3
0
Fork 0
forked from mirrors/nixpkgs
nixpkgs/pkgs/servers/dns/knot-dns/default.nix
Jörg Thalheim 6adc09ed30
knot: put runtime paths outside the nix store
Otherwise knot tries to write to non-writable directories.
This for example breaks dnssec signing.
While it's possible to overwrite these path in the configuration,
having a sane defaults is nicer.
2020-02-12 16:27:38 +00:00

61 lines
1.6 KiB
Nix

{ stdenv, fetchurl, pkgconfig, gnutls, liburcu, lmdb, libcap_ng, libidn2, libunistring
, systemd, nettle, libedit, zlib, libiconv, libintl
, autoreconfHook
}:
let inherit (stdenv.lib) optional optionals; in
# Note: ATM only the libraries have been tested in nixpkgs.
stdenv.mkDerivation rec {
pname = "knot-dns";
version = "2.9.2";
src = fetchurl {
url = "https://secure.nic.cz/files/knot-dns/knot-${version}.tar.xz";
sha256 = "298cdf33aa7589b50df7e5833694b24cd2de8b6d17cee7e1673873fe576db6ee";
};
outputs = [ "bin" "out" "dev" ];
configureFlags = [
"--with-configdir=/etc/knot"
"--with-rundir=/run/knot"
"--with-storage=/var/lib/knot"
];
patches = [
# Don't try to create directories like /var/lib/knot at build time.
# They are later created from NixOS itself.
./dont-create-run-time-dirs.patch
];
nativeBuildInputs = [ pkgconfig autoreconfHook ];
buildInputs = [
gnutls liburcu libidn2 libunistring
nettle libedit
libiconv lmdb libintl
# without sphinx &al. for developer documentation
]
++ optionals stdenv.isLinux [ libcap_ng systemd ]
++ optional stdenv.isDarwin zlib; # perhaps due to gnutls
enableParallelBuilding = true;
CFLAGS = [ "-O2" "-DNDEBUG" ];
doCheck = true;
doInstallCheck = false; # needs pykeymgr?
postInstall = ''
rm -r "$out"/lib/*.la
'';
meta = with stdenv.lib; {
description = "Authoritative-only DNS server from .cz domain registry";
homepage = https://knot-dns.cz;
license = licenses.gpl3Plus;
platforms = platforms.unix;
maintainers = [ maintainers.vcunat ];
};
}