diff --git a/patches/castopod.patch b/patches/01-castopod.patch similarity index 100% rename from patches/castopod.patch rename to patches/01-castopod.patch diff --git a/patches/02-netbox-agent.patch b/patches/02-netbox-agent.patch new file mode 100644 index 0000000..6f13d87 --- /dev/null +++ b/patches/02-netbox-agent.patch @@ -0,0 +1,416 @@ +diff --git a/maintainers/maintainer-list.nix b/maintainers/maintainer-list.nix +index 1444b852f2704b..c726173366a876 100644 +--- a/maintainers/maintainer-list.nix ++++ b/maintainers/maintainer-list.nix +@@ -17928,6 +17928,12 @@ + github = "sinanmohd"; + githubId = 69694713; + }; ++ sinavir = { ++ name = "Maurice Debray"; ++ email = "nixpkgs@sinavir.fr"; ++ github = "sinavir"; ++ githubId = 36380103; ++ }; + sioodmy = { + name = "Antoni SokoĊ‚owski"; + github = "sioodmy"; +diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix +index 2ccaea466c6a75..f9668b5fc32959 100644 +--- a/nixos/modules/module-list.nix ++++ b/nixos/modules/module-list.nix +@@ -729,6 +729,7 @@ + ./services/misc/moonraker.nix + ./services/misc/mqtt2influxdb.nix + ./services/misc/n8n.nix ++ ./services/misc/netbox-agent.nix + ./services/misc/nitter.nix + ./services/misc/nix-gc.nix + ./services/misc/nix-optimise.nix +diff --git a/nixos/modules/services/misc/netbox-agent.nix b/nixos/modules/services/misc/netbox-agent.nix +new file mode 100644 +index 00000000000000..3972b47e685b8f +--- /dev/null ++++ b/nixos/modules/services/misc/netbox-agent.nix +@@ -0,0 +1,80 @@ ++{ config, pkgs, lib, ... }: ++let ++ cfg = config.services.netbox-agent; ++ settingsFormat = pkgs.formats.json {}; ++in { ++ options.services.netbox-agent = { ++ enable = lib.mkEnableOption "Netbox-agent"; ++ startAt = lib.mkOption { ++ type = with lib.types; either str (listOf str); ++ default = "*-*-* 00:00:00"; ++ description = '' ++ Automatically start this unit at the given date/time, which ++ must be in the format described in ++ {manpage}`systemd.time(7)`. ++ ''; ++ }; ++ randomizedDelaySec = lib.mkOption { ++ default = "0"; ++ type = lib.types.str; ++ example = "45min"; ++ description = '' ++ Add a randomized delay before each netbox-agent runs. ++ The delay will be chosen between zero and this value. ++ This value must be a time span in the format specified by ++ {manpage}`systemd.time(7)` ++ ''; ++ }; ++ settings = lib.mkOption { ++ type = settingsFormat.type; ++ description = '' ++ Settings to be passed to the netbox agent. Will be converted to a YAML ++ config file ++ ''; ++ default = {}; ++ }; ++ ++ environmentFile = lib.mkOption { ++ type = with lib.types; nullOr path; ++ description = '' ++ Environment file to pass to netbox-agent. See `netbox-agent --help` for ++ possible environment variables ++ ''; ++ default = null; ++ }; ++ }; ++ ++ config = lib.mkIf cfg.enable { ++ systemd.services.netbox-agent = { ++ description = "Netbox-agent service. It generates an existing infrastructure on Netbox and have the ability to update it regularly through this service."; ++ wants = [ "network-online.target" ]; ++ after = [ "network-online.target" ]; ++ ++ serviceConfig = { ++ Type = "oneshot"; ++ # We could link directly into pkgs.tzdata, but at least timedatectl seems ++ # to expect the symlink to point directly to a file in etc. ++ # Setting the "debian timezone file" to point at /dev/null stops it doing anything. ++ ExecStart = "${lib.getExe pkgs.netbox-agent} -c ${settingsFormat.generate "netbox-agent-config.yaml" cfg.settings}"; ++ EnvironmentFile = cfg.environmentFile; ++ LockPersonality = true; ++ MemoryDenyWriteExecute=true; ++ NoNewPrivileges=true; ++ PrivateTmp=true; ++ ProtectControlGroups=true; ++ ProtectHome=true; ++ ProtectKernelModules=true; ++ ProtectKernelTunables=true; ++ ProtectSystem="strict"; ++ RestrictAddressFamilies="AF_UNIX AF_INET AF_INET6 AF_NETLINK"; ++ RestrictNamespaces=true; ++ RestrictRealtime=true; ++ RestrictSUIDSGID=true; ++ }; ++ inherit (cfg) startAt; ++ }; ++ systemd.timers.netbox-agent.timerConfig.RandomizedDelaySec = cfg.randomizedDelaySec; ++ }; ++ ++ meta.maintainers = with lib.maintainers; [ raitobezarius sinavir ]; ++} +diff --git a/pkgs/by-name/ne/netbox-agent/lshw.patch b/pkgs/by-name/ne/netbox-agent/lshw.patch +new file mode 100644 +index 00000000000000..824674895d537f +--- /dev/null ++++ b/pkgs/by-name/ne/netbox-agent/lshw.patch +@@ -0,0 +1,87 @@ ++From 116334be2f4bdae996a0d8dc623ae6e24d20e8aa Mon Sep 17 00:00:00 2001 ++From: sinavir ++Date: Sat, 23 Mar 2024 01:45:20 +0100 ++Subject: [PATCH 1/2] fix: make lshw props finding more resilient ++ ++--- ++ netbox_agent/lshw.py | 25 +++++++++++++------------ ++ 1 file changed, 13 insertions(+), 12 deletions(-) ++ ++diff --git a/netbox_agent/lshw.py b/netbox_agent/lshw.py ++index e88993c..c79f95e 100644 ++--- a/netbox_agent/lshw.py +++++ b/netbox_agent/lshw.py ++@@ -88,9 +88,9 @@ def find_network(self, obj): ++ "name": obj.get("logicalname", unkn_name), ++ "macaddress": obj.get("serial", ""), ++ "serial": obj.get("serial", ""), ++- "product": obj["product"], ++- "vendor": obj["vendor"], ++- "description": obj["description"], +++ "product": obj.get("product", "Unknown NIC"), +++ "vendor": obj.get("vendor", "Unknown"), +++ "description": obj.get("description", ""), ++ }) ++ ++ def find_storage(self, obj): ++@@ -135,10 +135,10 @@ def find_storage(self, obj): ++ def find_cpus(self, obj): ++ if "product" in obj: ++ self.cpus.append({ ++- "product": obj["product"], ++- "vendor": obj["vendor"], ++- "description": obj["description"], ++- "location": obj["slot"], +++ "product": obj.get("product", "Unknown CPU"), +++ "vendor": obj.get("vendor", "Unknown vendor"), +++ "description": obj.get("description", ""), +++ "location": obj.get("slot", ""), ++ }) ++ ++ def find_memories(self, obj): ++@@ -162,11 +162,12 @@ def find_memories(self, obj): ++ ++ def find_gpus(self, obj): ++ if "product" in obj: ++- self.gpus.append({ ++- "product": obj["product"], ++- "vendor": obj["vendor"], ++- "description": obj["description"], ++- }) +++ infos = { +++ "product": obj.get("product", "Unknown GPU"), +++ "vendor": obj.get("vendor", "Unknown"), +++ "description": obj.get("description", ""), +++ } +++ self.gpus.append(infos) ++ ++ def walk_bridge(self, obj): ++ if "children" not in obj: ++ ++From f512e7a0a971013eb49f233c72963fd54a78c8ca Mon Sep 17 00:00:00 2001 ++From: sinavir ++Date: Wed, 27 Mar 2024 18:49:05 +0100 ++Subject: [PATCH 2/2] fix: replace list.push by list.append ++ ++--- ++ netbox_agent/lshw.py | 4 ++-- ++ 1 file changed, 2 insertions(+), 2 deletions(-) ++ ++diff --git a/netbox_agent/lshw.py b/netbox_agent/lshw.py ++index c79f95e..876df97 100644 ++--- a/netbox_agent/lshw.py +++++ b/netbox_agent/lshw.py ++@@ -77,11 +77,11 @@ def find_network(self, obj): ++ # newer versions of lshw can return a list of names, see issue #227 ++ if not isinstance(i["name"], list): ++ if i["name"].startswith("unknown"): ++- unkn_intfs.push(i) +++ unkn_intfs.append(i) ++ else: ++ for j in i["name"]: ++ if j.startswith("unknown"): ++- unkn_intfs.push(j) +++ unkn_intfs.append(j) ++ ++ unkn_name = "unknown{}".format(len(unkn_intfs)) ++ self.interfaces.append({ +diff --git a/pkgs/by-name/ne/netbox-agent/package.nix b/pkgs/by-name/ne/netbox-agent/package.nix +new file mode 100644 +index 00000000000000..c655a55bff99aa +--- /dev/null ++++ b/pkgs/by-name/ne/netbox-agent/package.nix +@@ -0,0 +1,73 @@ ++{ lib ++, python3 ++, fetchFromGitHub ++, ethtool ++, dmidecode ++, ipmitool ++, lldpd ++, lshw ++}: ++ ++python3.pkgs.buildPythonApplication rec { ++ pname = "netbox-agent"; ++ version = "unstable-2023-03-19"; ++ pyproject = true; ++ ++ src = fetchFromGitHub { ++ owner = "Solvik"; ++ repo = "netbox-agent"; ++ rev = "master"; ++ hash = "sha256-lkC5UZFEN78GIbE5m6/c9iEYkynWZh+S5Kn0CuKisuM="; ++ }; ++ ++ patches = [ ++ ./lshw.patch # https://github.com/Solvik/netbox-agent/pull/292 ++ ./vm_tags.patch # https://github.com/Solvik/netbox-agent/pull/293 ++ ./role.patch # https://github.com/Solvik/netbox-agent/pull/289 ++ ./return-code.patch # From https://github.com/Solvik/netbox-agent/pull/279 ++ ]; ++ ++ postPatch = '' ++ # remove legacy code ++ echo "" > netbox_agent/__init__.py ++ ''; ++ ++ nativeBuildInputs = [ ++ python3.pkgs.setuptools ++ python3.pkgs.wheel ++ python3.pkgs.pythonRelaxDepsHook ++ ]; ++ pythonRelaxDeps = true; ++ ++ propagatedBuildInputs = with python3.pkgs; [ ++ distro ++ jsonargparse ++ netaddr ++ netifaces ++ packaging ++ pynetbox ++ python-slugify ++ pyyaml ++ ]; ++ ++ postInstall = '' ++ wrapProgram $out/bin/netbox_agent \ ++ --prefix PATH ":" ${lib.makeBinPath [ ++ ethtool ++ dmidecode ++ ipmitool ++ lldpd ++ lshw ++ ]} ++ ''; ++ ++ pythonImportsCheck = [ "netbox_agent" ]; ++ ++ meta = with lib; { ++ description = "Netbox agent to run on your infrastructure's servers"; ++ homepage = "https://github.com/Solvik/netbox-agent"; ++ license = licenses.asl20; ++ maintainers = with maintainers; [ sinavir raitobezarius ]; ++ mainProgram = "netbox_agent"; ++ }; ++} +diff --git a/pkgs/by-name/ne/netbox-agent/return-code.patch b/pkgs/by-name/ne/netbox-agent/return-code.patch +new file mode 100644 +index 00000000000000..8aaf2f830e52a7 +--- /dev/null ++++ b/pkgs/by-name/ne/netbox-agent/return-code.patch +@@ -0,0 +1,22 @@ ++From 76b2d253ce94c11d77deeaf36c5b6947ef3cd94a Mon Sep 17 00:00:00 2001 ++From: =?UTF-8?q?Gr=C3=A9goire=20Compagnon?= ++Date: Mon, 21 Aug 2023 20:40:10 +0200 ++Subject: [PATCH] Return 0 if everything ok as excepted in a shell ++ ++--- ++ netbox_agent/cli.py | 2 +- ++ 1 file changed, 1 insertion(+), 1 deletion(-) ++ ++diff --git a/netbox_agent/cli.py b/netbox_agent/cli.py ++index e112469a..74cd8f9a 100644 ++--- a/netbox_agent/cli.py +++++ b/netbox_agent/cli.py ++@@ -47,7 +47,7 @@ def run(config): ++ ++ ++ def main(): ++- return run(config) +++ return 0 if run(config) else 1 ++ ++ ++ if __name__ == '__main__': +diff --git a/pkgs/by-name/ne/netbox-agent/role.patch b/pkgs/by-name/ne/netbox-agent/role.patch +new file mode 100644 +index 00000000000000..c1c00180791c1e +--- /dev/null ++++ b/pkgs/by-name/ne/netbox-agent/role.patch +@@ -0,0 +1,36 @@ ++diff --git a/netbox_agent/server.py b/netbox_agent/server.py ++index c755a71..cb9e678 100644 ++--- a/netbox_agent/server.py +++++ b/netbox_agent/server.py ++@@ -204,6 +204,7 @@ def _netbox_create_chassis(self, datacenter, tenant, rack): ++ tenant=tenant.id if tenant else None, ++ rack=rack.id if rack else None, ++ tags=[{'name': x} for x in self.tags], +++ role=device_role.id, ++ custom_fields=self.custom_fields, ++ ) ++ return new_chassis ++@@ -226,6 +227,7 @@ def _netbox_create_blade(self, chassis, datacenter, tenant, rack): ++ site=datacenter.id if datacenter else None, ++ tenant=tenant.id if tenant else None, ++ rack=rack.id if rack else None, +++ role=device_role.id, ++ tags=[{'name': x} for x in self.tags], ++ custom_fields=self.custom_fields, ++ ) ++@@ -249,6 +251,7 @@ def _netbox_create_blade_expansion(self, chassis, datacenter, tenant, rack): ++ site=datacenter.id if datacenter else None, ++ tenant=tenant.id if tenant else None, ++ rack=rack.id if rack else None, +++ role=device_role.id, ++ tags=[{'name': x} for x in self.tags], ++ ) ++ return new_blade ++@@ -278,6 +281,7 @@ def _netbox_create_server(self, datacenter, tenant, rack): ++ site=datacenter.id if datacenter else None, ++ tenant=tenant.id if tenant else None, ++ rack=rack.id if rack else None, +++ role=device_role.id, ++ tags=[{'name': x} for x in self.tags], ++ ) ++ return new_server +diff --git a/pkgs/by-name/ne/netbox-agent/vm_tags.patch b/pkgs/by-name/ne/netbox-agent/vm_tags.patch +new file mode 100644 +index 00000000000000..22f805c502c00e +--- /dev/null ++++ b/pkgs/by-name/ne/netbox-agent/vm_tags.patch +@@ -0,0 +1,53 @@ ++From c9a57de843e301483a0d3030aca475697026afea Mon Sep 17 00:00:00 2001 ++From: sinavir ++Date: Thu, 28 Mar 2024 12:07:17 +0100 ++Subject: [PATCH] fix: vm tags ++ ++--- ++ netbox_agent/virtualmachine.py | 18 +++++++++++++----- ++ 1 file changed, 13 insertions(+), 5 deletions(-) ++ ++diff --git a/netbox_agent/virtualmachine.py b/netbox_agent/virtualmachine.py ++index b32d3bd..3b3f89c 100644 ++--- a/netbox_agent/virtualmachine.py +++++ b/netbox_agent/virtualmachine.py ++@@ -42,8 +42,7 @@ def __init__(self, dmi=None): ++ self.device_platform = get_device_platform(config.device.platform) ++ ++ self.tags = list(set(config.device.tags.split(','))) if config.device.tags else [] ++- if self.tags and len(self.tags): ++- create_netbox_tags(self.tags) +++ self.nb_tags = create_netbox_tags(self.tags) ++ ++ def get_memory(self): ++ mem_bytes = os.sysconf('SC_PAGE_SIZE') * os.sysconf('SC_PHYS_PAGES') # e.g. 4015976448 ++@@ -107,7 +106,7 @@ def netbox_create_or_update(self, config): ++ vcpus=vcpus, ++ memory=memory, ++ tenant=tenant.id if tenant else None, ++- tags=self.tags, +++ tags=[{'name': x} for x in self.tags], ++ ) ++ created = True ++ ++@@ -121,9 +120,18 @@ def netbox_create_or_update(self, config): ++ if vm.memory != memory: ++ vm.memory = memory ++ updated += 1 ++- if sorted(set(vm.tags)) != sorted(set(self.tags)): ++- vm.tags = self.tags +++ +++ vm_tags = sorted(set([x.name for x in vm.tags])) +++ tags = sorted(set(self.tags)) +++ if vm_tags != tags: +++ new_tags_ids = [x.id for x in self.nb_tags] +++ if not config.preserve_tags: +++ vm.tags = new_tags_ids +++ else: +++ vm_tags_ids = [x.id for x in vm.tags] +++ vm.tags = sorted(set(new_tags_ids + vm_tags_ids)) ++ updated += 1 +++ ++ if vm.platform != self.device_platform: ++ vm.platform = self.device_platform ++ updated += 1 diff --git a/patches/03-nextcloud.patch b/patches/03-nextcloud.patch new file mode 100644 index 0000000..0263c0d --- /dev/null +++ b/patches/03-nextcloud.patch @@ -0,0 +1,28 @@ +--- a/nixos/modules/services/web-apps/nextcloud.nix ++++ b/nixos/modules/services/web-apps/nextcloud.nix +@@ -131,6 +131,7 @@ + (mkRemovedOptionModule [ "services" "nextcloud" "disableImagemagick" ] '' + Use services.nextcloud.enableImagemagick instead. + '') ++ (mkRenamedOptionModule [ "services" "nextcloud" "config" "objectstore" "s3" "autocreate" ] [ "services" "nextcloud" "config" "objectstore" "s3" "verify_bucket_exists" ]) + ]; + + options.services.nextcloud = { +@@ -487,7 +487,7 @@ + The name of the S3 bucket. + ''; + }; +- autocreate = mkOption { ++ verify_bucket_exists = mkOption { + type = types.bool; + description = lib.mdDoc '' + Create the objectstore if it does not exist. +@@ -820,7 +820,7 @@ + 'class' => '\\OC\\Files\\ObjectStore\\S3', + 'arguments' => [ + 'bucket' => '${s3.bucket}', +- 'autocreate' => ${boolToString s3.autocreate}, ++ 'verify_bucket_exists' => ${boolToString s3.verify_bucket_exists}, + 'key' => '${s3.key}', + 'secret' => nix_read_secret('${s3.secretFile}'), + ${optionalString (s3.hostname != null) "'hostname' => '${s3.hostname}',"} diff --git a/patches/default.nix b/patches/default.nix index 2a9cc55..a99ea53 100644 --- a/patches/default.nix +++ b/patches/default.nix @@ -1,7 +1,7 @@ let netboxAgent = { - id = "244549"; - hash = "sha256-wWpp4br8bVxXobjuWrBY1XnxK+mOkuyU9Pr+UJ8CsvI="; + _type = "static"; + path = ./02-netbox-agent.patch; }; in @@ -78,13 +78,13 @@ in # castopod: 1.6.4 -> 1.7.0 + ajout du support de loadcredentials { _type = "static"; - path = ./castopod.patch; + path = ./01-castopod.patch; } # nixos/nextcloud: Rename autocreate (a no-op) to verify_bucket_exists { - id = 275165; - hash = "sha256-XVq72jiLCDrZhADgyvI5y1y/5zlpX89vUBvxUolrYp8="; + _type = "static"; + path = ./03-nextcloud.patch; } ]; diff --git a/patches/netbox.patch b/patches/netbox.patch deleted file mode 100644 index 87e78e7..0000000 --- a/patches/netbox.patch +++ /dev/null @@ -1,50 +0,0 @@ -From 163fed297ed65a24241f190d8e954ce1877f9020 Mon Sep 17 00:00:00 2001 -From: Minijackson -Date: Mon, 22 Jan 2024 16:17:57 +0100 -Subject: [PATCH] netbox: 3.6.9 -> 3.7.1 - -Or another way to see it: - -netbox_3_7: init at 3.7.1 - -Make NetBox 3.7 the default version if stateVersion >= 24.05, -switch upgrade test to test upgrade from 3.6 to 3.7, -remove clearcache command for >=3.7.0, -make reindex command mandatory ---- - nixos/modules/services/web-apps/netbox.nix | 15 +++++++++------ - -diff --git a/nixos/modules/services/web-apps/netbox.nix b/nixos/modules/services/web-apps/netbox.nix -index 72ec578146a764..b0921f461d2216 100644 ---- a/nixos/modules/services/web-apps/netbox.nix -+++ b/nixos/modules/services/web-apps/netbox.nix -@@ -75,7 +75,9 @@ in { - package = lib.mkOption { - type = lib.types.package; - default = -- if lib.versionAtLeast config.system.stateVersion "23.11" -+ if lib.versionAtLeast config.system.stateVersion "24.05" -+ then pkgs.netbox_3_7 -+ else if lib.versionAtLeast config.system.stateVersion "23.11" - then pkgs.netbox_3_6 - else if lib.versionAtLeast config.system.stateVersion "23.05" - then pkgs.netbox_3_5 -@@ -306,12 +308,13 @@ in { - ${pkg}/bin/netbox trace_paths --no-input - ${pkg}/bin/netbox collectstatic --no-input - ${pkg}/bin/netbox remove_stale_contenttypes --no-input -- # TODO: remove the condition when we remove netbox_3_3 -- ${lib.optionalString -- (lib.versionAtLeast cfg.package.version "3.5.0") -- "${pkg}/bin/netbox reindex --lazy"} -+ ${pkg}/bin/netbox reindex --lazy - ${pkg}/bin/netbox clearsessions -- ${pkg}/bin/netbox clearcache -+ ${lib.optionalString -+ # The clearcache command was removed in 3.7.0: -+ # https://github.com/netbox-community/netbox/issues/14458 -+ (lib.versionOlder cfg.package.version "3.7.0") -+ "${pkg}/bin/netbox clearcache"} - - echo "${cfg.package.version}" > "$versionFile" - '';