fix(tazjin/tverskoy): copy & paste some l2tp fix from nixpkgs#64965

Change-Id: Ib6375cd2281ce7eff87d9a1f8bd8f811ed180a87
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5155
Autosubmit: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
This commit is contained in:
Vincent Ambo 2022-02-01 12:17:42 +03:00 committed by clbot
parent 586f530ec4
commit 3122cdf0c4
3 changed files with 46 additions and 37 deletions

View file

@ -20,7 +20,7 @@ let
# Stable package set is imported, but not exposed, to overlay # Stable package set is imported, but not exposed, to overlay
# required packages into the unstable set. # required packages into the unstable set.
stableNixpkgs = import depot.third_party.sources.nixpkgs-stable {}; stableNixpkgs = import depot.third_party.sources.nixpkgs-stable { };
# Overlay for packages that should come from the stable channel # Overlay for packages that should come from the stable channel
# instead (e.g. because something is broken in unstable). # instead (e.g. because something is broken in unstable).

View file

@ -1,5 +1,6 @@
# This file has been generated by Niv. # This file has been generated by Niv.
_: let _:
let
# #
# The fetchers. fetch_<type> fetches specs of type <type>. # The fetchers. fetch_<type> fetches specs of type <type>.
@ -17,10 +18,10 @@ _: let
# sanitize the name, though nix will still fail if name starts with period # sanitize the name, though nix will still fail if name starts with period
name' = stringAsChars (x: if ! ok x then "-" else x) "${name}-src"; name' = stringAsChars (x: if ! ok x then "-" else x) "${name}-src";
in in
if spec.builtin or true then if spec.builtin or true then
builtins_fetchTarball { name = name'; inherit (spec) url sha256; } builtins_fetchTarball { name = name'; inherit (spec) url sha256; }
else else
pkgs.fetchzip { name = name'; inherit (spec) url sha256; }; pkgs.fetchzip { name = name'; inherit (spec) url sha256; };
fetch_git = spec: fetch_git = spec:
builtins.fetchGit { url = spec.repo; inherit (spec) rev ref; }; builtins.fetchGit { url = spec.repo; inherit (spec) rev ref; };
@ -43,20 +44,20 @@ _: let
mkPkgs = sources: mkPkgs = sources:
let let
sourcesNixpkgs = sourcesNixpkgs =
import (builtins_fetchTarball { inherit (sources.nixpkgs) url sha256; }) {}; import (builtins_fetchTarball { inherit (sources.nixpkgs) url sha256; }) { };
hasNixpkgsPath = builtins.any (x: x.prefix == "nixpkgs") builtins.nixPath; hasNixpkgsPath = builtins.any (x: x.prefix == "nixpkgs") builtins.nixPath;
hasThisAsNixpkgsPath = <nixpkgs> == ./.; hasThisAsNixpkgsPath = <nixpkgs> == ./.;
in in
if builtins.hasAttr "nixpkgs" sources if builtins.hasAttr "nixpkgs" sources
then sourcesNixpkgs then sourcesNixpkgs
else if hasNixpkgsPath && ! hasThisAsNixpkgsPath then else if hasNixpkgsPath && ! hasThisAsNixpkgsPath then
import <nixpkgs> {} import <nixpkgs> { }
else else
abort abort
'' ''
Please specify either <nixpkgs> (through -I or NIX_PATH=nixpkgs=...) or Please specify either <nixpkgs> (through -I or NIX_PATH=nixpkgs=...) or
add a package called "nixpkgs" to your sources.json. add a package called "nixpkgs" to your sources.json.
''; '';
# The actual fetching function. # The actual fetching function.
fetch = pkgs: name: spec: fetch = pkgs: name: spec:
@ -79,7 +80,7 @@ _: let
saneName = stringAsChars (c: if isNull (builtins.match "[a-zA-Z0-9]" c) then "_" else c) name; saneName = stringAsChars (c: if isNull (builtins.match "[a-zA-Z0-9]" c) then "_" else c) name;
ersatz = builtins.getEnv "NIV_OVERRIDE_${saneName}"; ersatz = builtins.getEnv "NIV_OVERRIDE_${saneName}";
in in
if ersatz == "" then drv else ersatz; if ersatz == "" then drv else ersatz;
# Ports of functions for older nix versions # Ports of functions for older nix versions
@ -90,7 +91,7 @@ _: let
); );
# https://github.com/NixOS/nixpkgs/blob/0258808f5744ca980b9a1f24fe0b1e6f0fecee9c/lib/lists.nix#L295 # https://github.com/NixOS/nixpkgs/blob/0258808f5744ca980b9a1f24fe0b1e6f0fecee9c/lib/lists.nix#L295
range = first: last: if first > last then [] else builtins.genList (n: first + n) (last - first + 1); range = first: last: if first > last then [ ] else builtins.genList (n: first + n) (last - first + 1);
# https://github.com/NixOS/nixpkgs/blob/0258808f5744ca980b9a1f24fe0b1e6f0fecee9c/lib/strings.nix#L257 # https://github.com/NixOS/nixpkgs/blob/0258808f5744ca980b9a1f24fe0b1e6f0fecee9c/lib/strings.nix#L257
stringToCharacters = s: map (p: builtins.substring p 1 s) (range 0 (builtins.stringLength s - 1)); stringToCharacters = s: map (p: builtins.substring p 1 s) (range 0 (builtins.stringLength s - 1));
@ -104,36 +105,39 @@ _: let
let let
inherit (builtins) lessThan nixVersion fetchTarball; inherit (builtins) lessThan nixVersion fetchTarball;
in in
if lessThan nixVersion "1.12" then if lessThan nixVersion "1.12" then
fetchTarball { inherit name url; } fetchTarball { inherit name url; }
else else
fetchTarball attrs; fetchTarball attrs;
# fetchurl version that is compatible between all the versions of Nix # fetchurl version that is compatible between all the versions of Nix
builtins_fetchurl = { url, sha256 }@attrs: builtins_fetchurl = { url, sha256 }@attrs:
let let
inherit (builtins) lessThan nixVersion fetchurl; inherit (builtins) lessThan nixVersion fetchurl;
in in
if lessThan nixVersion "1.12" then if lessThan nixVersion "1.12" then
fetchurl { inherit url; } fetchurl { inherit url; }
else else
fetchurl attrs; fetchurl attrs;
# Create the final "sources" from the config # Create the final "sources" from the config
mkSources = config: mkSources = config:
mapAttrs ( mapAttrs
name: spec: (
if builtins.hasAttr "outPath" spec name: spec:
then abort if builtins.hasAttr "outPath" spec
"The values in sources.json should not have an 'outPath' attribute" then
else abort
spec // { outPath = replace name (fetch config.pkgs name spec); } "The values in sources.json should not have an 'outPath' attribute"
) config.sources; else
spec // { outPath = replace name (fetch config.pkgs name spec); }
)
config.sources;
# The "config" used by the fetchers # The "config" used by the fetchers
mkConfig = mkConfig =
{ sourcesFile ? if builtins.pathExists ./sources.json then ./sources.json else null { sourcesFile ? if builtins.pathExists ./sources.json then ./sources.json else null
, sources ? if isNull sourcesFile then {} else builtins.fromJSON (builtins.readFile sourcesFile) , sources ? if isNull sourcesFile then { } else builtins.fromJSON (builtins.readFile sourcesFile)
, pkgs ? mkPkgs sources , pkgs ? mkPkgs sources
}: rec { }: rec {
# The sources, i.e. the attribute set of spec name to spec # The sources, i.e. the attribute set of spec name to spec
@ -144,4 +148,4 @@ _: let
}; };
in in
mkSources (mkConfig {}) // { __functor = _: settings: mkSources (mkConfig settings); } mkSources (mkConfig { }) // { __functor = _: settings: mkSources (mkConfig settings); }

View file

@ -145,6 +145,11 @@ lib.fix (self: {
]; ];
}; };
# from https://github.com/NixOS/nixpkgs/issues/64965
environment.etc."ipsec.secrets".text = ''
include ipsec.d/ipsec.nm-l2tp.secrets
'';
security.rtkit.enable = true; security.rtkit.enable = true;
services = { services = {