{ stdenv, lib, fetchurl, replaceVars, openfortivpn, autoreconfHook, gettext, pkg-config, file, glib, gtk3, gtk4, networkmanager, ppp, libsecret, withGnome ? true, gnome, libnma, libnma-gtk4, }: stdenv.mkDerivation rec { pname = "NetworkManager-fortisslvpn"; version = "1.4.0"; name = "${pname}${lib.optionalString withGnome "-gnome"}-${version}"; src = fetchurl { url = "mirror://gnome/sources/${pname}/${lib.versions.majorMinor version}/${pname}-${version}.tar.xz"; sha256 = "sFXiY0m1FrI1hXmKs+9XtDawFIAOkqiscyz8jnbF2vo="; }; patches = [ (replaceVars ./fix-paths.patch { inherit openfortivpn; }) ./support-ppp-2.5.0.patch ]; strictDeps = true; nativeBuildInputs = [ autoreconfHook gettext pkg-config file glib ]; buildInputs = [ openfortivpn networkmanager ppp glib ] ++ lib.optionals withGnome [ gtk3 gtk4 libsecret libnma libnma-gtk4 ]; configureFlags = [ "--with-gnome=${if withGnome then "yes" else "no"}" "--with-gtk4=${if withGnome then "yes" else "no"}" "--localstatedir=/var" "--enable-absolute-paths" ]; installFlags = [ # the installer only creates an empty directory in localstatedir, so # we can drop it "localstatedir=." ]; passthru = { updateScript = gnome.updateScript { packageName = pname; attrPath = "networkmanager-fortisslvpn"; versionPolicy = "odd-unstable"; }; networkManagerPlugin = "VPN/nm-fortisslvpn-service.name"; networkManagerTmpfilesRules = [ "d /var/lib/NetworkManager-fortisslvpn 0700 root root -" ]; }; meta = with lib; { description = "NetworkManager’s FortiSSL plugin"; inherit (networkmanager.meta) maintainers teams platforms; license = licenses.gpl2Plus; }; }