Move clamav database to the blobs repository

This database is huge and can be fetched at build time.

Fixes #197
This commit is contained in:
Antoine Eiche 2020-11-11 09:56:37 +01:00
parent c04260cf5e
commit 7d2020cb36
10 changed files with 14 additions and 34 deletions

View file

@ -1,4 +1,11 @@
{ {
"blobs": {
"sha256": "1g687x3b2r4ar5i4xyav5qzpy9fp1phx9wf70f4j3scwny0g7hn1",
"type": "tarball",
"url": "https://gitlab.com/simple-nixos-mailserver/blobs/-/archive/2cccdf1ca48316f2cfd1c9a0017e8de5a7156265/blobs-2cccdf1ca48316f2cfd1c9a0017e8de5a7156265.tar.gz",
"url_template": "https://gitlab.com/simple-nixos-mailserver/blobs/-/archive/<version>/blobs-<version>.tar.gz",
"version": "2cccdf1ca48316f2cfd1c9a0017e8de5a7156265"
},
"nixpkgs-20.09": { "nixpkgs-20.09": {
"branch": "release-20.09", "branch": "release-20.09",
"description": "A read-only mirror of NixOS/nixpkgs tracking the released channels. Send issues and PRs to", "description": "A read-only mirror of NixOS/nixpkgs tracking the released channels. Send issues and PRs to",

View file

@ -21,14 +21,10 @@ pkgs.nixosTest {
nodes = { nodes = {
server = { config, pkgs, lib, ... }: server = { config, pkgs, lib, ... }:
let let
clamav-db-files = pkgs.stdenv.mkDerivation rec { sources = import ../nix/sources.nix;
name = "clamav-db-files"; blobs = pkgs.fetchzip {
src = lib.cleanSource ./clamav; url = sources.blobs.url;
dontUnpack = true; sha256 = sources.blobs.sha256;
installPhase = ''
mkdir $out
cp -R $src/*.cvd $out/
'';
}; };
in in
{ {
@ -58,9 +54,9 @@ pkgs.nixosTest {
''; '';
script = '' script = ''
cp ${clamav-db-files}/main.cvd /var/lib/clamav/ cp ${blobs}/clamav/main.cvd /var/lib/clamav/
cp ${clamav-db-files}/daily.cvd /var/lib/clamav/ cp ${blobs}/clamav/daily.cvd /var/lib/clamav/
cp ${clamav-db-files}/bytecode.cvd /var/lib/clamav/ cp ${blobs}/clamav/bytecode.cvd /var/lib/clamav/
chown clamav:clamav /var/lib/clamav/* chown clamav:clamav /var/lib/clamav/*
''; '';

View file

@ -1 +0,0 @@
*cvd filter=lfs diff=lfs merge=lfs -text

View file

@ -1 +0,0 @@
mirrors.dat

Binary file not shown.

Binary file not shown.

View file

@ -1 +0,0 @@
DatabaseMirror database.clamav.net

View file

@ -1,5 +0,0 @@
{
"bytecode.cvd": "633d4f0a2054249e23df12db5a9e76bcaac23cadaef5ee8f644986f600d8d81e",
"daily.cvd": "0b6798b54e490be168b873d39ebda41ff4a027720aed855f879779b88982838f",
"main.cvd": "9694933f37148ec39c1f2ef7b97211ded9b03b140bb48a5eeb27270120844b24"
}

Binary file not shown.

View file

@ -1,15 +0,0 @@
#!/bin/sh
set -e
cd "$(dirname "${0}")"
rm ./*.cvd hashes.json || :
freshclam --datadir=. --config-file=freshclam.conf
(for i in ./*.cvd;
do echo '{}' |
jq --arg path "$(basename "${i}")" \
--arg sha256sum "$(sha256sum "${i}" | awk '{ print $1; }')" \
'.[$path] = $sha256sum'; done) |
jq -s add > hashes.json