|
||||
nixConf ? { },
|
||||
flake-registry ? null,
|
||||
}:
|
||||
let
|
||||
defaultPkgs = with pkgs; [
|
||||
nix
|
||||
bashInteractive
|
||||
coreutils-full
|
||||
gnutar
|
||||
gzip
|
||||
gnugrep
|
||||
which
|
||||
curl
|
||||
less
|
||||
wget
|
||||
man
|
||||
cacert.out
|
||||
findutils
|
||||
iana-etc
|
||||
git
|
||||
openssh
|
||||
] ++ extraPkgs;
|
||||
defaultPkgs =
|
||||
with pkgs;
|
||||
[
|
||||
nix
|
||||
bashInteractive
|
||||
coreutils-full
|
||||
gnutar
|
||||
gzip
|
||||
gnugrep
|
||||
which
|
||||
curl
|
||||
less
|
||||
wget
|
||||
man
|
||||
cacert.out
|
||||
findutils
|
||||
iana-etc
|
||||
git
|
||||
openssh
|
||||
]
|
||||
++ extraPkgs;
|
||||
|
||||
users = {
|
||||
users =
|
||||
{
|
||||
root = {
|
||||
uid = 0;
|
||||
shell = "${pkgs.bashInteractive}/bin/bash";
|
||||
home = "/root";
|
||||
gid = 0;
|
||||
groups = [ "root" ];
|
||||
description = "System administrator";
|
||||
};
|
||||
|
||||
root = {
|
||||
uid = 0;
|
||||
shell = "${pkgs.bashInteractive}/bin/bash";
|
||||
home = "/root";
|
||||
gid = 0;
|
||||
groups = [ "root" ];
|
||||
description = "System administrator";
|
||||
};
|
||||
|
||||
nobody = {
|
||||
uid = 65534;
|
||||
shell = "${pkgs.shadow}/bin/nologin";
|
||||
home = "/var/empty";
|
||||
gid = 65534;
|
||||
groups = [ "nobody" ];
|
||||
description = "Unprivileged account (don't use!)";
|
||||
};
|
||||
|
||||
} // lib.listToAttrs (
|
||||
map
|
||||
(
|
||||
n: {
|
||||
name = "nixbld${toString n}";
|
||||
value = {
|
||||
uid = 30000 + n;
|
||||
gid = 30000;
|
||||
groups = [ "nixbld" ];
|
||||
description = "Nix build user ${toString n}";
|
||||
};
|
||||
}
|
||||
)
|
||||
(lib.lists.range 1 32)
|
||||
);
|
||||
nobody = {
|
||||
uid = 65534;
|
||||
shell = "${pkgs.shadow}/bin/nologin";
|
||||
home = "/var/empty";
|
||||
gid = 65534;
|
||||
groups = [ "nobody" ];
|
||||
description = "Unprivileged account (don't use!)";
|
||||
};
|
||||
}
|
||||
// lib.listToAttrs (
|
||||
map (n: {
|
||||
name = "nixbld${toString n}";
|
||||
value = {
|
||||
uid = 30000 + n;
|
||||
gid = 30000;
|
||||
groups = [ "nixbld" ];
|
||||
description = "Nix build user ${toString n}";
|
||||
};
|
||||
}) (lib.lists.range 1 32)
|
||||
);
|
||||
|
||||
groups = {
|
||||
root.gid = 0;
|
||||
|
@ -74,24 +74,20 @@ let
|
|||
|
||||
userToPasswd = (
|
||||
k:
|
||||
{ uid
|
||||
, gid ? 65534
|
||||
, home ? "/var/empty"
|
||||
, description ? ""
|
||||
, shell ? "/bin/false"
|
||||
, groups ? [ ]
|
||||
}: "${k}:x:${toString uid}:${toString gid}:${description}:${home}:${shell}"
|
||||
);
|
||||
passwdContents = (
|
||||
lib.concatStringsSep "\n"
|
||||
(lib.attrValues (lib.mapAttrs userToPasswd users))
|
||||
{
|
||||
uid,
|
||||
gid ? 65534,
|
||||
home ? "/var/empty",
|
||||
description ? "",
|
||||
shell ? "/bin/false",
|
||||
groups ? [ ],
|
||||
}:
|
||||
"${k}:x:${toString uid}:${toString gid}:${description}:${home}:${shell}"
|
||||
);
|
||||
passwdContents = (lib.concatStringsSep "\n" (lib.attrValues (lib.mapAttrs userToPasswd users)));
|
||||
|
||||
userToShadow = k: { ... }: "${k}:!:1::::::";
|
||||
shadowContents = (
|
||||
lib.concatStringsSep "\n"
|
||||
(lib.attrValues (lib.mapAttrs userToShadow users))
|
||||
);
|
||||
shadowContents = (lib.concatStringsSep "\n" (lib.attrValues (lib.mapAttrs userToShadow users)));
|
||||
|
||||
# Map groups to members
|
||||
# {
|
||||
|
@ -101,42 +97,28 @@ let
|
|||
let
|
||||
# Create a flat list of user/group mappings
|
||||
mappings = (
|
||||
builtins.foldl'
|
||||
(
|
||||
acc: user:
|
||||
let
|
||||
groups = users.${user}.groups or [ ];
|
||||
in
|
||||
acc ++ map
|
||||
(group: {
|
||||
inherit user group;
|
||||
})
|
||||
groups
|
||||
)
|
||||
[ ]
|
||||
(lib.attrNames users)
|
||||
builtins.foldl' (
|
||||
acc: user:
|
||||
let
|
||||
groups = users.${user}.groups or [ ];
|
||||
in
|
||||
acc ++ map (group: { inherit user group; }) groups
|
||||
) [ ] (lib.attrNames users)
|
||||
);
|
||||
in
|
||||
(
|
||||
builtins.foldl'
|
||||
(
|
||||
acc: v: acc // {
|
||||
${v.group} = acc.${v.group} or [ ] ++ [ v.user ];
|
||||
}
|
||||
)
|
||||
{ }
|
||||
mappings)
|
||||
(builtins.foldl' (
|
||||
acc: v: acc // { ${v.group} = acc.${v.group} or [ ] ++ [ v.user ]; }
|
||||
) { } mappings)
|
||||
);
|
||||
|
||||
groupToGroup = k: { gid }:
|
||||
groupToGroup =
|
||||
k:
|
||||
{ gid }:
|
||||
let
|
||||
members = groupMemberMap.${k} or [ ];
|
||||
in
|
||||
"${k}:x:${toString gid}:${lib.concatStringsSep "," members}";
|
||||
groupContents = (
|
||||
lib.concatStringsSep "\n"
|
||||
(lib.attrValues (lib.mapAttrs groupToGroup groups))
|
||||
);
|
||||
groupContents = (lib.concatStringsSep "\n" (lib.attrValues (lib.mapAttrs groupToGroup groups)));
|
||||
|
||||
defaultNixConf = {
|
||||
sandbox = "false";
|
||||
|
@ -144,11 +126,17 @@ let
|
|||
trusted-public-keys = [ "cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=" ];
|
||||
};
|
||||
|
||||
nixConfContents = (lib.concatStringsSep "\n" (lib.mapAttrsFlatten (n: v:
|
||||
let
|
||||
vStr = if builtins.isList v then lib.concatStringsSep " " v else v;
|
||||
in
|
||||
"${n} = ${vStr}") (defaultNixConf // nixConf))) + "\n";
|
||||
nixConfContents =
|
||||
(lib.concatStringsSep "\n" (
|
||||
lib.mapAttrsFlatten (
|
||||
n: v:
|
||||
let
|
||||
vStr = if builtins.isList v then lib.concatStringsSep " " v else v;
|
||||
in
|
||||
"${n} = ${vStr}"
|
||||
) (defaultNixConf // nixConf)
|
||||
))
|
||||
+ "\n";
|
||||
|
||||
baseSystem =
|
||||
let
|
||||
|
@ -167,21 +155,31 @@ let
|
|||
manifest = pkgs.buildPackages.runCommand "manifest.nix" { } ''
|
||||
cat > $out <<EOF
|
||||
[
|
||||
${lib.concatStringsSep "\n" (builtins.map (drv: let
|
||||
outputs = drv.outputsToInstall or [ "out" ];
|
||||
in ''
|
||||
{
|
||||
${lib.concatStringsSep "\n" (builtins.map (output: ''
|
||||
${output} = { outPath = "${lib.getOutput output drv}"; };
|
||||
'') outputs)}
|
||||
outputs = [ ${lib.concatStringsSep " " (builtins.map (x: "\"${x}\"") outputs)} ];
|
||||
name = "${drv.name}";
|
||||
outPath = "${drv}";
|
||||
system = "${drv.system}";
|
||||
type = "derivation";
|
||||
meta = { };
|
||||
}
|
||||
'') defaultPkgs)}
|
||||
${lib.concatStringsSep "\n" (
|
||||
builtins.map (
|
||||
drv:
|
||||
let
|
||||
outputs = drv.outputsToInstall or [ "out" ];
|
||||
in
|
||||
''
|
||||
{
|
||||
${
|
||||
lib.concatStringsSep "\n" (
|
||||
builtins.map (output: ''
|
||||
${output} = { outPath = "${lib.getOutput output drv}"; };
|
||||
'') outputs
|
||||
)
|
||||
}
|
||||
outputs = [ ${lib.concatStringsSep " " (builtins.map (x: "\"${x}\"") outputs)} ];
|
||||
name = "${drv.name}";
|
||||
outPath = "${drv}";
|
||||
system = "${drv.system}";
|
||||
type = "derivation";
|
||||
meta = { };
|
||||
}
|
||||
''
|
||||
) defaultPkgs
|
||||
)}
|
||||
]
|
||||
EOF
|
||||
'';
|
||||
|
@ -190,16 +188,22 @@ let
|
|||
cp -a ${rootEnv}/* $out/
|
||||
ln -s ${manifest} $out/manifest.nix
|
||||
'';
|
||||
flake-registry-path = if (flake-registry == null) then
|
||||
null
|
||||
else if (builtins.readFileType (toString flake-registry)) == "directory" then
|
||||
"${flake-registry}/flake-registry.json"
|
||||
else
|
||||
flake-registry;
|
||||
flake-registry-path =
|
||||
if (flake-registry == null) then
|
||||
null
|
||||
else if (builtins.readFileType (toString flake-registry)) == "directory" then
|
||||
"${flake-registry}/flake-registry.json"
|
||||
else
|
||||
flake-registry;
|
||||
in
|
||||
pkgs.runCommand "base-system"
|
||||
{
|
||||
inherit passwdContents groupContents shadowContents nixConfContents;
|
||||
inherit
|
||||
passwdContents
|
||||
groupContents
|
||||
shadowContents
|
||||
nixConfContents
|
||||
;
|
||||
passAsFile = [
|
||||
"passwdContents"
|
||||
"groupContents"
|
||||
|
@ -208,66 +212,68 @@ let
|
|||
];
|
||||
allowSubstitutes = false;
|
||||
preferLocalBuild = true;
|
||||
} (''
|
||||
env
|
||||
set -x
|
||||
mkdir -p $out/etc
|
||||
}
|
||||
(
|
||||
''
|
||||
env
|
||||
set -x
|
||||
mkdir -p $out/etc
|
||||
|
||||
mkdir -p $out/etc/ssl/certs
|
||||
ln -s /nix/var/nix/profiles/default/etc/ssl/certs/ca-bundle.crt $out/etc/ssl/certs
|
||||
mkdir -p $out/etc/ssl/certs
|
||||
ln -s /nix/var/nix/profiles/default/etc/ssl/certs/ca-bundle.crt $out/etc/ssl/certs
|
||||
|
||||
cat $passwdContentsPath > $out/etc/passwd
|
||||
echo "" >> $out/etc/passwd
|
||||
cat $passwdContentsPath > $out/etc/passwd
|
||||
echo "" >> $out/etc/passwd
|
||||
|
||||
cat $groupContentsPath > $out/etc/group
|
||||
echo "" >> $out/etc/group
|
||||
cat $groupContentsPath > $out/etc/group
|
||||
echo "" >> $out/etc/group
|
||||
|
||||
cat $shadowContentsPath > $out/etc/shadow
|
||||
echo "" >> $out/etc/shadow
|
||||
cat $shadowContentsPath > $out/etc/shadow
|
||||
echo "" >> $out/etc/shadow
|
||||
|
||||
mkdir -p $out/usr
|
||||
ln -s /nix/var/nix/profiles/share $out/usr/
|
||||
mkdir -p $out/usr
|
||||
ln -s /nix/var/nix/profiles/share $out/usr/
|
||||
|
||||
mkdir -p $out/nix/var/nix/gcroots
|
||||
mkdir -p $out/nix/var/nix/gcroots
|
||||
|
||||
mkdir $out/tmp
|
||||
mkdir $out/tmp
|
||||
|
||||
mkdir -p $out/var/tmp
|
||||
mkdir -p $out/var/tmp
|
||||
|
||||
mkdir -p $out/etc/nix
|
||||
cat $nixConfContentsPath > $out/etc/nix/nix.conf
|
||||
mkdir -p $out/etc/nix
|
||||
cat $nixConfContentsPath > $out/etc/nix/nix.conf
|
||||
|
||||
mkdir -p $out/root
|
||||
mkdir -p $out/nix/var/nix/profiles/per-user/root
|
||||
mkdir -p $out/root
|
||||
mkdir -p $out/nix/var/nix/profiles/per-user/root
|
||||
|
||||
ln -s ${profile} $out/nix/var/nix/profiles/default-1-link
|
||||
ln -s $out/nix/var/nix/profiles/default-1-link $out/nix/var/nix/profiles/default
|
||||
ln -s /nix/var/nix/profiles/default $out/root/.nix-profile
|
||||
ln -s ${profile} $out/nix/var/nix/profiles/default-1-link
|
||||
ln -s $out/nix/var/nix/profiles/default-1-link $out/nix/var/nix/profiles/default
|
||||
ln -s /nix/var/nix/profiles/default $out/root/.nix-profile
|
||||
|
||||
ln -s ${channel} $out/nix/var/nix/profiles/per-user/root/channels-1-link
|
||||
ln -s $out/nix/var/nix/profiles/per-user/root/channels-1-link $out/nix/var/nix/profiles/per-user/root/channels
|
||||
ln -s ${channel} $out/nix/var/nix/profiles/per-user/root/channels-1-link
|
||||
ln -s $out/nix/var/nix/profiles/per-user/root/channels-1-link $out/nix/var/nix/profiles/per-user/root/channels
|
||||
|
||||
mkdir -p $out/root/.nix-defexpr
|
||||
ln -s $out/nix/var/nix/profiles/per-user/root/channels $out/root/.nix-defexpr/channels
|
||||
echo "${channelURL} ${channelName}" > $out/root/.nix-channels
|
||||
mkdir -p $out/root/.nix-defexpr
|
||||
ln -s $out/nix/var/nix/profiles/per-user/root/channels $out/root/.nix-defexpr/channels
|
||||
echo "${channelURL} ${channelName}" > $out/root/.nix-channels
|
||||
|
||||
mkdir -p $out/bin $out/usr/bin
|
||||
ln -s ${pkgs.coreutils}/bin/env $out/usr/bin/env
|
||||
ln -s ${pkgs.bashInteractive}/bin/bash $out/bin/sh
|
||||
|
||||
'' + (lib.optionalString (flake-registry-path != null) ''
|
||||
nixCacheDir="/root/.cache/nix"
|
||||
mkdir -p $out$nixCacheDir
|
||||
globalFlakeRegistryPath="$nixCacheDir/flake-registry.json"
|
||||
ln -s ${flake-registry-path} $out$globalFlakeRegistryPath
|
||||
mkdir -p $out/nix/var/nix/gcroots/auto
|
||||
rootName=$(${pkgs.nix}/bin/nix --extra-experimental-features nix-command hash file --type sha1 --base32 <(echo -n $globalFlakeRegistryPath))
|
||||
ln -s $globalFlakeRegistryPath $out/nix/var/nix/gcroots/auto/$rootName
|
||||
''));
|
||||
mkdir -p $out/bin $out/usr/bin
|
||||
ln -s ${pkgs.coreutils}/bin/env $out/usr/bin/env
|
||||
ln -s ${pkgs.bashInteractive}/bin/bash $out/bin/sh
|
||||
|
||||
''
|
||||
+ (lib.optionalString (flake-registry-path != null) ''
|
||||
nixCacheDir="/root/.cache/nix"
|
||||
mkdir -p $out$nixCacheDir
|
||||
globalFlakeRegistryPath="$nixCacheDir/flake-registry.json"
|
||||
ln -s ${flake-registry-path} $out$globalFlakeRegistryPath
|
||||
mkdir -p $out/nix/var/nix/gcroots/auto
|
||||
rootName=$(${pkgs.nix}/bin/nix --extra-experimental-features nix-command hash file --type sha1 --base32 <(echo -n $globalFlakeRegistryPath))
|
||||
ln -s $globalFlakeRegistryPath $out/nix/var/nix/gcroots/auto/$rootName
|
||||
'')
|
||||
);
|
||||
in
|
||||
pkgs.dockerTools.buildLayeredImageWithNixDb {
|
||||
|
||||
inherit name tag maxLayers;
|
||||
|
||||
contents = [ baseSystem ];
|
||||
|
@ -285,20 +291,23 @@ pkgs.dockerTools.buildLayeredImageWithNixDb {
|
|||
Cmd = [ "/root/.nix-profile/bin/bash" ];
|
||||
Env = [
|
||||
"USER=root"
|
||||
"PATH=${lib.concatStringsSep ":" [
|
||||
"/root/.nix-profile/bin"
|
||||
"/nix/var/nix/profiles/default/bin"
|
||||
"/nix/var/nix/profiles/default/sbin"
|
||||
]}"
|
||||
"MANPATH=${lib.concatStringsSep ":" [
|
||||
"/root/.nix-profile/share/man"
|
||||
"/nix/var/nix/profiles/default/share/man"
|
||||
]}"
|
||||
"PATH=${
|
||||
lib.concatStringsSep ":" [
|
||||
"/root/.nix-profile/bin"
|
||||
"/nix/var/nix/profiles/default/bin"
|
||||
"/nix/var/nix/profiles/default/sbin"
|
||||
]
|
||||
}"
|
||||
"MANPATH=${
|
||||
lib.concatStringsSep ":" [
|
||||
"/root/.nix-profile/share/man"
|
||||
"/nix/var/nix/profiles/default/share/man"
|
||||
]
|
||||
}"
|
||||
"SSL_CERT_FILE=/nix/var/nix/profiles/default/etc/ssl/certs/ca-bundle.crt"
|
||||
"GIT_SSL_CAINFO=/nix/var/nix/profiles/default/etc/ssl/certs/ca-bundle.crt"
|
||||
"NIX_SSL_CERT_FILE=/nix/var/nix/profiles/default/etc/ssl/certs/ca-bundle.crt"
|
||||
"NIX_PATH=/nix/var/nix/profiles/per-user/root/channels:/root/.nix-defexpr/channels"
|
||||
];
|
||||
};
|
||||
|
||||
}
|
||||
|
|
98
flake.lock
98
flake.lock
|
@ -3,11 +3,11 @@
|
|||
"flake-compat": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1673956053,
|
||||
"narHash": "sha256-4gtG9iQuiKITOjNQQeQIpoIB6b16fm+504Ch3sNKLd8=",
|
||||
"lastModified": 1696426674,
|
||||
"narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
|
||||
"owner": "edolstra",
|
||||
"repo": "flake-compat",
|
||||
"rev": "35bb57c0c8d8b62bbfd284272c928ceb64ddbde9",
|
||||
"rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -16,13 +16,52 @@
|
|||
"type": "github"
|
||||
}
|
||||
},
|
||||
"flake-utils": {
|
||||
"inputs": {
|
||||
"systems": "systems"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1710146030,
|
||||
"narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=",
|
||||
"owner": "numtide",
|
||||
"repo": "flake-utils",
|
||||
"rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "numtide",
|
||||
"repo": "flake-utils",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"gitignore": {
|
||||
"inputs": {
|
||||
"nixpkgs": [
|
||||
"pre-commit-hooks",
|
||||
"nixpkgs"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1709087332,
|
||||
"narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=",
|
||||
"owner": "hercules-ci",
|
||||
"repo": "gitignore.nix",
|
||||
"rev": "637db329424fd7e46cf4185293b9cc8c88c95394",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "hercules-ci",
|
||||
"repo": "gitignore.nix",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nixpkgs": {
|
||||
"locked": {
|
||||
"lastModified": 1709884566,
|
||||
"narHash": "sha256-NSYJg2sfdO/XS3L8XN/59Zhzn0dqWm7XtVnKI2mHq3w=",
|
||||
"lastModified": 1711481231,
|
||||
"narHash": "sha256-J/fW3Xhm3WsJPNd8ksZmfMnol5aOG2qEMDPbOnNNdTQ=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "2be119add7b37dc535da2dd4cba68e2cf8d1517e",
|
||||
"rev": "9d6ddb13cee3cc1192e4430277708c732685f38a",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -48,11 +87,56 @@
|
|||
"type": "github"
|
||||
}
|
||||
},
|
||||
"pre-commit-hooks": {
|
||||
"inputs": {
|
||||
"flake-compat": [
|
||||
"flake-compat"
|
||||
],
|
||||
"flake-utils": "flake-utils",
|
||||
"gitignore": "gitignore",
|
||||
"nixpkgs": [
|
||||
"nixpkgs"
|
||||
],
|
||||
"nixpkgs-stable": [
|
||||
"nixpkgs"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1711562502,
|
||||
"narHash": "sha256-SLo1yf/lfozph818VME9Y56uhaZWY0juZcj/qJZPPrs=",
|
||||
"owner": "9999years",
|
||||
"repo": "git-hooks.nix",
|
||||
"rev": "d2f6f9376c38fb0c48526720793a17f10cd3ac10",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "9999years",
|
||||
"ref": "add-default-pre-commit-hooks",
|
||||
"repo": "git-hooks.nix",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"root": {
|
||||
"inputs": {
|
||||
"flake-compat": "flake-compat",
|
||||
"nixpkgs": "nixpkgs",
|
||||
"nixpkgs-regression": "nixpkgs-regression"
|
||||
"nixpkgs-regression": "nixpkgs-regression",
|
||||
"pre-commit-hooks": "pre-commit-hooks"
|
||||
}
|
||||
},
|
||||
"systems": {
|
||||
"locked": {
|
||||
"lastModified": 1681028828,
|
||||
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
|
||||
"owner": "nix-systems",
|
||||
"repo": "default",
|
||||
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "nix-systems",
|
||||
"repo": "default",
|
||||
"type": "github"
|
||||
}
|
||||
}
|
||||
},
|
||||
|
|
616
flake.nix
616
flake.nix
|
@ -1,12 +1,33 @@
|
|||
{
|
||||
description = "The purely functional package manager";
|
||||
|
||||
inputs.nixpkgs.url = "github:NixOS/nixpkgs/nixos-23.11-small";
|
||||
inputs.nixpkgs-regression.url = "github:NixOS/nixpkgs/215d4d0fd80ca5163643b03a33fde804a29cc1e2";
|
||||
inputs.flake-compat = { url = "github:edolstra/flake-compat"; flake = false; };
|
||||
|
||||
outputs = { self, nixpkgs, nixpkgs-regression, flake-compat }:
|
||||
inputs = {
|
||||
nixpkgs.url = "github:NixOS/nixpkgs/nixos-23.11-small";
|
||||
nixpkgs-regression.url = "github:NixOS/nixpkgs/215d4d0fd80ca5163643b03a33fde804a29cc1e2";
|
||||
pre-commit-hooks = {
|
||||
# Can go back to `cachix/git-hooks.nix` when this is merged:
|
||||
# https://github.com/cachix/git-hooks.nix/pull/401
|
||||
url = "github:9999years/git-hooks.nix/add-default-pre-commit-hooks";
|
||||
inputs = {
|
||||
flake-compat.follows = "flake-compat";
|
||||
nixpkgs.follows = "nixpkgs";
|
||||
nixpkgs-stable.follows = "nixpkgs";
|
||||
};
|
||||
};
|
||||
flake-compat = {
|
||||
url = "github:edolstra/flake-compat";
|
||||
flake = false;
|
||||
};
|
||||
};
|
||||
|
||||
outputs =
|
||||
{
|
||||
self,
|
||||
nixpkgs,
|
||||
nixpkgs-regression,
|
||||
pre-commit-hooks,
|
||||
flake-compat,
|
||||
}:
|
||||
let
|
||||
inherit (nixpkgs) lib;
|
||||
inherit (lib) fileset;
|
||||
|
@ -18,105 +39,137 @@
|
|||
|
||||
version = lib.fileContents ./.version + versionSuffix;
|
||||
versionSuffix =
|
||||
if officialRelease
|
||||
then ""
|
||||
else "pre${builtins.substring 0 8 (self.lastModifiedDate or self.lastModified or "19700101")}_${self.shortRev or "dirty"}";
|
||||
if officialRelease then
|
||||
""
|
||||
else
|
||||
"pre${
|
||||
builtins.substring 0 8 (self.lastModifiedDate or self.lastModified or "19700101")
|
||||
}_${self.shortRev or "dirty"}";
|
||||
|
||||
linux32BitSystems = [ "i686-linux" ];
|
||||
linux64BitSystems = [ "x86_64-linux" "aarch64-linux" ];
|
||||
linux64BitSystems = [
|
||||
"x86_64-linux"
|
||||
"aarch64-linux"
|
||||
];
|
||||
linuxSystems = linux32BitSystems ++ linux64BitSystems;
|
||||
darwinSystems = [ "x86_64-darwin" "aarch64-darwin" ];
|
||||
darwinSystems = [
|
||||
"x86_64-darwin"
|
||||
"aarch64-darwin"
|
||||
];
|
||||
systems = linuxSystems ++ darwinSystems;
|
||||
|
||||
crossSystems = [
|
||||
"armv6l-linux" "armv7l-linux"
|
||||
"x86_64-freebsd13" "x86_64-netbsd"
|
||||
"armv6l-linux"
|
||||
"armv7l-linux"
|
||||
"x86_64-freebsd13"
|
||||
"x86_64-netbsd"
|
||||
];
|
||||
|
||||
stdenvs = [ "gccStdenv" "clangStdenv" "stdenv" "libcxxStdenv" "ccacheStdenv" ];
|
||||
stdenvs = [
|
||||
"gccStdenv"
|
||||
"clangStdenv"
|
||||
"stdenv"
|
||||
"libcxxStdenv"
|
||||
"ccacheStdenv"
|
||||
];
|
||||
|
||||
forAllSystems = lib.genAttrs systems;
|
||||
|
||||
forAllCrossSystems = lib.genAttrs crossSystems;
|
||||
|
||||
forAllStdenvs = f:
|
||||
lib.listToAttrs
|
||||
(map
|
||||
(stdenvName: {
|
||||
name = "${stdenvName}Packages";
|
||||
value = f stdenvName;
|
||||
})
|
||||
stdenvs);
|
||||
forAllStdenvs =
|
||||
f:
|
||||
lib.listToAttrs (
|
||||
map (stdenvName: {
|
||||
name = "${stdenvName}Packages";
|
||||
value = f stdenvName;
|
||||
}) stdenvs
|
||||
);
|
||||
|
||||
# Memoize nixpkgs for different platforms for efficiency.
|
||||
nixpkgsFor = forAllSystems
|
||||
(system: let
|
||||
make-pkgs = crossSystem: stdenv: import nixpkgs {
|
||||
localSystem = {
|
||||
inherit system;
|
||||
};
|
||||
crossSystem = if crossSystem == null then null else {
|
||||
system = crossSystem;
|
||||
} // lib.optionalAttrs (crossSystem == "x86_64-freebsd13") {
|
||||
useLLVM = true;
|
||||
};
|
||||
overlays = [
|
||||
(overlayFor (p: p.${stdenv}))
|
||||
];
|
||||
nixpkgsFor = forAllSystems (
|
||||
system:
|
||||
let
|
||||
make-pkgs =
|
||||
crossSystem: stdenv:
|
||||
import nixpkgs {
|
||||
localSystem = {
|
||||
inherit system;
|
||||
};
|
||||
crossSystem =
|
||||
if crossSystem == null then
|
||||
null
|
||||
else
|
||||
{
|
||||
system = crossSystem;
|
||||
}
|
||||
// lib.optionalAttrs (crossSystem == "x86_64-freebsd13") { useLLVM = true; };
|
||||
overlays = [
|
||||
(overlayFor (p: p.${stdenv}))
|
||||
(final: prev: { nixfmt = final.callPackage ./nix-support/nixfmt.nix { }; })
|
||||
];
|
||||
|
||||
config.permittedInsecurePackages = [ "nix-2.13.6" ];
|
||||
};
|
||||
config.permittedInsecurePackages = [ "nix-2.13.6" ];
|
||||
};
|
||||
stdenvs = forAllStdenvs (make-pkgs null);
|
||||
native = stdenvs.stdenvPackages;
|
||||
in {
|
||||
in
|
||||
{
|
||||
inherit stdenvs native;
|
||||
static = native.pkgsStatic;
|
||||
cross = forAllCrossSystems (crossSystem: make-pkgs crossSystem "stdenv");
|
||||
});
|
||||
}
|
||||
);
|
||||
|
||||
testNixVersions = pkgs: client: daemon: let
|
||||
nix = pkgs.callPackage ./package.nix {
|
||||
pname =
|
||||
"nix-tests"
|
||||
+ lib.optionalString
|
||||
(lib.versionAtLeast daemon.version "2.4pre20211005" &&
|
||||
lib.versionAtLeast client.version "2.4pre20211005")
|
||||
"-${client.version}-against-${daemon.version}";
|
||||
testNixVersions =
|
||||
pkgs: client: daemon:
|
||||
let
|
||||
nix = pkgs.callPackage ./package.nix {
|
||||
pname =
|
||||
"nix-tests"
|
||||
+ lib.optionalString (
|
||||
lib.versionAtLeast daemon.version "2.4pre20211005"
|
||||
&& lib.versionAtLeast client.version "2.4pre20211005"
|
||||
) "-${client.version}-against-${daemon.version}";
|
||||
|
||||
inherit fileset;
|
||||
};
|
||||
in nix.overrideAttrs (prevAttrs: {
|
||||
NIX_DAEMON_PACKAGE = daemon;
|
||||
NIX_CLIENT_PACKAGE = client;
|
||||
};
|
||||
in
|
||||
nix.overrideAttrs (prevAttrs: {
|
||||
NIX_DAEMON_PACKAGE = daemon;
|
||||
NIX_CLIENT_PACKAGE = client;
|
||||
|
||||
dontBuild = true;
|
||||
doInstallCheck = true;
|
||||
dontBuild = true;
|
||||
doInstallCheck = true;
|
||||
|
||||
configureFlags = prevAttrs.configureFlags ++ [
|
||||
# We don't need the actual build here.
|
||||
"--disable-build"
|
||||
];
|
||||
configureFlags = prevAttrs.configureFlags ++ [
|
||||
# We don't need the actual build here.
|
||||
"--disable-build"
|
||||
];
|
||||
|
||||
installPhase = ''
|
||||
mkdir -p $out
|
||||
'';
|
||||
installPhase = ''
|
||||
mkdir -p $out
|
||||
'';
|
||||
|
||||
installCheckPhase = lib.optionalString pkgs.stdenv.hostPlatform.isDarwin ''
|
||||
export OBJC_DISABLE_INITIALIZE_FORK_SAFETY=YES
|
||||
'' + ''
|
||||
mkdir -p src/nix-channel
|
||||
make installcheck -j$NIX_BUILD_CORES -l$NIX_BUILD_CORES
|
||||
'';
|
||||
});
|
||||
installCheckPhase =
|
||||
lib.optionalString pkgs.stdenv.hostPlatform.isDarwin ''
|
||||
export OBJC_DISABLE_INITIALIZE_FORK_SAFETY=YES
|
||||
''
|
||||
+ ''
|
||||
mkdir -p src/nix-channel
|
||||
make installcheck -j$NIX_BUILD_CORES -l$NIX_BUILD_CORES
|
||||
'';
|
||||
});
|
||||
|
||||
binaryTarball = nix: pkgs:
|
||||
binaryTarball =
|
||||
nix: pkgs:
|
||||
let
|
||||
inherit (pkgs) buildPackages;
|
||||
installerClosureInfo = buildPackages.closureInfo { rootPaths = [ nix ]; };
|
||||
in
|
||||
|
||||
buildPackages.runCommand "nix-binary-tarball-${version}"
|
||||
{ #nativeBuildInputs = lib.optional (system != "aarch64-linux") shellcheck;
|
||||
{
|
||||
#nativeBuildInputs = lib.optional (system != "aarch64-linux") shellcheck;
|
||||
meta.description = "Distribution-independent Nix bootstrap binaries for ${pkgs.system}";
|
||||
}
|
||||
''
|
||||
|
@ -137,25 +190,26 @@
|
|||
$(cat ${installerClosureInfo}/store-paths)
|
||||
'';
|
||||
|
||||
overlayFor = getStdenv: final: prev:
|
||||
overlayFor =
|
||||
getStdenv: final: prev:
|
||||
let
|
||||
currentStdenv = getStdenv final;
|
||||
comDeps = with final; commonDeps {
|
||||
inherit pkgs;
|
||||
inherit (currentStdenv.hostPlatform) isStatic;
|
||||
};
|
||||
in {
|
||||
comDeps =
|
||||
with final;
|
||||
commonDeps {
|
||||
inherit pkgs;
|
||||
inherit (currentStdenv.hostPlatform) isStatic;
|
||||
};
|
||||
in
|
||||
{
|
||||
nixStable = prev.nix;
|
||||
|
||||
# Forward from the previous stage as we don’t want it to pick the lowdown override
|
||||
nixUnstable = prev.nixUnstable;
|
||||
|
||||
build-release-notes =
|
||||
final.buildPackages.callPackage ./maintainers/build-release-notes.nix { };
|
||||
build-release-notes = final.buildPackages.callPackage ./maintainers/build-release-notes.nix { };
|
||||
clangbuildanalyzer = final.buildPackages.callPackage ./misc/clangbuildanalyzer.nix { };
|
||||
boehmgc-nix = (final.boehmgc.override {
|
||||
enableLargeConfig = true;
|
||||
}).overrideAttrs (o: {
|
||||
boehmgc-nix = (final.boehmgc.override { enableLargeConfig = true; }).overrideAttrs (o: {
|
||||
patches = (o.patches or [ ]) ++ [
|
||||
./boehmgc-coroutine-sp-fallback.diff
|
||||
|
||||
|
@ -195,57 +249,65 @@
|
|||
busybox-sandbox-shell = final.busybox-sandbox-shell or final.default-busybox-sandbox-shell;
|
||||
};
|
||||
};
|
||||
|
||||
in {
|
||||
in
|
||||
{
|
||||
# A Nixpkgs overlay that overrides the 'nix' and
|
||||
# 'nix.perl-bindings' packages.
|
||||
overlays.default = overlayFor (p: p.stdenv);
|
||||
|
||||
hydraJobs = {
|
||||
|
||||
# Binary package for various platforms.
|
||||
build = forAllSystems (system: self.packages.${system}.nix);
|
||||
|
||||
# FIXME(Qyriad): remove this when the migration to Meson has been completed.
|
||||
# NOTE: mesonBuildClang depends on mesonBuild depends on build to avoid OOMs
|
||||
# on aarch64 builders caused by too many parallel compiler/linker processes.
|
||||
mesonBuild = forAllSystems (system:
|
||||
(self.packages.${system}.nix.override {
|
||||
buildWithMeson = true;
|
||||
}).overrideAttrs (prev: {
|
||||
mesonBuild = forAllSystems (
|
||||
system:
|
||||
(self.packages.${system}.nix.override { buildWithMeson = true; }).overrideAttrs (prev: {
|
||||
buildInputs = prev.buildInputs ++ [ self.packages.${system}.nix ];
|
||||
}));
|
||||
mesonBuildClang = forAllSystems (system:
|
||||
(nixpkgsFor.${system}.stdenvs.clangStdenvPackages.nix.override {
|
||||
buildWithMeson = true;
|
||||
}).overrideAttrs (prev: {
|
||||
buildInputs = prev.buildInputs ++ [ self.hydraJobs.mesonBuild.${system} ];
|
||||
})
|
||||
);
|
||||
mesonBuildClang = forAllSystems (
|
||||
system:
|
||||
(nixpkgsFor.${system}.stdenvs.clangStdenvPackages.nix.override { buildWithMeson = true; })
|
||||
.overrideAttrs
|
||||
(prev: {
|
||||
buildInputs = prev.buildInputs ++ [ self.hydraJobs.mesonBuild.${system} ];
|
||||
})
|
||||
);
|
||||
|
||||
# Perl bindings for various platforms.
|
||||
perlBindings = forAllSystems (system: nixpkgsFor.${system}.native.nix.perl-bindings);
|
||||
|
||||
# Binary tarball for various platforms, containing a Nix store
|
||||
# with the closure of 'nix' package.
|
||||
binaryTarball = forAllSystems (system: binaryTarball nixpkgsFor.${system}.native.nix nixpkgsFor.${system}.native);
|
||||
binaryTarball = forAllSystems (
|
||||
system: binaryTarball nixpkgsFor.${system}.native.nix nixpkgsFor.${system}.native
|
||||
);
|
||||
|
||||
# docker image with Nix inside
|
||||
dockerImage = lib.genAttrs linux64BitSystems (system: self.packages.${system}.dockerImage);
|
||||
|
||||
# API docs for Nix's unstable internal C++ interfaces.
|
||||
internal-api-docs = let
|
||||
nixpkgs = nixpkgsFor.x86_64-linux.native;
|
||||
inherit (nixpkgs) pkgs;
|
||||
internal-api-docs =
|
||||
let
|
||||
nixpkgs = nixpkgsFor.x86_64-linux.native;
|
||||
inherit (nixpkgs) pkgs;
|
||||
|
||||
nix = pkgs.callPackage ./package.nix {
|
||||
inherit versionSuffix fileset officialRelease buildUnreleasedNotes;
|
||||
inherit (pkgs) build-release-notes;
|
||||
internalApiDocs = true;
|
||||
boehmgc = pkgs.boehmgc-nix;
|
||||
busybox-sandbox-shell = pkgs.busybox-sandbox-shell;
|
||||
};
|
||||
in
|
||||
nix = pkgs.callPackage ./package.nix {
|
||||
inherit
|
||||
versionSuffix
|
||||
fileset
|
||||
officialRelease
|
||||
buildUnreleasedNotes
|
||||
;
|
||||
inherit (pkgs) build-release-notes;
|
||||
internalApiDocs = true;
|
||||
boehmgc = pkgs.boehmgc-nix;
|
||||
busybox-sandbox-shell = pkgs.busybox-sandbox-shell;
|
||||
};
|
||||
in
|
||||
nix.overrideAttrs (prev: {
|
||||
# This Hydra job is just for the internal API docs.
|
||||
# We don't need the build artifacts here.
|
||||
|
@ -256,146 +318,248 @@
|
|||
|
||||
# System tests.
|
||||
tests = import ./tests/nixos { inherit lib nixpkgs nixpkgsFor; } // {
|
||||
|
||||
# Make sure that nix-env still produces the exact same result
|
||||
# on a particular version of Nixpkgs.
|
||||
evalNixpkgs =
|
||||
with nixpkgsFor.x86_64-linux.native;
|
||||
runCommand "eval-nixos" { buildInputs = [ nix ]; }
|
||||
''
|
||||
type -p nix-env
|
||||
# Note: we're filtering out nixos-install-tools because https://github.com/NixOS/nixpkgs/pull/153594#issuecomment-1020530593.
|
||||
time nix-env --store dummy:// -f ${nixpkgs-regression} -qaP --drv-path | sort | grep -v nixos-install-tools > packages
|
||||
[[ $(sha1sum < packages | cut -c1-40) = 402242fca90874112b34718b8199d844e8b03d12 ]]
|
||||
mkdir $out
|
||||
'';
|
||||
runCommand "eval-nixos" { buildInputs = [ nix ]; } ''
|
||||
type -p nix-env
|
||||
# Note: we're filtering out nixos-install-tools because https://github.com/NixOS/nixpkgs/pull/153594#issuecomment-1020530593.
|
||||
time nix-env --store dummy:// -f ${nixpkgs-regression} -qaP --drv-path | sort | grep -v nixos-install-tools > packages
|
||||
[[ $(sha1sum < packages | cut -c1-40) = 402242fca90874112b34718b8199d844e8b03d12 ]]
|
||||
mkdir $out
|
||||
'';
|
||||
|
||||
nixpkgsLibTests =
|
||||
forAllSystems (system:
|
||||
import (nixpkgs + "/lib/tests/release.nix")
|
||||
{ pkgs = nixpkgsFor.${system}.native;
|
||||
nixVersions = [ self.packages.${system}.nix ];
|
||||
}
|
||||
);
|
||||
nixpkgsLibTests = forAllSystems (
|
||||
system:
|
||||
import (nixpkgs + "/lib/tests/release.nix") {
|
||||
pkgs = nixpkgsFor.${system}.native;
|
||||
nixVersions = [ self.packages.${system}.nix ];
|
||||
}
|
||||
);
|
||||
};
|
||||
|
||||
pre-commit = builtins.mapAttrs (
|
||||
system: pre-commit-lib:
|
||||
pre-commit-lib.run {
|
||||
src = self;
|
||||
hooks = {
|
||||
no-commit-to-branch = {
|
||||
enable = true;
|
||||
settings.branch = [ "main" ];
|
||||
};
|
||||
check-case-conflicts.enable = true;
|
||||
check-executables-have-shebangs = {
|
||||
enable = true;
|
||||
stages = [ "commit" ];
|
||||
};
|
||||
check-shebang-scripts-are-executable = {
|
||||
enable = true;
|
||||
stages = [ "commit" ];
|
||||
};
|
||||
check-symlinks = {
|
||||
enable = true;
|
||||
excludes = [ "^tests/functional/lang/symlink-resolution/broken$" ];
|
||||
};
|
||||
check-merge-conflicts.enable = true;
|
||||
end-of-file-fixer = {
|
||||
enable = true;
|
||||
excludes = [
|
||||
"\\.drv$"
|
||||
"^tests/functional/lang/"
|
||||
];
|
||||
};
|
||||
mixed-line-endings = {
|
||||
enable = true;
|
||||
excludes = [ "^tests/functional/lang/" ];
|
||||
};
|
||||
# TODO: Once the test suite is nicer, clean up and start
|
||||
# enforcing trailing whitespace on tests that don't explicitly
|
||||
# check for it.
|
||||
trim-trailing-whitespace = {
|
||||
enable = true;
|
||||
stages = [ "commit" ];
|
||||
excludes = [ "^tests/functional/lang/" ];
|
||||
};
|
||||
treefmt = {
|
||||
enable = true;
|
||||
settings.formatters =
|
||||
let
|
||||
pkgs = nixpkgsFor.${system}.native;
|
||||
in
|
||||
[ pkgs.nixfmt ];
|
||||
};
|
||||
};
|
||||
}
|
||||
) pre-commit-hooks.lib;
|
||||
};
|
||||
|
||||
checks = forAllSystems (system: let
|
||||
rl-next-check = name: dir:
|
||||
let pkgs = nixpkgsFor.${system}.native;
|
||||
in pkgs.buildPackages.runCommand "test-${name}-release-notes" { } ''
|
||||
LANG=C.UTF-8 ${lib.getExe pkgs.build-release-notes} ${dir} >$out
|
||||
'';
|
||||
in {
|
||||
# FIXME(Qyriad): remove this when the migration to Meson has been completed.
|
||||
mesonBuild = self.hydraJobs.mesonBuild.${system};
|
||||
mesonBuildClang = self.hydraJobs.mesonBuildClang.${system};
|
||||
binaryTarball = self.hydraJobs.binaryTarball.${system};
|
||||
perlBindings = self.hydraJobs.perlBindings.${system};
|
||||
nixpkgsLibTests = self.hydraJobs.tests.nixpkgsLibTests.${system};
|
||||
rl-next = rl-next-check "rl-next" ./doc/manual/rl-next;
|
||||
rl-next-dev = rl-next-check "rl-next-dev" ./doc/manual/rl-next-dev;
|
||||
} // (lib.optionalAttrs (builtins.elem system linux64BitSystems)) {
|
||||
dockerImage = self.hydraJobs.dockerImage.${system};
|
||||
});
|
||||
|
||||
packages = forAllSystems (system: rec {
|
||||
inherit (nixpkgsFor.${system}.native) nix;
|
||||
default = nix;
|
||||
} // (lib.optionalAttrs (builtins.elem system linux64BitSystems) {
|
||||
nix-static = nixpkgsFor.${system}.static.nix;
|
||||
dockerImage =
|
||||
let
|
||||
pkgs = nixpkgsFor.${system}.native;
|
||||
image = import ./docker.nix { inherit pkgs; tag = version; };
|
||||
in
|
||||
pkgs.runCommand
|
||||
"docker-image-tarball-${version}"
|
||||
{ meta.description = "Docker image with Nix for ${system}"; }
|
||||
''
|
||||
mkdir -p $out/nix-support
|
||||
image=$out/image.tar.gz
|
||||
ln -s ${image} $image
|
||||
echo "file binary-dist $image" >> $out/nix-support/hydra-build-products
|
||||
checks = forAllSystems (
|
||||
system:
|
||||
let
|
||||
rl-next-check =
|
||||
name: dir:
|
||||
let
|
||||
pkgs = nixpkgsFor.${system}.native;
|
||||
in
|
||||
pkgs.buildPackages.runCommand "test-${name}-release-notes" { } ''
|
||||
LANG=C.UTF-8 ${lib.getExe pkgs.build-release-notes} ${dir} >$out
|
||||
'';
|
||||
} // builtins.listToAttrs (map
|
||||
(crossSystem: {
|
||||
name = "nix-${crossSystem}";
|
||||
value = nixpkgsFor.${system}.cross.${crossSystem}.nix;
|
||||
})
|
||||
crossSystems)
|
||||
// builtins.listToAttrs (map
|
||||
(stdenvName: {
|
||||
name = "nix-${stdenvName}";
|
||||
value = nixpkgsFor.${system}.stdenvs."${stdenvName}Packages".nix;
|
||||
})
|
||||
stdenvs)));
|
||||
in
|
||||
{
|
||||
# FIXME(Qyriad): remove this when the migration to Meson has been completed.
|
||||
mesonBuild = self.hydraJobs.mesonBuild.${system};
|
||||
mesonBuildClang = self.hydraJobs.mesonBuildClang.${system};
|
||||
binaryTarball = self.hydraJobs.binaryTarball.${system};
|
||||
perlBindings = self.hydraJobs.perlBindings.${system};
|
||||
nixpkgsLibTests = self.hydraJobs.tests.nixpkgsLibTests.${system};
|
||||
rl-next = rl-next-check "rl-next" ./doc/manual/rl-next;
|
||||
rl-next-dev = rl-next-check "rl-next-dev" ./doc/manual/rl-next-dev;
|
||||
pre-commit = self.hydraJobs.pre-commit.${system};
|
||||
}
|
||||
// (lib.optionalAttrs (builtins.elem system linux64BitSystems)) {
|
||||
dockerImage = self.hydraJobs.dockerImage.${system};
|
||||
}
|
||||
);
|
||||
|
||||
devShells = let
|
||||
makeShell = pkgs: stdenv:
|
||||
let
|
||||
nix = pkgs.callPackage ./package.nix {
|
||||
inherit stdenv versionSuffix fileset;
|
||||
boehmgc = pkgs.boehmgc-nix;
|
||||
busybox-sandbox-shell = pkgs.busybox-sandbox-shell or pkgs.default-busybox-sandbox;
|
||||
forDevShell = true;
|
||||
};
|
||||
in
|
||||
packages = forAllSystems (
|
||||
system:
|
||||
rec {
|
||||
inherit (nixpkgsFor.${system}.native) nix;
|
||||
default = nix;
|
||||
}
|
||||
// (
|
||||
lib.optionalAttrs (builtins.elem system linux64BitSystems) {
|
||||
nix-static = nixpkgsFor.${system}.static.nix;
|
||||
dockerImage =
|
||||
let
|
||||
pkgs = nixpkgsFor.${system}.native;
|
||||
image = import ./docker.nix {
|
||||
inherit pkgs;
|
||||
tag = version;
|
||||
};
|
||||
in
|
||||
pkgs.runCommand "docker-image-tarball-${version}"
|
||||
{ meta.description = "Docker image with Nix for ${system}"; }
|
||||
''
|
||||
mkdir -p $out/nix-support
|
||||
image=$out/image.tar.gz
|
||||
ln -s ${image} $image
|
||||
echo "file binary-dist $image" >> $out/nix-support/hydra-build-products
|
||||
'';
|
||||
}
|
||||
// builtins.listToAttrs (
|
||||
map (crossSystem: {
|
||||
name = "nix-${crossSystem}";
|
||||
value = nixpkgsFor.${system}.cross.${crossSystem}.nix;
|
||||
}) crossSystems
|
||||
)
|
||||
// builtins.listToAttrs (
|
||||
map (stdenvName: {
|
||||
name = "nix-${stdenvName}";
|
||||
value = nixpkgsFor.${system}.stdenvs."${stdenvName}Packages".nix;
|
||||
}) stdenvs
|
||||
)
|
||||
)
|
||||
);
|
||||
|
||||
devShells =
|
||||
let
|
||||
makeShell =
|
||||
pkgs: stdenv:
|
||||
let
|
||||
nix = pkgs.callPackage ./package.nix {
|
||||
inherit stdenv versionSuffix fileset;
|
||||
boehmgc = pkgs.boehmgc-nix;
|
||||
busybox-sandbox-shell = pkgs.busybox-sandbox-shell or pkgs.default-busybox-sandbox;
|
||||
forDevShell = true;
|
||||
};
|
||||
pre-commit = self.hydraJobs.pre-commit.${pkgs.system} or { };
|
||||
in
|
||||
(nix.override {
|
||||
buildUnreleasedNotes = true;
|
||||
officialRelease = false;
|
||||
}).overrideAttrs (prev: {
|
||||
# Required for clang-tidy checks
|
||||
buildInputs = prev.buildInputs ++ lib.optionals (stdenv.cc.isClang) [ pkgs.llvmPackages.llvm pkgs.llvmPackages.clang-unwrapped.dev ];
|
||||
nativeBuildInputs = prev.nativeBuildInputs
|
||||
++ lib.optional (stdenv.cc.isClang && !stdenv.buildPlatform.isDarwin) pkgs.buildPackages.bear
|
||||
# Required for clang-tidy checks
|
||||
++ lib.optionals (stdenv.cc.isClang) [ pkgs.buildPackages.cmake pkgs.buildPackages.ninja pkgs.buildPackages.llvmPackages.llvm.dev ]
|
||||
++ lib.optional
|
||||
(stdenv.cc.isClang && stdenv.hostPlatform == stdenv.buildPlatform)
|
||||
# for some reason that seems accidental and was changed in
|
||||
# NixOS 24.05-pre, clang-tools is pinned to LLVM 14 when
|
||||
# default LLVM is newer.
|
||||
(pkgs.buildPackages.clang-tools.override { inherit (pkgs.buildPackages) llvmPackages; })
|
||||
++ [
|
||||
# FIXME(Qyriad): remove once the migration to Meson is complete.
|
||||
pkgs.buildPackages.meson
|
||||
pkgs.buildPackages.ninja
|
||||
}).overrideAttrs
|
||||
(
|
||||
prev:
|
||||
{
|
||||
# Required for clang-tidy checks
|
||||
buildInputs =
|
||||
prev.buildInputs
|
||||
++ lib.optional (pre-commit ? enabledPackages) pre-commit.enabledPackages
|
||||
# Unfortunately `git-hooks.nix` can't propagate `treefmt`
|
||||
# formatters into `enabledPackages` correctly.
|
||||
++ [ pkgs.nixfmt ]
|
||||
++ lib.optionals (stdenv.cc.isClang) [
|
||||
pkgs.llvmPackages.llvm
|
||||
pkgs.llvmPackages.clang-unwrapped.dev
|
||||
];
|
||||
nativeBuildInputs =
|
||||
prev.nativeBuildInputs
|
||||
++ lib.optional (stdenv.cc.isClang && !stdenv.buildPlatform.isDarwin) pkgs.buildPackages.bear
|
||||
# Required for clang-tidy checks
|
||||
++ lib.optionals (stdenv.cc.isClang) [
|
||||
pkgs.buildPackages.cmake
|
||||
pkgs.buildPackages.ninja
|
||||
pkgs.buildPackages.llvmPackages.llvm.dev
|
||||
]
|
||||
++
|
||||
lib.optional (stdenv.cc.isClang && stdenv.hostPlatform == stdenv.buildPlatform)
|
||||
# for some reason that seems accidental and was changed in
|
||||
# NixOS 24.05-pre, clang-tools is pinned to LLVM 14 when
|
||||
# default LLVM is newer.
|
||||
(pkgs.buildPackages.clang-tools.override { inherit (pkgs.buildPackages) llvmPackages; })
|
||||
++ [
|
||||
# FIXME(Qyriad): remove once the migration to Meson is complete.
|
||||
pkgs.buildPackages.meson
|
||||
pkgs.buildPackages.ninja
|
||||
|
||||
pkgs.buildPackages.clangbuildanalyzer
|
||||
];
|
||||
pkgs.buildPackages.clangbuildanalyzer
|
||||
];
|
||||
|
||||
src = null;
|
||||
src = null;
|
||||
|
||||
installFlags = "sysconfdir=$(out)/etc";
|
||||
strictDeps = false;
|
||||
installFlags = "sysconfdir=$(out)/etc";
|
||||
strictDeps = false;
|
||||
|
||||
shellHook = ''
|
||||
PATH=$prefix/bin:$PATH
|
||||
unset PYTHONPATH
|
||||
export MANPATH=$out/share/man:$MANPATH
|
||||
shellHook = ''
|
||||
PATH=$prefix/bin:$PATH
|
||||
unset PYTHONPATH
|
||||
export MANPATH=$out/share/man:$MANPATH
|
||||
|
||||
# Make bash completion work.
|
||||
XDG_DATA_DIRS+=:$out/share
|
||||
'';
|
||||
} // lib.optionalAttrs (stdenv.buildPlatform.isLinux && pkgs.glibcLocales != null) {
|
||||
# Required to make non-NixOS Linux not complain about missing locale files during configure in a dev shell
|
||||
LOCALE_ARCHIVE = "${lib.getLib pkgs.glibcLocales}/lib/locale/locale-archive";
|
||||
});
|
||||
# Make bash completion work.
|
||||
XDG_DATA_DIRS+=:$out/share
|
||||
|
||||
${lib.optionalString (pre-commit ? shellHook) pre-commit.shellHook}
|
||||
'';
|
||||
}
|
||||
// lib.optionalAttrs (stdenv.buildPlatform.isLinux && pkgs.glibcLocales != null) {
|
||||
# Required to make non-NixOS Linux not complain about missing locale files during configure in a dev shell
|
||||
LOCALE_ARCHIVE = "${lib.getLib pkgs.glibcLocales}/lib/locale/locale-archive";
|
||||
}
|
||||
);
|
||||
in
|
||||
forAllSystems (system:
|
||||
forAllSystems (
|
||||
system:
|
||||
let
|
||||
makeShells = prefix: pkgs:
|
||||
lib.mapAttrs'
|
||||
(k: v: lib.nameValuePair "${prefix}-${k}" v)
|
||||
(forAllStdenvs (stdenvName: makeShell pkgs pkgs.${stdenvName}));
|
||||
makeShells =
|
||||
prefix: pkgs:
|
||||
lib.mapAttrs' (k: v: lib.nameValuePair "${prefix}-${k}" v) (
|
||||
forAllStdenvs (stdenvName: makeShell pkgs pkgs.${stdenvName})
|
||||
);
|
||||
in
|
||||
(makeShells "native" nixpkgsFor.${system}.native) //
|
||||
(makeShells "static" nixpkgsFor.${system}.static) //
|
||||
(forAllCrossSystems (crossSystem: let pkgs = nixpkgsFor.${system}.cross.${crossSystem}; in makeShell pkgs pkgs.stdenv)) //
|
||||
{
|
||||
default = self.devShells.${system}.native-stdenvPackages;
|
||||
}
|
||||
(makeShells "native" nixpkgsFor.${system}.native)
|
||||
// (makeShells "static" nixpkgsFor.${system}.static)
|
||||
// (forAllCrossSystems (
|
||||
crossSystem:
|
||||
let
|
||||
pkgs = nixpkgsFor.${system}.cross.${crossSystem};
|
||||
in
|
||||
makeShell pkgs pkgs.stdenv
|
||||
))
|
||||
// {
|
||||
default = self.devShells.${system}.native-stdenvPackages;
|
||||
}
|
||||
);
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
@ -1,5 +1,8 @@
|
|||
{ lib, python3, writeShellScriptBin }:
|
||||
|
||||
{
|
||||
lib,
|
||||
python3,
|
||||
writeShellScriptBin,
|
||||
}:
|
||||
writeShellScriptBin "build-release-notes" ''
|
||||
exec ${lib.getExe (python3.withPackages (p: [ p.python-frontmatter ]))} \
|
||||
${./build-release-notes.py} "$@"
|
||||
|
|
0
maintainers/build-release-notes.py
Executable file → Normal file
0
maintainers/build-release-notes.py
Executable file → Normal file
|
@ -189,8 +189,7 @@ release:
|
|||
|
||||
* Bump the version number of the release branch as above (e.g. to
|
||||
`2.12.2`).
|
||||
|
||||
|
||||
## Recovering from mistakes
|
||||
|
||||
`upload-release.pl` should be idempotent. For instance a wrong `IS_LATEST` value can be fixed that way, by running the script on the actual latest release.
|
||||
|
||||
|
|
|
@ -84,4 +84,3 @@ except Exception as e:
|
|||
print(f'{name}: INTERNAL ERROR running test ({sys.argv}): {e}', file=sys.stderr)
|
||||
print(f'this is a bug in {name}')
|
||||
sys.exit(99)
|
||||
|
||||
|
|
|
@ -1,6 +1,11 @@
|
|||
# Upstreaming here, can be deleted once it's upstreamed:
|
||||
# https://github.com/NixOS/nixpkgs/pull/297102
|
||||
{ stdenv, lib, cmake, fetchFromGitHub }:
|
||||
{
|
||||
stdenv,
|
||||
lib,
|
||||
cmake,
|
||||
fetchFromGitHub,
|
||||
}:
|
||||
stdenv.mkDerivation (finalAttrs: {
|
||||
pname = "clangbuildanalyzer";
|
||||
version = "1.5.0";
|
||||
|
@ -12,9 +17,7 @@ stdenv.mkDerivation (finalAttrs: {
|
|||
sha256 = "sha256-kmgdk634zM0W0OoRoP/RzepArSipa5bNqdVgdZO9gxo=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [
|
||||
cmake
|
||||
];
|
||||
nativeBuildInputs = [ cmake ];
|
||||
|
||||
meta = {
|
||||
description = "Tool for analyzing Clang's -ftrace-time files";
|
||||
|
|
|
@ -3,20 +3,20 @@
|
|||
# nix-daemon: Starts the nix package manager daemon
|
||||
#
|
||||
# chkconfig: 345 24 02
|
||||
# description: This is a daemon which enable the multi-user mode
|
||||
# description: This is a daemon which enable the multi-user mode
|
||||
# of the nix package manager.
|
||||
# processname: nix-daemon
|
||||
# pidfile: /var/run/nix/nix-daemon.pid
|
||||
|
||||
### BEGIN INIT INFO
|
||||
# Required-Start:
|
||||
# Required-Stop:
|
||||
# Should-Start:
|
||||
# Should-Stop:
|
||||
# Required-Start:
|
||||
# Required-Stop:
|
||||
# Should-Start:
|
||||
# Should-Stop:
|
||||
# Default-Start: 3 4 5
|
||||
# Default-Stop: 0 1 2 6
|
||||
# Short-Description: Starts the nix daemon
|
||||
# Description: This is a daemon which enable the multi-user mode
|
||||
# Description: This is a daemon which enable the multi-user mode
|
||||
# of the nix package manager.
|
||||
### END INIT INFO
|
||||
|
||||
|
|
79
nix-support/nixfmt.nix
Normal file
79
nix-support/nixfmt.nix
Normal file
|
@ -0,0 +1,79 @@
|
|||
# Copy of `nixfmt-rfc-style` vendored from `nixpkgs` master:
|
||||
# https://github.com/NixOS/nixpkgs/blob/ab6071eb54cc9b66dda436111d4f569e4e56cbf4/pkgs/by-name/ni/nixfmt-rfc-style/package.nix
|
||||
{
|
||||
haskell,
|
||||
haskellPackages,
|
||||
lib,
|
||||
fetchpatch,
|
||||
}:
|
||||
let
|
||||
inherit (haskell.lib.compose) overrideCabal justStaticExecutables;
|
||||
|
||||
overrides = {
|
||||
version = "unstable-2024-03-01";
|
||||
|
||||
patches = [
|
||||
(fetchpatch {
|
||||
url = "https://github.com/serokell/nixfmt/commit/ca9c8975ed671112fdfce94f2e9e2ad3de480c9a.patch";
|
||||
hash = "sha256-UOSAYahSKBsqPMVcQJ3H26Eg2xpPAsNOjYMI6g+WTYU=";
|
||||
})
|
||||
];
|
||||
};
|
||||
|
||||
raw-pkg = haskellPackages.callPackage (
|
||||
{
|
||||
mkDerivation,
|
||||
base,
|
||||
cmdargs,
|
||||
directory,
|
||||
fetchzip,
|
||||
filepath,
|
||||
lib,
|
||||
megaparsec,
|
||||
mtl,
|
||||
parser-combinators,
|
||||
safe-exceptions,
|
||||
scientific,
|
||||
text,
|
||||
transformers,
|
||||
unix,
|
||||
}:
|
||||
mkDerivation {
|
||||
pname = "nixfmt";
|
||||
version = "0.5.0";
|
||||
src = fetchzip {
|
||||
url = "https://github.com/piegamesde/nixfmt/archive/2b5ee820690bae64cb4003e46917ae43541e3e0b.tar.gz";
|
||||
sha256 = "1i1jbc1q4gd7fpilwy6s3a583yl5l8d8rlmipygj61mpclg9ihqg";
|
||||
};
|
||||
isLibrary = true;
|
||||
isExecutable = true;
|
||||
libraryHaskellDepends = [
|
||||
base
|
||||
megaparsec
|
||||
mtl
|
||||
parser-combinators
|
||||
scientific
|
||||
text
|
||||
transformers
|
||||
];
|
||||
executableHaskellDepends = [
|
||||
base
|
||||
cmdargs
|
||||
directory
|
||||
filepath
|
||||
safe-exceptions
|
||||
text
|
||||
unix
|
||||
];
|
||||
jailbreak = true;
|
||||
homepage = "https://github.com/serokell/nixfmt";
|
||||
description = "An opinionated formatter for Nix";
|
||||
license = lib.licenses.mpl20;
|
||||
mainProgram = "nixfmt";
|
||||
}
|
||||
) { };
|
||||
in
|
||||
lib.pipe raw-pkg [
|
||||
(overrideCabal overrides)
|
||||
justStaticExecutables
|
||||
]
|
291
package.nix
291
package.nix
|
@ -40,9 +40,11 @@
|
|||
util-linuxMinimal ? utillinuxMinimal,
|
||||
utillinuxMinimal ? null,
|
||||
xz,
|
||||
|
||||
busybox-sandbox-shell,
|
||||
|
||||
# Customization options
|
||||
# =====================
|
||||
|
||||
pname ? "nix",
|
||||
versionSuffix ? "",
|
||||
officialRelease ? true,
|
||||
|
@ -61,19 +63,21 @@
|
|||
__forDefaults ? {
|
||||
canRunInstalled = stdenv.buildPlatform.canExecute stdenv.hostPlatform;
|
||||
},
|
||||
}: let
|
||||
}:
|
||||
let
|
||||
inherit (__forDefaults) canRunInstalled;
|
||||
|
||||
version = lib.fileContents ./.version + versionSuffix;
|
||||
|
||||
aws-sdk-cpp-nix = aws-sdk-cpp.override {
|
||||
apis = [ "s3" "transfer" ];
|
||||
apis = [
|
||||
"s3"
|
||||
"transfer"
|
||||
];
|
||||
customMemoryManagement = false;
|
||||
};
|
||||
|
||||
testConfigureFlags = [
|
||||
"RAPIDCHECK_HEADERS=${lib.getDev rapidcheck}/extras/gtest/include"
|
||||
];
|
||||
testConfigureFlags = [ "RAPIDCHECK_HEADERS=${lib.getDev rapidcheck}/extras/gtest/include" ];
|
||||
|
||||
# The internal API docs need these for the build, but if we're not building
|
||||
# Nix itself, then these don't need to be propagated.
|
||||
|
@ -95,48 +99,60 @@
|
|||
./README.md
|
||||
];
|
||||
|
||||
topLevelBuildFiles = fileset.unions ([
|
||||
./local.mk
|
||||
./Makefile
|
||||
./Makefile.config.in
|
||||
./mk
|
||||
] ++ lib.optionals buildWithMeson [
|
||||
./meson.build
|
||||
./meson.options
|
||||
./meson
|
||||
./scripts/meson.build
|
||||
]);
|
||||
topLevelBuildFiles = fileset.unions (
|
||||
[
|
||||
./local.mk
|
||||
./Makefile
|
||||
./Makefile.config.in
|
||||
./mk
|
||||
]
|
||||
++ lib.optionals buildWithMeson [
|
||||
./meson.build
|
||||
./meson.options
|
||||
./meson
|
||||
./scripts/meson.build
|
||||
]
|
||||
);
|
||||
|
||||
functionalTestFiles = fileset.unions [
|
||||
functionalTestFiles = fileset.unions [
|
||||
./tests/functional
|
||||
./tests/unit
|
||||
(fileset.fileFilter (f: lib.strings.hasPrefix "nix-profile" f.name) ./scripts)
|
||||
];
|
||||
|
||||
in stdenv.mkDerivation (finalAttrs: {
|
||||
];
|
||||
in
|
||||
stdenv.mkDerivation (finalAttrs: {
|
||||
inherit pname version;
|
||||
|
||||
src = fileset.toSource {
|
||||
root = ./.;
|
||||
fileset = fileset.intersection baseFiles (fileset.unions ([
|
||||
configureFiles
|
||||
topLevelBuildFiles
|
||||
functionalTestFiles
|
||||
] ++ lib.optionals (!finalAttrs.dontBuild || internalApiDocs) [
|
||||
./boehmgc-coroutine-sp-fallback.diff
|
||||
./doc
|
||||
./misc
|
||||
./precompiled-headers.h
|
||||
./src
|
||||
./COPYING
|
||||
./scripts/local.mk
|
||||
]));
|
||||
fileset = fileset.intersection baseFiles (
|
||||
fileset.unions (
|
||||
[
|
||||
configureFiles
|
||||
topLevelBuildFiles
|
||||
functionalTestFiles
|
||||
]
|
||||
++ lib.optionals (!finalAttrs.dontBuild || internalApiDocs) [
|
||||
./boehmgc-coroutine-sp-fallback.diff
|
||||
./doc
|
||||
./misc
|
||||
./precompiled-headers.h
|
||||
./src
|
||||
./COPYING
|
||||
./scripts/local.mk
|
||||
]
|
||||
)
|
||||
);
|
||||
};
|
||||
|
||||
VERSION_SUFFIX = versionSuffix;
|
||||
|
||||
outputs = [ "out" ]
|
||||
++ lib.optionals (!finalAttrs.dontBuild) [ "dev" "doc" ];
|
||||
outputs =
|
||||
[ "out" ]
|
||||
++ lib.optionals (!finalAttrs.dontBuild) [
|
||||
"dev"
|
||||
"doc"
|
||||
];
|
||||
|
||||
dontBuild = false;
|
||||
|
||||
|
@ -148,51 +164,59 @@ in stdenv.mkDerivation (finalAttrs: {
|
|||
# We only include CMake so that Meson can locate toml11, which only ships CMake dependency metadata.
|
||||
dontUseCmakeConfigure = true;
|
||||
|
||||
nativeBuildInputs = [
|
||||
bison
|
||||
flex
|
||||
] ++ [
|
||||
(lib.getBin lowdown)
|
||||
mdbook
|
||||
mdbook-linkcheck
|
||||
autoconf-archive
|
||||
] ++ lib.optional (!buildWithMeson) autoreconfHook ++ [
|
||||
pkg-config
|
||||
nativeBuildInputs =
|
||||
[
|
||||
bison
|
||||
flex
|
||||
]
|
||||
++ [
|
||||
(lib.getBin lowdown)
|
||||
mdbook
|
||||
mdbook-linkcheck
|
||||
autoconf-archive
|
||||
]
|
||||
++ lib.optional (!buildWithMeson) autoreconfHook
|
||||
++ [
|
||||
pkg-config
|
||||
|
||||
# Tests
|
||||
git
|
||||
mercurial
|
||||
jq
|
||||
lsof
|
||||
] ++ lib.optional stdenv.hostPlatform.isLinux util-linuxMinimal
|
||||
# Tests
|
||||
git
|
||||
mercurial
|
||||
jq
|
||||
lsof
|
||||
]
|
||||
++ lib.optional stdenv.hostPlatform.isLinux util-linuxMinimal
|
||||
++ lib.optional (!officialRelease && buildUnreleasedNotes) build-release-notes
|
||||
++ lib.optional internalApiDocs doxygen
|
||||
++ lib.optionals buildWithMeson [
|
||||
meson
|
||||
ninja
|
||||
cmake
|
||||
];
|
||||
];
|
||||
|
||||
buildInputs = [
|
||||
curl
|
||||
bzip2
|
||||
xz
|
||||
brotli
|
||||
editline
|
||||
openssl
|
||||
sqlite
|
||||
libarchive
|
||||
boost
|
||||
lowdown
|
||||
libsodium
|
||||
toml11
|
||||
]
|
||||
++ lib.optionals stdenv.hostPlatform.isLinux [ libseccomp busybox-sandbox-shell ]
|
||||
buildInputs =
|
||||
[
|
||||
curl
|
||||
bzip2
|
||||
xz
|
||||
brotli
|
||||
editline
|
||||
openssl
|
||||
sqlite
|
||||
libarchive
|
||||
boost
|
||||
lowdown
|
||||
libsodium
|
||||
toml11
|
||||
]
|
||||
++ lib.optionals stdenv.hostPlatform.isLinux [
|
||||
libseccomp
|
||||
busybox-sandbox-shell
|
||||
]
|
||||
++ lib.optional stdenv.hostPlatform.isx86_64 libcpuid
|
||||
# There have been issues building these dependencies
|
||||
++ lib.optional (stdenv.hostPlatform == stdenv.buildPlatform) aws-sdk-cpp-nix
|
||||
++ lib.optionals (finalAttrs.dontBuild) maybePropagatedInputs
|
||||
;
|
||||
++ lib.optionals (finalAttrs.dontBuild) maybePropagatedInputs;
|
||||
|
||||
checkInputs = [
|
||||
gtest
|
||||
|
@ -201,9 +225,7 @@ in stdenv.mkDerivation (finalAttrs: {
|
|||
|
||||
propagatedBuildInputs = lib.optionals (!finalAttrs.dontBuild) maybePropagatedInputs;
|
||||
|
||||
disallowedReferences = [
|
||||
boost
|
||||
];
|
||||
disallowedReferences = [ boost ];
|
||||
|
||||
# Needed for Meson to find Boost.
|
||||
# https://github.com/NixOS/nixpkgs/issues/86131.
|
||||
|
@ -212,45 +234,49 @@ in stdenv.mkDerivation (finalAttrs: {
|
|||
BOOST_LIBRARYDIR = "${lib.getLib boost}/lib";
|
||||
};
|
||||
|
||||
preConfigure = lib.optionalString (!finalAttrs.dontBuild && !stdenv.hostPlatform.isStatic) ''
|
||||
# Copy libboost_context so we don't get all of Boost in our closure.
|
||||
# https://github.com/NixOS/nixpkgs/issues/45462
|
||||
mkdir -p $out/lib
|
||||
cp -pd ${boost}/lib/{libboost_context*,libboost_thread*,libboost_system*} $out/lib
|
||||
rm -f $out/lib/*.a
|
||||
'' + lib.optionalString (!finalAttrs.dontBuild && stdenv.hostPlatform.isLinux) ''
|
||||
chmod u+w $out/lib/*.so.*
|
||||
patchelf --set-rpath $out/lib:${stdenv.cc.cc.lib}/lib $out/lib/libboost_thread.so.*
|
||||
'' + lib.optionalString (!finalAttrs.dontBuild && stdenv.hostPlatform.isDarwin) ''
|
||||
for LIB in $out/lib/*.dylib; do
|
||||
chmod u+w $LIB
|
||||
install_name_tool -id $LIB $LIB
|
||||
install_name_tool -delete_rpath ${boost}/lib/ $LIB || true
|
||||
done
|
||||
install_name_tool -change ${boost}/lib/libboost_system.dylib $out/lib/libboost_system.dylib $out/lib/libboost_thread.dylib
|
||||
'' + ''
|
||||
# Workaround https://github.com/NixOS/nixpkgs/issues/294890.
|
||||
if [[ -n "''${doCheck:-}" ]]; then
|
||||
appendToVar configureFlags "--enable-tests"
|
||||
else
|
||||
appendToVar configureFlags "--disable-tests"
|
||||
fi
|
||||
'';
|
||||
preConfigure =
|
||||
lib.optionalString (!finalAttrs.dontBuild && !stdenv.hostPlatform.isStatic) ''
|
||||
# Copy libboost_context so we don't get all of Boost in our closure.
|
||||
# https://github.com/NixOS/nixpkgs/issues/45462
|
||||
mkdir -p $out/lib
|
||||
cp -pd ${boost}/lib/{libboost_context*,libboost_thread*,libboost_system*} $out/lib
|
||||
rm -f $out/lib/*.a
|
||||
''
|
||||
+ lib.optionalString (!finalAttrs.dontBuild && stdenv.hostPlatform.isLinux) ''
|
||||
chmod u+w $out/lib/*.so.*
|
||||
patchelf --set-rpath $out/lib:${stdenv.cc.cc.lib}/lib $out/lib/libboost_thread.so.*
|
||||
''
|
||||
+ lib.optionalString (!finalAttrs.dontBuild && stdenv.hostPlatform.isDarwin) ''
|
||||
for LIB in $out/lib/*.dylib; do
|
||||
chmod u+w $LIB
|
||||
install_name_tool -id $LIB $LIB
|
||||
install_name_tool -delete_rpath ${boost}/lib/ $LIB || true
|
||||
done
|
||||
install_name_tool -change ${boost}/lib/libboost_system.dylib $out/lib/libboost_system.dylib $out/lib/libboost_thread.dylib
|
||||
''
|
||||
+ ''
|
||||
# Workaround https://github.com/NixOS/nixpkgs/issues/294890.
|
||||
if [[ -n "''${doCheck:-}" ]]; then
|
||||
appendToVar configureFlags "--enable-tests"
|
||||
else
|
||||
appendToVar configureFlags "--disable-tests"
|
||||
fi
|
||||
'';
|
||||
|
||||
configureFlags = lib.optionals stdenv.isLinux [
|
||||
"--with-boost=${boost}/lib"
|
||||
"--with-sandbox-shell=${busybox-sandbox-shell}/bin/busybox"
|
||||
] ++ lib.optionals (stdenv.isLinux && !(stdenv.hostPlatform.isStatic && stdenv.system == "aarch64-linux")) [
|
||||
"LDFLAGS=-fuse-ld=gold"
|
||||
]
|
||||
configureFlags =
|
||||
lib.optionals stdenv.isLinux [
|
||||
"--with-boost=${boost}/lib"
|
||||
"--with-sandbox-shell=${busybox-sandbox-shell}/bin/busybox"
|
||||
]
|
||||
++ lib.optionals (
|
||||
stdenv.isLinux && !(stdenv.hostPlatform.isStatic && stdenv.system == "aarch64-linux")
|
||||
) [ "LDFLAGS=-fuse-ld=gold" ]
|
||||
++ lib.optional stdenv.hostPlatform.isStatic "--enable-embedded-sandbox-shell"
|
||||
++ lib.optionals (finalAttrs.doCheck || internalApiDocs) testConfigureFlags
|
||||
++ lib.optional (!canRunInstalled) "--disable-doc-gen"
|
||||
++ [ (lib.enableFeature internalApiDocs "internal-api-docs") ]
|
||||
++ lib.optional (!forDevShell) "--sysconfdir=/etc"
|
||||
++ [
|
||||
"TOML11_HEADERS=${lib.getDev toml11}/include"
|
||||
];
|
||||
++ [ "TOML11_HEADERS=${lib.getDev toml11}/include" ];
|
||||
|
||||
mesonBuildType = lib.optional (buildWithMeson || forDevShell) "debugoptimized";
|
||||
|
||||
|
@ -262,37 +288,37 @@ in stdenv.mkDerivation (finalAttrs: {
|
|||
|
||||
doCheck = true;
|
||||
|
||||
mesonCheckFlags = lib.optionals (buildWithMeson || forDevShell) [
|
||||
"--suite=check"
|
||||
];
|
||||
mesonCheckFlags = lib.optionals (buildWithMeson || forDevShell) [ "--suite=check" ];
|
||||
|
||||
installFlags = "sysconfdir=$(out)/etc";
|
||||
|
||||
postInstall = lib.optionalString (!finalAttrs.dontBuild) ''
|
||||
mkdir -p $doc/nix-support
|
||||
echo "doc manual $doc/share/doc/nix/manual" >> $doc/nix-support/hydra-build-products
|
||||
'' + lib.optionalString stdenv.hostPlatform.isStatic ''
|
||||
mkdir -p $out/nix-support
|
||||
echo "file binary-dist $out/bin/nix" >> $out/nix-support/hydra-build-products
|
||||
'' + lib.optionalString stdenv.isDarwin ''
|
||||
for lib in libnixutil.dylib libnixexpr.dylib; do
|
||||
install_name_tool \
|
||||
-change "${lib.getLib boost}/lib/libboost_context.dylib" \
|
||||
"$out/lib/libboost_context.dylib" \
|
||||
"$out/lib/$lib"
|
||||
done
|
||||
'' + lib.optionalString internalApiDocs ''
|
||||
mkdir -p $out/nix-support
|
||||
echo "doc internal-api-docs $out/share/doc/nix/internal-api/html" >> "$out/nix-support/hydra-build-products"
|
||||
'';
|
||||
postInstall =
|
||||
lib.optionalString (!finalAttrs.dontBuild) ''
|
||||
mkdir -p $doc/nix-support
|
||||
echo "doc manual $doc/share/doc/nix/manual" >> $doc/nix-support/hydra-build-products
|
||||
''
|
||||
+ lib.optionalString stdenv.hostPlatform.isStatic ''
|
||||
mkdir -p $out/nix-support
|
||||
echo "file binary-dist $out/bin/nix" >> $out/nix-support/hydra-build-products
|
||||
''
|
||||
+ lib.optionalString stdenv.isDarwin ''
|
||||
for lib in libnixutil.dylib libnixexpr.dylib; do
|
||||
install_name_tool \
|
||||
-change "${lib.getLib boost}/lib/libboost_context.dylib" \
|
||||
"$out/lib/libboost_context.dylib" \
|
||||
"$out/lib/$lib"
|
||||
done
|
||||
''
|
||||
+ lib.optionalString internalApiDocs ''
|
||||
mkdir -p $out/nix-support
|
||||
echo "doc internal-api-docs $out/share/doc/nix/internal-api/html" >> "$out/nix-support/hydra-build-products"
|
||||
'';
|
||||
|
||||
doInstallCheck = finalAttrs.doCheck;
|
||||
installCheckFlags = "sysconfdir=$(out)/etc";
|
||||
installCheckTarget = "installcheck"; # work around buggy detection in stdenv
|
||||
|
||||
mesonInstallCheckFlags = [
|
||||
"--suite=installcheck"
|
||||
];
|
||||
mesonInstallCheckFlags = [ "--suite=installcheck" ];
|
||||
|
||||
preInstallCheck = lib.optionalString stdenv.hostPlatform.isDarwin ''
|
||||
export OBJC_DISABLE_INITIALIZE_FORK_SAFETY=YES
|
||||
|
@ -310,12 +336,9 @@ in stdenv.mkDerivation (finalAttrs: {
|
|||
strictDeps = true;
|
||||
|
||||
# strictoverflow is disabled because we trap on signed overflow instead
|
||||
hardeningDisable = [ "strictoverflow" ]
|
||||
++ lib.optional stdenv.hostPlatform.isStatic "pie";
|
||||
hardeningDisable = [ "strictoverflow" ] ++ lib.optional stdenv.hostPlatform.isStatic "pie";
|
||||
|
||||
meta.platforms = lib.platforms.unix;
|
||||
|
||||
passthru.perl-bindings = pkgs.callPackage ./perl {
|
||||
inherit fileset stdenv;
|
||||
};
|
||||
passthru.perl-bindings = pkgs.callPackage ./perl { inherit fileset stdenv; };
|
||||
})
|
||||
|
|
|
@ -1,51 +1,64 @@
|
|||
{ lib, fileset
|
||||
, stdenv
|
||||
, perl, perlPackages
|
||||
, autoconf-archive, autoreconfHook, pkg-config
|
||||
, nix, curl, bzip2, xz, boost, libsodium, darwin
|
||||
{
|
||||
lib,
|
||||
fileset,
|
||||
stdenv,
|
||||
perl,
|
||||
perlPackages,
|
||||
autoconf-archive,
|
||||
autoreconfHook,
|
||||
pkg-config,
|
||||
nix,
|
||||
curl,
|
||||
bzip2,
|
||||
xz,
|
||||
boost,
|
||||
libsodium,
|
||||
darwin,
|
||||
}:
|
||||
perl.pkgs.toPerlModule (
|
||||
stdenv.mkDerivation {
|
||||
name = "nix-perl-${nix.version}";
|
||||
|
||||
perl.pkgs.toPerlModule (stdenv.mkDerivation {
|
||||
name = "nix-perl-${nix.version}";
|
||||
src = fileset.toSource {
|
||||
root = ../.;
|
||||
fileset = fileset.unions [
|
||||
../.version
|
||||
../m4
|
||||
../mk
|
||||
./MANIFEST
|
||||
./Makefile
|
||||
./Makefile.config.in
|
||||
./configure.ac
|
||||
./lib
|
||||
./local.mk
|
||||
];
|
||||
};
|
||||
|
||||
src = fileset.toSource {
|
||||
root = ../.;
|
||||
fileset = fileset.unions [
|
||||
../.version
|
||||
../m4
|
||||
../mk
|
||||
./MANIFEST
|
||||
./Makefile
|
||||
./Makefile.config.in
|
||||
./configure.ac
|
||||
./lib
|
||||
./local.mk
|
||||
];
|
||||
};
|
||||
|
||||
nativeBuildInputs =
|
||||
[ autoconf-archive
|
||||
nativeBuildInputs = [
|
||||
autoconf-archive
|
||||
autoreconfHook
|
||||
pkg-config
|
||||
];
|
||||
|
||||
buildInputs =
|
||||
[ nix
|
||||
curl
|
||||
bzip2
|
||||
xz
|
||||
perl
|
||||
boost
|
||||
]
|
||||
++ lib.optional (stdenv.isLinux || stdenv.isDarwin) libsodium
|
||||
++ lib.optional stdenv.isDarwin darwin.apple_sdk.frameworks.Security;
|
||||
buildInputs =
|
||||
[
|
||||
nix
|
||||
curl
|
||||
bzip2
|
||||
xz
|
||||
perl
|
||||
boost
|
||||
]
|
||||
++ lib.optional (stdenv.isLinux || stdenv.isDarwin) libsodium
|
||||
++ lib.optional stdenv.isDarwin darwin.apple_sdk.frameworks.Security;
|
||||
|
||||
configureFlags = [
|
||||
"--with-dbi=${perlPackages.DBI}/${perl.libPrefix}"
|
||||
"--with-dbd-sqlite=${perlPackages.DBDSQLite}/${perl.libPrefix}"
|
||||
];
|
||||
configureFlags = [
|
||||
"--with-dbi=${perlPackages.DBI}/${perl.libPrefix}"
|
||||
"--with-dbd-sqlite=${perlPackages.DBDSQLite}/${perl.libPrefix}"
|
||||
];
|
||||
|
||||
enableParallelBuilding = true;
|
||||
enableParallelBuilding = true;
|
||||
|
||||
postUnpack = "sourceRoot=$sourceRoot/perl";
|
||||
})
|
||||
postUnpack = "sourceRoot=$sourceRoot/perl";
|
||||
}
|
||||
)
|
||||
|
|
|
@ -1,43 +1,72 @@
|
|||
{ system ? "" # obsolete
|
||||
, url
|
||||
, hash ? "" # an SRI hash
|
||||
|
||||
# Legacy hash specification
|
||||
, md5 ? "", sha1 ? "", sha256 ? "", sha512 ? ""
|
||||
, outputHash ?
|
||||
if hash != "" then hash else if sha512 != "" then sha512 else if sha1 != "" then sha1 else if md5 != "" then md5 else sha256
|
||||
, outputHashAlgo ?
|
||||
if hash != "" then "" else if sha512 != "" then "sha512" else if sha1 != "" then "sha1" else if md5 != "" then "md5" else "sha256"
|
||||
|
||||
, executable ? false
|
||||
, unpack ? false
|
||||
, name ? baseNameOf (toString url)
|
||||
, impure ? false
|
||||
{
|
||||
system ? "", # obsolete
|
||||
url,
|
||||
hash ? "", # an SRI hash
|
||||
# Legacy hash specification
|
||||
md5 ? "",
|
||||
sha1 ? "",
|
||||
sha256 ? "",
|
||||
sha512 ? "",
|
||||
outputHash ?
|
||||
if hash != "" then
|
||||
hash
|
||||
else if sha512 != "" then
|
||||
sha512
|
||||
else if sha1 != "" then
|
||||
sha1
|
||||
else if md5 != "" then
|
||||
md5
|
||||
else
|
||||
sha256,
|
||||
outputHashAlgo ?
|
||||
if hash != "" then
|
||||
""
|
||||
else if sha512 != "" then
|
||||
"sha512"
|
||||
else if sha1 != "" then
|
||||
"sha1"
|
||||
else if md5 != "" then
|
||||
"md5"
|
||||
else
|
||||
"sha256",
|
||||
executable ? false,
|
||||
unpack ? false,
|
||||
name ? baseNameOf (toString url),
|
||||
impure ? false,
|
||||
}:
|
||||
derivation (
|
||||
{
|
||||
builder = "builtin:fetchurl";
|
||||
|
||||
derivation ({
|
||||
builder = "builtin:fetchurl";
|
||||
# New-style output content requirements.
|
||||
outputHashMode = if unpack || executable then "recursive" else "flat";
|
||||
|
||||
# New-style output content requirements.
|
||||
outputHashMode = if unpack || executable then "recursive" else "flat";
|
||||
inherit
|
||||
name
|
||||
url
|
||||
executable
|
||||
unpack
|
||||
;
|
||||
|
||||
inherit name url executable unpack;
|
||||
system = "builtin";
|
||||
|
||||
system = "builtin";
|
||||
# No need to double the amount of network traffic
|
||||
preferLocalBuild = true;
|
||||
|
||||
# No need to double the amount of network traffic
|
||||
preferLocalBuild = true;
|
||||
impureEnvVars = [
|
||||
# We borrow these environment variables from the caller to allow
|
||||
# easy proxy configuration. This is impure, but a fixed-output
|
||||
# derivation like fetchurl is allowed to do so since its result is
|
||||
# by definition pure.
|
||||
"http_proxy"
|
||||
"https_proxy"
|
||||
"ftp_proxy"
|
||||
"all_proxy"
|
||||
"no_proxy"
|
||||
];
|
||||
|
||||
impureEnvVars = [
|
||||
# We borrow these environment variables from the caller to allow
|
||||
# easy proxy configuration. This is impure, but a fixed-output
|
||||
# derivation like fetchurl is allowed to do so since its result is
|
||||
# by definition pure.
|
||||
"http_proxy" "https_proxy" "ftp_proxy" "all_proxy" "no_proxy"
|
||||
];
|
||||
|
||||
# To make "nix-prefetch-url" work.
|
||||
urls = [ url ];
|
||||
} // (if impure
|
||||
then { __impure = true; }
|
||||
else { inherit outputHashAlgo outputHash; }))
|
||||
# To make "nix-prefetch-url" work.
|
||||
urls = [ url ];
|
||||
}
|
||||
// (if impure then { __impure = true; } else { inherit outputHashAlgo outputHash; })
|
||||
)
|
||||
|
|
|
@ -1,72 +1,69 @@
|
|||
lockFileStr: rootSrc: rootSubdir:
|
||||
|
||||
let
|
||||
|
||||
lockFile = builtins.fromJSON lockFileStr;
|
||||
|
||||
allNodes =
|
||||
builtins.mapAttrs
|
||||
(key: node:
|
||||
let
|
||||
allNodes = builtins.mapAttrs (
|
||||
key: node:
|
||||
let
|
||||
sourceInfo =
|
||||
if key == lockFile.root then
|
||||
rootSrc
|
||||
else
|
||||
fetchTree (node.info or { } // removeAttrs node.locked [ "dir" ]);
|
||||
|
||||
sourceInfo =
|
||||
if key == lockFile.root
|
||||
then rootSrc
|
||||
else fetchTree (node.info or {} // removeAttrs node.locked ["dir"]);
|
||||
subdir = if key == lockFile.root then rootSubdir else node.locked.dir or "";
|
||||
|
||||
subdir = if key == lockFile.root then rootSubdir else node.locked.dir or "";
|
||||
outPath = sourceInfo + ((if subdir == "" then "" else "/") + subdir);
|
||||
|
||||
outPath = sourceInfo + ((if subdir == "" then "" else "/") + subdir);
|
||||
flake = import (outPath + "/flake.nix");
|
||||
|
||||
flake = import (outPath + "/flake.nix");
|
||||
inputs = builtins.mapAttrs (inputName: inputSpec: allNodes.${resolveInput inputSpec}) (
|
||||
node.inputs or { }
|
||||
);
|
||||
|
||||
inputs = builtins.mapAttrs
|
||||
(inputName: inputSpec: allNodes.${resolveInput inputSpec})
|
||||
(node.inputs or {});
|
||||
# Resolve a input spec into a node name. An input spec is
|
||||
# either a node name, or a 'follows' path from the root
|
||||
# node.
|
||||
resolveInput =
|
||||
inputSpec: if builtins.isList inputSpec then getInputByPath lockFile.root inputSpec else inputSpec;
|
||||
|
||||
# Resolve a input spec into a node name. An input spec is
|
||||
# either a node name, or a 'follows' path from the root
|
||||
# node.
|
||||
resolveInput = inputSpec:
|
||||
if builtins.isList inputSpec
|
||||
then getInputByPath lockFile.root inputSpec
|
||||
else inputSpec;
|
||||
# Follow an input path (e.g. ["dwarffs" "nixpkgs"]) from the
|
||||
# root node, returning the final node.
|
||||
getInputByPath =
|
||||
nodeName: path:
|
||||
if path == [ ] then
|
||||
nodeName
|
||||
else
|
||||
getInputByPath
|
||||
# Since this could be a 'follows' input, call resolveInput.
|
||||
(resolveInput lockFile.nodes.${nodeName}.inputs.${builtins.head path})
|
||||
(builtins.tail path);
|
||||
|
||||
# Follow an input path (e.g. ["dwarffs" "nixpkgs"]) from the
|
||||
# root node, returning the final node.
|
||||
getInputByPath = nodeName: path:
|
||||
if path == []
|
||||
then nodeName
|
||||
else
|
||||
getInputByPath
|
||||
# Since this could be a 'follows' input, call resolveInput.
|
||||
(resolveInput lockFile.nodes.${nodeName}.inputs.${builtins.head path})
|
||||
(builtins.tail path);
|
||||
outputs = flake.outputs (inputs // { self = result; });
|
||||
|
||||
outputs = flake.outputs (inputs // { self = result; });
|
||||
result =
|
||||
outputs
|
||||
# We add the sourceInfo attribute for its metadata, as they are
|
||||
# relevant metadata for the flake. However, the outPath of the
|
||||
# sourceInfo does not necessarily match the outPath of the flake,
|
||||
# as the flake may be in a subdirectory of a source.
|
||||
# This is shadowed in the next //
|
||||
// sourceInfo
|
||||
// {
|
||||
# This shadows the sourceInfo.outPath
|
||||
inherit outPath;
|
||||
|
||||
result =
|
||||
outputs
|
||||
# We add the sourceInfo attribute for its metadata, as they are
|
||||
# relevant metadata for the flake. However, the outPath of the
|
||||
# sourceInfo does not necessarily match the outPath of the flake,
|
||||
# as the flake may be in a subdirectory of a source.
|
||||
# This is shadowed in the next //
|
||||
// sourceInfo
|
||||
// {
|
||||
# This shadows the sourceInfo.outPath
|
||||
inherit outPath;
|
||||
|
||||
inherit inputs; inherit outputs; inherit sourceInfo; _type = "flake";
|
||||
};
|
||||
|
||||
in
|
||||
if node.flake or true then
|
||||
assert builtins.isFunction flake.outputs;
|
||||
result
|
||||
else
|
||||
sourceInfo
|
||||
)
|
||||
lockFile.nodes;
|
||||
|
||||
in allNodes.${lockFile.root}
|
||||
inherit inputs;
|
||||
inherit outputs;
|
||||
inherit sourceInfo;
|
||||
_type = "flake";
|
||||
};
|
||||
in
|
||||
if node.flake or true then
|
||||
assert builtins.isFunction flake.outputs;
|
||||
result
|
||||
else
|
||||
sourceInfo
|
||||
) lockFile.nodes;
|
||||
in
|
||||
allNodes.${lockFile.root}
|
||||
|
|
|
@ -1,21 +1,24 @@
|
|||
attrs @ { drvPath, outputs, name, ... }:
|
||||
|
||||
attrs@{
|
||||
drvPath,
|
||||
outputs,
|
||||
name,
|
||||
...
|
||||
}:
|
||||
let
|
||||
commonAttrs = (builtins.listToAttrs outputsList) // {
|
||||
all = map (x: x.value) outputsList;
|
||||
inherit drvPath name;
|
||||
type = "derivation";
|
||||
};
|
||||
|
||||
commonAttrs = (builtins.listToAttrs outputsList) //
|
||||
{ all = map (x: x.value) outputsList;
|
||||
inherit drvPath name;
|
||||
type = "derivation";
|
||||
outputToAttrListElement = outputName: {
|
||||
name = outputName;
|
||||
value = commonAttrs // {
|
||||
outPath = builtins.getAttr outputName attrs;
|
||||
inherit outputName;
|
||||
};
|
||||
};
|
||||
|
||||
outputToAttrListElement = outputName:
|
||||
{ name = outputName;
|
||||
value = commonAttrs // {
|
||||
outPath = builtins.getAttr outputName attrs;
|
||||
inherit outputName;
|
||||
};
|
||||
};
|
||||
|
||||
outputsList = map outputToAttrListElement outputs;
|
||||
|
||||
in (builtins.head outputsList).value
|
||||
in
|
||||
(builtins.head outputsList).value
|
||||
|
|
|
@ -1,27 +1,32 @@
|
|||
/* This is the implementation of the ‘derivation’ builtin function.
|
||||
It's actually a wrapper around the ‘derivationStrict’ primop. */
|
||||
|
||||
drvAttrs @ { outputs ? [ "out" ], ... }:
|
||||
|
||||
/*
|
||||
This is the implementation of the ‘derivation’ builtin function.
|
||||
It's actually a wrapper around the ‘derivationStrict’ primop.
|
||||
*/
|
||||
drvAttrs@{
|
||||
outputs ? [ "out" ],
|
||||
...
|
||||
}:
|
||||
let
|
||||
|
||||
strict = derivationStrict drvAttrs;
|
||||
|
||||
commonAttrs = drvAttrs // (builtins.listToAttrs outputsList) //
|
||||
{ all = map (x: x.value) outputsList;
|
||||
commonAttrs =
|
||||
drvAttrs
|
||||
// (builtins.listToAttrs outputsList)
|
||||
// {
|
||||
all = map (x: x.value) outputsList;
|
||||
inherit drvAttrs;
|
||||
};
|
||||
|
||||
outputToAttrListElement = outputName:
|
||||
{ name = outputName;
|
||||
value = commonAttrs // {
|
||||
outPath = builtins.getAttr outputName strict;
|
||||
drvPath = strict.drvPath;
|
||||
type = "derivation";
|
||||
inherit outputName;
|
||||
};
|
||||
outputToAttrListElement = outputName: {
|
||||
name = outputName;
|
||||
value = commonAttrs // {
|
||||
outPath = builtins.getAttr outputName strict;
|
||||
drvPath = strict.drvPath;
|
||||
type = "derivation";
|
||||
inherit outputName;
|
||||
};
|
||||
};
|
||||
|
||||
outputsList = map outputToAttrListElement outputs;
|
||||
|
||||
in (builtins.head outputsList).value
|
||||
in
|
||||
(builtins.head outputsList).value
|
||||
|
|
|
@ -8,5 +8,3 @@ namespace nix {
|
|||
void setPersonality(std::string_view system);
|
||||
|
||||
}
|
||||
|
||||
|
||||
|
|
|
@ -144,7 +144,7 @@ struct SourcePath
|
|||
* Resolve any symlinks in this `SourcePath` according to the
|
||||
* given resolution mode.
|
||||
*
|
||||
* @param mode might only be a temporary solution for this.
|
||||
* @param mode might only be a temporary solution for this.
|
||||
* See the discussion in https://github.com/NixOS/nix/pull/9985.
|
||||
*/
|
||||
SourcePath resolveSymlinks(
|
||||
|
|
|
@ -152,5 +152,3 @@ void ThreadPool::doWork(bool mainThread)
|
|||
}
|
||||
|
||||
}
|
||||
|
||||
|
||||
|
|
|
@ -1,5 +1,8 @@
|
|||
{ name, channelName, src }:
|
||||
|
||||
{
|
||||
name,
|
||||
channelName,
|
||||
src,
|
||||
}:
|
||||
derivation {
|
||||
builder = "builtin:unpack-channel";
|
||||
|
||||
|
|
|
@ -1,5 +1,4 @@
|
|||
{ derivations, manifest }:
|
||||
|
||||
derivation {
|
||||
name = "user-environment";
|
||||
system = "builtin";
|
||||
|
@ -8,13 +7,15 @@ derivation {
|
|||
inherit manifest;
|
||||
|
||||
# !!! grmbl, need structured data for passing this in a clean way.
|
||||
derivations =
|
||||
map (d:
|
||||
[ (d.meta.active or "true")
|
||||
(d.meta.priority or 5)
|
||||
(builtins.length d.outputs)
|
||||
] ++ map (output: builtins.getAttr output d) d.outputs)
|
||||
derivations;
|
||||
derivations = map (
|
||||
d:
|
||||
[
|
||||
(d.meta.active or "true")
|
||||
(d.meta.priority or 5)
|
||||
(builtins.length d.outputs)
|
||||
]
|
||||
++ map (output: builtins.getAttr output d) d.outputs
|
||||
) derivations;
|
||||
|
||||
# Building user environments remotely just causes huge amounts of
|
||||
# network traffic, so don't do that.
|
||||
|
|
2
tests/functional/ca/build-cache.sh
Normal file → Executable file
2
tests/functional/ca/build-cache.sh
Normal file → Executable file
|
@ -48,4 +48,4 @@ testRemoteCache () {
|
|||
}
|
||||
|
||||
clearStore
|
||||
testRemoteCache
|
||||
testRemoteCache
|
||||
|
|
|
@ -3,4 +3,3 @@ source common.sh
|
|||
export NIX_TESTS_CA_BY_DEFAULT=1
|
||||
|
||||
cd .. && source build-dry.sh
|
||||
|
||||
|
|
0
tests/functional/ca/build.sh
Normal file → Executable file
0
tests/functional/ca/build.sh
Normal file → Executable file
0
tests/functional/ca/eval-store.sh
Normal file → Executable file
0
tests/functional/ca/eval-store.sh
Normal file → Executable file
|
@ -3,4 +3,3 @@ source common.sh
|
|||
export NIX_TESTS_CA_BY_DEFAULT=1
|
||||
|
||||
cd .. && source import-derivation.sh
|
||||
|
||||
|
|
|
@ -5,4 +5,3 @@ source common.sh
|
|||
CONTENT_ADDRESSED=true
|
||||
cd ..
|
||||
source ./nix-shell.sh
|
||||
|
||||
|
|
|
@ -32,4 +32,3 @@ rec {
|
|||
'';
|
||||
};
|
||||
}
|
||||
|
||||
|
|
|
@ -7,5 +7,3 @@ requireDaemonNewerThan "2.4pre20210626"
|
|||
export NIX_TESTS_CA_BY_DEFAULT=1
|
||||
cd ..
|
||||
source ./post-hook.sh
|
||||
|
||||
|
||||
|
|
0
tests/functional/ca/substitute.sh
Normal file → Executable file
0
tests/functional/ca/substitute.sh
Normal file → Executable file
0
tests/functional/dyn-drv/build-built-drv.sh
Normal file → Executable file
0
tests/functional/dyn-drv/build-built-drv.sh
Normal file → Executable file
0
tests/functional/dyn-drv/dep-built-drv.sh
Normal file → Executable file
0
tests/functional/dyn-drv/dep-built-drv.sh
Normal file → Executable file
0
tests/functional/dyn-drv/eval-outputOf.sh
Normal file → Executable file
0
tests/functional/dyn-drv/eval-outputOf.sh
Normal file → Executable file
0
tests/functional/dyn-drv/text-hashed-output.sh
Normal file → Executable file
0
tests/functional/dyn-drv/text-hashed-output.sh
Normal file → Executable file
|
@ -147,4 +147,3 @@ expectStderr 1 nix eval -v --raw --expr "
|
|||
inputAddressed = true;
|
||||
}
|
||||
" | grepQuiet 'error.*The store object referred to by.*fromPath.* at .* is not input-addressed, but .*inputAddressed.* is set to .*true.*'
|
||||
|
||||
|
|
|
@ -47,4 +47,3 @@ nix flake update b --flake $flakeA
|
|||
|
||||
# Test list-inputs with circular dependencies
|
||||
nix flake metadata $flakeA
|
||||
|
||||
|
|
|
@ -167,7 +167,7 @@ nix flake lock "$flakeFollowsA" 2>&1 | grep "warning: input 'B' has an override
|
|||
#
|
||||
# The message was
|
||||
# error: input 'B/D' follows a non-existent input 'B/C/D'
|
||||
#
|
||||
#
|
||||
# Note that for `B` to resolve its follow for `D`, it needs `C/D`, for which it needs to resolve the follow on `C` first.
|
||||
flakeFollowsOverloadA="$TEST_ROOT/follows/overload/flakeA"
|
||||
flakeFollowsOverloadB="$TEST_ROOT/follows/overload/flakeA/flakeB"
|
||||
|
|
Some files were not shown because too many files have changed in this diff Show more
Loading…
Reference in a new issue