move security tools to package

2024-11-09 18:47:02 +00:00 · 2021-10-04 01:48:11 -04:00 · 2021-10-04 01:48:11 -04:00 · 300647d18c
commit 300647d18c
parent 114fa54988
5 changed files with 69 additions and 62 deletions
--- a/flake.lock
+++ b/flake.lock
@ -17,11 +17,11 @@
    },
    "nixpkgs": {
      "locked": {
-        "lastModified": 1632639184,
-        "narHash": "sha256-fRLxre+gPxIkjFVj17O68pyAWU1cxT20XFOiulIWzRw=",
+        "lastModified": 1633083543,
+        "narHash": "sha256-thXKms0SvDirYb8/Hw0zqAE1TsuSFWd0y51mSzkPGLU=",
        "owner": "NixOS",
        "repo": "nixpkgs",
-        "rev": "fd8a7fd07da0f3fc0e27575891f45c2f88e5dd44",
+        "rev": "92609f3d9bc3acffbdbe54fa1c591a885612aa73",
        "type": "github"
      },
      "original": {
@ -39,11 +39,11 @@
    },
    "unstable": {
      "locked": {
-        "lastModified": 1632411313,
-        "narHash": "sha256-lekODc44lVo9/0EwGiX6LoEt2KhiPdcfNopealMJ7n4=",
+        "lastModified": 1633080050,
+        "narHash": "sha256-T9I2WnlUzAIL70dk9V1jqaYk3nypy/cMkWR19S47ZHc=",
        "owner": "NixOS",
        "repo": "nixpkgs",
-        "rev": "51bcdc4cdaac48535dabf0ad4642a66774c609ed",
+        "rev": "82155ff501c7622cb2336646bb62f7624261f6d7",
        "type": "github"
      },
      "original": {
--- a/flake.nix
+++ b/flake.nix
@ -13,6 +13,13 @@
          webshells = pkgs.callPackage ./pkgs/webshells { };
          weevely = pkgs.callPackage ./pkgs/weevely { };
        }
+        //
+        {
+          security-toolbox = pkgs.callPackage ./pkgs/security-toolbox {
+            pkgs = pkgs // self.packages.${pkgs.system};
+            unstable = unstable.legacyPackages.${pkgs.system};
+          };
+        }
        // (if pkgs.system != "x86_64-linux" then { } else
        {
          binaryninja = pkgs.callPackage ./pkgs/binary-ninja-personal { };
--- a/lib/hosts.nix
+++ b/lib/hosts.nix
@ -1,4 +1,4 @@
-{ path, nixosModule, unstable, ... }@inputs:
+{ path, nixosModule, ... }@inputs:
 let

  hostMetadata = builtins.mapAttrs
@ -13,16 +13,6 @@ let
          (nixosModule)
          (hostMeta.module)
          (_: { networking.hostName = hostName; })
-          (_: {
-            nixpkgs.overlays = [
-              (_: _: {
-                unstable = import unstable {
-                  inherit (hostMeta) system;
-                  config.allowUnfree = true;
-                };
-              })
-            ];
-          })
        ];
      };

--- a/modules/security-tools.nix
+++ b/modules/security-tools.nix
@ -3,56 +3,12 @@ let

  cfg = config.sconfig.security-tools;

-  proxybrowser = pkgs.writeShellScriptBin "proxybrowser" ''
-    exec ${pkgs.ungoogled-chromium}/bin/chromium \
-    --disable-background-networking \
-    --disable-default-apps \
-    --disable-plugins-discovery \
-    --disk-cache-size=0 \
-    --ignore-certificate-errors \
-    --no-default-browser-check \
-    --no-experiments \
-    --no-first-run \
-    --no-pings \
-    --no-service-autorun \
-    --user-data-dir="$HOME/.proxybrowser" \
-    --proxy-server="localhost:8080" \
-    --proxy-bypass-list='<-loopback>'
-  '';
-
 in
 {
  options.sconfig.security-tools = lib.mkEnableOption "Enable security tools";

  config = lib.mkIf cfg {
-    environment.systemPackages = with pkgs; [
-      binutils
-      bridge-utils
-      burpsuite
-      dhcpdump
-      dirb
-      exiftool
-      gef
-      ghidra-bin
-      gobuster
-      iptables-nftables-compat
-      macchanger
-      masscan
-      metasploit
-      net-snmp
-      nmap
-      openvpn
-      proxybrowser
-      remmina
-      socat
-      thc-hydra
-      webshells
-      weevely
-      wfuzz
-
-      unstable.exploitdb
-      unstable.postman
-    ];
+    environment.systemPackages = [ pkgs.security-toolbox ];

    programs = {
      wireshark.enable = true;
--- a/pkgs/security-toolbox/default.nix
+++ b/pkgs/security-toolbox/default.nix
@ -0,0 +1,54 @@
+{ pkgs, unstable }:
+let
+
+  proxybrowser = pkgs.writeShellScriptBin "proxybrowser" ''
+    exec ${pkgs.ungoogled-chromium}/bin/chromium \
+    --disable-background-networking \
+    --disable-default-apps \
+    --disable-plugins-discovery \
+    --disk-cache-size=0 \
+    --ignore-certificate-errors \
+    --no-default-browser-check \
+    --no-experiments \
+    --no-first-run \
+    --no-pings \
+    --no-service-autorun \
+    --user-data-dir="$HOME/.proxybrowser" \
+    --proxy-server="localhost:8080" \
+    --proxy-bypass-list='<-loopback>'
+  '';
+
+in
+pkgs.symlinkJoin {
+  name = "security-toolbox";
+  paths = with pkgs;
+    [
+      binutils
+      bridge-utils
+      dhcpdump
+      dirb
+      exiftool
+      gef
+      ghidra-bin
+      gobuster
+      iptables-nftables-compat
+      macchanger
+      masscan
+      net-snmp
+      nmap
+      openvpn
+      proxybrowser
+      remmina
+      socat
+      thc-hydra
+      webshells
+      weevely
+      wfuzz
+
+      unstable.exploitdb
+      unstable.metasploit
+
+      (burpsuite.overrideAttrs (_: { meta = { }; }))
+      (unstable.postman.overrideAttrs (_: { meta = { }; }))
+    ];
+}