pkgs/os-specific/linux/usbguard/default.nix at 22.05

tjh.dev / nixpkgs
fork atom
nixpkgs mirror (for testing) github.com/NixOS/nixpkgs
nix
fork atom
nixpkgs / pkgs / os-specific / linux / usbguard / default.nix
at 22.05 91 lines 2.1 kB view raw
wrap content
 1{ stdenv
 2, lib
 3, fetchFromGitHub
 4, autoreconfHook
 5, installShellFiles
 6, nixosTests
 7, asciidoc
 8, pkg-config
 9, libxslt
10, libxml2
11, docbook_xml_dtd_45
12, docbook_xsl
13, dbus-glib
14, libcap_ng
15, libqb
16, libseccomp
17, polkit
18, protobuf
19, audit
20, libgcrypt
21, libsodium
22}:
23
24assert libgcrypt != null -> libsodium == null;
25
26stdenv.mkDerivation rec {
27  version = "1.1.1";
28  pname = "usbguard";
29
30  src = fetchFromGitHub {
31    owner = "USBGuard";
32    repo = pname;
33    rev = "usbguard-${version}";
34    sha256 = "sha256-lAh+l9GF+FHQqv2kEYU5JienZKGwR5e45BYAwjieYgw=";
35    fetchSubmodules = true;
36  };
37
38  nativeBuildInputs = [
39    autoreconfHook
40    installShellFiles
41    asciidoc
42    pkg-config
43    libxslt # xsltproc
44    libxml2 # xmllint
45    docbook_xml_dtd_45
46    docbook_xsl
47  ];
48
49  buildInputs = [
50    dbus-glib
51    libcap_ng
52    libqb
53    libseccomp
54    polkit
55    protobuf
56    audit
57  ]
58  ++ (lib.optional (libgcrypt != null) libgcrypt)
59  ++ (lib.optional (libsodium != null) libsodium);
60
61  configureFlags = [
62    "--with-bundled-catch"
63    "--with-bundled-pegtl"
64    "--with-dbus"
65    "--with-polkit"
66  ]
67  ++ (lib.optional (libgcrypt != null) "--with-crypto-library=gcrypt")
68  ++ (lib.optional (libsodium != null) "--with-crypto-library=sodium");
69
70  enableParallelBuilding = true;
71
72  postInstall = ''
73    installShellCompletion --bash --name usbguard.bash scripts/bash_completion/usbguard
74    installShellCompletion --zsh --name _usbguard scripts/usbguard-zsh-completion
75  '';
76
77  passthru.tests = nixosTests.usbguard;
78
79  meta = with lib; {
80    description = "The USBGuard software framework helps to protect your computer against BadUSB";
81    longDescription = ''
82      USBGuard is a software framework for implementing USB device authorization
83      policies (what kind of USB devices are authorized) as well as method of
84      use policies (how a USB device may interact with the system). Simply put,
85      it is a USB device whitelisting tool.
86    '';
87    homepage = "https://usbguard.github.io/";
88    license = licenses.gpl2Plus;
89    maintainers = [ maintainers.tnias ];
90  };
91}