cryptsetup: make all programs optional (#254767)

Some use cases (think appliances) call for veritysetup but not cryptsetup, and others (like NixOS) don't need veritysetup and usually not integritysetup. This is especially useful for pkgsStatic where each program contains a whole copy of the libraries it needs so is quite large.
2024-09-22 04:57:56 +03:00 · 2023-09-12 18:31:50 +00:00 · 2023-09-12 18:31:50 +00:00 · 771d87046a
commit 771d87046a
parent 2c9c595f76
1 changed files with 4 additions and 1 deletions
--- a/pkgs/os-specific/linux/cryptsetup/default.nix
+++ b/pkgs/os-specific/linux/cryptsetup/default.nix
@ -2,6 +2,9 @@
 , openssl, libuuid, pkg-config, popt, nixosTests
 , libargon2, withInternalArgon2 ? false

+  # Programs enabled by default upstream are implicitly enabled unless
+  # manually set to false.
+, programs ? {}
  # The release tarballs contain precomputed manpage files, so we don't need
  # to run asciidoctor on the man sources. By avoiding asciidoctor, we make
  # the bare NixOS build hash independent of changes to the ruby ecosystem,
@ -50,7 +53,7 @@ stdenv.mkDerivation rec {
    # support, because the path still gets included in the binary even
    # though it isn't used.
    "--with-luks2-external-tokens-path=/"
-  ];
+  ] ++ (with lib; mapAttrsToList (flip enableFeature)) programs;

  nativeBuildInputs = [ pkg-config ] ++ lib.optionals rebuildMan [ asciidoctor ];
  buildInputs = [ lvm2 json_c openssl libuuid popt ] ++ lib.optional (!withInternalArgon2) libargon2;