| blob | fd3e39fb6598158d3c27cb6025988fa1c42423ec |
1 { config, lib, pkgs, ... }:
3 with lib;
5 let
6 format = pkgs.formats.json { };
7 commonOptions = { pkgName, flavour ? pkgName }: mkOption {
8 default = { };
9 description = ''
10 Attribute set of ${flavour} instances.
11 Creates independent `${flavour}-''${name}.service` systemd units for each instance defined here.
12 '';
13 type = with types; attrsOf (submodule ({ name, ... }: {
14 options = {
15 enable = mkEnableOption "this ${flavour} instance" // { default = true; };
17 package = mkPackageOption pkgs pkgName { };
19 user = mkOption {
20 type = types.str;
21 default = "root";
22 description = ''
23 User under which this instance runs.
24 '';
25 };
27 group = mkOption {
28 type = types.str;
29 default = "root";
30 description = ''
31 Group under which this instance runs.
32 '';
33 };
35 settings = mkOption {
36 type = types.submodule {
37 freeformType = format.type;
39 options = {
40 pid_file = mkOption {
41 default = "/run/${flavour}/${name}.pid";
42 type = types.str;
43 description = ''
44 Path to use for the pid file.
45 '';
46 };
48 template = mkOption {
49 default = [ ];
50 type = with types; listOf (attrsOf anything);
51 description =
52 let upstreamDocs =
53 if flavour == "vault-agent"
54 then "https://developer.hashicorp.com/vault/docs/agent/template"
55 else "https://github.com/hashicorp/consul-template/blob/main/docs/configuration.md#templates";
56 in ''
57 Template section of ${flavour}.
58 Refer to <${upstreamDocs}> for supported values.
59 '';
60 };
61 };
62 };
64 default = { };
66 description =
67 let upstreamDocs =
68 if flavour == "vault-agent"
69 then "https://developer.hashicorp.com/vault/docs/agent#configuration-file-options"
70 else "https://github.com/hashicorp/consul-template/blob/main/docs/configuration.md#configuration-file";
71 in ''
72 Free-form settings written directly to the `config.json` file.
73 Refer to <${upstreamDocs}> for supported values.
75 ::: {.note}
76 Resulting format is JSON not HCL.
77 Refer to <https://www.hcl2json.com/> if you are unsure how to convert HCL options to JSON.
78 :::
79 '';
80 };
81 };
82 }));
83 };
85 createAgentInstance = { instance, name, flavour }:
86 let
87 configFile = format.generate "${name}.json" instance.settings;
88 in
89 mkIf (instance.enable) {
90 description = "${flavour} daemon - ${name}";
91 wantedBy = [ "multi-user.target" ];
92 after = [ "network.target" ];
93 path = [ pkgs.getent ];
94 startLimitIntervalSec = 60;
95 startLimitBurst = 3;
96 serviceConfig = {
97 User = instance.user;
98 Group = instance.group;
99 RuntimeDirectory = flavour;
100 ExecStart = "${getExe instance.package} ${optionalString ((getName instance.package) == "vault") "agent"} -config ${configFile}";
101 ExecReload = "${pkgs.coreutils}/bin/kill -SIGHUP $MAINPID";
102 KillSignal = "SIGINT";
103 TimeoutStopSec = "30s";
104 Restart = "on-failure";
105 };
106 };
107 in
108 {
109 options = {
110 services.consul-template.instances = commonOptions { pkgName = "consul-template"; };
111 services.vault-agent.instances = commonOptions { pkgName = "vault"; flavour = "vault-agent"; };
112 };
114 config = mkMerge (map
115 (flavour:
116 let cfg = config.services.${flavour}; in
117 mkIf (cfg.instances != { }) {
118 systemd.services = mapAttrs'
119 (name: instance: nameValuePair "${flavour}-${name}" (createAgentInstance { inherit name instance flavour; }))
120 cfg.instances;
121 })
122 [ "consul-template" "vault-agent" ]);
124 meta.maintainers = with maintainers; [ emilylange tcheronneau ];
125 }