summaryrefslogtreecommitdiff
path: root/good-dirsrv.scm
diff options
context:
space:
mode:
Diffstat (limited to 'good-dirsrv.scm')
-rw-r--r--good-dirsrv.scm237
1 files changed, 237 insertions, 0 deletions
diff --git a/good-dirsrv.scm b/good-dirsrv.scm
new file mode 100644
index 0000000..2aa4ab0
--- /dev/null
+++ b/good-dirsrv.scm
@@ -0,0 +1,237 @@
+;;; GNU Guix --- Functional package management for GNU
+;;; Copyright © 2013, 2014, 2015, 2019, 2020 Ludovic Courtès <ludo@gnu.org>
+;;; Copyright © 2013 Andreas Enge <andreas@enge.fr>
+;;; Copyright © 2016, 2021 Leo Famulari <leo@famulari.name>
+;;; Copyright © 2017, 2018, 2019, 2021 Ricardo Wurmus <rekado@elephly.net>
+;;; Copyright © 2018 Tobias Geerinckx-Rice <me@tobias.gr>
+;;; Copyright © 2019 Mathieu Othacehe <m.othacehe@gmail.com>
+;;; Copyright © 2020 Lars-Dominik Braun <ldb@leibniz-psychology.org>
+;;; Copyright © 2020 Efraim Flashner <efraim@flashner.co.il>
+;;; Copyright © 2021 Maxim Cournoyer <maxim.cournoyer@gmail.com>
+;;; Copyright © 2022 Marius Bakke <marius@gnu.org>
+;;;
+;;; This file is part of GNU Guix.
+;;;
+;;; GNU Guix is free software; you can redistribute it and/or modify it
+;;; under the terms of the GNU General Public License as published by
+;;; the Free Software Foundation; either version 3 of the License, or (at
+;;; your option) any later version.
+;;;
+;;; GNU Guix is distributed in the hope that it will be useful, but
+;;; WITHOUT ANY WARRANTY; without even the implied warranty of
+;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+;;; GNU General Public License for more details.
+;;;
+;;; You should have received a copy of the GNU General Public License
+;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
+
+(use-modules (gnu packages openldap)
+ (gnu packages autotools)
+ (gnu packages check)
+ (gnu packages compression)
+ (gnu packages cyrus-sasl)
+ (gnu packages dbm)
+ (gnu packages documentation)
+ (gnu packages gettext)
+ (gnu packages gnupg)
+ (gnu packages groff)
+ (gnu packages icu4c)
+ (gnu packages kerberos)
+ (gnu packages libevent)
+ (gnu packages linux)
+ (gnu packages networking)
+ (gnu packages nss)
+ (gnu packages password-utils)
+ (gnu packages pcre)
+ (gnu packages perl)
+ (gnu packages pkg-config)
+ (gnu packages python)
+ (gnu packages python-xyz)
+ (gnu packages rsync)
+ (gnu packages selinux)
+ (gnu packages time)
+ (gnu packages tls)
+ (gnu packages web)
+ (gnu packages)
+ ((guix licenses) #:select (openldap2.8 lgpl2.1+ gpl3+ psfl expat))
+ (guix packages)
+ (guix gexp)
+ (guix utils)
+ (guix download)
+ (guix build-system gnu)
+ (guix build-system python))
+
+ (package
+ (name "389-ds-base")
+ (version "1.4.4.17")
+ (source (origin
+ (method url-fetch)
+ (uri (string-append "https://github.com/389ds/389-ds-base/archive/"
+ "389-ds-base-" version ".tar.gz"))
+ (sha256
+ (base32
+ "0i8m4crbnjjhfb7cq758rd0fxyz36i291yq6fykkprjykz9s3zv4"))))
+ (build-system gnu-build-system)
+ (arguments
+ `(#:modules ((srfi srfi-1)
+ (guix build gnu-build-system)
+ ((guix build python-build-system)
+ #:select (add-installed-pythonpath python-version))
+ (guix build utils))
+ #:imported-modules ((guix build python-build-system)
+ ,@%gnu-build-system-modules)
+ #:configure-flags
+ (list (string-append "--with-db="
+ (assoc-ref %build-inputs "bdb"))
+ (string-append "--with-sasl="
+ (assoc-ref %build-inputs "cyrus-sasl"))
+ (string-append "--with-netsnmp="
+ (assoc-ref %build-inputs "net-snmp"))
+ (string-append "--with-pcre="
+ (assoc-ref %build-inputs "pcre"))
+ (string-append "--with-selinux="
+ (assoc-ref %build-inputs "libselinux"))
+ "--with-libldap-r=no"
+ "--localstatedir=/var"
+ "--with-instconfigdir=/etc/dirsrv"
+ ;; The Perl scripts are being removed in the 1.4.0 release.
+ ;; Building them would require packaging of the outdated Mozilla
+ ;; LDAP SDK (instead of OpenLDAP) and PerLDAP.
+ "--disable-perl")
+ #:phases
+ (modify-phases %standard-phases
+ (add-after 'unpack 'fix-references
+ (lambda _
+ (substitute* "include/ldaputil/certmap.h"
+ (("nss3/cert.h") "nss/cert.h"))
+ (substitute* "src/lib389/lib389/utils.py"
+ (("'/sbin/ip'")
+ (string-append "'" (which "ip") "'")))
+ (substitute* "src/lib389/lib389/nss_ssl.py"
+ (("'/usr/bin/certutil'")
+ (string-append "'" (which "certutil") "'"))
+ (("'/usr/bin/openssl'")
+ (string-append "'" (which "openssl") "'"))
+ (("'/usr/bin/c_rehash'")
+ (string-append "'" (which "perl") "', '"
+ (which "c_rehash") "'")))))
+ (add-after 'unpack 'overwrite-default-locations
+ (lambda* (#:key outputs #:allow-other-keys)
+ (let ((out (assoc-ref outputs "out")))
+ (substitute* "src/lib389/lib389/paths.py"
+ (("/usr/share/dirsrv/inf/defaults.inf")
+ (string-append out "/share/dirsrv/inf/defaults.inf")))
+ ;; This directory can only be specified relative to sysconfdir. This
+ ;; is used to determine where to look for installed directory
+ ;; servers, so in the absence of a search path it needs to be global.
+ (substitute* "ldap/admin/src/defaults.inf.in"
+ (("^initconfig_dir =.*")
+ "initconfig_dir = /etc/dirsrv/registry\n"))
+ ;; This is used to determine where to write certificate files
+ ;; when installing new directory server instances.
+ (substitute* '("src/lib389/lib389/instance/setup.py"
+ "src/lib389/lib389/instance/remove.py")
+ (("etc_dirsrv_path = .*")
+ "etc_dirsrv_path = '/etc/dirsrv/'\n")))))
+ (add-after 'unpack 'fix-install-location-of-python-tools
+ (lambda* (#:key inputs outputs #:allow-other-keys)
+ (let* ((out (assoc-ref outputs "out"))
+ (pythondir (string-append
+ out "/lib/python"
+ (python-version (assoc-ref inputs "python"))
+ "/site-packages/")))
+ ;; Install directory must be on PYTHONPATH.
+ (add-installed-pythonpath inputs outputs)
+ ;; Install directory must exist.
+ (mkdir-p pythondir)
+ (substitute* "src/lib389/setup.py"
+ (("/usr") out))
+ (substitute* "Makefile.am"
+ (("setup.py install --skip-build" m)
+ (string-append
+ m " --prefix=" out
+ " --root=/ --single-version-externally-managed"))))))
+ (add-after 'unpack 'dont-use-libldap-r
+ (lambda _
+ (substitute* "Makefile.am"
+ (("-lldap_r") "-lldap"))))
+ (add-after 'build 'build-python-tools
+ (lambda* (#:key make-flags #:allow-other-keys)
+ ;; Set DETERMINISTIC_BUILD to override the embedded mtime in pyc
+ ;; files.
+ (setenv "DETERMINISTIC_BUILD" "1")
+ ;; Use deterministic hashes for strings, bytes, and datetime
+ ;; objects.
+ (setenv "PYTHONHASHSEED" "0")
+ (apply invoke "make" "lib389" make-flags)))
+ (add-after 'install 'install-python-tools
+ (lambda* (#:key make-flags #:allow-other-keys)
+ (apply invoke "make" "lib389-install" make-flags)))
+ (add-after 'install-python-tools 'wrap-python-tools
+ (lambda* (#:key outputs #:allow-other-keys)
+ (let* ((out (assoc-ref outputs "out"))
+ (pythonpath (getenv "GUIX_PYTHONPATH")))
+ (for-each (lambda (file)
+ (wrap-program (string-append out file)
+ `("GUIX_PYTHONPATH" ":" prefix (,pythonpath))))
+ '("/sbin/dsconf"
+ "/sbin/dscreate"
+ "/sbin/dsctl"
+ "/sbin/dsidm"
+ "/bin/ds-logpipe.py"
+ "/bin/ds-replcheck"))))))))
+ (inputs
+ (list bdb
+ cracklib
+ cyrus-sasl
+ gnutls
+ httpd
+ icu4c
+ iproute
+ libevent
+ libselinux
+ linux-pam
+ mit-krb5
+ net-snmp
+ nspr
+ nss
+ (list nss "bin") ; for certutil
+ openldap
+ openssl ; #included by net-snmp
+ pcre
+ python
+ python-pyasn1
+ python-pyasn1-modules
+ python-pytest
+ python-dateutil
+ python-six
+ python-argcomplete
+ python-argparse-manpage
+ python-ldap))
+ (native-inputs
+ (list autoconf
+ automake
+ doxygen
+ gettext-minimal
+ libtool
+ perl
+ rsync
+ pkg-config))
+ (home-page "https://directory.fedoraproject.org")
+ (synopsis "Enterprise-class LDAP server")
+ (description "389ds is an enterprise-class LDAP server. It is hardened by
+real-world use, is full-featured, and supports multi-master replication.
+
+Other features include:
+
+@enumerate
+@item Online, zero downtime, LDAP-based update of schema, configuration, and
+ management including @dfn{Access Control Information} (ACIs);
+@item Asynchronous Multi-Master Replication, to provide fault tolerance and
+ high write performance;
+@item Extensive documentation;
+@item Secure authentication and transport (TLS, and SASL);
+@item LDAPv3 compliant server.
+@end enumerate\n")
+ ;; GPLv3+ with OpenSSL linking exception.
+ (license gpl3+))
generated by cgit