Merge pull request #9061 from tomberek/add_gateone

GateOne: init at 1.2

nixos/modules/misc/ids.nix

@@ -228,6 +228,7 @@
       subsonic = 204;
       riak = 205;
       shout = 206;
+      gateone = 207;
 
       # When adding a uid, make sure it doesn't match an existing gid. And don't use uids above 399!
 
@@ -434,6 +435,7 @@
       subsonic = 204;
       riak = 205;
       #shout = 206; #unused
+      gateone = 207;
 
       # When adding a gid, make sure it doesn't match an existing
       # uid. Users and groups with the same name should have equal

nixos/modules/module-list.nix

@@ -282,6 +282,7 @@
   ./services/networking/firewall.nix
   ./services/networking/flashpolicyd.nix
   ./services/networking/freenet.nix
+  ./services/networking/gateone.nix
   ./services/networking/git-daemon.nix
   ./services/networking/gnunet.nix
   ./services/networking/gogoclient.nix

nixos/modules/services/networking/gateone.nix

@@ -0,0 +1,59 @@
+{ config, lib, pkgs, ...}:
+with lib;
+let
+  cfg = config.services.gateone;
+in
+{
+options = {
+    services.gateone = {
+      enable = mkEnableOption "GateOne server";
+      pidDir = mkOption {
+        default = "/run/gateone";
+        type = types.path;
+        description = ''Path of pid files for GateOne.'';
+      };
+      settingsDir = mkOption {
+        default = "/var/lib/gateone";
+        type = types.path;
+        description = ''Path of configuration files for GateOne.'';
+      };
+    };
+};
+config = mkIf cfg.enable {
+  environment.systemPackages = with pkgs.pythonPackages; [
+    gateone pkgs.openssh pkgs.procps pkgs.coreutils ];
+
+  users.extraUsers.gateone = {
+    description = "GateOne privilege separation user";
+    uid = config.ids.uids.gateone;
+    home = cfg.settingsDir;
+  };
+  users.extraGroups.gateone.gid = config.ids.gids.gateone;
+
+  systemd.services.gateone = with pkgs; {
+    description = "GateOne web-based terminal";
+    path = [ pythonPackages.gateone nix openssh procps coreutils ];
+    preStart = ''
+      if [ ! -d ${cfg.settingsDir} ] ; then
+        mkdir -m 0750 -p ${cfg.settingsDir}
+        mkdir -m 0750 -p ${cfg.pidDir}
+        chown -R gateone.gateone ${cfg.settingsDir}
+        chown -R gateone.gateone ${cfg.pidDir}
+      fi
+      '';
+    #unitConfig.RequiresMountsFor = "${cfg.settingsDir}";
+    serviceConfig = {
+      ExecStart = ''${pythonPackages.gateone}/bin/gateone --settings_dir=${cfg.settingsDir} --pid_file=${cfg.pidDir}/gateone.pid --gid=${toString config.ids.gids.gateone} --uid=${toString config.ids.uids.gateone}'';
+      User = "gateone";
+      Group = "gateone";
+      WorkingDirectory = cfg.settingsDir;
+      PermissionsStartOnly = true;
+
+    };
+
+    wantedBy = [ "multi-user.target" ];
+    requires = [ "network.target" ];
+  };
+};
+}
+  

pkgs/top-level/python-packages.nix

@@ -3432,6 +3432,24 @@ let
     };
   };
 
+  gateone = buildPythonPackage rec {
+    name = "gateone-1.2-0d57c3";
+    disabled = ! isPy27;
+    src = pkgs.fetchFromGitHub {
+      rev = "11ed97c663b3e8c1b8eba473b5cf8362b10d57c3";
+      owner= "liftoff";
+      repo = "GateOne";
+      sha256 ="0zp9vfs6sqbx4d0g45kkjinfmsl9zqwa6bhp3xd81wx3ph9yr1hq";
+    };
+    propagatedBuildInputs = with pkgs.pythonPackages; [tornado futures html5lib readline pkgs.openssl];
+    meta = {
+      homepage = https://liftoffsoftware.com/;
+      description = "GateOne is a web-based terminal emulator and SSH client";
+      maintainers = with maintainers; [ tomberek ];
+
+    };
+  };
+
   gcutil = buildPythonPackage rec {
     name = "gcutil-1.16.1";
     meta.maintainers = with maintainers; [ phreedom ];