From d95db34ef9ae6640bdc359964acc6b1d057e37a9 Mon Sep 17 00:00:00 2001 From: Leona Maroni Date: Fri, 29 May 2026 11:21:17 +0200 Subject: [PATCH] varnish60: drop uses EOL pcre, complicates our handling inside Nixpkgs. There are much newer versions available. --- .../services/web-servers/varnish/default.nix | 17 ++---- nixos/tests/all-tests.nix | 4 -- nixos/tests/varnish.nix | 30 ++++------- pkgs/servers/varnish/default.nix | 40 ++------------ pkgs/servers/varnish/digest.nix | 52 ------------------- pkgs/servers/varnish/dynamic.nix | 41 --------------- pkgs/servers/varnish/modules.nix | 4 -- pkgs/servers/varnish/packages.nix | 16 ------ pkgs/top-level/aliases.nix | 2 + pkgs/top-level/all-packages.nix | 2 - 10 files changed, 18 insertions(+), 190 deletions(-) delete mode 100644 pkgs/servers/varnish/digest.nix delete mode 100644 pkgs/servers/varnish/dynamic.nix diff --git a/nixos/modules/services/web-servers/varnish/default.nix b/nixos/modules/services/web-servers/varnish/default.nix index 3d6a41498a70..853db01f0204 100644 --- a/nixos/modules/services/web-servers/varnish/default.nix +++ b/nixos/modules/services/web-servers/varnish/default.nix @@ -21,20 +21,9 @@ let # Varnish has very strong opinions and very complicated code around handling # the stateDir. After a lot of back and forth, we decided that we a) # do not want a configurable option here, as most of the handling depends - # on the version and the compile time options. Putting everything into - # /var/run (RAM backed) is absolutely recommended by Varnish anyways. - # We do need to pay attention to the version-dependend variations, though! - stateDir = - if - (lib.versionOlder cfg.package.version "7") - # Remove after Varnish 6.0 is gone. In 6.0 varnishadm always appends the - # hostname (by default) and can't be nudged to not use any name. This has - # long changed by 7.5 and can be used without the host name. - then - "/var/run/varnish/${config.networking.hostName}" - # Newer varnish uses this: - else - "/var/run/varnishd"; + # on the compile time options. Putting everything into /var/run (RAM backed) + # is absolutely recommended by Varnish anyways. + stateDir = "/var/run/varnishd"; # from --help: # -a [=]address[:port][,proto] # HTTP listen address and port diff --git a/nixos/tests/all-tests.nix b/nixos/tests/all-tests.nix index f9ecf72845ed..1705979363a3 100644 --- a/nixos/tests/all-tests.nix +++ b/nixos/tests/all-tests.nix @@ -1757,10 +1757,6 @@ in utils = import ./utils { inherit runTest; }; uwsgi = runTest ./uwsgi.nix; v2ray = runTest ./v2ray.nix; - varnish60 = runTest { - imports = [ ./varnish.nix ]; - _module.args.package = pkgs.varnish60; - }; varnish80 = runTest { imports = [ ./varnish.nix ]; _module.args.package = pkgs.varnish80; diff --git a/nixos/tests/varnish.nix b/nixos/tests/varnish.nix index e90420d1334e..a234765aed63 100644 --- a/nixos/tests/varnish.nix +++ b/nixos/tests/varnish.nix @@ -3,12 +3,7 @@ let testPath = pkgs.hello; # Same stateDir logic as in nixos/modules/services/web-servers/varnish/default.nix - stateDir = - hostName: - if (pkgs.lib.versionOlder package.version "7") then - "/var/run/varnish/${hostName}" - else - "/var/run/varnishd"; + stateDir = "/var/run/varnishd"; in { name = "varnish"; @@ -46,14 +41,11 @@ in proto = "PROXY"; } { - address = "${stateDir config.networking.hostName}/client.http.sock"; + address = "/var/run/varnishd/client.http.sock"; user = "varnish"; group = "varnish"; mode = "660"; } - ] - ++ lib.optionals (lib.versionAtLeast package.version "7.3") [ - # Support added in 7.3.0 { address = "@asdf"; } ]; config = '' @@ -78,17 +70,13 @@ in assertion = lib.hasInfix pattern cmdline; message = "Address argument `${pattern}` missing in commandline `${cmdline}`."; }) - ( - [ - " -a 0.0.0.0:80,HTTP " - " -a proxyport=0.0.0.0:8080,PROXY " - " -a ${stateDir config.networking.hostName}/client.http.sock,HTTP,user=varnish,group=varnish,mode=660 " - " -a 0.0.0.0:81 " - ] - ++ lib.optionals (lib.versionAtLeast package.version "7.3") [ - " -a @asdf,HTTP " - ] - ); + [ + " -a 0.0.0.0:80,HTTP " + " -a proxyport=0.0.0.0:8080,PROXY " + " -a /var/run/varnishd/client.http.sock,HTTP,user=varnish,group=varnish,mode=660 " + " -a 0.0.0.0:81 " + " -a @asdf,HTTP " + ]; }; client = diff --git a/pkgs/servers/varnish/default.nix b/pkgs/servers/varnish/default.nix index 14b9ccde0eb6..1c7d0a8b6d7f 100644 --- a/pkgs/servers/varnish/default.nix +++ b/pkgs/servers/varnish/default.nix @@ -2,9 +2,7 @@ lib, stdenv, fetchurl, - fetchpatch2, buildPackages, - pcre, pcre2, jemalloc, libunwind, @@ -51,9 +49,8 @@ let readline libedit python3 + pcre2 ] - ++ lib.optional (lib.versionOlder version "7") pcre - ++ lib.optional (lib.versionAtLeast version "7") pcre2 ++ lib.optional stdenv.hostPlatform.isDarwin libunwind ++ lib.optional stdenv.hostPlatform.isLinux jemalloc; @@ -67,33 +64,9 @@ let buildFlags = [ "localstatedir=/var/run" ]; - patches = - lib.optionals - (stdenv.hostPlatform.isDarwin && lib.versionAtLeast version "7.7" && lib.versionOlder version "8.0") - [ - # Fix VMOD section attribute on macOS - # Unreleased commit on master - (fetchpatch2 { - url = "https://github.com/varnishcache/varnish-cache/commit/a95399f5b9eda1bfdba6ee6406c30a1ed0720167.patch"; - hash = "sha256-T7DIkmnq0O+Cr9DTJS4/rOtg3J6PloUo8jHMWoUZYYk="; - }) - # Fix endian.h compatibility on macOS - # PR: https://github.com/varnishcache/varnish-cache/pull/4339 - ./patches/0001-fix-endian-h-compatibility-on-macos.patch - ] - ++ lib.optionals (stdenv.hostPlatform.isDarwin && lib.versionOlder version "7.6") [ - # Fix duplicate OS_CODE definitions on macOS - # PR: https://github.com/varnishcache/varnish-cache/pull/4347 - ./patches/0002-fix-duplicate-os-code-definitions-on-macos.patch - ]; - - postPatch = - lib.optionalString (lib.versionOlder version "8.0") '' - substituteInPlace bin/varnishtest/vtc_main.c --replace-fail /bin/rm "${coreutils}/bin/rm" - '' - + lib.optionalString (lib.versionAtLeast version "8.0") '' - substituteInPlace bin/varnishtest/vtest2/src/vtc_main.c --replace-fail /bin/rm "${coreutils}/bin/rm" - ''; + postPatch = '' + substituteInPlace bin/varnishtest/vtest2/src/vtc_main.c --replace-fail /bin/rm "${coreutils}/bin/rm" + ''; postConfigure = lib.optionalString (!stdenv.buildPlatform.canExecute stdenv.hostPlatform) '' # prevent cache invalidation @@ -152,11 +125,6 @@ let }; in { - # EOL (LTS) TBA - varnish60 = common { - version = "6.0.18"; - hash = "sha256-AULWbT0Mz/12TOcsa6vkiJGmwNIb+lxKJMyyvqo1x/A="; - }; # EOL 2026-09-15 varnish80 = common { version = "8.0.2"; diff --git a/pkgs/servers/varnish/digest.nix b/pkgs/servers/varnish/digest.nix deleted file mode 100644 index fcf4dde38249..000000000000 --- a/pkgs/servers/varnish/digest.nix +++ /dev/null @@ -1,52 +0,0 @@ -{ - lib, - stdenv, - fetchFromGitHub, - autoreconfHook, - pkg-config, - varnish, - libmhash, - docutils, - coreutils, - version, - sha256, -}: - -stdenv.mkDerivation rec { - pname = "${varnish.name}-digest"; - inherit version; - - src = fetchFromGitHub { - owner = "varnish"; - repo = "libvmod-digest"; - rev = version; - inherit sha256; - }; - - nativeBuildInputs = [ - autoreconfHook - pkg-config - docutils - ]; - buildInputs = [ - varnish - libmhash - ]; - - postPatch = '' - substituteInPlace autogen.sh --replace "''${dataroot}/aclocal" "${varnish.dev}/share/aclocal" - substituteInPlace Makefile.am --replace "''${LIBVARNISHAPI_DATAROOTDIR}/aclocal" "${varnish.dev}/share/aclocal" - ''; - - configureFlags = [ "VMOD_DIR=$(out)/lib/varnish/vmods" ]; - - env.NIX_CFLAGS_COMPILE = toString [ "-Wno-error=deprecated-declarations" ]; - - doCheck = true; - - meta = { - description = "Digest and HMAC vmod"; - homepage = "https://github.com/varnish/libvmod-digest"; - inherit (varnish.meta) license platforms; - }; -} diff --git a/pkgs/servers/varnish/dynamic.nix b/pkgs/servers/varnish/dynamic.nix deleted file mode 100644 index b366fb466efb..000000000000 --- a/pkgs/servers/varnish/dynamic.nix +++ /dev/null @@ -1,41 +0,0 @@ -{ - lib, - stdenv, - fetchFromGitHub, - autoreconfHook, - pkg-config, - varnish, - docutils, - version, - sha256, -}: - -stdenv.mkDerivation { - pname = "${varnish.name}-dynamic"; - inherit version; - - src = fetchFromGitHub { - owner = "nigoroll"; - repo = "libvmod-dynamic"; - rev = "v${version}"; - inherit sha256; - }; - - nativeBuildInputs = [ - pkg-config - docutils - autoreconfHook - varnish.python - ]; - buildInputs = [ varnish ]; - postPatch = '' - substituteInPlace Makefile.am --replace "''${LIBVARNISHAPI_DATAROOTDIR}/aclocal" "${varnish.dev}/share/aclocal" - ''; - configureFlags = [ "VMOD_DIR=$(out)/lib/varnish/vmods" ]; - - meta = { - description = "Dynamic director similar to the DNS director from Varnish 3"; - homepage = "https://github.com/nigoroll/libvmod-dynamic"; - inherit (varnish.meta) license platforms; - }; -} diff --git a/pkgs/servers/varnish/modules.nix b/pkgs/servers/varnish/modules.nix index 557032cfc976..8bebcf348ea2 100644 --- a/pkgs/servers/varnish/modules.nix +++ b/pkgs/servers/varnish/modules.nix @@ -51,10 +51,6 @@ let }; in { - modules15 = common { - version = "0.15.1"; - hash = "sha256-Et/iWOk2FWJBDOpKjNXm4Nh5i1SU4zVPaID7kh+Uj9M="; - }; modules27 = common { version = "0.27.0"; hash = "sha256-1hE+AKsC6Td+Al7LFN6bgPicU8dtWd3A8PP7VKZLvYM="; diff --git a/pkgs/servers/varnish/packages.nix b/pkgs/servers/varnish/packages.nix index f5d6ffb1afb8..7fd75b4f45ea 100644 --- a/pkgs/servers/varnish/packages.nix +++ b/pkgs/servers/varnish/packages.nix @@ -1,25 +1,9 @@ { callPackages, - callPackage, - varnish60, varnish80, lib, }: { - varnish60Packages = lib.recurseIntoAttrs rec { - varnish = varnish60; - modules = (callPackages ./modules.nix { inherit varnish; }).modules15; - digest = callPackage ./digest.nix { - inherit varnish; - version = "libvmod-digest-1.0.2"; - sha256 = "0jwkqqalydn0pwfdhirl5zjhbc3hldvhh09hxrahibr72fgmgpbx"; - }; - dynamic = callPackage ./dynamic.nix { - inherit varnish; - version = "0.4"; - sha256 = "1n94slrm6vn3hpymfkla03gw9603jajclg84bjhwb8kxsk3rxpmk"; - }; - }; varnish80Packages = lib.recurseIntoAttrs rec { varnish = varnish80; modules = (callPackages ./modules.nix { inherit varnish; }).modules27; diff --git a/pkgs/top-level/aliases.nix b/pkgs/top-level/aliases.nix index aadc6a1d69f3..2f9e017002ce 100644 --- a/pkgs/top-level/aliases.nix +++ b/pkgs/top-level/aliases.nix @@ -2175,6 +2175,8 @@ mapAliases { valum = throw "'valum' has been removed because it has been marked as broken since at least November 2024."; # Added 2025-10-01 vamp.vampSDK = throw "'vamp.vampSDK' has been renamed to/replaced by 'vamp-plugin-sdk'"; # Converted to throw 2025-10-27 vapoursynth-nnedi3 = throw "'vapoursynth-nnedi3' has been removed per upstream. Use vapoursynth-znedi3 instead."; # Added 2026-04-20 + varnish60 = throw "varnish 6.0 has been removed as it used unmaintaned dependencies. Please upgrade to 'varnish80' or 'vinyl-cache_9'."; # Added 2026-05-29 + varnish60Packages = throw "varnish 6.0 has been removed as it used unmaintained dependencies. Please upgrade to 'varnish80' or 'vinyl-cache_9'."; # Added 2026-05-29 varnish77 = throw "varnish 7.7 is EOL. Please upgrade to 'varnish80' or 'vinyl-cache_9'."; # Added 2026-05-01 varnish77Packages = throw "varnish 7.7 is EOL. Please upgrade to 'varnish80' or 'vinyl-cache_9'."; # Added 2026-05-01 vaultwarden-vault = throw "'vaultwarden-vault' has been renamed to/replaced by 'vaultwarden.webvault'"; # Converted to throw 2025-10-27 diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 4f2b40617728..1580b9ebe086 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -3402,11 +3402,9 @@ with pkgs; unzipNLS = lowPrio (unzip.override { enableNLS = true; }); inherit (callPackages ../servers/varnish { }) - varnish60 varnish80 ; inherit (callPackages ../servers/varnish/packages.nix { }) - varnish60Packages varnish80Packages ; varnishPackages = varnish80Packages;