From bf92d0ec3794fcfb8b23bbeb5dd9bf50fbf97bc4 Mon Sep 17 00:00:00 2001 From: Joe DeVivo Date: Sat, 8 May 2021 16:03:38 -0700 Subject: nixos/ssm-agent: conf files written to /etc ssm-agent expects files in /etc/amazon/ssm. The pkg substitutes a location in the nix store for those default files, but if we ever want to adjust this configuration on NixOS, we'd need the ability to modify that file. This change to the nixos module writes copies of the default files from the nix store to /etc/amazon/ssm. Future versions can add config, but right now this would allow users to at least write out a text value to environment.etc."amazon/ssm/amazon-ssm-agent.json".text to provide their own config. --- nixos/modules/services/misc/ssm-agent.nix | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) (limited to 'nixos/modules/services/misc/ssm-agent.nix') diff --git a/nixos/modules/services/misc/ssm-agent.nix b/nixos/modules/services/misc/ssm-agent.nix index e50b07e0b86..c29d03d199b 100644 --- a/nixos/modules/services/misc/ssm-agent.nix +++ b/nixos/modules/services/misc/ssm-agent.nix @@ -22,8 +22,8 @@ in { package = mkOption { type = types.path; description = "The SSM agent package to use"; - default = pkgs.ssm-agent; - defaultText = "pkgs.ssm-agent"; + default = pkgs.ssm-agent.override { overrideEtc = false; }; + defaultText = "pkgs.ssm-agent.override { overrideEtc = false; }"; }; }; @@ -37,8 +37,10 @@ in { serviceConfig = { ExecStart = "${cfg.package}/bin/amazon-ssm-agent"; KillMode = "process"; - Restart = "on-failure"; - RestartSec = "15min"; + # We want this restating pretty frequently. It could be our only means + # of accessing the instance. + Restart = "always"; + RestartSec = "1min"; }; }; @@ -62,5 +64,10 @@ in { isNormalUser = true; group = "ssm-user"; }; + + environment.etc."amazon/ssm/seelog.xml".source = "${cfg.package}/seelog.xml.template"; + + environment.etc."amazon/ssm/amazon-ssm-agent.json".source = "${cfg.package}/etc/amazon/ssm/amazon-ssm-agent.json.template"; + }; } -- cgit 1.4.1