From 5339e045194c5ad482250c0271959a5fd9f97db2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Karel=20Ko=C4=8D=C3=AD?= Date: Sun, 2 Jan 2022 17:23:58 +0100 Subject: nios: Add sentinel module --- pkgs/sentinel/certgen/default.nix | 23 +++++++++++++++++++++++ pkgs/sentinel/dynfw-client/default.nix | 26 ++++++++++++++++++++++++++ pkgs/sentinel/faillogs/default.nix | 7 ++++++- pkgs/sentinel/fwlogs/default.nix | 8 +++++++- pkgs/sentinel/minipot/default.nix | 7 ++++++- pkgs/sentinel/proxy/default.nix | 13 ++++++++----- 6 files changed, 76 insertions(+), 8 deletions(-) create mode 100644 pkgs/sentinel/certgen/default.nix create mode 100644 pkgs/sentinel/dynfw-client/default.nix (limited to 'pkgs/sentinel') diff --git a/pkgs/sentinel/certgen/default.nix b/pkgs/sentinel/certgen/default.nix new file mode 100644 index 0000000..bc0b35c --- /dev/null +++ b/pkgs/sentinel/certgen/default.nix @@ -0,0 +1,23 @@ +{ buildPythonApplication, lib, fetchgit +, python3 +, ipset +}: + +buildPythonApplication rec { + pname = "sentinel-dynfw-client"; + version = "6.2"; + meta = with lib; { + homepage = "https://gitlab.nic.cz/turris/sentinel/certgen"; + description = "Sentinel automated passwords and certificates retrieval"; + license = licenses.gpl3; + }; + + src = fetchgit { + url = "https://gitlab.nic.cz/turris/sentinel/certgen.git"; + rev = "v" + version; + sha256 = "10ii3j3wqdib7m2fc0w599981mv9q3ahj96q4kyrn5sh18v2c7nb"; + }; + + # TODO we are missing crypto-wrapper + buildInputs = with python3.pkgs; [six requests cryptography]; +} diff --git a/pkgs/sentinel/dynfw-client/default.nix b/pkgs/sentinel/dynfw-client/default.nix new file mode 100644 index 0000000..b059b6d --- /dev/null +++ b/pkgs/sentinel/dynfw-client/default.nix @@ -0,0 +1,26 @@ +{ buildPythonApplication, lib, fetchgit +, ipset +}: + +buildPythonApplication rec { + pname = "sentinel-dynfw-client"; + version = "1.4.0"; + meta = with lib; { + homepage = "https://gitlab.nic.cz/turris/sentinel/dynfw-client"; + description = "Dynamic firewall client"; + platforms = platforms.linux; + license = licenses.gpl3; + }; + + src = fetchgit { + url = "https://gitlab.nic.cz/turris/sentinel/dynfw-client.git"; + rev = "v" + version; + sha256 = "1g0wbhsjzifvdfvig6922cl3yfj1f96yvg11s4vgiaxca9yspcmp"; + }; + + buildInputs = [ipset]; + preConfigure = '' + ls + find -type f | xargs sed -i 's#/usr/sbin/ipset#${ipset}#g' + ''; +} diff --git a/pkgs/sentinel/faillogs/default.nix b/pkgs/sentinel/faillogs/default.nix index d4bfa6b..4b3a2d3 100644 --- a/pkgs/sentinel/faillogs/default.nix +++ b/pkgs/sentinel/faillogs/default.nix @@ -1,6 +1,7 @@ { stdenv, lib, fetchgit , bootstrapHook, pkg-config, gperf , logc, logc-libs, libevent, czmq, msgpack, libconfig +, check }: stdenv.mkDerivation rec { @@ -9,7 +10,6 @@ stdenv.mkDerivation rec { meta = with lib; { homepage = "https://gitlab.nic.cz/turris/sentinel/faillogs"; description = "Failed login attempt logs collector"; - platforms = with platforms; linux; license = licenses.gpl3; }; @@ -21,4 +21,9 @@ stdenv.mkDerivation rec { buildInputs = [logc logc-libs libevent czmq msgpack libconfig]; nativeBuildInputs = [bootstrapHook pkg-config gperf]; + depsBuildBuild = [check]; + + doCheck = true; + doInstallCheck = true; + configureFlags = lib.optional (stdenv.hostPlatform == stdenv.buildPlatform) "--enable-tests"; } diff --git a/pkgs/sentinel/fwlogs/default.nix b/pkgs/sentinel/fwlogs/default.nix index c388a76..6c9d529 100644 --- a/pkgs/sentinel/fwlogs/default.nix +++ b/pkgs/sentinel/fwlogs/default.nix @@ -1,6 +1,7 @@ { stdenv, lib, fetchgit , bootstrapHook, pkg-config , czmq, msgpack, logc-0_1, logc-libs, libconfig, libnetfilter_log +, check }: stdenv.mkDerivation rec { @@ -9,7 +10,7 @@ stdenv.mkDerivation rec { meta = with lib; { homepage = "https://gitlab.nic.cz/turris/sentinel/fwlogs"; description = "Firewall logs collector"; - platforms = with platforms; linux; + platforms = platforms.linux; license = licenses.gpl3; }; @@ -21,4 +22,9 @@ stdenv.mkDerivation rec { buildInputs = [czmq msgpack logc-0_1 logc-libs libconfig libnetfilter_log]; nativeBuildInputs = [bootstrapHook pkg-config]; + depsBuildBuild = [check]; + + doCheck = true; + doInstallCheck = true; + configureFlags = lib.optional (stdenv.hostPlatform == stdenv.buildPlatform) "--enable-tests"; } diff --git a/pkgs/sentinel/minipot/default.nix b/pkgs/sentinel/minipot/default.nix index 89b93f6..1f26074 100644 --- a/pkgs/sentinel/minipot/default.nix +++ b/pkgs/sentinel/minipot/default.nix @@ -1,6 +1,7 @@ { stdenv, lib, fetchgit , bootstrapHook, pkg-config, gperf , czmq, msgpack, libevent, base64c, logc-0_1, logc-libs +, check }: stdenv.mkDerivation rec { @@ -9,7 +10,6 @@ stdenv.mkDerivation rec { meta = with lib; { homepage = "https://gitlab.nic.cz/turris/sentinel/minipot"; description = "Firewall logs collector"; - platforms = with platforms; linux; license = licenses.gpl3; }; @@ -21,4 +21,9 @@ stdenv.mkDerivation rec { buildInputs = [czmq msgpack libevent base64c logc-0_1 logc-libs]; nativeBuildInputs = [bootstrapHook pkg-config gperf]; + depsBuildBuild = [check]; + + doCheck = true; + doInstallCheck = true; + configureFlags = lib.optional (stdenv.hostPlatform == stdenv.buildPlatform) "--enable-tests"; } diff --git a/pkgs/sentinel/proxy/default.nix b/pkgs/sentinel/proxy/default.nix index 5de2836..a3b6bf2 100644 --- a/pkgs/sentinel/proxy/default.nix +++ b/pkgs/sentinel/proxy/default.nix @@ -1,6 +1,7 @@ { stdenv, lib, fetchgit -, autoconf, autoconf-archive, automake, libtool, pkgconfig, gperf +, bootstrapHook, pkg-config, gperf , openssl, zlib, czmq, libconfig, msgpack, paho-mqtt-c +, check }: stdenv.mkDerivation rec { @@ -9,7 +10,6 @@ stdenv.mkDerivation rec { meta = with lib; { homepage = "https://gitlab.nic.cz/turris/sentinel/proxy"; description = "Main MQTT Sentinel client. Proxy that lives on the router and relays messages received from ZMQ to uplink server over MQTT channel."; - platforms = with platforms; linux; license = licenses.gpl3; }; @@ -20,9 +20,12 @@ stdenv.mkDerivation rec { }; buildInputs = [openssl zlib czmq libconfig msgpack paho-mqtt-c]; - nativeBuildInputs = [ - autoconf autoconf-archive automake libtool pkgconfig gperf - ]; + nativeBuildInputs = [bootstrapHook pkg-config gperf]; + depsBuildBuild = [check]; preConfigure = "./bootstrap"; + + doCheck = true; + doInstallCheck = true; + configureFlags = lib.optional (stdenv.hostPlatform == stdenv.buildPlatform) "--enable-tests"; } -- cgit v1.2.3