diff options
| -rw-r--r-- | nixos/modules/module-list.nix | 1 | ||||
| -rw-r--r-- | nixos/modules/services/monitoring/incron.nix | 73 | ||||
| -rw-r--r-- | pkgs/tools/system/incron/default.nix | 33 |
3 files changed, 107 insertions, 0 deletions
diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix index 2846afea8fbc..4d83e10d0297 100644 --- a/nixos/modules/module-list.nix +++ b/nixos/modules/module-list.nix @@ -416,6 +416,7 @@ ./services/monitoring/graphite.nix ./services/monitoring/hdaps.nix ./services/monitoring/heapster.nix + ./services/monitoring/incron.nix ./services/monitoring/longview.nix ./services/monitoring/monit.nix ./services/monitoring/munin.nix diff --git a/nixos/modules/services/monitoring/incron.nix b/nixos/modules/services/monitoring/incron.nix new file mode 100644 index 000000000000..8e312c65f93c --- /dev/null +++ b/nixos/modules/services/monitoring/incron.nix @@ -0,0 +1,73 @@ +{ config, lib, pkgs, ... }: + +with lib; + +let + + cfg = config.services.incron; + +in + +{ + options = { + + services.incron = { + + enable = mkOption { + type = types.bool; + default = false; + description = "Whether to enable the incron daemon."; + }; + + allow = mkOption { + type = types.nullOr (types.listOf types.str); + default = null; + description = "Users allowed to use incrontab."; + }; + + deny = mkOption { + type = types.nullOr (types.listOf types.str); + default = null; + description = "Users forbidden from using incrontab."; + }; + + systab = mkOption { + type = types.lines; + default = ""; + description = "The system incrontab contents."; + example = '' + "/var/mail IN_CLOSE_WRITE abc $@/$#" + "/tmp IN_ALL_EVENTS efg $@/$# $&" + ''; + }; + + }; + + }; + + config = mkIf cfg.enable { + + environment.systemPackages = [ pkgs.incron ]; + + security.wrappers.incrontab.source = "${pkgs.incron}/bin/incrontab"; + + environment.etc."incron.d/system".text = "${cfg.systab}"; + environment.etc."incron.allow" = mkIf (cfg.allow != null) { + text = "${concatStringsSep "\n" cfg.allow}"; + }; + environment.etc."incron.deny" = mkIf (cfg.deny != null) { + text = "${concatStringsSep "\n" cfg.deny}"; + }; + + systemd.services.incron = { + description = "File system events scheduler"; + wantedBy = [ "multi-user.target" ]; + path = [ config.system.path ]; + preStart = "mkdir -m 710 -p /var/spool/incron"; + serviceConfig.Type = "forking"; + serviceConfig.PIDFile = "/run/incrond.pid"; + serviceConfig.ExecStart = "${pkgs.incron}/bin/incrond"; + }; + }; + +} diff --git a/pkgs/tools/system/incron/default.nix b/pkgs/tools/system/incron/default.nix new file mode 100644 index 000000000000..bb320f8d894c --- /dev/null +++ b/pkgs/tools/system/incron/default.nix @@ -0,0 +1,33 @@ +{ stdenv, fetchurl, bash }: + +stdenv.mkDerivation rec { + name = "incron-0.5.12"; + src = fetchurl { + url = "https://github.com/ar-/incron/archive/0.5.12.tar.gz"; + sha256 = "14cgsfyl43pd86wy40m1xwr7ww023n2jyks66ngybz5s4gbhps6c"; + }; + + patchPhase = '' + sed -i "s|PREFIX = /usr/local|PREFIX = $out|g" Makefile + sed -i "s|/bin/bash|${bash}/bin/bash|g" usertable.cpp + ''; + + installPhase = '' + mkdir -p $out/bin + + # make install doesn't work because setuid and permissions + # just manually install the binaries instead + cp incrond incrontab $out/bin/ + + # make install-man is fine for documentation + make install-man + ''; + + meta = with stdenv.lib; { + description = " + The inotify cron daemon (incrond) is a daemon which monitors filesystem events and executes commands defined in system and user tables. It's use is generally similar to cron."; + license = gpl2; + homepage = https://github.com/ar-/incron; + platforms = platforms.linux; + }; +} |