From d8239dba2fc4b0a5caa9f8f0a161435c61bb18e6 Mon Sep 17 00:00:00 2001 From: Harald Hoyer Date: Thu, 28 Nov 2024 15:45:39 +0100 Subject: [PATCH] chore: update dependencies and enhance shell configuration - Updated multiple dependencies in flake.lock to their latest revisions. - Improved the shell configuration in the teepot with enhanced environment variable settings for SGX support. - Reinstated OPENSSL_NO_VENDOR and added library paths to ensure compatibility and proper linking. --- flake.lock | 24 ++++++++++++------------ shells/teepot/default.nix | 26 ++++++++++++++++++++++---- 2 files changed, 34 insertions(+), 16 deletions(-) diff --git a/flake.lock b/flake.lock index 5432091..c44d03c 100644 --- a/flake.lock +++ b/flake.lock @@ -2,11 +2,11 @@ "nodes": { "crane": { "locked": { - "lastModified": 1725125250, - "narHash": "sha256-CB20rDD5eHikF6mMTTJdwPP1qvyoiyyw1RDUzwIaIF8=", + "lastModified": 1732407143, + "narHash": "sha256-qJOGDT6PACoX+GbNH2PPx2ievlmtT1NVeTB80EkRLys=", "owner": "ipetkov", "repo": "crane", - "rev": "96fd12c7100e9e05fa1a0a5bd108525600ce282f", + "rev": "f2b4b472983817021d9ffb60838b2b36b9376b20", "type": "github" }, "original": { @@ -141,11 +141,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1719707984, - "narHash": "sha256-RoxIr/fbndtuKqulGvNCcuzC6KdAib85Q8gXnjzA1dw=", + "lastModified": 1728740863, + "narHash": "sha256-u+rxA79a0lyhG+u+oPBRtTDtzz8kvkc9a6SWSt9ekVc=", "owner": "nixos", "repo": "nixpkgs", - "rev": "7dca15289a1c2990efbe4680f0923ce14139b042", + "rev": "a3f9ad65a0bf298ed5847629a57808b97e6e8077", "type": "github" }, "original": { @@ -177,11 +177,11 @@ "snowfall-lib": "snowfall-lib" }, "locked": { - "lastModified": 1725271440, - "narHash": "sha256-CY79oPHWtDQdCDSJTMPZPYVgONAgsqCUZHr2idff53U=", + "lastModified": 1732034035, + "narHash": "sha256-VMIIgtuBNksCRvcHxFtkzveEYz2w7lO+ltuC23QpBD8=", "owner": "matter-labs", "repo": "nixsgx", - "rev": "00bb72e3ef79c79030ab622cfe9ced39d21006cc", + "rev": "b6b4571d43616ffc7719941daafa350a453a9d44", "type": "github" }, "original": { @@ -233,11 +233,11 @@ ] }, "locked": { - "lastModified": 1725243956, - "narHash": "sha256-0A5ZP8uDCyBdYUzayZfy6JFdTefP79oZVAjyqA/yuSI=", + "lastModified": 1732761189, + "narHash": "sha256-A2a4Cw66421Wojv1uqSGkD1XW960uJ7wHuwmvGCUJ8s=", "owner": "oxalica", "repo": "rust-overlay", - "rev": "a10c8092d5f82622be79ed4dd12289f72011f850", + "rev": "fd0e3bf854b937632c92819d55d4ff8a130d5658", "type": "github" }, "original": { diff --git a/shells/teepot/default.nix b/shells/teepot/default.nix index faeb573..7055b44 100644 --- a/shells/teepot/default.nix +++ b/shells/teepot/default.nix @@ -7,18 +7,36 @@ , taplo , vault , cargo-release +, nixsgx +, stdenv }: mkShell { inputsFrom = [ teepot.teepot ]; - shellHook = '' - export OPENSSL_NO_VENDOR="1"; - ''; - packages = [ dive taplo vault cargo-release ]; + + TEE_LD_LIBRARY_PATH = lib.makeLibraryPath [ + nixsgx.sgx-dcap + nixsgx.sgx-dcap.quote_verify + nixsgx.sgx-dcap.default_qpl + ]; + + QCNL_CONF_PATH = "${nixsgx.sgx-dcap.default_qpl}/etc/sgx_default_qcnl.conf"; + OPENSSL_NO_VENDOR = "1"; + + shellHook = '' + if [ "x$NIX_LD" = "x" ]; then + export NIX_LD=$(<${stdenv.cc}/nix-support/dynamic-linker) + fi + if [ "x$NIX_LD_LIBRARY_PATH" = "x" ]; then + export NIX_LD_LIBRARY_PATH="$TEE_LD_LIBRARY_PATH" + else + export NIX_LD_LIBRARY_PATH="$NIX_LD_LIBRARY_PATH:$TEE_LD_LIBRARY_PATH" + fi + ''; }