pyrox.dev / nixpkgs
lol
fork atom

Merge branch 'tlsdate' of git://github.com/4z3/nixpkgs

Shea Levy 52d4b9d9 b35e0a09

+154
+1
nixos/modules/module-list.nix
··· 292 292 ./services/networking/tcpcrypt.nix 293 293 ./services/networking/teamspeak3.nix 294 294 ./services/networking/tftpd.nix 295 + ./services/networking/tlsdated.nix 295 296 ./services/networking/tox-bootstrapd.nix 296 297 ./services/networking/unbound.nix 297 298 ./services/networking/unifi.nix
+110
nixos/modules/services/networking/tlsdated.nix
··· 1 + { config, lib, pkgs, ... }: 2 + 3 + with lib; 4 + 5 + let 6 + inherit (pkgs) coreutils tlsdate; 7 + 8 + cfg = config.services.tlsdated; 9 + in 10 + 11 + { 12 + 13 + ###### interface 14 + 15 + options = { 16 + 17 + services.tlsdated = { 18 + 19 + enable = mkOption { 20 + type = types.bool; 21 + default = false; 22 + description = '' 23 + Enable tlsdated daemon. 24 + ''; 25 + }; 26 + 27 + extraOptions = mkOption { 28 + type = types.string; 29 + description = '' 30 + Additional command line arguments to pass to tlsdated. 31 + ''; 32 + }; 33 + 34 + sources = mkOption { 35 + type = types.listOf (types.submodule { 36 + options = { 37 + host = mkOption { 38 + type = types.string; 39 + description = '' 40 + Remote hostname. 41 + ''; 42 + }; 43 + port = mkOption { 44 + type = types.int; 45 + description = '' 46 + Remote port. 47 + ''; 48 + }; 49 + proxy = mkOption { 50 + type = types.nullOr types.string; 51 + default = null; 52 + description = '' 53 + The proxy argument expects HTTP, SOCKS4A or SOCKS5 formatted as followed: 54 + 55 + http://127.0.0.1:8118 56 + socks4a://127.0.0.1:9050 57 + socks5://127.0.0.1:9050 58 + 59 + The proxy support should not leak DNS requests and is suitable for use with Tor. 60 + ''; 61 + }; 62 + }; 63 + }); 64 + default = [ 65 + { 66 + host = "www.ptb.de"; 67 + port = 443; 68 + proxy = null; 69 + } 70 + ]; 71 + description = '' 72 + You can list one or more sources to fetch time from. 73 + ''; 74 + }; 75 + 76 + }; 77 + 78 + }; 79 + 80 + ###### implementation 81 + 82 + config = mkIf cfg.enable { 83 + 84 + # Make tools such as tlsdate available in the system path 85 + environment.systemPackages = [ tlsdate ]; 86 + 87 + systemd.services.tlsdated = { 88 + description = "tlsdated daemon"; 89 + wantedBy = [ "multi-user.target" ]; 90 + serviceConfig = { 91 + # XXX because pkgs.tlsdate is compiled to run as nobody:nogroup, we 92 + # hard-code base-path to /tmp and use PrivateTmp. 93 + ExecStart = "${tlsdate}/bin/tlsdated -f ${pkgs.writeText "tlsdated.confg" '' 94 + base-path /tmp 95 + 96 + ${concatMapStrings (src: '' 97 + source 98 + host ${src.host} 99 + port ${toString src.port} 100 + proxy ${if src.proxy == null then "none" else src.proxy} 101 + end 102 + '') cfg.sources} 103 + ''} ${cfg.extraOptions}"; 104 + PrivateTmp = "yes"; 105 + }; 106 + }; 107 + 108 + }; 109 + 110 + }
+41
pkgs/tools/networking/tlsdate/default.nix
··· 1 + { stdenv, fetchgit 2 + , autoconf 3 + , automake 4 + , libevent 5 + , libtool 6 + , pkgconfig 7 + , openssl 8 + }: 9 + 10 + stdenv.mkDerivation { 11 + name = "tlsdate-0.0.12"; 12 + 13 + src = fetchgit { 14 + url = https://github.com/ioerror/tlsdate; 15 + rev = "fd04f48ed60eb773c8e34d27ef2ee12ee7559a41"; 16 + sha256 = "d97b7cc6fe64799c12c31a9ebd3a69c9bc954de2eaa7f70d113d39544472854d"; 17 + }; 18 + 19 + buildInputs = [ 20 + autoconf 21 + automake 22 + libevent 23 + libtool 24 + pkgconfig 25 + openssl 26 + ]; 27 + 28 + preConfigure = '' 29 + export COMPILE_DATE=0 30 + ./autogen.sh 31 + ''; 32 + 33 + doCheck = true; 34 + 35 + meta = { 36 + description = "Secure parasitic rdate replacement"; 37 + homepage = https://github.com/ioerror/tlsdate; 38 + platforms = stdenv.lib.platforms.all; 39 + maintainers = [ stdenv.lib.maintainers.tv ]; 40 + }; 41 + }
+2
pkgs/top-level/all-packages.nix
··· 2654 2654 2655 2655 tiny8086 = callPackage ../applications/virtualization/8086tiny { }; 2656 2656 2657 + tlsdate = callPackage ../tools/networking/tlsdate { }; 2658 + 2657 2659 tmpwatch = callPackage ../tools/misc/tmpwatch { }; 2658 2660 2659 2661 tmux = callPackage ../tools/misc/tmux { };