diff --git a/users/glittershark/system/system/machines/yeren.nix b/users/glittershark/system/system/machines/yeren.nix index a8f7df5dc..444ea91e8 100644 --- a/users/glittershark/system/system/machines/yeren.nix +++ b/users/glittershark/system/system/machines/yeren.nix @@ -10,6 +10,7 @@ ../modules/sound.nix ../modules/tvl.nix ../modules/development.nix + ../modules/work/kolide.nix ]; networking.hostName = "yeren"; diff --git a/users/glittershark/system/system/modules/work/kolide.deb b/users/glittershark/system/system/modules/work/kolide.deb new file mode 100644 index 000000000..a319a5806 Binary files /dev/null and b/users/glittershark/system/system/modules/work/kolide.deb differ diff --git a/users/glittershark/system/system/modules/work/kolide.nix b/users/glittershark/system/system/modules/work/kolide.nix new file mode 100644 index 000000000..29ee0a0d7 --- /dev/null +++ b/users/glittershark/system/system/modules/work/kolide.nix @@ -0,0 +1,49 @@ +{ config, lib, pkgs, ... }: + +let + deb = ./kolide.deb; + + kolide = pkgs.runCommand "kolide-data" { + buildInputs = [ pkgs.binutils-unwrapped ]; + } '' + cp ${deb} ./kolide.deb + ar x kolide.deb + mkdir result + tar xzf data.tar.gz -C result + patchelf \ + --set-interpreter ${pkgs.glibc}/lib/ld-linux-x86-64.so.2 \ + --set-rpath "${lib.makeLibraryPath (with pkgs; [ + zlib + ])}" \ + result/usr/local/kolide-k2/bin/osqueryd + mv result $out + ''; + +in { + systemd.services."launcher.kolide-k2" = { + wantedBy = [ "multi-user.target" ]; + after = [ "network.target" "syslog.service" ]; + description = "The Kolide Launcher"; + serviceConfig = { + ExecStart = '' + ${kolide}/usr/local/kolide-k2/bin/launcher \ + -config \ + ${pkgs.writeText "launcher.flags" '' + with_initial_runner + control + autoupdate + root_directory /var/lib/kolide + osqueryd_path ${kolide}/usr/local/kolide-k2/bin/osqueryd + enroll_secret_path ${kolide}/etc/kolide-k2/secret + control_hostname k2control.kolide.com + update_channel stable + transport jsonrpc + hostname k2device.kolide.com + ''} + ''; + StateDirectory = "kolide"; + Restart = "on-failure"; + RestartSec = 3; + }; + }; +}