Permalink
Browse files

ssm-agent NixOS module: init

  • Loading branch information...
1 parent 4450327 commit e928cb1c631fedde3837dabc518931ea12522163 @copumpkin copumpkin committed Feb 13, 2017
Showing with 46 additions and 0 deletions.
  1. +1 −0 nixos/modules/module-list.nix
  2. +45 −0 nixos/modules/services/misc/ssm-agent.nix
@@ -294,6 +294,7 @@
./services/misc/siproxd.nix
./services/misc/sonarr.nix
./services/misc/spice-vdagentd.nix
+ ./services/misc/ssm-agent.nix
./services/misc/sssd.nix
./services/misc/subsonic.nix
./services/misc/sundtek.nix
@@ -0,0 +1,45 @@
+{ config, pkgs, lib, ... }:
+
+with lib;
+let
+ cfg = config.services.ssm-agent;
+
+ # The SSM agent doesn't pay attention to our /etc/os-release yet, and the lsb-release tool
+ # in nixpkgs doesn't seem to work properly on NixOS, so let's just fake the two fields SSM
+ # looks for. See https://github.com/aws/amazon-ssm-agent/issues/38 for upstream fix.
+ fake-lsb-release = pkgs.writeScriptBin "lsb_release" ''
+ #!${pkgs.stdenv.shell}
+
+ case "$1" in
+ -i) echo "nixos";;
+ -r) echo "${config.system.nixosVersion}";;
+ esac
+ '';
+in {
+ options.services.ssm-agent = {
+ enable = mkEnableOption "AWS SSM agent";
+
+ package = mkOption {
+ type = types.path;
+ description = "The SSM agent package to use";
+ default = pkgs.ssm-agent;
+ };
+ };
+
+ config = mkIf cfg.enable {
+ systemd.services.ssm-agent = {
+ inherit (cfg.package.meta) description;
+ after = [ "network.target" ];
+ wantedBy = [ "multi-user.target" ];
+
+ path = [ fake-lsb-release ];
+ serviceConfig = {
+ ExecStart = "${cfg.package.bin}/bin/agent";
+ KillMode = "process";
+ Restart = "on-failure";
+ RestartSec = "15min";
+ };
+ };
+ };
+}
+

0 comments on commit e928cb1

Please sign in to comment.