diff options
author | Alyssa Ross <hi@alyssa.is> | 2019-01-07 02:18:36 +0000 |
---|---|---|
committer | Alyssa Ross <hi@alyssa.is> | 2019-01-07 02:18:47 +0000 |
commit | 36f56d99fa0a0765c9f1de4a5f17a9b05830c3f2 (patch) | |
tree | b3faaf573407b32aa645237a4d16b82778a39a92 /nixpkgs/pkgs/servers/dns | |
parent | 4e31070265257dc67d120c27e0f75c2344fdfa9a (diff) | |
parent | abf060725d7614bd3b9f96764262dfbc2f9c2199 (diff) | |
download | nixlib-36f56d99fa0a0765c9f1de4a5f17a9b05830c3f2.tar nixlib-36f56d99fa0a0765c9f1de4a5f17a9b05830c3f2.tar.gz nixlib-36f56d99fa0a0765c9f1de4a5f17a9b05830c3f2.tar.bz2 nixlib-36f56d99fa0a0765c9f1de4a5f17a9b05830c3f2.tar.lz nixlib-36f56d99fa0a0765c9f1de4a5f17a9b05830c3f2.tar.xz nixlib-36f56d99fa0a0765c9f1de4a5f17a9b05830c3f2.tar.zst nixlib-36f56d99fa0a0765c9f1de4a5f17a9b05830c3f2.zip |
Add 'nixpkgs/' from commit 'abf060725d7614bd3b9f96764262dfbc2f9c2199'
git-subtree-dir: nixpkgs git-subtree-mainline: 4e31070265257dc67d120c27e0f75c2344fdfa9a git-subtree-split: abf060725d7614bd3b9f96764262dfbc2f9c2199
Diffstat (limited to 'nixpkgs/pkgs/servers/dns')
-rw-r--r-- | nixpkgs/pkgs/servers/dns/bind/darwin-openssl-linking-fix.patch | 26 | ||||
-rw-r--r-- | nixpkgs/pkgs/servers/dns/bind/default.nix | 87 | ||||
-rw-r--r-- | nixpkgs/pkgs/servers/dns/bind/dont-keep-configure-flags.patch | 41 | ||||
-rw-r--r-- | nixpkgs/pkgs/servers/dns/bind/remove-mkdir-var.patch | 12 | ||||
-rw-r--r-- | nixpkgs/pkgs/servers/dns/coredns/default.nix | 25 | ||||
-rw-r--r-- | nixpkgs/pkgs/servers/dns/coredns/deps.nix | 317 | ||||
-rw-r--r-- | nixpkgs/pkgs/servers/dns/dnsdist/default.nix | 35 | ||||
-rw-r--r-- | nixpkgs/pkgs/servers/dns/doh-proxy/default.nix | 22 | ||||
-rw-r--r-- | nixpkgs/pkgs/servers/dns/knot-dns/default.nix | 45 | ||||
-rw-r--r-- | nixpkgs/pkgs/servers/dns/knot-resolver/default.nix | 87 | ||||
-rw-r--r-- | nixpkgs/pkgs/servers/dns/nsd/default.nix | 61 | ||||
-rw-r--r-- | nixpkgs/pkgs/servers/dns/pdns-recursor/default.nix | 38 | ||||
-rw-r--r-- | nixpkgs/pkgs/servers/dns/powerdns/default.nix | 52 | ||||
-rw-r--r-- | nixpkgs/pkgs/servers/dns/powerdns/skip-sha384-test.patch | 14 |
14 files changed, 862 insertions, 0 deletions
diff --git a/nixpkgs/pkgs/servers/dns/bind/darwin-openssl-linking-fix.patch b/nixpkgs/pkgs/servers/dns/bind/darwin-openssl-linking-fix.patch new file mode 100644 index 000000000000..8276c28c3f4b --- /dev/null +++ b/nixpkgs/pkgs/servers/dns/bind/darwin-openssl-linking-fix.patch @@ -0,0 +1,26 @@ +diff --git a/configure b/configure +index b9ad66b..a2a7382 100755 +--- a/configure ++++ b/configure +@@ -16033,21 +16033,6 @@ $as_echo "not found" >&6; } + *-hp-hpux*) + DST_OPENSSL_LIBS="-L$use_openssl/lib -Wl,+b: -lcrypto" + ;; +- *-apple-darwin*) +- # +- # Apple's ld seaches for serially for dynamic +- # then static libraries. This means you can't +- # use -L to override dynamic system libraries +- # with static ones when linking. Instead +- # we specify a absolute path. +- # +- if test -f "$use_openssl/lib/libcrypto.dylib" +- then +- DST_OPENSSL_LIBS="-L$use_openssl/lib -lcrypto" +- else +- DST_OPENSSL_LIBS="$use_openssl/lib/libcrypto.a" +- fi +- ;; + *) + DST_OPENSSL_LIBS="-L$use_openssl/lib -lcrypto" + ;; diff --git a/nixpkgs/pkgs/servers/dns/bind/default.nix b/nixpkgs/pkgs/servers/dns/bind/default.nix new file mode 100644 index 000000000000..74e1fda2d423 --- /dev/null +++ b/nixpkgs/pkgs/servers/dns/bind/default.nix @@ -0,0 +1,87 @@ +{ stdenv, lib, fetchurl +, perl +, libcap, libtool, libxml2, openssl +, enablePython ? false, python3 ? null +, enableSeccomp ? false, libseccomp ? null, buildPackages +}: + +assert enableSeccomp -> libseccomp != null; +assert enablePython -> python3 != null; + +let version = "9.12.3-P1"; in + +stdenv.mkDerivation rec { + name = "bind-${version}"; + + src = fetchurl { + url = "https://ftp.isc.org/isc/bind9/${version}/${name}.tar.gz"; + sha256 = "0wzdbn6ig851354cjdys5q3gvqcvl2gmmih1gzr8ldl7sy4r7dvc"; + }; + + outputs = [ "out" "lib" "dev" "man" "dnsutils" "host" ]; + + patches = [ ./dont-keep-configure-flags.patch ./remove-mkdir-var.patch ] ++ + stdenv.lib.optional stdenv.isDarwin ./darwin-openssl-linking-fix.patch; + + nativeBuildInputs = [ perl ]; + buildInputs = [ libtool libxml2 openssl ] + ++ lib.optional stdenv.isLinux libcap + ++ lib.optional enableSeccomp libseccomp + ++ lib.optional enablePython python3; + + STD_CDEFINES = [ "-DDIG_SIGCHASE=1" ]; # support +sigchase + + depsBuildBuild = [ buildPackages.stdenv.cc ]; + + configureFlags = [ + "--localstatedir=/var" + "--with-libtool" + "--with-libxml2=${libxml2.dev}" + "--with-openssl=${openssl.dev}" + (if enablePython then "--with-python" else "--without-python") + "--without-atf" + "--without-dlopen" + "--without-docbook-xsl" + "--without-gssapi" + "--without-idn" + "--without-idnlib" + "--without-lmdb" + "--without-libjson" + "--without-pkcs11" + "--without-purify" + "--with-randomdev=/dev/random" + "--with-ecdsa" + "--with-gost" + "--without-eddsa" + "--with-aes" + ] ++ lib.optional stdenv.isLinux "--with-libcap=${libcap.dev}" + ++ lib.optional enableSeccomp "--enable-seccomp"; + + postInstall = '' + moveToOutput bin/bind9-config $dev + moveToOutput bin/isc-config.sh $dev + + moveToOutput bin/host $host + + moveToOutput bin/dig $dnsutils + moveToOutput bin/nslookup $dnsutils + moveToOutput bin/nsupdate $dnsutils + + for f in "$lib/lib/"*.la "$dev/bin/"{isc-config.sh,bind*-config}; do + sed -i "$f" -e 's|-L${openssl.dev}|-L${openssl.out}|g' + done + ''; + + doCheck = false; # requires root and the net + + meta = { + homepage = http://www.isc.org/software/bind; + description = "Domain name server"; + license = stdenv.lib.licenses.mpl20; + + maintainers = with stdenv.lib.maintainers; [peti]; + platforms = with stdenv.lib.platforms; unix; + + outputsToInstall = [ "out" "dnsutils" "host" ]; + }; +} diff --git a/nixpkgs/pkgs/servers/dns/bind/dont-keep-configure-flags.patch b/nixpkgs/pkgs/servers/dns/bind/dont-keep-configure-flags.patch new file mode 100644 index 000000000000..5a934056d13d --- /dev/null +++ b/nixpkgs/pkgs/servers/dns/bind/dont-keep-configure-flags.patch @@ -0,0 +1,41 @@ +diff --git a/bin/named/include/named/globals.h b/bin/named/include/named/globals.h +index 388dc97..3c6135c 100644 +--- a/bin/named/include/named/globals.h ++++ b/bin/named/include/named/globals.h +@@ -65,7 +65,9 @@ EXTERN const char * named_g_version INIT(VERSION); + EXTERN const char * named_g_product INIT(PRODUCT); + EXTERN const char * named_g_description INIT(DESCRIPTION); + EXTERN const char * named_g_srcid INIT(SRCID); ++#if 0 + EXTERN const char * named_g_configargs INIT(CONFIGARGS); ++#endif + EXTERN const char * named_g_builder INIT(BUILDER); + EXTERN in_port_t named_g_port INIT(0); + EXTERN isc_dscp_t named_g_dscp INIT(-1); +diff --git a/bin/named/main.c b/bin/named/main.c +index 4fb0566..60d56cd 100644 +--- a/bin/named/main.c ++++ b/bin/named/main.c +@@ -672,8 +672,10 @@ parse_command_line(int argc, char *argv[]) { + (*named_g_description != '\0') ? " " : "", + named_g_description, named_g_srcid); + printf("running on %s\n", named_os_uname()); ++ #if 0 + printf("built by %s with %s\n", + named_g_builder, named_g_configargs); ++ #endif + #ifdef __clang__ + printf("compiled by CLANG %s\n", __VERSION__); + #else +@@ -1075,9 +1077,11 @@ setup(void) { + NAMED_LOGMODULE_MAIN, ISC_LOG_NOTICE, + "running on %s", named_os_uname()); + ++#if 0 + isc_log_write(named_g_lctx, NAMED_LOGCATEGORY_GENERAL, + NAMED_LOGMODULE_MAIN, ISC_LOG_NOTICE, + "built with %s", named_g_configargs); ++#endif + + isc_log_write(named_g_lctx, NAMED_LOGCATEGORY_GENERAL, + NAMED_LOGMODULE_MAIN, ISC_LOG_NOTICE, diff --git a/nixpkgs/pkgs/servers/dns/bind/remove-mkdir-var.patch b/nixpkgs/pkgs/servers/dns/bind/remove-mkdir-var.patch new file mode 100644 index 000000000000..d0dcd580c20a --- /dev/null +++ b/nixpkgs/pkgs/servers/dns/bind/remove-mkdir-var.patch @@ -0,0 +1,12 @@ +--- a/Makefile.in ++++ b/Makefile.in +@@ -53,8 +53,7 @@ docclean manclean maintainer-clean:: + doc man:: ${MANOBJS} + + installdirs: +- $(SHELL) ${top_srcdir}/mkinstalldirs ${DESTDIR}${bindir} \ +- ${DESTDIR}${localstatedir}/run ${DESTDIR}${sysconfdir} ++ $(SHELL) ${top_srcdir}/mkinstalldirs ${DESTDIR}${bindir} ${DESTDIR}${sysconfdir} + $(SHELL) ${top_srcdir}/mkinstalldirs ${DESTDIR}${mandir}/man1 + + install:: isc-config.sh installdirs diff --git a/nixpkgs/pkgs/servers/dns/coredns/default.nix b/nixpkgs/pkgs/servers/dns/coredns/default.nix new file mode 100644 index 000000000000..bc01d9946c71 --- /dev/null +++ b/nixpkgs/pkgs/servers/dns/coredns/default.nix @@ -0,0 +1,25 @@ +{ stdenv, buildGoPackage, fetchFromGitHub }: + +buildGoPackage rec { + name = "coredns-${version}"; + version = "005"; + + goPackagePath = "github.com/miekg/coredns"; + subPackages = [ "." ]; + + src = fetchFromGitHub { + owner = "miekg"; + repo = "coredns"; + rev = "v${version}"; + sha256 = "15q8l4apspaw1xbbb9j1d8s2cc5zrgycan6iq597ga9m0vyf7wiw"; + }; + + goDeps = ./deps.nix; + + meta = with stdenv.lib; { + homepage = https://coredns.io; + description = "A DNS server that runs middleware"; + license = licenses.asl20; + maintainers = [ maintainers.rushmorem maintainers.rtreffer ]; + }; +} diff --git a/nixpkgs/pkgs/servers/dns/coredns/deps.nix b/nixpkgs/pkgs/servers/dns/coredns/deps.nix new file mode 100644 index 000000000000..18bd2b1f85d8 --- /dev/null +++ b/nixpkgs/pkgs/servers/dns/coredns/deps.nix @@ -0,0 +1,317 @@ +[ + { + goPackagePath = "github.com/cockroachdb/cmux"; + fetch = { + type = "git"; + url = "https://github.com/cockroachdb/cmux"; + rev = "30d10be492927e2dcae0089c374c455d42414fcb"; + sha256 = "0ixif6hwcm2dpi1si5ah49dmdyy5chillz1048jpvjzwzxyfv1nx"; + }; + } + { + goPackagePath = "github.com/coreos/go-semver"; + fetch = { + type = "git"; + url = "https://github.com/coreos/go-semver"; + rev = "5e3acbb5668c4c3deb4842615c4098eb61fb6b1e"; + sha256 = "0kbfr8q7s10z2r01xvbv6i31n4wq6z1qvgfj7njgbcgb65bkjjrh"; + }; + } + { + goPackagePath = "github.com/eapache/go-xerial-snappy"; + fetch = { + type = "git"; + url = "https://github.com/eapache/go-xerial-snappy"; + rev = "bb955e01b9346ac19dc29eb16586c90ded99a98c"; + sha256 = "1zhxcil8hn88hvxr2d6rmj4cls5zgss1scj0ikwiqq89f8vcgwn4"; + }; + } + { + goPackagePath = "github.com/eapache/queue"; + fetch = { + type = "git"; + url = "https://github.com/eapache/queue"; + rev = "44cc805cf13205b55f69e14bcb69867d1ae92f98"; + sha256 = "07dp54n94gn3gsvdcki56yqh7py7wqqigxbamhxwgbr05n61fqyg"; + }; + } + { + goPackagePath = "github.com/flynn/go-shlex"; + fetch = { + type = "git"; + url = "https://github.com/flynn/go-shlex"; + rev = "3f9db97f856818214da2e1057f8ad84803971cff"; + sha256 = "1j743lysygkpa2s2gii2xr32j7bxgc15zv4113b0q9jhn676ysia"; + }; + } + { + goPackagePath = "github.com/fsnotify/fsnotify"; + fetch = { + type = "git"; + url = "https://github.com/fsnotify/fsnotify"; + rev = "a904159b9206978bb6d53fcc7a769e5cd726c737"; + sha256 = "0qq758fcnhlqa1913jki79a1ic7p2iczdx1l2mn8s886nxydn0fi"; + }; + } + { + goPackagePath = "github.com/golang/snappy"; + fetch = { + type = "git"; + url = "https://github.com/golang/snappy"; + rev = "553a641470496b2327abcac10b36396bd98e45c9"; + sha256 = "0kssxnih1l722hx9219c7javganjqkqhvl3i0hp0hif6xm6chvqk"; + }; + } + { + goPackagePath = "github.com/go-logfmt/logfmt"; + fetch = { + type = "git"; + url = "https://github.com/go-logfmt/logfmt"; + rev = "390ab7935ee28ec6b286364bba9b4dd6410cb3d5"; + sha256 = "1gkgh3k5w1xwb2qbjq52p6azq3h1c1rr6pfwjlwj1zrijpzn2xb9"; + }; + } + { + goPackagePath = "github.com/hashicorp/golang-lru"; + fetch = { + type = "git"; + url = "https://github.com/hashicorp/golang-lru"; + rev = "0a025b7e63adc15a622f29b0b2c4c3848243bbf6"; + sha256 = "1iq7lbpsz7ks052mpznmkf8s4k43p51z4dik2n9ivrxk666q2wxi"; + }; + } + { + goPackagePath = "github.com/hashicorp/go-syslog"; + fetch = { + type = "git"; + url = "https://github.com/hashicorp/go-syslog"; + rev = "b609c7d9de4658cded34a7336b90886c56f9dbdb"; + sha256 = "1k0dqkizj4vwgdsb7x7fzmcgz9079sczhpn9whd0r3xcnqs7pkkb"; + }; + } + { + goPackagePath = "github.com/klauspost/crc32"; + fetch = { + type = "git"; + url = "https://github.com/klauspost/crc32"; + rev = "1bab8b35b6bb565f92cbc97939610af9369f942a"; + sha256 = "0n71bf2xkrk3b6svzsph3brwvam0cbz21pcwyymdw8scdn7mmyak"; + }; + } + { + goPackagePath = "github.com/mholt/caddy"; + fetch = { + type = "git"; + url = "https://github.com/mholt/caddy"; + rev = "60838710883baa70cf6aae08e73820b21134ee72"; + sha256 = "15dx12sap8ziwyn2wkgiy7fj1s320444zh0pn32mwjvn065c2k3z"; + }; + } + { + goPackagePath = "github.com/miekg/coredns"; + fetch = { + type = "git"; + url = "https://github.com/miekg/coredns"; + rev = "a7c9fd5d6b5157958a3df8dba0cdc1f24407957b"; + sha256 = "11zbwx74hhgrd3qlwm91gqw6zcj4yf7af54cn3183ca8v66f3xyf"; + }; + } + { + goPackagePath = "github.com/miekg/dns"; + fetch = { + type = "git"; + url = "https://github.com/miekg/dns"; + rev = "75229eecb7af00b2736e93b779a78429dcb19472"; + sha256 = "1vsjy07kkyx11iz4qsihhykac3ddq3ywdgv6bwrv407504f7x6wl"; + }; + } + { + goPackagePath = "github.com/opentracing/opentracing-go"; + fetch = { + type = "git"; + url = "https://github.com/opentracing/opentracing-go"; + rev = "6edb48674bd9467b8e91fda004f2bd7202d60ce4"; + sha256 = "0kwighhdm187b1yzcccm4hpy7m5sv1dij5ckg31n2614xvpippby"; + }; + } + { + goPackagePath = "github.com/openzipkin/zipkin-go-opentracing"; + fetch = { + type = "git"; + url = "https://github.com/openzipkin/zipkin-go-opentracing"; + rev = "6022d4d3ed39632fad842942bda1813a9b4f63c8"; + sha256 = "0gg9g2nxjf9almgzhx5sgqvbcx4zwvs873nl1d62jb6kqhsr8sjd"; + }; + } + { + goPackagePath = "github.com/pierrec/lz4"; + fetch = { + type = "git"; + url = "https://github.com/pierrec/lz4"; + rev = "5c9560bfa9ace2bf86080bf40d46b34ae44604df"; + sha256 = "0j74a3xc48ispj8sb9c2sd1h53q99ws0f2x827b5p86xlpam8xyj"; + }; + } + { + goPackagePath = "github.com/prometheus/procfs"; + fetch = { + type = "git"; + url = "https://github.com/prometheus/procfs"; + rev = "a1dba9ce8baed984a2495b658c82687f8157b98f"; + sha256 = "1k2460bjzsm238sqx7wi42bym5bk7ybdr4qadk9szdbv65hh8vf6"; + }; + } + { + goPackagePath = "github.com/rcrowley/go-metrics"; + fetch = { + type = "git"; + url = "https://github.com/rcrowley/go-metrics"; + rev = "1f30fe9094a513ce4c700b9a54458bbb0c96996c"; + sha256 = "1hvbiaq4b6dqgjz6jkkxglfh9gf71zin6qsg508sh0r0ixfavrzj"; + }; + } + { + goPackagePath = "github.com/Shopify/sarama"; + fetch = { + type = "git"; + url = "https://github.com/Shopify/sarama"; + rev = "1416bd78f804d523005322194994f08c2a0ad797"; + sha256 = "1skfkb1yhwf8w2n31dawr1kk145h3nwdf7xmm6yrwn69vbv8jqns"; + }; + } + { + goPackagePath = "github.com/apache/thrift"; + fetch = { + type = "git"; + url = "https://github.com/apache/thrift"; + rev = "655b9b6ef86c45b423a194abee2a9cd057a16a74"; + sha256 = "1kagirgxy2a9iabm8i32i5hdr36v5p0h651bsbyr0l99970myqfp"; + }; + } + { + goPackagePath = "github.com/beorn7/perks"; + fetch = { + type = "git"; + url = "https://github.com/beorn7/perks"; + rev = "4c0e84591b9aa9e6dcfdf3e020114cd81f89d5f9"; + sha256 = "1hrybsql68xw57brzj805xx2mghydpdiysv3gbhr7f5wlxj2514y"; + }; + } + { + goPackagePath = "github.com/coreos/etcd"; + fetch = { + type = "git"; + url = "https://github.com/coreos/etcd"; + rev = "2533c2a50c4b6114ad6fd4c0000175fac3b6ee06"; + sha256 = "0z8byms8hfn7ncq8sqcw9avn9nfal5hw75ckbladd6gzjc8jay02"; + }; + } + { + goPackagePath = "github.com/davecgh/go-spew"; + fetch = { + type = "git"; + url = "https://github.com/davecgh/go-spew"; + rev = "346938d642f2ec3594ed81d874461961cd0faa76"; + sha256 = "0d4jfmak5p6lb7n2r6yvf5p1zcw0l8j74kn55ghvr7zr7b7axm6c"; + }; + } + { + goPackagePath = "github.com/eapache/go-resiliency"; + fetch = { + type = "git"; + url = "https://github.com/eapache/go-resiliency"; + rev = "b86b1ec0dd4209a588dc1285cdd471e73525c0b3"; + sha256 = "1kzv95bh3nidm2cr7iv9lk3s2qiw1i17n8gyl2x6xk6qv8b0bc21"; + }; + } + { + goPackagePath = "github.com/gogo/protobuf"; + fetch = { + type = "git"; + url = "https://github.com/gogo/protobuf"; + rev = "d2e1ade2d719b78fe5b061b4c18a9f7111b5bdc8"; + sha256 = "1fh4jyxv1drh9jmadidrlszcnjp4zfazysbq5075lqd1mhq99lz0"; + }; + } + { + goPackagePath = "github.com/golang/protobuf"; + fetch = { + type = "git"; + url = "https://github.com/golang/protobuf"; + rev = "69b215d01a5606c843240eab4937eab3acee6530"; + sha256 = "1cy9jxqi6ba5qnjmvznlq49n2zzr5vqgky6pa9mckrbli8ssvzw7"; + }; + } + { + goPackagePath = "github.com/matttproud/golang_protobuf_extensions"; + fetch = { + type = "git"; + url = "https://github.com/matttproud/golang_protobuf_extensions"; + rev = "c12348ce28de40eed0136aa2b644d0ee0650e56c"; + sha256 = "1d0c1isd2lk9pnfq2nk0aih356j30k3h1gi2w0ixsivi5csl7jya"; + }; + } + { + goPackagePath = "github.com/pierrec/xxHash"; + fetch = { + type = "git"; + url = "https://github.com/pierrec/xxHash"; + rev = "5a004441f897722c627870a981d02b29924215fa"; + sha256 = "146ibrgvgh61jhbbv9wks0mabkci3s0m68sg6shmlv1yixkw6gja"; + }; + } + { + goPackagePath = "github.com/prometheus/client_golang"; + fetch = { + type = "git"; + url = "https://github.com/prometheus/client_golang"; + rev = "6ab3432d241cbe3cb7543da7e7e9a934c7e9fe76"; + sha256 = "19phcsvq1gn53af3nnh1lvvyzg8kpwribka9mszk18jv7l6nq9mf"; + }; + } + { + goPackagePath = "github.com/prometheus/client_model"; + fetch = { + type = "git"; + url = "https://github.com/prometheus/client_model"; + rev = "6f3806018612930941127f2a7c6c453ba2c527d2"; + sha256 = "1413ibprinxhni51p0755dp57r9wvbw7xgj9nmdaxmhzlqhc86j4"; + }; + } + { + goPackagePath = "github.com/prometheus/common"; + fetch = { + type = "git"; + url = "https://github.com/prometheus/common"; + rev = "3007b6072c17c8d985734e6e19b1dea9174e13d3"; + sha256 = "0jpvnmzqbzy2krwzan7pp3bc8pj9f1qic98lqq4hanccr0g5cmk3"; + }; + } + { + goPackagePath = "github.com/ugorji/go"; + fetch = { + type = "git"; + url = "https://github.com/ugorji/go"; + rev = "c88ee250d0221a57af388746f5cf03768c21d6e2"; + sha256 = "0ylb5p5i9hln8chq8whk5iy8qypjpzyrp07zpwjd1zbf5nsm1nmv"; + }; + } + { + goPackagePath = "golang.org/x/net"; + fetch = { + type = "git"; + url = "https://go.googlesource.com/net"; + rev = "6b27048ae5e6ad1ef927e72e437531493de612fe"; + sha256 = "08zk0vavl7g6jzklhxhwrgcjh42mn2flbx2d2rxsblyxkbqri07j"; + }; + } + { + goPackagePath = "golang.org/x/sys"; + fetch = { + type = "git"; + url = "https://go.googlesource.com/sys"; + rev = "075e574b89e4c2d22f2286a7e2b919519c6f3547"; + sha256 = "1p38siwqcbd592lphaqpigl7scshkfy67k6jcwscbcsl6akw51km"; + }; + } +] diff --git a/nixpkgs/pkgs/servers/dns/dnsdist/default.nix b/nixpkgs/pkgs/servers/dns/dnsdist/default.nix new file mode 100644 index 000000000000..6757542050af --- /dev/null +++ b/nixpkgs/pkgs/servers/dns/dnsdist/default.nix @@ -0,0 +1,35 @@ +{ stdenv, fetchurl, pkgconfig, systemd +, boost, libsodium, libedit, re2 +, net_snmp, lua, protobuf, openssl }: stdenv.mkDerivation rec { + name = "dnsdist-${version}"; + version = "1.3.2"; + + src = fetchurl { + url = "https://downloads.powerdns.com/releases/dnsdist-${version}.tar.bz2"; + sha256 = "1i3b1vpk9a8zbx9aby2s1ckkzhlvzgn11hcgj3b8x2j1b9771rqb"; + }; + + nativeBuildInputs = [ pkgconfig ]; + buildInputs = [ systemd boost libsodium libedit re2 net_snmp lua protobuf openssl ]; + + configureFlags = [ + "--enable-libsodium" + "--enable-re2" + "--enable-dnscrypt" + "--enable-dns-over-tls" + "--with-protobuf=yes" + "--with-net-snmp" + "--disable-dependency-tracking" + "--enable-unit-tests" + "--enable-systemd" + ]; + + doCheck = true; + + meta = with stdenv.lib; { + description = "DNS Loadbalancer"; + homepage = "https://dnsdist.org"; + license = licenses.gpl2; + maintainers = with maintainers; [ das_j ]; + }; +} diff --git a/nixpkgs/pkgs/servers/dns/doh-proxy/default.nix b/nixpkgs/pkgs/servers/dns/doh-proxy/default.nix new file mode 100644 index 000000000000..ac44dbbf04d1 --- /dev/null +++ b/nixpkgs/pkgs/servers/dns/doh-proxy/default.nix @@ -0,0 +1,22 @@ +{ lib, python3Packages }: + +python3Packages.buildPythonApplication rec { + pname = "doh-proxy"; + version = "0.0.8"; + + src = python3Packages.fetchPypi { + inherit pname version; + sha256 = "0mfl84mcklby6cnsw29kpcxj7mh1cx5yw6mjs4sidr1psyni7x6c"; + }; + + propagatedBuildInputs = with python3Packages; + [ aioh2 dnspython aiohttp-remotes pytestrunner flake8 ]; + doCheck = false; # Trouble packaging unittest-data-provider + + meta = with lib; { + homepage = https://facebookexperimental.github.io/doh-proxy/; + description = "A proof of concept DNS-Over-HTTPS proxy"; + license = licenses.bsd3; + maintainers = [ maintainers.qyliss ]; + }; +} diff --git a/nixpkgs/pkgs/servers/dns/knot-dns/default.nix b/nixpkgs/pkgs/servers/dns/knot-dns/default.nix new file mode 100644 index 000000000000..2ff80906c01b --- /dev/null +++ b/nixpkgs/pkgs/servers/dns/knot-dns/default.nix @@ -0,0 +1,45 @@ +{ stdenv, fetchurl, pkgconfig, gnutls, liburcu, lmdb, libcap_ng, libidn2, libunistring +, systemd, nettle, libedit, zlib, libiconv, libintl +}: + +let inherit (stdenv.lib) optional optionals; in + +# Note: ATM only the libraries have been tested in nixpkgs. +stdenv.mkDerivation rec { + name = "knot-dns-${version}"; + version = "2.7.4"; + + src = fetchurl { + url = "https://secure.nic.cz/files/knot-dns/knot-${version}.tar.xz"; + sha256 = "0x7xx6jh4x8ljnvj30zh3n1zw5jkhla62dv9i75v0rwgrpxy5sxc"; + }; + + outputs = [ "bin" "out" "dev" ]; + + nativeBuildInputs = [ pkgconfig ]; + buildInputs = [ + gnutls liburcu libidn2 libunistring + nettle libedit + libiconv lmdb libintl + # without sphinx &al. for developer documentation + ] + ++ optionals stdenv.isLinux [ libcap_ng systemd ] + ++ optional stdenv.isDarwin zlib; # perhaps due to gnutls + + enableParallelBuilding = true; + + CFLAGS = [ "-O2" "-DNDEBUG" ]; + + doCheck = true; + doInstallCheck = false; # needs pykeymgr? + + postInstall = ''rm -r "$out"/var "$out"/lib/*.la''; + + meta = with stdenv.lib; { + description = "Authoritative-only DNS server from .cz domain registry"; + homepage = https://knot-dns.cz; + license = licenses.gpl3Plus; + platforms = platforms.unix; + maintainers = [ maintainers.vcunat ]; + }; +} diff --git a/nixpkgs/pkgs/servers/dns/knot-resolver/default.nix b/nixpkgs/pkgs/servers/dns/knot-resolver/default.nix new file mode 100644 index 000000000000..b4768f32bf16 --- /dev/null +++ b/nixpkgs/pkgs/servers/dns/knot-resolver/default.nix @@ -0,0 +1,87 @@ +{ stdenv, fetchurl, runCommand, pkgconfig, hexdump, which +, knot-dns, luajit, libuv, lmdb, gnutls, nettle +, cmocka, systemd, dns-root-data, makeWrapper +, extraFeatures ? false /* catch-all if defaults aren't enough */ +, luajitPackages +}: +let # un-indented, over the whole file + +result = if extraFeatures then wrapped-full else unwrapped; + +inherit (stdenv.lib) optional concatStringsSep; + +unwrapped = stdenv.mkDerivation rec { + name = "knot-resolver-${version}"; + version = "3.2.0"; + + src = fetchurl { + url = "https://secure.nic.cz/files/knot-resolver/${name}.tar.xz"; + sha256 = "924f1aebad04cacbc4545571239914d2c42e9253784c0df0f391dfad97c59f42"; + }; + + outputs = [ "out" "dev" ]; + + configurePhase = "patchShebangs scripts/"; + + nativeBuildInputs = [ pkgconfig which hexdump ]; + + # http://knot-resolver.readthedocs.io/en/latest/build.html#requirements + buildInputs = [ knot-dns luajit libuv gnutls nettle lmdb ] + ++ optional stdenv.isLinux systemd # sd_notify + ## optional dependencies; TODO: libedit, dnstap + ; + + checkInputs = [ cmocka ]; + + makeFlags = [ + "PREFIX=$(out)" + "ROOTHINTS=${dns-root-data}/root.hints" + "KEYFILE_DEFAULT=${dns-root-data}/root.ds" + ]; + CFLAGS = [ "-O2" "-DNDEBUG" ]; + + enableParallelBuilding = true; + + doCheck = true; + doInstallCheck = false; # FIXME + preInstallCheck = '' + patchShebangs tests/config/runtest.sh + ''; + + postInstall = '' + rm "$out"/etc/knot-resolver/root.hints # using system-wide instead + ''; + + meta = with stdenv.lib; { + description = "Caching validating DNS resolver, from .cz domain registry"; + homepage = https://knot-resolver.cz; + license = licenses.gpl3Plus; + # Platforms using negative pointers for stack won't work ATM due to LuaJIT impl. + platforms = filter (p: p != "aarch64-linux") platforms.unix; + maintainers = [ maintainers.vcunat /* upstream developer */ ]; + }; +}; + +wrapped-full = with luajitPackages; let + luaPkgs = [ + luasec luasocket # trust anchor bootstrap, prefill module + lfs # prefill module + # Almost all is for the 'http' module: + http cqueues fifo lpeg lpeg_patterns luaossl compat53 basexx + ]; + in runCommand unwrapped.name + { + nativeBuildInputs = [ makeWrapper ]; + preferLocalBuild = true; + allowSubstitutes = false; + } + '' + mkdir -p "$out/sbin" "$out/share" + makeWrapper '${unwrapped}/sbin/kresd' "$out"/sbin/kresd \ + --set LUA_PATH '${concatStringsSep ";" (map getLuaPath luaPkgs)}' \ + --set LUA_CPATH '${concatStringsSep ";" (map getLuaCPath luaPkgs)}' + ln -sr '${unwrapped}/share/man' "$out"/share/ + ln -sr "$out"/{sbin,bin} + ''; + +in result diff --git a/nixpkgs/pkgs/servers/dns/nsd/default.nix b/nixpkgs/pkgs/servers/dns/nsd/default.nix new file mode 100644 index 000000000000..8c0fc7377661 --- /dev/null +++ b/nixpkgs/pkgs/servers/dns/nsd/default.nix @@ -0,0 +1,61 @@ +{ stdenv, fetchurl, libevent, openssl +, bind8Stats ? false +, checking ? false +, ipv6 ? true +, mmap ? false +, minimalResponses ? true +, nsec3 ? true +, ratelimit ? false +, recvmmsg ? false +, rootServer ? false +, rrtypes ? false +, zoneStats ? false + +, configFile ? "etc/nsd/nsd.conf" +}: + +stdenv.mkDerivation rec { + name = "nsd-4.1.26"; + + src = fetchurl { + url = "https://www.nlnetlabs.nl/downloads/nsd/${name}.tar.gz"; + sha256 = "1x0mvj4872dzj1rr9adnchdm4dhn41xmc459p5j4s0r13m1l32lz"; + }; + + prePatch = '' + substituteInPlace nsd-control-setup.sh.in --replace openssl ${openssl}/bin/openssl + ''; + + buildInputs = [ libevent openssl ]; + + configureFlags = + let edf = c: o: if c then ["--enable-${o}"] else ["--disable-${o}"]; + in edf bind8Stats "bind8-stats" + ++ edf checking "checking" + ++ edf ipv6 "ipv6" + ++ edf mmap "mmap" + ++ edf minimalResponses "minimal-responses" + ++ edf nsec3 "nsec3" + ++ edf ratelimit "ratelimit" + ++ edf recvmmsg "recvmmsg" + ++ edf rootServer "root-server" + ++ edf rrtypes "draft-rrtypes" + ++ edf zoneStats "zone-stats" + ++ [ "--with-ssl=${openssl.dev}" + "--with-libevent=${libevent.dev}" + "--with-nsd_conf_file=${configFile}" + "--with-configdir=etc/nsd" + ]; + + patchPhase = '' + sed 's@$(INSTALL_DATA) nsd.conf.sample $(DESTDIR)$(nsdconfigfile).sample@@g' -i Makefile.in + ''; + + meta = with stdenv.lib; { + homepage = http://www.nlnetlabs.nl; + description = "Authoritative only, high performance, simple and open source name server"; + license = licenses.bsd3; + platforms = platforms.unix; + maintainers = [ maintainers.hrdinka ]; + }; +} diff --git a/nixpkgs/pkgs/servers/dns/pdns-recursor/default.nix b/nixpkgs/pkgs/servers/dns/pdns-recursor/default.nix new file mode 100644 index 000000000000..e4a4bcf5760a --- /dev/null +++ b/nixpkgs/pkgs/servers/dns/pdns-recursor/default.nix @@ -0,0 +1,38 @@ +{ stdenv, fetchurl, pkgconfig, boost +, openssl, systemd, lua, luajit, protobuf +, enableProtoBuf ? false +}: +assert enableProtoBuf -> protobuf != null; + +with stdenv.lib; + +stdenv.mkDerivation rec { + name = "pdns-recursor-${version}"; + version = "4.1.8"; + + src = fetchurl { + url = "https://downloads.powerdns.com/releases/pdns-recursor-${version}.tar.bz2"; + sha256 = "1xg5swappik8v5mjyl7magw7picf5cqp6rbhckd6ijssz16qzy38"; + }; + + nativeBuildInputs = [ pkgconfig ]; + buildInputs = [ + boost openssl systemd + lua luajit + ] ++ optional enableProtoBuf protobuf; + + configureFlags = [ + "--enable-reproducible" + "--with-systemd" + ]; + + enableParallelBuilding = true; + + meta = { + description = "A recursive DNS server"; + homepage = https://www.powerdns.com/; + platforms = platforms.linux; + license = licenses.gpl2; + maintainers = with maintainers; [ rnhmjoj ]; + }; +} diff --git a/nixpkgs/pkgs/servers/dns/powerdns/default.nix b/nixpkgs/pkgs/servers/dns/powerdns/default.nix new file mode 100644 index 000000000000..f9f94f002a36 --- /dev/null +++ b/nixpkgs/pkgs/servers/dns/powerdns/default.nix @@ -0,0 +1,52 @@ +{ stdenv, fetchurl, pkgconfig +, boost, libyamlcpp, libsodium, sqlite, protobuf, botan2 +, mysql57, postgresql, lua, openldap, geoip, curl, opendbx, unixODBC +}: + +stdenv.mkDerivation rec { + name = "powerdns-${version}"; + version = "4.1.5"; + + src = fetchurl { + url = "https://downloads.powerdns.com/releases/pdns-${version}.tar.bz2"; + sha256 = "12jgkdsh6hzaznq6y9y7hfdpjhnn7ar2qn7x706k9iyqcq55faf3"; + }; + + nativeBuildInputs = [ pkgconfig ]; + buildInputs = [ + boost mysql57.connector-c postgresql lua openldap sqlite protobuf geoip + libyamlcpp libsodium curl opendbx unixODBC botan2 + ]; + + patches = [ + # checksum type not found, maybe a dependency is to old? + ./skip-sha384-test.patch + ]; + + # nix destroy with-modules arguments, when using configureFlags + preConfigure = '' + configureFlagsArray=( + "--with-modules=bind gmysql geoip godbc gpgsql gsqlite3 ldap lua mydns opendbx pipe random remote" + --with-sqlite3 + --with-socketdir=/var/lib/powerdns + --enable-libsodium + --enable-botan + --enable-tools + --disable-dependency-tracking + --disable-silent-rules + --enable-reproducible + --enable-unit-tests + ) + ''; + + doCheck = true; + + meta = with stdenv.lib; { + description = "Authoritative DNS server"; + homepage = https://www.powerdns.com; + platforms = platforms.linux; + # cannot find postgresql libs on macos x + license = licenses.gpl2; + maintainers = with maintainers; [ mic92 disassembler ]; + }; +} diff --git a/nixpkgs/pkgs/servers/dns/powerdns/skip-sha384-test.patch b/nixpkgs/pkgs/servers/dns/powerdns/skip-sha384-test.patch new file mode 100644 index 000000000000..3fafb38c48fb --- /dev/null +++ b/nixpkgs/pkgs/servers/dns/powerdns/skip-sha384-test.patch @@ -0,0 +1,14 @@ +--- pdns-4.1.1.org/pdns/test-signers.cc 2018-02-17 11:43:15.953228279 +0000 ++++ pdns-4.1.1/pdns/test-signers.cc 2018-02-17 11:44:21.089516393 +0000 +@@ -212,11 +212,6 @@ + BOOST_CHECK_EQUAL(ds2.getZoneRepresentation(), signer.dsSHA256); + } + +- auto ds4 = makeDSFromDNSKey(name, drc, DNSSECKeeper::SHA384); +- if (!signer.dsSHA384.empty()) { +- BOOST_CHECK_EQUAL(ds4.getZoneRepresentation(), signer.dsSHA384); +- } +- + auto signature = dcke->sign(message); + BOOST_CHECK(dcke->verify(message, signature)); + |