]> git.immae.eu Git - perso/Immae/Config/Nix.git/blob - modules/private/monitoring/status_engine.nix
projects / perso / Immae / Config / Nix.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Use attrs for secrets instead of lists
[perso/Immae/Config/Nix.git] / modules / private / monitoring / status_engine.nix
1 { config, pkgs, lib, name, ... }:
2 let
3 package = pkgs.status_engine.worker.override { config_file = config.secrets.fullPaths."status_engine"; };
4 env = config.myEnv.tools.status_engine;
5 in
6 {
7 config = lib.mkIf config.myServices.status.enable {
8 systemd.services.gearmand = {
9 description = "Gearman daemon";
10 after = [ "network.target" ];
11 wantedBy = [ "multi-user.target" ];
12 serviceConfig = {
13 DynamicUser = true;
14 User = "gearmand";
15 Type = "simple";
16 ExecStart = "${pkgs.gearmand}/bin/gearmand --syslog -L 127.0.0.1 -q libsqlite3 --libsqlite3-db /var/lib/gearmand/gearmand.db --store-queue-on-shutdown -l stderr -P /run/gearmand/gearmand.pid";
17 RuntimeDirectory = "gearmand";
18 StateDirectory = "gearmand";
19 };
20 };
21
22 secrets.keys."status_engine" = {
23 permissions = "0400";
24 user = "naemon";
25 group = "naemon";
26 text = ''
27 node_name: ${name}
28 use_gearman: 1
29 gearman:
30 address: 127.0.0.1
31 port: 4730
32 timeout: 1000
33 use_rabbitmq: 0
34 use_redis: 1
35 redis:
36 address: 127.0.0.1
37 port: 6379
38 db: 0
39 store_live_data_in_archive_backend: 1
40 use_mysql: 1
41 mysql:
42 host: ${env.mysql.remoteHost}
43 port: ${env.mysql.port}
44 username: ${env.mysql.user}
45 password: ${env.mysql.password}
46 database: ${env.mysql.database}
47 use_crate: 0
48 number_of_bulk_records: 100
49 max_bulk_delay: 5
50 number_servicestatus_worker: 1
51 number_hoststatus_worker: 1
52 number_logentry_worker: 1
53 number_statechange_worker: 1
54 number_hostcheck_worker: 1
55 number_servicecheck_worker: 1
56 number_misc_worker: 1
57
58 process_perfdata: 1
59 number_perfdata_worker: 1
60 perfdata_backend:
61 - mysql
62
63 check_for_commands: 1
64 command_check_interval: 15
65 external_command_file: /run/naemon/naemon.cmd
66 query_handler: /run/naemon/naemon.qh
67 submit_method: qh
68
69 syslog_enabled: 1
70 syslog_tag: statusengine-worker
71
72 # Archive age
73 age_hostchecks: 5
74 age_host_acknowledgements: 60
75 age_host_notifications: 60
76 age_host_statehistory: 365
77 age_host_downtimes: 60
78 age_servicechecks: 5
79 age_service_acknowledgements: 60
80 age_service_notifications: 60
81 age_service_statehistory: 365
82 age_service_downtimes: 60
83 age_logentries: 5
84 age_tasks: 1
85 age_perfdata: 90
86
87 disable_http_proxy: 1
88 '';
89 };
90
91 services.redis = rec {
92 enable = true;
93 bind = "127.0.0.1";
94 };
95
96 services.cron = {
97 mailto = "cron@immae.eu";
98 systemCronJobs = [
99 "0 0 * * * naemon cd ${package} && ./bin/Console.php cleanup"
100 ];
101 };
102
103 systemd.services.status_engine_worker = {
104 description = "Status engine worker";
105 after = [ "network.target" ];
106 wantedBy = [ "multi-user.target" ];
107 serviceConfig = {
108 Type = "simple";
109 Restart = "on-failure";
110 User = "naemon";
111 ExecStart = "${package}/bin/StatusengineWorker.php";
112 };
113 };
114 };
115 }
My infrastructure configuration