aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorKarel Kočí <cynerd@email.cz>2021-12-13 17:17:01 +0100
committerKarel Kočí <cynerd@email.cz>2021-12-13 17:17:01 +0100
commit001b0016acfeaeff22c2cef42ae72a1fa1fec0a4 (patch)
treeae949614800007b79b9b343c97ca1a8d32a31e0b
downloadnixturris-001b0016acfeaeff22c2cef42ae72a1fa1fec0a4.tar.gz
nixturris-001b0016acfeaeff22c2cef42ae72a1fa1fec0a4.tar.bz2
nixturris-001b0016acfeaeff22c2cef42ae72a1fa1fec0a4.zip
Add Sentinel packages and needed libraries
-rw-r--r--build-support/bootstrap.sh5
-rw-r--r--default.nix31
-rw-r--r--libraries/base64c/default.nix22
-rw-r--r--libraries/logc-libs/default.nix24
-rw-r--r--libraries/logc/default.nix25
-rw-r--r--libraries/paho-mqtt-c/default.nix25
-rw-r--r--sentinel/faillogs/default.nix24
-rw-r--r--sentinel/fwlogs/default.nix24
-rw-r--r--sentinel/minipot/default.nix24
-rw-r--r--sentinel/proxy/default.nix28
10 files changed, 232 insertions, 0 deletions
diff --git a/build-support/bootstrap.sh b/build-support/bootstrap.sh
new file mode 100644
index 0000000..a1202cb
--- /dev/null
+++ b/build-support/bootstrap.sh
@@ -0,0 +1,5 @@
+preConfigurePhases="${preConfigurePhases:-} bootstrapPhase"
+
+bootstrapPhase() {
+ ./bootstrap
+}
diff --git a/default.nix b/default.nix
new file mode 100644
index 0000000..576da5b
--- /dev/null
+++ b/default.nix
@@ -0,0 +1,31 @@
+{ nixpkgs ? import <nixpkgs> {}}:
+
+let
+ pkgs = nixpkgs // turrispkgs;
+ callPackage = pkgs.lib.callPackageWith pkgs;
+
+ turrispkgs = with pkgs; {
+ bootstrapHook = callPackage (
+ { makeSetupHook, autoconf, autoconf-archive, automake, gettext, libtool }:
+ makeSetupHook
+ { deps = [ autoconf autoconf-archive automake gettext libtool ]; }
+ ./build-support/bootstrap.sh
+ ) { };
+
+ logc = callPackage ./libraries/logc { };
+ logc-0_1 = callPackage ./libraries/logc {
+ pkgversion = "0.1.0";
+ pkgsha256 = "1swjzs2249wvnqx2zvxwd7d1z22kd3512xxfvq002cvgbq78ka9a";
+ };
+ logc-libs = callPackage ./libraries/logc-libs { };
+ base64c = callPackage ./libraries/base64c { };
+ paho-mqtt-c = callPackage ./libraries/paho-mqtt-c { };
+
+ sentinel-proxy = callPackage ./sentinel/proxy { };
+ sentinel-minipot = callPackage ./sentinel/minipot { };
+ sentinel-fwlogs = callPackage ./sentinel/fwlogs { };
+ sentinel-faillogs = callPackage ./sentinel/faillogs { };
+
+ };
+
+in turrispkgs
diff --git a/libraries/base64c/default.nix b/libraries/base64c/default.nix
new file mode 100644
index 0000000..ec89a4b
--- /dev/null
+++ b/libraries/base64c/default.nix
@@ -0,0 +1,22 @@
+{ stdenv, lib, fetchgit
+, bootstrapHook, pkg-config
+}:
+
+stdenv.mkDerivation rec {
+ pname = "base64c";
+ version = "0.2.1";
+ meta = with lib; {
+ homepage = "https://gitlab.nic.cz/turris/base64c";
+ description = "Base64 encoding/decoding library for C";
+ platforms = with platforms; linux;
+ license = licenses.mit;
+ };
+
+ src = fetchgit {
+ url = "https://gitlab.nic.cz/turris/base64c.git";
+ rev = "v" + version;
+ sha256 = "09qgx2qcni6cmk9mwiis843wgp3f85mh2c3sm0w37ib0bcxdvq7x";
+ };
+
+ nativeBuildInputs = [bootstrapHook pkg-config];
+}
diff --git a/libraries/logc-libs/default.nix b/libraries/logc-libs/default.nix
new file mode 100644
index 0000000..1fe7a18
--- /dev/null
+++ b/libraries/logc-libs/default.nix
@@ -0,0 +1,24 @@
+{ stdenv, lib, fetchgit
+, bootstrapHook, pkg-config
+, logc, czmq, libevent
+}:
+
+stdenv.mkDerivation rec {
+ pname = "logc-libs";
+ version = "0.1.0";
+ meta = with lib; {
+ homepage = "https://gitlab.nic.cz/turris/logc-libs";
+ description = "Logging for C";
+ platforms = with platforms; linux;
+ license = licenses.mit;
+ };
+
+ src = fetchgit {
+ url = "https://gitlab.nic.cz/turris/logc-libs.git";
+ rev = "v" + version;
+ sha256 = "11b89742k81wbb0mc4r13l2sviz720qgl06v4wnjwlmi9x4pzy1a";
+ };
+
+ buildInputs = [logc czmq libevent];
+ nativeBuildInputs = [bootstrapHook pkg-config];
+}
diff --git a/libraries/logc/default.nix b/libraries/logc/default.nix
new file mode 100644
index 0000000..1c99e19
--- /dev/null
+++ b/libraries/logc/default.nix
@@ -0,0 +1,25 @@
+{ stdenv, lib, fetchgit
+, bootstrapHook, pkg-config, gperf
+, libconfig
+, pkgversion ? "0.4.0", pkgsha256 ? "15nplgjgg6dxryy4yzbj4524y77ci0syi970rmbr955m9vxvhrib"
+}:
+
+stdenv.mkDerivation rec {
+ pname = "logc";
+ version = pkgversion;
+ meta = with lib; {
+ homepage = "https://gitlab.nic.cz/turris/logc";
+ description = "Logging for C";
+ platforms = with platforms; linux;
+ license = licenses.mit;
+ };
+
+ src = fetchgit {
+ url = "https://gitlab.nic.cz/turris/logc.git";
+ rev = "v" + version;
+ sha256 = pkgsha256;
+ };
+
+ buildInputs = [libconfig];
+ nativeBuildInputs = [bootstrapHook pkg-config gperf];
+}
diff --git a/libraries/paho-mqtt-c/default.nix b/libraries/paho-mqtt-c/default.nix
new file mode 100644
index 0000000..07db14d
--- /dev/null
+++ b/libraries/paho-mqtt-c/default.nix
@@ -0,0 +1,25 @@
+{ stdenv, lib, fetchurl
+, cmake
+, openssl
+}:
+
+stdenv.mkDerivation rec {
+ pname = "paho-mqtt-c";
+ version = "1.3.9";
+ meta = with lib; {
+ homepage = "https://eclipse.org/paho";
+ description = "An Eclipse Paho C client library for MQTT";
+ platforms = with platforms; linux;
+ license = licenses.epl20;
+ };
+
+ src = fetchurl {
+ url = "https://github.com/eclipse/paho.mqtt.c/archive/refs/tags/v" + version + ".tar.gz";
+ sha256 = "1v9m4mx47bhahzda5sf5zp80shbaizymfbdidm8hsvfgl5grnv1q";
+ };
+
+ buildInputs = [openssl];
+ nativeBuildInputs = [cmake];
+
+ cmakeFlags = ["-DPAHO_WITH_SSL=TRUE" "-DPAHO_HIGH_PERFORMANCE=TRUE"];
+}
diff --git a/sentinel/faillogs/default.nix b/sentinel/faillogs/default.nix
new file mode 100644
index 0000000..d4bfa6b
--- /dev/null
+++ b/sentinel/faillogs/default.nix
@@ -0,0 +1,24 @@
+{ stdenv, lib, fetchgit
+, bootstrapHook, pkg-config, gperf
+, logc, logc-libs, libevent, czmq, msgpack, libconfig
+}:
+
+stdenv.mkDerivation rec {
+ pname = "sentinel-faillogs";
+ version = "0.1.0";
+ meta = with lib; {
+ homepage = "https://gitlab.nic.cz/turris/sentinel/faillogs";
+ description = "Failed login attempt logs collector";
+ platforms = with platforms; linux;
+ license = licenses.gpl3;
+ };
+
+ src = fetchgit {
+ url = "https://gitlab.nic.cz/turris/sentinel/faillogs.git";
+ rev = "99ec41baed19cc1ca70490b2b8cd81784e7748d2";
+ sha256 = "1pp93z78qwg7arca5z70gdp5ja2jldk1rzig8r29a2fhjakd0hb2";
+ };
+
+ buildInputs = [logc logc-libs libevent czmq msgpack libconfig];
+ nativeBuildInputs = [bootstrapHook pkg-config gperf];
+}
diff --git a/sentinel/fwlogs/default.nix b/sentinel/fwlogs/default.nix
new file mode 100644
index 0000000..c388a76
--- /dev/null
+++ b/sentinel/fwlogs/default.nix
@@ -0,0 +1,24 @@
+{ stdenv, lib, fetchgit
+, bootstrapHook, pkg-config
+, czmq, msgpack, logc-0_1, logc-libs, libconfig, libnetfilter_log
+}:
+
+stdenv.mkDerivation rec {
+ pname = "sentinel-proxy";
+ version = "0.2.0";
+ meta = with lib; {
+ homepage = "https://gitlab.nic.cz/turris/sentinel/fwlogs";
+ description = "Firewall logs collector";
+ platforms = with platforms; linux;
+ license = licenses.gpl3;
+ };
+
+ src = fetchgit {
+ url = "https://gitlab.nic.cz/turris/sentinel/fwlogs.git";
+ rev = "v" + version;
+ sha256 = "04rlm3mlri2wz33z6jh2yh0p81lnrfpfmmfjrn4sfjwh1g21ins7";
+ };
+
+ buildInputs = [czmq msgpack logc-0_1 logc-libs libconfig libnetfilter_log];
+ nativeBuildInputs = [bootstrapHook pkg-config];
+}
diff --git a/sentinel/minipot/default.nix b/sentinel/minipot/default.nix
new file mode 100644
index 0000000..89b93f6
--- /dev/null
+++ b/sentinel/minipot/default.nix
@@ -0,0 +1,24 @@
+{ stdenv, lib, fetchgit
+, bootstrapHook, pkg-config, gperf
+, czmq, msgpack, libevent, base64c, logc-0_1, logc-libs
+}:
+
+stdenv.mkDerivation rec {
+ pname = "sentinel-minipot";
+ version = "2.2";
+ meta = with lib; {
+ homepage = "https://gitlab.nic.cz/turris/sentinel/minipot";
+ description = "Firewall logs collector";
+ platforms = with platforms; linux;
+ license = licenses.gpl3;
+ };
+
+ src = fetchgit {
+ url = "https://gitlab.nic.cz/turris/sentinel/minipot.git";
+ rev = "v" + version;
+ sha256 = "05p2q9mj8bhjapfphlrs45l691dmkpiia6ir1nnpa1pa5jy045p9";
+ };
+
+ buildInputs = [czmq msgpack libevent base64c logc-0_1 logc-libs];
+ nativeBuildInputs = [bootstrapHook pkg-config gperf];
+}
diff --git a/sentinel/proxy/default.nix b/sentinel/proxy/default.nix
new file mode 100644
index 0000000..5de2836
--- /dev/null
+++ b/sentinel/proxy/default.nix
@@ -0,0 +1,28 @@
+{ stdenv, lib, fetchgit
+, autoconf, autoconf-archive, automake, libtool, pkgconfig, gperf
+, openssl, zlib, czmq, libconfig, msgpack, paho-mqtt-c
+}:
+
+stdenv.mkDerivation rec {
+ pname = "sentinel-proxy";
+ version = "1.4";
+ meta = with lib; {
+ homepage = "https://gitlab.nic.cz/turris/sentinel/proxy";
+ description = "Main MQTT Sentinel client. Proxy that lives on the router and relays messages received from ZMQ to uplink server over MQTT channel.";
+ platforms = with platforms; linux;
+ license = licenses.gpl3;
+ };
+
+ src = fetchgit {
+ url = "https://gitlab.nic.cz/turris/sentinel/proxy.git";
+ rev = "v" + version;
+ sha256 = "11s538yf4ydlzlx1vs9fc6hh9igf40s3v853mlcki8a28bni6xwb";
+ };
+
+ buildInputs = [openssl zlib czmq libconfig msgpack paho-mqtt-c];
+ nativeBuildInputs = [
+ autoconf autoconf-archive automake libtool pkgconfig gperf
+ ];
+
+ preConfigure = "./bootstrap";
+}