summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--custom/libvirtd-guests.nix84
-rw-r--r--custom/uucp-notifyclient.nix37
-rw-r--r--hel.nix9
3 files changed, 128 insertions, 2 deletions
diff --git a/custom/libvirtd-guests.nix b/custom/libvirtd-guests.nix
new file mode 100644
index 00000000..36ffa3c9
--- /dev/null
+++ b/custom/libvirtd-guests.nix
@@ -0,0 +1,84 @@
1{ config, pkgs, lib, utils, ... }:
2
3with utils;
4with lib;
5
6let
7 cfg = virtualisation.libvirtd;
8
9 textfile = with types; coercedTo str (pkgs.writeText "spec.xml") path;
10
11 domain = {
12 options = {
13 xml = mkOption {
14 type =
15 };
16
17 autostart = mkOption {
18 type = types.bool;
19 default = true;
20 };
21 };
22 };
23
24 define = let
25 python = pkgs.python27.withPackages (ps: with ps; [ libvirt ]);
26 in dCfg: ''
27 #!${python}/bin/python
28
29 import libvirt
30 import sys
31
32 conn = libvirt.open(None);
33 if conn == None:
34 print('Failed to open connection to hypervisor', file=sys.stderr)
35 sys.exit(1)
36
37 xmlFile = open(${escapeShellArg dCfg.xml}, 'r')
38 dom = conn.defineXML(xmlFile.read(), 0)
39 xmlFile.close()
40 if dom == None:
41 print('Failed to define domain', file=sys.stderr)
42 sys.exit(1)
43
44 dom.setAutostart(${if dCfg.autostart then "1" else "0"})
45
46 conn.close()
47 sys.exit(0)
48 '';
49in {
50 options = {
51 virtualisation.libvirtd = {
52 domains = mkOption {
53 type = with types; attrsOf (submodule guest);
54 default = {};
55 };
56 };
57 };
58
59 config = mkIf (cfg.domains != {}) {
60 systemd.services."libvirtd-guest@" = {
61 after = [ "libvirtd.service" ];
62 bindsTo = [ "libvirtd.service" ];
63
64 before = [ "libvirt-guests.service" ];
65
66 serviceConfig = {
67 Type = "oneshot";
68 RemainAfterExit = true;
69 };
70
71 path = with pkgs; [ libvirtd ];
72 };
73
74 systemd.services = mapAttrs' (dName: dCfg: nameValuePair ("libvirtd-guest@" + escapeSystemdPath dName + ".service") {
75 serviceConfig = {
76 ExecStart = pkgs.writeScript (dName + ".py") (define dCfg);
77 };
78 }) cfg.domains;
79
80 systemd.services."libvirt-guests.service" = {
81 wants = mapAttrsToList (dName: dCfg: "libvirtd-guest@" + escapeSystemdPath dName + ".service") cfg.domains;
82 };
83 };
84}
diff --git a/custom/uucp-notifyclient.nix b/custom/uucp-notifyclient.nix
new file mode 100644
index 00000000..373c0553
--- /dev/null
+++ b/custom/uucp-notifyclient.nix
@@ -0,0 +1,37 @@
1{ config, lib, pkgs, ... }:
2
3with lib;
4
5let
6 cfg = config.services.uucp.notify-client;
7
8 nodeConfig = {
9 options = {
10 allowedUsers = mkOption {
11 type = with types; uniq (listOf str);
12 default = services.notify-users.allowedUsers;
13 };
14 };
15 };
16in {
17 options = {
18 services.uucp.notify-client = mkOption {
19 remoteNodes = mkOption {
20 type = with types; attrsOf (submodule nodeConfig);
21 default = [];
22 description = ''
23 Servers to receive notifications from
24 '';
25 };
26 };
27 };
28
29 imports = [ ./notify-users.nix ];
30
31 config = mkIf (cfg.nodes != {}) {
32 services.notify-users = concatMap ({ allowedUsers }: allowedUsers) cfg.remoteNodes;
33
34 services.uucp.remoteNodes = mapAttrs (name: { allowedUsers }: { commands = map (user: "notify-${user}") allowedUsers; }) cfg.remoteNodes;
35 services.uucp.commandPath = [ config.security.wrapperDir ];
36 };
37}
diff --git a/hel.nix b/hel.nix
index efc58b8f..0c64ef19 100644
--- a/hel.nix
+++ b/hel.nix
@@ -16,6 +16,7 @@
16 ./custom/uucp.nix 16 ./custom/uucp.nix
17 ./custom/borgbackup.nix 17 ./custom/borgbackup.nix
18 ./custom/uucp-mediaclient.nix 18 ./custom/uucp-mediaclient.nix
19 ./custom/uucp-notifyclient.nix
19 ./custom/notify-users.nix 20 ./custom/notify-users.nix
20 ./utils/nix/module.nix 21 ./utils/nix/module.nix
21 ]; 22 ];
@@ -216,7 +217,6 @@
216 "odin" = { 217 "odin" = {
217 publicKeys = ["ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKcDj49TqmflGTmtGBqDawxmCBWW1txj61CZ7KT0hTHK uucp@odin"]; 218 publicKeys = ["ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKcDj49TqmflGTmtGBqDawxmCBWW1txj61CZ7KT0hTHK uucp@odin"];
218 hostnames = ["odin.asgard.yggdrasil"]; 219 hostnames = ["odin.asgard.yggdrasil"];
219 commands = ["notify-gkleen"];
220 }; 220 };
221 "ymir" = { 221 "ymir" = {
222 publicKeys = ["ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFH1QWdgoC03nzW5GBuCl2pqASHeIXIYtE9IInHdaKcO uucp@ymir"]; 222 publicKeys = ["ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFH1QWdgoC03nzW5GBuCl2pqASHeIXIYtE9IInHdaKcO uucp@ymir"];
@@ -224,13 +224,18 @@
224 }; 224 };
225 }; 225 };
226 226
227 commandPath = [ "${config.security.wrapperDir}" ];
228 defaultCommands = lib.mkForce []; 227 defaultCommands = lib.mkForce [];
229 228
230 media-client = { 229 media-client = {
231 remoteNodes = [ "odin" ]; 230 remoteNodes = [ "odin" ];
232 notify.users = [ "gkleen" ]; 231 notify.users = [ "gkleen" ];
233 }; 232 };
233
234 notify-client = {
235 remoteNodes = {
236 odin = {};
237 };
238 };
234 }; 239 };
235 240
236 notify-users = [ "gkleen" ]; 241 notify-users = [ "gkleen" ];