kookie
/
nomicon
1
0
Fork 0
Code Issues Projects Releases 1 Activity

cacert: cleanup exporting SSL_CERT_FILE

Browse Source
wip/yesman
Daiderd Jordan 7 years ago
parent bfccf8e42c
commit 091c2b9f04
No known key found for this signature in database
GPG Key ID: D02435D05B810C96
11 changed files with 11 additions and 28 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 3
      pkgs/build-support/fetchbower/default.nix
  2. 3
      pkgs/build-support/fetchdarcs/default.nix
  3. 4
      pkgs/build-support/fetchgx/default.nix
  4. 3
      pkgs/build-support/rust/default.nix
  5. 1
      pkgs/build-support/rust/fetchcargo.nix
  6. 4
      pkgs/development/compilers/go/1.7.nix
  7. 4
      pkgs/development/compilers/go/1.8.nix
  8. 4
      pkgs/development/compilers/go/1.9.nix
  9. 4
      pkgs/development/compilers/rust/cargo.nix
  10. 6
      pkgs/development/r-modules/default.nix
  11. 3
      pkgs/os-specific/linux/firmware/firmware-linux-nonfree/default.nix

3
pkgs/build-support/fetchbower/default.nix
Unescape View File

@ -11,7 +11,6 @@ let
fetchbower = name: version: target: outputHash: stdenv.mkDerivation {
name = "${cleanName name}-${bowerVersion version}";
SSL_CERT_FILE = "${cacert}/etc/ssl/certs/ca-bundle.crt";
buildCommand = ''
fetch-bower --quiet --out=$PWD/out "${name}" "${target}" "${version}"
# In some cases, the result of fetchBower is different depending
@ -23,7 +22,7 @@ let
outputHashMode = "recursive";
outputHashAlgo = "sha256";
inherit outputHash;
buildInputs = [ bower2nix ];
buildInputs = [ cacert bower2nix ];
};
in fetchbower

3
pkgs/build-support/fetchdarcs/default.nix
Unescape View File

@ -7,9 +7,8 @@ if md5 != "" then
else
stdenv.mkDerivation {
name = "fetchdarcs";
NIX_SSL_CERT_FILE = "${cacert}/etc/ssl/certs/ca-bundle.crt";
builder = ./builder.sh;
buildInputs = [darcs];
buildInputs = [cacert darcs];
outputHashAlgo = "sha256";
outputHashMode = "recursive";

4
pkgs/build-support/fetchgx/default.nix
Unescape View File

@ -6,7 +6,7 @@ stdenv.mkDerivation {
name = "${name}-gxdeps";
inherit src;
buildInputs = [ go gx gx-go ];
buildInputs = [ cacert go gx gx-go ];
outputHashAlgo = "sha256";
outputHashMode = "recursive";
@ -14,8 +14,6 @@ stdenv.mkDerivation {
phases = [ "unpackPhase" "buildPhase" "installPhase" ];
NIX_SSL_CERT_FILE = "${cacert}/etc/ssl/certs/ca-bundle.crt";
buildPhase = ''
export GOPATH=$(pwd)/vendor
mkdir -p vendor

3
pkgs/build-support/rust/default.nix
Unescape View File

@ -32,7 +32,7 @@ in stdenv.mkDerivation (args // {
patchRegistryDeps = ./patch-registry-deps;
buildInputs = [ git rust.cargo rust.rustc ] ++ buildInputs;
buildInputs = [ cacert git rust.cargo rust.rustc ] ++ buildInputs;
configurePhase = args.configurePhase or ''
runHook preConfigure
@ -60,7 +60,6 @@ in stdenv.mkDerivation (args // {
unset cargoDepsCopy
export RUST_LOG=${logLevel}
export SSL_CERT_FILE=${cacert}/etc/ssl/certs/ca-bundle.crt
'' + (args.postUnpack or "");
buildPhase = with builtins; args.buildPhase or ''

1
pkgs/build-support/rust/fetchcargo.nix
Unescape View File

@ -19,7 +19,6 @@ stdenv.mkDerivation {
exit 1
fi
export SSL_CERT_FILE=${cacert}/etc/ssl/certs/ca-bundle.crt
export CARGO_HOME=$(mktemp -d cargo-home.XXX)
cargo vendor

4
pkgs/development/compilers/go/1.7.nix
Unescape View File

@ -35,7 +35,7 @@ stdenv.mkDerivation rec {
# perl is used for testing go vet
nativeBuildInputs = [ perl which pkgconfig patch ];
buildInputs = [ pcre ];
buildInputs = [ cacert pcre ];
propagatedBuildInputs = optionals stdenv.isDarwin [ Security Foundation ];
hardeningDisable = [ "all" ];
@ -116,8 +116,6 @@ stdenv.mkDerivation rec {
})
];
NIX_SSL_CERT_FILE = "${cacert}/etc/ssl/certs/ca-bundle.crt";
GOOS = if stdenv.isDarwin then "darwin" else "linux";
GOARCH = if stdenv.isDarwin then "amd64"
else if stdenv.system == "i686-linux" then "386"

4
pkgs/development/compilers/go/1.8.nix
Unescape View File

@ -37,7 +37,7 @@ stdenv.mkDerivation rec {
# perl is used for testing go vet
nativeBuildInputs = [ perl which pkgconfig patch makeWrapper ]
++ optionals stdenv.isLinux [ procps ];
buildInputs = [ pcre ]
buildInputs = [ cacert pcre ]
++ optionals stdenv.isLinux [ stdenv.glibc.out stdenv.glibc.static ];
propagatedBuildInputs = optionals stdenv.isDarwin [ Security Foundation ];
@ -122,8 +122,6 @@ stdenv.mkDerivation rec {
substituteInPlace "src/cmd/link/internal/ld/lib.go" --replace dsymutil ${llvm}/bin/llvm-dsymutil
'';
NIX_SSL_CERT_FILE = "${cacert}/etc/ssl/certs/ca-bundle.crt";
GOOS = if stdenv.isDarwin then "darwin" else "linux";
GOARCH = if stdenv.isDarwin then "amd64"
else if stdenv.system == "i686-linux" then "386"

4
pkgs/development/compilers/go/1.9.nix
Unescape View File

@ -37,7 +37,7 @@ stdenv.mkDerivation rec {
# perl is used for testing go vet
nativeBuildInputs = [ perl which pkgconfig patch makeWrapper ]
++ optionals stdenv.isLinux [ procps ];
buildInputs = [ pcre ]
buildInputs = [ cacert pcre ]
++ optionals stdenv.isLinux [ stdenv.glibc.out stdenv.glibc.static ];
propagatedBuildInputs = optionals stdenv.isDarwin [ Security Foundation ];
@ -128,8 +128,6 @@ stdenv.mkDerivation rec {
substituteInPlace "src/cmd/link/internal/ld/lib.go" --replace dsymutil ${llvm}/bin/llvm-dsymutil
'';
NIX_SSL_CERT_FILE = "${cacert}/etc/ssl/certs/ca-bundle.crt";
GOOS = if stdenv.isDarwin then "darwin" else "linux";
GOARCH = if stdenv.isDarwin then "amd64"
else if stdenv.system == "i686-linux" then "386"

4
pkgs/development/compilers/rust/cargo.nix
Unescape View File

@ -24,7 +24,7 @@ rustPlatform.buildRustPackage rec {
passthru.rustc = rustc;
nativeBuildInputs = [ pkgconfig ];
buildInputs = [ file curl python openssl cmake zlib makeWrapper libgit2 ]
buildInputs = [ cacert file curl python openssl cmake zlib makeWrapper libgit2 ]
++ stdenv.lib.optionals stdenv.isDarwin [ CoreFoundation libiconv ];
LIBGIT2_SYS_USE_PKG_CONFIG=1;
@ -48,8 +48,6 @@ rustPlatform.buildRustPackage rec {
'';
checkPhase = ''
# Export SSL_CERT_FILE as without it one test fails with SSL verification error
export SSL_CERT_FILE=${cacert}/etc/ssl/certs/ca-bundle.crt
# Disable cross compilation tests
export CFG_DISABLE_CROSS_TESTS=1
cargo test

6
pkgs/development/r-modules/default.nix
Unescape View File

@ -3,7 +3,7 @@
{ R, pkgs, overrides }:
let
inherit (pkgs) fetchurl stdenv lib;
inherit (pkgs) cacert fetchurl stdenv lib;
buildRPackage = pkgs.callPackage ./generic-builder.nix {
inherit R;
@ -912,9 +912,7 @@ let
});
geojsonio = old.geojsonio.overrideDerivation (attrs: {
preConfigure = ''
export SSL_CERT_FILE=${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt
'';
buildInputs = [ cacert ] ++ attrs.buildInputs;
});
rstan = old.rstan.overrideDerivation (attrs: {

3
pkgs/os-specific/linux/firmware/firmware-linux-nonfree/default.nix
Unescape View File

@ -32,8 +32,7 @@ stdenv.mkDerivation rec {
# traffic, so don't do that.
preferLocalBuild = true;
buildInputs = [ git gnupg ];
NIX_SSL_CERT_FILE = "${cacert}/etc/ssl/certs/ca-bundle.crt";
buildInputs = [ cacert git gnupg ];
} ''
git init src && (
cd src

Write Preview
Loading…
Cancel
Save