Skip to content

Commit

Permalink
Don't hardcode PATH (#7)
Browse files Browse the repository at this point in the history
  • Loading branch information
RebeccaMahany authored Jan 4, 2024
1 parent 7c5cef7 commit f10936c
Showing 1 changed file with 31 additions and 3 deletions.
34 changes: 31 additions & 3 deletions modules/kolide-launcher/default.nix
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
flake: { config, lib, pkgs, ... }:

let
inherit (lib) types mkEnableOption mkOption mkIf;
inherit (lib) types mkEnableOption mkOption mkIf optional;
inherit (flake.packages.x86_64-linux) kolide-launcher;
cfg = config.services.kolide-launcher;
in
Expand Down Expand Up @@ -54,10 +54,38 @@ in
after = [ "network.service" "syslog.service" ];
wantedBy = [ "multi-user.target" ];

path = with pkgs; [ patchelf ];
# Hard requirements should go in list; optional requirements should be added as optional.
# Intentionally not included because they aren't supported on Nix:
# - CrowdStrike (falconctl, falcon-kernel-check)
# - Carbon Black (repcli)
# - dnf (related libraries dnf5, libdnf, and microdnf are available, but nothing provides the dnf binary)
# - x-www-browser (symlink created via `update-alternatives`, which isn't available)
path = with pkgs; [
patchelf # Required to auto-update successfully
systemd # Provides loginctl, systemctl; loginctl required to run desktop
xdg-utils # Provides xdg-open, required to open browser from notifications and menu bar app
]
++ optional (builtins.elem apt config.environment.systemPackages) apt
++ optional (builtins.elem cryptsetup config.environment.systemPackages) cryptsetup
++ optional (builtins.elem coreutils-full config.environment.systemPackages) coreutils-full # Provides echo
++ optional (builtins.elem dpkg config.environment.systemPackages) dpkg
++ optional (builtins.elem glib config.environment.systemPackages) glib # Provides gsettings
++ optional (builtins.elem gnome.gnome-shell config.environment.systemPackages) gnome.gnome-shell # Provides gnome-extensions
++ optional (builtins.elem iproute2 config.environment.systemPackages) iproute2 # Provides ip
++ optional (builtins.elem libnotify config.environment.systemPackages) libnotify # Provides notify-send
++ optional (builtins.elem lsof config.environment.systemPackages) lsof
++ optional (builtins.elem nettools config.environment.systemPackages) nettools # Provides ifconfig
++ optional (builtins.elem networkmanager config.environment.systemPackages) networkmanager # Provides nmcli
++ optional (builtins.elem pacman config.environment.systemPackages) pacman
++ optional (builtins.elem procps config.environment.systemPackages) procps # Provides ps
++ optional (builtins.elem rpm config.environment.systemPackages) rpm
++ optional (builtins.elem xorg.xrdb config.environment.systemPackages) xorg.xrdb # Provides xrdb
++ optional (builtins.elem util-linux config.environment.systemPackages) util-linux # Provides lsblk
++ optional (builtins.elem zerotierone config.environment.systemPackages) zerotierone # Provides zerotier-cli
++ optional (builtins.elem zfs config.environment.systemPackages) zfs # Provides zfs, zpool
;

serviceConfig = {
Environment = "PATH=/run/wrappers/bin:/bin:/sbin:/nix/var/nix/profiles/default/bin:/run/current-system/sw/bin";
ExecStart = ''
${flake.packages.x86_64-linux.kolide-launcher}/bin/launcher \
--hostname ${cfg.kolideHostname} \
Expand Down

0 comments on commit f10936c

Please sign in to comment.