]> git.immae.eu Git - perso/Immae/Config/Nix.git/blob - modules/naemon/default.nix
projects / perso / Immae / Config / Nix.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Upgrade syden peertube to flake
[perso/Immae/Config/Nix.git] / modules / naemon / default.nix
1 { config, lib, pkgs, ... }:
2
3 with lib;
4
5 let
6 cfg = config.services.naemon;
7
8 naemonConfig = pkgs.runCommand "naemon-config" {
9 objectsFile = pkgs.writeText "naemon_objects.cfg" cfg.objectDefs;
10 resourceFile = config.secrets.fullPaths."naemon/resources.cfg";
11 extraConfig = pkgs.writeText "extra.cfg" cfg.extraConfig;
12 inherit (cfg) logDir varDir runDir cacheDir;
13 } ''
14 substituteAll ${./naemon.cfg} $out
15 cat $extraConfig >> $out
16 '';
17 in
18 {
19 options = {
20 services.naemon = {
21 enable = mkOption {
22 default = false;
23 description = "
24 Whether to use <link
25 xlink:href='http://www.naemon.org/'>Naemon</link> to monitor
26 your system or network.
27 ";
28 };
29
30 objectDefs = mkOption {
31 type = types.lines;
32 default = "";
33 description = "
34 A list of Naemon object configuration that must define
35 the hosts, host groups, services and contacts for the
36 network that you want Naemon to monitor.
37 ";
38 };
39
40 extraResource = mkOption {
41 type = types.lines;
42 default = "";
43 example = ''
44 # Sets $USER2$ to be the path to event handlers
45 #$USER2$=/usr/lib/monitoring-plugins/eventhandlers
46
47 # Store some usernames and passwords (hidden from the CGIs)
48 #$USER3$=someuser
49 #$USER4$=somepassword
50 '';
51 description = "
52 Lines to add to the resource file
53 # You can define $USERx$ macros in this file, which can in turn be used
54 # in command definitions in your host config file(s). $USERx$ macros are
55 # useful for storing sensitive information such as usernames, passwords,
56 # etc. They are also handy for specifying the path to plugins and
57 # event handlers - if you decide to move the plugins or event handlers to
58 # a different directory in the future, you can just update one or two
59 # $USERx$ macros, instead of modifying a lot of command definitions.
60 #
61 # Naemon supports up to 256 $USERx$ macros ($USER1$ through $USER256$)
62 #
63 # Resource files may also be used to store configuration directives for
64 # external data sources like MySQL...
65 #
66 ";
67 };
68
69 extraConfig = mkOption {
70 type = types.lines;
71 default = "";
72 description = "
73 Extra config to append to main config
74 ";
75 };
76
77 user = mkOption {
78 type = types.str;
79 default = "naemon";
80 description = "User for naemon";
81 };
82
83 group = mkOption {
84 type = types.str;
85 default = "naemon";
86 description = "Group for naemon";
87 };
88
89 varDir = mkOption {
90 type = types.path;
91 default = "/var/lib/naemon";
92 description = "The directory where naemon stores its data";
93 };
94
95 cacheDir = mkOption {
96 type = types.path;
97 default = "/var/cache/naemon";
98 description = "The directory where naemon stores its cache";
99 };
100
101 runDir = mkOption {
102 type = types.path;
103 default = "/run/naemon";
104 description = "The directory where naemon stores its runtime files";
105 };
106
107 logDir = mkOption {
108 type = types.path;
109 default = "/var/log/naemon";
110 description = "The directory where naemon stores its log files";
111 };
112
113 package = mkOption {
114 type = types.package;
115 default = pkgs.naemon.override {
116 inherit (cfg) varDir cacheDir logDir runDir user group;
117 };
118 description = ''
119 Naemon package to use
120 '';
121 };
122 };
123 };
124
125
126 config = mkIf cfg.enable {
127 secrets.keys = [
128 {
129 dest = "naemon/resources.cfg";
130 user = cfg.user;
131 group = cfg.group;
132 permissions = "0400";
133 text = ''
134 $USER1$=${pkgs.monitoring-plugins}/libexec
135 ${cfg.extraResource}
136 '';
137 }
138 ];
139
140 users.users = optionalAttrs (cfg.user == "naemon") {
141 naemon = {
142 group = cfg.group;
143 uid = config.ids.uids.nagios;
144 extraGroups = [ "keys" ];
145 };
146 };
147 users.groups = optionalAttrs (cfg.user == "naemon") {
148 naemon = {
149 gid = config.ids.gids.nagios;
150 };
151 };
152
153 services.filesWatcher.naemon = {
154 paths = [ config.secrets.fullPaths."naemon/resources.cfg" ];
155 };
156 systemd.services.naemon = {
157 description = "Naemon monitoring daemon";
158 path = [ cfg.package pkgs.monitoring-plugins ];
159 wantedBy = [ "multi-user.target" ];
160 after = [ "network.target" ];
161
162 preStart = "${cfg.package}/bin/naemon -vp ${naemonConfig}";
163 script = "${cfg.package}/bin/naemon --daemon ${naemonConfig}";
164 reload = "${pkgs.utillinux}/bin/kill -HUP $MAINPID";
165 serviceConfig = {
166 User = cfg.user;
167 Restart = "always";
168 RestartSec = 2;
169 StandardOutput = "journal";
170 StandardError = "inherit";
171 PIDFile = "${cfg.runDir}/naemon.pid";
172 LogsDirectory = assert lib.strings.hasPrefix "/var/log/" cfg.logDir;
173 lib.strings.removePrefix "/var/log/" cfg.logDir;
174 CacheDirectory = assert lib.strings.hasPrefix "/var/cache/" cfg.cacheDir;
175 let unprefixed = lib.strings.removePrefix "/var/cache/" cfg.cacheDir;
176 in [ unprefixed "${unprefixed}/checkresults" ];
177 StateDirectory = assert lib.strings.hasPrefix "/var/lib/" cfg.varDir;
178 lib.strings.removePrefix "/var/lib/" cfg.varDir;
179 RuntimeDirectory = assert lib.strings.hasPrefix "/run/" cfg.runDir;
180 lib.strings.removePrefix "/run/" cfg.runDir;
181 };
182 };
183 };
184 }
My infrastructure configuration