mirror of
https://github.com/edgelesssys/constellation.git
synced 2024-12-12 01:14:28 -05:00
nix: add derivations for C library dependencies
Cryptsetup and libvirt are new. OpenSSL was moved with the rest. The dynamic libaries cryptsetup and libvirt also ship a file called closure.tar, that contains the transitive closure for all of their dependencies. This tar file can be used as a container image layer or added to a bootable OS image to provide the runtime dependencies required for dynamic linking. Additionally, they ship a `rpath` file. This can be used together with patchelf to fix the RPATH of binaries produced by Bazel.
This commit is contained in:
parent
5009cbabac
commit
15c7f99f95
11
flake.nix
11
flake.nix
@ -19,6 +19,8 @@
|
|||||||
let
|
let
|
||||||
pkgsUnstable = import nixpkgsUnstable { inherit system; };
|
pkgsUnstable = import nixpkgsUnstable { inherit system; };
|
||||||
|
|
||||||
|
callPackage = pkgsUnstable.callPackage;
|
||||||
|
|
||||||
mkosiDev = (pkgsUnstable.mkosi.overrideAttrs (oldAttrs: rec {
|
mkosiDev = (pkgsUnstable.mkosi.overrideAttrs (oldAttrs: rec {
|
||||||
propagatedBuildInputs = oldAttrs.propagatedBuildInputs ++ (with pkgsUnstable; [
|
propagatedBuildInputs = oldAttrs.propagatedBuildInputs ++ (with pkgsUnstable; [
|
||||||
# package management
|
# package management
|
||||||
@ -41,10 +43,11 @@
|
|||||||
{
|
{
|
||||||
packages.mkosi = mkosiDev;
|
packages.mkosi = mkosiDev;
|
||||||
|
|
||||||
packages.openssl = pkgsUnstable.symlinkJoin {
|
packages.openssl = callPackage ./nix/cc/openssl.nix { pkgs = pkgsUnstable; };
|
||||||
name = "openssl";
|
|
||||||
paths = [ openssl-static.out openssl-static.dev ];
|
packages.cryptsetup = callPackage ./nix/cc/cryptsetup.nix { pkgs = pkgsUnstable; pkgsLinux = import nixpkgsUnstable { system = "x86_64-linux"; }; };
|
||||||
};
|
|
||||||
|
packages.libvirt = callPackage ./nix/cc/libvirt.nix { pkgs = pkgsUnstable; pkgsLinux = import nixpkgsUnstable { system = "x86_64-linux"; }; };
|
||||||
|
|
||||||
packages.awscli2 = pkgsUnstable.awscli2;
|
packages.awscli2 = pkgsUnstable.awscli2;
|
||||||
|
|
||||||
|
18
nix/cc/cryptsetup.nix
Normal file
18
nix/cc/cryptsetup.nix
Normal file
@ -0,0 +1,18 @@
|
|||||||
|
{ pkgs, pkgsLinux, buildEnv, closureInfo }:
|
||||||
|
let
|
||||||
|
lib = pkgs.lib;
|
||||||
|
cc = pkgsLinux.stdenv.cc;
|
||||||
|
packages = [ pkgsLinux.cryptsetup.out pkgsLinux.cryptsetup.dev ];
|
||||||
|
closure = builtins.toString (lib.strings.splitString "\n" (builtins.readFile "${closureInfo {rootPaths = packages;}}/store-paths"));
|
||||||
|
rpath = pkgs.lib.makeLibraryPath [ pkgsLinux.cryptsetup pkgsLinux.glibc pkgsLinux.libgcc.lib ];
|
||||||
|
in
|
||||||
|
pkgs.symlinkJoin {
|
||||||
|
name = "cryptsetup";
|
||||||
|
paths = packages;
|
||||||
|
buildInputs = packages;
|
||||||
|
postBuild = ''
|
||||||
|
tar -cf $out/closure.tar --mtime="@$SOURCE_DATE_EPOCH" --sort=name ${closure}
|
||||||
|
echo "${rpath}" > $out/rpath
|
||||||
|
cp ${cc}/nix-support/dynamic-linker $out/dynamic-linker
|
||||||
|
'';
|
||||||
|
}
|
19
nix/cc/libvirt.nix
Normal file
19
nix/cc/libvirt.nix
Normal file
@ -0,0 +1,19 @@
|
|||||||
|
{ pkgs, pkgsLinux, buildEnv, closureInfo }:
|
||||||
|
let
|
||||||
|
lib = pkgs.lib;
|
||||||
|
cc = pkgsLinux.stdenv.cc;
|
||||||
|
packages = [ pkgsLinux.libvirt ];
|
||||||
|
closure = builtins.toString (lib.strings.splitString "\n" (builtins.readFile "${closureInfo {rootPaths = packages;}}/store-paths"));
|
||||||
|
rpath = pkgs.lib.makeLibraryPath [ pkgsLinux.libvirt pkgsLinux.glib pkgsLinux.libxml2 pkgsLinux.readline pkgsLinux.glibc pkgsLinux.libgcc.lib ];
|
||||||
|
in
|
||||||
|
pkgs.symlinkJoin {
|
||||||
|
name = "libvirt";
|
||||||
|
paths = packages;
|
||||||
|
buildInputs = packages;
|
||||||
|
postBuild = ''
|
||||||
|
tar -cf $out/closure.tar --mtime="@$SOURCE_DATE_EPOCH" --sort=name ${closure}
|
||||||
|
tar --transform 's+^./+bin/+' -cf $out/bin-linktree.tar --mtime="@$SOURCE_DATE_EPOCH" --sort=name -C $out/bin .
|
||||||
|
echo "${rpath}" > $out/rpath
|
||||||
|
cp ${cc}/nix-support/dynamic-linker $out/dynamic-linker
|
||||||
|
'';
|
||||||
|
}
|
8
nix/cc/openssl.nix
Normal file
8
nix/cc/openssl.nix
Normal file
@ -0,0 +1,8 @@
|
|||||||
|
{ pkgs }:
|
||||||
|
let
|
||||||
|
openssl-static = pkgs.openssl.override { static = true; };
|
||||||
|
in
|
||||||
|
pkgs.symlinkJoin {
|
||||||
|
name = "openssl";
|
||||||
|
paths = [ openssl-static.out openssl-static.dev ];
|
||||||
|
}
|
Loading…
Reference in New Issue
Block a user