about summary refs log tree commit diff
path: root/pkgs/servers/dns/knot-dns/default.nix
diff options
context:
space:
mode:
authorJörg Thalheim <joerg@thalheim.io>2020-02-07 15:21:12 +0000
committerJörg Thalheim <joerg@thalheim.io>2020-02-12 16:27:38 +0000
commit6adc09ed308e088481728c7f25ecabf609764254 (patch)
treeb5a67f0f1fc365d33cf30f268b8b5ee2e3b7c908 /pkgs/servers/dns/knot-dns/default.nix
parentebf837e07ff709f91dc2cb15690e6b3698b4950f (diff)
downloadnixlib-6adc09ed308e088481728c7f25ecabf609764254.tar
nixlib-6adc09ed308e088481728c7f25ecabf609764254.tar.gz
nixlib-6adc09ed308e088481728c7f25ecabf609764254.tar.bz2
nixlib-6adc09ed308e088481728c7f25ecabf609764254.tar.lz
nixlib-6adc09ed308e088481728c7f25ecabf609764254.tar.xz
nixlib-6adc09ed308e088481728c7f25ecabf609764254.tar.zst
nixlib-6adc09ed308e088481728c7f25ecabf609764254.zip
knot: put runtime paths outside the nix store
Otherwise knot tries to write to non-writable directories.
This for example breaks dnssec signing.
While it's possible to overwrite these path in the configuration,
having a sane defaults is nicer.
Diffstat (limited to 'pkgs/servers/dns/knot-dns/default.nix')
-rw-r--r--pkgs/servers/dns/knot-dns/default.nix19
1 files changed, 17 insertions, 2 deletions
diff --git a/pkgs/servers/dns/knot-dns/default.nix b/pkgs/servers/dns/knot-dns/default.nix
index c3d63a54ac0d..234a39574506 100644
--- a/pkgs/servers/dns/knot-dns/default.nix
+++ b/pkgs/servers/dns/knot-dns/default.nix
@@ -1,5 +1,6 @@
 { stdenv, fetchurl, pkgconfig, gnutls, liburcu, lmdb, libcap_ng, libidn2, libunistring
 , systemd, nettle, libedit, zlib, libiconv, libintl
+, autoreconfHook
 }:
 
 let inherit (stdenv.lib) optional optionals; in
@@ -16,7 +17,19 @@ stdenv.mkDerivation rec {
 
   outputs = [ "bin" "out" "dev" ];
 
-  nativeBuildInputs = [ pkgconfig ];
+  configureFlags = [
+    "--with-configdir=/etc/knot"
+    "--with-rundir=/run/knot"
+    "--with-storage=/var/lib/knot"
+  ];
+
+  patches = [
+    # Don't try to create directories like /var/lib/knot at build time.
+    # They are later created from NixOS itself.
+    ./dont-create-run-time-dirs.patch
+  ];
+
+  nativeBuildInputs = [ pkgconfig autoreconfHook ];
   buildInputs = [
     gnutls liburcu libidn2 libunistring
     nettle libedit
@@ -33,7 +46,9 @@ stdenv.mkDerivation rec {
   doCheck = true;
   doInstallCheck = false; # needs pykeymgr?
 
-  postInstall = ''rm -r "$out"/var "$out"/lib/*.la'';
+  postInstall = ''
+    rm -r "$out"/lib/*.la
+  '';
 
   meta = with stdenv.lib; {
     description = "Authoritative-only DNS server from .cz domain registry";
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-07-16 15:53:29 +0000