forked from Deuxfleurs/garage
Apply nixfmt to all .nix files; fix devshell and add it to cache
This commit is contained in:
parent
1311742fe0
commit
f251b4721f
10 changed files with 551 additions and 521 deletions
24
default.nix
24
default.nix
|
@ -1,7 +1,4 @@
|
||||||
{
|
{ system ? builtins.currentSystem, git_version ? null, }:
|
||||||
system ? builtins.currentSystem,
|
|
||||||
git_version ? null,
|
|
||||||
}:
|
|
||||||
|
|
||||||
with import ./nix/common.nix;
|
with import ./nix/common.nix;
|
||||||
|
|
||||||
|
@ -13,21 +10,20 @@ let
|
||||||
debug = (compile {
|
debug = (compile {
|
||||||
inherit system target git_version pkgsSrc cargo2nixOverlay;
|
inherit system target git_version pkgsSrc cargo2nixOverlay;
|
||||||
release = false;
|
release = false;
|
||||||
}).workspace.garage {
|
}).workspace.garage { compileMode = "build"; };
|
||||||
compileMode = "build";
|
|
||||||
};
|
|
||||||
|
|
||||||
release = (compile {
|
release = (compile {
|
||||||
inherit system target git_version pkgsSrc cargo2nixOverlay;
|
inherit system target git_version pkgsSrc cargo2nixOverlay;
|
||||||
release = true;
|
release = true;
|
||||||
}).workspace.garage {
|
}).workspace.garage { compileMode = "build"; };
|
||||||
compileMode = "build";
|
|
||||||
};
|
|
||||||
});
|
});
|
||||||
|
|
||||||
test = (rustPkgs: pkgs.symlinkJoin {
|
test = (rustPkgs:
|
||||||
|
pkgs.symlinkJoin {
|
||||||
name = "garage-tests";
|
name = "garage-tests";
|
||||||
paths = builtins.map (key: rustPkgs.workspace.${key} { compileMode = "test"; }) (builtins.attrNames rustPkgs.workspace);
|
paths =
|
||||||
|
builtins.map (key: rustPkgs.workspace.${key} { compileMode = "test"; })
|
||||||
|
(builtins.attrNames rustPkgs.workspace);
|
||||||
});
|
});
|
||||||
|
|
||||||
in {
|
in {
|
||||||
|
@ -55,8 +51,6 @@ in {
|
||||||
inherit system git_version pkgsSrc cargo2nixOverlay;
|
inherit system git_version pkgsSrc cargo2nixOverlay;
|
||||||
target = "x86_64-unknown-linux-musl";
|
target = "x86_64-unknown-linux-musl";
|
||||||
compiler = "clippy";
|
compiler = "clippy";
|
||||||
}).workspace.garage {
|
}).workspace.garage { compileMode = "build"; };
|
||||||
compileMode = "build";
|
|
||||||
};
|
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
12
flake.nix
12
flake.nix
|
@ -1,7 +1,9 @@
|
||||||
{
|
{
|
||||||
description = "Garage, an S3-compatible distributed object store for self-hosted deployments";
|
description =
|
||||||
|
"Garage, an S3-compatible distributed object store for self-hosted deployments";
|
||||||
|
|
||||||
inputs.nixpkgs.url = "github:NixOS/nixpkgs/a3073c49bc0163fea6a121c276f526837672b555";
|
inputs.nixpkgs.url =
|
||||||
|
"github:NixOS/nixpkgs/a3073c49bc0163fea6a121c276f526837672b555";
|
||||||
inputs.cargo2nix = {
|
inputs.cargo2nix = {
|
||||||
# As of 2022-10-18: two small patches over unstable branch, one for clippy and one to fix feature detection
|
# As of 2022-10-18: two small patches over unstable branch, one for clippy and one to fix feature detection
|
||||||
url = "github:Alexis211/cargo2nix/a7a61179b66054904ef6a195d8da736eaaa06c36";
|
url = "github:Alexis211/cargo2nix/a7a61179b66054904ef6a195d8da736eaaa06c36";
|
||||||
|
@ -24,13 +26,11 @@
|
||||||
release = true;
|
release = true;
|
||||||
}).workspace.garage { compileMode = "build"; };
|
}).workspace.garage { compileMode = "build"; };
|
||||||
};
|
};
|
||||||
devShell = ((compile {
|
devShell = (compile {
|
||||||
inherit system git_version;
|
inherit system git_version;
|
||||||
pkgsSrc = nixpkgs;
|
pkgsSrc = nixpkgs;
|
||||||
cargo2nixOverlay = cargo2nix.overlays.default;
|
cargo2nixOverlay = cargo2nix.overlays.default;
|
||||||
release = false;
|
release = false;
|
||||||
}).workspaceShell {
|
}).workspaceShell { packages = [ pkgs.rustfmt ]; };
|
||||||
packages = [ pkgs.rustfmt cargo2nix.packages.${system}.default ];
|
|
||||||
});
|
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,6 +1,4 @@
|
||||||
{
|
{ path ? "/../aws-list.txt", }:
|
||||||
path ? "/../aws-list.txt",
|
|
||||||
}:
|
|
||||||
|
|
||||||
with import ./common.nix;
|
with import ./common.nix;
|
||||||
let
|
let
|
||||||
|
@ -14,11 +12,10 @@ let
|
||||||
=> { name = "latex"; version = "3.14"; }
|
=> { name = "latex"; version = "3.14"; }
|
||||||
*/
|
*/
|
||||||
listToSet = keys: values:
|
listToSet = keys: values:
|
||||||
builtins.listToAttrs
|
builtins.listToAttrs (lib.zipListsWith (a: b: {
|
||||||
(lib.zipListsWith
|
name = a;
|
||||||
(a: b: { name = a; value = b; })
|
value = b;
|
||||||
keys
|
}) keys values);
|
||||||
values);
|
|
||||||
|
|
||||||
/* Says if datetime a is more recent than datetime b
|
/* Says if datetime a is more recent than datetime b
|
||||||
|
|
||||||
|
@ -27,69 +24,98 @@ let
|
||||||
=> true
|
=> true
|
||||||
*/
|
*/
|
||||||
cmpDate = a: b:
|
cmpDate = a: b:
|
||||||
let da = (builtins.head a.builds).date;
|
let
|
||||||
|
da = (builtins.head a.builds).date;
|
||||||
db = (builtins.head b.builds).date;
|
db = (builtins.head b.builds).date;
|
||||||
in
|
in if da == db then
|
||||||
if da == db then (builtins.head a.builds).time > (builtins.head b.builds).time
|
(builtins.head a.builds).time > (builtins.head b.builds).time
|
||||||
else da > db;
|
else
|
||||||
|
da > db;
|
||||||
|
|
||||||
/* Pretty platforms */
|
# Pretty platforms
|
||||||
prettyPlatform = name:
|
prettyPlatform = name:
|
||||||
if name == "aarch64-unknown-linux-musl" then "linux/arm64"
|
if name == "aarch64-unknown-linux-musl" then
|
||||||
else if name == "armv6l-unknown-linux-musleabihf" then "linux/arm"
|
"linux/arm64"
|
||||||
else if name == "x86_64-unknown-linux-musl" then "linux/amd64"
|
else if name == "armv6l-unknown-linux-musleabihf" then
|
||||||
else if name == "i686-unknown-linux-musl" then "linux/386"
|
"linux/arm"
|
||||||
else name;
|
else if name == "x86_64-unknown-linux-musl" then
|
||||||
|
"linux/amd64"
|
||||||
|
else if name == "i686-unknown-linux-musl" then
|
||||||
|
"linux/386"
|
||||||
|
else
|
||||||
|
name;
|
||||||
|
|
||||||
/* Parsing */
|
# Parsing
|
||||||
list = builtins.readFile (./. + path);
|
list = builtins.readFile (./. + path);
|
||||||
entries = lib.splitString "\n" list;
|
entries = lib.splitString "\n" list;
|
||||||
|
|
||||||
elems = builtins.filter
|
elems = builtins.filter (e: (builtins.length e) == 4)
|
||||||
(e: (builtins.length e) == 4)
|
(map (x: builtins.filter (e: e != "") (lib.splitString " " x)) entries);
|
||||||
(map
|
|
||||||
(x: builtins.filter (e: e != "") (lib.splitString " " x))
|
|
||||||
entries);
|
|
||||||
|
|
||||||
keys = [ "date" "time" "size" "path" ];
|
keys = [ "date" "time" "size" "path" ];
|
||||||
parsed = map (entry: listToSet keys entry) elems;
|
parsed = map (entry: listToSet keys entry) elems;
|
||||||
|
|
||||||
subkeys = [ "root" "version" "platform" "binary" ];
|
subkeys = [ "root" "version" "platform" "binary" ];
|
||||||
builds = map (entry: entry // listToSet subkeys (lib.splitString "/" entry.path) // { url = "https://garagehq.deuxfleurs.fr/" + entry.path; }) parsed;
|
builds = map (entry:
|
||||||
|
entry // listToSet subkeys (lib.splitString "/" entry.path) // {
|
||||||
|
url = "https://garagehq.deuxfleurs.fr/" + entry.path;
|
||||||
|
}) parsed;
|
||||||
|
|
||||||
/* Aggregation */
|
# Aggregation
|
||||||
builds_per_version = lib.foldl (acc: v: acc // { ${v.version} = if builtins.hasAttr v.version acc then acc.${v.version} ++ [ v ] else [ v ]; }) {} builds;
|
builds_per_version = lib.foldl (acc: v:
|
||||||
|
acc // {
|
||||||
|
${v.version} = if builtins.hasAttr v.version acc then
|
||||||
|
acc.${v.version} ++ [ v ]
|
||||||
|
else
|
||||||
|
[ v ];
|
||||||
|
}) { } builds;
|
||||||
|
|
||||||
versions = builtins.attrNames builds_per_version;
|
versions = builtins.attrNames builds_per_version;
|
||||||
versions_release = builtins.filter (x: builtins.match "v[0-9]+\.[0-9]+\.[0-9]+(\.[0-9]+)?" x != null) versions;
|
versions_release = builtins.filter
|
||||||
versions_commit = builtins.filter (x: builtins.match "[0-9a-f]{40}" x != null) versions;
|
(x: builtins.match "v[0-9]+.[0-9]+.[0-9]+(.[0-9]+)?" x != null) versions;
|
||||||
versions_extra = lib.subtractLists (versions_release ++ versions_commit) versions;
|
versions_commit =
|
||||||
|
builtins.filter (x: builtins.match "[0-9a-f]{40}" x != null) versions;
|
||||||
|
versions_extra =
|
||||||
|
lib.subtractLists (versions_release ++ versions_commit) versions;
|
||||||
|
|
||||||
sorted_builds = [
|
sorted_builds = [
|
||||||
{
|
{
|
||||||
name = "Release";
|
name = "Release";
|
||||||
hide = false;
|
hide = false;
|
||||||
type = "tag";
|
type = "tag";
|
||||||
description = "Release builds are the official builds, they are tailored for productions and are the most tested.";
|
description =
|
||||||
builds = builtins.sort (a: b: a.version > b.version) (map (x: { version = x; builds = builtins.getAttr x builds_per_version; }) versions_release);
|
"Release builds are the official builds, they are tailored for productions and are the most tested.";
|
||||||
|
builds = builtins.sort (a: b: a.version > b.version) (map (x: {
|
||||||
|
version = x;
|
||||||
|
builds = builtins.getAttr x builds_per_version;
|
||||||
|
}) versions_release);
|
||||||
}
|
}
|
||||||
{
|
{
|
||||||
name = "Extra";
|
name = "Extra";
|
||||||
hide = true;
|
hide = true;
|
||||||
type = "tag";
|
type = "tag";
|
||||||
description = "Extra builds are built on demand to test a specific feature or a specific need.";
|
description =
|
||||||
builds = builtins.sort cmpDate (map (x: { version = x; builds = builtins.getAttr x builds_per_version; }) versions_extra);
|
"Extra builds are built on demand to test a specific feature or a specific need.";
|
||||||
|
builds = builtins.sort cmpDate (map (x: {
|
||||||
|
version = x;
|
||||||
|
builds = builtins.getAttr x builds_per_version;
|
||||||
|
}) versions_extra);
|
||||||
}
|
}
|
||||||
{
|
{
|
||||||
name = "Development";
|
name = "Development";
|
||||||
hide = true;
|
hide = true;
|
||||||
type = "commit";
|
type = "commit";
|
||||||
description = "Development builds are built periodically. Use them if you want to test a specific feature that is not yet released.";
|
description =
|
||||||
builds = builtins.sort cmpDate (map (x: { version = x; builds = builtins.getAttr x builds_per_version; }) versions_commit);
|
"Development builds are built periodically. Use them if you want to test a specific feature that is not yet released.";
|
||||||
|
builds = builtins.sort cmpDate (map (x: {
|
||||||
|
version = x;
|
||||||
|
builds = builtins.getAttr x builds_per_version;
|
||||||
|
}) versions_commit);
|
||||||
}
|
}
|
||||||
];
|
];
|
||||||
|
|
||||||
json = pkgs.writeTextDir "share/_releases.json" (builtins.toJSON sorted_builds);
|
json =
|
||||||
|
pkgs.writeTextDir "share/_releases.json" (builtins.toJSON sorted_builds);
|
||||||
html = pkgs.writeTextDir "share/_releases.html" ''
|
html = pkgs.writeTextDir "share/_releases.html" ''
|
||||||
<!doctype html>
|
<!doctype html>
|
||||||
<html>
|
<html>
|
||||||
|
@ -114,20 +140,29 @@ let
|
||||||
</style>
|
</style>
|
||||||
</head>
|
</head>
|
||||||
<body>
|
<body>
|
||||||
${ builtins.toString (lib.forEach sorted_builds (r: ''
|
${
|
||||||
|
builtins.toString (lib.forEach sorted_builds (r: ''
|
||||||
<section>
|
<section>
|
||||||
<h2>${r.name} builds</h2>
|
<h2>${r.name} builds</h2>
|
||||||
|
|
||||||
<p>${r.description}</p>
|
<p>${r.description}</p>
|
||||||
|
|
||||||
${if r.hide then "<details><summary>Show ${r.name} builds</summary>" else ""}
|
${
|
||||||
${ builtins.toString (lib.forEach r.builds (x: ''
|
if r.hide then
|
||||||
|
"<details><summary>Show ${r.name} builds</summary>"
|
||||||
|
else
|
||||||
|
""
|
||||||
|
}
|
||||||
|
${
|
||||||
|
builtins.toString (lib.forEach r.builds (x: ''
|
||||||
<h3> ${x.version} (${(builtins.head x.builds).date}) </h3>
|
<h3> ${x.version} (${(builtins.head x.builds).date}) </h3>
|
||||||
<p>See this build on</p>
|
<p>See this build on</p>
|
||||||
<p> Binaries:
|
<p> Binaries:
|
||||||
<ul>
|
<ul>
|
||||||
${builtins.toString (lib.forEach x.builds (b: ''
|
${builtins.toString (lib.forEach x.builds (b: ''
|
||||||
<li><a href="/${b.path}">${prettyPlatform b.platform}</a></li>
|
<li><a href="/${b.path}">${
|
||||||
|
prettyPlatform b.platform
|
||||||
|
}</a></li>
|
||||||
''))}
|
''))}
|
||||||
</ul></p>
|
</ul></p>
|
||||||
<p> Sources:
|
<p> Sources:
|
||||||
|
@ -136,16 +171,22 @@ let
|
||||||
<li><a href="https://git.deuxfleurs.fr/Deuxfleurs/garage/archive/${x.version}.zip">.zip</a></li>
|
<li><a href="https://git.deuxfleurs.fr/Deuxfleurs/garage/archive/${x.version}.zip">.zip</a></li>
|
||||||
<li><a href="https://git.deuxfleurs.fr/Deuxfleurs/garage/archive/${x.version}.tar.gz">.tar.gz</a></li>
|
<li><a href="https://git.deuxfleurs.fr/Deuxfleurs/garage/archive/${x.version}.tar.gz">.tar.gz</a></li>
|
||||||
</ul></p>
|
</ul></p>
|
||||||
'')) }
|
''))
|
||||||
${ if builtins.length r.builds == 0 then "<em>There is no build for this category</em>" else "" }
|
}
|
||||||
|
${
|
||||||
|
if builtins.length r.builds == 0 then
|
||||||
|
"<em>There is no build for this category</em>"
|
||||||
|
else
|
||||||
|
""
|
||||||
|
}
|
||||||
${if r.hide then "</details>" else ""}
|
${if r.hide then "</details>" else ""}
|
||||||
</section>
|
</section>
|
||||||
''))}
|
''))
|
||||||
|
}
|
||||||
</body>
|
</body>
|
||||||
</html>
|
</html>
|
||||||
'';
|
'';
|
||||||
in
|
in pkgs.symlinkJoin {
|
||||||
pkgs.symlinkJoin {
|
|
||||||
name = "releases";
|
name = "releases";
|
||||||
paths = [ json html ];
|
paths = [ json html ];
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,10 +1,9 @@
|
||||||
rec {
|
rec {
|
||||||
/*
|
# * Fixed dependencies
|
||||||
* Fixed dependencies
|
|
||||||
*/
|
|
||||||
pkgsSrc = fetchTarball {
|
pkgsSrc = fetchTarball {
|
||||||
# As of 2022-10-13
|
# As of 2022-10-13
|
||||||
url = "https://github.com/NixOS/nixpkgs/archive/a3073c49bc0163fea6a121c276f526837672b555.zip";
|
url =
|
||||||
|
"https://github.com/NixOS/nixpkgs/archive/a3073c49bc0163fea6a121c276f526837672b555.zip";
|
||||||
sha256 = "1bz632psfbpmicyzjb8b4265y50shylccvfm6ry6mgnv5hvz324s";
|
sha256 = "1bz632psfbpmicyzjb8b4265y50shylccvfm6ry6mgnv5hvz324s";
|
||||||
};
|
};
|
||||||
cargo2nixSrc = fetchGit {
|
cargo2nixSrc = fetchGit {
|
||||||
|
@ -14,9 +13,7 @@ rec {
|
||||||
rev = "a7a61179b66054904ef6a195d8da736eaaa06c36";
|
rev = "a7a61179b66054904ef6a195d8da736eaaa06c36";
|
||||||
};
|
};
|
||||||
|
|
||||||
/*
|
# * Shared objects
|
||||||
* Shared objects
|
|
||||||
*/
|
|
||||||
cargo2nix = import cargo2nixSrc;
|
cargo2nix = import cargo2nixSrc;
|
||||||
cargo2nixOverlay = cargo2nix.overlays.default;
|
cargo2nixOverlay = cargo2nix.overlays.default;
|
||||||
}
|
}
|
||||||
|
|
141
nix/compile.nix
141
nix/compile.nix
|
@ -1,19 +1,10 @@
|
||||||
{
|
{ system, target ? null, pkgsSrc, cargo2nixOverlay, compiler ? "rustc"
|
||||||
system,
|
, release ? false, git_version ? null, features ? null, }:
|
||||||
target ? null,
|
|
||||||
pkgsSrc,
|
|
||||||
cargo2nixOverlay,
|
|
||||||
compiler ? "rustc",
|
|
||||||
release ? false,
|
|
||||||
git_version ? null,
|
|
||||||
features ? null,
|
|
||||||
}:
|
|
||||||
|
|
||||||
let
|
let
|
||||||
log = v: builtins.trace v v;
|
log = v: builtins.trace v v;
|
||||||
|
|
||||||
pkgs =
|
pkgs = if target != null then
|
||||||
if target != null then
|
|
||||||
import pkgsSrc {
|
import pkgsSrc {
|
||||||
inherit system;
|
inherit system;
|
||||||
crossSystem = {
|
crossSystem = {
|
||||||
|
@ -28,8 +19,7 @@ let
|
||||||
overlays = [ cargo2nixOverlay ];
|
overlays = [ cargo2nixOverlay ];
|
||||||
};
|
};
|
||||||
|
|
||||||
/*
|
/* Cargo2nix is built for rustOverlay which installs Rust from Mozilla releases.
|
||||||
Cargo2nix is built for rustOverlay which installs Rust from Mozilla releases.
|
|
||||||
This is fine for 64-bit platforms, but for 32-bit platforms, we need our own Rust
|
This is fine for 64-bit platforms, but for 32-bit platforms, we need our own Rust
|
||||||
to avoid incompatibilities with time_t between different versions of musl
|
to avoid incompatibilities with time_t between different versions of musl
|
||||||
(>= 1.2.0 shipped by NixOS, < 1.2.0 with which rustc was built), which lead to compilation breakage.
|
(>= 1.2.0 shipped by NixOS, < 1.2.0 with which rustc was built), which lead to compilation breakage.
|
||||||
|
@ -40,8 +30,8 @@ let
|
||||||
In practise, rustOverlay ships rustc+cargo in a single derivation while
|
In practise, rustOverlay ships rustc+cargo in a single derivation while
|
||||||
NixOS ships them in separate ones. We reunite them with symlinkJoin.
|
NixOS ships them in separate ones. We reunite them with symlinkJoin.
|
||||||
*/
|
*/
|
||||||
toolchainOptions =
|
toolchainOptions = if target == null || target == "x86_64-unknown-linux-musl"
|
||||||
if target == null || target == "x86_64-unknown-linux-musl" || target == "aarch64-unknown-linux-musl" then {
|
|| target == "aarch64-unknown-linux-musl" then {
|
||||||
rustVersion = "1.63.0";
|
rustVersion = "1.63.0";
|
||||||
extraRustComponents = [ "clippy" ];
|
extraRustComponents = [ "clippy" ];
|
||||||
} else {
|
} else {
|
||||||
|
@ -55,8 +45,8 @@ let
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
buildEnv = (drv:
|
||||||
buildEnv = (drv: {
|
{
|
||||||
rustc = drv.setBuildEnv;
|
rustc = drv.setBuildEnv;
|
||||||
clippy = ''
|
clippy = ''
|
||||||
${drv.setBuildEnv or ""}
|
${drv.setBuildEnv or ""}
|
||||||
|
@ -69,16 +59,15 @@ let
|
||||||
'';
|
'';
|
||||||
}.${compiler});
|
}.${compiler});
|
||||||
|
|
||||||
/*
|
/* Cargo2nix provides many overrides by default, you can take inspiration from them:
|
||||||
Cargo2nix provides many overrides by default, you can take inspiration from them:
|
|
||||||
https://github.com/cargo2nix/cargo2nix/blob/master/overlay/overrides.nix
|
https://github.com/cargo2nix/cargo2nix/blob/master/overlay/overrides.nix
|
||||||
|
|
||||||
You can have a complete list of the available options by looking at the overriden object, mkcrate:
|
You can have a complete list of the available options by looking at the overriden object, mkcrate:
|
||||||
https://github.com/cargo2nix/cargo2nix/blob/master/overlay/mkcrate.nix
|
https://github.com/cargo2nix/cargo2nix/blob/master/overlay/mkcrate.nix
|
||||||
*/
|
*/
|
||||||
packageOverrides = pkgs: pkgs.rustBuilder.overrides.all ++ [
|
packageOverrides = pkgs:
|
||||||
/*
|
pkgs.rustBuilder.overrides.all ++ [
|
||||||
[1] We add some logic to compile our crates with clippy, it provides us many additional lints
|
/* [1] We add some logic to compile our crates with clippy, it provides us many additional lints
|
||||||
|
|
||||||
[2] We need to alter Nix hardening to make static binaries: PIE,
|
[2] We need to alter Nix hardening to make static binaries: PIE,
|
||||||
Position Independent Executables seems to be supported only on amd64. Having
|
Position Independent Executables seems to be supported only on amd64. Having
|
||||||
|
@ -100,103 +89,119 @@ let
|
||||||
name = "garage";
|
name = "garage";
|
||||||
overrideAttrs = drv:
|
overrideAttrs = drv:
|
||||||
(if git_version != null then {
|
(if git_version != null then {
|
||||||
/* [3] */ preConfigure = ''
|
# [3]
|
||||||
|
preConfigure = ''
|
||||||
${drv.preConfigure or ""}
|
${drv.preConfigure or ""}
|
||||||
export GIT_VERSION="${git_version}"
|
export GIT_VERSION="${git_version}"
|
||||||
'';
|
'';
|
||||||
} else {})
|
} else
|
||||||
//
|
{ }) // {
|
||||||
{
|
# [1]
|
||||||
/* [1] */ setBuildEnv = (buildEnv drv);
|
setBuildEnv = (buildEnv drv);
|
||||||
/* [2] */ hardeningDisable = [ "pie" ];
|
# [2]
|
||||||
|
hardeningDisable = [ "pie" ];
|
||||||
};
|
};
|
||||||
})
|
})
|
||||||
|
|
||||||
(pkgs.rustBuilder.rustLib.makeOverride {
|
(pkgs.rustBuilder.rustLib.makeOverride {
|
||||||
name = "garage_rpc";
|
name = "garage_rpc";
|
||||||
overrideAttrs = drv: { /* [1] */ setBuildEnv = (buildEnv drv); };
|
overrideAttrs = drv: { # [1]
|
||||||
|
setBuildEnv = (buildEnv drv);
|
||||||
|
};
|
||||||
})
|
})
|
||||||
|
|
||||||
(pkgs.rustBuilder.rustLib.makeOverride {
|
(pkgs.rustBuilder.rustLib.makeOverride {
|
||||||
name = "garage_db";
|
name = "garage_db";
|
||||||
overrideAttrs = drv: { /* [1] */ setBuildEnv = (buildEnv drv); };
|
overrideAttrs = drv: { # [1]
|
||||||
|
setBuildEnv = (buildEnv drv);
|
||||||
|
};
|
||||||
})
|
})
|
||||||
|
|
||||||
(pkgs.rustBuilder.rustLib.makeOverride {
|
(pkgs.rustBuilder.rustLib.makeOverride {
|
||||||
name = "garage_util";
|
name = "garage_util";
|
||||||
overrideAttrs = drv: { /* [1] */ setBuildEnv = (buildEnv drv); };
|
overrideAttrs = drv: { # [1]
|
||||||
|
setBuildEnv = (buildEnv drv);
|
||||||
|
};
|
||||||
})
|
})
|
||||||
|
|
||||||
(pkgs.rustBuilder.rustLib.makeOverride {
|
(pkgs.rustBuilder.rustLib.makeOverride {
|
||||||
name = "garage_table";
|
name = "garage_table";
|
||||||
overrideAttrs = drv: { /* [1] */ setBuildEnv = (buildEnv drv); };
|
overrideAttrs = drv: { # [1]
|
||||||
|
setBuildEnv = (buildEnv drv);
|
||||||
|
};
|
||||||
})
|
})
|
||||||
|
|
||||||
(pkgs.rustBuilder.rustLib.makeOverride {
|
(pkgs.rustBuilder.rustLib.makeOverride {
|
||||||
name = "garage_block";
|
name = "garage_block";
|
||||||
overrideAttrs = drv: { /* [1] */ setBuildEnv = (buildEnv drv); };
|
overrideAttrs = drv: { # [1]
|
||||||
|
setBuildEnv = (buildEnv drv);
|
||||||
|
};
|
||||||
})
|
})
|
||||||
|
|
||||||
(pkgs.rustBuilder.rustLib.makeOverride {
|
(pkgs.rustBuilder.rustLib.makeOverride {
|
||||||
name = "garage_model";
|
name = "garage_model";
|
||||||
overrideAttrs = drv: { /* [1] */ setBuildEnv = (buildEnv drv); };
|
overrideAttrs = drv: { # [1]
|
||||||
|
setBuildEnv = (buildEnv drv);
|
||||||
|
};
|
||||||
})
|
})
|
||||||
|
|
||||||
(pkgs.rustBuilder.rustLib.makeOverride {
|
(pkgs.rustBuilder.rustLib.makeOverride {
|
||||||
name = "garage_api";
|
name = "garage_api";
|
||||||
overrideAttrs = drv: { /* [1] */ setBuildEnv = (buildEnv drv); };
|
overrideAttrs = drv: { # [1]
|
||||||
|
setBuildEnv = (buildEnv drv);
|
||||||
|
};
|
||||||
})
|
})
|
||||||
|
|
||||||
(pkgs.rustBuilder.rustLib.makeOverride {
|
(pkgs.rustBuilder.rustLib.makeOverride {
|
||||||
name = "garage_web";
|
name = "garage_web";
|
||||||
overrideAttrs = drv: { /* [1] */ setBuildEnv = (buildEnv drv); };
|
overrideAttrs = drv: { # [1]
|
||||||
|
setBuildEnv = (buildEnv drv);
|
||||||
|
};
|
||||||
})
|
})
|
||||||
|
|
||||||
(pkgs.rustBuilder.rustLib.makeOverride {
|
(pkgs.rustBuilder.rustLib.makeOverride {
|
||||||
name = "k2v-client";
|
name = "k2v-client";
|
||||||
overrideAttrs = drv: { /* [1] */ setBuildEnv = (buildEnv drv); };
|
overrideAttrs = drv: { # [1]
|
||||||
|
setBuildEnv = (buildEnv drv);
|
||||||
|
};
|
||||||
})
|
})
|
||||||
|
|
||||||
(pkgs.rustBuilder.rustLib.makeOverride {
|
(pkgs.rustBuilder.rustLib.makeOverride {
|
||||||
name = "libsodium-sys";
|
name = "libsodium-sys";
|
||||||
overrideArgs = old: {
|
overrideArgs = old: {
|
||||||
features = [ ]; /* [4] */
|
features = [ ]; # [4]
|
||||||
};
|
};
|
||||||
})
|
})
|
||||||
|
|
||||||
(pkgs.rustBuilder.rustLib.makeOverride {
|
(pkgs.rustBuilder.rustLib.makeOverride {
|
||||||
name = "zstd-sys";
|
name = "zstd-sys";
|
||||||
overrideArgs = old: {
|
overrideArgs = old: {
|
||||||
features = [ ]; /* [4] */
|
features = [ ]; # [4]
|
||||||
};
|
};
|
||||||
})
|
})
|
||||||
];
|
];
|
||||||
|
|
||||||
/*
|
/* We ship some parts of the code disabled by default by putting them behind a flag.
|
||||||
We ship some parts of the code disabled by default by putting them behind a flag.
|
|
||||||
It speeds up the compilation (when the feature is not required) and released crates have less dependency by default (less attack surface, disk space, etc.).
|
It speeds up the compilation (when the feature is not required) and released crates have less dependency by default (less attack surface, disk space, etc.).
|
||||||
But we want to ship these additional features when we release Garage.
|
But we want to ship these additional features when we release Garage.
|
||||||
In the end, we chose to exclude all features from debug builds while putting (all of) them in the release builds.
|
In the end, we chose to exclude all features from debug builds while putting (all of) them in the release builds.
|
||||||
*/
|
*/
|
||||||
rootFeatures = if features != null then features else
|
rootFeatures = if features != null then
|
||||||
([
|
features
|
||||||
"garage/bundled-libs"
|
else
|
||||||
"garage/sled"
|
([ "garage/bundled-libs" "garage/sled" "garage/k2v" ] ++ (if release then [
|
||||||
"garage/k2v"
|
|
||||||
] ++ (if release then [
|
|
||||||
"garage/consul-discovery"
|
"garage/consul-discovery"
|
||||||
"garage/kubernetes-discovery"
|
"garage/kubernetes-discovery"
|
||||||
"garage/metrics"
|
"garage/metrics"
|
||||||
"garage/telemetry-otlp"
|
"garage/telemetry-otlp"
|
||||||
"garage/lmdb"
|
"garage/lmdb"
|
||||||
"garage/sqlite"
|
"garage/sqlite"
|
||||||
] else []));
|
] else
|
||||||
|
[ ]));
|
||||||
|
|
||||||
packageFun = import ../Cargo.nix;
|
packageFun = import ../Cargo.nix;
|
||||||
|
|
||||||
/*
|
/* We compile fully static binaries with musl to simplify deployment on most systems.
|
||||||
We compile fully static binaries with musl to simplify deployment on most systems.
|
|
||||||
When possible, we reactivate PIE hardening (see above).
|
When possible, we reactivate PIE hardening (see above).
|
||||||
|
|
||||||
Also, if you set the RUSTFLAGS environment variable, the following parameters will
|
Also, if you set the RUSTFLAGS environment variable, the following parameters will
|
||||||
|
@ -207,21 +212,29 @@ let
|
||||||
*/
|
*/
|
||||||
|
|
||||||
codegenOpts = {
|
codegenOpts = {
|
||||||
"armv6l-unknown-linux-musleabihf" = [ "target-feature=+crt-static" "link-arg=-static" ]; /* compile as dynamic with static-pie */
|
"armv6l-unknown-linux-musleabihf" = [
|
||||||
"aarch64-unknown-linux-musl" = [ "target-feature=+crt-static" "link-arg=-static" ]; /* segfault with static-pie */
|
"target-feature=+crt-static"
|
||||||
"i686-unknown-linux-musl" = [ "target-feature=+crt-static" "link-arg=-static" ]; /* segfault with static-pie */
|
"link-arg=-static"
|
||||||
"x86_64-unknown-linux-musl" = [ "target-feature=+crt-static" "link-arg=-static-pie" ];
|
]; # compile as dynamic with static-pie
|
||||||
|
"aarch64-unknown-linux-musl" = [
|
||||||
|
"target-feature=+crt-static"
|
||||||
|
"link-arg=-static"
|
||||||
|
]; # segfault with static-pie
|
||||||
|
"i686-unknown-linux-musl" = [
|
||||||
|
"target-feature=+crt-static"
|
||||||
|
"link-arg=-static"
|
||||||
|
]; # segfault with static-pie
|
||||||
|
"x86_64-unknown-linux-musl" =
|
||||||
|
[ "target-feature=+crt-static" "link-arg=-static-pie" ];
|
||||||
};
|
};
|
||||||
|
|
||||||
/*
|
# NixOS and Rust/Cargo triples do not match for ARM, fix it here.
|
||||||
NixOS and Rust/Cargo triples do not match for ARM, fix it here.
|
rustTarget = if target == "armv6l-unknown-linux-musleabihf" then
|
||||||
*/
|
"arm-unknown-linux-musleabihf"
|
||||||
rustTarget = if target == "armv6l-unknown-linux-musleabihf"
|
else
|
||||||
then "arm-unknown-linux-musleabihf"
|
target;
|
||||||
else target;
|
|
||||||
|
|
||||||
in
|
in pkgs.rustBuilder.makePackageSet ({
|
||||||
pkgs.rustBuilder.makePackageSet ({
|
|
||||||
inherit release packageFun packageOverrides codegenOpts rootFeatures;
|
inherit release packageFun packageOverrides codegenOpts rootFeatures;
|
||||||
target = rustTarget;
|
target = rustTarget;
|
||||||
} // toolchainOptions)
|
} // toolchainOptions)
|
||||||
|
|
|
@ -15,7 +15,8 @@ pkgs.buildGoModule rec {
|
||||||
checkPhase = "true";
|
checkPhase = "true";
|
||||||
|
|
||||||
meta = with pkgs.lib; {
|
meta = with pkgs.lib; {
|
||||||
description = "kaniko is a tool to build container images from a Dockerfile, inside a container or Kubernetes cluster.";
|
description =
|
||||||
|
"kaniko is a tool to build container images from a Dockerfile, inside a container or Kubernetes cluster.";
|
||||||
homepage = "https://github.com/GoogleContainerTools/kaniko";
|
homepage = "https://github.com/GoogleContainerTools/kaniko";
|
||||||
license = licenses.asl20;
|
license = licenses.asl20;
|
||||||
platforms = platforms.linux;
|
platforms = platforms.linux;
|
||||||
|
|
|
@ -15,7 +15,8 @@ pkgs.buildGoModule rec {
|
||||||
checkPhase = "true";
|
checkPhase = "true";
|
||||||
|
|
||||||
meta = with pkgs.lib; {
|
meta = with pkgs.lib; {
|
||||||
description = "Command line tool to create and query container image manifest list/indexes";
|
description =
|
||||||
|
"Command line tool to create and query container image manifest list/indexes";
|
||||||
homepage = "https://github.com/estesp/manifest-tool";
|
homepage = "https://github.com/estesp/manifest-tool";
|
||||||
license = licenses.asl20;
|
license = licenses.asl20;
|
||||||
platforms = platforms.linux;
|
platforms = platforms.linux;
|
||||||
|
|
|
@ -1,6 +1,4 @@
|
||||||
{
|
{ system ? builtins.currentSystem, }:
|
||||||
system ? builtins.currentSystem,
|
|
||||||
}:
|
|
||||||
|
|
||||||
with import ./common.nix;
|
with import ./common.nix;
|
||||||
|
|
||||||
|
@ -11,7 +9,8 @@ let
|
||||||
#"aarch64-unknown-linux-musl"
|
#"aarch64-unknown-linux-musl"
|
||||||
"armv6l-unknown-linux-musleabihf"
|
"armv6l-unknown-linux-musleabihf"
|
||||||
];
|
];
|
||||||
pkgsList = builtins.map (target: import pkgsSrc {
|
pkgsList = builtins.map (target:
|
||||||
|
import pkgsSrc {
|
||||||
inherit system;
|
inherit system;
|
||||||
crossSystem = {
|
crossSystem = {
|
||||||
config = target;
|
config = target;
|
||||||
|
@ -24,14 +23,9 @@ let
|
||||||
kaniko = (import ./kaniko.nix) pkgsHost;
|
kaniko = (import ./kaniko.nix) pkgsHost;
|
||||||
winscp = (import ./winscp.nix) pkgsHost;
|
winscp = (import ./winscp.nix) pkgsHost;
|
||||||
manifestTool = (import ./manifest-tool.nix) pkgsHost;
|
manifestTool = (import ./manifest-tool.nix) pkgsHost;
|
||||||
in
|
in lib.flatten (builtins.map (pkgs: [
|
||||||
lib.flatten (builtins.map (pkgs: [
|
|
||||||
pkgs.rustPlatform.rust.rustc
|
pkgs.rustPlatform.rust.rustc
|
||||||
pkgs.rustPlatform.rust.cargo
|
pkgs.rustPlatform.rust.cargo
|
||||||
pkgs.buildPackages.stdenv.cc
|
pkgs.buildPackages.stdenv.cc
|
||||||
]) pkgsList) ++ [
|
]) pkgsList) ++ [ kaniko winscp manifestTool ]
|
||||||
kaniko
|
|
||||||
winscp
|
|
||||||
manifestTool
|
|
||||||
]
|
|
||||||
|
|
||||||
|
|
31
shell.nix
31
shell.nix
|
@ -1,6 +1,4 @@
|
||||||
{
|
{ system ? builtins.currentSystem, }:
|
||||||
system ? builtins.currentSystem,
|
|
||||||
}:
|
|
||||||
|
|
||||||
with import ./nix/common.nix;
|
with import ./nix/common.nix;
|
||||||
|
|
||||||
|
@ -13,11 +11,9 @@ let
|
||||||
manifest-tool = (import ./nix/manifest-tool.nix) pkgs;
|
manifest-tool = (import ./nix/manifest-tool.nix) pkgs;
|
||||||
winscp = (import ./nix/winscp.nix) pkgs;
|
winscp = (import ./nix/winscp.nix) pkgs;
|
||||||
|
|
||||||
in
|
in {
|
||||||
{
|
# --- Rust Shell ---
|
||||||
/* --- Rust Shell ---
|
# Use it to compile Garage
|
||||||
* Use it to compile Garage
|
|
||||||
*/
|
|
||||||
rust = pkgs.mkShell {
|
rust = pkgs.mkShell {
|
||||||
nativeBuildInputs = [
|
nativeBuildInputs = [
|
||||||
#pkgs.rustPlatform.rust.rustc
|
#pkgs.rustPlatform.rust.rustc
|
||||||
|
@ -33,9 +29,8 @@ in
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
|
||||||
/* --- Integration shell ---
|
# --- Integration shell ---
|
||||||
* Use it to test Garage with common S3 clients
|
# Use it to test Garage with common S3 clients
|
||||||
*/
|
|
||||||
integration = pkgs.mkShell {
|
integration = pkgs.mkShell {
|
||||||
nativeBuildInputs = [
|
nativeBuildInputs = [
|
||||||
winscp
|
winscp
|
||||||
|
@ -52,9 +47,8 @@ in
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
|
||||||
/* --- Release shell ---
|
# --- Release shell ---
|
||||||
* A shell built to make releasing easier
|
# A shell built to make releasing easier
|
||||||
*/
|
|
||||||
release = pkgs.mkShell {
|
release = pkgs.mkShell {
|
||||||
shellHook = ''
|
shellHook = ''
|
||||||
function refresh_toolchain {
|
function refresh_toolchain {
|
||||||
|
@ -80,7 +74,7 @@ function refresh_cache {
|
||||||
|
|
||||||
function refresh_flake_cache {
|
function refresh_flake_cache {
|
||||||
pass show deuxfleurs/nix_priv_key > /tmp/nix-signing-key.sec
|
pass show deuxfleurs/nix_priv_key > /tmp/nix-signing-key.sec
|
||||||
for attr in packages.x86_64-linux.default; do
|
for attr in packages.x86_64-linux.default devShell.x86_64-linux; do
|
||||||
echo "Updating cache for ''${attr}"
|
echo "Updating cache for ''${attr}"
|
||||||
derivation=$(nix path-info --derivation ".#''${attr}")
|
derivation=$(nix path-info --derivation ".#''${attr}")
|
||||||
nix copy -j8 \
|
nix copy -j8 \
|
||||||
|
@ -162,12 +156,7 @@ function refresh_index {
|
||||||
s3://garagehq.deuxfleurs.fr/
|
s3://garagehq.deuxfleurs.fr/
|
||||||
}
|
}
|
||||||
'';
|
'';
|
||||||
nativeBuildInputs = [
|
nativeBuildInputs = [ pkgs.awscli2 kaniko manifest-tool ];
|
||||||
pkgs.awscli2
|
|
||||||
kaniko
|
|
||||||
manifest-tool
|
|
||||||
];
|
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue