From 2480532bd11d1b26659267033345a4812dc063f5 Mon Sep 17 00:00:00 2001 From: Maximilian Bosch Date: Sun, 9 Oct 2022 10:13:21 +0200 Subject: nixos/doc: fix build Now we even have options like `services.listmonk.database.settings."app.notify_emails"` shown correctly (i.e. with quotes). --- nixos/lib/make-options-doc/options-to-docbook.xsl | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'nixos') diff --git a/nixos/lib/make-options-doc/options-to-docbook.xsl b/nixos/lib/make-options-doc/options-to-docbook.xsl index 978d5e2468a83..4a5b004f7fe6d 100644 --- a/nixos/lib/make-options-doc/options-to-docbook.xsl +++ b/nixos/lib/make-options-doc/options-to-docbook.xsl @@ -39,8 +39,8 @@ concat('opt-', translate( attr[@name = 'name']/string/@value, - '*< >[]:', - '_______' + '*< >[]:"', + '________' ))" /> -- cgit 1.4.1 From 8d5a404437ab65beeadadb3a65ec1a5647b7b02f Mon Sep 17 00:00:00 2001 From: Kartik Gokte Date: Mon, 10 Oct 2022 10:46:25 +0530 Subject: nixos/karma: init --- .../from_md/release-notes/rl-2211.section.xml | 7 ++ nixos/doc/manual/release-notes/rl-2211.section.md | 2 + nixos/modules/module-list.nix | 1 + nixos/modules/services/monitoring/karma.nix | 128 +++++++++++++++++++++ nixos/tests/all-tests.nix | 1 + nixos/tests/karma.nix | 84 ++++++++++++++ 6 files changed, 223 insertions(+) create mode 100644 nixos/modules/services/monitoring/karma.nix create mode 100644 nixos/tests/karma.nix (limited to 'nixos') diff --git a/nixos/doc/manual/from_md/release-notes/rl-2211.section.xml b/nixos/doc/manual/from_md/release-notes/rl-2211.section.xml index 8494b62e6ff05..c8f63fecf133c 100644 --- a/nixos/doc/manual/from_md/release-notes/rl-2211.section.xml +++ b/nixos/doc/manual/from_md/release-notes/rl-2211.section.xml @@ -233,6 +233,13 @@ services.kanata. + + + karma, + an alert dashboard for Prometheus Alertmanager. Available as + services.karma + + languagetool, diff --git a/nixos/doc/manual/release-notes/rl-2211.section.md b/nixos/doc/manual/release-notes/rl-2211.section.md index a5ba4841f549b..5a2b92c7d39a7 100644 --- a/nixos/doc/manual/release-notes/rl-2211.section.md +++ b/nixos/doc/manual/release-notes/rl-2211.section.md @@ -84,6 +84,8 @@ In addition to numerous new and upgraded packages, this release has the followin - [kanata](https://github.com/jtroo/kanata), a tool to improve keyboard comfort and usability with advanced customization. Available as [services.kanata](options.html#opt-services.kanata.enable). +- [karma](https://github.com/prymitive/karma), an alert dashboard for Prometheus Alertmanager. Available as [services.karma](options.html#opt-services.karma.enable) + - [languagetool](https://languagetool.org/), a multilingual grammar, style, and spell checker. Available as [services.languagetool](options.html#opt-services.languagetool.enable). diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix index dec66e395aade..c08632061a9d5 100644 --- a/nixos/modules/module-list.nix +++ b/nixos/modules/module-list.nix @@ -682,6 +682,7 @@ ./services/monitoring/heapster.nix ./services/monitoring/incron.nix ./services/monitoring/kapacitor.nix + ./services/monitoring/karma.nix ./services/monitoring/kthxbye.nix ./services/monitoring/loki.nix ./services/monitoring/longview.nix diff --git a/nixos/modules/services/monitoring/karma.nix b/nixos/modules/services/monitoring/karma.nix new file mode 100644 index 0000000000000..85dbc81f443f0 --- /dev/null +++ b/nixos/modules/services/monitoring/karma.nix @@ -0,0 +1,128 @@ +{ config, pkgs, lib, ... }: +with lib; +let + cfg = config.services.karma; + yaml = pkgs.formats.yaml { }; +in +{ + options.services.karma = { + enable = mkEnableOption (mdDoc "the Karma dashboard service"); + + package = mkOption { + type = types.package; + default = pkgs.karma; + defaultText = literalExpression "pkgs.karma"; + description = mdDoc '' + The Karma package that should be used. + ''; + }; + + configFile = mkOption { + type = types.path; + default = yaml.generate "karma.yaml" cfg.settings; + defaultText = "A configuration file generated from the provided nix attributes settings option."; + description = mdDoc '' + A YAML config file which can be used to configure karma instead of the nix-generated file. + ''; + example = "/etc/karma/karma.conf"; + }; + + environment = mkOption { + type = with types; attrsOf str; + default = {}; + description = mdDoc '' + Additional environment variables to provide to karma. + ''; + example = { + ALERTMANAGER_URI = "https://alertmanager.example.com"; + ALERTMANAGER_NAME= "single"; + }; + }; + + openFirewall = mkOption { + type = types.bool; + default = false; + description = mdDoc '' + Whether to open ports in the firewall needed for karma to function. + ''; + }; + + extraOptions = mkOption { + type = with types; listOf str; + default = []; + description = mdDoc '' + Extra command line options. + ''; + example = [ + "--alertmanager.timeout 10s" + ]; + }; + + settings = mkOption { + type = types.submodule { + freeformType = yaml.type; + + options.listen = { + address = mkOption { + type = types.str; + default = "127.0.0.1"; + description = mdDoc '' + Hostname or IP to listen on. + ''; + example = "[::]"; + }; + + port = mkOption { + type = types.port; + default = 8080; + description = mdDoc '' + HTTP port to listen on. + ''; + example = 8182; + }; + }; + }; + default = { + listen = { + address = "127.0.0.1"; + }; + }; + description = mdDoc '' + Karma dashboard configuration as nix attributes. + + Reference: + ''; + example = { + listen = { + address = "192.168.1.4"; + port = "8000"; + prefix = "/dashboard"; + }; + alertmanager = { + interval = "15s"; + servers = [ + { + name = "prod"; + uri = "http://alertmanager.example.com"; + } + ]; + }; + }; + }; + }; + + config = mkIf cfg.enable { + systemd.services.karma = { + description = "Alert dashboard for Prometheus Alertmanager"; + wantedBy = [ "multi-user.target" ]; + environment = cfg.environment; + serviceConfig = { + Type = "simple"; + DynamicUser = true; + Restart = "on-failure"; + ExecStart = "${pkgs.karma}/bin/karma --config.file ${cfg.configFile} ${concatStringsSep " " cfg.extraOptions}"; + }; + }; + networking.firewall.allowedTCPPorts = mkIf cfg.openFirewall [ cfg.settings.listen.port ]; + }; +} diff --git a/nixos/tests/all-tests.nix b/nixos/tests/all-tests.nix index 36c51b5731001..a872ec86db3b6 100644 --- a/nixos/tests/all-tests.nix +++ b/nixos/tests/all-tests.nix @@ -299,6 +299,7 @@ in { k3s = handleTest ./k3s {}; kafka = handleTest ./kafka.nix {}; kanidm = handleTest ./kanidm.nix {}; + karma = handleTest ./karma.nix {}; kbd-setfont-decompress = handleTest ./kbd-setfont-decompress.nix {}; kbd-update-search-paths-patch = handleTest ./kbd-update-search-paths-patch.nix {}; kea = handleTest ./kea.nix {}; diff --git a/nixos/tests/karma.nix b/nixos/tests/karma.nix new file mode 100644 index 0000000000000..5ac2983b8aa3e --- /dev/null +++ b/nixos/tests/karma.nix @@ -0,0 +1,84 @@ +import ./make-test-python.nix ({ lib, pkgs, ... }: { + name = "karma"; + nodes = { + server = { ... }: { + services.prometheus.alertmanager = { + enable = true; + logLevel = "debug"; + port = 9093; + openFirewall = true; + configuration = { + global = { + resolve_timeout = "1m"; + }; + route = { + # Root route node + receiver = "test"; + group_by = ["..."]; + continue = false; + group_wait = "1s"; + group_interval="15s"; + repeat_interval = "24h"; + }; + receivers = [ + { + name = "test"; + webhook_configs = [ + { + url = "http://localhost:1234"; + send_resolved = true; + max_alerts = 0; + } + ]; + } + ]; + }; + }; + services.karma = { + enable = true; + openFirewall = true; + settings = { + listen = { + address = "0.0.0.0"; + port = 8081; + }; + alertmanager = { + servers = [ + { + name = "alertmanager"; + uri = "https://127.0.0.1:9093"; + } + ]; + }; + karma.name = "test-dashboard"; + log.config = true; + log.requests = true; + log.timestamp = true; + }; + }; + }; + }; + + testScript = '' + start_all() + + with subtest("Wait for server to come up"): + + server.wait_for_unit("alertmanager.service") + server.wait_for_unit("karma.service") + + server.sleep(5) # wait for both services to settle + + server.wait_for_open_port(9093) + server.wait_for_open_port(8081) + + with subtest("Test alertmanager readiness"): + server.succeed("curl -s http://127.0.0.1:9093/-/ready") + + # Karma only starts serving the dashboard once it has established connectivity to all alertmanagers in its config + # Therefore, this will fail if karma isn't able to reach alertmanager + server.succeed("curl -s http://127.0.0.1:8081") + + server.shutdown() + ''; +}) -- cgit 1.4.1 From 28d2fcc400c26a5c48e6affcdc82892283595423 Mon Sep 17 00:00:00 2001 From: victor Date: Sun, 9 Oct 2022 11:19:24 +0200 Subject: vmagent: init at 1.82.0 --- nixos/modules/module-list.nix | 1 + nixos/modules/services/monitoring/vmagent.nix | 100 ++++++++++++++++++++++++++ pkgs/servers/monitoring/vmagent/default.nix | 26 +++++++ pkgs/top-level/all-packages.nix | 2 + 4 files changed, 129 insertions(+) create mode 100644 nixos/modules/services/monitoring/vmagent.nix create mode 100644 pkgs/servers/monitoring/vmagent/default.nix (limited to 'nixos') diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix index db07d6312c426..e45f80957ffef 100644 --- a/nixos/modules/module-list.nix +++ b/nixos/modules/module-list.nix @@ -713,6 +713,7 @@ ./services/monitoring/unifi-poller.nix ./services/monitoring/ups.nix ./services/monitoring/uptime.nix + ./services/monitoring/vmagent.nix ./services/monitoring/vnstat.nix ./services/monitoring/zabbix-agent.nix ./services/monitoring/zabbix-proxy.nix diff --git a/nixos/modules/services/monitoring/vmagent.nix b/nixos/modules/services/monitoring/vmagent.nix new file mode 100644 index 0000000000000..c793bb073199c --- /dev/null +++ b/nixos/modules/services/monitoring/vmagent.nix @@ -0,0 +1,100 @@ +{ config, pkgs, lib, ... }: +with lib; +let + cfg = config.services.vmagent; + settingsFormat = pkgs.formats.json { }; +in { + options.services.vmagent = { + enable = mkEnableOption (lib.mdDoc "vmagent"); + + user = mkOption { + default = "vmagent"; + type = types.str; + description = lib.mdDoc '' + User account under which vmagent runs. + ''; + }; + + group = mkOption { + type = types.str; + default = "vmagent"; + description = lib.mdDoc '' + Group under which vmagent runs. + ''; + }; + + package = mkOption { + default = pkgs.vmagent; + defaultText = lib.literalMD "pkgs.vmagent"; + type = types.package; + description = lib.mdDoc '' + vmagent package to use. + ''; + }; + + dataDir = mkOption { + type = types.str; + default = "/var/lib/vmagent"; + description = lib.mdDoc '' + The directory where vmagent stores its data files. + ''; + }; + + remoteWriteUrl = mkOption { + default = "http://localhost:8428/api/v1/write"; + type = types.str; + description = lib.mdDoc '' + The storage endpoint such as VictoriaMetrics + ''; + }; + + prometheusConfig = mkOption { + type = lib.types.submodule { freeformType = settingsFormat.type; }; + description = lib.mdDoc '' + Config for prometheus style metrics + ''; + }; + + openFirewall = mkOption { + type = types.bool; + default = false; + description = lib.mdDoc '' + Whether to open the firewall for the default ports. + ''; + }; + }; + + config = mkIf cfg.enable { + users.groups = mkIf (cfg.group == "vmagent") { vmagent = { }; }; + + users.users = mkIf (cfg.user == "vmagent") { + vmagent = { + group = cfg.group; + description = "vmagent daemon user"; + home = cfg.dataDir; + isSystemUser = true; + }; + }; + + networking.firewall.allowedTCPPorts = mkIf cfg.openFirewall [ 8429 ]; + + systemd.services.vmagent = let + prometheusConfig = settingsFormat.generate "prometheusConfig.yaml" cfg.prometheusConfig; + in { + wantedBy = [ "multi-user.target" ]; + after = [ "network.target" ]; + description = "vmagent system service"; + serviceConfig = { + User = cfg.user; + Group = cfg.group; + Type = "simple"; + Restart = "on-failure"; + WorkingDirectory = cfg.dataDir; + ExecStart = "${cfg.package}/bin/vmagent -remoteWrite.url=${cfg.remoteWriteUrl} -promscrape.config=${prometheusConfig}"; + }; + }; + + systemd.tmpfiles.rules = + [ "d '${cfg.dataDir}' 0755 ${cfg.user} ${cfg.group} -" ]; + }; +} diff --git a/pkgs/servers/monitoring/vmagent/default.nix b/pkgs/servers/monitoring/vmagent/default.nix new file mode 100644 index 0000000000000..df7a5ee987bf1 --- /dev/null +++ b/pkgs/servers/monitoring/vmagent/default.nix @@ -0,0 +1,26 @@ +{ lib, fetchFromGitHub, buildGoModule }: +buildGoModule rec { + pname = "vmagent"; + version = "1.82.0"; + + src = fetchFromGitHub { + owner = "VictoriaMetrics"; + repo = "VictoriaMetrics"; + rev = "v${version}"; + sha256 = "JIl2WeveDoAHzqJ2cqMxpWeNf4yQC9fIdfECOJywJ2A="; + }; + + ldflags = [ "-s" "-w" "-X github.com/VictoriaMetrics/VictoriaMetrics/lib/buildinfo.Version=${version}" ]; + + vendorSha256 = null; + + subPackages = [ "app/vmagent" ]; + + meta = with lib; { + homepage = "https://github.com/VictoriaMetrics/VictoriaMetrics/tree/master/app/vmagent"; + description = "VictoriaMetrics metrics scraper"; + license = licenses.asl20; + platforms = platforms.linux; + maintainers = with maintainers; [ nullx76 ]; + }; +} diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index b51c0bbbe3d0a..07ad765c2f823 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -24174,6 +24174,8 @@ with pkgs; virtualenv-clone = with python3Packages; toPythonApplication virtualenv-clone; + vmagent = callPackage ../servers/monitoring/vmagent { }; + vsftpd = callPackage ../servers/ftp/vsftpd { }; wallabag = callPackage ../servers/web-apps/wallabag { }; -- cgit 1.4.1 From 611f247810ab76bedd6ed544068232982c071f06 Mon Sep 17 00:00:00 2001 From: Robert Hensing Date: Sun, 16 Oct 2022 16:18:00 +0200 Subject: nixos/tests: Generalize nix-build file.nix hack to testing-python.nix --- nixos/lib/testing-python.nix | 10 ++++++++-- nixos/tests/make-test-python.nix | 4 +--- 2 files changed, 9 insertions(+), 5 deletions(-) (limited to 'nixos') diff --git a/nixos/lib/testing-python.nix b/nixos/lib/testing-python.nix index f63b6c78f6da3..d7204a2bc1434 100644 --- a/nixos/lib/testing-python.nix +++ b/nixos/lib/testing-python.nix @@ -29,7 +29,9 @@ rec { }; }; - # Make a full-blown test + # Make a full-blown test (legacy) + # For an official public interface to the tests, see + # https://nixos.org/manual/nixos/unstable/index.html#sec-calling-nixos-tests makeTest = { machine ? null , nodes ? {} @@ -48,7 +50,8 @@ rec { else builtins.unsafeGetAttrPos "testScript" t) , extraPythonPackages ? (_ : []) , interactive ? {} - } @ t: + } @ t: let + testConfig = (evalTest { imports = [ { _file = "makeTest parameters"; config = t; } @@ -60,6 +63,9 @@ rec { } ]; }).config; + in + testConfig.test # For nix-build + // testConfig; # For all-tests.nix simpleTest = as: (makeTest as).test; diff --git a/nixos/tests/make-test-python.nix b/nixos/tests/make-test-python.nix index c3bbd67423726..7a96f538d8d7a 100644 --- a/nixos/tests/make-test-python.nix +++ b/nixos/tests/make-test-python.nix @@ -6,6 +6,4 @@ f: { with import ../lib/testing-python.nix { inherit system pkgs; }; -let testConfig = makeTest (if pkgs.lib.isFunction f then f (args // { inherit pkgs; inherit (pkgs) lib; }) else f); -in testConfig.test # For nix-build - // testConfig # For all-tests.nix +makeTest (if pkgs.lib.isFunction f then f (args // { inherit pkgs; inherit (pkgs) lib; }) else f) -- cgit 1.4.1 From 1d9b9130883550f2f928c573b35fe8b8193d5c4b Mon Sep 17 00:00:00 2001 From: Robert Hensing Date: Sun, 16 Oct 2022 16:19:29 +0200 Subject: nixos/lib/testing: Delay nodes.machine.~config~ migration Provide a window during which both solutions are valid without warnings, in order to fight warning fatigue, and not to push 3rd party repo maintainers to add unnecessary compat code. --- nixos/lib/testing/nodes.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'nixos') diff --git a/nixos/lib/testing/nodes.nix b/nixos/lib/testing/nodes.nix index 0395238cbaae7..8e620c96b3bb1 100644 --- a/nixos/lib/testing/nodes.nix +++ b/nixos/lib/testing/nodes.nix @@ -101,7 +101,7 @@ in nodesCompat = mapAttrs (name: config: config // { - config = lib.warn + config = lib.warnIf (lib.isInOldestRelease 2211) "Module argument `nodes.${name}.config` is deprecated. Use `nodes.${name}` instead." config; }) -- cgit 1.4.1 From 76e1e908c1cbcf54b5a328af6e62a483f0637a60 Mon Sep 17 00:00:00 2001 From: Karel Kočí Date: Mon, 17 Oct 2022 16:11:56 +0200 Subject: nixos/modules/virtualisation: fix oci-containers with docker The empty attribute set is invalidly provided as service config and results in evaluation error. --- nixos/modules/virtualisation/oci-containers.nix | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) (limited to 'nixos') diff --git a/nixos/modules/virtualisation/oci-containers.nix b/nixos/modules/virtualisation/oci-containers.nix index 36a28efc6ce44..61066c3cbd758 100644 --- a/nixos/modules/virtualisation/oci-containers.nix +++ b/nixos/modules/virtualisation/oci-containers.nix @@ -304,12 +304,13 @@ let # ExecReload = ...; ### - Environment=if cfg.backend == "podman" then "PODMAN_SYSTEMD_UNIT=podman-${name}.service" else {}; - Type=if cfg.backend == "podman" then "notify" else {}; - NotifyAccess=if cfg.backend == "podman" then "all" else {}; TimeoutStartSec = 0; TimeoutStopSec = 120; Restart = "always"; + } // optionalAttrs (cfg.backend == "podman") { + Environment="PODMAN_SYSTEMD_UNIT=podman-${name}.service"; + Type="notify"; + NotifyAccess="all"; }; }; -- cgit 1.4.1 From dc529302fecd1a4cfec568524135da1a49f5640b Mon Sep 17 00:00:00 2001 From: Jean-François Roche Date: Mon, 17 Oct 2022 14:40:08 +0200 Subject: nixos: add cachix watch-store service Self hosted CI push built packages asynchronously to cachix using a service. Based on @Mic92 [code](https://github.com/cachix/cachix/issues/370#issuecomment-817081937) --- .../modules/services/system/cachix-watch-store.nix | 87 ++++++++++++++++++++++ 1 file changed, 87 insertions(+) create mode 100644 nixos/modules/services/system/cachix-watch-store.nix (limited to 'nixos') diff --git a/nixos/modules/services/system/cachix-watch-store.nix b/nixos/modules/services/system/cachix-watch-store.nix new file mode 100644 index 0000000000000..ec73c0bcdcfe5 --- /dev/null +++ b/nixos/modules/services/system/cachix-watch-store.nix @@ -0,0 +1,87 @@ +{ config, pkgs, lib, ... }: + +with lib; + +let + cfg = config.services.cachix-watch-store; +in +{ + meta.maintainers = [ lib.maintainers.jfroche lib.maintainers.domenkozar ]; + + options.services.cachix-watch-store = { + enable = mkEnableOption (lib.mdDoc "Cachix Watch Store: https://docs.cachix.org"); + + cacheName = mkOption { + type = types.str; + description = lib.mdDoc "Cachix binary cache name"; + }; + + cachixTokenFile = mkOption { + type = types.path; + description = lib.mdDoc '' + Required file that needs to contain the cachix auth token. + ''; + }; + + compressionLevel = mkOption { + type = types.nullOr types.int; + description = lib.mdDoc "The compression level for XZ compression (between 0 and 9)"; + default = null; + }; + + jobs = mkOption { + type = types.nullOr types.int; + description = lib.mdDoc "Number of threads used for pushing store paths"; + default = null; + }; + + host = mkOption { + type = types.nullOr types.str; + default = null; + description = lib.mdDoc "Cachix host to connect to"; + }; + + verbose = mkOption { + type = types.bool; + description = lib.mdDoc "Enable verbose output"; + default = false; + }; + + package = mkOption { + type = types.package; + default = pkgs.cachix; + defaultText = literalExpression "pkgs.cachix"; + description = lib.mdDoc "Cachix Client package to use."; + }; + + }; + + config = mkIf cfg.enable { + systemd.services.cachix-watch-store-agent = { + description = "Cachix watch store Agent"; + after = [ "network-online.target" ]; + path = [ config.nix.package ]; + wantedBy = [ "multi-user.target" ]; + serviceConfig = { + # we don't want to kill children processes as those are deployments + KillMode = "process"; + Restart = "on-failure"; + DynamicUser = true; + LoadCredential = [ + "cachix-token:${toString cfg.cachixTokenFile}" + ]; + }; + script = + let + command = [ "${cfg.package}/bin/cachix" ] + ++ (lib.optional cfg.verbose "--verbose") ++ (lib.optionals (cfg.host != null) [ "--host" cfg.host ]) + ++ [ "watch-store" ] ++ (lib.optionals (cfg.compressionLevel != null) [ "--compression-level" (toString cfg.compressionLevel) ]) + ++ (lib.optionals (cfg.jobs != null) [ "--jobs" (toString cfg.jobs) ]) ++ [ cfg.cacheName ]; + in + '' + export CACHIX_AUTH_TOKEN="$(<"$CREDENTIALS_DIRECTORY/cachix-token")" + ${lib.escapeShellArgs command} + ''; + }; + }; +} -- cgit 1.4.1 From a99ab1fbc16dfdbe4922aa30357886fd5e09e7a0 Mon Sep 17 00:00:00 2001 From: matthewcroughan Date: Mon, 17 Oct 2022 22:59:24 +0100 Subject: nixos/printing: add services.printing.stateless option This will remove all state directories related to CUPS on startup, which is particularly useful for guaranteeing that printer discovery works more reliably on some networks, since CUPS will no longer be able to store state that effects the next run of the service, such as old printer names and mDNS information. Co-authored-by: Sandro --- nixos/modules/services/printing/cupsd.nix | 14 ++++++++++++-- nixos/tests/printing.nix | 1 + 2 files changed, 13 insertions(+), 2 deletions(-) (limited to 'nixos') diff --git a/nixos/modules/services/printing/cupsd.nix b/nixos/modules/services/printing/cupsd.nix index fea7ffb673ca0..ae59dcc226de8 100644 --- a/nixos/modules/services/printing/cupsd.nix +++ b/nixos/modules/services/printing/cupsd.nix @@ -134,6 +134,15 @@ in ''; }; + stateless = mkOption { + type = types.bool; + default = false; + description = lib.mdDoc '' + If set, all state directories relating to CUPS will be removed on + startup of the service. + ''; + }; + startWhenNeeded = mkOption { type = types.bool; default = true; @@ -343,8 +352,9 @@ in path = [ cups.out ]; - preStart = - '' + preStart = lib.optionalString cfg.stateless '' + rm -rf /var/cache/cups /var/lib/cups /var/spool/cups + '' + '' mkdir -m 0700 -p /var/cache/cups mkdir -m 0700 -p /var/spool/cups mkdir -m 0755 -p ${cfg.tempDir} diff --git a/nixos/tests/printing.nix b/nixos/tests/printing.nix index 6338fd8d8ac10..cfebe232d92a0 100644 --- a/nixos/tests/printing.nix +++ b/nixos/tests/printing.nix @@ -4,6 +4,7 @@ import ./make-test-python.nix ({pkgs, ... }: let printingServer = startWhenNeeded: { services.printing.enable = true; + services.printing.stateless = true; services.printing.startWhenNeeded = startWhenNeeded; services.printing.listenAddresses = [ "*:631" ]; services.printing.defaultShared = true; -- cgit 1.4.1