appgate-sdp: minimize and improve derivation
This commit is contained in:
Yurii Matsiuk
parent
65db0350fe
commit
21dd07a0ca
2 changed files with 47 additions and 76 deletions
|
|
@ -5,8 +5,7 @@ with lib;
|
|||
{
|
||||
options = {
|
||||
programs.appgate-sdp = {
|
||||
enable = mkEnableOption
|
||||
"AppGate SDP VPN client";
|
||||
enable = mkEnableOption "AppGate SDP VPN client";
|
||||
};
|
||||
};
|
||||
|
||||
|
|
@ -17,7 +16,10 @@ with lib;
|
|||
systemd = {
|
||||
packages = [ pkgs.appgate-sdp ];
|
||||
# https://github.com/NixOS/nixpkgs/issues/81138
|
||||
services.appgatedriver.wantedBy = [ "multi-user.target" ];
|
||||
services.appgatedriver.wantedBy = [ "multi-user.target" ];
|
||||
services.appgate-dumb-resolver.path = [ pkgs.e2fsprogs ];
|
||||
services.appgate-resolver.path = [ pkgs.procps pkgs.e2fsprogs ];
|
||||
services.appgatedriver.path = [ pkgs.e2fsprogs ];
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
|||
|
|
@ -2,15 +2,13 @@
|
|||
, at-spi2-atk
|
||||
, at-spi2-core
|
||||
, atk
|
||||
, bash
|
||||
, autoPatchelfHook
|
||||
, cairo
|
||||
, coreutils
|
||||
, cups
|
||||
, curl
|
||||
, dbus
|
||||
, dnsmasq
|
||||
, dpkg
|
||||
, e2fsprogs
|
||||
, expat
|
||||
, fetchurl
|
||||
, gdk-pixbuf
|
||||
|
|
@ -20,25 +18,14 @@
|
|||
, iproute2
|
||||
, krb5
|
||||
, lib
|
||||
, mesa
|
||||
, libdrm
|
||||
, libX11
|
||||
, libXScrnSaver
|
||||
, libXcomposite
|
||||
, libXcursor
|
||||
, libXdamage
|
||||
, libXext
|
||||
, libXfixes
|
||||
, libXi
|
||||
, libXrandr
|
||||
, libXrender
|
||||
, libXtst
|
||||
, libxkbcommon
|
||||
, libsecret
|
||||
, libuuid
|
||||
, libxcb
|
||||
, libxkbcommon
|
||||
, lttng-ust
|
||||
, makeWrapper
|
||||
, mesa
|
||||
, networkmanager
|
||||
, nspr
|
||||
, nss
|
||||
|
|
@ -50,6 +37,7 @@
|
|||
, stdenv
|
||||
, systemd
|
||||
, xdg-utils
|
||||
, xorg
|
||||
, zlib
|
||||
}:
|
||||
with lib;
|
||||
|
|
@ -69,46 +57,48 @@ let
|
|||
gtk3
|
||||
icu
|
||||
krb5
|
||||
mesa
|
||||
libdrm
|
||||
libX11
|
||||
libXScrnSaver
|
||||
libXcomposite
|
||||
libXcursor
|
||||
libXdamage
|
||||
libXext
|
||||
libXfixes
|
||||
libXi
|
||||
libXrandr
|
||||
libXrender
|
||||
libXtst
|
||||
libxkbcommon
|
||||
libsecret
|
||||
libuuid
|
||||
libxcb
|
||||
libxkbcommon
|
||||
lttng-ust
|
||||
mesa
|
||||
nspr
|
||||
nss
|
||||
openssl
|
||||
pango
|
||||
stdenv.cc.cc
|
||||
systemd
|
||||
xorg.libX11
|
||||
xorg.libXScrnSaver
|
||||
xorg.libXcomposite
|
||||
xorg.libXcursor
|
||||
xorg.libXdamage
|
||||
xorg.libXext
|
||||
xorg.libXfixes
|
||||
xorg.libXi
|
||||
xorg.libXrandr
|
||||
xorg.libXrender
|
||||
xorg.libXtst
|
||||
xorg.libxkbfile
|
||||
xorg.libxshmfence
|
||||
zlib
|
||||
];
|
||||
rpath = lib.makeLibraryPath deps;
|
||||
in
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "appgate-sdp";
|
||||
version = "5.4.2";
|
||||
|
||||
src = fetchurl {
|
||||
url = "https://bin.appgate-sdp.com/${lib.versions.majorMinor version}/client/appgate-sdp_${version}_amd64.deb";
|
||||
url = "https://bin.appgate-sdp.com/${versions.majorMinor version}/client/appgate-sdp_${version}_amd64.deb";
|
||||
sha256 = "sha256-wAhcTRO/Cd4MG1lfPNDq92yGcu3NOfymucddy92VaXo=";
|
||||
};
|
||||
|
||||
# just patch interpreter
|
||||
autoPatchelfIgnoreMissingDeps = true;
|
||||
dontConfigure = true;
|
||||
dontBuild = true;
|
||||
enableParallelBuilding = true;
|
||||
|
||||
buildInputs = [
|
||||
python37
|
||||
|
|
@ -116,6 +106,7 @@ stdenv.mkDerivation rec {
|
|||
];
|
||||
|
||||
nativeBuildInputs = [
|
||||
autoPatchelfHook
|
||||
makeWrapper
|
||||
dpkg
|
||||
];
|
||||
|
|
@ -125,62 +116,39 @@ stdenv.mkDerivation rec {
|
|||
'';
|
||||
|
||||
installPhase = ''
|
||||
mkdir -p $out/bin
|
||||
ln -s "$out/opt/appgate/appgate" "$out/bin/appgate"
|
||||
cp -r $out/usr/share $out/share
|
||||
|
||||
for file in $out/opt/appgate/linux/appgate-resolver.pre \
|
||||
$out/opt/appgate/linux/appgate-dumb-resolver.pre
|
||||
do
|
||||
substituteInPlace $file \
|
||||
--replace "/bin/sh" "${bash}/bin/sh" \
|
||||
--replace "cat" "${coreutils}/bin/cat" \
|
||||
--replace "chattr" "${e2fsprogs}/bin/chattr" \
|
||||
--replace "mv " "${coreutils}/bin/mv " \
|
||||
--replace "pkill" "${procps}/bin/pkill"
|
||||
done
|
||||
|
||||
for file in $out/lib/systemd/system/appgatedriver.service \
|
||||
$out/lib/systemd/system/appgate-dumb-resolver.service \
|
||||
$out/lib/systemd/system/appgate-resolver.service
|
||||
do
|
||||
substituteInPlace $file \
|
||||
--replace "/bin/sh" "${bash}/bin/sh" \
|
||||
--replace "/opt/" "$out/opt/" \
|
||||
--replace "chattr" "${e2fsprogs}/bin/chattr" \
|
||||
--replace "mv " "${coreutils}/bin/mv "
|
||||
done
|
||||
substituteInPlace $out/lib/systemd/system/appgate-dumb-resolver.service \
|
||||
--replace "/opt/" "$out/opt/"
|
||||
|
||||
substituteInPlace $out/lib/systemd/system/appgatedriver.service \
|
||||
--replace "/opt/" "$out/opt/" \
|
||||
--replace "InaccessiblePaths=/mnt /srv /boot /media" "InaccessiblePaths=-/mnt -/srv -/boot -/media"
|
||||
|
||||
substituteInPlace $out/lib/systemd/system/appgate-resolver.service \
|
||||
--replace "/usr/sbin/dnsmasq" "${dnsmasq}/bin/dnsmasq" \
|
||||
--replace "/opt/" "$out/opt/"
|
||||
|
||||
substituteInPlace $out/opt/appgate/linux/nm.py \
|
||||
--replace "/usr/sbin/dnsmasq" "${dnsmasq}/bin/dnsmasq"
|
||||
|
||||
substituteInPlace $out/opt/appgate/linux/nm.py --replace "/usr/sbin/dnsmasq" "${dnsmasq}/bin/dnsmasq"
|
||||
substituteInPlace $out/opt/appgate/linux/set_dns --replace "/etc/appgate.conf" "$out/etc/appgate.conf"
|
||||
substituteInPlace $out/opt/appgate/linux/set_dns \
|
||||
--replace "/etc/appgate.conf" "$out/etc/appgate.conf"
|
||||
|
||||
'';
|
||||
wrapProgram $out/opt/appgate/service/createdump \
|
||||
--set LD_LIBRARY_PATH "${makeLibraryPath [ stdenv.cc.cc ]}"
|
||||
|
||||
postFixup = ''
|
||||
find $out -type f -name "*.so" -exec patchelf --set-rpath '$ORIGIN:${rpath}' {} \;
|
||||
for binary in $out/opt/appgate/appgate-driver \
|
||||
$out/opt/appgate/appgate \
|
||||
$out/opt/appgate/service/createdump \
|
||||
$out/opt/appgate/service/appgateservice.bin
|
||||
do
|
||||
patchelf --set-interpreter "$(cat $NIX_CC/nix-support/dynamic-linker)" --set-rpath "$ORIGIN:$out/opt/appgate/service/:$out/opt/appgate/:${rpath}" $binary
|
||||
done
|
||||
wrapProgram $out/opt/appgate/appgate-driver \
|
||||
--prefix PATH : ${makeBinPath [ iproute2 networkmanager dnsmasq ]} \
|
||||
--set LD_LIBRARY_PATH $out/opt/appgate/service
|
||||
|
||||
# fail if there are missing dependencies
|
||||
ldd $out/opt/appgate/appgate | grep -i 'not found' && exit 1
|
||||
ldd $out/opt/appgate/service/appgateservice.bin | grep -i 'not found' && exit 1
|
||||
ldd $out/opt/appgate/appgate-driver | grep -i 'not found' && exit 1
|
||||
makeWrapper $out/opt/appgate/Appgate $out/bin/appgate \
|
||||
--prefix PATH : ${makeBinPath [ xdg-utils ]} \
|
||||
--set LD_LIBRARY_PATH $out/opt/appgate:${makeLibraryPath deps}
|
||||
|
||||
wrapProgram $out/opt/appgate/appgate-driver --prefix PATH : ${lib.makeBinPath [ iproute2 networkmanager dnsmasq ]}
|
||||
wrapProgram $out/opt/appgate/linux/set_dns --set PYTHONPATH $PYTHONPATH
|
||||
wrapProgram $out/bin/appgate --prefix PATH : ${lib.makeBinPath [ xdg-utils ]}
|
||||
'';
|
||||
|
||||
meta = with lib; {
|
||||
description = "Appgate SDP (Software Defined Perimeter) desktop client";
|
||||
homepage = "https://www.appgate.com/support/software-defined-perimeter-support";
|
||||
|
|
@ -189,3 +157,4 @@ stdenv.mkDerivation rec {
|
|||
maintainers = with maintainers; [ ymatsiuk ];
|
||||
};
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Reference in a new issue