From 9cdb7fe72285db3369039017c5aa935cccba305d Mon Sep 17 00:00:00 2001 From: Daniel Barlow Date: Tue, 20 Feb 2018 16:40:39 +0000 Subject: [PATCH] monit: cross-compile, and make openssl optional Upstream Monit optionally uses OpenSSL to provide TLS support in its builtin admin web server. Being able to turn off SSL in Nixpkgs' monit derivation makes it much easier to build Monit on embedded systems. Security implication: if you choose not to build in openssl then you should probably configure Monit to allow access only from localhost. --- pkgs/tools/system/monit/default.nix | 23 ++++++++++++++++------- 1 file changed, 16 insertions(+), 7 deletions(-) diff --git a/pkgs/tools/system/monit/default.nix b/pkgs/tools/system/monit/default.nix index 71a4db63c84f..12a0a6f1b99e 100644 --- a/pkgs/tools/system/monit/default.nix +++ b/pkgs/tools/system/monit/default.nix @@ -1,5 +1,7 @@ -{stdenv, fetchurl, openssl, bison, flex, pam, zlib, usePAM ? stdenv.isLinux }: - +{stdenv, fetchurl, openssl, bison, flex, pam, zlib, usePAM ? stdenv.isLinux + , buildPlatform, hostPlatform }: +let useSSL = (openssl != null); + isCross = ( buildPlatform != hostPlatform ) ; in stdenv.mkDerivation rec { name = "monit-5.23.0"; @@ -9,12 +11,19 @@ stdenv.mkDerivation rec { }; nativeBuildInputs = [ bison flex ]; - buildInputs = [ openssl zlib.dev ] ++ stdenv.lib.optionals usePAM [ pam ]; + buildInputs = [ zlib.dev ] ++ + stdenv.lib.optionals useSSL [ openssl ] ++ + stdenv.lib.optionals usePAM [ pam ]; - configureFlags = [ - "--with-ssl-incl-dir=${openssl.dev}/include" - "--with-ssl-lib-dir=${openssl.out}/lib" - ] ++ stdenv.lib.optionals (! usePAM) [ "--without-pam" ]; + configureFlags = + if useSSL then [ + "--with-ssl-incl-dir=${openssl.dev}/include" + "--with-ssl-lib-dir=${openssl.out}/lib" + ] else [ "--without-ssl" ] ++ + stdenv.lib.optionals (! usePAM) [ "--without-pam" ] ++ + # will need to check both these are true for musl + stdenv.lib.optionals isCross [ "libmonit_cv_setjmp_available=yes" + "libmonit_cv_vsnprintf_c99_conformant=yes"]; meta = { homepage = http://mmonit.com/monit/;