From cb6dc7159998c45113dcc79f0a7b8443109ea1cd Mon Sep 17 00:00:00 2001 From: Thomas Bereknyei Date: Fri, 31 Jul 2015 00:22:44 -0400 Subject: [PATCH] GateOne: init at 1.2 --- nixos/modules/misc/ids.nix | 2 + nixos/modules/module-list.nix | 1 + nixos/modules/services/networking/gateone.nix | 59 +++++++++++++++++++ pkgs/top-level/python-packages.nix | 18 ++++++ 4 files changed, 80 insertions(+) create mode 100644 nixos/modules/services/networking/gateone.nix diff --git a/nixos/modules/misc/ids.nix b/nixos/modules/misc/ids.nix index b25e3d7e40db..1e5393f26b54 100644 --- a/nixos/modules/misc/ids.nix +++ b/nixos/modules/misc/ids.nix @@ -228,6 +228,7 @@ subsonic = 204; riak = 205; shout = 206; + gateone = 207; # When adding a uid, make sure it doesn't match an existing gid. And don't use uids above 399! @@ -434,6 +435,7 @@ subsonic = 204; riak = 205; #shout = 206; #unused + gateone = 207; # When adding a gid, make sure it doesn't match an existing # uid. Users and groups with the same name should have equal diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix index 212555d7efcc..cafb869501fb 100644 --- a/nixos/modules/module-list.nix +++ b/nixos/modules/module-list.nix @@ -283,6 +283,7 @@ ./services/networking/firewall.nix ./services/networking/flashpolicyd.nix ./services/networking/freenet.nix + ./services/networking/gateone.nix ./services/networking/git-daemon.nix ./services/networking/gnunet.nix ./services/networking/gogoclient.nix diff --git a/nixos/modules/services/networking/gateone.nix b/nixos/modules/services/networking/gateone.nix new file mode 100644 index 000000000000..b8ae5490d7ba --- /dev/null +++ b/nixos/modules/services/networking/gateone.nix @@ -0,0 +1,59 @@ +{ config, lib, pkgs, ...}: +with lib; +let + cfg = config.services.gateone; +in +{ +options = { + services.gateone = { + enable = mkEnableOption "GateOne server"; + pidDir = mkOption { + default = "/run/gateone"; + type = types.path; + description = ''Path of pid files for GateOne.''; + }; + settingsDir = mkOption { + default = "/var/lib/gateone"; + type = types.path; + description = ''Path of configuration files for GateOne.''; + }; + }; +}; +config = mkIf cfg.enable { + environment.systemPackages = with pkgs.pythonPackages; [ + gateone pkgs.openssh pkgs.procps pkgs.coreutils ]; + + users.extraUsers.gateone = { + description = "GateOne privilege separation user"; + uid = config.ids.uids.gateone; + home = cfg.settingsDir; + }; + users.extraGroups.gateone.gid = config.ids.gids.gateone; + + systemd.services.gateone = with pkgs; { + description = "GateOne web-based terminal"; + path = [ pythonPackages.gateone nix openssh procps coreutils ]; + preStart = '' + if [ ! -d ${cfg.settingsDir} ] ; then + mkdir -m 0750 -p ${cfg.settingsDir} + mkdir -m 0750 -p ${cfg.pidDir} + chown -R gateone.gateone ${cfg.settingsDir} + chown -R gateone.gateone ${cfg.pidDir} + fi + ''; + #unitConfig.RequiresMountsFor = "${cfg.settingsDir}"; + serviceConfig = { + ExecStart = ''${pythonPackages.gateone}/bin/gateone --settings_dir=${cfg.settingsDir} --pid_file=${cfg.pidDir}/gateone.pid --gid=${toString config.ids.gids.gateone} --uid=${toString config.ids.uids.gateone}''; + User = "gateone"; + Group = "gateone"; + WorkingDirectory = cfg.settingsDir; + PermissionsStartOnly = true; + + }; + + wantedBy = [ "multi-user.target" ]; + requires = [ "network.target" ]; + }; +}; +} + diff --git a/pkgs/top-level/python-packages.nix b/pkgs/top-level/python-packages.nix index 39c459259eae..c2f17a66dfcc 100644 --- a/pkgs/top-level/python-packages.nix +++ b/pkgs/top-level/python-packages.nix @@ -3432,6 +3432,24 @@ let }; }; + gateone = buildPythonPackage rec { + name = "gateone-1.2-0d57c3"; + disabled = ! isPy27; + src = pkgs.fetchFromGitHub { + rev = "11ed97c663b3e8c1b8eba473b5cf8362b10d57c3"; + owner= "liftoff"; + repo = "GateOne"; + sha256 ="0zp9vfs6sqbx4d0g45kkjinfmsl9zqwa6bhp3xd81wx3ph9yr1hq"; + }; + propagatedBuildInputs = with pkgs.pythonPackages; [tornado futures html5lib readline pkgs.openssl]; + meta = { + homepage = https://liftoffsoftware.com/; + description = "GateOne is a web-based terminal emulator and SSH client"; + maintainers = with maintainers; [ tomberek ]; + + }; + }; + gcutil = buildPythonPackage rec { name = "gcutil-1.16.1"; meta.maintainers = with maintainers; [ phreedom ];