about summary refs log tree commit diff
path: root/nixpkgs/pkgs/tools/networking/haproxy/default.nix
diff options
context:
space:
mode:
Diffstat (limited to 'nixpkgs/pkgs/tools/networking/haproxy/default.nix')
-rw-r--r--nixpkgs/pkgs/tools/networking/haproxy/default.nix62
1 files changed, 35 insertions, 27 deletions
diff --git a/nixpkgs/pkgs/tools/networking/haproxy/default.nix b/nixpkgs/pkgs/tools/networking/haproxy/default.nix
index e76317b7c43e..ce275eca6783 100644
--- a/nixpkgs/pkgs/tools/networking/haproxy/default.nix
+++ b/nixpkgs/pkgs/tools/networking/haproxy/default.nix
@@ -1,39 +1,44 @@
 { useLua ? true
 , usePcre ? true
-# QUIC "is currently supported as an experimental feature" so shouldn't be enabled by default
-, useQuicTls ? false
 , withPrometheusExporter ? true
+, sslLibrary ? "quictls"
 , stdenv
 , lib
 , fetchurl
 , nixosTests
 , zlib
 , libxcrypt
-, openssl ? null
-, quictls ? null
-, lua5_3 ? null
-, pcre ? null
-, systemd ? null
+, wolfssl
+, libressl
+, quictls
+, openssl
+, lua5_4
+, pcre2
+, systemd
 }:
 
-assert useLua -> lua5_3 != null;
-assert usePcre -> pcre != null;
-assert useQuicTls -> quictls != null;
-assert !useQuicTls -> openssl != null;
-
-let sslPkg = if useQuicTls then quictls else openssl;
+assert lib.assertOneOf "sslLibrary" sslLibrary [ "quictls" "openssl" "libressl" "wolfssl" ];
+let
+  sslPkgs = {
+    inherit quictls openssl libressl;
+    wolfssl = wolfssl.override {
+      variant = "haproxy";
+      extraConfigureFlags = [ "--enable-quic" ];
+    };
+  };
+  sslPkg = sslPkgs.${sslLibrary};
 in stdenv.mkDerivation (finalAttrs: {
   pname = "haproxy";
-  version = "2.9.2";
+  version = "2.9.4";
 
   src = fetchurl {
     url = "https://www.haproxy.org/download/${lib.versions.majorMinor finalAttrs.version}/src/haproxy-${finalAttrs.version}.tar.gz";
-    hash = "sha256-hRrugw7CjBeRJGqf1EePZD0RWlY92Qf2YSzDgalSqzw=";
+    hash = "sha256-nDiSzDwISsTwASXvIqFRzxgUFthKqKN69q9qoDmQlrw=";
   };
 
   buildInputs = [ sslPkg zlib libxcrypt ]
-    ++ lib.optional useLua lua5_3
-    ++ lib.optional usePcre pcre
+    ++ lib.optional useLua lua5_4
+    ++ lib.optional usePcre pcre2
     ++ lib.optional stdenv.isLinux systemd;
 
   # TODO: make it work on bsd as well
@@ -46,20 +51,23 @@ in stdenv.mkDerivation (finalAttrs: {
   ];
 
   buildFlags = [
-    "USE_OPENSSL=yes"
-    "SSL_LIB=${sslPkg}/lib"
-    "SSL_INC=${sslPkg}/include"
     "USE_ZLIB=yes"
-  ] ++ lib.optionals useQuicTls [
-    "USE_QUIC=1"
+    "USE_OPENSSL=yes"
+    "SSL_INC=${lib.getDev sslPkg}/include"
+    "SSL_LIB=${lib.getDev sslPkg}/lib"
+    "USE_QUIC=yes"
+  ] ++ lib.optionals (sslLibrary == "openssl") [
+    "USE_QUIC_OPENSSL_COMPAT=yes"
+  ] ++ lib.optionals (sslLibrary == "wolfssl") [
+    "USE_OPENSSL_WOLFSSL=yes"
   ] ++ lib.optionals usePcre [
-    "USE_PCRE=yes"
-    "USE_PCRE_JIT=yes"
+    "USE_PCRE2=yes"
+    "USE_PCRE2_JIT=yes"
   ] ++ lib.optionals useLua [
     "USE_LUA=yes"
     "LUA_LIB_NAME=lua"
-    "LUA_LIB=${lua5_3}/lib"
-    "LUA_INC=${lua5_3}/include"
+    "LUA_LIB=${lua5_4}/lib"
+    "LUA_INC=${lua5_4}/include"
   ] ++ lib.optionals stdenv.isLinux [
     "USE_SYSTEMD=yes"
     "USE_GETADDRINFO=1"
@@ -84,7 +92,7 @@ in stdenv.mkDerivation (finalAttrs: {
       tens of thousands of connections is clearly realistic with todays
       hardware.
     '';
-    maintainers = with lib.maintainers; [ ];
+    maintainers = with lib.maintainers; [ vifino ];
     platforms = with lib.platforms; linux ++ darwin;
     mainProgram = "haproxy";
   };
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-06-29 07:20:30 +0000