commit e98a8367ecfa30b125bdf31fb5c66b137d3d31ac · tjh.dev/nixpkgs

tjh.dev / nixpkgs

Clone of https://github.com/NixOS/nixpkgs.git (to stress-test knotserver)

jitterentropy-rngd: init at 1.2.8

Add jitterentropy-rngd, a tool similar to rng-tools.
While not necessarily needed, it is useful for those
who want to strengthen their kernel entropy input pool
by periodic insertion of an independent source.

The entropy source is a NIST SP800-90B compliant
non-physical true RNG source on most systems.
See the jitterentropy documentation for details
(http://chronox.de/jent/doc/CPU-Jitter-NPTRNG.pdf).

Signed-off-by: Markus Theil <theil.markus@gmail.com>

Markus Theil 2 years ago e98a8367 79c799f5

+53

3 changed files

expand all

unified split

nixos

modules

module-list.nix

services

security

jitterentropy-rngd.nix

pkgs

by-name

jitterentropy-rngd

package.nix

nixos/modules/module-list.nix

··· 1148 1148 ./services/security/hologram-agent.nix 1149 1149 ./services/security/hologram-server.nix 1150 1150 ./services/security/infnoise.nix 1151 + ./services/security/jitterentropy-rngd.nix 1151 1152 ./services/security/kanidm.nix 1152 1153 ./services/security/munge.nix 1153 1154 ./services/security/nginx-sso.nix

+18

nixos/modules/services/security/jitterentropy-rngd.nix

··· 1 + { lib, config, pkgs, ... }: 2 + let 3 + cfg = config.services.jitterentropy-rngd; 4 + in 5 + { 6 + options.services.jitterentropy-rngd = { 7 + enable = 8 + lib.mkEnableOption (lib.mdDoc "jitterentropy-rngd service configuration"); 9 + package = lib.mkPackageOptionMD pkgs "jitterentropy-rngd" { }; 10 + }; 11 + 12 + config = lib.mkIf cfg.enable { 13 + systemd.packages = [ cfg.package ]; 14 + systemd.services."jitterentropy".wantedBy = [ "basic.target" ]; 15 + }; 16 + 17 + meta.maintainers = with lib.maintainers; [ thillux ]; 18 + }

+34

pkgs/by-name/ji/jitterentropy-rngd/package.nix

··· 1 + { lib, stdenv, fetchFromGitHub }: 2 + 3 + stdenv.mkDerivation rec { 4 + pname = "jitterentropy-rngd"; 5 + version = "1.2.8"; 6 + 7 + src = fetchFromGitHub { 8 + owner = "smuellerDD"; 9 + repo = pname; 10 + rev = "v${version}"; 11 + hash = "sha256-LDym636ss3B1G/vrqatu9g5vbVEeDX0JQcxZ/IxGeY0="; 12 + }; 13 + 14 + enableParallelBuilding = true; 15 + 16 + installPhase = '' 17 + runHook preInstall 18 + 19 + mkdir -p $out 20 + make install DESTDIR= PREFIX=$out UNITDIR=$out/lib/systemd/system 21 + 22 + runHook postInstall 23 + ''; 24 + 25 + meta = with lib; { 26 + description = ''A random number generator, which injects entropy to the kernel''; 27 + homepage = "https://github.com/smuellerDD/jitterentropy-rngd"; 28 + changelog = "https://github.com/smuellerDD/jitterentropy-rngd/releases/tag/v${version}"; 29 + license = [ licenses.gpl2Only licenses.bsd3 ]; 30 + platforms = platforms.linux; 31 + maintainers = with maintainers; [ thillux ]; 32 + mainProgram = "jitterentropy-rngd"; 33 + }; 34 + }