waagent: update to 2.8.0.11 (#206974) (ca017501) · Commits · nix / nixpkgs

nixos/modules/virtualisation/azure-agent-entropy.patch

deleted100644 → 0

+0 −17

Original line number	Diff line number	Diff line
		--- a/waagent 2016-03-12 09:58:15.728088851 +0200
		+++ a/waagent 2016-03-12 09:58:43.572680025 +0200
		@@ -6173,10 +6173,10 @@
		Log("MAC address: " + ":".join(["%02X" % Ord(a) for a in mac]))

		# Consume Entropy in ACPI table provided by Hyper-V
		- try:
		- SetFileContents("/dev/random", GetFileContents("/sys/firmware/acpi/tables/OEM0"))
		- except:
		- pass
		+ #try:
		+ # SetFileContents("/dev/random", GetFileContents("/sys/firmware/acpi/tables/OEM0"))
		+ #except:
		+ # pass

		Log("Probing for Azure environment.")
		self.Endpoint = self.DoDhcpWork()

nixos/modules/virtualisation/azure-agent.nix

+138 −78

Original line number	Diff line number	Diff line
		{ config, lib, pkgs, ... }:

		with lib;

		let

		cfg = config.virtualisation.azure.agent;

		waagent = with pkgs; stdenv.mkDerivation rec {
		name = "waagent-2.0";
		src = pkgs.fetchFromGitHub {
		owner = "Azure";
		repo = "WALinuxAgent";
		rev = "1b3a8407a95344d9d12a2a377f64140975f1e8e4";
		sha256 = "10byzvmpgrmr4d5mdn2kq04aapqb3sgr1admk13wjmy5cd6bwd2x";
		};

		patches = [ ./azure-agent-entropy.patch ];

		nativeBuildInputs = [ makeWrapper python pythonPackages.wrapPython ];
		runtimeDeps = [ findutils gnugrep gawk coreutils openssl openssh
		nettools # for hostname
		procps # for pidof
		shadow # for useradd, usermod
		util-linux # for (u)mount, fdisk, sfdisk, mkswap
		parted
		];
		pythonPath = [ pythonPackages.pyasn1 ];

		configurePhase = false;
		buildPhase = false;

		installPhase = ''
		substituteInPlace config/99-azure-product-uuid.rules \
		--replace /bin/chmod "${coreutils}/bin/chmod"
		mkdir -p $out/lib/udev/rules.d
		cp config/*.rules $out/lib/udev/rules.d

		mkdir -p $out/bin
		cp waagent $out/bin/
		chmod +x $out/bin/waagent

		wrapProgram "$out/bin/waagent" \
		--prefix PYTHONPATH : $PYTHONPATH \
		--prefix PATH : "${makeBinPath runtimeDeps}"
		'';
		};

		provisionedHook = pkgs.writeScript "provisioned-hook" ''
		#!${pkgs.runtimeShell}
		/run/current-system/systemd/bin/systemctl start provisioned.target
		@@ -74,11 +33,12 @@ in

		###### implementation

		config = mkIf cfg.enable {
		config = lib.mkIf cfg.enable {
		assertions = [{
		assertion = pkgs.stdenv.hostPlatform.isx86;
		message = "Azure not currently supported on ${pkgs.stdenv.hostPlatform.system}";
		} {
		}
		{
		assertion = config.networking.networkmanager.enable == false;
		message = "Windows Azure Linux Agent is not compatible with NetworkManager";
		}];
		@@ -89,13 +49,19 @@ in

		environment.etc."waagent.conf".text = ''
		#
		# Windows Azure Linux Agent Configuration
		# Microsoft Azure Linux Agent Configuration
		#

		Role.StateConsumer=${provisionedHook}
		# Enable extension handling. Do not disable this unless you do not need password reset,
		# backup, monitoring, or any extension handling whatsoever.
		Extensions.Enabled=y

		# How often (in seconds) to poll for new goal states
		Extensions.GoalStatePeriod=6

		# Enable instance creation
		Provisioning.Enabled=y
		# Which provisioning agent to use. Supported values are "auto" (default), "waagent",
		# "cloud-init", or "disabled".
		Provisioning.Agent=disabled

		# Password authentication for root account will be unavailable.
		Provisioning.DeleteRootPassword=n
		@@ -103,18 +69,31 @@ in
		# Generate fresh host key pair.
		Provisioning.RegenerateSshHostKeyPair=n

		# Supported values are "rsa", "dsa" and "ecdsa".
		# Supported values are "rsa", "dsa", "ecdsa", "ed25519", and "auto".
		# The "auto" option is supported on OpenSSH 5.9 (2011) and later.
		Provisioning.SshHostKeyPairType=ed25519

		# Monitor host name changes and publish changes via DHCP requests.
		Provisioning.MonitorHostName=y

		# How often (in seconds) to monitor host name changes.
		Provisioning.MonitorHostNamePeriod=30

		# Decode CustomData from Base64.
		Provisioning.DecodeCustomData=n

		# Execute CustomData after provisioning.
		Provisioning.ExecuteCustomData=n

		# Algorithm used by crypt when generating password hash.
		#Provisioning.PasswordCryptId=6

		# Length of random salt used when generating password hash.
		#Provisioning.PasswordCryptSaltLength=10

		# Allow reset password of sys user
		Provisioning.AllowResetSysUser=n

		# Format if unformatted. If 'n', resource disk will not be mounted.
		ResourceDisk.Format=${if cfg.mountResourceDisk then "y" else "n"}

		@@ -125,22 +104,103 @@ in
		# Mount point for the resource disk
		ResourceDisk.MountPoint=/mnt/resource

		# Respond to load balancer probes if requested by Windows Azure.
		LBProbeResponder=y
		# Create and use swapfile on resource disk.
		ResourceDisk.EnableSwap=n

		# Size of the swapfile.
		ResourceDisk.SwapSizeMB=0

		# Enable logging to serial console (y\|n)
		# When stdout is not enough...
		# 'y' if not set
		Logs.Console=y
		# Comma-separated list of mount options. See mount(8) for valid options.
		ResourceDisk.MountOptions=None

		# Enable verbose logging (y\|n)
		Logs.Verbose=${if cfg.verboseLogging then "y" else "n"}

		# Enable Console logging, default is y
		# Logs.Console=y

		# Enable periodic log collection, default is n
		Logs.Collect=n

		# How frequently to collect logs, default is each hour
		Logs.CollectPeriod=3600

		# Is FIPS enabled
		OS.EnableFIPS=n

		# Root device timeout in seconds.
		OS.RootDeviceScsiTimeout=300

		# How often (in seconds) to set the root device timeout.
		OS.RootDeviceScsiTimeoutPeriod=30

		# If "None", the system default version is used.
		OS.OpensslPath=${pkgs.openssl_3.bin}/bin/openssl

		# Set the SSH ClientAliveInterval
		# OS.SshClientAliveInterval=180

		# Set the path to SSH keys and configuration files
		OS.SshDir=/etc/ssh

		# If set, agent will use proxy server to access internet
		#HttpProxy.Host=None
		#HttpProxy.Port=None

		# Detect Scvmm environment, default is n
		# DetectScvmmEnv=n

		#
		# Lib.Dir=/var/lib/waagent

		#
		# DVD.MountPoint=/mnt/cdrom/secure

		#
		# Pid.File=/var/run/waagent.pid

		#
		# Extension.LogDir=/var/log/azure

		#
		# Home.Dir=/home

		# Enable RDMA management and set up, should only be used in HPC images
		OS.EnableRDMA=n

		# Enable checking RDMA driver version and update
		# OS.CheckRdmaDriver=y

		# Enable or disable goal state processing auto-update, default is enabled
		AutoUpdate.Enabled=n

		# Determine the update family, this should not be changed
		# AutoUpdate.GAFamily=Prod

		# Determine if the overprovisioning feature is enabled. If yes, hold extension
		# handling until inVMArtifactsProfile.OnHold is false.
		# Default is enabled
		EnableOverProvisioning=n

		# Allow fallback to HTTP if HTTPS is unavailable
		# Note: Allowing HTTP (vs. HTTPS) may cause security risks
		# OS.AllowHTTP=n

		# Add firewall rules to protect access to Azure host node services
		OS.EnableFirewall=n

		# How often (in seconds) to check the firewall rules
		OS.EnableFirewallPeriod=30

		# How often (in seconds) to remove the udev rules for persistent network interface
		# names (75-persistent-net-generator.rules and /etc/udev/rules.d/70-persistent-net.rules)
		OS.RemovePersistentNetRulesPeriod=30

		# How often (in seconds) to monitor for DHCP client restarts
		OS.MonitorDhcpClientRestartPeriod=30
		'';

		services.udev.packages = [ waagent ];
		services.udev.packages = [ pkgs.waagent ];

		networking.dhcpcd.persistent = true;

		@@ -158,7 +218,8 @@ in
		};

		systemd.services.consume-hypervisor-entropy =
		{ description = "Consume entropy in ACPI table provided by Hyper-V";
		{
		description = "Consume entropy in ACPI table provided by Hyper-V";

		wantedBy = [ "sshd.service" "waagent.service" ];
		before = [ "sshd.service" "waagent.service" ];
		@@ -184,11 +245,10 @@ in
		description = "Windows Azure Agent Service";
		unitConfig.ConditionPathExists = "/etc/waagent.conf";
		serviceConfig = {
		ExecStart = "${waagent}/bin/waagent -daemon";
		ExecStart = "${pkgs.waagent}/bin/waagent -daemon";
		Type = "simple";
		};
		};

		};

		}

pkgs/applications/networking/cluster/waagent/default.nix

0 → 100644

+67 −0

Original line number	Diff line number	Diff line
		{ fetchFromGitHub,
		findutils,
		gnugrep,
		gnused,
		iproute2,
		iptables,
		lib,
		nettools, # for hostname
		openssh,
		openssl,
		parted,
		procps, # for pidof,
		python3,
		shadow, # for useradd, usermod
		util-linux, # for (u)mount, fdisk, sfdisk, mkswap
		}:

		let
		inherit (lib) makeBinPath;

		in
		python3.pkgs.buildPythonPackage rec {
		pname = "waagent";
		version = "2.8.0.11";
		src = fetchFromGitHub {
		owner = "Azure";
		repo = "WALinuxAgent";
		rev = "04ded9f0b708cfaf4f9b68eead1aef4cc4f32eeb";
		sha256 = "0fvjanvsz1zyzhbjr2alq5fnld43mdd776r2qid5jy5glzv0xbhf";
		};
		doCheck = false;

		buildInputs = with python3.pkgs; [ distro ];
		runtimeDeps = [
		findutils
		gnugrep
		gnused
		iproute2
		iptables
		nettools # for hostname
		openssh
		openssl
		parted
		procps # for pidof
		shadow # for useradd, usermod
		util-linux # for (u)mount, fdisk, sfdisk, mkswap
		];

		fixupPhase = ''
		mkdir -p $out/bin/
		WAAGENT=$(find $out -name waagent \| grep sbin)
		cp $WAAGENT $out/bin/waagent
		wrapProgram "$out/bin/waagent" \
		--prefix PYTHONPATH : $PYTHONPATH \
		--prefix PATH : "${makeBinPath runtimeDeps}"
		patchShebangs --build "$out/bin/"
		'';

		meta = {
		description = "The Microsoft Azure Linux Agent (waagent)
		manages Linux provisioning and VM interaction with the Azure
		Fabric Controller";
		homepage = "https://github.com/Azure/WALinuxAgent";
		license = with lib.licenses; [ asl20 ];
		};

		}

pkgs/top-level/all-packages.nix

+2 −0

Original line number	Diff line number	Diff line
		@@ -16466,6 +16466,8 @@ with pkgs;

		trealla = callPackage ../development/interpreters/trealla { };

		waagent = callPackage ../applications/networking/cluster/waagent { };

		wapm-cli = callPackage ../tools/package-management/wapm/cli {
		inherit (darwin.apple_sdk.frameworks) Security SystemConfiguration;
		};

Admin message