about summary refs log tree commit diff
path: root/nixpkgs/pkgs/servers/http/pomerium/external-envoy.diff
diff options
context:
space:
mode:
Diffstat (limited to 'nixpkgs/pkgs/servers/http/pomerium/external-envoy.diff')
-rw-r--r--nixpkgs/pkgs/servers/http/pomerium/external-envoy.diff48
1 files changed, 48 insertions, 0 deletions
diff --git a/nixpkgs/pkgs/servers/http/pomerium/external-envoy.diff b/nixpkgs/pkgs/servers/http/pomerium/external-envoy.diff
new file mode 100644
index 000000000000..49f4985ad77c
--- /dev/null
+++ b/nixpkgs/pkgs/servers/http/pomerium/external-envoy.diff
@@ -0,0 +1,48 @@
+diff --git a/pkg/envoy/envoy.go b/pkg/envoy/envoy.go
+index e32cfc29..9d32c057 100644
+--- a/pkg/envoy/envoy.go
++++ b/pkg/envoy/envoy.go
+@@ -8,9 +8,9 @@ import (
+ 	"errors"
+ 	"fmt"
+ 	"io"
++	"io/fs"
+ 	"os"
+ 	"os/exec"
+-	"path"
+ 	"path/filepath"
+ 	"regexp"
+ 	"strconv"
+@@ -36,8 +36,12 @@ import (
+ 
+ const (
+ 	configFileName = "envoy-config.yaml"
++	workingDirectoryName = ".pomerium-envoy"
++	embeddedEnvoyPermissions     fs.FileMode = 0o700
+ )
+ 
++var OverrideEnvoyPath = ""
++
+ type serverOptions struct {
+ 	services string
+ 	logLevel string
+@@ -60,13 +64,16 @@ type Server struct {
+ 
+ // NewServer creates a new server with traffic routed by envoy.
+ func NewServer(ctx context.Context, src config.Source, builder *envoyconfig.Builder) (*Server, error) {
+-	envoyPath, err := Extract()
++	envoyPath := OverrideEnvoyPath
++	wd := filepath.Join(os.TempDir(), workingDirectoryName)
++
++	err := os.MkdirAll(wd, embeddedEnvoyPermissions)
+ 	if err != nil {
+-		return nil, fmt.Errorf("extracting envoy: %w", err)
++		return nil, fmt.Errorf("error creating temporary working directory for envoy: %w", err)
+ 	}
+ 
+ 	srv := &Server{
+-		wd:        path.Dir(envoyPath),
++		wd:        wd,
+ 		builder:   builder,
+ 		grpcPort:  src.GetConfig().GRPCPort,
+ 		httpPort:  src.GetConfig().HTTPPort,
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-07-10 06:07:35 +0000