diff options
author | Daniel Barlow <dan@telent.net> | 2018-02-20 16:40:39 +0000 |
---|---|---|
committer | Daniel Barlow <dan@telent.net> | 2018-02-20 22:02:34 +0000 |
commit | 9cdb7fe72285db3369039017c5aa935cccba305d (patch) | |
tree | f05356ab8bffc10b308d963848024b7c14b3f355 /pkgs/tools | |
parent | e27ad00f85408687d61b41b9f49410fe86c7602a (diff) | |
download | nixlib-9cdb7fe72285db3369039017c5aa935cccba305d.tar nixlib-9cdb7fe72285db3369039017c5aa935cccba305d.tar.gz nixlib-9cdb7fe72285db3369039017c5aa935cccba305d.tar.bz2 nixlib-9cdb7fe72285db3369039017c5aa935cccba305d.tar.lz nixlib-9cdb7fe72285db3369039017c5aa935cccba305d.tar.xz nixlib-9cdb7fe72285db3369039017c5aa935cccba305d.tar.zst nixlib-9cdb7fe72285db3369039017c5aa935cccba305d.zip |
monit: cross-compile, and make openssl optional
Upstream Monit optionally uses OpenSSL to provide TLS support in its builtin admin web server. Being able to turn off SSL in Nixpkgs' monit derivation makes it much easier to build Monit on embedded systems. Security implication: if you choose not to build in openssl then you should probably configure Monit to allow access only from localhost.
Diffstat (limited to 'pkgs/tools')
-rw-r--r-- | pkgs/tools/system/monit/default.nix | 23 |
1 files changed, 16 insertions, 7 deletions
diff --git a/pkgs/tools/system/monit/default.nix b/pkgs/tools/system/monit/default.nix index 71a4db63c84f..12a0a6f1b99e 100644 --- a/pkgs/tools/system/monit/default.nix +++ b/pkgs/tools/system/monit/default.nix @@ -1,5 +1,7 @@ -{stdenv, fetchurl, openssl, bison, flex, pam, zlib, usePAM ? stdenv.isLinux }: - +{stdenv, fetchurl, openssl, bison, flex, pam, zlib, usePAM ? stdenv.isLinux + , buildPlatform, hostPlatform }: +let useSSL = (openssl != null); + isCross = ( buildPlatform != hostPlatform ) ; in stdenv.mkDerivation rec { name = "monit-5.23.0"; @@ -9,12 +11,19 @@ stdenv.mkDerivation rec { }; nativeBuildInputs = [ bison flex ]; - buildInputs = [ openssl zlib.dev ] ++ stdenv.lib.optionals usePAM [ pam ]; + buildInputs = [ zlib.dev ] ++ + stdenv.lib.optionals useSSL [ openssl ] ++ + stdenv.lib.optionals usePAM [ pam ]; - configureFlags = [ - "--with-ssl-incl-dir=${openssl.dev}/include" - "--with-ssl-lib-dir=${openssl.out}/lib" - ] ++ stdenv.lib.optionals (! usePAM) [ "--without-pam" ]; + configureFlags = + if useSSL then [ + "--with-ssl-incl-dir=${openssl.dev}/include" + "--with-ssl-lib-dir=${openssl.out}/lib" + ] else [ "--without-ssl" ] ++ + stdenv.lib.optionals (! usePAM) [ "--without-pam" ] ++ + # will need to check both these are true for musl + stdenv.lib.optionals isCross [ "libmonit_cv_setjmp_available=yes" + "libmonit_cv_vsnprintf_c99_conformant=yes"]; meta = { homepage = http://mmonit.com/monit/; |