From f681e8a72b73bbb8b477271e613a2e2f93ea9825 Mon Sep 17 00:00:00 2001
From: Jean-Paul Calderone <exarkun@twistedmatrix.com>
Date: Thu, 25 Mar 2021 16:40:42 -0400
Subject: [PATCH] Propagate overlays to the shell environment

Also add a test for openssl runtime version matching packaging version
---
 nixos/lib/tests/test_openssl.nix | 14 +++++++++++++-
 nixpkgs.nix                      | 16 ++++++++++++++++
 shell.nix                        | 11 ++---------
 3 files changed, 31 insertions(+), 10 deletions(-)
 create mode 100644 nixpkgs.nix

diff --git a/nixos/lib/tests/test_openssl.nix b/nixos/lib/tests/test_openssl.nix
index 44c13ff1..a651657f 100644
--- a/nixos/lib/tests/test_openssl.nix
+++ b/nixos/lib/tests/test_openssl.nix
@@ -1,6 +1,18 @@
 openssl:
-{ test_version =
+{ test_package_version =
   { expected = "1.1.1k";
     expr = "${openssl.version}";
   };
+  test_runtime_version_matches =
+  { expected = "${openssl.version}";
+    expr =
+      let
+        pkgs = import <nixpkgs> { };
+        cmd = "${openssl}/bin/openssl version";
+        drv = pkgs.runCommand "version" {} "${cmd} > $out";
+        runtime_version = builtins.readFile drv;
+        pieces = pkgs.lib.splitString " " runtime_version;
+      in
+        builtins.elemAt pieces 1;
+  };
 }
diff --git a/nixpkgs.nix b/nixpkgs.nix
new file mode 100644
index 00000000..923a7c8e
--- /dev/null
+++ b/nixpkgs.nix
@@ -0,0 +1,16 @@
+{ overlays ? true }:
+let
+  nixpkgs-pin = {
+    name = "nixpkgs";
+    url = "https://github.com/NixOS/nixpkgs-channels/archive/353333ef340952c05332e3c271dff953264cb017.tar.gz";
+    sha256 = "sha256:0bv34yz892yxhx2kb8a1yr5pm0g8ck5w021yj87r7kfnp416apdh";
+    };
+
+  nixpkgs-src = builtins.fetchTarball nixpkgs-pin;
+  args =
+    if overlays
+    then { overlays = [ (import <psio/nixos/openssl-111k.nix>) ]; }
+    else { };
+  nixpkgs = import nixpkgs-src args;
+in
+  nixpkgs
diff --git a/shell.nix b/shell.nix
index e2e54ee0..40c98b33 100644
--- a/shell.nix
+++ b/shell.nix
@@ -1,11 +1,4 @@
-let
-  nixpkgs-pin = builtins.fromJSON (builtins.readFile ./nixpkgs.json);
-  nixpkgs-src = builtins.fetchTarball nixpkgs-pin;
-  nixpkgs = import nixpkgs-src {
-    overlays = [ (import ./nixos/openssl-111k.nix) ];
-  };
-in
-{ pkgs ? nixpkgs }:
+{ pkgs ? import ./nixpkgs.nix { overlays = false; } }:
 let
   # Get a version of Morph known to work with our version of NixOS.
   morph-src = pkgs.fetchFromGitHub {
@@ -17,7 +10,7 @@ let
   morph = pkgs.callPackage (morph-src + "/nix-packaging") { };
 in
 pkgs.mkShell {
-  NIX_PATH = "nixpkgs=${nixpkgs.path}";
+  NIX_PATH = "nixpkgs=${./nixpkgs.nix}:psio=${./.}";
   buildInputs = [
     morph
   ];
-- 
GitLab