-
Notifications
You must be signed in to change notification settings - Fork 38
/
Copy pathnix-serve.psgi
92 lines (83 loc) · 3.66 KB
/
nix-serve.psgi
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
use MIME::Base64;
use Nix::Config;
use Nix::Manifest;
use Nix::Store;
use Nix::Utils;
use strict;
sub stripPath {
my ($x) = @_;
$x =~ s/.*\///; $x
}
my $secretKey;
BEGIN {
my $secretKeyFile = $ENV{'NIX_SECRET_KEY_FILE'};
if (defined $secretKeyFile) {
$secretKey = readFile $secretKeyFile;
chomp $secretKey;
}
}
my $app = sub {
my $env = shift;
my $path = $env->{PATH_INFO};
my $store = Nix::Store->new();
if ($path eq "/nix-cache-info") {
return [200, ['Content-Type' => 'text/plain'], ["StoreDir: $Nix::Config::storeDir\nWantMassQuery: 1\nPriority: 30\n"]];
}
elsif ($path =~ /^\/([0-9a-z]+)\.narinfo$/) {
my $hashPart = $1;
my $storePath = $store->queryPathFromHashPart($hashPart);
return [404, ['Content-Type' => 'text/plain'], ["No such path.\n"]] unless $storePath;
my ($deriver, $narHash, $time, $narSize, $refs, $sigs) = $store->queryPathInfo($storePath, 1) or die;
$narHash =~ /^sha256:(.*)/ or die;
my $narHash2 = $1;
die unless length($narHash2) == 52;
my $res =
"StorePath: $storePath\n" .
"URL: nar/$hashPart-$narHash2.nar\n" .
"Compression: none\n" .
"NarHash: $narHash\n" .
"NarSize: $narSize\n";
$res .= "References: " . join(" ", map { stripPath($_) } @$refs) . "\n"
if scalar @$refs > 0;
$res .= "Deriver: " . stripPath($deriver) . "\n" if defined $deriver;
if (defined $secretKey) {
my $fingerprint = fingerprintPath($storePath, $narHash, $narSize, $refs);
my $sig = signString($secretKey, $fingerprint);
$res .= "Sig: $sig\n";
} elsif (defined $sigs) {
$res .= join("", map { "Sig: $_\n" } @$sigs);
}
return [200, ['Content-Type' => 'text/x-nix-narinfo', 'Content-Length' => length($res)], [$res]];
}
elsif ($path =~ /^\/nar\/([0-9a-z]+)-([0-9a-z]+)\.nar$/) {
my $hashPart = $1;
my $expectedNarHash = $2;
my $storePath = $store->queryPathFromHashPart($hashPart);
return [404, ['Content-Type' => 'text/plain'], ["No such path.\n"]] unless $storePath;
my ($deriver, $narHash, $time, $narSize, $refs, $sigs) = $store->queryPathInfo($storePath, 1) or die;
return [404, ['Content-Type' => 'text/plain'], ["Incorrect NAR hash. Maybe the path has been recreated.\n"]]
unless $narHash eq "sha256:$expectedNarHash";
my $fh = new IO::Handle;
open $fh, "-|", "nix", "--extra-experimental-features", "nix-command", "dump-path", "--", $storePath;
return [200, ['Content-Type' => 'text/plain', 'Content-Length' => $narSize], $fh];
}
# FIXME: remove soon.
elsif ($path =~ /^\/nar\/([0-9a-z]+)\.nar$/) {
my $hashPart = $1;
my $storePath = $store->queryPathFromHashPart($hashPart);
return [404, ['Content-Type' => 'text/plain'], ["No such path.\n"]] unless $storePath;
my ($deriver, $narHash, $time, $narSize, $refs) = $store->queryPathInfo($storePath, 1) or die;
my $fh = new IO::Handle;
open $fh, "-|", "nix", "--extra-experimental-features", "nix-command", "dump-path", "--", $storePath;
return [200, ['Content-Type' => 'text/plain', 'Content-Length' => $narSize], $fh];
}
elsif ($path =~ /^\/log\/([0-9a-z]+-[0-9a-zA-Z\+\-\.\_\?\=]+)/) {
my $storePath = "$Nix::Config::storeDir/$1";
my $fh = new IO::Handle;
open $fh, "-|", "nix", "--extra-experimental-features", "nix-command", "log", $storePath;
return [200, ['Content-Type' => 'text/plain' ], $fh];
}
else {
return [404, ['Content-Type' => 'text/plain'], ["File not found.\n"]];
}
}