nixpkgs/pkgs/tools/networking/acme-client/default.nix

32 lines
687 B
Nix
Raw Normal View History

2021-01-15 09:19:50 +00:00
{ lib, stdenv
, fetchurl
2018-01-18 04:55:38 +00:00
, libbsd
, libressl
2021-01-17 03:51:22 +00:00
, pkg-config
2018-01-18 04:55:38 +00:00
}:
2021-01-15 09:19:50 +00:00
with lib;
2018-01-18 04:55:38 +00:00
stdenv.mkDerivation rec {
pname = "acme-client";
2021-03-04 21:59:53 +00:00
version = "1.2.0";
2018-01-18 04:55:38 +00:00
src = fetchurl {
url = "https://data.wolfsden.cz/sources/acme-client-${version}.tar.xz";
2021-03-04 21:59:53 +00:00
sha256 = "sha256-fRSYwQmyV0WapjUJNG0UGO/tUDNTGUraj/BWq/a1QTo=";
2018-01-18 04:55:38 +00:00
};
2021-01-17 03:51:22 +00:00
nativeBuildInputs = [ pkg-config ];
buildInputs = [ libbsd libressl ];
2018-01-18 04:55:38 +00:00
acme-client: 0.1.16 -> 0.2.4 * acme-client: 0.1.16 -> 0.2.3 (#71853) The upstream acme-client that used to be at [1] has now been integrated into OpenBSD, and the portable version that it links to at [2] is marked as unmaintained. However, letsencrypt.org links to [3] for a portable version, and indeed, that repository contains a version that has recent activity, so I switched over to that. It is hard to tell what the difference is between the OpenBSD version and what is on Github, and even if that would be easy, there are a lot of Linux-specific changes. This program is dealing with certificates, so I feel it is important to at least check that thare are no obviously unintended differences between the previous version and the new, but I don't know of a good way of doing that at this point. I will continue to investigate before I open a pull request. [1]: https://kristaps.bsd.lv/acme-client/ [2]: https://github.com/kristapsdz/acme-client-portable [3]: https://github.com/graywolf/acme-client-portable * acme-client: fix Linux build of new upstream The new source does not include a configure script in the repository, but we can generate it with automake. Also, the new acme-client-portable has an OpenSSL compatibility layer, but that actually breaks building against LibreSSL. Avoid this issue by patching the compatibility layer to be less eager to define things when linking against LibreSSL. I will also submit a pull request for that upstream. I don't expect this to work on Darwin, and the current package suggests it does, but if the upstream (portable) version is no longer maintained, for Darwin, perhaps we should just drop support for it. But maybe it will just work, CI or somebody with a Darwin system will have to try. * acme-client: 0.2.3 -> 0.2.4 My LibreSSL compatibility patch has been merged upstream into acme-client-portable, and version 0.2.4 that includes it has been released, so we can remove the patch here. * acme-client: address review feedback * Replace the manual autoreconf invocation with autoreconfHook. * Remove DEFAULT_CA_FILE, which no longer affects the build.
2019-11-03 15:23:11 +00:00
makeFlags = [ "PREFIX=${placeholder "out"}" ];
2018-01-18 04:55:38 +00:00
meta = {
homepage = "https://sr.ht/~graywolf/acme-client-portable/";
2018-01-18 04:55:38 +00:00
description = "Secure ACME/Let's Encrypt client";
platforms = platforms.unix;
license = licenses.isc;
maintainers = with maintainers; [ pmahoney ];
};
}