826c20dcae
* nixos/vault: add option to start in dev mode. This is not only useful for nixos tests i.e. when testing vault agent setups but also when playing around with vault in local setups. In our tests we can now make use of this option to test more vault features. i.e. adding this feature has uncovered the need for a `StateDirectory`. * Update nixos/modules/services/security/vault.nix Co-authored-by: Robert Hensing <roberth@users.noreply.github.com> Co-authored-by: Jonas Chevalier <zimbatm@zimbatm.com> Co-authored-by: Robert Hensing <roberth@users.noreply.github.com>
52 lines
1.5 KiB
Nix
52 lines
1.5 KiB
Nix
{ stdenv, lib, fetchFromGitHub, buildGoModule, installShellFiles, nixosTests
|
|
, makeWrapper
|
|
, gawk
|
|
, glibc
|
|
}:
|
|
|
|
buildGoModule rec {
|
|
pname = "vault";
|
|
version = "1.10.4";
|
|
|
|
src = fetchFromGitHub {
|
|
owner = "hashicorp";
|
|
repo = "vault";
|
|
rev = "v${version}";
|
|
sha256 = "sha256-RJCFbhpFx84R9CIU1OaaZbjBXltNY/1GC2gwgydX4n8=";
|
|
};
|
|
|
|
vendorSha256 = "sha256-8fTAU/K0WkkS6an5Ffaxpnz8vABQXpiWaCroc8DTYmc=";
|
|
|
|
subPackages = [ "." ];
|
|
|
|
nativeBuildInputs = [ installShellFiles makeWrapper ];
|
|
|
|
tags = [ "vault" ];
|
|
|
|
ldflags = [
|
|
"-s" "-w"
|
|
"-X github.com/hashicorp/vault/sdk/version.GitCommit=${src.rev}"
|
|
"-X github.com/hashicorp/vault/sdk/version.Version=${version}"
|
|
"-X github.com/hashicorp/vault/sdk/version.VersionPrerelease="
|
|
];
|
|
|
|
postInstall = ''
|
|
echo "complete -C $out/bin/vault vault" > vault.bash
|
|
installShellCompletion vault.bash
|
|
'' + lib.optionalString stdenv.isLinux ''
|
|
wrapProgram $out/bin/vault \
|
|
--prefix PATH ${lib.makeBinPath [ gawk glibc ]}
|
|
'';
|
|
|
|
passthru.tests = { inherit (nixosTests) vault vault-postgresql vault-dev; };
|
|
|
|
meta = with lib; {
|
|
homepage = "https://www.vaultproject.io/";
|
|
description = "A tool for managing secrets";
|
|
changelog = "https://github.com/hashicorp/vault/blob/v${version}/CHANGELOG.md";
|
|
platforms = platforms.linux ++ platforms.darwin;
|
|
license = licenses.mpl20;
|
|
maintainers = with maintainers; [ rushmorem lnl7 offline pradeepchhetri Chili-Man techknowlogick ];
|
|
};
|
|
}
|