pyrox.dev
lol
1{ lib, stdenv, fetchFromGitHub, git, makeWrapper, openssl, coreutils, util-linux, gnugrep, gnused, gawk }:
2
3stdenv.mkDerivation rec {
4 pname = "transcrypt";
5 version = "1.1.0";
6
7 src = fetchFromGitHub {
8 owner = "elasticdog";
9 repo = "transcrypt";
10 rev = "v${version}";
11 sha256 = "1dkr69plk16wllk5bzlkchrzw63pk239dgbjhrb3mb61i065jdam";
12 };
13
14 nativeBuildInputs = [ makeWrapper ];
15 buildInputs = [ git openssl coreutils util-linux gnugrep gnused gawk ];
16
17 patches = [ ./helper-scripts_depspathprefix.patch ];
18
19 installPhase = ''
20 install -m 755 -D transcrypt $out/bin/transcrypt
21 install -m 644 -D man/transcrypt.1 $out/share/man/man1/transcrypt.1
22 install -m 644 -D contrib/bash/transcrypt $out/share/bash-completion/completions/transcrypt
23 install -m 644 -D contrib/zsh/_transcrypt $out/share/zsh/site-functions/_transcrypt
24
25 wrapProgram $out/bin/transcrypt \
26 --prefix PATH : "${lib.makeBinPath [ git openssl coreutils util-linux gnugrep gnused gawk ]}"
27
28 cat > $out/bin/transcrypt-depspathprefix << EOF
29 #!${stdenv.shell}
30 echo "${lib.makeBinPath [ git openssl coreutils gawk ]}:"
31 EOF
32 chmod +x $out/bin/transcrypt-depspathprefix
33 '';
34
35 meta = with lib; {
36 description = "Transparently encrypt files within a Git repository";
37 longDescription = ''
38 A script to configure transparent encryption of sensitive files stored in
39 a Git repository. Files that you choose will be automatically encrypted
40 when you commit them, and automatically decrypted when you check them
41 out. The process will degrade gracefully, so even people without your
42 encryption password can safely commit changes to the repository's
43 non-encrypted files.
44 '';
45 homepage = "https://github.com/elasticdog/transcrypt";
46 license = licenses.mit;
47 maintainers = [ maintainers.elasticdog ];
48 platforms = platforms.all;
49 };
50}