1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
|
{stdenv, system, fetchurl, dpkg, openssl, xorg
, glib, libGLU_combined, libpulseaudio, zlib, dbus, fontconfig, freetype
, gtk2, pango, atk, cairo, gdk_pixbuf, jasper, xkeyboardconfig
, makeWrapper , makeDesktopItem, python, pythonPackages, lib
, libredirect, lsof}:
assert system == "i686-linux" || system == "x86_64-linux";
let
all_data = (with builtins; fromJSON (readFile ./data.json));
system_map = {
i686-linux = "i386";
x86_64-linux = "amd64";
};
data = (with builtins; getAttr (getAttr system system_map) all_data);
baseUrl = http://repo.sinew.in;
# used of both wrappers and libpath
libPath = lib.makeLibraryPath (with xorg; [
openssl
libGLU_combined
fontconfig
freetype
libpulseaudio
zlib
dbus
libX11
libXi
libSM
libICE
libXext
libXrender
libXScrnSaver
glib
gtk2
pango
cairo
atk
gdk_pixbuf
jasper
stdenv.cc.cc
]);
package = stdenv.mkDerivation rec {
inherit (data) version;
name = "enpass-${version}";
src = fetchurl {
inherit (data) sha256;
url = "${baseUrl}/${data.path}";
};
meta = {
description = "a well known password manager";
homepage = https://www.enpass.io/;
license = lib.licenses.unfree;
platforms = lib.platforms.linux;
};
buildInputs = [makeWrapper dpkg];
phases = [ "unpackPhase" "installPhase" ];
unpackPhase = "dpkg -X $src .";
installPhase=''
mkdir $out
cp -r opt/Enpass/* $out
cp -r usr/* $out
rm $out/bin/runenpass.sh
cp $out/bin/EnpassHelper/EnpassHelper{,.untampered}
cp $out/bin/EnpassHelper/EnpassNMHost{,.untampered}
sed \
-i s@/opt/Enpass/bin/runenpass.sh@$out/bin/Enpass@ \
$out/share/applications/enpass.desktop
for i in $out/bin/{Enpass,EnpassHelper/{EnpassHelper,EnpassNMHost}}; do
patchelf --set-interpreter $(cat $NIX_CC/nix-support/dynamic-linker) $i
done
# The helper's sha256 sum must match, hence the use of libredirect.
# Also, lsof must be in the path for proper operation.
wrapProgram $out/bin/Enpass \
--set LD_LIBRARY_PATH "${libPath}:$out/lib:$out/plugins/sqldrivers" \
--set QT_PLUGIN_PATH "$out/plugins" \
--set QT_QPA_PLATFORM_PLUGIN_PATH "$out/plugins/platforms" \
--set QT_XKB_CONFIG_ROOT "${xkeyboardconfig}/share/X11/xkb" \
--set HIDE_TOOLBAR_LINE 0 \
--set LD_PRELOAD "${libredirect}/lib/libredirect.so" \
--set NIX_REDIRECTS "$out/bin/EnpassHelper/EnpassHelper=$out/bin/EnpassHelper/EnpassHelper.untampered:$out/bin/EnpassHelper/EnpassNMHost=$out/bin/EnpassHelper/EnpassNMHost.untampered" \
--prefix PATH : ${lsof}/bin
makeWrapper $out/bin/EnpassHelper/{EnpassNMHost,runNativeMessaging.sh} \
--set LD_LIBRARY_PATH "${libPath}:$out/lib:$out/plugins/sqldrivers" \
--set QT_PLUGIN_PATH "$out/plugins" \
--set QT_QPA_PLATFORM_PLUGIN_PATH "$out/plugins/platforms" \
--set QT_XKB_CONFIG_ROOT "${xkeyboardconfig}/share/X11/xkb" \
--set HIDE_TOOLBAR_LINE 0
'';
};
updater = {
update = stdenv.mkDerivation rec {
name = "enpass-update-script";
SCRIPT =./update_script.py;
buildInputs = with pythonPackages; [python requests pathlib2 six attrs ];
shellHook = ''
exec python $SCRIPT --target pkgs/tools/security/enpass/data.json --repo ${baseUrl}
'';
};
};
in (package // {refresh = updater;})
|