third_party/nix: introduce toolchain bundle
This introduces a nix derivation that builds a musl amd64/aarch64
toolchain sysroot.
Change-Id: Iba082edb8fd1f2ab580020bb1c7339a76487f3c8
Reviewed-on: https://review.monogon.dev/c/monogon/+/4006
Reviewed-by: Lorenz Brun <lorenz@monogon.tech>
Tested-by: Jenkins CI
diff --git a/third_party/nix/pkgs/qemu/default.nix b/third_party/nix/pkgs/qemu/default.nix
new file mode 100644
index 0000000..5134cb7
--- /dev/null
+++ b/third_party/nix/pkgs/qemu/default.nix
@@ -0,0 +1,48 @@
+{ pkgs }: with pkgs;
+
+let
+ qemuMinimal = qemu_kvm.override (old: {
+ hostCpuOnly = true;
+ vncSupport = true;
+
+ # Disable everything we don't need.
+ enableDocs = false;
+ ncursesSupport = false;
+ seccompSupport = false;
+ numaSupport = false;
+ alsaSupport = false;
+ pulseSupport = false;
+ pipewireSupport = false;
+ sdlSupport = false;
+ jackSupport = false;
+ gtkSupport = false;
+ smartcardSupport = false;
+ spiceSupport = false;
+ usbredirSupport = false;
+ xenSupport = false;
+ cephSupport = false;
+ glusterfsSupport = false;
+ openGLSupport = false;
+ rutabagaSupport = false;
+ virglSupport = false;
+ libiscsiSupport = false;
+ smbdSupport = false;
+ uringSupport = false;
+ canokeySupport = false;
+ capstoneSupport = false;
+ });
+in
+qemuMinimal.overrideAttrs (old: {
+ # Static build patch
+ # Based on https://github.com/NixOS/nixpkgs/pull/333923
+
+ patches = (old.patches ++ [
+ ./static_build_crc32c_duplicate_definition.patch
+ ]);
+
+ configureFlags = (builtins.filter (v: v != "--static") old.configureFlags) ++ [ "--disable-libcbor" ];
+ strictDeps = true;
+ # a private dependency of PAM which is not linked explicitly in static builds
+ buildInputs = old.buildInputs ++ [ pkgs.audit ];
+ env.NIX_LDFLAGS = " -laudit ";
+})