pyrox.dev / nixpkgs
lol
fork atom

knot: put runtime paths outside the nix store

Otherwise knot tries to write to non-writable directories.
This for example breaks dnssec signing.
While it's possible to overwrite these path in the configuration,
having a sane defaults is nicer.

Jörg Thalheim 6adc09ed ebf837e0

options
unified split
Changed files
+49 -2
pkgs
servers
dns
knot-dns
default.nix
dont-create-run-time-dirs.patch
+17 -2
pkgs/servers/dns/knot-dns/default.nix 
···

       
1

       
1

       
 

       
{ stdenv, fetchurl, pkgconfig, gnutls, liburcu, lmdb, libcap_ng, libidn2, libunistring


     

       
2

       
2

       
 

       
, systemd, nettle, libedit, zlib, libiconv, libintl


     

       

       
3

       
+

       
, autoreconfHook


     

       
3

       
4

       
 

       
}:


     

       
4

       
5

       
 

       



     

       
5

       
6

       
 

       
let inherit (stdenv.lib) optional optionals; in


     
···

       
16

       
17

       
 

       



     

       
17

       
18

       
 

       
  outputs = [ "bin" "out" "dev" ];


     

       
18

       
19

       
 

       



     

       
19

       

       
-

       
  nativeBuildInputs = [ pkgconfig ];


     

       

       
20

       
+

       
  configureFlags = [


     

       

       
21

       
+

       
    "--with-configdir=/etc/knot"


     

       

       
22

       
+

       
    "--with-rundir=/run/knot"


     

       

       
23

       
+

       
    "--with-storage=/var/lib/knot"


     

       

       
24

       
+

       
  ];


     

       

       
25

       
+

       



     

       

       
26

       
+

       
  patches = [


     

       

       
27

       
+

       
    # Don't try to create directories like /var/lib/knot at build time.


     

       

       
28

       
+

       
    # They are later created from NixOS itself.


     

       

       
29

       
+

       
    ./dont-create-run-time-dirs.patch


     

       

       
30

       
+

       
  ];


     

       

       
31

       
+

       



     

       

       
32

       
+

       
  nativeBuildInputs = [ pkgconfig autoreconfHook ];


     

       
20

       
33

       
 

       
  buildInputs = [


     

       
21

       
34

       
 

       
    gnutls liburcu libidn2 libunistring


     

       
22

       
35

       
 

       
    nettle libedit


     
···

       
33

       
46

       
 

       
  doCheck = true;


     

       
34

       
47

       
 

       
  doInstallCheck = false; # needs pykeymgr?


     

       
35

       
48

       
 

       



     

       
36

       

       
-

       
  postInstall = ''rm -r "$out"/var "$out"/lib/*.la'';


     

       

       
49

       
+

       
  postInstall = ''


     

       

       
50

       
+

       
    rm -r "$out"/lib/*.la


     

       

       
51

       
+

       
  '';


     

       
37

       
52

       
 

       



     

       
38

       
53

       
 

       
  meta = with stdenv.lib; {


     

       
39

       
54

       
 

       
    description = "Authoritative-only DNS server from .cz domain registry";
+32
pkgs/servers/dns/knot-dns/dont-create-run-time-dirs.patch 
···

       

       
1

       
+

       
diff --git a/samples/Makefile.am b/samples/Makefile.am


     

       

       
2

       
+

       
index c253c91..107401d 100644


     

       

       
3

       
+

       
--- a/samples/Makefile.am


     

       

       
4

       
+

       
+++ b/samples/Makefile.am


     

       

       
5

       
+

       
@@ -19,11 +19,6 @@ EXTRA_DIST = knot.sample.conf.in example.com.zone


     

       

       
6

       
+

       
 


     

       

       
7

       
+

       
 if HAVE_DAEMON


     

       

       
8

       
+

       
 


     

       

       
9

       
+

       
-install-data-local: knot.sample.conf


     

       

       
10

       
+

       
-	if [ \! -f $(DESTDIR)/$(config_dir)/knot.sample.conf ]; then \


     

       

       
11

       
+

       
-	  $(INSTALL) -d $(DESTDIR)/$(config_dir); \


     

       

       
12

       
+

       
-	  $(INSTALL_DATA) knot.sample.conf $(srcdir)/example.com.zone $(DESTDIR)/$(config_dir); \


     

       

       
13

       
+

       
-	fi


     

       

       
14

       
+

       
 uninstall-local:


     

       

       
15

       
+

       
 	-rm -rf $(DESTDIR)/$(config_dir)/knot.sample.conf \


     

       

       
16

       
+

       
 	        $(DESTDIR)/$(config_dir)/example.com.zone


     

       

       
17

       
+

       
diff --git a/src/utils/Makefile.inc b/src/utils/Makefile.inc


     

       

       
18

       
+

       
index e6765d9..d859d23 100644


     

       

       
19

       
+

       
--- a/src/utils/Makefile.inc


     

       

       
20

       
+

       
+++ b/src/utils/Makefile.inc


     

       

       
21

       
+

       
@@ -79,11 +79,6 @@ endif HAVE_DNSTAP


     

       

       
22

       
+

       
 endif HAVE_UTILS


     

       

       
23

       
+

       
 


     

       

       
24

       
+

       
 if HAVE_DAEMON


     

       

       
25

       
+

       
-# Create storage and run-time directories


     

       

       
26

       
+

       
-install-data-hook:


     

       

       
27

       
+

       
-	$(INSTALL) -d $(DESTDIR)/@config_dir@


     

       

       
28

       
+

       
-	$(INSTALL) -d $(DESTDIR)/@run_dir@


     

       

       
29

       
+

       
-	$(INSTALL) -d $(DESTDIR)/@storage_dir@


     

       

       
30

       
+

       
 


     

       

       
31

       
+

       
 sbin_PROGRAMS = knotc knotd


     

       

       
32

       
+