From 02f869ff30a3d0f3a431b49a3e0e0469cf7e50cd Mon Sep 17 00:00:00 2001 From: Florian Klink Date: Sun, 24 Nov 2019 22:33:51 +0100 Subject: osquery: remove osquery was marked as broken since April. If somebody steps up to fix it, we can always revive it from the histroy, but there's not much value in shipping completely broken things in current master. cc @ma27 --- nixos/doc/manual/release-notes/rl-2003.xml | 5 ++ nixos/modules/module-list.nix | 1 - nixos/modules/rename.nix | 3 + nixos/modules/services/monitoring/osquery.nix | 91 --------------------------- nixos/tests/all-tests.nix | 1 - nixos/tests/osquery.nix | 28 --------- 6 files changed, 8 insertions(+), 121 deletions(-) delete mode 100644 nixos/modules/services/monitoring/osquery.nix delete mode 100644 nixos/tests/osquery.nix (limited to 'nixos') diff --git a/nixos/doc/manual/release-notes/rl-2003.xml b/nixos/doc/manual/release-notes/rl-2003.xml index e8e89c5bbc28..4980a99e6468 100644 --- a/nixos/doc/manual/release-notes/rl-2003.xml +++ b/nixos/doc/manual/release-notes/rl-2003.xml @@ -181,6 +181,11 @@ The BeeGFS module has been removed. + + + The osquery module has been removed. + + diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix index 6d1ef0d234ab..9e0d9478b5de 100644 --- a/nixos/modules/module-list.nix +++ b/nixos/modules/module-list.nix @@ -518,7 +518,6 @@ ./services/monitoring/munin.nix ./services/monitoring/nagios.nix ./services/monitoring/netdata.nix - ./services/monitoring/osquery.nix ./services/monitoring/prometheus/default.nix ./services/monitoring/prometheus/alertmanager.nix ./services/monitoring/prometheus/exporters.nix diff --git a/nixos/modules/rename.nix b/nixos/modules/rename.nix index 96ff4882eb67..d4bce3b49d36 100644 --- a/nixos/modules/rename.nix +++ b/nixos/modules/rename.nix @@ -285,6 +285,9 @@ with lib; (mkRemovedOptionModule [ "services.beegfsEnable" ] "The BeeGFS module has been removed") (mkRemovedOptionModule [ "services.beegfs" ] "The BeeGFS module has been removed") + # osquery + (mkRemovedOptionModule [ "services.osquery" ] "The osquery module has been removed") + # Redis (mkRemovedOptionModule [ "services" "redis" "user" ] "The redis module now is hardcoded to the redis user.") (mkRemovedOptionModule [ "services" "redis" "dbpath" ] "The redis module now uses /var/lib/redis as data directory.") diff --git a/nixos/modules/services/monitoring/osquery.nix b/nixos/modules/services/monitoring/osquery.nix deleted file mode 100644 index c8c625577d39..000000000000 --- a/nixos/modules/services/monitoring/osquery.nix +++ /dev/null @@ -1,91 +0,0 @@ -{ config, lib, pkgs, ... }: - -with builtins; -with lib; - -let - cfg = config.services.osquery; - -in - -{ - - options = { - - services.osquery = { - - enable = mkEnableOption "osquery"; - - loggerPath = mkOption { - type = types.path; - description = "Base directory used for logging."; - default = "/var/log/osquery"; - }; - - pidfile = mkOption { - type = types.path; - description = "Path used for pid file."; - default = "/var/osquery/osqueryd.pidfile"; - }; - - utc = mkOption { - type = types.bool; - description = "Attempt to convert all UNIX calendar times to UTC."; - default = true; - }; - - databasePath = mkOption { - type = types.path; - description = "Path used for database file."; - default = "/var/osquery/osquery.db"; - }; - - extraConfig = mkOption { - type = types.attrs // { - merge = loc: foldl' (res: def: recursiveUpdate res def.value) {}; - }; - description = "Extra config to be recursively merged into the JSON config file."; - default = { }; - }; - }; - - }; - - config = mkIf cfg.enable { - - environment.systemPackages = [ pkgs.osquery ]; - - environment.etc."osquery/osquery.conf".text = toJSON ( - recursiveUpdate { - options = { - config_plugin = "filesystem"; - logger_plugin = "filesystem"; - logger_path = cfg.loggerPath; - database_path = cfg.databasePath; - utc = cfg.utc; - }; - } cfg.extraConfig - ); - - systemd.services.osqueryd = { - description = "The osquery Daemon"; - after = [ "network.target" "syslog.service" ]; - wantedBy = [ "multi-user.target" ]; - path = [ pkgs.osquery ]; - preStart = '' - mkdir -p ${escapeShellArg cfg.loggerPath} - mkdir -p "$(dirname ${escapeShellArg cfg.pidfile})" - mkdir -p "$(dirname ${escapeShellArg cfg.databasePath})" - ''; - serviceConfig = { - TimeoutStartSec = "infinity"; - ExecStart = "${pkgs.osquery}/bin/osqueryd --logger_path ${escapeShellArg cfg.loggerPath} --pidfile ${escapeShellArg cfg.pidfile} --database_path ${escapeShellArg cfg.databasePath}"; - KillMode = "process"; - KillSignal = "SIGTERM"; - Restart = "on-failure"; - }; - }; - - }; - -} diff --git a/nixos/tests/all-tests.nix b/nixos/tests/all-tests.nix index 3d5bc408c445..7945a239f6a0 100644 --- a/nixos/tests/all-tests.nix +++ b/nixos/tests/all-tests.nix @@ -206,7 +206,6 @@ in openstack-image-metadata = (handleTestOn ["x86_64-linux"] ./openstack-image.nix {}).metadata or {}; orangefs = handleTest ./orangefs.nix {}; os-prober = handleTestOn ["x86_64-linux"] ./os-prober.nix {}; - osquery = handleTest ./osquery.nix {}; osrm-backend = handleTest ./osrm-backend.nix {}; overlayfs = handleTest ./overlayfs.nix {}; packagekit = handleTest ./packagekit.nix {}; diff --git a/nixos/tests/osquery.nix b/nixos/tests/osquery.nix deleted file mode 100644 index d95871ffafc6..000000000000 --- a/nixos/tests/osquery.nix +++ /dev/null @@ -1,28 +0,0 @@ -import ./make-test.nix ({ pkgs, lib, ... }: - -with lib; - -{ - name = "osquery"; - meta = with pkgs.stdenv.lib.maintainers; { - maintainers = [ ma27 ]; - }; - - machine = { - services.osquery.enable = true; - services.osquery.loggerPath = "/var/log/osquery/logs"; - services.osquery.pidfile = "/run/osqueryd.pid"; - }; - - testScript = '' - $machine->start; - $machine->waitForUnit("osqueryd.service"); - - $machine->succeed("echo 'SELECT address FROM etc_hosts LIMIT 1;' | osqueryi | grep '127.0.0.1'"); - $machine->succeed( - "echo 'SELECT value FROM osquery_flags WHERE name = \"logger_path\";' | osqueryi | grep /var/log/osquery/logs" - ); - - $machine->succeed("echo 'SELECT value FROM osquery_flags WHERE name = \"pidfile\";' | osqueryi | grep /run/osqueryd.pid"); - ''; -}) -- cgit 1.4.1