- prometheus exporters are now configured with `services.prometheus.exporters.<name>` - the exporters are now defined by attribute sets from which the options for each exporter are generated - most of the exporter definitions are used unchanged, except for some changes that should't have any impact on the functionality.wip/yesman
parent
f2bd9d4745
commit
f4d03b5c9c
@ -1,68 +0,0 @@ |
||||
{ config, pkgs, lib, ... }: |
||||
|
||||
with lib; |
||||
|
||||
let |
||||
cfg = config.services.prometheus.blackboxExporter; |
||||
in { |
||||
options = { |
||||
services.prometheus.blackboxExporter = { |
||||
enable = mkEnableOption "prometheus blackbox exporter"; |
||||
|
||||
configFile = mkOption { |
||||
type = types.path; |
||||
description = '' |
||||
Path to configuration file. |
||||
''; |
||||
}; |
||||
|
||||
port = mkOption { |
||||
type = types.int; |
||||
default = 9115; |
||||
description = '' |
||||
Port to listen on. |
||||
''; |
||||
}; |
||||
|
||||
extraFlags = mkOption { |
||||
type = types.listOf types.str; |
||||
default = []; |
||||
description = '' |
||||
Extra commandline options when launching the blackbox exporter. |
||||
''; |
||||
}; |
||||
|
||||
openFirewall = mkOption { |
||||
type = types.bool; |
||||
default = false; |
||||
description = '' |
||||
Open port in firewall for incoming connections. |
||||
''; |
||||
}; |
||||
}; |
||||
}; |
||||
|
||||
config = mkIf cfg.enable { |
||||
networking.firewall.allowedTCPPorts = optional cfg.openFirewall cfg.port; |
||||
|
||||
systemd.services.prometheus-blackbox-exporter = { |
||||
description = "Prometheus exporter for blackbox probes"; |
||||
unitConfig.Documentation = "https://github.com/prometheus/blackbox_exporter"; |
||||
wantedBy = [ "multi-user.target" ]; |
||||
serviceConfig = { |
||||
User = "nobody"; |
||||
Restart = "always"; |
||||
PrivateTmp = true; |
||||
WorkingDirectory = /tmp; |
||||
AmbientCapabilities = [ "CAP_NET_RAW" ]; # for ping probes |
||||
ExecStart = '' |
||||
${pkgs.prometheus-blackbox-exporter}/bin/blackbox_exporter \ |
||||
--web.listen-address :${toString cfg.port} \ |
||||
--config.file ${cfg.configFile} \ |
||||
${concatStringsSep " \\\n " cfg.extraFlags} |
||||
''; |
||||
ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID"; |
||||
}; |
||||
}; |
||||
}; |
||||
} |
@ -1,128 +0,0 @@ |
||||
{ config, pkgs, lib, ... }: |
||||
|
||||
with lib; |
||||
|
||||
let |
||||
cfg = config.services.prometheus.collectdExporter; |
||||
|
||||
collectSettingsArgs = if (cfg.collectdBinary.enable) then '' |
||||
-collectd.listen-address ${optionalString (cfg.collectdBinary.listenAddress != null) cfg.collectdBinary.listenAddress}:${toString cfg.collectdBinary.port} \ |
||||
-collectd.security-level ${cfg.collectdBinary.securityLevel} \ |
||||
'' else ""; |
||||
|
||||
in { |
||||
options = { |
||||
services.prometheus.collectdExporter = { |
||||
enable = mkEnableOption "prometheus collectd exporter"; |
||||
|
||||
port = mkOption { |
||||
type = types.int; |
||||
default = 9103; |
||||
description = '' |
||||
Port to listen on. |
||||
This is used for scraping as well as the to receive collectd data via the write_http plugin. |
||||
''; |
||||
}; |
||||
|
||||
listenAddress = mkOption { |
||||
type = types.nullOr types.str; |
||||
default = null; |
||||
example = "0.0.0.0"; |
||||
description = '' |
||||
Address to listen on for web interface, telemetry and collectd JSON data. |
||||
''; |
||||
}; |
||||
|
||||
collectdBinary = { |
||||
enable = mkEnableOption "collectd binary protocol receiver"; |
||||
|
||||
authFile = mkOption { |
||||
default = null; |
||||
type = types.nullOr types.path; |
||||
description = "File mapping user names to pre-shared keys (passwords)."; |
||||
}; |
||||
|
||||
port = mkOption { |
||||
type = types.int; |
||||
default = 25826; |
||||
description = ''Network address on which to accept collectd binary network packets.''; |
||||
}; |
||||
|
||||
listenAddress = mkOption { |
||||
type = types.nullOr types.str; |
||||
default = null; |
||||
example = "0.0.0.0"; |
||||
description = '' |
||||
Address to listen on for binary network packets. |
||||
''; |
||||
}; |
||||
|
||||
securityLevel = mkOption { |
||||
type = types.enum ["None" "Sign" "Encrypt"]; |
||||
default = "None"; |
||||
description = '' |
||||
Minimum required security level for accepted packets. |
||||
''; |
||||
}; |
||||
}; |
||||
|
||||
extraFlags = mkOption { |
||||
type = types.listOf types.str; |
||||
default = []; |
||||
description = '' |
||||
Extra commandline options when launching the collectd exporter. |
||||
''; |
||||
}; |
||||
|
||||
logFormat = mkOption { |
||||
type = types.str; |
||||
default = "logger:stderr"; |
||||
example = "logger:syslog?appname=bob&local=7 or logger:stdout?json=true"; |
||||
description = '' |
||||
Set the log target and format. |
||||
''; |
||||
}; |
||||
|
||||
logLevel = mkOption { |
||||
type = types.enum ["debug" "info" "warn" "error" "fatal"]; |
||||
default = "info"; |
||||
description = '' |
||||
Only log messages with the given severity or above. |
||||
''; |
||||
}; |
||||
|
||||
openFirewall = mkOption { |
||||
type = types.bool; |
||||
default = false; |
||||
description = '' |
||||
Open port in firewall for incoming connections. |
||||
''; |
||||
}; |
||||
}; |
||||
}; |
||||
|
||||
config = mkIf cfg.enable { |
||||
networking.firewall.allowedTCPPorts = (optional cfg.openFirewall cfg.port) ++ |
||||
(optional (cfg.openFirewall && cfg.collectdBinary.enable) cfg.collectdBinary.port); |
||||
|
||||
systemd.services.prometheus-collectd-exporter = { |
||||
description = "Prometheus exporter for Collectd metrics"; |
||||
unitConfig.Documentation = "https://github.com/prometheus/collectd_exporter"; |
||||
wantedBy = [ "multi-user.target" ]; |
||||
serviceConfig = { |
||||
DynamicUser = true; |
||||
Restart = "always"; |
||||
PrivateTmp = true; |
||||
WorkingDirectory = /tmp; |
||||
ExecStart = '' |
||||
${pkgs.prometheus-collectd-exporter}/bin/collectd_exporter \ |
||||
-log.format ${cfg.logFormat} \ |
||||
-log.level ${cfg.logLevel} \ |
||||
-web.listen-address ${optionalString (cfg.listenAddress != null) cfg.listenAddress}:${toString cfg.port} \ |
||||
${collectSettingsArgs} \ |
||||
${concatStringsSep " " cfg.extraFlags} |
||||
''; |
||||
}; |
||||
}; |
||||
}; |
||||
} |
@ -0,0 +1,169 @@ |
||||
{ config, pkgs, lib, ... }: |
||||
|
||||
with lib; |
||||
|
||||
let |
||||
cfg = config.services.prometheus.exporters; |
||||
|
||||
# each attribute in `exporterOpts` is expected to have specified: |
||||
# - port (types.int): port on which the exporter listens |
||||
# - serviceOpts (types.attrs): config that is merged with the |
||||
# default definition of the exporter's |
||||
# systemd service |
||||
# - extraOpts (types.attrs): extra configuration options to |
||||
# configure the exporter with, which |
||||
# are appended to the default options |
||||
# |
||||
# Note that `extraOpts` is optional, but a script for the exporter's |
||||
# systemd service must be provided by specifying either |
||||
# `serviceOpts.script` or `serviceOpts.serviceConfig.ExecStart` |
||||
exporterOpts = { |
||||
blackbox = import ./exporters/blackbox.nix { inherit config lib pkgs; }; |
||||
collectd = import ./exporters/collectd.nix { inherit config lib pkgs; }; |
||||
fritzbox = import ./exporters/fritzbox.nix { inherit config lib pkgs; }; |
||||
json = import ./exporters/json.nix { inherit config lib pkgs; }; |
||||
minio = import ./exporters/minio.nix { inherit config lib pkgs; }; |
||||
nginx = import ./exporters/nginx.nix { inherit config lib pkgs; }; |
||||
node = import ./exporters/node.nix { inherit config lib pkgs; }; |
||||
snmp = import ./exporters/snmp.nix { inherit config lib pkgs; }; |
||||
unifi = import ./exporters/unifi.nix { inherit config lib pkgs; }; |
||||
varnish = import ./exporters/varnish.nix { inherit config lib pkgs; }; |
||||
}; |
||||
|
||||
mkExporterOpts = ({ name, port }: { |
||||
enable = mkEnableOption "the prometheus ${name} exporter"; |
||||
port = mkOption { |
||||
type = types.int; |
||||
default = port; |
||||
description = '' |
||||
Port to listen on. |
||||
''; |
||||
}; |
||||
listenAddress = mkOption { |
||||
type = types.str; |
||||
default = "0.0.0.0"; |
||||
description = '' |
||||
Address to listen on. |
||||
''; |
||||
}; |
||||
extraFlags = mkOption { |
||||
type = types.listOf types.str; |
||||
default = []; |
||||
description = '' |
||||
Extra commandline options to pass to the ${name} exporter. |
||||
''; |
||||
}; |
||||
openFirewall = mkOption { |
||||
type = types.bool; |
||||
default = false; |
||||
description = '' |
||||
Open port in firewall for incoming connections. |
||||
''; |
||||
}; |
||||
firewallFilter = mkOption { |
||||
type = types.str; |
||||
default = "-p tcp -m tcp --dport ${toString port}"; |
||||
example = literalExample '' |
||||
"-i eth0 -p tcp -m tcp --dport ${toString port}" |
||||
''; |
||||
description = '' |
||||
Specify a filter for iptables to use when |
||||
<option>services.prometheus.exporters.${name}.openFirewall</option> |
||||
is true. It is used as `ip46tables -I INPUT <option>firewallFilter</option> -j ACCEPT`. |
||||
''; |
||||
}; |
||||
user = mkOption { |
||||
type = types.str; |
||||
default = "nobody"; |
||||
description = '' |
||||
User name under which the ${name} exporter shall be run. |
||||
Has no effect when <option>systemd.services.prometheus-${name}-exporter.serviceConfig.DynamicUser</option> is true. |
||||
''; |
||||
}; |
||||
group = mkOption { |
||||
type = types.str; |
||||
default = "nobody"; |
||||
description = '' |
||||
Group under which the ${name} exporter shall be run. |
||||
Has no effect when <option>systemd.services.prometheus-${name}-exporter.serviceConfig.DynamicUser</option> is true. |
||||
''; |
||||
}; |
||||
}); |
||||
|
||||
mkSubModule = { name, port, extraOpts, serviceOpts }: { |
||||
${name} = mkOption { |
||||
type = types.submodule { |
||||
options = (mkExporterOpts { |
||||
inherit name port; |
||||
} // extraOpts); |
||||
}; |
||||
internal = true; |
||||
default = {}; |
||||
}; |
||||
}; |
||||
|
||||
mkSubModules = (foldl' (a: b: a//b) {} |
||||
(mapAttrsToList (name: opts: mkSubModule { |
||||
inherit name; |
||||
inherit (opts) port serviceOpts; |
||||
extraOpts = opts.extraOpts or {}; |
||||
}) exporterOpts) |
||||
); |
||||
|
||||
mkExporterConf = { name, conf, serviceOpts }: |
||||
mkIf conf.enable { |
||||
networking.firewall.extraCommands = mkIf conf.openFirewall '' |
||||
ip46tables -I INPUT ${conf.firewallFilter} -j ACCEPT |
||||
''; |
||||
systemd.services."prometheus-${name}-exporter" = mkMerge ([{ |
||||
wantedBy = [ "multi-user.target" ]; |
||||
after = [ "network.target" ]; |
||||
serviceConfig = { |
||||
Restart = mkDefault "always"; |
||||
PrivateTmp = mkDefault true; |
||||
WorkingDirectory = mkDefault /tmp; |
||||
} // mkIf (!(serviceOpts.serviceConfig.DynamicUser or false)) { |
||||
User = conf.user; |
||||
Group = conf.group; |
||||
}; |
||||
} serviceOpts ]); |
||||
}; |
||||
in |
||||
{ |
||||
options.services.prometheus.exporters = mkOption { |
||||
type = types.submodule { |
||||
options = (mkSubModules); |
||||
}; |
||||
description = "Prometheus exporter configuration"; |
||||
default = {}; |
||||
example = literalExample '' |
||||
{ |
||||
node = { |
||||
enable = true; |
||||
enabledCollectors = [ "systemd" ]; |
||||
}; |
||||
varnish.enable = true; |
||||
} |
||||
''; |
||||
}; |
||||
|
||||
config = mkMerge ([{ |
||||
assertions = [{ |
||||
assertion = (cfg.snmp.configurationPath == null) != (cfg.snmp.configuration == null); |
||||
message = '' |
||||
Please ensure you have either `services.prometheus.exporters.snmp.configuration' |
||||
or `services.prometheus.exporters.snmp.configurationPath' set! |
||||
''; |
||||
}]; |
||||
}] ++ [(mkIf config.services.minio.enable { |
||||
services.prometheus.exporters.minio.minioAddress = mkDefault "http://localhost:9000"; |
||||
services.prometheus.exporters.minio.minioAccessKey = mkDefault config.services.minio.accessKey; |
||||
services.prometheus.exporters.minio.minioAccessSecret = mkDefault config.services.minio.secretKey; |
||||
})] ++ (mapAttrsToList (name: conf: |
||||
mkExporterConf { |
||||
inherit name; |
||||
inherit (conf) serviceOpts; |
||||
conf = cfg.${name}; |
||||
}) exporterOpts) |
||||
); |
||||
} |
@ -0,0 +1,31 @@ |
||||
{ config, lib, pkgs }: |
||||
|
||||
with lib; |
||||
|
||||
let |
||||
cfg = config.services.prometheus.exporters.blackbox; |
||||
in |
||||
{ |
||||
port = 9115; |
||||
extraOpts = { |
||||
configFile = mkOption { |
||||
type = types.path; |
||||
description = '' |
||||
Path to configuration file. |
||||
''; |
||||
}; |
||||
}; |
||||
serviceOpts = { |
||||
serviceConfig = { |
||||
AmbientCapabilities = [ "CAP_NET_RAW" ]; # for ping probes |
||||
DynamicUser = true; |
||||
ExecStart = '' |
||||
${pkgs.prometheus-blackbox-exporter}/bin/blackbox_exporter \ |
||||
--web.listen-address ${cfg.listenAddress}:${toString cfg.port} \ |
||||
--config.file ${cfg.configFile} \ |
||||
${concatStringsSep " \\\n " cfg.extraFlags} |
||||
''; |
||||
ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID"; |
||||
}; |
||||
}; |
||||
} |
@ -0,0 +1,78 @@ |
||||
{ config, lib, pkgs }: |
||||
|
||||
with lib; |
||||
|
||||
let |
||||
cfg = config.services.prometheus.exporters.collectd; |
||||
in |
||||
{ |
||||
port = 9103; |
||||
extraOpts = { |
||||
collectdBinary = { |
||||
enable = mkEnableOption "collectd binary protocol receiver"; |
||||
|
||||
authFile = mkOption { |
||||
default = null; |
||||
type = types.nullOr types.path; |
||||
description = "File mapping user names to pre-shared keys (passwords)."; |
||||
}; |
||||
|
||||
port = mkOption { |
||||
type = types.int; |
||||
default = 25826; |
||||
description = ''Network address on which to accept collectd binary network packets.''; |
||||
}; |
||||
|
||||
listenAddress = mkOption { |
||||
type = types.str; |
||||
default = "0.0.0.0"; |
||||
description = '' |
||||
Address to listen on for binary network packets. |
||||
''; |
||||
}; |
||||
|
||||
securityLevel = mkOption { |
||||
type = types.enum ["None" "Sign" "Encrypt"]; |
||||
default = "None"; |
||||
description = '' |
||||
Minimum required security level for accepted packets. |
||||
''; |
||||
}; |
||||
}; |
||||
|
||||
logFormat = mkOption { |
||||
type = types.str; |
||||
default = "logger:stderr"; |
||||
example = "logger:syslog?appname=bob&local=7 or logger:stdout?json=true"; |
||||
description = '' |
||||
Set the log target and format. |
||||
''; |
||||
}; |
||||
|
||||
logLevel = mkOption { |
||||
type = types.enum ["debug" "info" "warn" "error" "fatal"]; |
||||
default = "info"; |
||||
description = '' |
||||
Only log messages with the given severity or above. |
||||
''; |
||||
}; |
||||
}; |
||||
serviceOpts = let |
||||
collectSettingsArgs = if (cfg.collectdBinary.enable) then '' |
||||
-collectd.listen-address ${cfg.collectdBinary.listenAddress}:${toString cfg.collectdBinary.port} \ |
||||
-collectd.security-level ${cfg.collectdBinary.securityLevel} \ |
||||
'' else ""; |
||||
in { |
||||
serviceConfig = { |
||||
DynamicUser = true; |
||||
ExecStart = '' |
||||
${pkgs.prometheus-collectd-exporter}/bin/collectd_exporter \ |
||||
-log.format ${cfg.logFormat} \ |
||||
-log.level ${cfg.logLevel} \ |
||||
-web.listen-address ${cfg.listenAddress}:${toString cfg.port} \ |
||||
${collectSettingsArgs} \ |
||||
${concatStringsSep " \\\n " cfg.extraFlags} |
||||
''; |
||||
}; |
||||
}; |
||||
} |
@ -0,0 +1,39 @@ |
||||
{ config, lib, pkgs }: |
||||
|
||||
with lib; |
||||
|
||||
let |
||||
cfg = config.services.prometheus.exporters.fritzbox; |
||||
in |
||||
{ |
||||
port = 9133; |
||||
extraOpts = { |
||||
gatewayAddress = mkOption { |
||||
type = types.str; |
||||
default = "fritz.box"; |
||||
description = '' |
||||
The hostname or IP of the FRITZ!Box. |
||||
''; |
||||
}; |
||||
|
||||
gatewayPort = mkOption { |
||||
type = types.int; |
||||
default = 49000; |
||||
description = '' |
||||
The port of the FRITZ!Box UPnP service. |
||||
''; |
||||
}; |
||||
}; |
||||
serviceOpts = { |
||||
serviceConfig = { |
||||
DynamicUser = true; |
||||
ExecStart = '' |
||||
${pkgs.prometheus-fritzbox-exporter}/bin/fritzbox_exporter \ |
||||
-listen-address ${cfg.listenAddress}:${toString cfg.port} \ |
||||
-gateway-address ${cfg.gatewayAddress} \ |
||||
-gateway-port ${toString cfg.gatewayPort} \ |
||||
${concatStringsSep " \\\n " cfg.extraFlags} |
||||
''; |
||||
}; |
||||
}; |
||||
} |
@ -0,0 +1,36 @@ |
||||
{ config, lib, pkgs }: |
||||
|
||||
with lib; |
||||
|
||||
let |
||||
cfg = config.services.prometheus.exporters.json; |
||||
in |
||||
{ |
||||
port = 7979; |
||||
extraOpts = { |
||||
url = mkOption { |
||||
type = types.str; |
||||
description = '' |
||||
URL to scrape JSON from. |
||||
''; |
||||
}; |
||||
configFile = mkOption { |
||||
type = types.path; |
||||
description = '' |
||||
Path to configuration file. |
||||
''; |
||||
}; |
||||
listenAddress = {}; # not used |
||||
}; |
||||
serviceOpts = { |
||||
serviceConfig = { |
||||
DynamicUser = true; |
||||
ExecStart = '' |
||||
${pkgs.prometheus-json-exporter}/bin/prometheus-json-exporter \ |
||||
--port ${toString cfg.port} \ |
||||
${cfg.url} ${cfg.configFile} \ |
||||
${concatStringsSep " \\\n " cfg.extraFlags} |
||||
''; |
||||
}; |
||||
}; |
||||
} |
@ -0,0 +1,65 @@ |
||||
{ config, lib, pkgs }: |
||||
|
||||
with lib; |
||||
|
||||
let |
||||
cfg = config.services.prometheus.exporters.minio; |
||||
in |
||||
{ |
||||
port = 9290; |
||||
extraOpts = { |
||||
minioAddress = mkOption { |
||||
type = types.str; |
||||
example = "https://10.0.0.1:9000"; |
||||
description = '' |
||||
The URL of the minio server. |
||||
Use HTTPS if Minio accepts secure connections only. |
||||
By default this connects to the local minio server if enabled. |
||||
''; |
||||
}; |
||||
|
||||
minioAccessKey = mkOption { |
||||
type = types.str; |
||||
example = "yourMinioAccessKey"; |
||||
description = '' |
||||
The value of the Minio access key. |
||||
It is required in order to connect to the server. |
||||
By default this uses the one from the local minio server if enabled |
||||
and <literal>config.services.minio.accessKey</literal>. |
||||
''; |
||||
}; |
||||
|
||||
minioAccessSecret = mkOption { |
||||
type = types.str; |
||||
description = '' |
||||
The value of the Minio access secret. |
||||
It is required in order to connect to the server. |
||||
By default this uses the one from the local minio server if enabled |
||||
and <literal>config.services.minio.secretKey</literal>. |
||||
''; |
||||
}; |
||||
|
||||
minioBucketStats = mkOption { |
||||
type = types.bool; |
||||
default = false; |
||||
description = '' |
||||
Collect statistics about the buckets and files in buckets. |
||||
It requires more computation, use it carefully in case of large buckets.. |
||||
''; |
||||
}; |
||||
}; |
||||
serviceOpts = { |
||||
serviceConfig = { |
||||
DynamicUser = true; |
||||
ExecStart = '' |
||||
${pkgs.prometheus-minio-exporter}/bin/minio-exporter \ |
||||
-web.listen-address ${cfg.listenAddress}:${toString cfg.port} \ |
||||
-minio.server ${cfg.minioAddress} \ |
||||
-minio.access-key ${cfg.minioAccessKey} \ |
||||
-minio.access-secret ${cfg.minioAccessSecret} \ |
||||
${optionalString cfg.minioBucketStats "-minio.bucket-stats"} \ |
||||
${concatStringsSep " \\\n " cfg.extraFlags} |
||||
''; |
||||
}; |
||||
}; |
||||
} |
@ -0,0 +1,31 @@ |
||||
{ config, lib, pkgs }: |
||||
|
||||
with lib; |
||||
|
||||
let |
||||
cfg = config.services.prometheus.exporters.nginx; |
||||
in |
||||
{ |
||||
port = 9113; |
||||
extraOpts = { |
||||
scrapeUri = mkOption { |
||||
type = types.string; |
||||
default = "http://localhost/nginx_status"; |
||||
description = '' |
||||
Address to access the nginx status page. |
||||
Can be enabled with services.nginx.statusPage = true. |
||||
''; |
||||
}; |
||||
}; |
||||
serviceOpts = { |
||||
serviceConfig = { |
||||
DynamicUser = true; |
||||
ExecStart = '' |
||||
${pkgs.prometheus-nginx-exporter}/bin/nginx_exporter \ |
||||
-nginx.scrape_uri '${cfg.scrapeUri}' \ |
||||
-telemetry.address ${cfg.listenAddress}:${toString cfg.port} \ |
||||
${concatStringsSep " \\\n " cfg.extraFlags} |
||||
''; |
||||
}; |
||||
}; |
||||
} |
@ -0,0 +1,39 @@ |
||||
{ config, lib, pkgs }: |
||||
|
||||
with lib; |
||||
|
||||
let |
||||
cfg = config.services.prometheus.exporters.node; |
||||
in |
||||
{ |
||||
port = 9100; |
||||
extraOpts = { |
||||
enabledCollectors = mkOption { |
||||
type = types.listOf types.string; |
||||
default = []; |
||||
example = ''[ "systemd" ]''; |
||||
description = '' |
||||
Collectors to enable. The collectors listed here are enabled in addition to the default ones. |
||||
''; |
||||
}; |
||||
disabledCollectors = mkOption { |
||||
type = types.listOf types.str; |
||||
default = []; |
||||
example = ''[ "timex" ]''; |
||||
description = '' |
||||
Collectors to disable which are enabled by default. |
||||
''; |
||||
}; |
||||
}; |
||||
serviceOpts = { |
||||
serviceConfig = { |
||||
ExecStart = '' |
||||
${pkgs.prometheus-node-exporter}/bin/node_exporter \ |
||||
${concatMapStringsSep " " (x: "--collector." + x) cfg.enabledCollectors} \ |
||||
${concatMapStringsSep " " (x: "--no-collector." + x) cfg.disabledCollectors} \ |
||||
--web.listen-address ${cfg.listenAddress}:${toString cfg.port} \ |
||||
${concatStringsSep " \\\n " cfg.extraFlags} |
||||
''; |
||||
}; |
||||
}; |
||||
} |
@ -0,0 +1,71 @@ |
||||
{ config, lib, pkgs }: |
||||
|
||||
with lib; |
||||
|
||||
let |
||||
cfg = config.services.prometheus.exporters.snmp; |
||||
in |
||||
{ |
||||
port = 9116; |
||||
extraOpts = { |
||||
configurationPath = mkOption { |
||||
type = types.nullOr types.path; |
||||
default = null; |
||||
description = '' |
||||
Path to a snmp exporter configuration file. Mutually exclusive with 'configuration' option. |
||||
''; |
||||
example = "./snmp.yml"; |
||||
}; |
||||
|
||||
configuration = mkOption { |
||||
type = types.nullOr types.attrs; |
||||
default = {}; |
||||
description = '' |
||||
Snmp exporter configuration as nix attribute set. Mutually exclusive with 'configurationPath' option. |
||||
''; |
||||
example = '' |
||||
{ |
||||
"default" = { |
||||
"version" = 2; |
||||
"auth" = { |
||||
"community" = "public"; |
||||
}; |
||||
}; |
||||
}; |
||||
''; |
||||
}; |
||||
|
||||
logFormat = mkOption { |
||||
type = types.str; |
||||
default = "logger:stderr"; |
||||
description = '' |
||||
Set the log target and format. |
||||
''; |
||||
}; |
||||
|
||||
logLevel = mkOption { |
||||
type = types.enum ["debug" "info" "warn" "error" "fatal"]; |
||||
default = "info"; |
||||
description = '' |
||||
Only log messages with the given severity or above. |
||||
''; |
||||
}; |
||||
}; |
||||
serviceOpts = let |
||||
configFile = if cfg.configurationPath != null |
||||
then cfg.configurationPath |
||||
else "${pkgs.writeText "snmp-eporter-conf.yml" (builtins.toJSON cfg.configuration)}"; |
||||
in { |
||||
serviceConfig = { |
||||
DynamicUser = true; |
||||
ExecStart = '' |
||||
${pkgs.prometheus-snmp-exporter.bin}/bin/snmp_exporter \ |
||||
-config.file ${configFile} \ |
||||
-log.format ${cfg.logFormat} \ |
||||
-log.level ${cfg.logLevel} \ |
||||
-web.listen-address ${cfg.listenAddress}:${toString cfg.port} \ |
||||
${concatStringsSep " \\\n " cfg.extraFlags} |
||||
''; |
||||
}; |
||||
}; |
||||
} |
@ -0,0 +1,67 @@ |
||||
{ config, lib, pkgs }: |
||||
|
||||
with lib; |
||||
|
||||
let |
||||
cfg = config.services.prometheus.exporters.unifi; |
||||
in |
||||
{ |
||||
port = 9130; |
||||
extraOpts = { |
||||
unifiAddress = mkOption { |
||||
type = types.str; |
||||
example = "https://10.0.0.1:8443"; |
||||
description = '' |
||||
URL of the UniFi Controller API. |
||||
''; |
||||
}; |
||||
|
||||
unifiInsecure = mkOption { |
||||
type = types.bool; |
||||
default = false; |
||||
description = '' |
||||
If enabled skip the verification of the TLS certificate of the UniFi Controller API. |
||||
Use with caution. |
||||
''; |
||||
}; |
||||
|
||||
unifiUsername = mkOption { |
||||
type = types.str; |
||||
example = "ReadOnlyUser"; |
||||
description = '' |
||||
username for authentication against UniFi Controller API. |
||||
''; |
||||
}; |
||||
|
||||
unifiPassword = mkOption { |
||||
type = types.str; |
||||
description = '' |
||||
Password for authentication against UniFi Controller API. |
||||
''; |
||||
}; |
||||
|
||||
unifiTimeout = mkOption { |
||||
type = types.str; |
||||
default = "5s"; |
||||
example = "2m"; |
||||
description = '' |
||||
Timeout including unit for UniFi Controller API requests. |
||||
''; |
||||
}; |
||||
}; |
||||
serviceOpts = { |
||||
serviceConfig = { |
||||
DynamicUser = true; |
||||
ExecStart = '' |
||||
${pkgs.prometheus-unifi-exporter}/bin/unifi_exporter \ |
||||
-telemetry.addr ${cfg.listenAddress}:${toString cfg.port} \ |
||||
-unifi.addr ${cfg.unifiAddress} \ |
||||
-unifi.username ${cfg.unifiUsername} \ |
||||
-unifi.password ${cfg.unifiPassword} \ |
||||
-unifi.timeout ${cfg.unifiTimeout} \ |
||||
${optionalString cfg.unifiInsecure "-unifi.insecure" } \ |
||||
${concatStringsSep " \\\n " cfg.extraFlags} |
||||
''; |
||||
}; |
||||
}; |
||||
} |
@ -0,0 +1,21 @@ |
||||
{ config, lib, pkgs }: |
||||
|
||||
with lib; |
||||
|
||||
let |
||||
cfg = config.services.prometheus.exporters.varnish; |
||||
in |
||||
{ |
||||
port = 9131; |
||||
serviceOpts = { |
||||
path = [ pkgs.varnish ]; |
||||
serviceConfig = { |
||||
DynamicUser = true; |
||||
ExecStart = '' |
||||
${pkgs.prometheus-varnish-exporter}/bin/prometheus_varnish_exporter \ |
||||
-web.listen-address ${cfg.listenAddress}:${toString cfg.port} \ |
||||
${concatStringsSep " \\\n " cfg.extraFlags} |
||||
''; |
||||
}; |
||||
}; |
||||
} |
@ -1,76 +0,0 @@ |
||||
{ config, pkgs, lib, ... }: |
||||
|
||||
with lib; |
||||
|
||||
let |
||||
cfg = config.services.prometheus.fritzboxExporter; |
||||
in { |
||||
options = { |
||||
services.prometheus.fritzboxExporter = { |
||||
enable = mkEnableOption "prometheus fritzbox exporter"; |
||||
|
||||
port = mkOption { |
||||
type = types.int; |
||||
default = 9133; |
||||
description = '' |
||||
Port to listen on. |
||||
''; |
||||
}; |
||||
|
||||
gatewayAddress = mkOption { |
||||
type = types.str; |
||||
default = "fritz.box"; |
||||
description = '' |
||||
The hostname or IP of the FRITZ!Box. |
||||
''; |
||||
}; |
||||
|
||||
gatewayPort = mkOption { |
||||
type = types.int; |
||||
default = 49000; |
||||
description = '' |
||||
The port of the FRITZ!Box UPnP service. |
||||
''; |
||||
}; |
||||
|
||||
extraFlags = mkOption { |
||||
type = types.listOf types.str; |
||||
default = []; |
||||
description = '' |
||||
Extra commandline options when launching the fritzbox exporter. |
||||
''; |
||||
}; |
||||
|
||||
openFirewall = mkOption { |
||||
type = types.bool; |
||||
default = false; |
||||
description = '' |
||||
Open port in firewall for incoming connections. |
||||
''; |
||||
}; |
||||
}; |
||||
}; |
||||
|
||||
config = mkIf cfg.enable { |
||||
networking.firewall.allowedTCPPorts = optional cfg.openFirewall cfg.port; |
||||
|
||||
systemd.services.prometheus-fritzbox-exporter = { |
||||
description = "Prometheus exporter for FRITZ!Box via UPnP"; |
||||
unitConfig.Documentation = "https://github.com/ndecker/fritzbox_exporter"; |
||||
wantedBy = [ "multi-user.target" ]; |
||||
serviceConfig = { |
||||
User = "nobody"; |
||||
Restart = "always"; |
||||
PrivateTmp = true; |
||||
WorkingDirectory = /tmp; |
||||
ExecStart = '' |
||||
${pkgs.prometheus-fritzbox-exporter}/bin/fritzbox_exporter \ |
||||
-listen-address :${toString cfg.port} \ |
||||
-gateway-address ${cfg.gatewayAddress} \ |
||||
-gateway-port ${toString cfg.gatewayPort} \ |
||||
${concatStringsSep " \\\n " cfg.extraFlags} |
||||
''; |
||||
}; |
||||
}; |
||||
}; |
||||
} |
@ -1,74 +0,0 @@ |
||||
{ config, pkgs, lib, ... }: |
||||
|
||||
with lib; |
||||
|
||||
let |
||||
cfg = config.services.prometheus.jsonExporter; |
||||
in { |
||||
options = { |
||||
services.prometheus.jsonExporter = { |
||||
enable = mkEnableOption "prometheus JSON exporter"; |
||||
|
||||
url = mkOption { |
||||
type = types.str; |
||||
description = '' |
||||
URL to scrape JSON from. |
||||
''; |
||||
}; |
||||
|
||||
configFile = mkOption { |
||||
type = types.path; |
||||
description = '' |
||||
Path to configuration file. |
||||
''; |
||||
}; |
||||
|
||||
port = mkOption { |
||||
type = types.int; |
||||
default = 7979; |
||||
description = '' |
||||
Port to listen on. |
||||
''; |
||||
}; |
||||
|
||||
extraFlags = mkOption { |
||||
type = types.listOf types.str; |
||||
default = []; |
||||
description = '' |
||||
Extra commandline options when launching the JSON exporter. |
||||
''; |
||||
}; |
||||
|
||||
openFirewall = mkOption { |
||||
type = types.bool; |
||||
default = false; |
||||
description = '' |
||||
Open port in firewall for incoming connections. |
||||
''; |
||||
}; |
||||
}; |
||||
}; |
||||
|
||||
config = mkIf cfg.enable { |
||||
networking.firewall.allowedTCPPorts = optional cfg.openFirewall cfg.port; |
||||
|
||||
systemd.services.prometheus-json-exporter = { |
||||
description = "Prometheus exporter for JSON over HTTP"; |
||||
unitConfig.Documentation = "https://github.com/kawamuray/prometheus-json-exporter"; |
||||
wantedBy = [ "multi-user.target" ]; |
||||
serviceConfig = { |
||||
User = "nobody"; |
||||
Restart = "always"; |
||||
PrivateTmp = true; |
||||
WorkingDirectory = /tmp; |
||||
ExecStart = '' |
||||
${pkgs.prometheus-json-exporter}/bin/prometheus-json-exporter \ |
||||
--port ${toString cfg.port} \ |
||||
${cfg.url} ${cfg.configFile} \ |
||||
${concatStringsSep " \\\n " cfg.extraFlags} |
||||
''; |
||||
ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID"; |
||||
}; |
||||
}; |
||||
}; |
||||
} |
@ -1,117 +0,0 @@ |
||||
{ config, pkgs, lib, ... }: |
||||
|
||||
with lib; |
||||
|
||||
let |
||||
cfg = config.services.prometheus.minioExporter; |
||||
in { |
||||
options = { |
||||
services.prometheus.minioExporter = { |
||||
enable = mkEnableOption "prometheus minio exporter"; |
||||
|
||||
port = mkOption { |
||||
type = types.int; |
||||
default = 9290; |
||||
description = '' |
||||
Port to listen on. |
||||
''; |
||||
}; |
||||
|
||||
listenAddress = mkOption { |
||||
type = types.nullOr types.str; |
||||
default = null; |
||||
example = "0.0.0.0"; |
||||
description = '' |
||||
Address to listen on for web interface and telemetry. |
||||
''; |
||||
}; |
||||
|
||||
minioAddress = mkOption { |
||||
type = types.str; |
||||
example = "https://10.0.0.1:9000"; |
||||
default = if config.services.minio.enable then "http://localhost:9000" else null; |
||||
description = '' |
||||
The URL of the minio server. |
||||
Use HTTPS if Minio accepts secure connections only. |
||||
By default this connects to the local minio server if enabled. |
||||
''; |
||||
}; |
||||
|
||||
minioAccessKey = mkOption ({ |
||||
type = types.str; |
||||
example = "BKIKJAA5BMMU2RHO6IBB"; |
||||
description = '' |
||||
The value of the Minio access key. |
||||
It is required in order to connect to the server. |
||||
By default this uses the one from the local minio server if enabled |
||||
and <literal>config.services.minio.accessKey</literal>. |
||||
''; |
||||
} // optionalAttrs (config.services.minio.enable && config.services.minio.accessKey != "") { |
||||
default = config.services.minio.accessKey; |
||||
}); |
||||
|
||||
minioAccessSecret = mkOption ({ |
||||
type = types.str; |
||||
description = '' |
||||
The calue of the Minio access secret. |
||||
It is required in order to connect to the server. |
||||
By default this uses the one from the local minio server if enabled |
||||
and <literal>config.services.minio.secretKey</literal>. |
||||
''; |
||||
} // optionalAttrs (config.services.minio.enable && config.services.minio.secretKey != "") { |
||||
default = config.services.minio.secretKey; |
||||
}); |
||||
|
||||
minioBucketStats = mkOption { |
||||
type = types.bool; |
||||
default = false; |
||||
description = '' |
||||
Collect statistics about the buckets and files in buckets. |
||||
It requires more computation, use it carefully in case of large buckets.. |
||||
''; |
||||
}; |
||||
|
||||
extraFlags = mkOption { |
||||
type = types.listOf types.str; |
||||
default = []; |
||||
description = '' |
||||
Extra commandline options when launching the minio exporter. |
||||
''; |
||||
}; |
||||
|
||||
openFirewall = mkOption { |
||||
type = types.bool; |
||||
default = false; |
||||
description = '' |
||||
Open port in firewall for incoming connections. |
||||
''; |
||||
}; |
||||
}; |
||||
}; |
||||
|
||||
config = mkIf cfg.enable { |
||||
networking.firewall.allowedTCPPorts = optional cfg.openFirewall cfg.port; |
||||
|
||||
systemd.services.prometheus-minio-exporter = { |
||||
description = "Prometheus exporter for Minio server metrics"; |
||||
unitConfig.Documentation = "https://github.com/joe-pll/minio-exporter"; |
||||
wantedBy = [ "multi-user.target" ]; |
||||
after = optional config.services.minio.enable "minio.service"; |
||||
serviceConfig = { |
||||
DynamicUser = true; |
||||
Restart = "always"; |
||||
PrivateTmp = true; |
||||
WorkingDirectory = /tmp; |
||||
ExecStart = '' |
||||
${pkgs.prometheus-minio-exporter}/bin/minio-exporter \ |
||||
-web.listen-address ${optionalString (cfg.listenAddress != null) cfg.listenAddress}:${toString cfg.port} \ |
||||
-minio.server ${cfg.minioAddress} \ |
||||
-minio.access-key ${cfg.minioAccessKey} \ |
||||
-minio.access-secret ${cfg.minioAccessSecret} \ |
||||
${optionalString cfg.minioBucketStats "-minio.bucket-stats"} \ |
||||
${concatStringsSep " \\\n " cfg.extraFlags} |
||||
''; |
||||
}; |
||||
}; |
||||
}; |
||||
} |
@ -1,78 +0,0 @@ |
||||
{ config, pkgs, lib, ... }: |
||||
|
||||
with lib; |
||||
|
||||
let |
||||
cfg = config.services.prometheus.nginxExporter; |
||||
in { |
||||
options = { |
||||
services.prometheus.nginxExporter = { |
||||
enable = mkEnableOption "prometheus nginx exporter"; |
||||
|
||||
port = mkOption { |
||||
type = types.int; |
||||
default = 9113; |
||||
description = '' |
||||
Port to listen on. |
||||
''; |
||||
}; |
||||
|
||||
listenAddress = mkOption { |
||||
type = types.string; |
||||
default = "0.0.0.0"; |
||||
description = '' |
||||
Address to listen on. |
||||
''; |
||||
}; |
||||
|
||||
scrapeUri = mkOption { |
||||
type = types.string; |
||||
default = "http://localhost/nginx_status"; |
||||
description = '' |
||||
Address to access the nginx status page. |
||||
Can be enabled with services.nginx.statusPage = true. |
||||
''; |
||||
}; |
||||
|
||||
extraFlags = mkOption { |
||||
type = types.listOf types.str; |
||||
default = []; |
||||
description = '' |
||||
Extra commandline options when launching the nginx exporter. |
||||
''; |
||||
}; |
||||
|
||||
openFirewall = mkOption { |
||||
type = types.bool; |
||||
default = false; |
||||
description = '' |
||||
Open port in firewall for incoming connections. |
||||
''; |
||||
}; |
||||
}; |
||||
}; |
||||
|
||||
config = mkIf cfg.enable { |
||||
networking.firewall.allowedTCPPorts = optional cfg.openFirewall cfg.port; |
||||
|
||||
systemd.services.prometheus-nginx-exporter = { |
||||
after = [ "network.target" "nginx.service" ]; |
||||
description = "Prometheus exporter for nginx metrics"; |
||||
unitConfig.Documentation = "https://github.com/discordianfish/nginx_exporter"; |
||||
wantedBy = [ "multi-user.target" ]; |
||||
serviceConfig = { |
||||
User = "nobody"; |
||||
Restart = "always"; |
||||
PrivateTmp = true; |
||||
WorkingDirectory = /tmp; |
||||
ExecStart = '' |
||||
${pkgs.prometheus-nginx-exporter}/bin/nginx_exporter \ |
||||
-nginx.scrape_uri '${cfg.scrapeUri}' \ |
||||
-telemetry.address ${cfg.listenAddress}:${toString cfg.port} \ |
||||
${concatStringsSep " \\\n " cfg.extraFlags} |
||||
''; |
||||
ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID"; |
||||
}; |
||||
}; |
||||
}; |
||||
} |
@ -1,87 +0,0 @@ |
||||
{ config, pkgs, lib, ... }: |
||||
|
||||
with lib; |
||||
|
||||
let |
||||
cfg = config.services.prometheus.nodeExporter; |
||||
in { |
||||
options = { |
||||
services.prometheus.nodeExporter = { |
||||
enable = mkEnableOption "prometheus node exporter"; |
||||
|
||||
port = mkOption { |
||||
type = types.int; |
||||
default = 9100; |
||||
description = '' |
||||
Port to listen on. |
||||
''; |
||||
}; |
||||
|
||||
listenAddress = mkOption { |
||||
type = types.string; |
||||
default = "0.0.0.0"; |
||||
description = '' |
||||
Address to listen on. |
||||
''; |
||||
}; |
||||
|
||||
enabledCollectors = mkOption { |
||||
type = types.listOf types.string; |
||||
default = []; |
||||
example = ''[ "systemd" ]''; |
||||
description = '' |
||||
Collectors to enable. The collectors listed here are enabled in addition to the default ones. |
||||
''; |
||||
}; |
||||
|
||||
disabledCollectors = mkOption { |
||||
type = types.listOf types.str; |
||||
default = []; |
||||
example = ''[ "timex" ]''; |
||||
description = '' |
||||
Collectors to disable which are enabled by default. |
||||
''; |
||||
}; |
||||
|
||||
extraFlags = mkOption { |
||||
type = types.listOf types.str; |
||||
default = []; |
||||
description = '' |
||||
Extra commandline options when launching the node exporter. |
||||
''; |
||||
}; |
||||
|
||||
openFirewall = mkOption { |
||||
type = types.bool; |
||||
default = false; |
||||
description = '' |
||||
Open port in firewall for incoming connections. |
||||
''; |
||||
}; |
||||
}; |
||||
}; |
||||
|
||||
config = mkIf cfg.enable { |
||||
networking.firewall.allowedTCPPorts = optional cfg.openFirewall cfg.port; |
||||
|
||||
systemd.services.prometheus-node-exporter = { |
||||
description = "Prometheus exporter for machine metrics"; |
||||
unitConfig.Documentation = "https://github.com/prometheus/node_exporter"; |
||||
wantedBy = [ "multi-user.target" ]; |
||||
script = '' |
||||
exec ${pkgs.prometheus-node-exporter}/bin/node_exporter \ |
||||
${concatMapStringsSep " " (x: "--collector." + x) cfg.enabledCollectors} \ |
||||
${concatMapStringsSep " " (x: "--no-collector." + x) cfg.disabledCollectors} \ |
||||
--web.listen-address ${cfg.listenAddress}:${toString cfg.port} \ |
||||
${concatStringsSep " \\\n " cfg.extraFlags} |
||||
''; |
||||
serviceConfig = { |
||||
User = "nobody"; |
||||
Restart = "always"; |
||||
PrivateTmp = true; |
||||
WorkingDirectory = /tmp; |
||||
ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID"; |
||||
}; |
||||
}; |
||||
}; |
||||
} |
@ -1,127 +0,0 @@ |
||||
{ config, pkgs, lib, ... }: |
||||
|
||||
with lib; |
||||
|
||||
let |
||||
cfg = config.services.prometheus.snmpExporter; |
||||
mkConfigFile = pkgs.writeText "snmp.yml" (if cfg.configurationPath == null then builtins.toJSON cfg.configuration else builtins.readFile cfg.configurationPath); |
||||
in { |
||||
options = { |
||||
services.prometheus.snmpExporter = { |
||||
enable = mkEnableOption "Prometheus snmp exporter"; |
||||
|
||||
user = mkOption { |
||||
type = types.str; |
||||
default = "nobody"; |
||||
description = '' |
||||
User name under which snmp exporter shall be run. |
||||
''; |
||||
}; |
||||
|
||||
group = mkOption { |
||||
type = types.str; |
||||
default = "nogroup"; |
||||
description = '' |
||||
Group under which snmp exporter shall be run. |
||||
''; |
||||
}; |
||||
|
||||
port = mkOption { |
||||
type = types.int; |
||||
default = 9116; |
||||
description = '' |
||||
Port to listen on. |
||||
''; |
||||
}; |
||||
|
||||
listenAddress = mkOption { |
||||
type = types.nullOr types.str; |
||||
default = null; |
||||
description = '' |
||||
Address to listen on for web interface and telemetry. |
||||
''; |
||||
}; |
||||
|
||||
configurationPath = mkOption { |
||||
type = types.nullOr types.path; |
||||
default = null; |
||||
description = '' |
||||
Path to a snmp exporter configuration file. Mutually exclusive with 'configuration' option. |
||||
''; |
||||
example = "./snmp.yml"; |
||||
}; |
||||
|
||||
configuration = mkOption { |
||||
type = types.nullOr types.attrs; |
||||
default = {}; |
||||
description = '' |
||||
Snmp exporter configuration as nix attribute set. Mutually exclusive with 'configurationPath' option. |
||||
''; |
||||
example = '' |
||||
{ |
||||
"default" = { |
||||
"version" = 2; |
||||
"auth" = { |
||||
"community" = "public"; |
||||
}; |
||||
}; |
||||
}; |
||||
''; |
||||
}; |
||||
|
||||
logFormat = mkOption { |
||||
type = types.str; |
||||
default = "logger:stderr"; |
||||
description = '' |
||||
Set the log target and format. |
||||
''; |
||||
}; |
||||
|
||||
logLevel = mkOption { |
||||
type = types.enum ["debug" "info" "warn" "error" "fatal"]; |
||||
default = "info"; |
||||
description = '' |
||||
Only log messages with the given severity or above. |
||||
''; |
||||
}; |
||||
|
||||
openFirewall = mkOption { |
||||
type = types.bool; |
||||
default = false; |
||||
description = '' |
||||
Open port in firewall for incoming connections. |
||||
''; |
||||
}; |
||||
}; |
||||
}; |
||||
|
||||
config = mkIf cfg.enable { |
||||
networking.firewall.allowedTCPPorts = optional cfg.openFirewall cfg.port; |
||||
|
||||
assertions = singleton |
||||
{ |
||||
assertion = (cfg.configurationPath == null) != (cfg.configuration == null); |
||||
message = "Please ensure you have either 'configuration' or 'configurationPath' set!"; |
||||
}; |
||||
|
||||
systemd.services.prometheus-snmp-exporter = { |
||||
wantedBy = [ "multi-user.target" ]; |
||||
after = [ "network.target" ]; |
||||
script = '' |
||||
${pkgs.prometheus-snmp-exporter.bin}/bin/snmp_exporter \ |
||||
-config.file ${mkConfigFile} \ |
||||
-log.format ${cfg.logFormat} \ |
||||
-log.level ${cfg.logLevel} \ |
||||
-web.listen-address ${optionalString (cfg.listenAddress != null) cfg.listenAddress}:${toString cfg.port} |
||||
''; |
||||
|
||||
serviceConfig = { |
||||
User = cfg.user; |
||||
Group = cfg.group; |
||||
Restart = "always"; |
||||
PrivateTmp = true; |
||||
WorkingDirectory = "/tmp"; |
||||
}; |
||||
}; |
||||
}; |
||||
} |
@ -1,105 +0,0 @@ |
||||
{ config, pkgs, lib, ... }: |
||||
|
||||
with lib; |
||||
|
||||
let |
||||
cfg = config.services.prometheus.unifiExporter; |
||||
in { |
||||
options = { |
||||
services.prometheus.unifiExporter = { |
||||
enable = mkEnableOption "prometheus unifi exporter"; |
||||
|
||||
port = mkOption { |
||||
type = types.int; |
||||
default = 9130; |
||||
description = '' |
||||
Port to listen on. |
||||
''; |
||||
}; |
||||
|
||||
unifiAddress = mkOption { |
||||
type = types.str; |
||||
example = "https://10.0.0.1:8443"; |
||||
description = '' |
||||
URL of the UniFi Controller API. |
||||
''; |
||||
}; |
||||
|
||||
unifiInsecure = mkOption { |
||||
type = types.bool; |
||||
default = false; |
||||
description = '' |
||||
If enabled skip the verification of the TLS certificate of the UniFi Controller API. |
||||
Use with caution. |
||||
''; |
||||
}; |
||||
|
||||
unifiUsername = mkOption { |
||||
type = types.str; |
||||
example = "ReadOnlyUser"; |
||||
description = '' |
||||
username for authentication against UniFi Controller API. |
||||
''; |
||||
}; |
||||
|
||||
unifiPassword = mkOption { |
||||
type = types.str; |
||||
description = '' |
||||
Password for authentication against UniFi Controller API. |
||||
''; |
||||
}; |
||||
|
||||
unifiTimeout = mkOption { |
||||
type = types.str; |
||||
default = "5s"; |
||||
example = "2m"; |
||||
description = '' |
||||
Timeout including unit for UniFi Controller API requests. |
||||
''; |
||||
}; |
||||
|
||||
extraFlags = mkOption { |
||||
type = types.listOf types.str; |
||||
default = []; |
||||
description = '' |
||||
Extra commandline options when launching the unifi exporter. |
||||
''; |
||||
}; |
||||
|
||||
openFirewall = mkOption { |
||||
type = types.bool; |
||||
default = false; |
||||
description = '' |
||||
Open port in firewall for incoming connections. |
||||
''; |
||||
}; |
||||
}; |
||||
}; |
||||
|
||||
config = mkIf cfg.enable { |
||||
networking.firewall.allowedTCPPorts = optional cfg.openFirewall cfg.port; |
||||
|
||||
systemd.services.prometheus-unifi-exporter = { |
||||
description = "Prometheus exporter for UniFi Controller metrics"; |
||||
unitConfig.Documentation = "https://github.com/mdlayher/unifi_exporter"; |
||||
wantedBy = [ "multi-user.target" ]; |
||||
after = optional config.services.unifi.enable "unifi.service"; |
||||
serviceConfig = { |
||||
User = "nobody"; |
||||
Restart = "always"; |
||||
PrivateTmp = true; |
||||
WorkingDirectory = /tmp; |
||||
ExecStart = '' |
||||
${pkgs.prometheus-unifi-exporter}/bin/unifi_exporter \ |
||||
-telemetry.addr :${toString cfg.port} \ |
||||
-unifi.addr ${cfg.unifiAddress} \ |
||||
-unifi.username ${cfg.unifiUsername} \ |
||||
-unifi.password ${cfg.unifiPassword} \ |
||||
-unifi.timeout ${cfg.unifiTimeout} \ |
||||
${optionalString cfg.unifiInsecure "-unifi.insecure" } \ |
||||
${concatStringsSep " \\\n " cfg.extraFlags} |
||||
''; |
||||
}; |
||||
}; |
||||
}; |
||||
} |
@ -1,61 +0,0 @@ |
||||
{ config, pkgs, lib, ... }: |
||||
|
||||
# Shamelessly cribbed from nginx-exporter.nix. ~ C. |
||||
with lib; |
||||
|
||||
let |
||||
cfg = config.services.prometheus.varnishExporter; |
||||
in { |
||||
options = { |
||||
services.prometheus.varnishExporter = { |
||||
enable = mkEnableOption "prometheus Varnish exporter"; |
||||
|
||||
port = mkOption { |
||||
type = types.int; |
||||
default = 9131; |
||||
description = '' |
||||
Port to listen on. |
||||
''; |
||||
}; |
||||
|
||||
extraFlags = mkOption { |
||||
type = types.listOf types.str; |
||||
default = []; |
||||
description = '' |
||||
Extra commandline options when launching the Varnish exporter. |
||||
''; |
||||
}; |
||||
|
||||
openFirewall = mkOption { |
||||
type = types.bool; |
||||
default = false; |
||||
description = '' |
||||
Open port in firewall for incoming connections. |
||||
''; |
||||
}; |
||||
}; |
||||
}; |
||||
|
||||
config = mkIf cfg.enable { |
||||
networking.firewall.allowedTCPPorts = optional cfg.openFirewall cfg.port; |
||||
|
||||
systemd.services.prometheus-varnish-exporter = { |
||||
description = "Prometheus exporter for Varnish metrics"; |
||||
unitConfig.Documentation = "https://github.com/jonnenauha/prometheus_varnish_exporter"; |
||||
wantedBy = [ "multi-user.target" ]; |
||||
path = [ pkgs.varnish ]; |
||||
script = '' |
||||
exec ${pkgs.prometheus-varnish-exporter}/bin/prometheus_varnish_exporter \ |
||||
-web.listen-address :${toString cfg.port} \ |
||||
${concatStringsSep " \\\n " cfg.extraFlags} |
||||
''; |
||||
serviceConfig = { |
||||
User = "nobody"; |
||||
Restart = "always"; |
||||
PrivateTmp = true; |
||||
WorkingDirectory = /tmp; |
||||
ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID"; |
||||
}; |
||||
}; |
||||
}; |
||||
} |
Loading…
Reference in new issue