nix/pkgs: init pomerium

This commit is contained in:
Luke Granger-Brown 2020-12-27 19:24:22 +00:00
parent 483786f792
commit a991f3dca9
2 changed files with 68 additions and 0 deletions

View file

@ -14,5 +14,6 @@
python-emv = import ./python-emv.nix args;
sheepshaver = import ./sheepshaver.nix args;
intermec-cups-driver = pkgs.callPackage ./intermec-cups-driver.nix {};
pomerium = import ./pomerium.nix args;
envoy = import ./envoy args;
} // (import ./heptapod-runner.nix args)

67
nix/pkgs/pomerium.nix Normal file
View file

@ -0,0 +1,67 @@
# SPDX-FileCopyrightText: 2020 Luke Granger-Brown <depot@lukegb.com>
#
# SPDX-License-Identifier: Apache-2.0
{ pkgs, depot, ... }:
with pkgs;
let
version = "0.11.1";
src = fetchFromGitHub {
owner = "pomerium";
repo = "pomerium";
rev = "v${version}";
hash = "sha256:0wisnblz4qb4r8g692rvi937pcqj0ypagb23c1vhr01g19wph77p";
};
gitHash = "40b878e164c6278d56d61cb06a77342f3b4e5946";
in
buildGoModule rec {
pname = "pomerium";
inherit version src;
vendorSha256 = "sha256:0kyr07y9rpaam1fbri3ybz6pzh98ya96f7770giyy1qpcm66ld44";
subPackages = [
"cmd/pomerium"
"cmd/pomerium-cli"
];
buildFlagsArray = let
setVars = {
GitCommit = gitHash;
Version = "v${version}";
BuildMeta = "nix";
ProjectName = "pomerium";
ProjectURL = "github.com/pomerium/pomerium";
};
varFlags = lib.concatStringsSep " " (lib.mapAttrsToList (name: value: "-X github.com/pomerium/pomerium/internal/version.${name}=${value}") setVars);
in [
"-ldflags=${varFlags}"
];
nativeBuildInputs = [
zip
];
postBuild = ''
# Append Envoy
pushd $NIX_BUILD_TOP
mkdir -p envoy
cd envoy
cp ${depot.pkgs.envoy}/bin/envoy envoy
zip -0 envoy.zip envoy
popd
'';
installPhase = ''
mkdir -p $out/bin
cat $GOPATH/bin/pomerium $NIX_BUILD_TOP/envoy/envoy.zip >$out/bin/pomerium
chmod +x $out/bin/pomerium
zip --adjust-sfx $out/bin/pomerium
'';
meta = with stdenv.lib; {
homepage = "https://pomerium.io";
description = "Authenticating reverse proxy";
license = licenses.asl20;
maintainers = with maintainers; [ lukegb ];
};
}