3 files changed, 128 insertions, 2 deletions
diff --git a/custom/libvirtd-guests.nix b/custom/libvirtd-guests.nix
new file mode 100644
index 00000000..36ffa3c9
--- /dev/null
+++ b/custom/libvirtd-guests.nix
@@ -0,0 +1,84 @@
+{ config, pkgs, lib, utils, ... }:
+with utils;
+with lib;
+let
+  cfg = virtualisation.libvirtd;
+  textfile = with types; coercedTo str (pkgs.writeText "spec.xml") path;
+  domain = {
+    options = {
+      xml = mkOption {
+        type = 
+      };
+      autostart = mkOption {
+        type = types.bool;
+        default = true;
+      };
+    };
+  };
+  define = let
+    python = pkgs.python27.withPackages (ps: with ps; [ libvirt ]);
+  in dCfg: ''
+    #!${python}/bin/python
+    import libvirt
+    import sys
+    conn = libvirt.open(None);
+    if conn == None:
+      print('Failed to open connection to hypervisor', file=sys.stderr)
+      sys.exit(1)
+    xmlFile = open(${escapeShellArg dCfg.xml}, 'r')
+    dom = conn.defineXML(xmlFile.read(), 0)
+    xmlFile.close()
+    if dom == None:
+      print('Failed to define domain', file=sys.stderr)
+      sys.exit(1)
+    dom.setAutostart(${if dCfg.autostart then "1" else "0"})
+    conn.close()
+    sys.exit(0)
+  '';
+in {
+  options = {
+    virtualisation.libvirtd = {
+      domains = mkOption {
+        type = with types; attrsOf (submodule guest);
+        default = {};
+      };
+    };
+  };
+  config = mkIf (cfg.domains != {}) {
+    systemd.services."libvirtd-guest@" = {
+      after = [ "libvirtd.service" ];
+      bindsTo = [ "libvirtd.service" ];
+      before = [ "libvirt-guests.service" ];
+      serviceConfig = {
+        Type = "oneshot";
+        RemainAfterExit = true;
+      };
+      path = with pkgs; [ libvirtd ];
+    };
+    systemd.services = mapAttrs' (dName: dCfg: nameValuePair ("libvirtd-guest@" + escapeSystemdPath dName + ".service") {
+      serviceConfig = {
+        ExecStart = pkgs.writeScript (dName + ".py") (define dCfg);
+      };
+    }) cfg.domains;
+    systemd.services."libvirt-guests.service" = {
+      wants = mapAttrsToList (dName: dCfg: "libvirtd-guest@" + escapeSystemdPath dName + ".service") cfg.domains;
+    };
+  };
+}
diff --git a/custom/uucp-notifyclient.nix b/custom/uucp-notifyclient.nix
new file mode 100644
index 00000000..373c0553
--- /dev/null
+++ b/custom/uucp-notifyclient.nix
@@ -0,0 +1,37 @@
+{ config, lib, pkgs, ... }:
+with lib;
+let
+  cfg = config.services.uucp.notify-client;
+  nodeConfig = {
+    options = {
+      allowedUsers = mkOption {
+        type = with types; uniq (listOf str);
+        default = services.notify-users.allowedUsers;
+      };
+    };
+  };
+in {
+  options = {
+    services.uucp.notify-client = mkOption {
+      remoteNodes = mkOption {
+        type = with types; attrsOf (submodule nodeConfig);
+        default = [];
+        description = ''
+          Servers to receive notifications from
+        '';
+      };
+    };
+  };
+  imports = [ ./notify-users.nix ];
+  config = mkIf (cfg.nodes != {}) {
+    services.notify-users = concatMap ({ allowedUsers }: allowedUsers) cfg.remoteNodes;
+    services.uucp.remoteNodes = mapAttrs (name: { allowedUsers }: { commands = map (user: "notify-${user}") allowedUsers; }) cfg.remoteNodes;
+    services.uucp.commandPath = [ config.security.wrapperDir ];
+  };
+}
diff --git a/hel.nix b/hel.nix
index efc58b8f..0c64ef19 100644
--- a/hel.nix
+++ b/hel.nix
@@ -16,6 +16,7 @@
      ./custom/uucp.nix
      ./custom/borgbackup.nix
      ./custom/uucp-mediaclient.nix
+      ./custom/uucp-notifyclient.nix
      ./custom/notify-users.nix
      ./utils/nix/module.nix
    ];
@@ -216,7 +217,6 @@
        "odin" = {
          publicKeys = ["ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKcDj49TqmflGTmtGBqDawxmCBWW1txj61CZ7KT0hTHK uucp@odin"];
          hostnames = ["odin.asgard.yggdrasil"];
-          commands = ["notify-gkleen"];
        };
        "ymir" = {
          publicKeys = ["ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFH1QWdgoC03nzW5GBuCl2pqASHeIXIYtE9IInHdaKcO uucp@ymir"];
@@ -224,13 +224,18 @@
        };
      };
      
-      commandPath = [ "${config.security.wrapperDir}" ];
      defaultCommands = lib.mkForce [];
      media-client = {
        remoteNodes = [ "odin" ];
        notify.users = [ "gkleen" ];
      };
+      notify-client = {
+        remoteNodes = {
+          odin = {};
+        };
+      };
    };
    notify-users = [ "gkleen" ];

diff --git a/custom/libvirtd-guests.nix b/custom/libvirtd-guests.nix new file mode 100644 index 00000000..36ffa3c9 --- /dev/null +++ b/custom/libvirtd-guests.nix
@@ -0,0 +1,84 @@
		1	{ config, pkgs, lib, utils, ... }:
		2
		3	with utils;
		4	with lib;
		5
		6	let
		7	cfg = virtualisation.libvirtd;
		8
		9	textfile = with types; coercedTo str (pkgs.writeText "spec.xml") path;
		10
		11	domain = {
		12	options = {
		13	xml = mkOption {
		14	type =
		15	};
		16
		17	autostart = mkOption {
		18	type = types.bool;
		19	default = true;
		20	};
		21	};
		22	};
		23
		24	define = let
		25	python = pkgs.python27.withPackages (ps: with ps; [ libvirt ]);
		26	in dCfg: ''
		27	#!${python}/bin/python
		28
		29	import libvirt
		30	import sys
		31
		32	conn = libvirt.open(None);
		33	if conn == None:
		34	print('Failed to open connection to hypervisor', file=sys.stderr)
		35	sys.exit(1)
		36
		37	xmlFile = open(${escapeShellArg dCfg.xml}, 'r')
		38	dom = conn.defineXML(xmlFile.read(), 0)
		39	xmlFile.close()
		40	if dom == None:
		41	print('Failed to define domain', file=sys.stderr)
		42	sys.exit(1)
		43
		44	dom.setAutostart(${if dCfg.autostart then "1" else "0"})
		45
		46	conn.close()
		47	sys.exit(0)
		48	'';
		49	in {
		50	options = {
		51	virtualisation.libvirtd = {
		52	domains = mkOption {
		53	type = with types; attrsOf (submodule guest);
		54	default = {};
		55	};
		56	};
		57	};
		58
		59	config = mkIf (cfg.domains != {}) {
		60	systemd.services."libvirtd-guest@" = {
		61	after = [ "libvirtd.service" ];
		62	bindsTo = [ "libvirtd.service" ];
		63
		64	before = [ "libvirt-guests.service" ];
		65
		66	serviceConfig = {
		67	Type = "oneshot";
		68	RemainAfterExit = true;
		69	};
		70
		71	path = with pkgs; [ libvirtd ];
		72	};
		73
		74	systemd.services = mapAttrs' (dName: dCfg: nameValuePair ("libvirtd-guest@" + escapeSystemdPath dName + ".service") {
		75	serviceConfig = {
		76	ExecStart = pkgs.writeScript (dName + ".py") (define dCfg);
		77	};
		78	}) cfg.domains;
		79
		80	systemd.services."libvirt-guests.service" = {
		81	wants = mapAttrsToList (dName: dCfg: "libvirtd-guest@" + escapeSystemdPath dName + ".service") cfg.domains;
		82	};
		83	};
		84	}


diff --git a/custom/uucp-notifyclient.nix b/custom/uucp-notifyclient.nix new file mode 100644 index 00000000..373c0553 --- /dev/null +++ b/custom/uucp-notifyclient.nix
@@ -0,0 +1,37 @@
		1	{ config, lib, pkgs, ... }:
		2
		3	with lib;
		4
		5	let
		6	cfg = config.services.uucp.notify-client;
		7
		8	nodeConfig = {
		9	options = {
		10	allowedUsers = mkOption {
		11	type = with types; uniq (listOf str);
		12	default = services.notify-users.allowedUsers;
		13	};
		14	};
		15	};
		16	in {
		17	options = {
		18	services.uucp.notify-client = mkOption {
		19	remoteNodes = mkOption {
		20	type = with types; attrsOf (submodule nodeConfig);
		21	default = [];
		22	description = ''
		23	Servers to receive notifications from
		24	'';
		25	};
		26	};
		27	};
		28
		29	imports = [ ./notify-users.nix ];
		30
		31	config = mkIf (cfg.nodes != {}) {
		32	services.notify-users = concatMap ({ allowedUsers }: allowedUsers) cfg.remoteNodes;
		33
		34	services.uucp.remoteNodes = mapAttrs (name: { allowedUsers }: { commands = map (user: "notify-${user}") allowedUsers; }) cfg.remoteNodes;
		35	services.uucp.commandPath = [ config.security.wrapperDir ];
		36	};
		37	}


diff --git a/hel.nix b/hel.nix index efc58b8f..0c64ef19 100644 --- a/hel.nix +++ b/hel.nix
@@ -16,6 +16,7 @@
16	./custom/uucp.nix	16	./custom/uucp.nix
17	./custom/borgbackup.nix	17	./custom/borgbackup.nix
18	./custom/uucp-mediaclient.nix	18	./custom/uucp-mediaclient.nix
		19	./custom/uucp-notifyclient.nix
19	./custom/notify-users.nix	20	./custom/notify-users.nix
20	./utils/nix/module.nix	21	./utils/nix/module.nix
21	];	22	];
@@ -216,7 +217,6 @@
216	"odin" = {	217	"odin" = {
217	publicKeys = ["ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKcDj49TqmflGTmtGBqDawxmCBWW1txj61CZ7KT0hTHK uucp@odin"];	218	publicKeys = ["ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKcDj49TqmflGTmtGBqDawxmCBWW1txj61CZ7KT0hTHK uucp@odin"];
218	hostnames = ["odin.asgard.yggdrasil"];	219	hostnames = ["odin.asgard.yggdrasil"];
219	commands = ["notify-gkleen"];
220	};	220	};
221	"ymir" = {	221	"ymir" = {
222	publicKeys = ["ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFH1QWdgoC03nzW5GBuCl2pqASHeIXIYtE9IInHdaKcO uucp@ymir"];	222	publicKeys = ["ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFH1QWdgoC03nzW5GBuCl2pqASHeIXIYtE9IInHdaKcO uucp@ymir"];
@@ -224,13 +224,18 @@
224	};	224	};
225	};	225	};
226		226
227	commandPath = [ "${config.security.wrapperDir}" ];
228	defaultCommands = lib.mkForce [];	227	defaultCommands = lib.mkForce [];
229		228
230	media-client = {	229	media-client = {
231	remoteNodes = [ "odin" ];	230	remoteNodes = [ "odin" ];
232	notify.users = [ "gkleen" ];	231	notify.users = [ "gkleen" ];
233	};	232	};
		233
		234	notify-client = {
		235	remoteNodes = {
		236	odin = {};
		237	};
		238	};
234	};	239	};
235		240
236	notify-users = [ "gkleen" ];	241	notify-users = [ "gkleen" ];