tvl-depot/users/Profpatsch/whatcd-resolver/default.nix
sterni 73b1f0407b chore(3p/sources): bump channels & overlays – xz edition
Update all 3p/sources as we do normally except

- agenix which is still pinned to 0.15.0

- nixpkgs (unstable) which we bump to the HEAD of the staging-next
  branch. This branch includes the downgrade of xz from 5.6.1 to
  5.4.6 (https://github.com/nixos/nixpkgs/commit/d6dc19adbd). It
  also includes the second haskell-updates rotation with GHC 9.6.4
  which contains a few build fixes that seem to be required to get
  our Haskell targets to work.

Note that this only reverts xz to a version that doesn't contain the now
known backdoor (CVE-2024-3094) which may or may not actually affect
NixOS. Additionally reverting to a version before the malicious
contributor's involvement may be difficult, but prudent:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1068024

Changes required by the updates:

- //3p/overlays/haskell:

  - Update ihp-hsx to latest master to fix build with Stackage LTS 22.
  - Update tmp-postgres to latest master to work around failure with
    ansi-wl-pprint >= 1.
  - Patch punycode for mtl >= 2.3.

- //users/Profpatsch:

  - Clean up some warnings, mostly about unused dependencies
  - my-prelude: Fix build with ghc-boot-9.6.4
  - cas-serve: Use crypton over unmaintained cryptonite
  - ical-smolify: skip in ci, iCalendar would require heavy patching to
    work with Stackage LTS 22.

- //users/{wpcarro,aspen,flokli}:

  Disable home-manager / nixos configuration builds that seem to have
  transient failures that should disappear as we move away from
  staging-next and closer to an actual channel release.

Change-Id: I5cca48e101041c3aedc1d9932dbca2cac885fcc1
Reviewed-on: https://cl.tvl.fyi/c/depot/+/11289
Tested-by: BuildkiteCI
Autosubmit: sterni <sternenseemann@systemli.org>
Reviewed-by: sterni <sternenseemann@systemli.org>
Reviewed-by: tazjin <tazjin@tvl.su>
2024-03-31 22:27:04 +00:00

76 lines
2 KiB
Nix

{ depot, pkgs, lib, ... }:
let
# bins = depot.nix.getBins pkgs.sqlite ["sqlite3"];
whatcd-resolver = pkgs.haskellPackages.mkDerivation {
pname = "whatcd-resolver";
version = "0.1.0";
src = depot.users.Profpatsch.exactSource ./. [
./whatcd-resolver.cabal
./Main.hs
./src/WhatcdResolver.hs
./src/AppT.hs
./src/JsonLd.hs
./src/Optional.hs
./src/Html.hs
./src/Http.hs
./src/Transmission.hs
./src/Redacted.hs
];
libraryHaskellDepends = [
depot.users.Profpatsch.my-prelude
depot.users.Profpatsch.my-webstuff
pkgs.haskellPackages.pa-prelude
pkgs.haskellPackages.pa-label
pkgs.haskellPackages.pa-json
pkgs.haskellPackages.pa-error-tree
pkgs.haskellPackages.pa-field-parser
pkgs.haskellPackages.pa-run-command
pkgs.haskellPackages.aeson-better-errors
pkgs.haskellPackages.blaze-html
pkgs.haskellPackages.hs-opentelemetry-sdk
pkgs.haskellPackages.http-conduit
pkgs.haskellPackages.http-types
pkgs.haskellPackages.ihp-hsx
pkgs.haskellPackages.monad-logger
pkgs.haskellPackages.resource-pool
pkgs.haskellPackages.postgresql-simple
pkgs.haskellPackages.tmp-postgres
pkgs.haskellPackages.unliftio
pkgs.haskellPackages.wai-extra
pkgs.haskellPackages.warp
pkgs.haskellPackages.punycode
];
isExecutable = true;
isLibrary = false;
license = lib.licenses.mit;
};
bins = depot.nix.getBins whatcd-resolver [ "whatcd-resolver" ];
in
depot.nix.writeExecline "whatcd-resolver-wrapped" { } [
"importas"
"-i"
"PATH"
"PATH"
"export"
"PATH"
# TODO: figure out how to automatically migrate to a new postgres version with tmp_postgres (dump?)
"${pkgs.postgresql_14}/bin:$${PATH}"
"export"
"WHATCD_RESOLVER_TOOLS"
(pkgs.linkFarm "whatcd-resolver-tools" [
{
name = "pg_format";
path = "${pkgs.pgformatter}/bin/pg_format";
}
])
bins.whatcd-resolver
]