expressvpn: init at 3.25.0.13

1 files changed, 98 insertions, 0 deletions

diff --git a/pkgs/applications/networking/expressvpn/default.nix b/pkgs/applications/networking/expressvpn/default.nix
new file mode 100644
index 0000000000000..0bc0fd34fe5ad
--- /dev/null
+++ b/pkgs/applications/networking/expressvpn/default.nix
@@ -0,0 +1,98 @@
+{ autoPatchelfHook
+, buildFHSUserEnv
+, dpkg
+, fetchurl
+, inotify-tools
+, lib
+, stdenvNoCC
+, sysctl
+, writeScript
+}:
+
+let
+  pname = "expressvpn";
+  clientVersion = "3.25.0";
+  clientBuild = "13";
+  version = lib.strings.concatStringsSep "." [ clientVersion clientBuild ];
+
+  expressvpnBase = stdenvNoCC.mkDerivation {
+    inherit pname version;
+
+    src = fetchurl {
+      url = "https://www.expressvpn.works/clients/linux/expressvpn_${version}-1_amd64.deb";
+      hash = "sha256-lyDjG346FrgT7SZbsWET+Hexl9Un6mzMukfO2PwlInA=";
+    };
+
+    nativeBuildInputs = [ dpkg autoPatchelfHook ];
+
+    dontConfigure = true;
+    dontBuild = true;
+
+    unpackPhase = ''
+      runHook preUnpack
+      dpkg --fsys-tarfile $src | tar --extract
+      runHook postUnpack
+    '';
+
+    installPhase = ''
+      runHook preInstall
+      mv usr/ $out/
+      runHook postInstall
+    '';
+  };
+
+  expressvpndFHS = buildFHSUserEnv {
+    name = "expressvpnd";
+
+    # When connected, it directly creates/deletes resolv.conf to change the DNS entries.
+    # Since it's running in an FHS environment, it has no effect on actual resolv.conf.
+    # Hence, place a watcher that updates host resolv.conf when FHS resolv.conf changes.
+    runScript = writeScript "${pname}-wrapper" ''
+      cp /host/etc/resolv.conf /etc/resolv.conf;
+      while inotifywait /etc 2>/dev/null;
+      do
+        cp /etc/resolv.conf /host/etc/resolv.conf;
+      done &
+      expressvpnd --client-version ${clientVersion} --client-build ${clientBuild}
+    '';
+
+    # expressvpnd binary has hard-coded the path /sbin/sysctl hence below workaround.
+    extraBuildCommands = ''
+      chmod +w sbin
+      ln -s ${sysctl}/bin/sysctl sbin/sysctl
+    '';
+
+    # The expressvpnd binary also uses hard-coded paths to the other binaries and files
+    # it ships with, hence the FHS environment.
+
+    targetPkgs = pkgs: with pkgs; [
+      expressvpnBase
+      inotify-tools
+      iproute2
+    ];
+  };
+in
+stdenvNoCC.mkDerivation {
+  inherit pname version;
+
+  dontUnpack = true;
+  dontConfigure = true;
+  dontBuild = true;
+
+  installPhase = ''
+    runHook preInstall
+    mkdir -p $out/bin $out/share
+    ln -s ${expressvpnBase}/bin/expressvpn $out/bin
+    ln -s ${expressvpndFHS}/bin/expressvpnd $out/bin
+    ln -s ${expressvpnBase}/share/{bash-completion,doc,man} $out/share/
+    runHook postInstall
+  '';
+
+  meta = with lib; {
+    description = "CLI client for ExpressVPN";
+    homepage = "https://www.expressvpn.com";
+    license = licenses.unfree;
+    platforms = [ "x86_64-linux" ];
+    maintainers = with maintainers; [ yureien ];
+  };
+}