fleetdm / fleet

Open-source platform for IT, security, and infrastructure teams. (Linux, macOS, Chrome, Windows, cloud, data center)
https://fleetdm.com
Other
3.16k stars 433 forks source link

Method to install Orbit in Nix/NixOS #7319

Open senorsmile opened 2 years ago

senorsmile commented 2 years ago

Goal

Provide a recommended way to get Orbit installed within NixOS (or just using the nix package manager).

Background

Nix is a functional language that is used by NixOS (a Linux Distribution) and nixpkgs (the default package set and repos) to declaratively manage packages and the entire OS.

How?

In a pure NixOS installation, both packages and their configurations are specified in the Nix language. This means that a binary can not be generated from fleetctl and distributed to the node. Rather, there needs to be a Nix expression that knows how to download a package (whether from source and/or compiled) along with configuration passed to it on how to instantiate and configure it.

I'm not sure the best way to even recommend using Orbit on NixOS. Currently, there isn't even a supported version of OSQuery in nixpkgs (the last maintainer stopped updating around 2020 and so they removed it). Using this last known working commit, I am easily able to get 3.3.2 installed (from 2019): https://github.com/NixOS/nixpkgs/blob/f3282c8d1e0ce6ba5d9f6aeddcfad51d879c7a4a/pkgs/tools/system/osquery/default.nix.

My first thought would be to have a generic orbit package that could be built and upon start up must have the type of configuration passed to it that is specific if running go run directly.

Another thing to consider is that since everything is meant to be declaratively specified within Nix, auto updating is generally frowned upon. We'd want to disable that in Fleet nixpkg by default.

I'm willing to do most of the work, working on the actual Nix code, but will need guidance on what direction to take.

senorsmile commented 2 years ago

I have confirmed that I can get osquery 3.3.2 on NixOS to connect to our fleet. However, none of the queries that I've tried succeed, so I assume that I'll need a new version of osquery (since fleetctl produces orbit installer with osquery 5.4.0).

dherder commented 3 months ago

@senorsmile have you made progress on using orbit with nixOS? Would you like to collaborate on moving this forward? How can I help?

JoStableford commented 3 months ago

Related to a Slack conversation

NickBouwhuis commented 2 months ago

Related to a Slack conversation

What is being said in that Slack convo? I do not have access.

I am also trying to make Orbit run on a NixOS install, but haven't had any success yet.

zayhanlon commented 2 months ago

@dherder i'm removing this FR from the board for now as we do not have engineering capacity to take it on in the upcoming sprint. if you haven't already, @Patagonia121 can help coordinate collaboration with the customer who offered to work on this

dherder commented 2 months ago

Related to a Slack conversation

What is being said in that Slack convo? I do not have access.

I am also trying to make Orbit run on a NixOS install, but haven't had any success yet.

@NickBouwhuis we are in the process of collaborating with a nixOS contributor on getting the Fleet agent working on nixOS, please stay tuned for updates; early stages right now. But, if you are looking for telemetry only, it does appear that the osquery nixos package is being updated and is working well: https://github.com/NixOS/nixpkgs/blob/nixos-unstable/pkgs/tools/system/osquery/info.json