pyrox.dev
1{ stdenv, fetchurl, libmnl, kernel ? null }:
2
3# module requires Linux >= 3.10 https://www.wireguard.io/install/#kernel-requirements
4assert kernel != null -> stdenv.lib.versionAtLeast kernel.version "3.10";
5
6let
7 name = "wireguard-${version}";
8
9 version = "0.0.20180218";
10
11 src = fetchurl {
12 url = "https://git.zx2c4.com/WireGuard/snapshot/WireGuard-${version}.tar.xz";
13 sha256 = "4ac4c4e4ad4dc2cf9dcb831b0cf347567ccea675ca524528cf5a4d9dccb2fe52";
14 };
15
16 meta = with stdenv.lib; {
17 homepage = https://www.wireguard.com/;
18 downloadPage = https://git.zx2c4.com/WireGuard/refs/;
19 description = "A prerelease of an experimental VPN tunnel which is not to be depended upon for security";
20 maintainers = with maintainers; [ ericsagnes mic92 zx2c4 ];
21 license = licenses.gpl2;
22 platforms = platforms.linux;
23 };
24
25 module = stdenv.mkDerivation {
26 inherit src meta name;
27
28 preConfigure = ''
29 cd src
30 sed -i '/depmod/,+1d' Makefile
31 '';
32
33 hardeningDisable = [ "pic" ];
34
35 KERNELDIR = "${kernel.dev}/lib/modules/${kernel.modDirVersion}/build";
36 INSTALL_MOD_PATH = "\${out}";
37
38 NIX_CFLAGS = ["-Wno-error=cpp"];
39
40 nativeBuildInputs = kernel.moduleBuildDependencies;
41
42 buildPhase = "make module";
43 };
44
45 tools = stdenv.mkDerivation {
46 inherit src meta name;
47
48 preConfigure = "cd src";
49
50 buildInputs = [ libmnl ];
51
52 enableParallelBuilding = true;
53
54 makeFlags = [
55 "WITH_BASHCOMPLETION=yes"
56 "WITH_WGQUICK=yes"
57 "WITH_SYSTEMDUNITS=yes"
58 "DESTDIR=$(out)"
59 "PREFIX=/"
60 "-C" "tools"
61 ];
62
63 buildPhase = "make tools";
64
65 postInstall = ''
66 substituteInPlace $out/lib/systemd/system/wg-quick@.service \
67 --replace /usr/bin $out/bin
68 '';
69 };
70
71in if kernel == null
72 then tools
73 else module