abonerib/nix-serve-ng
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: abonerib:1d21f73a2d563ffbb924a4244c29b35e898caefe
Branches Tags
abonerib:main
..
compare: abonerib:f3931b8120b1ca663da280e11659c745e2e9ad1b
Branches Tags
abonerib:main

No commits in common. "1d21f73a2d563ffbb924a4244c29b35e898caefe" and "f3931b8120b1ca663da280e11659c745e2e9ad1b" have entirely different histories.
1d21f73a2d ... f3931b8120

9 changed files with 123 additions and 359 deletions
Show Stats Expand all files Collapse all files

92
README.md
View File

@ -4,78 +4,41 @@
## Quick start ## Quick start
There are three main approaches you can use to configure a NixOS system to replace There are two main approaches you can use to upgrade a NixOS system to replace
the old `nix-serve` with `nix-serve-ng`: the old `nix-serve` with `nix-serve-ng`.
- **A**: Set `services.nix-serve.package = pkgs.nix-serve-ng;` in your NixOS configuration If you specify your desired NixOS system within `flake.nix` then you can do
- `nix-serve-ng` is [packaged in nixpkgs](https://search.nixos.org/packages) already something like this:
- There is no need to consume this repository directly
- **B**: Include `nix-serve-ng.nixosModules.default` in your NixOS configuration
- `nix-serve-ng` refers to this repository being a flake input
- Requires consume this repository / this flake
- Overlays `pkgs.nix-serve` with `pkgs.nix-serve-ng`
- **C**: Like **B** but not requiring a flake
We recommend approach **A**. Only use **B** or **C** if you need a bleeding edge
upstream version of the project.
### Variant A:
_The code snippet below shows a `flake.nix`._
```nix ```nix
{ { inputs = {
inputs.nixpkgs.url = "github:NixOS/nixpkgs"; nixpkgs.url = github:NixOS/nixpkgs;
outputs = { nixpkgs, ... }: { nix-serve-ng.url = github:aristanetworks/nix-serve-ng;
nixosConfigurations.default = nixpkgs.lib.nixosSystem {
modules = [
/* ... */
{
services.nix-serve.enable = true;
services.nix-serve.package = pkgs.nix-serve-ng;
/* ... */
}
/* ... */
];
};
}; };
}
```
### Variant B:
_The code snippet below shows a `flake.nix`._
```nix
{
inputs.nixpkgs.url = "github:NixOS/nixpkgs";
inputs.nix-serve-ng.url = "github:aristanetworks/nix-serve-ng";
outputs = { nixpkgs, nix-serve-ng, ... }: { outputs = { nixpkgs, nix-serve-ng, ... }: {
nixosConfigurations.default = nixpkgs.lib.nixosSystem { nixosConfigurations.default = nixpkgs.lib.nixosSystem {
modules = [ modules = [
nix-serve-ng.nixosModules.default nix-serve-ng.nixosModules.default
/* ... */
{ { services.nix-serve.enable = true;
services.nix-serve.enable = true;
/* ... */
} }
/* ... */
]; ];
system = "x86_64-linux";
}; };
}; };
} }
``` ```
### Variant C: If you don't use `flake.nix` then you can instead define your NixOS module:
like this:
_The code snippet below shows a NixOS module file._
```nix ```nix
{ config, pkgs, lib, ... }: let
let
nix-serve-ng-src = builtins.fetchTarball { nix-serve-ng-src = builtins.fetchTarball {
# Replace the URL and hash with whatever you actually need # Replace the URL and hash with whatever you actually need
url = "https://github.com/aristanetworks/nix-serve-ng/archive/1937593598bb1285b41804f25cd6f9ddd4d5f1cb.tar.gz"; url = "https://github.com/aristanetworks/nix-serve-ng/archive/1937593598bb1285b41804f25cd6f9ddd4d5f1cb.tar.gz";
@ -84,24 +47,15 @@ let
}; };
nix-serve-ng = import nix-serve-ng-src; nix-serve-ng = import nix-serve-ng-src;
in in
{ { ... }: {
/* ... */ imports = [ nix-serve-ng.nixosModules.default ];
imports = [ nix-serve-ng.nixosModules.default ];
config = { }
services.nix-serve.enable = true;
};
/* ... */
}
``` ```
## Lix compatability
The default `nix-serve-ng` should work on top of lix, but if you want to build
it against lix for development or to remove the default nix dependency, you can
pass `-f lix` to cabal or use the `lix-serve-ng` package from the flake.
## Motivation ## Motivation
Our requirements for this project were: Our requirements for this project were:
@ -153,7 +107,7 @@ Did we satisfy those requirements?
* [`eris`](https://github.com/thoughtpolice/eris) - A Perl rewrite of * [`eris`](https://github.com/thoughtpolice/eris) - A Perl rewrite of
`nix-serve` `nix-serve`
* [`harmonia`](https://github.com/nix-community/harmonia) - A Rust rewrite * [`harmonia`](https://github.com/helsinki-systems/harmonia) - A Rust rewrite
of `nix-serve` of `nix-serve`
See the Benchmarks section below for more details See the Benchmarks section below for more details

36
cbits/nix.cpp
View File

@ -1,16 +1,7 @@
#include <cstddef> #include <cstddef>
#include <cstdlib> #include <cstdlib>
#include <nix/store-api.hh>
#ifndef LIX #include <nix/log-store.hh>
#include <nix/store/store-api.hh>
#include <nix/store/log-store.hh>
#include <nix/main/shared.hh>
#else
#include <lix/libstore/store-api.hh>
#include <lix/libstore/log-store.hh>
#include <lix/libmain/shared.hh>
#endif
#include "nix.hh" #include "nix.hh"
using namespace nix; using namespace nix;
@ -23,11 +14,8 @@ static ref<Store> getStore()
static std::shared_ptr<Store> _store; static std::shared_ptr<Store> _store;
if (!_store) { if (!_store) {
#ifndef LIX initLibStore();
initLibStore(true); loadConfFile();
#else
initNix();
#endif
_store = openStore(); _store = openStore();
} }
@ -37,12 +25,6 @@ static ref<Store> getStore()
extern "C" { extern "C" {
// Must be called once before the server is stated to avoid races
void initStore()
{
getStore();
}
void freeString(struct string * const input) void freeString(struct string * const input)
{ {
free((void *) input->data); free((void *) input->data);
@ -138,11 +120,7 @@ void queryPathInfo
output->deriver = emptyString; output->deriver = emptyString;
}; };
#ifndef LIX copyString(validPathInfo->narHash.to_string(Base32, true), &output->narHash);
copyString(validPathInfo->narHash.to_string(nix::HashFormat::Nix32, true), &output->narHash);
#else
copyString(validPathInfo->narHash.to_string(nix::Base::Base32, true), &output->narHash);
#endif
output->narSize = validPathInfo->narSize; output->narSize = validPathInfo->narSize;
@ -205,11 +183,7 @@ bool dumpPath
}); });
try { try {
#ifndef LIX
store->narFromPath(storePath.value(), sink); store->narFromPath(storePath.value(), sink);
#else
sink << store->narFromPath(storePath.value());
#endif
} catch (const std::runtime_error & e) { } catch (const std::runtime_error & e) {
// Intentionally do nothing. We're only using the exception as a // Intentionally do nothing. We're only using the exception as a
// short-circuiting mechanism. // short-circuiting mechanism.

23
default.nix
View File

@ -1,14 +1,9 @@
(import (import (
( let
let lock = builtins.fromJSON (builtins.readFile ./flake.lock);
lock = builtins.fromJSON (builtins.readFile ./flake.lock); in fetchTarball {
in url = "https://github.com/edolstra/flake-compat/archive/${lock.nodes.flake-compat.locked.rev}.tar.gz";
fetchTarball { sha256 = lock.nodes.flake-compat.locked.narHash; }
url = "https://github.com/edolstra/flake-compat/archive/${lock.nodes.flake-compat.locked.rev}.tar.gz"; ) {
sha256 = lock.nodes.flake-compat.locked.narHash; src = ./.;
} }).defaultNix
)
{
src = ./.;
}
).defaultNix

113
flake.lock generated
View File

@ -16,129 +16,26 @@
"type": "github" "type": "github"
} }
}, },
"flake-compat_2": {
"flake": false,
"locked": {
"lastModified": 1696426674,
"narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"lix": {
"inputs": {
"flake-compat": "flake-compat_2",
"nix2container": "nix2container",
"nixpkgs": "nixpkgs",
"nixpkgs-regression": "nixpkgs-regression",
"pre-commit-hooks": "pre-commit-hooks"
},
"locked": {
"lastModified": 1737234286,
"narHash": "sha256-CCKIAE84dzkrnlxJCKFyffAxP3yfsOAbdvydUGqq24g=",
"rev": "2837da71ec1588c1187d2e554719b15904a46c8b",
"revCount": 16631,
"type": "git",
"url": "https://git.lix.systems/lix-project/lix"
},
"original": {
"rev": "2837da71ec1588c1187d2e554719b15904a46c8b",
"type": "git",
"url": "https://git.lix.systems/lix-project/lix"
}
},
"nix2container": {
"flake": false,
"locked": {
"lastModified": 1724996935,
"narHash": "sha256-njRK9vvZ1JJsP8oV2OgkBrpJhgQezI03S7gzskCcHos=",
"owner": "nlewo",
"repo": "nix2container",
"rev": "fa6bb0a1159f55d071ba99331355955ae30b3401",
"type": "github"
},
"original": {
"owner": "nlewo",
"repo": "nix2container",
"type": "github"
}
},
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1733348545, "lastModified": 1688403656,
"narHash": "sha256-b4JrUmqT0vFNx42aEN9LTWOHomkTKL/ayLopflVf81U=", "narHash": "sha256-zmNai3dKWUCKpKubPWsEJ1Q7od96KebWVDJNCnk+fr0=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "9ecb50d2fae8680be74c08bb0a995c5383747f89", "rev": "453da3c28f7a95374b73d1f3fd665dd40e6049e9",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "NixOS", "owner": "NixOS",
"ref": "nixos-24.11-small", "ref": "nixpkgs-unstable",
"repo": "nixpkgs", "repo": "nixpkgs",
"type": "github" "type": "github"
} }
}, },
"nixpkgs-regression": {
"locked": {
"lastModified": 1643052045,
"narHash": "sha256-uGJ0VXIhWKGXxkeNnq4TvV3CIOkUJ3PAoLZ3HMzNVMw=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "215d4d0fd80ca5163643b03a33fde804a29cc1e2",
"type": "github"
},
"original": {
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "215d4d0fd80ca5163643b03a33fde804a29cc1e2",
"type": "github"
}
},
"nixpkgs_2": {
"locked": {
"lastModified": 1744174375,
"narHash": "sha256-oxI9TLgnQbQ/WL0tIwVSIooLbXq4PW1QUhf5aQmXFgk=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "ef3a956f697525883b77192cbe208233ea0f8f79",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "master",
"repo": "nixpkgs",
"type": "github"
}
},
"pre-commit-hooks": {
"flake": false,
"locked": {
"lastModified": 1733318908,
"narHash": "sha256-SVQVsbafSM1dJ4fpgyBqLZ+Lft+jcQuMtEL3lQWx2Sk=",
"owner": "cachix",
"repo": "git-hooks.nix",
"rev": "6f4e2a2112050951a314d2733a994fbab94864c6",
"type": "github"
},
"original": {
"owner": "cachix",
"repo": "git-hooks.nix",
"type": "github"
}
},
"root": { "root": {
"inputs": { "inputs": {
"flake-compat": "flake-compat", "flake-compat": "flake-compat",
"lix": "lix", "nixpkgs": "nixpkgs",
"nixpkgs": "nixpkgs_2",
"utils": "utils" "utils": "utils"
} }
}, },

167
flake.nix
View File

@ -1,9 +1,5 @@
{ { inputs = {
inputs = { nixpkgs.url = "github:NixOS/nixpkgs/nixpkgs-unstable";
# Temporary, until Nixpkgs master has Nix 2.28
nixpkgs.url = "github:NixOS/nixpkgs/master";
lix.url = "git+https://git.lix.systems/lix-project/lix?rev=2837da71ec1588c1187d2e554719b15904a46c8b";
utils.url = "github:numtide/flake-utils"; utils.url = "github:numtide/flake-utils";
@ -13,14 +9,11 @@
}; };
}; };
outputs = outputs = { nixpkgs, utils, ... }:
{ nixpkgs, lix, utils, ... }:
let let
compiler = "ghc94"; compiler = "ghc92";
overlay = final: prev: { overlay = final: prev: {
lix = lix.packages.${final.system}.default;
cabal2nix-unwrapped = cabal2nix-unwrapped =
final.haskell.lib.justStaticExecutables final.haskell.lib.justStaticExecutables
final.haskell.packages."${compiler}".cabal2nix; final.haskell.packages."${compiler}".cabal2nix;
@ -28,30 +21,22 @@
haskell = prev.haskell // { haskell = prev.haskell // {
packages = prev.haskell.packages // { packages = prev.haskell.packages // {
"${compiler}" = prev.haskell.packages."${compiler}".override (old: { "${compiler}" = prev.haskell.packages."${compiler}".override (old: {
overrides = final.lib.fold final.lib.composeExtensions (old.overrides or (_: _: { })) [ overrides =
(final.haskell.lib.packageSourceOverrides { final.lib.fold final.lib.composeExtensions (old.overrides or (_: _: { })) [
nix-serve-ng = ./.; (final.haskell.lib.packageSourceOverrides {
lix-serve-ng = ./.; nix-serve-ng = ./.;
})
base16 = "1.0"; (haskellPackagesNew: haskellPackagesOld: {
}) nix-serve-ng =
(haskellPackagesNew: haskellPackagesOld: { final.haskell.lib.overrideCabal
nix-serve-ng = final.haskell.lib.overrideCabal haskellPackagesOld.nix-serve-ng (old: { haskellPackagesOld.nix-serve-ng
executableSystemDepends = (old.executableSystemDepends or [ ]) ++ [ (old: {
final.boost.dev executableSystemDepends = (old.executableSystemDepends or []) ++ [
final.nixVersions.nix_2_28 final.boost.dev
]; ];
}); });
lix-serve-ng = final.haskell.lib.overrideCabal haskellPackagesOld.lix-serve-ng (old: { })
pname = "lix-serve-ng"; ];
configureFlags = (old.configureFlags or [ ]) ++ [ "-flix" ];
executableSystemDepends = (old.executableSystemDepends or [ ]) ++ [
final.boost.dev
final.lix
];
});
})
];
}); });
}; };
}; };
@ -59,81 +44,61 @@
nix-serve-ng = nix-serve-ng =
final.haskell.lib.justStaticExecutables final.haskell.lib.justStaticExecutables
final.haskell.packages."${compiler}".nix-serve-ng; final.haskell.packages."${compiler}".nix-serve-ng;
lix-serve-ng =
final.haskell.lib.justStaticExecutables
final.haskell.packages."${compiler}".lix-serve-ng;
}; };
in in
utils.lib.eachDefaultSystem ( utils.lib.eachDefaultSystem (system:
system: let
let pkgs = import nixpkgs {
pkgs = import nixpkgs { config = { };
config = { };
overlays = [ overlay ]; overlays = [ overlay ];
inherit system; inherit system;
};
inherit (pkgs) nix-serve-ng lix-serve-ng;
in
rec {
packages = {
inherit nix-serve-ng lix-serve-ng;
default = nix-serve-ng;
};
defaultPackage = packages.default;
apps = rec {
default = nix-serve-ng;
nix-serve-ng = {
type = "app";
program = "${nix-serve-ng}/bin/nix-serve";
}; };
lix-serve-ng = {
type = "app"; inherit (pkgs) nix-serve-ng;
program = "${lix-serve-ng}/bin/nix-serve";
in
rec {
packages.default = nix-serve-ng;
defaultPackage = packages.default;
apps.default = {
type = "app";
program = "${nix-serve-ng}/bin/nix-serve";
};
defaultApp = apps.default;
devShells.default =
(pkgs.haskell.lib.doBenchmark
pkgs.haskell.packages."${compiler}".nix-serve-ng
).env;
devShell = devShells.default;
}) // rec {
overlays = {
# The default overlay only adds the exports for
# `pkgs.haskell.packages."${compiler}".nix-serve-ng` and
# `pkgs.nix-serve-ng`
default = overlay;
# This overlay additionally overrides `pkgs.nix-serve` to refer to
# `pkgs.nix-serve-ng`
override = final: prev: {
nix-serve = final.nix-serve-ng;
}; };
}; };
defaultApp = apps.default; # The NixOS module is a thin wrapper around the overlay to replace
# `nix-serve` with `nix-serve-ng`
devShells = rec { #
default = nix-serve-ng; # You can continue to use the old `services.nix-serve` NixOS options.
nix-serve-ng = (pkgs.haskell.lib.doBenchmark pkgs.haskell.packages."${compiler}".nix-serve-ng).env; nixosModules.default = {
lix-serve-ng = (pkgs.haskell.lib.doBenchmark pkgs.haskell.packages."${compiler}".lix-serve-ng).env; nixpkgs.overlays = [ overlays.default overlays.override ];
};
devShell = devShells.default;
}
)
// rec {
overlays = {
# The default overlay only adds the exports for
# `pkgs.haskell.packages."${compiler}".nix-serve-ng` and
# `pkgs.nix-serve-ng`
default = overlay;
# This overlay additionally overrides `pkgs.nix-serve` to refer to
# `pkgs.nix-serve-ng`
override = final: prev: {
nix-serve = final.nix-serve-ng;
}; };
}; };
# The NixOS module is a thin wrapper around the overlay to replace
# `nix-serve` with `nix-serve-ng`
#
# You can continue to use the old `services.nix-serve` NixOS options.
nixosModules.default = {
nixpkgs.overlays = [
overlays.default
overlays.override
];
};
};
} }

19
nix-serve-ng.cabal
View File

@ -11,11 +11,6 @@ maintainer: opensource@awakesecurity.com
copyright: 2022 Arista Networks copyright: 2022 Arista Networks
extra-source-files: CHANGELOG.md extra-source-files: CHANGELOG.md
Flag Lix
Description: Build against Lix
Default: False
Manual: True
executable nix-serve executable nix-serve
hs-source-dirs: src hs-source-dirs: src
@ -41,10 +36,10 @@ executable nix-serve
cxx-sources: cbits/nix.cpp cxx-sources: cbits/nix.cpp
, cbits/nix.hh , cbits/nix.hh
cxx-options: -std=c++20 cxx-options: -std=c++17
build-depends: base < 5 build-depends: base < 5
, base16 >= 1.0 , base16
, base32 , base32
, bytestring , bytestring
, charset , charset
@ -60,14 +55,8 @@ executable nix-serve
, warp , warp
, warp-tls , warp-tls
if flag(lix) pkgconfig-depends:
cxx-options: -DLIX nix-store
pkgconfig-depends:
, lix-main
, lix-store
else
pkgconfig-depends:
nix-store
if os(darwin) if os(darwin)
extra-libraries: c++ extra-libraries: c++

23
shell.nix
View File

@ -1,14 +1,9 @@
(import (import (
( let
let lock = builtins.fromJSON (builtins.readFile ./flake.lock);
lock = builtins.fromJSON (builtins.readFile ./flake.lock); in fetchTarball {
in url = "https://github.com/edolstra/flake-compat/archive/${lock.nodes.flake-compat.locked.rev}.tar.gz";
fetchTarball { sha256 = lock.nodes.flake-compat.locked.narHash; }
url = "https://github.com/edolstra/flake-compat/archive/${lock.nodes.flake-compat.locked.rev}.tar.gz"; ) {
sha256 = lock.nodes.flake-compat.locked.narHash; src = ./.;
} }).shellNix
)
{
src = ./.;
}
).shellNix

2
src/Main.hs
View File

@ -341,8 +341,6 @@ main = do
options@Options{ priority, timeout, verbosity } <- do options@Options{ priority, timeout, verbosity } <- do
Options.execParser Options.parserInfo Options.execParser Options.parserInfo
Nix.initStore
storeDirectory <- Nix.getStoreDir storeDirectory <- Nix.getStoreDir
secretKeyFile <- Environment.lookupEnv "NIX_SECRET_KEY_FILE" secretKeyFile <- Environment.lookupEnv "NIX_SECRET_KEY_FILE"

7
src/Nix.hsc
View File

@ -34,8 +34,6 @@ import qualified Foreign
#include "nix.hh" #include "nix.hh"
foreign import ccall "initStore" initStore :: IO ()
foreign import ccall "freeString" freeString :: Ptr String_ -> IO () foreign import ccall "freeString" freeString :: Ptr String_ -> IO ()
data String_ = String_ { data_ :: Ptr CChar, size :: CSize } data String_ = String_ { data_ :: Ptr CChar, size :: CSize }
@ -164,9 +162,8 @@ data PathInfo = PathInfo
fromCPathInfo :: CPathInfo -> IO PathInfo fromCPathInfo :: CPathInfo -> IO PathInfo
fromCPathInfo CPathInfo{ deriver, narHash, narSize, references, sigs } = do fromCPathInfo CPathInfo{ deriver, narHash, narSize, references, sigs } = do
let String_{ data_ } = deriver
deriver_ <- deriver_ <-
if data_ == Foreign.nullPtr if data_ (deriver :: String_) == Foreign.nullPtr
then return Nothing then return Nothing
else fmap Just (fromString_ deriver) else fmap Just (fromString_ deriver)
@ -233,7 +230,7 @@ fingerprintPath storePath PathInfo{ narHash, narSize, references } = do
base32Suffix <- if base32Suffix <- if
| ByteString.length suffix == 64 | ByteString.length suffix == 64
, Right digest <- Base16.decodeBase16Untyped suffix -> , Right digest <- Base16.decodeBase16 suffix ->
return (Base32.encodeBase32' digest) return (Base32.encodeBase32' digest)
| ByteString.length suffix == 52 -> | ByteString.length suffix == 52 ->
return suffix return suffix