nixos/osquery: add package option

2026-06-05 21:03:40 +00:00 · 2026-01-30 01:57:10 +03:00
parent 611c3b6bd6
commit c5aee3bc28
2 changed files with 16 additions and 15 deletions
--- a/nixos/modules/services/monitoring/osquery.nix
+++ b/nixos/modules/services/monitoring/osquery.nix
@@ -25,17 +25,20 @@ let
        ({ config_path = conf; } // cfg.flags)
    )
  );
-
+  osquery = cfg.package;
  osqueryi = pkgs.runCommand "osqueryi" { nativeBuildInputs = [ pkgs.makeWrapper ]; } ''
    mkdir -p $out/bin
-    makeWrapper ${pkgs.osquery}/bin/osqueryi $out/bin/osqueryi \
+    makeWrapper ${osquery}/bin/osqueryi $out/bin/osqueryi \
      --add-flags "--flagfile ${flagfile} --disable-database"
  '';
+
 in
 {
  options.services.osquery = {
    enable = lib.mkEnableOption "osqueryd daemon";

+    package = lib.mkPackageOption pkgs "osquery" { };
+
    settings = lib.mkOption {
      default = { };
      description = ''
@@ -108,7 +111,7 @@ in
      ];
      description = "The osquery daemon";
      serviceConfig = {
-        ExecStart = "${pkgs.osquery}/bin/osqueryd --flagfile ${flagfile}";
+        ExecStart = "${osquery}/bin/osqueryd --flagfile ${flagfile}";
        PIDFile = cfg.flags.pidfile;
        LogsDirectory = lib.mkIf (cfg.flags.logger_path == "/var/log/osquery") [ "osquery" ];
        StateDirectory = lib.mkIf (cfg.flags.database_path == "/var/lib/osquery/osquery.db") [ "osquery" ];
@@ -116,7 +119,7 @@ in
      };
      wantedBy = [ "multi-user.target" ];
    };
-    systemd.tmpfiles.settings."10-osquery".${dirname (cfg.flags.pidfile)}.d = {
+    systemd.tmpfiles.settings."10-osquery".${dirname cfg.flags.pidfile}.d = {
      user = "root";
      group = "root";
      mode = "0755";
--- a/nixos/tests/osquery.nix
+++ b/nixos/tests/osquery.nix
@@ -1,5 +1,5 @@
 import ./make-test-python.nix (
-  { lib, pkgs, ... }:
+  { lib, ... }:

  let
    config_refresh = "10";
@@ -13,19 +13,17 @@ import ./make-test-python.nix (
      lewo
    ];

-    nodes.machine =
-      { config, pkgs, ... }:
-      {
-        services.osquery = {
-          enable = true;
+    nodes.machine = _: {
+      services.osquery = {
+        enable = true;

-          settings.options = { inherit nullvalue utc; };
-          flags = {
-            inherit config_refresh;
-            nullvalue = "IGNORED";
-          };
+        settings.options = { inherit nullvalue utc; };
+        flags = {
+          inherit config_refresh;
+          nullvalue = "IGNORED";
        };
      };
+    };

    testScript =
      { nodes, ... }: