From fd56648a04dbd61dc7f5e20b843c8a6a3baccef4 Mon Sep 17 00:00:00 2001 From: Vladimír Čunát Date: Fri, 22 Sep 2017 11:27:59 +0200 Subject: knot-resolver: 1.3.3 -> 1.4.0 Also drop rarely used dependencies, by default, and utilize root server addresses from nixpkgs. --- pkgs/servers/dns/knot-resolver/default.nix | 52 ++++++++++++++++-------------- 1 file changed, 27 insertions(+), 25 deletions(-) (limited to 'pkgs/servers') diff --git a/pkgs/servers/dns/knot-resolver/default.nix b/pkgs/servers/dns/knot-resolver/default.nix index 390bf43d4d62..6130550917e6 100644 --- a/pkgs/servers/dns/knot-resolver/default.nix +++ b/pkgs/servers/dns/knot-resolver/default.nix @@ -1,20 +1,20 @@ { stdenv, fetchurl, pkgconfig, hexdump, which -, knot-dns, luajit, libuv, lmdb -, cmocka, systemd, hiredis, libmemcached -, gnutls, nettle -, luajitPackages, makeWrapper +, knot-dns, luajit, libuv, lmdb, gnutls, nettle +, cmocka, systemd, dns-root-data, makeWrapper +, extraFeatures ? false /* catch-all if defaults aren't enough */ +, hiredis, libmemcached, luajitPackages }: let - inherit (stdenv.lib) optional; + inherit (stdenv.lib) optional optionals optionalString; in stdenv.mkDerivation rec { name = "knot-resolver-${version}"; - version = "1.3.3"; + version = "1.4.0"; src = fetchurl { url = "http://secure.nic.cz/files/knot-resolver/${name}.tar.xz"; - sha256 = "c679238bea5744de8a99f4402a61e9e58502bc42b40ecfa370e53679ed5d5b80"; + sha256 = "ac19c121fd687c7e4f5f907b46932d26f8f9d9e01626c4dadb3847e25ea31ceb"; }; outputs = [ "out" "dev" ]; @@ -23,18 +23,17 @@ stdenv.mkDerivation rec { nativeBuildInputs = [ pkgconfig which makeWrapper hexdump ]; - buildInputs = [ knot-dns luajit libuv gnutls ] + # http://knot-resolver.readthedocs.io/en/latest/build.html#requirements + buildInputs = [ knot-dns luajit libuv gnutls nettle ] ++ optional stdenv.isLinux lmdb # system lmdb causes some problems on Darwin - ## optional dependencies; TODO: libedit, dnstap? ++ optional doInstallCheck cmocka - ++ optional stdenv.isLinux systemd # socket activation - ++ [ - nettle # DNS cookies + ++ optional stdenv.isLinux systemd # sd_notify + ++ optionals extraFeatures [ hiredis libmemcached # additional cache backends - # http://knot-resolver.readthedocs.io/en/latest/build.html#requirements ]; + ## optional dependencies; TODO: libedit, dnstap, http2 module? - makeFlags = [ "PREFIX=$(out)" ]; + makeFlags = [ "PREFIX=$(out)" "ROOTHINTS=${dns-root-data}/root.hints" ]; CFLAGS = [ "-O2" "-DNDEBUG" ]; enableParallelBuilding = true; @@ -45,18 +44,21 @@ stdenv.mkDerivation rec { export LD_LIBRARY_PATH="$out/lib" ''; + postInstall = '' + rm "$out"/etc/kresd/root.hints # using system-wide instead + '' # optional: to allow auto-bootstrapping root trust anchor via https - postInstall = with luajitPackages; '' - wrapProgram "$out/sbin/kresd" \ - --set LUA_PATH '${ - stdenv.lib.concatStringsSep ";" - (map getLuaPath [ luasec luasocket ]) - }' \ - --set LUA_CPATH '${ - stdenv.lib.concatStringsSep ";" - (map getLuaCPath [ luasec luasocket ]) - }' - ''; + + (with luajitPackages; '' + wrapProgram "$out/sbin/kresd" \ + --set LUA_PATH '${ + stdenv.lib.concatStringsSep ";" + (map getLuaPath [ luasec luasocket ]) + }' \ + --set LUA_CPATH '${ + stdenv.lib.concatStringsSep ";" + (map getLuaCPath [ luasec luasocket ]) + }' + ''); meta = with stdenv.lib; { description = "Caching validating DNS resolver, from .cz domain registry"; -- cgit 1.4.1