3
0
Fork 0
forked from mirrors/nixpkgs
Commit graph

1617 commits

Author SHA1 Message Date
Domen Kožar ee74e1a055 solr: 4.10.2 -> 4.10.3, CVE-2014-3628
(cherry picked from commit 4fa25ee93a)
Signed-off-by: Domen Kožar <domen@dev.si>
2015-02-04 11:48:28 +01:00
Eric Seidel 6f7632a7bd update libcxx[abi] to 3.5 2015-02-03 14:02:59 -08:00
Shea Levy aea1254f96 cc-wrapper merge fixes 2015-02-02 21:30:05 -05:00
Shea Levy c45372f038 Merge commit 'cfb29ab882323d379aba20a95020c7c24f883eae'
Partial staging merge, including cc-wrapper fixes

Conflicts:
	pkgs/applications/audio/spotify/default.nix
	pkgs/build-support/cc-wrapper/default.nix
	pkgs/development/compilers/cryptol/1.8.x.nix
2015-02-02 21:14:28 -05:00
Thomas Tuegel 2b933f31f6 kdeApps.kmix: remove Qt 4 dependencies 2015-02-01 10:26:55 -06:00
Shea Levy cfb29ab882 Merge branch 'gridaphobe' into staging
fix cc-wrapper for cross-compilation
2015-01-28 13:47:47 -05:00
Eelco Dolstra 6f8fad2253 Remove executable bits from non-executable files 2015-01-27 18:54:38 +01:00
Thomas Strobel f0228c6eb2 Add: nix-template-rpm: Script to generate templates of nix expressions from RPM .spec files 2015-01-27 01:18:52 -08:00
Thomas Tuegel c6f1c75472 kdeApps: update to 14.12.1 2015-01-26 21:01:06 -06:00
Thomas Tuegel 1fbecd1295 gcc-wrapper: comment on alternate setup hook
We now have an alternate setup hook for gcc-wrapper that uses -I to add
include paths rather than -isystem. The latter flag can change the
search order specified by the build system. For KDE 5 packages, we don't
want that!
2015-01-26 21:00:39 -06:00
Thomas Tuegel 8be6792829 autonix: add Nix library 2015-01-26 20:59:51 -06:00
Thomas Tuegel d927da8dae gcc-wrapper: parameterize setup-hook
The default setup-hook for gcc-wrapper adds include directories with
-isystem, which upsets the order -I flags are processed. This adds an
alternative setup-hook that only uses -I flags. The build system's
ordering of -I flags is then respected. This is important when different
packages provide includes with the same name, such as building packages
that depend on Qt4 and Qt5.
2015-01-26 20:59:50 -06:00
Shea Levy 9bccb95a82 cc-wrapper: Fix for cross-compiling
Fixes #5949

Suggested by @ambrop72
2015-01-25 23:29:06 -05:00
Charles Strahan 24b5eb61eb fetchzip: fix unpacking regression
This resolves a regression introduced in fc01353703, where providing a
name without a proper extension breaks existing uses of fetchzip (they
now fail to unpack). Of particular note, that commit broke all uses of
fetchFromGitHub because it uses a name like so: "${repo}-${rev}-src"

Fixes #5954
2015-01-25 20:16:21 -05:00
Charles Strahan e4bf6c3f17 gpgme: use different mirror 2015-01-24 17:06:44 -05:00
Charles Strahan fc01353703 fetchzip: various fixes
This fixes:

 * Passing stripRoot.
 * Archives containing a single file.
 * Archives where the root folder has the same name as one of it's children.

Fixes #5851
2015-01-23 17:10:40 -05:00
Charles Strahan 4a3e689519 nix-prefetch-zip: support single files and recuring directories
See #5851
2015-01-23 17:10:40 -05:00
Charles Strahan b6f9975b6a nix-prefetch-zip: unset $name
nix-shell leaks $name, breaking nix-prefetch-zip.
2015-01-22 21:18:16 -05:00
Longrin Wischnewski 19f0b18b99 libredirect: add access syscall 2015-01-20 18:52:37 +01:00
Franz Pletz 07e1566b7d fetchurl: add mirrors for OpenBSD (close #5551)
This changes source URLs for openssh and libressl accordingly.
2015-01-20 16:24:00 +01:00
Peter Simons ec6b82a0c2 Merge branch 'master' into staging. 2015-01-19 18:41:17 +01:00
Peter Simons cfce8509b8 grsecurity: add GRKERNSEC_DENYUSB option (disabled by default)
This option tells the kernel to ignore plug-in events of USB devices. Useful to
protect against attacks with malicious hardware. Currently disabled by default,
though.
2015-01-19 00:15:41 +03:00
Shea Levy f326b7995c Remove libc++ stuff from cc-wrapper
This is now part of the libc++ setup hook
2015-01-16 11:30:51 -05:00
Shea Levy 7dc57a389e cc-wrapper: Set CC/CXX more specifically if possible 2015-01-16 10:50:53 -05:00
Eelco Dolstra 1b1e015e6e Update Debian to 7.8 2015-01-15 14:51:55 +01:00
Eric Seidel b070eacfcd rename occurrences of cc.gcc to cc.cc 2015-01-14 20:51:58 -08:00
Eric Seidel 48f63c2f2e rename gcc-wrapper to cc-wrapper.
also makes cc-wrapper compatible with clang in the darwin fork.
2015-01-14 20:26:56 -08:00
Vladimír Čunát 77d66ed834 fetchgit: improve name detection, discard nix-1.8 check
The name detection didn't work for e.g. http://git.suckless.org/sinit/.
I tested the tarball builds now.

@shlevy claimed nixpkgs requires nix-1.8 features anyway,
so the additional check with message were superfluous.
2015-01-13 19:45:31 +01:00
Vladimír Čunát 7637e71cee merge #5521: give fetchgit outputs nicer names 2015-01-13 17:46:44 +01:00
Eelco Dolstra 7358b8dfda Fix a warning in initrd generation
${pkgs.busybox}/bin and ${pkgs.busybox}/sbin are now the same
directory, so don't copy both.
2015-01-12 17:52:30 +01:00
Eelco Dolstra 872f8c0431 Remove RHEL 7 RC
It no longer exists on the RedHat FTP site.
2015-01-12 15:13:21 +01:00
Eelco Dolstra 02df7cdaa0 Fix CentOS 6.5 URLs 2015-01-12 15:13:05 +01:00
Peter Simons 4cf52df32e Merge pull request #5663 from ryantrinkle/fix-cabal-js
Use Cabal_1_22_0_0 instead of Cabal_HEAD in cabalJs
2015-01-09 15:33:03 +01:00
Ryan Trinkle 20710afb46 Use Cabal_1_22_0_0 instead of Cabal_HEAD in cabalJs
Cabal_HEAD no longer exists.  When Cabal_1_22_0_0 or later becomes the default, this should be updated again to point to Cabal
2015-01-09 08:29:56 -05:00
John Wiegley 268da01677 cabal: Allow optional use of cpphs as a preprocessor
Pinging @peti.  This is needed on Darwin/Yosemite because clang's
preprocessor is broken there.
2015-01-08 11:55:11 -06:00
William A. Kennington III c82410eeda java: Normalize to the default jre / jdk 2015-01-07 14:55:41 -08:00
Shea Levy 3e1fdb7a35 gcc-wrapper is used for clang too 2015-01-05 14:39:22 -05:00
Ryan Trinkle b1e967958e Eliminate incorrect version checks from cabalJs 2015-01-02 12:30:19 -05:00
Shea Levy a8603605aa fetchgit: give output a nicer name
Instead of git-export, we get the basename of the repo, plus the
shortrev if the commit-ish is a rev.
2015-01-01 10:03:45 -05:00
Ricardo M. Correia 0a97acdc0f grsecurity: Update stable and test patches
stable: 3.0-3.14.27-201412211908 -> 3.0-3.14.27-201412280859
test:   3.0-3.17.7-201412211910  -> 3.0-3.18.1-201412281149
2015-01-01 15:45:31 +01:00
Charles Strahan df55381b65 ghcjs: restructure 2014-12-31 00:03:43 -05:00
Ricardo M. Correia 1d44322d53 grsecurity: Update stable and test patches
stable: 3.0-3.14.27-201412211908 -> 3.0-3.14.27-201412280859
test:   3.0-3.17.7-201412211910  -> 3.0-3.18.1-201412281149
2014-12-29 03:00:47 +01:00
Charles Strahan 347a9674c1 ghcjs: cleanup 2014-12-27 18:48:12 -05:00
Charles Strahan a188373640 Merge branch 'master' of github.com:nixos/nixpkgs into ryghcjs
Conflicts:
	pkgs/development/libraries/haskell/ghcjs-dom/default.nix
	pkgs/top-level/haskell-packages.nix
2014-12-27 14:35:01 -05:00
Shea Levy 05edd656f6 Missed gcc refs 2014-12-26 12:28:15 -05:00
John Wiegley 28b6fb61e6 Change occurrences of gcc to the more general cc
This is done for the sake of Yosemite, which does not have gcc, and yet
this change is also compatible with Linux.
2014-12-26 11:06:21 -06:00
Igor Pashev d57927748a autoreconf may need gettext
E. g. for AC_LIB_PREFIX
2014-12-22 20:20:00 +00:00
vi 0c49b2942e Added mirrors for MySQL. 2014-12-17 11:14:46 +00:00
Vladimír Čunát 1a0a161920 gnat: make it build again (close #5307)
Problems are worked around by using older gcc wrapper for gnat bootstrap.
(from ca441636f1^)

I tried nicer solutions first, but I was unable to fix all problems for hours.
2014-12-14 16:24:31 +01:00
Michael Raskin 9ed097ab50 Fix fetchzip for actuall zip files 2014-12-12 15:16:57 +03:00
Charles Strahan fb59151109 purify ghcjs 2014-12-11 20:56:41 -05:00
Domen Kožar 4aa3eec330 Merge branch 'master' into staging
Conflicts:
	pkgs/development/libraries/fontconfig/default.nix
2014-12-07 14:02:48 +01:00
Eelco Dolstra b8e33a5dcb Ubuntu 14.10: Update hashes 2014-12-05 16:02:59 +01:00
Bas van Dijk 6fa969839a Merge branch 'master' of https://github.com/NixOS/nixpkgs into update
Conflicts:
	pkgs/development/libraries/haskell/text-binary/default.nix
	pkgs/top-level/haskell-defaults.nix
	pkgs/top-level/haskell-packages.nix
2014-12-05 07:54:48 +01:00
William A. Kennington III 4fcbe096b6 fetchgit: Simplify submodule url discovery 2014-12-04 15:17:58 -08:00
Bas van Dijk 35cdb19f03 Use mkdir -p instead of deprecated ensureDir 2014-11-29 14:24:31 +01:00
Vladimír Čunát cbd2305d4d Merge branch 'master' into staging 2014-11-28 18:59:07 +01:00
aszlig 444987193e
nixos: Rename virtualbox to virtualboxGuest.
Especially new users could be confused by this, so we're now marking
services.virtualbox.enable as obsolete and defaulting to
services.virtualboxGuest.enable instead. I believe this now makes it
clear, that this option is for guest additions only.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-11-27 18:42:22 +01:00
Vladimír Čunát b5ff06eda4 Merge branch 'master' into staging 2014-11-26 21:48:26 +01:00
Vladimír Čunát b1803465d9 imagemagick: use a stable URL, reshuffle mirrors
CC: #5133.
2014-11-26 21:42:42 +01:00
Peter Simons c7d3f60217 cabal: add support for "editedCabalFile" attribute to address https://github.com/NixOS/cabal2nix/issues/84
When 'editedCabalFile' is set to an SHA256 hash, the build driver replaces the
original Cabal instructions with the new version that is downloaded from
"http://hackage.haskell.org/package/${fname}/${pname}.cabal".
2014-11-26 14:24:45 +01:00
Eelco Dolstra e611215f5c Move finding XML catalogs into a separate setup hook
This is because libxml/libxslt are not the only implementations that
respect $XML_CATALOG_FILES.

Also, look in share/xml for catalogs (in addition to the
now-deprecated xml/dtd and xml/xsl).
2014-11-25 16:23:48 +01:00
Vladimír Čunát a9bad25ffe Merge branch 'master' into staging 2014-11-24 22:14:25 +01:00
Domen Kožar 909b62fa6e fetchurl: friendly message if hash is not given 2014-11-23 17:49:32 +01:00
Eelco Dolstra 17cf42d876 Fix patchelf RPM builds
http://hydra.nixos.org/build/17037187
2014-11-20 13:19:36 +01:00
Eelco Dolstra 99a2afd784 Update to Debian 7.7 2014-11-20 11:11:21 +01:00
Eelco Dolstra e5513ac4dc Add Ubuntu 14.10 2014-11-20 11:11:08 +01:00
Eelco Dolstra fda5c17a6f vmTools: Fix permissions on /tmp and /dev/* 2014-11-18 14:49:39 +01:00
Vladimír Čunát 8e44ae5bd4 stdenv lib64-moving: fail instead of overwriting
Silent overwriting is dangerous and it bit us straightaway on gcc_multi.
https://github.com/NixOS/nixpkgs/commit/51f1b4ec48d5
2014-11-17 11:27:38 +01:00
Vincent Laporte cded306f82 nix-prefetch-git: allow dots in submodule names 2014-11-15 18:37:58 +00:00
Peter Simons ffb635eb65 cabal: fix GHC 6.10.4 builds
3e8344d334 added some magic -optP-P flag that the old compiler
version doesn't support.
2014-11-15 18:20:40 +01:00
Eelco Dolstra 0a9ec07b93 findTarball: Fix the case where src is a directory 2014-11-10 20:06:50 +01:00
Edward Tjörnhammar 4030ab3ba4 add parens to de ambiguify 2014-11-10 06:53:24 +01:00
Edward Tjörnhammar 91c7ffc498 Revert "Revert "initialized git repo should use the set http_proxy""
This reverts commit f8a833cfb1.
This makes sure the check returns a zero code.

See discussion on https://github.com/NixOS/nixpkgs/commit/5af576f
2014-11-09 21:27:26 +01:00
Luca Bruno f8a833cfb1 Revert "initialized git repo should use the set http_proxy"
This reverts commit 5af576ff7f.

See discussion on https://github.com/NixOS/nixpkgs/commit/5af576f
2014-11-09 13:50:48 +01:00
Luca Bruno 83221f3886 Merge branch 'master' into staging
Makes the build more useful:
- Disabled hybrid iso, makes installer tests pass again
- Imagemagick fixes to the "Illegal instruction" thing
2014-11-08 15:56:40 +01:00
Peter Simons 44273088ad cabal: enable multi-threaded builds with GHC 7.8.x or later for executables
Multi-threaded builds exacerbate the non-determinism in ghc package ids, which
is a serious problem for libraries. Packages that define only executables,
however, should be safe to  build with parallelism enabled.
2014-11-07 23:22:27 +01:00
Peter Simons 40bb2781ee cabal: add "-hidir $TMPDIR" parameter to ghc call that compiles Setup.hs
Packages that don't have a Setup.hs file get to use a default version that
lives in the Nix store. By default ghc tries to put the Setup.o and Setup.hi
files in the same directory as the source file, which isn't writable. This
leads to build errors [1]. Thus, we re-direct those paths to a build-local
writable location: $TMPDIR.

Arguably, we could also use "." or copy the /nix/store/deadbeef-Setup.hs file
into the local source directory before compiling, which would work fine, too.

[1] https://github.com/NixOS/nixpkgs/issues/4851
2014-11-07 23:22:25 +01:00
Edward Tjörnhammar 5af576ff7f initialized git repo should use the set http_proxy 2014-11-07 11:50:30 +01:00
Eelco Dolstra f01ecbee50 nixBuild: Respect the preHook/postHook of the caller 2014-11-06 11:12:29 +01:00
Eelco Dolstra c964077200 findTarball: Handle pipefail
It was failing because the bash subshell died with SIGPIPE, which is
no longer ignored.

http://hydra.nixos.org/build/16766452
2014-11-05 18:24:16 +01:00
Eelco Dolstra 83758d2b26 Die tabs die 2014-11-05 18:12:21 +01:00
Eelco Dolstra 2d498a3c1c findTarballs: Take nullglob into account 2014-11-05 18:12:07 +01:00
Vladimír Čunát 52404a868d Merge recent master into staging
Nixpkgs Hydra: ?compare=1157272

TODO: port e22889064f

Conflicts:
	nixos/tests/gnome3_10.nix (auto-solved)
	pkgs/applications/video/aegisub/default.nix
	pkgs/development/libraries/boost/1.55.nix
2014-11-05 15:00:44 +01:00
Eelco Dolstra 7495c61d49 Merge remote-tracking branch 'origin/darwin-clang-stdenv' into staging
Conflicts:
	pkgs/applications/editors/vim/macvim.nix
2014-11-04 14:30:43 +01:00
Joachim Fasting 71a443c1b2 Add mirrors for sage 2014-11-03 23:04:44 +01:00
Bjørn Forsman 96cacf01bf nix-prefetch-git: run single-threaded 'git repack'
Without this, the generated pack files are non-deterministic.

I didn't notice this issue in my earlier testing, because my test repo
had too few commits for the thread scheduling to take effect. (Test repo
had about 10 commits.)
2014-11-03 22:52:57 +01:00
Peter Simons a9c53037fa Merge remote-tracking branch 'origin/master' into staging. 2014-11-02 16:15:53 +01:00
Bjørn Forsman 53614cf1a7 nix-prefetch-git: fix determinism with leaveDotGit
Add more files to the delete list:

 * .git/FETCH_HEAD
 * .git/ORIG_HEAD
 * .git/refs/remotes/origin/HEAD
 * .git/config

Further, remove all remote branches, remove tags not reachable from the
given 'rev', do a full repack and then garbage collect unreferenced
objects.

According to my testing, the result is fully deterministic. As in "any
change done to the upstream repo, ahead of 'rev', will not affect the
hash of the resulting 'clone'". Even changing the clone URL will not
change the output hash, because .git/config is removed.

A new version of git can of course change store format, but that's
unavoidable.

For big repositories, the repack operation may be a bit heavy. But as
far as I can see there is no cheaper way to determinism.
2014-11-02 13:15:33 +01:00
Bjørn Forsman faaa8a6acf nix-prefetch-git: remove unneeded semicolons
Shell isn't Perl ;-)
2014-11-01 15:17:11 +01:00
Bjørn Forsman 8ec8358724 nix-prefetch-git: whitespace cleanup
Use 4 spaces per indent level instead of a mix of 2 spaces, 4 spaces and
hardtab. (According to nixpkgs coding style for shell scripts.)
2014-11-01 13:47:37 +01:00
Peter Simons b11060d8db Merge remote-tracking branch 'origin/master' into staging. 2014-10-31 11:14:24 +01:00
Eelco Dolstra 2ee8b30b64 stdenv.lib -> lib 2014-10-27 10:25:35 +01:00
Moritz Ulrich cdd2dd70aa Merge remote-tracking branch 'refs/remotes/origin/master' into chicken-eggs 2014-10-27 01:14:13 +01:00
Raffael Mancini 3ee2ca1d21 Added an up-to-date http debian mirror for those without ftp access. 2014-10-25 17:10:22 +02:00
Eelco Dolstra f4be4f5e54 Merge remote-tracking branch 'origin/master' into staging 2014-10-24 12:24:13 +02:00
Edward Tjörnhammar a5af1c228e Adding fetchurl mirrors for roy marples projects(dhcpcd, openresolv) 2014-10-23 19:45:33 +02:00
Vladimír Čunát 2cf17b0802 Merge recent master into staging
Hydra nixpkgs: ?compare=1156478
2014-10-23 17:40:41 +02:00
Ricardo M. Correia cb95ac1352 Merge pull request #4609 from alexanderkjeldaas/updated-grsec
Updated grsec.
2014-10-22 16:37:21 +02:00
Chris Double 40791a4ec5 Fix build-fhs-chrootenv mount script 2014-10-22 10:39:17 +02:00
Alexander Kjeldaas 005bb796e6 Updated grsec. 2014-10-22 02:18:41 +02:00
Peter Simons bddf342631 Patch 7a20d76 failed when the Haskell expression lacked a meta attribute. This commit fixes that issue. 2014-10-22 00:23:12 +02:00
Peter Simons 7a20d76482 Disable all Haskell builds for Darwin on Hydra.
Hydra generates a GHC closure for Darwin that for no apparent reason
contains an ancient, broken Haddock binary -- probably because of an
impurity in the build system. That bug makes those GHC binaries
unusable: <https://github.com/NixOS/nixpkgs/issues/2689>.
2014-10-21 23:54:51 +02:00
Shea Levy 3fe41ca763 Debain 7.6-amd64 tarball was updated in place 2014-10-20 15:26:51 -04:00
Shea Levy 652030e85d debian packages tarball was updated in place 2014-10-20 15:23:44 -04:00
Shea Levy a3ffe238e7 Revert "cabal: enable multi-threaded builds with GHC 7.8.x or later"
This likely exacerbates the non-determinism in ghc package ids, so until
that is fixed let's live with the slow builds.

This reverts commit 817c0e4144.
2014-10-16 13:17:30 -04:00
Nikolay Amiantov 09f33a4389 substituteAllFiles: add derivation
Closes #4145
2014-10-16 15:27:25 +01:00
Moritz Ulrich e47428d0e2 Infrastructure to build chicken eggs. 2014-10-13 23:29:27 +02:00
Eelco Dolstra 2c65f3fa66 Fix stdenv-native 2014-10-11 23:10:27 +02:00
Eelco Dolstra 79d0d7b437 Unify gcc-wrapper and clang-wrapper 2014-10-11 22:26:39 +02:00
Eelco Dolstra 0d67d13527 gcc-wrapper: Style fix 2014-10-11 22:26:39 +02:00
Eelco Dolstra 02122ccfd0 gcc-wrapper: Style fix 2014-10-11 22:26:39 +02:00
Eelco Dolstra ffbdcbfe29 gcc-wrapper: Wrap ld.gold
This ensures that gcc's ‘-fuse-ld=gold’ flag works.
2014-10-10 14:55:17 +02:00
Eelco Dolstra 3e0a348728 gcc-wrapper: Get rid of builder.sh + cleanup 2014-10-10 14:55:08 +02:00
Eelco Dolstra 811de3bfaa Merge remote-tracking branch 'origin/staging' into darwin-clang-stdenv
Conflicts:
	pkgs/tools/security/gnupg/default.nix
2014-10-09 10:57:57 +02:00
Eelco Dolstra 51f1b4ec48 Automatically move stuff in lib64 to lib 2014-10-07 15:04:13 +02:00
Eelco Dolstra ab04b7d0bb Automatically move programs in sbin to bin
This should fix the OpenJDK build, which was failing because paxctl is
in sbin and therefore not automatically added to $PATH.

http://hydra.nixos.org/build/15658346
2014-10-07 14:43:56 +02:00
Eelco Dolstra a85dcf4a00 Merge remote-tracking branch 'origin/master' into staging
Conflicts:
	pkgs/development/libraries/libav/default.nix
	pkgs/shells/bash/bash-4.2-patches.nix
	pkgs/stdenv/generic/default.nix
2014-10-07 00:09:37 +02:00
Ryan Trinkle 92f8d68b99 Merge branch 'master' of https://github.com/NixOS/nixpkgs
Conflicts:
	pkgs/development/libraries/haskell/ghcjs-dom/default.nix
	pkgs/top-level/haskell-packages.nix
2014-10-06 13:12:58 -04:00
Aristid Breitkreuz 5c0816567d fix fetchurl 2014-10-05 19:23:27 +02:00
Domen Kožar d6b7778753 fetchurl: fix mirroring after ecf5a08831 2014-10-05 09:53:18 +02:00
Domen Kožar ecf5a08831 Merge pull request #4350 from NixOS/curl_partial_download
fetchurl: resume download of curl exits with status code 18
2014-10-03 10:29:27 +02:00
Daniel Peebles c55c435ade Add Apple command-line tools
Closes #4365
2014-10-02 06:50:09 +01:00
Domen Kožar fd48e801d2 fetchurl: resume download of curl exits with status code 18 2014-10-01 13:58:42 +02:00
Daniel Peebles 0e9cf136af A simple ADC downloader for upcoming darwin awesomeness
Closes #4327
2014-10-01 02:10:31 +01:00
Russell O'Connor 94c6af494a Exponentially reduce computation time needed for replace-dependency by using memoization.
This patch makes two changes.

(1) It memoizes the computation of dependsOnOld.
(2) It replaces rewrittenDerivations with a similar memoized table rewriteMemo.

This prevents the entire tree of run-time dependencies from being traversed and instead only traverses the graph of run-time dependencies.
In the case of deep dependency changes (such as changing one's bash version for an entire NixOS system) this can lead to an exponential speedup in processing time
because shared dependencies are no longer traversed multiple times.

This patch isn't quite derivation-per-derivation equivalent to the original computation.
There are two immaterial differences.

(1) The previous version would always call upon sed to replace oldDependency with newDependency even when the store object being updated doesn't directly depend on
oldDependency.
The new version only replaceds oldDependency with newDependency when the store object being updated actually directly depends on oldDependency (which means there is
actually a hash to replace).
(2) The previous version would list the old store object as a source input of the new store object, *except* for the root derivation being updated.  Because the
root derivation being updated has its actual derivation avaiable the previous verions would make the updated root derivation depend on the old derivation as a
derivation input instead of a source input.
The new version always lists the old store object as a source input, including the root derivation.
2014-09-28 09:39:39 -04:00
Eelco Dolstra 1e6dfdf29c clang-wrapper: Remove explicit dependency on libc++
Now libc++ is just another build input propagated from clang-wrapper.
2014-09-24 17:55:05 +02:00
Eelco Dolstra 07f603f89e libc++: Use the right libc++abi re-export list
Also, remove the explicit -lc++abi flag from clang-wrapper. It's not
needed because libc++ re-exports the necessary symbols from libc++abi.
2014-09-24 16:39:36 +02:00
Eelco Dolstra ae18038c6d fixDarwinDylibNames: Use new hook mechanism 2014-09-24 16:12:49 +02:00
Eelco Dolstra 66dedaa6ee gcc-wrapper: Remove NIX_GCC_NEEDS_GREP
This is not needed on any currently supported platform.
2014-09-23 19:43:38 +02:00
Eelco Dolstra 91fa55e702 Remove references to <nixpkgs>
Nixpkgs should not use <nixpkgs> to refer to itself, because $NIX_PATH
might not be set or not point to the same Nixpkgs. It's also
unnecessary.
2014-09-23 15:48:15 +02:00
Eelco Dolstra cd71f7a2e6 Merge branch 'darwin-stdenv' of github.com:joelteon/nixpkgs into staging
Conflicts:
	pkgs/development/interpreters/ruby/ruby-19.nix
	pkgs/development/libraries/libc++/default.nix
	pkgs/development/libraries/libc++abi/default.nix
	pkgs/tools/text/sgml/opensp/default.nix
2014-09-23 11:27:53 +02:00
Mathijs Kwik e80cbedbae VM builds: Use default kernel
(this was set to 3.10 when 3.4 was our default)
See commit d846e97656.
2014-09-23 09:17:01 +02:00
Ryan Trinkle e4ff3fd348 Add defaultSetupHs to ghcjs, and fix it in regular cabal 2014-09-20 18:54:09 -04:00
Eelco Dolstra 552b105206 gcc-wrapper: Use a real date
Analogous to the fake timestamp in the Linux kernel build.
2014-09-15 09:26:41 +02:00
Gergely Risko e766f0b0d0 Fix __DATE__ and __TIME__ purification in gcc-wrapper 2014-09-14 22:33:48 +02:00
Vladimír Čunát d957b4bd78 Merge recent master into staging
Hydra nixpkgs: ?compare=1151601
2014-09-13 21:48:29 +02:00
Alexander Kjeldaas aa119e1106 gcc-wrapper: make __DATE__/__TIME__ deterministic
...when NIX_ENFORCE_PURITY=1.

@vcunat corrected the date according to docs.
https://gcc.gnu.org/onlinedocs/cpp/Standard-Predefined-Macros.html
In order to handle the spaces well, the extraAfter array had to be
quoted more properly and appended by +=.
2014-09-13 15:32:34 +02:00
Joel Taylor 3e8344d334 suitable clang stdenv 2014-09-09 13:54:24 -07:00
Christoph Hrdinka 4f5b4ceb85 build-fhs-chrootenv: bind mount chroots /tmp to hosts /tmp 2014-09-09 12:10:54 +02:00
Vladimír Čunát 82797f98f2 Merge branch 'staging' into modular-stdenv
Conflicts:
	pkgs/development/interpreters/perl/5.10/setup-hook.sh
	pkgs/development/interpreters/perl/5.8/setup-hook.sh
	pkgs/stdenv/linux/default.nix
2014-09-08 18:24:58 +02:00
Vladimír Čunát 1e389c976c merge 'staging' into modular-stdenv
In 2c62a36b77 the messages in pkgs/stdenv/generic/default.nix
were not merged correctly.

Conflicts:
	pkgs/stdenv/generic/default.nix
2014-09-08 18:16:54 +02:00
Ricardo M. Correia 238a84ac78 grsecurity: Update stable and test patches
stable: 3.0-3.14.17-201408260041 -> 3.0-3.14.18-201409060013
test:   3.0-3.15.10-201408212335 -> 3.0-3.16.2-201409060014
2014-09-08 15:16:38 +02:00
Eelco Dolstra 585983bc95 Merge remote-tracking branch 'origin/staging'
Conflicts:
	pkgs/applications/version-management/subversion/default.nix
2014-09-08 11:42:09 +02:00
Vladimír Čunát 06fea81c6e Merge recent master into staging
Hydra: ?compare=1150594
2014-09-06 16:52:45 +02:00
Christoph Hrdinka 573aa18e9f steam: fix extraBuildCommandsMulti on i686 2014-09-06 00:25:49 +02:00
Christoph Hrdinka c376b1afa0 build-fhs-chrootenv: fix gcc libs on i686 2014-09-06 00:25:49 +02:00
Christoph Hrdinka 64f873461f build-fhs-chrootenv: fix gcc libs on x86 2014-09-06 00:25:49 +02:00
Christoph Hrdinka 2d912e29d5 build-fhs-chrootenv: fix gcc_multi paths 2014-09-06 00:25:49 +02:00
Christoph Hrdinka 72b1f874ef buildFHSChrootEnv: fix merge error 2014-09-06 00:25:48 +02:00
Christoph Hrdinka c5f51039f4 steam: fix steam on x86_64 2014-09-06 00:25:48 +02:00
Eelco Dolstra 7e744041f3 rpm-closure.pl: Reduce verbosity 2014-09-05 12:37:07 +02:00
Peter Simons ca931e0e1e Merge pull request #3915 from Fuuzetsu/agda-builder
RFC: Agda builder
2014-09-04 11:28:47 +02:00
Michael Raskin 46cdc2e017 Allow git checkouts to have custom name 2014-09-03 21:54:25 +04:00
Michael Raskin 76f4eb5f93 Revert "python-wrapper: fix wrapped argv[0] w/o sed, maybe"
This reverts commit a6dd9bd0cb.
2014-09-02 20:45:41 +04:00
Michael Raskin af4c369d0a Revert "Create wrapper directory outside of /bin/ for FHS chroots to be closer to FHS"
This reverts commit 9deb7f8aae.
2014-09-02 20:17:55 +04:00
Eelco Dolstra 715943a6fb ld-wrapper: Put back the --sysroot filter
We still need this because some clang-based packages depend on
it. (The sysroot filtering was originally done by clang-wrapper's
ld-wrapper, but we merged the ld-wrappers in
a4f9b9c8b5ec9ef106671ffdf93e0059835d0ec1.)

http://hydra.nixos.org/build/13906922
2014-09-02 13:18:03 +02:00
Peter Simons 1c0d15b90e Merge branch 'origin/master' into staging.
Conflicts:
	pkgs/development/libraries/ffmpeg/2.x.nix
	pkgs/development/libraries/serf/default.nix
2014-09-02 12:31:03 +02:00
Michael Raskin 5addaeb74f More support for SF.net in auto-updater 2014-09-02 14:25:16 +04:00
Michael Raskin 9deb7f8aae Create wrapper directory outside of /bin/ for FHS chroots to be closer to FHS 2014-09-02 01:45:15 +04:00
tv@shackspace.de a6dd9bd0cb python-wrapper: fix wrapped argv[0] w/o sed, maybe 2014-09-02 01:31:49 +04:00
Mateusz Kowalczyk d54b62ca60 Add a builder for Agda packages. 2014-09-01 01:05:48 +01:00
Ryan Trinkle 68648f5581 Merge branch 'ghcjs-old' into HEAD
Conflicts:
	pkgs/development/tools/haskell/ghcjs/default.nix
2014-08-30 16:30:58 -04:00
Vladimír Čunát e51f73652d Merge recent master into staging
Hydra: ?compare=1149952

Conflicts:
	nixos/doc/manual/configuration.xml (changed split file)
	nixos/modules/config/users-groups.nix (choosing filterNull instead of inline definition)
	pkgs/development/libraries/readline/readline6.3.nix (auto-solved)
2014-08-30 10:04:02 +02:00
Ryan Trinkle fa211963ed Another try at fixing the install_name_tool issue. 2014-08-27 13:23:10 -04:00
Ryan Trinkle bc92dcd08c Prevent install_name_tool from causing a failure when it encounters a non-Mach-O file (e.g.: a bash script). 2014-08-27 13:15:33 -04:00
aszlig 5e7a1cf955
build-support: Fix nix-prefetch-* on OS X.
Fixes a regression on OS X introduced by f83af95.

Don't use --tmpdir for mktemp, because that flag doesn't exist on OS X.
However, using -t is deprecated in GNU coreutils, so as suggested by
@ip1981 we're now using parameter expansion on ${TMPDIR:-/tmp} to
provide /tmp as a fallback if TMPDIR is not set and use it instead.

Also use this approach for nix-prefetch-cvs now in order to stay
consistent.

Reported-by: Vladimir Kirillov <proger@wilab.org.ua>
Tested-by: Igor Pashev <pashev.igor@gmail.com>
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-08-27 11:22:34 +02:00
Ryan Trinkle 4394858433 Integrate ghcjs
Use nixpkgs.haskellPackages_ghcjs to build packages with ghcjs.
2014-08-26 13:35:29 -04:00
Ryan Trinkle 1c9166f649 Factor out ghcjs's libdir better. 2014-08-25 18:46:52 -04:00
aszlig f83af95f8a
build-support: Use mktemp -d in nix-prefetch-*.
Instead of relying on $$ to not collide with an existing path.

Quoting the Bash manual about $$:

> Expands to the process ID of the shell. In a () subshell, it expands
> to the process ID of the current shell, not the subshell.

So, this is different from $BASHPID:

> Expands to the process ID of the current bash process. This differs
> from $$ under certain circumstances, such as subshells that do not
> require bash to be re-initialized.

But even $BASHPID is prone to race conditions if the process IDs wrap
around, so to be on the safe side, we're using mktemp here.

Closes #3784.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-08-25 15:28:55 +02:00
Ryan Trinkle a5e6027ece Get rid of debugging output. 2014-08-24 16:27:44 -04:00
Ryan Trinkle 6142b27760 ghcjs working. 2014-08-23 15:00:13 -04:00
Michael Raskin 8ba5e6fa24 Merge pull request #3650 from bennofs/prefetch-git-human-readable
prefetch-git: output human-readable rev to stderr
2014-08-23 13:05:55 +04:00
Ryan Trinkle df0e96175c ghcjs is mostly working. 2014-08-21 14:56:04 -04:00
Vladimír Čunát d4e9fd2a90 Merge recent master into staging
Hydra: ?compare=1148749

Conflicts (easy):
	nixos/modules/virtualisation/containers.nix
2014-08-21 15:09:31 +02:00
Eelco Dolstra a0c60b76ec gcc: Revive the no-sys-dirs patch
For now, we don't NATIVE_SYSTEM_HEADER_DIR because it breaks the
build. However, it points to Glibc in the Nix store (not /usr/include)
so it's kind of okay.
2014-08-18 17:20:37 +02:00
Benno Fünfstück ce3e86702f prefetch-git: output human-readable rev to stderr
that way, the stdout stays compatible with nix-prefetch-{bzr,svn,hg}
2014-08-17 23:00:03 +02:00
Peter Simons 817c0e4144 cabal: enable multi-threaded builds with GHC 7.8.x or later
https://github.com/NixOS/nixpkgs/issues/3220
2014-08-17 00:20:12 +02:00
Peter Simons 462e067f45 cabal: cosmetic 2014-08-17 00:20:12 +02:00
Peter Simons a9fad50181 cabal: minor code re-factoring of shleavy's patch that allows building packages without a Setup.hs file
https://github.com/NixOS/nixpkgs/pull/3585
2014-08-17 00:20:12 +02:00
Shea Levy dc285e6895 cabal.mkDerivation: Use defaultMain if no Setup.{l,}hs exists.
This mirrors the default behaviour of cabal-install for the Simple build type
2014-08-16 00:13:14 -05:00
Patrick Mahoney d314461278 Add http mirror for postgresql. 2014-08-14 19:17:26 +02:00
Daniel Peebles a570251187 Make ant-build canonicalize the jars it produces so that we produce byte-for-byte identical jars (they normally contain timestamps and nondeterministic ordering of metadata lines) 2014-08-14 01:20:44 -04:00
Georges Dubus ca0b0a68e8 Fixed deterministicness of fetchgit with leaveDotGit
The shebang of .git/hooks depended the git's bash, which made the result
depend of that bash's path.
2014-08-10 16:25:29 +02:00
Eelco Dolstra 05e81e0d9f debian: Update to 6.0.10 2014-08-10 15:17:00 +02:00
Eelco Dolstra a8fc68a5c0 Move share/{man,info,doc} to the corresponding output 2014-08-09 12:47:05 +02:00
Eelco Dolstra 9e31c66d1b stdenv: Put moving docs to $out/share in a separate setup hook 2014-08-09 12:47:05 +02:00
Eelco Dolstra e3f7dbbac8 Cleanup: Use += to append to envHooks 2014-08-09 12:47:05 +02:00
Eelco Dolstra 2def8e7499 Remove addHook
Just use bash arrays directly. I.e.

  addHook preConfigure myPreConfigure

is now

  preConfigureHooks+=(myPreConfigure)
2014-08-09 12:45:53 +02:00
Eelco Dolstra 15103e5e5f stdenv: Remove the special handling of gcc
Now gcc is just another build input, making it possible in the future
to have a stdenv that doesn't depend on a C compiler. This is very
useful on NixOS, since it would allow trivial builders like
writeTextFile to work without pulling in the C compiler.
2014-08-09 12:44:50 +02:00
Eelco Dolstra 1a44dbbbb9 unpackFile: Always copy directories
If $src refers to a directory, then always copy it. Previously, we
checked the extension first, so if the directory had an extension like
.tar, unpackPhase would fail.
2014-08-09 12:44:49 +02:00
Eelco Dolstra 5e82aab5d4 Drop redundant space 2014-08-09 12:44:49 +02:00
Eelco Dolstra daa66b8b1c Factor out fixup phase stuff into separate setup hooks 2014-08-09 12:44:49 +02:00
Georges Dubus f4fbcddd44 fetchgit: make deterministic with leaveDotGit (close #3392)
There was a few files containing timestamp, so we now remove them.

It shouldn't be a problem for logs. However, index might be. Anyway,
that's better than nothing.
2014-08-08 21:51:29 +02:00
Vladimír Čunát 52d9c93abe Merge 'staging' into master 2014-08-08 20:13:23 +02:00
Eelco Dolstra 940eb8bfc1 debBuild: Allow setting the package name and overriding the install command 2014-08-08 14:15:43 +02:00
Peter Simons b76a7504bb cabal: cosmetic fix to syntax highlighting in Emacs 2014-08-04 12:39:11 +02:00
Eelco Dolstra 7f410ef923 Merge remote-tracking branch 'origin/master' into staging
Conflicts:
	pkgs/misc/vim-plugins/default.nix
2014-07-22 11:00:00 +02:00
Michael Raskin c38a11316d Filter out broken-completely links 2014-07-18 17:42:00 +04:00
Shea Levy b969e9340b Separate fetchgitPrivate into a separate file 2014-07-16 18:05:56 -04:00
Eelco Dolstra ff97b7dbe6 Merge remote-tracking branch 'origin/master' into staging 2014-07-14 17:04:55 +02:00
Shea Levy b57bc220cc Merge branch 'master' of git://github.com/ip1981/nixpkgs
Added quilt-0.63
2014-07-14 10:26:39 -04:00
Igor Pashev 26f47ba388 Fixed main Savannah mirror directory 2014-07-14 15:39:08 +02:00
Eelco Dolstra 1245ca3ff7 debian: Update to 7.6 2014-07-14 14:35:09 +02:00
Peter Simons 5c677f7117 cabal: cosmetic 2014-07-12 15:13:58 +02:00
Florian Friesdorf 84030ee1f0 buildEnv to support passthru 2014-07-10 16:41:02 +02:00
Justin Bedo 0a12a50b11 Removed CRAN mirror that was incorrectly handling 404 errors, causing
builder to abort.
2014-07-08 11:00:41 +10:00
Eelco Dolstra 95b828de42 Merge remote-tracking branch 'origin/master' into staging 2014-07-07 13:16:26 +02:00
Shea Levy 90bfde59f8 Simplify php-packages.nix 2014-07-03 11:01:19 -04:00
Shea Levy 2fe4eb3df9 Make php packages available in nix-env 2014-07-03 10:19:57 -04:00
Eelco Dolstra a4f9b9c8b5 Partially merge gcc-wrapper and clang-wrapper
Having a separate clang-wrapper is really unfortunate because it
means that we'll forever forget to apply changes to both (e.g.
commit 289895fe2c). This commit
gets rid of the redundant copies of ld-wrapper.sh and utils.sh.
2014-07-02 20:10:40 +02:00
Eelco Dolstra 289895fe2c Fix SNAFU using $NIX_LDFLAGS_AFTER 2014-07-02 14:55:44 +02:00
Eelco Dolstra 0d8014f6fc Darwin: Search for libraries in $sdk/usr/lib
This required adding a new environment variable NIX_LDFLAGS_AFTER
that ensures that the -L.../usr/lib flag happens last.
2014-07-01 15:56:09 +02:00
Eelco Dolstra 06fc1ec34d Merge remote-tracking branch 'origin/master' into staging
Conflicts:
	pkgs/servers/serfdom/default.nix
2014-07-01 11:25:41 +02:00
Michael Raskin 8ed1aeb712 Fix default tarball mask 2014-07-01 12:08:07 +04:00
Michael Raskin 0fcee20522 Allow pure-meta updates to specify tarball regexp 2014-07-01 11:54:09 +04:00
Michael Raskin 2e12709a26 Allow update-walker to run directly from meta attributes 2014-07-01 11:54:09 +04:00
Eelco Dolstra 7fe89be146 gcc: Fix purity
Somewhere the no-sys-dirs.patch got disabled, so gcc was looking in
/usr/local/include and /usr/lib. Since I can't fix the patch easily,
I've borrowed the --sysroot trick from clang-wrapper. This causes
builtin paths to be prefixed with /var/empty
(e.g. /var/empty/usr/lib), which don't exist.
2014-06-30 16:43:02 +02:00
Eelco Dolstra 40f7b0f9df Another attempt to eradicate ensureDir
See c556a6ea46.
2014-06-30 14:56:10 +02:00
Michael Raskin d41a7bd9e2 Merge pull request #2871 from auntieNeo/kochi-substitute
Added Kochi substitute Japanese font package
2014-06-30 10:14:14 +04:00
Alexander Kjeldaas 81172a77e6 Document paths-from-graph.pl somewhat. 2014-06-28 20:44:22 -05:00
Austin Seipp 4f933af158 Merge pull request #3116 from bennofs/cabal-hackage-mirror
cabal-builder: Use hackage mirror
2014-06-28 20:35:12 -05:00
Benno Fünfstück e10001042d fetchbzr, fetchdarcs, fetchhg: use rev attr
This makes it match the behaviour of fetchgit and fetchsvn, so it's
easier to write scripts that support all of them.
2014-06-28 21:06:10 +02:00
Benno Fünfstück c052d7297b cabal-builder: Use hackage mirror
It's now possible to use the mirror system for the cabal builder.
2014-06-28 20:01:40 +02:00
Michael Raskin 1b0b0c4257 Allow selection of named SF dirs 2014-06-27 16:33:45 +04:00
John Wiegley f41b446e49 Merge pull request #3073 from tailhook/git-describe-in-prefetch
Print output of `git describe` in `nix-prefetch-git`
2014-06-24 15:18:48 -07:00
John Wiegley 29a6f1cc78 Merge pull request #3037 from cstrahan/extra-fetchers
add nix-prefetch-zip
2014-06-24 15:17:49 -07:00
Paul Colomiets c1e24abfef Print output of git describe in nix-prefetch-git
I hope it will help make git-packages' versions much nicer

It's usually only useful in --deepClone is also specified.
2014-06-25 01:12:10 +03:00
Charles Strahan 9bd8dffd77 require gnused for all prefetch scripts 2014-06-23 01:25:40 -04:00
Austin Seipp 0399c5ee24 grsecurity: update stable/testing kernels, refactoring
This updates the new stable kernel to 3.14, and the new testing kernel
to 3.15.

This also removes the vserver kernel, since it's probably not nearly as
used.

Signed-off-by: Austin Seipp <aseipp@pobox.com>
2014-06-22 22:29:10 -05:00
Benno Fünfstück 7ac13c40ab Add hackage mirror to mirrors.nix 2014-06-21 20:15:45 +02:00
Michael Raskin 258040a939 Add a function to overwrite just the version and sha256 by grepping them 2014-06-13 13:37:12 +04:00
Michael Raskin c5f019e9a0 Merge pull request #2063 from redbaron/libmsgpack
Proper separation between build and runtime outputs
2014-06-12 13:05:40 +04:00
Benno Fünfstück 063efadd69 nix-prefetch-{bzr,hg,svn}: print fetched revision 2014-06-11 14:42:39 +02:00
Benno Fünfstück be25ce8f58 nix-prefetch-git: fix printing of revision
If the user explictly gives a ref such as "refs/heads/master", `git
rev-parse` failed because we only checked out the `fetchgit`
branch. Now, we also try `git rev-parse fetchgit` if the first call
fails, which fixes the issue.
2014-06-11 14:09:58 +02:00
Benno Fünfstück c6bd4d2973 nix-prefetch-scripts: new expression 2014-06-10 19:26:20 +02:00
Michael Raskin c2fb8b1364 Addnig a package to copy nix-prefetch-* to bin/. Hopefully fixes #1130 2014-06-09 01:11:03 +04:00
Jonathan Glines 0672cfcc5f Added mirrors for sourceforge.jp. 2014-06-08 11:47:37 -06:00
Peter Simons 7d1c124647 Merge pull request #2767 from jwiegley/hscolour
Build Haddocks with source hyperlinks unless doHscolour is false
2014-06-03 10:50:04 +02:00
John Wiegley 0df8ca2b52 Merge pull request #2743 from jwiegley/rpath
Correctly patch the rpath for GHC-built executables on Darwin
2014-05-31 17:01:42 -05:00
John Wiegley 176797576c Build Haddocks with source hyperlinks unless doHscolour is false 2014-05-29 20:00:04 -05:00
Rob Vermaas a089dbfe8a Fix regression in fetchhg. 2014-05-29 09:06:13 +02:00
Rob Vermaas ea23ea00e4 Make fetchhg do the same as nix-prefetch-hg, use hg archive. Fixes #2781. 2014-05-28 10:40:21 +02:00
Eelco Dolstra a0072b4d2d hipchat: Fix access to /usr/share/X11/xkb
HipChat (or rather its copy of Qt) expects to find keyboard data in
/usr/share/X11/xkb. So use a LD_PRELOAD library to intercept and
rewrite the Glibc calls that access those paths. We've been doing the
same thing with packages like Spotify, but now this functionality has
been abstracted into a reusable library, libredirect.so. It uses an
environment variable $NIX_REDIRECTS containing a colon-separated list
of path prefixes to be rewritten, e.g. "/foo=bar:/xyzzy=/fnord".
2014-05-27 01:06:54 +02:00
Maxim Ivanov e7d5e1cdbc Don't hardcode shell, use $SHELL instead 2014-05-26 14:48:39 +01:00
John Wiegley b09a788e13 Correct patch the rpath for GHC-built executables on Darwin
@peti This addresses #2488.
2014-05-25 03:29:24 -05:00
Aristid Breitkreuz eb928c5d46 fhs-chrootenv: use -l to umount for the rbind mount 2014-05-22 22:18:30 +02:00
Aristid Breitkreuz ecee297a18 fhs-chrootenv (steam): support directly using users other than root, fix sound support, fix /run/user 2014-05-22 22:01:00 +02:00
Eelco Dolstra 139608dd34 Update Ubuntu Packages.bz2 hashes 2014-05-20 13:39:06 +02:00
Austin Seipp 06de946355 Merge pull request #2668 from sol/print-git-revision
nix-prefetch-git: Print git revision
2014-05-18 07:47:27 -05:00
Austin Seipp 85b5dc3949 grsec: Fix vserver/stable packaging
Signed-off-by: Austin Seipp <aseipp@pobox.com>
2014-05-17 16:37:22 -05:00
Austin Seipp 4f27ad14a1 grsec: refactor grsecurity packages
This now provides a handful of different grsecurity kernels for slightly
different 'flavors' of packages. This doesn't change the grsecurity
module to use them just yet, however.

Signed-off-by: Austin Seipp <aseipp@pobox.com>
2014-05-17 14:09:43 -05:00
Vladimír Čunát 137eae0b55 Merge #2630: add and use fetchpatch
fetchpatch is fetchurl that determinizes the patch.
Some parts of generated patches change from time to time, e.g. see #1983 and
http://comments.gmane.org/gmane.linux.distributions.nixos/12815
Using fetchpatch should prevent the hash from changing.

Conflicts (auto-solved):
	pkgs/development/libraries/haskell/gitit/default.nix
2014-05-17 07:31:03 +02:00
Simon Hengel 26fb26e331 nix-prefetch-git: Print git revision 2014-05-16 15:22:28 +08:00
Chris Double a6ddfbceac Add -p to mkdir in build-fhs-chrootenv to prevent error if directory exists 2014-05-15 18:38:45 +12:00
Peter Simons fd0f9e6fc1 Re-write the Haskell Platform out of haskell-defaults.nix.
1) Packages formerly called haskell-haskell-platform-ghcXYZ-VVVV.X.Y.Z are
    now called haskell-platform-VVVV.X.Y.Z. The latest version can be
    installed by running "nix-env -i haskell-platform".

 2) The attributes haskellPackages_ghcXYZ.haskellPlatform no longer exist.
    Instead, we have attributes like haskellPlatformPackages."2012_4_0_0".
    (The last numeric bit must be quoted when used in a Nix file, but not on
    the command line to nix-env, nix-build, etc.) The latest Platform has a
    top-level alias called simply haskellPlatform.

 3) The haskellPackages_ghcXYZ package sets offer the latest version of every
    library that GHC x.y.z can compile. For example, if 2.7 is the latest
    version of QuickCheck and if GHC 7.0.4 can compile that version, then
    haskellPackages_ghc704.QuickCheck refers to version 2.7.

 4) All intermediate GHC releases were dropped from all-packages.nix to
    simplify our configuration. What remains is a haskellPackages_ghcXYZ set
    for the latest version of every major release branch, i.e. GHC 6.10.4,
    6.12.3, 7.0.4, 7.2.2, 7.4.2, 7.6.3, 7.8.2, and 7.9.x (HEAD snapshot).

 5) The ghcXYZPrefs functions in haskell-defaults.nix now inherit overrides
    from newer to older compilers, i.e. an override configured for GHC 7.0.4
    will automatically apply to GHC 6.12.3 and 6.10.4, too. This change has
    reduced the redundancy in those configuration functions. The downside is
    that overriding an attribute for only one particular GHC version has become
    more difficult. In practice, this case doesn't occur much, though.

 6) The 'cabal' builder has a brand-new argument called 'extension'. That
    function is "self : super : {}" by default and users can override it to
    mess with the attribute set passed to cabal.mkDerivation. An example use
    would be the definition of darcs in all-packages.nix:

    | darcs = haskellPackages.darcs.override {
    |   cabal = haskellPackages.cabal.override {
    |     extension = self : super : {
    |       isLibrary = false;
    |       configureFlags = "-f-library " + super.configureFlags or "";
    |     };
    |   };
    | };

    In this case, extension disables building the library part of the package
    to give us an executable-only version that has no dependencies on GHC or
    any other Haskell packages.

    The 'self' argument refers to the final version of the attribute set and
    'super' refers to the original attribute set.

Note that ...

 - Haskell Platform packages always provide the Haddock binary that came with
   the compiler.

 - Haskell Platform 2009.2.0.2 is broken because of build failures in cgi and
   cabal-install.

 - Haskell Platform 2010.1.0.0 is broken becasue of build failures in cgi.
2014-05-14 14:59:52 +02:00
Austin Seipp dde404325b Merge pull request #2552 from CodeBlock/font-find
Use `find` instead of cp for installFonts.
2014-05-13 19:46:44 -05:00
Linquize f40db99c7b fetchurl: Fix typo in comment (close #2591) 2014-05-13 11:23:50 +02:00
Eelco Dolstra ea36f3b868 fetchFromGitHub: Use .tar.gz instead of .zip
Also clean up the name attribute of fetchzip derivations a bit.
2014-05-09 15:53:44 +02:00
Eelco Dolstra c8df888858 Add a function "fetchzip"
This function downloads and unpacks a file in one fixed-output
derivation. This is primarily useful for dynamically generated zip
files, such as GitHub's /archive URLs, where the unpacked content of
the zip file doesn't change, but the zip file itself may (e.g. due to
minor changes in the compression algorithm, or changes in timestamps).

Fetchzip is implemented by extending fetchurl with a "postFetch" hook
that is executed after the file has been downloaded. This hook can
thus perform arbitrary checks or transformations on the downloaded
file.
2014-05-08 15:30:17 +02:00
Peter Simons fc51c1d163 cabal: enable the split-objects feature again for current versions of GHC 2014-05-07 19:13:06 +02:00
Rob Vermaas 7cd55c7744 USe maven.test.skip in stead of maven.test.skip.exec in mvn assembly, to prevent unnecessary compilation. 2014-05-07 16:37:38 +02:00
Ricky Elrod 8263996d3a Use find instead of cp for installFonts.
This allows fonts to be installed from anywhere in an unzipped file
rather than having to cd deep into the directory and come back out in
order for e.g. `forceCopy` to work correctly.
2014-05-07 03:52:21 -04:00
aszlig 97dc8a88e5
vm/windows: Wait for migration to finish.
This ensures that the intermediate machine is shut down only after the
migration has finished writing the memory dump to disk, to ensure we
don't end up with empty state files depending on how fast the migration
finished before we actually shut down the VM.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-05-07 07:21:10 +02:00
aszlig bd78e674c5
vm/windows: Exit if VM has dropped out.
This ensures that the builder isn't waiting forever if the Windows VM
drops dead while we're waiting for the controller VM to signal that a
particular command has been executed on the Windows VM. It won't ever
happen in such cases so it doesn't make sense to wait for the timeout.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-05-07 07:21:10 +02:00
Maxim Ivanov e2e77950f3 Scatter output hook
This hook allows to scatter files in $out to multiple outputs.
For "bin" and "doc" outputs there are prefefined default masks, but
they can be overriden by setting files_<outname>, for example:

files_bin = [ "/bin/*" "/lib/libexec/" ];

To make an effect hook must be specified in buildInputs.
2014-05-06 22:47:45 +01:00
Ricky Elrod 4c8aa8f333 Add a bunch of Fedora mirrors and remove an old one 2014-05-06 01:58:43 -04:00
Eelco Dolstra 0ff68e81b9 debian: Update to 7.5
[Note from Austin: I think @edolstra forgot to merge this to master.]

(cherry picked from commit 02b056c5b1 on
release-14.04)
2014-05-03 10:55:26 -05:00
Austin Seipp 2be1b4c034 build-support/vm: add Ubuntu 14.04 Trusty Tahir
Signed-off-by: Austin Seipp <aseipp@pobox.com>
2014-05-03 10:51:32 -05:00
Austin Seipp 76b05b1630 releaseTools: add {clang,coverity}Analysis tools
These two expressions greatly simplify using the clang-analyzer or
Coverity static analyzer on your C/C++ projects. In fact, they are
identical to nixBuild in every way out of the box, and should 'Just
Work' providing your code can be compiled with Clang already.

The trick is that when running 'make', we actually just alias it to the
appropriate scan build tool, and add a post-build hook that will bundle
up the results appropriately and unalias it.

For Clang, we put the results in $out/analysis and add an 'analysis'
report to $out/nix-support/hydra-build-products pointing to the result
HTML - this means that if the analyzer finds any bugs, the HTML results
will automatically show up Hydra for easy viewing.

For Coverity, it's slightly different. Instead we run the build tool and
after we're done, we tar up the results in a format that Coverity Scan's
service understands. We put the tarball in $out/tarballs under the name
'foo-cov-int.xz' and add an entry for the file to hydra-build-products
as well for easy viewing.

Of course for Coverity you must then upload the build. A Hydra plugin to
do this is on the way, and it will automatically pick up the
cov-int.tar.xz for uploading.

Note that coverityAnalysis requires allowUnfree = true;, as well as the
cov-build tools, which you can download from https://scan.coverity.com -
they're not linked to your account or anything, it's just an annoying
registration wall.

Note this is a first draft. In particular, scan-build fixes the C/C++
compiler to be Clang, and it's perfectly reasonable to want to use Clang
for the analyzer but have scan-build invoke GCC instead.

Signed-off-by: Austin Seipp <aseipp@pobox.com>
2014-05-02 14:07:37 -05:00
Peter Simons 5849a91e8d pkgs/build-support/cabal: revert "the release version of GHC 7.8.x no longer requires"
This reverts commit a2a398fbda. The
issue *does* still exist in GHC 7.8.2. Compiled binaries have no -rpath
into their own install directory ("$out") and thus cannot find their own
shared libraries. To work around this issue, we pass an explicit -rpath
argument at configure time. We do that only on Linux, though, because
-rpath is known to cause trouble on Darwin, which was the reason I
originally reverted that patch.
2014-05-01 23:14:55 +02:00
Rob Vermaas eaedf303a0 Add RHEL7 to vm functions. 2014-05-01 15:13:35 +02:00
Eelco Dolstra 1bae93cb82 debian: Update to 6.0.9 2014-04-25 10:43:26 +02:00
aszlig 625d7b9043
Merge pull request #1928 from 'cross-win-osx'.
This includes a lot of fixes for cross-building to Windows and Mac OS X
and could possibly fix things even for non-cross-builds, like for
example OpenSSL on Windows.

The main reason for merging this in 14.04 already is that we already
have runInWindowsVM in master and it doesn't work until we actually
cross-build Cygwin's setup binary as the upstream version is a fast
moving target which gets _overwritten_ on every new release.

Conflicts:
	pkgs/top-level/all-packages.nix
2014-04-21 10:00:35 +02:00
Sander van der Burg 104c841c85 Move su to the base packages of chrootenv builder 2014-04-18 13:30:24 +02:00
Peter Simons a2a398fbda pkgs/build-support/cabal: the release version of GHC 7.8.x no longer requires
the -rpath hack added in 63c60638fc and
edaa56041c to produce dynamically linked
executables
2014-04-18 01:23:45 +02:00
Mathijs Kwik b21853f255 Fix initrd breaking by recent repeatable-builds changes
See the comments at f67015cae4
for more information.

Please note: this makes initrd unrepeatable again, but most people will prefer that above an unbootable system.
2014-04-12 00:06:30 +02:00
Shea Levy 9949d0255e Merge branch 'make-the-kernel-build-repeatable' of git://github.com/alexanderkjeldaas/nixpkgs
Make the kernel build and initrd generation binary repeatable (#2128)
2014-04-06 17:02:16 -04:00
Alexander Kjeldaas f67015cae4 Make initrd and the kernel builds repeatable. 2014-04-05 08:41:06 +02:00
Vladimír Čunát 1ed628acb2 gcc-wrapper: don't fail when cpp doesn't exist
This is fixup for 1d3917bb #1820. Gnatboot doesn't have cpp.
2014-04-02 19:07:58 +02:00
Vladimír Čunát de11c288c1 gcc-wrapper: preferLocalBuild, as it does little work
This is re-revert of e31523a369.
2014-04-02 19:05:57 +02:00
Bjørn Forsman 25f0b7cb50 gcc-{,cross-}wrapper: add 'cpp' wrapper (close #1820)
The gcc-wrapper doesn't wrap 'cpp'. This breaks some software (such as
Buildroot) because the 'cpp' they get come from the non-wrapped gcc
package which doesn't know about any standard include paths.

gcc-cross-wrapper is untested.
2014-04-02 19:05:57 +02:00
Peter Simons 903df21f65 Merge pull request #2010 from ambrop72/fetchgit-no-submodules
fetchgit: Implement option to not check out submodules.
2014-03-26 11:11:25 +01:00
ambrop7@gmail.com 3a765a7309 fetchgit: Implement option to not check out submodules. 2014-03-25 20:03:55 +01:00
Shea Levy d4c711ee1d Add memcache php module 2014-03-24 08:37:36 -04:00
Shea Levy e07b58fee3 Merge branch 'pkgs/build-support/writeTextDir' of git://github.com/offlinehacker/nixpkgs
build-support: Add writeTextDir
2014-03-23 20:50:14 -04:00
Jaka Hudoklin 7c2d00aefd build-support: Add writeTextDir
This `writeTextFile` based helper function is especially usefull for writing a
bunch of configuration files to root of the output folder
2014-03-23 10:05:38 +00:00
Eelco Dolstra f73ff0529e runInLinuxVM: Set the clock properly 2014-03-18 15:02:09 +01:00
Shea Levy a330e244ad Revert "Merge branch 'nix-run' of git://github.com/rickynils/nixpkgs"
nix-run's functionality is subsumed by nix-shell -p.

This reverts commit 3cc2b243c7, reversing
changes made to 4d5d6aed29.
2014-03-15 08:15:22 -04:00
Shea Levy 3cc2b243c7 Merge branch 'nix-run' of git://github.com/rickynils/nixpkgs
Add nix-run and myEnvRun
2014-03-14 18:52:50 -04:00
aszlig b25ac9ea55
gcc-cross-wrapper: Revert adding LD program name.
This reverts commit c5ab2bfd25.

As mentioned in the previous commit, this is now no longer needed.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-03-12 10:58:55 +01:00
aszlig c7bac81c66
Merge 'mingw-w64' and 'darwin' into cross-win-osx.
Both branches have quite a lot in common, so it's time for a merge and
do the cleanups with respect to both implementations and also generalize
both implementations as much as possible.

This also closes #1876.

Conflicts:
	pkgs/development/interpreters/lua-5/5.2.nix
	pkgs/development/libraries/SDL/default.nix
	pkgs/development/libraries/glew/default.nix
	pkgs/top-level/all-packages.nix
2014-03-12 10:16:51 +01:00
aszlig 2d17335f68
gcc-cross-wrapper: Allow to pass US X min version.
This allows to pass a new attribute osxMinVersion to crossSystem, which
specifies the minimum Mac OS X version you want to be compatible to.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-03-12 10:00:47 +01:00
Vladimír Čunát 9d4a3f83e8 Merge pull request #1869 from lovek323/texlive-full
texLiveFull: fix build on Darwin
2014-03-08 08:12:04 +01:00
aszlig bd2d120c08
vm/windows: Allow to specify a different arch.
So far, we determined this based on stdenv.is64bit, but there are cases
where you want to run/build a 32bit program on a 64 bit Windows.

This is now possible, by passing windowsImage.arch = "i686" | "x86_64"
to runInWindowsVM. Based an what was passed, the corresponding Cygwin
packages and setup.exe are bootstrapped.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-03-04 09:22:18 +01:00
aszlig e86ffa08b7
vm/windows: Update SHAs for Cygwin setup.ini.
Another very annoying part. Unfortunately, the only option we might have
here is to include it in nixpkgs or maybe make a fixed Hash on the
result of the closure fetcher.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-03-03 23:37:41 +01:00
aszlig 5bd52771ba
vm/windows: Replace binary with cross cygwinSetup.
As the official Cygwin setup binary download doesn't come in snapshots
or even versioned, the fetchurl of setup.exe will frequently fail, which
in turn will annoy us as hell (or at least me).

One warning though: The fetchurl is currently broken and the cross-build
might not work yet for example on mingw32 (mingw-w64 branch on its way),
but the upstream URL has already changed and the new version contains a
bug (not yet tracked down) which breaks our Windows bootstrap process.

So to conclude: If it's already broken, make it at least "less broken".

"Not broken" is coming soon with the merge of the mingw-w64 branch.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-03-03 23:21:34 +01:00
aszlig 40635ed343
vm/windows: Remove stray "import <nixpkgs>".
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-03-03 22:45:14 +01:00
aszlig ca8cdcda06
vm/windows: Fix typo in runInWindowsVM.
Coincidentally, even with this typo, most tests work anyway, so I didn't
notice it in the first place.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-03-03 22:42:10 +01:00
Eelco Dolstra 497997cc38 Move generation of coverage reports from nixos/lib/testing to releaseTools
Also, turn some stdenv adapters into setup hooks.
2014-03-03 13:57:08 +01:00
Jason "Don" O'Conal a577082e5e re-enable au debian mirror 2014-03-03 21:57:38 +11:00
aszlig c5ab2bfd25
gcc-cross-wrapper: Explicitly add LD program name.
This is because autoconf is passing -print-prog-name=ld to the
cross-gcc, which in turn assumes a FHS compliant filesystem hierarchy
and searches ../../../../$crossConfig/bin/ld for the correct ld.

Of course, this won't work on Nix, hence we're explicitly passing the
correct LD program name.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-02-27 18:28:32 +01:00
aszlig 88ea17284e
vmTools: Hook in runInWindowsVM function.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-02-26 06:21:48 +01:00
aszlig 895a683d39
vm/windows: Add setup.ini for 32bit architecture.
Also update 64bit setup.ini and check whether we have a 64 bit stdenv in
order to choose the proper Cygwin version. Otherwise we now have the
setup.ini for 32bit available as well.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-02-26 06:20:24 +01:00
aszlig 623f1940c0
vm/windows: Make list of dependencies explicit.
So far, the VMs have always been using the native architecture, because
it was reimporting <nixpkgs> several times. Now, we propagate a list of
packages down to all sub-imports, which not only makes clearer which
dependencies a part actually has, but also will make it easier in case
we want to refactor those parts to use callPackage.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-02-26 05:43:34 +01:00
aszlig d8e66722a3
vm/windows: Factor out bootstrapping process.
This now isolates the vmTools integration from the bootstrap process and
thus removes our fixed Windows ISO and product key. The latter can now
be provided by an attribute "windowsImage" to runInWindowsVM.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-02-26 04:52:01 +01:00
aszlig e40f41e505
vm/windows: Collect exit code from xchg.
This is the last item that was missing to get a fully working
runInWindowsVM function. Apart from checking exit codes, we also now
have preVM/postVM hooks which we can use to write arbitrary constructs
around this architecture, without the need to worry about specific
details.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-02-26 04:52:00 +01:00
aszlig b01c9624cf
vm/windows: Add new runInWindowsVM function.
This function is quite similar to runInLinuxVM, but also ensures that
the builder is run decoupled of the Nix store and using the userland
inside the VM.

We're now picking up the environment variables saved in the previous
commit.

The reason we suppress all errors from the source operation is that it
would emit a ton of errors because we're trying to set read-only
variables.

Also, detecting whether the origBuilder is using the default builder
from the stdenv is currently a bit of a workaround until we have a
specialized pseudo-cross-stdenv someday in the future[TM].

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-02-26 04:52:00 +01:00
aszlig dd8b0fcf52
vm/windows: Save envirenoment before running VM.
Later, when we start the actual builder, we're going to restore those
environment variables. We're using "(set; declare -p)", here, because
the former is just printing _all_ environment variables, even those not
supported, and the latter only lists specifically declared variables,
which also encludes exports.

The "declare -p" command also emits those variables in a format similar
to the "export" command.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-02-26 04:52:00 +01:00
aszlig 707b7ad1bd
vm/windows: Generate mounts from an attribute set.
This is mainly to make it easier to quickly change mappings, without
making room for errors such as typos.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-02-26 04:51:59 +01:00
aszlig 5258bbe4c9
vm/windows: Create fstab entries in suspended VM.
Cygwin initializes mounts on _every_ login via SSH and doesn't keep them
consistently like on Unix systems, that's why we need to also add fstab
entries for the bind mounts to the store and xchg shares.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-02-26 04:51:59 +01:00
aszlig d16dae8d32
vm/windows: Use &&, not set -e in runAndSuspend.
We now have proper quoting, so we no longer need the workaround using
"set -e".

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-02-26 04:51:59 +01:00
aszlig 084238c6ec
vm/windows: Fix perms of the Samba shares.
We now map all guest accounts to the root user, because in the end the
permissions of the current user boil down to the build user of the Nix
builder of the host. That way it's not possible to gain more permissions
at all and just makes the VM communication a lot easier.

However, setting "writable" to yes instead of "read only" to no doesn't
change anything here, I just found it to be clearer.

Also, we now no longer need to have a "nobody" user.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-02-26 04:51:59 +01:00
aszlig 5241bb1d5e
vm/windows: Avoid shadowing the Nix store.
This is done by putting the non-initrd /nix/store into a subdirectory,
which we then chroot to and pass along the SSH command.

Also, we now collect the exit code after the chroot command and power
off the VM thereafter, because the store is no longer shadowed and we
have still access to the busybox inside the initrd.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-02-26 04:51:58 +01:00
aszlig a1d7974acd
vm/windows: Remove Samba from installMode.
This should trim down possible dependencies on the base installation and
hereby reduce the need for reinstallation of the damn VM to only changes
that affect the Windows installation and the base Cygwin + OpenSSH
setup.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-02-26 04:51:58 +01:00
aszlig fedf13e6cf
vm/windows: Implement and use "xchg" share.
This now finally introduces our xchg share and also uses it for
exchanging state while suspending a VM. However, accessing the _real_
Nix store still isn't possible because we're shadowing the directory in
the initrd.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-02-26 04:51:58 +01:00
aszlig 0ce1fd07fe
vm/windows: Reintroduce setting up /nix/store.
Now we're doing this at the point where we're saving the VM state.
Unfortunately it's not quite right, because the controller VM is shut
down _before_ we're saving the state, so the share gets disconnected
despite autodisconnect being deactivated during setup.

We can get around this issue by finally introducing the xchg share,
which is the last item to be implemented before we can merge to master.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-02-26 04:51:57 +01:00
aszlig aa65a7057f
vm/windows: Properly escape shell command.
Security-wise it's not a big issue because we're still sandboxed, but I
really don't want to write something like \\\\\\\\192.168.0.2\\\\share
in order to set up network shares.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-02-26 04:51:57 +01:00
aszlig cfa859d792
vm/windows: Don't init /nix/store on install.
We're going to do this during the suspendedVM phase, so we're able to
more easily change the shares without reinstalling the whole VM.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-02-26 04:51:57 +01:00
aszlig 3e91192f07
vm/windows: Wait for VDE switch to startup.
This could possibly cause flapping whenever qemu is too fast in starting
up. As we are running with the shell's -e flag, the socat check also
ensures that the VDE switch is properly started and causes the whole
build to fail, should it not start up within 20 seconds.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-02-26 04:51:56 +01:00
aszlig c731467e2c
vm/windows: Split install into several stages.
These stages are in particular:

 * Install of the bare Windows VM with Cygwin and shut down.
 * Boot up the same VM again without the installation media and dump the
   VMs memory to state.gz.
 * Resume from state.gz and build whatever we want to build.

Every single stage involves a new "controller", which is more like an
abstraction on the Nix side that constructs the madness described in
276b72fb93.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-02-26 04:51:56 +01:00
aszlig 5105e7f0bf
vm/windows: Update sha256 of Cygwin's setup.ini.
This is kinda stupid to do every little time the file is automatically
regenerated upstream. But let's see how often that happens and whether
it will become a major annoyance or not, and if yes, we might be forced
to include it in our source tree.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-02-26 04:50:55 +01:00
aszlig 9b1862ca1f
vm/windows: Move creating SSH key into install/.
This SSH key is specifically only for accessing the installed Cygwin
within the Windows VM, so we only need to expose the private key. Yes,
you heard right, the private key. It's not security-relevant because the
machine is completely read-only, only exposed to the filesystem and
networking is not available.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-02-26 04:50:54 +01:00
aszlig 4e21215d52
vm/windows: Move the installer into install/.
At least the largest portion of the installer, because in the end we
don't want the installer to *actually* save the state but only prepare
the base image.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-02-26 04:50:54 +01:00
aszlig 276b72fb93
vm: Introduce new Windows VM installer for Cygwin.
After quite a lot of fighting against Windows and its various
limitations, this new is the base architecture for installing and
accessing the Windows VM and thus the Cygwin environment inside it:

                .------------.
          .---> | vde_switch |
          |     `-[#]----[#]-'
          |        |      |
         ,'       .'      `---.___
       ,'    192.168.0.1          `.
       |          |            192.168.0.2
      ,'    _____[#]____           |
    ,'     |            |   ______[#]______
    |      | Windows VM |  |    .--'       |
    |      |____________|  |    |          |
    |             |  /|\   |  .-|          |
    | .---------. |   |    |  | |          |
  .-|-| manager |-'   |    |  | |          |
  | | `---------'     |    |  | |          |
  | |                 |    |  | |          |
  | | .-------------. |    | Samba         |
  | | | BOOTSTRAP   | |    |  | |          |
  | | |-------------| |    |  | |   .------|
  | `-| spawn VMs   |-+--> |  | `---| xchg | <-------.
  |   |-------------|      |  | .---^------|         |
  |   | install     |---.  |  `-| nixstore | <----.  |
  |   |-------------|   |  |    `----------|      |  |
  |---| suspend VM  |   |  |               |      |  |
  |   `------.------'   |  | Controller VM |      |  |
  |          |          |  |_______________|      |  |
  |       .--'          |         /|\            VirtIO
  |       |           __|__________:____________  |  |
  |      \|/         |  |          `.           | |  |
  | .------------.   |  |           :           | |  |
  | | REAL BUILD |   |  |   .-------^--------.  | |  |
  | |------------|   |  `-> | serial console |  | |  |
  `-| revive VM  |   |      `----------------'  | |  |
    |------------|   |------------.             | |  |
    | build      |-->| /nix/store >>>-----------|-'  |
    |------------|   |------------|             |    |
    | collect    |<--| xchg       >>>-----------|----'
    `-----.------'   |------------'             |
          |          |                          |
         \|/         |    |  |  __   ___  |     |
                     |    |--| |  | (__  -|-    |
    F I N I S H E D  |    |  | |__| ___)  |     |
                     |__________________________|

This might look a bit overwhelming, but let me try to explain:

We're starting at the base derivation ("BOOTSTRAP" above), where we
actually install the Cygwin envirenment. Over there we basically fire up
a vde_switch process and two virtual machines: One is the Windows
machine, the other is a NixOS machine, which serves as some kind of
proxy between the host and the Windows machine.

The reason we're doing this, is because we don't have a lot of options
for sharing files between a stock Windows machine and the host. In
earlier experiments, I've tried to communicate with the Windows guest by
using pipes and OpenSSH, but obviously this wasn't a big speed rush (or
to say it bluntly: It was fucking slow).

Using TCP/IP directly for accessing the guest would have been another
option, but it could lead to possible errors when the port or a range of
ports are in use at the Host system. Also, we would need to punch a hole
into the sandbox of the Nix builder (as it doesn't allow networking),
which in turn will possibly undermine deterministic builds/runs (well,
at least as deterministic as it can be, we're running Windows,
remember?).

So, let's continue: The responsibility of the NixOS (controller) VM is
to just wait until an SSH port becomes available on the Windows VM,
whereas the Windows VM itself is installed using an unattended
installation file provided via a virtual floppy image.

With the installation of the basic Windows OS, we directly install
Cygwin and start up an OpenSSH service.

At this point the bootstrapping is almost finished and as soon as the
port is available, the controller VM sets up Samba shares and makes it
available as drive letters within Windows and as bind mounts (for
example /nix/store) within Cygwin.

Finally we're making a snapshot of the memory of the Windows VM in order
to revive it within a few seconds when we want to build something.

Now, the build process itself is fairly straightforward: Revive VM and
build based on existing store derivations and collect the result _and_
the exit code from the xchg share/directory.

Conclusion: This architecture may sound a bit complicated, but we're
trying to achieve deterministic and reproducable builds and/or test
runs.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-02-26 04:50:53 +01:00
aszlig 92c59d37a7
gcc-cross-wrapper: Enable dontStrip in setup hook.
At least for x86_64-w64-mingw32, it doesn't make sense to use the native
strip tool for stripping of symbols. To the contrary it results in
unusable archive files.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-02-24 07:26:23 +01:00
Eelco Dolstra 83ca2c272a fetchurl: Ensure that ‘urls’ is a list 2014-02-19 13:58:42 +01:00
Eelco Dolstra a8ded9d5d3 fetchgit: Require a content hash
Without this, the result will not be a fixed-output derivation and
won't work in general.
2014-02-18 19:13:07 +01:00
Petr Rockai 97721af469 VMs: Add Fedora 17 to the list of distros (only had 16 and 18). 2014-02-15 12:57:21 +01:00
Eelco Dolstra 8ba1fdef00 debian: Update to 7.4 2014-02-14 20:29:43 +01:00
Vladimír Čunát e31523a369 preferLocalBuild: revert a stdenv change 2014-02-10 23:33:49 +01:00
Vladimír Čunát 161d029d7d preferLocalBuild: set to true for wrappers and fetchers 2014-02-10 21:04:17 +01:00
Peter Simons 1a40e97ba6 Merge pull request #1674 from errge/haddockhoogle
Generate hoogle databases beside HTML haddock documentation for Haskell packages
2014-02-06 22:46:12 +01:00
Eelco Dolstra 77376a215e debBuild: Allow setting a maintainer address 2014-02-06 14:36:50 +01:00
Eelco Dolstra 6b613f285c Fix nixBuild 2014-02-06 12:30:26 +01:00
Eelco Dolstra a123a2675b lcov: Filter out /nix/store/* by default 2014-02-05 19:18:33 +01:00
Eelco Dolstra 80647127a3 Turn the coverage analysis stdenv adapters into setup hooks
Stdenv adapters are kinda weird and un-idiomatic (especially when they
don't actually change stdenv).  It's more idiomatic to say

  buildInputs = [ makeCoverageAnalysisReport ];
2014-02-05 19:18:33 +01:00
Eelco Dolstra 7703f04b75 Add a stdenv adapter ‘useGoldLinker’ to force use of Gold 2014-02-05 19:18:33 +01:00
Gergely Risko 2c8e492691 Generate hoogle databases beside HTML haddock documentation for Haskell packages 2014-02-04 18:11:57 +01:00
Rob Vermaas 13e13f279b Do not assume a .rev attribute in available in src in maven-build.nix 2014-01-24 15:52:31 +01:00
Eelco Dolstra 6a8485af6b clang-wrapper: Set $CXX to clang
This is useful for non-Autoconf-based packages, since GNU Make's
default for CXX is "g++".  (The CC default is "cc" so should work fine
with Clang already.)
2014-01-23 11:24:17 +01:00
Eelco Dolstra f4af2a8737 clang-wrapper: Sync with gcc-wrapper 2014-01-23 10:57:49 +01:00
Vladimír Čunát ac6761c908 Merge master into stdenv-updates
Conflicts:
	pkgs/applications/version-management/gource/default.nix
	pkgs/top-level/all-packages.nix
2014-01-20 19:39:28 +01:00
Shea Levy 55e6303d6a Add full llvm build, update libc++ and dragonegg
Some packages in the llvm suite (e.g. compiler-rt) cannot be built
separate from the build of llvm, and while some others (e.g. clang) can
the combined build is much better tested (we've had to work around
annoying issues before). So this puts llvm, clang, clang-tools-extra,
compiler-rt, lld, lldb, and polly all into one big build (llvmFull).
This build includes a static llvm, as dynamic is similarly less tested
and has known failures.

This also updates libc++ and dragonegg. libc++ now builds against
libc++abi as a separate package rather than building it during the
libc++ build.

The clang purity patch is gone. Instead, we simply set --sysroot to
/var/empty for pure builds, as all impure paths are either looked up in
the gcc prefix (which we hard-code at compile time) or in the sysroot.
This also means that if NIX_ENFORCE_PURITY is 0 then clang will look in
the normal Linux paths by default, which is the proper behavior IMO.

polly required an updated isl. When stdenv-updates is merged, perhaps we
can update the isl used by gcc and avoid having two versions.

Since llvm on its own is now separate from the llvm used by clang, I've
removed myself as maintainer from llvm and will leave maintenance of
that to those who are interested in llvm separate from clang.

Signed-off-by: Shea Levy <shea@shealevy.com>
2014-01-20 05:42:38 -05:00
Shea Levy b529a34b4a Add Fedora 20
Signed-off-by: Shea Levy <shea@shealevy.com>
2014-01-19 20:50:46 -05:00
Vladimír Čunát 0a58b512cb Merge master into stdenv-updates
Conflicts (simple):
	pkgs/development/compilers/gcc/4.8/default.nix
	pkgs/development/compilers/llvm/default.nix
	pkgs/development/libraries/gmp/5.1.1.nix
	pkgs/development/libraries/gmp/5.1.3.nix
	pkgs/development/libraries/gmp/5.1.x.nix
	pkgs/top-level/all-packages.nix
2014-01-18 14:46:20 +01:00
Rob Vermaas 1625743902 Fix Fedora8 vm builds. 2014-01-15 21:32:38 +01:00
Eelco Dolstra 8622548160 Add a setup hook for fixing dylib install names on Darwin
Install names need to be absolute paths, otherwise programs that link
against the dylib won't work without setting $DYLD_LIBRARY_PATH.  Most
packages do this correctly, but some (like Boost and ICU) do not.
This setup hook absolutizes all install names.
2014-01-15 13:41:09 +01:00
Rob Vermaas ed9520bfb5 Allow specifying extra qemu flags using QEMU_OPTS. Replace CentOS 6.3 with CentOS 6.5 (6.3 is removed from site). 2014-01-14 22:51:26 +01:00
Eelco Dolstra 6fb27abf33 Merge branch 'java' 2014-01-13 13:16:17 +01:00