Merge branch 'eqyiel/nixos-mailserver-clamav-db-in-lfs'

author: Robin Raymond <robin@robinraymond.de> 2018-11-10 14:37:53 +0100
committer: Robin Raymond <robin@robinraymond.de> 2018-11-10 14:37:53 +0100
commit: 91ce33f0e0d0dcddf6a422e2eb24c2a7c79fe055 (patch)
tree: f3a2b1f8197d6ff067c1f6faf04cec0e00072987
parent: acd65c080392cf2f45aa6b563e2daed979d87b18 (diff)
parent: 9488b6fd43de9a9274b0dbd36e2758550dd7cad3 (diff)
11 files changed, 53 insertions, 9 deletions
diff --git a/.gitattributes b/.gitattributes
deleted file mode 100644
index 2e6588b..0000000
--- a/.gitattributes
+++ /dev/null
@@ -1 +0,0 @@
-*.cvd filter=lfs diff=lfs merge=lfs -text
diff --git a/shell.nix b/shell.nix
new file mode 100644
index 0000000..2c0d7f6
--- /dev/null
+++ b/shell.nix
@@ -0,0 +1,9 @@
+{ nixpkgs ? <nixpkgs>, system ? builtins.currentSystem }:
+
+with (import nixpkgs { inherit system; }); stdenv.mkDerivation rec {
+  name = "nixos-mailserver-env";
+  env = buildEnv { name = name; paths = buildInputs; };
+  buildInputs = with pkgs; [
+    jq clamav
+  ];
+}
diff --git a/tests/clamav.nix b/tests/clamav.nix
index bec9ef7..7c81b2d 100644
--- a/tests/clamav.nix
+++ b/tests/clamav.nix
@@ -19,13 +19,17 @@ import <nixpkgs/nixos/tests/make-test.nix> {
   nodes = {
     server = { config, pkgs, lib, ... }:
       let
-        clamav-db = pkgs.srcOnly {
-          name = "ClamAV-db";
+        clamav-db-files = lib.mapAttrs (name: value: pkgs.stdenv.mkDerivation rec {
+          inherit name;
+
           src = pkgs.fetchurl {
-            url = "https://files.griff.name/ClamAV-db.tar";
-            sha256 = "eecad99f4c071d216bd91565f84c0d90a1f93e5e3e22d8f3087686ba3bd219e7";
+            url = "https://gitlab.com/simple-nixos-mailserver/nixos-mailserver/raw/master/tests/clamav/${name}";
+            sha256 = value;
           };
-        };
+
+          unpackPhase = "true"; # don't try to unpack the raw .cvd files
+          installPhase = "cp $src $out";
+        }) (builtins.fromJSON (builtins.readFile ./clamav/hashes.json));
       in
         {
             imports = [
@@ -53,9 +57,9 @@ import <nixpkgs/nixos/tests/make-test.nix> {
               '';
 
               script = ''
-                cp ${clamav-db}/bytecode.cvd /var/lib/clamav/
-                cp ${clamav-db}/main.cvd     /var/lib/clamav/
-                cp ${clamav-db}/daily.cvd    /var/lib/clamav/
+                cp ${clamav-db-files."bytecode.cvd"} /var/lib/clamav/
+                cp ${clamav-db-files."main.cvd"}     /var/lib/clamav/
+                cp ${clamav-db-files."daily.cvd"}    /var/lib/clamav/
                 chown clamav:clamav /var/lib/clamav/*
               '';
 
diff --git a/tests/clamav/.gitattributes b/tests/clamav/.gitattributes
new file mode 100644
index 0000000..054ac19
--- /dev/null
+++ b/tests/clamav/.gitattributes
@@ -0,0 +1 @@
+*cvd filter=lfs diff=lfs merge=lfs -text
diff --git a/tests/clamav/.gitignore b/tests/clamav/.gitignore
new file mode 100644
index 0000000..c5797d6
--- /dev/null
+++ b/tests/clamav/.gitignore
@@ -0,0 +1 @@
+mirrors.dat
diff --git a/tests/clamav/bytecode.cvd b/tests/clamav/bytecode.cvd
new file mode 100644
index 0000000..c0f3ab6
--- /dev/null
+++ b/tests/clamav/bytecode.cvd
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:a6800da4e3740b611e4f8a8e835be4a867abf8009af502e5bbf038d3ad162fa8
+size 187426
diff --git a/tests/clamav/daily.cvd b/tests/clamav/daily.cvd
new file mode 100644
index 0000000..309e02a
--- /dev/null
+++ b/tests/clamav/daily.cvd
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:da96006e191412806bac1a2cef5d48ed0ec1b46efa150cf0aa6c27e734f4c4f8
+size 49476126
diff --git a/tests/clamav/freshclam.conf b/tests/clamav/freshclam.conf
new file mode 100644
index 0000000..3d9ca5f
--- /dev/null
+++ b/tests/clamav/freshclam.conf
@@ -0,0 +1 @@
+DatabaseMirror database.clamav.net
diff --git a/tests/clamav/hashes.json b/tests/clamav/hashes.json
new file mode 100644
index 0000000..54895d3
--- /dev/null
+++ b/tests/clamav/hashes.json
@@ -0,0 +1,5 @@
+{
+  "bytecode.cvd": "a6800da4e3740b611e4f8a8e835be4a867abf8009af502e5bbf038d3ad162fa8",
+  "daily.cvd": "da96006e191412806bac1a2cef5d48ed0ec1b46efa150cf0aa6c27e734f4c4f8",
+  "main.cvd": "081884225087021e718599e8458ff6c9ee3cdebed8775dd8e445fc7b589d88a6"
+}
diff --git a/tests/clamav/main.cvd b/tests/clamav/main.cvd
new file mode 100644
index 0000000..50b4ac5
--- /dev/null
+++ b/tests/clamav/main.cvd
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:081884225087021e718599e8458ff6c9ee3cdebed8775dd8e445fc7b589d88a6
+size 117892267
diff --git a/tests/clamav/update-clamav-database.sh b/tests/clamav/update-clamav-database.sh
new file mode 100755
index 0000000..91f1ce1
--- /dev/null
+++ b/tests/clamav/update-clamav-database.sh
@@ -0,0 +1,15 @@
+#!/bin/sh
+
+set -e
+
+cd "$(dirname "${0}")"
+
+rm ./*.cvd hashes.json || :
+
+freshclam --datadir=. --config-file=freshclam.conf
+(for i in ./*.cvd;
+ do echo '{}' |
+     jq --arg path "$(basename "${i}")" \
+        --arg sha256sum "$(sha256sum "${i}" | awk '{ print $1; }')" \
+        '.[$path] = $sha256sum'; done) |
+  jq -s add > hashes.json
author	Robin Raymond <robin@robinraymond.de>	2018-11-10 14:37:53 +0100
committer	Robin Raymond <robin@robinraymond.de>	2018-11-10 14:37:53 +0100
commit	91ce33f0e0d0dcddf6a422e2eb24c2a7c79fe055 (patch)
tree	f3a2b1f8197d6ff067c1f6faf04cec0e00072987
parent	acd65c080392cf2f45aa6b563e2daed979d87b18 (diff)
parent	9488b6fd43de9a9274b0dbd36e2758550dd7cad3 (diff)