pyrox.dev
1{pkgs, config, lib, ...}:
2
3with lib;
4
5let
6 cfg = config.services.hologram-agent;
7
8 cfgFile = pkgs.writeText "hologram-agent.json" (builtins.toJSON {
9 host = cfg.dialAddress;
10 });
11in {
12 options = {
13 services.hologram-agent = {
14 enable = mkOption {
15 type = types.bool;
16 default = false;
17 description = "Whether to enable the Hologram agent for AWS instance credentials";
18 };
19
20 dialAddress = mkOption {
21 type = types.str;
22 default = "localhost:3100";
23 description = "Hologram server and port.";
24 };
25
26 httpPort = mkOption {
27 type = types.str;
28 default = "80";
29 description = "Port for metadata service to listen on.";
30 };
31
32 };
33 };
34
35 config = mkIf cfg.enable {
36 networking.interfaces.dummy0 = {
37 ipAddress = "169.254.169.254";
38 prefixLength = 32;
39 };
40
41 systemd.services.hologram-agent = {
42 description = "Provide EC2 instance credentials to machines outside of EC2";
43 after = [ "network.target" ];
44 wantedBy = [ "multi-user.target" ];
45 requires = [ "network-link-dummy0.service" "network-addresses-dummy0.service" ];
46 preStart = ''
47 /run/current-system/sw/bin/rm -fv /var/run/hologram.sock
48 '';
49 serviceConfig = {
50 ExecStart = "${pkgs.hologram.bin}/bin/hologram-agent -debug -conf ${cfgFile} -port ${cfg.httpPort}";
51 };
52 };
53
54 };
55
56 meta.maintainers = with lib.maintainers; [ nand0p ];
57}