Merge pull request #78615 from msteen/bitwarden_rs

bitwarden_rs: 1.9.1 -> 1.13.1
2020-01-30 11:02:48 +00:00 · 2020-01-30 11:02:48 +00:00 · d72905c58b
commit d72905c58b
parent 8539d5f48f 44dff89215
4 changed files with 58 additions and 85 deletions
--- a/nixos/modules/services/security/bitwarden_rs/default.nix
+++ b/nixos/modules/services/security/bitwarden_rs/default.nix
@ -18,15 +18,33 @@ let
        else key + toUpper x) "" parts;
    in if builtins.match "[A-Z0-9_]+" name != null then name else partsToEnvVar parts;

-  configFile = pkgs.writeText "bitwarden_rs.env" (concatMapStrings (s: s + "\n") (
-    (concatLists (mapAttrsToList (name: value:
-      if value != null then [ "${nameToEnvVar name}=${if isBool value then boolToString value else toString value}" ] else []
-    ) cfg.config))));
+  # Due to the different naming schemes allowed for config keys,
+  # we can only check for values consistently after converting them to their corresponding environment variable name.
+  configEnv =
+    let
+      configEnv = listToAttrs (concatLists (mapAttrsToList (name: value:
+        if value != null then [ (nameValuePair (nameToEnvVar name) (if isBool value then boolToString value else toString value)) ] else []
+      ) cfg.config));
+    in { DATA_FOLDER = "/var/lib/bitwarden_rs"; } // optionalAttrs (!(configEnv ? WEB_VAULT_ENABLED) || configEnv.WEB_VAULT_ENABLED == "true") {
+      WEB_VAULT_FOLDER = "${pkgs.bitwarden_rs-vault}/share/bitwarden_rs/vault";
+    } // configEnv;
+
+  configFile = pkgs.writeText "bitwarden_rs.env" (concatStrings (mapAttrsToList (name: value: "${name}=${value}\n") configEnv));
+
+  bitwarden_rs = pkgs.bitwarden_rs.override { inherit (cfg) dbBackend; };

 in {
  options.services.bitwarden_rs = with types; {
    enable = mkEnableOption "bitwarden_rs";

+    dbBackend = mkOption {
+      type = enum [ "sqlite" "mysql" "postgresql" ];
+      default = "sqlite";
+      description = ''
+        Which database backend bitwarden_rs will be using.
+      '';
+    };
+
    backupDir = mkOption {
      type = nullOr str;
      default = null;
@ -56,23 +74,20 @@ in {
        even though foo2 would have been converted to FOO_2.
        This allows working around any potential future conflicting naming conventions.

-        Based on the attributes passed to this config option a environment file will be generated
+        Based on the attributes passed to this config option an environment file will be generated
        that is passed to bitwarden_rs's systemd service.

        The available configuration options can be found in
-        <link xlink:href="https://github.com/dani-garcia/bitwarden_rs/blob/1.8.0/.env.template">the environment template file</link>.
+        <link xlink:href="https://github.com/dani-garcia/bitwarden_rs/blob/${bitwarden_rs.version}/.env.template">the environment template file</link>.
      '';
-      apply = config: optionalAttrs config.webVaultEnabled {
-        webVaultFolder = "${pkgs.bitwarden_rs-vault}/share/bitwarden_rs/vault";
-      } // config;
    };
  };

  config = mkIf cfg.enable {
-    services.bitwarden_rs.config = {
-      dataFolder = "/var/lib/bitwarden_rs";
-      webVaultEnabled = mkDefault true;
-    };
+    assertions = [ {
+      assertion = cfg.backupDir != null -> cfg.dbBackend == "sqlite";
+      message = "Backups for database backends other than sqlite will need customization";
+    } ];

    users.users.bitwarden_rs = {
      inherit group;
@ -87,7 +102,7 @@ in {
        User = user;
        Group = group;
        EnvironmentFile = configFile;
-        ExecStart = "${pkgs.bitwarden_rs}/bin/bitwarden_rs";
+        ExecStart = "${bitwarden_rs}/bin/bitwarden_rs";
        LimitNOFILE = "1048576";
        LimitNPROC = "64";
        PrivateTmp = "true";
@ -109,6 +124,7 @@ in {
      path = with pkgs; [ sqlite ];
      serviceConfig = {
        SyslogIdentifier = "backup-bitwarden_rs";
+        Type = "oneshot";
        User = mkDefault user;
        Group = mkDefault group;
        ExecStart = "${pkgs.bash}/bin/bash ${./backup.sh}";
--- a/pkgs/tools/security/bitwarden_rs/cargo-lock-lettre.patch
+++ b/pkgs/tools/security/bitwarden_rs/cargo-lock-lettre.patch
@ -1,58 +0,0 @@
-diff --git a/Cargo.lock b/Cargo.lock
-index 2e0b695..6d23410 100644
--- a/Cargo.lock
-+++ b/Cargo.lock
-@@ -114,8 +114,8 @@ dependencies = [
-  "handlebars 1.1.0 (registry+https://github.com/rust-lang/crates.io-index)",
-  "jsonwebtoken 6.0.1 (registry+https://github.com/rust-lang/crates.io-index)",
-  "lazy_static 1.3.0 (registry+https://github.com/rust-lang/crates.io-index)",
- "lettre 0.9.1 (registry+https://github.com/rust-lang/crates.io-index)",
- "lettre_email 0.9.1 (registry+https://github.com/rust-lang/crates.io-index)",
-+ "lettre 0.9.2 (registry+https://github.com/rust-lang/crates.io-index)",
-+ "lettre_email 0.9.2 (registry+https://github.com/rust-lang/crates.io-index)",
-  "libsqlite3-sys 0.12.0 (registry+https://github.com/rust-lang/crates.io-index)",
-  "log 0.4.6 (registry+https://github.com/rust-lang/crates.io-index)",
-  "multipart 0.16.1 (registry+https://github.com/rust-lang/crates.io-index)",
-@@ -1007,13 +1007,11 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
- 
- [[package]]
- name = "lettre"
-version = "0.9.1"
-+version = "0.9.2"
- source = "registry+https://github.com/rust-lang/crates.io-index"
- dependencies = [
-  "base64 0.10.1 (registry+https://github.com/rust-lang/crates.io-index)",
-  "bufstream 0.1.4 (registry+https://github.com/rust-lang/crates.io-index)",
- "failure 0.1.5 (registry+https://github.com/rust-lang/crates.io-index)",
- "failure_derive 0.1.5 (registry+https://github.com/rust-lang/crates.io-index)",
-  "fast_chemail 0.9.6 (registry+https://github.com/rust-lang/crates.io-index)",
-  "hostname 0.1.5 (registry+https://github.com/rust-lang/crates.io-index)",
-  "log 0.4.6 (registry+https://github.com/rust-lang/crates.io-index)",
-@@ -1026,14 +1024,12 @@ dependencies = [
- 
- [[package]]
- name = "lettre_email"
-version = "0.9.1"
-+version = "0.9.2"
- source = "registry+https://github.com/rust-lang/crates.io-index"
- dependencies = [
-  "base64 0.10.1 (registry+https://github.com/rust-lang/crates.io-index)",
-  "email 0.0.20 (registry+https://github.com/rust-lang/crates.io-index)",
- "failure 0.1.5 (registry+https://github.com/rust-lang/crates.io-index)",
- "failure_derive 0.1.5 (registry+https://github.com/rust-lang/crates.io-index)",
- "lettre 0.9.1 (registry+https://github.com/rust-lang/crates.io-index)",
-+ "lettre 0.9.2 (registry+https://github.com/rust-lang/crates.io-index)",
-  "mime 0.3.13 (registry+https://github.com/rust-lang/crates.io-index)",
-  "time 0.1.42 (registry+https://github.com/rust-lang/crates.io-index)",
-  "uuid 0.7.4 (registry+https://github.com/rust-lang/crates.io-index)",
-@@ -2858,8 +2854,8 @@ dependencies = [
- "checksum language-tags 0.2.2 (registry+https://github.com/rust-lang/crates.io-index)" = "a91d884b6667cd606bb5a69aa0c99ba811a115fc68915e7056ec08a46e93199a"
- "checksum lazy_static 1.3.0 (registry+https://github.com/rust-lang/crates.io-index)" = "bc5729f27f159ddd61f4df6228e827e86643d4d3e7c32183cb30a1c08f604a14"
- "checksum lazycell 1.2.1 (registry+https://github.com/rust-lang/crates.io-index)" = "b294d6fa9ee409a054354afc4352b0b9ef7ca222c69b8812cbea9e7d2bf3783f"
-"checksum lettre 0.9.1 (registry+https://github.com/rust-lang/crates.io-index)" = "646aee0a55545eaffdf0df1ac19b500b51adb3095ec4dfdc704134e56ea23531"
-"checksum lettre_email 0.9.1 (registry+https://github.com/rust-lang/crates.io-index)" = "ae1b3d43e4bb7beb9974a359cbb3ea4f93dfba6c1c0c6e9c9f82e538e0f9ab9f"
-+"checksum lettre 0.9.2 (registry+https://github.com/rust-lang/crates.io-index)" = "c66afaa5dfadbb81d4e00fd1d1ab057c7cd4c799c5a44e0009386d553587e728"
-+"checksum lettre_email 0.9.2 (registry+https://github.com/rust-lang/crates.io-index)" = "bbb68ca999042d965476e47bbdbacd52db0927348b6f8062c44dd04a3b1fd43b"
- "checksum libc 0.2.55 (registry+https://github.com/rust-lang/crates.io-index)" = "42914d39aad277d9e176efbdad68acb1d5443ab65afe0e0e4f0d49352a950880"
- "checksum libsqlite3-sys 0.12.0 (registry+https://github.com/rust-lang/crates.io-index)" = "fd6457c70bbff456d9fe49deaba35ec47c3e598bf8d7950ff0575ceb7a8a6ad1"
- "checksum lock_api 0.1.5 (registry+https://github.com/rust-lang/crates.io-index)" = "62ebf1391f6acad60e5c8b43706dde4582df75c06698ab44511d15016bc2442c"
--- a/pkgs/tools/security/bitwarden_rs/default.nix
+++ b/pkgs/tools/security/bitwarden_rs/default.nix
@ -1,31 +1,43 @@
-{ stdenv, rustPlatform, fetchFromGitHub, pkgconfig, openssl, Security, CoreServices }:
+{ stdenv, rustPlatform, fetchFromGitHub
+, pkgconfig, openssl
+, Security, CoreServices
+, dbBackend ? "sqlite", libmysqlclient, postgresql }:

-rustPlatform.buildRustPackage rec {
+let
+  featuresFlag = "--features ${dbBackend}";
+
+in rustPlatform.buildRustPackage rec {
  pname = "bitwarden_rs";
-  version = "1.9.1";
+  version = "1.13.1";

  src = fetchFromGitHub {
    owner = "dani-garcia";
    repo = pname;
    rev = version;
-    sha256 = "0jfb4b2lp2v01aw615lx0qj1qh73hyrbjn9kva7zqp74wcfw12gp";
+    sha256 = "0af8cnpx86a096m59wmszcfyrfgf7adlqr39phbg647mgjfzwcrk";
  };

-  cargoPatches = [
-    # type annotations required: cannot resolve `std::string::String: std::convert::AsRef<_>`
-    ./cargo-lock-lettre.patch
-  ];
-
  nativeBuildInputs = [ pkgconfig ];
-  buildInputs = [ openssl ] ++ stdenv.lib.optionals stdenv.isDarwin [ Security CoreServices ];
+  buildInputs = with stdenv.lib; [ openssl ]
+    ++ optionals stdenv.isDarwin [ Security CoreServices ]
+    ++ optional (dbBackend == "mysql") libmysqlclient
+    ++ optional (dbBackend == "postgresql") postgresql;

  RUSTC_BOOTSTRAP = 1;

-  cargoSha256 = "0p39gqrqdmgqhngp1qyh6jl0sp0ifj5n3bxfqafjbspb4zph3ls4";
+  cargoSha256 = "1v6n4aqhd5pyvvhlzhpmq7ykclfxw82wn2bg7n49b53d9p72jwq6";
+  cargoBuildFlags = [ featuresFlag ];
+
+  checkPhase = ''
+    runHook preCheck
+    echo "Running cargo cargo test ${featuresFlag} -- ''${checkFlags} ''${checkFlagsArray+''${checkFlagsArray[@]}}"
+    cargo test ${featuresFlag} -- ''${checkFlags} ''${checkFlagsArray+"''${checkFlagsArray[@]}"}
+    runHook postCheck
+  '';

  meta = with stdenv.lib; {
-    description = "An unofficial lightweight implementation of the Bitwarden server API using Rust and SQLite";
-    homepage = https://github.com/dani-garcia/bitwarden_rs;
+    description = "Unofficial Bitwarden compatible server written in Rust";
+    homepage = "https://github.com/dani-garcia/bitwarden_rs";
    license = licenses.gpl3;
    maintainers = with maintainers; [ msteen ];
    platforms = platforms.all;
--- a/pkgs/top-level/all-packages.nix
+++ b/pkgs/top-level/all-packages.nix
@ -791,6 +791,9 @@ in
  bitwarden_rs = callPackage ../tools/security/bitwarden_rs {
    inherit (darwin.apple_sdk.frameworks) Security CoreServices;
  };
+  bitwarden_rs-sqlite = bitwarden_rs;
+  bitwarden_rs-mysql = bitwarden_rs.override { dbBackend = "mysql"; };
+  bitwarden_rs-postgresql = bitwarden_rs.override { dbBackend = "postgresql"; };

  bitwarden_rs-vault = callPackage ../tools/security/bitwarden_rs/vault.nix { };