dave/nix-config
1
0
Fork 0
mirror of https://github.com/davegallant/nix-config synced 2025-08-06 03:13:38 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add opensnitch to Linux

Browse Source
This commit is contained in:
Dave Gallant
2021-08-06 21:08:48 -04:00
parent 452b302586
commit 425e9583ff
4 changed files with 46 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
common/opensnitch/default.nix Normal file
View File

@@ -0,0 +1,24 @@
{ pkgs, ... }:
{
systemd = {
services = {
opensnitch = {
description = "Opensnitch Application Firewall Daemon";
wants = [ "network.target" ];
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
path = [ pkgs.iptables ];
serviceConfig = {
Type = "simple";
PermissionsStartOnly = true;
ExecStartPre = "${pkgs.coreutils}/bin/mkdir -p /etc/opensnitch/rules";
ExecStart = "${pkgs.opensnitch}/bin/opensnitchd -rules-path /etc/opensnitch/rules";
Restart = "always";
RestartSec = 30;
};
enable = true;
};
};
};
}

4
common/packages.nix
View File

@@ -182,10 +182,12 @@ in
kazam
libreoffice
networkmanager-openvpn
opensnitch
opensnitch-ui
pulseeffects-pw
qemu
rustup
rtorrent
rustup
spotify
strace
usbutils

36
flake.lock generated
View File

@@ -58,11 +58,11 @@
]
},
"locked": {
"lastModified": 1627592512,
"narHash": "sha256-+bauwACGl+/dTQB047XImRz5P6Lp6vxl5ruiKjtENxo=",
"lastModified": 1628287034,
"narHash": "sha256-pWMEpQQcKxBy0OKskFLXJHEyGYJIiMu/BUQjCWxGF38=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "7f976da06840c268cc291a021bab7532b923713c",
"rev": "b0d769691cc379c9ab91d3acec5d14e75c02c02b",
"type": "github"
},
"original": {
@@ -80,11 +80,11 @@
},
"locked": {
"dir": "contrib",
"lastModified": 1627946637,
"narHash": "sha256-GO17FYEQfUu09L5oh/icxN+FOBqKMfWWNfzCJiF/kjs=",
"lastModified": 1628168846,
"narHash": "sha256-SKe98a5oiaCCVixVrZErNnKk+7NPbcFPwhGnxtAlC6k=",
"owner": "neovim",
"repo": "neovim",
"rev": "8baf7bce2b51e8d3d47b6c70ce054663d927639a",
"rev": "5130bc071e7720e261b7251c1716df69e33ae1dd",
"type": "github"
},
"original": {
@@ -101,11 +101,11 @@
"nixpkgs": "nixpkgs"
},
"locked": {
"lastModified": 1627978407,
"narHash": "sha256-dwcd10ap1W3p17NcKUdpjMPUzKEZLfOicZN6uKC0+SI=",
"lastModified": 1628237805,
"narHash": "sha256-J8aN6H8xXPotJ2r3KJS8eJEOPFBUxlI3xxIoAK3y4Y0=",
"owner": "nix-community",
"repo": "neovim-nightly-overlay",
"rev": "e637af22f0a71b678a1352139db91898ff991315",
"rev": "cc836b73d702cdd77f36dbb36c711e90b2a447fe",
"type": "github"
},
"original": {
@@ -116,11 +116,11 @@
},
"nixos-hardware": {
"locked": {
"lastModified": 1627666012,
"narHash": "sha256-Dx93VcfFwFlUex2Me4i+lS2IFwNrSVEvTvZuP/vmmXQ=",
"lastModified": 1628078080,
"narHash": "sha256-NKYtXUH32TlhOyhi41ZLtkBYh+7z24FpONDOInG4QR8=",
"owner": "NixOS",
"repo": "nixos-hardware",
"rev": "09ed30ff3bb67f5efe9c77e0d79aca01793526ca",
"rev": "8296b88560d8ac07a885452e094cd454de90ea9b",
"type": "github"
},
"original": {
@@ -132,11 +132,11 @@
},
"nixpkgs": {
"locked": {
"lastModified": 1627857416,
"narHash": "sha256-AV0MsFVzbWI2MZbJ2j0kc8ooFLGSCZHuM9ipaWR9ds4=",
"lastModified": 1628121754,
"narHash": "sha256-WQJSvlP/4f1pJCPM9Se+0x606jrUNgDiIUvF7GYxS2Q=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "aaf9676fbb7fb4570216ca1e189a3dc769d62c45",
"rev": "5a82107589e6ba78a14b9a00c9ba268f1329a13f",
"type": "github"
},
"original": {
@@ -148,11 +148,11 @@
},
"nixpkgs_2": {
"locked": {
"lastModified": 1627857416,
"narHash": "sha256-AV0MsFVzbWI2MZbJ2j0kc8ooFLGSCZHuM9ipaWR9ds4=",
"lastModified": 1628199198,
"narHash": "sha256-DkMFcm5VdqbausjUjyHWGBlcXNw/EMFiQpiCY5KKtMo=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "aaf9676fbb7fb4570216ca1e189a3dc769d62c45",
"rev": "439b1605227b8adb1357b55ce8529d541abbe9eb",
"type": "github"
},
"original": {

1
flake.nix
View File

@@ -30,6 +30,7 @@
./common/fonts.nix
./common/linux.nix
./common/netdata/default.nix
./common/opensnitch/default.nix
./common/networking.nix
./common/packages.nix
./common/printing.nix