From becacf259dc5689e38582489704ddf8063cec8b2 Mon Sep 17 00:00:00 2001 From: 06kellyjac Date: Wed, 7 Sep 2022 17:10:10 +0100 Subject: [PATCH] teleport: 9.1.2 -> 10.3.1 Dropped the roletester since it doesn't exist anymore Co-authored-by: Anders Kaseorg Signed-off-by: Anders Kaseorg --- .../from_md/release-notes/rl-2211.section.xml | 10 +++ .../manual/release-notes/rl-2211.section.md | 2 + pkgs/servers/teleport/default.nix | 66 +++++++------------ pkgs/servers/teleport/rdpclient.patch | 23 ++++--- 4 files changed, 49 insertions(+), 52 deletions(-) diff --git a/nixos/doc/manual/from_md/release-notes/rl-2211.section.xml b/nixos/doc/manual/from_md/release-notes/rl-2211.section.xml index 8494b62e6ff0..284bf42cc8ad 100644 --- a/nixos/doc/manual/from_md/release-notes/rl-2211.section.xml +++ b/nixos/doc/manual/from_md/release-notes/rl-2211.section.xml @@ -528,6 +528,16 @@ services.datadog-agent module. + + + teleport has been upgraded to major version + 10. Please see upstream + upgrade + instructions and + release + notes. + + lemmy module option diff --git a/nixos/doc/manual/release-notes/rl-2211.section.md b/nixos/doc/manual/release-notes/rl-2211.section.md index a5ba4841f549..8bfd9e224b36 100644 --- a/nixos/doc/manual/release-notes/rl-2211.section.md +++ b/nixos/doc/manual/release-notes/rl-2211.section.md @@ -179,6 +179,8 @@ Available as [services.patroni](options.html#opt-services.patroni.enable). - dd-agent package removed along with the `services.dd-agent` module, due to the project being deprecated in favor of `datadog-agent`, which is available via the `services.datadog-agent` module. +- `teleport` has been upgraded to major version 10. Please see upstream [upgrade instructions](https://goteleport.com/docs/ver/10.0/management/operations/upgrading/) and [release notes](https://goteleport.com/docs/ver/10.0/changelog/#1000). + - lemmy module option `services.lemmy.settings.database.createLocally` moved to `services.lemmy.database.createLocally`. diff --git a/pkgs/servers/teleport/default.nix b/pkgs/servers/teleport/default.nix index a7a9b5c8fe51..243bf451236e 100644 --- a/pkgs/servers/teleport/default.nix +++ b/pkgs/servers/teleport/default.nix @@ -14,7 +14,6 @@ , nixosTests , withRdpClient ? true -, withRoleTester ? true }: let # This repo has a private submodule "e" which fetchgit cannot handle without failing. @@ -22,13 +21,13 @@ let owner = "gravitational"; repo = "teleport"; rev = "v${version}"; - sha256 = "sha256-KQfdeMuZ9LJHhEJLMl58Yb0+gxgDT7VcVnK1JxjVZaI="; + hash = "sha256-F5v3/eKPLhSxW7FImTbE+QMtfn8w5WVTrxMWhgNr3YA="; }; - version = "9.1.2"; + version = "10.3.1"; rdpClient = rustPlatform.buildRustPackage rec { - name = "teleport-rdpclient"; - cargoSha256 = "sha256-Jz7bB/f4HRxBhSevmfELSrIm+IXUVlADIgp2qWQd5PY="; + pname = "teleport-rdpclient"; + cargoHash = "sha256-Xmabjoq1NXxXemeR06Gg8R/HwdSE+rsxxX645pQ3SuI="; inherit version src; buildAndTestSubdir = "lib/srv/desktop/rdp/rdpclient"; @@ -44,42 +43,28 @@ let OPENSSL_NO_VENDOR = "1"; postInstall = '' - cp -r target $out - ''; - }; - - roleTester = rustPlatform.buildRustPackage { - name = "teleport-roletester"; - inherit version src; - - cargoSha256 = "sha256-gCm4ETbXy6tGJQVSzUkoAWUmKD3poYgkw133LtziASI="; - buildAndTestSubdir = "lib/datalog/roletester"; - - PROTOC = "${protobuf}/bin/protoc"; - PROTOC_INCLUDE = "${protobuf}/include"; - - postInstall = '' - cp -r target $out + mkdir -p $out/include + cp ${buildAndTestSubdir}/librdprs.h $out/include/ ''; }; webassets = fetchFromGitHub { owner = "gravitational"; repo = "webassets"; - rev = "67e608db77300d8a6cb17709be67f12c1d3271c3"; - sha256 = "sha256-o4qjXGaNi5XDSUQrUuU+G77EdRnvJ1WUPWrryZU1CUE="; + # Submodule rev from https://github.com/gravitational/teleport/tree/v10.3.1 + rev = "6710dcd0dc19ad101bac3259c463ef940f2ab1f3"; + hash = "sha256-A13FSpgJODmhugAwy4kqiDw4Rihr//DhQX/bjwaeo2A="; }; in buildGoModule rec { pname = "teleport"; inherit src version; - vendorSha256 = "sha256-UMgWM7KHag99JR4i4mwVHa6yd9aHQ6Dy+pmUijNL4Ew="; + vendorHash = "sha256-2Zrd3CbZvxns9lNVtwaaor1mi97IhPc+MRJhj3rU760="; subPackages = [ "tool/tbot" "tool/tctl" "tool/teleport" "tool/tsh" ]; tags = [ "webassets_embed" ] - ++ lib.optional withRdpClient "desktop_access_rdp" - ++ lib.optional withRoleTester "roletester"; + ++ lib.optional withRdpClient "desktop_access_rdp"; buildInputs = [ openssl ] ++ lib.optionals (stdenv.isDarwin && withRdpClient) [ CoreFoundation Security ]; @@ -97,31 +82,26 @@ buildGoModule rec { # Reduce closure size for client machines outputs = [ "out" "client" ]; - preBuild = - let rustDeps = symlinkJoin { - name = "teleport-rust-deps"; - paths = lib.optional withRdpClient rdpClient - ++ lib.optional withRoleTester roleTester; - }; - in - '' - mkdir -p build - echo "making webassets" - cp -r ${webassets}/* webassets/ - make lib/web/build/webassets - - cp -r ${rustDeps}/. . - ''; + preBuild = '' + mkdir -p build + echo "making webassets" + cp -r ${webassets}/* webassets/ + make -j$NIX_BUILD_CORES lib/web/build/webassets + '' + lib.optionalString withRdpClient '' + ln -s ${rdpClient}/lib/* lib/ + ln -s ${rdpClient}/include/* lib/srv/desktop/rdp/rdpclient/ + ''; # Multiple tests fail in the build sandbox # due to trying to spawn nixbld's shell (/noshell), etc. doCheck = false; postInstall = '' - install -Dm755 -t $client/bin $out/bin/tsh + mkdir -p $client/bin + mv {$out,$client}/bin/tsh # make xdg-open overrideable at runtime wrapProgram $client/bin/tsh --suffix PATH : ${lib.makeBinPath [ xdg-utils ]} - wrapProgram $out/bin/tsh --suffix PATH : ${lib.makeBinPath [ xdg-utils ]} + ln -s {$client,$out}/bin/tsh ''; doInstallCheck = true; diff --git a/pkgs/servers/teleport/rdpclient.patch b/pkgs/servers/teleport/rdpclient.patch index 141d85ce42c6..4f35cd184ab5 100644 --- a/pkgs/servers/teleport/rdpclient.patch +++ b/pkgs/servers/teleport/rdpclient.patch @@ -1,17 +1,22 @@ diff --git a/lib/srv/desktop/rdp/rdpclient/client.go b/lib/srv/desktop/rdp/rdpclient/client.go -index d191c768f..71117a30d 100644 +index 4357d7aa1..7e21a0076 100644 --- a/lib/srv/desktop/rdp/rdpclient/client.go +++ b/lib/srv/desktop/rdp/rdpclient/client.go -@@ -56,10 +56,10 @@ package rdpclient - #cgo linux,amd64 LDFLAGS: -L${SRCDIR}/../../../../../target/x86_64-unknown-linux-gnu/release - #cgo linux,arm LDFLAGS: -L${SRCDIR}/../../../../../target/arm-unknown-linux-gnueabihf/release - #cgo linux,arm64 LDFLAGS: -L${SRCDIR}/../../../../../target/aarch64-unknown-linux-gnu/release +@@ -52,14 +52,9 @@ package rdpclient + + /* + // Flags to include the static Rust library. +-#cgo linux,386 LDFLAGS: -L${SRCDIR}/../../../../../target/i686-unknown-linux-gnu/release +-#cgo linux,amd64 LDFLAGS: -L${SRCDIR}/../../../../../target/x86_64-unknown-linux-gnu/release +-#cgo linux,arm LDFLAGS: -L${SRCDIR}/../../../../../target/arm-unknown-linux-gnueabihf/release +-#cgo linux,arm64 LDFLAGS: -L${SRCDIR}/../../../../../target/aarch64-unknown-linux-gnu/release -#cgo linux LDFLAGS: -l:librdp_client.a -lpthread -ldl -lm -+#cgo linux LDFLAGS: -l:librdp_client.a -lpthread -ldl -lm -lssl -lcrypto - #cgo darwin,amd64 LDFLAGS: -L${SRCDIR}/../../../../../target/x86_64-apple-darwin/release - #cgo darwin,arm64 LDFLAGS: -L${SRCDIR}/../../../../../target/aarch64-apple-darwin/release +-#cgo darwin,amd64 LDFLAGS: -L${SRCDIR}/../../../../../target/x86_64-apple-darwin/release +-#cgo darwin,arm64 LDFLAGS: -L${SRCDIR}/../../../../../target/aarch64-apple-darwin/release -#cgo darwin LDFLAGS: -framework CoreFoundation -framework Security -lrdp_client -lpthread -ldl -lm -+#cgo darwin LDFLAGS: -framework CoreFoundation -framework Security -lrdp_client -lpthread -ldl -lm -lssl -lcrypto ++#cgo LDFLAGS: -L${SRCDIR}/../../../../../lib -lpthread -ldl -lm -lssl -lcrypto ++#cgo linux LDFLAGS: -l:librdp_client.a ++#cgo darwin LDFLAGS: -framework CoreFoundation -framework Security -lrdp_client #include */ import "C"