diff --git a/tvix/cli/src/fetchurl.nix b/tvix/cli/src/fetchurl.nix new file mode 100644 index 000000000..3f182a5a3 --- /dev/null +++ b/tvix/cli/src/fetchurl.nix @@ -0,0 +1,53 @@ +# SPDX-License-Identifier: LGPL-2.1 +# +# This file is vendored from C++ Nix, as it needs to be bundled with +# an evaluator to be able to evaluate nixpkgs. +# +# Source: https://github.com/NixOS/nix/blob/2.3.16/corepkgs/fetchurl.nix + +{ system ? "" # obsolete +, url +, hash ? "" # an SRI hash + + # Legacy hash specification +, md5 ? "" +, sha1 ? "" +, sha256 ? "" +, sha512 ? "" +, outputHash ? if hash != "" then hash else if sha512 != "" then sha512 else if sha1 != "" then sha1 else if md5 != "" then md5 else sha256 +, outputHashAlgo ? if hash != "" then "" else if sha512 != "" then "sha512" else if sha1 != "" then "sha1" else if md5 != "" then "md5" else "sha256" + +, executable ? false +, unpack ? false +, name ? baseNameOf (toString url) +}: + +derivation { + builder = "builtin:fetchurl"; + + # New-style output content requirements. + inherit outputHashAlgo outputHash; + outputHashMode = if unpack || executable then "recursive" else "flat"; + + inherit name url executable unpack; + + system = "builtin"; + + # No need to double the amount of network traffic + preferLocalBuild = true; + + impureEnvVars = [ + # We borrow these environment variables from the caller to allow + # easy proxy configuration. This is impure, but a fixed-output + # derivation like fetchurl is allowed to do so since its result is + # by definition pure. + "http_proxy" + "https_proxy" + "ftp_proxy" + "all_proxy" + "no_proxy" + ]; + + # To make "nix-prefetch-url" work. + urls = [ url ]; +} diff --git a/tvix/cli/src/main.rs b/tvix/cli/src/main.rs index 0942c128e..beac12632 100644 --- a/tvix/cli/src/main.rs +++ b/tvix/cli/src/main.rs @@ -56,7 +56,15 @@ fn interpret(code: &str, path: Option, args: &Args, explain: bool) -> b let known_paths: Rc> = Default::default(); eval.io_handle = Box::new(nix_compat::NixCompatIO::new(known_paths.clone())); - eval.nix_path = args.nix_search_path.clone(); + + // bundle fetchurl.nix (used in nixpkgs) by resolving to + // `/__corepkgs__`, which has special handling in [`nix_compat`]. + eval.nix_path = args + .nix_search_path + .as_ref() + .map(|p| format!("nix=/__corepkgs__:{}", p)) + .or_else(|| Some("nix=/__corepkgs__".to_string())); + eval.builtins .extend(derivation::derivation_builtins(known_paths)); diff --git a/tvix/cli/src/nix_compat.rs b/tvix/cli/src/nix_compat.rs index 2bee43882..cc9e0db5f 100644 --- a/tvix/cli/src/nix_compat.rs +++ b/tvix/cli/src/nix_compat.rs @@ -59,10 +59,24 @@ impl EvalIO for NixCompatIO { // Pass the rest of the functions through to `Self::underlying` fn path_exists(&self, path: PathBuf) -> Result { + if path.starts_with("/__corepkgs__") { + return Ok(true); + } + self.underlying.path_exists(path) } fn read_to_string(&self, path: PathBuf) -> Result { + // Bundled version of corepkgs/fetchurl.nix. This workaround + // is similar to what cppnix does for passing the path + // through. + // + // TODO: this comparison is bad and allocates, we should use + // the sane path library. + if path.starts_with("/__corepkgs__/fetchurl.nix") { + return Ok(include_str!("fetchurl.nix").to_string()); + } + self.underlying.read_to_string(path) }