2020-06-09 18:56:27 +01:00
|
|
|
{ lib, buildPackages ? { inherit stdenvNoCC; }, stdenvNoCC
|
|
|
|
, curl # Note that `curl' may be `null', in case of the native stdenvNoCC.
|
|
|
|
, cacert ? null }:
|
2005-02-21 15:52:37 +00:00
|
|
|
|
2008-08-22 16:53:21 +01:00
|
|
|
let
|
|
|
|
|
|
|
|
mirrors = import ./mirrors.nix;
|
|
|
|
|
|
|
|
# Write the list of mirrors to a file that we can reuse between
|
|
|
|
# fetchurl instantiations, instead of passing the mirrors to
|
|
|
|
# fetchurl instantiations via environment variables. This makes the
|
|
|
|
# resulting store derivations (.drv files) much smaller, which in
|
|
|
|
# turn makes nix-env/nix-instantiate faster.
|
|
|
|
mirrorsFile =
|
2019-10-28 00:05:48 +00:00
|
|
|
buildPackages.stdenvNoCC.mkDerivation ({
|
2008-08-22 16:53:21 +01:00
|
|
|
name = "mirrors-list";
|
|
|
|
builder = ./write-mirror-list.sh;
|
2015-02-22 19:26:39 +00:00
|
|
|
preferLocalBuild = true;
|
2008-08-22 16:53:21 +01:00
|
|
|
} // mirrors);
|
|
|
|
|
|
|
|
# Names of the master sites that are mirrored (i.e., "sourceforge",
|
|
|
|
# "gnu", etc.).
|
2013-02-06 14:00:33 +00:00
|
|
|
sites = builtins.attrNames mirrors;
|
2008-08-22 16:53:21 +01:00
|
|
|
|
2018-02-17 18:44:43 +00:00
|
|
|
impureEnvVars = lib.fetchers.proxyImpureEnvVars ++ [
|
2012-08-13 05:01:41 +01:00
|
|
|
# This variable allows the user to pass additional options to curl
|
|
|
|
"NIX_CURL_FLAGS"
|
|
|
|
|
|
|
|
# This variable allows the user to override hashedMirrors from the
|
|
|
|
# command-line.
|
|
|
|
"NIX_HASHED_MIRRORS"
|
2013-02-06 14:15:28 +00:00
|
|
|
|
|
|
|
# This variable allows overriding the timeout for connecting to
|
|
|
|
# the hashed mirrors.
|
|
|
|
"NIX_CONNECT_TIMEOUT"
|
2012-08-13 05:01:41 +01:00
|
|
|
] ++ (map (site: "NIX_MIRRORS_${site}") sites);
|
|
|
|
|
2008-08-22 16:53:21 +01:00
|
|
|
in
|
2013-02-06 14:00:33 +00:00
|
|
|
|
2007-08-23 16:22:30 +01:00
|
|
|
{ # URL to fetch.
|
|
|
|
url ? ""
|
|
|
|
|
|
|
|
, # Alternatively, a list of URLs specifying alternative download
|
|
|
|
# locations. They are tried in order.
|
|
|
|
urls ? []
|
|
|
|
|
2013-05-16 09:18:12 +01:00
|
|
|
, # Additional curl options needed for the download to succeed.
|
|
|
|
curlOpts ? ""
|
|
|
|
|
2007-08-23 16:22:30 +01:00
|
|
|
, # Name of the file. If empty, use the basename of `url' (or of the
|
|
|
|
# first element of `urls').
|
|
|
|
name ? ""
|
|
|
|
|
2019-07-11 14:48:05 +01:00
|
|
|
, # SRI hash.
|
|
|
|
hash ? ""
|
|
|
|
|
|
|
|
, # Legacy ways of specifying the hash.
|
|
|
|
outputHash ? ""
|
2007-08-23 16:22:30 +01:00
|
|
|
, outputHashAlgo ? ""
|
|
|
|
, md5 ? ""
|
|
|
|
, sha1 ? ""
|
|
|
|
, sha256 ? ""
|
2016-04-13 11:56:51 +01:00
|
|
|
, sha512 ? ""
|
2008-07-23 17:04:10 +01:00
|
|
|
|
2014-05-08 13:57:20 +01:00
|
|
|
, recursiveHash ? false
|
|
|
|
|
2017-05-19 20:38:01 +01:00
|
|
|
, # Shell code to build a netrc file for BASIC auth
|
|
|
|
netrcPhase ? null
|
|
|
|
|
2020-04-18 21:51:19 +01:00
|
|
|
, # Impure env vars (https://nixos.org/nix/manual/#sec-advanced-attributes)
|
2017-05-19 20:38:01 +01:00
|
|
|
# needed for netrcPhase
|
|
|
|
netrcImpureEnvVars ? []
|
|
|
|
|
2014-05-08 13:57:20 +01:00
|
|
|
, # Shell code executed after the file has been fetched
|
2014-05-09 16:25:59 +01:00
|
|
|
# successfully. This can do things like check or transform the file.
|
2014-05-08 13:57:20 +01:00
|
|
|
postFetch ? ""
|
|
|
|
|
|
|
|
, # Whether to download to a temporary path rather than $out. Useful
|
|
|
|
# in conjunction with postFetch. The location of the temporary file
|
|
|
|
# is communicated to postFetch via $downloadedFile.
|
|
|
|
downloadToTemp ? false
|
|
|
|
|
2016-01-19 10:17:49 +00:00
|
|
|
, # If true, set executable bit on downloaded file
|
|
|
|
executable ? false
|
|
|
|
|
2008-07-23 17:04:10 +01:00
|
|
|
, # If set, don't download the file, but write a list of all possible
|
|
|
|
# URLs (resulting from resolving mirror:// URLs) to $out.
|
|
|
|
showURLs ? false
|
2015-05-24 14:52:12 +01:00
|
|
|
|
|
|
|
, # Meta information, if any.
|
|
|
|
meta ? {}
|
2017-11-05 09:12:19 +00:00
|
|
|
|
|
|
|
# Passthru information, if any.
|
|
|
|
, passthru ? {}
|
2018-12-31 07:10:28 +00:00
|
|
|
# Doing the download on a remote machine just duplicates network
|
|
|
|
# traffic, so don't do that by default
|
|
|
|
, preferLocalBuild ? true
|
2007-08-23 16:22:30 +01:00
|
|
|
}:
|
|
|
|
|
2016-04-14 12:50:21 +01:00
|
|
|
assert sha512 != "" -> builtins.compareVersions "1.11" builtins.nixVersion <= 0;
|
2005-02-21 15:52:37 +00:00
|
|
|
|
2007-09-11 16:00:49 +01:00
|
|
|
let
|
2018-02-17 18:44:43 +00:00
|
|
|
urls_ =
|
|
|
|
if urls != [] && url == "" then
|
|
|
|
(if lib.isList urls then urls
|
|
|
|
else throw "`urls` is not a list")
|
2021-04-01 21:29:39 +01:00
|
|
|
else if urls == [] && url != "" then
|
|
|
|
(if lib.isString url then [url]
|
|
|
|
else throw "`url` is not a string")
|
2018-02-17 18:44:43 +00:00
|
|
|
else throw "fetchurl requires either `url` or `urls` to be set";
|
|
|
|
|
|
|
|
hash_ =
|
2019-07-11 14:48:05 +01:00
|
|
|
if hash != "" then { outputHashAlgo = null; outputHash = hash; }
|
|
|
|
else if md5 != "" then throw "fetchurl does not support md5 anymore, please use sha256 or sha512"
|
2018-02-17 18:44:43 +00:00
|
|
|
else if (outputHash != "" && outputHashAlgo != "") then { inherit outputHashAlgo outputHash; }
|
|
|
|
else if sha512 != "" then { outputHashAlgo = "sha512"; outputHash = sha512; }
|
|
|
|
else if sha256 != "" then { outputHashAlgo = "sha256"; outputHash = sha256; }
|
|
|
|
else if sha1 != "" then { outputHashAlgo = "sha1"; outputHash = sha1; }
|
2020-06-09 18:56:27 +01:00
|
|
|
else if cacert != null then { outputHashAlgo = "sha256"; outputHash = ""; }
|
|
|
|
else throw "fetchurl requires a hash for fixed-output derivation: ${lib.concatStringsSep ", " urls_}";
|
2010-05-03 10:13:17 +01:00
|
|
|
in
|
2010-04-30 21:40:42 +01:00
|
|
|
|
2018-02-17 18:44:43 +00:00
|
|
|
stdenvNoCC.mkDerivation {
|
2010-05-03 10:13:17 +01:00
|
|
|
name =
|
|
|
|
if showURLs then "urls"
|
|
|
|
else if name != "" then name
|
2014-05-09 14:50:40 +01:00
|
|
|
else baseNameOf (toString (builtins.head urls_));
|
2013-02-06 14:00:33 +00:00
|
|
|
|
2003-11-03 10:22:00 +00:00
|
|
|
builder = ./builder.sh;
|
2013-02-06 14:00:33 +00:00
|
|
|
|
2018-01-09 20:36:14 +00:00
|
|
|
nativeBuildInputs = [ curl ];
|
2005-02-21 15:52:37 +00:00
|
|
|
|
2010-05-03 10:13:17 +01:00
|
|
|
urls = urls_;
|
2007-08-23 16:22:30 +01:00
|
|
|
|
2007-08-27 13:44:01 +01:00
|
|
|
# If set, prefer the content-addressable mirrors
|
2013-06-25 13:05:48 +01:00
|
|
|
# (http://tarballs.nixos.org) over the original URLs.
|
2007-08-27 13:44:01 +01:00
|
|
|
preferHashedMirrors = true;
|
2007-08-23 16:22:30 +01:00
|
|
|
|
2005-02-21 15:52:37 +00:00
|
|
|
# New-style output content requirements.
|
2018-02-17 18:44:43 +00:00
|
|
|
inherit (hash_) outputHashAlgo outputHash;
|
2010-05-03 10:13:17 +01:00
|
|
|
|
2022-01-02 12:01:17 +00:00
|
|
|
SSL_CERT_FILE = if (hash_.outputHash == "" || hash_.outputHash == lib.fakeSha256 || hash_.outputHash == lib.fakeSha512 || hash_.outputHash == lib.fakeHash)
|
2020-06-09 18:56:27 +01:00
|
|
|
then "${cacert}/etc/ssl/certs/ca-bundle.crt"
|
|
|
|
else "/no-cert-file.crt";
|
|
|
|
|
2016-01-19 10:17:49 +00:00
|
|
|
outputHashMode = if (recursiveHash || executable) then "recursive" else "flat";
|
2014-05-08 13:57:20 +01:00
|
|
|
|
2017-05-19 20:38:01 +01:00
|
|
|
inherit curlOpts showURLs mirrorsFile postFetch downloadToTemp executable;
|
|
|
|
|
|
|
|
impureEnvVars = impureEnvVars ++ netrcImpureEnvVars;
|
2010-08-04 13:37:03 +01:00
|
|
|
|
2018-06-11 03:14:18 +01:00
|
|
|
nixpkgsVersion = lib.trivial.release;
|
2016-08-15 15:27:39 +01:00
|
|
|
|
2018-12-31 07:10:28 +00:00
|
|
|
inherit preferLocalBuild;
|
2015-05-24 14:52:12 +01:00
|
|
|
|
2017-05-19 20:38:01 +01:00
|
|
|
postHook = if netrcPhase == null then null else ''
|
|
|
|
${netrcPhase}
|
|
|
|
curlOpts="$curlOpts --netrc-file $PWD/netrc"
|
|
|
|
'';
|
|
|
|
|
2015-05-24 14:52:12 +01:00
|
|
|
inherit meta;
|
2017-11-05 09:12:19 +00:00
|
|
|
inherit passthru;
|
2010-05-03 10:13:17 +01:00
|
|
|
}
|