mirror of
https://github.com/NixOS/nixpkgs.git
synced 2024-11-30 19:02:57 +00:00
33afbf39f6
checkInputs used to be added to nativeBuildInputs. Now we have nativeCheckInputs to do that instead. Doing this treewide change allows to keep hashes identical to before the introduction of nativeCheckInputs.
60 lines
1.5 KiB
Nix
60 lines
1.5 KiB
Nix
{ stdenv, lib, fetchFromGitHub, pkg-config, autoreconfHook
|
|
, curl, apacheHttpd, pcre, apr, aprutil, libxml2
|
|
, luaSupport ? false, lua5, perl
|
|
}:
|
|
|
|
with lib;
|
|
|
|
let luaValue = if luaSupport then lua5 else "no";
|
|
optional = lib.optional;
|
|
in
|
|
|
|
stdenv.mkDerivation rec {
|
|
pname = "modsecurity";
|
|
version = "2.9.7";
|
|
|
|
src = fetchFromGitHub {
|
|
owner = "SpiderLabs";
|
|
repo = pname;
|
|
rev = "v${version}";
|
|
sha256 = "sha256-hJ8wYeC83dl85bkUXGZKHpHzw9QRgtusj1/+Coxsx0k=";
|
|
};
|
|
|
|
nativeBuildInputs = [ pkg-config autoreconfHook ];
|
|
buildInputs = [ curl apacheHttpd pcre apr aprutil libxml2 ] ++
|
|
optional luaSupport lua5;
|
|
|
|
configureFlags = [
|
|
"--enable-standalone-module"
|
|
"--enable-static"
|
|
"--with-curl=${curl.dev}"
|
|
"--with-apxs=${apacheHttpd.dev}/bin/apxs"
|
|
"--with-pcre=${pcre.dev}"
|
|
"--with-apr=${apr.dev}"
|
|
"--with-apu=${aprutil.dev}/bin/apu-1-config"
|
|
"--with-libxml=${libxml2.dev}"
|
|
"--with-lua=${luaValue}"
|
|
];
|
|
|
|
outputs = ["out" "nginx"];
|
|
# by default modsecurity's install script copies compiled output to httpd's modules folder
|
|
# this patch removes those lines
|
|
patches = [ ./Makefile.am.patch ];
|
|
|
|
doCheck = true;
|
|
nativeCheckInputs = [ perl ];
|
|
|
|
postInstall = ''
|
|
mkdir -p $nginx
|
|
cp -R * $nginx
|
|
'';
|
|
|
|
meta = {
|
|
description = "Open source, cross-platform web application firewall (WAF)";
|
|
license = licenses.asl20;
|
|
homepage = "https://www.modsecurity.org/";
|
|
maintainers = with maintainers; [offline];
|
|
platforms = lib.platforms.linux ++ lib.platforms.darwin;
|
|
};
|
|
}
|