# SPDX-FileCopyrightText: 2020 Luke Granger-Brown <depot@lukegb.com>
#
# SPDX-License-Identifier: Apache-2.0

{ lib
, buildGoModule
, fetchFromGitHub
}:

buildGoModule rec {
  pname = "vault-acme";
  version = "0.0.8+lukegb-1";

  src = fetchFromGitHub {
    owner = "lukegb";
    repo = pname;
    rev = "d128cded9a4f96b0c6784f13c6ff6d077f6688da";
    sha256 = "sha256:0yp8nmzp0cfqxh0r6qls0mwz9myaskb3q5qwcwx6gcm2wrwidi84";
  };

  patches = [ ./just-add-a-sleep.patch ];

  vendorSha256 = "sha256:1c58470n843yh9jd010xxaqzg9lrpaw9w969ygqb6h3x8k1my7jp";

  subPackages = [
    "cmd/acme"
    "cmd/sidecar"
  ];

  postInstall = ''
    mkdir -p $out/libexec/vault
    mv $out/bin/acme $out/libexec/vault/acme
    mv $out/bin/sidecar $out/bin/vault-acme-sidecar
  '';

  meta = with lib; {
    description = "Vault secret engine to retrieve TLS certificates from an ACME provider";
    homepage = "https://github.com/remilapeyre/vault-acme";
    license = licenses.mpl20;
    maintainers = with maintainers; [ lukegb ];
    platforms = platforms.linux ++ platforms.darwin;
  };
}