about summary refs log tree commit diff
path: root/nixpkgs/pkgs/tools/security/pass/extensions
diff options
context:
space:
mode:
Diffstat (limited to 'nixpkgs/pkgs/tools/security/pass/extensions')
-rw-r--r--nixpkgs/pkgs/tools/security/pass/extensions/audit/0001-Set-base-to-an-empty-value.patch43
-rw-r--r--nixpkgs/pkgs/tools/security/pass/extensions/audit/0002-Fix-audit.bash-setup.patch28
-rw-r--r--nixpkgs/pkgs/tools/security/pass/extensions/audit/default.nix55
-rw-r--r--nixpkgs/pkgs/tools/security/pass/extensions/checkup.nix42
-rw-r--r--nixpkgs/pkgs/tools/security/pass/extensions/default.nix15
-rw-r--r--nixpkgs/pkgs/tools/security/pass/extensions/genphrase.nix32
-rw-r--r--nixpkgs/pkgs/tools/security/pass/extensions/import.nix62
-rw-r--r--nixpkgs/pkgs/tools/security/pass/extensions/otp.nix33
-rw-r--r--nixpkgs/pkgs/tools/security/pass/extensions/tomb.nix32
-rw-r--r--nixpkgs/pkgs/tools/security/pass/extensions/update.nix30
10 files changed, 372 insertions, 0 deletions
diff --git a/nixpkgs/pkgs/tools/security/pass/extensions/audit/0001-Set-base-to-an-empty-value.patch b/nixpkgs/pkgs/tools/security/pass/extensions/audit/0001-Set-base-to-an-empty-value.patch
new file mode 100644
index 000000000000..ce6849d677f8
--- /dev/null
+++ b/nixpkgs/pkgs/tools/security/pass/extensions/audit/0001-Set-base-to-an-empty-value.patch
@@ -0,0 +1,43 @@
+From a2d5d973f53efb11bdcaecbd0099df9714bc287f Mon Sep 17 00:00:00 2001
+From: Maximilian Bosch <maximilian@mbosch.me>
+Date: Tue, 8 Feb 2022 19:35:35 +0100
+Subject: [PATCH] Set `base` to an empty value
+
+`DESTDIR` ensures that everything lands in the correct location (i.e.
+the target store-path on Nix), within this path, everything should be
+moved into `/lib` and `/share`.
+---
+ setup.py | 17 ++---------------
+ 1 file changed, 2 insertions(+), 15 deletions(-)
+
+diff --git a/setup.py b/setup.py
+index 1f0a58b..f7baa41 100644
+--- a/setup.py
++++ b/setup.py
+@@ -8,21 +8,8 @@ from pathlib import Path
+ 
+ from setuptools import setup
+ 
+-share = Path(sys.prefix, 'share')
+-base = '/usr'
+-if os.uname().sysname == 'Darwin':
+-    base = '/usr/local'
+-lib = Path(base, 'lib', 'password-store', 'extensions')
+-
+-if '--user' in sys.argv:
+-    if 'PASSWORD_STORE_EXTENSIONS_DIR' in os.environ:
+-        lib = Path(os.environ['PASSWORD_STORE_EXTENSIONS_DIR'])
+-    else:
+-        lib = Path.home() / '.password-store' / '.extensions'
+-    if 'XDG_DATA_HOME' in os.environ:
+-        share = Path(os.environ['XDG_DATA_HOME'])
+-    else:
+-        share = Path.home() / '.local' / 'share'
++share = Path('share')
++lib = Path('lib', 'password-store', 'extensions')
+ 
+ setup(
+     data_files=[
+-- 
+2.33.1
+
diff --git a/nixpkgs/pkgs/tools/security/pass/extensions/audit/0002-Fix-audit.bash-setup.patch b/nixpkgs/pkgs/tools/security/pass/extensions/audit/0002-Fix-audit.bash-setup.patch
new file mode 100644
index 000000000000..5703f3c1f652
--- /dev/null
+++ b/nixpkgs/pkgs/tools/security/pass/extensions/audit/0002-Fix-audit.bash-setup.patch
@@ -0,0 +1,28 @@
+From 8f76b32946430737f97f2702afd828b09536afd2 Mon Sep 17 00:00:00 2001
+From: Maximilian Bosch <maximilian@mbosch.me>
+Date: Sun, 15 Mar 2020 20:10:11 +0100
+Subject: [PATCH 2/2] Fix audit.bash setup
+
+This sets PASSWORD_STORE_DIR (needed by the python-code) to
+PASSWORD_STORE_DIR and properly falls back to `~/.password-store` if
+it's not set.
+---
+ audit.bash | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/audit.bash b/audit.bash
+index 7a973dc..c40ff76 100755
+--- a/audit.bash
++++ b/audit.bash
+@@ -17,7 +17,7 @@
+ #
+ 
+ cmd_audit() {
+-	export PASSWORD_STORE_DIR=$PREFIX GIT_DIR PASSWORD_STORE_GPG_OPTS
++	export PASSWORD_STORE_DIR=${PASSWORD_STORE_DIR:-$HOME/.password-store} GIT_DIR PASSWORD_STORE_GPG_OPTS
+ 	export X_SELECTION CLIP_TIME PASSWORD_STORE_UMASK GENERATED_LENGTH
+ 	export CHARACTER_SET CHARACTER_SET_NO_SYMBOLS EXTENSIONS PASSWORD_STORE_KEY
+ 	export PASSWORD_STORE_ENABLE_EXTENSIONS PASSWORD_STORE_SIGNING_KEY
+-- 
+2.25.0
+
diff --git a/nixpkgs/pkgs/tools/security/pass/extensions/audit/default.nix b/nixpkgs/pkgs/tools/security/pass/extensions/audit/default.nix
new file mode 100644
index 000000000000..c4c16b8ff848
--- /dev/null
+++ b/nixpkgs/pkgs/tools/security/pass/extensions/audit/default.nix
@@ -0,0 +1,55 @@
+{ lib, stdenv, pass, fetchFromGitHub, pythonPackages, makeWrapper, gnupg }:
+
+let
+  pythonEnv = pythonPackages.python.withPackages (p: [ p.requests p.setuptools p.zxcvbn ]);
+
+in stdenv.mkDerivation rec {
+  pname = "pass-audit";
+  version = "1.2";
+
+  src = fetchFromGitHub {
+    owner = "roddhjav";
+    repo = "pass-audit";
+    rev = "v${version}";
+    sha256 = "sha256-xigP8LxRXITLF3X21zhWx6ooFNSTKGv46yFSt1dd4vs=";
+  };
+
+  patches = [
+    ./0001-Set-base-to-an-empty-value.patch
+    ./0002-Fix-audit.bash-setup.patch
+  ];
+
+  postPatch = ''
+    substituteInPlace audit.bash \
+      --replace 'python3' "${pythonEnv}/bin/python3"
+    substituteInPlace Makefile \
+      --replace "install --root" "install --prefix ''' --root"
+  '';
+
+  outputs = [ "out" "man" ];
+
+  buildInputs = [ pythonEnv ];
+  nativeBuildInputs = [ makeWrapper ];
+
+  # Tests freeze on darwin with: pass-audit-1.1 (checkPhase): EOFError
+  doCheck = !stdenv.isDarwin;
+  checkInputs = [ pythonPackages.green pass gnupg ];
+  checkPhase = ''
+    ${pythonEnv}/bin/python3 setup.py green -q
+  '';
+
+  installFlags = [ "DESTDIR=${placeholder "out"}" "PREFIX=" ];
+  postInstall = ''
+    wrapProgram $out/lib/password-store/extensions/audit.bash \
+      --prefix PYTHONPATH : "$out/lib/${pythonEnv.libPrefix}/site-packages" \
+      --run "export COMMAND"
+  '';
+
+  meta = with lib; {
+    description = "Pass extension for auditing your password repository.";
+    homepage = "https://github.com/roddhjav/pass-audit";
+    license = licenses.gpl3Plus;
+    platforms = platforms.unix;
+    maintainers = with maintainers; [ ma27 ];
+  };
+}
diff --git a/nixpkgs/pkgs/tools/security/pass/extensions/checkup.nix b/nixpkgs/pkgs/tools/security/pass/extensions/checkup.nix
new file mode 100644
index 000000000000..5ae846d4a4b3
--- /dev/null
+++ b/nixpkgs/pkgs/tools/security/pass/extensions/checkup.nix
@@ -0,0 +1,42 @@
+{ lib, stdenv, fetchFromGitHub
+, curl, findutils, gnugrep, gnused, shellcheck }:
+
+let
+  pname = "pass-checkup";
+  version = "0.2.1";
+in stdenv.mkDerivation {
+  inherit pname version;
+
+  src = fetchFromGitHub {
+    owner = "etu";
+    repo = pname;
+    rev = version;
+    sha256 = "18b6rx59r7g0hvqs2affvw0g0jyifyzhanwgz2q2b8nhjgqgnar2";
+  };
+
+  nativeBuildInputs = [ shellcheck ];
+
+  postPatch = ''
+    substituteInPlace checkup.bash \
+      --replace curl ${curl}/bin/curl \
+      --replace find ${findutils}/bin/find \
+      --replace grep ${gnugrep}/bin/grep \
+      --replace sed ${gnused}/bin/sed
+  '';
+
+  installPhase = ''
+    runHook preInstall
+
+    install -D -m755 checkup.bash $out/lib/password-store/extensions/checkup.bash
+
+    runHook postInstall
+  '';
+
+  meta = with lib; {
+    description = "A pass extension to check against the Have I been pwned API to see if your passwords are publicly leaked or not";
+    homepage = "https://github.com/etu/pass-checkup";
+    license = licenses.gpl3Plus;
+    maintainers = with maintainers; [ etu ];
+    platforms = platforms.unix;
+  };
+}
diff --git a/nixpkgs/pkgs/tools/security/pass/extensions/default.nix b/nixpkgs/pkgs/tools/security/pass/extensions/default.nix
new file mode 100644
index 000000000000..96c252156de8
--- /dev/null
+++ b/nixpkgs/pkgs/tools/security/pass/extensions/default.nix
@@ -0,0 +1,15 @@
+{ pkgs, ... }:
+
+with pkgs;
+
+{
+  pass-audit = callPackage ./audit {
+    pythonPackages = python3Packages;
+  };
+  pass-checkup = callPackage ./checkup.nix {};
+  pass-import = callPackage ./import.nix {};
+  pass-otp = callPackage ./otp.nix {};
+  pass-tomb = callPackage ./tomb.nix {};
+  pass-update = callPackage ./update.nix {};
+  pass-genphrase = callPackage ./genphrase.nix {};
+}
diff --git a/nixpkgs/pkgs/tools/security/pass/extensions/genphrase.nix b/nixpkgs/pkgs/tools/security/pass/extensions/genphrase.nix
new file mode 100644
index 000000000000..dff64d7f1855
--- /dev/null
+++ b/nixpkgs/pkgs/tools/security/pass/extensions/genphrase.nix
@@ -0,0 +1,32 @@
+{ lib, stdenv, fetchFromGitHub }:
+
+stdenv.mkDerivation rec {
+  pname = "pass-genphrase";
+  version = "0.3";
+
+  src = fetchFromGitHub {
+    owner = "congma";
+    repo = "pass-genphrase";
+    rev = version;
+    sha256 = "01dff2jlp111y7vlmp1wbgijzphhlzc19m02fs8nzmn5vxyffanx";
+  };
+
+  dontBuild = true;
+
+  installTargets = [ "globalinstall" ];
+
+  installFlags = [ "PREFIX=$(out)" ];
+
+  postFixup = ''
+    substituteInPlace $out/lib/password-store/extensions/genphrase.bash \
+      --replace '$EXTENSIONS' "$out/lib/password-store/extensions/"
+  '';
+
+  meta = with lib; {
+    description = "Pass extension that generates memorable passwords";
+    homepage = "https://github.com/congma/pass-genphrase";
+    license = licenses.gpl3;
+    maintainers = with maintainers; [ seqizz ];
+    platforms = platforms.unix;
+  };
+}
diff --git a/nixpkgs/pkgs/tools/security/pass/extensions/import.nix b/nixpkgs/pkgs/tools/security/pass/extensions/import.nix
new file mode 100644
index 000000000000..60775be180c8
--- /dev/null
+++ b/nixpkgs/pkgs/tools/security/pass/extensions/import.nix
@@ -0,0 +1,62 @@
+{ lib
+, fetchFromGitHub
+, fetchpatch
+, python3Packages
+, gnupg
+, pass
+, makeWrapper
+}:
+
+python3Packages.buildPythonApplication rec {
+  pname = "pass-import";
+  version = "3.2";
+
+  src = fetchFromGitHub {
+    owner = "roddhjav";
+    repo = "pass-import";
+    rev = "v${version}";
+    sha256 = "0hrpg7yiv50xmbajfy0zdilsyhbj5iv0qnlrgkfv99q1dvd5qy56";
+  };
+
+  propagatedBuildInputs = with python3Packages; [
+    cryptography
+    defusedxml
+    pyaml
+    pykeepass
+    python_magic # similar API to "file-magic", but already in nixpkgs.
+    secretstorage
+  ];
+
+  checkInputs = [
+    gnupg
+    pass
+    python3Packages.pytestCheckHook
+  ];
+
+  disabledTests = [
+    "test_import_gnome_keyring" # requires dbus, which pytest doesn't support
+  ];
+
+  postInstall = ''
+    mkdir -p $out/lib/password-store/extensions
+    cp ${src}/import.bash $out/lib/password-store/extensions/import.bash
+    wrapProgram $out/lib/password-store/extensions/import.bash \
+      --prefix PATH : "${python3Packages.python.withPackages (_: propagatedBuildInputs)}/bin" \
+      --prefix PYTHONPATH : "$out/${python3Packages.python.sitePackages}" \
+      --run "export PREFIX"
+    cp -r ${src}/share $out/
+  '';
+
+  postCheck = ''
+    $out/bin/pimport --list-exporters --list-importers
+  '';
+
+  meta = with lib; {
+    description = "Pass extension for importing data from existing password managers";
+    homepage = "https://github.com/roddhjav/pass-import";
+    changelog = "https://github.com/roddhjav/pass-import/blob/v${version}/CHANGELOG.rst";
+    license = licenses.gpl3Plus;
+    maintainers = with maintainers; [ lovek323 fpletz tadfisher ];
+    platforms = platforms.unix;
+  };
+}
diff --git a/nixpkgs/pkgs/tools/security/pass/extensions/otp.nix b/nixpkgs/pkgs/tools/security/pass/extensions/otp.nix
new file mode 100644
index 000000000000..8d9b350543dc
--- /dev/null
+++ b/nixpkgs/pkgs/tools/security/pass/extensions/otp.nix
@@ -0,0 +1,33 @@
+{ lib, stdenv, fetchFromGitHub, oathToolkit }:
+
+stdenv.mkDerivation rec {
+  pname = "pass-otp";
+  version = "1.2.0";
+
+  src = fetchFromGitHub {
+    owner = "tadfisher";
+    repo = "pass-otp";
+    rev = "v${version}";
+    sha256 = "0cpqrf3939hcvwg7sd8055ghc8x964ilimlri16czzx188a9jx9v";
+  };
+
+  buildInputs = [ oathToolkit ];
+
+  dontBuild = true;
+
+  patchPhase = ''
+    sed -i -e 's|OATH=\$(which oathtool)|OATH=${oathToolkit}/bin/oathtool|' otp.bash
+  '';
+
+  installFlags = [ "PREFIX=$(out)"
+                   "BASHCOMPDIR=$(out)/share/bash-completion/completions"
+                 ];
+
+  meta = with lib; {
+    description = "A pass extension for managing one-time-password (OTP) tokens";
+    homepage = "https://github.com/tadfisher/pass-otp";
+    license = licenses.gpl3;
+    maintainers = with maintainers; [ jwiegley tadfisher toonn ];
+    platforms = platforms.unix;
+  };
+}
diff --git a/nixpkgs/pkgs/tools/security/pass/extensions/tomb.nix b/nixpkgs/pkgs/tools/security/pass/extensions/tomb.nix
new file mode 100644
index 000000000000..58630c4ec9f3
--- /dev/null
+++ b/nixpkgs/pkgs/tools/security/pass/extensions/tomb.nix
@@ -0,0 +1,32 @@
+{ lib, stdenv, fetchFromGitHub, tomb }:
+
+stdenv.mkDerivation rec {
+  pname = "pass-tomb";
+  version = "1.3";
+
+  src = fetchFromGitHub {
+    owner = "roddhjav";
+    repo = "pass-tomb";
+    rev = "v${version}";
+    sha256 = "sha256-kbbMHmYmeyt7HM8YiNhknePm1vUaXWWXPWePKGpbU+o=";
+  };
+
+  buildInputs = [ tomb ];
+
+  dontBuild = true;
+
+  installFlags = [ "PREFIX=$(out)" ];
+
+  postFixup = ''
+    substituteInPlace $out/lib/password-store/extensions/tomb.bash \
+      --replace 'TOMB="''${PASSWORD_STORE_TOMB:-tomb}"' 'TOMB="''${PASSWORD_STORE_TOMB:-${tomb}/bin/tomb}"'
+  '';
+
+  meta = with lib; {
+    description = "Pass extension that keeps the password store encrypted inside a tomb";
+    homepage = "https://github.com/roddhjav/pass-tomb";
+    license = licenses.gpl3Plus;
+    maintainers = with maintainers; [ lovek323 fpletz tadfisher ];
+    platforms = platforms.unix;
+  };
+}
diff --git a/nixpkgs/pkgs/tools/security/pass/extensions/update.nix b/nixpkgs/pkgs/tools/security/pass/extensions/update.nix
new file mode 100644
index 000000000000..50a4c49b90d1
--- /dev/null
+++ b/nixpkgs/pkgs/tools/security/pass/extensions/update.nix
@@ -0,0 +1,30 @@
+{ lib, stdenv, fetchFromGitHub }:
+
+stdenv.mkDerivation rec {
+  pname = "pass-update";
+  version = "2.1";
+
+  src = fetchFromGitHub {
+    owner = "roddhjav";
+    repo = "pass-update";
+    rev = "v${version}";
+    sha256 = "0yx8w97jcp6lv7ad5jxqnj04csbrn2hhc4pskssxknw2sbvg4g6c";
+  };
+
+  postPatch = ''
+    substituteInPlace Makefile \
+      --replace "BASHCOMPDIR ?= /etc/bash_completion.d" "BASHCOMPDIR ?= $out/share/bash-completion/completions"
+  '';
+
+  dontBuild = true;
+
+  installFlags = [ "PREFIX=$(out)" ];
+
+  meta = with lib; {
+    description = "Pass extension that provides an easy flow for updating passwords";
+    homepage = "https://github.com/roddhjav/pass-update";
+    license = licenses.gpl3Plus;
+    maintainers = with maintainers; [ lovek323 fpletz tadfisher ];
+    platforms = platforms.unix;
+  };
+}
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-08-07 03:23:49 +0000