nginx-sso: use buildGoModule

2024-11-11 04:02:55 +03:00 · 2022-06-08 18:46:35 +03:00 · 2022-06-08 18:46:35 +03:00 · 05cd1b7ecc
commit 05cd1b7ecc
parent e2851dcdae
2 changed files with 25 additions and 7 deletions
--- a/pkgs/servers/nginx-sso/default.nix
+++ b/pkgs/servers/nginx-sso/default.nix
@ -1,19 +1,24 @@
-{ buildGoPackage, fetchFromGitHub, lib, nixosTests }:
+{ lib
+, buildGoModule
+, fetchFromGitHub
+, nixosTests
+}:

-buildGoPackage rec {
+buildGoModule rec {
  pname = "nginx-sso";
  version = "0.25.0";
-  rev = "v${version}";
-
-  goPackagePath = "github.com/Luzifer/nginx-sso";

  src = fetchFromGitHub {
-    inherit rev;
    owner = "Luzifer";
    repo = "nginx-sso";
-    sha256 = "0z5h92rpr1rcfk11ggsb9w4ipg93fcb9byll7vl4c0mfcqkpm2dr";
+    rev = "v${version}";
+    sha256 = "sha256-uYl6J2auAkboPpT6lRZzI70bCU9LvxfCdCyHfLNIsHw=";
  };

+  vendorSha256 = null;
+
+  patches = [ ./rune.patch ];
+
  postInstall = ''
    mkdir -p $out/share
    cp -R $src/frontend $out/share
--- a/pkgs/servers/nginx-sso/rune.patch
+++ b/pkgs/servers/nginx-sso/rune.patch
@ -0,0 +1,13 @@
+diff --git i/main.go w/main.go
+index bf80f3d..632f7d6 100644
+--- i/main.go
+++ w/main.go
+@@ -174,7 +174,7 @@ func handleAuthRequest(res http.ResponseWriter, r *http.Request) {
+ 	case plugins.ErrNoValidUserFound:
+ 		// No valid user found, check whether special anonymous "user" has access
+ 		// Username is set to 0x0 character to prevent accidental whitelist-match
+-		if mainCfg.ACL.HasAccess(string(0x0), nil, r) {
+		if mainCfg.ACL.HasAccess(string(rune(0x0)), nil, r) {
+ 			mainCfg.AuditLog.Log(auditEventValidate, r, map[string]string{"result": "anonymous access granted"}) // #nosec G104 - This is only logging
+ 			res.WriteHeader(http.StatusOK)
+ 			return