diff options
Diffstat (limited to 'nixpkgs/nixos/modules/services/admin/salt/minion.nix')
-rw-r--r-- | nixpkgs/nixos/modules/services/admin/salt/minion.nix | 67 |
1 files changed, 67 insertions, 0 deletions
diff --git a/nixpkgs/nixos/modules/services/admin/salt/minion.nix b/nixpkgs/nixos/modules/services/admin/salt/minion.nix new file mode 100644 index 000000000000..c8fa9461a209 --- /dev/null +++ b/nixpkgs/nixos/modules/services/admin/salt/minion.nix @@ -0,0 +1,67 @@ +{ config, pkgs, lib, ... }: + +with lib; + +let + + cfg = config.services.salt.minion; + + fullConfig = lib.recursiveUpdate { + # Provide defaults for some directories to allow an immutable config dir + # NOTE: the config dir being immutable prevents `minion_id` caching + + # Default is equivalent to /etc/salt/minion.d/*.conf + default_include = "/var/lib/salt/minion.d/*.conf"; + # Default is in /etc/salt/pki/minion + pki_dir = "/var/lib/salt/pki/minion"; + } cfg.configuration; + +in + +{ + options = { + services.salt.minion = { + enable = mkEnableOption "Salt minion service"; + configuration = mkOption { + type = types.attrs; + default = {}; + description = '' + Salt minion configuration as Nix attribute set. + See <link xlink:href="https://docs.saltstack.com/en/latest/ref/configuration/minion.html"/> + for details. + ''; + }; + }; + }; + + config = mkIf cfg.enable { + environment = { + # Set this up in /etc/salt/minion so `salt-call`, etc. work. + # The alternatives are + # - passing --config-dir to all salt commands, not just the minion unit, + # - setting aglobal environment variable. + etc."salt/minion".source = pkgs.writeText "minion" ( + builtins.toJSON fullConfig + ); + systemPackages = with pkgs; [ salt ]; + }; + systemd.services.salt-minion = { + description = "Salt Minion"; + wantedBy = [ "multi-user.target" ]; + after = [ "network.target" ]; + path = with pkgs; [ + utillinux + ]; + serviceConfig = { + ExecStart = "${pkgs.salt}/bin/salt-minion"; + LimitNOFILE = 8192; + Type = "notify"; + NotifyAccess = "all"; + }; + restartTriggers = [ + config.environment.etc."salt/minion".source + ]; + }; + }; +} + |