Loading pkgs/tools/security/vaultwarden/update.nix +9 −2 Original line number Diff line number Diff line { writeShellScript , lib , nix , nix-prefetch-git , nix-update , curl , git Loading @@ -9,7 +11,7 @@ }: writeShellScript "update-vaultwarden" '' PATH=${lib.makeBinPath [ curl git gnugrep gnused jq nix-update ]} PATH=${lib.makeBinPath [ curl git gnugrep gnused jq nix nix-prefetch-git nix-update ]} set -euxo pipefail Loading @@ -17,6 +19,11 @@ writeShellScript "update-vaultwarden" '' nix-update "vaultwarden" --version "$VAULTWARDEN_VERSION" URL="https://raw.githubusercontent.com/dani-garcia/vaultwarden/''${VAULTWARDEN_VERSION}/docker/Dockerfile.j2" WEBVAULT_VERSION=$(curl --silent "$URL" | grep "set vault_version" | sed -E "s/.*\"([^\"]+)\".*/\\1/") WEBVAULT_VERSION=$(curl --silent "$URL" | grep "set vault_version" | sed -E "s/.*\"v([^\"]+)\".*/\\1/") old_hash_bw=$(nix --extra-experimental-features nix-command eval -f default.nix --raw vaultwarden.webvault.src.outputHash) old_hash_vw=$(nix --extra-experimental-features nix-command eval -f default.nix --raw vaultwarden.webvault.bw_web_builds.outputHash) new_hash_bw=$(nix --extra-experimental-features nix-command hash to-sri --type sha256 $(nix-prefetch-git https://github.com/bitwarden/clients.git --rev "web-v$WEBVAULT_VERSION" | jq --raw-output ".sha256")) new_hash_vw=$(nix --extra-experimental-features nix-command hash to-sri --type sha256 $(nix-prefetch-git https://github.com/dani-garcia/bw_web_builds.git --rev "v$WEBVAULT_VERSION" | jq --raw-output ".sha256")) sed -e "s#$old_hash_bw#$new_hash_bw#" -e "s#$old_hash_vw#$new_hash_vw#" -i pkgs/tools/security/vaultwarden/webvault.nix nix-update "vaultwarden.webvault" --version "$WEBVAULT_VERSION" '' pkgs/tools/security/vaultwarden/webvault.nix +58 −13 Original line number Diff line number Diff line { lib, stdenv, fetchurl, nixosTests }: { lib , buildNpmPackage , fetchFromGitHub , git , nixosTests , nodejs-16_x , python3 }: let buildNpmPackage' = buildNpmPackage.override { nodejs = nodejs-16_x; }; stdenv.mkDerivation rec { pname = "vaultwarden-webvault"; version = "2022.12.0"; src = fetchurl { url = "https://github.com/dani-garcia/bw_web_builds/releases/download/v${version}/bw_web_v${version}.tar.gz"; hash = "sha256-QC3/aqIF2NdJPHmwUbvJR62wsUGBrgsHJCyqBJ/0gMc="; bw_web_builds = fetchFromGitHub { owner = "dani-garcia"; repo = "bw_web_builds"; rev = "v${version}"; hash = "sha256-4yUE0ySUCKmmbca+T8qjqSO0AHZEUAHZ4nheRjpDnZo="; }; in buildNpmPackage' { pname = "vaultwarden-webvault"; inherit version; src = fetchFromGitHub { owner = "bitwarden"; repo = "clients"; rev = "web-v${version}"; hash = "sha256-CsbnnP12P7JuGDOm5Ia73SzET/jCx3qRbz9vdUf7lCA="; }; npmDepsHash = "sha256-wWOtVGNOzY2s82nfQDuWgA4ukpJxJr8Z7Y+rFPq2QdU="; postPatch = '' ln -s ${bw_web_builds}/{patches,resources} .. PATH="${git}/bin:$PATH" VAULT_VERSION=${bw_web_builds.rev} \ bash ${bw_web_builds}/scripts/apply_patches.sh ''; nativeBuildInputs = [ python3 ]; makeCacheWritable = true; ELECTRON_SKIP_BINARY_DOWNLOAD = "1"; buildCommand = '' mkdir -p $out/share/vaultwarden/ cd $out/share/vaultwarden/ tar xf $src mv web-vault vault npmBuildScript = "dist:oss:selfhost"; npmBuildFlags = [ "--workspace" "apps/web" ]; installPhase = '' runHook preInstall mkdir -p $out/share/vaultwarden mv apps/web/build $out/share/vaultwarden/vault runHook postInstall ''; passthru.tests = nixosTests.vaultwarden; passthru = { inherit bw_web_builds; tests = nixosTests.vaultwarden; }; meta = with lib; { description = "Integrates the web vault into vaultwarden"; homepage = "https://github.com/dani-garcia/bw_web_builds"; platforms = platforms.all; license = licenses.gpl3Plus; maintainers = with maintainers; [ msteen mic92 ]; maintainers = with maintainers; [ dotlambda msteen mic92 ]; }; } Loading
pkgs/tools/security/vaultwarden/update.nix +9 −2 Original line number Diff line number Diff line { writeShellScript , lib , nix , nix-prefetch-git , nix-update , curl , git Loading @@ -9,7 +11,7 @@ }: writeShellScript "update-vaultwarden" '' PATH=${lib.makeBinPath [ curl git gnugrep gnused jq nix-update ]} PATH=${lib.makeBinPath [ curl git gnugrep gnused jq nix nix-prefetch-git nix-update ]} set -euxo pipefail Loading @@ -17,6 +19,11 @@ writeShellScript "update-vaultwarden" '' nix-update "vaultwarden" --version "$VAULTWARDEN_VERSION" URL="https://raw.githubusercontent.com/dani-garcia/vaultwarden/''${VAULTWARDEN_VERSION}/docker/Dockerfile.j2" WEBVAULT_VERSION=$(curl --silent "$URL" | grep "set vault_version" | sed -E "s/.*\"([^\"]+)\".*/\\1/") WEBVAULT_VERSION=$(curl --silent "$URL" | grep "set vault_version" | sed -E "s/.*\"v([^\"]+)\".*/\\1/") old_hash_bw=$(nix --extra-experimental-features nix-command eval -f default.nix --raw vaultwarden.webvault.src.outputHash) old_hash_vw=$(nix --extra-experimental-features nix-command eval -f default.nix --raw vaultwarden.webvault.bw_web_builds.outputHash) new_hash_bw=$(nix --extra-experimental-features nix-command hash to-sri --type sha256 $(nix-prefetch-git https://github.com/bitwarden/clients.git --rev "web-v$WEBVAULT_VERSION" | jq --raw-output ".sha256")) new_hash_vw=$(nix --extra-experimental-features nix-command hash to-sri --type sha256 $(nix-prefetch-git https://github.com/dani-garcia/bw_web_builds.git --rev "v$WEBVAULT_VERSION" | jq --raw-output ".sha256")) sed -e "s#$old_hash_bw#$new_hash_bw#" -e "s#$old_hash_vw#$new_hash_vw#" -i pkgs/tools/security/vaultwarden/webvault.nix nix-update "vaultwarden.webvault" --version "$WEBVAULT_VERSION" ''
pkgs/tools/security/vaultwarden/webvault.nix +58 −13 Original line number Diff line number Diff line { lib, stdenv, fetchurl, nixosTests }: { lib , buildNpmPackage , fetchFromGitHub , git , nixosTests , nodejs-16_x , python3 }: let buildNpmPackage' = buildNpmPackage.override { nodejs = nodejs-16_x; }; stdenv.mkDerivation rec { pname = "vaultwarden-webvault"; version = "2022.12.0"; src = fetchurl { url = "https://github.com/dani-garcia/bw_web_builds/releases/download/v${version}/bw_web_v${version}.tar.gz"; hash = "sha256-QC3/aqIF2NdJPHmwUbvJR62wsUGBrgsHJCyqBJ/0gMc="; bw_web_builds = fetchFromGitHub { owner = "dani-garcia"; repo = "bw_web_builds"; rev = "v${version}"; hash = "sha256-4yUE0ySUCKmmbca+T8qjqSO0AHZEUAHZ4nheRjpDnZo="; }; in buildNpmPackage' { pname = "vaultwarden-webvault"; inherit version; src = fetchFromGitHub { owner = "bitwarden"; repo = "clients"; rev = "web-v${version}"; hash = "sha256-CsbnnP12P7JuGDOm5Ia73SzET/jCx3qRbz9vdUf7lCA="; }; npmDepsHash = "sha256-wWOtVGNOzY2s82nfQDuWgA4ukpJxJr8Z7Y+rFPq2QdU="; postPatch = '' ln -s ${bw_web_builds}/{patches,resources} .. PATH="${git}/bin:$PATH" VAULT_VERSION=${bw_web_builds.rev} \ bash ${bw_web_builds}/scripts/apply_patches.sh ''; nativeBuildInputs = [ python3 ]; makeCacheWritable = true; ELECTRON_SKIP_BINARY_DOWNLOAD = "1"; buildCommand = '' mkdir -p $out/share/vaultwarden/ cd $out/share/vaultwarden/ tar xf $src mv web-vault vault npmBuildScript = "dist:oss:selfhost"; npmBuildFlags = [ "--workspace" "apps/web" ]; installPhase = '' runHook preInstall mkdir -p $out/share/vaultwarden mv apps/web/build $out/share/vaultwarden/vault runHook postInstall ''; passthru.tests = nixosTests.vaultwarden; passthru = { inherit bw_web_builds; tests = nixosTests.vaultwarden; }; meta = with lib; { description = "Integrates the web vault into vaultwarden"; homepage = "https://github.com/dani-garcia/bw_web_builds"; platforms = platforms.all; license = licenses.gpl3Plus; maintainers = with maintainers; [ msteen mic92 ]; maintainers = with maintainers; [ dotlambda msteen mic92 ]; }; }
