aboutsummaryrefslogtreecommitdiff
path: root/pkgs/sentinel
diff options
context:
space:
mode:
Diffstat (limited to 'pkgs/sentinel')
-rw-r--r--pkgs/sentinel/certgen/default.nix23
-rw-r--r--pkgs/sentinel/dynfw-client/default.nix26
-rw-r--r--pkgs/sentinel/faillogs/default.nix7
-rw-r--r--pkgs/sentinel/fwlogs/default.nix8
-rw-r--r--pkgs/sentinel/minipot/default.nix7
-rw-r--r--pkgs/sentinel/proxy/default.nix13
6 files changed, 76 insertions, 8 deletions
diff --git a/pkgs/sentinel/certgen/default.nix b/pkgs/sentinel/certgen/default.nix
new file mode 100644
index 0000000..bc0b35c
--- /dev/null
+++ b/pkgs/sentinel/certgen/default.nix
@@ -0,0 +1,23 @@
+{ buildPythonApplication, lib, fetchgit
+, python3
+, ipset
+}:
+
+buildPythonApplication rec {
+ pname = "sentinel-dynfw-client";
+ version = "6.2";
+ meta = with lib; {
+ homepage = "https://gitlab.nic.cz/turris/sentinel/certgen";
+ description = "Sentinel automated passwords and certificates retrieval";
+ license = licenses.gpl3;
+ };
+
+ src = fetchgit {
+ url = "https://gitlab.nic.cz/turris/sentinel/certgen.git";
+ rev = "v" + version;
+ sha256 = "10ii3j3wqdib7m2fc0w599981mv9q3ahj96q4kyrn5sh18v2c7nb";
+ };
+
+ # TODO we are missing crypto-wrapper
+ buildInputs = with python3.pkgs; [six requests cryptography];
+}
diff --git a/pkgs/sentinel/dynfw-client/default.nix b/pkgs/sentinel/dynfw-client/default.nix
new file mode 100644
index 0000000..b059b6d
--- /dev/null
+++ b/pkgs/sentinel/dynfw-client/default.nix
@@ -0,0 +1,26 @@
+{ buildPythonApplication, lib, fetchgit
+, ipset
+}:
+
+buildPythonApplication rec {
+ pname = "sentinel-dynfw-client";
+ version = "1.4.0";
+ meta = with lib; {
+ homepage = "https://gitlab.nic.cz/turris/sentinel/dynfw-client";
+ description = "Dynamic firewall client";
+ platforms = platforms.linux;
+ license = licenses.gpl3;
+ };
+
+ src = fetchgit {
+ url = "https://gitlab.nic.cz/turris/sentinel/dynfw-client.git";
+ rev = "v" + version;
+ sha256 = "1g0wbhsjzifvdfvig6922cl3yfj1f96yvg11s4vgiaxca9yspcmp";
+ };
+
+ buildInputs = [ipset];
+ preConfigure = ''
+ ls
+ find -type f | xargs sed -i 's#/usr/sbin/ipset#${ipset}#g'
+ '';
+}
diff --git a/pkgs/sentinel/faillogs/default.nix b/pkgs/sentinel/faillogs/default.nix
index d4bfa6b..4b3a2d3 100644
--- a/pkgs/sentinel/faillogs/default.nix
+++ b/pkgs/sentinel/faillogs/default.nix
@@ -1,6 +1,7 @@
{ stdenv, lib, fetchgit
, bootstrapHook, pkg-config, gperf
, logc, logc-libs, libevent, czmq, msgpack, libconfig
+, check
}:
stdenv.mkDerivation rec {
@@ -9,7 +10,6 @@ stdenv.mkDerivation rec {
meta = with lib; {
homepage = "https://gitlab.nic.cz/turris/sentinel/faillogs";
description = "Failed login attempt logs collector";
- platforms = with platforms; linux;
license = licenses.gpl3;
};
@@ -21,4 +21,9 @@ stdenv.mkDerivation rec {
buildInputs = [logc logc-libs libevent czmq msgpack libconfig];
nativeBuildInputs = [bootstrapHook pkg-config gperf];
+ depsBuildBuild = [check];
+
+ doCheck = true;
+ doInstallCheck = true;
+ configureFlags = lib.optional (stdenv.hostPlatform == stdenv.buildPlatform) "--enable-tests";
}
diff --git a/pkgs/sentinel/fwlogs/default.nix b/pkgs/sentinel/fwlogs/default.nix
index c388a76..6c9d529 100644
--- a/pkgs/sentinel/fwlogs/default.nix
+++ b/pkgs/sentinel/fwlogs/default.nix
@@ -1,6 +1,7 @@
{ stdenv, lib, fetchgit
, bootstrapHook, pkg-config
, czmq, msgpack, logc-0_1, logc-libs, libconfig, libnetfilter_log
+, check
}:
stdenv.mkDerivation rec {
@@ -9,7 +10,7 @@ stdenv.mkDerivation rec {
meta = with lib; {
homepage = "https://gitlab.nic.cz/turris/sentinel/fwlogs";
description = "Firewall logs collector";
- platforms = with platforms; linux;
+ platforms = platforms.linux;
license = licenses.gpl3;
};
@@ -21,4 +22,9 @@ stdenv.mkDerivation rec {
buildInputs = [czmq msgpack logc-0_1 logc-libs libconfig libnetfilter_log];
nativeBuildInputs = [bootstrapHook pkg-config];
+ depsBuildBuild = [check];
+
+ doCheck = true;
+ doInstallCheck = true;
+ configureFlags = lib.optional (stdenv.hostPlatform == stdenv.buildPlatform) "--enable-tests";
}
diff --git a/pkgs/sentinel/minipot/default.nix b/pkgs/sentinel/minipot/default.nix
index 89b93f6..1f26074 100644
--- a/pkgs/sentinel/minipot/default.nix
+++ b/pkgs/sentinel/minipot/default.nix
@@ -1,6 +1,7 @@
{ stdenv, lib, fetchgit
, bootstrapHook, pkg-config, gperf
, czmq, msgpack, libevent, base64c, logc-0_1, logc-libs
+, check
}:
stdenv.mkDerivation rec {
@@ -9,7 +10,6 @@ stdenv.mkDerivation rec {
meta = with lib; {
homepage = "https://gitlab.nic.cz/turris/sentinel/minipot";
description = "Firewall logs collector";
- platforms = with platforms; linux;
license = licenses.gpl3;
};
@@ -21,4 +21,9 @@ stdenv.mkDerivation rec {
buildInputs = [czmq msgpack libevent base64c logc-0_1 logc-libs];
nativeBuildInputs = [bootstrapHook pkg-config gperf];
+ depsBuildBuild = [check];
+
+ doCheck = true;
+ doInstallCheck = true;
+ configureFlags = lib.optional (stdenv.hostPlatform == stdenv.buildPlatform) "--enable-tests";
}
diff --git a/pkgs/sentinel/proxy/default.nix b/pkgs/sentinel/proxy/default.nix
index 5de2836..a3b6bf2 100644
--- a/pkgs/sentinel/proxy/default.nix
+++ b/pkgs/sentinel/proxy/default.nix
@@ -1,6 +1,7 @@
{ stdenv, lib, fetchgit
-, autoconf, autoconf-archive, automake, libtool, pkgconfig, gperf
+, bootstrapHook, pkg-config, gperf
, openssl, zlib, czmq, libconfig, msgpack, paho-mqtt-c
+, check
}:
stdenv.mkDerivation rec {
@@ -9,7 +10,6 @@ stdenv.mkDerivation rec {
meta = with lib; {
homepage = "https://gitlab.nic.cz/turris/sentinel/proxy";
description = "Main MQTT Sentinel client. Proxy that lives on the router and relays messages received from ZMQ to uplink server over MQTT channel.";
- platforms = with platforms; linux;
license = licenses.gpl3;
};
@@ -20,9 +20,12 @@ stdenv.mkDerivation rec {
};
buildInputs = [openssl zlib czmq libconfig msgpack paho-mqtt-c];
- nativeBuildInputs = [
- autoconf autoconf-archive automake libtool pkgconfig gperf
- ];
+ nativeBuildInputs = [bootstrapHook pkg-config gperf];
+ depsBuildBuild = [check];
preConfigure = "./bootstrap";
+
+ doCheck = true;
+ doInstallCheck = true;
+ configureFlags = lib.optional (stdenv.hostPlatform == stdenv.buildPlatform) "--enable-tests";
}