23b612e36f
GitOrigin-RevId: ae5c332cbb5827f6b1f02572496b141021de335f
242 lines
6.6 KiB
Nix
242 lines
6.6 KiB
Nix
{ config, lib, pkgs, ... }:
|
|
|
|
with lib;
|
|
|
|
let
|
|
cfg = config.services.cloud-init;
|
|
path = with pkgs; [
|
|
cloud-init
|
|
iproute2
|
|
nettools
|
|
openssh
|
|
shadow
|
|
util-linux
|
|
busybox
|
|
]
|
|
++ optional cfg.btrfs.enable btrfs-progs
|
|
++ optional cfg.ext4.enable e2fsprogs
|
|
++ optional cfg.xfs.enable xfsprogs
|
|
;
|
|
settingsFormat = pkgs.formats.yaml { };
|
|
cfgfile = settingsFormat.generate "cloud.cfg" cfg.settings;
|
|
in
|
|
{
|
|
options = {
|
|
services.cloud-init = {
|
|
enable = mkOption {
|
|
type = types.bool;
|
|
default = false;
|
|
description = mdDoc ''
|
|
Enable the cloud-init service. This services reads
|
|
configuration metadata in a cloud environment and configures
|
|
the machine according to this metadata.
|
|
|
|
This configuration is not completely compatible with the
|
|
NixOS way of doing configuration, as configuration done by
|
|
cloud-init might be overridden by a subsequent nixos-rebuild
|
|
call. However, some parts of cloud-init fall outside of
|
|
NixOS's responsibility, like filesystem resizing and ssh
|
|
public key provisioning, and cloud-init is useful for that
|
|
parts. Thus, be wary that using cloud-init in NixOS might
|
|
come as some cost.
|
|
'';
|
|
};
|
|
|
|
btrfs.enable = mkOption {
|
|
type = types.bool;
|
|
default = false;
|
|
description = mdDoc ''
|
|
Allow the cloud-init service to operate `btrfs` filesystem.
|
|
'';
|
|
};
|
|
|
|
ext4.enable = mkOption {
|
|
type = types.bool;
|
|
default = true;
|
|
description = mdDoc ''
|
|
Allow the cloud-init service to operate `ext4` filesystem.
|
|
'';
|
|
};
|
|
|
|
xfs.enable = mkOption {
|
|
type = types.bool;
|
|
default = false;
|
|
description = mdDoc ''
|
|
Allow the cloud-init service to operate `xfs` filesystem.
|
|
'';
|
|
};
|
|
|
|
network.enable = mkOption {
|
|
type = types.bool;
|
|
default = false;
|
|
description = mdDoc ''
|
|
Allow the cloud-init service to configure network interfaces
|
|
through systemd-networkd.
|
|
'';
|
|
};
|
|
|
|
settings = mkOption {
|
|
description = mdDoc ''
|
|
Structured cloud-init configuration.
|
|
'';
|
|
type = types.submodule {
|
|
freeformType = settingsFormat.type;
|
|
};
|
|
default = { };
|
|
};
|
|
|
|
config = mkOption {
|
|
type = types.str;
|
|
default = "";
|
|
description = mdDoc ''
|
|
raw cloud-init configuration.
|
|
|
|
Takes precedence over the `settings` option if set.
|
|
'';
|
|
};
|
|
|
|
};
|
|
|
|
};
|
|
|
|
config = mkIf cfg.enable {
|
|
services.cloud-init.settings = {
|
|
system_info = mkDefault {
|
|
distro = "nixos";
|
|
network = {
|
|
renderers = [ "networkd" ];
|
|
};
|
|
};
|
|
|
|
users = mkDefault [ "root" ];
|
|
disable_root = mkDefault false;
|
|
preserve_hostname = mkDefault false;
|
|
|
|
cloud_init_modules = mkDefault [
|
|
"migrator"
|
|
"seed_random"
|
|
"bootcmd"
|
|
"write-files"
|
|
"growpart"
|
|
"resizefs"
|
|
"update_hostname"
|
|
"resolv_conf"
|
|
"ca-certs"
|
|
"rsyslog"
|
|
"users-groups"
|
|
];
|
|
|
|
cloud_config_modules = mkDefault [
|
|
"disk_setup"
|
|
"mounts"
|
|
"ssh-import-id"
|
|
"set-passwords"
|
|
"timezone"
|
|
"disable-ec2-metadata"
|
|
"runcmd"
|
|
"ssh"
|
|
];
|
|
|
|
cloud_final_modules = mkDefault [
|
|
"rightscale_userdata"
|
|
"scripts-vendor"
|
|
"scripts-per-once"
|
|
"scripts-per-boot"
|
|
"scripts-per-instance"
|
|
"scripts-user"
|
|
"ssh-authkey-fingerprints"
|
|
"keys-to-console"
|
|
"phone-home"
|
|
"final-message"
|
|
"power-state-change"
|
|
];
|
|
};
|
|
|
|
environment.etc."cloud/cloud.cfg" =
|
|
if cfg.config == "" then
|
|
{ source = cfgfile; }
|
|
else
|
|
{ text = cfg.config; }
|
|
;
|
|
|
|
systemd.network.enable = cfg.network.enable;
|
|
|
|
systemd.services.cloud-init-local = {
|
|
description = "Initial cloud-init job (pre-networking)";
|
|
wantedBy = [ "multi-user.target" ];
|
|
# In certain environments (AWS for example), cloud-init-local will
|
|
# first configure an IP through DHCP, and later delete it.
|
|
# This can cause race conditions with anything else trying to set IP through DHCP.
|
|
before = [ "systemd-networkd.service" "dhcpcd.service" ];
|
|
path = path;
|
|
serviceConfig = {
|
|
Type = "oneshot";
|
|
ExecStart = "${pkgs.cloud-init}/bin/cloud-init init --local";
|
|
RemainAfterExit = "yes";
|
|
TimeoutSec = "infinity";
|
|
StandardOutput = "journal+console";
|
|
};
|
|
};
|
|
|
|
systemd.services.cloud-init = {
|
|
description = "Initial cloud-init job (metadata service crawler)";
|
|
wantedBy = [ "multi-user.target" ];
|
|
wants = [
|
|
"network-online.target"
|
|
"cloud-init-local.service"
|
|
"sshd.service"
|
|
"sshd-keygen.service"
|
|
];
|
|
after = [ "network-online.target" "cloud-init-local.service" ];
|
|
before = [ "sshd.service" "sshd-keygen.service" ];
|
|
requires = [ "network.target" ];
|
|
path = path;
|
|
serviceConfig = {
|
|
Type = "oneshot";
|
|
ExecStart = "${pkgs.cloud-init}/bin/cloud-init init";
|
|
RemainAfterExit = "yes";
|
|
TimeoutSec = "infinity";
|
|
StandardOutput = "journal+console";
|
|
};
|
|
};
|
|
|
|
systemd.services.cloud-config = {
|
|
description = "Apply the settings specified in cloud-config";
|
|
wantedBy = [ "multi-user.target" ];
|
|
wants = [ "network-online.target" ];
|
|
after = [ "network-online.target" "syslog.target" "cloud-config.target" ];
|
|
|
|
path = path;
|
|
serviceConfig = {
|
|
Type = "oneshot";
|
|
ExecStart = "${pkgs.cloud-init}/bin/cloud-init modules --mode=config";
|
|
RemainAfterExit = "yes";
|
|
TimeoutSec = "infinity";
|
|
StandardOutput = "journal+console";
|
|
};
|
|
};
|
|
|
|
systemd.services.cloud-final = {
|
|
description = "Execute cloud user/final scripts";
|
|
wantedBy = [ "multi-user.target" ];
|
|
wants = [ "network-online.target" ];
|
|
after = [ "network-online.target" "syslog.target" "cloud-config.service" "rc-local.service" ];
|
|
requires = [ "cloud-config.target" ];
|
|
path = path;
|
|
serviceConfig = {
|
|
Type = "oneshot";
|
|
ExecStart = "${pkgs.cloud-init}/bin/cloud-init modules --mode=final";
|
|
RemainAfterExit = "yes";
|
|
TimeoutSec = "infinity";
|
|
StandardOutput = "journal+console";
|
|
};
|
|
};
|
|
|
|
systemd.targets.cloud-config = {
|
|
description = "Cloud-config availability";
|
|
requires = [ "cloud-init-local.service" "cloud-init.service" ];
|
|
};
|
|
};
|
|
|
|
meta.maintainers = [ maintainers.zimbatm ];
|
|
}
|