pkgs/tools/security/pass/default.nix at 23.05-pre

pyrox.dev / nixpkgs
lol
fork atom
nixpkgs / pkgs / tools / security / pass / default.nix
at 23.05-pre 172 lines 5.2 kB view raw
wrap content
Lin Jian pass: set mainProgram and pass-with-extentions's name to pass 3 years ago
25c9b1ce
  1{ stdenv, lib, pkgs, fetchurl, buildEnv
  2, coreutils, findutils, gnugrep, gnused, getopt, git, tree, gnupg, openssl
  3, which, openssh, procps, qrencode, makeWrapper, pass, symlinkJoin
  4
  5, xclip ? null, xdotool ? null, dmenu ? null
  6, x11Support ? !stdenv.isDarwin , dmenuSupport ? (x11Support || waylandSupport)
  7, waylandSupport ? false, wl-clipboard ? null
  8, ydotool ? null, dmenu-wayland ? null
  9
 10# For backwards-compatibility
 11, tombPluginSupport ? false
 12}:
 13
 14with lib;
 15
 16assert x11Support -> xclip != null;
 17assert waylandSupport -> wl-clipboard != null;
 18
 19assert dmenuSupport -> x11Support || waylandSupport;
 20assert dmenuSupport && x11Support
 21  -> dmenu != null && xdotool != null;
 22assert dmenuSupport && waylandSupport
 23  -> dmenu-wayland != null && ydotool != null;
 24
 25
 26let
 27  passExtensions = import ./extensions { inherit pkgs; };
 28
 29  env = extensions:
 30    let
 31      selected = [ pass ] ++ extensions passExtensions
 32        ++ lib.optional tombPluginSupport passExtensions.tomb;
 33    in buildEnv {
 34      # lib.getExe looks for name, so we keep it the same as mainProgram
 35      name = "pass";
 36      paths = selected;
 37      nativeBuildInputs = [ makeWrapper ];
 38      buildInputs = concatMap (x: x.buildInputs) selected;
 39
 40      postBuild = ''
 41        files=$(find $out/bin/ -type f -exec readlink -f {} \;)
 42        if [ -L $out/bin ]; then
 43          rm $out/bin
 44          mkdir $out/bin
 45        fi
 46
 47        for i in $files; do
 48          if ! [ "$(readlink -f "$out/bin/$(basename $i)")" = "$i" ]; then
 49            ln -sf $i $out/bin/$(basename $i)
 50          fi
 51        done
 52
 53        wrapProgram $out/bin/pass \
 54          --set SYSTEM_EXTENSION_DIR "$out/lib/password-store/extensions"
 55      '';
 56    };
 57in
 58
 59stdenv.mkDerivation rec {
 60  version = "1.7.4";
 61  pname = "password-store";
 62
 63  src = fetchurl {
 64    url    = "https://git.zx2c4.com/password-store/snapshot/${pname}-${version}.tar.xz";
 65    sha256 = "1h4k6w7g8pr169p5w9n6mkdhxl3pw51zphx7www6pvgjb7vgmafg";
 66  };
 67
 68  patches = [
 69    ./set-correct-program-name-for-sleep.patch
 70    ./extension-dir.patch
 71  ] ++ lib.optional stdenv.isDarwin ./no-darwin-getopt.patch;
 72
 73  nativeBuildInputs = [ makeWrapper ];
 74
 75  installFlags = [ "PREFIX=$(out)" "WITH_ALLCOMP=yes" ];
 76
 77  postInstall = ''
 78    # Install Emacs Mode. NOTE: We can't install the necessary
 79    # dependencies (s.el) here. The user has to do this themselves.
 80    mkdir -p "$out/share/emacs/site-lisp"
 81    cp "contrib/emacs/password-store.el" "$out/share/emacs/site-lisp/"
 82  '' + optionalString dmenuSupport ''
 83    cp "contrib/dmenu/passmenu" "$out/bin/"
 84  '';
 85
 86  wrapperPath = with lib; makeBinPath ([
 87    coreutils
 88    findutils
 89    getopt
 90    git
 91    gnugrep
 92    gnupg
 93    gnused
 94    tree
 95    which
 96    openssh
 97    procps
 98    qrencode
 99  ] ++ optional stdenv.isDarwin openssl
100    ++ optional x11Support xclip
101    ++ optional waylandSupport wl-clipboard
102    ++ optionals (waylandSupport && dmenuSupport) [ ydotool dmenu-wayland ]
103    ++ optionals (x11Support && dmenuSupport) [ xdotool dmenu ]
104  );
105
106  postFixup = ''
107    # Fix program name in --help
108    substituteInPlace $out/bin/pass \
109      --replace 'PROGRAM="''${0##*/}"' "PROGRAM=pass"
110
111    # Ensure all dependencies are in PATH
112    wrapProgram $out/bin/pass \
113      --prefix PATH : "${wrapperPath}"
114  '' + lib.optionalString dmenuSupport ''
115    # We just wrap passmenu with the same PATH as pass. It doesn't
116    # need all the tools in there but it doesn't hurt either.
117    wrapProgram $out/bin/passmenu \
118      --prefix PATH : "$out/bin:${wrapperPath}"
119  '';
120
121  # Turn "check" into "installcheck", since we want to test our pass,
122  # not the one before the fixup.
123  postPatch = ''
124    patchShebangs tests
125
126    substituteInPlace src/password-store.sh \
127      --replace "@out@" "$out"
128
129    # the turning
130    sed -i -e 's@^PASS=.*''$@PASS=$out/bin/pass@' \
131           -e 's@^GPGS=.*''$@GPG=${gnupg}/bin/gpg2@' \
132           -e '/which gpg/ d' \
133      tests/setup.sh
134  '' + lib.optionalString stdenv.isDarwin ''
135    # 'pass edit' uses hdid, which is not available from the sandbox.
136    rm -f tests/t0200-edit-tests.sh
137    rm -f tests/t0010-generate-tests.sh
138    rm -f tests/t0020-show-tests.sh
139    rm -f tests/t0050-mv-tests.sh
140    rm -f tests/t0100-insert-tests.sh
141    rm -f tests/t0300-reencryption.sh
142    rm -f tests/t0400-grep.sh
143  '';
144
145  doCheck = false;
146
147  doInstallCheck = true;
148  installCheckInputs = [ git ];
149  installCheckTarget = "test";
150
151  passthru = {
152    extensions = passExtensions;
153    withExtensions = env;
154  };
155
156  meta = with lib; {
157    description = "Stores, retrieves, generates, and synchronizes passwords securely";
158    homepage    = "https://www.passwordstore.org/";
159    license     = licenses.gpl2Plus;
160    mainProgram = "pass";
161    maintainers = with maintainers; [ lovek323 fpletz tadfisher globin ma27 ];
162    platforms   = platforms.unix;
163
164    longDescription = ''
165      pass is a very simple password store that keeps passwords inside gpg2
166      encrypted files inside a simple directory tree residing at
167      ~/.password-store. The pass utility provides a series of commands for
168      manipulating the password store, allowing the user to add, remove, edit,
169      synchronize, generate, and manipulate passwords.
170    '';
171  };
172}