While creating a flake, I am packaging a custom shell script which needs dunst and cron to work.
I am successfully able to create a module for dunst, but unable to do so for cron as simple cron config won’t work, the script uses crontab to create a custom job when used with -n option:
if [ "$end" ]; then
echo "Disabling NIST NVD feed popup notification..."
crontab -l | sed '/nist-feed/d' | crontab
rm -rf $last_cve_file
rm -rf $cve_json_file
exit 0
fi
if [[ "$id" != "$LAST_CVE" ]] || [ $(crontab -l | wc -c) -eq 0 ];then #if the previous CVE is different from the current one, OR the crontab is empty, popup notification
if [[ ! "$notify" ]]; then #LAST_CVE must be set only if the user does not set the notification parameters, otherwise when crontab will call the 1st time nist-feed, $id is already = to $LAST_CVE
echo "$id" > $last_cve_file
#Generate the popup notification
killall dunst;notify-send -u normal "$id" "$description\n\n<b>$nvdURL</b>"
fi
if [[ "$notify" -eq 1 ]] && [ ! "$severity" ] && [ ! "$metric" ]; then
crontab -l | sed '/nist-feed/d' | crontab
(crontab -l 2>/dev/null; echo "*/30 * * * * ( killall dunst ; XDG_RUNTIME_DIR=/run/user/$(id -u) /usr/local/bin/nist-feed -l)") | crontab -
elif [[ "$notify" -eq 1 ]] && [ "$severity" ] && [ ! "$metric" ]; then
crontab -l | sed '/nist-feed/d' | crontab
(crontab -l 2>/dev/null; echo "*/30 * * * * ( killall dunst ; XDG_RUNTIME_DIR=/run/user/$(id -u) /usr/local/bin/nist-feed -l -s $severity)") | crontab -
elif [[ "$notify" -eq 1 ]] && [ ! "$severity" ] && [ "$metric" ]; then
crontab -l | sed '/nist-feed/d' | crontab
(crontab -l 2>/dev/null; echo "*/30 * * * * ( killall dunst ; XDG_RUNTIME_DIR=/run/user/$(id -u) /usr/local/bin/nist-feed -l -m $metric)") | crontab -
elif [[ "$notify" -eq 1 ]] && [ "$severity" ] && [ "$metric" ]; then
crontab -l | sed '/nist-feed/d' | crontab
(crontab -l 2>/dev/null; echo "*/30 * * * * ( killall dunst ; XDG_RUNTIME_DIR=/run/user/$(id -u) /usr/local/bin/nist-feed -l -s $severity -m $metric)") | crontab -
fi
fi
Here’s the package source, and here’s the nist-feed package:
{ stdenv
, lib
, fetchFromGitHub
, makeWrapper
, bash
, jq
, killall
, libnotify
}:
stdenv.mkDerivation rec {
pname = "nist-feed";
version = "unstable-2024-01-20";
src = fetchFromGitHub {
owner = "D3vil0p3r";
repo = "NIST-Feed";
rev = "775bd871490b680784a1855cdc1d4958a83a7866";
hash = "sha256-OcVf766q7vELYkGOEzQMLS6zH8Nn96ibGP+6kizHN28=";
};
buildInputs = [ bash ];
nativeBuildInputs = [ makeWrapper ];
postPatch = ''
substituteInPlace nist-feed \
--replace "/usr/local/bin/nist-feed" $out/bin/nist-feed
'';
installPhase = ''
runHook preInstall
install -Dm755 nist-feed -D $out/bin/nist-feed
wrapProgram "$out/bin/nist-feed" \
--prefix PATH : "$out/bin:${lib.makeBinPath [ jq killall libnotify ]}"
runHook postInstall
'';
meta = with lib; {
description = "NIST NVD feed and popup notifications";
homepage = "https://github.com/D3vil0p3r/NIST-Feed/";
license = licenses.gpl3Plus;
maintainers = with maintainers; [ octodi ];
mainProgram = "nist-feed";
};
}