diff options
Diffstat (limited to 'flakes/naemon/flake.nix')
-rw-r--r-- | flakes/naemon/flake.nix | 191 |
1 files changed, 191 insertions, 0 deletions
diff --git a/flakes/naemon/flake.nix b/flakes/naemon/flake.nix new file mode 100644 index 0000000..9b2ace5 --- /dev/null +++ b/flakes/naemon/flake.nix | |||
@@ -0,0 +1,191 @@ | |||
1 | { | ||
2 | outputs = { self }: { | ||
3 | nixosModule = self.nixosModules.naemon; | ||
4 | nixosModules.naemon = { config, lib, pkgs, ... }: | ||
5 | with lib; | ||
6 | |||
7 | let | ||
8 | cfg = config.services.naemon; | ||
9 | |||
10 | naemonConfig = pkgs.runCommand "naemon-config" { | ||
11 | objectsFile = pkgs.writeText "naemon_objects.cfg" cfg.objectDefs; | ||
12 | resourceFile = config.secrets.fullPaths."naemon/resources.cfg"; | ||
13 | extraConfig = pkgs.writeText "extra.cfg" cfg.extraConfig; | ||
14 | inherit (cfg) logDir varDir runDir cacheDir; | ||
15 | } '' | ||
16 | substituteAll ${./naemon.cfg} $out | ||
17 | cat $extraConfig >> $out | ||
18 | ''; | ||
19 | in | ||
20 | { | ||
21 | # Necessary for situations where flake gets included multiple times | ||
22 | key = builtins.hashString "sha256" (builtins.path { path = self.sourceInfo.outPath; name = "source"; }); | ||
23 | |||
24 | options = { | ||
25 | services.naemon = { | ||
26 | enable = mkOption { | ||
27 | default = false; | ||
28 | description = " | ||
29 | Whether to use <link | ||
30 | xlink:href='http://www.naemon.org/'>Naemon</link> to monitor | ||
31 | your system or network. | ||
32 | "; | ||
33 | }; | ||
34 | |||
35 | objectDefs = mkOption { | ||
36 | type = types.lines; | ||
37 | default = ""; | ||
38 | description = " | ||
39 | A list of Naemon object configuration that must define | ||
40 | the hosts, host groups, services and contacts for the | ||
41 | network that you want Naemon to monitor. | ||
42 | "; | ||
43 | }; | ||
44 | |||
45 | extraResource = mkOption { | ||
46 | type = types.lines; | ||
47 | default = ""; | ||
48 | example = '' | ||
49 | # Sets $USER2$ to be the path to event handlers | ||
50 | #$USER2$=/usr/lib/monitoring-plugins/eventhandlers | ||
51 | |||
52 | # Store some usernames and passwords (hidden from the CGIs) | ||
53 | #$USER3$=someuser | ||
54 | #$USER4$=somepassword | ||
55 | ''; | ||
56 | description = " | ||
57 | Lines to add to the resource file | ||
58 | # You can define $USERx$ macros in this file, which can in turn be used | ||
59 | # in command definitions in your host config file(s). $USERx$ macros are | ||
60 | # useful for storing sensitive information such as usernames, passwords, | ||
61 | # etc. They are also handy for specifying the path to plugins and | ||
62 | # event handlers - if you decide to move the plugins or event handlers to | ||
63 | # a different directory in the future, you can just update one or two | ||
64 | # $USERx$ macros, instead of modifying a lot of command definitions. | ||
65 | # | ||
66 | # Naemon supports up to 256 $USERx$ macros ($USER1$ through $USER256$) | ||
67 | # | ||
68 | # Resource files may also be used to store configuration directives for | ||
69 | # external data sources like MySQL... | ||
70 | # | ||
71 | "; | ||
72 | }; | ||
73 | |||
74 | extraConfig = mkOption { | ||
75 | type = types.lines; | ||
76 | default = ""; | ||
77 | description = " | ||
78 | Extra config to append to main config | ||
79 | "; | ||
80 | }; | ||
81 | |||
82 | user = mkOption { | ||
83 | type = types.str; | ||
84 | default = "naemon"; | ||
85 | description = "User for naemon"; | ||
86 | }; | ||
87 | |||
88 | group = mkOption { | ||
89 | type = types.str; | ||
90 | default = "naemon"; | ||
91 | description = "Group for naemon"; | ||
92 | }; | ||
93 | |||
94 | varDir = mkOption { | ||
95 | type = types.path; | ||
96 | default = "/var/lib/naemon"; | ||
97 | description = "The directory where naemon stores its data"; | ||
98 | }; | ||
99 | |||
100 | cacheDir = mkOption { | ||
101 | type = types.path; | ||
102 | default = "/var/cache/naemon"; | ||
103 | description = "The directory where naemon stores its cache"; | ||
104 | }; | ||
105 | |||
106 | runDir = mkOption { | ||
107 | type = types.path; | ||
108 | default = "/run/naemon"; | ||
109 | description = "The directory where naemon stores its runtime files"; | ||
110 | }; | ||
111 | |||
112 | logDir = mkOption { | ||
113 | type = types.path; | ||
114 | default = "/var/log/naemon"; | ||
115 | description = "The directory where naemon stores its log files"; | ||
116 | }; | ||
117 | |||
118 | package = mkOption { | ||
119 | type = types.package; | ||
120 | default = pkgs.naemon.override { | ||
121 | inherit (cfg) varDir cacheDir logDir runDir user group; | ||
122 | }; | ||
123 | description = '' | ||
124 | Naemon package to use | ||
125 | ''; | ||
126 | }; | ||
127 | }; | ||
128 | }; | ||
129 | |||
130 | |||
131 | config = mkIf cfg.enable { | ||
132 | secrets.keys = { | ||
133 | "naemon/resources.cfg" = { | ||
134 | user = cfg.user; | ||
135 | group = cfg.group; | ||
136 | permissions = "0400"; | ||
137 | text = '' | ||
138 | $USER1$=${pkgs.monitoring-plugins}/libexec | ||
139 | ${cfg.extraResource} | ||
140 | ''; | ||
141 | keyDependencies = [ pkgs.monitoring-plugins ]; | ||
142 | }; | ||
143 | }; | ||
144 | |||
145 | users.users = optionalAttrs (cfg.user == "naemon") { | ||
146 | naemon = { | ||
147 | group = cfg.group; | ||
148 | uid = config.ids.uids.nagios; | ||
149 | extraGroups = [ "keys" ]; | ||
150 | }; | ||
151 | }; | ||
152 | users.groups = optionalAttrs (cfg.user == "naemon") { | ||
153 | naemon = { | ||
154 | gid = config.ids.gids.nagios; | ||
155 | }; | ||
156 | }; | ||
157 | |||
158 | services.filesWatcher.naemon = { | ||
159 | paths = [ config.secrets.fullPaths."naemon/resources.cfg" ]; | ||
160 | }; | ||
161 | systemd.services.naemon = { | ||
162 | description = "Naemon monitoring daemon"; | ||
163 | path = [ cfg.package ]; | ||
164 | wantedBy = [ "multi-user.target" ]; | ||
165 | after = [ "network.target" ]; | ||
166 | |||
167 | preStart = "${cfg.package}/bin/naemon -vp ${naemonConfig}"; | ||
168 | script = "${cfg.package}/bin/naemon --daemon ${naemonConfig}"; | ||
169 | reload = "${pkgs.utillinux}/bin/kill -HUP $MAINPID"; | ||
170 | serviceConfig = { | ||
171 | User = cfg.user; | ||
172 | Restart = "always"; | ||
173 | RestartSec = 2; | ||
174 | StandardOutput = "journal"; | ||
175 | StandardError = "inherit"; | ||
176 | PIDFile = "${cfg.runDir}/naemon.pid"; | ||
177 | LogsDirectory = assert lib.strings.hasPrefix "/var/log/" cfg.logDir; | ||
178 | lib.strings.removePrefix "/var/log/" cfg.logDir; | ||
179 | CacheDirectory = assert lib.strings.hasPrefix "/var/cache/" cfg.cacheDir; | ||
180 | let unprefixed = lib.strings.removePrefix "/var/cache/" cfg.cacheDir; | ||
181 | in [ unprefixed "${unprefixed}/checkresults" ]; | ||
182 | StateDirectory = assert lib.strings.hasPrefix "/var/lib/" cfg.varDir; | ||
183 | lib.strings.removePrefix "/var/lib/" cfg.varDir; | ||
184 | RuntimeDirectory = assert lib.strings.hasPrefix "/run/" cfg.runDir; | ||
185 | lib.strings.removePrefix "/run/" cfg.runDir; | ||
186 | }; | ||
187 | }; | ||
188 | }; | ||
189 | }; | ||
190 | }; | ||
191 | } | ||