globalprotect-openconnect_2: init at 2.3.9

NixOS · Nov 13, 2024 · def1a4b · def1a4b
1 parent 6da9bf9
commit def1a4b
Show file tree

Hide file tree

Showing 2 changed files with 213 additions and 0 deletions.
diff --git a/pkgs/by-name/gl/globalprotect-openconnect_2/gui.nix b/pkgs/by-name/gl/globalprotect-openconnect_2/gui.nix
@@ -0,0 +1,91 @@
+{
+  fetchurl,
+  stdenv,
+  zstd,
+  webkitgtk_4_0,
+  libappindicator,
+  gtk3,
+  cairo,
+  gdk-pixbuf,
+  libsoup,
+  glib,
+  autoPatchelfHook,
+  version,
+  lib,
+  platforms,
+  maintainers,
+}:
+let
+  remoteHashes = {
+    "x86_64-linux" = {
+      hash = "sha256-wSoBvHkLbf9aaFWBJMfm7Angd/PwKzNH+yqvYxhjmxY=";
+      arch-name = "x86_64";
+    };
+    "aarch64-linux" = {
+      hash = "sha256-Gata5OVlckfcy/F+UBe2FW7OwB47efw69lMAAU8Q4JQ=";
+      arch-name = "aarch64";
+    };
+  };
+
+  remotes = builtins.mapAttrs (
+    _:
+    { hash, arch-name }:
+    fetchurl {
+      inherit hash;
+      url = "https://github.com/yuezk/GlobalProtect-openconnect/releases/download/v${version}/globalprotect-openconnect-${version}-1-${arch-name}.pkg.tar.zst";
+    }
+  ) remoteHashes;
+
+  src =
+    if builtins.elem stdenv.hostPlatform.system (builtins.attrNames remoteHashes) then
+      remotes.${stdenv.hostPlatform.system}
+    else
+      throw "Unsupported system '${stdenv.hostPlatform.system}'";
+
+in
+stdenv.mkDerivation {
+  name = "gpgui";
+  inherit version src;
+
+  nativeBuildInputs = [
+    zstd
+    autoPatchelfHook
+  ];
+
+  buildInputs = [
+    webkitgtk_4_0
+    libappindicator
+    gtk3
+    cairo
+    gdk-pixbuf
+    libsoup
+    glib
+  ];
+
+  postUnpack = ''
+    tar xf $src
+  '';
+
+  postPatch = ''
+    substituteInPlace ./share/polkit-1/actions/com.yuezk.gpgui.policy \
+      --replace-fail /usr/bin/gpservice gpservice
+  '';
+
+  postInstall = ''
+    mkdir -p $out/bin/
+    install -m 0755 ./bin/gpgui $out/bin/
+    patchelf \
+      --add-needed libappindicator3.so.1 \
+      $out/bin/gpgui
+    mkdir -p $out/share/
+    cp -r share/icons/ $out/share/
+    cp -r share/polkit-1/ $out/share/
+  '';
+
+  meta = {
+    mainProgram = "gpgui";
+    description = "The gui for globalprotect-openconnect_2";
+    license = lib.licenses.unfree;
+    inherit platforms maintainers;
+  };
+}
diff --git a/pkgs/by-name/gl/globalprotect-openconnect_2/package.nix b/pkgs/by-name/gl/globalprotect-openconnect_2/package.nix
@@ -0,0 +1,122 @@
+{
+  perl,
+  jq,
+  fetchFromGitHub,
+  lib,
+  openconnect,
+  libsoup,
+  webkitgtk_4_0,
+  pkg-config,
+  callPackage,
+  rustPlatform,
+  glib,
+  atk,
+  gdk-pixbuf,
+  pango,
+  cairo,
+  harfbuzz,
+  gtk3,
+  zlib,
+  vpnc-scripts,
+  withGui ? false,
+}:
+let
+  platforms = [
+    "aarch64-linux"
+    "x86_64-linux"
+  ];
+  maintainers = with lib.maintainers; [
+    m1dugh
+    binary-eater
+  ];
+  version = "2.3.9";
+  pname = "globalprotect-openconnect";
+
+  gpgui = callPackage ./gui.nix { inherit version platforms maintainers; };
+
+in
+rustPlatform.buildRustPackage {
+  inherit version pname;
+
+  src = fetchFromGitHub {
+    owner = "yuezk";
+    repo = "GlobalProtect-openconnect";
+    rev = "v${version}";
+    hash = "sha256-s+uCpNrwQvdIINLSIbtcCCBg469J2xtlyiwDYqtXrQs=";
+  };
+
+  nativeBuildInputs = [
+    perl
+    jq
+    pkg-config
+  ];
+
+  buildInputs = [
+    libsoup.dev
+    webkitgtk_4_0
+    glib.dev
+    webkitgtk_4_0.dev
+    atk.dev
+    gdk-pixbuf.dev
+    pango.dev
+    cairo.dev
+    harfbuzz.dev
+    gtk3.dev
+    openconnect
+    zlib
+  ];
+
+  NIX_CFLAGS_COMPILE = (map (pkg: "-I${pkg}/include") [ openconnect.dev ]);
+
+  NIX_CFLAGS_LINK = (
+    map (pkg: "-L${lib.getLib pkg}/lib") [
+      openconnect
+      zlib
+    ]
+  );
+
+  cargoHash = "sha256-/KJM1JjFFI4aR1YwWI7k27QSPknPponTTazk5FG9HKc=";
+
+  postPatch =
+    let
+      replacements = [
+        "--replace-fail /usr/bin/gpclient $out/bin/gpclient"
+        "--replace-fail /usr/bin/gpservice $out/bin/gpservice"
+        "--replace-fail /usr/bin/gpgui-helper $out/bin/gpgui-helper"
+        "--replace-fail /usr/bin/gpauth $out/bin/gpauth"
+      ] ++ lib.optionals withGui "--replace-fail /usr/bin/gpgui ${gpgui}/bin/gpgui";
+    in
+    ''
+      substituteInPlace crates/common/src/vpn_utils.rs \
+        --replace-fail /etc/vpnc/vpnc-script ${vpnc-scripts}/bin/vpnc-script
+
+      substituteInPlace crates/gpapi/src/lib.rs \
+        ${lib.strings.concatStringsSep " " replacements}
+    '';
+
+  postInstall =
+    ''
+      mkdir -p $out/share/applications/
+      cp packaging/files/usr/share/applications/gpgui.desktop $out/share/applications/gpgui.desktop
+    ''
+    + lib.strings.optionalString withGui ''
+      ln -s ${gpgui}/bin/gpgui $out/bin/
+      ln -s ${gpgui}/share/icons/ $out/share/
+      ln -s ${gpgui}/share/polkit-1/ $out/share/
+    '';
+
+  meta = {
+    mainProgram = "gpclient";
+    description = "GlobalProtect VPN client for Linux, written in Rust, based on OpenConnect and Tauri, supports SSO with MFA, Yubikey, and client certificate authentication";
+    longDescription = ''
+      The package includes both the executables for the cli version of
+      globalprotect-openconnect_2 (gpclient and gpauth), and the executables
+      for the gui version (same as before + gpservice and gpgui).
+    '';
+
+    license = with lib.licenses; if withGui then unfree else gpl3;
+
+    homepage = "https://github.com/yuezk/GlobalProtect-openconnect";
+    inherit platforms;
+  };
+}