# SPDX-FileCopyrightText: 2020 Luke Granger-Brown # # SPDX-License-Identifier: Apache-2.0 { pkgs, depot, ... }: with pkgs; let version = "0.11.1"; src = fetchFromGitHub { owner = "pomerium"; repo = "pomerium"; rev = "v${version}"; hash = "sha256:0wisnblz4qb4r8g692rvi937pcqj0ypagb23c1vhr01g19wph77p"; }; gitHash = "40b878e164c6278d56d61cb06a77342f3b4e5946"; in buildGoModule rec { pname = "pomerium"; inherit version src; vendorSha256 = "sha256:0kyr07y9rpaam1fbri3ybz6pzh98ya96f7770giyy1qpcm66ld44"; subPackages = [ "cmd/pomerium" "cmd/pomerium-cli" ]; buildFlagsArray = let setVars = { GitCommit = gitHash; Version = "v${version}"; BuildMeta = "nix"; ProjectName = "pomerium"; ProjectURL = "github.com/pomerium/pomerium"; }; varFlags = lib.concatStringsSep " " (lib.mapAttrsToList (name: value: "-X github.com/pomerium/pomerium/internal/version.${name}=${value}") setVars); in [ "-ldflags=${varFlags}" ]; nativeBuildInputs = [ zip ]; postBuild = '' # Append Envoy pushd $NIX_BUILD_TOP mkdir -p envoy cd envoy cp ${depot.pkgs.envoy}/bin/envoy envoy zip -0 envoy.zip envoy popd ''; installPhase = '' install -Dm0755 $GOPATH/bin/pomerium $out/bin/pomerium ''; postFixup = '' cat $out/bin/pomerium $NIX_BUILD_TOP/envoy/envoy.zip >$out/bin/pomerium.new mv $out/bin/pomerium.new $out/bin/pomerium chmod +x $out/bin/pomerium zip --adjust-sfx $out/bin/pomerium ''; meta = with stdenv.lib; { homepage = "https://pomerium.io"; description = "Authenticating reverse proxy"; license = licenses.asl20; maintainers = with maintainers; [ lukegb ]; }; }