diff --git a/.github/workflows/validate.yml b/.github/workflows/validate.yml index 7cabe43..0cb822d 100644 --- a/.github/workflows/validate.yml +++ b/.github/workflows/validate.yml @@ -19,7 +19,7 @@ jobs: - uses: cachix/install-nix-action@v22 with: extra_nix_config: "system-features = nixos-test benchmark big-parallel kvm" - nix_path: nixpkgs=channel:nixos-23.05 + nix_path: nixpkgs=channel:nixos-23.11 - name: build run: NIXPKGS_ALLOW_UNFREE=1 nix build --impure diff --git a/README.md b/README.md index 31e8f4b..810dcc3 100644 --- a/README.md +++ b/README.md @@ -4,7 +4,7 @@ Packages [kolide/launcher](https://github.com/kolide/launcher) for Nix. ## Developing and testing in a VM -Create a VM using a NixOS 23.05 image with flakes enabled and SSH to the new VM. +Create a VM using a NixOS 23.11 image with flakes enabled and SSH to the new VM. Make a directory for the launcher flake and copy your changes to `flake.nix` and `flake.lock` into it. Make the subdirectory `modules/kolide-launcher` and copy your changes to `default.nix` into it. diff --git a/flake.lock b/flake.lock index 1b2110f..3a12289 100644 --- a/flake.lock +++ b/flake.lock @@ -2,16 +2,16 @@ "nodes": { "nixpkgs": { "locked": { - "lastModified": 1704018918, - "narHash": "sha256-erjg/HrpC9liEfm7oLqb8GXCqsxaFwIIPqCsknW5aFY=", + "lastModified": 1705458851, + "narHash": "sha256-uQvEhiv33Zj/Pv364dTvnpPwFSptRZgVedDzoM+HqVg=", "owner": "nixos", "repo": "nixpkgs", - "rev": "2c9c58e98243930f8cb70387934daa4bc8b00373", + "rev": "8bf65f17d8070a0a490daf5f1c784b87ee73982c", "type": "github" }, "original": { "owner": "nixos", - "ref": "nixos-23.05", + "ref": "nixos-23.11", "repo": "nixpkgs", "type": "github" } diff --git a/flake.nix b/flake.nix index b6bcc08..2e6ac37 100644 --- a/flake.nix +++ b/flake.nix @@ -1,7 +1,7 @@ { description = "Kolide launcher"; - inputs.nixpkgs.url = "github:nixos/nixpkgs/nixos-23.05"; + inputs.nixpkgs.url = "github:nixos/nixpkgs/nixos-23.11"; outputs = { self, nixpkgs }: { packages.x86_64-linux.kolide-launcher = diff --git a/modules/kolide-launcher/default.nix b/modules/kolide-launcher/default.nix index 4324294..a1dc515 100644 --- a/modules/kolide-launcher/default.nix +++ b/modules/kolide-launcher/default.nix @@ -46,6 +46,22 @@ in itself and its osquery installation: one of stable, nightly, beta, or alpha. ''; }; + + autoupdateInterval = mkOption { + type = types.str; + default = "1h"; + description = '' + The interval to check for launcher and osqueryd updates. + ''; + }; + + autoupdaterInitialDelay = mkOption { + type = types.str; + default = "1h"; + description = '' + Initial autoupdater subprocess delay. + ''; + }; }; config = mkIf cfg.enable { @@ -71,7 +87,9 @@ in --enroll_secret_path ${cfg.enrollSecretDirectory}/secret \ --update_channel ${cfg.updateChannel} \ --transport jsonrpc \ - --autoupdate + --autoupdate \ + --autoupdate_interval ${cfg.autoupdateInterval} \ + --autoupdater_initial_delay ${cfg.autoupdaterInitialDelay} ''; Restart = "on-failure"; RestartSec = 3; diff --git a/tests/kolide-launcher.nix b/tests/kolide-launcher.nix index 044d7ea..fc9d895 100644 --- a/tests/kolide-launcher.nix +++ b/tests/kolide-launcher.nix @@ -2,8 +2,8 @@ let nixpkgs = builtins.fetchTarball { - url = "https://github.com/nixOS/nixpkgs/archive/23.05.tar.gz"; - sha256 = "sha256:10wn0l08j9lgqcw8177nh2ljrnxdrpri7bp0g7nvrsn9rkawvlbf"; + url = "https://github.com/nixOS/nixpkgs/archive/23.11.tar.gz"; + sha256 = "sha256:1ndiv385w1qyb3b18vw13991fzb9wg4cl21wglk89grsfsnra41k"; }; pkgs = import nixpkgs { config = {}; overlays = []; }; in @@ -37,7 +37,7 @@ pkgs.nixosTest { hardware.pulseaudio.enable = true; services.kolide-launcher.enable = true; - system.stateVersion = "23.05"; + system.stateVersion = "23.11"; }; testScript = { nodes, ... }: