nixpkgs/pkgs/tools/networking/easyrsa/default.nix

{ lib, stdenv, fetchFromGitHub, openssl, runtimeShell }:

let
  version = "3.0.8";
in stdenv.mkDerivation {
  pname = "easyrsa";
  inherit version;

  src = fetchFromGitHub {
    owner = "OpenVPN";
    repo = "easy-rsa";
    rev = "v${version}";
    sha256 = "05q60s343ydh9j6hzj0840qdcq8fkyz06q68yw4pqgqg4w68rbgs";
  };

  patches = [ ./fix-paths.patch ];

  installPhase = ''
    mkdir -p $out/share/easyrsa
    cp -r easyrsa3/{*.cnf,x509-types,vars.example} $out/share/easyrsa
    cp easyrsa3/openssl-easyrsa.cnf $out/share/easyrsa/safessl-easyrsa.cnf
    install -D -m755 easyrsa3/easyrsa $out/bin/easyrsa
    substituteInPlace $out/bin/easyrsa \
      --subst-var out \
      --subst-var-by openssl ${openssl.bin}/bin/openssl

    # Helper utility
    cat > $out/bin/easyrsa-init <<EOF
    #!${runtimeShell} -e
    cp -r $out/share/easyrsa/* .
    EOF
    chmod +x $out/bin/easyrsa-init
  '';

  meta = with lib; {
    description = "Simple shell based CA utility";
    homepage = "https://openvpn.net/";
    license = licenses.gpl2;
    maintainers = [ maintainers.offline maintainers.numinit ];
    platforms = platforms.unix;
  };
}
treewide: with stdenv.lib; in meta -> with lib; Part of: https://github.com/NixOS/nixpkgs/issues/108938 meta = with stdenv.lib; is a widely used pattern. We want to slowly remove the `stdenv.lib` indirection and encourage people to use `lib` directly. Thus let’s start with the meta field. This used a rewriting script to mostly automatically replace all occurances of this pattern, and add the `lib` argument to the package header if it doesn’t exist yet. The script in its current form is available at https://cs.tvl.fyi/depot@2f807d7f141068d2d60676a89213eaa5353ca6e0/-/blob/users/Profpatsch/nixpkgs-rewriter/default.nix 2021-01-11 07:54:33 +00:00			`{ lib, stdenv, fetchFromGitHub, openssl, runtimeShell }:`
easyrsa: 2.2.0 -> 3.0.0 2016-01-05 18:55:33 +00:00
			`let`
easyrsa: 3.0.0 -> 3.0.8 2020-08-23 02:19:39 +01:00			`version = "3.0.8";`
treewide: remove redundant rec 2019-08-13 22:52:01 +01:00			`in stdenv.mkDerivation {`
treewide: name -> pname 2019-08-13 22:52:01 +01:00			`pname = "easyrsa";`
			`inherit version;`
easyrsa: 2.2.0 -> 3.0.0 2016-01-05 18:55:33 +00:00
			`src = fetchFromGitHub {`
			`owner = "OpenVPN";`
			`repo = "easy-rsa";`
			`rev = "v${version}";`
easyrsa: 3.0.0 -> 3.0.8 2020-08-23 02:19:39 +01:00			`sha256 = "05q60s343ydh9j6hzj0840qdcq8fkyz06q68yw4pqgqg4w68rbgs";`
Add easyrsa 2013-07-10 20:00:56 +01:00			`};`

easyrsa: 2.2.0 -> 3.0.0 2016-01-05 18:55:33 +00:00			`patches = [ ./fix-paths.patch ];`

			`installPhase = ''`
			`mkdir -p $out/share/easyrsa`
easyrsa: 3.0.0 -> 3.0.8 2020-08-23 02:19:39 +01:00			`cp -r easyrsa3/{*.cnf,x509-types,vars.example} $out/share/easyrsa`
			`cp easyrsa3/openssl-easyrsa.cnf $out/share/easyrsa/safessl-easyrsa.cnf`
easyrsa: 2.2.0 -> 3.0.0 2016-01-05 18:55:33 +00:00			`install -D -m755 easyrsa3/easyrsa $out/bin/easyrsa`
			`substituteInPlace $out/bin/easyrsa \`
			`--subst-var out \`
treewide: Mass replace 'openssl}/bin' to refer the 'bin' output 2016-02-01 18:46:16 +00:00			`--subst-var-by openssl ${openssl.bin}/bin/openssl`
easyrsa: 2.2.0 -> 3.0.0 2016-01-05 18:55:33 +00:00
			`# Helper utility`
			`cat > $out/bin/easyrsa-init <<EOF`
treewide: use runtimeShell instead of stdenv.shell whenever possible Whenever we create scripts that are installed to $out, we must use runtimeShell in order to get the shell that can be executed on the machine we create the package for. This is relevant for cross-compiling. The only use case for stdenv.shell are scripts that are executed as part of the build system. Usages in checkPhase are borderline however to decrease the likelyhood of people copying the wrong examples, I decided to use runtimeShell as well. 2019-02-26 11:45:54 +00:00			`#!${runtimeShell} -e`
easyrsa: 2.2.0 -> 3.0.0 2016-01-05 18:55:33 +00:00			`cp -r $out/share/easyrsa/* .`
			`EOF`
			`chmod +x $out/bin/easyrsa-init`
Add easyrsa 2013-07-10 20:00:56 +01:00			`'';`

treewide: with stdenv.lib; in meta -> with lib; Part of: https://github.com/NixOS/nixpkgs/issues/108938 meta = with stdenv.lib; is a widely used pattern. We want to slowly remove the `stdenv.lib` indirection and encourage people to use `lib` directly. Thus let’s start with the meta field. This used a rewriting script to mostly automatically replace all occurances of this pattern, and add the `lib` argument to the package header if it doesn’t exist yet. The script in its current form is available at https://cs.tvl.fyi/depot@2f807d7f141068d2d60676a89213eaa5353ca6e0/-/blob/users/Profpatsch/nixpkgs-rewriter/default.nix 2021-01-11 07:54:33 +00:00			`meta = with lib; {`
Add easyrsa 2013-07-10 20:00:56 +01:00			`description = "Simple shell based CA utility";`
treewide: Per RFC45, remove all unquoted URLs 2020-04-01 02:11:51 +01:00			`homepage = "https://openvpn.net/";`
Add easyrsa 2013-07-10 20:00:56 +01:00			`license = licenses.gpl2;`
easyrsa: 3.0.0 -> 3.0.8 2020-08-23 02:19:39 +01:00			`maintainers = [ maintainers.offline maintainers.numinit ];`
easyrsa: add support for darwin 2018-10-14 04:10:21 +01:00			`platforms = platforms.unix;`
Add easyrsa 2013-07-10 20:00:56 +01:00			`};`
			`}`