diff options
author | github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> | 2024-01-10 00:02:18 +0000 |
---|---|---|
committer | GitHub <noreply@github.com> | 2024-01-10 00:02:18 +0000 |
commit | 122355be994486ec9dbb4e1e87c9206bec11b521 (patch) | |
tree | b580ef31b35c9392f5037d1e7f770b283b9b65fc /nixos | |
parent | fcff3d7883a38ef71832899085ba365658c96867 (diff) | |
parent | e1bd5ec7242dee687899fcc3117d6e7552bbc9ec (diff) |
Merge master into staging-next
Diffstat (limited to 'nixos')
-rw-r--r-- | nixos/modules/module-list.nix | 1 | ||||
-rw-r--r-- | nixos/modules/services/monitoring/snmpd.nix | 83 | ||||
-rw-r--r-- | nixos/modules/services/printing/cupsd.nix | 5 | ||||
-rw-r--r-- | nixos/modules/virtualisation/lxd.nix | 20 | ||||
-rw-r--r-- | nixos/tests/all-tests.nix | 1 | ||||
-rw-r--r-- | nixos/tests/snmpd.nix | 23 |
6 files changed, 117 insertions, 16 deletions
diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix index 30f6aad5cd6ab..a86d8651a43e0 100644 --- a/nixos/modules/module-list.nix +++ b/nixos/modules/module-list.nix @@ -834,6 +834,7 @@ ./services/monitoring/riemann.nix ./services/monitoring/scollector.nix ./services/monitoring/smartd.nix + ./services/monitoring/snmpd.nix ./services/monitoring/statsd.nix ./services/monitoring/sysstat.nix ./services/monitoring/teamviewer.nix diff --git a/nixos/modules/services/monitoring/snmpd.nix b/nixos/modules/services/monitoring/snmpd.nix new file mode 100644 index 0000000000000..f2d3953e6a620 --- /dev/null +++ b/nixos/modules/services/monitoring/snmpd.nix @@ -0,0 +1,83 @@ +{ pkgs, config, lib, ... }: + +let + cfg = config.services.snmpd; + configFile = if cfg.configText != "" then + pkgs.writeText "snmpd.cfg" '' + ${cfg.configText} + '' else null; +in { + options.services.snmpd = { + enable = lib.mkEnableOption "snmpd"; + + package = lib.mkPackageOption pkgs "net-snmp" {}; + + listenAddress = lib.mkOption { + type = lib.types.str; + default = "0.0.0.0"; + description = lib.mdDoc '' + The address to listen on for SNMP and AgentX messages. + ''; + example = "127.0.0.1"; + }; + + port = lib.mkOption { + type = lib.types.port; + default = 161; + description = lib.mdDoc '' + The port to listen on for SNMP and AgentX messages. + ''; + }; + + openFirewall = lib.mkOption { + type = lib.types.bool; + default = false; + description = lib.mdDoc '' + Open port in firewall for snmpd. + ''; + }; + + configText = lib.mkOption { + type = lib.types.lines; + default = ""; + description = lib.mdDoc '' + The contents of the snmpd.conf. If the {option}`configFile` option + is set, this value will be ignored. + + Note that the contents of this option will be added to the Nix + store as world-readable plain text, {option}`configFile` can be used in + addition to a secret management tool to protect sensitive data. + ''; + }; + + configFile = lib.mkOption { + type = lib.types.path; + default = configFile; + defaultText = lib.literalMD "The value of {option}`configText`."; + description = lib.mdDoc '' + Path to the snmpd.conf file. By default, if {option}`configText` is set, + a config file will be automatically generated. + ''; + }; + + }; + + config = lib.mkIf cfg.enable { + systemd.services."snmpd" = { + description = "Simple Network Management Protocol (SNMP) daemon."; + after = [ "network.target" ]; + wantedBy = [ "multi-user.target" ]; + serviceConfig = { + Type = "simple"; + ExecStart = "${lib.getExe' cfg.package "snmpd"} -f -Lo -c ${cfg.configFile} ${cfg.listenAddress}:${toString cfg.port}"; + }; + }; + + networking.firewall.allowedUDPPorts = lib.mkIf cfg.openFirewall [ + cfg.port + ]; + }; + + meta.maintainers = [ lib.maintainers.eliandoran ]; + +} diff --git a/nixos/modules/services/printing/cupsd.nix b/nixos/modules/services/printing/cupsd.nix index 3a2744303474f..1f044384a5b83 100644 --- a/nixos/modules/services/printing/cupsd.nix +++ b/nixos/modules/services/printing/cupsd.nix @@ -4,9 +4,10 @@ with lib; let - inherit (pkgs) cups cups-pk-helper cups-filters xdg-utils; + inherit (pkgs) cups-pk-helper cups-filters xdg-utils; cfg = config.services.printing; + cups = cfg.package; avahiEnabled = config.services.avahi.enable; polkitEnabled = config.security.polkit.enable; @@ -140,6 +141,8 @@ in ''; }; + package = lib.mkPackageOption pkgs "cups" {}; + stateless = mkOption { type = types.bool; default = false; diff --git a/nixos/modules/virtualisation/lxd.nix b/nixos/modules/virtualisation/lxd.nix index c4c856d9be30d..885fb4e078530 100644 --- a/nixos/modules/virtualisation/lxd.nix +++ b/nixos/modules/virtualisation/lxd.nix @@ -33,21 +33,11 @@ in { ''; }; - package = lib.mkOption { - type = lib.types.package; - default = pkgs.lxd; - defaultText = lib.literalExpression "pkgs.lxd"; - description = lib.mdDoc '' - The LXD package to use. - ''; - }; + package = lib.mkPackageOption pkgs "lxd" { }; - lxcPackage = lib.mkOption { - type = lib.types.package; - default = pkgs.lxc; - defaultText = lib.literalExpression "pkgs.lxc"; - description = lib.mdDoc '' - The LXC package to use with LXD (required for AppArmor profiles). + lxcPackage = lib.mkPackageOption pkgs "lxc" { + extraDescription = '' + Required for AppArmor profiles. ''; }; @@ -149,7 +139,7 @@ in { ui = { enable = lib.mkEnableOption (lib.mdDoc "(experimental) LXD UI"); - package = lib.mkPackageOption pkgs.lxd-unwrapped "ui" { }; + package = lib.mkPackageOption pkgs [ "lxd-unwrapped" "ui" ] { }; }; }; }; diff --git a/nixos/tests/all-tests.nix b/nixos/tests/all-tests.nix index 5fd2b042eef74..be394c19ebef0 100644 --- a/nixos/tests/all-tests.nix +++ b/nixos/tests/all-tests.nix @@ -773,6 +773,7 @@ in { sing-box = handleTest ./sing-box.nix {}; slimserver = handleTest ./slimserver.nix {}; slurm = handleTest ./slurm.nix {}; + snmpd = handleTest ./snmpd.nix {}; smokeping = handleTest ./smokeping.nix {}; snapcast = handleTest ./snapcast.nix {}; snapper = handleTest ./snapper.nix {}; diff --git a/nixos/tests/snmpd.nix b/nixos/tests/snmpd.nix new file mode 100644 index 0000000000000..9248a6b390101 --- /dev/null +++ b/nixos/tests/snmpd.nix @@ -0,0 +1,23 @@ +import ./make-test-python.nix ({ pkgs, lib, ... }: { + name = "snmpd"; + + nodes.snmpd = { + environment.systemPackages = with pkgs; [ + net-snmp + ]; + + services.snmpd = { + enable = true; + configText = '' + rocommunity public + ''; + }; + }; + + testScript = '' + start_all(); + machine.wait_for_unit("snmpd.service") + machine.succeed("snmpwalk -v 2c -c public localhost | grep SNMPv2-MIB::sysName.0"); + ''; + +}) |