janis/nixos-config
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity
nixos-config/pkgs/nordvpn2.nix

139 lines
5.4 KiB
Nix
Raw Blame History

{ pkgs, lib, gcc, autoPatchelfHook, ... }:
let
patchedPkgs = pkgs.appendOverlays [
(final: prev: {
# Nordvpn uses a patched openvpn in order to perform xor obfuscation
# See https://github.com/NordSecurity/nordvpn-linux/blob/e614303aaaf1a64fde5bb1b4de1a7863b22428c4/ci/openvpn/check_dependencies.sh
openvpn = prev.openvpn.overrideAttrs (old: {
patches = (old.patches or [ ]) ++ [
(prev.fetchpatch {
url =
"https://github.com/Tunnelblick/Tunnelblick/raw/master/third_party/sources/openvpn/openvpn-${old.version}/patches/02-tunnelblick-openvpn_xorpatch-a.diff";
hash = "sha256-b9NiWETc0g2a7FNwrLaNrWx7gfCql7VTbewFu3QluFk=";
})
(prev.fetchpatch {
url =
"https://github.com/Tunnelblick/Tunnelblick/raw/master/third_party/sources/openvpn/openvpn-${old.version}/patches/03-tunnelblick-openvpn_xorpatch-b.diff";
hash = "sha256-X/SshB/8ItLFBx6TPhjBwyA97ra0iM2KgsGqGIy2s9I=";
})
(prev.fetchpatch {
url =
"https://github.com/Tunnelblick/Tunnelblick/raw/master/third_party/sources/openvpn/openvpn-${old.version}/patches/04-tunnelblick-openvpn_xorpatch-c.diff";
hash = "sha256-fw0CxJGIFEydIVRVouTlD1n275eQcbejUdhrU1JAx7g=";
})
(prev.fetchpatch {
url =
"https://github.com/Tunnelblick/Tunnelblick/raw/master/third_party/sources/openvpn/openvpn-${old.version}/patches/05-tunnelblick-openvpn_xorpatch-d.diff";
hash = "sha256-NLRtoRVz+4hQcElyz4elCAv9l1vp4Yb3/VJef+L/FZo=";
})
(prev.fetchpatch {
url =
"https://github.com/Tunnelblick/Tunnelblick/raw/master/third_party/sources/openvpn/openvpn-${old.version}/patches/06-tunnelblick-openvpn_xorpatch-e.diff";
hash = "sha256-mybdjCIT9b6ukbGWYvbr74fKtcncCtTvS5xSVf92T6Y=";
})
];
});
})
];
nordvpn = pkgs.buildGoModule rec {
pname = "nordvpn";
version = "3.19.0";
#src = ./.;
src = pkgs.fetchFromGitHub {
owner = "NordSecurity";
repo = "nordvpn-linux";
rev = "e614303aaaf1a64fde5bb1b4de1a7863b22428c4";
sha256 = "sha256-uIzG9QIVwax0Cop2VuDzy033efEBudFnGNj7osT/x2g";
};
nativeBuildInputs = with pkgs; [ pkg-config gcc ];
buildInputs = with pkgs; [ libxml2 gcc ];
vendorHash = "sha256-h5G5J/Sw0277pDzVXT6b3BX0KUbtyN8ujITfYp5PmgE";
ldflags = [
"-X main.Version=${version}"
"-X main.Environment=dev"
"-X main.Salt=development"
"-X main.Hash=${src.rev}"
];
buildPhase = ''
runHook preBuild
echo "Building nordvpn CLI..."
export LDFLAGS="${builtins.concatStringsSep " " ldflags}"
go build -ldflags "$LDFLAGS" -o bin/nordvpn ./cmd/cli
echo "Building nordvpn user..."
go build -ldflags "$LDFLAGS" -o bin/norduserd ./cmd/norduser
# Fix missing include in a library preventing compilation
chmod +w vendor/github.com/jbowtie/gokogiri/xpath/
sed -i '6i#include <stdlib.h>' vendor/github.com/jbowtie/gokogiri/xpath/expression.go
echo "Building nordvpn daemon..."
go build -ldflags "$LDFLAGS" -o bin/nordvpnd ./cmd/daemon
runHook postBuild
'';
installPhase = ''
runHook preInstall
mkdir -p $out/lib/nordvpn/
mv bin/norduserd $out/lib/nordvpn/
ln -s ${patchedPkgs.openvpn}/bin/openvpn $out/lib/nordvpn/openvpn
ln -s ${pkgs.wireguard-tools}/bin/wg $out/lib/nordvpn/wg
# Nordvpn needs icons for the system tray
mkdir -p $out/share/icons/hicolor/scalable/apps
nordvpn_asset_prefix="nordvpn-" # hardcoded image prefix
cp assets/icon.svg $out/share/icons/hicolor/scalable/apps/nordvpn.svg # Does not follow convention
for file in assets/*.svg; do
cp "$file" "$out/share/icons/hicolor/scalable/apps/''${nordvpn_asset_prefix}$(basename "$file")"
done
mkdir -p $out/bin
cp bin/* $out/bin
runHook postInstall
'';
meta = with pkgs.lib; {
description = "NordVPN CLI and daemon application for Linux";
homepage = "https://github.com/nordsecurity/nordvpn-linux";
mainProgram = "nordvpn";
license = licenses.gpl3;
platforms = platforms.linux;
};
};
in pkgs.buildFHSEnv {
name = "nordvpnd";
targetPkgs = with pkgs;
pkgs: [
nordvpn
sysctl
iptables
iproute2
procps
cacert
libxml2
libidn2
zlib
wireguard-tools
patchedPkgs.openvpn
e2fsprogs # for chattr
];
extraInstallCommands = ''
mkdir -p $out/bin/
printf "#!${pkgs.bash}/bin/bash\n${nordvpn}/bin/nordvpn \"\$@\"" > $out/bin/nordvpn
chmod +x $out/bin/nordvpn
'';
runScript = ''
${nordvpn}/bin/nordvpnd
'';
}
Reference in a new issue View git blame Copy permalink