55 lines
1.9 KiB
Nix
55 lines
1.9 KiB
Nix
|
{ stdenv, fetchFromGitHub, makeWrapper, coreutils, openssh, gnupg
|
||
|
, perl, procps, gnugrep, gawk, findutils, gnused }:
|
||
|
|
||
|
stdenv.mkDerivation rec {
|
||
|
pname = "keychain";
|
||
|
version = "2.8.5";
|
||
|
|
||
|
src = fetchFromGitHub {
|
||
|
owner = "funtoo";
|
||
|
repo = "keychain";
|
||
|
rev = version;
|
||
|
sha256 = "1bkjlg0a2bbdjhwp37ci1rwikvrl4s3xlbf2jq2z4azc96dr83mj";
|
||
|
};
|
||
|
|
||
|
buildInputs = [ makeWrapper perl ];
|
||
|
|
||
|
installPhase = ''
|
||
|
mkdir -p $out/{bin,share/man/man1}
|
||
|
cp keychain $out/bin/keychain
|
||
|
cp keychain.1 $out/share/man/man1
|
||
|
wrapProgram $out/bin/keychain \
|
||
|
--prefix PATH ":" "${coreutils}/bin" \
|
||
|
--prefix PATH ":" "${openssh}/bin" \
|
||
|
--prefix PATH ":" "${gnupg}/bin" \
|
||
|
--prefix PATH ":" "${gnugrep}/bin" \
|
||
|
--prefix PATH ":" "${gnused}/bin" \
|
||
|
--prefix PATH ":" "${findutils}/bin" \
|
||
|
--prefix PATH ":" "${gawk}/bin" \
|
||
|
--prefix PATH ":" "${procps}/bin"
|
||
|
'';
|
||
|
|
||
|
meta = {
|
||
|
description = "Keychain management tool";
|
||
|
homepage = "https://www.funtoo.org/Keychain";
|
||
|
license = stdenv.lib.licenses.gpl2;
|
||
|
# other platforms are untested (AFAIK)
|
||
|
platforms =
|
||
|
with stdenv.lib;
|
||
|
platforms.linux ++ platforms.darwin;
|
||
|
maintainers = with stdenv.lib.maintainers; [ sigma ];
|
||
|
longDescription = ''
|
||
|
Keychain helps you to manage SSH and GPG keys in a convenient and secure
|
||
|
manner. It acts as a frontend to ssh-agent and ssh-add, but allows you
|
||
|
to easily have one long running ssh-agent process per system, rather
|
||
|
than the norm of one ssh-agent per login session.
|
||
|
|
||
|
This dramatically reduces the number of times you need to enter your
|
||
|
passphrase. With keychain, you only need to enter a passphrase once
|
||
|
every time your local machine is rebooted. Keychain also makes it easy
|
||
|
for remote cron jobs to securely "hook in" to a long-running ssh-agent
|
||
|
process, allowing your scripts to take advantage of key-based logins.
|
||
|
'';
|
||
|
};
|
||
|
}
|