diff --git a/.envrc b/.envrc new file mode 100644 index 0000000000..2493a157f5 --- /dev/null +++ b/.envrc @@ -0,0 +1 @@ +use nix; \ No newline at end of file diff --git a/default.nix b/default.nix new file mode 100644 index 0000000000..17e9f6cb40 --- /dev/null +++ b/default.nix @@ -0,0 +1,47 @@ +scope@{ pkgs ? import { } }: + +let locale = "en_US.UTF8"; +in with pkgs; +buildEnv { + name = "linkerd2-proxy-env"; + paths = with pkgs; + [ + git + bash + direnv + binutils + stdenv + bashInteractive + docker + cacert + gcc + cmake + rustup + pkg-config + openssl + protobuf + docker + (glibcLocales.override { locales = [ locale ]; }) + ] ++ lib.optional stdenv.isDarwin [ Security libiconv ]; + + buildInputs = [ clang libclang ]; + + passthru = with pkgs; { + PROTOC = "${protobuf}/bin/protoc"; + PROTOC_INCLUDE = "${protobuf}/include"; + + LOCALE_ARCHIVE = "${glibcLocales}/lib/locale/locale-archive"; + LC_ALL = locale; + + SSL_CERT_FILE = "${cacert}/etc/ssl/certs/ca-bundle.crt"; + GIT_SSL_CAINFO = "${cacert}/etc/ssl/certs/ca-bundle.crt"; + CURL_CA_BUNDLE = "${cacert}/etc/ca-bundle.crt"; + CARGO_TERM_COLOR = "always"; + RUST_BACKTRACE = "full"; + + LIBCLANG_PATH = "${llvmPackages.libclang.lib}/lib"; + + OPENSSL_DIR = "${openssl.dev}"; + OPENSSL_LIB_DIR = "${openssl.out}/lib"; + }; +} diff --git a/shell.nix b/shell.nix new file mode 100644 index 0000000000..205099037b --- /dev/null +++ b/shell.nix @@ -0,0 +1,56 @@ +scope@{ pkgs ? import { } }: + +let env = (import ./default.nix scope); +in with pkgs; +mkShell { + name = env.name; + + buildInputs = [ (import ./default.nix { inherit pkgs; }) ]; + + # From: https://github.com/NixOS/nixpkgs/blob/1fab95f5190d087e66a3502481e34e15d62090aa/pkgs/applications/networking/browsers/firefox/common.nix#L247-L253 + # Set C flags for Rust's bindgen program. Unlike ordinary C + # compilation, bindgen does not invoke $CC directly. Instead it + # uses LLVM's libclang. To make sure all necessary flags are + # included we need to look in a few places. + shellHook = '' + export BINDGEN_EXTRA_CLANG_ARGS="$(< ${stdenv.cc}/nix-support/libc-crt1-cflags) \ + $(< ${stdenv.cc}/nix-support/libc-cflags) \ + $(< ${stdenv.cc}/nix-support/cc-cflags) \ + $(< ${stdenv.cc}/nix-support/libcxx-cxxflags) \ + ${ + lib.optionalString stdenv.cc.isClang + "-idirafter ${stdenv.cc.cc}/lib/clang/${ + lib.getVersion stdenv.cc.cc + }/include" + } \ + ${ + lib.optionalString stdenv.cc.isGNU + "-isystem ${stdenv.cc.cc}/include/c++/${ + lib.getVersion stdenv.cc.cc + } -isystem ${stdenv.cc.cc}/include/c++/${ + lib.getVersion stdenv.cc.cc + }/${stdenv.hostPlatform.config} -idirafter ${stdenv.cc.cc}/lib/gcc/${stdenv.hostPlatform.config}/${ + lib.getVersion stdenv.cc.cc + }/include" + } \ + " + ''; + + PROTOC = "${protobuf}/bin/protoc"; + PROTOC_INCLUDE = "${protobuf}/include"; + + LOCALE_ARCHIVE = "${glibcLocales}/lib/locale/locale-archive"; + LC_ALL = "en_US.UTF-8"; + + SSL_CERT_FILE = "${cacert}/etc/ssl/certs/ca-bundle.crt"; + GIT_SSL_CAINFO = "${cacert}/etc/ssl/certs/ca-bundle.crt"; + CURL_CA_BUNDLE = "${cacert}/etc/ca-bundle.crt"; + + CARGO_TERM_COLOR = "always"; + RUST_BACKTRACE = "full"; + + LIBCLANG_PATH = "${llvmPackages.libclang.lib}/lib"; + + OPENSSL_DIR = "${openssl.dev}"; + OPENSSL_LIB_DIR = "${openssl.out}/lib"; +}