tjh.dev
1{
2 lib,
3 stdenv,
4 fetchFromGitHub,
5 fetchpatch,
6 cmake,
7 pkg-config,
8 mongoc,
9 openssl,
10 darwin,
11}:
12
13stdenv.mkDerivation rec {
14 pname = "libmongocrypt";
15 version = "1.7.4";
16
17 src = fetchFromGitHub {
18 owner = "mongodb";
19 repo = pname;
20 rev = version;
21 hash = "sha256-I4KG2BHAovin9EaF8lNzJzucARvi0Qptz5Y9gTt3WkE=";
22 };
23
24 patches = [
25 # fix pkg-config files
26 # submitted upstream: https://github.com/mongodb/libmongocrypt/pull/634
27 (fetchpatch {
28 url = "https://github.com/mongodb/libmongocrypt/commit/5514cf0a366c4d0dc1b0f2a62201f0f1161054da.diff";
29 hash = "sha256-eMSn6MRnc3yKfU2u/Bg3juWiupDzY1DUGi1/HSRftIs=";
30 })
31 ];
32
33 nativeBuildInputs = [
34 cmake
35 pkg-config
36 ];
37 buildInputs =
38 [
39 mongoc
40 openssl
41 ]
42 ++ lib.optionals stdenv.hostPlatform.isDarwin [
43 darwin.apple_sdk_11_0.frameworks.Security
44 ];
45
46 cmakeFlags = [
47 # all three of these are required to use system libbson
48 "-DUSE_SHARED_LIBBSON=ON"
49 "-DMONGOCRYPT_MONGOC_DIR=USE-SYSTEM"
50 "-DENABLE_ONLINE_TESTS=OFF"
51
52 # this pulls in a library we don't have
53 "-DMONGOCRYPT_ENABLE_DECIMAL128=OFF"
54
55 # this avoids a dependency on Python
56 "-DBUILD_VERSION=${version}"
57 ];
58
59 meta = with lib; {
60 description = "Required C library for client-side and queryable encryption in MongoDB";
61 homepage = "https://github.com/mongodb/libmongocrypt";
62 license = licenses.asl20;
63 platforms = platforms.unix;
64 };
65}