From c95a08d738560a08a561063043c6b11226d80a2f Mon Sep 17 00:00:00 2001
From: Otavio Salvador <otavio@ossystems.com.br>
Date: Wed, 18 Nov 2020 20:34:58 -0300
Subject: [PATCH 1/3] maintainer-list: add otavio

Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
---
 maintainers/maintainer-list.nix | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/maintainers/maintainer-list.nix b/maintainers/maintainer-list.nix
index cef2e8f4de4b..e88e6d4fabb3 100644
--- a/maintainers/maintainer-list.nix
+++ b/maintainers/maintainer-list.nix
@@ -6677,6 +6677,12 @@
     githubId = 111265;
     name = "Ozan Sener";
   };
+  otavio = {
+    email = "otavio.salvador@ossystems.com.br";
+    github = "otavio";
+    githubId = 25278;
+    name = "Otavio Salvador";
+  };
   otwieracz = {
     email = "slawek@otwiera.cz";
     github = "otwieracz";

From f5d54c88ed26b4f6bf1cbf690cd27e464a18c83e Mon Sep 17 00:00:00 2001
From: Otavio Salvador <otavio@ossystems.com.br>
Date: Sat, 26 Dec 2020 00:06:27 -0300
Subject: [PATCH 2/3] shellhub-agent: initial expression at 0.4.2

ShellHub is a modern SSH server for remotely accessing Linux devices via
command line (using any SSH client) or web-based user interface,
designed as an alternative to _sshd_.

Think ShellHub as centralized SSH for the the edge and cloud computing.

More information about the project in:

 - https://shellhub.io
 - https://github.com/shellhub-io/shellhub

Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
---
 .../networking/shellhub-agent/default.nix     | 34 +++++++++++++++++++
 pkgs/top-level/all-packages.nix               |  2 ++
 2 files changed, 36 insertions(+)
 create mode 100644 pkgs/applications/networking/shellhub-agent/default.nix

diff --git a/pkgs/applications/networking/shellhub-agent/default.nix b/pkgs/applications/networking/shellhub-agent/default.nix
new file mode 100644
index 000000000000..b8ee60e57138
--- /dev/null
+++ b/pkgs/applications/networking/shellhub-agent/default.nix
@@ -0,0 +1,34 @@
+{ stdenv, buildGoModule, fetchFromGitHub }:
+
+buildGoModule rec {
+  pname = "shellhub-agent";
+  version = "0.4.2";
+
+  src = fetchFromGitHub {
+    owner = "shellhub-io";
+    repo = "shellhub";
+    rev = "v${version}";
+    sha256 = "0cd41ing1pcf1bdaaq00w5h7lih5j2kcaa0m41g3ikm3vd1w5qna";
+  };
+
+  modRoot = "./agent";
+
+  vendorSha256 = "19gsfhh6idqysdxhpq45sq35gw19adz9lp83krjlhzj1vqm59qma";
+
+  buildFlagsArray = [ "-ldflags=-s -w -X main.AgentVersion=v${version}" ];
+
+  meta = with stdenv.lib; {
+    description =
+      "Enables easy access any Linux device behind firewall and NAT";
+    longDescription = ''
+      ShellHub is a modern SSH server for remotely accessing Linux devices via
+      command line (using any SSH client) or web-based user interface, designed
+      as an alternative to _sshd_. Think ShellHub as centralized SSH for the the
+      edge and cloud computing.
+    '';
+    homepage = "https://shellhub.io/";
+    license = licenses.asl20;
+    maintainers = with maintainers; [ otavio ];
+    platforms = platforms.linux;
+  };
+}
diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix
index 12ecc6e4e2c2..66bdcbeaca24 100644
--- a/pkgs/top-level/all-packages.nix
+++ b/pkgs/top-level/all-packages.nix
@@ -2587,6 +2587,8 @@ in
 
   shell-hist = callPackage ../tools/misc/shell-hist { };
 
+  shellhub-agent = callPackage ../applications/networking/shellhub-agent { };
+
   simdjson = callPackage ../development/libraries/simdjson { };
 
   simg2img = callPackage ../tools/filesystems/simg2img { };

From 06edbabe06c47e529bc105bd7fa48fa21bc31738 Mon Sep 17 00:00:00 2001
From: Otavio Salvador <otavio@ossystems.com.br>
Date: Thu, 19 Nov 2020 21:41:26 -0300
Subject: [PATCH 3/3] nixos/shellhub-agent: initial service expression

This provides the service to configure the ShellHub Agent.

Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
---
 nixos/modules/module-list.nix                 |  1 +
 .../services/networking/shellhub-agent.nix    | 91 +++++++++++++++++++
 2 files changed, 92 insertions(+)
 create mode 100644 nixos/modules/services/networking/shellhub-agent.nix

diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix
index 3b67a8574938..c8909fdc0d4d 100644
--- a/nixos/modules/module-list.nix
+++ b/nixos/modules/module-list.nix
@@ -742,6 +742,7 @@
   ./services/networking/skydns.nix
   ./services/networking/shadowsocks.nix
   ./services/networking/shairport-sync.nix
+  ./services/networking/shellhub-agent.nix
   ./services/networking/shorewall.nix
   ./services/networking/shorewall6.nix
   ./services/networking/shout.nix
diff --git a/nixos/modules/services/networking/shellhub-agent.nix b/nixos/modules/services/networking/shellhub-agent.nix
new file mode 100644
index 000000000000..4ce4b8250bc3
--- /dev/null
+++ b/nixos/modules/services/networking/shellhub-agent.nix
@@ -0,0 +1,91 @@
+{ config, lib, pkgs, ... }:
+
+with lib;
+let
+  cfg = config.services.shellhub-agent;
+in {
+
+  ###### interface
+
+  options = {
+
+    services.shellhub-agent = {
+
+      enable = mkOption {
+        type = types.bool;
+        default = false;
+        description = ''
+          Whether to enable the ShellHub Agent daemon, which allows
+          secure remote logins.
+        '';
+      };
+
+      package = mkOption {
+        type = types.package;
+        default = pkgs.shellhub-agent;
+        defaultText = "pkgs.shellhub-agent";
+        description = ''
+          Which ShellHub Agent package to use.
+        '';
+      };
+
+      tenantId = mkOption {
+        type = types.str;
+        example = "ba0a880c-2ada-11eb-a35e-17266ef329d6";
+        description = ''
+          The tenant ID to use when connecting to the ShellHub
+          Gateway.
+        '';
+      };
+
+      server = mkOption {
+        type = types.str;
+        default = "https://cloud.shellhub.io";
+        description = ''
+          Server address of ShellHub Gateway to connect.
+        '';
+      };
+
+      privateKey = mkOption {
+        type = types.path;
+        default = "/var/lib/shellhub-agent/private.key";
+        description = ''
+          Location where to store the ShellHub Agent private
+          key.
+        '';
+      };
+    };
+  };
+
+  ###### implementation
+
+  config = mkIf cfg.enable {
+
+    systemd.services.shellhub-agent = {
+      description = "ShellHub Agent";
+
+      wantedBy = [ "multi-user.target" ];
+      requires = [ "local-fs.target" ];
+      wants = [ "network-online.target" ];
+      after = [
+        "local-fs.target"
+        "network.target"
+        "network-online.target"
+        "time-sync.target"
+      ];
+
+      environment.SERVER_ADDRESS = cfg.server;
+      environment.PRIVATE_KEY = cfg.privateKey;
+      environment.TENANT_ID = cfg.tenantId;
+
+      serviceConfig = {
+        # The service starts sessions for different users.
+        User = "root";
+        Restart = "on-failure";
+        ExecStart = "${cfg.package}/bin/agent";
+      };
+    };
+
+    environment.systemPackages = [ cfg.package ];
+  };
+}