Torjus Håkestad
ab07e6a8dc
Add internal/metrics package with dedicated Prometheus registry exposing SSH connection, auth attempt, session, and build info metrics. Wire into SSH server (4 instrumentation points) and web server (/metrics endpoint). Add dockerImage output to flake.nix via dockerTools.buildLayeredImage. Bump version to 0.7.0. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
69 lines
1.9 KiB
Nix
69 lines
1.9 KiB
Nix
{
|
|
description = "Oubliette - SSH Honeypot";
|
|
|
|
inputs = {
|
|
nixpkgs.url = "github:nixos/nixpkgs?ref=nixos-unstable";
|
|
};
|
|
|
|
outputs = { self, nixpkgs }:
|
|
let
|
|
supportedSystems = [ "x86_64-linux" "aarch64-linux" ];
|
|
forAllSystems = nixpkgs.lib.genAttrs supportedSystems;
|
|
in
|
|
{
|
|
nixosModules.default = import ./nixos-module.nix;
|
|
|
|
packages = forAllSystems (system:
|
|
let
|
|
pkgs = nixpkgs.legacyPackages.${system};
|
|
mainGo = builtins.readFile ./cmd/oubliette/main.go;
|
|
version = builtins.head (builtins.match ''.*const Version = "([^"]+)".*'' mainGo);
|
|
in
|
|
{
|
|
default = pkgs.buildGoModule {
|
|
pname = "oubliette";
|
|
inherit version;
|
|
src = ./.;
|
|
vendorHash = "sha256-smMg/J1igSoSBkzdm9HJOp5OYY8MEccodCD/zVK31IQ=";
|
|
subPackages = [ "cmd/oubliette" ];
|
|
meta = {
|
|
description = "SSH honeypot";
|
|
mainProgram = "oubliette";
|
|
};
|
|
};
|
|
|
|
dockerImage = pkgs.dockerTools.buildLayeredImage {
|
|
name = "oubliette";
|
|
tag = version;
|
|
contents = [ self.packages.${system}.default ];
|
|
config = {
|
|
Entrypoint = [ "/bin/oubliette" ];
|
|
Cmd = [ "-config" "/data/oubliette.toml" ];
|
|
ExposedPorts = {
|
|
"2222/tcp" = {};
|
|
"8080/tcp" = {};
|
|
};
|
|
Volumes = {
|
|
"/data" = {};
|
|
};
|
|
};
|
|
};
|
|
});
|
|
|
|
devShells = forAllSystems (system:
|
|
let
|
|
pkgs = nixpkgs.legacyPackages.${system};
|
|
in
|
|
{
|
|
default = pkgs.mkShell {
|
|
buildInputs = [
|
|
pkgs.go
|
|
pkgs.govulncheck
|
|
pkgs.golangci-lint
|
|
pkgs.sqlite
|
|
];
|
|
};
|
|
});
|
|
};
|
|
}
|