| blob | 26e88f624299659a7fb883abedff94ce3b85e3f7 |
1 { lib, stdenv, fetchFromGitHub, git, makeWrapper, openssl, coreutils, util-linux, gnugrep, gnused, gawk, testers, transcrypt }:
3 stdenv.mkDerivation rec {
4 pname = "transcrypt";
5 version = "2.3.0";
7 src = fetchFromGitHub {
8 owner = "elasticdog";
9 repo = "transcrypt";
10 rev = "v${version}";
11 sha256 = "sha256-hevKqs0JKsRI2qTRzWAAuMotiBX6dGF0ZmypBco2l6g=";
12 };
14 nativeBuildInputs = [ makeWrapper ];
15 buildInputs = [ git openssl coreutils util-linux gnugrep gnused gawk ];
17 installPhase = ''
18 install -m 755 -D transcrypt $out/bin/transcrypt
19 install -m 644 -D man/transcrypt.1 $out/share/man/man1/transcrypt.1
20 install -m 644 -D contrib/bash/transcrypt $out/share/bash-completion/completions/transcrypt
21 install -m 644 -D contrib/zsh/_transcrypt $out/share/zsh/site-functions/_transcrypt
23 wrapProgram $out/bin/transcrypt \
24 --prefix PATH : "${lib.makeBinPath [ git openssl coreutils util-linux gnugrep gnused gawk ]}"
26 cat > $out/bin/transcrypt-depspathprefix << EOF
27 #!${stdenv.shell}
28 echo "${lib.makeBinPath [ git openssl coreutils gawk ]}:"
29 EOF
30 chmod +x $out/bin/transcrypt-depspathprefix
31 '';
33 passthru.tests.version = testers.testVersion {
34 package = transcrypt;
35 command = "transcrypt --version";
36 version = "transcrypt ${version}";
37 };
39 meta = with lib; {
40 description = "Transparently encrypt files within a Git repository";
41 longDescription = ''
42 A script to configure transparent encryption of sensitive files stored in
43 a Git repository. Files that you choose will be automatically encrypted
44 when you commit them, and automatically decrypted when you check them
45 out. The process will degrade gracefully, so even people without your
46 encryption password can safely commit changes to the repository's
47 non-encrypted files.
48 '';
49 homepage = "https://github.com/elasticdog/transcrypt";
50 license = licenses.mit;
51 maintainers = [ maintainers.elasticdog ];
52 platforms = platforms.all;
53 };
54 }