acme.sh: init at 2.7.8 #38856
acme.sh: init at 2.7.8 #38856
Conversation
pkgs/tools/admin/acme.sh/default.nix
Outdated
| installPhase = '' | ||
| mkdir -p $out $out/bin $out/lib | ||
| cp -R $src/* $_ | ||
| ln -s $out/lib/acme.sh $out/bin |
There was a problem hiding this comment.
Should be wrapped with wrapProgram to have openssl and curl in PATH: https://github.com/Neilpang/acme.sh/blob/master/acme.sh#L31
pkgs/top-level/all-packages.nix
Outdated
| @@ -414,6 +414,8 @@ with pkgs; | |||
|
|
|||
| acct = callPackage ../tools/system/acct { }; | |||
|
|
|||
| acme_sh = callPackage ../tools/admin/acme.sh { }; | |||
There was a problem hiding this comment.
acme-sh would be preferable, for the attribute, folder name and package name. See Package Naming in Nixpkgs manual:
Dashes in the package name should be preserved in new variable names, rather than converted to underscores or camel cased — e.g., http-parser instead of http_parser or httpParser. The hyphenated style is preferred in all three package names.
pkgs/tools/admin/acme.sh/default.nix
Outdated
| sha256 = "0zm64z7av63xi7yjhljab2i8q1vx4q1mpcmcm58jm6k4babalxrf"; | ||
| }; | ||
|
|
||
| phases = [ "installPhase" ]; |
pkgs/tools/admin/acme.sh/default.nix
Outdated
| installPhase = '' | ||
| mkdir -p $out $out/bin $out/lib | ||
| cp -R $src/* $_ | ||
| ln -s $out/lib/acme.sh $out/bin |
There was a problem hiding this comment.
I'm not sure if that belongs to lib: share subdirectory seems to be more appropriate. Generally, when upstream is not FHS-compliant, it is usually cleaner to just expose a symlink to executable:
installPhase = "mkdir -p $out/bin && ln -s $src/acme.sh $_";
There was a problem hiding this comment.
Did you really meant to link from $src here?
There was a problem hiding this comment.
$src is just a fixed-output derivation, so it shouldn't be garbage collected if there are references to it. In this case, repo mostly contains documentation and the shell script itself. Is there a problem with this approach?
There was a problem hiding this comment.
I'm mostly worried about clutter and increased risk of collisions when it comes to paths linked to profile.
There was a problem hiding this comment.
Only it requires to pull two derivations instead of one, but maybe that's ok.
There was a problem hiding this comment.
I didn't mean to link from src. The other files are needed and acme.sh needs to be in the same dir (it uses realpath on itself to find the helper libs). I can move it to share.
There was a problem hiding this comment.
There is also libexec that is not linked by default which also seems appropriate.
Motivation for this change
Things done
build-use-sandboxinnix.confon non-NixOS)nix-shell -p nox --run "nox-review wip"./result/bin/)