pkgs/tools/networking/openvpn/default.nix at master · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs
lol
nixpkgs / pkgs / tools / networking / openvpn / default.nix
at master 2.4 kB view raw
 1{
 2  lib,
 3  stdenv,
 4  fetchurl,
 5  pkg-config,
 6  libcap_ng,
 7  libnl,
 8  lz4,
 9  lzo,
10  openssl,
11  pam,
12  useSystemd ? lib.meta.availableOn stdenv.hostPlatform systemd,
13  systemd,
14  update-systemd-resolved,
15  pkcs11Support ? false,
16  pkcs11helper,
17  nixosTests,
18  unixtools,
19}:
20
21let
22  inherit (lib) optional optionals optionalString;
23in
24stdenv.mkDerivation (finalAttrs: {
25  pname = "openvpn";
26  version = "2.6.14";
27
28  src = fetchurl {
29    url = "https://swupdate.openvpn.net/community/releases/openvpn-${finalAttrs.version}.tar.gz";
30    hash = "sha256-nramYYNS+ee3canTiuFjG17f7tbUAjPiQ+YC3fIZXno=";
31  };
32
33  # Effectively a backport of https://github.com/OpenVPN/openvpn/commit/1d3c2b67a73a0aa011c13e62f876d24e49d41df0
34  # to fix build on linux-headers 6.16.
35  # FIXME: remove in next update
36  patches = [
37    ./dco.patch
38  ];
39
40  nativeBuildInputs = [
41    pkg-config
42  ]
43  ++ lib.optionals stdenv.hostPlatform.isDarwin [
44    unixtools.route
45    unixtools.ifconfig
46  ];
47
48  buildInputs = [
49    lz4
50    lzo
51    openssl
52  ]
53  ++ optionals stdenv.hostPlatform.isLinux [
54    libcap_ng
55    libnl
56    pam
57  ]
58  ++ optional useSystemd systemd
59  ++ optional pkcs11Support pkcs11helper;
60
61  configureFlags =
62    optional useSystemd "--enable-systemd"
63    ++ optional pkcs11Support "--enable-pkcs11"
64    ++ optional stdenv.hostPlatform.isDarwin "--disable-plugin-auth-pam";
65
66  # We used to vendor the update-systemd-resolved script inside libexec,
67  # but a separate package was made, that uses libexec/openvpn. Copy it
68  # into libexec in case any consumers expect it to be there even though
69  # they should use the update-systemd-resolved package instead.
70  postInstall = ''
71    mkdir -p $out/share/doc/openvpn/examples
72    cp -r sample/sample-{config-files,keys,scripts}/ $out/share/doc/openvpn/examples
73  ''
74  + optionalString useSystemd ''
75    install -Dm555 -t $out/libexec ${update-systemd-resolved}/libexec/openvpn/*
76  '';
77
78  enableParallelBuilding = true;
79
80  passthru.tests = {
81    inherit (nixosTests) initrd-network-openvpn systemd-initrd-networkd-openvpn;
82  };
83
84  meta = with lib; {
85    description = "Robust and highly flexible tunneling application";
86    downloadPage = "https://openvpn.net/community-downloads/";
87    homepage = "https://openvpn.net/";
88    license = licenses.gpl2Only;
89    maintainers = with maintainers; [ peterhoeg ];
90    platforms = platforms.unix;
91    mainProgram = "openvpn";
92  };
93})