1 files changed, 27 insertions, 19 deletions
diff --git a/pkgs/tools/security/modsecurity/default.nix b/pkgs/tools/security/modsecurity/default.nix
index a5e03eb3fe1..2c02a5dd473 100644
--- a/pkgs/tools/security/modsecurity/default.nix
+++ b/pkgs/tools/security/modsecurity/default.nix
@@ -1,35 +1,43 @@
 { stdenv, lib, fetchurl, pkgconfig
-, curl, apacheHttpd, pcre, apr, aprutil, libxml2 }:
+, curl, apacheHttpd, pcre, apr, aprutil, libxml2
+, luaSupport ? false, lua5
+}:
 
 with lib;
 
+let luaValue = if luaSupport then lua5 else "no";
+    optional = stdenv.lib.optional;
+in
+
 stdenv.mkDerivation rec {
   name = "modsecurity-${version}";
-  version = "2.9.0";
+  version = "2.9.2";
 
   src = fetchurl {
     url = "https://www.modsecurity.org/tarball/${version}/${name}.tar.gz";
-    sha256 = "e2bbf789966c1f80094d88d9085a81bde082b2054f8e38e0db571ca49208f434";
+    sha256 = "41a8f73476ec891f3a9e8736b98b64ea5c2105f1ce15ea57a1f05b4bf2ffaeb5";
   };
 
   nativeBuildInputs = [ pkgconfig ];
-  buildInputs = [ curl apacheHttpd pcre apr aprutil libxml2 ];
-  configureFlags = [
-    "--enable-standalone-module"
-    "--enable-static"
-    "--with-curl=${curl.dev}"
-    "--with-apxs=${apacheHttpd.dev}/bin/apxs"
-    "--with-pcre=${pcre.dev}"
-    "--with-apr=${apr.dev}"
-    "--with-apu=${aprutil.dev}/bin/apu-1-config"
-    "--with-libxml=${libxml2.dev}"
-  ];
+  buildInputs = [  curl apacheHttpd pcre apr aprutil libxml2 ] ++
+    optional luaSupport lua5;
+
+  configureFlags = ''
+    --enable-standalone-module
+    --enable-static
+    --with-curl=${curl.dev}
+    --with-apxs=${apacheHttpd.dev}/bin/apxs
+    --with-pcre=${pcre.dev}
+    --with-apr=${apr.dev}
+    --with-apu=${aprutil.dev}/bin/apu-1-config
+    --with-libxml=${libxml2.dev}
+    --with-lua=${luaValue}
+  '';
 
   outputs = ["out" "nginx"];
-
-  preBuild = ''
-    substituteInPlace apache2/Makefile.in --replace "install -D " "# install -D"
-  '';
+  # by default modsecurity's install script copies compiled output to httpd's modules folder
+  # this patch removes those lines
+  patches = [ ./Makefile.in.patch ];
 
   postInstall = ''
     mkdir -p $nginx
@@ -41,6 +49,6 @@ stdenv.mkDerivation rec {
     license = licenses.asl20;
     homepage = https://www.modsecurity.org/;
     maintainers = with maintainers; [offline];
-    platforms = platforms.linux;
+    platforms   = stdenv.lib.platforms.linux ++ stdenv.lib.platforms.darwin;
   };
 }