2023-04-12 12:48:02 +00:00
{ lib
, stdenv
, runCommand
, fetchurl
, fetchFromGitHub
2023-07-15 17:15:38 +00:00
, fetchPypi
2023-04-12 12:48:02 +00:00
# Build time
, cmake
2020-04-24 23:36:52 +00:00
, ensureNewerSourcesHook
2023-04-12 12:48:02 +00:00
, fmt
, git
2021-02-16 17:04:54 +00:00
, makeWrapper
2023-10-09 19:29:22 +00:00
, nasm
2023-04-12 12:48:02 +00:00
, pkg-config
, which
# Tests
2021-02-16 17:04:54 +00:00
, nixosTests
2023-04-12 12:48:02 +00:00
# Runtime dependencies
, arrow-cpp
, babeltrace
, boost179
2021-04-22 02:08:21 +00:00
, bzip2
2023-04-12 12:48:02 +00:00
, cryptsetup
, cunit
2021-04-22 02:08:21 +00:00
, doxygen
2023-04-12 12:48:02 +00:00
, gperf
2021-04-22 02:08:21 +00:00
, graphviz
2024-01-02 11:29:13 +00:00
, gnugrep
2023-04-12 12:48:02 +00:00
, gtest
, icu
2024-01-02 11:29:13 +00:00
, kmod
2023-10-09 19:29:22 +00:00
, libcap
2023-04-12 12:48:02 +00:00
, libcap_ng
, libnl
, libxml2
, lttng-ust
, lua
, lz4
, oath-toolkit
, openldap
, python310
, rdkafka
, rocksdb
, snappy
, sqlite
, utf8proc
, zlib
, zstd
2020-04-24 23:36:52 +00:00
2024-01-25 14:12:00 +00:00
# Dependencies of overridden Python dependencies, hopefully we can remove these soon.
, rustPlatform
2020-04-24 23:36:52 +00:00
# Optional Dependencies
2023-04-12 12:48:02 +00:00
, curl ? null
, expat ? null
, fuse ? null
, libatomic_ops ? null
, libedit ? null
2020-04-24 23:36:52 +00:00
, libs3 ? null
2023-04-12 12:48:02 +00:00
, yasm ? null
2020-04-24 23:36:52 +00:00
# Mallocs
2023-04-12 12:48:02 +00:00
, gperftools ? null
, jemalloc ? null
2020-04-24 23:36:52 +00:00
# Crypto Dependencies
, cryptopp ? null
2023-04-12 12:48:02 +00:00
, nspr ? null
, nss ? null
2020-04-24 23:36:52 +00:00
# Linux Only Dependencies
2023-04-12 12:48:02 +00:00
, linuxHeaders
, util-linux
, libuuid
, udev
, keyutils
, rdma-core
, rabbitmq-c
, libaio ? null
, libxfs ? null
, liburing ? null
, zfs ? null
2020-04-24 23:36:52 +00:00
, . . .
} :
# We must have one crypto library
assert cryptopp != null || ( nss != null && nspr != null ) ;
let
2023-10-09 19:29:22 +00:00
shouldUsePkg = pkg : if pkg != null && lib . meta . availableOn stdenv . hostPlatform pkg then pkg else null ;
2020-04-24 23:36:52 +00:00
optYasm = shouldUsePkg yasm ;
optExpat = shouldUsePkg expat ;
optCurl = shouldUsePkg curl ;
optFuse = shouldUsePkg fuse ;
optLibedit = shouldUsePkg libedit ;
optLibatomic_ops = shouldUsePkg libatomic_ops ;
optLibs3 = shouldUsePkg libs3 ;
optJemalloc = shouldUsePkg jemalloc ;
optGperftools = shouldUsePkg gperftools ;
optCryptopp = shouldUsePkg cryptopp ;
optNss = shouldUsePkg nss ;
optNspr = shouldUsePkg nspr ;
optLibaio = shouldUsePkg libaio ;
optLibxfs = shouldUsePkg libxfs ;
optZfs = shouldUsePkg zfs ;
2023-04-12 12:48:02 +00:00
# Downgrade rocksdb, 7.10 breaks ceph
2023-08-04 22:07:22 +00:00
rocksdb' = rocksdb . overrideAttrs {
2023-04-12 12:48:02 +00:00
version = " 7 . 9 . 2 " ;
src = fetchFromGitHub {
owner = " f a c e b o o k " ;
repo = " r o c k s d b " ;
rev = " r e f s / t a g s / v 7 . 9 . 2 " ;
hash = " s h a 2 5 6 - 5 P 7 I q J 1 4 E Z z D k b j a B v b i x 0 4 c e G G d l W B u V F H / 5 d p D 5 V M = " ;
} ;
2023-08-04 22:07:22 +00:00
} ;
2020-04-24 23:36:52 +00:00
2023-04-12 12:48:02 +00:00
hasRadosgw = optExpat != null && optCurl != null && optLibedit != null ;
2020-04-24 23:36:52 +00:00
# Malloc implementation (can be jemalloc, tcmalloc or null)
malloc = if optJemalloc != null then optJemalloc else optGperftools ;
# We prefer nss over cryptopp
cryptoStr = if optNss != null && optNspr != null then " n s s " else
if optCryptopp != null then " c r y p t o p p " else " n o n e " ;
cryptoLibsMap = {
nss = [ optNss optNspr ] ;
cryptopp = [ optCryptopp ] ;
none = [ ] ;
} ;
2021-02-05 17:12:51 +00:00
getMeta = description : with lib ; {
2022-01-13 20:06:32 +00:00
homepage = " h t t p s : / / c e p h . i o / e n / " ;
2020-07-18 16:06:22 +00:00
inherit description ;
license = with licenses ; [ lgpl21 gpl2 bsd3 mit publicDomain ] ;
maintainers = with maintainers ; [ adev ak johanot krav ] ;
2021-01-09 10:05:03 +00:00
platforms = [ " x 8 6 _ 6 4 - l i n u x " " a a r c h 6 4 - l i n u x " ] ;
2020-07-18 16:06:22 +00:00
} ;
2023-04-12 12:48:02 +00:00
ceph-common = with python . pkgs ; buildPythonPackage {
2020-07-18 16:06:22 +00:00
pname = " c e p h - c o m m o n " ;
inherit src version ;
sourceRoot = " c e p h - ${ version } / s r c / p y t h o n - c o m m o n " ;
2023-04-12 12:48:02 +00:00
propagatedBuildInputs = [
pyyaml
] ;
nativeCheckInputs = [
pytestCheckHook
] ;
disabledTests = [
# requires network access
" t e s t _ v a l i d _ a d d r "
] ;
2020-07-18 16:06:22 +00:00
meta = getMeta " C e p h c o m m o n m o d u l e f o r c o d e s h a r e d b y m a n a g e r m o d u l e s " ;
} ;
2023-04-12 12:48:02 +00:00
# Watch out for python <> boost compatibility
python = python310 . override {
2024-01-25 14:12:00 +00:00
packageOverrides = self : super : let cryptographyOverrideVersion = " 4 0 . 0 . 1 " ; in {
# Ceph does not support `cryptography` > 40 yet:
# * https://github.com/NixOS/nixpkgs/pull/281858#issuecomment-1899358602
# * Upstream issue: https://tracker.ceph.com/issues/63529
# > Python Sub-Interpreter Model Used by ceph-mgr Incompatible With Python Modules Based on PyO3
#
# We pin the older `cryptography` 40 here;
# this also forces us to pin an older `pyopenssl` because the current one
# is not compatible with older `cryptography`, see:
# https://github.com/pyca/pyopenssl/blob/d9752e44127ba36041b045417af8a0bf16ec4f1e/CHANGELOG.rst#2320-2023-05-30
cryptography = super . cryptography . overridePythonAttrs ( old : rec {
version = cryptographyOverrideVersion ;
src = fetchPypi {
inherit ( old ) pname ;
version = cryptographyOverrideVersion ;
hash = " s h a 2 5 6 - K A P y + L H p X 2 F E G Z J s f m 9 V 2 C i v x h T K X t Y V Q 4 d 6 5 m j M N H I = " ;
} ;
cargoDeps = rustPlatform . fetchCargoTarball {
inherit src ;
sourceRoot = let cargoRoot = " s r c / r u s t " ; in " ${ old . pname } - ${ cryptographyOverrideVersion } / ${ cargoRoot } " ;
name = " ${ old . pname } - ${ cryptographyOverrideVersion } " ;
hash = " s h a 2 5 6 - g F f D T c 2 Q W B W H B C y c V H 1 d Y l C s W Q M V c R Z f O B I a u + n j t D U = " ;
} ;
patches = ( old . patches or [ ] ) ++ [
# Fix https://nvd.nist.gov/vuln/detail/CVE-2023-49083 which has no upstream backport.
# See https://github.com/pyca/cryptography/commit/f09c261ca10a31fe41b1262306db7f8f1da0e48a#diff-f5134bf8f3cf0a5cc8601df55e50697acc866c603a38caff98802bd8e17976c5R1893
./python-cryptography-Cherry-pick-fix-for-CVE-2023-49083-on-cryptography-40.patch
] ;
# Tests would require overriding `cryptography-vectors`, which is not currently
# possible/desired, see: https://github.com/NixOS/nixpkgs/pull/281858#pullrequestreview-1841421866
doCheck = false ;
} ) ;
# This is the most recent version of `pyopenssl` that's still compatible with `cryptography` 40.
# See https://github.com/NixOS/nixpkgs/pull/281858#issuecomment-1899358602
pyopenssl = super . pyopenssl . overridePythonAttrs ( old : rec {
version = " 2 3 . 1 . 1 " ;
src = fetchPypi {
pname = " p y O p e n S S L " ;
inherit version ;
hash = " s h a 2 5 6 - h B S Y u b 7 G F i O x t s R + u 8 A j Z 8 B 9 Y O D h l f G X k I F / E M y N s L c = " ;
} ;
} ) ;
# Ceph does not support `kubernetes` >= 19, see:
# https://github.com/NixOS/nixpkgs/pull/281858#issuecomment-1900324090
kubernetes = super . kubernetes . overridePythonAttrs ( old : rec {
version = " 1 8 . 2 0 . 0 " ;
src = fetchFromGitHub {
owner = " k u b e r n e t e s - c l i e n t " ;
repo = " p y t h o n " ;
rev = " v ${ version } " ;
sha256 = " 1 s a w p 6 2 j 7 h 0 y k s m g 9 j l v 4 i k 9 b 9 i 1 a 1 w 9 s y y w c 9 m v 8 x 8 9 w i b f 5 q l 1 " ;
fetchSubmodules = true ;
} ;
} ) ;
2023-03-15 16:39:30 +00:00
} ;
} ;
2022-06-26 10:26:21 +00:00
2023-04-12 12:48:02 +00:00
boost = boost179 . override {
2022-06-26 10:26:21 +00:00
enablePython = true ;
inherit python ;
} ;
2021-06-28 23:13:55 +00:00
2023-04-12 12:48:02 +00:00
# TODO: split this off in build and runtime environment
ceph-python-env = python . withPackages ( ps : with ps ; [
2020-07-18 16:06:22 +00:00
ceph-common
2023-04-12 12:48:02 +00:00
# build time
cython
# debian/control
bcrypt
cherrypy
influxdb
jinja2
kubernetes
natsort
numpy
pecan
prettytable
pyjwt
pyopenssl
python-dateutil
pyyaml
requests
routes
scikit-learn
scipy
setuptools
sphinx
virtualenv
werkzeug
# src/pybind/mgr/requirements-required.txt
cryptography
jsonpatch
# src/tools/cephfs/shell/setup.py
cmd2
colorama
2020-04-24 23:36:52 +00:00
] ) ;
2023-05-24 13:37:59 +00:00
inherit ( ceph-python-env . python ) sitePackages ;
2020-04-24 23:36:52 +00:00
2024-02-07 01:22:34 +00:00
version = " 1 8 . 2 . 1 " ;
2020-07-18 16:06:22 +00:00
src = fetchurl {
2023-05-24 13:37:59 +00:00
url = " h t t p s : / / d o w n l o a d . c e p h . c o m / t a r b a l l s / c e p h - ${ version } . t a r . g z " ;
2024-02-07 01:22:34 +00:00
hash = " s h a 2 5 6 - g H W w N H f 0 K t I 7 H v 0 M w a C q P 6 A 3 Y R / A W a k f U Z T k t R y d d k o = " ;
2020-07-18 16:06:22 +00:00
} ;
2020-04-24 23:36:52 +00:00
in rec {
ceph = stdenv . mkDerivation {
pname = " c e p h " ;
2020-07-18 16:06:22 +00:00
inherit src version ;
2020-04-24 23:36:52 +00:00
nativeBuildInputs = [
cmake
2023-04-12 12:48:02 +00:00
fmt
git
makeWrapper
2023-10-09 19:29:22 +00:00
nasm
2023-04-12 12:48:02 +00:00
pkg-config
python
2021-06-28 23:13:55 +00:00
python . pkgs . python # for the toPythonPath function
2023-04-12 12:48:02 +00:00
python . pkgs . wrapPython
which
2020-04-24 23:36:52 +00:00
( ensureNewerSourcesHook { year = " 1 9 8 0 " ; } )
2021-04-22 02:08:21 +00:00
# for building docs/man-pages presumably
doxygen
graphviz
2020-04-24 23:36:52 +00:00
] ;
2023-04-12 12:48:02 +00:00
enableParallelBuilding = true ;
2020-04-24 23:36:52 +00:00
buildInputs = cryptoLibsMap . ${ cryptoStr } ++ [
2023-04-12 12:48:02 +00:00
arrow-cpp
babeltrace
boost
bzip2
ceph-python-env
cryptsetup
cunit
gperf
gtest
icu
2023-10-09 19:29:22 +00:00
libcap
2023-04-12 12:48:02 +00:00
libnl
libxml2
lttng-ust
lua
lz4
malloc
oath-toolkit
openldap
optLibatomic_ops
optLibs3
optYasm
rdkafka
rocksdb'
snappy
sqlite
utf8proc
zlib
zstd
2021-02-05 17:12:51 +00:00
] ++ lib . optionals stdenv . isLinux [
2023-04-12 12:48:02 +00:00
keyutils
2023-10-09 19:29:22 +00:00
libcap_ng
2023-04-12 12:48:02 +00:00
liburing
libuuid
linuxHeaders
optLibaio
optLibxfs
optZfs
rabbitmq-c
rdma-core
udev
util-linux
2021-02-05 17:12:51 +00:00
] ++ lib . optionals hasRadosgw [
2023-04-12 12:48:02 +00:00
optCurl
optExpat
optFuse
optLibedit
2020-04-24 23:36:52 +00:00
] ;
pythonPath = [ ceph-python-env " ${ placeholder " o u t " } / ${ ceph-python-env . sitePackages } " ] ;
2024-01-02 11:29:13 +00:00
# replace /sbin and /bin based paths with direct nix store paths
# increase the `command` buffer size since 2 nix store paths cannot fit within 128 characters
2020-04-24 23:36:52 +00:00
preConfigure = ''
2024-01-02 11:29:13 +00:00
substituteInPlace src/common/module.c \
- - replace " c h a r c o m m a n d [ 1 2 8 ] ; " " c h a r c o m m a n d [ 2 5 6 ] ; " \
- - replace " / s b i n / m o d i n f o " " ${ kmod } / b i n / m o d i n f o " \
- - replace " / s b i n / m o d p r o b e " " ${ kmod } / b i n / m o d p r o b e " \
- - replace " / b i n / g r e p " " ${ gnugrep } / b i n / g r e p "
2020-04-24 23:36:52 +00:00
# install target needs to be in PYTHONPATH for "*.pth support" check to succeed
# set PYTHONPATH, so the build system doesn't silently skip installing ceph-volume and others
export PYTHONPATH = $ { ceph-python-env } / $ { sitePackages }: $ lib / $ { sitePackages }: $ out / $ { sitePackages }
2023-10-09 19:29:22 +00:00
patchShebangs src /
2020-04-24 23:36:52 +00:00
'' ;
cmakeFlags = [
" - D C M A K E _ I N S T A L L _ D A T A D I R = ${ placeholder " l i b " } / l i b "
2023-04-12 12:48:02 +00:00
" - D W I T H _ C E P H F S _ S H E L L : B O O L = O N "
" - D W I T H _ S Y S T E M D : B O O L = O F F "
2023-10-09 19:29:22 +00:00
# `WITH_JAEGER` requires `thrift` as a depenedncy (fine), but the build fails with:
# CMake Error at src/opentelemetry-cpp-stamp/opentelemetry-cpp-build-Release.cmake:49 (message):
# Command failed: 2
#
# 'make' 'opentelemetry_trace' 'opentelemetry_exporter_jaeger_trace'
#
# See also
#
# /build/ceph-18.2.0/build/src/opentelemetry-cpp/src/opentelemetry-cpp-stamp/opentelemetry-cpp-build-*.log
# and that file contains:
# /build/ceph-18.2.0/src/jaegertracing/opentelemetry-cpp/exporters/jaeger/src/TUDPTransport.cc: In member function 'virtual void opentelemetry::v1::exporter::jaeger::TUDPTransport::close()':
# /build/ceph-18.2.0/src/jaegertracing/opentelemetry-cpp/exporters/jaeger/src/TUDPTransport.cc:71:7: error: '::close' has not been declared; did you mean 'pclose'?
# 71 | ::THRIFT_CLOSESOCKET(socket_);
# | ^~~~~~~~~~~~~~~~~~
# Looks like `close()` is somehow not included.
# But the relevant code is already removed in `open-telemetry` 1.10: https://github.com/open-telemetry/opentelemetry-cpp/pull/2031
# So it's proably not worth trying to fix that for this Ceph version,
# and instead just disable Ceph's Jaeger support.
" - D W I T H _ J A E G E R : B O O L = O F F "
2023-04-12 12:48:02 +00:00
" - D W I T H _ T E S T S : B O O L = O F F "
# Use our own libraries, where possible
2023-10-09 19:29:22 +00:00
" - D W I T H _ S Y S T E M _ A R R O W : B O O L = O N " # Only used if other options enable Arrow support.
2023-04-12 12:48:02 +00:00
" - D W I T H _ S Y S T E M _ B O O S T : B O O L = O N "
" - D W I T H _ S Y S T E M _ G T E S T : B O O L = O N "
" - D W I T H _ S Y S T E M _ R O C K S D B : B O O L = O N "
" - D W I T H _ S Y S T E M _ U T F 8 P R O C : B O O L = O N "
" - D W I T H _ S Y S T E M _ Z S T D : B O O L = O N "
2020-04-24 23:36:52 +00:00
# TODO breaks with sandbox, tries to download stuff with npm
2023-04-12 12:48:02 +00:00
" - D W I T H _ M G R _ D A S H B O A R D _ F R O N T E N D : B O O L = O F F "
2021-04-22 02:08:21 +00:00
# WITH_XFS has been set default ON from Ceph 16, keeping it optional in nixpkgs for now
'' - D W I T H _ X F S = ${ if optLibxfs != null then " O N " else " O F F " } ''
2021-07-03 03:11:41 +00:00
] ++ lib . optional stdenv . isLinux " - D W I T H _ S Y S T E M _ L I B U R I N G = O N " ;
2020-04-24 23:36:52 +00:00
postFixup = ''
wrapPythonPrograms
wrapProgram $ out/bin/ceph-mgr - - prefix PYTHONPATH " : " " $ ( t o P y t h o n P a t h ${ placeholder " o u t " } ) : $ ( t o P y t h o n P a t h ${ ceph-python-env } ) "
# Test that ceph-volume exists since the build system has a tendency to
# silently drop it with misconfigurations.
test - f $ out/bin/ceph-volume
'' ;
outputs = [ " o u t " " l i b " " d e v " " d o c " " m a n " ] ;
doCheck = false ; # uses pip to install things from the internet
2021-04-26 19:14:03 +00:00
# Takes 7+h to build with 2 cores.
requiredSystemFeatures = [ " b i g - p a r a l l e l " ] ;
2020-07-18 16:06:22 +00:00
meta = getMeta " D i s t r i b u t e d s t o r a g e s y s t e m " ;
2020-04-24 23:36:52 +00:00
2023-04-12 12:48:02 +00:00
passthru = {
inherit version ;
tests = {
inherit ( nixosTests )
ceph-multi-node
ceph-single-node
ceph-single-node-bluestore ;
} ;
} ;
2020-04-24 23:36:52 +00:00
} ;
ceph-client = runCommand " c e p h - c l i e n t - ${ version } " {
2021-12-06 16:07:01 +00:00
meta = getMeta " T o o l s n e e d e d t o m o u n t C e p h ' s R A D O S B l o c k D e v i c e s / C e p h f s " ;
2020-04-24 23:36:52 +00:00
} ''
2020-11-21 19:51:51 +00:00
mkdir - p $ out / { bin , etc , ${ sitePackages } , share/bash-completion/completions }
2020-04-24 23:36:52 +00:00
cp - r $ { ceph } /bin / { ceph , . ceph-wrapped , rados , rbd , rbdmap } $ out/bin
cp - r $ { ceph } /bin/ceph- { authtool , conf , dencoder , rbdnamer , syn } $ out/bin
cp - r $ { ceph } /bin/rbd-replay * $ out/bin
2021-12-06 16:07:01 +00:00
cp - r $ { ceph } /sbin/mount.ceph $ out/bin
cp - r $ { ceph } /sbin/mount.fuse.ceph $ out/bin
ln - s bin $ out/sbin
cp - r $ { ceph } / $ { sitePackages } /* $ o u t / $ { s i t e P a c k a g e s }
2020-11-21 19:51:51 +00:00
cp - r $ { ceph } /etc/bash_completion.d $ out/share/bash-completion/completions
2020-04-24 23:36:52 +00:00
# wrapPythonPrograms modifies .ceph-wrapped, so lets just update its paths
substituteInPlace $ out/bin/ceph - - replace $ { ceph } $ out
substituteInPlace $ out/bin/.ceph-wrapped - - replace $ { ceph } $ out
'' ;
}
