depot/third_party/nixpkgs/pkgs/tools/security/modsecurity/default.nix

60 lines
1.5 KiB
Nix
Raw Normal View History

{ stdenv, lib, fetchFromGitHub, pkg-config, autoreconfHook
, curl, apacheHttpd, pcre, apr, aprutil, libxml2
, luaSupport ? false, lua5, perl
}:
with lib;
let luaValue = if luaSupport then lua5 else "no";
optional = lib.optional;
in
stdenv.mkDerivation rec {
pname = "modsecurity";
version = "2.9.7";
src = fetchFromGitHub {
owner = "SpiderLabs";
repo = pname;
rev = "v${version}";
sha256 = "sha256-hJ8wYeC83dl85bkUXGZKHpHzw9QRgtusj1/+Coxsx0k=";
};
nativeBuildInputs = [ pkg-config autoreconfHook ];
buildInputs = [ curl apacheHttpd pcre apr aprutil libxml2 ] ++
optional luaSupport lua5;
configureFlags = [
"--enable-standalone-module"
"--enable-static"
"--with-curl=${curl.dev}"
"--with-apxs=${apacheHttpd.dev}/bin/apxs"
"--with-pcre=${pcre.dev}"
"--with-apr=${apr.dev}"
"--with-apu=${aprutil.dev}/bin/apu-1-config"
"--with-libxml=${libxml2.dev}"
"--with-lua=${luaValue}"
];
outputs = ["out" "nginx"];
# by default modsecurity's install script copies compiled output to httpd's modules folder
# this patch removes those lines
patches = [ ./Makefile.am.patch ];
doCheck = true;
checkInputs = [ perl ];
postInstall = ''
mkdir -p $nginx
cp -R * $nginx
'';
meta = {
description = "Open source, cross-platform web application firewall (WAF)";
license = licenses.asl20;
homepage = "https://www.modsecurity.org/";
maintainers = with maintainers; [offline];
platforms = lib.platforms.linux ++ lib.platforms.darwin;
};
}