2022-03-14 16:55:17 +01:00
|
|
|
{ lib
|
|
|
|
, stdenv
|
|
|
|
, fetchurl
|
|
|
|
, fetchpatch
|
|
|
|
, autoreconfHook
|
|
|
|
, bsd-finger
|
|
|
|
, perl
|
|
|
|
, talloc
|
|
|
|
, linkOpenssl? true, openssl
|
|
|
|
, withCap ? true, libcap
|
|
|
|
, withCollectd ? false, collectd
|
|
|
|
, withJson ? false, json_c
|
|
|
|
, withLdap ? true, openldap
|
|
|
|
, withMemcached ? false, libmemcached
|
|
|
|
, withMysql ? false, libmysqlclient
|
|
|
|
, withPcap ? true, libpcap
|
|
|
|
, withRedis ? false, hiredis
|
|
|
|
, withRest ? false, curl
|
|
|
|
, withSqlite ? true, sqlite
|
|
|
|
, withYubikey ? false, libyubikey
|
2016-03-16 08:15:55 +01:00
|
|
|
}:
|
2016-03-13 08:22:27 +01:00
|
|
|
|
2022-05-09 23:02:10 +02:00
|
|
|
assert withRest -> withJson;
|
2016-03-13 08:22:27 +01:00
|
|
|
|
|
|
|
stdenv.mkDerivation rec {
|
2019-08-15 14:41:18 +02:00
|
|
|
pname = "freeradius";
|
2023-06-02 13:34:25 +02:00
|
|
|
version = "3.2.3";
|
2016-03-13 08:22:27 +01:00
|
|
|
|
2017-01-26 03:00:26 +01:00
|
|
|
src = fetchurl {
|
|
|
|
url = "ftp://ftp.freeradius.org/pub/freeradius/freeradius-server-${version}.tar.gz";
|
2023-06-02 13:34:25 +02:00
|
|
|
hash = "sha256-S94EcSLliMY/4tWZpz96uahjgG+ecW6Io9dwgLSCxXc=";
|
2017-01-26 03:00:26 +01:00
|
|
|
};
|
|
|
|
|
|
|
|
nativeBuildInputs = [ autoreconfHook ];
|
|
|
|
|
2022-03-14 16:55:17 +01:00
|
|
|
buildInputs = [ openssl talloc bsd-finger perl ]
|
|
|
|
++ lib.optional withCap libcap
|
|
|
|
++ lib.optional withCollectd collectd
|
|
|
|
++ lib.optional withJson json_c
|
|
|
|
++ lib.optional withLdap openldap
|
|
|
|
++ lib.optional withMemcached libmemcached
|
|
|
|
++ lib.optional withMysql libmysqlclient
|
|
|
|
++ lib.optional withPcap libpcap
|
|
|
|
++ lib.optional withRedis hiredis
|
|
|
|
++ lib.optional withRest curl
|
|
|
|
++ lib.optional withSqlite sqlite
|
|
|
|
++ lib.optional withYubikey libyubikey;
|
2016-03-16 08:15:55 +01:00
|
|
|
|
2016-03-13 08:22:27 +01:00
|
|
|
configureFlags = [
|
2018-08-01 02:19:25 +02:00
|
|
|
"--sysconfdir=/etc"
|
|
|
|
"--localstatedir=/var"
|
2022-03-14 16:55:17 +01:00
|
|
|
] ++ lib.optional (!linkOpenssl) "--with-openssl=no";
|
2016-03-13 08:22:27 +01:00
|
|
|
|
2016-04-27 09:07:38 +02:00
|
|
|
postPatch = ''
|
2022-03-14 16:55:17 +01:00
|
|
|
substituteInPlace src/main/checkrad.in \
|
|
|
|
--replace "/usr/bin/finger" "${bsd-finger}/bin/finger"
|
2016-04-27 09:07:38 +02:00
|
|
|
'';
|
|
|
|
|
2020-02-28 10:50:43 +01:00
|
|
|
# By default, freeradius will generate Diffie-Hellman parameters and
|
|
|
|
# self-signed TLS certificates during installation. We don't want
|
|
|
|
# this, for several reasons:
|
|
|
|
# - reproducibility (random generation)
|
|
|
|
# - we don't want _anybody_ to use a cert where the private key is on our public binary cache!
|
|
|
|
# - we don't want the certs to change each time the package is rebuilt
|
|
|
|
# So let's avoid anything getting into our output.
|
|
|
|
makeFlags = [ "LOCAL_CERT_FILES=" ];
|
|
|
|
|
2016-03-13 08:22:27 +01:00
|
|
|
installFlags = [
|
|
|
|
"sysconfdir=\${out}/etc"
|
|
|
|
"localstatedir=\${TMPDIR}"
|
2020-02-28 10:50:43 +01:00
|
|
|
"INSTALL_CERT_FILES=" # see comment at makeFlags
|
2016-03-16 08:15:55 +01:00
|
|
|
];
|
2016-03-13 08:22:27 +01:00
|
|
|
|
2018-08-01 02:19:25 +02:00
|
|
|
outputs = [ "out" "dev" "man" "doc" ];
|
|
|
|
|
2021-01-11 08:54:33 +01:00
|
|
|
meta = with lib; {
|
2020-04-01 03:11:51 +02:00
|
|
|
homepage = "https://freeradius.org/";
|
2016-03-13 08:22:27 +01:00
|
|
|
description = "A modular, high performance free RADIUS suite";
|
2017-09-02 01:08:07 +02:00
|
|
|
license = licenses.gpl2;
|
2022-08-03 14:13:56 +02:00
|
|
|
maintainers = with maintainers; [ sheenobu willibutz lheckemann ];
|
2016-08-02 19:50:55 +02:00
|
|
|
platforms = with platforms; linux;
|
2016-03-13 08:22:27 +01:00
|
|
|
};
|
|
|
|
}
|
2022-03-14 16:55:17 +01:00
|
|
|
## TODO: include windbind optionally (via samba?)
|
|
|
|
## TODO: include oracle optionally
|
|
|
|
## TODO: include ykclient optionally
|