customized factorio fetch

1 files changed, 55 insertions, 0 deletions

diff --git a/customized/fetch.sh b/customized/fetch.sh
new file mode 100644
index 00000000..30d9c9fd
--- /dev/null
+++ b/customized/fetch.sh
@@ -0,0 +1,55 @@
+source $stdenv/setup
+
+# Curl flags to increase reliability a bit.
+#
+# Can't use fetchurl, for several reasons. One is that we definitely
+# don't want --insecure for the login, though we need it for the
+# download as their download cert isn't in the standard linux bundle.
+curl="curl \
+ --max-redirs 20 \
+ --retry 3 \
+ --cacert $cacert/etc/ssl/certs/ca-bundle.crt \
+ -b cookies \
+ -c cookies \
+ $curlOpts \
+ $NIX_CURL_FLAGS"
+
+# We don't want the password to be on any program's argv, as it may be
+# visible in /proc. Writing it to file with echo should be safe, since
+# it's a shell builtin.
+echo -n "$password" > password
+# Might as well hide the username as well.
+echo -n "$username" > username
+
+# Get a CSRF token.
+csrf=$($curl $loginUrl | xidel - -e '//input[@id="csrf_token"]/@value')
+
+# Log in. We don't especially care about the result, but let's check if login failed.
+$curl --data-urlencode csrf_token="$csrf" \
+      --data-urlencode username_or_email@username \
+      --data-urlencode password@password \
+      -d action=Login \
+      $loginUrl -D headers > /dev/null
+
+if grep -q 'Location: https://' headers; then
+    # Now download. We need --insecure for this, but the sha256 should cover us.
+    $curl --insecure --location $url > $out
+    set +x
+else
+    set +x
+    echo 'Login failed'
+    echo 'Please set username and password with config.nix,'
+    echo 'or /etc/nix/nixpkgs-config.nix if on NixOS.'
+    echo
+    echo 'Example:'
+    echo '{'
+    echo '  packageOverrides = pkgs: rec {'
+    echo '    factorio = pkgs.factorio.override {'
+    echo '      username = "<username or email address>";'
+    echo '      password = "<password>";'
+    echo '    };'
+    echo '  };'
+    echo '}'
+
+    exit 1
+fi