From mboxrd@z Thu Jan  1 00:00:00 1970
From: contact.ng0@cryptolab.net
Subject: [PATCH 2/2] gnu: Add hiawatha.
Date: Fri, 27 Jan 2017 16:11:28 +0000
Message-ID: <20170127161128.26792-3-contact.ng0@cryptolab.net>
References: <20170126154037.19603-1-contact.ng0@cryptolab.net>
	<20170127161128.26792-1-contact.ng0@cryptolab.net>
Mime-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Return-path: <guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org>
Received: from eggs.gnu.org ([2001:4830:134:3::10]:40826)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <ng0@we.make.ritual.n0.is>) id 1cX96h-0006GD-Dc
	for guix-devel@gnu.org; Fri, 27 Jan 2017 11:10:36 -0500
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <ng0@we.make.ritual.n0.is>) id 1cX96g-00022d-5S
	for guix-devel@gnu.org; Fri, 27 Jan 2017 11:10:35 -0500
Received: from aibo.runbox.com ([91.220.196.211]:57068)
	by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16)
	(Exim 4.71) (envelope-from <ng0@we.make.ritual.n0.is>)
	id 1cX96f-00022I-M8
	for guix-devel@gnu.org; Fri, 27 Jan 2017 11:10:33 -0500
Received: from [10.9.9.211] (helo=mailfront11.runbox.com)
	by mailtransmit03.runbox with esmtp (Exim 4.86_2)
	(envelope-from <ng0@we.make.ritual.n0.is>) id 1cX96e-0007WS-I2
	for guix-devel@gnu.org; Fri, 27 Jan 2017 17:10:32 +0100
In-Reply-To: <20170127161128.26792-1-contact.ng0@cryptolab.net>
List-Id: "Development of GNU Guix and the GNU System distribution."
	<guix-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/guix-devel>,
	<mailto:guix-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/guix-devel/>
List-Post: <mailto:guix-devel@gnu.org>
List-Help: <mailto:guix-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/guix-devel>,
	<mailto:guix-devel-request@gnu.org?subject=subscribe>
Errors-To: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org
Sender: "Guix-devel" <guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org>
To: guix-devel@gnu.org
Cc: ng0 <ng0@libertad.pw>

From: ng0 <ng0@libertad.pw>

* gnu/packages/web.scm (hiawatha): New variable.
---
 gnu/packages/web.scm | 57 +++++++++++++++++++++++++++++++++++++++++++++++++++-
 1 file changed, 56 insertions(+), 1 deletion(-)

diff --git a/gnu/packages/web.scm b/gnu/packages/web.scm
index 67b9797bb..48f1f867d 100644
--- a/gnu/packages/web.scm
+++ b/gnu/packages/web.scm
@@ -13,7 +13,7 @@
 ;;; Copyright © 2016 Rene Saavedra <rennes@openmailbox.org>
 ;;; Copyright © 2016 Ben Woodcroft <donttrustben@gmail.com>
 ;;; Copyright © 2016 Clément Lassieur <clement@lassieur.org>
-;;; Copyright © 2016 ng0 <ng0@we.make.ritual.n0.is>
+;;; Copyright © 2016, 2017 ng0 <contact.ng0@cryptolab.net>
 ;;; Copyright © 2016 Arun Isaac <arunisaac@systemreboot.net>
 ;;; Copyright © 2016 Tobias Geerinckx-Rice <me@tobias.gr>
 ;;; Copyright © 2016 Bake Timmons <b3timmons@speedymail.org>
@@ -3995,3 +3995,58 @@ programs' code.  Its architecture is optimized for security, portability, and
 scalability (including load-balancing), making it suitable for large
 deployments.")
   (license l:gpl2+)))
+
+(define-public hiawatha
+  (package
+    (name "hiawatha")
+    (version "10.4")
+    (source
+     (origin
+       (method url-fetch)
+       (uri (string-append "https://www.hiawatha-webserver.org/files/"
+                           "hiawatha-" version ".tar.gz"))
+       (modules '((guix build utils)))
+       (snippet
+        ;; We use our packaged mbedtls, so delete the included copy.
+        '(delete-file-recursively "mbedtls"))
+       (sha256
+        (base32
+         "0m2llzm72s29c32abnj03532m85fawvi8ybjpx6s3mgvx2yvq3p4"))))
+    (build-system cmake-build-system)
+    (arguments
+     `(#:tests? #f ; No tests included
+       #:configure-flags (list (string-append "-DUSE_SYSTEM_MBEDTLS=on")
+                               (string-append "-DENABLE_TOMAHAWK=on")
+                               (string-append "-DWEBROOT_DIR="
+                                              (assoc-ref %outputs "out")
+                                              "/share/hiawatha/html"))
+       #:phases
+       (modify-phases %standard-phases
+         (add-after 'install 'remove-empty-dirs
+           (lambda* (#:key outputs #:allow-other-keys)
+             (let* ((out (assoc-ref outputs "out")))
+               ;; The directories in "var" are empty, remove them.
+               (delete-file-recursively (string-append out "/var"))
+               #t)))
+         (add-after 'install 'wrap
+           (lambda* (#:key inputs outputs #:allow-other-keys)
+             ;; Make sure 'hiawatha' finds 'mbedtls'.
+             (let* ((out (assoc-ref outputs "out"))
+                    (sbin (string-append out "/sbin"))
+                    (mbed (assoc-ref inputs "mbedtls-apache")))
+               (wrap-program (string-append sbin "/hiawatha")
+                 `("PATH" ":" prefix (,mbed)))))))))
+    (inputs
+     ;; TODO: package "hiawatha-monitor", an optional dependency of "hiawatha".
+     `(("mbedtls-apache" ,mbedtls-apache) ;Hiawatha includes this version.
+       ("zlib" ,zlib)
+       ("libxslt" ,libxslt)
+       ("libxml2" ,libxml2)))
+    (home-page "https://www.hiawatha-webserver.org")
+    (synopsis "Webserver with focus on security")
+    (description
+     "Hiawatha has been written with security in mind.  This resulted in a
+highly secure webserver in both code and features.  Hiawatha can stop SQL
+injections, XSS and CSRF attacks and exploit attempts.  Via a specially
+crafted monitoring tool, you can keep track of all your webservers.")
+    (license l:gpl2)))
-- 
2.11.0