forked from mirrors/nixpkgs
Merge pull request #90539 from r-ryantm/auto-update/fwupd
This commit is contained in:
commit
7c20a53506
|
@ -6,6 +6,23 @@ with lib;
|
|||
|
||||
let
|
||||
cfg = config.services.fwupd;
|
||||
|
||||
customEtc = {
|
||||
"fwupd/daemon.conf" = {
|
||||
source = pkgs.writeText "daemon.conf" ''
|
||||
[fwupd]
|
||||
BlacklistDevices=${lib.concatStringsSep ";" cfg.blacklistDevices}
|
||||
BlacklistPlugins=${lib.concatStringsSep ";" cfg.blacklistPlugins}
|
||||
'';
|
||||
};
|
||||
"fwupd/uefi.conf" = {
|
||||
source = pkgs.writeText "uefi.conf" ''
|
||||
[uefi]
|
||||
OverrideESPMountPoint=${config.boot.loader.efi.efiSysMountPoint}
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
||||
originalEtc =
|
||||
let
|
||||
mkEtcFile = n: nameValuePair n { source = "${cfg.package}/etc/${n}"; };
|
||||
|
@ -96,22 +113,8 @@ in {
|
|||
|
||||
environment.systemPackages = [ cfg.package ];
|
||||
|
||||
environment.etc = {
|
||||
"fwupd/daemon.conf" = {
|
||||
source = pkgs.writeText "daemon.conf" ''
|
||||
[fwupd]
|
||||
BlacklistDevices=${lib.concatStringsSep ";" cfg.blacklistDevices}
|
||||
BlacklistPlugins=${lib.concatStringsSep ";" cfg.blacklistPlugins}
|
||||
'';
|
||||
};
|
||||
"fwupd/uefi.conf" = {
|
||||
source = pkgs.writeText "uefi.conf" ''
|
||||
[uefi]
|
||||
OverrideESPMountPoint=${config.boot.loader.efi.efiSysMountPoint}
|
||||
'';
|
||||
};
|
||||
|
||||
} // originalEtc // extraTrustedKeys // testRemote;
|
||||
# customEtc overrides some files from the package
|
||||
environment.etc = originalEtc // customEtc // extraTrustedKeys // testRemote;
|
||||
|
||||
services.dbus.packages = [ cfg.package ];
|
||||
|
||||
|
|
|
@ -51,6 +51,7 @@
|
|||
, flashrom
|
||||
, tpm2-tools
|
||||
, nixosTests
|
||||
, runCommand
|
||||
}:
|
||||
|
||||
let
|
||||
|
@ -83,203 +84,232 @@ let
|
|||
# Experimental
|
||||
haveFlashrom = false;
|
||||
|
||||
in
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "fwupd";
|
||||
version = "1.4.2";
|
||||
|
||||
src = fetchurl {
|
||||
url = "https://people.freedesktop.org/~hughsient/releases/fwupd-${version}.tar.xz";
|
||||
sha256 = "1wch1n0z89ymfxx7ganiab4h64rdxr54rcg37n5nshw35bc3f390";
|
||||
};
|
||||
|
||||
# libfwupd goes to lib
|
||||
# daemon, plug-ins and libfwupdplugin go to out
|
||||
# CLI programs go to out
|
||||
outputs = [ "out" "lib" "dev" "devdoc" "man" "installedTests" ];
|
||||
|
||||
nativeBuildInputs = [
|
||||
meson
|
||||
ninja
|
||||
gtk-doc
|
||||
pkgconfig
|
||||
gobject-introspection
|
||||
intltool
|
||||
shared-mime-info
|
||||
valgrind
|
||||
gcab
|
||||
docbook_xml_dtd_43
|
||||
docbook_xsl
|
||||
help2man
|
||||
libxslt
|
||||
python
|
||||
wrapGAppsHook
|
||||
vala
|
||||
];
|
||||
|
||||
buildInputs = [
|
||||
polkit
|
||||
libxmlb
|
||||
gusb
|
||||
sqlite
|
||||
libarchive
|
||||
libsoup
|
||||
elfutils
|
||||
gnu-efi
|
||||
libyaml
|
||||
libgudev
|
||||
colord
|
||||
libjcat
|
||||
libuuid
|
||||
glib-networking
|
||||
json-glib
|
||||
umockdev
|
||||
bash-completion
|
||||
cairo
|
||||
freetype
|
||||
fontconfig
|
||||
pango
|
||||
tpm2-tss
|
||||
efivar
|
||||
] ++ stdenv.lib.optionals haveDell [
|
||||
libsmbios
|
||||
];
|
||||
|
||||
patches = [
|
||||
./fix-paths.patch
|
||||
./add-option-for-installation-sysconfdir.patch
|
||||
|
||||
# Install plug-ins and libfwupdplugin to out,
|
||||
# they are not really part of the library.
|
||||
./install-fwupdplugin-to-out.patch
|
||||
|
||||
# Installed tests are installed to different output
|
||||
# we also cannot have fwupd-tests.conf in $out/etc since it would form a cycle.
|
||||
(substituteAll {
|
||||
src = ./installed-tests-path.patch;
|
||||
# Needs a different set of modules than po/make-images.
|
||||
inherit installedTestsPython;
|
||||
})
|
||||
];
|
||||
|
||||
postPatch = ''
|
||||
patchShebangs \
|
||||
contrib/get-version.py \
|
||||
contrib/generate-version-script.py \
|
||||
meson_post_install.sh \
|
||||
po/make-images \
|
||||
po/make-images.sh \
|
||||
po/test-deps
|
||||
runPythonCommand = name: buildCommandPython: runCommand name {
|
||||
nativeBuildInputs = [ python3 ];
|
||||
inherit buildCommandPython;
|
||||
} ''
|
||||
exec python3 -c "$buildCommandPython"
|
||||
'';
|
||||
|
||||
# /etc/os-release not available in sandbox
|
||||
# doCheck = true;
|
||||
self = stdenv.mkDerivation rec {
|
||||
pname = "fwupd";
|
||||
version = "1.4.4";
|
||||
|
||||
preFixup = let
|
||||
binPath = [
|
||||
efibootmgr
|
||||
bubblewrap
|
||||
tpm2-tools
|
||||
] ++ stdenv.lib.optional haveFlashrom flashrom;
|
||||
in ''
|
||||
gappsWrapperArgs+=(
|
||||
--prefix XDG_DATA_DIRS : "${shared-mime-info}/share"
|
||||
# See programs reached with fu_common_find_program_in_path in source
|
||||
--prefix PATH : "${stdenv.lib.makeBinPath binPath}"
|
||||
)
|
||||
'';
|
||||
src = fetchurl {
|
||||
url = "https://people.freedesktop.org/~hughsient/releases/fwupd-${version}.tar.xz";
|
||||
sha256 = "03yn96kxs53vxcbza17y99rdhbjlybv44gkc90vaj6301grxahnp";
|
||||
};
|
||||
|
||||
mesonFlags = [
|
||||
"-Dgtkdoc=true"
|
||||
"-Dplugin_dummy=true"
|
||||
"-Dudevdir=lib/udev"
|
||||
"-Dsystemd_root_prefix=${placeholder "out"}"
|
||||
"-Dinstalled_test_prefix=${placeholder "installedTests"}"
|
||||
"-Defi-libdir=${gnu-efi}/lib"
|
||||
"-Defi-ldsdir=${gnu-efi}/lib"
|
||||
"-Defi-includedir=${gnu-efi}/include/efi"
|
||||
"--localstatedir=/var"
|
||||
"--sysconfdir=/etc"
|
||||
"-Dsysconfdir_install=${placeholder "out"}/etc"
|
||||
# libfwupd goes to lib
|
||||
# daemon, plug-ins and libfwupdplugin go to out
|
||||
# CLI programs go to out
|
||||
outputs = [ "out" "lib" "dev" "devdoc" "man" "installedTests" ];
|
||||
|
||||
# We do not want to place the daemon into lib (cyclic reference)
|
||||
"--libexecdir=${placeholder "out"}/libexec"
|
||||
# Our builder only adds $lib/lib to rpath but some things link
|
||||
# against libfwupdplugin which is in $out/lib.
|
||||
"-Dc_link_args=-Wl,-rpath,${placeholder "out"}/lib"
|
||||
] ++ stdenv.lib.optionals (!haveDell) [
|
||||
"-Dplugin_dell=false"
|
||||
"-Dplugin_synaptics=false"
|
||||
] ++ stdenv.lib.optionals (!haveRedfish) [
|
||||
"-Dplugin_redfish=false"
|
||||
] ++ stdenv.lib.optionals haveFlashrom [
|
||||
"-Dplugin_flashrom=true"
|
||||
];
|
||||
nativeBuildInputs = [
|
||||
meson
|
||||
ninja
|
||||
gtk-doc
|
||||
pkgconfig
|
||||
gobject-introspection
|
||||
intltool
|
||||
shared-mime-info
|
||||
valgrind
|
||||
gcab
|
||||
docbook_xml_dtd_43
|
||||
docbook_xsl
|
||||
help2man
|
||||
libxslt
|
||||
python
|
||||
wrapGAppsHook
|
||||
vala
|
||||
];
|
||||
|
||||
FONTCONFIG_FILE = fontsConf; # Fontconfig error: Cannot load default config file
|
||||
|
||||
# error: “PolicyKit files are missing”
|
||||
# https://github.com/NixOS/nixpkgs/pull/67625#issuecomment-525788428
|
||||
PKG_CONFIG_POLKIT_GOBJECT_1_ACTIONDIR = "/run/current-system/sw/share/polkit-1/actions";
|
||||
|
||||
# TODO: wrapGAppsHook wraps efi capsule even though it is not elf
|
||||
dontWrapGApps = true;
|
||||
|
||||
preCheck = ''
|
||||
addToSearchPath XDG_DATA_DIRS "${shared-mime-info}/share"
|
||||
'';
|
||||
|
||||
# so we need to wrap the executables manually
|
||||
postFixup = ''
|
||||
find -L "$out/bin" "$out/libexec" -type f -executable -print0 \
|
||||
| while IFS= read -r -d ''' file; do
|
||||
if [[ "$file" != *.efi ]]; then
|
||||
echo "Wrapping program $file"
|
||||
wrapGApp "$file"
|
||||
fi
|
||||
done
|
||||
'';
|
||||
|
||||
# /etc/fwupd/uefi.conf is created by the services.hardware.fwupd NixOS module
|
||||
passthru = {
|
||||
filesInstalledToEtc = [
|
||||
"fwupd/ata.conf"
|
||||
# "fwupd/daemon.conf" # already created by the module
|
||||
"fwupd/redfish.conf"
|
||||
"fwupd/remotes.d/lvfs-testing.conf"
|
||||
"fwupd/remotes.d/lvfs.conf"
|
||||
"fwupd/remotes.d/vendor.conf"
|
||||
"fwupd/remotes.d/vendor-directory.conf"
|
||||
"fwupd/thunderbolt.conf"
|
||||
"fwupd/upower.conf"
|
||||
# "fwupd/uefi.conf" # already created by the module
|
||||
"pki/fwupd/GPG-KEY-Hughski-Limited"
|
||||
"pki/fwupd/GPG-KEY-Linux-Foundation-Firmware"
|
||||
"pki/fwupd/GPG-KEY-Linux-Vendor-Firmware-Service"
|
||||
"pki/fwupd/LVFS-CA.pem"
|
||||
"pki/fwupd-metadata/GPG-KEY-Linux-Foundation-Metadata"
|
||||
"pki/fwupd-metadata/GPG-KEY-Linux-Vendor-Firmware-Service"
|
||||
"pki/fwupd-metadata/LVFS-CA.pem"
|
||||
buildInputs = [
|
||||
polkit
|
||||
libxmlb
|
||||
gusb
|
||||
sqlite
|
||||
libarchive
|
||||
libsoup
|
||||
elfutils
|
||||
gnu-efi
|
||||
libyaml
|
||||
libgudev
|
||||
colord
|
||||
libjcat
|
||||
libuuid
|
||||
glib-networking
|
||||
json-glib
|
||||
umockdev
|
||||
bash-completion
|
||||
cairo
|
||||
freetype
|
||||
fontconfig
|
||||
pango
|
||||
tpm2-tss
|
||||
efivar
|
||||
] ++ stdenv.lib.optionals haveDell [
|
||||
"fwupd/remotes.d/dell-esrt.conf"
|
||||
libsmbios
|
||||
];
|
||||
|
||||
# BlacklistPlugins key in fwupd/daemon.conf
|
||||
defaultBlacklistedPlugins = [
|
||||
"test"
|
||||
"invalid"
|
||||
patches = [
|
||||
./fix-paths.patch
|
||||
./add-option-for-installation-sysconfdir.patch
|
||||
|
||||
# Install plug-ins and libfwupdplugin to out,
|
||||
# they are not really part of the library.
|
||||
./install-fwupdplugin-to-out.patch
|
||||
|
||||
# Installed tests are installed to different output
|
||||
# we also cannot have fwupd-tests.conf in $out/etc since it would form a cycle.
|
||||
(substituteAll {
|
||||
src = ./installed-tests-path.patch;
|
||||
# Needs a different set of modules than po/make-images.
|
||||
inherit installedTestsPython;
|
||||
})
|
||||
];
|
||||
|
||||
tests = {
|
||||
installedTests = nixosTests.installed-tests.fwupd;
|
||||
postPatch = ''
|
||||
patchShebangs \
|
||||
contrib/get-version.py \
|
||||
contrib/generate-version-script.py \
|
||||
meson_post_install.sh \
|
||||
po/make-images \
|
||||
po/make-images.sh \
|
||||
po/test-deps
|
||||
'';
|
||||
|
||||
# /etc/os-release not available in sandbox
|
||||
# doCheck = true;
|
||||
|
||||
preFixup = let
|
||||
binPath = [
|
||||
efibootmgr
|
||||
bubblewrap
|
||||
tpm2-tools
|
||||
] ++ stdenv.lib.optional haveFlashrom flashrom;
|
||||
in ''
|
||||
gappsWrapperArgs+=(
|
||||
--prefix XDG_DATA_DIRS : "${shared-mime-info}/share"
|
||||
# See programs reached with fu_common_find_program_in_path in source
|
||||
--prefix PATH : "${stdenv.lib.makeBinPath binPath}"
|
||||
)
|
||||
'';
|
||||
|
||||
mesonFlags = [
|
||||
"-Dgtkdoc=true"
|
||||
"-Dplugin_dummy=true"
|
||||
"-Dudevdir=lib/udev"
|
||||
"-Dsystemd_root_prefix=${placeholder "out"}"
|
||||
"-Dinstalled_test_prefix=${placeholder "installedTests"}"
|
||||
"-Defi-libdir=${gnu-efi}/lib"
|
||||
"-Defi-ldsdir=${gnu-efi}/lib"
|
||||
"-Defi-includedir=${gnu-efi}/include/efi"
|
||||
"--localstatedir=/var"
|
||||
"--sysconfdir=/etc"
|
||||
"-Dsysconfdir_install=${placeholder "out"}/etc"
|
||||
|
||||
# We do not want to place the daemon into lib (cyclic reference)
|
||||
"--libexecdir=${placeholder "out"}/libexec"
|
||||
# Our builder only adds $lib/lib to rpath but some things link
|
||||
# against libfwupdplugin which is in $out/lib.
|
||||
"-Dc_link_args=-Wl,-rpath,${placeholder "out"}/lib"
|
||||
] ++ stdenv.lib.optionals (!haveDell) [
|
||||
"-Dplugin_dell=false"
|
||||
"-Dplugin_synaptics=false"
|
||||
] ++ stdenv.lib.optionals (!haveRedfish) [
|
||||
"-Dplugin_redfish=false"
|
||||
] ++ stdenv.lib.optionals haveFlashrom [
|
||||
"-Dplugin_flashrom=true"
|
||||
];
|
||||
|
||||
FONTCONFIG_FILE = fontsConf; # Fontconfig error: Cannot load default config file
|
||||
|
||||
# error: “PolicyKit files are missing”
|
||||
# https://github.com/NixOS/nixpkgs/pull/67625#issuecomment-525788428
|
||||
PKG_CONFIG_POLKIT_GOBJECT_1_ACTIONDIR = "/run/current-system/sw/share/polkit-1/actions";
|
||||
|
||||
# TODO: wrapGAppsHook wraps efi capsule even though it is not elf
|
||||
dontWrapGApps = true;
|
||||
|
||||
preCheck = ''
|
||||
addToSearchPath XDG_DATA_DIRS "${shared-mime-info}/share"
|
||||
'';
|
||||
|
||||
# so we need to wrap the executables manually
|
||||
postFixup = ''
|
||||
find -L "$out/bin" "$out/libexec" -type f -executable -print0 \
|
||||
| while IFS= read -r -d ''' file; do
|
||||
if [[ "$file" != *.efi ]]; then
|
||||
echo "Wrapping program $file"
|
||||
wrapGApp "$file"
|
||||
fi
|
||||
done
|
||||
'';
|
||||
|
||||
passthru = {
|
||||
filesInstalledToEtc = [
|
||||
"fwupd/ata.conf"
|
||||
"fwupd/daemon.conf"
|
||||
"fwupd/redfish.conf"
|
||||
"fwupd/remotes.d/lvfs-testing.conf"
|
||||
"fwupd/remotes.d/lvfs.conf"
|
||||
"fwupd/remotes.d/vendor.conf"
|
||||
"fwupd/remotes.d/vendor-directory.conf"
|
||||
"fwupd/thunderbolt.conf"
|
||||
"fwupd/upower.conf"
|
||||
"fwupd/uefi.conf"
|
||||
"pki/fwupd/GPG-KEY-Hughski-Limited"
|
||||
"pki/fwupd/GPG-KEY-Linux-Foundation-Firmware"
|
||||
"pki/fwupd/GPG-KEY-Linux-Vendor-Firmware-Service"
|
||||
"pki/fwupd/LVFS-CA.pem"
|
||||
"pki/fwupd-metadata/GPG-KEY-Linux-Foundation-Metadata"
|
||||
"pki/fwupd-metadata/GPG-KEY-Linux-Vendor-Firmware-Service"
|
||||
"pki/fwupd-metadata/LVFS-CA.pem"
|
||||
] ++ stdenv.lib.optionals haveDell [
|
||||
"fwupd/remotes.d/dell-esrt.conf"
|
||||
];
|
||||
|
||||
# BlacklistPlugins key in fwupd/daemon.conf
|
||||
defaultBlacklistedPlugins = [
|
||||
"test"
|
||||
"invalid"
|
||||
];
|
||||
|
||||
tests = let
|
||||
listToPy = list: "[${stdenv.lib.concatMapStringsSep ", " (f: "'${f}'") list}]";
|
||||
in {
|
||||
installedTests = nixosTests.installed-tests.fwupd;
|
||||
|
||||
passthruMatches = runPythonCommand "fwupd-test-passthru-matches" ''
|
||||
import itertools
|
||||
import configparser
|
||||
import os
|
||||
import pathlib
|
||||
|
||||
etc = '${self}/etc'
|
||||
package_etc = set(itertools.chain.from_iterable([[os.path.relpath(os.path.join(prefix, file), etc) for file in files] for (prefix, dirs, files) in os.walk(etc)]))
|
||||
passthru_etc = set(${listToPy passthru.filesInstalledToEtc})
|
||||
assert len(package_etc - passthru_etc) == 0, f'fwupd package contains the following paths in /etc that are not listed in passthru.filesInstalledToEtc: {package_etc - passthru_etc}'
|
||||
assert len(passthru_etc - package_etc) == 0, f'fwupd package lists the following paths in passthru.filesInstalledToEtc that are not contained in /etc: {passthru_etc - package_etc}'
|
||||
|
||||
config = configparser.RawConfigParser()
|
||||
config.read('${self}/etc/fwupd/daemon.conf')
|
||||
package_blacklisted_plugins = config.get('fwupd', 'BlacklistPlugins').rstrip(';').split(';')
|
||||
passthru_blacklisted_plugins = ${listToPy passthru.defaultBlacklistedPlugins}
|
||||
assert package_blacklisted_plugins == passthru_blacklisted_plugins, f'Default blacklisted plug-ins in the package {package_blacklisted_plugins} do not match those listed in passthru.defaultBlacklistedPlugins {passthru_blacklisted_plugins}'
|
||||
|
||||
pathlib.Path(os.getenv('out')).touch()
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
||||
meta = with stdenv.lib; {
|
||||
homepage = "https://fwupd.org/";
|
||||
maintainers = with maintainers; [ jtojnar ];
|
||||
license = [ licenses.gpl2 ];
|
||||
platforms = platforms.linux;
|
||||
};
|
||||
};
|
||||
|
||||
meta = with stdenv.lib; {
|
||||
homepage = "https://fwupd.org/";
|
||||
maintainers = with maintainers; [ jtojnar ];
|
||||
license = [ licenses.gpl2 ];
|
||||
platforms = platforms.linux;
|
||||
};
|
||||
}
|
||||
in self
|
||||
|
|
Loading…
Reference in a new issue