From 865abfa6091515da3c776283500e45d489ed488f Mon Sep 17 00:00:00 2001 From: Kirill Elagin Date: Sat, 19 May 2018 00:52:41 +0300 Subject: [PATCH] wireguard: Enable tools on other platforms Wireguard is now split into two pretty much independent packages: `wireguard` (Linux-specific kernel module) and `wireguard-tools`, which is cross-platform. --- .../modules/services/networking/wireguard.nix | 4 +- pkgs/os-specific/linux/wireguard/default.nix | 76 +++++-------------- .../networking/wireguard-tools/default.nix | 46 +++++++++++ pkgs/top-level/all-packages.nix | 2 + 4 files changed, 71 insertions(+), 57 deletions(-) create mode 100644 pkgs/tools/networking/wireguard-tools/default.nix diff --git a/nixos/modules/services/networking/wireguard.nix b/nixos/modules/services/networking/wireguard.nix index 0591917c7423..acb4778d8485 100644 --- a/nixos/modules/services/networking/wireguard.nix +++ b/nixos/modules/services/networking/wireguard.nix @@ -193,7 +193,7 @@ let after = [ "network.target" ]; wantedBy = [ "multi-user.target" ]; environment.DEVICE = name; - path = with pkgs; [ kmod iproute wireguard ]; + path = with pkgs; [ kmod iproute wireguard-tools ]; serviceConfig = { Type = "oneshot"; @@ -279,7 +279,7 @@ in config = mkIf (cfg.interfaces != {}) { boot.extraModulePackages = [ kernel.wireguard ]; - environment.systemPackages = [ pkgs.wireguard ]; + environment.systemPackages = [ pkgs.wireguard-tools ]; systemd.services = mapAttrs' generateUnit cfg.interfaces; diff --git a/pkgs/os-specific/linux/wireguard/default.nix b/pkgs/os-specific/linux/wireguard/default.nix index c5daaabd5be8..c82831782e97 100644 --- a/pkgs/os-specific/linux/wireguard/default.nix +++ b/pkgs/os-specific/linux/wireguard/default.nix @@ -1,11 +1,10 @@ -{ stdenv, fetchurl, libmnl, kernel ? null }: +{ stdenv, fetchurl, kernel }: # module requires Linux >= 3.10 https://www.wireguard.io/install/#kernel-requirements -assert kernel != null -> stdenv.lib.versionAtLeast kernel.version "3.10"; +assert stdenv.lib.versionAtLeast kernel.version "3.10"; -let +stdenv.mkDerivation rec { name = "wireguard-${version}"; - version = "0.0.20180514"; src = fetchurl { @@ -13,61 +12,28 @@ let sha256 = "1nk6yj1gdmpar99zzw39n1v795m6fxsrilg37d02jm780rgbd5g8"; }; + preConfigure = '' + cd src + sed -i '/depmod/,+1d' Makefile + ''; + + hardeningDisable = [ "pic" ]; + + KERNELDIR = "${kernel.dev}/lib/modules/${kernel.modDirVersion}/build"; + INSTALL_MOD_PATH = "\${out}"; + + NIX_CFLAGS = ["-Wno-error=cpp"]; + + nativeBuildInputs = kernel.moduleBuildDependencies; + + buildPhase = "make module"; + meta = with stdenv.lib; { homepage = https://www.wireguard.com/; downloadPage = https://git.zx2c4.com/WireGuard/refs/; - description = "A prerelease of an experimental VPN tunnel which is not to be depended upon for security"; + description = " Tools for the WireGuard secure network tunnel"; maintainers = with maintainers; [ ericsagnes mic92 zx2c4 ]; license = licenses.gpl2; platforms = platforms.linux; }; - - module = stdenv.mkDerivation { - inherit src meta name; - - preConfigure = '' - cd src - sed -i '/depmod/,+1d' Makefile - ''; - - hardeningDisable = [ "pic" ]; - - KERNELDIR = "${kernel.dev}/lib/modules/${kernel.modDirVersion}/build"; - INSTALL_MOD_PATH = "\${out}"; - - NIX_CFLAGS = ["-Wno-error=cpp"]; - - nativeBuildInputs = kernel.moduleBuildDependencies; - - buildPhase = "make module"; - }; - - tools = stdenv.mkDerivation { - inherit src meta name; - - preConfigure = "cd src"; - - buildInputs = [ libmnl ]; - - enableParallelBuilding = true; - - makeFlags = [ - "WITH_BASHCOMPLETION=yes" - "WITH_WGQUICK=yes" - "WITH_SYSTEMDUNITS=yes" - "DESTDIR=$(out)" - "PREFIX=/" - "-C" "tools" - ]; - - buildPhase = "make tools"; - - postInstall = '' - substituteInPlace $out/lib/systemd/system/wg-quick@.service \ - --replace /usr/bin $out/bin - ''; - }; - -in if kernel == null - then tools - else module +} diff --git a/pkgs/tools/networking/wireguard-tools/default.nix b/pkgs/tools/networking/wireguard-tools/default.nix new file mode 100644 index 000000000000..8f983082a800 --- /dev/null +++ b/pkgs/tools/networking/wireguard-tools/default.nix @@ -0,0 +1,46 @@ +{ stdenv, lib, fetchurl, libmnl, useSystemd ? stdenv.isLinux }: + +let + inherit (lib) optional optionalString; +in + +stdenv.mkDerivation rec { + name = "wireguard-tools-${version}"; + version = "0.0.20180514"; + + src = fetchurl { + url = "https://git.zx2c4.com/WireGuard/snapshot/WireGuard-${version}.tar.xz"; + sha256 = "1nk6yj1gdmpar99zzw39n1v795m6fxsrilg37d02jm780rgbd5g8"; + }; + + preConfigure = "cd src"; + + buildInputs = optional stdenv.isLinux libmnl; + + enableParallelBuilding = true; + + makeFlags = [ + "WITH_BASHCOMPLETION=yes" + "WITH_WGQUICK=yes" + "WITH_SYSTEMDUNITS=${if useSystemd then "yes" else "no"}" + "DESTDIR=$(out)" + "PREFIX=/" + "-C" "tools" + ]; + + buildPhase = "make tools"; + + postInstall = optionalString useSystemd '' + substituteInPlace $out/lib/systemd/system/wg-quick@.service \ + --replace /usr/bin $out/bin + ''; + + meta = with stdenv.lib; { + homepage = https://www.wireguard.com/; + downloadPage = https://git.zx2c4.com/WireGuard/refs/; + description = " Tools for the WireGuard secure network tunnel"; + maintainers = with maintainers; [ ericsagnes mic92 zx2c4 ]; + license = licenses.gpl2; + platforms = platforms.unix; + }; +} diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 7290f39927d5..3faf3c346e77 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -5500,6 +5500,8 @@ with pkgs; whois = callPackage ../tools/networking/whois { }; + wireguard-tools = callPackage ../tools/networking/wireguard-tools { }; + woff2 = callPackage ../development/web/woff2 { }; woof = callPackage ../tools/misc/woof { };