commit 62d13413f4281a8d5b092101f706c04a44e0ddd4 · pyrox.dev/nixpkgs

+44

pkgs/build-support/mitm-cache/default.nix

···

··· 1 + { lib 2 + , stdenv 3 + , fetchFromGitHub 4 + , callPackage 5 + , rustPlatform 6 + , substituteAll 7 + , openssl 8 + , Security 9 + , python3Packages 10 + }: 11 + 12 + rustPlatform.buildRustPackage rec { 13 + pname = "mitm-cache"; 14 + version = "0.1.1"; 15 + 16 + src = fetchFromGitHub { 17 + owner = "chayleaf"; 18 + repo = "mitm-cache"; 19 + rev = "v${version}"; 20 + hash = "sha256-l9dnyA4Zo4jlbiCMRzUqW3NkiploVpmvxz9i896JkXU="; 21 + }; 22 + 23 + buildInputs = lib.optionals stdenv.isDarwin [ 24 + Security 25 + ]; 26 + 27 + cargoHash = "sha256-6eYOSSlswJGR2IrFo17qVnwI+h2FkyTjLFvwf62nG2c="; 28 + 29 + setupHook = substituteAll { 30 + src = ./setup-hook.sh; 31 + inherit openssl; 32 + ephemeral_port_reserve = python3Packages.ephemeral-port-reserve; 33 + }; 34 + 35 + passthru.fetch = callPackage ./fetch.nix { }; 36 + 37 + meta = with lib; { 38 + description = "A MITM caching proxy for use in nixpkgs"; 39 + homepage = "https://github.com/chayleaf/mitm-cache#readme"; 40 + license = licenses.mit; 41 + maintainers = with maintainers; [ chayleaf ]; 42 + mainProgram = "mitm-cache"; 43 + }; 44 + }

+49

pkgs/build-support/mitm-cache/fetch.nix

···

··· 1 + { lib 2 + , fetchurl 3 + , runCommand 4 + , writeText 5 + }: 6 + 7 + { name ? "deps" 8 + , data 9 + , dontFixup ? true 10 + , ... 11 + } 12 + @ attrs: 13 + 14 + let 15 + data' = builtins.removeAttrs 16 + (if builtins.isPath data then lib.importJSON data else data) 17 + [ "!version" ]; 18 + 19 + urlToPath = url: 20 + if lib.hasPrefix "https://" url then ( 21 + let 22 + url' = lib.drop 2 (lib.splitString "/" url); 23 + in "https/${builtins.concatStringsSep "/" url'}" 24 + ) 25 + else builtins.replaceStrings ["://"] ["/"] url; 26 + code = '' 27 + mkdir -p "$out" 28 + cd "$out" 29 + '' + builtins.concatStringsSep "" (lib.mapAttrsToList (url: info: 30 + let 31 + key = builtins.head (builtins.attrNames info); 32 + val = info.${key}; 33 + path = urlToPath url; 34 + name = baseNameOf path; 35 + source = { 36 + redirect = "$out/${urlToPath val}"; 37 + hash = fetchurl { inherit url; hash = val; }; 38 + text = writeText name val; 39 + }.${key} or (throw "Unknown key: ${url}"); 40 + in '' 41 + mkdir -p "${dirOf path}" 42 + ln -s "${source}" "${path}" 43 + '') data'); 44 + in 45 + runCommand name (builtins.removeAttrs attrs [ "name" "data" ] // { 46 + passthru = (attrs.passthru or {}) // { 47 + data = writeText "deps.json" (builtins.toJSON data); 48 + }; 49 + }) code

+21

pkgs/build-support/mitm-cache/setup-hook.sh

···

··· 1 + mitmCacheConfigureHook() { 2 + if [ -d "$mitmCache" ] && [ -z "$MITM_CACHE_CERT_DIR" ]; then 3 + MITM_CACHE_CERT_DIR="$(mktemp -d)" 4 + pushd "$MITM_CACHE_CERT_DIR" 5 + MITM_CACHE_CA="$MITM_CACHE_CERT_DIR/ca.cer" 6 + @openssl@/bin/openssl genrsa -out ca.key 2048 7 + @openssl@/bin/openssl req -x509 -new -nodes -key ca.key -sha256 -days 1 -out ca.cer -subj "/C=AL/ST=a/L=a/O=a/OU=a/CN=example.org" 8 + MITM_CACHE_HOST="127.0.0.1" 9 + MITM_CACHE_PORT="${mitmCachePort:-$(@ephemeral_port_reserve@/bin/ephemeral-port-reserve "$MITM_CACHE_HOST")}" 10 + MITM_CACHE_ADDRESS="$MITM_CACHE_HOST:$MITM_CACHE_PORT" 11 + export http_proxy="$MITM_CACHE_ADDRESS" 12 + export https_proxy="$MITM_CACHE_ADDRESS" 13 + export SSL_CERT_FILE="$MITM_CACHE_CA" 14 + export NIX_SSL_CERT_FILE="$MITM_CACHE_CA" 15 + mitm-cache -l"$MITM_CACHE_ADDRESS" replay "$mitmCache" >/dev/null 2>/dev/null & 16 + popd 17 + fi 18 + } 19 + 20 + # prepend it so any other configure hooks can use the generated root CA 21 + preConfigureHooks=(mitmCacheConfigureHook "${preConfigureHooks[@]}")

+4

pkgs/top-level/all-packages.nix

··· 1391 1392 makeHardcodeGsettingsPatch = callPackage ../build-support/make-hardcode-gsettings-patch { }; 1393 1394 # intended to be used like nix-build -E 'with import <nixpkgs> { }; enableDebugging fooPackage' 1395 enableDebugging = pkg: pkg.override { stdenv = stdenvAdapters.keepDebugInfo pkg.stdenv; }; 1396

··· 1391 1392 makeHardcodeGsettingsPatch = callPackage ../build-support/make-hardcode-gsettings-patch { }; 1393 1394 + mitm-cache = callPackage ../build-support/mitm-cache { 1395 + inherit (darwin.apple_sdk.frameworks) Security; 1396 + }; 1397 + 1398 # intended to be used like nix-build -E 'with import <nixpkgs> { }; enableDebugging fooPackage' 1399 enableDebugging = pkg: pkg.override { stdenv = stdenvAdapters.keepDebugInfo pkg.stdenv; }; 1400