ellmau/nixos
1
0
Fork 0
mirror of https://github.com/ellmau/nixos.git synced 2025-12-19 09:29:36 +01:00
Code Issues Projects Releases Wiki Activity

Use GLPI flake by mmarx

Browse Source
This commit is contained in:
Stefan Ellmauthaler 2024-01-11 15:24:29 +01:00
parent 0e80f936c5
commit 49dea5df58
Failed to extract signature
8 changed files with 55 additions and 381 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

60
flake.lock generated
View File

@ -72,11 +72,11 @@
"nixpkgs-stable": "nixpkgs-stable"
},
"locked": {
"lastModified": 1704764004,
"narHash": "sha256-WbuWIgv2gDcRtXTc6m/UfjgacV73pXUUFzj+26PRiaI=",
"lastModified": 1704963111,
"narHash": "sha256-mIxbEhXsfKpYJgmNEC28WxaYqzMTiKSEes4TDBDv/9k=",
"owner": "nix-community",
"repo": "emacs-overlay",
"rev": "bb6e486a9fcb96868b15741ff4ee446cc731db43",
"rev": "2dc2fe681e05c9bf79755ef605c6a100a510361f",
"type": "github"
},
"original": {
@ -187,6 +187,29 @@
"type": "github"
}
},
"glpi-inventory": {
"inputs": {
"nixpkgs": [
"nixpkgs"
],
"utils": [
"flake-utils-plus"
]
},
"locked": {
"lastModified": 1704980060,
"narHash": "sha256-B4LdAVAAbWyuxKy+CYuKi9i15q2N+nFh3Nf/amWBagM=",
"owner": "mmarx",
"repo": "glpi-inventory",
"rev": "1f9e73e9d04cb3586f4a44b077422a7c534354bf",
"type": "github"
},
"original": {
"owner": "mmarx",
"repo": "glpi-inventory",
"type": "github"
}
},
"home-manager": {
"inputs": {
"nixpkgs": [
@ -194,11 +217,11 @@
]
},
"locked": {
"lastModified": 1704099619,
"narHash": "sha256-QRVMkdxLmv+aKGjcgeEg31xtJEIsYq4i1Kbyw5EPS6g=",
"lastModified": 1704980875,
"narHash": "sha256-IPZmMjk5f4TBbEpzUFBc3OC1W6OwDNEXk2w/0uVXX1o=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "7e398b3d76bc1503171b1364c9d4a07ac06f3851",
"rev": "5f0ab0eedc6ede69beb8f45561ffefa54edc6e65",
"type": "github"
},
"original": {
@ -345,11 +368,11 @@
},
"nixpkgs-stable": {
"locked": {
"lastModified": 1704420045,
"narHash": "sha256-C36QmoJd5tdQ5R9MC1jM7fBkZW9zBUqbUCsgwS6j4QU=",
"lastModified": 1704874635,
"narHash": "sha256-YWuCrtsty5vVZvu+7BchAxmcYzTMfolSPP5io8+WYCg=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "c1be43e8e837b8dbee2b3665a007e761680f0c3d",
"rev": "3dc440faeee9e889fe2d1b4d25ad0f430d449356",
"type": "github"
},
"original": {
@ -377,11 +400,11 @@
},
"nixpkgs-unstable": {
"locked": {
"lastModified": 1704538339,
"narHash": "sha256-1734d3mQuux9ySvwf6axRWZRBhtcZA9Q8eftD6EZg6U=",
"lastModified": 1704722960,
"narHash": "sha256-mKGJ3sPsT6//s+Knglai5YflJUF2DGj7Ai6Ynopz0kI=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "46ae0210ce163b3cba6c7da08840c1d63de9c701",
"rev": "317484b1ead87b9c1b8ac5261a8d2dd748a0492d",
"type": "github"
},
"original": {
@ -393,11 +416,11 @@
},
"nixpkgs_2": {
"locked": {
"lastModified": 1704420045,
"narHash": "sha256-C36QmoJd5tdQ5R9MC1jM7fBkZW9zBUqbUCsgwS6j4QU=",
"lastModified": 1704874635,
"narHash": "sha256-YWuCrtsty5vVZvu+7BchAxmcYzTMfolSPP5io8+WYCg=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "c1be43e8e837b8dbee2b3665a007e761680f0c3d",
"rev": "3dc440faeee9e889fe2d1b4d25ad0f430d449356",
"type": "github"
},
"original": {
@ -413,6 +436,7 @@
"dwarffs": "dwarffs",
"emacs-overlay": "emacs-overlay",
"flake-utils-plus": "flake-utils-plus",
"glpi-inventory": "glpi-inventory",
"home-manager": "home-manager",
"nixos-hardware": "nixos-hardware",
"nixpkgs": "nixpkgs_2",
@ -455,11 +479,11 @@
"nixpkgs-stable": "nixpkgs-stable_2"
},
"locked": {
"lastModified": 1704753304,
"narHash": "sha256-9shh5fYLfLJrxr4NnIoWcO9T3bTFuO5QW9v/wDpq9Xg=",
"lastModified": 1704908274,
"narHash": "sha256-74W9Yyomv3COGRmKi8zvyA5tL2KLiVkBeaYmYLjXyOw=",
"owner": "Mic92",
"repo": "sops-nix",
"rev": "0ded57412079011f1210c2fcc10e112427d4c0e6",
"rev": "c0b3a5af90fae3ba95645bbf85d2b64880addd76",
"type": "github"
},
"original": {

11
flake.nix
View File

@ -50,6 +50,14 @@
utils.follows = "flake-utils-plus/flake-utils";
};
};
glpi-inventory = {
url = "github:mmarx/glpi-inventory";
inputs = {
nixpkgs.follows = "nixpkgs";
utils.follows = "flake-utils-plus";
};
};
};
outputs = {
@ -99,6 +107,7 @@
(flake-utils-plus.lib.genPkgOverlay inputs.comma "comma")
#inputs.nix.overlay
inputs.emacs-overlay.overlay
inputs.glpi-inventory.overlays.default
]
++ (nixpkgs.lib.attrValues overlays);
@ -112,6 +121,7 @@
inputs.dwarffs.nixosModules.dwarffs
inputs.simple-nixos-mailserver.nixosModules.mailserver
./common/wireguard.nix
inputs.glpi-inventory.nixosModules.glpi-inventory
]
++ (map (name: ./modules + "/${name}") (moduleNames ./modules));
specialArgs = {
@ -149,6 +159,7 @@
default = elss;
emacs-overlay = inputs.emacs-overlay.overlay;
flake-utils-plus = genPkgOverlay inputs.flake-utils-plus "fup-repl";
glpi-inventory = inputs.glpi-inventory.overlays.default;
};
outputsBuilder = channels: {

3
machines/stel-xps/default.nix
View File

@ -67,7 +67,8 @@
};
};
kbs.glpi-inventory = {
# glpi-inventory
glpi-inventory = {
enable = true;
tag = "10002205";
onCalendar = "*-*-* 12:12:12";

146
modules/glpi-inventory.nix
View File

@ -1,146 +0,0 @@
{ config, lib, pkgs, ... }:
with lib; {
options.kbs.glpi-inventory = {
enable = mkEnableOption "enable the GLPI inventory service";
tag = mkOption {
description =
"tag used for associating the system to an organisational unit";
example = "10002205"; # KBS group
type = types.str;
};
url = mkOption {
description = "URL for submission to the GLPI server";
default = "https://glpi.tu-dresden.de/marketplace/glpiinventory/";
type = types.str;
};
onCalendar = mkOption {
description =
"When to run the GLPI inventory. See systemd.time(7) for more information about the format.";
default = "daily";
type = types.str;
};
scanHomedirs = mkOption {
description = "scan user homedirs for software";
default = false;
type = types.bool;
};
scanProfiles = mkOption {
description = "scan user profiles for software";
default = false;
type = types.bool;
};
noCategories = mkOption {
description = "categories to exclude from the inventory";
default = [
"environment"
"process"
"local_group"
"local_user"
"user"
"printer"
"usb"
];
type = types.listOf (types.enum [
"accesslog"
"antivirus"
"battery"
"bios"
"controller"
"cpu"
"database"
"drive"
"environment"
"firewall"
"hardware"
"input"
"licenseinfo"
"local_group"
"local_user"
"lvm"
"memory"
"modem"
"monitor"
"network"
"os"
"port"
"printer"
"process"
"provider"
"psu"
"registry"
"remote_mgmt"
"rudder"
"slot"
"software"
"sound"
"storage"
"usb"
"user"
"video"
"virtualmachine"
]);
};
};
config = let
cfg = config.kbs.glpi-inventory;
noCategories = concatStringsSep "," cfg.noCategories;
inventoryArgs = concatStringsSep " " (concatLists [
[ "--tag=${cfg.tag}" ]
(optional cfg.scanHomedirs "--scan-homedirs")
(optional cfg.scanProfiles "--scan-profiles")
(optional (noCategories != "") "--no-category=${noCategories}")
]);
in mkIf cfg.enable {
systemd = {
services.glpi-submit-inventory = {
description = "Run the GLPI inventory and submit the results";
serviceConfig = {
CPUSchedulingPolicy = "idle";
IOSchedulingClass = "idle";
PrivateTmp = true;
DynamicUser = true;
ExecStart = let
submitInventory = pkgs.writeShellScript "glpi-write-inventory" ''
${pkgs.glpi-agent}/bin/glpi-inventory ${inventoryArgs} > /tmp/inventory.xml
${pkgs.glpi-agent}/bin/glpi-injector --file /tmp/inventory.xml --url ${cfg.url} --no-compression
'';
in "!${submitInventory}";
};
requires = [ "network-online.target" ];
};
timers.glpi-submit-inventory = {
description = "Run the GLPI inventory and submit the results";
timerConfig = {
Unit = "glpi-submit-inventory.service";
OnCalendar = cfg.onCalendar;
Persistent = true;
};
wantedBy = [ "timers.target" ];
};
};
# make sure we don't accidentally submit inventories for VM builds.
virtualisation = let
glpiInventory = {
kbs.glpi-inventory.url = "http://localhost/glpiinventory";
};
in {
vmVariant = glpiInventory;
vmVariantWithBootLoader = glpiInventory;
};
};
}

25
packages/glpi-agent/0001-Fix-test-for-UTC-timezone.patch
View File

@ -1,25 +0,0 @@
From 09ca9a19176fa2590976efb9aaef28678eb8146c Mon Sep 17 00:00:00 2001
From: Maximilian Marx <mmarx@wh2.tu-dresden.de>
Date: Fri, 20 Oct 2023 16:26:28 +0200
Subject: [PATCH 1/3] Fix test for UTC timezone
---
resources/linux/packaging/rpm | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/resources/linux/packaging/rpm b/resources/linux/packaging/rpm
index 1eabf8bec..abb30e52e 100644
--- a/resources/linux/packaging/rpm
+++ b/resources/linux/packaging/rpm
@@ -4,7 +4,7 @@ gjs x86_64 1.32.0-1.mga2 1332868101 176167 Mageia.Org JavaScript bindings based
lib64nss3 x86_64 3.13.4-1.mga2 1334780473 3346040 Mageia.Org Network Security Services (NSS) Unspecified
ruby-term-ansicolor noarch 1.0.5-3.mga1 1311937930 7211 Mageia.Org Ruby library that colors strings using ANSI escape sequences Libraries
lib64tidy-devel x86_64 20090904-3.mga1 1325506366 1930155 Mageia.Org Headers for developing programs that will use tidy Unspecified
-xfsprogs x86_64 3.1.8-1.mga2 1332632724 3628382 Mageia.Org Utilities for managing the XFS filesystem System Environment/Base
+xfsprogs x86_64 3.1.8-1.mga2 1332636324 3628382 Mageia.Org Utilities for managing the XFS filesystem System Environment/Base
lib64swresample0 x86_64 0.10.2-2.mga2.tainted 1334217734 35016 Mageia.Org Shared library part of ffmpeg Unspecified
lib64pyglib2.0_0 x86_64 2.28.6-6.mga2 1329989131 18672 Mageia.Org Python Glib bindings shared library Unspecified
perl-Gtk2-ImageView x86_64 0.50.0-4.mga2 1333463926 153539 Mageia Perl bindings to the GtkImageView image viewer widget Development/Libraries
--
2.40.1

27
packages/glpi-agent/0002-Add-skip-for-software-inventory-test.patch
View File

@ -1,27 +0,0 @@
From 2a6a6cc1c0af556d625bee2eae907e916fef7a37 Mon Sep 17 00:00:00 2001
From: Maximilian Marx <mmarx@wh2.tu-dresden.de>
Date: Sat, 21 Oct 2023 17:50:15 +0200
Subject: [PATCH 2/3] Add skip for software inventory test
---
t/apps/agent.t | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/t/apps/agent.t b/t/apps/agent.t
index 18563c6f9..28a5a0878 100755
--- a/t/apps/agent.t
+++ b/t/apps/agent.t
@@ -84,6 +84,10 @@ SKIP: {
skip "No installed software seen on this system", 1
if @hasSoftwareOutput == 0;
}
+ if (defined($ENV{GLPI_SKIP_SOFTWARE_INVENTORY_TEST})) {
+ skip "skipping software inventory test", 1
+ if $ENV{GLPI_SKIP_SOFTWARE_INVENTORY_TEST};
+ }
ok(
exists $content->{REQUEST}->{CONTENT}->{SOFTWARES},
'inventory has software'
--
2.40.1

26
packages/glpi-agent/0003-Do-not-run-the-GC-to-determine-what-is-in-the-nix-st.patch
View File

@ -1,26 +0,0 @@
From c28c13ef9425671b6fbf33bb2e8415704359ce79 Mon Sep 17 00:00:00 2001
From: Maximilian Marx <mmarx@wh2.tu-dresden.de>
Date: Thu, 16 Nov 2023 13:06:32 +0100
Subject: [PATCH 3/3] Do not run the GC to determine what is in the nix store
Signed-off-by: Maximilian Marx <mmarx@wh2.tu-dresden.de>
---
lib/GLPI/Agent/Task/Inventory/Generic/Softwares/Nix.pm | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/lib/GLPI/Agent/Task/Inventory/Generic/Softwares/Nix.pm b/lib/GLPI/Agent/Task/Inventory/Generic/Softwares/Nix.pm
index fd4c947c2..141557d4e 100644
--- a/lib/GLPI/Agent/Task/Inventory/Generic/Softwares/Nix.pm
+++ b/lib/GLPI/Agent/Task/Inventory/Generic/Softwares/Nix.pm
@@ -17,7 +17,7 @@ sub doInventory {
my $inventory = $params{inventory};
my $logger = $params{logger};
- my $command = 'nix-store --gc --print-live';
+ my $command = 'nix --experimental-features nix-command path-info -r /run/current-system';
my $packages = _getPackagesList(
logger => $logger, command => $command
);
--
2.40.1

138
packages/glpi-agent/default.nix
View File

@ -1,138 +0,0 @@
{
lib,
perlPackages,
nix,
dmidecode,
pciutils,
usbutils,
iproute2,
nettools,
fetchFromGitHub,
makeWrapper,
libredirect,
iana-etc,
xrandr,
xdpyinfo,
procps,
which,
}:
perlPackages.buildPerlPackage {
pname = "glpi-agent";
version = "1.5";
src = fetchFromGitHub {
owner = "glpi-project";
repo = "glpi-agent";
rev = "1.5";
sha256 = "l5ist5a07X4IG0OsYjqwMvhA5UN9/CxXrVcfhNTaBgc=";
};
patches = [
./0001-Fix-test-for-UTC-timezone.patch
./0002-Add-skip-for-software-inventory-test.patch
./0003-Do-not-run-the-GC-to-determine-what-is-in-the-nix-st.patch
];
postPatch = ''
patchShebangs bin
substituteInPlace "lib/GLPI/Agent/Tools/Linux.pm" \
--replace /sbin/ip ${iproute2}/sbin/ip
substituteInPlace "lib/GLPI/Agent/Task/Inventory/Linux/Networks.pm" \
--replace /sbin/ip ${iproute2}/sbin/ip
'';
buildTools = [];
nativeBuildInputs = [makeWrapper procps];
buildInputs = with perlPackages; [
CGI
CpanelJSONXS
DataStructureUtil
DataUUID
DateTime
FileCopyRecursive
HTTPDaemon
HTTPProxy
HTTPServerSimple
HTTPServerSimpleAuthen
IOCapture
IOSocketSSL
IPCRun
JSON
LWPProtocolHttps
ModuleInstall
NetSNMP
ParallelForkManager
TestCPANMeta
TestCompile
TestDeep
TestException
TestMockModule
TestMockObject
TestNoWarnings
XMLLibXML
];
propagatedBuildInputs = with perlPackages; [
FileWhich
LWP
NetIP
TextTemplate
UNIVERSALrequire
XMLTreePP
];
installPhase = ''
mkdir -p $out
cp -r bin $out
cp -r lib $out
cp -r share $out
for cur in $out/bin/*; do
if [ -x "$cur" ]; then
sed -e "s|./lib|$out/lib|" -i "$cur"
wrapProgram "$cur" --prefix PATH : ${
lib.makeBinPath [
nix
dmidecode
iproute2
nettools
pciutils
procps
usbutils
xdpyinfo
xrandr
which
]
}
fi
done
'';
preCheck = let
inherit (lib) concatStringsSep mapAttrsToList;
redirects = {
"/etc/protocols" = "${iana-etc}/etc/protocols";
"/etc/services" = "${iana-etc}/etc/services";
};
REDIRECTS =
concatStringsSep ":"
(mapAttrsToList (from: to: "${from}=${to}") redirects);
in ''
export NIX_REDIRECTS="${REDIRECTS}" \
LD_PRELOAD=${libredirect}/lib/libredirect.so \
GLPI_SKIP_SOFTWARE_INVENTORY_TEST=1
'';
postCheck = ''
unset NIX_REDIRECTS LD_PRELOAD GLPI_SKIP_SOFTWARE_INVENTORY_TEST
'';
outputs = ["out"];
meta = {
homepage = "https://glpi-project.org/";
description = "GLPI unified Agent for UNIX, Linux, Windows and MacOSX";
license = lib.licenses.gpl2;
isbroken = nix.stdenv.isAarch64;
};
}