diff options
author | Ismaël Bouya <ismael.bouya@normalesup.org> | 2019-07-17 11:33:57 +0200 |
---|---|---|
committer | Ismaël Bouya <ismael.bouya@normalesup.org> | 2019-07-17 11:33:57 +0200 |
commit | 3bc32d9ebd9b0900eeef756122ad28f8857f8bfe (patch) | |
tree | ff92459e654fde6fe559dfd383d6a76e05a347cf /modules/naemon/default.nix | |
parent | e886ea19877fa0d4de32d35939f69e9c18681d59 (diff) | |
download | Nix-3bc32d9ebd9b0900eeef756122ad28f8857f8bfe.tar.gz Nix-3bc32d9ebd9b0900eeef756122ad28f8857f8bfe.tar.zst Nix-3bc32d9ebd9b0900eeef756122ad28f8857f8bfe.zip |
Add monitoring modules via naemon
Diffstat (limited to 'modules/naemon/default.nix')
-rw-r--r-- | modules/naemon/default.nix | 184 |
1 files changed, 184 insertions, 0 deletions
diff --git a/modules/naemon/default.nix b/modules/naemon/default.nix new file mode 100644 index 0000000..38e99a9 --- /dev/null +++ b/modules/naemon/default.nix | |||
@@ -0,0 +1,184 @@ | |||
1 | { config, lib, pkgs, ... }: | ||
2 | |||
3 | with lib; | ||
4 | |||
5 | let | ||
6 | cfg = config.services.naemon; | ||
7 | |||
8 | naemonConfig = pkgs.runCommand "naemon-config" { | ||
9 | objectsFile = pkgs.writeText "naemon_objects.cfg" cfg.objectDefs; | ||
10 | resourceFile = config.secrets.fullPaths."naemon/resources.cfg"; | ||
11 | extraConfig = pkgs.writeText "extra.cfg" cfg.extraConfig; | ||
12 | inherit (cfg) logDir varDir runDir cacheDir; | ||
13 | } '' | ||
14 | substituteAll ${./naemon.cfg} $out | ||
15 | cat $extraConfig >> $out | ||
16 | ''; | ||
17 | in | ||
18 | { | ||
19 | options = { | ||
20 | services.naemon = { | ||
21 | enable = mkOption { | ||
22 | default = false; | ||
23 | description = " | ||
24 | Whether to use <link | ||
25 | xlink:href='http://www.naemon.org/'>Naemon</link> to monitor | ||
26 | your system or network. | ||
27 | "; | ||
28 | }; | ||
29 | |||
30 | objectDefs = mkOption { | ||
31 | type = types.lines; | ||
32 | default = ""; | ||
33 | description = " | ||
34 | A list of Naemon object configuration that must define | ||
35 | the hosts, host groups, services and contacts for the | ||
36 | network that you want Naemon to monitor. | ||
37 | "; | ||
38 | }; | ||
39 | |||
40 | extraResource = mkOption { | ||
41 | type = types.lines; | ||
42 | default = ""; | ||
43 | example = '' | ||
44 | # Sets $USER2$ to be the path to event handlers | ||
45 | #$USER2$=/usr/lib/monitoring-plugins/eventhandlers | ||
46 | |||
47 | # Store some usernames and passwords (hidden from the CGIs) | ||
48 | #$USER3$=someuser | ||
49 | #$USER4$=somepassword | ||
50 | ''; | ||
51 | description = " | ||
52 | Lines to add to the resource file | ||
53 | # You can define $USERx$ macros in this file, which can in turn be used | ||
54 | # in command definitions in your host config file(s). $USERx$ macros are | ||
55 | # useful for storing sensitive information such as usernames, passwords, | ||
56 | # etc. They are also handy for specifying the path to plugins and | ||
57 | # event handlers - if you decide to move the plugins or event handlers to | ||
58 | # a different directory in the future, you can just update one or two | ||
59 | # $USERx$ macros, instead of modifying a lot of command definitions. | ||
60 | # | ||
61 | # Naemon supports up to 256 $USERx$ macros ($USER1$ through $USER256$) | ||
62 | # | ||
63 | # Resource files may also be used to store configuration directives for | ||
64 | # external data sources like MySQL... | ||
65 | # | ||
66 | "; | ||
67 | }; | ||
68 | |||
69 | extraConfig = mkOption { | ||
70 | type = types.lines; | ||
71 | default = ""; | ||
72 | description = " | ||
73 | Extra config to append to main config | ||
74 | "; | ||
75 | }; | ||
76 | |||
77 | user = mkOption { | ||
78 | type = types.str; | ||
79 | default = "naemon"; | ||
80 | description = "User for naemon"; | ||
81 | }; | ||
82 | |||
83 | group = mkOption { | ||
84 | type = types.str; | ||
85 | default = "naemon"; | ||
86 | description = "Group for naemon"; | ||
87 | }; | ||
88 | |||
89 | varDir = mkOption { | ||
90 | type = types.path; | ||
91 | default = "/var/lib/naemon"; | ||
92 | description = "The directory where naemon stores its data"; | ||
93 | }; | ||
94 | |||
95 | cacheDir = mkOption { | ||
96 | type = types.path; | ||
97 | default = "/var/cache/naemon"; | ||
98 | description = "The directory where naemon stores its cache"; | ||
99 | }; | ||
100 | |||
101 | runDir = mkOption { | ||
102 | type = types.path; | ||
103 | default = "/run/naemon"; | ||
104 | description = "The directory where naemon stores its runtime files"; | ||
105 | }; | ||
106 | |||
107 | logDir = mkOption { | ||
108 | type = types.path; | ||
109 | default = "/var/log/naemon"; | ||
110 | description = "The directory where naemon stores its log files"; | ||
111 | }; | ||
112 | |||
113 | package = mkOption { | ||
114 | type = types.package; | ||
115 | default = pkgs.naemon.override { | ||
116 | inherit (cfg) varDir cacheDir logDir runDir user group; | ||
117 | }; | ||
118 | description = '' | ||
119 | Naemon package to use | ||
120 | ''; | ||
121 | }; | ||
122 | }; | ||
123 | }; | ||
124 | |||
125 | |||
126 | config = mkIf cfg.enable { | ||
127 | secrets.keys = [ | ||
128 | { | ||
129 | dest = "naemon/resources.cfg"; | ||
130 | user = cfg.user; | ||
131 | group = cfg.group; | ||
132 | permissions = "0400"; | ||
133 | text = '' | ||
134 | $USER1$=${pkgs.monitoring-plugins}/libexec | ||
135 | ${cfg.extraResource} | ||
136 | ''; | ||
137 | } | ||
138 | ]; | ||
139 | |||
140 | users.users = optionalAttrs (cfg.user == "naemon") (singleton | ||
141 | { | ||
142 | name = "naemon"; | ||
143 | group = cfg.group; | ||
144 | uid = config.ids.uids.nagios; | ||
145 | extraGroups = [ "keys" ]; | ||
146 | }); | ||
147 | users.groups = optionalAttrs (cfg.user == "naemon") (singleton | ||
148 | { | ||
149 | name = "naemon"; | ||
150 | gid = config.ids.gids.nagios; | ||
151 | }); | ||
152 | |||
153 | services.filesWatcher.naemon = { | ||
154 | paths = [ config.secrets.fullPaths."naemon/resources.cfg" ]; | ||
155 | }; | ||
156 | systemd.services.naemon = { | ||
157 | description = "Naemon monitoring daemon"; | ||
158 | path = [ cfg.package pkgs.monitoring-plugins ]; | ||
159 | wantedBy = [ "multi-user.target" ]; | ||
160 | after = [ "network.target" ]; | ||
161 | |||
162 | preStart = "${cfg.package}/bin/naemon -vp ${naemonConfig}"; | ||
163 | script = "${cfg.package}/bin/naemon --daemon ${naemonConfig}"; | ||
164 | reload = "${pkgs.utillinux}/bin/kill -HUP $MAINPID"; | ||
165 | serviceConfig = { | ||
166 | User = cfg.user; | ||
167 | Restart = "always"; | ||
168 | RestartSec = 2; | ||
169 | StandardOutput = "journal"; | ||
170 | StandardError = "inherit"; | ||
171 | PIDFile = "${cfg.runDir}/naemon.pid"; | ||
172 | LogsDirectory = assert lib.strings.hasPrefix "/var/log/" cfg.logDir; | ||
173 | lib.strings.removePrefix "/var/log/" cfg.logDir; | ||
174 | CacheDirectory = assert lib.strings.hasPrefix "/var/cache/" cfg.cacheDir; | ||
175 | let unprefixed = lib.strings.removePrefix "/var/cache/" cfg.cacheDir; | ||
176 | in [ unprefixed "${unprefixed}/checkresults" ]; | ||
177 | StateDirectory = assert lib.strings.hasPrefix "/var/lib/" cfg.varDir; | ||
178 | lib.strings.removePrefix "/var/lib/" cfg.varDir; | ||
179 | RuntimeDirectory = assert lib.strings.hasPrefix "/run/" cfg.runDir; | ||
180 | lib.strings.removePrefix "/run/" cfg.runDir; | ||
181 | }; | ||
182 | }; | ||
183 | }; | ||
184 | } | ||