1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
|
{ lib, stdenv, fetchFromGitHub, openssl, zlib, pcre, libxcrypt, libxml2, libxslt
, substituteAll, gd, geoip, gperftools, jemalloc, nixosTests
, withDebug ? false
, withMail ? false
, withStream ? false
, modules ? []
, ...
}:
let
inherit (lib) optional optionals optionalString;
in
stdenv.mkDerivation rec {
version = "3.1.0";
pname = "tengine";
src = fetchFromGitHub {
owner = "alibaba";
repo = pname;
rev = version;
hash = "sha256-cClSNBlresMHqJrqSFWvUo589TlwJ2tL5FWJG9QBuis=";
};
buildInputs =
[ openssl zlib pcre libxcrypt libxml2 libxslt gd geoip gperftools jemalloc ]
++ lib.concatMap (mod: mod.inputs or []) modules;
patches = lib.singleton (substituteAll {
src = ../nginx/nix-etag-1.15.4.patch;
preInstall = ''
export nixStoreDir="$NIX_STORE" nixStoreDirLen="''${#NIX_STORE}"
'';
}) ++ [
./check-resolv-conf.patch
../nginx/nix-skip-check-logs-path.patch
];
configureFlags = [
"--with-http_ssl_module"
"--with-http_v2_module"
"--with-http_realip_module"
"--with-http_addition_module"
"--with-http_xslt_module"
"--with-http_geoip_module"
"--with-http_sub_module"
"--with-http_dav_module"
"--with-http_flv_module"
"--with-http_mp4_module"
"--with-http_gunzip_module"
"--with-http_gzip_static_module"
"--with-http_auth_request_module"
"--with-http_random_index_module"
"--with-http_secure_link_module"
"--with-http_degradation_module"
"--with-http_stub_status_module"
"--with-threads"
"--with-pcre-jit"
"--with-http_slice_module"
"--with-select_module"
"--with-poll_module"
"--with-google_perftools_module"
"--with-jemalloc"
"--http-log-path=/var/log/nginx/access.log"
"--error-log-path=/var/log/nginx/error.log"
"--pid-path=/var/log/nginx/nginx.pid"
"--http-client-body-temp-path=/var/cache/nginx/client_body"
"--http-proxy-temp-path=/var/cache/nginx/proxy"
"--http-fastcgi-temp-path=/var/cache/nginx/fastcgi"
"--http-uwsgi-temp-path=/var/cache/nginx/uwsgi"
"--http-scgi-temp-path=/var/cache/nginx/scgi"
] ++ optionals withDebug [
"--with-debug"
] ++ optionals withMail [
"--with-mail"
"--with-mail_ssl_module"
] ++ optionals (!withMail) [
"--without-mail_pop3_module"
"--without-mail_imap_module"
"--without-mail_smtp_module"
] ++ optionals withStream [
"--with-stream"
"--with-stream_ssl_module"
"--with-stream_realip_module"
"--with-stream_geoip_module"
"--with-stream_ssl_preread_module"
"--with-stream_sni"
] ++ optionals (!withStream) [
"--without-stream_limit_conn_module"
"--without-stream_access_module"
"--without-stream_geo_module"
"--without-stream_map_module"
"--without-stream_split_clients_module"
"--without-stream_return_module"
"--without-stream_upstream_hash_module"
"--without-stream_upstream_least_conn_module"
"--without-stream_upstream_random_module"
"--without-stream_upstream_zone_module"
] ++ optional (gd != null) "--with-http_image_filter_module"
++ optional (with stdenv.hostPlatform; isLinux || isFreeBSD) "--with-file-aio"
++ map (mod: "--add-module=${mod.src}") modules;
env.NIX_CFLAGS_COMPILE = "-I${libxml2.dev}/include/libxml2 -Wno-error=implicit-fallthrough"
+ optionalString stdenv.hostPlatform.isDarwin " -Wno-error=deprecated-declarations";
preConfigure = (lib.concatMapStringsSep "\n" (mod: mod.preConfigure or "") modules);
hardeningEnable = optional (!stdenv.hostPlatform.isDarwin) "pie";
enableParallelBuilding = true;
postInstall = ''
mv $out/sbin $out/bin
'';
passthru = {
inherit modules;
tests = nixosTests.nginx-variants.tengine;
};
meta = with lib; {
description = "Web server based on Nginx and has many advanced features, originated by Taobao";
mainProgram = "nginx";
homepage = "https://tengine.taobao.org";
license = licenses.bsd2;
platforms = platforms.all;
maintainers = with maintainers; [ izorkin ];
};
}
|
