pyrox.dev
1{pkgs, config, lib, ...}:
2
3with lib;
4
5let
6 cfg = config.services.hologram-agent;
7
8 cfgFile = pkgs.writeText "hologram-agent.json" (builtins.toJSON {
9 host = cfg.dialAddress;
10 });
11in {
12 options = {
13 services.hologram-agent = {
14 enable = mkOption {
15 type = types.bool;
16 default = false;
17 description = lib.mdDoc "Whether to enable the Hologram agent for AWS instance credentials";
18 };
19
20 dialAddress = mkOption {
21 type = types.str;
22 default = "localhost:3100";
23 description = lib.mdDoc "Hologram server and port.";
24 };
25
26 httpPort = mkOption {
27 type = types.str;
28 default = "80";
29 description = lib.mdDoc "Port for metadata service to listen on.";
30 };
31
32 };
33 };
34
35 config = mkIf cfg.enable {
36 boot.kernelModules = [ "dummy" ];
37
38 networking.interfaces.dummy0.ipv4.addresses = [
39 { address = "169.254.169.254"; prefixLength = 32; }
40 ];
41
42 systemd.services.hologram-agent = {
43 description = "Provide EC2 instance credentials to machines outside of EC2";
44 after = [ "network.target" ];
45 wantedBy = [ "multi-user.target" ];
46 requires = [ "network-link-dummy0.service" "network-addresses-dummy0.service" ];
47 preStart = ''
48 /run/current-system/sw/bin/rm -fv /run/hologram.sock
49 '';
50 serviceConfig = {
51 ExecStart = "${pkgs.hologram}/bin/hologram-agent -debug -conf ${cfgFile} -port ${cfg.httpPort}";
52 };
53 };
54
55 };
56
57 meta.maintainers = with lib.maintainers; [ ];
58}