diff options
author | Alyssa Ross <hi@alyssa.is> | 2021-08-04 10:43:07 +0000 |
---|---|---|
committer | Alyssa Ross <hi@alyssa.is> | 2021-08-04 10:43:07 +0000 |
commit | 62614cbef7da005c1eda8c9400160f6bcd6546b8 (patch) | |
tree | c2630f69080637987b68acb1ee8676d2681fe304 /pkgs/tools/security/step-ca/default.nix | |
parent | d9c82ed3044c72cecf01c6ea042489d30914577c (diff) | |
parent | e24069138dfec3ef94f211f1da005bb5395adc11 (diff) | |
download | nixpkgs-62614cbef7da005c1eda8c9400160f6bcd6546b8.tar nixpkgs-62614cbef7da005c1eda8c9400160f6bcd6546b8.tar.gz nixpkgs-62614cbef7da005c1eda8c9400160f6bcd6546b8.tar.bz2 nixpkgs-62614cbef7da005c1eda8c9400160f6bcd6546b8.tar.lz nixpkgs-62614cbef7da005c1eda8c9400160f6bcd6546b8.tar.xz nixpkgs-62614cbef7da005c1eda8c9400160f6bcd6546b8.tar.zst nixpkgs-62614cbef7da005c1eda8c9400160f6bcd6546b8.zip |
Merge branch 'nixpkgs-update' into master
Diffstat (limited to 'pkgs/tools/security/step-ca/default.nix')
-rw-r--r-- | pkgs/tools/security/step-ca/default.nix | 46 |
1 files changed, 38 insertions, 8 deletions
diff --git a/pkgs/tools/security/step-ca/default.nix b/pkgs/tools/security/step-ca/default.nix index e5574be8ab9..f72f3c978ff 100644 --- a/pkgs/tools/security/step-ca/default.nix +++ b/pkgs/tools/security/step-ca/default.nix @@ -1,25 +1,55 @@ -{ lib, buildGoPackage, fetchFromGitHub }: +{ stdenv +, lib +, fetchFromGitHub +, buildGoModule +, coreutils +, pcsclite +, PCSC +, pkg-config +, hsmSupport ? true +}: -buildGoPackage rec { +buildGoModule rec { pname = "step-ca"; - version = "0.13.3"; - - goPackagePath = "github.com/smallstep/certificates"; + version = "0.15.15"; src = fetchFromGitHub { owner = "smallstep"; repo = "certificates"; rev = "v${version}"; - sha256 = "1i42j7v5a5qqqb9ng8irblfyzykhyws0394q3zac290ymjijxbnq"; + sha256 = "sha256-YYYpMHEis/zoRsdwW70X8zn0FMsW+2vMYdlWxr3qqzY=="; }; - goDeps = ./deps.nix; + vendorSha256 = "sha256-mjj+70/ioqcchB3X5vZPb0Oa7lA/qKh5zEpidT0jrEs="; + + nativeBuildInputs = lib.optionals hsmSupport [ pkg-config ]; + + buildInputs = + lib.optionals (hsmSupport && stdenv.isLinux) [ pcsclite ] + ++ lib.optionals (hsmSupport && stdenv.isDarwin) [ PCSC ]; + + postPatch = '' + substituteInPlace systemd/step-ca.service --replace "/bin/kill" "${coreutils}/bin/kill" + ''; + + preBuild = '' + ${lib.optionalString (!hsmSupport) "export CGO_ENABLED=0"} + ''; + + postInstall = '' + install -Dm444 -t $out/lib/systemd/system systemd/step-ca.service + ''; + + # Tests fail on darwin with + # panic: httptest: failed to listen on a port: listen tcp6 [::1]:0: bind: operation not permitted [recovered] + # probably some sandboxing issue + doCheck = stdenv.isLinux; meta = with lib; { description = "A private certificate authority (X.509 & SSH) & ACME server for secure automated certificate management, so you can use TLS everywhere & SSO for SSH"; homepage = "https://smallstep.com/certificates/"; license = licenses.asl20; - maintainers = with maintainers; [ cmcdragonkai ]; + maintainers = with maintainers; [ cmcdragonkai mohe2015 ]; platforms = platforms.linux ++ platforms.darwin; }; } |