From f123c93d838cfea84df4e90346f3b0b10eafa2fa Mon Sep 17 00:00:00 2001 From: m1dugh Date: Wed, 23 Oct 2024 21:47:00 +0200 Subject: [PATCH] globalprotect-openconnect_2: init at 2.3.7 --- .../gl/globalprotect-openconnect_2/gui.nix | 86 +++++++++++++++ .../globalprotect-openconnect_2/package.nix | 102 ++++++++++++++++++ 2 files changed, 188 insertions(+) create mode 100644 pkgs/by-name/gl/globalprotect-openconnect_2/gui.nix create mode 100644 pkgs/by-name/gl/globalprotect-openconnect_2/package.nix diff --git a/pkgs/by-name/gl/globalprotect-openconnect_2/gui.nix b/pkgs/by-name/gl/globalprotect-openconnect_2/gui.nix new file mode 100644 index 00000000000000..c7b5214f808ac5 --- /dev/null +++ b/pkgs/by-name/gl/globalprotect-openconnect_2/gui.nix @@ -0,0 +1,86 @@ +{ + fetchurl, + stdenv, + zstd, + webkitgtk_4_0, + libappindicator, + gtk3, + cairo, + gdk-pixbuf, + libsoup, + glib, + autoPatchelfHook, + makeDesktopItem, +}: +let + desktop = makeDesktopItem { + name = "GlobalProtect Openconnect VPN Client"; + desktopName = "GlobalProtect Openconnect VPN Client"; + comment = "A GUI for GlobalProtect VPN"; + genericName = "GlobalProtect VPN Client"; + exec = "gpclient launch-gui %u"; + icon = "gpgui"; + categories = [ + "Network" + "Dialup" + ]; + mimeTypes = [ "x-scheme-handler/globalprotectcallback" ]; + }; + + version = "2.3.7"; + remoteHashes = { + "x86_64-linux" = { + sha256 = "sha256-o1jTVfIzKk19uJH+NKFUL+Vjdlo/yZ7c44vCnv+FEfc="; + arch-name = "x86_64"; + }; + "aarch64-linux" = { + sha256 = "sha256-DibtaY8/h11/V78a/A46Nnku8TqMLcZ0OPr0mzV4xkc="; + arch-name = "aarch64"; + }; + }; + + remotes = builtins.mapAttrs ( + _: + { sha256, arch-name }: + fetchurl { + inherit sha256; + url = "https://github.com/yuezk/GlobalProtect-openconnect/releases/download/v${version}/globalprotect-openconnect-${version}-1-${arch-name}.pkg.tar.zst"; + } + ) remoteHashes; + +in +stdenv.mkDerivation { + name = "gpgui"; + inherit version; + src = remotes.${stdenv.hostPlatform.system}; + nativeBuildInputs = [ + zstd + webkitgtk_4_0 + autoPatchelfHook + libappindicator + gtk3 + cairo + gdk-pixbuf + libsoup + glib + ]; + postUnpack = '' + tar xf $src + ''; + + postPatch = '' + sed -i 's/\/usr\/bin\/gpservice/gpservice/' ./share/polkit-1/actions/com.yuezk.gpgui.policy + ''; + + postInstall = '' + mkdir -p $out/bin/ + install -m 0755 ./bin/gpgui $out/bin/ + patchelf \ + --add-needed libappindicator3.so.1 \ + $out/bin/gpgui + mkdir -p $out/share/ + ln -s ${desktop}/share/applications/ $out/share/applications + cp -r share/icons/ $out/share/ + cp -r share/polkit-1/ $out/share/ + ''; +} diff --git a/pkgs/by-name/gl/globalprotect-openconnect_2/package.nix b/pkgs/by-name/gl/globalprotect-openconnect_2/package.nix new file mode 100644 index 00000000000000..b5e49510302dcd --- /dev/null +++ b/pkgs/by-name/gl/globalprotect-openconnect_2/package.nix @@ -0,0 +1,102 @@ +{ + perl, + jq, + fetchFromGitHub, + lib, + openconnect, + libsoup, + webkitgtk_4_0, + pkg-config, + vpnc-scripts, + callPackage, + rustPlatform, + glib, + atk, + gdk-pixbuf, + pango, + cairo, + harfbuzz, + gtk3, + zlib, +}: +let + version = "2.3.7"; + pname = "globalprotect-openconnect"; + gpgui = callPackage ./gui.nix { }; + +in +rustPlatform.buildRustPackage { + inherit version pname; + + src = fetchFromGitHub { + owner = "yuezk"; + repo = "GlobalProtect-openconnect"; + rev = "v${version}"; + hash = "sha256-Zr888II65bUjrbStZfD0AYCXKY6VdKVJHQhbKwaY3is="; + }; + + nativeBuildInputs = [ + perl + jq + openconnect + libsoup + webkitgtk_4_0 + pkg-config + ]; + + PKG_CONFIG_PATH = lib.strings.concatMapStringsSep ":" (pkg: "${pkg}/lib/pkgconfig/") [ + glib.dev + libsoup.dev + webkitgtk_4_0.dev + atk.dev + gdk-pixbuf.dev + pango.dev + cairo.dev + harfbuzz.dev + gtk3.dev + openconnect + zlib + ]; + + NIX_CFLAGS_COMPILE = (map (pkg: "-I${pkg}/include") [ openconnect.dev ]); + + NIX_CFLAGS_LINK = ( + map (pkg: "-L${lib.getLib pkg}/lib") [ + openconnect + zlib + ] + ); + + cargoHash = "sha256-cdhhBUQASrnfjeJxkwx39vr/KHeQlBh0wMvw+Q7EK98="; + + postPatch = '' + substituteInPlace crates/common/src/vpn_utils.rs \ + --replace-fail /etc/vpnc/vpnc-script ${lib.getExe vpnc-scripts} \ + --replace-fail /usr/libexec/openconnect/hipreport.sh ${openconnect}/libexec/openconnect/hipreport.sh + + substituteInPlace crates/gpapi/src/lib.rs \ + --replace-fail /usr/bin/gpclient $out/bin/gpclient \ + --replace-fail /usr/bin/gpservice $out/bin/gpservice \ + --replace-fail /usr/bin/gpgui-helper $out/bin/gpgui-helper \ + --replace-fail /usr/bin/gpgui ${gpgui}/bin/gpgui \ + --replace-fail /usr/bin/gpauth $out/bin/gpauth + ''; + + postInstall = '' + mkdir -p $out/ + ln -s ${gpgui}/bin/gpgui $out/bin/ + ln -s ${gpgui}/share/ $out/share + ''; + + meta = { + mainProgram = "gpclient"; + description = "A GlobalProtect VPN client for Linux, written in Rust, based on OpenConnect and Tauri, supports SSO with MFA, Yubikey, and client certificate authentication, etc."; + licences = lib.licences.gpl3; + homepage = "https://github.com/yuezk/GlobalProtect-openconnect"; + maintainers = [ lib.maintainers.m1dugh ]; + platforms = [ + "aarch64-linux" + "x86_64-linux" + ]; + }; +}