Last active
October 23, 2024 14:54
-
-
Save paulvictor/2157232de5f55addb17bb7d517305b8d to your computer and use it in GitHub Desktop.
wazuh
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| {pkgs ? import <nixpkgs> {}}: | |
| with pkgs; | |
| let | |
| dependencyVersion = "30"; | |
| dependencies = [ | |
| { | |
| name = "cJSON"; | |
| sha256 = "sha256-Z415YxjaV9XzgHXnS7s7dzddw/i7Sdo0GtG0PEF+jME="; | |
| } | |
| { | |
| name = "curl"; | |
| sha256 = "sha256-QBUdS8paLByEDtIkNx/g2VFSMXalvDxNA2Lz2m+WZUA="; | |
| } | |
| { | |
| name = "libdb"; | |
| sha256 = "sha256-fpxE6Mf9sYb/UhqNCFsb+mNNNC3Md37Oofv5qYq13F4="; | |
| } | |
| { | |
| name = "libffi"; | |
| sha256 = "sha256-DpcfZLrMIglOifA0u6B1tA7MLCwpAO7NeuhYFf1sn2k="; | |
| } | |
| { | |
| name = "libyaml"; | |
| sha256 = "sha256-NdqtYIs3LVzgmfc4wPIb/MA9aSDZL0SDhsWE5mTxN2o="; | |
| } | |
| { | |
| name = "openssl"; | |
| sha256 = "sha256-I4QVZBEgyPednBwsr5e4jT1tvtVihZ3QZjvUto3CF54="; | |
| } | |
| { | |
| name = "procps"; | |
| sha256 = "sha256-Ih85XinRvb5LrMnbOWAu7guuaFqTVDe+DX/rQuMZLQc="; | |
| } | |
| { | |
| name = "sqlite"; | |
| sha256 = "sha256-mo+mqRb4whB+1l2rjc7TkmBOF1EE1qjDycE4NHmGnwc="; | |
| } | |
| { | |
| name = "zlib"; | |
| sha256 = "sha256-tZ04FJ8MKexU0nZmEevFpRoDK/lxfjmprwD7bLhTK4s="; | |
| } | |
| { | |
| name = "audit-userspace"; | |
| sha256 = "sha256-6Coy5e35OwVRYOFLyX9B3q05KHklhR3ICnY44tTTBDQ="; | |
| } | |
| { | |
| name = "msgpack"; | |
| sha256 = "sha256-BtY7zzKJbNCvVIDEARNLGtHBZv2E6+W0hueSEB7oVOI="; | |
| } | |
| { | |
| name = "bzip2"; | |
| sha256 = "sha256-J2iO4DFqZLOeURssIkBwytl8OUpfcR+dBV/BgJ2JW80="; | |
| } | |
| { | |
| name = "nlohmann"; | |
| sha256 = "sha256-zvsHk209W/3T78Xpu408gH1oEnO9rC6Ds9Z67y0RWMQ="; | |
| } | |
| { | |
| name = "googletest"; | |
| sha256 = "sha256-jB6KCn8iHCEl6Z5qy3CdorpHJHa00FfFjeUEvr841Bc="; | |
| } | |
| { | |
| name = "libpcre2"; | |
| sha256 = "sha256-WoDWVNfRSz25+jpJ179EpJhoO0Z4SojOxRSosZR2e5I="; | |
| } | |
| { | |
| name = "libplist"; | |
| sha256 = "sha256-iCeNS9/BvWo6GlWk89kzaD0nMroJz3p0n+jsjuxAbjw="; | |
| } | |
| { | |
| name = "pacman"; | |
| sha256 = "sha256-9n3Tiir7NA19YDUNSbdamDp8TgGtdgIFaSDv6EnVsUM="; | |
| } | |
| { | |
| name = "libarchive"; | |
| sha256 = "sha256-yVgEgXXa1aE9CFHQPHwaNjYeEujpPnQywYROlUnd9Yo="; | |
| } | |
| { | |
| name = "popt"; | |
| sha256 = "sha256-1ogKBmIsoy3EqjmtXc977y+qgb2TGvvmS6Q0rY/uHao="; | |
| } | |
| { | |
| name = "rpm"; | |
| sha256 = "sha256-rvwlMB7M8irFHL2BOn89RHHxxCYYFy7lSKKbGVmsW68="; | |
| } | |
| { | |
| name = "cpython"; | |
| sha256 = "sha256-wDZPE1+nKM5bG75ht35mV0PvQ7yYTy7hbW5+QumacHY="; | |
| } | |
| { | |
| name = "jemalloc"; | |
| sha256 = "sha256-KyLoWzUsffVQukCKQiUeUejf+myRqi4ftIBKsxf/vKA="; | |
| } | |
| { | |
| name = "lua"; | |
| sha256 = "sha256-Yu634kskbFBwi81Nkts8nejRltlMnDO4v/QA8l8QWh8="; | |
| } | |
| { | |
| name = "lzma"; | |
| sha256 = "sha256-TODBktQQcrVnmvibtTHvtoXIJnpLfiAFmZFJrBcCgTQ="; | |
| } | |
| { | |
| name = "rocksdb"; | |
| sha256 = "sha256-7u1go9Tin3MF55+fXOvUJhF0JhIn8bWn0F2lVWVnVDY="; | |
| } | |
| { | |
| name = "benchmark"; | |
| sha256 = "sha256-lMV6oMsr142+nnfTMsvGRNrw/s3JoJYyBIvm4J+c7Ws="; | |
| } | |
| { | |
| name = "flatbuffers"; | |
| sha256 = "sha256-lDaZof6GwZc3HNIUxMNV2g8lOjCT8Mc/t0y0xIuJeKk="; | |
| } | |
| { | |
| name = "cpp-httplib"; | |
| sha256 = "sha256-ZRdXMmNhFoa5IZunlsNfVKMG6yfcPHLhgH8qCjTKweg="; | |
| } | |
| ]; | |
| dependencyDrvs = | |
| map ({name, sha256}: | |
| fetchurl { | |
| url = "https://packages.wazuh.com/deps/${dependencyVersion}/libraries/sources/${name}.tar.gz"; | |
| inherit sha256; | |
| } | |
| ) dependencies; | |
| wazuh-http-request = fetchFromGitHub { | |
| owner = "wazuh"; | |
| repo = "wazuh-http-request"; | |
| rev = "8a302e514de6ef4df86717027682922f705330f4"; | |
| hash = "sha256-lXi/2qQV3v3mikR2SxK0DMpTuw8Dqka5SccA0xMnP0s="; | |
| }; | |
| in | |
| stdenv.mkDerivation rec { | |
| pname = "wazuh-agent"; | |
| version = "4.9.1"; | |
| meta = { | |
| description = "Wazuh agent for NixOS"; | |
| homepage = "https://wazuh.com"; | |
| maintainers = builtins.attrValues { | |
| inherit (lib.maintainers) V3ntus sjdwhiting; | |
| }; | |
| }; | |
| # src = ./.; | |
| src = fetchFromGitHub { | |
| owner = "wazuh"; | |
| repo = "wazuh"; | |
| rev = "v${version}"; | |
| sha256 = "sha256-OiNwKX/bGjh9e7EQ/8ylY2SSjifqu9vfpne9mvHvEmM="; | |
| }; | |
| workingDirectory = "${builtins.currentSystem}-src"; | |
| env = { | |
| OSSEC_LIBS = "-lzstd"; | |
| }; | |
| buildInputs = [ | |
| autoconf | |
| automake | |
| cmake | |
| curl | |
| stdenv.cc.libcxx | |
| stdenv.cc.coreutils_bin | |
| libtool | |
| openssl | |
| perl | |
| policycoreutils | |
| python312 | |
| zstd | |
| ]; | |
| unpackPhase = '' | |
| mkdir -p $workingDirectory/src/external | |
| cp --no-preserve=all -rf $src/* $workingDirectory | |
| pushd $workingDirectory | |
| ${patch}/bin/patch -p1 < ''${nixosPatch} | |
| popd | |
| ${lib.strings.concatMapStringsSep "\n" (dep: "tar -xzf ${dep} -C $workingDirectory/src/external") dependencyDrvs} | |
| cp --no-preserve=all -rf ${wazuh-http-request}/* $workingDirectory/src/shared_modules/http-request/ | |
| ''; | |
| nixosPatch = ./nixos.patch; | |
| patchPhase = '' | |
| # Patch audit_userspace autogen.sh script | |
| substituteInPlace $workingDirectory/src/external/audit-userspace/autogen.sh \ | |
| --replace-warn "cp INSTALL.tmp INSTALL" "" | |
| # patch -p0 < ./nixos.patch | |
| # Bypass check for tar file | |
| touch $workingDirectory/src/external/cpython.tar | |
| cat << EOF > "$workingDirectory/etc/preloaded-vars.conf" | |
| USER_LANGUAGE="en" | |
| USER_NO_STOP="y" | |
| USER_INSTALL_TYPE="agent" | |
| USER_DIR="$out" | |
| USER_DELETE_DIR="n" | |
| USER_ENABLE_ACTIVE_RESPONSE="y" | |
| USER_ENABLE_SYSCHECK="y" | |
| USER_ENABLE_ROOTCHECK="y" | |
| USER_ENABLE_OPENSCAP="y" | |
| USER_ENABLE_SYSCOLLECTOR="y" | |
| USER_ENABLE_SECURITY_CONFIGURATION_ASSESSMENT="y" | |
| USER_AGENT_SERVER_IP=127.0.0.1 | |
| USER_CA_STORE="no" | |
| EOF | |
| ln -sf ${libgcc.lib}/lib/libgcc_s.so.1 $workingDirectory/src/libgcc_s.so.1 | |
| ln -sf ${libgcc.lib}/lib/libstdc++.so.6 $workingDirectory/src/libstdc++.so.6 | |
| ''; | |
| dontConfigure = true; | |
| makeFlags = [ "-C ${workingDirectory}/src" "TARGET=agent" "INSTALLDIR=$out" ]; | |
| preBuild = '' | |
| make -C $workingDirectory/src deps | |
| ''; | |
| enableParallelBuilding = true; | |
| dontFixup = true; | |
| installPhase = '' | |
| mkdir -p $out/{bin,etc/shared,queue,var,wodles,logs,lib,tmp,agentless,active-response} | |
| # Bypass root check | |
| substituteInPlace $workingDirectory/install.sh \ | |
| --replace-warn "Xroot" "Xnixbld" | |
| chmod u+x $workingDirectory/install.sh | |
| # Allow files to copy over even if permissions are not changed | |
| substituteInPlace $workingDirectory/src/init/inst-functions.sh \ | |
| --replace-warn "WAZUH_GROUP='wazuh'" "WAZUH_GROUP='nixbld'" \ | |
| --replace-warn "WAZUH_USER='wazuh'" "WAZUH_USER='nixbld'" | |
| cd $workingDirectory # Must run install from src | |
| INSTALLDIR=$out USER_DIR=$out ./install.sh binary-install | |
| chmod u+x $out/bin/* $out/active-response/bin/* | |
| rm -rf $out/src # Remove src | |
| ''; | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| diff --git a/src/Makefile b/src/Makefile | |
| index 9f36cc5562..7a5a8ffa45 100644 | |
| --- a/src/Makefile | |
| +++ b/src/Makefile | |
| @@ -794,15 +794,9 @@ endif | |
| ${WAZUH_LIB_OUTPUT_PATH}${LIBSTDCPP_NAME}: ${libstdc++_path} | |
| cp $< $@ | |
| -ifneq (${uname_S},AIX) | |
| - ${STRIP_TOOL} -x $@ | |
| -endif | |
| ${WAZUH_LIB_OUTPUT_PATH}${LIBGCC_S_NAME}: ${libgcc_s_path} | |
| cp $< $@ | |
| -ifneq (${uname_S},AIX) | |
| - ${STRIP_TOOL} -x $@ | |
| -endif | |
| .PHONY: server local hybrid agent selinux | |
| @@ -955,7 +949,7 @@ endif | |
| ifeq ($(CHECK_CENTOS5),YES) | |
| EXTERNAL_LIBS += $(PROCPS_LIB) | |
| else | |
| -EXTERNAL_LIBS += $(PROCPS_LIB) $(LIBALPM_LIB) $(LIBARCHIVE_LIB) | |
| +EXTERNAL_LIBS += $(PROCPS_LIB) $(LIBALPM_LIB) $(LIBARCHIVE_LIB) $(DB_LIB) | |
| endif | |
| endif | |
| endif | |
| @@ -1025,7 +1019,7 @@ else | |
| cd ${EXTERNAL_OPENSSL} && ./Configure $(OPENSSL_FLAGS) solaris-sparcv9-gcc && ${MAKE} build_libs | |
| endif | |
| else | |
| - cd ${EXTERNAL_OPENSSL} && ./config $(OPENSSL_FLAGS) && ${MAKE} build_libs | |
| + cd ${EXTERNAL_OPENSSL} && perl ./Configure $(OPENSSL_FLAGS) && ${MAKE} build_libs | |
| endif | |
| endif | |
| endif |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment