nios: Add sentinel module

6 files changed, 76 insertions, 8 deletions

diff --git a/pkgs/sentinel/certgen/default.nix b/pkgs/sentinel/certgen/default.nix
new file mode 100644
index 0000000..bc0b35c
--- /dev/null
+++ b/pkgs/sentinel/certgen/default.nix
@@ -0,0 +1,23 @@
+{ buildPythonApplication, lib, fetchgit
+, python3
+, ipset
+}:
+
+buildPythonApplication rec {
+  pname = "sentinel-dynfw-client";
+  version = "6.2";
+  meta = with lib; {
+    homepage = "https://gitlab.nic.cz/turris/sentinel/certgen";
+    description = "Sentinel automated passwords and certificates retrieval";
+    license = licenses.gpl3;
+  };
+
+  src = fetchgit {
+    url = "https://gitlab.nic.cz/turris/sentinel/certgen.git";
+    rev = "v" + version;
+    sha256 = "10ii3j3wqdib7m2fc0w599981mv9q3ahj96q4kyrn5sh18v2c7nb";
+  };
+
+  # TODO we are missing crypto-wrapper
+  buildInputs = with python3.pkgs; [six requests cryptography];
+}
diff --git a/pkgs/sentinel/dynfw-client/default.nix b/pkgs/sentinel/dynfw-client/default.nix
new file mode 100644
index 0000000..b059b6d
--- /dev/null
+++ b/pkgs/sentinel/dynfw-client/default.nix
@@ -0,0 +1,26 @@
+{ buildPythonApplication, lib, fetchgit
+, ipset
+}:
+
+buildPythonApplication rec {
+  pname = "sentinel-dynfw-client";
+  version = "1.4.0";
+  meta = with lib; {
+    homepage = "https://gitlab.nic.cz/turris/sentinel/dynfw-client";
+    description = "Dynamic firewall client";
+    platforms = platforms.linux;
+    license = licenses.gpl3;
+  };
+
+  src = fetchgit {
+    url = "https://gitlab.nic.cz/turris/sentinel/dynfw-client.git";
+    rev = "v" + version;
+    sha256 = "1g0wbhsjzifvdfvig6922cl3yfj1f96yvg11s4vgiaxca9yspcmp";
+  };
+
+  buildInputs = [ipset];
+  preConfigure = ''
+    ls
+    find -type f | xargs sed -i 's#/usr/sbin/ipset#${ipset}#g' 
+    '';
+}
diff --git a/pkgs/sentinel/faillogs/default.nix b/pkgs/sentinel/faillogs/default.nix
index d4bfa6b..4b3a2d3 100644
--- a/pkgs/sentinel/faillogs/default.nix
+++ b/pkgs/sentinel/faillogs/default.nix
@@ -1,6 +1,7 @@
 { stdenv, lib, fetchgit
 , bootstrapHook, pkg-config, gperf
 , logc, logc-libs, libevent, czmq, msgpack, libconfig
+, check
 }:
 
 stdenv.mkDerivation rec {
@@ -9,7 +10,6 @@ stdenv.mkDerivation rec {
   meta = with lib; {
     homepage = "https://gitlab.nic.cz/turris/sentinel/faillogs";
     description = "Failed login attempt logs collector";
-    platforms = with platforms; linux;
     license = licenses.gpl3;
   };
 
@@ -21,4 +21,9 @@ stdenv.mkDerivation rec {
 
   buildInputs = [logc logc-libs libevent czmq msgpack libconfig];
   nativeBuildInputs = [bootstrapHook pkg-config gperf];
+  depsBuildBuild = [check];
+
+  doCheck = true;
+  doInstallCheck = true;
+  configureFlags = lib.optional (stdenv.hostPlatform == stdenv.buildPlatform) "--enable-tests";
 }
diff --git a/pkgs/sentinel/fwlogs/default.nix b/pkgs/sentinel/fwlogs/default.nix
index c388a76..6c9d529 100644
--- a/pkgs/sentinel/fwlogs/default.nix
+++ b/pkgs/sentinel/fwlogs/default.nix
@@ -1,6 +1,7 @@
 { stdenv, lib, fetchgit
 , bootstrapHook, pkg-config
 , czmq, msgpack, logc-0_1, logc-libs, libconfig, libnetfilter_log
+, check
 }:
 
 stdenv.mkDerivation rec {
@@ -9,7 +10,7 @@ stdenv.mkDerivation rec {
   meta = with lib; {
     homepage = "https://gitlab.nic.cz/turris/sentinel/fwlogs";
     description = "Firewall logs collector";
-    platforms = with platforms; linux;
+    platforms = platforms.linux;
     license = licenses.gpl3;
   };
 
@@ -21,4 +22,9 @@ stdenv.mkDerivation rec {
 
   buildInputs = [czmq msgpack logc-0_1 logc-libs libconfig libnetfilter_log];
   nativeBuildInputs = [bootstrapHook pkg-config];
+  depsBuildBuild = [check];
+
+  doCheck = true;
+  doInstallCheck = true;
+  configureFlags = lib.optional (stdenv.hostPlatform == stdenv.buildPlatform) "--enable-tests";
 }
diff --git a/pkgs/sentinel/minipot/default.nix b/pkgs/sentinel/minipot/default.nix
index 89b93f6..1f26074 100644
--- a/pkgs/sentinel/minipot/default.nix
+++ b/pkgs/sentinel/minipot/default.nix
@@ -1,6 +1,7 @@
 { stdenv, lib, fetchgit
 , bootstrapHook, pkg-config, gperf
 , czmq, msgpack, libevent, base64c, logc-0_1, logc-libs
+, check
 }:
 
 stdenv.mkDerivation rec {
@@ -9,7 +10,6 @@ stdenv.mkDerivation rec {
   meta = with lib; {
     homepage = "https://gitlab.nic.cz/turris/sentinel/minipot";
     description = "Firewall logs collector";
-    platforms = with platforms; linux;
     license = licenses.gpl3;
   };
 
@@ -21,4 +21,9 @@ stdenv.mkDerivation rec {
 
   buildInputs = [czmq msgpack libevent base64c logc-0_1 logc-libs];
   nativeBuildInputs = [bootstrapHook pkg-config gperf];
+  depsBuildBuild = [check];
+
+  doCheck = true;
+  doInstallCheck = true;
+  configureFlags = lib.optional (stdenv.hostPlatform == stdenv.buildPlatform) "--enable-tests";
 }
diff --git a/pkgs/sentinel/proxy/default.nix b/pkgs/sentinel/proxy/default.nix
index 5de2836..a3b6bf2 100644
--- a/pkgs/sentinel/proxy/default.nix
+++ b/pkgs/sentinel/proxy/default.nix
@@ -1,6 +1,7 @@
 { stdenv, lib, fetchgit
-, autoconf, autoconf-archive, automake, libtool, pkgconfig, gperf
+, bootstrapHook, pkg-config, gperf
 , openssl, zlib, czmq, libconfig, msgpack, paho-mqtt-c
+, check
 }:
 
 stdenv.mkDerivation rec {
@@ -9,7 +10,6 @@ stdenv.mkDerivation rec {
   meta = with lib; {
     homepage = "https://gitlab.nic.cz/turris/sentinel/proxy";
     description = "Main MQTT Sentinel client. Proxy that lives on the router and relays messages received from ZMQ to uplink server over MQTT channel.";
-    platforms = with platforms; linux;
     license = licenses.gpl3;
   };
 
@@ -20,9 +20,12 @@ stdenv.mkDerivation rec {
   };
 
   buildInputs = [openssl zlib czmq libconfig msgpack paho-mqtt-c];
-  nativeBuildInputs = [
-    autoconf autoconf-archive automake libtool pkgconfig gperf
-  ];
+  nativeBuildInputs = [bootstrapHook pkg-config gperf];
+  depsBuildBuild = [check];
 
   preConfigure = "./bootstrap";
+
+  doCheck = true;
+  doInstallCheck = true;
+  configureFlags = lib.optional (stdenv.hostPlatform == stdenv.buildPlatform) "--enable-tests";
 }