tjh.dev / nixpkgs
Clone of https://github.com/NixOS/nixpkgs.git (to stress-test knotserver)
fork atom
nixpkgs / pkgs / tools / networking / ivpn / default.nix
at master 118 lines 3.6 kB view raw
1{ 2 buildGoModule, 3 fetchFromGitHub, 4 lib, 5 wirelesstools, 6 makeWrapper, 7 wireguard-tools, 8 openvpn, 9 obfs4, 10 iproute2, 11 dnscrypt-proxy, 12 iptables, 13 gawk, 14 util-linux, 15 nix-update-script, 16}: 17 18builtins.mapAttrs 19 ( 20 pname: attrs: 21 buildGoModule ( 22 attrs 23 // rec { 24 inherit pname; 25 version = "3.14.34"; 26 27 buildInputs = [ 28 wirelesstools 29 ]; 30 31 src = fetchFromGitHub { 32 owner = "ivpn"; 33 repo = "desktop-app"; 34 tag = "v${version}"; 35 hash = "sha256-Q96G5mJahJnXxpqJ8IF0oFie7l0Nd1p8drHH9NSpwEw="; 36 }; 37 38 proxyVendor = true; # .c file 39 40 ldflags = [ 41 "-s" 42 "-w" 43 "-X github.com/ivpn/desktop-app/daemon/version._version=${version}" 44 "-X github.com/ivpn/desktop-app/daemon/version._time=1970-01-01" 45 ]; 46 47 postInstall = '' 48 mv $out/bin/{${attrs.modRoot},${pname}} 49 ''; 50 51 passthru.updateScript = nix-update-script { }; 52 53 meta = { 54 description = "Official IVPN Desktop app"; 55 homepage = "https://www.ivpn.net/apps"; 56 changelog = "https://github.com/ivpn/desktop-app/releases/tag/v${version}"; 57 license = lib.licenses.gpl3Only; 58 maintainers = with lib.maintainers; [ 59 urandom 60 blenderfreaky 61 ]; 62 mainProgram = "ivpn"; 63 }; 64 } 65 ) 66 ) 67 { 68 ivpn = { 69 modRoot = "cli"; 70 vendorHash = "sha256-xZ1tMiv06fE2wtpDagKjHiVTPYWpj32hM6n/v9ZcgrE="; 71 }; 72 ivpn-service = { 73 modRoot = "daemon"; 74 vendorHash = "sha256-DVKSCcEeE7vI8aOYuEwk22n0wtF7MMDOyAgYoXYadwI="; 75 nativeBuildInputs = [ makeWrapper ]; 76 77 patches = [ ./permissions.patch ]; 78 postPatch = '' 79 substituteInPlace daemon/service/platform/platform_linux.go \ 80 --replace 'openVpnBinaryPath = "/usr/sbin/openvpn"' \ 81 'openVpnBinaryPath = "${openvpn}/bin/openvpn"' \ 82 --replace 'routeCommand = "/sbin/ip route"' \ 83 'routeCommand = "${iproute2}/bin/ip route"' 84 85 substituteInPlace daemon/netinfo/netinfo_linux.go \ 86 --replace 'retErr := shell.ExecAndProcessOutput(log, outParse, "", "/sbin/ip", "route")' \ 87 'retErr := shell.ExecAndProcessOutput(log, outParse, "", "${iproute2}/bin/ip", "route")' 88 89 substituteInPlace daemon/service/platform/platform_linux_release.go \ 90 --replace 'installDir := "/opt/ivpn"' "installDir := \"$out\"" \ 91 --replace 'obfsproxyStartScript = path.Join(installDir, "obfsproxy/obfs4proxy")' \ 92 'obfsproxyStartScript = "${lib.getExe obfs4}"' \ 93 --replace 'wgBinaryPath = path.Join(installDir, "wireguard-tools/wg-quick")' \ 94 'wgBinaryPath = "${wireguard-tools}/bin/wg-quick"' \ 95 --replace 'wgToolBinaryPath = path.Join(installDir, "wireguard-tools/wg")' \ 96 'wgToolBinaryPath = "${wireguard-tools}/bin/wg"' \ 97 --replace 'dnscryptproxyBinPath = path.Join(installDir, "dnscrypt-proxy/dnscrypt-proxy")' \ 98 'dnscryptproxyBinPath = "${dnscrypt-proxy}/bin/dnscrypt-proxy"' 99 ''; 100 101 postFixup = '' 102 mkdir -p $out/etc 103 cp -r $src/daemon/References/Linux/etc/* $out/etc/ 104 cp -r $src/daemon/References/common/etc/* $out/etc/ 105 106 patchShebangs --build $out/etc/firewall.sh $out/etc/splittun.sh $out/etc/client.down $out/etc/client.up 107 108 wrapProgram "$out/bin/ivpn-service" \ 109 --suffix PATH : ${ 110 lib.makeBinPath [ 111 iptables 112 gawk 113 util-linux 114 ] 115 } 116 ''; 117 }; 118 }