2014-10-17 16:01:12 +01:00
|
|
|
{ config, lib, pkgs, ... }:
|
|
|
|
|
|
|
|
with lib;
|
|
|
|
|
|
|
|
let cfg = config.services.cloud-init;
|
2018-11-10 16:07:48 +00:00
|
|
|
path = with pkgs; [
|
|
|
|
cloud-init
|
2021-04-08 12:33:09 +01:00
|
|
|
iproute2
|
2018-11-10 16:07:48 +00:00
|
|
|
nettools
|
|
|
|
openssh
|
|
|
|
shadow
|
2020-11-24 15:29:28 +00:00
|
|
|
util-linux
|
2018-11-13 10:28:40 +00:00
|
|
|
] ++ optional cfg.btrfs.enable btrfs-progs
|
|
|
|
++ optional cfg.ext4.enable e2fsprogs
|
2018-11-10 16:07:48 +00:00
|
|
|
;
|
2014-10-17 16:01:12 +01:00
|
|
|
in
|
|
|
|
{
|
|
|
|
options = {
|
|
|
|
services.cloud-init = {
|
|
|
|
enable = mkOption {
|
|
|
|
type = types.bool;
|
|
|
|
default = false;
|
|
|
|
description = ''
|
|
|
|
Enable the cloud-init service. This services reads
|
|
|
|
configuration metadata in a cloud environment and configures
|
|
|
|
the machine according to this metadata.
|
|
|
|
|
|
|
|
This configuration is not completely compatible with the
|
|
|
|
NixOS way of doing configuration, as configuration done by
|
|
|
|
cloud-init might be overriden by a subsequent nixos-rebuild
|
|
|
|
call. However, some parts of cloud-init fall outside of
|
|
|
|
NixOS's responsibility, like filesystem resizing and ssh
|
|
|
|
public key provisioning, and cloud-init is useful for that
|
|
|
|
parts. Thus, be wary that using cloud-init in NixOS might
|
|
|
|
come as some cost.
|
|
|
|
'';
|
|
|
|
};
|
|
|
|
|
2018-11-13 10:28:40 +00:00
|
|
|
btrfs.enable = mkOption {
|
2018-11-10 16:07:48 +00:00
|
|
|
type = types.bool;
|
|
|
|
default = false;
|
|
|
|
description = ''
|
|
|
|
Allow the cloud-init service to operate `btrfs` filesystem.
|
|
|
|
'';
|
|
|
|
};
|
|
|
|
|
2018-11-13 10:28:40 +00:00
|
|
|
ext4.enable = mkOption {
|
2018-11-10 16:07:48 +00:00
|
|
|
type = types.bool;
|
|
|
|
default = true;
|
|
|
|
description = ''
|
|
|
|
Allow the cloud-init service to operate `ext4` filesystem.
|
|
|
|
'';
|
|
|
|
};
|
|
|
|
|
2022-01-28 13:46:29 +00:00
|
|
|
network.enable = mkOption {
|
|
|
|
type = types.bool;
|
|
|
|
default = false;
|
|
|
|
description = ''
|
|
|
|
Allow the cloud-init service to configure network interfaces
|
|
|
|
through systemd-networkd.
|
|
|
|
'';
|
|
|
|
};
|
|
|
|
|
2017-02-20 16:24:57 +00:00
|
|
|
config = mkOption {
|
|
|
|
type = types.str;
|
|
|
|
default = ''
|
|
|
|
system_info:
|
|
|
|
distro: nixos
|
2022-01-28 13:46:29 +00:00
|
|
|
network:
|
|
|
|
renderers: [ 'networkd' ]
|
2017-02-20 16:24:57 +00:00
|
|
|
users:
|
|
|
|
- root
|
|
|
|
|
|
|
|
disable_root: false
|
|
|
|
preserve_hostname: false
|
|
|
|
|
|
|
|
cloud_init_modules:
|
|
|
|
- migrator
|
|
|
|
- seed_random
|
|
|
|
- bootcmd
|
|
|
|
- write-files
|
|
|
|
- growpart
|
|
|
|
- resizefs
|
|
|
|
- update_etc_hosts
|
|
|
|
- ca-certs
|
|
|
|
- rsyslog
|
|
|
|
- users-groups
|
|
|
|
|
|
|
|
cloud_config_modules:
|
|
|
|
- disk_setup
|
|
|
|
- mounts
|
|
|
|
- ssh-import-id
|
|
|
|
- set-passwords
|
|
|
|
- timezone
|
|
|
|
- disable-ec2-metadata
|
|
|
|
- runcmd
|
|
|
|
- ssh
|
|
|
|
|
|
|
|
cloud_final_modules:
|
|
|
|
- rightscale_userdata
|
|
|
|
- scripts-vendor
|
|
|
|
- scripts-per-once
|
|
|
|
- scripts-per-boot
|
|
|
|
- scripts-per-instance
|
|
|
|
- scripts-user
|
|
|
|
- ssh-authkey-fingerprints
|
|
|
|
- keys-to-console
|
|
|
|
- phone-home
|
|
|
|
- final-message
|
|
|
|
- power-state-change
|
|
|
|
'';
|
2021-01-24 09:19:10 +00:00
|
|
|
description = "cloud-init configuration.";
|
2017-02-20 16:24:57 +00:00
|
|
|
};
|
|
|
|
|
2014-10-17 16:01:12 +01:00
|
|
|
};
|
|
|
|
|
|
|
|
};
|
|
|
|
|
|
|
|
config = mkIf cfg.enable {
|
|
|
|
|
2017-02-20 16:24:57 +00:00
|
|
|
environment.etc."cloud/cloud.cfg".text = cfg.config;
|
|
|
|
|
2022-01-28 13:46:29 +00:00
|
|
|
systemd.network.enable = cfg.network.enable;
|
|
|
|
|
2014-10-17 16:01:12 +01:00
|
|
|
systemd.services.cloud-init-local =
|
|
|
|
{ description = "Initial cloud-init job (pre-networking)";
|
|
|
|
wantedBy = [ "multi-user.target" ];
|
2022-01-28 13:46:29 +00:00
|
|
|
before = ["systemd-networkd.service"];
|
2014-10-17 16:01:12 +01:00
|
|
|
path = path;
|
|
|
|
serviceConfig =
|
|
|
|
{ Type = "oneshot";
|
2017-02-20 16:24:57 +00:00
|
|
|
ExecStart = "${pkgs.cloud-init}/bin/cloud-init init --local";
|
2014-10-17 16:01:12 +01:00
|
|
|
RemainAfterExit = "yes";
|
2018-11-25 12:33:22 +00:00
|
|
|
TimeoutSec = "infinity";
|
2014-10-17 16:01:12 +01:00
|
|
|
StandardOutput = "journal+console";
|
|
|
|
};
|
|
|
|
};
|
|
|
|
|
|
|
|
systemd.services.cloud-init =
|
|
|
|
{ description = "Initial cloud-init job (metadata service crawler)";
|
|
|
|
wantedBy = [ "multi-user.target" ];
|
2019-09-01 02:07:23 +01:00
|
|
|
wants = [ "network-online.target" "cloud-init-local.service"
|
2018-08-07 23:09:00 +01:00
|
|
|
"sshd.service" "sshd-keygen.service" ];
|
2019-09-01 02:07:23 +01:00
|
|
|
after = [ "network-online.target" "cloud-init-local.service" ];
|
2014-10-17 16:01:12 +01:00
|
|
|
before = [ "sshd.service" "sshd-keygen.service" ];
|
2022-02-08 13:10:09 +00:00
|
|
|
requires = [ "network.target"];
|
2014-10-17 16:01:12 +01:00
|
|
|
path = path;
|
|
|
|
serviceConfig =
|
|
|
|
{ Type = "oneshot";
|
2017-02-20 16:24:57 +00:00
|
|
|
ExecStart = "${pkgs.cloud-init}/bin/cloud-init init";
|
2014-10-17 16:01:12 +01:00
|
|
|
RemainAfterExit = "yes";
|
2018-11-25 12:33:22 +00:00
|
|
|
TimeoutSec = "infinity";
|
2014-10-17 16:01:12 +01:00
|
|
|
StandardOutput = "journal+console";
|
|
|
|
};
|
|
|
|
};
|
|
|
|
|
|
|
|
systemd.services.cloud-config =
|
|
|
|
{ description = "Apply the settings specified in cloud-config";
|
|
|
|
wantedBy = [ "multi-user.target" ];
|
2018-08-07 23:09:00 +01:00
|
|
|
wants = [ "network-online.target" ];
|
|
|
|
after = [ "network-online.target" "syslog.target" "cloud-config.target" ];
|
2014-10-17 16:01:12 +01:00
|
|
|
|
|
|
|
path = path;
|
|
|
|
serviceConfig =
|
|
|
|
{ Type = "oneshot";
|
2017-02-20 16:24:57 +00:00
|
|
|
ExecStart = "${pkgs.cloud-init}/bin/cloud-init modules --mode=config";
|
2014-10-17 16:01:12 +01:00
|
|
|
RemainAfterExit = "yes";
|
2018-11-25 12:33:22 +00:00
|
|
|
TimeoutSec = "infinity";
|
2014-10-17 16:01:12 +01:00
|
|
|
StandardOutput = "journal+console";
|
|
|
|
};
|
|
|
|
};
|
|
|
|
|
|
|
|
systemd.services.cloud-final =
|
|
|
|
{ description = "Execute cloud user/final scripts";
|
|
|
|
wantedBy = [ "multi-user.target" ];
|
2018-08-07 23:09:00 +01:00
|
|
|
wants = [ "network-online.target" ];
|
|
|
|
after = [ "network-online.target" "syslog.target" "cloud-config.service" "rc-local.service" ];
|
2014-10-17 16:01:12 +01:00
|
|
|
requires = [ "cloud-config.target" ];
|
|
|
|
path = path;
|
|
|
|
serviceConfig =
|
|
|
|
{ Type = "oneshot";
|
2017-02-20 16:24:57 +00:00
|
|
|
ExecStart = "${pkgs.cloud-init}/bin/cloud-init modules --mode=final";
|
2014-10-17 16:01:12 +01:00
|
|
|
RemainAfterExit = "yes";
|
2018-11-25 12:33:22 +00:00
|
|
|
TimeoutSec = "infinity";
|
2014-10-17 16:01:12 +01:00
|
|
|
StandardOutput = "journal+console";
|
|
|
|
};
|
|
|
|
};
|
|
|
|
|
|
|
|
systemd.targets.cloud-config =
|
|
|
|
{ description = "Cloud-config availability";
|
|
|
|
requires = [ "cloud-init-local.service" "cloud-init.service" ];
|
|
|
|
};
|
|
|
|
};
|
|
|
|
}
|