pyrox.dev
nginx-sso: use buildGoModule
+12
-7
pkgs/servers/nginx-sso/default.nix
+12
-7
pkgs/servers/nginx-sso/default.nix
···
1
-
{ buildGoPackage, fetchFromGitHub, lib, nixosTests }:
1
+
{ lib
2
+
, buildGoModule
3
+
, fetchFromGitHub
4
+
, nixosTests
5
+
}:
2
6
3
-
buildGoPackage rec {
7
+
buildGoModule rec {
4
8
pname = "nginx-sso";
5
9
version = "0.25.0";
6
-
rev = "v${version}";
7
-
8
-
goPackagePath = "github.com/Luzifer/nginx-sso";
9
10
10
11
src = fetchFromGitHub {
11
-
inherit rev;
12
12
owner = "Luzifer";
13
13
repo = "nginx-sso";
14
-
sha256 = "0z5h92rpr1rcfk11ggsb9w4ipg93fcb9byll7vl4c0mfcqkpm2dr";
14
+
rev = "v${version}";
15
+
sha256 = "sha256-uYl6J2auAkboPpT6lRZzI70bCU9LvxfCdCyHfLNIsHw=";
15
16
};
17
+
18
+
vendorSha256 = null;
19
+
20
+
patches = [ ./rune.patch ];
16
21
17
22
postInstall = ''
18
23
mkdir -p $out/share
+13
pkgs/servers/nginx-sso/rune.patch
+13
pkgs/servers/nginx-sso/rune.patch
···
1
+
diff --git i/main.go w/main.go
2
+
index bf80f3d..632f7d6 100644
3
+
--- i/main.go
4
+
+++ w/main.go
5
+
@@ -174,7 +174,7 @@ func handleAuthRequest(res http.ResponseWriter, r *http.Request) {
6
+
case plugins.ErrNoValidUserFound:
7
+
// No valid user found, check whether special anonymous "user" has access
8
+
// Username is set to 0x0 character to prevent accidental whitelist-match
9
+
- if mainCfg.ACL.HasAccess(string(0x0), nil, r) {
10
+
+ if mainCfg.ACL.HasAccess(string(rune(0x0)), nil, r) {
11
+
mainCfg.AuditLog.Log(auditEventValidate, r, map[string]string{"result": "anonymous access granted"}) // #nosec G104 - This is only logging
12
+
res.WriteHeader(http.StatusOK)
13
+
return