opensnitch: fix daemon cant find iptables in PATH

1 files changed, 12 insertions, 7 deletions

diff --git a/pkgs/tools/networking/opensnitch/daemon.nix b/pkgs/tools/networking/opensnitch/daemon.nix
index 31057a8f527..b15670474ef 100644
--- a/pkgs/tools/networking/opensnitch/daemon.nix
+++ b/pkgs/tools/networking/opensnitch/daemon.nix
@@ -7,6 +7,7 @@
 , lib
 , coreutils
 , iptables
+, makeWrapper
 }:
 
 buildGoModule rec {
@@ -32,21 +33,25 @@ buildGoModule rec {
 
   modRoot = "daemon";
 
+  vendorSha256 = "sha256-LMwQBFkHg1sWIUITLOX2FZi5QUfOivvrkcl9ELO3Trk=";
+
+  nativeBuildInputs = [ pkg-config makeWrapper ];
+
+  buildInputs = [ libnetfilter_queue libnfnetlink ];
+
   postBuild = ''
     mv $GOPATH/bin/daemon $GOPATH/bin/opensnitchd
     mkdir -p $out/lib/systemd/system
     substitute opensnitchd.service $out/lib/systemd/system/opensnitchd.service \
-      --replace "/usr/local/bin/opensnitchd" "$out/bin/opensnitchd" \
+      --replace "/usr/local/bin/opensnitchd" "${out}/bin/opensnitchd" \
       --replace "/etc/opensnitchd/rules" "/var/lib/opensnitch/rules" \
       --replace "/bin/mkdir" "${coreutils}/bin/mkdir"
-    sed -i '/\[Service\]/a Environment=PATH=${iptables}/bin' $out/lib/systemd/system/opensnitchd.service
   '';
 
-  vendorSha256 = "sha256-LMwQBFkHg1sWIUITLOX2FZi5QUfOivvrkcl9ELO3Trk=";
-
-  nativeBuildInputs = [ pkg-config ];
-
-  buildInputs = [ libnetfilter_queue libnfnetlink ];
+  postInstall = ''
+    wrapProgram $out/bin/opensnitchd \
+      --prefix PATH : ${lib.makeBinPath [ iptables ]}
+  '';
 
   meta = with lib; {
     description = "An application firewall";