2 files changed, 116 insertions, 0 deletions
diff --git a/nixpkgs/pkgs/servers/dns/pdns/default.nix b/nixpkgs/pkgs/servers/dns/pdns/default.nix
new file mode 100644
index 000000000000..d4c664802aa3
--- /dev/null
+++ b/nixpkgs/pkgs/servers/dns/pdns/default.nix
@@ -0,0 +1,103 @@
+{ lib
+, stdenv
+, fetchurl
+, pkg-config
+, nixosTests
+, boost
+, yaml-cpp
+, libsodium
+, sqlite
+, protobuf
+, openssl
+, systemd
+, mariadb-connector-c
+, postgresql
+, lua
+, openldap
+, geoip
+, curl
+, unixODBC
+, lmdb
+, tinycdb
+}:
+
+stdenv.mkDerivation (finalAttrs: {
+  pname = "pdns";
+  version = "4.9.0";
+
+  src = fetchurl {
+    url = "https://downloads.powerdns.com/releases/pdns-${finalAttrs.version}.tar.bz2";
+    hash = "sha256-/h1UM8iERu1w2TFgXG7Dd9qZg5xOFRuQtxqiEb1u6pI=";
+  };
+  # redact configure flags from version output to reduce closure size
+  patches = [ ./version.patch ];
+
+  nativeBuildInputs = [ pkg-config ];
+  buildInputs = [
+    boost
+    mariadb-connector-c
+    postgresql
+    lua
+    openldap
+    sqlite
+    protobuf
+    geoip
+    yaml-cpp
+    libsodium
+    curl
+    unixODBC
+    openssl
+    systemd
+    lmdb
+    tinycdb
+  ];
+
+  # Configure phase requires 64-bit time_t even on 32-bit platforms.
+  env.NIX_CFLAGS_COMPILE = toString (lib.optionals stdenv.hostPlatform.is32bit [
+    "-D_TIME_BITS=64"
+    "-D_FILE_OFFSET_BITS=64"
+  ]);
+
+  configureFlags = [
+    "--disable-silent-rules"
+    "--enable-dns-over-tls"
+    "--enable-unit-tests"
+    "--enable-reproducible"
+    "--enable-tools"
+    "--enable-ixfrdist"
+    "--enable-systemd"
+    "--with-libsodium"
+    "--with-sqlite3"
+    "--with-libcrypto=${openssl.dev}"
+    "sysconfdir=/etc/pdns"
+  ];
+
+  # nix destroy with-modules arguments, when using configureFlags
+  preConfigure = ''
+    configureFlagsArray+=(
+      "--with-modules="
+      "--with-dynmodules=bind geoip gmysql godbc gpgsql gsqlite3 ldap lmdb lua2 pipe remote tinydns"
+    )
+  '';
+
+  # We want the various utilities to look for the powerdns config in
+  # /etc/pdns, but to actually install the sample config file in
+  # $out
+  installFlags = [ "sysconfdir=$(out)/etc/pdns" ];
+
+  enableParallelBuilding = true;
+  doCheck = true;
+
+  passthru.tests = {
+    nixos = nixosTests.powerdns;
+  };
+
+  meta = with lib; {
+    description = "Authoritative DNS server";
+    homepage = "https://www.powerdns.com";
+    platforms = platforms.unix;
+    broken = stdenv.isDarwin;
+    license = licenses.gpl2;
+    maintainers = with maintainers; [ mic92 disassembler nickcao ];
+  };
+})
diff --git a/nixpkgs/pkgs/servers/dns/pdns/version.patch b/nixpkgs/pkgs/servers/dns/pdns/version.patch
new file mode 100644
index 000000000000..185d07028833
--- /dev/null
+++ b/nixpkgs/pkgs/servers/dns/pdns/version.patch
@@ -0,0 +1,13 @@
+diff --git a/pdns/version.cc b/pdns/version.cc
+index d8f5d40..1368481 100644
+--- a/pdns/version.cc
++++ b/pdns/version.cc
+@@ -155,7 +155,7 @@ void showBuildConfiguration()
+ #ifdef PDNS_CONFIG_ARGS
+ #define double_escape(s) #s
+ #define escape_quotes(s) double_escape(s)
+-  g_log<<Logger::Warning<<"Configured with: "<<escape_quotes(PDNS_CONFIG_ARGS)<<endl;
++  g_log<<Logger::Warning<<"Configured with: "<<"redacted"<<endl;
+ #undef escape_quotes
+ #undef double_escape
+ #endif