Ophestra
9d9b7294a4
All checks were successful
Test / Create distribution (push) Successful in 1m1s
Test / Sandbox (push) Successful in 2m42s
Test / Hakurei (push) Successful in 4m1s
Test / ShareFS (push) Successful in 4m1s
Test / Hpkg (push) Successful in 4m32s
Test / Sandbox (race detector) (push) Successful in 4m58s
Test / Hakurei (race detector) (push) Successful in 6m14s
Test / Flake checks (push) Successful in 1m49s
This is much cleaner to add extra flags to. Signed-off-by: Ophestra <cat@gensokyo.uk>
81 lines
2.2 KiB
Go
81 lines
2.2 KiB
Go
package rosa
|
|
|
|
import (
|
|
"hakurei.app/internal/pkg"
|
|
)
|
|
|
|
func (t Toolchain) newNSS() pkg.Artifact {
|
|
const (
|
|
version = "3_120"
|
|
checksum = "9M0SNMrj9BJp6RH2rQnMm6bZWtP0Kgj64D5JNPHF7Cxr2_8kfy3msubIcvEPwC35"
|
|
|
|
version0 = "4_38_2"
|
|
checksum0 = "25x2uJeQnOHIiq_zj17b4sYqKgeoU8-IsySUptoPcdHZ52PohFZfGuIisBreWzx0"
|
|
)
|
|
return t.New("nss-"+version, 0, []pkg.Artifact{
|
|
t.Load(Make),
|
|
t.Load(Perl),
|
|
t.Load(Python),
|
|
|
|
t.Load(Zlib),
|
|
t.Load(KernelHeaders),
|
|
}, nil, nil, `
|
|
unzip /usr/src/nspr.zip -d /usr/src
|
|
mv '/usr/src/nspr-NSPR_`+version0+`_RTM' /usr/src/nspr
|
|
|
|
chmod -R +w /usr/src/nss
|
|
cd /usr/src/nss
|
|
|
|
make \
|
|
"-j$(nproc)" \
|
|
CCC="clang++" \
|
|
NSDISTMODE=copy \
|
|
BUILD_OPT=1 \
|
|
USE_64=1 \
|
|
nss_build_all
|
|
mkdir -p /work/system/nss
|
|
cp -r \
|
|
/usr/src/dist/. \
|
|
lib/ckfw/builtins/certdata.txt \
|
|
/work/system/nss
|
|
`, pkg.Path(AbsUsrSrc.Append("nss"), true, pkg.NewHTTPGetTar(
|
|
nil, "https://github.com/nss-dev/nss/archive/refs/tags/"+
|
|
"NSS_"+version+"_RTM.tar.gz",
|
|
mustDecode(checksum),
|
|
pkg.TarGzip,
|
|
)), pkg.Path(AbsUsrSrc.Append("nspr.zip"), false, pkg.NewHTTPGet(
|
|
nil, "https://hg-edge.mozilla.org/projects/nspr/archive/"+
|
|
"NSPR_"+version0+"_RTM.zip",
|
|
mustDecode(checksum0),
|
|
)))
|
|
}
|
|
func init() { artifactsF[NSS] = Toolchain.newNSS }
|
|
|
|
func (t Toolchain) newBuildCATrust() pkg.Artifact {
|
|
const version = "0.4.0"
|
|
return t.newViaPip("buildcatrust", version, "none", "any",
|
|
"k_FGzkRCLjbTWBkuBLzQJ1S8FPAz19neJZlMHm0t10F2Y0hElmvVwdSBRc03Rjo1",
|
|
"https://github.com/nix-community/buildcatrust/"+
|
|
"releases/download/v"+version+"/")
|
|
}
|
|
func init() { artifactsF[buildcatrust] = Toolchain.newBuildCATrust }
|
|
|
|
func (t Toolchain) newNSSCACert() pkg.Artifact {
|
|
return t.New("nss-cacert", 0, []pkg.Artifact{
|
|
t.Load(Python),
|
|
|
|
t.Load(NSS),
|
|
t.Load(buildcatrust),
|
|
}, nil, nil, `
|
|
mkdir -p /work/etc/ssl/{certs/unbundled,certs/hashed,trust-source}
|
|
buildcatrust \
|
|
--certdata_input /system/nss/certdata.txt \
|
|
--ca_bundle_output /work/etc/ssl/certs/ca-bundle.crt \
|
|
--ca_standard_bundle_output /work/etc/ssl/certs/ca-no-trust-rules-bundle.crt \
|
|
--ca_unpacked_output /work/etc/ssl/certs/unbundled \
|
|
--ca_hashed_unpacked_output /work/etc/ssl/certs/hashed \
|
|
--p11kit_output /work/etc/ssl/trust-source/ca-bundle.trust.p11-kit
|
|
`)
|
|
}
|
|
func init() { artifactsF[NSSCACert] = Toolchain.newNSSCACert }
|