Torjus Håkestad
75bac814d4
Adds nixos-module.nix with services.oubliette options (enable, package, settings, configFile) and a hardened systemd service. Exposes the module as nixosModules.default in flake.nix. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
51 lines
1.3 KiB
Nix
51 lines
1.3 KiB
Nix
{
|
|
description = "Oubliette - SSH Honeypot";
|
|
|
|
inputs = {
|
|
nixpkgs.url = "github:nixos/nixpkgs?ref=nixos-unstable";
|
|
};
|
|
|
|
outputs = { self, nixpkgs }:
|
|
let
|
|
supportedSystems = [ "x86_64-linux" "aarch64-linux" ];
|
|
forAllSystems = nixpkgs.lib.genAttrs supportedSystems;
|
|
in
|
|
{
|
|
nixosModules.default = import ./nixos-module.nix;
|
|
|
|
packages = forAllSystems (system:
|
|
let
|
|
pkgs = nixpkgs.legacyPackages.${system};
|
|
mainGo = builtins.readFile ./cmd/oubliette/main.go;
|
|
version = builtins.head (builtins.match ''.*const Version = "([^"]+)".*'' mainGo);
|
|
in
|
|
{
|
|
default = pkgs.buildGoModule {
|
|
pname = "oubliette";
|
|
inherit version;
|
|
src = ./.;
|
|
vendorHash = "sha256-z/E1ZDfedOxI8CSUfcpFGYX0SrdcnAYuu2p0ATozDaA=";
|
|
subPackages = [ "cmd/oubliette" ];
|
|
meta = {
|
|
description = "SSH honeypot";
|
|
mainProgram = "oubliette";
|
|
};
|
|
};
|
|
});
|
|
|
|
devShells = forAllSystems (system:
|
|
let
|
|
pkgs = nixpkgs.legacyPackages.${system};
|
|
in
|
|
{
|
|
default = pkgs.mkShell {
|
|
buildInputs = [
|
|
pkgs.go
|
|
pkgs.govulncheck
|
|
pkgs.golangci-lint
|
|
];
|
|
};
|
|
});
|
|
};
|
|
}
|