Merge pull request #111151 from 06kellyjac/boundary
boundary: init at 0.1.4
This commit is contained in:
commit
3402175d3f
3 changed files with 93 additions and 0 deletions
52
pkgs/tools/networking/boundary/default.nix
Normal file
52
pkgs/tools/networking/boundary/default.nix
Normal file
|
@ -0,0 +1,52 @@
|
|||
{ stdenv, lib, fetchzip }:
|
||||
|
||||
let
|
||||
inherit (stdenv.hostPlatform) system;
|
||||
suffix = {
|
||||
x86_64-linux = "linux_amd64";
|
||||
aarch64-linux = "linux_arm64";
|
||||
x86_64-darwin = "darwin_amd64";
|
||||
}."${system}" or (throw "Unsupported system: ${system}");
|
||||
fetchsrc = version: sha256: fetchzip {
|
||||
url = "https://releases.hashicorp.com/boundary/${version}/boundary_${version}_${suffix}.zip";
|
||||
sha256 = sha256."${system}";
|
||||
};
|
||||
in
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "boundary";
|
||||
version = "0.1.4";
|
||||
|
||||
src = fetchsrc version {
|
||||
x86_64-linux = "sha256-+YGXSyaGhfNk+T5P7wCqsNEYwpV/Oet7kOM8OPC1A6I=";
|
||||
aarch64-linux = "sha256-tikxRBF2Y+urv7S1EUu2d60twZWox1pI96yYX357r8o=";
|
||||
x86_64-darwin = "sha256-N+6iiybnWZkruhUe9TRcGaq5xES/iHzlEVGcghT4EUc=";
|
||||
};
|
||||
|
||||
dontConfigure = true;
|
||||
dontBuild = true;
|
||||
|
||||
installPhase = ''
|
||||
install -D boundary $out/bin/boundary
|
||||
'';
|
||||
|
||||
dontPatchELF = true;
|
||||
dontPatchShebangs = true;
|
||||
|
||||
meta = with lib; {
|
||||
homepage = "https://boundaryproject.io/";
|
||||
changelog = "https://github.com/hashicorp/boundary/blob/v${version}/CHANGELOG.md";
|
||||
description = "Enables identity-based access management for dynamic infrastructure";
|
||||
longDescription = ''
|
||||
Boundary provides a secure way to access hosts and critical systems
|
||||
without having to manage credentials or expose your network, and is
|
||||
entirely open source.
|
||||
|
||||
Boundary is designed to be straightforward to understand, highly scalable,
|
||||
and resilient. It can run in clouds, on-prem, secure enclaves and more,
|
||||
and does not require an agent to be installed on every end host.
|
||||
'';
|
||||
license = licenses.mpl20;
|
||||
maintainers = with maintainers; [ jk ];
|
||||
platforms = [ "x86_64-linux" "aarch64-linux" "x86_64-darwin" ];
|
||||
};
|
||||
}
|
39
pkgs/tools/networking/boundary/update.sh
Executable file
39
pkgs/tools/networking/boundary/update.sh
Executable file
|
@ -0,0 +1,39 @@
|
|||
#!/usr/bin/env nix-shell
|
||||
#!nix-shell -i bash -p curl gnused gawk nix-prefetch
|
||||
|
||||
set -euo pipefail
|
||||
|
||||
ROOT="$(dirname "$(readlink -f "$0")")"
|
||||
NIX_DRV="$ROOT/default.nix"
|
||||
if [ ! -f "$NIX_DRV" ]; then
|
||||
echo "ERROR: cannot find default.nix in $ROOT"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
fetch_arch() {
|
||||
VER="$1"; ARCH="$2"
|
||||
URL="https://releases.hashicorp.com/boundary/${VER}/boundary_${VER}_${ARCH}.zip"
|
||||
nix-prefetch "{ stdenv, fetchzip }:
|
||||
stdenv.mkDerivation rec {
|
||||
pname = \"boundary\"; version = \"${VER}\";
|
||||
src = fetchzip { url = \"$URL\"; };
|
||||
}
|
||||
"
|
||||
}
|
||||
|
||||
replace_sha() {
|
||||
sed -i "s#$1 = \"sha256-.\{44\}\"#$1 = \"$2\"#" "$NIX_DRV"
|
||||
}
|
||||
|
||||
# https://releases.hashicorp.com/boundary/0.1.4/boundary_0.1.4_linux_amd64.zip
|
||||
BOUNDARY_VER=$(curl -Ls -w "%{url_effective}" -o /dev/null https://github.com/hashicorp/boundary/releases/latest | awk -F'/' '{print $NF}' | sed 's/v//')
|
||||
|
||||
BOUNDARY_LINUX_X64_SHA256=$(fetch_arch "$BOUNDARY_VER" "linux_amd64")
|
||||
BOUNDARY_DARWIN_X64_SHA256=$(fetch_arch "$BOUNDARY_VER" "darwin_amd64")
|
||||
BOUNDARY_LINUX_AARCH64_SHA256=$(fetch_arch "$BOUNDARY_VER" "linux_arm64")
|
||||
|
||||
sed -i "s/version = \".*\"/version = \"$BOUNDARY_VER\"/" "$NIX_DRV"
|
||||
|
||||
replace_sha "x86_64-linux" "$BOUNDARY_LINUX_X64_SHA256"
|
||||
replace_sha "x86_64-darwin" "$BOUNDARY_DARWIN_X64_SHA256"
|
||||
replace_sha "aarch64-linux" "$BOUNDARY_LINUX_AARCH64_SHA256"
|
|
@ -1033,6 +1033,8 @@ in
|
|||
|
||||
boxes = callPackage ../tools/text/boxes { };
|
||||
|
||||
boundary = callPackage ../tools/networking/boundary { };
|
||||
|
||||
chamber = callPackage ../tools/admin/chamber { };
|
||||
|
||||
charm = callPackage ../applications/misc/charm { };
|
||||
|
|
Loading…
Reference in a new issue