cafkafk/nixpkgs
cafkafk/nixpkgs
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 2

Merge pull request #81860 from zowoq/rm-rkt

Browse source
This commit is contained in:
Jörg Thalheim 2020-05-16 08:25:46 +01:00 committed by GitHub
commit 3233d3f0e3
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
7 changed files with 7 additions and 145 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
nixos/doc/manual/release-notes/rl-2009.xml
View file

@ -381,6 +381,11 @@ systemd.services.nginx.serviceConfig.ReadWritePaths = [ "/var/www" ];
will have changed. will have changed.
</para> </para>
</listitem> </listitem>
<listitem>
<para>
The rkt module has been removed, it was archived by upstream.
</para>
</listitem>
</itemizedlist> </itemizedlist>
</section> </section>

1
nixos/modules/module-list.nix
View file

@ -1002,7 +1002,6 @@
./virtualisation/podman.nix ./virtualisation/podman.nix
./virtualisation/qemu-guest-agent.nix ./virtualisation/qemu-guest-agent.nix
./virtualisation/railcar.nix ./virtualisation/railcar.nix
./virtualisation/rkt.nix
./virtualisation/virtualbox-guest.nix ./virtualisation/virtualbox-guest.nix
./virtualisation/virtualbox-host.nix ./virtualisation/virtualbox-host.nix
./virtualisation/vmware-guest.nix ./virtualisation/vmware-guest.nix

1
nixos/modules/rename.nix
View file

@ -48,6 +48,7 @@ with lib;
systemd-logind API). Instead of using the module you can now systemd-logind API). Instead of using the module you can now
simply add the brightnessctl package to environment.systemPackages. simply add the brightnessctl package to environment.systemPackages.
'') '')
(mkRemovedOptionModule [ "virtualisation" "rkt" ] "The rkt module has been removed, it was archived by upstream")
(mkRemovedOptionModule ["services" "prey" ] '' (mkRemovedOptionModule ["services" "prey" ] ''
prey-bash-client is deprecated upstream prey-bash-client is deprecated upstream

64
nixos/modules/virtualisation/rkt.nix
View file

@ -1,64 +0,0 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.virtualisation.rkt;
in
{
options.virtualisation.rkt = {
enable = mkEnableOption "rkt metadata service";
gc = {
automatic = mkOption {
default = true;
type = types.bool;
description = "Automatically run the garbage collector at a specific time.";
};
dates = mkOption {
default = "03:15";
type = types.str;
description = ''
Specification (in the format described by
<citerefentry><refentrytitle>systemd.time</refentrytitle>
<manvolnum>7</manvolnum></citerefentry>) of the time at
which the garbage collector will run.
'';
};
options = mkOption {
default = "--grace-period=24h";
type = types.str;
description = ''
Options given to <filename>rkt gc</filename> when the
garbage collector is run automatically.
'';
};
};
};
config = mkIf cfg.enable {
environment.systemPackages = [ pkgs.rkt ];
systemd.services.rkt = {
description = "rkt metadata service";
wantedBy = [ "multi-user.target" ];
after = [ "network.target" ];
serviceConfig = {
ExecStart = "${pkgs.rkt}/bin/rkt metadata-service";
};
};
systemd.services.rkt-gc = {
description = "rkt garbage collection";
startAt = optionalString cfg.gc.automatic cfg.gc.dates;
serviceConfig = {
Type = "oneshot";
ExecStart = "${pkgs.rkt}/bin/rkt gc ${cfg.gc.options}";
};
};
users.groups.rkt = {};
};
}

78
pkgs/applications/virtualization/rkt/default.nix
View file

@ -1,78 +0,0 @@
{ stdenv, lib, autoreconfHook, acl, go, file, git, wget, gnupg, trousers, squashfsTools,
cpio, fetchurl, fetchFromGitHub, iptables, systemd, makeWrapper, glibc }:
let
# Always get the information from
# https://github.com/coreos/rkt/blob/v${VERSION}/stage1/usr_from_coreos/coreos-common.mk
coreosImageRelease = "1478.0.0";
coreosImageSystemdVersion = "233";
# TODO: track https://github.com/coreos/rkt/issues/1758 to allow "host" flavor.
stage1Flavours = [ "coreos" "fly" ];
stage1Dir = "lib/rkt/stage1-images";
in stdenv.mkDerivation rec {
version = "1.30.0";
pname = "rkt";
BUILDDIR="build-${pname}-${version}";
src = fetchFromGitHub {
owner = "coreos";
repo = "rkt";
rev = "v${version}";
sha256 = "0dqf83b7iin1np8k8k1m8i99ybga8vx932q7n2q64yghkw7p6i00";
};
stage1BaseImage = fetchurl {
url = "http://alpha.release.core-os.net/amd64-usr/${coreosImageRelease}/coreos_production_pxe_image.cpio.gz";
sha256 = "0s4qdkkfp0iirfnm5ds3b3hxq0249kvpygyhflma8z90ivkzk5wq";
};
buildInputs = [
glibc.out glibc.static
autoreconfHook go file git wget gnupg trousers squashfsTools cpio acl systemd
makeWrapper
];
preConfigure = ''
./autogen.sh
configureFlagsArray=(
--with-stage1-flavors=${builtins.concatStringsSep "," stage1Flavours}
${if lib.findFirst (p: p == "coreos") null stage1Flavours != null then "
--with-coreos-local-pxe-image-path=${stage1BaseImage}
--with-coreos-local-pxe-image-systemd-version=v${coreosImageSystemdVersion}
" else "" }
--with-stage1-default-location=$out/${stage1Dir}/stage1-${builtins.elemAt stage1Flavours 0}.aci
);
'';
preBuild = ''
export BUILDDIR
export GOCACHE="$TMPDIR/go-cache"
'';
installPhase = ''
mkdir -p $out/bin
cp -Rv $BUILDDIR/target/bin/rkt $out/bin
mkdir -p $out/lib/rkt/stage1-images/
cp -Rv $BUILDDIR/target/bin/stage1-*.aci $out/${stage1Dir}/
wrapProgram $out/bin/rkt \
--prefix LD_LIBRARY_PATH : "${systemd.lib}/lib:${acl.out}/lib" \
--prefix PATH : ${iptables}/bin
'';
meta = with lib; {
description = "A fast, composable, and secure App Container runtime for Linux";
homepage = "https://github.com/coreos/rkt";
license = licenses.asl20;
maintainers = with maintainers; [ ragge steveej ];
platforms = [ "x86_64-linux" ];
knownVulnerabilities = [
"CVE-2019-10144: processes run with `rkt enter` are given all capabilities during stage 2"
"CVE-2019-10145: processes run with `rkt enter` do not have seccomp filtering during stage 2"
"CVE-2019-10147: processes run with `rkt enter` are not limited by cgroups during stage 2"
];
};
}

1
pkgs/top-level/aliases.nix
View file

@ -453,6 +453,7 @@ mapAliases ({
recordmydesktop = throw "recordmydesktop has been removed from nixpkgs, as it's unmaintained and uses deprecated libraries"; # added 2019-12-10 recordmydesktop = throw "recordmydesktop has been removed from nixpkgs, as it's unmaintained and uses deprecated libraries"; # added 2019-12-10
gtk-recordmydesktop = throw "gtk-recordmydesktop has been removed from nixpkgs, as it's unmaintained and uses deprecated libraries"; # added 2019-12-10 gtk-recordmydesktop = throw "gtk-recordmydesktop has been removed from nixpkgs, as it's unmaintained and uses deprecated libraries"; # added 2019-12-10
qt-recordmydesktop = throw "qt-recordmydesktop has been removed from nixpkgs, as it's abandoned and uses deprecated libraries"; # added 2019-12-10 qt-recordmydesktop = throw "qt-recordmydesktop has been removed from nixpkgs, as it's abandoned and uses deprecated libraries"; # added 2019-12-10
rkt = throw "rkt was archived by upstream"; # added 2020-05-16
ruby_2_0_0 = throw "deprecated 2018-0213: use a newer version of ruby"; ruby_2_0_0 = throw "deprecated 2018-0213: use a newer version of ruby";
ruby_2_1_0 = throw "deprecated 2018-0213: use a newer version of ruby"; ruby_2_1_0 = throw "deprecated 2018-0213: use a newer version of ruby";
ruby_2_2_9 = throw "deprecated 2018-0213: use a newer version of ruby"; ruby_2_2_9 = throw "deprecated 2018-0213: use a newer version of ruby";

2
pkgs/top-level/all-packages.nix
View file

@ -21695,8 +21695,6 @@ in
ripser = callPackage ../applications/science/math/ripser { }; ripser = callPackage ../applications/science/math/ripser { };
rkt = callPackage ../applications/virtualization/rkt { };
rkdeveloptool = callPackage ../misc/rkdeveloptool { }; rkdeveloptool = callPackage ../misc/rkdeveloptool { };
rofi-unwrapped = callPackage ../applications/misc/rofi { }; rofi-unwrapped = callPackage ../applications/misc/rofi { };