diff options
| author | rushmorem <rushmore@webenchanter.com> | 2015-05-25 11:31:57 +0200 |
|---|---|---|
| committer | rushmorem <rushmore@webenchanter.com> | 2015-05-29 18:07:07 +0200 |
| commit | 9c7fae83eefd7693770d7ecf5a09ea68af3b3b31 (patch) | |
| tree | 8eb57e64a5e56b74dfeaad394d2fde0413c5beea /nixos/modules/services/scheduling | |
| parent | eb0a21a51208927730607fd9166912d3f8e05435 (diff) | |
| download | nixlib-9c7fae83eefd7693770d7ecf5a09ea68af3b3b31.tar nixlib-9c7fae83eefd7693770d7ecf5a09ea68af3b3b31.tar.gz nixlib-9c7fae83eefd7693770d7ecf5a09ea68af3b3b31.tar.bz2 nixlib-9c7fae83eefd7693770d7ecf5a09ea68af3b3b31.tar.lz nixlib-9c7fae83eefd7693770d7ecf5a09ea68af3b3b31.tar.xz nixlib-9c7fae83eefd7693770d7ecf5a09ea68af3b3b31.tar.zst nixlib-9c7fae83eefd7693770d7ecf5a09ea68af3b3b31.zip | |
Make it easy to override the marathon framework user
Currently the module hardcodes the systemd service user to "marathon". With this change one would not need to create an extra systemd config to override the user. So why would one need to override the Marathon user? Some apps require root access to run. You can't run those with Marathon unless you override the default user to root. Marathon also provides a `--mesos_user` command line flag which allows you to run apps using arbitrary users. You need to run the framework as root to enable this functionality.
Diffstat (limited to 'nixos/modules/services/scheduling')
| -rw-r--r-- | nixos/modules/services/scheduling/marathon.nix | 33 |
1 files changed, 21 insertions, 12 deletions
diff --git a/nixos/modules/services/scheduling/marathon.nix b/nixos/modules/services/scheduling/marathon.nix index ab93334f5fc9..b9f4a808b0ce 100644 --- a/nixos/modules/services/scheduling/marathon.nix +++ b/nixos/modules/services/scheduling/marathon.nix @@ -19,14 +19,6 @@ in { ''; }; - httpPort = mkOption { - type = types.int; - default = 8080; - description = '' - Marathon listening port for HTTP connections. - ''; - }; - master = mkOption { type = types.str; default = "zk://${concatStringsSep "," cfg.zookeeperHosts}/mesos"; @@ -45,6 +37,25 @@ in { ''; }; + user = mkOption { + type = types.str; + default = "marathon"; + example = "root"; + description = '' + The user that the Marathon framework will be launched as. If the user doesn't exist it will be created. + If you want to run apps that require root access or you want to launch apps using arbitrary users, that + is using the `--mesos_user` flag then you need to change this to `root`. + ''; + }; + + httpPort = mkOption { + type = types.int; + default = 8080; + description = '' + Marathon listening port for HTTP connections. + ''; + }; + extraCmdLineOptions = mkOption { type = types.listOf types.str; default = [ ]; @@ -76,14 +87,12 @@ in { serviceConfig = { ExecStart = "${pkgs.marathon}/bin/marathon --master ${cfg.master} --zk zk://${concatStringsSep "," cfg.zookeeperHosts}/marathon --http_port ${toString cfg.httpPort} ${concatStringsSep " " cfg.extraCmdLineOptions}"; - User = "marathon"; + User = cfg.user; Restart = "always"; RestartSec = "2"; }; }; - users.extraUsers.marathon = { - description = "Marathon mesos framework user"; - }; + users.extraUsers.${cfg.user} = { }; }; } |