From 001b0016acfeaeff22c2cef42ae72a1fa1fec0a4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Karel=20Ko=C4=8D=C3=AD?= Date: Mon, 13 Dec 2021 17:17:01 +0100 Subject: Add Sentinel packages and needed libraries --- build-support/bootstrap.sh | 5 +++++ default.nix | 31 +++++++++++++++++++++++++++++++ libraries/base64c/default.nix | 22 ++++++++++++++++++++++ libraries/logc-libs/default.nix | 24 ++++++++++++++++++++++++ libraries/logc/default.nix | 25 +++++++++++++++++++++++++ libraries/paho-mqtt-c/default.nix | 25 +++++++++++++++++++++++++ sentinel/faillogs/default.nix | 24 ++++++++++++++++++++++++ sentinel/fwlogs/default.nix | 24 ++++++++++++++++++++++++ sentinel/minipot/default.nix | 24 ++++++++++++++++++++++++ sentinel/proxy/default.nix | 28 ++++++++++++++++++++++++++++ 10 files changed, 232 insertions(+) create mode 100644 build-support/bootstrap.sh create mode 100644 default.nix create mode 100644 libraries/base64c/default.nix create mode 100644 libraries/logc-libs/default.nix create mode 100644 libraries/logc/default.nix create mode 100644 libraries/paho-mqtt-c/default.nix create mode 100644 sentinel/faillogs/default.nix create mode 100644 sentinel/fwlogs/default.nix create mode 100644 sentinel/minipot/default.nix create mode 100644 sentinel/proxy/default.nix diff --git a/build-support/bootstrap.sh b/build-support/bootstrap.sh new file mode 100644 index 0000000..a1202cb --- /dev/null +++ b/build-support/bootstrap.sh @@ -0,0 +1,5 @@ +preConfigurePhases="${preConfigurePhases:-} bootstrapPhase" + +bootstrapPhase() { + ./bootstrap +} diff --git a/default.nix b/default.nix new file mode 100644 index 0000000..576da5b --- /dev/null +++ b/default.nix @@ -0,0 +1,31 @@ +{ nixpkgs ? import {}}: + +let + pkgs = nixpkgs // turrispkgs; + callPackage = pkgs.lib.callPackageWith pkgs; + + turrispkgs = with pkgs; { + bootstrapHook = callPackage ( + { makeSetupHook, autoconf, autoconf-archive, automake, gettext, libtool }: + makeSetupHook + { deps = [ autoconf autoconf-archive automake gettext libtool ]; } + ./build-support/bootstrap.sh + ) { }; + + logc = callPackage ./libraries/logc { }; + logc-0_1 = callPackage ./libraries/logc { + pkgversion = "0.1.0"; + pkgsha256 = "1swjzs2249wvnqx2zvxwd7d1z22kd3512xxfvq002cvgbq78ka9a"; + }; + logc-libs = callPackage ./libraries/logc-libs { }; + base64c = callPackage ./libraries/base64c { }; + paho-mqtt-c = callPackage ./libraries/paho-mqtt-c { }; + + sentinel-proxy = callPackage ./sentinel/proxy { }; + sentinel-minipot = callPackage ./sentinel/minipot { }; + sentinel-fwlogs = callPackage ./sentinel/fwlogs { }; + sentinel-faillogs = callPackage ./sentinel/faillogs { }; + + }; + +in turrispkgs diff --git a/libraries/base64c/default.nix b/libraries/base64c/default.nix new file mode 100644 index 0000000..ec89a4b --- /dev/null +++ b/libraries/base64c/default.nix @@ -0,0 +1,22 @@ +{ stdenv, lib, fetchgit +, bootstrapHook, pkg-config +}: + +stdenv.mkDerivation rec { + pname = "base64c"; + version = "0.2.1"; + meta = with lib; { + homepage = "https://gitlab.nic.cz/turris/base64c"; + description = "Base64 encoding/decoding library for C"; + platforms = with platforms; linux; + license = licenses.mit; + }; + + src = fetchgit { + url = "https://gitlab.nic.cz/turris/base64c.git"; + rev = "v" + version; + sha256 = "09qgx2qcni6cmk9mwiis843wgp3f85mh2c3sm0w37ib0bcxdvq7x"; + }; + + nativeBuildInputs = [bootstrapHook pkg-config]; +} diff --git a/libraries/logc-libs/default.nix b/libraries/logc-libs/default.nix new file mode 100644 index 0000000..1fe7a18 --- /dev/null +++ b/libraries/logc-libs/default.nix @@ -0,0 +1,24 @@ +{ stdenv, lib, fetchgit +, bootstrapHook, pkg-config +, logc, czmq, libevent +}: + +stdenv.mkDerivation rec { + pname = "logc-libs"; + version = "0.1.0"; + meta = with lib; { + homepage = "https://gitlab.nic.cz/turris/logc-libs"; + description = "Logging for C"; + platforms = with platforms; linux; + license = licenses.mit; + }; + + src = fetchgit { + url = "https://gitlab.nic.cz/turris/logc-libs.git"; + rev = "v" + version; + sha256 = "11b89742k81wbb0mc4r13l2sviz720qgl06v4wnjwlmi9x4pzy1a"; + }; + + buildInputs = [logc czmq libevent]; + nativeBuildInputs = [bootstrapHook pkg-config]; +} diff --git a/libraries/logc/default.nix b/libraries/logc/default.nix new file mode 100644 index 0000000..1c99e19 --- /dev/null +++ b/libraries/logc/default.nix @@ -0,0 +1,25 @@ +{ stdenv, lib, fetchgit +, bootstrapHook, pkg-config, gperf +, libconfig +, pkgversion ? "0.4.0", pkgsha256 ? "15nplgjgg6dxryy4yzbj4524y77ci0syi970rmbr955m9vxvhrib" +}: + +stdenv.mkDerivation rec { + pname = "logc"; + version = pkgversion; + meta = with lib; { + homepage = "https://gitlab.nic.cz/turris/logc"; + description = "Logging for C"; + platforms = with platforms; linux; + license = licenses.mit; + }; + + src = fetchgit { + url = "https://gitlab.nic.cz/turris/logc.git"; + rev = "v" + version; + sha256 = pkgsha256; + }; + + buildInputs = [libconfig]; + nativeBuildInputs = [bootstrapHook pkg-config gperf]; +} diff --git a/libraries/paho-mqtt-c/default.nix b/libraries/paho-mqtt-c/default.nix new file mode 100644 index 0000000..07db14d --- /dev/null +++ b/libraries/paho-mqtt-c/default.nix @@ -0,0 +1,25 @@ +{ stdenv, lib, fetchurl +, cmake +, openssl +}: + +stdenv.mkDerivation rec { + pname = "paho-mqtt-c"; + version = "1.3.9"; + meta = with lib; { + homepage = "https://eclipse.org/paho"; + description = "An Eclipse Paho C client library for MQTT"; + platforms = with platforms; linux; + license = licenses.epl20; + }; + + src = fetchurl { + url = "https://github.com/eclipse/paho.mqtt.c/archive/refs/tags/v" + version + ".tar.gz"; + sha256 = "1v9m4mx47bhahzda5sf5zp80shbaizymfbdidm8hsvfgl5grnv1q"; + }; + + buildInputs = [openssl]; + nativeBuildInputs = [cmake]; + + cmakeFlags = ["-DPAHO_WITH_SSL=TRUE" "-DPAHO_HIGH_PERFORMANCE=TRUE"]; +} diff --git a/sentinel/faillogs/default.nix b/sentinel/faillogs/default.nix new file mode 100644 index 0000000..d4bfa6b --- /dev/null +++ b/sentinel/faillogs/default.nix @@ -0,0 +1,24 @@ +{ stdenv, lib, fetchgit +, bootstrapHook, pkg-config, gperf +, logc, logc-libs, libevent, czmq, msgpack, libconfig +}: + +stdenv.mkDerivation rec { + pname = "sentinel-faillogs"; + version = "0.1.0"; + meta = with lib; { + homepage = "https://gitlab.nic.cz/turris/sentinel/faillogs"; + description = "Failed login attempt logs collector"; + platforms = with platforms; linux; + license = licenses.gpl3; + }; + + src = fetchgit { + url = "https://gitlab.nic.cz/turris/sentinel/faillogs.git"; + rev = "99ec41baed19cc1ca70490b2b8cd81784e7748d2"; + sha256 = "1pp93z78qwg7arca5z70gdp5ja2jldk1rzig8r29a2fhjakd0hb2"; + }; + + buildInputs = [logc logc-libs libevent czmq msgpack libconfig]; + nativeBuildInputs = [bootstrapHook pkg-config gperf]; +} diff --git a/sentinel/fwlogs/default.nix b/sentinel/fwlogs/default.nix new file mode 100644 index 0000000..c388a76 --- /dev/null +++ b/sentinel/fwlogs/default.nix @@ -0,0 +1,24 @@ +{ stdenv, lib, fetchgit +, bootstrapHook, pkg-config +, czmq, msgpack, logc-0_1, logc-libs, libconfig, libnetfilter_log +}: + +stdenv.mkDerivation rec { + pname = "sentinel-proxy"; + version = "0.2.0"; + meta = with lib; { + homepage = "https://gitlab.nic.cz/turris/sentinel/fwlogs"; + description = "Firewall logs collector"; + platforms = with platforms; linux; + license = licenses.gpl3; + }; + + src = fetchgit { + url = "https://gitlab.nic.cz/turris/sentinel/fwlogs.git"; + rev = "v" + version; + sha256 = "04rlm3mlri2wz33z6jh2yh0p81lnrfpfmmfjrn4sfjwh1g21ins7"; + }; + + buildInputs = [czmq msgpack logc-0_1 logc-libs libconfig libnetfilter_log]; + nativeBuildInputs = [bootstrapHook pkg-config]; +} diff --git a/sentinel/minipot/default.nix b/sentinel/minipot/default.nix new file mode 100644 index 0000000..89b93f6 --- /dev/null +++ b/sentinel/minipot/default.nix @@ -0,0 +1,24 @@ +{ stdenv, lib, fetchgit +, bootstrapHook, pkg-config, gperf +, czmq, msgpack, libevent, base64c, logc-0_1, logc-libs +}: + +stdenv.mkDerivation rec { + pname = "sentinel-minipot"; + version = "2.2"; + meta = with lib; { + homepage = "https://gitlab.nic.cz/turris/sentinel/minipot"; + description = "Firewall logs collector"; + platforms = with platforms; linux; + license = licenses.gpl3; + }; + + src = fetchgit { + url = "https://gitlab.nic.cz/turris/sentinel/minipot.git"; + rev = "v" + version; + sha256 = "05p2q9mj8bhjapfphlrs45l691dmkpiia6ir1nnpa1pa5jy045p9"; + }; + + buildInputs = [czmq msgpack libevent base64c logc-0_1 logc-libs]; + nativeBuildInputs = [bootstrapHook pkg-config gperf]; +} diff --git a/sentinel/proxy/default.nix b/sentinel/proxy/default.nix new file mode 100644 index 0000000..5de2836 --- /dev/null +++ b/sentinel/proxy/default.nix @@ -0,0 +1,28 @@ +{ stdenv, lib, fetchgit +, autoconf, autoconf-archive, automake, libtool, pkgconfig, gperf +, openssl, zlib, czmq, libconfig, msgpack, paho-mqtt-c +}: + +stdenv.mkDerivation rec { + pname = "sentinel-proxy"; + version = "1.4"; + meta = with lib; { + homepage = "https://gitlab.nic.cz/turris/sentinel/proxy"; + description = "Main MQTT Sentinel client. Proxy that lives on the router and relays messages received from ZMQ to uplink server over MQTT channel."; + platforms = with platforms; linux; + license = licenses.gpl3; + }; + + src = fetchgit { + url = "https://gitlab.nic.cz/turris/sentinel/proxy.git"; + rev = "v" + version; + sha256 = "11s538yf4ydlzlx1vs9fc6hh9igf40s3v853mlcki8a28bni6xwb"; + }; + + buildInputs = [openssl zlib czmq libconfig msgpack paho-mqtt-c]; + nativeBuildInputs = [ + autoconf autoconf-archive automake libtool pkgconfig gperf + ]; + + preConfigure = "./bootstrap"; +} -- cgit v1.2.3