pkgs/by-name/fr/freeradius/package.nix at devShellTools-shell

tjh.dev / nixpkgs
fork atom
nixpkgs mirror (for testing) github.com/NixOS/nixpkgs
nix
fork atom
nixpkgs / pkgs / by-name / fr / freeradius / package.nix
at devShellTools-shell 116 lines 2.7 kB view raw
wrap content
  1{
  2  lib,
  3  stdenv,
  4  fetchFromGitHub,
  5  autoreconfHook,
  6  bsd-finger,
  7  perl,
  8  talloc,
  9  linkOpenssl ? true,
 10  openssl,
 11  withCap ? true,
 12  libcap,
 13  withCollectd ? false,
 14  collectd,
 15  withJson ? false,
 16  json_c,
 17  withLdap ? true,
 18  openldap,
 19  withMemcached ? false,
 20  libmemcached,
 21  withMysql ? false,
 22  libmysqlclient,
 23  withPostgresql ? false,
 24  libpq,
 25  withPcap ? true,
 26  libpcap,
 27  withRedis ? false,
 28  hiredis,
 29  withRest ? false,
 30  curl,
 31  withSqlite ? true,
 32  sqlite,
 33  withYubikey ? false,
 34  libyubikey,
 35}:
 36
 37assert withRest -> withJson;
 38
 39stdenv.mkDerivation rec {
 40  pname = "freeradius";
 41  version = "3.2.7";
 42
 43  src = fetchFromGitHub {
 44    owner = "FreeRADIUS";
 45    repo = "freeradius-server";
 46    tag = "release_${lib.replaceStrings [ "." ] [ "_" ] version}";
 47    hash = "sha256-FG0/quBB5Q/bdYQqkFaZc/BhcIC/n2uVstlIGe4EPvE=";
 48  };
 49
 50  nativeBuildInputs = [ autoreconfHook ];
 51
 52  buildInputs = [
 53    openssl
 54    talloc
 55    bsd-finger
 56    perl
 57  ]
 58  ++ lib.optional withCap libcap
 59  ++ lib.optional withCollectd collectd
 60  ++ lib.optional withJson json_c
 61  ++ lib.optional withLdap openldap
 62  ++ lib.optional withMemcached libmemcached
 63  ++ lib.optional withMysql libmysqlclient
 64  ++ lib.optional withPostgresql libpq
 65  ++ lib.optional withPcap libpcap
 66  ++ lib.optional withRedis hiredis
 67  ++ lib.optional withRest curl
 68  ++ lib.optional withSqlite sqlite
 69  ++ lib.optional withYubikey libyubikey;
 70
 71  configureFlags = [
 72    "--sysconfdir=/etc"
 73    "--localstatedir=/var"
 74  ]
 75  ++ lib.optional (!linkOpenssl) "--with-openssl=no";
 76
 77  postPatch = ''
 78    substituteInPlace src/main/checkrad.in \
 79      --replace "/usr/bin/finger" "${bsd-finger}/bin/finger"
 80  '';
 81
 82  # By default, freeradius will generate Diffie-Hellman parameters and
 83  # self-signed TLS certificates during installation. We don't want
 84  # this, for several reasons:
 85  # - reproducibility (random generation)
 86  # - we don't want _anybody_ to use a cert where the private key is on our public binary cache!
 87  # - we don't want the certs to change each time the package is rebuilt
 88  # So let's avoid anything getting into our output.
 89  makeFlags = [ "LOCAL_CERT_FILES=" ];
 90
 91  installFlags = [
 92    "sysconfdir=\${out}/etc"
 93    "localstatedir=\${TMPDIR}"
 94    "INSTALL_CERT_FILES=" # see comment at makeFlags
 95  ];
 96
 97  outputs = [
 98    "out"
 99    "dev"
100    "man"
101    "doc"
102  ];
103
104  meta = with lib; {
105    homepage = "https://freeradius.org/";
106    description = "Modular, high performance free RADIUS suite";
107    license = licenses.gpl2Plus;
108    maintainers = with maintainers; [
109      sheenobu
110    ];
111    platforms = with platforms; linux;
112  };
113}
114## TODO: include windbind optionally (via samba?)
115## TODO: include oracle optionally
116## TODO: include ykclient optionally