teleport: add rdpclient

2 years ago · e3a4076faa
parent 25cf5ebcd0
commit e3a4076faa
3 changed files with 69 additions and 12 deletions
--- a/pkgs/servers/teleport/default.nix
+++ b/pkgs/servers/teleport/default.nix
@ -3,11 +3,17 @@
 , rustPlatform
 , fetchFromGitHub
 , makeWrapper
+, symlinkJoin
+, CoreFoundation
+, openssl
+, pkg-config
 , protobuf
+, Security
 , stdenv
 , xdg-utils
 , nixosTests

+, withRdpClient ? true
 , withRoleTester ? true
 }:
 let
@ -20,6 +26,28 @@ let
  };
  version = "9.1.2";

+  rdpClient = rustPlatform.buildRustPackage rec {
+    name = "teleport-rdpclient";
+    cargoSha256 = "sha256-Jz7bB/f4HRxBhSevmfELSrIm+IXUVlADIgp2qWQd5PY=";
+    inherit version src;
+
+    buildAndTestSubdir = "lib/srv/desktop/rdp/rdpclient";
+
+    buildInputs = [ openssl ]
+      ++ lib.optionals stdenv.isDarwin [ CoreFoundation Security ];
+    nativeBuildInputs = [ pkg-config ];
+
+    # https://github.com/NixOS/nixpkgs/issues/161570 ,
+    # buildRustPackage sets strictDeps = true;
+    checkInputs = buildInputs;
+
+    OPENSSL_NO_VENDOR = "1";
+
+    postInstall = ''
+      cp -r target $out
+    '';
+  };
+
  roleTester = rustPlatform.buildRustPackage {
    name = "teleport-roletester";
    inherit version src;
@ -49,9 +77,12 @@ buildGoModule rec {
  vendorSha256 = "sha256-UMgWM7KHag99JR4i4mwVHa6yd9aHQ6Dy+pmUijNL4Ew=";

  subPackages = [ "tool/tbot" "tool/tctl" "tool/teleport" "tool/tsh" ];
-  tags = [ "webassets_embed" ] ++
-    lib.optional withRoleTester "roletester";
+  tags = [ "webassets_embed" ]
+    ++ lib.optional withRdpClient "desktop_access_rdp"
+    ++ lib.optional withRoleTester "roletester";

+  buildInputs = [ openssl ]
+    ++ lib.optionals (stdenv.isDarwin && withRdpClient) [ CoreFoundation Security ];
  nativeBuildInputs = [ makeWrapper ];

  patches = [
@ -60,20 +91,27 @@ buildGoModule rec {
    # https://github.com/NixOS/nixpkgs/issues/132652
    ./test.patch
    ./0001-fix-add-nix-path-to-exec-env.patch
+    ./rdpclient.patch
  ];

  # Reduce closure size for client machines
  outputs = [ "out" "client" ];

-  preBuild = ''
-    mkdir -p build
-    echo "making webassets"
-    cp -r ${webassets}/* webassets/
-    make lib/web/build/webassets
-
-    ${lib.optionalString withRoleTester
-      "cp -r ${roleTester}/target ."}
-  '';
+  preBuild =
+    let rustDeps = symlinkJoin {
+      name = "teleport-rust-deps";
+      paths = lib.optional withRdpClient rdpClient
+        ++ lib.optional withRoleTester roleTester;
+    };
+    in
+    ''
+      mkdir -p build
+      echo "making webassets"
+      cp -r ${webassets}/* webassets/
+      make lib/web/build/webassets
+
+      cp -r ${rustDeps}/. .
+    '';

  # Multiple tests fail in the build sandbox
  # due to trying to spawn nixbld's shell (/noshell), etc.
--- a/pkgs/servers/teleport/rdpclient.patch
+++ b/pkgs/servers/teleport/rdpclient.patch
@ -0,0 +1,17 @@
+diff --git a/lib/srv/desktop/rdp/rdpclient/client.go b/lib/srv/desktop/rdp/rdpclient/client.go
+index d191c768f..71117a30d 100644
+--- a/lib/srv/desktop/rdp/rdpclient/client.go
+++ b/lib/srv/desktop/rdp/rdpclient/client.go
+@@ -56,10 +56,10 @@ package rdpclient
+ #cgo linux,amd64 LDFLAGS: -L${SRCDIR}/../../../../../target/x86_64-unknown-linux-gnu/release
+ #cgo linux,arm LDFLAGS: -L${SRCDIR}/../../../../../target/arm-unknown-linux-gnueabihf/release
+ #cgo linux,arm64 LDFLAGS: -L${SRCDIR}/../../../../../target/aarch64-unknown-linux-gnu/release
+-#cgo linux LDFLAGS: -l:librdp_client.a -lpthread -ldl -lm
+#cgo linux LDFLAGS: -l:librdp_client.a -lpthread -ldl -lm -lssl -lcrypto
+ #cgo darwin,amd64 LDFLAGS: -L${SRCDIR}/../../../../../target/x86_64-apple-darwin/release
+ #cgo darwin,arm64 LDFLAGS: -L${SRCDIR}/../../../../../target/aarch64-apple-darwin/release
+-#cgo darwin LDFLAGS: -framework CoreFoundation -framework Security -lrdp_client -lpthread -ldl -lm
+#cgo darwin LDFLAGS: -framework CoreFoundation -framework Security -lrdp_client -lpthread -ldl -lm -lssl -lcrypto
+ #include <librdprs.h>
+ */
+ import "C"
--- a/pkgs/top-level/all-packages.nix
+++ b/pkgs/top-level/all-packages.nix
@ -10773,7 +10773,9 @@ with pkgs;

  telegraf = callPackage ../servers/monitoring/telegraf { };

-  teleport = callPackage ../servers/teleport {};
+  teleport = callPackage ../servers/teleport {
+    inherit (darwin.apple_sdk.frameworks) CoreFoundation Security;
+  };

  telepresence = callPackage ../tools/networking/telepresence {
    pythonPackages = python3Packages;