romenskiy2012/tuwunel
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1

Format all nix files with new nixfmt

Browse source
This commit is contained in:
Vladislav Grechannik 2026-01-30 01:04:33 +01:00 committed by June Strawberry
parent dbc208d5d9
commit f2a15fda34
No known key found for this signature in database
7 changed files with 819 additions and 728 deletions
Download patch file Download diff file Expand all files Collapse all files

15
default.nix
View file

@ -1,10 +1,11 @@
(import (import (
( let
let lock = builtins.fromJSON (builtins.readFile ./flake.lock); in lock = builtins.fromJSON (builtins.readFile ./flake.lock);
in
fetchTarball { fetchTarball {
url = lock.nodes.flake-compat.locked.url or "https://github.com/edolstra/flake-compat/archive/${lock.nodes.flake-compat.locked.rev}.tar.gz"; url =
lock.nodes.flake-compat.locked.url
or "https://github.com/edolstra/flake-compat/archive/${lock.nodes.flake-compat.locked.rev}.tar.gz";
sha256 = lock.nodes.flake-compat.locked.narHash; sha256 = lock.nodes.flake-compat.locked.narHash;
} }
) ) { src = ./.; }).defaultNix
{ src = ./.; }
).defaultNix

149
flake.nix
View file

@ -2,21 +2,40 @@
inputs = { inputs = {
attic.url = "github:zhaofengli/attic?ref=main"; attic.url = "github:zhaofengli/attic?ref=main";
cachix.url = "github:cachix/cachix?ref=master"; cachix.url = "github:cachix/cachix?ref=master";
complement = { url = "github:matrix-construct/complement?ref=main"; flake = false; }; complement = {
crane = { url = "github:ipetkov/crane?ref=master"; }; url = "github:matrix-construct/complement?ref=main";
fenix = { url = "github:nix-community/fenix?ref=main"; inputs.nixpkgs.follows = "nixpkgs"; }; flake = false;
flake-compat = { url = "github:edolstra/flake-compat?ref=master"; flake = false; }; };
crane = {
url = "github:ipetkov/crane?ref=master";
};
fenix = {
url = "github:nix-community/fenix?ref=main";
inputs.nixpkgs.follows = "nixpkgs";
};
flake-compat = {
url = "github:edolstra/flake-compat?ref=master";
flake = false;
};
flake-utils.url = "github:numtide/flake-utils?ref=main"; flake-utils.url = "github:numtide/flake-utils?ref=main";
nix-filter.url = "github:numtide/nix-filter?ref=main"; nix-filter.url = "github:numtide/nix-filter?ref=main";
nixpkgs.url = "github:NixOS/nixpkgs?ref=nixpkgs-unstable"; nixpkgs.url = "github:NixOS/nixpkgs?ref=nixpkgs-unstable";
rocksdb = { url = "github:matrix-construct/rocksdb?ref=tuwunel-changes"; flake = false; }; rocksdb = {
liburing = { url = "github:axboe/liburing?ref=master"; flake = false; }; url = "github:matrix-construct/rocksdb?ref=tuwunel-changes";
flake = false;
};
liburing = {
url = "github:axboe/liburing?ref=master";
flake = false;
};
}; };
outputs = inputs: outputs =
inputs.flake-utils.lib.eachDefaultSystem (system: inputs:
inputs.flake-utils.lib.eachDefaultSystem (
system:
let let
pkgsHost = import inputs.nixpkgs{ pkgsHost = import inputs.nixpkgs {
inherit system; inherit system;
}; };
pkgsHostStatic = pkgsHost.pkgsStatic; pkgsHostStatic = pkgsHost.pkgsStatic;
@ -29,17 +48,20 @@
sha256 = "sha256-SDu4snEWjuZU475PERvu+iO50Mi39KVjqCeJeNvpguU="; sha256 = "sha256-SDu4snEWjuZU475PERvu+iO50Mi39KVjqCeJeNvpguU=";
}; };
mkScope = pkgs: pkgs.lib.makeScope pkgs.newScope (self: { mkScope =
pkgs:
pkgs.lib.makeScope pkgs.newScope (self: {
inherit pkgs; inherit pkgs;
book = self.callPackage ./nix/pkgs/book {}; book = self.callPackage ./nix/pkgs/book { };
complement = self.callPackage ./nix/pkgs/complement {}; complement = self.callPackage ./nix/pkgs/complement { };
craneLib = ((inputs.crane.mkLib pkgs).overrideToolchain (_: toolchain)); craneLib = ((inputs.crane.mkLib pkgs).overrideToolchain (_: toolchain));
inherit inputs; inherit inputs;
main = self.callPackage ./nix/pkgs/main {}; main = self.callPackage ./nix/pkgs/main { };
oci-image = self.callPackage ./nix/pkgs/oci-image {}; oci-image = self.callPackage ./nix/pkgs/oci-image { };
tini = pkgs.tini.overrideAttrs { tini = pkgs.tini.overrideAttrs {
# newer clang/gcc is unhappy with tini-static: <https://3.dog/~strawberry/pb/c8y4> # newer clang/gcc is unhappy with tini-static: <https://3.dog/~strawberry/pb/c8y4>
patches = [ (pkgs.fetchpatch { patches = [
(pkgs.fetchpatch {
url = "https://patch-diff.githubusercontent.com/raw/krallin/tini/pull/224.patch"; url = "https://patch-diff.githubusercontent.com/raw/krallin/tini/pull/224.patch";
hash = "sha256-4bTfAhRyIT71VALhHY13hUgbjLEUyvgkIJMt3w9ag3k="; hash = "sha256-4bTfAhRyIT71VALhHY13hUgbjLEUyvgkIJMt3w9ag3k=";
}) })
@ -47,23 +69,27 @@
}; };
liburing = pkgs.liburing.overrideAttrs { liburing = pkgs.liburing.overrideAttrs {
# Tests weren't building # Tests weren't building
outputs = [ "out" "dev" "man" ]; outputs = [
"out"
"dev"
"man"
];
buildFlags = [ "library" ]; buildFlags = [ "library" ];
src = inputs.liburing; src = inputs.liburing;
}; };
rocksdb = (pkgs.rocksdb.override { rocksdb =
(pkgs.rocksdb.override {
liburing = self.liburing; liburing = self.liburing;
}).overrideAttrs (final: old: { }).overrideAttrs
(
final: old: {
src = inputs.rocksdb; src = inputs.rocksdb;
version = pkgs.lib.removePrefix version = pkgs.lib.removePrefix "v" (builtins.fromJSON (builtins.readFile ./flake.lock))
"v"
(builtins.fromJSON (builtins.readFile ./flake.lock))
.nodes.rocksdb.original.ref; .nodes.rocksdb.original.ref;
# we have this already at https://github.com/girlbossceo/rocksdb/commit/a935c0273e1ba44eacf88ce3685a9b9831486155 # we have this already at https://github.com/girlbossceo/rocksdb/commit/a935c0273e1ba44eacf88ce3685a9b9831486155
# unsetting this so i don't have to revert it and make this nix exclusive # unsetting this so i don't have to revert it and make this nix exclusive
patches = []; patches = [ ];
postPatch = postPatch = pkgs.lib.optionalString (pkgs.lib.versionOlder final.version "8") ''
pkgs.lib.optionalString (pkgs.lib.versionOlder final.version "8") ''
# Fix gcc-13 build failures due to missing <cstdint> and # Fix gcc-13 build failures due to missing <cstdint> and
# <system_error> includes, fixed upstream since 8.x # <system_error> includes, fixed upstream since 8.x
sed -e '1i #include <cstdint>' -i db/compaction/compaction_iteration_stats.h sed -e '1i #include <cstdint>' -i db/compaction/compaction_iteration_stats.h
@ -71,8 +97,8 @@
sed -e '1i #include <cstdint>' -i util/string_util.h sed -e '1i #include <cstdint>' -i util/string_util.h
sed -e '1i #include <cstdint>' -i include/rocksdb/utilities/checkpoint.h sed -e '1i #include <cstdint>' -i include/rocksdb/utilities/checkpoint.h
''; '';
cmakeFlags = pkgs.lib.subtractLists cmakeFlags =
[ pkgs.lib.subtractLists [
# no real reason to have snappy or zlib, no one uses this # no real reason to have snappy or zlib, no one uses this
"-DWITH_SNAPPY=1" "-DWITH_SNAPPY=1"
"-DZLIB=1" "-DZLIB=1"
@ -88,8 +114,7 @@
"-DFORCE_SSE42=1" "-DFORCE_SSE42=1"
# PORTABLE will get set in main/default.nix # PORTABLE will get set in main/default.nix
"-DPORTABLE=1" "-DPORTABLE=1"
] ] old.cmakeFlags
old.cmakeFlags
++ [ ++ [
# no real reason to have snappy, no one uses this # no real reason to have snappy, no one uses this
"-DWITH_SNAPPY=0" "-DWITH_SNAPPY=0"
@ -110,14 +135,18 @@
# preInstall hooks has stuff for messing with ldb/sst_dump which we dont need or use # preInstall hooks has stuff for messing with ldb/sst_dump which we dont need or use
preInstall = ""; preInstall = "";
}); }
);
}); });
scopeHost = mkScope pkgsHost; scopeHost = mkScope pkgsHost;
scopeHostStatic = mkScope pkgsHostStatic; scopeHostStatic = mkScope pkgsHostStatic;
scopeCrossLinux = mkScope pkgsHost.pkgsLinux.pkgsStatic; scopeCrossLinux = mkScope pkgsHost.pkgsLinux.pkgsStatic;
mkCrossScope = crossSystem: mkCrossScope =
let pkgsCrossStatic = (import inputs.nixpkgs { crossSystem:
let
pkgsCrossStatic =
(import inputs.nixpkgs {
inherit system; inherit system;
crossSystem = { crossSystem = {
config = crossSystem; config = crossSystem;
@ -126,7 +155,9 @@
in in
mkScope pkgsCrossStatic; mkScope pkgsCrossStatic;
mkDevShell = scope: scope.pkgs.mkShell { mkDevShell =
scope:
scope.pkgs.mkShell {
env = scope.main.env // { env = scope.main.env // {
# Rust Analyzer needs to be able to find the path to default crate # Rust Analyzer needs to be able to find the path to default crate
# sources, and it can read this environment variable to do so. The # sources, and it can read this environment variable to do so. The
@ -152,7 +183,9 @@
toolchain toolchain
] ]
++ (with pkgsHost.pkgs; [ ++ (
with pkgsHost.pkgs;
[
# Required by hardened-malloc.rs dep # Required by hardened-malloc.rs dep
binutils binutils
@ -188,7 +221,8 @@
] ]
# liburing is Linux-exclusive # liburing is Linux-exclusive
++ lib.optional stdenv.hostPlatform.isLinux liburing ++ lib.optional stdenv.hostPlatform.isLinux liburing
++ lib.optional stdenv.hostPlatform.isLinux numactl) ++ lib.optional stdenv.hostPlatform.isLinux numactl
)
++ scope.main.buildInputs ++ scope.main.buildInputs
++ scope.main.propagatedBuildInputs ++ scope.main.propagatedBuildInputs
++ scope.main.nativeBuildInputs; ++ scope.main.nativeBuildInputs;
@ -294,11 +328,11 @@
# macOS containers don't exist, so the complement images must be forced to linux # macOS containers don't exist, so the complement images must be forced to linux
linux-complement = (mkCrossScope "${pkgsHost.hostPlatform.qemuArch}-linux-musl").complement; linux-complement = (mkCrossScope "${pkgsHost.hostPlatform.qemuArch}-linux-musl").complement;
} }
// // builtins.listToAttrs (
builtins.listToAttrs builtins.concatLists (
(builtins.concatLists builtins.map
(builtins.map (
(crossSystem: crossSystem:
let let
binaryName = "static-${crossSystem}"; binaryName = "static-${crossSystem}";
scopeCrossStatic = mkCrossScope crossSystem; scopeCrossStatic = mkCrossScope crossSystem;
@ -315,7 +349,9 @@
{ {
name = "${binaryName}-x86_64-haswell-optimised"; name = "${binaryName}-x86_64-haswell-optimised";
value = scopeCrossStatic.main.override { value = scopeCrossStatic.main.override {
x86_64_haswell_target_optimised = (if (crossSystem == "x86_64-linux-gnu" || crossSystem == "x86_64-linux-musl") then true else false); x86_64_haswell_target_optimised = (
if (crossSystem == "x86_64-linux-gnu" || crossSystem == "x86_64-linux-musl") then true else false
);
}; };
} }
@ -379,7 +415,9 @@
# tuwunel_mods is a development-only hot reload feature # tuwunel_mods is a development-only hot reload feature
"tuwunel_mods" "tuwunel_mods"
]; ];
x86_64_haswell_target_optimised = (if (crossSystem == "x86_64-linux-gnu" || crossSystem == "x86_64-linux-musl") then true else false); x86_64_haswell_target_optimised = (
if (crossSystem == "x86_64-linux-gnu" || crossSystem == "x86_64-linux-musl") then true else false
);
}; };
} }
@ -412,7 +450,9 @@
name = "oci-image-${crossSystem}-x86_64-haswell-optimised"; name = "oci-image-${crossSystem}-x86_64-haswell-optimised";
value = scopeCrossStatic.oci-image.override { value = scopeCrossStatic.oci-image.override {
main = scopeCrossStatic.main.override { main = scopeCrossStatic.main.override {
x86_64_haswell_target_optimised = (if (crossSystem == "x86_64-linux-gnu" || crossSystem == "x86_64-linux-musl") then true else false); x86_64_haswell_target_optimised = (
if (crossSystem == "x86_64-linux-gnu" || crossSystem == "x86_64-linux-musl") then true else false
);
}; };
}; };
} }
@ -466,7 +506,9 @@
# tuwunel_mods is a development-only hot reload feature # tuwunel_mods is a development-only hot reload feature
"tuwunel_mods" "tuwunel_mods"
]; ];
x86_64_haswell_target_optimised = (if (crossSystem == "x86_64-linux-gnu" || crossSystem == "x86_64-linux-musl") then true else false); x86_64_haswell_target_optimised = (
if (crossSystem == "x86_64-linux-gnu" || crossSystem == "x86_64-linux-musl") then true else false
);
}; };
}; };
} }
@ -508,8 +550,9 @@
); );
devShells.default = mkDevShell scopeHostStatic; devShells.default = mkDevShell scopeHostStatic;
devShells.all-features = mkDevShell devShells.all-features = mkDevShell (
(scopeHostStatic.overrideScope (final: prev: { scopeHostStatic.overrideScope (
final: prev: {
main = prev.main.override { main = prev.main.override {
all_features = true; all_features = true;
disable_features = [ disable_features = [
@ -523,11 +566,17 @@
"tuwunel_mods" "tuwunel_mods"
]; ];
}; };
})); }
devShells.no-features = mkDevShell )
(scopeHostStatic.overrideScope (final: prev: { );
devShells.no-features = mkDevShell (
scopeHostStatic.overrideScope (
final: prev: {
main = prev.main.override { default_features = false; }; main = prev.main.override { default_features = false; };
})); }
)
);
devShells.dynamic = mkDevShell scopeHost; devShells.dynamic = mkDevShell scopeHost;
}); }
);
} }

11
nix/pkgs/book/default.nix
View file

@ -1,9 +1,10 @@
{ inputs {
inputs,
# Dependencies # Dependencies
, main main,
, mdbook mdbook,
, stdenv stdenv,
}: }:
stdenv.mkDerivation { stdenv.mkDerivation {

36
nix/pkgs/complement/default.nix
View file

@ -1,13 +1,14 @@
# Dependencies # Dependencies
{ bashInteractive {
, buildEnv bashInteractive,
, coreutils buildEnv,
, dockerTools coreutils,
, lib dockerTools,
, main lib,
, stdenv main,
, tini stdenv,
, writeShellScriptBin tini,
writeShellScriptBin,
}: }:
let let
@ -68,11 +69,18 @@ dockerTools.buildImage {
"${lib.getExe start}" "${lib.getExe start}"
]; ];
Entrypoint = if !stdenv.hostPlatform.isDarwin Entrypoint =
if
!stdenv.hostPlatform.isDarwin
# Use the `tini` init system so that signals (e.g. ctrl+c/SIGINT) # Use the `tini` init system so that signals (e.g. ctrl+c/SIGINT)
# are handled as expected # are handled as expected
then [ "${lib.getExe' tini "tini"}" "--" ] then
else []; [
"${lib.getExe' tini "tini"}"
"--"
]
else
[ ];
Env = [ Env = [
"TUWUNEL_TLS__KEY=${./private_key.key}" "TUWUNEL_TLS__KEY=${./private_key.key}"
@ -82,8 +90,8 @@ dockerTools.buildImage {
]; ];
ExposedPorts = { ExposedPorts = {
"8008/tcp" = {}; "8008/tcp" = { };
"8448/tcp" = {}; "8448/tcp" = { };
}; };
}; };
} }

43
nix/pkgs/main/cross-compilation-env.nix
View file

@ -1,28 +1,25 @@
{ lib {
, pkgsBuildHost lib,
, rust pkgsBuildHost,
, stdenv rust,
stdenv,
}: }:
lib.optionalAttrs stdenv.hostPlatform.isStatic { lib.optionalAttrs stdenv.hostPlatform.isStatic {
ROCKSDB_STATIC = ""; ROCKSDB_STATIC = "";
} }
// // {
{ CARGO_BUILD_RUSTFLAGS = lib.concatStringsSep " " (
CARGO_BUILD_RUSTFLAGS = [ ]
lib.concatStringsSep
" "
([]
# This disables PIE for static builds, which isn't great in terms # This disables PIE for static builds, which isn't great in terms
# of security. Unfortunately, my hand is forced because nixpkgs' # of security. Unfortunately, my hand is forced because nixpkgs'
# `libstdc++.a` is built without `-fPIE`, which precludes us from # `libstdc++.a` is built without `-fPIE`, which precludes us from
# leaving PIE enabled. # leaving PIE enabled.
++ lib.optionals ++ lib.optionals stdenv.hostPlatform.isStatic [
stdenv.hostPlatform.isStatic "-C"
[ "-C" "relocation-model=static" ] "relocation-model=static"
++ lib.optionals ]
(stdenv.buildPlatform.config != stdenv.hostPlatform.config) ++ lib.optionals (stdenv.buildPlatform.config != stdenv.hostPlatform.config) [
[
"-l" "-l"
"c" "c"
@ -41,15 +38,11 @@ lib.optionalAttrs stdenv.hostPlatform.isStatic {
# run on the build platform (I think). # run on the build platform (I think).
# #
# [0]: https://github.com/NixOS/nixpkgs/blob/nixpkgs-unstable/pkgs/build-support/rust/lib/default.nix#L48-L68 # [0]: https://github.com/NixOS/nixpkgs/blob/nixpkgs-unstable/pkgs/build-support/rust/lib/default.nix#L48-L68
// // (
(
let let
inherit (rust.lib) envVars; inherit (rust.lib) envVars;
in in
lib.optionalAttrs lib.optionalAttrs (stdenv.targetPlatform.rust.rustcTarget != stdenv.hostPlatform.rust.rustcTarget) (
(stdenv.targetPlatform.rust.rustcTarget
!= stdenv.hostPlatform.rust.rustcTarget)
(
let let
inherit (stdenv.targetPlatform.rust) cargoEnvVarTarget; inherit (stdenv.targetPlatform.rust) cargoEnvVarTarget;
in in
@ -59,8 +52,7 @@ lib.optionalAttrs stdenv.hostPlatform.isStatic {
"CARGO_TARGET_${cargoEnvVarTarget}_LINKER" = envVars.ccForTarget; "CARGO_TARGET_${cargoEnvVarTarget}_LINKER" = envVars.ccForTarget;
} }
) )
// // (
(
let let
inherit (stdenv.hostPlatform.rust) cargoEnvVarTarget rustcTarget; inherit (stdenv.hostPlatform.rust) cargoEnvVarTarget rustcTarget;
in in
@ -71,8 +63,7 @@ lib.optionalAttrs stdenv.hostPlatform.isStatic {
CARGO_BUILD_TARGET = rustcTarget; CARGO_BUILD_TARGET = rustcTarget;
} }
) )
// // (
(
let let
inherit (stdenv.buildPlatform.rust) cargoEnvVarTarget; inherit (stdenv.buildPlatform.rust) cargoEnvVarTarget;
in in

216
nix/pkgs/main/default.nix
View file

@ -1,23 +1,24 @@
# Dependencies (keep sorted) # Dependencies (keep sorted)
{ craneLib {
, inputs craneLib,
, jq inputs,
, lib jq,
, libiconv lib,
, liburing libiconv,
, pkgsBuildHost liburing,
, rocksdb pkgsBuildHost,
, removeReferencesTo rocksdb,
, rust removeReferencesTo,
, autoPatchelfHook rust,
, rust-jemalloc-sys-unprefixed autoPatchelfHook,
, stdenv rust-jemalloc-sys-unprefixed,
stdenv,
# Options (keep sorted) # Options (keep sorted)
, all_features ? false all_features ? false,
, default_features ? true default_features ? true,
# default list of disabled features # default list of disabled features
, disable_features ? [ disable_features ? [
# dont include experimental features # dont include experimental features
"experimental" "experimental"
# jemalloc profiling/stats features are expensive and shouldn't # jemalloc profiling/stats features are expensive and shouldn't
@ -26,58 +27,68 @@
"jemalloc_stats" "jemalloc_stats"
# tuwunel_mods is a development-only hot reload feature # tuwunel_mods is a development-only hot reload feature
"tuwunel_mods" "tuwunel_mods"
] ],
, disable_release_max_log_level ? false disable_release_max_log_level ? false,
, features ? [] features ? [ ],
, profile ? "release" profile ? "release",
# rocksdb compiled with -march=haswell and target-cpu=haswell rustflag # rocksdb compiled with -march=haswell and target-cpu=haswell rustflag
# haswell is pretty much any x86 cpu made in the last 12 years, and # haswell is pretty much any x86 cpu made in the last 12 years, and
# supports modern CPU extensions that rocksdb can make use of. # supports modern CPU extensions that rocksdb can make use of.
# disable if trying to make a portable x86_64 build for very old hardware # disable if trying to make a portable x86_64 build for very old hardware
, x86_64_haswell_target_optimised ? false x86_64_haswell_target_optimised ? false,
}: }:
let let
# We perform default-feature unification in nix, because some of the dependencies # We perform default-feature unification in nix, because some of the dependencies
# on the nix side depend on feature values. # on the nix side depend on feature values.
crateFeatures = path: crateFeatures =
let manifest = lib.importTOML "${path}/Cargo.toml"; in path:
let
manifest = lib.importTOML "${path}/Cargo.toml";
in
lib.remove "default" (lib.attrNames manifest.features); lib.remove "default" (lib.attrNames manifest.features);
crateDefaultFeatures = path: crateDefaultFeatures = path: (lib.importTOML "${path}/Cargo.toml").features.default;
(lib.importTOML "${path}/Cargo.toml").features.default; allDefaultFeatures = crateDefaultFeatures "${inputs.self}/src/main";
allDefaultFeatures = crateDefaultFeatures "${inputs.self}/src/main"; allFeatures = crateFeatures "${inputs.self}/src/main";
allFeatures = crateFeatures "${inputs.self}/src/main"; features' = lib.unique (
features' = lib.unique features
(features ++ ++ lib.optionals default_features allDefaultFeatures
lib.optionals default_features allDefaultFeatures ++ ++ lib.optionals all_features allFeatures
lib.optionals all_features allFeatures); );
disable_features' = disable_features ++ lib.optionals disable_release_max_log_level ["release_max_log_level"]; disable_features' =
features'' = lib.subtractLists disable_features' features'; disable_features ++ lib.optionals disable_release_max_log_level [ "release_max_log_level" ];
features'' = lib.subtractLists disable_features' features';
featureEnabled = feature : builtins.elem feature features''; featureEnabled = feature: builtins.elem feature features'';
enableLiburing = featureEnabled "io_uring" && !stdenv.hostPlatform.isDarwin; enableLiburing = featureEnabled "io_uring" && !stdenv.hostPlatform.isDarwin;
# This derivation will set the JEMALLOC_OVERRIDE variable, causing the # This derivation will set the JEMALLOC_OVERRIDE variable, causing the
# tikv-jemalloc-sys crate to use the nixpkgs jemalloc instead of building it's # tikv-jemalloc-sys crate to use the nixpkgs jemalloc instead of building it's
# own. In order for this to work, we need to set flags on the build that match # own. In order for this to work, we need to set flags on the build that match
# whatever flags tikv-jemalloc-sys was going to use. These are dependent on # whatever flags tikv-jemalloc-sys was going to use. These are dependent on
# which features we enable in tikv-jemalloc-sys. # which features we enable in tikv-jemalloc-sys.
rust-jemalloc-sys' = rust-jemalloc-sys' =
# tikv-jemalloc-sys/unprefixed_malloc_on_supported_platforms feature # tikv-jemalloc-sys/unprefixed_malloc_on_supported_platforms feature
rust-jemalloc-sys-unprefixed rust-jemalloc-sys-unprefixed.overrideAttrs (old: {
.overrideAttrs (old: { configureFlags = old.configureFlags ++ configureFlags =
old.configureFlags
++
# we dont need docs # we dont need docs
[ "--disable-doc" ] ++ [ "--disable-doc" ]
++
# we dont need cxx/C++ integration # we dont need cxx/C++ integration
[ "--disable-cxx" ] ++ [ "--disable-cxx" ]
++
# tikv-jemalloc-sys/profiling feature # tikv-jemalloc-sys/profiling feature
lib.optional (featureEnabled "jemalloc_prof") "--enable-prof" ++ lib.optional (featureEnabled "jemalloc_prof") "--enable-prof"
++
# tikv-jemalloc-sys/stats feature # tikv-jemalloc-sys/stats feature
(if (featureEnabled "jemalloc_stats") then [ "--enable-stats" ] else [ "--disable-stats" ]); (if (featureEnabled "jemalloc_stats") then [ "--enable-stats" ] else [ "--disable-stats" ]);
}); });
rocksdb' = (rocksdb.override { rocksdb' =
(rocksdb.override {
jemalloc = lib.optional (featureEnabled "jemalloc") rust-jemalloc-sys'; jemalloc = lib.optional (featureEnabled "jemalloc") rust-jemalloc-sys';
# rocksdb fails to build with prefixed jemalloc, which is required on # rocksdb fails to build with prefixed jemalloc, which is required on
# darwin due to [1]. In this case, fall back to building rocksdb with # darwin due to [1]. In this case, fall back to building rocksdb with
@ -90,13 +101,21 @@ rocksdb' = (rocksdb.override {
# for some reason enableLiburing in nixpkgs rocksdb is default true # for some reason enableLiburing in nixpkgs rocksdb is default true
# which breaks Darwin entirely # which breaks Darwin entirely
enableLiburing = enableLiburing; enableLiburing = enableLiburing;
}).overrideAttrs (old: { }).overrideAttrs
(old: {
enableLiburing = enableLiburing; enableLiburing = enableLiburing;
cmakeFlags = (if x86_64_haswell_target_optimised then (lib.subtractLists [ cmakeFlags =
(
if x86_64_haswell_target_optimised then
(
lib.subtractLists [
# dont make a portable build if x86_64_haswell_target_optimised is enabled # dont make a portable build if x86_64_haswell_target_optimised is enabled
"-DPORTABLE=1" "-DPORTABLE=1"
] old.cmakeFlags ] old.cmakeFlags
++ [ "-DPORTABLE=haswell" ]) else ([ "-DPORTABLE=1" ]) ++ [ "-DPORTABLE=haswell" ]
)
else
([ "-DPORTABLE=1" ])
) )
++ old.cmakeFlags; ++ old.cmakeFlags;
@ -105,9 +124,9 @@ rocksdb' = (rocksdb.override {
# preInstall hooks has stuff for messing with ldb/sst_dump which we dont need or use # preInstall hooks has stuff for messing with ldb/sst_dump which we dont need or use
preInstall = ""; preInstall = "";
}); });
buildDepsOnlyEnv = { buildDepsOnlyEnv = {
# https://crane.dev/faq/rebuilds-bindgen.html # https://crane.dev/faq/rebuilds-bindgen.html
NIX_OUTPATH_USED_AS_RANDOM_SEED = "aaaaaaaaaa"; NIX_OUTPATH_USED_AS_RANDOM_SEED = "aaaaaaaaaa";
@ -115,39 +134,45 @@ buildDepsOnlyEnv = {
ROCKSDB_INCLUDE_DIR = "${rocksdb'}/include"; ROCKSDB_INCLUDE_DIR = "${rocksdb'}/include";
ROCKSDB_LIB_DIR = "${rocksdb'}/lib"; ROCKSDB_LIB_DIR = "${rocksdb'}/lib";
} }
// // (import ./cross-compilation-env.nix {
(import ./cross-compilation-env.nix {
# Keep sorted # Keep sorted
inherit inherit
lib lib
pkgsBuildHost pkgsBuildHost
rust rust
stdenv; stdenv
;
}); });
buildPackageEnv = { buildPackageEnv = {
TUWUNEL_VERSION_EXTRA = inputs.self.shortRev or inputs.self.dirtyShortRev or ""; TUWUNEL_VERSION_EXTRA = inputs.self.shortRev or inputs.self.dirtyShortRev or "";
TUWUNEL_DATABASE_PATH = "/var/tmp/tuwunel.db"; TUWUNEL_DATABASE_PATH = "/var/tmp/tuwunel.db";
} // buildDepsOnlyEnv // { }
// buildDepsOnlyEnv
// {
# Only needed in static stdenv because these are transitive dependencies of rocksdb # Only needed in static stdenv because these are transitive dependencies of rocksdb
CARGO_BUILD_RUSTFLAGS = buildDepsOnlyEnv.CARGO_BUILD_RUSTFLAGS CARGO_BUILD_RUSTFLAGS =
+ lib.optionalString (enableLiburing && stdenv.hostPlatform.isStatic) buildDepsOnlyEnv.CARGO_BUILD_RUSTFLAGS
" -L${lib.getLib liburing}/lib -luring" + lib.optionalString (
+ lib.optionalString x86_64_haswell_target_optimised enableLiburing && stdenv.hostPlatform.isStatic
" -Ctarget-cpu=haswell"; ) " -L${lib.getLib liburing}/lib -luring"
}; + lib.optionalString x86_64_haswell_target_optimised " -Ctarget-cpu=haswell";
};
commonAttrs = {
commonAttrs = {
inherit inherit
(craneLib.crateNameFromCargoToml { (craneLib.crateNameFromCargoToml {
cargoToml = "${inputs.self}/Cargo.toml"; cargoToml = "${inputs.self}/Cargo.toml";
}) })
pname pname
version; version
;
src = let filter = inputs.nix-filter.lib; in filter { src =
let
filter = inputs.nix-filter.lib;
in
filter {
root = inputs.self; root = inputs.self;
# Keep sorted # Keep sorted
@ -161,15 +186,16 @@ commonAttrs = {
doCheck = true; doCheck = true;
cargoExtraArgs = "--no-default-features --locked " cargoExtraArgs =
+ lib.optionalString "--no-default-features --locked "
(features'' != []) + lib.optionalString (features'' != [ ]) "--features "
"--features " + (builtins.concatStringsSep "," features''); + (builtins.concatStringsSep "," features'');
dontStrip = profile == "dev" || profile == "test"; dontStrip = profile == "dev" || profile == "test";
dontPatchELF = profile == "dev" || profile == "test"; dontPatchELF = profile == "dev" || profile == "test";
buildInputs = lib.optional (featureEnabled "jemalloc") rust-jemalloc-sys-unprefixed buildInputs =
lib.optional (featureEnabled "jemalloc") rust-jemalloc-sys-unprefixed
# needed to build Rust applications on macOS # needed to build Rust applications on macOS
++ lib.optionals stdenv.hostPlatform.isDarwin [ ++ lib.optionals stdenv.hostPlatform.isDarwin [
# https://github.com/NixOS/nixpkgs/issues/206242 # https://github.com/NixOS/nixpkgs/issues/206242
@ -192,16 +218,21 @@ commonAttrs = {
}; };
in in
craneLib.buildPackage ( commonAttrs // rec { craneLib.buildPackage (
cargoArtifacts = craneLib.buildDepsOnly (commonAttrs // { commonAttrs
// rec {
cargoArtifacts = craneLib.buildDepsOnly (
commonAttrs
// {
env = buildDepsOnlyEnv; env = buildDepsOnlyEnv;
}); }
);
# Adds runpath settings to the resulting binary # Adds runpath settings to the resulting binary
buildInputs = (commonAttrs.buildInputs or []) ++ [ buildInputs = (commonAttrs.buildInputs or [ ]) ++ [
rocksdb' rocksdb'
]; ];
nativeBuildInputs = (commonAttrs.nativeBuildInputs or []) ++ [ nativeBuildInputs = (commonAttrs.nativeBuildInputs or [ ]) ++ [
autoPatchelfHook autoPatchelfHook
]; ];
# This is needed for tests to link # This is needed for tests to link
@ -228,10 +259,10 @@ craneLib.buildPackage ( commonAttrs // rec {
doBenchmark = false; doBenchmark = false;
cargoExtraArgs = "--no-default-features --locked " cargoExtraArgs =
+ lib.optionalString "--no-default-features --locked "
(features'' != []) + lib.optionalString (features'' != [ ]) "--features "
"--features " + (builtins.concatStringsSep "," features''); + (builtins.concatStringsSep "," features'');
env = buildPackageEnv; env = buildPackageEnv;
@ -240,4 +271,5 @@ craneLib.buildPackage ( commonAttrs // rec {
}; };
meta.mainProgram = commonAttrs.pname; meta.mainProgram = commonAttrs.pname;
}) }
)

33
nix/pkgs/oci-image/default.nix
View file

@ -1,11 +1,12 @@
{ inputs {
inputs,
# Dependencies # Dependencies
, dockerTools dockerTools,
, lib lib,
, main main,
, stdenv stdenv,
, tini tini,
}: }:
dockerTools.buildLayeredImage { dockerTools.buildLayeredImage {
@ -17,11 +18,18 @@ dockerTools.buildLayeredImage {
main main
]; ];
config = { config = {
Entrypoint = if !stdenv.hostPlatform.isDarwin Entrypoint =
if
!stdenv.hostPlatform.isDarwin
# Use the `tini` init system so that signals (e.g. ctrl+c/SIGINT) # Use the `tini` init system so that signals (e.g. ctrl+c/SIGINT)
# are handled as expected # are handled as expected
then [ "${lib.getExe' tini "tini"}" "--" ] then
else []; [
"${lib.getExe' tini "tini"}"
"--"
]
else
[ ];
Cmd = [ Cmd = [
"${lib.getExe main}" "${lib.getExe main}"
]; ];
@ -29,9 +37,10 @@ dockerTools.buildLayeredImage {
"RUST_BACKTRACE=full" "RUST_BACKTRACE=full"
]; ];
Labels = { Labels = {
"org.opencontainers.image.authors" = "June Clementine Strawberry <june@girlboss.ceo> and Jason Volk "org.opencontainers.image.authors" =
"June Clementine Strawberry <june@girlboss.ceo> and Jason Volk
<jason@zemos.net>"; <jason@zemos.net>";
"org.opencontainers.image.created" ="@${toString inputs.self.lastModified}"; "org.opencontainers.image.created" = "@${toString inputs.self.lastModified}";
"org.opencontainers.image.description" = "a very cool Matrix chat homeserver written in Rust"; "org.opencontainers.image.description" = "a very cool Matrix chat homeserver written in Rust";
"org.opencontainers.image.documentation" = "https://conduwuit.puppyirl.gay/"; "org.opencontainers.image.documentation" = "https://conduwuit.puppyirl.gay/";
"org.opencontainers.image.licenses" = "Apache-2.0"; "org.opencontainers.image.licenses" = "Apache-2.0";