Skip to content

nixos/vuls: init #429283

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

nixos/vuls: init #429283

wants to merge 1 commit into from

Conversation

kashw2
Copy link
Contributor

@kashw2 kashw2 commented Jul 29, 2025
edited
Loading

https://github.com/future-architect/vuls

Server for Vuls, the agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices.

This module is not meant to allow Vuls to act as an agent. Instead the way Vuls is architected, Vuls when run as vuls server acts as a central hub for where vulnerability data from other vuls clients can be reported back to.

Things done

  • Built on platform:
    • x86_64-linux
    • aarch64-linux
    • x86_64-darwin
    • aarch64-darwin
  • Tested, as applicable:
  • Ran nixpkgs-review on this PR. See nixpkgs-review usage.
  • Tested basic functionality of all binary files, usually in ./result/bin/.
  • Nixpkgs Release Notes
    • Package update: when the change is major or breaking.
  • NixOS Release Notes
    • Module addition: when adding a new NixOS module.
    • Module update: when the change is significant.
  • Fits CONTRIBUTING.md, pkgs/README.md, maintainers/README.md and other READMEs.

Add a 👍 reaction to pull requests you find important.

@nixpkgs-ci nixpkgs-ci bot added 10.rebuild-linux: 1-10 This PR causes between 1 and 10 packages to rebuild on Linux. 10.rebuild-darwin: 0 This PR does not cause any packages to rebuild on Darwin. 6.topic: nixos Issues or PRs affecting NixOS modules, or package usability issues specific to NixOS 8.has: changelog This PR adds or changes release notes 8.has: module (update) This PR changes an existing module in `nixos/` 8.has: documentation This PR adds or changes documentation labels Jul 29, 2025
@kashw2 kashw2 marked this pull request as ready for review July 30, 2025 02:05
@nixpkgs-ci nixpkgs-ci bot added the 9.needs: reviewer This PR currently has no reviewers requested and needs attention. label Jul 30, 2025
Erethon
Erethon suggested changes Aug 13, 2025
View reviewed changes
Copy link
Contributor

@Erethon Erethon left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The current default module configuration fails because port is an integer, the toString suggestion fixes this:

       … while evaluating a path segment
         at /nix/store/y0ny4hpb9hybz0q3098i9bx6gvkd2ncr-source/nixos/modules/security/vuls.nix:45:42:
           44|           ${pkgs.vuls}/bin/vuls server \                                                                                 
           45|             -listen=${cfg.listenAddress}:${cfg.port}
             |                                          ^
           46|         '';      
                                                                                                                                        
       error: cannot coerce an integer to a string: 5515

Besides this, the service fails to start because a config.toml is needed for Vuls to actually run. We should either build this config.toml within the module or at the very least allow a user to specify a config location so they can provide their own.

I've also left two minor typo suggestions.

@nixpkgs-ci nixpkgs-ci bot removed the 9.needs: reviewer This PR currently has no reviewers requested and needs attention. label Aug 13, 2025
@nixpkgs-ci nixpkgs-ci bot added the 2.status: merge conflict This PR has merge conflicts with the target branch label Aug 17, 2025
@kashw2
nixos/vuls: init
cb0cc1a 
# Conflicts:
#	nixos/doc/manual/release-notes/rl-2511.section.md
@nixpkgs-ci nixpkgs-ci bot added 2.status: merge conflict This PR has merge conflicts with the target branch and removed 2.status: merge conflict This PR has merge conflicts with the target branch labels Aug 18, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
1 more reviewer

@Erethon Erethon Erethon requested changes

Reviewers whose approvals may not affect merge requirements
Assignees
No one assigned
Labels
2.status: merge conflict This PR has merge conflicts with the target branch 6.topic: nixos Issues or PRs affecting NixOS modules, or package usability issues specific to NixOS 8.has: changelog This PR adds or changes release notes 8.has: documentation This PR adds or changes documentation 8.has: module (update) This PR changes an existing module in `nixos/` 10.rebuild-darwin: 0 This PR does not cause any packages to rebuild on Darwin. 10.rebuild-linux: 1-10 This PR causes between 1 and 10 packages to rebuild on Linux.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@kashw2 @Erethon