Another noob question here. I wanted to create a flake to install packages
*flake.nix
*
{
description = "Pentesting Tools";
inputs = {
nixpkgs.url = "github:NixOS/nixpkgs/nixpkgs-unstable";
utils.url = "github:numtide/flake-utils";
};
outputs = { self, nixpkgs, utils, ... }@inputs:
let
lib = nixpkgs.lib;
# to work with older version of flakes
lastModifiedDate = self.lastModifiedDate or self.lastModified or "19700101";
# Generate a user-friendly version number.
version = builtins.substring 0 8 lastModifiedDate;
in
{
nixosModules = {
inherit lib;
default = import ./modules;
};
packages =
let
system = "x86_64-linux";
pkgs = import nixpkgs { inherit system; };
in
utils.lib.eachDefaultSystemMap (system: {
porch_pirate = pkgs.callPackage ./pkgs/porch_pirate { };
});
};
}
*/mdoules/default.nix
*
{ config, lib, pkgs, ... }:
let
cfg = config.pentesting;
in
{
options.pentesting= {
enable = lib.mkEnableOption {
default = true;
description = "newtwork analysis";
};
...
};
config = lib.mkIf cfg.enable {
environment.systemPackages = with pkgs; [
ghidra # A software reverse engineering (SRE) suite of tools developed by NSA's Research Directorate in support of the Cybersecurity mission
spoofer-gui # Assess and report on deployment of source address validation
spoofer # Assess and report on deployment of source address validati
];
};
imports = [
./audit.nix
./bruteforce.nix
./generators.nix
./ids.nix
./explotation.nix
./mitmproxy.nix
./osint.nix
./sniffer.nix
./vulnerability.nix
];
}
However, even after running sudo nixos-rebuild --flake '.#' switch --upgrade
the packages I defined in the flake are not installed
config = lib.mkIf cfg.enable {
environment.systemPackages = with pkgs; [
ghidra
I am pretty sure something is missing , so what I have to do, that the packages defined in the flake are installed?
TLATER
June 30, 2024, 2:48pm
2
What you’ve defined is a set of modules someone can import from your flake, not a nixosConfiguration
. nixos-rebuild
should have given you an error of some kind - you need to import that module in a NixOS config for it to have any meaning.
You’d need another flake for your system config that does something like:
{
inputs = {
nixpkgs.url = "github:NixOS/nixpkgs/nixpkgs-unstable";
pentesting.url = "gitlab:papanito/nix-flake-pentesting";
};
outputs = { nixpkgs, pentesting, ... }: {
nixosConfigurations.<hostname> = nixpkgs.lib.nixosSystem {
system = "<host architecture>";
modules = [
./configuration.nix
pentesting.nixosModules.default
];
};
};
}
While I’m here:
papanito:
--upgrade
That switch only does anything with channels, to upgrade a nix flake you need to use nix flake update
(or nix flake lock --update-input
) explicitly.
Many thanks @TLATER to have a look at my issue
This is what I have, currently using a local path for testing
{
inputs = {
agenix.url = "github:ryantm/agenix";
nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
disko.url = "github:nix-community/disko";
pentesting = {
url = "/home/papanito/Workspaces/papanito/nix-pentesting";
inputs.nixpkgs.follows = "nixpkgs";
};
};
outputs = { self, nixpkgs, disko, ... }@inputs:
let
# System types to support.
supportedSystems = [ "x86_64-linux" "x86_64-darwin" "aarch64-linux" "aarch64-darwin" ];
# Helper function to generate an attrset '{ x86_64-linux = f "x86_64-linux"; ... }'.
forAllSystems = nixpkgs.lib.genAttrs supportedSystems;
# Nixpkgs instantiated for supported system types.
nixpkgsFor = forAllSystems (system: import nixpkgs { inherit system; overlays = [ self.overlay ]; });
system = "x86_64-linux";
pkgs = nixpkgs.legacyPackages.${system};
in
{
pkgs = forAllSystems (system:
let pkgs = nixpkgs.legacyPackages.${system};
#in { default = import ./pkgs { inherit pkgs; }; }
in { inherit pkgs; }
);
nixosConfigurations = {
clawfinger = nixpkgs.lib.nixosSystem {
specialArgs = { inherit inputs; };
inherit system;
modules = [
./configuration.nix
./hosts/clawfinger # Include the results of the hardware scan.
./users.nix
inputs.agenix.nixosModules.default
inputs.pentesting.nixosModules.default
...
Yes I also do run nix flake update
, but still no packages installed…
1 Like
should adding the flake to
modules = [
enough, or do I need to do something else.
TLATER
July 10, 2024, 10:36pm
6
That should be fine. Something else is going wrong if the packages aren’t being installed, your configuration looks correct.
Maybe untangle it a bit by first just copying the module without the flake indirection to your config and adding it to modules there. That’d show whether your configuration, flake, or inputs are wrong.
I have defined options defaulting to true
{ config, lib, pkgs, ... }:
let
cfg = config.pentesting;
in
{
options.pentesting= {
enable = lib.mkEnableOption {
default = true;
description = "newtwork analysis";
};
audit = lib.mkEnableOption {
default = true;
description = "audit and configuration checks";
};
However, seems this does not work. I have to explicitly in my config
pentesting = {
enable = true;
audit = true;
bruteforce = true;
...
};
}
TLATER
July 13, 2024, 5:41pm
8
Ah, yeah, huh. That’s not how enable options are defined, they only take a name: nixpkgs/lib/options.nix at d53c5937fcc4ace8b4ecedeb247041729638a08a · NixOS/nixpkgs · GitHub
Surprising that that even works with a non-string type.
1 Like