blob: bde17e611c885aa2b0404c4fb04d3f16a1daad2e (
about) (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
|
{
lib,
buildGoModule,
fetchFromGitHub,
installShellFiles,
}:
buildGoModule rec {
pname = "crowdsec";
version = "1.6.11";
src = fetchFromGitHub {
owner = "crowdsecurity";
repo = "crowdsec";
tag = "v${version}";
hash = "sha256-fHnd/pnmVAPvCtae4aRS66tXmMp6DgNagqWNrT9hcw8=";
};
vendorHash = "sha256-ImrXOD3kIlNsEZOTeMA6UFvMZCnfMOTZOXtY3ger8YI=";
nativeBuildInputs = [ installShellFiles ];
subPackages = [
"cmd/crowdsec"
"cmd/crowdsec-cli"
];
ldflags = [
"-s"
"-w"
"-X github.com/crowdsecurity/go-cs-lib/version.Version=v${version}"
"-X github.com/crowdsecurity/go-cs-lib/version.BuildDate=1970-01-01_00:00:00"
"-X github.com/crowdsecurity/go-cs-lib/version.Tag=v${version}"
"-X github.com/crowdsecurity/crowdsec/pkg/cwversion.Codename=alphaga"
"-X github.com/crowdsecurity/crowdsec/pkg/csconfig.defaultConfigDir=/etc/crowdsec"
"-X github.com/crowdsecurity/crowdsec/pkg/csconfig.defaultDataDir=/var/lib/crowdsec/data"
];
postBuild = "mv $GOPATH/bin/{crowdsec-cli,cscli}";
postInstall = ''
mkdir -p $out/share/crowdsec
cp -r ./config $out/share/crowdsec/
mkdir -p $out/lib/systemd/system
substitute ./config/crowdsec.service $out/lib/systemd/system/crowdsec.service \
--replace-fail /usr/local $out
installShellCompletion --cmd cscli \
--bash <($out/bin/cscli completion bash) \
--fish <($out/bin/cscli completion fish) \
--zsh <($out/bin/cscli completion zsh)
'';
# It's important that the version is correctly set as it also determines feature capabilities
preCheck = ''
version=$($GOPATH/bin/cscli version 2>&1 | sed -nE 's/^version: (.*)/\1/p')
if [ "$version" != "v${version}" ]; then
echo "Invalid version string: '$version'"
exit 1
fi
'';
meta = {
homepage = "https://crowdsec.net/";
changelog = "https://github.com/crowdsecurity/crowdsec/releases/tag/v${version}";
description = "CrowdSec is a free, open-source and collaborative IPS";
longDescription = ''
CrowdSec is a free, modern & collaborative behavior detection engine,
coupled with a global IP reputation network. It stacks on fail2ban's
philosophy but is IPV6 compatible and 60x faster (Go vs Python), uses Grok
patterns to parse logs and YAML scenario to identify behaviors. CrowdSec
is engineered for modern Cloud/Containers/VM based infrastructures (by
decoupling detection and remediation). Once detected you can remedy
threats with various bouncers (firewall block, nginx http 403, Captchas,
etc.) while the aggressive IP can be sent to CrowdSec for curation before
being shared among all users to further improve everyone's security.
'';
license = lib.licenses.mit;
maintainers = with lib.maintainers; [
jk
urandom
];
};
}
|
