about summary refs log tree commit diff
path: root/nixpkgs/pkgs/tools/security/beyond-identity
diff options
context:
space:
mode:
Diffstat (limited to 'nixpkgs/pkgs/tools/security/beyond-identity')
-rw-r--r--nixpkgs/pkgs/tools/security/beyond-identity/default.nix89
1 files changed, 89 insertions, 0 deletions
diff --git a/nixpkgs/pkgs/tools/security/beyond-identity/default.nix b/nixpkgs/pkgs/tools/security/beyond-identity/default.nix
new file mode 100644
index 000000000000..a9e554ff42cc
--- /dev/null
+++ b/nixpkgs/pkgs/tools/security/beyond-identity/default.nix
@@ -0,0 +1,89 @@
+{ lib, stdenv, fetchurl, dpkg, buildFHSUserEnv
+, glibc, glib, openssl, tpm2-tss
+, gtk3, gnome, polkit, polkit_gnome
+}:
+
+let
+  pname = "beyond-identity";
+  version = "2.49.0-0";
+  libPath = lib.makeLibraryPath ([ glib glibc openssl tpm2-tss gtk3 gnome.gnome-keyring polkit polkit_gnome ]);
+  meta = with lib; {
+    description = "Passwordless MFA identities for workforces, customers, and developers";
+    homepage = "https://www.beyondidentity.com";
+    downloadPage = "https://app.byndid.com/downloads";
+    license = licenses.unfree;
+    maintainers = with maintainers; [ klden ];
+    platforms = [ "x86_64-linux" ];
+  };
+
+  beyond-identity = stdenv.mkDerivation {
+    inherit pname version meta;
+
+    src = fetchurl {
+      url = "https://packages.beyondidentity.com/public/linux-authenticator/deb/ubuntu/pool/focal/main/b/be/${pname}_${version}/${pname}_${version}_amd64.deb";
+      sha512 = "sha512-+9vwH1r5WW+MqyiwsAFInboaM7o2dc7zvRaKwHC/o2LOBugvUHmUzmZ6uSHilc9zQ5FcHUIIglhkASbFtsvPeA==";
+    };
+
+    nativeBuildInputs = [
+      dpkg
+    ];
+
+    unpackPhase = ''
+      dpkg -x $src .
+    '';
+
+    installPhase = ''
+      mkdir -p $out/opt/beyond-identity
+
+      rm -rf usr/share/doc
+
+      # https://github.com/NixOS/nixpkgs/issues/42117
+      sed -i -e 's/auth_self/yes/g' usr/share/polkit-1/actions/com.beyondidentity.endpoint.stepup.policy
+
+      cp -ar usr/{bin,share} $out
+      cp -ar opt/beyond-identity/bin $out/opt/beyond-identity
+
+      ln -s $out/opt/beyond-identity/bin/* $out/bin/
+    '';
+
+    postFixup = ''
+      substituteInPlace \
+        $out/share/applications/com.beyondidentity.endpoint.BeyondIdentity.desktop \
+        --replace /usr/bin/ $out/bin/
+      substituteInPlace \
+        $out/share/applications/com.beyondidentity.endpoint.webserver.BeyondIdentity.desktop \
+        --replace /opt/ $out/opt/
+      substituteInPlace \
+        $out/opt/beyond-identity/bin/byndid-web \
+        --replace /opt/ $out/opt/
+      substituteInPlace \
+        $out/bin/beyond-identity \
+        --replace /opt/ $out/opt/ \
+        --replace /usr/bin/gtk-launch ${gtk3}/bin/gtk-launch
+
+      patchelf \
+        --set-interpreter "$(cat $NIX_CC/nix-support/dynamic-linker)" \
+        --set-rpath "${libPath}" \
+        --force-rpath \
+        $out/bin/byndid
+    '';
+  };
+# /usr/bin/pkcheck is hardcoded in binary - we need FHS
+in buildFHSUserEnv {
+   inherit meta;
+   name = pname;
+
+   targetPkgs = pkgs: [
+     beyond-identity
+     glib glibc openssl tpm2-tss
+     gtk3 gnome.gnome-keyring
+     polkit polkit_gnome
+   ];
+
+   extraInstallCommands = ''
+     ln -s ${beyond-identity}/share $out
+   '';
+
+   runScript = "beyond-identity";
+}
+
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-07-04 07:31:58 +0000