]>
Commit | Line | Data |
---|---|---|
1a64deeb IB |
1 | { |
2 | outputs = { self }: { | |
3 | nixosModule = self.nixosModules.naemon; | |
4 | nixosModules.naemon = { config, lib, pkgs, ... }: | |
5 | with lib; | |
6 | ||
7 | let | |
8 | cfg = config.services.naemon; | |
9 | ||
10 | naemonConfig = pkgs.runCommand "naemon-config" { | |
11 | objectsFile = pkgs.writeText "naemon_objects.cfg" cfg.objectDefs; | |
12 | resourceFile = config.secrets.fullPaths."naemon/resources.cfg"; | |
13 | extraConfig = pkgs.writeText "extra.cfg" cfg.extraConfig; | |
14 | inherit (cfg) logDir varDir runDir cacheDir; | |
15 | } '' | |
16 | substituteAll ${./naemon.cfg} $out | |
17 | cat $extraConfig >> $out | |
18 | ''; | |
19 | in | |
20 | { | |
21 | # Necessary for situations where flake gets included multiple times | |
22 | key = builtins.hashString "sha256" (builtins.path { path = self.sourceInfo.outPath; name = "source"; }); | |
23 | ||
24 | options = { | |
25 | services.naemon = { | |
26 | enable = mkOption { | |
27 | default = false; | |
28 | description = " | |
29 | Whether to use <link | |
30 | xlink:href='http://www.naemon.org/'>Naemon</link> to monitor | |
31 | your system or network. | |
32 | "; | |
33 | }; | |
34 | ||
35 | objectDefs = mkOption { | |
36 | type = types.lines; | |
37 | default = ""; | |
38 | description = " | |
39 | A list of Naemon object configuration that must define | |
40 | the hosts, host groups, services and contacts for the | |
41 | network that you want Naemon to monitor. | |
42 | "; | |
43 | }; | |
44 | ||
45 | extraResource = mkOption { | |
46 | type = types.lines; | |
47 | default = ""; | |
48 | example = '' | |
49 | # Sets $USER2$ to be the path to event handlers | |
50 | #$USER2$=/usr/lib/monitoring-plugins/eventhandlers | |
51 | ||
52 | # Store some usernames and passwords (hidden from the CGIs) | |
53 | #$USER3$=someuser | |
54 | #$USER4$=somepassword | |
55 | ''; | |
56 | description = " | |
57 | Lines to add to the resource file | |
58 | # You can define $USERx$ macros in this file, which can in turn be used | |
59 | # in command definitions in your host config file(s). $USERx$ macros are | |
60 | # useful for storing sensitive information such as usernames, passwords, | |
61 | # etc. They are also handy for specifying the path to plugins and | |
62 | # event handlers - if you decide to move the plugins or event handlers to | |
63 | # a different directory in the future, you can just update one or two | |
64 | # $USERx$ macros, instead of modifying a lot of command definitions. | |
65 | # | |
66 | # Naemon supports up to 256 $USERx$ macros ($USER1$ through $USER256$) | |
67 | # | |
68 | # Resource files may also be used to store configuration directives for | |
69 | # external data sources like MySQL... | |
70 | # | |
71 | "; | |
72 | }; | |
73 | ||
74 | extraConfig = mkOption { | |
75 | type = types.lines; | |
76 | default = ""; | |
77 | description = " | |
78 | Extra config to append to main config | |
79 | "; | |
80 | }; | |
81 | ||
82 | user = mkOption { | |
83 | type = types.str; | |
84 | default = "naemon"; | |
85 | description = "User for naemon"; | |
86 | }; | |
87 | ||
88 | group = mkOption { | |
89 | type = types.str; | |
90 | default = "naemon"; | |
91 | description = "Group for naemon"; | |
92 | }; | |
93 | ||
94 | varDir = mkOption { | |
95 | type = types.path; | |
96 | default = "/var/lib/naemon"; | |
97 | description = "The directory where naemon stores its data"; | |
98 | }; | |
99 | ||
100 | cacheDir = mkOption { | |
101 | type = types.path; | |
102 | default = "/var/cache/naemon"; | |
103 | description = "The directory where naemon stores its cache"; | |
104 | }; | |
105 | ||
106 | runDir = mkOption { | |
107 | type = types.path; | |
108 | default = "/run/naemon"; | |
109 | description = "The directory where naemon stores its runtime files"; | |
110 | }; | |
111 | ||
112 | logDir = mkOption { | |
113 | type = types.path; | |
114 | default = "/var/log/naemon"; | |
115 | description = "The directory where naemon stores its log files"; | |
116 | }; | |
117 | ||
118 | package = mkOption { | |
119 | type = types.package; | |
120 | default = pkgs.naemon.override { | |
121 | inherit (cfg) varDir cacheDir logDir runDir user group; | |
122 | }; | |
123 | description = '' | |
124 | Naemon package to use | |
125 | ''; | |
126 | }; | |
127 | }; | |
128 | }; | |
129 | ||
130 | ||
131 | config = mkIf cfg.enable { | |
132 | secrets.keys = { | |
133 | "naemon/resources.cfg" = { | |
134 | user = cfg.user; | |
135 | group = cfg.group; | |
136 | permissions = "0400"; | |
137 | text = '' | |
138 | $USER1$=${pkgs.monitoring-plugins}/libexec | |
139 | ${cfg.extraResource} | |
140 | ''; | |
141 | keyDependencies = [ pkgs.monitoring-plugins ]; | |
142 | }; | |
143 | }; | |
144 | ||
145 | users.users = optionalAttrs (cfg.user == "naemon") { | |
146 | naemon = { | |
147 | group = cfg.group; | |
148 | uid = config.ids.uids.nagios; | |
149 | extraGroups = [ "keys" ]; | |
150 | }; | |
151 | }; | |
152 | users.groups = optionalAttrs (cfg.user == "naemon") { | |
153 | naemon = { | |
154 | gid = config.ids.gids.nagios; | |
155 | }; | |
156 | }; | |
157 | ||
158 | services.filesWatcher.naemon = { | |
159 | paths = [ config.secrets.fullPaths."naemon/resources.cfg" ]; | |
160 | }; | |
161 | systemd.services.naemon = { | |
162 | description = "Naemon monitoring daemon"; | |
163 | path = [ cfg.package ]; | |
164 | wantedBy = [ "multi-user.target" ]; | |
165 | after = [ "network.target" ]; | |
166 | ||
167 | preStart = "${cfg.package}/bin/naemon -vp ${naemonConfig}"; | |
168 | script = "${cfg.package}/bin/naemon --daemon ${naemonConfig}"; | |
169 | reload = "${pkgs.utillinux}/bin/kill -HUP $MAINPID"; | |
170 | serviceConfig = { | |
171 | User = cfg.user; | |
172 | Restart = "always"; | |
173 | RestartSec = 2; | |
174 | StandardOutput = "journal"; | |
175 | StandardError = "inherit"; | |
176 | PIDFile = "${cfg.runDir}/naemon.pid"; | |
177 | LogsDirectory = assert lib.strings.hasPrefix "/var/log/" cfg.logDir; | |
178 | lib.strings.removePrefix "/var/log/" cfg.logDir; | |
179 | CacheDirectory = assert lib.strings.hasPrefix "/var/cache/" cfg.cacheDir; | |
180 | let unprefixed = lib.strings.removePrefix "/var/cache/" cfg.cacheDir; | |
181 | in [ unprefixed "${unprefixed}/checkresults" ]; | |
182 | StateDirectory = assert lib.strings.hasPrefix "/var/lib/" cfg.varDir; | |
183 | lib.strings.removePrefix "/var/lib/" cfg.varDir; | |
184 | RuntimeDirectory = assert lib.strings.hasPrefix "/run/" cfg.runDir; | |
185 | lib.strings.removePrefix "/run/" cfg.runDir; | |
186 | }; | |
187 | }; | |
188 | }; | |
189 | }; | |
190 | }; | |
191 | } |