Merge branch 'develop' into dojo-errors

This commit is contained in:
midden-fabler 2023-07-07 15:32:21 -04:00 committed by GitHub
commit 8f5497d687
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
48 changed files with 479 additions and 1764 deletions

View File

@ -55,7 +55,9 @@ jobs:
runs-on: ${{ matrix.os }}
steps:
- uses: actions/checkout@v2
- uses: actions/checkout@v3
with:
lfs: true
# We only want the extra nix config on linux, where it is necessary
# for the docker build. We don't want in on Mac, where it isn't but
@ -77,21 +79,4 @@ jobs:
- if: ${{ matrix.os == 'ubuntu-latest' }}
name: run urbit-tests
run: |
cp -RL tests pkg/arvo/tests
if [[ "${{ inputs.next }}" == "next/kelvin/"* ]]; then
next=$(echo ${{ inputs.next }} | sed 's/[^0-9]//g')
base="https://bootstrap.urbit.org/vere/next/kelvin/${next}"
elif [[ "${{ github.head_ref }}" == "next/kelvin"* ]]; then
next=$(echo ${{ github.head_ref }} | sed 's/[^0-9]//g')
base="https://bootstrap.urbit.org/vere/next/kelvin/${next}"
else
base="https://bootstrap.urbit.org/vere/${{ inputs.pace }}"
fi
vere=$(curl ${base}/last)
url="$(echo ${base}/v${vere}/vere-v${vere}-linux-x86_64)"
echo $vere
echo $url
# put in .jam so it doesn't crash when it gets -A'd in
curl -Lo pkg/arvo/vere.jam "$url"
chmod +x pkg/arvo/vere.jam
nix-build -A urbit-tests
nix flake check

BIN
bin/urbit-v0.10.8.pill Normal file

Binary file not shown.

76
flake.lock Normal file
View File

@ -0,0 +1,76 @@
{
"nodes": {
"flake-utils": {
"inputs": {
"systems": "systems"
},
"locked": {
"lastModified": 1687709756,
"narHash": "sha256-Y5wKlQSkgEK2weWdOu4J3riRd+kV/VCgHsqLNTTWQ/0=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "dbabf0ca0c0c4bce6ea5eaf65af5cb694d2082c7",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"nixpkgs": {
"locked": {
"lastModified": 1688465017,
"narHash": "sha256-xzFcCnzPOgQaX7Acprfqo+tqHJ2UKWC38pXrcqvdXHU=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "0d5682acc109add20f70440269587a1b169cc2fe",
"type": "github"
},
"original": {
"id": "nixpkgs",
"type": "indirect"
}
},
"root": {
"inputs": {
"flake-utils": "flake-utils",
"nixpkgs": "nixpkgs",
"tools": "tools"
}
},
"systems": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"tools": {
"flake": false,
"locked": {
"lastModified": 1687273483,
"narHash": "sha256-41X9PWXGM7lFzPiIj4dw3i8bgMvpT85iYHSeyIxPJcc=",
"owner": "urbit",
"repo": "tools",
"rev": "2ad116fdb539e4116dc18d86772a241415cc1ef4",
"type": "github"
},
"original": {
"owner": "urbit",
"repo": "tools",
"type": "github"
}
}
},
"root": "root",
"version": 7
}

64
flake.nix Normal file
View File

@ -0,0 +1,64 @@
{
inputs = {
flake-utils.url = "github:numtide/flake-utils";
tools = {
flake = false;
url = "github:urbit/tools";
};
};
outputs = { self, nixpkgs, flake-utils, tools }:
flake-utils.lib.eachDefaultSystem (system:
let
usableTools = pkgs.runCommand "patched-tools" { } ''
cp -r ${tools} $out
chmod +w -R $out
patchShebangs $out
'';
pkgs = import nixpkgs { inherit system; };
bootFakeShip = { pill }:
pkgs.runCommand "fake-pier" { } ''
${pkgs.urbit}/bin/urbit --pier $out -F zod -B ${pill} -l -x -t -A ${
./pkg
}/arvo
'';
fakePier = bootFakeShip { pill = ./bin/solid.pill; };
buildPillThread = pill:
pkgs.writeTextFile {
name = "";
text = ''
=/ m (strand ,vase)
;< [=ship =desk =case] bind:m get-beak
;< ~ bind:m (poke [ship %dojo] %lens-command !>([%$ [%dojo '+${pill}'] [%output-pill '${pill}/pill']]))
;< ~ bind:m (poke [ship %hood] %drum-exit !>(~))
(pure:m !>(~))
'';
};
buildPill = pill:
pkgs.runCommand ("${pill}.pill") { buildInputs = [ pkgs.netcat ]; } ''
cp -r ${fakePier} pier
chmod +w -R pier
${pkgs.urbit}/bin/urbit -d pier
${usableTools}/pkg/click/click -k -p -i ${buildPillThread pill} pier
# Sleep to let urbit spin down properly
sleep 5
cp pier/.urb/put/${pill}.pill $out
'';
in {
checks = {
testFakeShip = import ./nix/test-fake-ship.nix {
inherit (pkgs) stdenvNoCC curl python3 urbit;
pier = fakePier;
};
};
packages = {
inherit fakePier;
brass = buildPill "brass";
ivory = buildPill "ivory";
solid = buildPill "solid";
};
});
}

View File

@ -1,34 +0,0 @@
# The build system where packages will be _built_.
{ system ? builtins.currentSystem
# The host system where packages will _run_.
, crossSystem ? null
# Additional sources.json overrides.
, sources ? { }
# Additional nixpkgs.config overrides.
, config ? { }
# Additional nixpkgs.overlays.
, overlays ? [ ]
# Overlays to apply to the last package set in cross compilation.
, crossOverlays ? [ ] }:
let
finalSources = import ./sources.nix { } // sources;
pkgs = import finalSources.nixpkgs {
inherit system config crossSystem crossOverlays;
overlays = [
# Make prev.sources available to subsequent overlays.
(_final: _prev: { sources = finalSources; })
# General unguarded (native) overrides for nixpkgs.
(import ./overlays/native.nix)
# Specific overrides guarded by the host platform.
(import ./overlays/musl.nix)
(import ./overlays/arm.nix)
];
};
in pkgs // {
pkgsStatic = pkgs.pkgsStatic.extend (import ./overlays/static.nix);
}

View File

@ -1,72 +0,0 @@
{ lib, stdenvNoCC, curl }:
{ arvo ? null, pill, ship, arguments ? [ "-l" ] }:
let
args = arguments ++ [ "-d" "-F" "${ship}" "-B" "${pill}" ]
++ lib.optionals (arvo != null) [ "-A" "${arvo}" ];
in stdenvNoCC.mkDerivation {
name = "fake-${ship}";
buildInputs = [ curl ];
phases = [ "buildPhase" "installPhase " ];
buildPhase = ''
set -xeuo pipefail
${arvo}/vere.jam ${lib.concatStringsSep " " args} -c ./pier
cleanup () {
if [ -f ./pier/.vere.lock ]; then
kill $(< ./pier/.vere.lock) || true
fi
set +x
}
trap cleanup EXIT
port=$(cat ./pier/.http.ports | grep loopback | tr -s ' ' '\n' | head -n 1)
lensd() {
curl -f -s \
--data "{\"source\":{\"dojo\":\"$1\"},\"sink\":{\"stdout\":null}}" \
"http://localhost:$port" | xargs printf %s | sed 's/\\n/\n/g'
}
lensa() {
curl -f -s \
--data "{\"source\":{\"dojo\":\"$2\"},\"sink\":{\"app\":\"$1\"}}" \
"http://localhost:$port" | xargs printf %s | sed 's/\\n/\n/g'
}
check () {
[ 3 -eq "$(lensd 3)" ]
}
if check && sleep 10 && check; then
header "boot success"
lensa hood '+hood/exit'
while [ -f ./pier/.vere.lock ]; do
echo "waiting for pier to shut down"
sleep 5
done
else
header "boot failure"
kill $(< ./pier/.vere.lock) || true
set +x
exit 1
fi
set +x
'';
installPhase = ''
ls
ls -a ./pier
mv ./pier $out
'';
}

View File

@ -1,13 +0,0 @@
# Functions that are expected run on the native (non-cross) system.
{ callPackage }:
rec {
bootFakeShip = callPackage ./boot-fake-ship.nix { };
testFakeShip = callPackage ./test-fake-ship.nix { inherit bootFakeShip; };
fetchGitHubLFS = callPackage ./fetch-github-lfs.nix { };
makeReleaseTarball = callPackage ./make-release-tarball.nix { };
}

View File

@ -1,107 +0,0 @@
{ lib, stdenvNoCC, runCommandLocal, cacert, curl, jq }:
{ src
# `name` shouldn't use `baseNameOf` otherwise we'll
# get `is not allowed to refer to a store path` errors.
, name ? baseNameOf src, owner ? "urbit", repo ? "urbit"
, preferLocalBuild ? true }:
assert builtins.isPath src;
let
# Parse the first 7 characters of the supplied `src` path for the required
# `version` key as defined by the lfs specification:
# https://github.com/git-lfs/git-lfs/blob/master/docs/spec.md
#
# If `version` exists we assume we're dealing with a lfs pointer and parse
# the `oid` and `size` from the pointer and write these into a JSON object.
#
# If the first 7 characters are unrecognised we assume the path is a binary
# file and set both `oid` and `size` to `null`.
#
# The `oid` and `size` are then JSON decoded into an expression to use
# as the fixed-output derivation's `sha256 = oid`, and to form a download
# operation payload to request the actual lfs blob's real url.
pointer = builtins.fromJSON (builtins.readFile
(runCommandLocal "lfs-pointer-${name}" { } ''
oid="null"
size="null"
if [[ "$(head -c 7 "${src}")" != "version" ]]; then
header "lfs ${src} is a binary blob, skipping"
else
header "reading lfs pointer from ${src}"
contents=($(awk '{print $2}' "${src}"))
oid="''${contents[1]#sha256:}"
size="''${contents[2]}"
fi
cat <<EOF > "$out"
{"oid": "$oid", "size": $size}
EOF
''));
downloadUrl =
"https://github.com/${owner}/${repo}.git/info/lfs/objects/batch";
# Encode `oid` and `size` into a download operation per:
# https://github.com/git-lfs/git-lfs/blob/master/docs/api/batch.md
#
# This is done using toJSON to avoid bash quotation issues.
downloadPayload = builtins.toJSON {
operation = "download";
objects = [ pointer ];
};
# Define a fixed-output derivation using the lfs pointer's `oid` as the
# expected sha256 output hash, if `oid` is not null.
#
# 1. Request the actual url of the binary file from the lfs batch api.
# 2. Download the binary file contents to `$out`.
download = stdenvNoCC.mkDerivation {
name = "lfs-blob-${name}";
nativeBuildInputs = [ curl jq ];
phases = [ "installPhase" ];
installPhase = ''
curl=(
curl
--location
--max-redirs 20
--retry 3
--disable-epsv
--cookie-jar cookies
$NIX_CURL_FLAGS
)
header "reading lfs metadata from ${downloadUrl}"
href=$("''${curl[@]}" \
-d '${downloadPayload}' \
-H 'Accept: application/vnd.git-lfs+json' \
'${downloadUrl}' \
| jq -r '.objects[0].actions.download.href')
header "download lfs data from remote"
# Pozor/Achtung: the href contains credential and signature information,
# so we avoid echoing it to stdout/err.
"''${curl[@]}" -s --output "$out" "$href"
'';
impureEnvVars = lib.fetchers.proxyImpureEnvVars;
SSL_CERT_FILE = "${cacert}/etc/ssl/certs/ca-bundle.crt";
outputHashAlgo = "sha256";
outputHashMode = "flat";
outputHash = pointer.oid;
inherit preferLocalBuild;
};
# If `pointer.oid` is null then supplied the `src` must be a binary
# blob and can be returned directly.
in if pointer.oid == null || pointer.size == null then src else download

View File

@ -1,30 +0,0 @@
{ lib, stdenvNoCC, coreutils }:
{ name, extension ? "tgz", contents # { target = source, ... }
}:
let
transforms = builtins.concatStringsSep " " (lib.mapAttrsToList
(target: source: ''--transform "s,${source},${target},"'') contents);
sources = builtins.concatStringsSep " "
(lib.mapAttrsToList (_target: source: "${source}") contents);
in stdenvNoCC.mkDerivation {
name = "${name}.${extension}";
phases = [ "buildPhase" ];
nativeBuildInputs = [ coreutils ];
buildPhase = ''
tar -vczf $out \
--owner=0 --group=0 --mode=u+rw,uga+r \
--absolute-names \
--hard-dereference \
${transforms} \
${sources}
'';
preferLocalBuild = true;
}

View File

@ -1,14 +0,0 @@
final: prev:
let
isAarch64 = prev.stdenv.hostPlatform.isAarch64;
isDarwin = prev.stdenv.isDarwin;
in prev.lib.optionalAttrs (isAarch64 && !isDarwin) {
libsigsegv = prev.libsigsegv.overrideAttrs (attrs: {
preConfigure = (prev.preConfigure or "") + ''
sed -i 's/^CFG_FAULT=$/CFG_FAULT=fault-linux-arm.h/' configure
'';
});
}

View File

@ -1,26 +0,0 @@
final: prev:
let
isMusl = prev.stdenv.hostPlatform.isMusl;
optionalList = xs: if xs == null then [ ] else xs;
overrideStdenv = pkg: pkg.override { stdenv = prev.gcc9Stdenv; };
in prev.lib.optionalAttrs isMusl {
libsigsegv = prev.libsigsegv.overrideAttrs (attrs: {
preConfigure = (attrs.preConfigure or "") + ''
sed -i 's/^CFG_FAULT=$/CFG_FAULT=fault-linux-i386.h/' configure
'';
});
secp256k1 = prev.secp256k1.overrideAttrs (attrs: {
nativeBuildInputs = (attrs.nativeBuildInputs or [ ])
++ [ prev.buildPackages.stdenv.cc ];
});
rhash = overrideStdenv prev.rhash;
numactl = overrideStdenv prev.numactl;
}

View File

@ -1,40 +0,0 @@
final: prev:
let
optionalList = xs: if xs == null then [ ] else xs;
in {
h2o = prev.h2o.overrideAttrs (_attrs: {
version = final.sources.h2o.rev;
src = final.sources.h2o;
outputs = [ "out" "dev" "lib" ];
meta.platforms = prev.lib.platforms.linux ++ prev.lib.platforms.darwin;
});
libsigsegv = prev.libsigsegv.overrideAttrs (attrs: {
patches = optionalList attrs.patches ++ [
../pkgs/libsigsegv/disable-stackvma_fault-linux-arm.patch
../pkgs/libsigsegv/disable-stackvma_fault-linux-i386.patch
];
});
curlUrbit = prev.curlMinimal.override {
http2Support = false;
scpSupport = false;
gssSupport = false;
ldapSupport = false;
brotliSupport = false;
};
# lies, all lies
openssl-static-osx = prev.openssl;
zlib-static-osx = prev.zlib;
lmdb = prev.lmdb.overrideAttrs (attrs: {
patches =
optionalList attrs.patches ++ prev.lib.optional prev.stdenv.isDarwin [
../pkgs/lmdb/darwin-fsync.patch
];
});
}

View File

@ -1,40 +0,0 @@
final: prev:
let
# https://github.com/NixOS/nixpkgs/pull/97047/files
# Will make pkgs.stdenv.isStatic available indepedent of the platform.
# isStatic = prev.stdenv.hostPlatform.isStatic;
configureFlags = attrs: {
configureFlags = (attrs.configureFlags or [ ])
++ [ "--disable-shared" "--enable-static" ];
};
enableStatic = pkg: pkg.overrideAttrs configureFlags;
in {
gmp = enableStatic prev.gmp;
curlUrbit = enableStatic (prev.curlUrbit.override { openssl = final.openssl-static-osx; zlib = final.zlib-static-osx; });
libuv = enableStatic prev.libuv;
libffi = enableStatic prev.libffi;
openssl-static-osx = prev.openssl.override {
static = true;
withPerl = false;
};
zlib-static-osx = if final.stdenv.isDarwin then prev.zlib.static else prev.zlib;
secp256k1 = enableStatic prev.secp256k1;
lmdb = prev.lmdb.overrideAttrs (old:
configureFlags old // {
postPatch = ''
sed '/^ILIBS\t/s/liblmdb\$(SOEXT)//' -i Makefile
'';
});
}

View File

@ -1,21 +0,0 @@
{ lib, stdenvNoCC, marsSources }:
stdenvNoCC.mkDerivation {
name = "arvo";
src = marsSources;
outputs = [ "out" "goerli" ];
phases = [ "mainnetPhase" "goerliPhase" ];
mainnetPhase = ''
ln -s ${marsSources.out}/arvo $out
'';
goerliPhase = ''
ln -s ${marsSources.goerli}/arvo $goerli
'';
preferLocalBuild = true;
}

View File

@ -1,29 +0,0 @@
{ stdenvNoCC, xxd, cacert }:
stdenvNoCC.mkDerivation {
name = "ca-bundle";
nativeBuildInputs = [ cacert xxd ];
phases = [ "installPhase" ];
installPhase = ''
set -euo pipefail
if ! [ -f "$SSL_CERT_FILE" ]; then
header "$SSL_CERT_FILE doesn't exist"
exit 1
fi
mkdir include
cat $SSL_CERT_FILE > include/ca-bundle.crt
xxd -i include/ca-bundle.crt > ca-bundle.h
mkdir -p $out/include
mv ca-bundle.h $out/include
'';
preferLocalBuild = true;
}

View File

@ -1,112 +0,0 @@
{ urbit, curl, libcap, coreutils, bashInteractive, dockerTools, writeScriptBin, amesPort ? 34343 }:
let
startUrbit = writeScriptBin "start-urbit" ''
#!${bashInteractive}/bin/bash
set -eu
# set defaults
amesPort=${toString amesPort}
# check args
for i in "$@"
do
case $i in
-p=*|--port=*)
amesPort="''${i#*=}"
shift
;;
esac
done
# If the container is not started with the `-i` flag
# then STDIN will be closed and we need to start
# Urbit/vere with the `-t` flag.
ttyflag=""
if [ ! -t 0 ]; then
echo "Running with no STDIN"
ttyflag="-t"
fi
# Check if there is a keyfile, if so boot a ship with its name, and then remove the key
if [ -e *.key ]; then
# Get the name of the key
keynames="*.key"
keys=( $keynames )
keyname=''${keys[0]}
mv $keyname /tmp
# Boot urbit with the key, exit when done booting
urbit $ttyflag -w $(basename $keyname .key) -k /tmp/$keyname -c $(basename $keyname .key) -p $amesPort -x
# Remove the keyfile for security
rm /tmp/$keyname
rm *.key || true
elif [ -e *.comet ]; then
cometnames="*.comet"
comets=( $cometnames )
cometname=''${comets[0]}
rm *.comet
urbit $ttyflag -c $(basename $cometname .comet) -p $amesPort -x
fi
# Find the first directory and start urbit with the ship therein
dirnames="*/"
dirs=( $dirnames )
dirname=''${dirnames[0]}
exec urbit $ttyflag -p $amesPort $dirname
'';
getUrbitCode = writeScriptBin "get-urbit-code" ''
#!${bashInteractive}/bin/bash
raw=$(curl -s -X POST -H "Content-Type: application/json" \
-d '{ "source": { "dojo": "+code" }, "sink": { "stdout": null } }' \
http://127.0.0.1:12321)
# trim \n" from the end
trim="''${raw%\\n\"}"
# trim " from the start
code="''${trim#\"}"
echo "$code"
'';
resetUrbitCode = writeScriptBin "reset-urbit-code" ''
#!${bashInteractive}/bin/bash
curl=$(curl -s -X POST -H "Content-Type: application/json" \
-d '{ "source": { "dojo": "+hood/code %reset" }, "sink": { "app": "hood" } }' \
http://127.0.0.1:12321)
if [[ $? -eq 0 ]]
then
echo "OK"
else
echo "Curl error: $?"
fi
'';
in dockerTools.buildImage {
name = "urbit";
tag = "v${urbit.version}";
contents = [ bashInteractive urbit curl startUrbit getUrbitCode resetUrbitCode coreutils ];
runAsRoot = ''
#!${bashInteractive}
mkdir -p /urbit
mkdir -p /tmp
${libcap}/bin/setcap 'cap_net_bind_service=+ep' /bin/urbit
'';
config = {
Cmd = [ "/bin/start-urbit" ];
Env = [ "PATH=/bin" ];
WorkingDir = "/urbit";
Volumes = {
"/urbit" = {};
};
Expose = [ "80/tcp" "${toString amesPort}/udp" ];
};
}

View File

@ -1,14 +0,0 @@
{ lib, stdenv, enableParallelBuilding ? true }:
stdenv.mkDerivation {
name = "ent";
src = lib.cleanSource ../../../pkg/ent;
postPatch = ''
patchShebangs ./configure
'';
installFlags = [ "PREFIX=$(out)" ];
inherit enableParallelBuilding;
}

View File

@ -1,29 +0,0 @@
{ lib, stdenvNoCC, python }:
# Avoid using `python.withPackages` as it creates a wrapper script to set
# PYTHONPATH, and the script is used verbatim as a python shebang.
#
# Unfortunately Darwin does not allow scripts as a shebang - so to get a
# cross platform python interpreter with appropriate site-packages setup
# we use `wrapPython/Packages` which handles these cases correctly.
stdenvNoCC.mkDerivation {
name = "herb";
src = ../../../pkg/herb/herb;
nativeBuildInputs = [ python.pkgs.wrapPython ];
buildInputs = [ python python.pkgs.requests ];
pythonPath = [ python.pkgs.requests ];
phases = [ "installPhase" "fixupPhase" ];
installPhase = ''
mkdir -p $out/bin
cp $src $out/bin/herb
chmod +x $out/bin/herb
'';
postFixup = ''
wrapPythonPrograms
'';
}

View File

@ -1,34 +0,0 @@
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -5,6 +5,8 @@ if("${CMAKE_BUILD_TYPE}" STREQUAL "")
set(CMAKE_BUILD_TYPE Release)
endif("${CMAKE_BUILD_TYPE}" STREQUAL "")
+option(BUILD_SHARED_LIBS "Build shared libraries" ON)
+
include(GNUInstallDirs)
# Warning: don't use the UB sanitizer in production builds. It can introduce timing side-channels
@@ -31,10 +33,12 @@ endif(NOT DISABLE_DOCS)
configure_file(config.h.in config.h)
include_directories(${CMAKE_CURRENT_BINARY_DIR})
+if(BUILD_SHARED_LIBS)
add_library(aes_siv SHARED aes_siv.c)
target_include_directories(aes_siv PUBLIC ${OPENSSL_INCLUDE_DIR})
target_link_libraries(aes_siv ${OPENSSL_CRYPTO_LIBRARY})
set_target_properties(aes_siv PROPERTIES VERSION "1.0.1" SOVERSION 1)
+endif()
add_library(aes_siv_static STATIC aes_siv.c)
target_include_directories(aes_siv_static PUBLIC ${OPENSSL_INCLUDE_DIR})
@@ -63,7 +67,9 @@ endif(ENABLE_SANITIZER)
add_executable(bench EXCLUDE_FROM_ALL bench.c)
target_link_libraries(bench aes_siv_static)
+if(BUILD_SHARED_LIBS)
install(TARGETS aes_siv LIBRARY DESTINATION ${CMAKE_INSTALL_LIBDIR})
+endif()
install(TARGETS aes_siv_static ARCHIVE DESTINATION ${CMAKE_INSTALL_LIBDIR})
install(FILES aes_siv.h DESTINATION ${CMAKE_INSTALL_INCLUDEDIR})

View File

@ -1,17 +0,0 @@
{ stdenv, sources, cmake, openssl, enableParallelBuilding ? true }:
stdenv.mkDerivation {
name = "libaes_siv";
version = sources.libaes_siv.rev;
src = sources.libaes_siv;
patches = [ ./cmakefiles_static.patch ];
nativeBuildInputs = [ cmake ];
buildInputs = [ openssl ];
cmakeFlags = [
"-DBUILD_SHARED_LIBS=OFF"
];
inherit enableParallelBuilding;
}

View File

@ -1,11 +0,0 @@
--- a/src/fault-linux-arm.h
+++ b/src/fault-linux-arm.h
@@ -17,6 +17,8 @@
#include "fault-posix-ucontext.h"
+#define HAVE_STACKVMA 0
+
#if defined(__aarch64__) || defined(__ARM_64BIT_STATE) || defined(__ARM_PCS_AAPCS64) /* 64-bit */
/* See glibc/sysdeps/unix/sysv/linux/aarch64/sys/ucontext.h.

View File

@ -1,11 +0,0 @@
--- a/src/fault-linux-i386.h
+++ b/src/fault-linux-i386.h
@@ -18,6 +18,8 @@
#include "fault-posix-ucontext.h"
+#define HAVE_STACKVMA 0
+
#if defined __x86_64__
/* 64 bit registers */

View File

@ -1,13 +0,0 @@
diff --git a/libraries/liblmdb/mdb.c b/libraries/liblmdb/mdb.c
index fe65e30..0070215 100644
--- a/libraries/liblmdb/mdb.c
+++ b/libraries/liblmdb/mdb.c
@@ -2526,7 +2526,7 @@ mdb_env_sync(MDB_env *env, int force)
rc = ErrCode();
} else
#endif
- if (MDB_FDATASYNC(env->me_fd))
+ if (fcntl(env->me_fd, F_FULLFSYNC, 0))
rc = ErrCode();
}
}

View File

@ -1,46 +0,0 @@
{ lib, stdenvNoCC, bc }:
stdenvNoCC.mkDerivation {
name = "sources";
src = lib.cleanSource ../../../pkg;
buildInputs = [ bc ];
outputs = [ "out" "goerli" ];
phases = [ "mainnetPhase" "goerliPhase" ];
mainnetPhase = ''
cp -r $src $out
chmod -R u+w $out
'';
goerliPhase = ''
cp -r $src tmp
chmod -R u+w tmp
ZUSE=tmp/arvo/sys/zuse.hoon
AMES=tmp/arvo/sys/vane/ames.hoon
ACME=tmp/arvo/app/acme.hoon
# Replace the mainnet azimuth contract with the goerli contract
sed --in-place \
's/\(\+\+ contracts \)mainnet\-contracts/\1goerli-contracts/' \
$ZUSE
# Increment the %ames protocol version
sed -r --in-place \
's_^(=/ protocol\-version=\?\(.*\) %)([0-7])_echo "\1$(echo "(\2+1) % 8" | bc)"_e' \
$AMES
# Use the staging API in :acme
sed --in-place \
's_https://acme-v02.api.letsencrypt.org/directory_https://acme-staging-v02.api.letsencrypt.org/directory_' \
$ACME
cp -r tmp $goerli
chmod -R u+w $goerli
'';
preferLocalBuild = true;
}

View File

@ -1,17 +0,0 @@
{ stdenv, sources }:
stdenv.mkDerivation {
pname = "murmur3";
version = sources.murmur3.rev;
src = sources.murmur3;
buildPhase = ''
$CC -fPIC -O3 -o murmur3.o -c $src/murmur3.c
'';
installPhase = ''
mkdir -p $out/{lib,include}
$AR rcs $out/lib/libmurmur3.a murmur3.o
cp $src/*.h $out/include/
'';
}

View File

@ -1,22 +0,0 @@
{ lib, stdenvNoCC, fetchGitHubLFS, bootFakeShip, solid, urbit, arvo, curl
, withGoerli ? false }:
let
lfs = fetchGitHubLFS { src = ../../../bin/brass.pill; };
in {
build = import ./builder.nix {
inherit stdenvNoCC urbit curl;
name = "brass" + lib.optionalString withGoerli "-goerli";
builder = ./brass.sh;
arvo = if withGoerli then arvo.goerli else arvo;
pier = bootFakeShip {
inherit urbit;
pill = solid.lfs;
ship = "zod";
};
};
} // lib.optionalAttrs (!withGoerli) { inherit lfs; }

View File

@ -1,40 +0,0 @@
source $stdenv/setup
set -euo pipefail
cp -r $src ./pier
chmod -R u+rw ./pier
urbit -d ./pier
cleanup () {
if [ -f ./pier/.vere.lock ]; then
kill $(< ./pier/.vere.lock) || true
fi
}
trap cleanup EXIT
header "running +brass"
port=$(cat ./pier/.http.ports | grep loopback | tr -s ' ' '\n' | head -n 1)
lensa() {
# -f elided, this can hit server-side timeouts
curl -s \
--data "{\"source\":{\"dojo\":\"$2\"},\"sink\":{\"app\":\"$1\"}}" \
"http://localhost:$port" | xargs printf %s | sed 's/\\n/\n/g'
}
lensf() {
# -f elided, this can hit server-side timeouts
d=$(echo $1 | sed 's/\./\//g')
curl -sJO \
--data "{\"source\":{\"dojo\":\"$2\"},\"sink\":{\"output-pill\":\"$d\"}}" \
"http://localhost:$port"
}
lensf brass.pill '+brass'
lensa hood '+hood/exit'
stopNest

View File

@ -1,16 +0,0 @@
{ stdenvNoCC, urbit, arvo, curl, name, builder, pier }:
stdenvNoCC.mkDerivation {
name = "${name}.pill";
src = pier;
buildInputs = [ curl urbit ];
dontUnpack = true;
buildPhase = builtins.readFile builder;
installPhase = ''
mv ${name}.pill $out
'';
ARVO = arvo;
}

View File

@ -1,42 +0,0 @@
{ lib, stdenvNoCC, fetchGitHubLFS, bootFakeShip, solid, urbit, arvo, curl, xxd
, withGoerli ? false }:
let
lfs = fetchGitHubLFS { src = ../../../bin/ivory.pill; };
in {
build = import ./builder.nix {
inherit stdenvNoCC urbit curl;
name = "ivory" + lib.optionalString withGoerli "-goerli";
builder = ./ivory.sh;
arvo = if withGoerli then arvo.goerli else arvo;
pier = bootFakeShip {
inherit urbit;
pill = solid.lfs;
ship = "zod";
};
};
# The hexdump of the `.lfs` pill contents as a C header.
header = stdenvNoCC.mkDerivation {
name = "ivory-header";
src = lfs;
nativeBuildInputs = [ xxd ];
phases = [ "installPhase" ];
installPhase = ''
file=u3_Ivory.pill
header "writing $file"
mkdir -p $out/include
cat $src > $file
xxd -i $file > $out/include/ivory_impl.h
'';
preferLocalBuild = true;
};
} // lib.optionalAttrs (!withGoerli) { inherit lfs; }

View File

@ -1,40 +0,0 @@
source $stdenv/setup
set -euo pipefail
cp -r $src ./pier
chmod -R u+rw ./pier
urbit -d ./pier
cleanup () {
if [ -f ./pier/.vere.lock ]; then
kill $(< ./pier/.vere.lock) || true
fi
}
trap cleanup EXIT
header "running +ivory"
port=$(cat ./pier/.http.ports | grep loopback | tr -s ' ' '\n' | head -n 1)
lensa() {
# -f elided, this can hit server-side timeouts
curl -s \
--data "{\"source\":{\"dojo\":\"$2\"},\"sink\":{\"app\":\"$1\"}}" \
"http://localhost:$port" | xargs printf %s | sed 's/\\n/\n/g'
}
lensf() {
# -f elided, this can hit server-side timeouts
d=$(echo $1 | sed 's/\./\//g')
curl -sJO \
--data "{\"source\":{\"dojo\":\"$2\"},\"sink\":{\"output-pill\":\"$d\"}}" \
"http://localhost:$port"
}
lensf ivory.pill '+ivory'
lensa hood '+hood/exit'
stopNest

View File

@ -1,23 +0,0 @@
{ stdenvNoCC, fetchGitHubLFS, bootFakeShip, solid, urbit, arvo, curl }:
let
lfs = fetchGitHubLFS { src = ../../../bin/solid.pill; };
in {
inherit lfs;
build = import ./builder.nix {
inherit stdenvNoCC urbit arvo curl;
name = "solid";
builder = ./solid.sh;
pier = bootFakeShip {
inherit urbit;
arvo = null;
pill = solid.lfs;
ship = "zod";
};
};
}

View File

@ -1,99 +0,0 @@
source $stdenv/setup
set -euo pipefail
ARVO=${ARVO?:ARVO location is unset}
cp -r $src ./pier
chmod -R u+rw ./pier
urbit -d ./pier
cleanup () {
if [ -f ./pier/.vere.lock ]; then
kill $(< ./pier/.vere.lock) || true
fi
}
trap cleanup EXIT
port=$(cat ./pier/.http.ports | grep loopback | tr -s ' ' '\n' | head -n 1)
lensa() {
# -f elided, this can hit server-side timeouts
curl -s \
--data "{\"source\":{\"dojo\":\"$2\"},\"sink\":{\"app\":\"$1\"}}" \
"http://localhost:$port" | xargs printf %s | sed 's/\\n/\n/g'
}
lensf() {
# -f elided, this can hit server-side timeouts
d=$(echo $1 | sed 's/\./\//g')
curl -sJO \
--data "{\"source\":{\"dojo\":\"$2\"},\"sink\":{\"output-pill\":\"$d\"}}" \
"http://localhost:$port"
}
header "updating %base"
# Update pill strategy to ensure correct staging
lensa hood "+hood/mount /=base="
until [ -d ./pier/base ]; do
sleep 1
done
# Update :lens, :dojo and dependencies
# FIXME: reduce this list
cp $ARVO/app/lens.hoon ./pier/base/app/
cp $ARVO/app/dojo.hoon ./pier/base/app/
cp $ARVO/lib/plume.hoon ./pier/base/lib/
cp $ARVO/lib/server.hoon ./pier/base/lib/
cp $ARVO/lib/sole.hoon ./pier/base/lib/
cp $ARVO/lib/xray.hoon ./pier/base/lib/
cp $ARVO/lib/pprint.hoon ./pier/base/lib/
mkdir -p ./pier/base/mar/lens/
cp $ARVO/mar/lens/* ./pier/base/mar/lens/
cp $ARVO/sur/lens.hoon ./pier/base/sur/
cp $ARVO/sur/plum.hoon ./pier/base/sur/
cp $ARVO/sur/sole.hoon ./pier/base/sur/
cp $ARVO/sur/xray.hoon ./pier/base/sur/
# Update +solid and its dependencies
cp $ARVO/lib/pill.hoon ./pier/base/lib/
cp $ARVO/gen/solid.hoon ./pier/base/gen/
chmod -R u+rw ./pier/base/
lensa hood "+hood/commit %base"
lensa hood "+hood/unmount %base"
# FIXME: horrible hack to ensure the update is applied first
sleep 10
header "updating %stage"
# Stage new desk for pill contents
lensa hood '+hood/merge %stage our %base'
lensa hood "+hood/mount /=stage="
until [ -d ./pier/stage ]; do
sleep 1
done
rm -rf ./pier/stage
cp -r $ARVO ./pier/stage
chmod -R u+rw ./pier/stage
lensa hood "+hood/commit %stage"
lensa hood "+hood/unmount %stage"
header "running +solid"
lensf solid.pill '+solid /=stage=/sys, =dub &'
lensa hood '+hood/exit'
stopNest

View File

@ -1,28 +0,0 @@
{ stdenv, sources, enableParallelBuilding ? true }:
stdenv.mkDerivation {
pname = "softfloat3";
version = sources.softfloat3.rev;
src = sources.softfloat3;
postPatch = ''
for f in $(find build -type f -name 'Makefile'); do
substituteInPlace $f \
--replace 'gcc' '$(CC)' \
--replace 'ar crs' '$(AR) crs'
done
'';
preBuild = ''
cd build/Linux-x86_64-GCC
'';
installPhase = ''
mkdir -p $out/{lib,include}
cp $src/source/include/*.h $out/include/
cp softfloat.a $out/lib/libsoftfloat3.a
'';
inherit enableParallelBuilding;
}

View File

@ -1,85 +0,0 @@
{ lib, stdenv, coreutils, pkgconfig # build/env
, cacert, ca-bundle, ivory # codegen
, curlUrbit, ent, gmp, h2o, libsigsegv, libuv, lmdb # libs
, murmur3, openssl, openssl-static-osx, softfloat3 #
, urcrypt, zlib, zlib-static-osx #
, enableStatic ? stdenv.hostPlatform.isStatic # opts
, enableDebug ? false
, verePace ? ""
, doCheck ? true
, enableParallelBuilding ? true
, dontStrip ? true }:
let
src = lib.cleanSource ../../../pkg/urbit;
version = builtins.readFile "${src}/version";
# See https://github.com/urbit/urbit/issues/5561
oFlags =
if stdenv.isDarwin
then (if enableDebug then [ "-O0" "-g" ] else [ "-O3" ])
else [ (if enableDebug then "-O0" else "-O3") "-g" ];
in stdenv.mkDerivation {
inherit src version;
pname = "urbit" + lib.optionalString enableDebug "-debug"
+ lib.optionalString enableStatic "-static";
nativeBuildInputs = [ pkgconfig ];
buildInputs = [
cacert
ca-bundle
curlUrbit
ent
gmp
h2o
ivory.header
libsigsegv
libuv
lmdb
murmur3
(if stdenv.isDarwin && enableStatic then openssl-static-osx else openssl)
softfloat3
urcrypt
(if stdenv.isDarwin && enableStatic then zlib-static-osx else zlib)
];
# Ensure any `/usr/bin/env bash` shebang is patched.
postPatch = ''
patchShebangs ./configure
'';
checkTarget = "test";
installPhase = ''
mkdir -p $out/bin
cp ./build/urbit $out/bin/urbit
'';
dontDisableStatic = enableStatic;
configureFlags = if enableStatic
then [ "--disable-shared" "--enable-static" ]
else [];
CFLAGS = oFlags ++ lib.optionals (!enableDebug) [ "-Werror" ];
MEMORY_DEBUG = enableDebug;
CPU_DEBUG = enableDebug;
EVENT_TIME_DEBUG = false;
VERE_PACE = if enableStatic then verePace else "";
# See https://github.com/NixOS/nixpkgs/issues/18995
hardeningDisable = lib.optionals enableDebug [ "all" ];
inherit enableParallelBuilding doCheck dontStrip;
meta = {
debug = enableDebug;
arguments = lib.optionals enableDebug [ "-g" ];
};
}

View File

@ -1,21 +0,0 @@
{ stdenv, autoreconfHook, pkgconfig
, libaes_siv, openssl, openssl-static-osx, secp256k1
, enableStatic ? stdenv.hostPlatform.isStatic }:
stdenv.mkDerivation rec {
name = "urcrypt";
src = ../../../pkg/urcrypt;
# XX why are these required for darwin?
dontDisableStatic = enableStatic;
configureFlags = if enableStatic
then [ "--disable-shared" "--enable-static" ]
else [];
nativeBuildInputs =
[ autoreconfHook pkgconfig ];
propagatedBuildInputs =
[ openssl secp256k1 libaes_siv ];
}

View File

@ -1,18 +0,0 @@
{
"openssl": {
"branch": "1_1_1n",
"homepage": "https://www.openssl.org/",
"pmnsh": {
"include": "build/include",
"lib": "build",
"prepare": "./config --prefix=`mkdir -p build && readlink -f ./build` --libdir=. no-shared no-tests",
"make": "install_dev"
},
"owner": "openssl",
"repo": "openssl",
"rev": "OpenSSL_1_1_1n",
"type": "tarball",
"url": "https://github.com/openssl/openssl/archive/refs/tags/OpenSSL_1_1_1n.tar.gz",
"url_template": "https://github.com/<owner>/<repo>/archive/refs/tags/<rev>.tar.gz"
}
}

View File

@ -1,95 +0,0 @@
{
"curl": {
"branch": "master",
"description": "A command line tool and library for transferring data with URL syntax",
"homepage": "http://curl.se/",
"pmnsh": {
"compat": {
"openbsd": {
"prepare": "autoreconf -vfi && ./configure --disable-shared --disable-ldap --disable-rtsp --without-brotli --without-libidn2 --without-libpsl --without-nghttp2 --with-openssl=`readlink -f ../openssl/build`"
}
},
"include": "include",
"lib": "lib/.libs",
"prepare": "autoreconf -vfi && ./configure --disable-shared --disable-ldap --disable-rtsp --without-brotli --without-libidn2 --without-libpsl --without-nghttp2 --with-openssl",
"make": "-C lib libcurl.la"
},
"owner": "curl",
"repo": "curl",
"rev": "curl-7_77_0",
"type": "tarball",
"url": "https://github.com/curl/curl/archive/curl-7_77_0.tar.gz",
"url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
},
"lmdb": {
"branch": "mdb.master",
"description": "LMDB library",
"homepage": "http://www.lmdb.tech/",
"pmnsh": {
"strip": 2,
"make": "liblmdb.a"
},
"owner": "LMDB",
"repo": "lmdb",
"rev": "48a7fed59a8aae623deff415dda27097198ca0c1",
"type": "tarball",
"url": "https://github.com/LMDB/lmdb/archive/48a7fed59a8aae623deff415dda27097198ca0c1.tar.gz",
"url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
},
"secp256k1": {
"branch": "master",
"description": "Optimized C library for ECDSA signatures and secret/public key operations on curve secp256k1.",
"homepage": null,
"owner": "bitcoin-core",
"pmnsh": {
"include": "include",
"lib": ".libs",
"make": "libsecp256k1.la",
"prepare": "./autogen.sh && ./configure --disable-shared --enable-benchmark=no --enable-exhaustive-tests=no --enable-experimental --enable-module-ecdh --enable-module-recovery --enable-module-schnorrsig --enable-tests=yes CFLAGS=-DSECP256K1_API="
},
"repo": "secp256k1",
"rev": "5dcc6f8dbdb1850570919fc9942d22f728dbc0af",
"sha256": "x9qG2S6tBSRseWaFIN9N2fRpY1vkv8idT3d3rfJnmaU",
"type": "tarball",
"url": "https://github.com/bitcoin-core/secp256k1/archive/5dcc6f8dbdb1850570919fc9942d22f728dbc0af.tar.gz",
"url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
},
"uv": {
"branch": "v1.x",
"description": "Cross-platform asynchronous I/O",
"homepage": "http://libuv.org/",
"pmnsh": {
"include": "include",
"lib": ".libs",
"prepare": "./autogen.sh && ./configure --disable-shared",
"make": "libuv.la",
"compat": {
"m1brew": false
}
},
"owner": "libuv",
"repo": "libuv",
"rev": "v1.40.0",
"type": "tarball",
"url": "https://github.com/libuv/libuv/archive/v1.40.0.tar.gz",
"url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
},
"ent": {
"pmnsh": {
"prepare": "./configure"
}
},
"urcrypt": {
"pmnsh": {
"compat": {
"openbsd": {
"make": "install prefix=`readlink -f .` exec_prefix=`readlink -f .`",
"include": "include",
"lib": "lib"
}
},
"prepare": "./autogen.sh && ./configure --disable-shared PKG_CONFIG_PATH=../secp256k1 CFLAGS=\"-I../secp256k1/include -I../libaes_siv\" LDFLAGS=-L../libaes_siv",
"make": "install"
}
}
}

View File

@ -1,123 +0,0 @@
{
"h2o": {
"branch": "master",
"description": "H2O - the optimized HTTP/1, HTTP/2, HTTP/3 server",
"homepage": "https://h2o.examp1e.net",
"owner": "h2o",
"pmnsh": {
"compat": {
"mingw": {
"prepare": "cmake -G\"MSYS Makefiles\" -DCMAKE_INSTALL_PREFIX=. ."
},
"openbsd": {
"prepare": "cmake -DOPENSSL_ROOT_DIR=`readlink -f ../openssl/build` ."
}
},
"include": "include",
"make": "libh2o",
"prepare": "cmake ."
},
"repo": "h2o",
"rev": "v2.2.6",
"sha256": "0qni676wqvxx0sl0pw9j0ph7zf2krrzqc1zwj73mgpdnsr8rsib7",
"type": "tarball",
"url": "https://github.com/h2o/h2o/archive/v2.2.6.tar.gz",
"url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
},
"libaes_siv": {
"branch": "master",
"description": null,
"homepage": null,
"owner": "dfoxfranke",
"pmnsh": {
"compat": {
"m1brew": {
"make": "install CFLAGS=$(pkg-config --cflags openssl)",
"prepare": "cmake ."
},
"mingw": {
"make": "aes_siv_static",
"prepare": "cmake -G\"MSYS Makefiles\" -DDISABLE_DOCS:BOOL=ON ."
},
"openbsd": {
"make": "aes_siv_static",
"prepare": "cmake -DDISABLE_DOCS:BOOL=ON -DOPENSSL_ROOT_DIR=`readlink -f ../openssl/build` ."
}
}
},
"repo": "libaes_siv",
"rev": "9681279cfaa6e6399bb7ca3afbbc27fc2e19df4b",
"sha256": "1g4wy0m5wpqx7z6nillppkh5zki9fkx9rdw149qcxh7mc5vlszzi",
"type": "tarball",
"url": "https://github.com/dfoxfranke/libaes_siv/archive/9681279cfaa6e6399bb7ca3afbbc27fc2e19df4b.tar.gz",
"url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
},
"murmur3": {
"branch": "master",
"description": null,
"homepage": null,
"owner": "urbit",
"pmnsh": {
"make": "static"
},
"repo": "murmur3",
"rev": "71a75d57ca4e7ca0f7fc2fd84abd93595b0624ca",
"sha256": "0k7jq2nb4ad9ajkr6wc4w2yy2f2hkwm3nkbj2pklqgwsg6flxzwg",
"type": "tarball",
"url": "https://github.com/urbit/murmur3/archive/71a75d57ca4e7ca0f7fc2fd84abd93595b0624ca.tar.gz",
"url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
},
"niv": {
"branch": "master",
"description": "Easy dependency management for Nix projects",
"homepage": "https://github.com/nmattia/niv",
"owner": "nmattia",
"repo": "niv",
"rev": "9d35b9e4837ab88517210b1701127612c260eccf",
"sha256": "0q50xhnm8g2yfyakrh0nly4swyygxpi0a8cb9gp65wcakcgvzvdh",
"type": "tarball",
"url": "https://github.com/nmattia/niv/archive/9d35b9e4837ab88517210b1701127612c260eccf.tar.gz",
"url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
},
"nixpkgs": {
"branch": "master",
"description": "Nix Packages collection",
"homepage": "",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "376d67e1cd05d5ac8a64a3f47f17b80fb6394792",
"sha256": "1l4ai1dppwdbkkjbvnavsivr5kx00b3q8640pilpnifskfmfc8mp",
"type": "tarball",
"url": "https://github.com/NixOS/nixpkgs/archive/376d67e1cd05d5ac8a64a3f47f17b80fb6394792.tar.gz",
"url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
},
"softfloat3": {
"branch": "master",
"description": null,
"homepage": null,
"owner": "urbit",
"pmnsh": {
"compat": {
"m1brew": {
"lib": "build/template-FAST_INT64",
"make": "-C build/template-FAST_INT64 libsoftfloat3.a"
},
"mingw": {
"lib": "build/Win64-MinGW-w64",
"make": "-C build/Win64-MinGW-w64 libsoftfloat3.a"
},
"openbsd": {
"lib": "build/template-FAST_INT64",
"make": "-C build/template-FAST_INT64 libsoftfloat3.a"
}
},
"include": "source/include"
},
"repo": "berkeley-softfloat-3",
"rev": "ec4c7e31b32e07aad80e52f65ff46ac6d6aad986",
"sha256": "1lz4bazbf7lns1xh8aam19c814a4n4czq5xsq5rmi9sgqw910339",
"type": "tarball",
"url": "https://github.com/urbit/berkeley-softfloat-3/archive/ec4c7e31b32e07aad80e52f65ff46ac6d6aad986.tar.gz",
"url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
}
}

View File

@ -1,174 +0,0 @@
# This file has been generated by Niv.
let
#
# The fetchers. fetch_<type> fetches specs of type <type>.
#
fetch_file = pkgs: name: spec:
let
name' = sanitizeName name + "-src";
in
if spec.builtin or true then
builtins_fetchurl { inherit (spec) url sha256; name = name'; }
else
pkgs.fetchurl { inherit (spec) url sha256; name = name'; };
fetch_tarball = pkgs: name: spec:
let
name' = sanitizeName name + "-src";
in
if spec.builtin or true then
builtins_fetchTarball { name = name'; inherit (spec) url sha256; }
else
pkgs.fetchzip { name = name'; inherit (spec) url sha256; };
fetch_git = name: spec:
let
ref =
if spec ? ref then spec.ref else
if spec ? branch then "refs/heads/${spec.branch}" else
if spec ? tag then "refs/tags/${spec.tag}" else
abort "In git source '${name}': Please specify `ref`, `tag` or `branch`!";
in
builtins.fetchGit { url = spec.repo; inherit (spec) rev; inherit ref; };
fetch_local = spec: spec.path;
fetch_builtin-tarball = name: throw
''[${name}] The niv type "builtin-tarball" is deprecated. You should instead use `builtin = true`.
$ niv modify ${name} -a type=tarball -a builtin=true'';
fetch_builtin-url = name: throw
''[${name}] The niv type "builtin-url" will soon be deprecated. You should instead use `builtin = true`.
$ niv modify ${name} -a type=file -a builtin=true'';
#
# Various helpers
#
# https://github.com/NixOS/nixpkgs/pull/83241/files#diff-c6f540a4f3bfa4b0e8b6bafd4cd54e8bR695
sanitizeName = name:
(
concatMapStrings (s: if builtins.isList s then "-" else s)
(
builtins.split "[^[:alnum:]+._?=-]+"
((x: builtins.elemAt (builtins.match "\\.*(.*)" x) 0) name)
)
);
# The set of packages used when specs are fetched using non-builtins.
mkPkgs = sources: system:
let
sourcesNixpkgs =
import (builtins_fetchTarball { inherit (sources.nixpkgs) url sha256; }) { inherit system; };
hasNixpkgsPath = builtins.any (x: x.prefix == "nixpkgs") builtins.nixPath;
hasThisAsNixpkgsPath = <nixpkgs> == ./.;
in
if builtins.hasAttr "nixpkgs" sources
then sourcesNixpkgs
else if hasNixpkgsPath && ! hasThisAsNixpkgsPath then
import <nixpkgs> {}
else
abort
''
Please specify either <nixpkgs> (through -I or NIX_PATH=nixpkgs=...) or
add a package called "nixpkgs" to your sources.json.
'';
# The actual fetching function.
fetch = pkgs: name: spec:
if ! builtins.hasAttr "type" spec then
abort "ERROR: niv spec ${name} does not have a 'type' attribute"
else if spec.type == "file" then fetch_file pkgs name spec
else if spec.type == "tarball" then fetch_tarball pkgs name spec
else if spec.type == "git" then fetch_git name spec
else if spec.type == "local" then fetch_local spec
else if spec.type == "builtin-tarball" then fetch_builtin-tarball name
else if spec.type == "builtin-url" then fetch_builtin-url name
else
abort "ERROR: niv spec ${name} has unknown type ${builtins.toJSON spec.type}";
# If the environment variable NIV_OVERRIDE_${name} is set, then use
# the path directly as opposed to the fetched source.
replace = name: drv:
let
saneName = stringAsChars (c: if isNull (builtins.match "[a-zA-Z0-9]" c) then "_" else c) name;
ersatz = builtins.getEnv "NIV_OVERRIDE_${saneName}";
in
if ersatz == "" then drv else
# this turns the string into an actual Nix path (for both absolute and
# relative paths)
if builtins.substring 0 1 ersatz == "/" then /. + ersatz else /. + builtins.getEnv "PWD" + "/${ersatz}";
# Ports of functions for older nix versions
# a Nix version of mapAttrs if the built-in doesn't exist
mapAttrs = builtins.mapAttrs or (
f: set: with builtins;
listToAttrs (map (attr: { name = attr; value = f attr set.${attr}; }) (attrNames set))
);
# https://github.com/NixOS/nixpkgs/blob/0258808f5744ca980b9a1f24fe0b1e6f0fecee9c/lib/lists.nix#L295
range = first: last: if first > last then [] else builtins.genList (n: first + n) (last - first + 1);
# https://github.com/NixOS/nixpkgs/blob/0258808f5744ca980b9a1f24fe0b1e6f0fecee9c/lib/strings.nix#L257
stringToCharacters = s: map (p: builtins.substring p 1 s) (range 0 (builtins.stringLength s - 1));
# https://github.com/NixOS/nixpkgs/blob/0258808f5744ca980b9a1f24fe0b1e6f0fecee9c/lib/strings.nix#L269
stringAsChars = f: s: concatStrings (map f (stringToCharacters s));
concatMapStrings = f: list: concatStrings (map f list);
concatStrings = builtins.concatStringsSep "";
# https://github.com/NixOS/nixpkgs/blob/8a9f58a375c401b96da862d969f66429def1d118/lib/attrsets.nix#L331
optionalAttrs = cond: as: if cond then as else {};
# fetchTarball version that is compatible between all the versions of Nix
builtins_fetchTarball = { url, name ? null, sha256 }@attrs:
let
inherit (builtins) lessThan nixVersion fetchTarball;
in
if lessThan nixVersion "1.12" then
fetchTarball ({ inherit url; } // (optionalAttrs (!isNull name) { inherit name; }))
else
fetchTarball attrs;
# fetchurl version that is compatible between all the versions of Nix
builtins_fetchurl = { url, name ? null, sha256 }@attrs:
let
inherit (builtins) lessThan nixVersion fetchurl;
in
if lessThan nixVersion "1.12" then
fetchurl ({ inherit url; } // (optionalAttrs (!isNull name) { inherit name; }))
else
fetchurl attrs;
# Create the final "sources" from the config
mkSources = config:
mapAttrs (
name: spec:
if builtins.hasAttr "outPath" spec
then abort
"The values in sources.json should not have an 'outPath' attribute"
else
spec // { outPath = replace name (fetch config.pkgs name spec); }
) config.sources;
# The "config" used by the fetchers
mkConfig =
{ sourcesFile ? if builtins.pathExists ./sources.json then ./sources.json else null
, sources ? if isNull sourcesFile then {} else builtins.fromJSON (builtins.readFile sourcesFile)
, system ? builtins.currentSystem
, pkgs ? mkPkgs sources system
}: rec {
# The sources, i.e. the attribute set of spec name to spec
inherit sources;
# The "pkgs" (evaluated nixpkgs) to use for e.g. non-builtin fetchers
inherit pkgs;
};
in
mkSources (mkConfig {}) // { __functor = _: settings: mkSources (mkConfig settings); }

View File

@ -1,11 +1,9 @@
{ lib, stdenvNoCC, curl, python3, bootFakeShip }:
{ arvo ? null, pill, ship ? "bus", doCheck ? true }:
{ stdenvNoCC, curl, python3, pier, urbit }:
stdenvNoCC.mkDerivation {
name = "test-${ship}";
name = "test-urbit";
src = bootFakeShip { inherit arvo pill ship; };
src = pier;
phases = [ "unpackPhase" "buildPhase" "checkPhase" ];
@ -19,7 +17,7 @@ stdenvNoCC.mkDerivation {
buildPhase = ''
set -x
${arvo}/vere.jam -d ./pier 2> urbit-output
${urbit}/bin/urbit -d ./pier 2> urbit-output
# Sledge Hammer!
# See: https://github.com/travis-ci/travis-ci/issues/4704#issuecomment-348435959
@ -180,7 +178,7 @@ stdenvNoCC.mkDerivation {
exit "$fail"
'';
inherit doCheck;
doCheck = true;
# Fix 'bind: operation not permitted' when nix.useSandbox = true on darwin.
# See https://github.com/NixOS/nix/blob/5f6840fbb49ae5b534423bd8a4360646ee93dbaf/src/libstore/build.cc#L2961

View File

@ -9,131 +9,50 @@
:: Note this issue manifests itself even for bootstrapping a planet to
:: talk to its own star.
::
/+ default-agent, verb
/+ default-agent, verb, dbug
=* point point:kale
::
|%
:: How often to ping our sponsor when we might be behind a NAT.
::
:: NAT timeouts are often pretty short for UDP entries. 5 minutes is
:: a common value. We use 25 seconds, same as Wireguard.
::
++ nat-timeout ~s25
::
:: How often to check our IP when we know we're not behind a NAT.
::
++ ip-timeout ~m5
::
:: Chosen because it's run by Cloudflare, and others I tried were
:: inconsistently slow.
::
++ ip-reflector 'https://icanhazip.com'
::
+$ card card:agent:gall
+$ ship-state
$% [%idle ~]
[%poking ~]
[%http until=@da]
[%waiting until=@da]
==
+$ state-1
$: %1
ships=(set ship)
nonce=@ud
$= plan
$~ [%nat ~]
$% [%nat ~]
[%pub ip=(unit @t)]
==
==
--
::
=| state=[%0 ships=(map ship [=rift =ship-state])]
%- agent:dbug
::
=| state=state-1
=> |%
:: +print-error: maybe +slog
::
++ print-error
|= [=tape error=(unit tang)]
^+ same
?~ error same
%- (slog leaf+tape u.error) same
:: +set-timer: send a card to behn to set a timer
::
++ set-timer
|= [now=@da =ship]
^- (quip card _state)
=/ s (~(get by ships.state) ship)
?~ s
`state
?. ?=(%poking -.ship-state.u.s)
%- (slog leaf+"ping: strange state {<ship s>}" ~)
`state
:: NAT timeouts are often pretty short for UDP entries. 5
:: minutes is a common value. We use 25 seconds, same as Wireguard.
::
=/ until (add ~s25 now)
=. ships.state
(~(put by ships.state) ship u.s(ship-state [%waiting until]))
:_ state
=/ =wire /ping-wait/(scot %p ship)/(scot %da until)
[%pass wire %arvo %b %wait `@da`until]~
:: +send-ping: poke their %ping app
::
++ send-ping
|= [our=@p now=@da =ship]
^- (quip card _state)
::
?: =(our ship)
`state
=/ s (~(get by ships.state) ship)
?~ s
`state
?. ?=(%idle -.ship-state.u.s)
`state
:_ state(ships (~(put by ships.state) ship u.s(ship-state [%poking ~])))
[%pass /ping-send/(scot %p ship) %agent [ship %ping] %poke %noun !>(~)]~
:: +stop-ping-ship: stop listening to jael if not sponsor or old rift
::
++ stop-ping-ship
|= [our=@p now=@da =ship =old=rift =ship-state]
^- (quip card _state)
=+ .^(=new=rift %j /(scot %p our)/rift/(scot %da now)/(scot %p ship))
:: if nothing's changed about us, don't cancel
::
?: ?& =(old-rift new-rift)
(~(has in (silt (saxo:title our now our))) ship)
==
`state
:: otherwise, kill jael subscription and timer
::
:_ state(ships (~(del by ships.state) ship))
[%pass /jael/(scot %p ship) %arvo %j %nuke (silt ship ~)]~
:: +start-ping-ship: start listening to jael updates if not already
::
:: While %public-keys is idempotent in most senses, it does
:: trigger a response, and this function is called on that
:: response, so we need a guard to avoid an infinite loop.
::
++ start-ping-ship
|= [our=@p now=@da =ship]
^- (quip card _state)
::
?: (~(has by ships.state) ship)
(send-ping our now ship)
::
;< new-state=_state (rind card state)
=+ .^(=rift %j /(scot %p our)/rift/(scot %da now)/(scot %p ship))
:_ state(ships (~(put by ships.state) ship rift %idle ~))
[%pass /jael/(scot %p ship) %arvo %j %public-keys (silt ship ~)]~
=. state new-state
::
(send-ping our now ship)
:: +kick: idempotent operation to make clean start for all pings
::
++ kick
|= [our=@p now=@da]
^- (quip card _state)
?: =(%czar (clan:title our))
`state
::
=/ old-ships=(list [=ship =rift =ship-state]) ~(tap by ships.state)
|- ^- (quip card _state)
=* loop $
?^ old-ships
;< new-state=_state (rind card state)
(stop-ping-ship our now i.old-ships)
=. state new-state
loop(old-ships t.old-ships)
::
:: NB: !! This includes our own ship, and for moons, this is what
:: has caused Jael to fetch our own rift from our parent. This
:: role may be taken by Ames's subscription to %public-keys, but
:: this must be tested before changing the behavior here.
::
=/ new-ships (saxo:title our now our)
|- ^- (quip card _state)
=* loop $
?^ new-ships
;< new-state=_state (rind card state)
(start-ping-ship our now i.new-ships)
=. state new-state
loop(new-ships t.new-ships)
::
`state
:: +rind: bind for the the writer monad on (quip effect state)
:: Bind for the the writer monad on (quip effect state)
::
++ rind
|* [effect=mold state=*]
@ -146,6 +65,211 @@
=^ effects-2=(list effect) state (fun state)
[(weld effects-1 effects-2) state]
::
++ once
|= =cord
=(cord (scot %uw nonce.state))
::
:: Subsystem to keep track of which ships to ping across breaches
:: and sponsorship changes
::
++ ships
|%
++ rind (^rind card state)
++ kick
|= [our=@p now=@da]
^- (quip card _state)
:: ?: =(%czar (clan:title our))
:: `state
::
:: NB: !! This includes our own ship, and for moons, this is
:: what has caused Jael to fetch our own rift from our parent.
:: This role may be taken by Ames's subscription to
:: %public-keys, but this must be tested before changing the
:: behavior here.
::
=/ new-ships (~(gas in *(set ship)) (saxo:title our now our))
=/ removed (~(dif in ships.state) new-ships)
=/ added (~(dif in new-ships) ships.state)
;< new-state=_state rind
?~ removed `state
[[%pass /jael %arvo %j %nuke removed]~ state]
=. state new-state
::
;< new-state=_state rind
?~ added `state
[[%pass /jael %arvo %j %public-keys added]~ state]
=. state new-state
::
:: Kick even if ships weren't added or removed
::
(kick-pings our now new-ships)
::
:: Kick whenever we get a response. We really care about
:: breaches and sponsorship changes.
::
:: Delay until next event in case of breach, so that ames can
:: clear its state.
::
++ take-jael
|= now=@da
^- (quip card _state)
[[%pass /jael/delay %arvo %b %wait now]~ state]
::
++ take-delay kick
--
::
:: Starts pinging a new set of `ships`.
::
++ kick-pings
|= [our=@p now=@da ships=(set ship)]
^- (quip card _state)
=: nonce.state +(nonce.state)
ships.state ships
==
::
?: ?=(%nat -.plan.state)
(kick:nat our)
(kick:pub our now)
::
:: Subsystem for pinging our sponsors when we might be behind a NAT
::
:: Ping each ship every 25 seconds to keep the pinhole open.
:: This is expensive, but if you don't do it and you are behind a
:: NAT, you will stop receiving packets from other ships except
:: during the 30 seconds following each packet you send.
::
++ nat
?> ?=(%nat -.plan.state)
|%
++ rind (^rind card state)
++ kick
|= our=@p
^- (quip card _state)
=/ ships ~(tap in ships.state)
|- ^- (quip card _state)
?~ ships `state
?: =(our i.ships) $(ships t.ships)
;< new-state=_state rind (send-ping i.ships)
=. state new-state
$(ships t.ships)
::
++ send-ping
|= =ship
^- (quip card _state)
:_ state
=/ wire /nat/(scot %uw nonce.state)/ping/(scot %p ship)
[%pass wire %agent [ship %ping] %poke %noun !>(~)]~
::
++ take-ping
|= [now=@da =wire error=(unit tang)]
^- (quip card _state)
?. ?=([%nat @ %ping @ ~] wire) `state
?. (once i.t.wire) `state
=/ ship (slav %p i.t.t.t.wire)
%- (slog ?~(error ~ ['ping: got nack' >ship< u.error]))
:_ state
=/ wire /nat/(scot %uw nonce.state)/wait/(scot %p ship)
[%pass wire %arvo %b %wait (add nat-timeout now)]~
::
++ take-wait
|= =wire
^- (quip card _state)
?. ?=([%nat @ %wait @ ~] wire) `state
?. (once i.t.wire) `state
=/ ship (slav %p i.t.t.t.wire)
(send-ping ship)
--
::
:: Subsystem for pinging our sponsors when we know we're not behind a NAT
::
:: Check our IP address every minute, and only if it changes,
:: ping all our sponsors.
::
++ pub
?> ?=(%pub -.plan.state)
|%
++ rind (^rind card state)
++ kick
|= [our=@p now=@da]
^- (quip card _state)
;< new-state=_state rind (send-pings our)
=. state new-state
::
;< new-state=_state rind check-ip
=. state new-state
::
(set-timer now)
::
++ send-pings
|= our=@p
^- (quip card _state)
:_ state
%+ murn ~(tap in ships.state)
|= =ship
?: =(our ship)
~
=/ wire /pub/(scot %uw nonce.state)/ping/(scot %p ship)
`u=[%pass wire %agent [ship %ping] %poke %noun !>(~)]
::
++ take-pings
|= [=wire error=(unit tang)]
^- (quip card _state)
?. ?=([%pub @ %ping @ ~] wire) `state
?. (once i.t.wire) `state
=/ ship (slav %p i.t.t.t.wire)
%- (slog ?~(error ~ ['ping: got nack' >ship< u.error]))
`state
::
++ check-ip
^- (quip card _state)
:_ state
=/ wire /pub/(scot %uw nonce.state)/ip
=/ =request:http [%'GET' ip-reflector ~ ~]
[%pass wire %arvo %i %request request *outbound-config:iris]~
::
++ take-ip
|= [our=@p =wire resp=client-response:iris]
^- (quip card _state)
?. ?=([%pub @ %ip ~] wire) `state
?. (once i.t.wire) `state
::
?. ?=(%finished -.resp) `state :: will retry in a minute
?. ?=(%200 status-code.response-header.resp)
=* s status-code.response-header.resp
%- (slog leaf+"ping: ip check failed: {<s>}" ~)
`state
::
?~ full-file.resp
%- (slog 'ping: ip check body empty' ~)
`state
::
=* body q.data.u.full-file.resp
?~ body
%- (slog 'ping: ip check body empty' ~)
`state
::
=/ ip (end [3 (dec (met 3 body))] body)
?: =(ip.plan.state `ip) `state
::
=. ip.plan.state `ip
(send-pings our)
::
++ set-timer
|= now=@da
^- (quip card _state)
=/ =wire /pub/(scot %uw nonce.state)/wait
[[%pass wire %arvo %b %wait (add ip-timeout now)]~ state]
::
++ take-wait
|= [our=@p now=@da =wire]
^- (quip card _state)
?. ?=([%pub @ %wait ~] wire) `state
?. (once i.t.wire) `state
;< new-state=_state rind check-ip
=. state new-state
::
(set-timer now)
--
--
%+ verb |
^- agent:gall
@ -157,26 +281,48 @@
::
++ on-init
^- [(list card) _this]
=^ cards state (kick our.bowl now.bowl)
=. plan.state [%nat ~]
=^ cards state (kick:ships our.bowl now.bowl)
[cards this]
::
++ on-save !>(state)
++ on-load
|= old=vase
=. state !<(_state old)
(on-poke %noun !>(%kick))
|= old-vase=vase
|^
=/ old !<(state-any old-vase)
=? old ?=(%0 -.old) (state-0-to-1 old)
?> ?=(%1 -.old)
=. state old
=^ cards state (kick:ships our.bowl now.bowl)
[cards this]
::
+$ state-any $%(state-0 state-1)
+$ state-0 [%0 ships=(map ship [=rift =ship-state])]
::
++ state-0-to-1
|= old=state-0
^- state-1
[%1 ~ 0 %nat ~]
--
:: +on-poke: positively acknowledge pokes
::
++ on-poke
|= [=mark =vase]
?: =(q.vase %kick)
=. ships.state
%- ~(run by ships.state)
|= [=rift =ship-state]
[999.999 ship-state]
on-init
?. =(our src):bowl :: don't crash, this is where pings are handled
`this
::
=^ cards state
?: =(q.vase %kick) :: NB: ames calls this on %born
(kick:ships our.bowl now.bowl)
?: =(q.vase %nat)
=. plan.state [%nat ~]
(kick:ships our.bowl now.bowl)
?: =(q.vase %no-nat)
=. plan.state [%pub ~]
(kick:ships our.bowl now.bowl)
`state
[cards this]
::
++ on-watch on-watch:def
++ on-leave on-leave:def
++ on-peek
@ -188,46 +334,56 @@
++ on-agent
|= [=wire =sign:agent:gall]
^- [(list card) _this]
?> ?=([%ping-send @ ~] wire)
?> ?=(%poke-ack -.sign)
::
%- (print-error "ping: ack" p.sign)
=^ cards state
(set-timer now.bowl (slav %p i.t.wire))
?+ wire `state
[%nat *]
?. ?=(%nat -.plan.state) `state
?. ?=(%poke-ack -.sign) `state
(take-ping:nat now.bowl wire p.sign)
::
[%pub *]
?. ?=(%pub -.plan.state) `state
?. ?=(%poke-ack -.sign) `state
(take-pings:pub wire p.sign)
==
[cards this]
:: +on-arvo: handle timer firing
::
++ on-arvo
|= [=wire =sign-arvo]
^- [(list card) _this]
?+ wire !!
[%ping-wait @ @ ~]
?> ?=(%wake +<.sign-arvo)
=/ =ship (slav %p i.t.wire)
=/ until=@da (slav %da i.t.t.wire)
=/ s (~(get by ships.state) ship)
?~ s
`this
?. =([%waiting until] ship-state.u.s)
`this
=. ships.state (~(put by ships.state) ship u.s(ship-state [%idle ~]))
%- (print-error "ping: wake" error.sign-arvo)
=^ cards state
(send-ping our.bowl now.bowl ship)
[cards this]
::
[%jael @ ~]
:: whenever we get an update from Jael, kick
::
?> ?=(%public-keys +<.sign-arvo)
:_ this
[%pass /delay %arvo %b %wait now.bowl]~
:: Delayed until next event so that ames can clear its state
::
[%delay ~]
?+ wire `state
[%jael %delay ~]
?> ?=(%wake +<.sign-arvo)
on-init
?^ error.sign-arvo
%- (slog 'ping: strange jael wake fail!' u.error.sign-arvo)
`state
(take-delay:ships our.bowl now.bowl)
::
[%jael ~]
?> ?=(%public-keys +<.sign-arvo)
(take-jael:ships now.bowl)
::
[%nat *]
?. ?=(%nat -.plan.state) `state
?> ?=(%wake +<.sign-arvo)
?^ error.sign-arvo
%- (slog 'ping: strange nat wake fail!' u.error.sign-arvo)
`state
(take-wait:nat wire)
::
[%pub @ %ip *]
?. ?=(%pub -.plan.state) `state
?> ?=(%http-response +<.sign-arvo)
(take-ip:pub our.bowl wire client-response.sign-arvo)
::
[%pub @ %wait *]
?. ?=(%pub -.plan.state) `state
?> ?=(%wake +<.sign-arvo)
(take-wait:pub our.bowl now.bowl wire)
==
[cards this]
::
++ on-fail on-fail:def
--

View File

@ -1127,6 +1127,9 @@
$: %d
$>(%flog task:dill)
==
$: %g
$>(%deal task:gall)
==
$: %j
$> $? %private-keys
%public-keys
@ -1145,6 +1148,9 @@
$% $: %behn
$>(%wake gift:behn)
==
$: %gall
$>(%unto gift:gall)
==
$: %jael
$> $? %private-keys
%public-keys
@ -2607,7 +2613,11 @@
=< q.q %- need %- need
(rof ~ %j `beam`[[our %turf %da now] /])
::
(emit unix-duct.ames-state %give %turf turfs)
=* duct unix-duct.ames-state
%- emil
:~ [duct %give %turf turfs]
[duct %pass /ping %g %deal [our our] %ping %poke %noun !>(%kick)]
==
:: +on-vega: handle kernel reload
::
++ on-vega event-core
@ -4680,6 +4690,9 @@
=/ event-core (ev [now eny rof] duct ames-state)
::
=^ moves ames-state
?: ?=([%gall %unto *] sign)
`ames-state
::
=< abet
?- sign
[@ %done *] (on-take-done:event-core wire error.sign)

View File

@ -945,7 +945,7 @@
%- road |.
((pile-rule pax) [1 1] tex)
?^ res pile.u.res
%- mean %- flop
%- mean
=/ lyn p.hair
=/ col q.hair
^- (list tank)

View File

@ -1,21 +0,0 @@
#!/usr/bin/env bash
# Usage: release
# Create a static tarball under ./release named with the current git revision.
set -xeuo pipefail
cd "${0%/*}/.."
rev="$(git rev-parse HEAD)"
sha="${rev:0:5}"
ver="$(cat pkg/urbit/version)"
tgz="release/urbit-v${ver}-${sha}.tar.gz"
out="$(nix-build -A tarball --arg enableStatic true --no-out-link)"
mkdir -p release
cp -f "$out" "$tgz"
chmod 0644 "$tgz"

View File

@ -4,4 +4,4 @@ set -xeuo pipefail
cd "${0%/*}/.."
cp "$(nix-build -A brass.build --no-out-link)" bin/brass.pill
cp "$(nix build .#brass --no-link --print-out-paths)" bin/brass.pill

View File

@ -4,4 +4,4 @@ set -xeuo pipefail
cd "${0%/*}/.."
cp "$(nix-build -A ivory.build --no-out-link)" bin/ivory.pill
cp "$(nix build .#ivory --no-link --print-out-paths)" bin/brass.pill

View File

@ -4,4 +4,4 @@ set -xeuo pipefail
cd "${0%/*}/.."
cp "$(nix-build -A solid.build --no-out-link)" bin/solid.pill
cp "$(nix build .#solid --no-link --print-out-paths)" bin/brass.pill