Open felbinger opened 2 months ago
Hello @felbinger. here is the derivation so far:
{ lib
, buildGoModule
, buildNpmPackage
, fetchFromGitHub
, makeWrapper
}:
let
pname = "velociraptor";
version = "0.7.1";
src = fetchFromGitHub {
repo = "velociraptor";
owner = "Velocidex";
rev = "refs/tags/v${version}";
hash = "sha256-NjWhfSTW1Uh9hSCXHEBLTIY/uUG4d3k/aWzjJpg1tas=";
};
gui = buildNpmPackage {
inherit pname version;
src = "${src}/gui/velociraptor";
npmDepsHash = "sha256-7WFnv++pjpqLxMpFUAG5PZ75htTbyw28Re0JbmOl+1U=";
buildPhase = ''
runHook preBuild
npm install
make build
runHook postBuild
'';
installPhase = ''
runHook preInstall
mkdir $out
mv build $out
runHook postInstall
'';
};
in
buildGoModule rec {
inherit src pname version gui;
vendorHash = "sha256-P0X5fHs4HsJCj7vOWZVkiyEuWz9p3lQoWyPPuQRrrBY=";
preBuild = ''
cp -r ${gui}/build gui/velociraptor
'';
nativeBuildInputs = [
makeWrapper
];
meta = with lib;{
};
}
when building the package I get the following errors:
If you are more familiar with GO you might find a solution because cloning the upstream repo and building it manually results in no errors.
Thx
Project description
Velociraptor is an advanced digital forensic and incident response tool. It helps to collect host based state information using The Velociraptor Query Language (VQL) queries.
It was developed by Digital Forensic and Incident Response professionals who needed a powerful and efficient way to hunt for specific artifacts and monitor activities across fleets of endpoints. Velociraptor provides you with the ability to more effectively respond to a wide range of digital forensic and cyber incident response investigations and data breaches:
It would be nice to have both: the package for gui usage and a service for webservers (velociraptor frontend, as in the docker deployment).
Metadata
Add a :+1: reaction to issues you find important.