aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJakub Jirutka <jakub@jirutka.cz>2018-10-11 02:30:47 +0200
committerJakub Jirutka <jakub@jirutka.cz>2018-10-11 02:33:24 +0200
commit16fdfc62d0fff4f5f155681cf1c48f7bd8ea4628 (patch)
treef85586d4eb8eb86e1a8eda6260827dc5f18e149f
parent3018d94db569948a6a070ca0c1c20e254f820513 (diff)
downloadaports-16fdfc62d0fff4f5f155681cf1c48f7bd8ea4628.tar.bz2
testing/nix: new aport
https://nixos.org/nix/ The purely functional package manager
-rw-r--r--testing/nix/APKBUILD101
-rw-r--r--testing/nix/README.alpine3
-rw-r--r--testing/nix/libboost_context-mt.patch14
-rw-r--r--testing/nix/nix-daemon.initd7
-rw-r--r--testing/nix/nix-profile.sh84
-rw-r--r--testing/nix/nix.pre-install10
6 files changed, 219 insertions, 0 deletions
diff --git a/testing/nix/APKBUILD b/testing/nix/APKBUILD
new file mode 100644
index 0000000..b39667e
--- /dev/null
+++ b/testing/nix/APKBUILD
@@ -0,0 +1,101 @@
+# Contributor: Jakub Jirutka <jakub@jirutka.cz>
+# Maintainer: Jakub Jirutka <jakub@jirutka.cz>
+pkgname=nix
+pkgver=2.1.3
+pkgrel=0
+pkgdesc="The purely functional package manager"
+url="https://nixos.org/nix/"
+arch="x86 x86_64 aarch64" # supported platforms
+license="LGPL-2.1-or-later"
+depends="ca-certificates"
+depends_dev="boost-dev"
+makedepends="
+ $depends_dev
+ bash
+ brotli-dev
+ bzip2-dev
+ curl-dev
+ gc-dev
+ libressl-dev
+ libseccomp-dev
+ libsodium-dev
+ sqlite-dev
+ xz
+ xz-dev
+ "
+pkggroups="nix nixbld"
+install="$pkgname.pre-install"
+subpackages="$pkgname-dev $pkgname-openrc $pkgname-doc"
+source="https://nixos.org/releases/nix/$pkgname-$pkgver/$pkgname-$pkgver.tar.xz
+ libboost_context-mt.patch
+ nix-daemon.initd
+ nix-profile.sh
+ "
+builddir="$srcdir/$pkgname-$pkgver"
+
+build() {
+ cd "$builddir"
+
+ # NOTE: /nix/var is recommended by upstream and we need /nix anyway.
+ bash ./configure \
+ --build=$CBUILD \
+ --host=$CHOST \
+ --prefix=/usr \
+ --sysconfdir=/etc \
+ --mandir=/usr/share/man \
+ --localstatedir=/nix/var \
+ --enable-gc
+ make
+}
+
+package() {
+ cd "$builddir"
+
+ make DESTDIR="$pkgdir" install
+
+ cd "$pkgdir"
+
+ # Remove trash.
+ rm -R etc/init
+ rm -R usr/lib/systemd
+ rm etc/profile.d/*
+
+ mkdir -p usr/sbin
+ mv usr/bin/nix-daemon usr/sbin/
+
+ install -m 755 -D "$srcdir"/nix-profile.sh etc/profile.d/nix.sh
+ install -m 755 -D "$srcdir"/nix-daemon.initd etc/init.d/nix-daemon
+
+ # Setup build users.
+ # Note: max-jobs should equal number of created nixbld<n> users.
+ install -d -m 0555 etc/nix
+ cat > etc/nix/nix.conf <<-EOF
+ build-users-group = nixbld
+ max-jobs = 4
+ EOF
+
+ # This is based on https://github.com/NixOS/nix/blob/9617a04/scripts/install-multi-user.sh#L525
+ # NOTE: store dir must be /nix/store, otherwise pre-built binaries from
+ # the standard Nixpkgs channels would not work.
+ install -d -m 1775 -g nixbld \
+ nix/store
+ install -d -m 0755 \
+ nix/var/log/nix/drvs \
+ nix/var/nix/db \
+ nix/var/nix/gcroots \
+ nix/var/nix/manifests \
+ nix/var/nix/profiles/default \
+ nix/var/nix/temproots \
+ nix/var/nix/userpool
+ install -d -m 1777 \
+ nix/var/nix/profiles/per-user \
+ nix/var/nix/gcroots/per-user
+ # Allow only users in the nix group to perform Nix operations.
+ install -d -m 0770 -g nix \
+ nix/var/nix/daemon-socket
+}
+
+sha512sums="d22718d23d8960dac7d07739835caa8183f573b303d77613e77314d873c1fe6da1cb0ed78337fe3219a94675307b23132a62ae7d9aa5354707e58400f403524b nix-2.1.3.tar.xz
+2d6d8441861abca66b28083c356618e2dc60acb9a5be675f32be90204743e780f60427b8375aa5ba234f6f604f6b2569922cb400a1a989a37d950580d2151a6f libboost_context-mt.patch
+9e4568db987fbae5097f7bb086e8ad51742c2d229703104fb7e6f240ffb0ca72e57dc305fb238bcee4ec8002d780007af60f241b1f32b6aa413dd579d9c59e75 nix-daemon.initd
+0fb5b9ff2f593dca22251b342494ea0b61380d8f905d85855282d259c112aa2a918d9785aa08f847c693a939ebae9fbefcd4e417ad93283a142e066105cc87b5 nix-profile.sh"
diff --git a/testing/nix/README.alpine b/testing/nix/README.alpine
new file mode 100644
index 0000000..b2fbc0b
--- /dev/null
+++ b/testing/nix/README.alpine
@@ -0,0 +1,3 @@
+# Nix
+
+NOTE: Only members of unix group "nix" are allowed to install Nix packages.
diff --git a/testing/nix/libboost_context-mt.patch b/testing/nix/libboost_context-mt.patch
new file mode 100644
index 0000000..02326b2
--- /dev/null
+++ b/testing/nix/libboost_context-mt.patch
@@ -0,0 +1,14 @@
+We don't have libboost_context.so, just libboost_context-mt.so (-mt stands
+for multithreading).
+
+--- a/src/libutil/local.mk
++++ b/src/libutil/local.mk
+@@ -6,7 +6,7 @@
+
+ libutil_SOURCES := $(wildcard $(d)/*.cc)
+
+-libutil_LDFLAGS = $(LIBLZMA_LIBS) -lbz2 -pthread $(OPENSSL_LIBS) $(LIBBROTLI_LIBS) -lboost_context
++libutil_LDFLAGS = $(LIBLZMA_LIBS) -lbz2 -pthread $(OPENSSL_LIBS) $(LIBBROTLI_LIBS) -lboost_context-mt
+
+ libutil_LIBS = libformat
+
diff --git a/testing/nix/nix-daemon.initd b/testing/nix/nix-daemon.initd
new file mode 100644
index 0000000..fe81aa8
--- /dev/null
+++ b/testing/nix/nix-daemon.initd
@@ -0,0 +1,7 @@
+#!/sbin/openrc-run
+
+description="Nix multi-user support daemon"
+
+command="/usr/sbin/nix-daemon"
+command_background="yes"
+pidfile="/run/$RC_SVCNAME.pid"
diff --git a/testing/nix/nix-profile.sh b/testing/nix/nix-profile.sh
new file mode 100644
index 0000000..527122d
--- /dev/null
+++ b/testing/nix/nix-profile.sh
@@ -0,0 +1,84 @@
+# Profile for Nix package manager
+# This script is based on https://github.com/NixOS/nix/blob/master/scripts/nix-profile.sh.in.
+
+# Sanity check
+[ "$HOME" ] && [ "$USER" ] || return 0
+
+_nix_setup_user() {
+ local nix_profile="$HOME/.nix-profile"
+ local nix_defexpr="$HOME/.nix-defexpr"
+ local profiles_dir="/nix/var/nix/profiles"
+ local user_profile_dir="$profiles_dir/per-user/$USER"
+ local user_gcroots_dir="/nix/var/nix/gcroots/per-user/$USER"
+
+ mkdir -m 0755 -p "$user_profile_dir"
+ [ -O "$user_profile_dir" ] \
+ || echo "Nix: WARNING: bad ownership on $user_profile_dir, should be $(id -u)" >&2
+
+ [ -w "$HOME" ] || return 0
+
+ # Create ~/.nix-profile if needed.
+ if ! [ -L "$nix_profile" ]; then
+ echo "Nix: creating $nix_profile" >&2
+
+ if [ "$USER" = root ]; then
+ # Root installs in the system-wide profile by default.
+ ln -s "$profiles_dir/default" "$nix_profile" \
+ || echo "Nix: WARNING: could not create $nix_profile -> $profiles_dir/default" >&2
+ else
+ ln -s "$user_profile_dir/profile" "$nix_profile" \
+ || echo "Nix: WARNING: could not create $nix_profile -> $user_profile_dir/profile" >&2
+ fi
+ fi
+
+ # Subscribe the user to the unstable Nixpkgs channel by default.
+ if ! [ -e "$HOME/.nix-channels" ]; then
+ echo 'https://nixos.org/channels/nixpkgs-unstable nixpkgs' > "$HOME/.nix-channels"
+ fi
+
+ # Create the per-user garbage collector roots directory.
+ mkdir -m 0755 -p "$user_gcroots_dir"
+ [ -O "$user_gcroots_dir" ] \
+ || echo "Nix: WARNING: bad ownership on $user_gcroots_dir, should be $(id -u)" >&2
+
+ # Set up a default Nix expression from which to install stuff.
+ if [ ! -e "$nix_defexpr" -o -L "$nix_defexpr" ]; then
+ rm -f "$nix_defexpr"
+ mkdir -p "$nix_defexpr"
+
+ if [ "$USER" != root ]; then
+ ln -s "$profiles_dir"/per-user/root/channels "$nix_defexpr"/channels_root
+ fi
+ fi
+
+ export NIX_PROFILES="$NIX_PROFILES $nix_profile"
+
+ # Append ~/.nix-defexpr/channels/nixpkgs to $NIX_PATH so that <nixpkgs>
+ # paths work when the user has fetched the Nixpkgs channel.
+ export NIX_PATH="${NIX_PATH:+$NIX_PATH:}nixpkgs=$nix_defexpr/channels/nixpkgs"
+
+ # Set up secure multi-user builds; non-root users build through the Nix daemon.
+ [ "$USER" = root ] || export NIX_REMOTE='daemon'
+}
+
+
+# Set $NIX_SSL_CERT_FILE so that Nixpkgs applications like curl work.
+export NIX_SSL_CERT_FILE='/etc/ssl/certs/ca-certificates.crt'
+
+# The default profile for all users.
+export NIX_PROFILES='/nix/var/nix/profiles/default'
+
+# Set up environment for users that are allowed to build and install Nix
+# packages: root and members of nix or wheel group.
+if [ "$USER" = root ] || id -nG | grep -Eq '\b(nix|wheel)\b'; then
+ _nix_setup_user
+fi
+
+# Set up PATH and MANPATH.
+for _i in $NIX_PROFILES; do
+ export PATH="$_i/bin:$PATH"
+ [ "$MANPATH" ] && export MANPATH="$_i/share/man:$MANPATH"
+done
+
+unset _i
+unset -f _nix_setup_user
diff --git a/testing/nix/nix.pre-install b/testing/nix/nix.pre-install
new file mode 100644
index 0000000..04bca10
--- /dev/null
+++ b/testing/nix/nix.pre-install
@@ -0,0 +1,10 @@
+#!/bin/sh
+
+addgroup -S nix 2>/dev/null
+addgroup -S nixbld 2>/dev/null
+for n in $(seq 0 3); do
+ adduser -S -D -H -h /var/empty -s /sbin/nologin -G nixbld \
+ -g "Nix build user $n" nixbld$n 2>/dev/null
+done
+
+exit 0