Nixerization of some of our tools

Nixerizing our tools, nix-shells and nixos-containers for infosec community

*

03 May 2021

unrooted

Introduction

Recently, I’ve nixerized, or, to be more exact, nixerized (added shell.nix to GodSpeed) and flakerized (added flake.nix) some of our tools. Thanks to that, we now make our tools available to all Nix users, on both NixOS and non-NixOS distros, with flakes enabled.

wait, what have you done, exactly?

When it comes to GodSpeed, when you run nix-shell in the directory where you’ve cloned it, you’ll jump to so-called nix-shell with all dependencies required to build and use GodSpeed, so you won’t need to bother installing Go and other dependencies on your own.

I’ve also flakerized some of our tools. To be more exact, I did that to Sammler, Snowcrash and Gosh.

One of our tools was flakerized before, by one of my friends, dramforever, who flakerized our tool, Unchain

What are flakes?

TL;DR, you can specify your code’s deps in a declarative way and add another approach to reproducibilty to your tools.

Basically you can nix build it, nix shell it, you can nix run it and you can also nix develop it, not to forget about using it as an input to other flakes. Possibilities are endless!

You can learn more about Nix flakes from blogpost on Tweag as well as blogpost from Serokell

What about those nix-shells and NixOS container?

Recently I’ve published tool called RedNix which is basically a NixOS container pre-loaded with tools for security auditors as well as other infosec freaks people from infosec community.

In it’s README, I gave quite a good description (I hope), on how to use it as NixOS container. Thanks to that basically, you get easy to reproduce environment with your beloved tools. Many of the most popular tools from Kali and Parrot repos are currently available in nixpkgs, so you shouldn’t have a problem with that.

HOWEVER, root in container = root on host. Also, NixOS container will run ONLY on NixOS host, so you either need to use NixOS as your main distro or use Vagrant container to run NixOS container inside of it.

If you’re not concerned about it, you can just use nix-shells which are also in the repo in ./shells directory. There’s a bunch of them actually.

How to do so? Well, if you have Nix installed on your distro (you can do so by running curl -L https://nixos.org/nix/install | sh, but don’t run this as root), you can just nix-shell voip.nix if you want to jump to shell providing tools from voip.nix file. You can mix-and-match shells with each other, so you can do nix-shell git.nix voip.nix. Feel free to edit Nix-Shells to your needs as well.