aboutsummaryrefslogtreecommitdiff
path: root/modules/apps
diff options
context:
space:
mode:
authorIgor Pashev <pashev.igor@gmail.com>2018-04-13 18:39:08 +0300
committerIgor Pashev <pashev.igor@gmail.com>2018-04-13 22:35:18 +0300
commitd450085b21f46e716afdedbbb6719199def85d97 (patch)
tree86e074453384737fb27f8e009a7487d845026e03 /modules/apps
parent132b8b7aae875a4fd8bf8388dedcd29e422c0893 (diff)
downloadnixsap-d450085b21f46e716afdedbbb6719199def85d97.tar.gz
Stop running icinga2 as root (use fakeroot)
Diffstat (limited to 'modules/apps')
-rw-r--r--modules/apps/icinga2.nix21
1 files changed, 10 insertions, 11 deletions
diff --git a/modules/apps/icinga2.nix b/modules/apps/icinga2.nix
index 6380f92..6141389 100644
--- a/modules/apps/icinga2.nix
+++ b/modules/apps/icinga2.nix
@@ -200,16 +200,6 @@ let
ln -sf ${icingaMutableCheckCommand} \
${cfg.stateDir}/etc/icinga2/conf.d/${cfg.mutable.checkCommand}.conf
- # XXX: requires root (!?)
- ${pkgs.icinga2}/bin/icinga2 api setup
- ${pkgs.icinga2}/bin/icinga2 feature enable checker
- ${pkgs.icinga2}/bin/icinga2 feature enable command
- ${pkgs.icinga2}/bin/icinga2 feature enable livestatus
-
- ${optionalString cfg.notifications ''
- ${pkgs.icinga2}/bin/icinga2 feature enable notification
- ''}
-
rm -rf ${rundir}
mkdir --mode=0755 -p ${rundir}
mkdir --mode=2710 -p ${dirOf cfg.commandPipe}
@@ -223,9 +213,18 @@ let
start = pkgs.writeBashScriptBin "icinga2" ''
set -euo pipefail
-
umask 0077
+ # XXX Requires root for no fucking reason, see https://github.com/Icinga/icinga2/issues/4947
+ ${pkgs.fakeroot}/bin/fakeroot ${pkgs.icinga2}/bin/icinga2 api setup
+ ${pkgs.fakeroot}/bin/fakeroot ${pkgs.icinga2}/bin/icinga2 feature enable checker
+ ${pkgs.fakeroot}/bin/fakeroot ${pkgs.icinga2}/bin/icinga2 feature enable command
+ ${pkgs.fakeroot}/bin/fakeroot ${pkgs.icinga2}/bin/icinga2 feature enable livestatus
+
+ ${optionalString cfg.notifications ''
+ ${pkgs.fakeroot}/bin/fakeroot ${pkgs.icinga2}/bin/icinga2 feature enable notification
+ ''}
+
printf 'const TicketSalt = "%s"\n' "$(${pkgs.pwgen}/bin/pwgen -1 -s 23)" \
> ${cfg.stateDir}/etc/icinga2/conf.d/ticketsalt.conf
generated by cgit v1.2.3 (git 2.39.1) at 2024-05-09 00:10:37 +0000