feat: Add crowdsec module

2025-01-24 00:35:23 +08:00 · 2025-01-24 00:35:23 +08:00 · d0c6f2bcbe
commit d0c6f2bcbe
parent 22981fdcdd
13 changed files with 624 additions and 6 deletions
--- a/flake.nix
+++ b/flake.nix
@ -26,6 +26,8 @@
      url = "git+ssh://git@github.com/sonnenshift/battery-manager";
      inputs.nixpkgs.follows = "nixpkgs";
    };
+
+    nixpkgs-crowdsec.url = "github:tlater/nixpkgs/tlater/fix-crowdsec";
  };

  outputs =
@ -98,7 +100,16 @@
      # Garbage collection root #
      ###########################

-      packages.${system}.default = vm.config.system.build.vm;
+      packages.${system} =
+        let
+          localPkgs = import ./pkgs { inherit pkgs; };
+        in
+        {
+          default = vm.config.system.build.vm;
+          crowdsec = pkgs.callPackage "${inputs.nixpkgs-crowdsec}/pkgs/by-name/cr/crowdsec/package.nix" { };
+          crowdsec-hub = localPkgs.crowdsec.hub;
+          crowdsec-firewall-bouncer = localPkgs.crowdsec.firewall-bouncer;
+        };

      ###################
      # Utility scripts #
@ -115,6 +126,22 @@
              ${vm.config.system.build.vm.outPath}/bin/run-testvm-vm
            '').outPath;
        };
+
+        update-crowdsec-packages =
+          let
+            git = pkgs.lib.getExe pkgs.git;
+            nvfetcher = pkgs.lib.getExe pkgs.nvfetcher;
+          in
+          {
+            type = "app";
+            program =
+              (pkgs.writeShellScript "update-crowdsec-packages" ''
+                cd "$(${git} rev-parse --show-toplevel)"
+                cd ./pkgs/crowdsec
+                ${nvfetcher}
+                echo 'Remember to update the vendorHash of any go packages!'
+              '').outPath;
+          };
      };

      ###########################