+2

nixos/doc/manual/release-notes/rl-2311.section.md

reviewed

··· 86 86 87 87 - [pgBouncer](https://www.pgbouncer.org), a PostgreSQL connection pooler. Available as [services.pgbouncer](#opt-services.pgbouncer.enable). 88 88 89 89 + - [Goss](https://goss.rocks/), a YAML based serverspec alternative tool for validating a server's configuration. Available as [services.goss](#opt-services.goss.enable). 90 90 + 89 91 - [trust-dns](https://trust-dns.org/), a Rust based DNS server built to be safe and secure from the ground up. Available as [services.trust-dns](#opt-services.trust-dns.enable). 90 92 91 93 - [osquery](https://www.osquery.io/), a SQL powered operating system instrumentation, monitoring, and analytics.

+1

nixos/modules/module-list.nix

reviewed

··· 773 773 ./services/monitoring/datadog-agent.nix 774 774 ./services/monitoring/do-agent.nix 775 775 ./services/monitoring/fusion-inventory.nix 776 776 + ./services/monitoring/goss.nix 776 777 ./services/monitoring/grafana-agent.nix 777 778 ./services/monitoring/grafana-image-renderer.nix 778 779 ./services/monitoring/grafana-reporter.nix

+44

nixos/modules/services/monitoring/goss.md

reviewed

··· 1 1 + # Goss {#module-services-goss} 2 2 + 3 3 + [goss](https://goss.rocks/) is a YAML based serverspec alternative tool 4 4 + for validating a server's configuration. 5 5 + 6 6 + ## Basic Usage {#module-services-goss-basic-usage} 7 7 + 8 8 + A minimal configuration looks like this: 9 9 + 10 10 + ``` 11 11 + { 12 12 + services.goss = { 13 13 + enable = true; 14 14 + 15 15 + environment = { 16 16 + GOSS_FMT = "json"; 17 17 + GOSS_LOGLEVEL = "TRACE"; 18 18 + }; 19 19 + 20 20 + settings = { 21 21 + addr."tcp://localhost:8080" = { 22 22 + reachable = true; 23 23 + local-address = "127.0.0.1"; 24 24 + }; 25 25 + command."check-goss-version" = { 26 26 + exec = "${lib.getExe pkgs.goss} --version"; 27 27 + exit-status = 0; 28 28 + }; 29 29 + dns.localhost.resolvable = true; 30 30 + file."/nix" = { 31 31 + filetype = "directory"; 32 32 + exists = true; 33 33 + }; 34 34 + group.root.exists = true; 35 35 + kernel-param."kernel.ostype".value = "Linux"; 36 36 + service.goss = { 37 37 + enabled = true; 38 38 + running = true; 39 39 + }; 40 40 + user.root.exists = true; 41 41 + }; 42 42 + }; 43 43 + } 44 44 + ```

+86

nixos/modules/services/monitoring/goss.nix

reviewed

··· 1 1 + { config, lib, pkgs, ... }: 2 2 + 3 3 + let 4 4 + cfg = config.services.goss; 5 5 + 6 6 + settingsFormat = pkgs.formats.yaml { }; 7 7 + configFile = settingsFormat.generate "goss.yaml" cfg.settings; 8 8 + 9 9 + in { 10 10 + meta = { 11 11 + doc = ./goss.md; 12 12 + maintainers = [ lib.maintainers.anthonyroussel ]; 13 13 + }; 14 14 + 15 15 + options = { 16 16 + services.goss = { 17 17 + enable = lib.mkEnableOption (lib.mdDoc "Goss daemon"); 18 18 + 19 19 + package = lib.mkPackageOptionMD pkgs "goss" { }; 20 20 + 21 21 + environment = lib.mkOption { 22 22 + type = lib.types.attrsOf lib.types.str; 23 23 + default = { }; 24 24 + example = { 25 25 + GOSS_FMT = "json"; 26 26 + GOSS_LOGLEVEL = "FATAL"; 27 27 + GOSS_LISTEN = ":8080"; 28 28 + }; 29 29 + description = lib.mdDoc '' 30 30 + Environment variables to set for the goss service. 31 31 + 32 32 + See <https://github.com/goss-org/goss/blob/master/docs/manual.md> 33 33 + ''; 34 34 + }; 35 35 + 36 36 + settings = lib.mkOption { 37 37 + type = lib.types.submodule { freeformType = settingsFormat.type; }; 38 38 + default = { }; 39 39 + example = { 40 40 + addr."tcp://localhost:8080" = { 41 41 + reachable = true; 42 42 + local-address = "127.0.0.1"; 43 43 + }; 44 44 + service.goss = { 45 45 + enabled = true; 46 46 + running = true; 47 47 + }; 48 48 + }; 49 49 + description = lib.mdDoc '' 50 50 + The global options in `config` file in yaml format. 51 51 + 52 52 + Refer to <https://github.com/goss-org/goss/blob/master/docs/goss-json-schema.yaml> for schema. 53 53 + ''; 54 54 + }; 55 55 + }; 56 56 + }; 57 57 + 58 58 + config = lib.mkIf cfg.enable { 59 59 + environment.systemPackages = [ cfg.package ]; 60 60 + 61 61 + systemd.services.goss = { 62 62 + description = "Goss - Quick and Easy server validation"; 63 63 + unitConfig.Documentation = "https://github.com/goss-org/goss/blob/master/docs/manual.md"; 64 64 + 65 65 + after = [ "network-online.target" ]; 66 66 + wantedBy = [ "multi-user.target" ]; 67 67 + wants = [ "network-online.target" ]; 68 68 + 69 69 + environment = { 70 70 + GOSS_FILE = configFile; 71 71 + } // cfg.environment; 72 72 + 73 73 + reloadTriggers = [ configFile ]; 74 74 + 75 75 + serviceConfig = { 76 76 + DynamicUser = true; 77 77 + ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID"; 78 78 + ExecStart = "${cfg.package}/bin/goss serve"; 79 79 + Group = "goss"; 80 80 + Restart = "on-failure"; 81 81 + RestartSec = 5; 82 82 + User = "goss"; 83 83 + }; 84 84 + }; 85 85 + }; 86 86 + }