blob: 30d9c9fdefe045ef1eb1623e93275b55068e79c0 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
|
source $stdenv/setup
# Curl flags to increase reliability a bit.
#
# Can't use fetchurl, for several reasons. One is that we definitely
# don't want --insecure for the login, though we need it for the
# download as their download cert isn't in the standard linux bundle.
curl="curl \
--max-redirs 20 \
--retry 3 \
--cacert $cacert/etc/ssl/certs/ca-bundle.crt \
-b cookies \
-c cookies \
$curlOpts \
$NIX_CURL_FLAGS"
# We don't want the password to be on any program's argv, as it may be
# visible in /proc. Writing it to file with echo should be safe, since
# it's a shell builtin.
echo -n "$password" > password
# Might as well hide the username as well.
echo -n "$username" > username
# Get a CSRF token.
csrf=$($curl $loginUrl | xidel - -e '//input[@id="csrf_token"]/@value')
# Log in. We don't especially care about the result, but let's check if login failed.
$curl --data-urlencode csrf_token="$csrf" \
--data-urlencode username_or_email@username \
--data-urlencode password@password \
-d action=Login \
$loginUrl -D headers > /dev/null
if grep -q 'Location: https://' headers; then
# Now download. We need --insecure for this, but the sha256 should cover us.
$curl --insecure --location $url > $out
set +x
else
set +x
echo 'Login failed'
echo 'Please set username and password with config.nix,'
echo 'or /etc/nix/nixpkgs-config.nix if on NixOS.'
echo
echo 'Example:'
echo '{'
echo ' packageOverrides = pkgs: rec {'
echo ' factorio = pkgs.factorio.override {'
echo ' username = "<username or email address>";'
echo ' password = "<password>";'
echo ' };'
echo ' };'
echo '}'
exit 1
fi
|