From 4f1d1d71d864bb84e1b3d3d2535fdbae5a3f2da9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Arma=C3=ABl=20Gu=C3=A9neau?= Date: Tue, 18 Feb 2025 17:16:05 +0100 Subject: [PATCH] flake.nix: switch to crane --- Cargo.lock | 13 ++++++- Cargo.toml | 1 + flake.lock | 88 ++++++++++++++++++++--------------------- flake.nix | 112 +++++++++++++++++++++++++++++------------------------ 4 files changed, 116 insertions(+), 98 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 7c4c625..f1b2ea6 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -1,6 +1,6 @@ # This file is automatically @generated by Cargo. # It is not intended for manual editing. -version = 3 +version = 4 [[package]] name = "accept-encoding-fork" @@ -1126,6 +1126,15 @@ version = "0.1.5" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "ff011a302c396a5197692431fc1948019154afc178baf7d8e37367442a4601cf" +[[package]] +name = "openssl-src" +version = "300.2.3+3.2.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5cff92b6f71555b61bb9315f7c64da3ca43d87531622120fea0195fc761b4843" +dependencies = [ + "cc", +] + [[package]] name = "openssl-sys" version = "0.9.104" @@ -1134,6 +1143,7 @@ checksum = "45abf306cbf99debc8195b66b7346498d7b10c210de50418b5ccd7ceba08c741" dependencies = [ "cc", "libc", + "openssl-src", "pkg-config", "vcpkg", ] @@ -2254,6 +2264,7 @@ dependencies = [ "http", "hyper", "hyper-rustls", + "openssl", "opentelemetry", "opentelemetry-prometheus", "prometheus", diff --git a/Cargo.toml b/Cargo.toml index f6d7bfe..82e0c82 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -26,6 +26,7 @@ hyper = { version = "0.14", features = [ "full" ] } futures-util = "0.3" tokio-rustls = "0.24" hyper-rustls = "0.24" +openssl = { version = "*", features = [ "vendored" ] } http = "0.2" structopt = "0.3" glob = "0.3" diff --git a/flake.lock b/flake.lock index d0f6e30..5a8643a 100644 --- a/flake.lock +++ b/flake.lock @@ -1,52 +1,30 @@ { "nodes": { - "cargo2nix": { - "inputs": { - "flake-compat": "flake-compat", - "flake-utils": "flake-utils", - "nixpkgs": [ - "nixpkgs" - ], - "rust-overlay": "rust-overlay" - }, + "crane": { "locked": { - "lastModified": 1713199118, - "narHash": "sha256-MlLdAvk+zXCFUy280sY6LqtykqWXIkKVXo72J7a6HlU=", - "owner": "cargo2nix", - "repo": "cargo2nix", - "rev": "1efb03f2f794ad5eed17e807e858c4da001dbc3e", + "lastModified": 1739638817, + "narHash": "sha256-pPiI27T416xAAUETorkLAgHQMiLT92moOrf0ItHhtPA=", + "owner": "ipetkov", + "repo": "crane", + "rev": "bef2b45cd1273a9e621fb5292de89f4ed59ad812", "type": "github" }, "original": { - "owner": "cargo2nix", - "repo": "cargo2nix", - "rev": "1efb03f2f794ad5eed17e807e858c4da001dbc3e", - "type": "github" - } - }, - "flake-compat": { - "flake": false, - "locked": { - "lastModified": 1650374568, - "narHash": "sha256-Z+s0J8/r907g149rllvwhb4pKi8Wam5ij0st8PwAh+E=", - "owner": "edolstra", - "repo": "flake-compat", - "rev": "b4a34015c698c7793d592d66adbab377907a2be8", - "type": "github" - }, - "original": { - "owner": "edolstra", - "repo": "flake-compat", + "owner": "ipetkov", + "repo": "crane", "type": "github" } }, "flake-utils": { + "inputs": { + "systems": "systems" + }, "locked": { - "lastModified": 1659877975, - "narHash": "sha256-zllb8aq3YO3h8B/U0/J1WBgAL8EX5yWf5pMj3G0NAmc=", + "lastModified": 1731533236, + "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", "owner": "numtide", "repo": "flake-utils", - "rev": "c0e246b9b83f637f4681389ecabcb2681b4f3af0", + "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", "type": "github" }, "original": { @@ -57,45 +35,61 @@ }, "nixpkgs": { "locked": { - "lastModified": 1731094700, - "narHash": "sha256-lSiVjHP7sgnCt2hZabnq+tCLmBerDKmAdd2CS6BrBjw=", + "lastModified": 1736692550, + "narHash": "sha256-7tk8xH+g0sJkKLTJFOxphJxxOjMDFMWv24nXslaU2ro=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "551ba0fa7653afb9d590db225c3bcbccf68931c0", + "rev": "7c4869c47090dd7f9f1bdfb49a22aea026996815", "type": "github" }, "original": { "owner": "NixOS", "repo": "nixpkgs", - "rev": "551ba0fa7653afb9d590db225c3bcbccf68931c0", + "rev": "7c4869c47090dd7f9f1bdfb49a22aea026996815", "type": "github" } }, "root": { "inputs": { - "cargo2nix": "cargo2nix", - "nixpkgs": "nixpkgs" + "crane": "crane", + "flake-utils": "flake-utils", + "nixpkgs": "nixpkgs", + "rust-overlay": "rust-overlay" } }, "rust-overlay": { "inputs": { "nixpkgs": [ - "cargo2nix", "nixpkgs" ] }, "locked": { - "lastModified": 1731032894, - "narHash": "sha256-dQSyYPmrQiPr+PGEd+K8038rubFGz7G/dNXVeaGWE0w=", + "lastModified": 1738549608, + "narHash": "sha256-GdyT9QEUSx5k/n8kILuNy83vxxdyUfJ8jL5mMpQZWfw=", "owner": "oxalica", "repo": "rust-overlay", - "rev": "d52f2a4c103a0acf09ded857b9e2519ae2360e59", + "rev": "35c6f8c4352f995ecd53896200769f80a3e8f22d", "type": "github" }, "original": { "owner": "oxalica", "repo": "rust-overlay", - "rev": "d52f2a4c103a0acf09ded857b9e2519ae2360e59", + "rev": "35c6f8c4352f995ecd53896200769f80a3e8f22d", + "type": "github" + } + }, + "systems": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", "type": "github" } } diff --git a/flake.nix b/flake.nix index 5107e05..a3752d1 100644 --- a/flake.nix +++ b/flake.nix @@ -1,61 +1,73 @@ { description = "Tricot, a reverse proxy with consul integration"; - # Nixpkgs 24.05 as of 2024-11-08, has rustc v1.77.2 + # Nixpkgs 24.11 as of 2025-01-12 inputs.nixpkgs.url = - "github:NixOS/nixpkgs/551ba0fa7653afb9d590db225c3bcbccf68931c0"; - inputs.cargo2nix = { - # cargo2nix as of 2024-04-25 - # NB: upgrading to a more recent commit of cargo2nix will not work (as of 2024-11-08), - # because the patch making openssl-sys cross-compilation work has been reverted. - # (patch: https://github.com/cargo2nix/cargo2nix/pull/237, - # revert: https://github.com/cargo2nix/cargo2nix/commit/cfd086deb565314f3a11b5bb25807a3ce17315d4) - url = "github:cargo2nix/cargo2nix/1efb03f2f794ad5eed17e807e858c4da001dbc3e"; + "github:NixOS/nixpkgs/7c4869c47090dd7f9f1bdfb49a22aea026996815"; - # Rust overlay as of 2024-11-08 - inputs.rust-overlay.url = - "github:oxalica/rust-overlay/d52f2a4c103a0acf09ded857b9e2519ae2360e59"; + # Rust overlay as of 2025-02-03 + inputs.rust-overlay.url = + "github:oxalica/rust-overlay/35c6f8c4352f995ecd53896200769f80a3e8f22d"; + inputs.rust-overlay.inputs.nixpkgs.follows = "nixpkgs"; - inputs.nixpkgs.follows = "nixpkgs"; - }; + inputs.crane.url = "github:ipetkov/crane"; - outputs = { self, nixpkgs, cargo2nix }: - let - targetHost = "x86_64-unknown-linux-musl"; - pkgs = import nixpkgs { - system = "x86_64-linux"; - crossSystem = { - config = targetHost; - isStatic = true; - }; - overlays = [ cargo2nix.overlays.default ]; - }; - packageFun = import ./Cargo.nix; - rustVersion = "1.77.2"; + inputs.flake-utils.url = "github:numtide/flake-utils"; - compile = args: compileMode: + outputs = { self, nixpkgs, crane, flake-utils, rust-overlay, ... }: + flake-utils.lib.eachSystem [ "x86_64-linux" ] (localSystem: let - packageSet = pkgs.rustBuilder.makePackageSet ({ - inherit packageFun rustVersion; - target = targetHost; - } // args); - in - packageSet.workspace.tricot { - inherit compileMode; - }; - in - { - test.x86_64-linux.tricot = compile { release = false; } "test"; - debug.x86_64-linux.tricot = compile { release = false; } "build"; - packages.x86_64-linux.tricot = compile { release = true; } "build"; - packages.x86_64-linux.default = self.packages.x86_64-linux.tricot; + crossSystem = "x86_64-unknown-linux-musl"; + rustVersion = "1.84.0"; - docker = pkgs.dockerTools.buildImage { - name = "tricot"; - config = { - contents = [ pkgs.cacert ]; - Cmd = [ "${self.packages.x86_64-linux.default}/bin/tricot" ]; - }; - }; - }; + pkgs = import nixpkgs { + # we need a full musl toolchain because we're depending on openssl (a + # C library), which we thus need to compile for musl + inherit localSystem; + crossSystem = { config = crossSystem; }; + overlays = [ (import rust-overlay) ]; + }; + + craneLib = (crane.mkLib pkgs).overrideToolchain + (p: p.rust-bin.stable.${rustVersion}.default); + + commonArgs = { + src = craneLib.cleanCargoSource ./.; + strictDeps = true; + + # required for building openssl + nativeBuildInputs = [ + pkgs.perl + ]; + OPENSSL_STATIC = "yes"; + + CARGO_BUILD_TARGET = crossSystem; + CARGO_BUILD_RUSTFLAGS = "-C target-feature=+crt-static"; + }; + in + { + packages = rec { + default = craneLib.buildPackage (commonArgs // { + CARGO_PROFILE = "release"; + }); + + debug = craneLib.buildPackage (commonArgs // { + CARGO_PROFILE = "dev"; + }); + + test = craneLib.buildPackage (commonArgs // { + CARGO_PROFILE = "test"; + cargoExtraArgs = "--tests"; + }); + + docker = pkgs.dockerTools.buildImage { + name = "tricot"; + config = { + contents = [ pkgs.cacert ]; + Cmd = [ "${self.packages.x86_64-linux.default}/bin/tricot" ]; + }; + }; + }; + } + ); }