diff --git a/pkgs/by-name/ss/ssh-openpgp-auth/daemon.nix b/pkgs/by-name/ss/ssh-openpgp-auth/daemon.nix new file mode 100644 index 000000000000..d25b12ef6a64 --- /dev/null +++ b/pkgs/by-name/ss/ssh-openpgp-auth/daemon.nix @@ -0,0 +1,14 @@ +# Ideally, this file would have been placed in +# pkgs/by-name/ss/sshd-openpgp-auth/package.nix, but since `./generic.nix` is +# outside of the directory, the nixpkgs-check-by-name test will fail the CI. So +# we call this file in all-packages.nix like in the old days. +{ callPackage }: + +callPackage ./generic.nix { + pname = "sshd-openpgp-auth"; + version = "0.3.0"; + srcHash = "sha256-IV0Nhdqyn12HDOp1jaKz3sKTI3ktFd5b6qybCLWt27I="; + cargoHash = "sha256-/+lZkVMeFUMRD7NQ/MHDU5f3rkKDx1kDv5tjA41RExc="; + metaDescription = + "Command-line tool for creating and managing OpenPGP based trust anchors for SSH host keys"; +} diff --git a/pkgs/by-name/ss/ssh-openpgp-auth/generic.nix b/pkgs/by-name/ss/ssh-openpgp-auth/generic.nix new file mode 100644 index 000000000000..5fadd5798ae8 --- /dev/null +++ b/pkgs/by-name/ss/ssh-openpgp-auth/generic.nix @@ -0,0 +1,82 @@ +# This file is based upon upstream's package.nix shared among both +# "ssh-openpgp-auth" and "sshd-openpgpg-auth" +{ lib +, rustPlatform +, fetchFromGitea +, pkg-config +, just +, rust-script +, installShellFiles +, bzip2 +, nettle +, openssl +, sqlite +, stdenv +, darwin +, openssh +# Arguments not supplied by callPackage +, pname , version , srcHash , cargoHash, metaDescription +}: + +rustPlatform.buildRustPackage { + inherit pname version; + + src = fetchFromGitea { + domain = "codeberg.org"; + owner = "wiktor"; + repo = "ssh-openpgp-auth"; + # See also: https://codeberg.org/wiktor/ssh-openpgp-auth/pulls/92#issuecomment-1635274 + rev = "${pname}/${version}"; + hash = srcHash; + }; + buildAndTestSubdir = pname; + inherit cargoHash; + + nativeBuildInputs = [ + pkg-config + rustPlatform.bindgenHook + just + rust-script + installShellFiles + ]; + # Otherwise just's build, check and install phases take precedence over + # buildRustPackage's phases. + dontUseJustBuild = true; + dontUseJustCheck = true; + dontUseJustInstall = true; + + postInstall = '' + export HOME=$(mktemp -d) + just generate manpages ${pname} $out/share/man/man1 + just generate shell_completions ${pname} shell_completions + installShellCompletion --cmd ${pname} \ + --bash shell_completions/${pname}.bash \ + --fish shell_completions/${pname}.fish \ + --zsh shell_completions/_${pname} + ''; + + + buildInputs = [ + nettle + openssl + sqlite + ] ++ lib.optionals stdenv.isDarwin [ + darwin.apple_sdk_11_0.frameworks.CoreFoundation + darwin.apple_sdk_11_0.frameworks.IOKit + darwin.apple_sdk_11_0.frameworks.Security + darwin.apple_sdk_11_0.frameworks.SystemConfiguration + ]; + + doCheck = true; + nativeCheckInputs = [ + openssh + ]; + + meta = with lib; { + description = metaDescription; + homepage = "https://codeberg.org/wiktor/ssh-openpgp-auth"; + license = with licenses; [ mit /* or */ asl20 ]; + maintainers = with maintainers; [ doronbehar ]; + mainProgram = pname; + }; +} diff --git a/pkgs/by-name/ss/ssh-openpgp-auth/package.nix b/pkgs/by-name/ss/ssh-openpgp-auth/package.nix new file mode 100644 index 000000000000..53509cc0d05c --- /dev/null +++ b/pkgs/by-name/ss/ssh-openpgp-auth/package.nix @@ -0,0 +1,10 @@ +{ callPackage }: + +callPackage ./generic.nix { + pname = "ssh-openpgp-auth"; + version = "0.2.2"; + srcHash = "sha256-5ew6jT6Zr54QYaWFQIGYXd8sqC3yHHZjPfoaCossm8o="; + cargoHash = "sha256-/k/XAp7PHIJaJWf4Oa1JC1mMSR5pyeM4SSPCcr77cAg="; + metaDescription = + "Command-line tool that provides client-side functionality to transparently verify the identity of remote SSH hosts"; +} diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 22ab2982520d..023a1ae4c0be 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -11573,6 +11573,8 @@ with pkgs; ssh-copy-id = callPackage ../tools/networking/openssh/copyid.nix { }; + sshd-openpgp-auth = callPackage ../by-name/ss/ssh-openpgp-auth/daemon.nix { }; + opensp = callPackage ../tools/text/sgml/opensp { }; opentofu = callPackage ../applications/networking/cluster/opentofu { };