--- /dev/null
+{
+ outputs = { self }: {
+ nixosModule = self.nixosModules.naemon;
+ nixosModules.naemon = { config, lib, pkgs, ... }:
+ with lib;
+
+ let
+ cfg = config.services.naemon;
+
+ naemonConfig = pkgs.runCommand "naemon-config" {
+ objectsFile = pkgs.writeText "naemon_objects.cfg" cfg.objectDefs;
+ resourceFile = config.secrets.fullPaths."naemon/resources.cfg";
+ extraConfig = pkgs.writeText "extra.cfg" cfg.extraConfig;
+ inherit (cfg) logDir varDir runDir cacheDir;
+ } ''
+ substituteAll ${./naemon.cfg} $out
+ cat $extraConfig >> $out
+ '';
+ in
+ {
+ # Necessary for situations where flake gets included multiple times
+ key = builtins.hashString "sha256" (builtins.path { path = self.sourceInfo.outPath; name = "source"; });
+
+ options = {
+ services.naemon = {
+ enable = mkOption {
+ default = false;
+ description = "
+ Whether to use <link
+ xlink:href='http://www.naemon.org/'>Naemon</link> to monitor
+ your system or network.
+ ";
+ };
+
+ objectDefs = mkOption {
+ type = types.lines;
+ default = "";
+ description = "
+ A list of Naemon object configuration that must define
+ the hosts, host groups, services and contacts for the
+ network that you want Naemon to monitor.
+ ";
+ };
+
+ extraResource = mkOption {
+ type = types.lines;
+ default = "";
+ example = ''
+ # Sets $USER2$ to be the path to event handlers
+ #$USER2$=/usr/lib/monitoring-plugins/eventhandlers
+
+ # Store some usernames and passwords (hidden from the CGIs)
+ #$USER3$=someuser
+ #$USER4$=somepassword
+ '';
+ description = "
+ Lines to add to the resource file
+ # You can define $USERx$ macros in this file, which can in turn be used
+ # in command definitions in your host config file(s). $USERx$ macros are
+ # useful for storing sensitive information such as usernames, passwords,
+ # etc. They are also handy for specifying the path to plugins and
+ # event handlers - if you decide to move the plugins or event handlers to
+ # a different directory in the future, you can just update one or two
+ # $USERx$ macros, instead of modifying a lot of command definitions.
+ #
+ # Naemon supports up to 256 $USERx$ macros ($USER1$ through $USER256$)
+ #
+ # Resource files may also be used to store configuration directives for
+ # external data sources like MySQL...
+ #
+ ";
+ };
+
+ extraConfig = mkOption {
+ type = types.lines;
+ default = "";
+ description = "
+ Extra config to append to main config
+ ";
+ };
+
+ user = mkOption {
+ type = types.str;
+ default = "naemon";
+ description = "User for naemon";
+ };
+
+ group = mkOption {
+ type = types.str;
+ default = "naemon";
+ description = "Group for naemon";
+ };
+
+ varDir = mkOption {
+ type = types.path;
+ default = "/var/lib/naemon";
+ description = "The directory where naemon stores its data";
+ };
+
+ cacheDir = mkOption {
+ type = types.path;
+ default = "/var/cache/naemon";
+ description = "The directory where naemon stores its cache";
+ };
+
+ runDir = mkOption {
+ type = types.path;
+ default = "/run/naemon";
+ description = "The directory where naemon stores its runtime files";
+ };
+
+ logDir = mkOption {
+ type = types.path;
+ default = "/var/log/naemon";
+ description = "The directory where naemon stores its log files";
+ };
+
+ package = mkOption {
+ type = types.package;
+ default = pkgs.naemon.override {
+ inherit (cfg) varDir cacheDir logDir runDir user group;
+ };
+ description = ''
+ Naemon package to use
+ '';
+ };
+ };
+ };
+
+
+ config = mkIf cfg.enable {
+ secrets.keys = {
+ "naemon/resources.cfg" = {
+ user = cfg.user;
+ group = cfg.group;
+ permissions = "0400";
+ text = ''
+ $USER1$=${pkgs.monitoring-plugins}/libexec
+ ${cfg.extraResource}
+ '';
+ keyDependencies = [ pkgs.monitoring-plugins ];
+ };
+ };
+
+ users.users = optionalAttrs (cfg.user == "naemon") {
+ naemon = {
+ group = cfg.group;
+ uid = config.ids.uids.nagios;
+ extraGroups = [ "keys" ];
+ };
+ };
+ users.groups = optionalAttrs (cfg.user == "naemon") {
+ naemon = {
+ gid = config.ids.gids.nagios;
+ };
+ };
+
+ services.filesWatcher.naemon = {
+ paths = [ config.secrets.fullPaths."naemon/resources.cfg" ];
+ };
+ systemd.services.naemon = {
+ description = "Naemon monitoring daemon";
+ path = [ cfg.package ];
+ wantedBy = [ "multi-user.target" ];
+ after = [ "network.target" ];
+
+ preStart = "${cfg.package}/bin/naemon -vp ${naemonConfig}";
+ script = "${cfg.package}/bin/naemon --daemon ${naemonConfig}";
+ reload = "${pkgs.utillinux}/bin/kill -HUP $MAINPID";
+ serviceConfig = {
+ User = cfg.user;
+ Restart = "always";
+ RestartSec = 2;
+ StandardOutput = "journal";
+ StandardError = "inherit";
+ PIDFile = "${cfg.runDir}/naemon.pid";
+ LogsDirectory = assert lib.strings.hasPrefix "/var/log/" cfg.logDir;
+ lib.strings.removePrefix "/var/log/" cfg.logDir;
+ CacheDirectory = assert lib.strings.hasPrefix "/var/cache/" cfg.cacheDir;
+ let unprefixed = lib.strings.removePrefix "/var/cache/" cfg.cacheDir;
+ in [ unprefixed "${unprefixed}/checkresults" ];
+ StateDirectory = assert lib.strings.hasPrefix "/var/lib/" cfg.varDir;
+ lib.strings.removePrefix "/var/lib/" cfg.varDir;
+ RuntimeDirectory = assert lib.strings.hasPrefix "/run/" cfg.runDir;
+ lib.strings.removePrefix "/run/" cfg.runDir;
+ };
+ };
+ };
+ };
+ };
+}
projects / perso / Immae / Config / Nix.git / blobdiff