tjh.dev / nixpkgs
Clone of https://github.com/NixOS/nixpkgs.git (to stress-test knotserver)
fork atom
nixpkgs / pkgs / tools / networking / ivpn / default.nix
at devShellTools-shell 115 lines 3.6 kB view raw
1{ 2 buildGoModule, 3 fetchFromGitHub, 4 lib, 5 wirelesstools, 6 makeWrapper, 7 wireguard-tools, 8 openvpn, 9 obfs4, 10 iproute2, 11 dnscrypt-proxy, 12 iptables, 13 gawk, 14 util-linux, 15}: 16 17builtins.mapAttrs 18 ( 19 pname: attrs: 20 buildGoModule ( 21 attrs 22 // rec { 23 inherit pname; 24 version = "3.14.29"; 25 26 buildInputs = [ 27 wirelesstools 28 ]; 29 30 src = fetchFromGitHub { 31 owner = "ivpn"; 32 repo = "desktop-app"; 33 tag = "v${version}"; 34 hash = "sha256-8JScty/sGyxzC2ojRpatHpCqEXZw9ksMortIhZnukoU="; 35 }; 36 37 proxyVendor = true; # .c file 38 39 ldflags = [ 40 "-s" 41 "-w" 42 "-X github.com/ivpn/desktop-app/daemon/version._version=${version}" 43 "-X github.com/ivpn/desktop-app/daemon/version._time=1970-01-01" 44 ]; 45 46 postInstall = '' 47 mv $out/bin/{${attrs.modRoot},${pname}} 48 ''; 49 50 meta = { 51 description = "Official IVPN Desktop app"; 52 homepage = "https://www.ivpn.net/apps"; 53 changelog = "https://github.com/ivpn/desktop-app/releases/tag/v${version}"; 54 license = lib.licenses.gpl3Only; 55 maintainers = with lib.maintainers; [ 56 urandom 57 ataraxiasjel 58 ]; 59 mainProgram = "ivpn"; 60 }; 61 } 62 ) 63 ) 64 { 65 ivpn = { 66 modRoot = "cli"; 67 vendorHash = "sha256-STbkFchrmxwWnSgEJ7RGKN3jGaCC0npL80YjlwUcs1g="; 68 }; 69 ivpn-service = { 70 modRoot = "daemon"; 71 vendorHash = "sha256-REIY3XPyMA2Loxo1mKzJMJwZrf9dQMOtnQOUEgN5LP8="; 72 nativeBuildInputs = [ makeWrapper ]; 73 74 patches = [ ./permissions.patch ]; 75 postPatch = '' 76 substituteInPlace daemon/service/platform/platform_linux.go \ 77 --replace 'openVpnBinaryPath = "/usr/sbin/openvpn"' \ 78 'openVpnBinaryPath = "${openvpn}/bin/openvpn"' \ 79 --replace 'routeCommand = "/sbin/ip route"' \ 80 'routeCommand = "${iproute2}/bin/ip route"' 81 82 substituteInPlace daemon/netinfo/netinfo_linux.go \ 83 --replace 'retErr := shell.ExecAndProcessOutput(log, outParse, "", "/sbin/ip", "route")' \ 84 'retErr := shell.ExecAndProcessOutput(log, outParse, "", "${iproute2}/bin/ip", "route")' 85 86 substituteInPlace daemon/service/platform/platform_linux_release.go \ 87 --replace 'installDir := "/opt/ivpn"' "installDir := \"$out\"" \ 88 --replace 'obfsproxyStartScript = path.Join(installDir, "obfsproxy/obfs4proxy")' \ 89 'obfsproxyStartScript = "${lib.getExe obfs4}"' \ 90 --replace 'wgBinaryPath = path.Join(installDir, "wireguard-tools/wg-quick")' \ 91 'wgBinaryPath = "${wireguard-tools}/bin/wg-quick"' \ 92 --replace 'wgToolBinaryPath = path.Join(installDir, "wireguard-tools/wg")' \ 93 'wgToolBinaryPath = "${wireguard-tools}/bin/wg"' \ 94 --replace 'dnscryptproxyBinPath = path.Join(installDir, "dnscrypt-proxy/dnscrypt-proxy")' \ 95 'dnscryptproxyBinPath = "${dnscrypt-proxy}/bin/dnscrypt-proxy"' 96 ''; 97 98 postFixup = '' 99 mkdir -p $out/etc 100 cp -r $src/daemon/References/Linux/etc/* $out/etc/ 101 cp -r $src/daemon/References/common/etc/* $out/etc/ 102 103 patchShebangs --build $out/etc/firewall.sh $out/etc/splittun.sh $out/etc/client.down $out/etc/client.up 104 105 wrapProgram "$out/bin/ivpn-service" \ 106 --suffix PATH : ${ 107 lib.makeBinPath [ 108 iptables 109 gawk 110 util-linux 111 ] 112 } 113 ''; 114 }; 115 }