{ lib, stdenv, fetchurl, pkg-config, nettle, libidn, libnetfilter_conntrack, nftables, buildPackages, dbusSupport ? stdenv.hostPlatform.isLinux, dbus, nixosTests, }: let copts = lib.concatStringsSep " " ( [ "-DHAVE_IDN" "-DHAVE_DNSSEC" ] ++ lib.optionals dbusSupport [ "-DHAVE_DBUS" ] ++ lib.optionals stdenv.hostPlatform.isLinux [ "-DHAVE_CONNTRACK" "-DHAVE_NFTSET" ] ); in stdenv.mkDerivation rec { pname = "dnsmasq"; version = "2.90"; src = fetchurl { url = "https://www.thekelleys.org.uk/dnsmasq/${pname}-${version}.tar.xz"; hash = "sha256-jlAwm9g3v+yWSagS4GbAm2mItz10m30pPAbFfUahCeQ="; }; postPatch = lib.optionalString stdenv.hostPlatform.isLinux '' sed '1i#include ' -i src/dhcp.c ''; preBuild = '' makeFlagsArray=("COPTS=${copts}") ''; makeFlags = [ "DESTDIR=" "BINDIR=$(out)/bin" "MANDIR=$(out)/man" "LOCALEDIR=$(out)/share/locale" "PKG_CONFIG=${buildPackages.pkg-config}/bin/${buildPackages.pkg-config.targetPrefix}pkg-config" ]; hardeningEnable = [ "pie" ]; postBuild = lib.optionalString stdenv.hostPlatform.isLinux '' make -C contrib/lease-tools ''; # XXX: Does the systemd service definition really belong here when our NixOS # module can create it in Nix-land? postInstall = '' install -Dm644 trust-anchors.conf $out/share/dnsmasq/trust-anchors.conf '' + lib.optionalString stdenv.hostPlatform.isDarwin '' install -Dm644 contrib/MacOSX-launchd/uk.org.thekelleys.dnsmasq.plist \ $out/Library/LaunchDaemons/uk.org.thekelleys.dnsmasq.plist substituteInPlace $out/Library/LaunchDaemons/uk.org.thekelleys.dnsmasq.plist \ --replace "/usr/local/sbin" "$out/bin" '' + lib.optionalString stdenv.hostPlatform.isLinux '' install -Dm755 contrib/lease-tools/dhcp_lease_time $out/bin/dhcp_lease_time install -Dm755 contrib/lease-tools/dhcp_release $out/bin/dhcp_release install -Dm755 contrib/lease-tools/dhcp_release6 $out/bin/dhcp_release6 '' + lib.optionalString dbusSupport '' install -Dm644 dbus/dnsmasq.conf $out/share/dbus-1/system.d/dnsmasq.conf mkdir -p $out/share/dbus-1/system-services cat < $out/share/dbus-1/system-services/uk.org.thekelleys.dnsmasq.service [D-BUS Service] Name=uk.org.thekelleys.dnsmasq Exec=$out/bin/dnsmasq -k -1 User=root SystemdService=dnsmasq.service END ''; nativeBuildInputs = [ pkg-config ]; buildInputs = [ nettle libidn ] ++ lib.optionals dbusSupport [ dbus ] ++ lib.optionals stdenv.hostPlatform.isLinux [ libnetfilter_conntrack nftables ]; passthru.tests = { prometheus-exporter = nixosTests.prometheus-exporters.dnsmasq; # these tests use dnsmasq incidentally inherit (nixosTests) dnscrypt-proxy2; kubernetes-dns-single = nixosTests.kubernetes.dns-single-node; kubernetes-dns-multi = nixosTests.kubernetes.dns-multi-node; }; meta = with lib; { description = "Integrated DNS, DHCP and TFTP server for small networks"; homepage = "https://www.thekelleys.org.uk/dnsmasq/doc.html"; license = licenses.gpl2Only; mainProgram = "dnsmasq"; platforms = with platforms; linux ++ darwin; maintainers = with maintainers; [ fpletz globin ]; }; }