| blob | 8beaffa75e384db538749da9bd97dcbe90d80177 |
1 { stdenv
2 , lib
3 , fetchurl
4 , perl
5 , pkg-config
6 , libcap
7 , libidn2
8 , libtool
9 , libxml2
10 , openssl
11 , libuv
12 , nghttp2
13 , jemalloc
14 , enablePython ? false
15 , python3
16 , enableGSSAPI ? true
17 , libkrb5
18 , buildPackages
19 , nixosTests
20 , cmocka
21 , tzdata
22 , gitUpdater
23 }:
25 stdenv.mkDerivation rec {
26 pname = "bind";
27 version = "9.18.26";
29 src = fetchurl {
30 url = "https://downloads.isc.org/isc/bind9/${version}/${pname}-${version}.tar.xz";
31 hash = "sha256-df/uUnMelgTISbZY3ynpJ/HE8B1aceo+vL62NwLLZlE=";
32 };
34 outputs = [ "out" "lib" "dev" "man" "dnsutils" "host" ];
36 patches = [
37 ./dont-keep-configure-flags.patch
38 ];
40 nativeBuildInputs = [ perl pkg-config ];
41 buildInputs = [ libidn2 libtool libxml2 openssl libuv nghttp2 jemalloc ]
42 ++ lib.optional stdenv.isLinux libcap
43 ++ lib.optional enableGSSAPI libkrb5
44 ++ lib.optional enablePython (python3.withPackages (ps: with ps; [ ply ]));
46 depsBuildBuild = [ buildPackages.stdenv.cc ];
48 configureFlags = [
49 "--localstatedir=/var"
50 "--without-lmdb"
51 "--with-libidn2"
52 ] ++ lib.optional enableGSSAPI "--with-gssapi=${libkrb5.dev}/bin/krb5-config"
53 ++ lib.optional (stdenv.hostPlatform != stdenv.buildPlatform) "BUILD_CC=$(CC_FOR_BUILD)";
55 postInstall = ''
56 moveToOutput bin/bind9-config $dev
58 moveToOutput bin/host $host
60 moveToOutput bin/dig $dnsutils
61 moveToOutput bin/delv $dnsutils
62 moveToOutput bin/nslookup $dnsutils
63 moveToOutput bin/nsupdate $dnsutils
65 for f in "$lib/lib/"*.la "$dev/bin/"bind*-config; do
66 sed -i "$f" -e 's|-L${openssl.dev}|-L${lib.getLib openssl}|g'
67 done
69 cat <<EOF >$out/etc/rndc.conf
70 include "/etc/bind/rndc.key";
71 options {
72 default-key "rndc-key";
73 default-server 127.0.0.1;
74 default-port 953;
75 };
76 EOF
77 '';
79 enableParallelBuilding = true;
81 doCheck = false;
82 # TODO: investigate failures; see this and linked discussions:
83 # https://github.com/NixOS/nixpkgs/pull/192962
84 /*
85 doCheck = with stdenv.hostPlatform; !isStatic && !(isAarch64 && isLinux)
86 # https://gitlab.isc.org/isc-projects/bind9/-/issues/4269
87 && !is32bit;
88 */
89 checkTarget = "unit";
90 checkInputs = [
91 cmocka
92 ] ++ lib.optionals (!stdenv.hostPlatform.isMusl) [
93 tzdata
94 ];
95 preCheck = lib.optionalString stdenv.hostPlatform.isMusl ''
96 # musl doesn't respect TZDIR, skip timezone-related tests
97 sed -i '/^ISC_TEST_ENTRY(isc_time_formatISO8601L/d' tests/isc/time_test.c
98 '' + lib.optionalString stdenv.hostPlatform.isDarwin ''
99 # Test timeouts on Darwin
100 sed -i '/^ISC_TEST_ENTRY(tcpdns_recv_one/d' tests/isc/netmgr_test.c
101 '';
103 passthru = {
104 tests = {
105 inherit (nixosTests) bind;
106 prometheus-exporter = nixosTests.prometheus-exporters.bind;
107 kubernetes-dns-single-node = nixosTests.kubernetes.dns-single-node;
108 kubernetes-dns-multi-node = nixosTests.kubernetes.dns-multi-node;
109 };
111 updateScript = gitUpdater {
112 # No nicer place to find latest stable release.
113 url = "https://gitlab.isc.org/isc-projects/bind9.git";
114 rev-prefix = "v";
115 # Avoid unstable 9.19 releases.
116 odd-unstable = true;
117 };
118 };
120 meta = with lib; {
121 homepage = "https://www.isc.org/bind/";
122 description = "Domain name server";
123 license = licenses.mpl20;
124 changelog = "https://downloads.isc.org/isc/bind9/cur/${lib.versions.majorMinor version}/CHANGES";
125 maintainers = with maintainers; [ globin ];
126 platforms = platforms.unix;
128 outputsToInstall = [ "out" "dnsutils" "host" ];
129 };
130 }