diff options
Diffstat (limited to 'nixpkgs/pkgs/tools/security/yubikey-agent/default.nix')
| -rw-r--r-- | nixpkgs/pkgs/tools/security/yubikey-agent/default.nix | 56 |
1 files changed, 56 insertions, 0 deletions
diff --git a/nixpkgs/pkgs/tools/security/yubikey-agent/default.nix b/nixpkgs/pkgs/tools/security/yubikey-agent/default.nix new file mode 100644 index 00000000000..5860fb3a03e --- /dev/null +++ b/nixpkgs/pkgs/tools/security/yubikey-agent/default.nix @@ -0,0 +1,56 @@ +{ stdenv, lib, fetchFromGitHub, buildGoModule, libnotify, makeWrapper, pcsclite, pinentry_mac, pkgconfig, darwin }: + +buildGoModule rec { + pname = "yubikey-agent"; + version = "0.1.3"; + + src = fetchFromGitHub { + owner = "FiloSottile"; + repo = pname; + rev = "v${version}"; + sha256 = "07gix5wrakn4z846zhvl66lzwx58djrfnn6m8v7vc69l9jr3kihr"; + }; + + buildInputs = + lib.optional stdenv.isLinux (lib.getDev pcsclite) + ++ lib.optional stdenv.isDarwin (darwin.apple_sdk.frameworks.PCSC); + + nativeBuildInputs = [ makeWrapper pkgconfig ]; + + # pull in go-piv/piv-go#75 + # once go-piv/piv-go#75 is merged and released, we should + # use the released version (and push upstream to do the same) + patches = [ ./use-piv-go-75.patch ]; + postPatch = lib.optionalString stdenv.isLinux '' + substituteInPlace main.go --replace 'notify-send' ${libnotify}/bin/notify-send + ''; + + vendorSha256 = "128mlsagj3im6h0p0ndhzk29ya47g19im9dldx3nmddf2jlccj2h"; + + doCheck = false; + + subPackages = [ "." ]; + + # On macOS, there isn't a choice of pinentry program, so let's + # ensure the nixpkgs-provided one is available + postInstall = lib.optionalString stdenv.isDarwin '' + wrapProgram $out/bin/yubikey-agent --suffix PATH : $(dirname ${pinentry_mac}/${pinentry_mac.binaryPath}) + '' + # Note: in the next release, upstream provides + # contrib/systemd/user/yubikey-agent.service, which we should use + # instead + # See https://github.com/FiloSottile/yubikey-agent/pull/43 + + lib.optionalString stdenv.isLinux '' + mkdir -p $out/lib/systemd/user + substitute ${./yubikey-agent.service} $out/lib/systemd/user/yubikey-agent.service \ + --replace 'ExecStart=yubikey-agent' "ExecStart=$out/bin/yubikey-agent" + ''; + + meta = with lib; { + description = "A seamless ssh-agent for YubiKeys"; + license = licenses.bsd3; + homepage = "https://filippo.io/yubikey-agent"; + maintainers = with lib.maintainers; [ philandstuff rawkode ]; + platforms = platforms.darwin ++ platforms.linux; + }; +} |