diff --git a/lib/default.nix b/lib/default.nix index 56e002ddc589..cb9a9b0bd4d0 100644 --- a/lib/default.nix +++ b/lib/default.nix @@ -31,6 +31,7 @@ let # domain-specific sandbox = import ./sandbox.nix; + fetchers = import ./fetchers.nix; in { inherit trivial @@ -39,7 +40,7 @@ in modules options types licenses platforms systems debug misc - sandbox; + sandbox fetchers; } # !!! don't include everything at top-level; perhaps only the most # commonly used functions. diff --git a/lib/fetchers.nix b/lib/fetchers.nix new file mode 100644 index 000000000000..19d89d6c4074 --- /dev/null +++ b/lib/fetchers.nix @@ -0,0 +1,12 @@ +# snippets that can be shared by mutliple fetchers (pkgs/build-support) +{ + + proxyImpureEnvVars = [ + # We borrow these environment variables from the caller to allow + # easy proxy configuration. This is impure, but a fixed-output + # derivation like fetchurl is allowed to do so since its result is + # by definition pure. + "http_proxy" "https_proxy" "ftp_proxy" "all_proxy" "no_proxy" + ]; + +} diff --git a/pkgs/applications/networking/browsers/chromium/update.nix b/pkgs/applications/networking/browsers/chromium/update.nix index bd7e256bfa9d..23f06569fa95 100644 --- a/pkgs/applications/networking/browsers/chromium/update.nix +++ b/pkgs/applications/networking/browsers/chromium/update.nix @@ -157,9 +157,7 @@ in rec { fi ''; - impureEnvVars = [ - "http_proxy" "https_proxy" "ftp_proxy" "all_proxy" "no_proxy" - ]; + impureEnvVars = lib.fetchers.proxyImpureEnvVars; }; in { diff --git a/pkgs/applications/networking/cluster/chronos/chronos-deps.nix b/pkgs/applications/networking/cluster/chronos/chronos-deps.nix index d258c493aa1a..1caf1ce0bc8e 100644 --- a/pkgs/applications/networking/cluster/chronos/chronos-deps.nix +++ b/pkgs/applications/networking/cluster/chronos/chronos-deps.nix @@ -10,9 +10,5 @@ stdenv.mkDerivation { buildInputs = [ curl ]; - # We borrow these environment variables from the caller to allow - # easy proxy configuration. This is impure, but a fixed-output - # derivation like fetchurl is allowed to do so since its result is - # by definition pure. - impureEnvVars = ["http_proxy" "https_proxy" "ftp_proxy" "all_proxy" "no_proxy"]; + impureEnvVars = stdenv.lib.fetchers.proxyImpureEnvVars; } diff --git a/pkgs/applications/networking/cluster/mesos/mesos-deps.nix b/pkgs/applications/networking/cluster/mesos/mesos-deps.nix index f8d5dd2c9d6f..b6fcbaafbb10 100644 --- a/pkgs/applications/networking/cluster/mesos/mesos-deps.nix +++ b/pkgs/applications/networking/cluster/mesos/mesos-deps.nix @@ -10,9 +10,5 @@ stdenv.mkDerivation { buildInputs = [ curl ]; - # We borrow these environment variables from the caller to allow - # easy proxy configuration. This is impure, but a fixed-output - # derivation like fetchurl is allowed to do so since its result is - # by definition pure. - impureEnvVars = ["http_proxy" "https_proxy" "ftp_proxy" "all_proxy" "no_proxy"]; + impureEnvVars = stdenv.lib.fetchers.proxyImpureEnvVars; } diff --git a/pkgs/build-support/docker/pull.nix b/pkgs/build-support/docker/pull.nix index a5e7acaf159f..0e1b147f6e18 100644 --- a/pkgs/build-support/docker/pull.nix +++ b/pkgs/build-support/docker/pull.nix @@ -26,17 +26,11 @@ let layer = stdenv.mkDerivation { outputHash = sha256; outputHashMode = "recursive"; - impureEnvVars = [ - # We borrow these environment variables from the caller to allow - # easy proxy configuration. This is impure, but a fixed-output - # derivation like fetchurl is allowed to do so since its result is - # by definition pure. - "http_proxy" "https_proxy" "ftp_proxy" "all_proxy" "no_proxy" - + impureEnvVars = lib.fetchers.proxyImpureEnvVars ++ [ # This variable allows the user to pass additional options to curl "NIX_CURL_FLAGS" ]; - + # Doing the download on a remote machine just duplicates network # traffic, so don't do that. preferLocalBuild = true; diff --git a/pkgs/build-support/fetchadc/default.nix b/pkgs/build-support/fetchadc/default.nix index ac7a442de315..4d759e6f7f18 100644 --- a/pkgs/build-support/fetchadc/default.nix +++ b/pkgs/build-support/fetchadc/default.nix @@ -1,15 +1,5 @@ { stdenv, curl, adc_user, adc_pass }: -let - impureEnvVars = [ - # We borrow these environment variables from the caller to allow - # easy proxy configuration. This is impure, but a fixed-output - # derivation like fetchurl is allowed to do so since its result is - # by definition pure. - "http_proxy" "https_proxy" "ftp_proxy" "all_proxy" "no_proxy" - ]; -in - { # Path to fetch. path diff --git a/pkgs/build-support/fetchegg/default.nix b/pkgs/build-support/fetchegg/default.nix index 223d2098c770..3e0d5d566ad7 100644 --- a/pkgs/build-support/fetchegg/default.nix +++ b/pkgs/build-support/fetchegg/default.nix @@ -17,12 +17,6 @@ stdenv.mkDerivation { eggName = name; - impureEnvVars = [ - # We borrow these environment variables from the caller to allow - # easy proxy configuration. This is impure, but a fixed-output - # derivation like fetchurl is allowed to do so since its result is - # by definition pure. - "http_proxy" "https_proxy" "ftp_proxy" "all_proxy" "no_proxy" - ]; + impureEnvVars = stdenv.lib.fetchers.proxyImpureEnvVars; } diff --git a/pkgs/build-support/fetchgit/default.nix b/pkgs/build-support/fetchgit/default.nix index 7f98c97fc55b..105b3d56bf42 100644 --- a/pkgs/build-support/fetchgit/default.nix +++ b/pkgs/build-support/fetchgit/default.nix @@ -56,13 +56,9 @@ stdenv.mkDerivation { GIT_SSL_CAINFO = "${cacert}/etc/ssl/certs/ca-bundle.crt"; - impureEnvVars = [ - # We borrow these environment variables from the caller to allow - # easy proxy configuration. This is impure, but a fixed-output - # derivation like fetchurl is allowed to do so since its result is - # by definition pure. - "http_proxy" "https_proxy" "ftp_proxy" "all_proxy" "no_proxy" "GIT_PROXY_COMMAND" "SOCKS_SERVER" - ]; + impureEnvVars = stdenv.lib.fetchers.proxyImpureEnvVars ++ [ + "GIT_PROXY_COMMAND" "SOCKS_SERVER" + ]; preferLocalBuild = true; } diff --git a/pkgs/build-support/fetchhg/default.nix b/pkgs/build-support/fetchhg/default.nix index 214e9b1387b6..79f610166a79 100644 --- a/pkgs/build-support/fetchhg/default.nix +++ b/pkgs/build-support/fetchhg/default.nix @@ -6,9 +6,7 @@ stdenv.mkDerivation { builder = ./builder.sh; buildInputs = [mercurial]; - impureEnvVars = [ - "http_proxy" "https_proxy" "ftp_proxy" "all_proxy" "no_proxy" - ]; + impureEnvVars = stdenv.lib.fetchers.proxyImpureEnvVars; # Nix <= 0.7 compatibility. id = md5; diff --git a/pkgs/build-support/fetchmtn/default.nix b/pkgs/build-support/fetchmtn/default.nix index daead9ad6d2d..1dc14e8cab13 100644 --- a/pkgs/build-support/fetchmtn/default.nix +++ b/pkgs/build-support/fetchmtn/default.nix @@ -19,12 +19,7 @@ stdenv.mkDerivation { dbs = defaultDBMirrors ++ dbs; inherit branch cacheDB name selector; - impureEnvVars = [ - # We borrow these environment variables from the caller to allow - # easy proxy configuration. This is impure, but a fixed-output - # derivation like fetchurl is allowed to do so since its result is - # by definition pure. - "http_proxy" "https_proxy" "ftp_proxy" "all_proxy" "no_proxy" - ]; + impureEnvVars = stdenv.lib.fetchers.proxyImpureEnvVars; + } diff --git a/pkgs/build-support/fetchsvn/default.nix b/pkgs/build-support/fetchsvn/default.nix index 90dc13439a0f..85ec52c4bde0 100644 --- a/pkgs/build-support/fetchsvn/default.nix +++ b/pkgs/build-support/fetchsvn/default.nix @@ -33,13 +33,6 @@ stdenv.mkDerivation { inherit url rev sshSupport openssh ignoreExternals; - impureEnvVars = [ - # We borrow these environment variables from the caller to allow - # easy proxy configuration. This is impure, but a fixed-output - # derivation like fetchurl is allowed to do so since its result is - # by definition pure. - "http_proxy" "https_proxy" "ftp_proxy" "all_proxy" "no_proxy" - ]; - + impureEnvVars = stdenv.lib.fetchers.proxyImpureEnvVars; preferLocalBuild = true; } diff --git a/pkgs/build-support/fetchurl/default.nix b/pkgs/build-support/fetchurl/default.nix index a7c76737e1ad..00f485ce6975 100644 --- a/pkgs/build-support/fetchurl/default.nix +++ b/pkgs/build-support/fetchurl/default.nix @@ -20,13 +20,7 @@ let # "gnu", etc.). sites = builtins.attrNames mirrors; - impureEnvVars = [ - # We borrow these environment variables from the caller to allow - # easy proxy configuration. This is impure, but a fixed-output - # derivation like fetchurl is allowed to do so since its result is - # by definition pure. - "http_proxy" "https_proxy" "ftp_proxy" "all_proxy" "no_proxy" - + impureEnvVars = stdenv.lib.fetchers.proxyImpureEnvVars ++ [ # This variable allows the user to pass additional options to curl "NIX_CURL_FLAGS" diff --git a/pkgs/build-support/rust/fetchcargo.nix b/pkgs/build-support/rust/fetchcargo.nix index 1b4983e32597..0c9625e51405 100644 --- a/pkgs/build-support/rust/fetchcargo.nix +++ b/pkgs/build-support/rust/fetchcargo.nix @@ -20,6 +20,6 @@ stdenv.mkDerivation { outputHashMode = "recursive"; outputHash = sha256; - impureEnvVars = [ "http_proxy" "https_proxy" "ftp_proxy" "all_proxy" "no_proxy" ]; + impureEnvVars = stdenv.lib.fetchers.proxyImpureEnvVars; preferLocalBuild = true; }