pkgs/tools/networking/miniupnpd/default.nix at master · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs
lol
nixpkgs / pkgs / tools / networking / miniupnpd / default.nix
at master 121 lines 2.6 kB view raw
  1{
  2  stdenv,
  3  lib,
  4  fetchurl,
  5  iptables-legacy,
  6  libuuid,
  7  openssl,
  8  pkg-config,
  9  which,
 10  iproute2,
 11  gnused,
 12  coreutils,
 13  gnugrep,
 14  gawk,
 15  makeWrapper,
 16  nixosTests,
 17  firewall ? "iptables",
 18  nftables,
 19  libmnl,
 20  libnftnl,
 21}:
 22
 23let
 24  scriptBinEnv =
 25    lib.makeBinPath
 26      {
 27        iptables = [
 28          # needed for dirname in ip{,6}tables_*.sh
 29          coreutils
 30          # used in miniupnpd_functions.sh:
 31          which
 32          iproute2
 33          iptables-legacy
 34          gnused
 35          gnugrep
 36          gawk
 37        ];
 38        nftables = [
 39          # needed for dirname in nft_*.sh & cat in nft_init.sh
 40          coreutils
 41          # used in miniupnpd_functions.sh:
 42          which
 43          nftables
 44        ];
 45      }
 46      .${firewall};
 47in
 48stdenv.mkDerivation rec {
 49  pname = "miniupnpd";
 50  version = "2.3.9";
 51
 52  src = fetchurl {
 53    url = "https://miniupnp.tuxfamily.org/files/miniupnpd-${version}.tar.gz";
 54    sha256 = "sha256-Zss8PWl6srs6YdPEhigWbWujKNfC2+uViY/fKjICr3s=";
 55  };
 56
 57  buildInputs = [
 58    iptables-legacy
 59    libuuid
 60    openssl
 61  ]
 62  ++ lib.optionals (firewall == "nftables") [
 63    libmnl
 64    libnftnl
 65  ];
 66  nativeBuildInputs = [
 67    pkg-config
 68    makeWrapper
 69  ];
 70
 71  # ./configure is not a standard configure file, errors with:
 72  # Option not recognized : --prefix=
 73  dontAddPrefix = true;
 74  configureFlags = [
 75    "--firewall=${firewall}"
 76    # allow using various config options
 77    "--ipv6"
 78    "--leasefile"
 79    "--regex"
 80    "--vendorcfg"
 81    # hardening
 82    "--portinuse"
 83  ];
 84
 85  installFlags = [
 86    "PREFIX=$(out)"
 87    "INSTALLPREFIX=$(out)"
 88  ];
 89
 90  postFixup =
 91    {
 92      # Ideally we'd prefer using system's config.firewall.package here for iptables,
 93      # however for some reason switching --prefix to --suffix breaks the script
 94      iptables = ''
 95        for script in $out/etc/miniupnpd/ip{,6}tables_{init,removeall}.sh
 96        do
 97          wrapProgram $script --prefix PATH : '${scriptBinEnv}:$PATH'
 98        done
 99      '';
100      nftables = ''
101        for script in $out/etc/miniupnpd/nft_{delete_chain,flush,init,removeall}.sh
102        do
103          wrapProgram $script --suffix PATH : '${scriptBinEnv}:$PATH'
104        done
105      '';
106    }
107    .${firewall};
108
109  passthru.tests = {
110    bittorrent-integration = nixosTests.bittorrent;
111    inherit (nixosTests) upnp;
112  };
113
114  meta = with lib; {
115    homepage = "https://miniupnp.tuxfamily.org/";
116    description = "Daemon that implements the UPnP Internet Gateway Device (IGD) specification";
117    platforms = platforms.linux;
118    license = licenses.bsd3;
119    mainProgram = "miniupnpd";
120  };
121}