JakeHillion/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge branch 'tlsdate' of git://github.com/4z3/nixpkgs

Browse Source
This commit is contained in:
Shea Levy 2015-01-30 01:07:59 -05:00
commit 52d4b9d982
4 changed files with 154 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
nixos/modules/module-list.nix
View File

@ -292,6 +292,7 @@
./services/networking/tcpcrypt.nix ./services/networking/tcpcrypt.nix
./services/networking/teamspeak3.nix ./services/networking/teamspeak3.nix
./services/networking/tftpd.nix ./services/networking/tftpd.nix
./services/networking/tlsdated.nix
./services/networking/tox-bootstrapd.nix ./services/networking/tox-bootstrapd.nix
./services/networking/unbound.nix ./services/networking/unbound.nix
./services/networking/unifi.nix ./services/networking/unifi.nix

110
nixos/modules/services/networking/tlsdated.nix Normal file
View File

@ -0,0 +1,110 @@
{ config, lib, pkgs, ... }:
with lib;
let
inherit (pkgs) coreutils tlsdate;
cfg = config.services.tlsdated;
in
{
###### interface
options = {
services.tlsdated = {
enable = mkOption {
type = types.bool;
default = false;
description = ''
Enable tlsdated daemon.
'';
};
extraOptions = mkOption {
type = types.string;
description = ''
Additional command line arguments to pass to tlsdated.
'';
};
sources = mkOption {
type = types.listOf (types.submodule {
options = {
host = mkOption {
type = types.string;
description = ''
Remote hostname.
'';
};
port = mkOption {
type = types.int;
description = ''
Remote port.
'';
};
proxy = mkOption {
type = types.nullOr types.string;
default = null;
description = ''
The proxy argument expects HTTP, SOCKS4A or SOCKS5 formatted as followed:
http://127.0.0.1:8118
socks4a://127.0.0.1:9050
socks5://127.0.0.1:9050
The proxy support should not leak DNS requests and is suitable for use with Tor.
'';
};
};
});
default = [
{
host = "www.ptb.de";
port = 443;
proxy = null;
}
];
description = ''
You can list one or more sources to fetch time from.
'';
};
};
};
###### implementation
config = mkIf cfg.enable {
# Make tools such as tlsdate available in the system path
environment.systemPackages = [ tlsdate ];
systemd.services.tlsdated = {
description = "tlsdated daemon";
wantedBy = [ "multi-user.target" ];
serviceConfig = {
# XXX because pkgs.tlsdate is compiled to run as nobody:nogroup, we
# hard-code base-path to /tmp and use PrivateTmp.
ExecStart = "${tlsdate}/bin/tlsdated -f ${pkgs.writeText "tlsdated.confg" ''
base-path /tmp
${concatMapStrings (src: ''
source
host ${src.host}
port ${toString src.port}
proxy ${if src.proxy == null then "none" else src.proxy}
end
'') cfg.sources}
''} ${cfg.extraOptions}";
PrivateTmp = "yes";
};
};
};
}

41
pkgs/tools/networking/tlsdate/default.nix Normal file
View File

@ -0,0 +1,41 @@
{ stdenv, fetchgit
, autoconf
, automake
, libevent
, libtool
, pkgconfig
, openssl
}:
stdenv.mkDerivation {
name = "tlsdate-0.0.12";
src = fetchgit {
url = https://github.com/ioerror/tlsdate;
rev = "fd04f48ed60eb773c8e34d27ef2ee12ee7559a41";
sha256 = "d97b7cc6fe64799c12c31a9ebd3a69c9bc954de2eaa7f70d113d39544472854d";
};
buildInputs = [
autoconf
automake
libevent
libtool
pkgconfig
openssl
];
preConfigure = ''
export COMPILE_DATE=0
./autogen.sh
'';
doCheck = true;
meta = {
description = "Secure parasitic rdate replacement";
homepage = https://github.com/ioerror/tlsdate;
platforms = stdenv.lib.platforms.all;
maintainers = [ stdenv.lib.maintainers.tv ];
};
}

2
pkgs/top-level/all-packages.nix
View File

@ -2654,6 +2654,8 @@ let
tiny8086 = callPackage ../applications/virtualization/8086tiny { }; tiny8086 = callPackage ../applications/virtualization/8086tiny { };
tlsdate = callPackage ../tools/networking/tlsdate { };
tmpwatch = callPackage ../tools/misc/tmpwatch { }; tmpwatch = callPackage ../tools/misc/tmpwatch { };
tmux = callPackage ../tools/misc/tmux { }; tmux = callPackage ../tools/misc/tmux { };