nixos/suricata: update default rule sources; add rule updater timer (#396934)

      type = types.listOf types.str;

      # see: nix-shell -p suricata python3Packages.pyyaml --command 'suricata-update list-sources'

      default = [

        "abuse.ch/sslbl-blacklist"

        "abuse.ch/sslbl-c2"

        "abuse.ch/sslbl-ja3"

        "et/open"

        "etnetera/aggressive"

        "stamus/lateral"

        "oisf/trafficid"

        "tgreen/hunting"

        "sslbl/ja3-fingerprints"

        "sslbl/ssl-fp-blacklist"

        "malsilo/win-malware"

        "pawpatrules"

        "ptrules/open"

      ];

      description = ''

        List of sources that should be enabled.

        "d ${cfg.settings."default-rule-path"} 755 ${cfg.settings.run-as.user} ${cfg.settings.run-as.group}"

      ];

      systemd.timers = {

        suricata-update = {

          timerConfig = {

            OnBootSec = lib.mkDefault "30s";

            OnUnitActiveSec = lib.mkDefault "24h";

            Persistent = true;

            Unit = config.systemd.services.suricata-update.name;

          };

        };

      };

      systemd.services = {

        suricata-update = {

          description = "Update Suricata Rules";