Loading nixos/modules/services/monitoring/cockpit.nix +22 −3 Original line number Diff line number Diff line Loading @@ -12,7 +12,6 @@ let mkEnableOption mkOption mkIf literalMD mkPackageOption ; settingsFormat = pkgs.formats.ini { }; Loading @@ -26,6 +25,18 @@ in default = [ "cockpit" ]; }; allowed-origins = lib.mkOption { type = types.listOf types.str; default = []; description = '' List of allowed origins. Maps to the WebService.Origins setting and allows merging from multiple modules. ''; }; settings = lib.mkOption { type = settingsFormat.type; Loading Loading @@ -62,14 +73,16 @@ in # generate cockpit settings environment.etc."cockpit/cockpit.conf".source = settingsFormat.generate "cockpit.conf" cfg.settings; security.pam.services.cockpit = { }; security.pam.services.cockpit = { startSession = true; }; networking.firewall.allowedTCPPorts = mkIf cfg.openFirewall [ cfg.port ]; systemd.packages = [ cfg.package ]; systemd.sockets.cockpit.wantedBy = [ "multi-user.target" ]; systemd.sockets.cockpit.listenStreams = [ "" "" # workaround so it doesn't listen on both ports caused by the runtime merging (toString cfg.port) ]; Loading @@ -80,6 +93,12 @@ in "L+ /run/cockpit/motd - - - - inactive.motd" "d /etc/cockpit/ws-certs.d 0600 root root 0" ]; services.cockpit.allowed-origins = [ "https://localhost:${toString config.services.cockpit.port}" ]; services.cockpit.settings.WebService.Origins = builtins.concatStringsSep " " config.services.cockpit.allowed-origins; }; meta.maintainers = pkgs.cockpit.meta.maintainers; Loading nixos/tests/cockpit.nix +4 −6 Original line number Diff line number Diff line Loading @@ -23,11 +23,9 @@ import ./make-test-python.nix ( enable = true; port = 7890; openFirewall = true; settings = { WebService = { Origins = "https://server:7890"; }; }; allowed-origins = [ "https://server:${toString config.services.cockpit.port}" ]; }; }; client = Loading Loading @@ -130,7 +128,7 @@ import ./make-test-python.nix ( log("Checking that /nonexistent is not a thing") assert '/nonexistent' not in driver.page_source assert driver.find_element(By.CSS_SELECTOR, '#machine-reconnect') is not None assert len(driver.find_elements(By.CSS_SELECTOR, '#machine-reconnect')) == 0 driver.close() ''; Loading pkgs/by-name/co/cockpit/package.nix +15 −0 Original line number Diff line number Diff line Loading @@ -14,7 +14,9 @@ git, glib, glib-networking, gnused, gnutls, iproute2, json-glib, krb5, libssh, Loading @@ -33,6 +35,7 @@ systemd, udev, xmlto, which, }: stdenv.mkDerivation (finalAttrs: { Loading Loading @@ -63,6 +66,7 @@ stdenv.mkDerivation (finalAttrs: { python3Packages.setuptools systemd xmlto which ]; buildInputs = [ Loading Loading @@ -93,6 +97,9 @@ stdenv.mkDerivation (finalAttrs: { substituteInPlace src/common/cockpitconf.c \ --replace-fail 'const char *cockpit_config_dirs[] = { PACKAGE_SYSCONF_DIR' 'const char *cockpit_config_dirs[] = { "/etc"' substituteInPlace src/**/*.c \ --replace '"/bin/sh"' "\"$(which sh)\"" # instruct users with problems to create a nixpkgs issue instead of nagging upstream directly substituteInPlace configure.ac \ --replace-fail 'devel@lists.cockpit-project.org' 'https://github.com/NixOS/nixpkgs/issues/new?assignees=&labels=0.kind%3A+bug&template=bug_report.md&title=cockpit%25' Loading Loading @@ -171,6 +178,14 @@ stdenv.mkDerivation (finalAttrs: { --prefix PYTHONPATH : $out/${python3Packages.python.sitePackages} done patchShebangs $out/share/cockpit/issue/update-issue wrapProgram $out/share/cockpit/issue/update-issue \ --prefix PATH : ${lib.makeBinPath [ iproute2 gnused ]} substituteInPlace $out/${python3Packages.python.sitePackages}/cockpit/_vendor/systemd_ctypes/libsystemd.py \ --replace-warn libsystemd.so.0 ${systemd}/lib/libsystemd.so.0 Loading Loading
nixos/modules/services/monitoring/cockpit.nix +22 −3 Original line number Diff line number Diff line Loading @@ -12,7 +12,6 @@ let mkEnableOption mkOption mkIf literalMD mkPackageOption ; settingsFormat = pkgs.formats.ini { }; Loading @@ -26,6 +25,18 @@ in default = [ "cockpit" ]; }; allowed-origins = lib.mkOption { type = types.listOf types.str; default = []; description = '' List of allowed origins. Maps to the WebService.Origins setting and allows merging from multiple modules. ''; }; settings = lib.mkOption { type = settingsFormat.type; Loading Loading @@ -62,14 +73,16 @@ in # generate cockpit settings environment.etc."cockpit/cockpit.conf".source = settingsFormat.generate "cockpit.conf" cfg.settings; security.pam.services.cockpit = { }; security.pam.services.cockpit = { startSession = true; }; networking.firewall.allowedTCPPorts = mkIf cfg.openFirewall [ cfg.port ]; systemd.packages = [ cfg.package ]; systemd.sockets.cockpit.wantedBy = [ "multi-user.target" ]; systemd.sockets.cockpit.listenStreams = [ "" "" # workaround so it doesn't listen on both ports caused by the runtime merging (toString cfg.port) ]; Loading @@ -80,6 +93,12 @@ in "L+ /run/cockpit/motd - - - - inactive.motd" "d /etc/cockpit/ws-certs.d 0600 root root 0" ]; services.cockpit.allowed-origins = [ "https://localhost:${toString config.services.cockpit.port}" ]; services.cockpit.settings.WebService.Origins = builtins.concatStringsSep " " config.services.cockpit.allowed-origins; }; meta.maintainers = pkgs.cockpit.meta.maintainers; Loading
nixos/tests/cockpit.nix +4 −6 Original line number Diff line number Diff line Loading @@ -23,11 +23,9 @@ import ./make-test-python.nix ( enable = true; port = 7890; openFirewall = true; settings = { WebService = { Origins = "https://server:7890"; }; }; allowed-origins = [ "https://server:${toString config.services.cockpit.port}" ]; }; }; client = Loading Loading @@ -130,7 +128,7 @@ import ./make-test-python.nix ( log("Checking that /nonexistent is not a thing") assert '/nonexistent' not in driver.page_source assert driver.find_element(By.CSS_SELECTOR, '#machine-reconnect') is not None assert len(driver.find_elements(By.CSS_SELECTOR, '#machine-reconnect')) == 0 driver.close() ''; Loading
pkgs/by-name/co/cockpit/package.nix +15 −0 Original line number Diff line number Diff line Loading @@ -14,7 +14,9 @@ git, glib, glib-networking, gnused, gnutls, iproute2, json-glib, krb5, libssh, Loading @@ -33,6 +35,7 @@ systemd, udev, xmlto, which, }: stdenv.mkDerivation (finalAttrs: { Loading Loading @@ -63,6 +66,7 @@ stdenv.mkDerivation (finalAttrs: { python3Packages.setuptools systemd xmlto which ]; buildInputs = [ Loading Loading @@ -93,6 +97,9 @@ stdenv.mkDerivation (finalAttrs: { substituteInPlace src/common/cockpitconf.c \ --replace-fail 'const char *cockpit_config_dirs[] = { PACKAGE_SYSCONF_DIR' 'const char *cockpit_config_dirs[] = { "/etc"' substituteInPlace src/**/*.c \ --replace '"/bin/sh"' "\"$(which sh)\"" # instruct users with problems to create a nixpkgs issue instead of nagging upstream directly substituteInPlace configure.ac \ --replace-fail 'devel@lists.cockpit-project.org' 'https://github.com/NixOS/nixpkgs/issues/new?assignees=&labels=0.kind%3A+bug&template=bug_report.md&title=cockpit%25' Loading Loading @@ -171,6 +178,14 @@ stdenv.mkDerivation (finalAttrs: { --prefix PYTHONPATH : $out/${python3Packages.python.sitePackages} done patchShebangs $out/share/cockpit/issue/update-issue wrapProgram $out/share/cockpit/issue/update-issue \ --prefix PATH : ${lib.makeBinPath [ iproute2 gnused ]} substituteInPlace $out/${python3Packages.python.sitePackages}/cockpit/_vendor/systemd_ctypes/libsystemd.py \ --replace-warn libsystemd.so.0 ${systemd}/lib/libsystemd.so.0 Loading
lucasew <lucas59356@gmail.com>lucasew <lucas59356@gmail.com>