Merge pull request #203794 from urandom2/crowdsec

Fixes https://github.com/NixOS/nixpkgs/issues/155822 Closes https://github.com/NixOS/nixpkgs/pull/162633
2022-12-01 13:02:11 +01:00 · 2022-12-01 13:02:11 +01:00 · d4c7d4b2c2
parent 2f0d2b0cb7 3f20add24f
commit d4c7d4b2c2
2 changed files with 62 additions and 0 deletions
--- a/pkgs/tools/security/crowdsec/default.nix
+++ b/pkgs/tools/security/crowdsec/default.nix
@ -0,0 +1,60 @@
+{ lib, buildGoModule, fetchFromGitHub, installShellFiles }:
+
+buildGoModule rec {
+  pname = "crowdsec";
+  version = "1.4.2";
+
+  src = fetchFromGitHub {
+    owner = "crowdsecurity";
+    repo = pname;
+    rev = "v${version}";
+    hash = "sha256-hL3+hTOuwcbxiVZeq9oZjfKI1TJJt64g+74NolA3Drc=";
+  };
+
+  vendorHash = "sha256-FPsoufB9UDgBDIE3yUq4doBse3qgjP19ussYnMAxntk=";
+
+  nativeBuildInputs = [ installShellFiles ];
+
+  subPackages = [
+    "cmd/crowdsec"
+    "cmd/crowdsec-cli"
+  ];
+
+  ldflags = [
+    "-s"
+    "-w"
+    "-X github.com/crowdsecurity/crowdsec/pkg/cwversion.Version=v${version}"
+    "-X github.com/crowdsecurity/crowdsec/pkg/cwversion.BuildDate=1970-01-01_00:00:00"
+  ];
+
+  postBuild = "mv $GOPATH/bin/{crowdsec-cli,cscli}";
+
+  postInstall = ''
+    mkdir -p $out/share/crowdsec
+    cp -r ./config $out/share/crowdsec/
+
+    installShellCompletion --cmd cscli \
+      --bash <($out/bin/cscli completion bash) \
+      --fish <($out/bin/cscli completion fish) \
+      --zsh <($out/bin/cscli completion zsh)
+  '';
+
+  meta = with lib; {
+    homepage = "https://crowdsec.net/";
+    changelog = "https://github.com/crowdsecurity/crowdsec/releases/tag/v${version}";
+    description = "CrowdSec is a free, open-source and collaborative IPS";
+    longDescription = ''
+      CrowdSec is a free, modern & collaborative behavior detection engine,
+      coupled with a global IP reputation network. It stacks on fail2ban's
+      philosophy but is IPV6 compatible and 60x faster (Go vs Python), uses Grok
+      patterns to parse logs and YAML scenario to identify behaviors. CrowdSec
+      is engineered for modern Cloud/Containers/VM based infrastructures (by
+      decoupling detection and remediation). Once detected you can remedy
+      threats with various bouncers (firewall block, nginx http 403, Captchas,
+      etc.) while the aggressive IP can be sent to CrowdSec for curation before
+      being shared among all users to further improve everyone's security.
+    '';
+    license = licenses.mit;
+    maintainers = with maintainers; [ jk urandom ];
+  };
+}
--- a/pkgs/top-level/all-packages.nix
+++ b/pkgs/top-level/all-packages.nix
@ -4049,6 +4049,8 @@ with pkgs;

  crossplane = with python3Packages; toPythonApplication crossplane;

+  crowdsec = callPackage ../tools/security/crowdsec { };
+
  crunch = callPackage ../tools/security/crunch { };

  crudini = callPackage ../tools/misc/crudini { };