diff options
Diffstat (limited to 'nixpkgs/pkgs/servers/http/nginx/generic.nix')
-rw-r--r-- | nixpkgs/pkgs/servers/http/nginx/generic.nix | 41 |
1 files changed, 32 insertions, 9 deletions
diff --git a/nixpkgs/pkgs/servers/http/nginx/generic.nix b/nixpkgs/pkgs/servers/http/nginx/generic.nix index fa711d1dff4f..f3c4a31bc855 100644 --- a/nixpkgs/pkgs/servers/http/nginx/generic.nix +++ b/nixpkgs/pkgs/servers/http/nginx/generic.nix @@ -1,7 +1,8 @@ -{ lib, stdenv, fetchurl, fetchpatch, openssl, zlib, pcre, libxml2, libxslt +outer@{ lib, stdenv, fetchurl, fetchpatch, openssl, zlib, pcre, libxml2, libxslt +, nginx-doc , nixosTests -, substituteAll, gd, geoip, perl +, substituteAll, removeReferencesTo, gd, geoip, perl , withDebug ? false , withKTLS ? false , withStream ? true @@ -18,10 +19,12 @@ , sha256 ? null # when not specifying src , configureFlags ? [] , buildInputs ? [] +, extraPatches ? [] , fixPatch ? p: p , preConfigure ? "" -, postInstall ? null +, postInstall ? "" , meta ? null +, nginx-doc ? outer.nginx-doc , passthru ? { tests = {}; } }: @@ -43,6 +46,8 @@ stdenv.mkDerivation { inherit version; inherit nginxVersion; + outputs = ["out" "doc"]; + src = if src != null then src else fetchurl { url = "https://nginx.org/download/nginx-${version}.tar.gz"; inherit sha256; @@ -106,12 +111,19 @@ stdenv.mkDerivation { NIX_CFLAGS_COMPILE = toString ([ "-I${libxml2.dev}/include/libxml2" "-Wno-error=implicit-fallthrough" + ] ++ optionals (stdenv.cc.isGNU && lib.versionAtLeast stdenv.cc.version "11") [ + # fix build vts module on gcc11 + "-Wno-error=stringop-overread" ] ++ optional stdenv.isDarwin "-Wno-error=deprecated-declarations"); configurePlatforms = []; - preConfigure = preConfigure - + concatMapStringsSep "\n" (mod: mod.preConfigure or "") modules; + # Disable _multioutConfig hook which adds --bindir=$out/bin into configureFlags, + # which breaks build, since nginx does not actually use autoconf. + preConfigure = '' + setOutputFlags= + '' + preConfigure + + concatMapStringsSep "\n" (mod: mod.preConfigure or "") modules; patches = map fixPatch ([ (substituteAll { @@ -134,20 +146,31 @@ stdenv.mkDerivation { url = "https://raw.githubusercontent.com/openwrt/packages/c057dfb09c7027287c7862afab965a4cd95293a3/net/nginx/patches/103-sys_nerr.patch"; sha256 = "0s497x6mkz947aw29wdy073k8dyjq8j99lax1a1mzpikzr4rxlmd"; }) - ] ++ mapModules "patches"); + ] ++ mapModules "patches") + ++ extraPatches; hardeningEnable = optional (!stdenv.isDarwin) "pie"; enableParallelBuilding = true; - postInstall = if postInstall != null then postInstall else '' - mv $out/sbin $out/bin + preInstall = '' + mkdir -p $doc + cp -r ${nginx-doc}/* $doc ''; + nativeBuildInputs = [ removeReferencesTo ]; + + disallowedReferences = map (m: m.src) modules; + + postInstall = + let + noSourceRefs = lib.concatMapStrings (m: "remove-references-to -t ${m.src} $out/sbin/nginx\n") modules; + in noSourceRefs + postInstall; + passthru = { modules = modules; tests = { - inherit (nixosTests) nginx nginx-auth nginx-etag nginx-pubhtml nginx-sandbox nginx-sso; + inherit (nixosTests) nginx nginx-auth nginx-etag nginx-http3 nginx-pubhtml nginx-sandbox nginx-sso; variants = lib.recurseIntoAttrs nixosTests.nginx-variants; acme-integration = nixosTests.acme; } // passthru.tests; |