From e33a3e4c7aad4c07de28255def12f962f8cb2437 Mon Sep 17 00:00:00 2001 From: Doron Behar Date: Sat, 2 Mar 2024 18:29:51 +0200 Subject: [PATCH 1/2] ssh-openpgp-auth: init at 0.2.2 https://codeberg.org/wiktor/ssh-openpgp-auth --- pkgs/by-name/ss/ssh-openpgp-auth/generic.nix | 82 ++++++++++++++++++++ pkgs/by-name/ss/ssh-openpgp-auth/package.nix | 10 +++ 2 files changed, 92 insertions(+) create mode 100644 pkgs/by-name/ss/ssh-openpgp-auth/generic.nix create mode 100644 pkgs/by-name/ss/ssh-openpgp-auth/package.nix diff --git a/pkgs/by-name/ss/ssh-openpgp-auth/generic.nix b/pkgs/by-name/ss/ssh-openpgp-auth/generic.nix new file mode 100644 index 000000000000..5fadd5798ae8 --- /dev/null +++ b/pkgs/by-name/ss/ssh-openpgp-auth/generic.nix @@ -0,0 +1,82 @@ +# This file is based upon upstream's package.nix shared among both +# "ssh-openpgp-auth" and "sshd-openpgpg-auth" +{ lib +, rustPlatform +, fetchFromGitea +, pkg-config +, just +, rust-script +, installShellFiles +, bzip2 +, nettle +, openssl +, sqlite +, stdenv +, darwin +, openssh +# Arguments not supplied by callPackage +, pname , version , srcHash , cargoHash, metaDescription +}: + +rustPlatform.buildRustPackage { + inherit pname version; + + src = fetchFromGitea { + domain = "codeberg.org"; + owner = "wiktor"; + repo = "ssh-openpgp-auth"; + # See also: https://codeberg.org/wiktor/ssh-openpgp-auth/pulls/92#issuecomment-1635274 + rev = "${pname}/${version}"; + hash = srcHash; + }; + buildAndTestSubdir = pname; + inherit cargoHash; + + nativeBuildInputs = [ + pkg-config + rustPlatform.bindgenHook + just + rust-script + installShellFiles + ]; + # Otherwise just's build, check and install phases take precedence over + # buildRustPackage's phases. + dontUseJustBuild = true; + dontUseJustCheck = true; + dontUseJustInstall = true; + + postInstall = '' + export HOME=$(mktemp -d) + just generate manpages ${pname} $out/share/man/man1 + just generate shell_completions ${pname} shell_completions + installShellCompletion --cmd ${pname} \ + --bash shell_completions/${pname}.bash \ + --fish shell_completions/${pname}.fish \ + --zsh shell_completions/_${pname} + ''; + + + buildInputs = [ + nettle + openssl + sqlite + ] ++ lib.optionals stdenv.isDarwin [ + darwin.apple_sdk_11_0.frameworks.CoreFoundation + darwin.apple_sdk_11_0.frameworks.IOKit + darwin.apple_sdk_11_0.frameworks.Security + darwin.apple_sdk_11_0.frameworks.SystemConfiguration + ]; + + doCheck = true; + nativeCheckInputs = [ + openssh + ]; + + meta = with lib; { + description = metaDescription; + homepage = "https://codeberg.org/wiktor/ssh-openpgp-auth"; + license = with licenses; [ mit /* or */ asl20 ]; + maintainers = with maintainers; [ doronbehar ]; + mainProgram = pname; + }; +} diff --git a/pkgs/by-name/ss/ssh-openpgp-auth/package.nix b/pkgs/by-name/ss/ssh-openpgp-auth/package.nix new file mode 100644 index 000000000000..53509cc0d05c --- /dev/null +++ b/pkgs/by-name/ss/ssh-openpgp-auth/package.nix @@ -0,0 +1,10 @@ +{ callPackage }: + +callPackage ./generic.nix { + pname = "ssh-openpgp-auth"; + version = "0.2.2"; + srcHash = "sha256-5ew6jT6Zr54QYaWFQIGYXd8sqC3yHHZjPfoaCossm8o="; + cargoHash = "sha256-/k/XAp7PHIJaJWf4Oa1JC1mMSR5pyeM4SSPCcr77cAg="; + metaDescription = + "Command-line tool that provides client-side functionality to transparently verify the identity of remote SSH hosts"; +} From 88c9301627b0e216d6db9c5292c9109811fed576 Mon Sep 17 00:00:00 2001 From: Doron Behar Date: Sat, 2 Mar 2024 18:35:41 +0200 Subject: [PATCH 2/2] sshd-openpgp-auth: init at 0.3.0 https://codeberg.org/wiktor/ssh-openpgp-auth --- pkgs/by-name/ss/ssh-openpgp-auth/daemon.nix | 14 ++++++++++++++ pkgs/top-level/all-packages.nix | 2 ++ 2 files changed, 16 insertions(+) create mode 100644 pkgs/by-name/ss/ssh-openpgp-auth/daemon.nix diff --git a/pkgs/by-name/ss/ssh-openpgp-auth/daemon.nix b/pkgs/by-name/ss/ssh-openpgp-auth/daemon.nix new file mode 100644 index 000000000000..d25b12ef6a64 --- /dev/null +++ b/pkgs/by-name/ss/ssh-openpgp-auth/daemon.nix @@ -0,0 +1,14 @@ +# Ideally, this file would have been placed in +# pkgs/by-name/ss/sshd-openpgp-auth/package.nix, but since `./generic.nix` is +# outside of the directory, the nixpkgs-check-by-name test will fail the CI. So +# we call this file in all-packages.nix like in the old days. +{ callPackage }: + +callPackage ./generic.nix { + pname = "sshd-openpgp-auth"; + version = "0.3.0"; + srcHash = "sha256-IV0Nhdqyn12HDOp1jaKz3sKTI3ktFd5b6qybCLWt27I="; + cargoHash = "sha256-/+lZkVMeFUMRD7NQ/MHDU5f3rkKDx1kDv5tjA41RExc="; + metaDescription = + "Command-line tool for creating and managing OpenPGP based trust anchors for SSH host keys"; +} diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index e6a31b7f7699..57d3410d1aa4 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -11643,6 +11643,8 @@ with pkgs; ssh-copy-id = callPackage ../tools/networking/openssh/copyid.nix { }; + sshd-openpgp-auth = callPackage ../by-name/ss/ssh-openpgp-auth/daemon.nix { }; + opensp = callPackage ../tools/text/sgml/opensp { }; opentofu = callPackage ../applications/networking/cluster/opentofu { };