nixpkgs/pkgs/tools/security/vault/default.nix
Jörg Thalheim 826c20dcae
nixos/vault: add option to start in dev mode. (#180114)
* nixos/vault: add option to start in dev mode.

This is not only useful for nixos tests i.e. when testing vault agent
setups but also when playing around with vault in local setups. In our
tests we can now make use of this option to test more vault features.
i.e. adding this feature has uncovered the need for a `StateDirectory`.

* Update nixos/modules/services/security/vault.nix

Co-authored-by: Robert Hensing <roberth@users.noreply.github.com>

Co-authored-by: Jonas Chevalier <zimbatm@zimbatm.com>
Co-authored-by: Robert Hensing <roberth@users.noreply.github.com>
2022-07-05 10:54:11 +02:00

52 lines
1.5 KiB
Nix

{ stdenv, lib, fetchFromGitHub, buildGoModule, installShellFiles, nixosTests
, makeWrapper
, gawk
, glibc
}:
buildGoModule rec {
pname = "vault";
version = "1.10.4";
src = fetchFromGitHub {
owner = "hashicorp";
repo = "vault";
rev = "v${version}";
sha256 = "sha256-RJCFbhpFx84R9CIU1OaaZbjBXltNY/1GC2gwgydX4n8=";
};
vendorSha256 = "sha256-8fTAU/K0WkkS6an5Ffaxpnz8vABQXpiWaCroc8DTYmc=";
subPackages = [ "." ];
nativeBuildInputs = [ installShellFiles makeWrapper ];
tags = [ "vault" ];
ldflags = [
"-s" "-w"
"-X github.com/hashicorp/vault/sdk/version.GitCommit=${src.rev}"
"-X github.com/hashicorp/vault/sdk/version.Version=${version}"
"-X github.com/hashicorp/vault/sdk/version.VersionPrerelease="
];
postInstall = ''
echo "complete -C $out/bin/vault vault" > vault.bash
installShellCompletion vault.bash
'' + lib.optionalString stdenv.isLinux ''
wrapProgram $out/bin/vault \
--prefix PATH ${lib.makeBinPath [ gawk glibc ]}
'';
passthru.tests = { inherit (nixosTests) vault vault-postgresql vault-dev; };
meta = with lib; {
homepage = "https://www.vaultproject.io/";
description = "A tool for managing secrets";
changelog = "https://github.com/hashicorp/vault/blob/v${version}/CHANGELOG.md";
platforms = platforms.linux ++ platforms.darwin;
license = licenses.mpl20;
maintainers = with maintainers; [ rushmorem lnl7 offline pradeepchhetri Chili-Man techknowlogick ];
};
}