diff options
Diffstat (limited to 'nixpkgs/pkgs/tools/security/clevis/default.nix')
-rw-r--r-- | nixpkgs/pkgs/tools/security/clevis/default.nix | 41 |
1 files changed, 41 insertions, 0 deletions
diff --git a/nixpkgs/pkgs/tools/security/clevis/default.nix b/nixpkgs/pkgs/tools/security/clevis/default.nix new file mode 100644 index 000000000000..753fd8a6395e --- /dev/null +++ b/nixpkgs/pkgs/tools/security/clevis/default.nix @@ -0,0 +1,41 @@ +{ lib, stdenv, fetchFromGitHub, meson, ninja, pkg-config, asciidoc +, makeWrapper, jansson, jose, cryptsetup, curl, libpwquality, luksmeta +, coreutils, tpm2-tools +}: + +stdenv.mkDerivation rec { + pname = "clevis"; + version = "18"; + + src = fetchFromGitHub { + owner = "latchset"; + repo = pname; + rev = "v${version}"; + sha256 = "sha256-m1UhyjD5ydSgCTBu6sECLlxFx0rnQxFnBA7frbdUqU8="; + }; + + postPatch = '' + for f in $(find src/ -type f); do + grep -q "/bin/cat" "$f" && substituteInPlace "$f" \ + --replace '/bin/cat' '${coreutils}/bin/cat' || true + done + ''; + + postInstall = '' + # We wrap the main clevis binary entrypoint but not the sub-binaries. + wrapProgram $out/bin/clevis \ + --prefix PATH ':' "${tpm2-tools}/bin:${jose}/bin:${placeholder "out"}/bin" + ''; + + nativeBuildInputs = [ meson ninja pkg-config asciidoc makeWrapper ]; + buildInputs = [ jansson jose cryptsetup curl libpwquality luksmeta tpm2-tools ]; + + outputs = [ "out" "man" ]; + + meta = { + description = "Automated Encryption Framework"; + homepage = "https://github.com/latchset/clevis"; + maintainers = with lib.maintainers; [ fpletz ]; + license = lib.licenses.gpl3Plus; + }; +} |