download.scm 29 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670
  1. ;;; GNU Guix --- Functional package management for GNU
  2. ;;; Copyright © 2012, 2013, 2014, 2015, 2016, 2017, 2018, 2019, 2020, 2021 Ludovic Courtès <ludo@gnu.org>
  3. ;;; Copyright © 2013, 2014, 2015 Andreas Enge <andreas@enge.fr>
  4. ;;; Copyright © 2015 Federico Beffa <beffa@fbengineering.ch>
  5. ;;; Copyright © 2016 Alex Griffin <a@ajgrf.com>
  6. ;;; Copyright © 2016 David Craven <david@craven.ch>
  7. ;;; Copyright © 2016, 2017, 2020, 2022 Efraim Flashner <efraim@flashner.co.il>
  8. ;;; Copyright © 2017 Tobias Geerinckx-Rice <me@tobias.gr>
  9. ;;; Copyright © 2019 Guy Fleury Iteriteka <hoonandon@gmail.com>
  10. ;;;
  11. ;;; This file is part of GNU Guix.
  12. ;;;
  13. ;;; GNU Guix is free software; you can redistribute it and/or modify it
  14. ;;; under the terms of the GNU General Public License as published by
  15. ;;; the Free Software Foundation; either version 3 of the License, or (at
  16. ;;; your option) any later version.
  17. ;;;
  18. ;;; GNU Guix is distributed in the hope that it will be useful, but
  19. ;;; WITHOUT ANY WARRANTY; without even the implied warranty of
  20. ;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  21. ;;; GNU General Public License for more details.
  22. ;;;
  23. ;;; You should have received a copy of the GNU General Public License
  24. ;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
  25. (define-module (guix download)
  26. #:use-module (ice-9 match)
  27. #:use-module (guix derivations)
  28. #:use-module (guix packages)
  29. #:use-module (guix store)
  30. #:autoload (guix build download) (url-fetch)
  31. #:use-module (guix monads)
  32. #:use-module (guix gexp)
  33. #:use-module (guix utils)
  34. #:use-module (web uri)
  35. #:use-module (srfi srfi-1)
  36. #:use-module (srfi srfi-26)
  37. #:export (%mirrors
  38. %disarchive-mirrors
  39. %download-fallback-test
  40. (url-fetch* . url-fetch)
  41. url-fetch/executable
  42. url-fetch/tarbomb
  43. url-fetch/zipbomb
  44. download-to-store))
  45. ;;; Commentary:
  46. ;;;
  47. ;;; Produce fixed-output derivations with data fetched over HTTP or FTP.
  48. ;;;
  49. ;;; Code:
  50. (define %mirrors
  51. ;; Mirror lists used when `mirror://' URLs are passed. The first mirror
  52. ;; entry of each set should ideally be the most authoritative one, as that's
  53. ;; what the generic HTML updater will pick to look for updates, with
  54. ;; possible exceptions when the authoritative mirror is too slow.
  55. (let* ((gnu-mirrors
  56. '(;; This one redirects to a (supposedly) nearby and (supposedly)
  57. ;; up-to-date mirror.
  58. "https://ftpmirror.gnu.org/gnu/"
  59. "ftp://ftp.cs.tu-berlin.de/pub/gnu/"
  60. "ftp://ftp.funet.fi/pub/mirrors/ftp.gnu.org/gnu/"
  61. ;; This one is the master repository, and thus it's always
  62. ;; up-to-date.
  63. "http://ftp.gnu.org/pub/gnu/")))
  64. `((gnu ,@gnu-mirrors)
  65. (gcc
  66. "ftp://ftp.nluug.nl/mirror/languages/gcc/"
  67. "ftp://ftp.fu-berlin.de/unix/languages/gcc/"
  68. "ftp://ftp.irisa.fr/pub/mirrors/gcc.gnu.org/gcc/"
  69. "ftp://gcc.gnu.org/pub/gcc/"
  70. ,@(map (cut string-append <> "/gcc") gnu-mirrors))
  71. (gnupg
  72. "http://artfiles.org/gnupg.org"
  73. "http://www.crysys.hu/"
  74. "https://gnupg.org/ftp/gcrypt/"
  75. "ftp://mirrors.dotsrc.org/gcrypt/"
  76. "ftp://mirror.cict.fr/gnupg/"
  77. "ftp://ftp.franken.de/pub/crypt/mirror/ftp.gnupg.org/gcrypt/"
  78. "ftp://ftp.freenet.de/pub/ftp.gnupg.org/gcrypt/"
  79. "ftp://ftp.hi.is/pub/mirrors/gnupg/"
  80. "ftp://ftp.heanet.ie/mirrors/ftp.gnupg.org/gcrypt/"
  81. "ftp://ftp.bit.nl/mirror/gnupg/"
  82. "ftp://ftp.surfnet.nl/pub/security/gnupg/"
  83. "ftp://ftp.iasi.roedu.net/pub/mirrors/ftp.gnupg.org/"
  84. "ftp://ftp.sunet.se/pub/security/gnupg/"
  85. "ftp://mirror.switch.ch/mirror/gnupg/"
  86. "ftp://mirror.tje.me.uk/pub/mirrors/ftp.gnupg.org/"
  87. "ftp://ftp.mirrorservice.org/sites/ftp.gnupg.org/gcrypt/"
  88. "ftp://ftp.ring.gr.jp/pub/net/gnupg/"
  89. "ftp://ftp.gnupg.org/gcrypt/")
  90. (gnome
  91. "https://download.gnome.org/"
  92. "http://ftp.gnome.org/pub/GNOME/")
  93. (hackage
  94. "http://hackage.haskell.org/")
  95. (savannah ; http://download0.savannah.gnu.org/mirmon/savannah/
  96. "https://download.savannah.gnu.org/releases/"
  97. "https://de.freedif.org/savannah/"
  98. "https://ftp.cc.uoc.gr/mirrors/nongnu.org/"
  99. "http://ftp.twaren.net/Unix/NonGNU/" ; https appears unsupported
  100. "https://mirror.csclub.uwaterloo.ca/nongnu/"
  101. "https://nongnu.askapache.com/"
  102. "https://savannah.c3sl.ufpr.br/"
  103. "https://download-mirror.savannah.gnu.org/releases/"
  104. "ftp://ftp.twaren.net/Unix/NonGNU/"
  105. "ftp://mirror.csclub.uwaterloo.ca/nongnu/"
  106. "ftp://mirror.publicns.net/pub/nongnu/"
  107. "ftp://savannah.c3sl.ufpr.br/")
  108. (sourceforge ; https://sourceforge.net/p/forge/documentation/Mirrors/
  109. "http://downloads.sourceforge.net/project/"
  110. "http://ufpr.dl.sourceforge.net/project/"
  111. "http://freefr.dl.sourceforge.net/project/"
  112. "http://internode.dl.sourceforge.net/project/"
  113. "http://jaist.dl.sourceforge.net/project/"
  114. "http://liquidtelecom.dl.sourceforge.net/project/"
  115. ;; "http://nbtelecom.dl.sourceforge.net/project/" ;never returns 404s
  116. "http://nchc.dl.sourceforge.net/project/"
  117. "http://netcologne.dl.sourceforge.net/project/"
  118. "http://netix.dl.sourceforge.net/project/"
  119. "http://pilotfiber.dl.sourceforge.net/project/"
  120. "http://tenet.dl.sourceforge.net/project/")
  121. (netfilter.org ; https://www.netfilter.org/mirrors.html
  122. "http://ftp.netfilter.org/pub/"
  123. "ftp://ftp.es.netfilter.org/mirrors/netfilter/"
  124. "ftp://ftp.hu.netfilter.org/"
  125. "ftp://www.lt.netfilter.org/pub/")
  126. (kernel.org
  127. "http://linux-kernel.uio.no/pub/"
  128. "http://ftp.be.debian.org/pub/"
  129. "https://mirrors.edge.kernel.org/pub/"
  130. "ftp://ftp.funet.fi/pub/mirrors/ftp.kernel.org/pub/")
  131. (apache ; from http://www.apache.org/mirrors/dist.html
  132. "http://www.eu.apache.org/dist/"
  133. "http://www.us.apache.org/dist/"
  134. "https://ftp.nluug.nl/internet/apache/"
  135. "http://apache.mirror.iweb.ca/"
  136. "http://mirrors.ircam.fr/pub/apache/"
  137. "http://apache.mirrors.ovh.net/ftp.apache.org/dist/"
  138. "http://apache-mirror.rbc.ru/pub/apache/"
  139. "ftp://ftp.osuosl.org/pub/apache/"
  140. "http://mirrors.ibiblio.org/apache/"
  141. ;; As a last resort, try the archive.
  142. "http://archive.apache.org/dist/")
  143. (xorg ; from http://www.x.org/wiki/Releases/Download
  144. "http://www.x.org/releases/" ; main mirrors
  145. "http://mirror.csclub.uwaterloo.ca/x.org/" ; North America
  146. "http://xorg.mirrors.pair.com/"
  147. "ftp://mirror.csclub.uwaterloo.ca/x.org/"
  148. "ftp://xorg.mirrors.pair.com/"
  149. "ftp://artfiles.org/x.org/" ; Europe
  150. "ftp://ftp.chg.ru/pub/X11/x.org/"
  151. "ftp://ftp.fu-berlin.de/unix/X11/FTP.X.ORG/"
  152. "ftp://ftp.gwdg.de/pub/x11/x.org/"
  153. "ftp://ftp.mirrorservice.org/sites/ftp.x.org/"
  154. "ftp://ftp.ntua.gr/pub/X11/"
  155. "ftp://ftp.piotrkosoft.net/pub/mirrors/ftp.x.org/"
  156. "ftp://ftp.portal-to-web.de/pub/mirrors/x.org/"
  157. "ftp://ftp.solnet.ch/mirror/x.org/"
  158. "ftp://mi.mirror.garr.it/mirrors/x.org/"
  159. "ftp://mirror.cict.fr/x.org/"
  160. "ftp://mirror.switch.ch/mirror/X11/"
  161. "ftp://mirrors.ircam.fr/pub/x.org/"
  162. "ftp://x.mirrors.skynet.be/pub/ftp.x.org/"
  163. "ftp://ftp.cs.cuhk.edu.hk/pub/X11" ; East Asia
  164. "ftp://ftp.u-aizu.ac.jp/pub/x11/x.org/"
  165. "ftp://ftp.yz.yamagata-u.ac.jp/pub/X11/x.org/"
  166. "ftp://ftp.kaist.ac.kr/x.org/"
  167. "ftp://mirrors.go-part.com/xorg/"
  168. "ftp://ftp.is.co.za/pub/x.org") ; South Africa
  169. (cpan
  170. "http://www.cpan.org/"
  171. "http://cpan.metacpan.org/"
  172. ;; A selection of HTTP mirrors from http://www.cpan.org/SITES.html.
  173. ;; Europe.
  174. "http://ftp.belnet.be/mirror/ftp.cpan.org/"
  175. "http://mirrors.nic.cz/CPAN/"
  176. "http://mirror.ibcp.fr/pub/CPAN/"
  177. "http://ftp.ntua.gr/pub/lang/perl/"
  178. "http://mirror.as43289.net/pub/CPAN/"
  179. "http://cpan.cs.uu.nl/"
  180. "http://cpan.uib.no/"
  181. "http://cpan-mirror.rbc.ru/pub/CPAN/"
  182. "http://mirror.sbb.rs/CPAN/"
  183. "http://cpan.lnx.sk/"
  184. "http://ftp.rediris.es/mirror/CPAN/"
  185. "http://mirror.ox.ac.uk/sites/www.cpan.org/"
  186. ;; Africa.
  187. "http://mirror.liquidtelecom.com/CPAN/"
  188. "http://cpan.mirror.ac.za/"
  189. "http://mirror.is.co.za/pub/cpan/"
  190. "http://cpan.saix.net/"
  191. "http://mirror.ucu.ac.ug/cpan/"
  192. ;; North America.
  193. "http://mirrors.gossamer-threads.com/CPAN/"
  194. "http://mirror.csclub.uwaterloo.ca/CPAN/"
  195. "http://mirrors.ucr.ac.cr/CPAN/"
  196. "http://www.msg.com.mx/CPAN/"
  197. "http://mirrors.namecheap.com/CPAN/"
  198. "http://mirror.uic.edu/CPAN/"
  199. "http://mirror.datapipe.net/CPAN/"
  200. "http://mirror.cc.columbia.edu/pub/software/cpan/"
  201. "http://mirror.uta.edu/CPAN/"
  202. ;; South America.
  203. "http://cpan.mmgdesigns.com.ar/"
  204. "http://mirror.nbtelecom.com.br/CPAN/"
  205. "http://linorg.usp.br/CPAN/"
  206. "http://cpan.dcc.uchile.cl/"
  207. "http://mirror.cedia.org.ec/CPAN/"
  208. ;; Oceania.
  209. "http://cpan.mirror.serversaustralia.com.au/"
  210. "http://mirror.waia.asn.au/pub/cpan/"
  211. "http://mirror.as24220.net/pub/cpan/"
  212. "http://cpan.lagoon.nc/pub/CPAN/"
  213. "http://cpan.inspire.net.nz/"
  214. ;; Asia.
  215. "http://mirror.dhakacom.com/CPAN/"
  216. "http://mirrors.ustc.edu.cn/CPAN/"
  217. "http://ftp.cuhk.edu.hk/pub/packages/perl/CPAN/"
  218. "http://kambing.ui.ac.id/cpan/"
  219. "http://cpan.hostiran.ir/"
  220. "http://ftp.nara.wide.ad.jp/pub/CPAN/"
  221. "http://mirror.neolabs.kz/CPAN/"
  222. "http://cpan.nctu.edu.tw/"
  223. "http://cpan.ulak.net.tr/"
  224. "http://mirrors.vinahost.vn/CPAN/")
  225. (cran
  226. ;; Arbitrary mirrors from http://cran.r-project.org/mirrors.html
  227. ;; This one automatically redirects to servers worldwide
  228. "http://cran.r-project.org/"
  229. "http://cran.rstudio.com/"
  230. "http://cran.univ-lyon1.fr/"
  231. "http://cran.ism.ac.jp/"
  232. "http://cran.stat.auckland.ac.nz/"
  233. "http://cran.mirror.ac.za/"
  234. "http://cran.csie.ntu.edu.tw/")
  235. (ctan
  236. ;; This is the CTAN mirror multiplexor service, which automatically
  237. ;; redirect to a mirror in or close to the country of the requester
  238. ;; (see: https://ctan.org/mirrors/).
  239. "https://mirror.ctan.org/")
  240. (imagemagick
  241. ;; from http://www.imagemagick.org/script/download.php
  242. ;; (without mirrors that are unavailable or not up to date)
  243. "https://sunsite.icm.edu.pl/packages/ImageMagick/releases"
  244. "http://mirror.checkdomain.de/imagemagick/releases"
  245. "ftp://ftp.u-aizu.ac.jp/pub/graphics/image/ImageMagick/imagemagick.org/releases"
  246. "ftp://ftp.nluug.nl/pub/ImageMagick/"
  247. "http://www.imagemagick.org/download/releases/"
  248. ;; Try this if all else fails (normally contains just the latest version).
  249. "http://www.imagemagick.org/download/")
  250. (debian
  251. "http://ftp.de.debian.org/debian/"
  252. "http://ftp.fr.debian.org/debian/"
  253. "http://ftp.debian.org/debian/"
  254. "http://archive.debian.org/debian/")
  255. (kde
  256. "https://download.kde.org/"
  257. "https://download.kde.org/Attic/" ; for when it gets archived.
  258. ;; I could not find the classic static mirror list anymore. Instead,
  259. ;; add ‘.mirrorlist’ to the end of a recent download.kde.org tarball URL.
  260. ;; Europe
  261. "https://mirrors.xtom.de/kde/"
  262. "https://mirror.lyrahosting.com/pub/kde/"
  263. "https://mirrors.xtom.nl/kde/"
  264. "https://mirror.hs-esslingen.de/Mirrors/ftp.kde.org/pub/kde/"
  265. "https://mirror.kumi.systems/kde/ftp/"
  266. "https://mirrors.ircam.fr/pub/KDE/"
  267. "https://ftp.gwdg.de/pub/linux/kde/"
  268. "https://mirrors.gethosted.online/kde/pub/kde/"
  269. "https://fr2.rpmfind.net/linux/KDE/"
  270. "https://mirror.faigner.de/kde/ftp/"
  271. "https://www.mirrorservice.org/sites/download.kde.org/"
  272. "https://mirrors.ukfast.co.uk/sites/kde.org/ftp/"
  273. "https://mirrors.dotsrc.org/kde/"
  274. "http://kde.mirror.anlx.net/"
  275. "https://mirror.karneval.cz/pub/kde/"
  276. "https://ftp.fi.muni.cz/pub/kde/"
  277. "https://www-ftp.lip6.fr/pub/X11/kde/"
  278. "https://ftp.icm.edu.pl/pub/unix/kde/"
  279. "https://kde.mirror.garr.it/kde/ftp/"
  280. "https://ftp.acc.umu.se/mirror/kde.org/ftp/"
  281. "https://mirrors.up.pt/pub/kde/"
  282. "https://mirrors.nav.ro/kde/"
  283. "https://mirrors.xtom.ee/kde/"
  284. "https://ftp.funet.fi/pub/mirrors/ftp.kde.org/pub/kde/"
  285. "https://kde.ip-connect.vn.ua/"
  286. "https://mirrors.netix.net/kde/"
  287. "https://ftp.cc.uoc.gr/mirrors/kde/"
  288. ;; North America
  289. "https://mirror.its.dal.ca/kde/"
  290. "https://nnenix.mm.fcix.net/kdeftp/"
  291. "https://mirrors.mit.edu/kde/"
  292. "https://mirror.csclub.uwaterloo.ca/kde/"
  293. "https://mirror.fcix.net/kdeftp/"
  294. "https://mirrors.ocf.berkeley.edu/kde/"
  295. "https://mirrors.xtom.com/kde/"
  296. ;; South America
  297. "https://kde.c3sl.ufpr.br/"
  298. ;; Asia
  299. "https://mirrors.bfsu.edu.cn/kde/"
  300. "https://ftp-srv2.kddi-research.jp/pub/X11/kde/"
  301. "https://mirrors.xtom.jp/kde/"
  302. "https://mirrors.xtom.hk/kde/"
  303. ;; Africa
  304. "http://mirror.retentionrange.co.bw/kde/"
  305. ;; Oceania
  306. "https://mirrors.xtom.au/kde/")
  307. (openbsd
  308. "https://ftp.openbsd.org/pub/OpenBSD/"
  309. ;; Anycast CDN redirecting to your friendly local mirror.
  310. "https://mirrors.evowise.com/pub/OpenBSD/"
  311. ;; Other HTTPS mirrors from https://www.openbsd.org/ftp.html
  312. "https://mirror.aarnet.edu.au/pub/OpenBSD/"
  313. "https://ftp2.eu.openbsd.org/pub/OpenBSD/"
  314. "https://openbsd.c3sl.ufpr.br/pub/OpenBSD/"
  315. "https://openbsd.ipacct.com/pub/OpenBSD/"
  316. "https://ftp.OpenBSD.org/pub/OpenBSD/"
  317. "https://openbsd.cs.toronto.edu/pub/OpenBSD/"
  318. "https://openbsd.delfic.org/pub/OpenBSD/"
  319. "https://openbsd.mirror.netelligent.ca/pub/OpenBSD/"
  320. "https://mirrors.ucr.ac.cr/pub/OpenBSD/"
  321. "https://mirrors.dotsrc.org/pub/OpenBSD/"
  322. "https://mirror.one.com/pub/OpenBSD/"
  323. "https://ftp.fr.openbsd.org/pub/OpenBSD/"
  324. "https://ftp2.fr.openbsd.org/pub/OpenBSD/"
  325. "https://mirrors.ircam.fr/pub/OpenBSD/"
  326. "https://ftp.spline.de/pub/OpenBSD/"
  327. "https://mirror.hs-esslingen.de/pub/OpenBSD/"
  328. "https://ftp.halifax.rwth-aachen.de/openbsd/"
  329. "https://ftp.hostserver.de/pub/OpenBSD/"
  330. "https://ftp.fau.de/pub/OpenBSD/"
  331. "https://ftp.cc.uoc.gr/pub/OpenBSD/"
  332. "https://openbsd.hk/pub/OpenBSD/"
  333. "https://ftp.heanet.ie/pub/OpenBSD/"
  334. "https://openbsd.mirror.garr.it/pub/OpenBSD/"
  335. "https://mirror.litnet.lt/pub/OpenBSD/"
  336. "https://mirror.meerval.net/pub/OpenBSD/"
  337. "https://ftp.nluug.nl/pub/OpenBSD/"
  338. "https://ftp.bit.nl/pub/OpenBSD/"
  339. "https://mirrors.dalenys.com/pub/OpenBSD/"
  340. "https://ftp.icm.edu.pl/pub/OpenBSD/"
  341. "https://ftp.rnl.tecnico.ulisboa.pt/pub/OpenBSD/"
  342. "https://mirrors.pidginhost.com/pub/OpenBSD/"
  343. "https://mirror.yandex.ru/pub/OpenBSD/"
  344. "https://ftp.eu.openbsd.org/pub/OpenBSD/"
  345. "https://ftp.yzu.edu.tw/pub/OpenBSD/"
  346. "https://www.mirrorservice.org/pub/OpenBSD/"
  347. "https://anorien.csc.warwick.ac.uk/pub/OpenBSD/"
  348. "https://mirror.bytemark.co.uk/pub/OpenBSD/"
  349. "https://mirrors.sonic.net/pub/OpenBSD/"
  350. "https://ftp3.usa.openbsd.org/pub/OpenBSD/"
  351. "https://mirrors.syringanetworks.net/pub/OpenBSD/"
  352. "https://openbsd.mirror.constant.com/pub/OpenBSD/"
  353. "https://ftp4.usa.openbsd.org/pub/OpenBSD/"
  354. "https://ftp5.usa.openbsd.org/pub/OpenBSD/"
  355. "https://mirror.esc7.net/pub/OpenBSD/")
  356. (mate
  357. "https://pub.mate-desktop.org/releases/"
  358. "http://pub.mate-desktop.org/releases/")
  359. (qt
  360. "https://mirrors.ocf.berkeley.edu/qt/official_releases/"
  361. "https://ftp.jaist.ac.jp/pub/qtproject/official_releases/"
  362. "https://ftp.nluug.nl/languages/qt/official_releases/"
  363. "https://mirrors.cloud.tencent.com/qt/official_releases/"
  364. "https://mirrors.sjtug.sjtu.edu.cn/qt/official_releases/"
  365. "https://qtproject.mirror.liquidtelecom.com/official_releases/"
  366. "https://download.qt.io/official_releases/")))) ;slow
  367. (define %mirror-file
  368. ;; Copy of the list of mirrors to a file. This allows us to keep a single
  369. ;; copy in the store, and computing it here avoids repeated calls to
  370. ;; 'object->string'.
  371. (plain-file "mirrors" (object->string %mirrors)))
  372. (define %content-addressed-mirrors
  373. ;; List of content-addressed mirrors. Each mirror is represented as a
  374. ;; procedure that takes a file name, an algorithm (symbol) and a hash
  375. ;; (bytevector), and returns a URL or #f.
  376. '(begin
  377. (use-modules (guix base16) (guix base32))
  378. (define (guix-publish host)
  379. (lambda (file algo hash)
  380. ;; Files served by 'guix publish' are accessible under a single
  381. ;; hash algorithm.
  382. (string-append "https://" host "/file/"
  383. file "/" (symbol->string algo) "/"
  384. (bytevector->nix-base32-string hash))))
  385. (list (guix-publish
  386. ;; bordeaux.guix.gnu.org uses the nar-herder rather than guix
  387. ;; publish, but it supports the same style of requests
  388. "bordeaux.guix.gnu.org")
  389. (guix-publish "ci.guix.gnu.org")
  390. (lambda (file algo hash)
  391. ;; 'tarballs.nixos.org' supports several algorithms.
  392. (string-append "https://tarballs.nixos.org/"
  393. (symbol->string algo) "/"
  394. (bytevector->nix-base32-string hash)))
  395. (lambda (file algo hash)
  396. ;; Software Heritage usually archives VCS history rather than
  397. ;; tarballs, but tarballs are sometimes available (and can be
  398. ;; explicitly stored there.) For example, see
  399. ;; <https://archive.softwareheritage.org/api/1/content/sha256:92d0fa1c311cacefa89853bdb53c62f4110cdfda3820346b59cbd098f40f955e/>.
  400. (string-append "https://archive.softwareheritage.org/api/1/content/"
  401. (symbol->string algo) ":"
  402. (bytevector->base16-string hash) "/raw/")))))
  403. (define %content-addressed-mirror-file
  404. ;; Content-addressed mirrors stored in a file.
  405. (plain-file "content-addressed-mirrors"
  406. (object->string %content-addressed-mirrors)))
  407. (define %no-mirrors-file
  408. ;; File specifying an empty list of mirrors, for fallback tests.
  409. (plain-file "no-content-addressed-mirrors" (object->string ''())))
  410. (define %disarchive-mirrors
  411. ;; TODO: Eventually turn into a procedure that takes a hash algorithm
  412. ;; (symbol) and hash (bytevector).
  413. '("https://disarchive.guix.gnu.org/"
  414. "https://disarchive.ngyro.com/"))
  415. (define %disarchive-mirror-file
  416. (plain-file "disarchive-mirrors" (object->string %disarchive-mirrors)))
  417. (define %no-disarchive-mirrors-file
  418. ;; File specifying an empty list of Disarchive mirrors, for fallback tests.
  419. (plain-file "no-disarchive-mirrors" (object->string '())))
  420. (define built-in-builders*
  421. (store-lift built-in-builders))
  422. (define* (built-in-download file-name url
  423. #:key system hash-algo hash
  424. mirrors content-addressed-mirrors
  425. disarchive-mirrors
  426. executable?
  427. (guile 'unused))
  428. "Download FILE-NAME from URL using the built-in 'download' builder. When
  429. EXECUTABLE? is true, make the downloaded file executable.
  430. This is an \"out-of-band\" download in that the returned derivation does not
  431. explicitly depend on Guile, GnuTLS, etc. Instead, the daemon performs the
  432. download by itself using its own dependencies."
  433. (mlet %store-monad ((mirrors (lower-object mirrors))
  434. (content-addressed-mirrors
  435. (lower-object content-addressed-mirrors))
  436. (disarchive-mirrors (lower-object disarchive-mirrors)))
  437. (raw-derivation file-name "builtin:download" '()
  438. #:system system
  439. #:hash-algo hash-algo
  440. #:hash hash
  441. #:recursive? executable?
  442. #:sources (list mirrors
  443. content-addressed-mirrors
  444. disarchive-mirrors)
  445. ;; Honor the user's proxy and locale settings.
  446. #:leaked-env-vars '("http_proxy" "https_proxy"
  447. "LC_ALL" "LC_MESSAGES" "LANG"
  448. "COLUMNS")
  449. #:env-vars `(("url" . ,(object->string url))
  450. ("mirrors" . ,mirrors)
  451. ("content-addressed-mirrors"
  452. . ,content-addressed-mirrors)
  453. ("disarchive-mirrors" . ,disarchive-mirrors)
  454. ,@(if executable?
  455. '(("executable" . "1"))
  456. '()))
  457. ;; Do not offload this derivation because we cannot be
  458. ;; sure that the remote daemon supports the 'download'
  459. ;; built-in. We may remove this limitation when support
  460. ;; for that built-in is widespread.
  461. #:local-build? #t)))
  462. (define %download-fallback-test
  463. ;; Define whether to test one of the download fallback mechanism. Possible
  464. ;; values are:
  465. ;;
  466. ;; - #f, to use the normal download methods, not trying to exercise the
  467. ;; fallback mechanism;
  468. ;;
  469. ;; - 'none, to disable all the fallback mechanisms;
  470. ;;
  471. ;; - 'content-addressed-mirrors, to purposefully attempt to download from
  472. ;; a content-addressed mirror;
  473. ;;
  474. ;; - 'disarchive-mirrors, to download from Disarchive + Software Heritage.
  475. ;;
  476. ;; This is meant to be used for testing purposes.
  477. (make-parameter (and=> (getenv "GUIX_DOWNLOAD_FALLBACK_TEST")
  478. string->symbol)))
  479. (define* (url-fetch* url hash-algo hash
  480. #:optional name
  481. #:key (system (%current-system))
  482. (guile (default-guile))
  483. executable?)
  484. "Return a fixed-output derivation that fetches data from URL (a string, or a
  485. list of strings denoting alternate URLs), which is expected to have hash HASH
  486. of type HASH-ALGO (a symbol). By default, the file name is the base name of
  487. URL; optionally, NAME can specify a different file name. When EXECUTABLE? is
  488. true, make the downloaded file executable.
  489. When one of the URL starts with mirror://, then its host part is
  490. interpreted as the name of a mirror scheme, taken from %MIRROR-FILE.
  491. Alternatively, when URL starts with file://, return the corresponding file
  492. name in the store."
  493. (define file-name
  494. (match url
  495. ((head _ ...)
  496. (basename head))
  497. (_
  498. (basename url))))
  499. (let ((uri (and (string? url) (string->uri url))))
  500. (if (or (and (string? url) (not uri))
  501. (and uri (memq (uri-scheme uri) '(#f file))))
  502. (interned-file (if uri (uri-path uri) url)
  503. (or name file-name))
  504. (mlet %store-monad ((builtins (built-in-builders*)))
  505. ;; The "download" built-in builder was added in guix-daemon in
  506. ;; Nov. 2016 and made it in the 0.12.0 release of Dec. 2016. We now
  507. ;; require it.
  508. (unless (member "download" builtins)
  509. (error "'guix-daemon' is too old, please upgrade" builtins))
  510. (built-in-download (or name file-name)
  511. (match (%download-fallback-test)
  512. ((or #f 'none) url)
  513. (_ "https://example.org/does-not-exist"))
  514. #:guile guile
  515. #:system system
  516. #:hash-algo hash-algo
  517. #:hash hash
  518. #:executable? executable?
  519. #:mirrors %mirror-file
  520. #:content-addressed-mirrors
  521. (match (%download-fallback-test)
  522. ((or #f 'content-addressed-mirrors)
  523. %content-addressed-mirror-file)
  524. (_ %no-mirrors-file))
  525. #:disarchive-mirrors
  526. (match (%download-fallback-test)
  527. ((or #f 'disarchive-mirrors)
  528. %disarchive-mirror-file)
  529. (_ %no-disarchive-mirrors-file)))))))
  530. (define* (url-fetch/executable url hash-algo hash
  531. #:optional name
  532. #:key (system (%current-system))
  533. (guile (default-guile)))
  534. "Like 'url-fetch', but make the downloaded file executable."
  535. (url-fetch* url hash-algo hash name
  536. #:system system
  537. #:guile guile
  538. #:executable? #t))
  539. (define* (url-fetch/tarbomb url hash-algo hash
  540. #:optional name
  541. #:key (system (%current-system))
  542. (guile (default-guile)))
  543. "Similar to 'url-fetch' but unpack the file from URL in a directory of its
  544. own. This helper makes it easier to deal with \"tar bombs\"."
  545. (define file-name
  546. (match url
  547. ((head _ ...)
  548. (basename head))
  549. (_
  550. (basename url))))
  551. (define gzip
  552. (module-ref (resolve-interface '(gnu packages compression)) 'gzip))
  553. (define tar
  554. (module-ref (resolve-interface '(gnu packages base)) 'tar))
  555. (mlet %store-monad ((drv (url-fetch* url hash-algo hash
  556. (string-append "tarbomb-"
  557. (or name file-name))
  558. #:system system
  559. #:guile guile))
  560. (guile (package->derivation guile system)))
  561. ;; Take the tar bomb, and simply unpack it as a directory.
  562. ;; Use ungrafted tar/gzip so that the resulting tarball doesn't depend on
  563. ;; whether grafts are enabled.
  564. (gexp->derivation (or name file-name)
  565. (with-imported-modules '((guix build utils))
  566. #~(begin
  567. (use-modules (guix build utils))
  568. (mkdir #$output)
  569. (setenv "PATH" (string-append #+gzip "/bin"))
  570. (chdir #$output)
  571. (invoke (string-append #+tar "/bin/tar")
  572. "xf" #$drv)))
  573. #:system system
  574. #:guile-for-build guile
  575. #:graft? #f
  576. #:local-build? #t)))
  577. (define* (url-fetch/zipbomb url hash-algo hash
  578. #:optional name
  579. #:key (system (%current-system))
  580. (guile (default-guile)))
  581. "Similar to 'url-fetch' but unpack the zip file at URL in a directory of its
  582. own. This helper makes it easier to deal with \"zip bombs\"."
  583. (define file-name
  584. (match url
  585. ((head _ ...)
  586. (basename head))
  587. (_
  588. (basename url))))
  589. (define unzip
  590. (module-ref (resolve-interface '(gnu packages compression)) 'unzip))
  591. (mlet %store-monad ((drv (url-fetch* url hash-algo hash
  592. (string-append "zipbomb-"
  593. (or name file-name))
  594. #:system system
  595. #:guile guile))
  596. (guile (package->derivation guile system)))
  597. ;; Take the zip bomb, and simply unpack it as a directory.
  598. ;; Use ungrafted unzip so that the resulting tarball doesn't depend on
  599. ;; whether grafts are enabled.
  600. (gexp->derivation (or name file-name)
  601. (with-imported-modules '((guix build utils))
  602. #~(begin
  603. (use-modules (guix build utils))
  604. (mkdir #$output)
  605. (chdir #$output)
  606. (invoke (string-append #+unzip "/bin/unzip")
  607. #$drv)))
  608. #:system system
  609. #:guile-for-build guile
  610. #:graft? #f
  611. #:local-build? #t)))
  612. (define* (download-to-store store url #:optional (name (basename url))
  613. #:key (log (current-error-port)) recursive?
  614. (verify-certificate? #t))
  615. "Download from URL to STORE, either under NAME or URL's basename if
  616. omitted. Write progress reports to LOG. RECURSIVE? has the same effect as
  617. the same-named parameter of 'add-to-store'. VERIFY-CERTIFICATE? determines
  618. whether or not to validate HTTPS server certificates."
  619. (define uri
  620. (string->uri url))
  621. (if (or (not uri) (memq (uri-scheme uri) '(file #f)))
  622. (add-to-store store name recursive? "sha256"
  623. (if uri (uri-path uri) url))
  624. (call-with-temporary-output-file
  625. (lambda (temp port)
  626. (let ((result
  627. (parameterize ((current-output-port log))
  628. (url-fetch url temp
  629. #:mirrors %mirrors
  630. #:verify-certificate? verify-certificate?))))
  631. (close port)
  632. (and result
  633. (add-to-store store name recursive? "sha256" temp)))))))
  634. ;;; download.scm ends here