2018-04-19 12:23:00 +02:00
|
|
|
{ config, pkgs, lib, ... }:
|
|
|
|
|
|
|
|
|
|
with lib;
|
|
|
|
|
|
|
|
|
|
let
|
|
|
|
|
cfg = config.services.oxidized;
|
|
|
|
|
in
|
|
|
|
|
{
|
|
|
|
|
options.services.oxidized = {
|
2019-04-19 21:41:48 -04:00
|
|
|
enable = mkEnableOption "the oxidized configuration backup service";
|
2018-04-19 12:23:00 +02:00
|
|
|
|
|
|
|
|
user = mkOption {
|
|
|
|
|
type = types.str;
|
|
|
|
|
default = "oxidized";
|
|
|
|
|
description = ''
|
|
|
|
|
User under which the oxidized service runs.
|
|
|
|
|
'';
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
group = mkOption {
|
|
|
|
|
type = types.str;
|
|
|
|
|
default = "oxidized";
|
|
|
|
|
description = ''
|
|
|
|
|
Group under which the oxidized service runs.
|
|
|
|
|
'';
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
dataDir = mkOption {
|
|
|
|
|
type = types.path;
|
|
|
|
|
default = "/var/lib/oxidized";
|
|
|
|
|
description = "State directory for the oxidized service.";
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
configFile = mkOption {
|
|
|
|
|
type = types.path;
|
|
|
|
|
example = literalExample ''
|
|
|
|
|
pkgs.writeText "oxidized-config.yml" '''
|
|
|
|
|
---
|
|
|
|
|
debug: true
|
|
|
|
|
use_syslog: true
|
|
|
|
|
input:
|
|
|
|
|
default: ssh
|
|
|
|
|
ssh:
|
|
|
|
|
secure: true
|
|
|
|
|
interval: 3600
|
|
|
|
|
model_map:
|
|
|
|
|
dell: powerconnect
|
|
|
|
|
hp: procurve
|
|
|
|
|
source:
|
|
|
|
|
default: csv
|
|
|
|
|
csv:
|
|
|
|
|
delimiter: !ruby/regexp /:/
|
|
|
|
|
file: "/var/lib/oxidized/.config/oxidized/router.db"
|
|
|
|
|
map:
|
|
|
|
|
name: 0
|
|
|
|
|
model: 1
|
|
|
|
|
username: 2
|
|
|
|
|
password: 3
|
|
|
|
|
pid: "/var/lib/oxidized/.config/oxidized/pid"
|
|
|
|
|
rest: 127.0.0.1:8888
|
|
|
|
|
retries: 3
|
|
|
|
|
# ... additional config
|
|
|
|
|
''';
|
|
|
|
|
'';
|
|
|
|
|
description = ''
|
|
|
|
|
Path to the oxidized configuration file.
|
|
|
|
|
'';
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
routerDB = mkOption {
|
|
|
|
|
type = types.path;
|
|
|
|
|
example = literalExample ''
|
|
|
|
|
pkgs.writeText "oxidized-router.db" '''
|
|
|
|
|
hostname-sw1:powerconnect:username1:password2
|
|
|
|
|
hostname-sw2:procurve:username2:password2
|
|
|
|
|
# ... additional hosts
|
|
|
|
|
'''
|
|
|
|
|
'';
|
|
|
|
|
description = ''
|
|
|
|
|
Path to the file/database which contains the targets for oxidized.
|
|
|
|
|
'';
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
config = mkIf cfg.enable {
|
2018-06-30 01:58:35 +02:00
|
|
|
users.groups.${cfg.group} = { };
|
|
|
|
|
users.users.${cfg.user} = {
|
2018-04-19 12:23:00 +02:00
|
|
|
description = "Oxidized service user";
|
|
|
|
|
group = cfg.group;
|
|
|
|
|
home = cfg.dataDir;
|
|
|
|
|
createHome = true;
|
2019-10-12 22:25:28 +02:00
|
|
|
isSystemUser = true;
|
2018-04-19 12:23:00 +02:00
|
|
|
};
|
|
|
|
|
|
|
|
|
|
systemd.services.oxidized = {
|
|
|
|
|
wantedBy = [ "multi-user.target" ];
|
|
|
|
|
after = [ "network.target" ];
|
|
|
|
|
|
|
|
|
|
preStart = ''
|
|
|
|
|
mkdir -p ${cfg.dataDir}/.config/oxidized
|
2019-08-14 09:22:02 +00:00
|
|
|
ln -f -s ${cfg.routerDB} ${cfg.dataDir}/.config/oxidized/router.db
|
|
|
|
|
ln -f -s ${cfg.configFile} ${cfg.dataDir}/.config/oxidized/config
|
2018-04-19 12:23:00 +02:00
|
|
|
'';
|
|
|
|
|
|
|
|
|
|
serviceConfig = {
|
|
|
|
|
ExecStart = "${pkgs.oxidized}/bin/oxidized";
|
|
|
|
|
User = cfg.user;
|
|
|
|
|
Group = cfg.group;
|
|
|
|
|
UMask = "0077";
|
|
|
|
|
NoNewPrivileges = true;
|
|
|
|
|
Restart = "always";
|
|
|
|
|
WorkingDirectory = cfg.dataDir;
|
|
|
|
|
KillSignal = "SIGKILL";
|
2020-01-06 16:58:54 +01:00
|
|
|
PIDFile = "${cfg.dataDir}/.config/oxidized/pid";
|
2018-04-19 12:23:00 +02:00
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
}
|
