kookie
/
nomicon
1
0
Fork 0
Code Issues Projects Releases 1 Activity
My personal project and infrastructure archive
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
339053 Commits
7 Branches
1 Tag
1.4 GiB
 
 
 
 
 
 
Tag: Branch: Tree: 06edb74413
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '06edb74413'
${ noResults }
nomicon/nixos/modules/services/networking/ntopng.nix

117 lines
3.1 KiB
Raw Blame History

{ config, lib, options, pkgs, ... }:
with lib;
let
cfg = config.services.ntopng;
opt = options.services.ntopng;
redisCfg = config.services.redis;
configFile = if cfg.configText != "" then
pkgs.writeText "ntopng.conf" ''
${cfg.configText}
''
else
pkgs.writeText "ntopng.conf" ''
${concatStringsSep " " (map (e: "--interface=" + e) cfg.interfaces)}
--http-port=${toString cfg.http-port}
--redis=localhost:${toString redisCfg.port}
${cfg.extraConfig}
'';
in
{
options = {
services.ntopng = {
enable = mkOption {
default = false;
type = types.bool;
description = ''
Enable ntopng, a high-speed web-based traffic analysis and flow
collection tool.
With the default configuration, ntopng monitors all network
interfaces and displays its findings at http://localhost:''${toString
config.${opt.http-port}}. Default username and password is admin/admin.
See the ntopng(8) manual page and http://www.ntop.org/products/ntop/
for more info.
Note that enabling ntopng will also enable redis (key-value
database server) for persistent data storage.
'';
};
interfaces = mkOption {
default = [ "any" ];
example = [ "eth0" "wlan0" ];
type = types.listOf types.str;
description = ''
List of interfaces to monitor. Use "any" to monitor all interfaces.
'';
};
http-port = mkOption {
default = 3000;
type = types.int;
description = ''
Sets the HTTP port of the embedded web server.
'';
};
configText = mkOption {
default = "";
example = ''
--interface=any
--http-port=3000
--disable-login
'';
type = types.lines;
description = ''
Overridable configuration file contents to use for ntopng. By
default, use the contents automatically generated by NixOS.
'';
};
extraConfig = mkOption {
default = "";
type = types.lines;
description = ''
Configuration lines that will be appended to the generated ntopng
configuration file. Note that this mechanism does not work when the
manual <option>configText</option> option is used.
'';
};
};
};
config = mkIf cfg.enable {
# ntopng uses redis for data storage
services.redis.enable = true;
# nice to have manual page and ntopng command in PATH
environment.systemPackages = [ pkgs.ntopng ];
systemd.services.ntopng = {
description = "Ntopng Network Monitor";
requires = [ "redis.service" ];
after = [ "network.target" "redis.service" ];
wantedBy = [ "multi-user.target" ];
preStart = "mkdir -p /var/lib/ntopng/";
serviceConfig.ExecStart = "${pkgs.ntopng}/bin/ntopng ${configFile}";
unitConfig.Documentation = "man:ntopng(8)";
};
# ntopng drops priveleges to user "nobody" and that user is already defined
# in users-groups.nix.
};
}