diff options
author | Ronny Pfannschmidt <opensource@ronnypfannschmidt.de> | 2016-09-19 18:50:52 +0200 |
---|---|---|
committer | Ronny Pfannschmidt <opensource@ronnypfannschmidt.de> | 2016-10-09 13:16:50 +0200 |
commit | 98895f5b67658aafb47e72a75e5a419d7b8102c7 (patch) | |
tree | 3f683195f6ac4a1af956aeb58e0b4693389497fa /pkgs/tools/security | |
parent | 07289a3b71dbf822f0206e9b2272ca1c9593c3c9 (diff) | |
download | nixpkgs-98895f5b67658aafb47e72a75e5a419d7b8102c7.tar nixpkgs-98895f5b67658aafb47e72a75e5a419d7b8102c7.tar.gz nixpkgs-98895f5b67658aafb47e72a75e5a419d7b8102c7.tar.bz2 nixpkgs-98895f5b67658aafb47e72a75e5a419d7b8102c7.tar.lz nixpkgs-98895f5b67658aafb47e72a75e5a419d7b8102c7.tar.xz nixpkgs-98895f5b67658aafb47e72a75e5a419d7b8102c7.tar.zst nixpkgs-98895f5b67658aafb47e72a75e5a419d7b8102c7.zip |
enpass: init at 5.3.0
Diffstat (limited to 'pkgs/tools/security')
-rw-r--r-- | pkgs/tools/security/enpass/data.json | 12 | ||||
-rw-r--r-- | pkgs/tools/security/enpass/default.nix | 106 | ||||
-rw-r--r-- | pkgs/tools/security/enpass/update_script.py | 95 |
3 files changed, 213 insertions, 0 deletions
diff --git a/pkgs/tools/security/enpass/data.json b/pkgs/tools/security/enpass/data.json new file mode 100644 index 00000000000..4e245d1c80f --- /dev/null +++ b/pkgs/tools/security/enpass/data.json @@ -0,0 +1,12 @@ +{ + "amd64": { + "path": "pool/main/e/enpass/enpass_5.3.0_amd64.deb", + "sha256": "d9da061c6456281da836bdd78bdb7baeced4b7f1805bb2495e4f1d15038cf86b", + "version": "5.3.0" + }, + "i386": { + "path": "pool/main/e/enpass/enpass_5.3.0_i386.deb", + "sha256": "58d9f3b83c2da477c13976e1826d112236eabd46a389de7e8767ee99ac41f469", + "version": "5.3.0" + } +} \ No newline at end of file diff --git a/pkgs/tools/security/enpass/default.nix b/pkgs/tools/security/enpass/default.nix new file mode 100644 index 00000000000..b7f7282d292 --- /dev/null +++ b/pkgs/tools/security/enpass/default.nix @@ -0,0 +1,106 @@ +{stdenv, system, fetchurl, dpkg, openssl, xorg +, glib, mesa, libpulseaudio, zlib, dbus, fontconfig, freetype +, gtk2, pango, atk, cairo, gdk_pixbuf, jasper, xkeyboardconfig +, makeWrapper , makeDesktopItem, python, pythonPackages, lib}: +assert system == "i686-linux" || system == "x86_64-linux"; +let + all_data = (with builtins; fromJSON (readFile ./data.json)); + system_map = { + i686-linux = "i386"; + x86_64-linux = "amd64"; + }; + + data = (with builtins; getAttr (getAttr system system_map) all_data); + + baseUrl = http://repo.sinew.in; + + # used of both wrappers and libpath + libPath = lib.makeLibraryPath (with xorg; [ + openssl + mesa + fontconfig + freetype + libpulseaudio + zlib + dbus + libX11 + libXi + libSM + libICE + libXext + libXrender + libXScrnSaver + glib + gtk2 + pango + cairo + atk + gdk_pixbuf + jasper + stdenv.cc.cc + ]); + package = stdenv.mkDerivation rec { + + inherit (data) version; + name = "enpass-${version}"; + + desktopItem = makeDesktopItem { + name = "Enpass"; + exec = "$out/bin/Enpass"; + #icon = "Enpass"; + desktopName = "Enpass"; + genericName = "Password manager"; + categories = "Application;Security;"; + }; + + + src = fetchurl { + inherit (data) sha256; + url = "${baseUrl}/${data.path}"; + }; + + meta = { + description = "a well known password manager"; + homepage = https://www.enpass.io/; + maintainer = lib.maintainers.ronny; + license = lib.licenses.unfree; + platforms = lib.platforms.linux; + }; + + buildInputs = [makeWrapper dpkg]; + phases = [ "unpackPhase" "installPhase" ]; + + unpackPhase = "dpkg -X $src ."; + installPhase='' + mkdir $out + cp -r opt/Enpass/* $out + + # Make desktop item + mkdir -p "$out"/share/applications + cp "$desktopItem"/share/applications/* "$out"/share/applications/ + mkdir -p "$out"/share/icons + + patchelf \ + --set-interpreter $(cat $NIX_CC/nix-support/dynamic-linker) \ + $out/bin/Enpass + + wrapProgram $out/bin/Enpass \ + --set LD_LIBRARY_PATH "${libPath}:$out/lib:$out/plugins/sqldrivers" \ + --set QT_PLUGIN_PATH "$out/plugins" \ + --set QT_QPA_PLATFORM_PLUGIN_PATH "$out/plugins/platforms" \ + --set QT_XKB_CONFIG_ROOT "${xkeyboardconfig}/share/X11/xkb" + ''; + }; + updater = { + update = stdenv.mkDerivation rec { + name = "enpass-update-script"; + SCRIPT =./update_script.py; + + buildInputs = with pythonPackages; [python requests pathlib2 six attrs ]; + shellHook = '' + exec python $SCRIPT --target pkgs/tools/security/enpass/data.json --repo ${baseUrl} + ''; + + }; + }; +in (package // {refresh = updater;}) diff --git a/pkgs/tools/security/enpass/update_script.py b/pkgs/tools/security/enpass/update_script.py new file mode 100644 index 00000000000..f8ec715cb5e --- /dev/null +++ b/pkgs/tools/security/enpass/update_script.py @@ -0,0 +1,95 @@ +from __future__ import print_function + + +import argparse +import bz2 +import email +import json +import logging + +from itertools import product +from operator import itemgetter + +import attr +import pkg_resources + +from pathlib2 import Path +from requests import Session +from six.moves.urllib_parse import urljoin + + +@attr.s +class ReleaseElement(object): + sha256 = attr.ib(repr=False) + size = attr.ib(convert=int) + path = attr.ib() + +log = logging.getLogger('enpass.updater') + + +parser = argparse.ArgumentParser() +parser.add_argument('--repo') +parser.add_argument('--target', type=Path) + + +session = Session() + + +def parse_bz2_msg(msg): + msg = bz2.decompress(msg) + if '\n\n' in msg: + parts = msg.split('\n\n') + return list(map(email.message_from_string, parts)) + return email.message_from_string(msg) + + +def fetch_meta(repo, name, parse=email.message_from_string, split=False): + url = urljoin(repo, 'dists/stable', name) + response = session.get("{repo}/dists/stable/{name}".format(**locals())) + return parse(response.content) + + +def fetch_filehashes(repo, path): + meta = fetch_meta(repo, path, parse=parse_bz2_msg) + for item in meta: + yield { + 'version': pkg_resources.parse_version(str(item['Version'])), + 'path': item['Filename'], + 'sha256': item['sha256'], + } + + +def fetch_archs(repo): + m = fetch_meta(repo, 'Release') + + architectures = m['Architectures'].split() + elements = [ReleaseElement(*x.split()) for x in m['SHA256'].splitlines()] + elements = [x for x in elements if x.path.endswith('bz2')] + + for arch, elem in product(architectures, elements): + if arch in elem.path: + yield arch, max(fetch_filehashes(repo, elem.path), + key=itemgetter('version')) + + +class OurVersionEncoder(json.JSONEncoder): + def default(self, obj): + # the other way around to avoid issues with + # newer setuptools having strict/legacy versions + if not isinstance(obj, (dict, str)): + return str(obj) + return json.JSONEncoder.default(self, obj) + + +def main(repo, target): + logging.basicConfig(level=logging.DEBUG) + with target.open(mode='wb') as fp: + json.dump( + dict(fetch_archs(repo)), fp, + cls=OurVersionEncoder, + indent=2, + sort_keys=True) + + +opts = parser.parse_args() +main(opts.repo, opts.target) |