nixos/modules/services/admin/salt/master.nix at 18.09-beta · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs

lol

nixpkgs / nixos / modules / services / admin / salt / master.nix

at 18.09-beta 1.6 kB view raw

 1{ config, pkgs, lib, ... }:
 2
 3with lib;
 4
 5let
 6
 7  cfg  = config.services.salt.master;
 8
 9  fullConfig = lib.recursiveUpdate {
10    # Provide defaults for some directories to allow an immutable config dir
11
12    # Default is equivalent to /etc/salt/master.d/*.conf
13    default_include = "/var/lib/salt/master.d/*.conf";
14    # Default is in /etc/salt/pki/master
15    pki_dir = "/var/lib/salt/pki/master";
16  } cfg.configuration;
17
18in
19
20{
21  options = {
22    services.salt.master = {
23      enable = mkEnableOption "Salt master service";
24      configuration = mkOption {
25        type = types.attrs;
26        default = {};
27        description = "Salt master configuration as Nix attribute set.";
28      };
29    };
30  };
31
32  config = mkIf cfg.enable {
33    environment = {
34      # Set this up in /etc/salt/master so `salt`, `salt-key`, etc. work.
35      # The alternatives are
36      # - passing --config-dir to all salt commands, not just the master unit,
37      # - setting a global environment variable,
38      etc."salt/master".source = pkgs.writeText "master" (
39        builtins.toJSON fullConfig
40      );
41      systemPackages = with pkgs; [ salt ];
42    };
43    systemd.services.salt-master = {
44      description = "Salt Master";
45      wantedBy = [ "multi-user.target" ];
46      after = [ "network.target" ];
47      path = with pkgs; [
48        utillinux  # for dmesg
49      ];
50      serviceConfig = {
51        ExecStart = "${pkgs.salt}/bin/salt-master";
52        LimitNOFILE = 16384;
53        Type = "notify";
54        NotifyAccess = "all";
55      };
56    };
57  };
58
59  meta.maintainers = with lib.maintainers; [ aneeshusa ];
60}