diff options
Diffstat (limited to 'nixpkgs/pkgs/servers/kippo/default.nix')
-rw-r--r-- | nixpkgs/pkgs/servers/kippo/default.nix | 100 |
1 files changed, 100 insertions, 0 deletions
diff --git a/nixpkgs/pkgs/servers/kippo/default.nix b/nixpkgs/pkgs/servers/kippo/default.nix new file mode 100644 index 000000000000..3ebcaf7286b4 --- /dev/null +++ b/nixpkgs/pkgs/servers/kippo/default.nix @@ -0,0 +1,100 @@ +# This is the installation portion of kippo. +# This is somewhat jumbled together. There is no "easy_install" for kippo, +# and there isn't a way to regenerate the twistd plugin cache. +# +# Use the services.kippo options to properly configure if on NixOS. +# On other platforms there is a problem with hardcoded paths. +# Your best bet is to change kippo source to customise +# or manually copy the proper filesystems. +# At a minimum the following are required in /var/lib/kippo: +# honeyfs/ +# fs.pickle +# data/ +# txtcmds/ +# +# There is also benefit in preparing /var/log/kippo +# tty/ +# dl/ +# +# Most of these files need read/write permissions. +# +# Read only files: kippo.tac and kippo.cfg +# +# Execution may look like this: +# twistd -y kippo.tac --syslog --pidfile=kippo.pid +# +# Use this package at your own risk. + +{stdenv, fetchurl, pythonPackages }: + +let + + twisted_13 = pythonPackages.buildPythonPackage rec { + # NOTE: When updating please check if new versions still cause issues + # to packages like carbon (http://stackoverflow.com/questions/19894708/cant-start-carbon-12-04-python-error-importerror-cannot-import-name-daem) + disabled = pythonPackages.isPy3k; + + name = "Twisted-13.2.0"; + src = fetchurl { + url = "mirror://pypi/T/Twisted/${name}.tar.bz2"; + sha256 = "1wrcqv5lvgwk2aq83qb2s2ng2vx14hbjjk2gc30cg6h1iiipal89"; + }; + + propagatedBuildInputs = with pythonPackages; [ zope_interface ]; + + # Generate Twisted's plug-in cache. Twited users must do it as well. See + # http://twistedmatrix.com/documents/current/core/howto/plugin.html#auto3 + # and http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=477103 for + # details. + postInstall = "$out/bin/twistd --help > /dev/null"; + + meta = with stdenv.lib; { + homepage = https://twistedmatrix.com/; + description = "Twisted, an event-driven networking engine written in Python"; + longDescription = '' + Twisted is an event-driven networking engine written in Python + and licensed under the MIT license. + ''; + license = licenses.mit; + }; + }; + +in stdenv.mkDerivation rec { + name = "kippo-${version}"; + version = "0.8"; + src = fetchurl { + url = "https://storage.googleapis.com/google-code-archive-downloads/v2/code.google.com/kippo/${name}.tar.gz"; + sha256 = "0rd2mk36d02qd24z8s4xyy64fy54rzpar4379iq4dcjwg7l7f63d"; + }; + buildInputs = with pythonPackages; [ pycrypto pyasn1 twisted_13 ]; + installPhase = '' + substituteInPlace ./kippo.tac --replace "kippo.cfg" "$out/src/kippo.cfg" + substituteInPlace ./kippo.cfg --replace "log_path = log" "log_path = /var/log/kippo" \ + --replace "download_path = dl" "download_path = /var/log/kippo/dl" \ + --replace "contents_path = honeyfs" "filesystem_file = /var/lib/kippo/honeyfs" \ + --replace "filesystem_file = fs.pickle" "filesystem_file = /var/lib/kippo/fs.pickle" \ + --replace "data_path = data" "data_path = /var/lib/kippo/data" \ + --replace "txtcmds_path = txtcmds" "txtcmds_path = /var/lib/kippo/txtcmds" \ + --replace "public_key = public.key" "public_key = /var/lib/kippo/keys/public.key" \ + --replace "private_key = private.key" "private_key = /var/lib/kippo/keys/private.key" + mkdir -p $out/bin + mkdir -p $out/src + mv ./* $out/src + mv $out/src/utils/* $out/bin + ''; + + passthru.twisted = twisted_13; + + meta = with stdenv.lib; { + homepage = https://github.com/desaster/kippo; + description = "SSH Honeypot"; + longDescription = '' + Default port is 2222. Recommend using something like this for port redirection to default SSH port: + networking.firewall.extraCommands = ''' + iptables -t nat -A PREROUTING -i IN_IFACE -p tcp --dport 22 -j REDIRECT --to-port 2222''' ''; + license = licenses.bsd3; + platforms = platforms.linux; + maintainers = with maintainers; [ tomberek ]; + broken = true; # 2018-09-12, failed on hydra since 2017-12-11 + }; +} |