upstream/openldap
1
0
Fork 0
mirror of https://git.openldap.org/openldap/openldap.git synced 2026-02-18 18:18:06 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
openldap/flake.nix
Greg Burd 2b5ad556ae WIP
2024-05-03 20:40:33 -04:00

203 lines
7.1 KiB
Nix
Raw Blame History

# flake.nix --
#
# A flake is simply a source tree (such as a Git repository) containing a file
# named flake.nix that provides a standardized interface to Nix artifacts such
# as packages or NixOS modules. Flakes can have dependencies on other flakes,
# with a “lock file” pinning those dependencies to exact revisions to ensure
# reproducible evaluation. This file describes a Nix source repository that
# provides development builds of Symas OpenLDAP and related builds libraries.
# It also provides a development environment for working on OpenLDAP, invoked
# with "nix develop".
#
# For more information about this and why this file is useful, see:
# https://nixos.wiki/wiki/Flakes
#
# Also look into direnv: https://direnv.net/, this can make it so that you can
# automatically get your environment set up when you change folders into the
# project.
#
# WARNING: currently, the packages provided by this flake are under development
# with no intended use in production systems or implied support in the future.
{
description = "OpenLDAP, an open-source implementation of the Lightweight Directory Access Protocol";
# Nixpkgs / NixOS version to use.
inputs = {
nixpkgs.url = "github:nixos/nixpkgs";
flake-utils.url = "github:numtide/flake-utils";
flake-compat = {
url = "github:edolstra/flake-compat";
flake = false;
};
};
outputs = { self, nixpkgs, flake-utils, flake-compat }:
let
# Grab a helper func out of the Nix language libraries. Annoyingly these
# are only accessible through legacyPackages right now, which forces us to
# indirect through a platform-specific path. The x86_64-linux in here
# doesn't really matter, since all we're grabbing is a pure Nix string
# manipulation function that doesn't build any software.
fileContents = nixpkgs.legacyPackages.x86_64-linux.lib.fileContents;
# The openldap flake takes a nixpkgs package set, and builds the services
# from the same commit as this flake. In other words, it provides "built
# from HEAD", where HEAD is "whatever commit you imported the flake at".
# Required to work with older version of flakes.
lastModifiedDate = self.lastModifiedDate or self.lastModified or "19700101";
# Generate a user-friendly version number (e.g. "1.2.3-20231027-DIRTY").
# version = "${builtins.readFile ./VERSION.txt}.${builtins.substring 0 8 (self.lastModifiedDate or "19700101")}.${self.shortRev or "DIRTY"}";
version = "${"2.6.6"}.${builtins.substring 0 8 (self.lastModifiedDate or "19700101")}.${self.shortRev or "DIRTY"}";
# System types to support.
supportedSystems = [ "x86_64-linux" "x86_64-darwin" "aarch64-linux" "aarch64-darwin" ]; # "ppc64le-linux"
# Helper function to generate an attrset '{ x86_64-linux = f "x86_64-linux"; ... }'.
forAllSystems = nixpkgs.lib.genAttrs supportedSystems;
# Nixpkgs instantiated for supported system types.
nixpkgsFor = forAllSystems (system: import nixpkgs { inherit system; overlays = [ self.overlay ]; });
in
{
# A Nixpkgs overlay.
overlay = final: prev: {
openldap = with final; stdenv.mkDerivation rec {
pname = "openldap";
inherit version;
src = ./.;
outputs = [
"out"
"dev"
"man"
"devdoc"
];
enableParallelBuilding = true;
nativeBuildInputs = [
# autoreconfHook
# pkgconfig
groff
];
buildInputs = [
(cyrus_sasl.override {
inherit openssl;
})
libsodium
libtool
openssl
] ++ lib.optionals (stdenv.isLinux) [
libxcrypt # causes linking issues on *-darwin
systemdMinimal
];
preConfigure = lib.optionalString (lib.versionAtLeast stdenv.hostPlatform.darwinMinVersion "11") ''
MACOSX_DEPLOYMENT_TARGET=10.16
'';
configureFlags = [
"--enable-argon2"
"--enable-crypt"
"--enable-modules"
"--enable-overlays"
] ++ lib.optionals (stdenv.hostPlatform != stdenv.buildPlatform) [
"--with-yielding_select=yes"
"ac_cv_func_memcmp_working=yes"
] ++ lib.optional stdenv.isFreeBSD "--with-pic";
env.NIX_CFLAGS_COMPILE = toString [ "-DLDAPI_SOCK=\"/run/openldap/ldapi\"" ];
makeFlags= [
"CC=${stdenv.cc.targetPrefix}cc"
"STRIP=" # Disable install stripping as it breaks cross-compiling. We strip binaries anyway in fixupPhase.
"STRIP_OPTS="
"prefix=${placeholder "out"}"
"sysconfdir=/etc"
"systemdsystemunitdir=${placeholder "out"}/lib/systemd/system"
# contrib modules require these
"moduledir=${placeholder "out"}/lib/modules"
"mandir=${placeholder "out"}/share/man"
];
extraContribModules = [
# https://git.openldap.org/openldap/openldap/-/tree/master/contrib/slapd-modules
"passwd/sha2"
"passwd/pbkdf2"
"passwd/totp"
];
postBuild = ''
for module in $extraContribModules; do
make $makeFlags CC=$CC -C contrib/slapd-modules/$module
done
'';
preCheck = ''
substituteInPlace tests/scripts/all \
--replace "/bin/rm" "rm"
'';
};
doCheck = true;
# The directory is empty and serve no purpose.
preFixup = ''
rm -r $out/var
'';
installFlags = [
"prefix=${placeholder "out"}"
"sysconfdir=${placeholder "out"}/etc"
"moduledir=${placeholder "out"}/lib/modules"
"INSTALL=install"
];
postInstall = ''
for module in $extraContribModules; do
make $installFlags install -C contrib/slapd-modules/$module
done
chmod +x "$out"/lib/*.{so,dylib}
'';
# passthru.tests = {
# inherit (nixosTests) openldap;
# };
};
# Provide some binary packages for selected system types.
packages = forAllSystems (system:
{
inherit (nixpkgsFor.${system}) openldap;
});
defaultPackage = forAllSystems (system: self.packages.${system}.openldap);
nixosConfigurations.container = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules =
[ ({ pkgs, ... }: {
boot.isContainer = true;
# Let 'nixos-version --json' know about the Git revision of this
# flake.
system.configurationRevision = nixpkgs.lib.mkIf (self ? rev) self.rev;
# Network configuration.
networking.useDHCP = false;
networking.firewall.allowedTCPPorts = [ 636 ];
})
];
};
};
}
Reference in a new issue View git blame Copy permalink