diff --git a/machines/compute01/satosa/default.nix b/machines/compute01/satosa/default.nix new file mode 100644 index 0000000..16dce47 --- /dev/null +++ b/machines/compute01/satosa/default.nix @@ -0,0 +1,9 @@ +{ lib, pkgs, ... }: + +let + package = import ./package { inherit lib pkgs; }; + + host = "saml.dgnum.eu"; +in { + +} diff --git a/machines/compute01/satosa/package/cookies-samesite-compat.nix b/machines/compute01/satosa/package/cookies-samesite-compat.nix new file mode 100644 index 0000000..d7e0442 --- /dev/null +++ b/machines/compute01/satosa/package/cookies-samesite-compat.nix @@ -0,0 +1,30 @@ +{ lib +, python3 +, fetchPypi +}: + +python3.pkgs.buildPythonPackage rec { + pname = "cookies-samesite-compat"; + version = "0.0.1"; + pyproject = true; + + src = fetchPypi { + pname = "cookies_samesite_compat"; + inherit version; + hash = "sha256-eC0rthOt3ahUUp+FD09guDag8MRQSRZ0lUkPxK8HOsA="; + }; + + nativeBuildInputs = with python3.pkgs; [ + setuptools + wheel + ]; + + pythonImportsCheck = [ "cookies_samesite_compat" ]; + + meta = with lib; { + description = "WSGI Middleware to duplicate the configured cookies and remove the SameSite attribute"; + homepage = "https://pypi.org/project/cookies-samesite-compat"; + license = licenses.asl20; + maintainers = with maintainers; [ ]; + }; +} diff --git a/machines/compute01/satosa/package/default.nix b/machines/compute01/satosa/package/default.nix new file mode 100644 index 0000000..cf1fc94 --- /dev/null +++ b/machines/compute01/satosa/package/default.nix @@ -0,0 +1,15 @@ +{ lib, pkgs, ... }: + +let + callPackage = lib.callPackageWith (pkgs // self); + + self = { + cookies-samesite-compat = callPackage ./cookies-samesite-compat.nix { }; + pyop = callPackage ./pyop.nix { }; + oic = callPackage ./oic.nix { }; + pydantic-settings = callPackage ./pydantic-settings.nix { }; + pydantic = callPackage ./pydantic.nix { }; + pydantic-core = callPackage ./pydantic-core.nix { }; + }; + +in callPackage ./satosa.nix { } diff --git a/machines/compute01/satosa/package/oic.nix b/machines/compute01/satosa/package/oic.nix new file mode 100644 index 0000000..9b044b5 --- /dev/null +++ b/machines/compute01/satosa/package/oic.nix @@ -0,0 +1,42 @@ +{ lib +, python3 +, fetchPypi +, pydantic-settings +}: + +python3.pkgs.buildPythonPackage rec { + pname = "oic"; + version = "1.6.1"; + pyproject = true; + + src = fetchPypi { + inherit pname version; + hash = "sha256-OFofZLtZUZ3x4jhAUwkhv0FnQCQPUF6m0WHjMdPTn60="; + }; + + nativeBuildInputs = [ + python3.pkgs.setuptools + python3.pkgs.wheel + ]; + + propagatedBuildInputs = with python3.pkgs; [ + cryptography + defusedxml + mako + pycryptodomex + pydantic-settings + pyjwkest + requests + typing-extensions + ]; + + pythonImportsCheck = [ "oic" ]; + + meta = with lib; { + description = "Python implementation of OAuth2 and OpenID Connect"; + homepage = "https://pypi.org/project/oic/"; + license = licenses.asl20; + maintainers = with maintainers; [ ]; + mainProgram = "oic"; + }; +} diff --git a/machines/compute01/satosa/package/pydantic-core.nix b/machines/compute01/satosa/package/pydantic-core.nix new file mode 100644 index 0000000..fc1e094 --- /dev/null +++ b/machines/compute01/satosa/package/pydantic-core.nix @@ -0,0 +1,47 @@ +{ lib +, python3 +, fetchPypi +, cargo +, rustPlatform +, rustc +}: + +python3.pkgs.buildPythonPackage rec { + pname = "pydantic-core"; + version = "2.10.1"; + pyproject = true; + + src = fetchPypi { + pname = "pydantic_core"; + inherit version; + hash = "sha256-D4aC290vZ/jh7d3L/8wp9gphgrSQHDZ/yMHEDTC7CoI="; + }; + + cargoDeps = rustPlatform.fetchCargoTarball { + inherit src; + name = "${pname}-${version}"; + hash = "sha256-wHiIVM0x+xH0SpP6UmlGh6r7sg0rnnppGrIchHTVJcc="; + }; + + nativeBuildInputs = [ + cargo + python3.pkgs.typing-extensions + rustPlatform.cargoSetupHook + rustPlatform.maturinBuildHook + rustc + ]; + + propagatedBuildInputs = with python3.pkgs; [ + typing-extensions + ]; + + pythonImportsCheck = [ "pydantic_core" ]; + + meta = with lib; { + description = ""; + homepage = "https://pypi.org/project/pydantic-core"; + license = licenses.mit; + maintainers = with maintainers; [ ]; + mainProgram = "pydantic-core"; + }; +} diff --git a/machines/compute01/satosa/package/pydantic-settings.nix b/machines/compute01/satosa/package/pydantic-settings.nix new file mode 100644 index 0000000..08bab28 --- /dev/null +++ b/machines/compute01/satosa/package/pydantic-settings.nix @@ -0,0 +1,36 @@ +{ lib +, python3 +, fetchPypi +, pydantic +}: + +python3.pkgs.buildPythonPackage rec { + pname = "pydantic-settings"; + version = "2.0.3"; + pyproject = true; + + src = fetchPypi { + pname = "pydantic_settings"; + inherit version; + hash = "sha256-li3DZySVqtaulqQ5D6x+WTWR4URiXlES01n49n+3WUU="; + }; + + nativeBuildInputs = [ + python3.pkgs.hatchling + ]; + + propagatedBuildInputs = with python3.pkgs; [ + pydantic + python-dotenv + ]; + + pythonImportsCheck = [ "pydantic_settings" ]; + + meta = with lib; { + description = "Settings management using Pydantic"; + homepage = "https://pypi.org/project/pydantic-settings/"; + license = licenses.mit; + maintainers = with maintainers; [ ]; + mainProgram = "pydantic-settings"; + }; +} diff --git a/machines/compute01/satosa/package/pydantic.nix b/machines/compute01/satosa/package/pydantic.nix new file mode 100644 index 0000000..e75a07b --- /dev/null +++ b/machines/compute01/satosa/package/pydantic.nix @@ -0,0 +1,43 @@ +{ lib +, python3 +, fetchPypi +, pydantic-core +}: + +python3.pkgs.buildPythonPackage rec { + pname = "pydantic"; + version = "2.4.1"; + pyproject = true; + + src = fetchPypi { + inherit pname version; + hash = "sha256-sXJQWIYCjkNWho1hfS0ad2168WJdExNFD9Ub3RnZ1h8="; + }; + + nativeBuildInputs = [ + python3.pkgs.hatch-fancy-pypi-readme + python3.pkgs.hatchling + ]; + + propagatedBuildInputs = with python3.pkgs; [ + annotated-types + pydantic-core + typing-extensions + ]; + + passthru.optional-dependencies = with python3.pkgs; { + email = [ + email-validator + ]; + }; + + pythonImportsCheck = [ "pydantic" ]; + + meta = with lib; { + description = "Data validation using Python type hints"; + homepage = "https://pypi.org/project/pydantic"; + license = licenses.mit; + maintainers = with maintainers; [ ]; + mainProgram = "pydantic"; + }; +} diff --git a/machines/compute01/satosa/package/pyop.nix b/machines/compute01/satosa/package/pyop.nix new file mode 100644 index 0000000..7148d1f --- /dev/null +++ b/machines/compute01/satosa/package/pyop.nix @@ -0,0 +1,35 @@ +{ lib +, python3 +, fetchPypi +, oic +}: + +python3.pkgs.buildPythonPackage rec { + pname = "pyop"; + version = "3.4.0"; + pyproject = true; + + src = fetchPypi { + inherit pname version; + hash = "sha256-4Iq+TVNH7Pq1Q/Xkdeg8FTqLIjGF673qq0AV/4TjkvE="; + }; + + nativeBuildInputs = with python3.pkgs; [ + setuptools + wheel + ]; + + propagatedBuildInputs = with python3.pkgs; [ + oic + pycryptodomex + ]; + + pythonImportsCheck = [ "pyop" ]; + + meta = with lib; { + description = "OpenID Connect Provider (OP) library in Python"; + homepage = "https://pypi.org/project/pyop"; + license = licenses.asl20; + maintainers = with maintainers; [ ]; + }; +} diff --git a/machines/compute01/satosa/package/satosa.nix b/machines/compute01/satosa/package/satosa.nix new file mode 100644 index 0000000..24bfc64 --- /dev/null +++ b/machines/compute01/satosa/package/satosa.nix @@ -0,0 +1,59 @@ +{ lib +, python3 +, fetchPypi +, cookies-samesite-compat +, pyop +}: + +python3.pkgs.buildPythonPackage rec { + pname = "satosa"; + version = "8.4.0"; + pyproject = true; + + src = fetchPypi { + pname = "SATOSA"; + inherit version; + hash = "sha256-KREROjb157RJJVRr9YefzoR/eflR/U7ZmG6yOH5DjcU="; + }; + + nativeBuildInputs = [ + python3.pkgs.setuptools + python3.pkgs.wheel + ]; + + propagatedBuildInputs = with python3.pkgs; [ + chevron + click + cookies-samesite-compat + gunicorn + importlib-metadata + pycryptodomex + pyop + pysaml2 + pyyaml + requests + werkzeug + ]; + + passthru.optional-dependencies = with python3.pkgs; { + ldap = [ + ldap3 + ]; + pyop_mongo = [ + pyop + ]; + pyop_redis = [ + pyop + ]; + }; + + pythonImportsCheck = [ "satosa" ]; + + meta = with lib; { + description = "Protocol proxy (SAML/OIDC)"; + homepage = "https://pypi.org/project/SATOSA"; + license = licenses.asl20; + maintainers = with maintainers; [ ]; + mainProgram = "satosa"; + }; +}