diff options
| -rw-r--r-- | nixos/doc/manual/release-notes/rl-1909.xml | 9 | ||||
| -rw-r--r-- | nixos/modules/rename.nix | 2 | ||||
| -rw-r--r-- | nixos/modules/services/monitoring/prometheus/alertmanager.nix | 20 |
3 files changed, 12 insertions, 19 deletions
diff --git a/nixos/doc/manual/release-notes/rl-1909.xml b/nixos/doc/manual/release-notes/rl-1909.xml index 72fa6f4d515b..2fef14e6a805 100644 --- a/nixos/doc/manual/release-notes/rl-1909.xml +++ b/nixos/doc/manual/release-notes/rl-1909.xml @@ -101,6 +101,15 @@ <option>services.prometheus.stateDir</option> at the same time. </para> </listitem> + <listitem> + <para> + The options <option>services.prometheus.alertmanager.user</option> and + <option>services.prometheus.alertmanager.group</option> have been removed + because the alertmanager service is now using systemd's <link + xlink:href="http://0pointer.net/blog/dynamic-users-with-systemd.html"> + DynamicUser mechanism</link> which obviates these options. + </para> + </listitem> </itemizedlist> </section> diff --git a/nixos/modules/rename.nix b/nixos/modules/rename.nix index 30d11cc58faf..f6c112d9cfab 100644 --- a/nixos/modules/rename.nix +++ b/nixos/modules/rename.nix @@ -45,6 +45,8 @@ with lib; (mkRemovedOptionModule [ "services" "neo4j" "port" ] "Use services.neo4j.http.listenAddress instead.") (mkRemovedOptionModule [ "services" "neo4j" "boltPort" ] "Use services.neo4j.bolt.listenAddress instead.") (mkRemovedOptionModule [ "services" "neo4j" "httpsPort" ] "Use services.neo4j.https.listenAddress instead.") + (mkRemovedOptionModule [ "services" "prometheus" "alertmanager" "user" ] "The alertmanager service is now using systemd's DynamicUser mechanism which obviates a user setting.") + (mkRemovedOptionModule [ "services" "prometheus" "alertmanager" "group" ] "The alertmanager service is now using systemd's DynamicUser mechanism which obviates a group setting.") (mkRenamedOptionModule [ "services" "tor" "relay" "portSpec" ] [ "services" "tor" "relay" "port" ]) (mkRenamedOptionModule [ "services" "vmwareGuest" ] [ "virtualisation" "vmware" "guest" ]) (mkRenamedOptionModule [ "jobs" ] [ "systemd" "services" ]) diff --git a/nixos/modules/services/monitoring/prometheus/alertmanager.nix b/nixos/modules/services/monitoring/prometheus/alertmanager.nix index 31beee3d39d0..11d85e9c4fc3 100644 --- a/nixos/modules/services/monitoring/prometheus/alertmanager.nix +++ b/nixos/modules/services/monitoring/prometheus/alertmanager.nix @@ -40,22 +40,6 @@ in { ''; }; - user = mkOption { - type = types.str; - default = "nobody"; - description = '' - User name under which Alertmanager shall be run. - ''; - }; - - group = mkOption { - type = types.str; - default = "nogroup"; - description = '' - Group under which Alertmanager shall be run. - ''; - }; - configuration = mkOption { type = types.nullOr types.attrs; default = null; @@ -152,10 +136,8 @@ in { wantedBy = [ "multi-user.target" ]; after = [ "network.target" ]; serviceConfig = { - User = cfg.user; - Group = cfg.group; Restart = "always"; - PrivateTmp = true; + DynamicUser = true; WorkingDirectory = "/tmp"; ExecStart = "${cfg.package}/bin/alertmanager" + optionalString (length cmdlineArgs != 0) (" \\\n " + |