diff --git a/.github/workflows/nix-build.yml b/.github/workflows/nix-build.yml index 878820f..98db2a4 100644 --- a/.github/workflows/nix-build.yml +++ b/.github/workflows/nix-build.yml @@ -1,4 +1,4 @@ -name: "nix-build" +name: "nix build" on: push: @@ -13,5 +13,5 @@ jobs: - uses: actions/checkout@v3 - uses: cachix/install-nix-action@v22 with: - nix_path: nixpkgs=channel:nixos-unstable - - run: nix-build + nix_path: nixpkgs=channel:nixos-23.11 + - run: nix build diff --git a/default.nix b/default.nix index 9c8d09d..47fd982 100644 --- a/default.nix +++ b/default.nix @@ -1,23 +1,16 @@ -{ pkgs ? import { } }: - +{ + pkgs, + rpki-client-src, + rpki-openbsd-src, +}: +# build the package pkgs.stdenv.mkDerivation rec { name = "rpki-client"; - version = "8.2"; - - src = pkgs.fetchFromGitHub { - owner = "rpki-client"; - repo = "rpki-client-portable"; - rev = version; - hash = "sha256-oErUjZn/a/Ka70+Z8Wb2L7UIulGPjF81bYAQ2wPvWfo="; - }; + version = "8.6"; - openbsd_src = pkgs.fetchFromGitHub { - owner = "rpki-client"; - repo = "rpki-client-openbsd"; - rev = "rpki-client-8.2"; - hash = "sha256-zC3vbQLLWgImS+lYNWbHzkLrZTJvgPfH+W+FiSnH8Aw="; - }; + src = rpki-client-src; + # Dependencies required at build time buildInputs = with pkgs; [ libressl expat @@ -25,17 +18,26 @@ pkgs.stdenv.mkDerivation rec { autoconf libtool rsync + zlib ]; + # Prepare the source directory before configuring and building. + # In this case, we set up the openbsd directory, which rpki-client-portable expects, + # with the rpki-openbsd-src attribute we set up as a flake input. unpackPhase = '' mkdir -p openbsd - cp -R ${openbsd_src}/* openbsd + cp -R ${rpki-openbsd-src}/* openbsd cp -R ${src}/* . chmod 700 -R . ''; + # Configure with the given scripts, but point to our nix-specific $out directory configurePhase = '' ./autogen.sh ./configure --prefix=$out ''; + + # The default buildPhase for stdenv.mkDerivation is "make" + # which is what the project wants in this case. + # So we don't need to modify the buildPhase. } diff --git a/flake.lock b/flake.lock new file mode 100644 index 0000000..7417f12 --- /dev/null +++ b/flake.lock @@ -0,0 +1,97 @@ +{ + "nodes": { + "nixpkgs": { + "locked": { + "lastModified": 1701156937, + "narHash": "sha256-jpMJOFvOTejx211D8z/gz0ErRtQPy6RXxgD2ZB86mso=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "7c4c20509c4363195841faa6c911777a134acdf3", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-23.11", + "repo": "nixpkgs", + "type": "github" + } + }, + "root": { + "inputs": { + "nixpkgs": "nixpkgs", + "rpki-client-src": "rpki-client-src", + "rpki-openbsd-src": "rpki-openbsd-src", + "utils": "utils" + } + }, + "rpki-client-src": { + "flake": false, + "locked": { + "lastModified": 1697441637, + "narHash": "sha256-HWwuVMDi3zo2+okpt0J7yEOD+MhDw6fBQV31jj2Q0jo=", + "owner": "rpki-client", + "repo": "rpki-client-portable", + "rev": "aa554ab91add82bb68de00d323e02c9d20621aee", + "type": "github" + }, + "original": { + "owner": "rpki-client", + "repo": "rpki-client-portable", + "rev": "aa554ab91add82bb68de00d323e02c9d20621aee", + "type": "github" + } + }, + "rpki-openbsd-src": { + "flake": false, + "locked": { + "lastModified": 1700133527, + "narHash": "sha256-UnCxtlQinmMOLR+EMrJz/PM6JxKATS2YXp4lvpVVtwk=", + "owner": "rpki-client", + "repo": "rpki-client-openbsd", + "rev": "082ed00f2b1f8b1b578b2bc9eae84a5fc1923d68", + "type": "github" + }, + "original": { + "owner": "rpki-client", + "repo": "rpki-client-openbsd", + "rev": "082ed00f2b1f8b1b578b2bc9eae84a5fc1923d68", + "type": "github" + } + }, + "systems": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "utils": { + "inputs": { + "systems": "systems" + }, + "locked": { + "lastModified": 1694529238, + "narHash": "sha256-zsNZZGTGnMOf9YpHKJqMSsa0dXbfmxeoJ7xHlrt+xmY=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "ff7b65b44d01cf9ba6a71320833626af21126384", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + } + }, + "root": "root", + "version": 7 +} diff --git a/flake.nix b/flake.nix new file mode 100644 index 0000000..43e14ac --- /dev/null +++ b/flake.nix @@ -0,0 +1,45 @@ +{ + description = "RPKI Client v8.6"; + + # To build the package, run "nix build" in the current directory. + # This will build the rpki-client binary and put it in 'result/bin/'. + + inputs = { + # We pin to a set nixpkgs version + nixpkgs.url = "github:NixOS/nixpkgs/nixos-23.11"; + # A lib to help build packages for multiple target systems + utils.url = "github:numtide/flake-utils"; + # The RPKI portable client source, pinned to a specific version + rpki-client-src = { + url = "github:rpki-client/rpki-client-portable/aa554ab91add82bb68de00d323e02c9d20621aee"; # v8.6 + flake = false; + }; + # The openbsd shim of rpki-client-portable, which gets pulled into rpki-client at build time + # Since Nix can't fetch external sources (or access the Internet) at build time, we pull it in explicitly. + # See https://github.com/rpki-client/rpki-client-portable/blob/master/update.sh + rpki-openbsd-src = { + url = "github:rpki-client/rpki-client-openbsd/082ed00f2b1f8b1b578b2bc9eae84a5fc1923d68"; # v8.6 + flake = false; + }; + }; + + outputs = { + self, + nixpkgs, + utils, + rpki-client-src, + rpki-openbsd-src, + }: + # Read as: for each system, use nixpkgs and run the default.nix build instructions with these args. + utils.lib.eachDefaultSystem (system: let + pkgs = nixpkgs.legacyPackages.${system}; + rpki-client = import ./default.nix {inherit pkgs rpki-client-src rpki-openbsd-src;}; + in rec { + # This exposes a package under the namespace rpki-client.defaultPackage. + defaultPackage = rpki-client; + + # To run locally without cloning this repo, create a `cachedir` locally to hold RPKI data. + # Then run "nix run github:fjahr/rpki-client-nix -- -d cachedir" + apps.rpki-client = utils.lib.mkApp {drv = rpki-client;}; + }); +}