From e95dba2a4b35a8550a2d5320f00c90a11a126c0a Mon Sep 17 00:00:00 2001 From: Gregor Kleen Date: Tue, 13 Sep 2016 04:13:51 +0200 Subject: customized factorio fetch --- customized/factorio-fetch.nix | 33 ++++++++++++++++++++++++++ customized/factorio.nix | 5 ++-- customized/fetch.sh | 55 +++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 90 insertions(+), 3 deletions(-) create mode 100644 customized/factorio-fetch.nix create mode 100644 customized/fetch.sh (limited to 'customized') diff --git a/customized/factorio-fetch.nix b/customized/factorio-fetch.nix new file mode 100644 index 00000000..04b31ac1 --- /dev/null +++ b/customized/factorio-fetch.nix @@ -0,0 +1,33 @@ +{ stdenv, curl, xidel, cacert +# Begin download parameters +, username ? "" +, password ? "" +}: + +{ + # URL to fetch. + url ? "" + + # Login URL. +, loginUrl ? "https://www.factorio.com/login" + + # SHA256 of the fetched URL. +, sha256 ? "" +}: + +stdenv.mkDerivation { + name = "factorio.tar.gz"; + + buildInputs = [ curl xidel ]; + + inherit url loginUrl username password cacert; + + builder = ./fetch.sh; + + outputHashAlgo = "sha256"; + outputHash = sha256; + outputHashMode = "flat"; + + # There's no point in downloading remotely, we'd just slow things down. + preferLocalBuild = true; +} diff --git a/customized/factorio.nix b/customized/factorio.nix index a718c9c7..b2832aad 100644 --- a/customized/factorio.nix +++ b/customized/factorio.nix @@ -1,9 +1,8 @@ { stdenv, callPackage, fetchurl, makeWrapper , alsaLib, libX11, libXcursor, libXinerama, libXrandr, libXi, mesa_noglu -, factorio-utils +, factorio-utils, factorio-fetch , releaseType , mods ? [] -, username ? "" , password ? "" }: assert releaseType == "alpha" || releaseType == "headless"; @@ -21,7 +20,7 @@ let inTar = "i386"; } else abort "Unsupported platform"; - authenticatedFetch = callPackage ./fetch.nix { inherit username password; }; + authenticatedFetch = factorio-fetch; fetch = rec { url = "https://www.factorio.com/get-download/${version}/${releaseType}/${arch.inUrl}"; diff --git a/customized/fetch.sh b/customized/fetch.sh new file mode 100644 index 00000000..30d9c9fd --- /dev/null +++ b/customized/fetch.sh @@ -0,0 +1,55 @@ +source $stdenv/setup + +# Curl flags to increase reliability a bit. +# +# Can't use fetchurl, for several reasons. One is that we definitely +# don't want --insecure for the login, though we need it for the +# download as their download cert isn't in the standard linux bundle. +curl="curl \ + --max-redirs 20 \ + --retry 3 \ + --cacert $cacert/etc/ssl/certs/ca-bundle.crt \ + -b cookies \ + -c cookies \ + $curlOpts \ + $NIX_CURL_FLAGS" + +# We don't want the password to be on any program's argv, as it may be +# visible in /proc. Writing it to file with echo should be safe, since +# it's a shell builtin. +echo -n "$password" > password +# Might as well hide the username as well. +echo -n "$username" > username + +# Get a CSRF token. +csrf=$($curl $loginUrl | xidel - -e '//input[@id="csrf_token"]/@value') + +# Log in. We don't especially care about the result, but let's check if login failed. +$curl --data-urlencode csrf_token="$csrf" \ + --data-urlencode username_or_email@username \ + --data-urlencode password@password \ + -d action=Login \ + $loginUrl -D headers > /dev/null + +if grep -q 'Location: https://' headers; then + # Now download. We need --insecure for this, but the sha256 should cover us. + $curl --insecure --location $url > $out + set +x +else + set +x + echo 'Login failed' + echo 'Please set username and password with config.nix,' + echo 'or /etc/nix/nixpkgs-config.nix if on NixOS.' + echo + echo 'Example:' + echo '{' + echo ' packageOverrides = pkgs: rec {' + echo ' factorio = pkgs.factorio.override {' + echo ' username = "";' + echo ' password = "";' + echo ' };' + echo ' };' + echo '}' + + exit 1 +fi -- cgit v1.2.3