Skip to content

Commit

Permalink
Merge pull request #331722 from JohnRTitor/ananicy-cpp
Browse files Browse the repository at this point in the history 
nixos/ananicy: disable ananicy-cpp's BPF on hardened kernels, cleanup
  • Loading branch information
@JohnRTitor
JohnRTitor authored Aug 5, 2024
2 parents 698847b + 2cf5032 commit 0a7eaa5
Showing 1 changed file with 124 additions and 86 deletions.
210 changes: 124 additions & 86 deletions nixos/modules/services/misc/ananicy.nix
View file
Original file line number Diff line number Diff line change
@@ -1,85 +1,119 @@
{ config, lib, pkgs, ... }:

with lib;
{
config,
lib,
pkgs,
...
}:

let
cfg = config.services.ananicy;
configFile = pkgs.writeText "ananicy.conf" (generators.toKeyValue { } cfg.settings);
extraRules = pkgs.writeText "extraRules" (concatMapStringsSep "\n" (l: builtins.toJSON l) cfg.extraRules);
extraTypes = pkgs.writeText "extraTypes" (concatMapStringsSep "\n" (l: builtins.toJSON l) cfg.extraTypes);
extraCgroups = pkgs.writeText "extraCgroups" (concatMapStringsSep "\n" (l: builtins.toJSON l) cfg.extraCgroups);
servicename = if ((lib.getName cfg.package) == (lib.getName pkgs.ananicy-cpp)) then "ananicy-cpp" else "ananicy";
configFile = pkgs.writeText "ananicy.conf" (lib.generators.toKeyValue { } cfg.settings);
extraRules = pkgs.writeText "extraRules" (
lib.concatMapStringsSep "\n" (l: builtins.toJSON l) cfg.extraRules
);
extraTypes = pkgs.writeText "extraTypes" (
lib.concatMapStringsSep "\n" (l: builtins.toJSON l) cfg.extraTypes
);
extraCgroups = pkgs.writeText "extraCgroups" (
lib.concatMapStringsSep "\n" (l: builtins.toJSON l) cfg.extraCgroups
);
servicename =
if ((lib.getName cfg.package) == (lib.getName pkgs.ananicy-pp)) then "ananicy-cpp" else "ananicy";
# Ananicy-CPP with BPF is not supported on hardened kernels https://github.com/NixOS/nixpkgs/issues/327382
finalPackage =
if (servicename == "ananicy-cpp" && config.boot.kernelPackages.isHardened) then
(cfg.package { withBpf = false; })
else
cfg.package;
in
{
options = {
services.ananicy = {
enable = mkEnableOption "Ananicy, an auto nice daemon";
options.services.ananicy = {
enable = lib.mkEnableOption "Ananicy, an auto nice daemon";

package = mkPackageOption pkgs "ananicy" {
example = "ananicy-cpp";
};
package = lib.mkPackageOption pkgs "ananicy" { example = "ananicy-cpp"; };

rulesProvider = mkPackageOption pkgs "ananicy" {
example = "ananicy-cpp";
} // {
description = ''
Which package to copy default rules,types,cgroups from.
'';
};
rulesProvider = lib.mkPackageOption pkgs "ananicy" { example = "ananicy-cpp"; } // {
description = ''
Which package to copy default rules,types,cgroups from.
'';
};

settings = mkOption {
type = with types; attrsOf (oneOf [ int bool str ]);
default = { };
example = {
apply_nice = false;
};
description = ''
See <https://github.com/Nefelim4ag/Ananicy/blob/master/ananicy.d/ananicy.conf>
'';
settings = lib.mkOption {
type =
with lib.types;
attrsOf (oneOf [
int
bool
str
]);
default = { };
example = {
apply_nice = false;
};
description = ''
See <https://github.com/Nefelim4ag/Ananicy/blob/master/ananicy.d/ananicy.conf>
'';
};

extraRules = mkOption {
type = with types; listOf attrs;
default = [ ];
description = ''
Rules to write in 'nixRules.rules'. See:
<https://github.com/Nefelim4ag/Ananicy#configuration>
<https://gitlab.com/ananicy-cpp/ananicy-cpp/#global-configuration>
'';
example = [
{ name = "eog"; type = "Image-Viewer"; }
{ name = "fdupes"; type = "BG_CPUIO"; }
];
};
extraTypes = mkOption {
type = with types; listOf attrs;
default = [ ];
description = ''
Types to write in 'nixTypes.types'. See:
<https://gitlab.com/ananicy-cpp/ananicy-cpp/#types>
'';
example = [
{ type = "my_type"; nice = 19; other_parameter = "value"; }
{ type = "compiler"; nice = 19; sched = "batch"; ioclass = "idle"; }
];
};
extraCgroups = mkOption {
type = with types; listOf attrs;
default = [ ];
description = ''
Cgroups to write in 'nixCgroups.cgroups'. See:
<https://gitlab.com/ananicy-cpp/ananicy-cpp/#cgroups>
'';
example = [
{ cgroup = "cpu80"; CPUQuota = 80; }
];
};
extraRules = lib.mkOption {
type = with lib.types; listOf attrs;
default = [ ];
description = ''
Rules to write in 'nixRules.rules'. See:
<https://github.com/Nefelim4ag/Ananicy#configuration>
<https://gitlab.com/ananicy-cpp/ananicy-cpp/#global-configuration>
'';
example = [
{
name = "eog";
type = "Image-Viewer";
}
{
name = "fdupes";
type = "BG_CPUIO";
}
];
};
extraTypes = lib.mkOption {
type = with lib.types; listOf attrs;
default = [ ];
description = ''
Types to write in 'nixTypes.types'. See:
<https://gitlab.com/ananicy-cpp/ananicy-cpp/#types>
'';
example = [
{
type = "my_type";
nice = 19;
other_parameter = "value";
}
{
type = "compiler";
nice = 19;
sched = "batch";
ioclass = "idle";
}
];
};
extraCgroups = lib.mkOption {
type = with lib.types; listOf attrs;
default = [ ];
description = ''
Cgroups to write in 'nixCgroups.cgroups'. See:
<https://gitlab.com/ananicy-cpp/ananicy-cpp/#cgroups>
'';
example = [
{
cgroup = "cpu80";
CPUQuota = 80;
}
];
};
};

config = mkIf cfg.enable {
config = lib.mkIf cfg.enable {
environment = {
systemPackages = [ cfg.package ];
systemPackages = [ finalPackage ];
etc."ananicy.d".source = pkgs.runCommandLocal "ananicyfiles" { } ''
mkdir -p $out
# ananicy-cpp does not include rules or settings on purpose
Expand All @@ -92,16 +126,16 @@ in
# configured through .setings
rm -f $out/ananicy.conf
cp ${configFile} $out/ananicy.conf
${optionalString (cfg.extraRules != [ ]) "cp ${extraRules} $out/nixRules.rules"}
${optionalString (cfg.extraTypes != [ ]) "cp ${extraTypes} $out/nixTypes.types"}
${optionalString (cfg.extraCgroups != [ ]) "cp ${extraCgroups} $out/nixCgroups.cgroups"}
${lib.optionalString (cfg.extraRules != [ ]) "cp ${extraRules} $out/nixRules.rules"}
${lib.optionalString (cfg.extraTypes != [ ]) "cp ${extraTypes} $out/nixTypes.types"}
${lib.optionalString (cfg.extraCgroups != [ ]) "cp ${extraCgroups} $out/nixCgroups.cgroups"}
'';
};

# ananicy and ananicy-cpp have different default settings
services.ananicy.settings =
let
mkOD = mkOptionDefault;
mkOD = lib.mkOptionDefault;
in
{
cgroup_load = mkOD true;
Expand All @@ -113,26 +147,30 @@ in
apply_sched = mkOD true;
apply_oom_score_adj = mkOD true;
apply_cgroup = mkOD true;
} // (if ((lib.getName cfg.package) == (lib.getName pkgs.ananicy-cpp)) then {
# https://gitlab.com/ananicy-cpp/ananicy-cpp/-/blob/master/src/config.cpp#L12
loglevel = mkOD "warn"; # default is info but its spammy
cgroup_realtime_workaround = true;
log_applied_rule = mkOD false;
} else {
# https://github.com/Nefelim4ag/Ananicy/blob/master/ananicy.d/ananicy.conf
check_disks_schedulers = mkOD true;
check_freq = mkOD 5;
});
}
// (
if servicename == "ananicy-cpp" then
{
# https://gitlab.com/ananicy-cpp/ananicy-cpp/-/blob/master/src/config.cpp#L12
loglevel = mkOD "warn"; # default is info but its spammy
cgroup_realtime_workaround = true;
log_applied_rule = mkOD false;
}
else
{
# https://github.com/Nefelim4ag/Ananicy/blob/master/ananicy.d/ananicy.conf
check_disks_schedulers = mkOD true;
check_freq = mkOD 5;
}
);

systemd = {
packages = [ cfg.package ];
packages = [ finalPackage ];
services."${servicename}" = {
wantedBy = [ "default.target" ];
};
};
};

meta = {
maintainers = with maintainers; [ artturin ];
};
meta.maintainers = with lib.maintainers; [ artturin ];
}

0 comments on commit 0a7eaa5

Please sign in to comment.