| blob | 532c8c75076f288bbafd0630870e5886d8c8795b |
1 {
2 config,
3 lib,
4 pkgs,
5 ...
6 }:
8 let
9 cfg = config.services.earlyoom;
11 inherit (lib)
12 literalExpression
13 mkDefault
14 mkEnableOption
15 mkIf
16 mkOption
17 mkPackageOption
18 mkRemovedOptionModule
19 optionalString
20 optionals
21 types
22 ;
23 in
24 {
25 meta = {
26 maintainers = with lib.maintainers; [ AndersonTorres ];
27 };
29 options.services.earlyoom = {
30 enable = mkEnableOption "early out of memory killing";
32 package = mkPackageOption pkgs "earlyoom" { };
34 freeMemThreshold = mkOption {
35 type = types.ints.between 1 100;
36 default = 10;
37 description = ''
38 Minimum available memory (in percent).
40 If the available memory falls below this threshold (and the analog is true for
41 {option}`freeSwapThreshold`) the killing begins.
42 SIGTERM is sent first to the process that uses the most memory; then, if the available
43 memory falls below {option}`freeMemKillThreshold` (and the analog is true for
44 {option}`freeSwapKillThreshold`), SIGKILL is sent.
46 See [README](https://github.com/rfjakob/earlyoom#command-line-options) for details.
47 '';
48 };
50 freeMemKillThreshold = mkOption {
51 type = types.nullOr (types.ints.between 1 100);
52 default = null;
53 description = ''
54 Minimum available memory (in percent) before sending SIGKILL.
55 If unset, this defaults to half of {option}`freeMemThreshold`.
57 See the description of [](#opt-services.earlyoom.freeMemThreshold).
58 '';
59 };
61 freeSwapThreshold = mkOption {
62 type = types.ints.between 1 100;
63 default = 10;
64 description = ''
65 Minimum free swap space (in percent) before sending SIGTERM.
67 See the description of [](#opt-services.earlyoom.freeMemThreshold).
68 '';
69 };
71 freeSwapKillThreshold = mkOption {
72 type = types.nullOr (types.ints.between 1 100);
73 default = null;
74 description = ''
75 Minimum free swap space (in percent) before sending SIGKILL.
76 If unset, this defaults to half of {option}`freeSwapThreshold`.
78 See the description of [](#opt-services.earlyoom.freeMemThreshold).
79 '';
80 };
82 enableDebugInfo = mkOption {
83 type = types.bool;
84 default = false;
85 description = ''
86 Enable debugging messages.
87 '';
88 };
90 enableNotifications = mkOption {
91 type = types.bool;
92 default = false;
93 description = ''
94 Send notifications about killed processes via the system d-bus.
96 WARNING: enabling this option (while convenient) should *not* be done on a
97 machine where you do not trust the other users as it allows any other
98 local user to DoS your session by spamming notifications.
100 To actually see the notifications in your GUI session, you need to have
101 `systembus-notify` running as your user, which this
102 option handles by enabling {option}`services.systembus-notify`.
104 See [README](https://github.com/rfjakob/earlyoom#notifications) for details.
105 '';
106 };
108 killHook = mkOption {
109 type = types.nullOr types.path;
110 default = null;
111 example = literalExpression ''
112 pkgs.writeShellScript "earlyoom-kill-hook" '''
113 echo "Process $EARLYOOM_NAME ($EARLYOOM_PID) was killed" >> /path/to/log
114 '''
115 '';
116 description = ''
117 An absolute path to an executable to be run for each process killed.
118 Some environment variables are available, see
119 [README](https://github.com/rfjakob/earlyoom#notifications) and
120 [the man page](https://github.com/rfjakob/earlyoom/blob/master/MANPAGE.md#-n-pathtoscript)
121 for details.
123 WARNING: earlyoom is running in a sandbox with ProtectSystem="strict"
124 by default, so filesystem write is also prohibited for the hook.
125 If you want to change these protection rules, override the systemd
126 service via `systemd.services.earlyoom.serviceConfig.ProtectSystem`.
127 '';
128 };
130 reportInterval = mkOption {
131 type = types.int;
132 default = 3600;
133 example = 0;
134 description = "Interval (in seconds) at which a memory report is printed (set to 0 to disable).";
135 };
137 extraArgs = mkOption {
138 type = types.listOf types.str;
139 default = [ ];
140 example = [
141 "-g"
142 "--prefer"
143 "(^|/)(java|chromium)$"
144 ];
145 description = ''
146 Extra command-line arguments to be passed to earlyoom. Each element in
147 the value list will be escaped as an argument without further
148 word-breaking.
149 '';
150 };
151 };
153 imports = [
154 (mkRemovedOptionModule [ "services" "earlyoom" "useKernelOOMKiller" ] ''
155 This option is deprecated and ignored by earlyoom since 1.2.
156 '')
157 (mkRemovedOptionModule [ "services" "earlyoom" "notificationsCommand" ] ''
158 This option was removed in earlyoom 1.6, but was reimplemented in 1.7
159 and is available as the new option `services.earlyoom.killHook`.
160 '')
161 (mkRemovedOptionModule [ "services" "earlyoom" "ignoreOOMScoreAdjust" ] ''
162 This option is deprecated and ignored by earlyoom since 1.7.
163 '')
164 ];
166 config = mkIf cfg.enable {
167 services.systembus-notify.enable = mkDefault cfg.enableNotifications;
169 systemd.packages = [ cfg.package ];
171 systemd.services.earlyoom = {
172 overrideStrategy = "asDropin";
174 wantedBy = [ "multi-user.target" ];
175 path = optionals cfg.enableNotifications [ pkgs.dbus ];
177 # We setup `EARLYOOM_ARGS` via drop-ins, so disable the default import
178 # from /etc/default/earlyoom.
179 serviceConfig.EnvironmentFile = "";
181 environment.EARLYOOM_ARGS =
182 lib.cli.toGNUCommandLineShell { } {
183 m =
184 "${toString cfg.freeMemThreshold}"
185 + optionalString (cfg.freeMemKillThreshold != null) ",${toString cfg.freeMemKillThreshold}";
186 s =
187 "${toString cfg.freeSwapThreshold}"
188 + optionalString (cfg.freeSwapKillThreshold != null) ",${toString cfg.freeSwapKillThreshold}";
189 r = "${toString cfg.reportInterval}";
190 d = cfg.enableDebugInfo;
191 n = cfg.enableNotifications;
192 N = if cfg.killHook != null then cfg.killHook else null;
193 }
194 + " "
195 + lib.escapeShellArgs cfg.extraArgs;
196 };
197 };
198 }