depot/nix/pkgs/vault-acme/default.nix

# SPDX-FileCopyrightText: 2020 Luke Granger-Brown <depot@lukegb.com>
#
# SPDX-License-Identifier: Apache-2.0

{ lib
, buildGoModule
, fetchFromGitHub
}:

buildGoModule rec {
  pname = "vault-acme";
  version = "0.0.8+lukegb-1";

  src = fetchFromGitHub {
    owner = "lukegb";
    repo = pname;
    rev = "4f397cc3089cc7b0ea23e76e907ad4733b66c13f";
    sha256 = "sha256:0f3d89j51gcrvpxmlr3psvv9mm6y3rw4hwk3rs4rb3a6rj5yg2iq";
  };

  patches = [ ./just-add-a-sleep.patch ];

  vendorSha256 = "sha256:07bqapnrf1fdyaxkna14s5calgj71sk2qysigd32hxl673zd06ic";

  subPackages = [
    "cmd/acme"
    "cmd/sidecar"
  ];

  postInstall = ''
    mkdir -p $out/libexec/vault
    mv $out/bin/acme $out/libexec/vault/acme
    mv $out/bin/sidecar $out/bin/vault-acme-sidecar
  '';

  meta = with lib; {
    description = "Vault secret engine to retrieve TLS certificates from an ACME provider";
    homepage = "https://github.com/remilapeyre/vault-acme";
    license = licenses.mpl20;
    maintainers = with maintainers; [ lukegb ];
    platforms = platforms.linux ++ platforms.darwin;
  };
}