docs: use mermaidjs for visual graphs

Signed-off-by: NotAShelf <raf@notashelf.dev> Change-Id: Ib7ae49f209214fc428f6e9bfc5c7d9176a6a6964
nix: clean up devshell
2026-03-01 00:36:47 +03:00 · 2026-03-01 00:36:46 +03:00 · 2026-03-01 00:36:45 +03:00 · 2026-03-01 00:36:44 +03:00 · 2026-03-01 00:36:43 +03:00 · 2026-03-01 00:36:42 +03:00
7 changed files with 92 additions and 59 deletions
--- a/Cargo.toml
+++ b/Cargo.toml
@ -1,21 +1,23 @@
 [package]
 name = "eris"
-version = "0.1.0"
+description = "Sophisticated HTTP tarpit and honeypot stream"
+authors = ["NotAShelf <raf@notashelf.dev"]
+version = "0.1.1"
 edition = "2024"

 [dependencies]
-actix-web = "4.3.1"
-clap = { version = "4.3", features = ["derive"] }
-chrono = "0.4.24"
-futures = "0.3.28"
+actix-web = "4.11.0"
+clap = { version = "4.5.51", features = ["derive"] }
+chrono = "0.4.42"
+futures = "0.3.31"
 ipnetwork = "0.21.1"
-lazy_static = "1.4.0"
+lazy_static = "1.5.0"
 prometheus = "0.14.0"
 prometheus_exporter = "0.8.5"
-rand = "0.9.1"
+rand = "0.9.2"
 rlua = "0.20.1"
-serde = { version = "1.0.162", features = ["derive"] }
-serde_json = "1.0.96"
+serde = { version = "1.0.228", features = ["derive"] }
+serde_json = "1.0.145"
 tokio = { version = "1.28.0", features = ["full"] }
-log = "0.4.27"
+log = "0.4.28"
 env_logger = "0.11.8"
--- a/README.md
+++ b/README.md
@ -81,8 +81,10 @@ Pre-built binaries are not yet available.
 For static sites served by Nginx, the proper setup is to place Eris in front of
 Nginx. Here is a graph of how it's meant to be configured:

-```
-Internet → [Eris (port 80)] → [Nginx (local port)]
+```mermaid
+graph LR
+    A[Internet] --> B[Eris (port 80)]
+    B --> C[Nginx (local port)]
 ```

 You will want to configure Eris to listen on port 80 (or 443 for SSL) and
@ -132,8 +134,11 @@ eris --listen-addr 0.0.0.0:443 --backend-addr 127.0.0.1:8080 --ssl-cert /path/to

 ### Option 2: Use a separate SSL terminator

-```
-Internet → [SSL Terminator (port 443)] → [Eris (local port)] → [Nginx (local port)]
+```mermaid
+graph LR
+    A[Internet] --> B[SSL Terminator (port 443)]
+    B --> C[Eris (local port)]
+    C --> D[Nginx (local port)]
 ```

 You can use Nginx, HAProxy, or Caddy as the SSL terminator, forwarding decrypted
--- a/flake.lock
+++ b/flake.lock
@ -1,12 +1,27 @@
 {
  "nodes": {
+    "crane": {
+      "locked": {
+        "lastModified": 1760924934,
+        "narHash": "sha256-tuuqY5aU7cUkR71sO2TraVKK2boYrdW3gCSXUkF4i44=",
+        "owner": "ipetkov",
+        "repo": "crane",
+        "rev": "c6b4d5308293d0d04fcfeee92705017537cad02f",
+        "type": "github"
+      },
+      "original": {
+        "owner": "ipetkov",
+        "repo": "crane",
+        "type": "github"
+      }
+    },
    "nixpkgs": {
      "locked": {
-        "lastModified": 1745930157,
-        "narHash": "sha256-y3h3NLnzRSiUkYpnfvnS669zWZLoqqI6NprtLQ+5dck=",
+        "lastModified": 1761672384,
+        "narHash": "sha256-o9KF3DJL7g7iYMZq9SWgfS1BFlNbsm6xplRjVlOCkXI=",
        "owner": "NixOS",
        "repo": "nixpkgs",
-        "rev": "46e634be05ce9dc6d4db8e664515ba10b78151ae",
+        "rev": "08dacfca559e1d7da38f3cf05f1f45ee9bfd213c",
        "type": "github"
      },
      "original": {
@ -18,6 +33,7 @@
    },
    "root": {
      "inputs": {
+        "crane": "crane",
        "nixpkgs": "nixpkgs"
      }
    }
--- a/flake.nix
+++ b/flake.nix
@ -1,11 +1,15 @@
 {
-  inputs.nixpkgs.url = "github:NixOS/nixpkgs?ref=nixos-unstable";
+  inputs = {
+    nixpkgs.url = "github:NixOS/nixpkgs?ref=nixos-unstable";
+    crane.url = "github:ipetkov/crane";
+  };

  outputs = {
    self,
    nixpkgs,
+    crane,
  }: let
-    systems = ["x86_64-linux"];
+    systems = ["x86_64-linux" "aarch64-linux"];
    forEachSystem = nixpkgs.lib.genAttrs systems;
    pkgsForEach = nixpkgs.legacyPackages;
  in {
@ -14,8 +18,10 @@
      default = self.nixosModules.eris;
    };

-    packages = forEachSystem (system: {
-      eris = pkgsForEach.${system}.callPackage ./nix/package.nix {};
+    packages = forEachSystem (system: let
+      craneLib = crane.mkLib pkgsForEach.${system};
+    in {
+      eris = pkgsForEach.${system}.callPackage ./nix/package.nix {inherit craneLib;};
      default = self.packages.${system}.eris;
    });

--- a/nix/package.nix
+++ b/nix/package.nix
@ -1,39 +1,43 @@
 {
  lib,
-  rustPlatform,
+  craneLib,
 }: let
-  fs = lib.fileset;
-
-  lockfile = ../Cargo.lock;
-  cargoToml = ../Cargo.toml;
-in
-  rustPlatform.buildRustPackage {
  pname = "eris";
-    version = "0.0.1";
-
+  inherit ((lib.importTOML ../Cargo.toml).package) version;
  src = let
+    fs = lib.fileset;
    s = ../.;
  in
    fs.toSource {
      root = s;
      fileset = fs.unions [
        (fs.fileFilter (file: builtins.any file.hasExt ["rs"]) (s + /src))
-          (s + /contrib)
-          lockfile
-          cargoToml
+        (s + /Cargo.lock)
+        (s + /Cargo.toml)
      ];
    };

+  cargoArtifacts = craneLib.buildDepsOnly {
+    name = "${pname}-deps";
+    strictDeps = true;
+    inherit src;
+  };
+in
+  craneLib.buildPackage {
+    inherit pname src version cargoArtifacts;
+
+    strictDeps = true;
+
    postInstall = ''
      mkdir -p $out/share/contrib
      cp -rv $src/contrib/corpus $out/share/contrib
      cp -rv $src/contrib/lua $out/share/contrib
    '';

-    cargoLock.lockFile = lockfile;
-
    meta = {
      description = "Sophisticated HTTP tarpit and honeypot stream";
+      homepage = "https://git.frzn.dev/NotAShelf/eris";
+      maintainers = [lib.maintainers.NotAShelf];
      mainProgram = "eris";
    };
  }
--- a/nix/shell.nix
+++ b/nix/shell.nix
@ -1,28 +1,26 @@
 {
  mkShell,
-  rust-analyzer,
+  rustc,
+  cargo,
  rustfmt,
  clippy,
-  cargo,
-  gcc,
-  openssl,
-  pkg-config,
-  rustc,
+  taplo,
+  rust-analyzer-unwrapped,
+  rustPlatform,
 }:
 mkShell {
-  name = "eris";
+  name = "rust";
+
  packages = [
-    rust-analyzer
-    rustfmt
+    rustc
+    cargo
+
+    (rustfmt.override {asNightly = true;})
    clippy
    cargo
-    gcc
-    clippy
-    rustfmt
-    rustc
-
-    # For TLS and friends
-    openssl
-    pkg-config
+    taplo
+    rust-analyzer-unwrapped
  ];
+
+  RUST_SRC_PATH = "${rustPlatform.rustLibSrc}";
 }
--- a/src/main.rs
+++ b/src/main.rs
@ -149,6 +149,8 @@ impl Default for Config {
                "/config".to_string(),
                "/api/".to_string(),
                "/actuator/".to_string(),
+                "/search/feedback".to_string(),
+                "/wp-json/v1/u".to_string(),
            ],
            whitelist_networks: vec![
                "192.168.0.0/16".to_string(),
Author	SHA1	Message	Date
NotAShelf	69917a9247	docs: use mermaidjs for visual graphs Signed-off-by: NotAShelf <raf@notashelf.dev> Change-Id: Ib7ae49f209214fc428f6e9bfc5c7d9176a6a6964	2026-03-01 00:36:47 +03:00
NotAShelf	dd7e41eb64	nix: clean up devshell Signed-off-by: NotAShelf <raf@notashelf.dev> Change-Id: Ia844e89f1450cce1625c57c9d81279706a6a6964	2026-03-01 00:36:46 +03:00
NotAShelf	8aa39cfb1a	eris: add more default scan paths to honeypot Signed-off-by: NotAShelf <raf@notashelf.dev> Change-Id: I10c0129340d517587905a97a034f01406a6a6964	2026-03-01 00:36:45 +03:00
NotAShelf	57b739ddbe	nix: switch to crane for incramental builds Signed-off-by: NotAShelf <raf@notashelf.dev> Change-Id: Ia5ab2f512ffac20722966b605d7eaf156a6a6964	2026-03-01 00:36:44 +03:00
NotAShelf	150f632fb8	chore: bump dependencies Signed-off-by: NotAShelf <raf@notashelf.dev> Change-Id: Ia2537b41147373d94e08325e8540bf906a6a6964	2026-03-01 00:36:43 +03:00
NotAShelf	10c523ab89	nix: bump inputs Signed-off-by: NotAShelf <raf@notashelf.dev> Change-Id: I704ac50f34324d22d6ea86329f709e9d6a6a6964	2026-03-01 00:36:42 +03:00