{ stdenv, lib, fetchurl, openssl, libtool, perl, libxml2 , enableSeccomp ? false, libseccomp ? null , enablePython ? false, python ? null }: assert enableSeccomp -> libseccomp != null; assert enablePython -> python != null; let version = "9.11.2"; in stdenv.mkDerivation rec { name = "bind-${version}"; src = fetchurl { url = "http://ftp.isc.org/isc/bind9/${version}/${name}.tar.gz"; sha256 = "0yn7wgi2y8mpmvbjbkl4va7p0xsnn48m4yjx6ynb1hzp423asikz"; }; outputs = [ "out" "lib" "dev" "man" "dnsutils" "host" ]; patches = [ ./dont-keep-configure-flags.patch ./remove-mkdir-var.patch ] ++ stdenv.lib.optional stdenv.isDarwin ./darwin-openssl-linking-fix.patch; buildInputs = [ openssl libtool perl libxml2 ] ++ lib.optional enableSeccomp libseccomp ++ lib.optional enablePython python; STD_CDEFINES = [ "-DDIG_SIGCHASE=1" ]; # support +sigchase configureFlags = [ "--localstatedir=/var" "--with-libtool" "--with-libxml2=${libxml2.dev}" "--with-openssl=${openssl.dev}" (if enablePython then "--with-python" else "--without-python") "--without-atf" "--without-dlopen" "--without-docbook-xsl" "--without-gssapi" "--without-idn" "--without-idnlib" "--without-pkcs11" "--without-purify" ] ++ lib.optional enableSeccomp "--enable-seccomp"; postInstall = '' moveToOutput bin/bind9-config $dev moveToOutput bin/isc-config.sh $dev moveToOutput bin/host $host moveToOutput bin/dig $dnsutils moveToOutput bin/nslookup $dnsutils moveToOutput bin/nsupdate $dnsutils for f in "$lib/lib/"*.la "$dev/bin/"{isc-config.sh,bind*-config}; do sed -i "$f" -e 's|-L${openssl.dev}|-L${openssl.out}|g' done ''; meta = { homepage = http://www.isc.org/software/bind; description = "Domain name server"; license = stdenv.lib.licenses.isc; maintainers = with stdenv.lib.maintainers; [viric peti]; platforms = with stdenv.lib.platforms; unix; outputsToInstall = [ "out" "dnsutils" "host" ]; }; }