Refactor monitoring to avoid useless resources in each machine

author: Ismaël Bouya <ismael.bouya@normalesup.org> 2021-05-02 04:10:13 +0200
committer: Ismaël Bouya <ismael.bouya@normalesup.org> 2021-05-02 04:10:13 +0200
commit: acab8301f6a0a76d97b36d009a60d4172bf62981 (patch)
tree: 15e4a211dbcc0d3f175a593344c0473c97d2ec00 /modules/private/monitoring/default.nix
parent: 8175055f973b3f6e8a383abcaa42afb22f279e24 (diff)
download: Nix-acab8301f6a0a76d97b36d009a60d4172bf62981.tar.gz
Nix-acab8301f6a0a76d97b36d009a60d4172bf62981.tar.zst
Nix-acab8301f6a0a76d97b36d009a60d4172bf62981.zip
1 files changed, 27 insertions, 157 deletions
diff --git a/modules/private/monitoring/default.nix b/modules/private/monitoring/default.nix
index 5f8a8c9..f00fb7c 100644
--- a/modules/private/monitoring/default.nix
+++ b/modules/private/monitoring/default.nix
@@ -1,109 +1,23 @@
 { config, pkgs, lib, name, nodes, ... }:
 let
  cfg = config.myServices.monitoring;
-  send_mails = pkgs.runCommand "send_mails" {
+  activatedPlugins = [ "memory" "command" "bandwidth" ]
-    buildInputs = [ pkgs.makeWrapper ];
+    ++ (if cfg.master then (masterObjects.activatedPlugins or []) else [])
-  } ''
+    ++ (if cfg.master then (lib.flatten (map (v: v.activatedPlugins or []) otherObjects)) else [])
-    mkdir -p $out/bin
+    ++ (hostObjects.activatedPlugins or [])
-    cp ${./send_mails} $out/bin/send_mails
+    ++ (if cfg.master then ["notify-primary"] else ["notify-secondary"]);
-    patchShebangs $out
+  allPluginsConfig = import ./myplugins.nix {
-    wrapProgram $out/bin/send_mails --prefix PATH : ${lib.makeBinPath [
+    inherit pkgs lib config;
-      pkgs.mailutils
+    sudo = "/run/wrappers/bin/sudo";
-    ]}
-    '';
-  postgresqlBinary = if config.myServices.databasesReplication.postgresql.enable
-    then config.myServices.databasesReplication.postgresql.mainPackage
-    else if config.myServices.databases.enable
-    then config.myServices.databases.postgresql.package
-    else pkgs.postgresql;
-  zfsPlugin = pkgs.fetchurl {
-    url = "https://www.claudiokuenzler.com/monitoring-plugins/check_zpools.sh";
-    sha256 = "0p9ms9340in80jkds4kfspw62xnzsv5s7ni9m28kxyd0bnzkbzhf";
  };
-  megacli = pkgs.megacli.overrideAttrs(old: { meta = old.meta // { license = null; }; });
+  mypluginsConfig = lib.getAttrs activatedPlugins allPluginsConfig;
-  megaCliPlugin = pkgs.runCommand "megaCliPlugin" {
+  myplugins = let
-    plugin = pkgs.fetchurl {
+    mypluginsChunk = builtins.concatStringsSep "\n" (lib.attrsets.mapAttrsToList (k: v: v.chunk or "") mypluginsConfig);
-      name = "check_megaraid_sas";
+  in pkgs.runCommand "buildplugins" {
-      url = "https://exchange.nagios.org/components/com_mtree/attachment.php?link_id=6381&cf_id=24";
-      sha256 = "0yf60p4c0hb4q3fng9fc14qc89bqm0f1sijayzygadaqcl44jx4p";
-    };
-  } ''
-    mkdir $out
-    cp $plugin $out/check_megaraid_sas
-    chmod +x $out/check_megaraid_sas
-    patchShebangs $out
-    substituteInPlace $out/check_megaraid_sas --replace /usr/sbin/MegaCli ${megacli}/bin/MegaCli64
-    substituteInPlace $out/check_megaraid_sas --replace 'sudo $megacli' '/run/wrappers/bin/sudo $megacli'
-    sed -i -e "s/use utils qw(%ERRORS);/my %ERRORS = ('OK' => 0, 'WARNING' => 1, 'CRITICAL' => 2, 'UNKNOWN' => 3);/" $out/check_megaraid_sas
-  '';
-  myplugins = pkgs.runCommand "buildplugins" {
    buildInputs = [ pkgs.makeWrapper pkgs.perl ];
  } ''
    mkdir $out
-    cp ${zfsPlugin} $out/check_zpool.sh && chmod +x $out/check_zpool.sh
+    ${mypluginsChunk}
-    cp ${megaCliPlugin}/check_megaraid_sas $out/
-    cp ${./plugins}/* $out/
-    patchShebangs $out
-    wrapProgram $out/check_command --prefix PATH : ${config.security.wrapperDir}
-    wrapProgram $out/check_zpool.sh --prefix PATH : ${lib.makeBinPath [
-      pkgs.which pkgs.zfs pkgs.gawk
-    ]}
-    wrapProgram $out/send_nrdp.sh --prefix PATH : ${lib.makeBinPath [
-      pkgs.curl pkgs.jq
-    ]}
-    wrapProgram $out/check_mem.sh --prefix PATH : ${lib.makeBinPath [
-      pkgs.gnugrep pkgs.gawk pkgs.procps-ng
-    ]}
-    wrapProgram $out/check_postgres_replication --prefix PATH : ${lib.makeBinPath [
-      postgresqlBinary
-    ]}
-    wrapProgram $out/check_redis_replication --prefix PATH : ${lib.makeBinPath [
-      pkgs.gnugrep pkgs.coreutils pkgs.redis
-    ]}
-    wrapProgram $out/check_mysql_replication --prefix PATH : ${lib.makeBinPath [
-      pkgs.gnugrep pkgs.gnused pkgs.coreutils pkgs.mariadb
-    ]}
-    wrapProgram $out/check_openldap_replication --prefix PATH : ${lib.makeBinPath [
-      pkgs.gnugrep pkgs.gnused pkgs.coreutils pkgs.openldap
-    ]}
-    wrapProgram $out/check_emails --prefix PATH : ${lib.makeBinPath [
-      pkgs.openssh send_mails
-    ]} --prefix PERL5LIB : ${pkgs.perlPackages.makePerlPath [
-      pkgs.perlPackages.TimeDate
-    ]}
-    wrapProgram $out/check_ftp_database --prefix PATH : ${lib.makeBinPath [
-      pkgs.lftp
-    ]}
-    wrapProgram $out/check_git --prefix PATH : ${lib.makeBinPath [
-      pkgs.git pkgs.openssh
-    ]}
-    wrapProgram $out/check_imap_connection --prefix PATH : ${lib.makeBinPath [
-      pkgs.openssl
-    ]}
-    wrapProgram $out/check_eriomem --prefix PATH : ${lib.makeBinPath [
-      pkgs.s3cmd pkgs.python3
-    ]}
-    makeWrapper $out/check_backup_age $out/check_backup_eriomem_age --prefix PATH : ${lib.makeBinPath [
-      pkgs.duplicity
-    ]} --set SECRETS_PATH ${lib.optionalString cfg.master config.secrets.fullPaths."eriomem_access_key"}
-    makeWrapper $out/check_backup_age $out/check_backup_ovh_age --prefix PATH : ${lib.makeBinPath [
-      pkgs.duplicity
-    ]} --set SECRETS_PATH ${lib.optionalString cfg.master config.secrets.fullPaths."ovh_access_key"}
-    wrapProgram $out/notify_by_email --prefix PATH : ${lib.makeBinPath [
-      pkgs.mailutils
-    ]}
-    wrapProgram $out/notify_by_slack --prefix PATH : ${lib.makeBinPath [
-      pkgs.curl pkgs.jq
-    ]}
-    wrapProgram $out/notify_eban_url --prefix PATH : ${lib.makeBinPath [
-      pkgs.curl
-    ]}
-    wrapProgram $out/check_ovh_sms --prefix PATH : ${lib.makeBinPath [
-      (pkgs.python3.withPackages (ps: [ps.ovh]))
-    ]}
-    wrapProgram $out/check_bandwidth --prefix PATH : ${lib.makeBinPath [
-      pkgs.iproute pkgs.bc
-    ]}
    '';
  toObjects = pkgs.callPackage ./to_objects.nix {};
  commonConfig = {
@@ -183,7 +97,7 @@ let
    master = cfg.master;
    hostFQDN = config.hostEnv.fqdn;
    hostName = name;
-    sudo = "/run/wrappers/bin/sudo";
+    inherit mypluginsConfig;
  } // builtins.getAttr name commonConfig);
  hostObjects =
    let
@@ -263,52 +177,21 @@ in
    services.duplyBackup.profiles.monitoring = {
      rootDir = config.services.naemon.varDir;
    };
-    security.sudo.extraRules = [
+    security.sudo.extraRules = let
+      pluginsSudo = lib.lists.remove null (lib.attrsets.mapAttrsToList (k: v:
+        if (v ? sudo)
+        then ({ users = [ "naemon" ]; } // (v.sudo myplugins))
+        else null) mypluginsConfig);
+    in [
      {
        commands = [
          { command = "${pkgs.mdadm}/bin/mdadm --monitor --scan -1"; options = [ "NOPASSWD" ]; }
          { command = "${pkgs.postfix}/bin/mailq"; options = [ "NOPASSWD" ]; }
-          { command = "${megacli}/bin/MegaCli64"; options = [ "NOPASSWD" ]; }
        ];
        users = [ "naemon" ];
        runAs = "root";
      }
-      {
+    ] ++ pluginsSudo;
-        commands = [
-          { command = "${myplugins}/check_last_file_date /backup2/*"; options = [ "NOPASSWD" ]; }
-        ];
-        users = [ "naemon" ];
-        runAs = "ALL";
-      }
-      {
-        commands = [
-          { command = "${myplugins}/check_postgres_replication *"; options = [ "NOPASSWD" ]; }
-        ];
-        users = [ "naemon" ];
-        runAs = "postgres";
-      }
-      {
-        commands = [
-          { command = "${myplugins}/check_mysql_replication *"; options = [ "NOPASSWD" ]; }
-        ];
-        users = [ "naemon" ];
-        runAs = "mysql";
-      }
-      {
-        commands = [
-          { command = "${myplugins}/check_openldap_replication *"; options = [ "NOPASSWD" ]; }
-        ];
-        users = [ "naemon" ];
-        runAs = "openldap";
-      }
-      {
-        commands = [
-          { command = "${myplugins}/check_redis_replication *"; options = [ "NOPASSWD" ]; }
-        ];
-        users = [ "naemon" ];
-        runAs = "redis";
-      }
-    ];
    environment.etc."mdadm.conf" = {
      enable = true;
      mode = "0644";
@@ -354,26 +237,13 @@ in
        broker_module=${pkgs.naemon-livestatus}/lib/naemon-livestatus/livestatus.so ${config.services.naemon.runDir}/live
        broker_module=${pkgs.status_engine.module}/lib/status-engine/naemon/statusengine-${pkgs.naemon.status_engine_version}.o use_service_perfdata=1 use_process_data=0 use_system_command_data=0 use_external_command_data=0 use_flapping_data=0 use_program_status_data=0 use_notification_data=0 use_contact_status_data=0 use_contact_notification_data=0 use_event_handler_data=0 use_object_data=0
      '';
-      extraResource = ''
+      extraResource = let
+        resources = lib.mapAttrsToList (k: v: v.resources or {}) mypluginsConfig;
+        joined = lib.zipAttrsWith (n: v: if builtins.length (lib.unique v) == 1 then builtins.head v else abort "Non-unique resources names") resources;
+        joinedStr = builtins.concatStringsSep "\n" (lib.mapAttrsToList (k: v: "$" + "${k}$=${v}") joined);
+      in ''
        $USER2$=${myplugins}
-        $USER200$=${config.myEnv.monitoring.status_url}
+        ${joinedStr}
-        $USER201$=${config.myEnv.monitoring.status_token}
-        $USER202$=${config.myEnv.monitoring.http_user_password}
-        $USER203$=${config.secrets.fullPaths."naemon/id_rsa"}
-        $USER204$=${config.myEnv.monitoring.imap_login}
-        $USER205$=${config.myEnv.monitoring.imap_password}
-        $USER206$=${config.myEnv.monitoring.slack_channel}
-        $USER207$=${config.myEnv.monitoring.slack_url}
-        $USER208$=${builtins.concatStringsSep "," (map (builtins.concatStringsSep ":") config.myEnv.monitoring.eriomem_keys)}
-        $USER209$=${builtins.concatStringsSep "," [
-          config.myEnv.monitoring.ovh_sms.endpoint
-          config.myEnv.monitoring.ovh_sms.application_key
-          config.myEnv.monitoring.ovh_sms.application_secret
-          config.myEnv.monitoring.ovh_sms.consumer_key
-          config.myEnv.monitoring.ovh_sms.account
-        ]}
-        $USER210$=${config.myEnv.monitoring.eban.user}
-        $USER211$=${config.myEnv.monitoring.eban.password}
      '';
      objectDefs = toObjects commonObjects
        + toObjects hostObjects
author	Ismaël Bouya <ismael.bouya@normalesup.org>	2021-05-02 04:10:13 +0200
committer	Ismaël Bouya <ismael.bouya@normalesup.org>	2021-05-02 04:10:13 +0200
commit	acab8301f6a0a76d97b36d009a60d4172bf62981 (patch)
tree	15e4a211dbcc0d3f175a593344c0473c97d2ec00 /modules/private/monitoring/default.nix
parent	8175055f973b3f6e8a383abcaa42afb22f279e24 (diff)
download	Nix-acab8301f6a0a76d97b36d009a60d4172bf62981.tar.gz Nix-acab8301f6a0a76d97b36d009a60d4172bf62981.tar.zst Nix-acab8301f6a0a76d97b36d009a60d4172bf62981.zip

diff --git a/modules/private/monitoring/default.nix b/modules/private/monitoring/default.nix index 5f8a8c9..f00fb7c 100644 --- a/modules/private/monitoring/default.nix +++ b/modules/private/monitoring/default.nix
@@ -1,109 +1,23 @@
1	{ config, pkgs, lib, name, nodes, ... }:	1	{ config, pkgs, lib, name, nodes, ... }:
2	let	2	let
3	cfg = config.myServices.monitoring;	3	cfg = config.myServices.monitoring;
4	send_mails = pkgs.runCommand "send_mails" {	4	activatedPlugins = [ "memory" "command" "bandwidth" ]
5	buildInputs = [ pkgs.makeWrapper ];	5	++ (if cfg.master then (masterObjects.activatedPlugins or []) else [])
6	} ''	6	++ (if cfg.master then (lib.flatten (map (v: v.activatedPlugins or []) otherObjects)) else [])
7	mkdir -p $out/bin	7	++ (hostObjects.activatedPlugins or [])
8	cp ${./send_mails} $out/bin/send_mails	8	++ (if cfg.master then ["notify-primary"] else ["notify-secondary"]);
9	patchShebangs $out	9	allPluginsConfig = import ./myplugins.nix {
10	wrapProgram $out/bin/send_mails --prefix PATH : ${lib.makeBinPath [	10	inherit pkgs lib config;
11	pkgs.mailutils	11	sudo = "/run/wrappers/bin/sudo";
12	]}
13	'';
14	postgresqlBinary = if config.myServices.databasesReplication.postgresql.enable
15	then config.myServices.databasesReplication.postgresql.mainPackage
16	else if config.myServices.databases.enable
17	then config.myServices.databases.postgresql.package
18	else pkgs.postgresql;
19	zfsPlugin = pkgs.fetchurl {
20	url = "https://www.claudiokuenzler.com/monitoring-plugins/check_zpools.sh";
21	sha256 = "0p9ms9340in80jkds4kfspw62xnzsv5s7ni9m28kxyd0bnzkbzhf";
22	};	12	};
23	megacli = pkgs.megacli.overrideAttrs(old: { meta = old.meta // { license = null; }; });	13	mypluginsConfig = lib.getAttrs activatedPlugins allPluginsConfig;
24	megaCliPlugin = pkgs.runCommand "megaCliPlugin" {	14	myplugins = let
25	plugin = pkgs.fetchurl {	15	mypluginsChunk = builtins.concatStringsSep "\n" (lib.attrsets.mapAttrsToList (k: v: v.chunk or "") mypluginsConfig);
26	name = "check_megaraid_sas";	16	in pkgs.runCommand "buildplugins" {
27	url = "https://exchange.nagios.org/components/com_mtree/attachment.php?link_id=6381&cf_id=24";
28	sha256 = "0yf60p4c0hb4q3fng9fc14qc89bqm0f1sijayzygadaqcl44jx4p";
29	};
30	} ''
31	mkdir $out
32	cp $plugin $out/check_megaraid_sas
33	chmod +x $out/check_megaraid_sas
34	patchShebangs $out
35	substituteInPlace $out/check_megaraid_sas --replace /usr/sbin/MegaCli ${megacli}/bin/MegaCli64
36	substituteInPlace $out/check_megaraid_sas --replace 'sudo $megacli' '/run/wrappers/bin/sudo $megacli'
37	sed -i -e "s/use utils qw(%ERRORS);/my %ERRORS = ('OK' => 0, 'WARNING' => 1, 'CRITICAL' => 2, 'UNKNOWN' => 3);/" $out/check_megaraid_sas
38	'';
39	myplugins = pkgs.runCommand "buildplugins" {
40	buildInputs = [ pkgs.makeWrapper pkgs.perl ];	17	buildInputs = [ pkgs.makeWrapper pkgs.perl ];
41	} ''	18	} ''
42	mkdir $out	19	mkdir $out
43	cp ${zfsPlugin} $out/check_zpool.sh && chmod +x $out/check_zpool.sh	20	${mypluginsChunk}
44	cp ${megaCliPlugin}/check_megaraid_sas $out/
45	cp ${./plugins}/* $out/
46	patchShebangs $out
47	wrapProgram $out/check_command --prefix PATH : ${config.security.wrapperDir}
48	wrapProgram $out/check_zpool.sh --prefix PATH : ${lib.makeBinPath [
49	pkgs.which pkgs.zfs pkgs.gawk
50	]}
51	wrapProgram $out/send_nrdp.sh --prefix PATH : ${lib.makeBinPath [
52	pkgs.curl pkgs.jq
53	]}
54	wrapProgram $out/check_mem.sh --prefix PATH : ${lib.makeBinPath [
55	pkgs.gnugrep pkgs.gawk pkgs.procps-ng
56	]}
57	wrapProgram $out/check_postgres_replication --prefix PATH : ${lib.makeBinPath [
58	postgresqlBinary
59	]}
60	wrapProgram $out/check_redis_replication --prefix PATH : ${lib.makeBinPath [
61	pkgs.gnugrep pkgs.coreutils pkgs.redis
62	]}
63	wrapProgram $out/check_mysql_replication --prefix PATH : ${lib.makeBinPath [
64	pkgs.gnugrep pkgs.gnused pkgs.coreutils pkgs.mariadb
65	]}
66	wrapProgram $out/check_openldap_replication --prefix PATH : ${lib.makeBinPath [
67	pkgs.gnugrep pkgs.gnused pkgs.coreutils pkgs.openldap
68	]}
69	wrapProgram $out/check_emails --prefix PATH : ${lib.makeBinPath [
70	pkgs.openssh send_mails
71	]} --prefix PERL5LIB : ${pkgs.perlPackages.makePerlPath [
72	pkgs.perlPackages.TimeDate
73	]}
74	wrapProgram $out/check_ftp_database --prefix PATH : ${lib.makeBinPath [
75	pkgs.lftp
76	]}
77	wrapProgram $out/check_git --prefix PATH : ${lib.makeBinPath [
78	pkgs.git pkgs.openssh
79	]}
80	wrapProgram $out/check_imap_connection --prefix PATH : ${lib.makeBinPath [
81	pkgs.openssl
82	]}
83	wrapProgram $out/check_eriomem --prefix PATH : ${lib.makeBinPath [
84	pkgs.s3cmd pkgs.python3
85	]}
86	makeWrapper $out/check_backup_age $out/check_backup_eriomem_age --prefix PATH : ${lib.makeBinPath [
87	pkgs.duplicity
88	]} --set SECRETS_PATH ${lib.optionalString cfg.master config.secrets.fullPaths."eriomem_access_key"}
89	makeWrapper $out/check_backup_age $out/check_backup_ovh_age --prefix PATH : ${lib.makeBinPath [
90	pkgs.duplicity
91	]} --set SECRETS_PATH ${lib.optionalString cfg.master config.secrets.fullPaths."ovh_access_key"}
92	wrapProgram $out/notify_by_email --prefix PATH : ${lib.makeBinPath [
93	pkgs.mailutils
94	]}
95	wrapProgram $out/notify_by_slack --prefix PATH : ${lib.makeBinPath [
96	pkgs.curl pkgs.jq
97	]}
98	wrapProgram $out/notify_eban_url --prefix PATH : ${lib.makeBinPath [
99	pkgs.curl
100	]}
101	wrapProgram $out/check_ovh_sms --prefix PATH : ${lib.makeBinPath [
102	(pkgs.python3.withPackages (ps: [ps.ovh]))
103	]}
104	wrapProgram $out/check_bandwidth --prefix PATH : ${lib.makeBinPath [
105	pkgs.iproute pkgs.bc
106	]}
107	'';	21	'';
108	toObjects = pkgs.callPackage ./to_objects.nix {};	22	toObjects = pkgs.callPackage ./to_objects.nix {};
109	commonConfig = {	23	commonConfig = {
@@ -183,7 +97,7 @@ let
183	master = cfg.master;	97	master = cfg.master;
184	hostFQDN = config.hostEnv.fqdn;	98	hostFQDN = config.hostEnv.fqdn;
185	hostName = name;	99	hostName = name;
186	sudo = "/run/wrappers/bin/sudo";	100	inherit mypluginsConfig;
187	} // builtins.getAttr name commonConfig);	101	} // builtins.getAttr name commonConfig);
188	hostObjects =	102	hostObjects =
189	let	103	let
@@ -263,52 +177,21 @@ in
263	services.duplyBackup.profiles.monitoring = {	177	services.duplyBackup.profiles.monitoring = {
264	rootDir = config.services.naemon.varDir;	178	rootDir = config.services.naemon.varDir;
265	};	179	};
266	security.sudo.extraRules = [	180	security.sudo.extraRules = let
		181	pluginsSudo = lib.lists.remove null (lib.attrsets.mapAttrsToList (k: v:
		182	if (v ? sudo)
		183	then ({ users = [ "naemon" ]; } // (v.sudo myplugins))
		184	else null) mypluginsConfig);
		185	in [
267	{	186	{
268	commands = [	187	commands = [
269	{ command = "${pkgs.mdadm}/bin/mdadm --monitor --scan -1"; options = [ "NOPASSWD" ]; }	188	{ command = "${pkgs.mdadm}/bin/mdadm --monitor --scan -1"; options = [ "NOPASSWD" ]; }
270	{ command = "${pkgs.postfix}/bin/mailq"; options = [ "NOPASSWD" ]; }	189	{ command = "${pkgs.postfix}/bin/mailq"; options = [ "NOPASSWD" ]; }
271	{ command = "${megacli}/bin/MegaCli64"; options = [ "NOPASSWD" ]; }
272	];	190	];
273	users = [ "naemon" ];	191	users = [ "naemon" ];
274	runAs = "root";	192	runAs = "root";
275	}	193	}
276	{	194	] ++ pluginsSudo;
277	commands = [
278	{ command = "${myplugins}/check_last_file_date /backup2/*"; options = [ "NOPASSWD" ]; }
279	];
280	users = [ "naemon" ];
281	runAs = "ALL";
282	}
283	{
284	commands = [
285	{ command = "${myplugins}/check_postgres_replication *"; options = [ "NOPASSWD" ]; }
286	];
287	users = [ "naemon" ];
288	runAs = "postgres";
289	}
290	{
291	commands = [
292	{ command = "${myplugins}/check_mysql_replication *"; options = [ "NOPASSWD" ]; }
293	];
294	users = [ "naemon" ];
295	runAs = "mysql";
296	}
297	{
298	commands = [
299	{ command = "${myplugins}/check_openldap_replication *"; options = [ "NOPASSWD" ]; }
300	];
301	users = [ "naemon" ];
302	runAs = "openldap";
303	}
304	{
305	commands = [
306	{ command = "${myplugins}/check_redis_replication *"; options = [ "NOPASSWD" ]; }
307	];
308	users = [ "naemon" ];
309	runAs = "redis";
310	}
311	];
312	environment.etc."mdadm.conf" = {	195	environment.etc."mdadm.conf" = {
313	enable = true;	196	enable = true;
314	mode = "0644";	197	mode = "0644";
@@ -354,26 +237,13 @@ in
354	broker_module=${pkgs.naemon-livestatus}/lib/naemon-livestatus/livestatus.so ${config.services.naemon.runDir}/live	237	broker_module=${pkgs.naemon-livestatus}/lib/naemon-livestatus/livestatus.so ${config.services.naemon.runDir}/live
355	broker_module=${pkgs.status_engine.module}/lib/status-engine/naemon/statusengine-${pkgs.naemon.status_engine_version}.o use_service_perfdata=1 use_process_data=0 use_system_command_data=0 use_external_command_data=0 use_flapping_data=0 use_program_status_data=0 use_notification_data=0 use_contact_status_data=0 use_contact_notification_data=0 use_event_handler_data=0 use_object_data=0	238	broker_module=${pkgs.status_engine.module}/lib/status-engine/naemon/statusengine-${pkgs.naemon.status_engine_version}.o use_service_perfdata=1 use_process_data=0 use_system_command_data=0 use_external_command_data=0 use_flapping_data=0 use_program_status_data=0 use_notification_data=0 use_contact_status_data=0 use_contact_notification_data=0 use_event_handler_data=0 use_object_data=0
356	'';	239	'';
357	extraResource = ''	240	extraResource = let
		241	resources = lib.mapAttrsToList (k: v: v.resources or {}) mypluginsConfig;
		242	joined = lib.zipAttrsWith (n: v: if builtins.length (lib.unique v) == 1 then builtins.head v else abort "Non-unique resources names") resources;
		243	joinedStr = builtins.concatStringsSep "\n" (lib.mapAttrsToList (k: v: "$" + "${k}$=${v}") joined);
		244	in ''
358	$USER2$=${myplugins}	245	$USER2$=${myplugins}
359	$USER200$=${config.myEnv.monitoring.status_url}	246	${joinedStr}
360	$USER201$=${config.myEnv.monitoring.status_token}
361	$USER202$=${config.myEnv.monitoring.http_user_password}
362	$USER203$=${config.secrets.fullPaths."naemon/id_rsa"}
363	$USER204$=${config.myEnv.monitoring.imap_login}
364	$USER205$=${config.myEnv.monitoring.imap_password}
365	$USER206$=${config.myEnv.monitoring.slack_channel}
366	$USER207$=${config.myEnv.monitoring.slack_url}
367	$USER208$=${builtins.concatStringsSep "," (map (builtins.concatStringsSep ":") config.myEnv.monitoring.eriomem_keys)}
368	$USER209$=${builtins.concatStringsSep "," [
369	config.myEnv.monitoring.ovh_sms.endpoint
370	config.myEnv.monitoring.ovh_sms.application_key
371	config.myEnv.monitoring.ovh_sms.application_secret
372	config.myEnv.monitoring.ovh_sms.consumer_key
373	config.myEnv.monitoring.ovh_sms.account
374	]}
375	$USER210$=${config.myEnv.monitoring.eban.user}
376	$USER211$=${config.myEnv.monitoring.eban.password}
377	'';	247	'';
378	objectDefs = toObjects commonObjects	248	objectDefs = toObjects commonObjects
379	+ toObjects hostObjects	249	+ toObjects hostObjects