uboot: (firmwareOdroidC2/C4) don't invoke patch tool, use patches = [] instead

https://github.com/NixOS/nixpkgs/blob/master/pkgs/stdenv/generic/setup.sh#L948 this can do it nicely. Signed-off-by: Anton Arapov <anton@deadbeef.mx>
2021-04-03 12:58:10 +02:00 · 2021-04-03 12:58:10 +02:00 · 56de2bcd43
commit 56de2bcd43
30691 changed files with 3076956 additions and 0 deletions
--- a/pkgs/tools/networking/opensnitch/daemon.nix
+++ b/pkgs/tools/networking/opensnitch/daemon.nix
@ -0,0 +1,75 @@
+{ buildGoModule
+, fetchFromGitHub
+, fetchpatch
+, protobuf
+, go-protobuf
+, pkg-config
+, libnetfilter_queue
+, libnfnetlink
+, lib
+, coreutils
+, iptables
+, makeWrapper
+, protoc-gen-go-grpc
+}:
+
+buildGoModule rec {
+  pname = "opensnitch";
+  version = "1.5.1";
+
+  src = fetchFromGitHub {
+    owner = "evilsocket";
+    repo = "opensnitch";
+    rev = "v${version}";
+    sha256 = "sha256-8IfupmQb1romGEvv/xqFkYhp0gGoY4ZEllX6rZYIkqw=";
+  };
+
+  patches = [
+    # https://github.com/evilsocket/opensnitch/pull/384 don't require
+    # a configuration file in /etc
+    (fetchpatch {
+      name = "dont-require-config-in-etc.patch";
+      url = "https://github.com/evilsocket/opensnitch/commit/8a3f63f36aa92658217bbbf46d39e6d20b2c0791.patch";
+      sha256 = "sha256-WkwjKTQZppR0nqvRO4xiQoKZ307NvuUwoRx+boIpuTg=";
+    })
+  ];
+
+  modRoot = "daemon";
+
+  buildInputs = [ libnetfilter_queue libnfnetlink ];
+
+  nativeBuildInputs = [ pkg-config protobuf go-protobuf makeWrapper protoc-gen-go-grpc ];
+
+  vendorSha256 = "sha256-81BKMLuEXA/NeIjO7icBm48ROq6KxAxHtvP0nV5yM5A=";
+
+  preBuild = ''
+    make -C ../proto ../daemon/ui/protocol/ui.pb.go
+  '';
+
+  postBuild = ''
+    mv $GOPATH/bin/daemon $GOPATH/bin/opensnitchd
+    mkdir -p $out/etc/opensnitchd $out/lib/systemd/system
+    cp system-fw.json $out/etc/opensnitchd/
+    substitute default-config.json $out/etc/default-config.json \
+      --replace "/var/log/opensnitchd.log" "/dev/stdout" \
+      --replace "iptables" "nftables" \
+      --replace "ebpf" "proc"
+    substitute opensnitchd.service $out/lib/systemd/system/opensnitchd.service \
+      --replace "/usr/local/bin/opensnitchd" "$out/bin/opensnitchd" \
+      --replace "/etc/opensnitchd/rules" "/var/lib/opensnitch/rules" \
+      --replace "/bin/mkdir" "${coreutils}/bin/mkdir"
+  '';
+
+  postInstall = ''
+    wrapProgram $out/bin/opensnitchd \
+      --prefix PATH : ${lib.makeBinPath [ iptables ]}
+  '';
+
+  meta = with lib; {
+    description = "An application firewall";
+    homepage = "https://github.com/evilsocket/opensnitch/wiki";
+    license = licenses.gpl3Only;
+    maintainers = [ maintainers.raboof ];
+    platforms = platforms.linux;
+  };
+}
--- a/pkgs/tools/networking/opensnitch/ui.nix
+++ b/pkgs/tools/networking/opensnitch/ui.nix
@ -0,0 +1,70 @@
+{ python3Packages
+, fetchFromGitHub
+, wrapQtAppsHook
+, lib
+}:
+
+python3Packages.buildPythonApplication rec {
+  pname = "opensnitch-ui";
+  version = "1.5.1";
+
+  src = fetchFromGitHub {
+    owner = "evilsocket";
+    repo = "opensnitch";
+    rev = "refs/tags/v${version}";
+    sha256 = "sha256-8IfupmQb1romGEvv/xqFkYhp0gGoY4ZEllX6rZYIkqw=";
+  };
+
+  postPatch = ''
+    substituteInPlace ui/opensnitch/utils.py \
+      --replace /usr/lib/python3/dist-packages/data ${python3Packages.pyasn}/${python3Packages.python.sitePackages}/pyasn/data
+  '';
+
+  nativeBuildInputs = [
+    python3Packages.pyqt5
+    wrapQtAppsHook
+  ];
+
+  propagatedBuildInputs = with python3Packages; [
+    grpcio-tools
+    pyqt5
+    unidecode
+    unicode-slugify
+    pyinotify
+    notify2
+    pyasn
+  ];
+
+  preBuild = ''
+    make -C ../proto ../ui/opensnitch/ui_pb2.py
+    # sourced from ui/Makefile
+    pyrcc5 -o opensnitch/resources_rc.py opensnitch/res/resources.qrc
+    sed -i 's/^import ui_pb2/from . import ui_pb2/' opensnitch/ui_pb2*
+  '';
+
+  preConfigure = ''
+    cd ui
+  '';
+
+  preCheck = ''
+    export PYTHONPATH=opensnitch:$PYTHONPATH
+  '';
+
+  postInstall = ''
+    mv $out/${python3Packages.python.sitePackages}/usr/* $out/
+  '';
+
+  dontWrapQtApps = true;
+  makeWrapperArgs = [ "\${qtWrapperArgs[@]}" ];
+
+  # All tests are sandbox-incompatible and disabled for now
+  doCheck = false;
+
+  meta = with lib; {
+    description = "An application firewall";
+    homepage = "https://github.com/evilsocket/opensnitch/wiki";
+    license = licenses.gpl3Only;
+    maintainers = [ maintainers.raboof ];
+    platforms = platforms.linux;
+  };
+}