From 49dea5df582beff73f10ef9131fa05d16d69019f Mon Sep 17 00:00:00 2001 From: Stefan Ellmauthaler Date: Thu, 11 Jan 2024 15:24:29 +0100 Subject: [PATCH] Use GLPI flake by mmarx --- flake.lock | 60 ++++--- flake.nix | 11 ++ machines/stel-xps/default.nix | 3 +- modules/glpi-inventory.nix | 146 ------------------ .../0001-Fix-test-for-UTC-timezone.patch | 25 --- ...Add-skip-for-software-inventory-test.patch | 27 ---- ...C-to-determine-what-is-in-the-nix-st.patch | 26 ---- packages/glpi-agent/default.nix | 138 ----------------- 8 files changed, 55 insertions(+), 381 deletions(-) delete mode 100644 modules/glpi-inventory.nix delete mode 100644 packages/glpi-agent/0001-Fix-test-for-UTC-timezone.patch delete mode 100644 packages/glpi-agent/0002-Add-skip-for-software-inventory-test.patch delete mode 100644 packages/glpi-agent/0003-Do-not-run-the-GC-to-determine-what-is-in-the-nix-st.patch delete mode 100644 packages/glpi-agent/default.nix diff --git a/flake.lock b/flake.lock index 27871a4..8ed24eb 100644 --- a/flake.lock +++ b/flake.lock @@ -72,11 +72,11 @@ "nixpkgs-stable": "nixpkgs-stable" }, "locked": { - "lastModified": 1704764004, - "narHash": "sha256-WbuWIgv2gDcRtXTc6m/UfjgacV73pXUUFzj+26PRiaI=", + "lastModified": 1704963111, + "narHash": "sha256-mIxbEhXsfKpYJgmNEC28WxaYqzMTiKSEes4TDBDv/9k=", "owner": "nix-community", "repo": "emacs-overlay", - "rev": "bb6e486a9fcb96868b15741ff4ee446cc731db43", + "rev": "2dc2fe681e05c9bf79755ef605c6a100a510361f", "type": "github" }, "original": { @@ -187,6 +187,29 @@ "type": "github" } }, + "glpi-inventory": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ], + "utils": [ + "flake-utils-plus" + ] + }, + "locked": { + "lastModified": 1704980060, + "narHash": "sha256-B4LdAVAAbWyuxKy+CYuKi9i15q2N+nFh3Nf/amWBagM=", + "owner": "mmarx", + "repo": "glpi-inventory", + "rev": "1f9e73e9d04cb3586f4a44b077422a7c534354bf", + "type": "github" + }, + "original": { + "owner": "mmarx", + "repo": "glpi-inventory", + "type": "github" + } + }, "home-manager": { "inputs": { "nixpkgs": [ @@ -194,11 +217,11 @@ ] }, "locked": { - "lastModified": 1704099619, - "narHash": "sha256-QRVMkdxLmv+aKGjcgeEg31xtJEIsYq4i1Kbyw5EPS6g=", + "lastModified": 1704980875, + "narHash": "sha256-IPZmMjk5f4TBbEpzUFBc3OC1W6OwDNEXk2w/0uVXX1o=", "owner": "nix-community", "repo": "home-manager", - "rev": "7e398b3d76bc1503171b1364c9d4a07ac06f3851", + "rev": "5f0ab0eedc6ede69beb8f45561ffefa54edc6e65", "type": "github" }, "original": { @@ -345,11 +368,11 @@ }, "nixpkgs-stable": { "locked": { - "lastModified": 1704420045, - "narHash": "sha256-C36QmoJd5tdQ5R9MC1jM7fBkZW9zBUqbUCsgwS6j4QU=", + "lastModified": 1704874635, + "narHash": "sha256-YWuCrtsty5vVZvu+7BchAxmcYzTMfolSPP5io8+WYCg=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "c1be43e8e837b8dbee2b3665a007e761680f0c3d", + "rev": "3dc440faeee9e889fe2d1b4d25ad0f430d449356", "type": "github" }, "original": { @@ -377,11 +400,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1704538339, - "narHash": "sha256-1734d3mQuux9ySvwf6axRWZRBhtcZA9Q8eftD6EZg6U=", + "lastModified": 1704722960, + "narHash": "sha256-mKGJ3sPsT6//s+Knglai5YflJUF2DGj7Ai6Ynopz0kI=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "46ae0210ce163b3cba6c7da08840c1d63de9c701", + "rev": "317484b1ead87b9c1b8ac5261a8d2dd748a0492d", "type": "github" }, "original": { @@ -393,11 +416,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1704420045, - "narHash": "sha256-C36QmoJd5tdQ5R9MC1jM7fBkZW9zBUqbUCsgwS6j4QU=", + "lastModified": 1704874635, + "narHash": "sha256-YWuCrtsty5vVZvu+7BchAxmcYzTMfolSPP5io8+WYCg=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "c1be43e8e837b8dbee2b3665a007e761680f0c3d", + "rev": "3dc440faeee9e889fe2d1b4d25ad0f430d449356", "type": "github" }, "original": { @@ -413,6 +436,7 @@ "dwarffs": "dwarffs", "emacs-overlay": "emacs-overlay", "flake-utils-plus": "flake-utils-plus", + "glpi-inventory": "glpi-inventory", "home-manager": "home-manager", "nixos-hardware": "nixos-hardware", "nixpkgs": "nixpkgs_2", @@ -455,11 +479,11 @@ "nixpkgs-stable": "nixpkgs-stable_2" }, "locked": { - "lastModified": 1704753304, - "narHash": "sha256-9shh5fYLfLJrxr4NnIoWcO9T3bTFuO5QW9v/wDpq9Xg=", + "lastModified": 1704908274, + "narHash": "sha256-74W9Yyomv3COGRmKi8zvyA5tL2KLiVkBeaYmYLjXyOw=", "owner": "Mic92", "repo": "sops-nix", - "rev": "0ded57412079011f1210c2fcc10e112427d4c0e6", + "rev": "c0b3a5af90fae3ba95645bbf85d2b64880addd76", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index e8caf3a..326ddcf 100644 --- a/flake.nix +++ b/flake.nix @@ -50,6 +50,14 @@ utils.follows = "flake-utils-plus/flake-utils"; }; }; + + glpi-inventory = { + url = "github:mmarx/glpi-inventory"; + inputs = { + nixpkgs.follows = "nixpkgs"; + utils.follows = "flake-utils-plus"; + }; + }; }; outputs = { @@ -99,6 +107,7 @@ (flake-utils-plus.lib.genPkgOverlay inputs.comma "comma") #inputs.nix.overlay inputs.emacs-overlay.overlay + inputs.glpi-inventory.overlays.default ] ++ (nixpkgs.lib.attrValues overlays); @@ -112,6 +121,7 @@ inputs.dwarffs.nixosModules.dwarffs inputs.simple-nixos-mailserver.nixosModules.mailserver ./common/wireguard.nix + inputs.glpi-inventory.nixosModules.glpi-inventory ] ++ (map (name: ./modules + "/${name}") (moduleNames ./modules)); specialArgs = { @@ -149,6 +159,7 @@ default = elss; emacs-overlay = inputs.emacs-overlay.overlay; flake-utils-plus = genPkgOverlay inputs.flake-utils-plus "fup-repl"; + glpi-inventory = inputs.glpi-inventory.overlays.default; }; outputsBuilder = channels: { diff --git a/machines/stel-xps/default.nix b/machines/stel-xps/default.nix index b1874e3..5472d30 100644 --- a/machines/stel-xps/default.nix +++ b/machines/stel-xps/default.nix @@ -67,7 +67,8 @@ }; }; - kbs.glpi-inventory = { + # glpi-inventory + glpi-inventory = { enable = true; tag = "10002205"; onCalendar = "*-*-* 12:12:12"; diff --git a/modules/glpi-inventory.nix b/modules/glpi-inventory.nix deleted file mode 100644 index ce86e0d..0000000 --- a/modules/glpi-inventory.nix +++ /dev/null @@ -1,146 +0,0 @@ -{ config, lib, pkgs, ... }: - -with lib; { - options.kbs.glpi-inventory = { - enable = mkEnableOption "enable the GLPI inventory service"; - - tag = mkOption { - description = - "tag used for associating the system to an organisational unit"; - example = "10002205"; # KBS group - type = types.str; - }; - - url = mkOption { - description = "URL for submission to the GLPI server"; - default = "https://glpi.tu-dresden.de/marketplace/glpiinventory/"; - type = types.str; - }; - - onCalendar = mkOption { - description = - "When to run the GLPI inventory. See systemd.time(7) for more information about the format."; - default = "daily"; - type = types.str; - }; - - scanHomedirs = mkOption { - description = "scan user homedirs for software"; - default = false; - type = types.bool; - }; - - scanProfiles = mkOption { - description = "scan user profiles for software"; - default = false; - type = types.bool; - }; - - noCategories = mkOption { - description = "categories to exclude from the inventory"; - default = [ - "environment" - "process" - "local_group" - "local_user" - "user" - "printer" - "usb" - ]; - type = types.listOf (types.enum [ - "accesslog" - "antivirus" - "battery" - "bios" - "controller" - "cpu" - "database" - "drive" - "environment" - "firewall" - "hardware" - "input" - "licenseinfo" - "local_group" - "local_user" - "lvm" - "memory" - "modem" - "monitor" - "network" - "os" - "port" - "printer" - "process" - "provider" - "psu" - "registry" - "remote_mgmt" - "rudder" - "slot" - "software" - "sound" - "storage" - "usb" - "user" - "video" - "virtualmachine" - ]); - }; - }; - - config = let - cfg = config.kbs.glpi-inventory; - noCategories = concatStringsSep "," cfg.noCategories; - inventoryArgs = concatStringsSep " " (concatLists [ - [ "--tag=${cfg.tag}" ] - (optional cfg.scanHomedirs "--scan-homedirs") - (optional cfg.scanProfiles "--scan-profiles") - (optional (noCategories != "") "--no-category=${noCategories}") - ]); - in mkIf cfg.enable { - systemd = { - services.glpi-submit-inventory = { - description = "Run the GLPI inventory and submit the results"; - - serviceConfig = { - CPUSchedulingPolicy = "idle"; - IOSchedulingClass = "idle"; - PrivateTmp = true; - DynamicUser = true; - - ExecStart = let - submitInventory = pkgs.writeShellScript "glpi-write-inventory" '' - ${pkgs.glpi-agent}/bin/glpi-inventory ${inventoryArgs} > /tmp/inventory.xml - ${pkgs.glpi-agent}/bin/glpi-injector --file /tmp/inventory.xml --url ${cfg.url} --no-compression - ''; - in "!${submitInventory}"; - }; - - requires = [ "network-online.target" ]; - }; - - timers.glpi-submit-inventory = { - description = "Run the GLPI inventory and submit the results"; - - timerConfig = { - Unit = "glpi-submit-inventory.service"; - OnCalendar = cfg.onCalendar; - Persistent = true; - }; - - wantedBy = [ "timers.target" ]; - }; - }; - - # make sure we don't accidentally submit inventories for VM builds. - virtualisation = let - glpiInventory = { - kbs.glpi-inventory.url = "http://localhost/glpiinventory"; - }; - in { - vmVariant = glpiInventory; - vmVariantWithBootLoader = glpiInventory; - }; - }; -} diff --git a/packages/glpi-agent/0001-Fix-test-for-UTC-timezone.patch b/packages/glpi-agent/0001-Fix-test-for-UTC-timezone.patch deleted file mode 100644 index 3c2ba14..0000000 --- a/packages/glpi-agent/0001-Fix-test-for-UTC-timezone.patch +++ /dev/null @@ -1,25 +0,0 @@ -From 09ca9a19176fa2590976efb9aaef28678eb8146c Mon Sep 17 00:00:00 2001 -From: Maximilian Marx -Date: Fri, 20 Oct 2023 16:26:28 +0200 -Subject: [PATCH 1/3] Fix test for UTC timezone - ---- - resources/linux/packaging/rpm | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/resources/linux/packaging/rpm b/resources/linux/packaging/rpm -index 1eabf8bec..abb30e52e 100644 ---- a/resources/linux/packaging/rpm -+++ b/resources/linux/packaging/rpm -@@ -4,7 +4,7 @@ gjs x86_64 1.32.0-1.mga2 1332868101 176167 Mageia.Org JavaScript bindings based - lib64nss3 x86_64 3.13.4-1.mga2 1334780473 3346040 Mageia.Org Network Security Services (NSS) Unspecified - ruby-term-ansicolor noarch 1.0.5-3.mga1 1311937930 7211 Mageia.Org Ruby library that colors strings using ANSI escape sequences Libraries - lib64tidy-devel x86_64 20090904-3.mga1 1325506366 1930155 Mageia.Org Headers for developing programs that will use tidy Unspecified --xfsprogs x86_64 3.1.8-1.mga2 1332632724 3628382 Mageia.Org Utilities for managing the XFS filesystem System Environment/Base -+xfsprogs x86_64 3.1.8-1.mga2 1332636324 3628382 Mageia.Org Utilities for managing the XFS filesystem System Environment/Base - lib64swresample0 x86_64 0.10.2-2.mga2.tainted 1334217734 35016 Mageia.Org Shared library part of ffmpeg Unspecified - lib64pyglib2.0_0 x86_64 2.28.6-6.mga2 1329989131 18672 Mageia.Org Python Glib bindings shared library Unspecified - perl-Gtk2-ImageView x86_64 0.50.0-4.mga2 1333463926 153539 Mageia Perl bindings to the GtkImageView image viewer widget Development/Libraries --- -2.40.1 - diff --git a/packages/glpi-agent/0002-Add-skip-for-software-inventory-test.patch b/packages/glpi-agent/0002-Add-skip-for-software-inventory-test.patch deleted file mode 100644 index 541a943..0000000 --- a/packages/glpi-agent/0002-Add-skip-for-software-inventory-test.patch +++ /dev/null @@ -1,27 +0,0 @@ -From 2a6a6cc1c0af556d625bee2eae907e916fef7a37 Mon Sep 17 00:00:00 2001 -From: Maximilian Marx -Date: Sat, 21 Oct 2023 17:50:15 +0200 -Subject: [PATCH 2/3] Add skip for software inventory test - ---- - t/apps/agent.t | 4 ++++ - 1 file changed, 4 insertions(+) - -diff --git a/t/apps/agent.t b/t/apps/agent.t -index 18563c6f9..28a5a0878 100755 ---- a/t/apps/agent.t -+++ b/t/apps/agent.t -@@ -84,6 +84,10 @@ SKIP: { - skip "No installed software seen on this system", 1 - if @hasSoftwareOutput == 0; - } -+ if (defined($ENV{GLPI_SKIP_SOFTWARE_INVENTORY_TEST})) { -+ skip "skipping software inventory test", 1 -+ if $ENV{GLPI_SKIP_SOFTWARE_INVENTORY_TEST}; -+ } - ok( - exists $content->{REQUEST}->{CONTENT}->{SOFTWARES}, - 'inventory has software' --- -2.40.1 - diff --git a/packages/glpi-agent/0003-Do-not-run-the-GC-to-determine-what-is-in-the-nix-st.patch b/packages/glpi-agent/0003-Do-not-run-the-GC-to-determine-what-is-in-the-nix-st.patch deleted file mode 100644 index 7a01285..0000000 --- a/packages/glpi-agent/0003-Do-not-run-the-GC-to-determine-what-is-in-the-nix-st.patch +++ /dev/null @@ -1,26 +0,0 @@ -From c28c13ef9425671b6fbf33bb2e8415704359ce79 Mon Sep 17 00:00:00 2001 -From: Maximilian Marx -Date: Thu, 16 Nov 2023 13:06:32 +0100 -Subject: [PATCH 3/3] Do not run the GC to determine what is in the nix store - -Signed-off-by: Maximilian Marx ---- - lib/GLPI/Agent/Task/Inventory/Generic/Softwares/Nix.pm | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/lib/GLPI/Agent/Task/Inventory/Generic/Softwares/Nix.pm b/lib/GLPI/Agent/Task/Inventory/Generic/Softwares/Nix.pm -index fd4c947c2..141557d4e 100644 ---- a/lib/GLPI/Agent/Task/Inventory/Generic/Softwares/Nix.pm -+++ b/lib/GLPI/Agent/Task/Inventory/Generic/Softwares/Nix.pm -@@ -17,7 +17,7 @@ sub doInventory { - my $inventory = $params{inventory}; - my $logger = $params{logger}; - -- my $command = 'nix-store --gc --print-live'; -+ my $command = 'nix --experimental-features nix-command path-info -r /run/current-system'; - my $packages = _getPackagesList( - logger => $logger, command => $command - ); --- -2.40.1 - diff --git a/packages/glpi-agent/default.nix b/packages/glpi-agent/default.nix deleted file mode 100644 index bc7bd4e..0000000 --- a/packages/glpi-agent/default.nix +++ /dev/null @@ -1,138 +0,0 @@ -{ - lib, - perlPackages, - nix, - dmidecode, - pciutils, - usbutils, - iproute2, - nettools, - fetchFromGitHub, - makeWrapper, - libredirect, - iana-etc, - xrandr, - xdpyinfo, - procps, - which, -}: -perlPackages.buildPerlPackage { - pname = "glpi-agent"; - version = "1.5"; - - src = fetchFromGitHub { - owner = "glpi-project"; - repo = "glpi-agent"; - rev = "1.5"; - sha256 = "l5ist5a07X4IG0OsYjqwMvhA5UN9/CxXrVcfhNTaBgc="; - }; - - patches = [ - ./0001-Fix-test-for-UTC-timezone.patch - ./0002-Add-skip-for-software-inventory-test.patch - ./0003-Do-not-run-the-GC-to-determine-what-is-in-the-nix-st.patch - ]; - - postPatch = '' - patchShebangs bin - - substituteInPlace "lib/GLPI/Agent/Tools/Linux.pm" \ - --replace /sbin/ip ${iproute2}/sbin/ip - substituteInPlace "lib/GLPI/Agent/Task/Inventory/Linux/Networks.pm" \ - --replace /sbin/ip ${iproute2}/sbin/ip - ''; - - buildTools = []; - nativeBuildInputs = [makeWrapper procps]; - buildInputs = with perlPackages; [ - CGI - CpanelJSONXS - DataStructureUtil - DataUUID - DateTime - FileCopyRecursive - HTTPDaemon - HTTPProxy - HTTPServerSimple - HTTPServerSimpleAuthen - IOCapture - IOSocketSSL - IPCRun - JSON - LWPProtocolHttps - ModuleInstall - NetSNMP - ParallelForkManager - TestCPANMeta - TestCompile - TestDeep - TestException - TestMockModule - TestMockObject - TestNoWarnings - XMLLibXML - ]; - propagatedBuildInputs = with perlPackages; [ - FileWhich - LWP - NetIP - TextTemplate - UNIVERSALrequire - XMLTreePP - ]; - - installPhase = '' - mkdir -p $out - - cp -r bin $out - cp -r lib $out - cp -r share $out - - for cur in $out/bin/*; do - if [ -x "$cur" ]; then - sed -e "s|./lib|$out/lib|" -i "$cur" - wrapProgram "$cur" --prefix PATH : ${ - lib.makeBinPath [ - nix - dmidecode - iproute2 - nettools - pciutils - procps - usbutils - xdpyinfo - xrandr - which - ] - } - fi - done - ''; - - preCheck = let - inherit (lib) concatStringsSep mapAttrsToList; - redirects = { - "/etc/protocols" = "${iana-etc}/etc/protocols"; - "/etc/services" = "${iana-etc}/etc/services"; - }; - REDIRECTS = - concatStringsSep ":" - (mapAttrsToList (from: to: "${from}=${to}") redirects); - in '' - export NIX_REDIRECTS="${REDIRECTS}" \ - LD_PRELOAD=${libredirect}/lib/libredirect.so \ - GLPI_SKIP_SOFTWARE_INVENTORY_TEST=1 - ''; - postCheck = '' - unset NIX_REDIRECTS LD_PRELOAD GLPI_SKIP_SOFTWARE_INVENTORY_TEST - ''; - - outputs = ["out"]; - - meta = { - homepage = "https://glpi-project.org/"; - description = "GLPI unified Agent for UNIX, Linux, Windows and MacOSX"; - license = lib.licenses.gpl2; - isbroken = nix.stdenv.isAarch64; - }; -}