nixpkgs/pkgs/servers/frr/default.nix
Frank Doepper ecdfb14ef9 nixos/frr: refactor
- use upstream service and scripts
- switch to integrated-vtysh-config, abandon per-daemon config
- use always daemon names in options (e.g. ospf -> ospfd)
- zebra, mgmtd and staticd are always enabled
- abandon vtyListenAddress, vtyListenPort options; use
  just "extraOptions" or "options" instead, respectively
- extend test to test staticd
- update release-notes
- pkgs.servers.frr: fix sbindir and remove FHS PATH
- introduce services.frr.openFilesLimit option
2024-10-09 22:49:50 +02:00

247 lines
7.1 KiB
Nix
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

{ lib
, stdenv
, fetchFromGitHub
, fetchpatch
# build time
, autoreconfHook
, flex
, bison
, perl
, pkg-config
, texinfo
, buildPackages
# runtime
, c-ares
, json_c
, libcap
, elfutils
, libunwind
, libyang
, net-snmp
, openssl
, pam
, pcre2
, python3
, readline
, rtrlib
, protobufc
, zeromq
# tests
, nettools
, nixosTests
# FRR's configure.ac gets SNMP options by executing net-snmp-config on the build host
# This leads to compilation errors when cross compiling.
# E.g. net-snmp-config for x86_64 does not return the ARM64 paths.
#
# SNMP_LIBS="`${NETSNMP_CONFIG} --agent-libs`"
# SNMP_CFLAGS="`${NETSNMP_CONFIG} --base-cflags`"
, snmpSupport ? stdenv.buildPlatform.canExecute stdenv.hostPlatform
# other general options besides snmp support
, rpkiSupport ? true
, numMultipath ? 64
, watchfrrSupport ? true
, cumulusSupport ? false
, rtadvSupport ? true
, irdpSupport ? true
, routeReplacementSupport ? true
, mgmtdSupport ? true
# routing daemon options
, bgpdSupport ? true
, ripdSupport ? true
, ripngdSupport ? true
, ospfdSupport ? true
, ospf6dSupport ? true
, ldpdSupport ? true
, nhrpdSupport ? true
, eigrpdSupport ? true
, babeldSupport ? true
, isisdSupport ? true
, pimdSupport ? true
, pim6dSupport ? true
, sharpdSupport ? true
, fabricdSupport ? true
, vrrpdSupport ? true
, pathdSupport ? true
, bfddSupport ? true
, pbrdSupport ? true
, staticdSupport ? true
# BGP options
, bgpAnnounce ? true
, bgpBmp ? true
, bgpVnc ? true
# OSPF options
, ospfApi ? true
}:
lib.warnIf (!(stdenv.buildPlatform.canExecute stdenv.hostPlatform))
"cannot enable SNMP support due to cross-compilation issues with net-snmp-config"
stdenv.mkDerivation (finalAttrs: {
pname = "frr";
version = "10.1";
src = fetchFromGitHub {
owner = "FRRouting";
repo = finalAttrs.pname;
rev = "${finalAttrs.pname}-${finalAttrs.version}";
hash = "sha256-pmFdxL8QpyXvpX2YiSOZ+KIoNaj1OOH6/qnVAWZLE9s=";
};
patches = [
(fetchpatch {
name = "CVE-2024-44070.patch";
url = "https://github.com/FRRouting/frr/commit/fea4ed5043b4a523921f970a39a565d2c1ca381f.patch";
hash = "sha256-X9FjQeOvo92+mL1z3u5W0LBhhePDAyhFAqh8sAtNNm8=";
})
];
nativeBuildInputs = [
autoreconfHook
bison
flex
perl
pkg-config
python3.pkgs.sphinx
texinfo
protobufc
];
buildInputs = [
c-ares
json_c
libunwind
libyang
openssl
pam
pcre2
protobufc
python3
readline
rtrlib
zeromq
] ++ lib.optionals stdenv.hostPlatform.isLinux [
libcap
] ++ lib.optionals snmpSupport [
net-snmp
] ++ lib.optionals (lib.meta.availableOn stdenv.hostPlatform elfutils) [
elfutils
];
# otherwise in cross-compilation: "configure: error: no working python version found"
depsBuildBuild = [
buildPackages.python3
];
# cross-compiling: clippy is compiled with the build host toolchain, split it out to ease
# navigation in dependency hell
clippy-helper = buildPackages.callPackage ./clippy-helper.nix { frrVersion = finalAttrs.version; frrSource = finalAttrs.src; };
configureFlags = [
"--disable-silent-rules"
"--disable-exampledir"
"--enable-configfile-mask=0640"
"--enable-group=frr"
"--enable-logfile-mask=0640"
"--enable-multipath=${toString numMultipath}"
"--enable-user=frr"
"--enable-vty-group=frrvty"
"--localstatedir=/run/frr"
"--sbindir=${placeholder "out"}/libexec/frr"
"--sysconfdir=/etc/frr"
"--with-clippy=${finalAttrs.clippy-helper}/bin/clippy"
# general options
(lib.strings.enableFeature snmpSupport "snmp")
(lib.strings.enableFeature rpkiSupport "rpki")
(lib.strings.enableFeature watchfrrSupport "watchfrr")
(lib.strings.enableFeature rtadvSupport "rtadv")
(lib.strings.enableFeature irdpSupport "irdp")
(lib.strings.enableFeature routeReplacementSupport "rr-semantics")
(lib.strings.enableFeature mgmtdSupport "mgmtd")
# routing protocols
(lib.strings.enableFeature bgpdSupport "bgpd")
(lib.strings.enableFeature ripdSupport "ripd")
(lib.strings.enableFeature ripngdSupport "ripngd")
(lib.strings.enableFeature ospfdSupport "ospfd")
(lib.strings.enableFeature ospf6dSupport "ospf6d")
(lib.strings.enableFeature ldpdSupport "ldpd")
(lib.strings.enableFeature nhrpdSupport "nhrpd")
(lib.strings.enableFeature eigrpdSupport "eigrpd")
(lib.strings.enableFeature babeldSupport "babeld")
(lib.strings.enableFeature isisdSupport "isisd")
(lib.strings.enableFeature pimdSupport "pimd")
(lib.strings.enableFeature pim6dSupport "pim6d")
(lib.strings.enableFeature sharpdSupport "sharpd")
(lib.strings.enableFeature fabricdSupport "fabricd")
(lib.strings.enableFeature vrrpdSupport "vrrpd")
(lib.strings.enableFeature pathdSupport "pathd")
(lib.strings.enableFeature bfddSupport "bfdd")
(lib.strings.enableFeature pbrdSupport "pbrd")
(lib.strings.enableFeature staticdSupport "staticd")
# BGP options
(lib.strings.enableFeature bgpAnnounce "bgp-announce")
(lib.strings.enableFeature bgpBmp "bgp-bmp")
(lib.strings.enableFeature bgpVnc "bgp-vnc")
# OSPF options
(lib.strings.enableFeature ospfApi "ospfapi")
# Cumulus options
(lib.strings.enableFeature cumulusSupport "cumulus")
];
postPatch = ''
substituteInPlace tools/frr-reload \
--replace-quiet /usr/lib/frr/ $out/libexec/frr/
sed -i '/^PATH=/ d' tools/frr.in tools/frrcommon.sh.in
'';
doCheck = true;
nativeCheckInputs = [
nettools
python3.pkgs.pytest
];
enableParallelBuilding = true;
meta = with lib; {
homepage = "https://frrouting.org/";
description = "FRR BGP/OSPF/ISIS/RIP/RIPNG routing daemon suite";
longDescription = ''
FRRouting (FRR) is a free and open source Internet routing protocol suite
for Linux and Unix platforms. It implements BGP, OSPF, RIP, IS-IS, PIM,
LDP, BFD, Babel, PBR, OpenFabric and VRRP, with alpha support for EIGRP
and NHRP.
FRRs seamless integration with native Linux/Unix IP networking stacks
makes it a general purpose routing stack applicable to a wide variety of
use cases including connecting hosts/VMs/containers to the network,
advertising network services, LAN switching and routing, Internet access
routers, and Internet peering.
FRR has its roots in the Quagga project. In fact, it was started by many
long-time Quagga developers who combined their efforts to improve on
Quaggas well-established foundation in order to create the best routing
protocol stack available. We invite you to participate in the FRRouting
community and help shape the future of networking.
Join the ranks of network architects using FRR for ISPs, SaaS
infrastructure, web 2.0 businesses, hyperscale services, and Fortune 500
private clouds.
'';
license = with licenses; [ gpl2Plus lgpl21Plus ];
maintainers = with maintainers; [ woffs thillux ];
# adapt to platforms stated in http://docs.frrouting.org/en/latest/overview.html#supported-platforms
platforms = (platforms.linux ++ platforms.freebsd ++ platforms.netbsd ++ platforms.openbsd);
};
passthru.tests = { inherit (nixosTests) frr; };
})