From 2787280d8c65feee321115c47896fa852cb0b049 Mon Sep 17 00:00:00 2001 From: Trolli Schmittlauch Date: Fri, 27 Nov 2020 19:02:45 +0100 Subject: [PATCH 1/2] libevhtp: fix build with oniguruma >= 6.95_rev1 --- default.nix | 8 +++++--- libevhtp/default.nix | 3 +-- 2 files changed, 6 insertions(+), 5 deletions(-) diff --git a/default.nix b/default.nix index 9deb288..ceff8bb 100644 --- a/default.nix +++ b/default.nix @@ -1,7 +1,10 @@ self: super: rec { - libevhtp = super.callPackage ./libevhtp/default.nix {}; + # TODO: modify oniguruma derivation instead, pass at callPackage stage + # Since onig-6.9.5_rev1 the POSIX API is disabled by default, causing the libevhtp build relying on it to fail + onigWithPosixAPI = super.oniguruma.overrideAttrs (oldAttrs: {configureFlags = [ "--enable-posix-api=yes" ];}); + libevhtp = super.callPackage ./libevhtp/default.nix {oniguruma = onigWithPosixAPI;}; libsearpc = super.callPackage ./libsearpc/default.nix {}; - seafile-server = super.callPackage ./seafile-server/default.nix { inherit libevhtp python3Packages libsearpc;}; + seafile-server = super.callPackage ./seafile-server/default.nix { inherit libevhtp python3Packages libsearpc; oniguruma = onigWithPosixAPI;}; python3Packages = super.python3Packages // rec { jsonfield = super.python3Packages.callPackage ./jsonfield {}; django-simple-captcha = super.python3Packages.callPackage ./django-simple-captcha { inherit django-ranged-response; }; @@ -11,6 +14,5 @@ self: super: rec { captcha = super.python3Packages.callPackage ./captcha {}; django-formtools = super.python3Packages.callPackage ./django-formtools {}; seafile-bindings = super.python3Packages.toPythonModule seafile-server.seafile-server-core; - ccnet-bindings = super.python3Packages.toPythonModule seafile-server.ccnet-server; }; } diff --git a/libevhtp/default.nix b/libevhtp/default.nix index e1a5dc6..45a2f92 100644 --- a/libevhtp/default.nix +++ b/libevhtp/default.nix @@ -16,8 +16,7 @@ stdenv.mkDerivation rec { }; nativeBuildInputs = [ cmake ]; - buildInputs = [ libevent pth openssl ]; - propagatedBuildInputs = [ oniguruma ]; + buildInputs = [ libevent pth openssl oniguruma ]; # fix pkgconfig librarypath generation patches = [ ./pkgconfig-librarypath.patch ]; #cmakeFlags = [ "-DEVHTP_DISABLE_SSL=OFF" "-DEVHTP_BUILD_SHARED=ON" ]; From 446a5e2f37ecc78885e013f1a304ca0c7dc20bd1 Mon Sep 17 00:00:00 2001 From: Trolli Schmittlauch Date: Wed, 25 Nov 2020 19:31:30 +0100 Subject: [PATCH 2/2] bump seafile components to version 8.0.0 and fix build --- seafile-server/default.nix | 243 +++++++++++++++------------ seafile-server/recent_libevhtp.patch | 23 --- 2 files changed, 135 insertions(+), 131 deletions(-) diff --git a/seafile-server/default.nix b/seafile-server/default.nix index 9874d41..02868fb 100644 --- a/seafile-server/default.nix +++ b/seafile-server/default.nix @@ -1,111 +1,138 @@ -{ stdenv, lib, fetchFromGitHub, - autoconf, automake, autoreconfHook, pkgconfig, curl, libevent, glib, libuuid, intltool, sqlite, withMysql ? true, libmysqlclient, libarchive, libtool, jansson, vala, fuse, openssl, libevhtp, libsearpc, which, - # for SeaHub - python3, python3Packages }: - - let - version = "7.1.1"; - python = python3; - pythonPackages = python3Packages; - django = pythonPackages.django_1_11; - djangoModules = with pythonPackages; [ django-statici18n django-post_office django-picklefield django-formtools djangorestframework ]; - seahubPythonDependencies = with pythonPackages; [ - django django-webpack-loader future captcha gunicorn pymysql openpyxl qrcode dateutil requests pillow pyjwt pycryptodome - ] - ++ map (p: p.override { django = django; }) djangoModules; # build django modules with required version - seafile-server-core = stdenv.mkDerivation rec { - name = "seafile-server-core"; - inherit version; - src = fetchFromGitHub { - owner = "haiwen"; - repo = "seafile-server"; - rev = "v${version}-server"; - sha256 = "sha256:1y555nm4ic5mbmi87nlp1j23z13na1afziv847xczq3mkach9vqi"; - }; - # patch to work with latest, non-vulnerable libevhtp - patches = [ - ./recent_libevhtp.patch - ./django-version.patch - ]; - # `which` is called directly from python during buildPhase, so we need the binary - nativeBuildInputs = [ autoconf automake libtool pkgconfig vala autoreconfHook which pythonPackages.wrapPython ]; - buildInputs = [ sqlite glib python libuuid openssl fuse libarchive ccnet-server libevent libevhtp ]; - propagatedBuildInputs = [ libsearpc ] ++ seahubPythonDependencies; - postFixup = '' - buildPythonPath $propagatedBuildInputs - wrapPythonProgramsIn "$out/bin" "$out $pythonPath" - ''; - checkPhase = "bash ./run_tests.sh"; - - meta = with lib; { - license = licenses.agpl3; # with additional OpenSSL linking exception - maintainers = with maintainers; [ schmittlauch ]; - }; - }; - seahub = pythonPackages.buildPythonApplication rec { - name = "seahub"; - inherit version; - src = fetchFromGitHub { - owner = "haiwen"; - repo = "seahub"; - rev = "v${version}-server"; - sha256 = "sha256:1s5yd4w5z31hx3x7cd25zgzv7h2yzbdbryypa9in19akmsmb11fp"; - }; - phases = [ "unpackPhase" "installPhase" "fixupPhase" "distPhase" ]; - buildInputs = [ python pythonPackages.wrapPython ]; - propagatedBuildInputs = seahubPythonDependencies ++ [ pythonPackages.seafile-bindings pythonPackages.ccnet-bindings ]; # for `seaserv` module - installPhase = '' - cp -r ./ $out - cd "$out" - ${python.interpreter} -m compileall ./ - buildPythonPath $propagatedBuildInputs - set -x - patchPythonScript manage.py - ''; - meta = with lib; { - license = licenses.asl20; - maintainers = with maintainers; [ schmittlauch ]; - }; - }; - ccnet-server = stdenv.mkDerivation rec { - name = "ccnet-server"; - inherit version; - src = fetchFromGitHub { - owner = "haiwen"; - repo = "ccnet-server"; - rev = "v${version}-server"; - sha256 = "sha256:0hf9mmf019984ybc20zxaqyhcfhhr3k0bjr45pq9d79w16ndnim8"; - }; - - buildInputs = [ vala fuse libsearpc libuuid sqlite openssl libarchive libevent glib python ] - ++ lib.optional (!withMysql) "--without-mysql"; - # `which` is called directly from python during buildPhase, so we need the binary - nativeBuildInputs = [ autoconf automake libtool pkgconfig autoreconfHook which ]; - configureFlags = [ "--disable-static" ]; - - meta = { - description = "Internal communication framework and user/group management for Seafile server"; - license = lib.licenses.agpl3; # with additional OpenSSL linking exception - }; - }; - - in stdenv.mkDerivation { - name = "seafile-server"; +{ stdenv +, lib +, fetchFromGitHub +, autoconf +, automake +, autoreconfHook +, pkgconfig +, curl +, libevent +, glib +, libuuid +, intltool +, sqlite +, withMysql ? true +, libmysqlclient +, libarchive +, libtool +, jansson +, vala +, fuse +, openssl +, oniguruma +, libevhtp +, libsearpc +, which +, # for SeaHub + python3 +, python3Packages +}: +let + version = "8.0.0"; + python = python3; + pythonPackages = python3Packages; + django = pythonPackages.django; + djangoModules = with pythonPackages; [ django-statici18n django-post_office django-picklefield django-formtools djangorestframework ]; + seahubPythonDependencies = with pythonPackages; [ + django + django-webpack-loader + future + captcha + gunicorn + pymysql + openpyxl + qrcode + dateutil + requests + pillow + pyjwt + pycryptodome + ] + ++ map (p: p.override { inherit django; }) djangoModules; # build django modules with required version + seafile-server-core = stdenv.mkDerivation rec { + name = "seafile-server-core"; inherit version; - - buildInputs = [ seahub seafile-server-core ccnet-server libsearpc ] - ++ lib.optional withMysql libmysqlclient; - phases = [ "installPhase" "fixupPhase" "distPhase" ]; - # todo: create data directory in /srv in activation script - installPhase = '' - mkdir "$out" - cd "$out" - ln -s ${seahub} seahub - ln -s ${seafile-server-core} seafile-server-latest - ''; - meta = with lib; { - maintainers = with maintainers; [ schmittlauch ]; - license = licenses.free; # components with different free software licenses are combined + src = fetchFromGitHub { + owner = "haiwen"; + repo = "seafile-server"; + rev = "v${version}-server"; + sha256 = "0pd1zjsw6lkpxd54ln0dz5r9zx9585nib10kvpl1vgzp61g4d223"; }; - inherit ccnet-server seafile-server-core seahub; # for using the path in the NixOS module + # patch to work with latest, non-vulnerable libevhtp + patches = [ + ./recent_libevhtp.patch + ./django-version.patch + ]; + # `which` is called directly from python during buildPhase, so we need the binary + nativeBuildInputs = [ autoconf automake libtool pkgconfig vala autoreconfHook which pythonPackages.wrapPython ]; + buildInputs = [ sqlite glib python libuuid openssl oniguruma fuse libarchive libevent libevhtp ]; + propagatedBuildInputs = [ libsearpc ] ++ seahubPythonDependencies; + postFixup = '' + buildPythonPath $propagatedBuildInputs + wrapPythonProgramsIn "$out/bin" "$out $pythonPath" + ''; + checkPhase = "bash ./run_tests.sh"; + + meta = with lib; { + license = licenses.agpl3; # with additional OpenSSL linking exception + maintainers = with maintainers; [ schmittlauch ]; + }; + }; + seahub = pythonPackages.buildPythonApplication rec { + name = "seahub"; + inherit version; + src = fetchFromGitHub { + owner = "haiwen"; + repo = "seahub"; + rev = "v${version}-server"; + sha256 = "0j7g43j7w1zb00pg4aaacdv5ycva3qf561hj9pbwh4709mbiykip"; + }; + phases = [ "unpackPhase" "installPhase" "fixupPhase" "distPhase" ]; + buildInputs = [ python pythonPackages.wrapPython ]; + propagatedBuildInputs = seahubPythonDependencies ++ [ pythonPackages.seafile-bindings ]; # for `seaserv` module + installPhase = '' + cp -r ./ $out + cd "$out" + ${python.interpreter} -m compileall ./ + buildPythonPath $propagatedBuildInputs + set -x + patchPythonScript manage.py + ''; + meta = with lib; { + license = licenses.asl20; + maintainers = with maintainers; [ schmittlauch ]; + }; + }; + + buildInputs = [ vala fuse libsearpc libuuid sqlite openssl libarchive libevent glib python ] + ++ lib.optional (!withMysql) "--without-mysql"; + # `which` is called directly from python during buildPhase, so we need the binary + nativeBuildInputs = [ autoconf automake libtool pkgconfig autoreconfHook which ]; + configureFlags = [ "--disable-static" ]; + + meta = { + description = "Internal communication framework and user/group management for Seafile server"; + license = lib.licenses.agpl3; # with additional OpenSSL linking exception + }; + +in +stdenv.mkDerivation { + name = "seafile-server"; + inherit version; + + buildInputs = [ seahub seafile-server-core libsearpc ] + ++ lib.optional withMysql libmysqlclient; + phases = [ "installPhase" "fixupPhase" "distPhase" ]; + # todo: create data directory in /srv in activation script + installPhase = '' + mkdir "$out" + cd "$out" + ln -s ${seahub} seahub + ln -s ${seafile-server-core} seafile-server-latest + ''; + meta = with lib; { + maintainers = with maintainers; [ schmittlauch ]; + license = licenses.free; # components with different free software licenses are combined + }; + inherit seafile-server-core seahub;# for using the path in the NixOS module } diff --git a/seafile-server/recent_libevhtp.patch b/seafile-server/recent_libevhtp.patch index 5b091ae..6855b9b 100644 --- a/seafile-server/recent_libevhtp.patch +++ b/seafile-server/recent_libevhtp.patch @@ -101,29 +101,6 @@ Subject: [PATCH] Update upload-file.c evhtp_set_regex_cb (htp, "^/upload_progress.*", upload_progress_cb, NULL); -From b6c41aae74f1eb285a033125f4a5af578c8efbb6 Mon Sep 17 00:00:00 2001 -From: Ultima1252 -Date: Mon, 15 Jan 2018 17:13:57 -0800 -Subject: [PATCH] Update Makefile.am - ---- - server/Makefile.am | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/server/Makefile.am b/server/Makefile.am -index 2491f5e..dd695bd 100644 ---- a/server/Makefile.am -+++ b/server/Makefile.am -@@ -114,7 +114,7 @@ seaf_server_SOURCES = \ - - seaf_server_LDADD = @CCNET_LIBS@ \ - $(top_builddir)/lib/libseafile_common.la \ -- @GLIB2_LIBS@ @GOBJECT_LIBS@ @SSL_LIBS@ @LIB_RT@ @LIB_UUID@ -lsqlite3 @LIBEVENT_LIBS@ -levhtp \ -+ @ONIGURUMA_LIBS@ @GLIB2_LIBS@ @GOBJECT_LIBS@ @SSL_LIBS@ @LIB_RT@ @LIB_UUID@ -lsqlite3 @LIBEVENT_LIBS@ @LIBEVHTP_LIBS@ \ - $(top_builddir)/common/cdc/libcdc.la \ - $(top_builddir)/common/db-wrapper/libdbwrapper.la \ - @SEARPC_LIBS@ @JANSSON_LIBS@ ${LIB_WS32} @ZLIB_LIBS@ \ - From bb2cd57f39450db39c1b6b222b06ac7987f3cd32 Mon Sep 17 00:00:00 2001 From: Ultima1252 Date: Mon, 15 Jan 2018 17:17:27 -0800