nixos/modules/services/monitoring/netdata.nix at 18.03-beta · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs
lol
nixpkgs / nixos / modules / services / monitoring / netdata.nix
at 18.03-beta 3.1 kB view raw
  1{ config, pkgs, lib, ... }:
  2
  3with lib;
  4
  5let
  6  cfg = config.services.netdata;
  7
  8  wrappedPlugins = pkgs.runCommand "wrapped-plugins" {} ''
  9    mkdir -p $out/libexec/netdata/plugins.d
 10    ln -s /run/wrappers/bin/apps.plugin $out/libexec/netdata/plugins.d/apps.plugin
 11  '';
 12
 13  localConfig = {
 14    global = {
 15      "plugins directory" = "${wrappedPlugins}/libexec/netdata/plugins.d ${pkgs.netdata}/libexec/netdata/plugins.d";
 16    };
 17  };
 18  mkConfig = generators.toINI {} (recursiveUpdate localConfig cfg.config);
 19  configFile = pkgs.writeText "netdata.conf" (if cfg.configText != null then cfg.configText else mkConfig);
 20
 21  defaultUser = "netdata";
 22
 23in {
 24  options = {
 25    services.netdata = {
 26      enable = mkEnableOption "netdata";
 27
 28      user = mkOption {
 29        type = types.str;
 30        default = "netdata";
 31        description = "User account under which netdata runs.";
 32      };
 33
 34      group = mkOption {
 35        type = types.str;
 36        default = "netdata";
 37        description = "Group under which netdata runs.";
 38      };
 39
 40      configText = mkOption {
 41        type = types.nullOr types.lines;
 42        description = "Verbatim netdata.conf, cannot be combined with config.";
 43        default = null;
 44        example = ''
 45          [global]
 46          debug log = syslog
 47          access log = syslog
 48          error log = syslog
 49        '';
 50      };
 51
 52      config = mkOption {
 53        type = types.attrsOf types.attrs;
 54        default = {};
 55        description = "netdata.conf configuration as nix attributes. cannot be combined with configText.";
 56        example = literalExample ''
 57          global = {
 58            "debug log" = "syslog";
 59            "access log" = "syslog";
 60            "error log" = "syslog";
 61          };
 62        '';
 63        };
 64      };
 65    };
 66
 67  config = mkIf cfg.enable {
 68    assertions =
 69      [ { assertion = cfg.config != {} -> cfg.configText == null ;
 70          message = "Cannot specify both config and configText";
 71        }
 72      ];
 73    systemd.services.netdata = {
 74      path = with pkgs; [ gawk curl ];
 75      description = "Real time performance monitoring";
 76      after = [ "network.target" ];
 77      wantedBy = [ "multi-user.target" ];
 78      preStart = concatStringsSep "\n" (map (dir: ''
 79        mkdir -vp ${dir}
 80        chmod 750 ${dir}
 81        chown -R ${cfg.user}:${cfg.group} ${dir}
 82        '') [ "/var/cache/netdata"
 83              "/var/log/netdata"
 84              "/var/lib/netdata" ]);
 85      serviceConfig = {
 86        User = cfg.user;
 87        Group = cfg.group;
 88        PermissionsStartOnly = true;
 89        ExecStart = "${pkgs.netdata}/bin/netdata -D -c ${configFile}";
 90        TimeoutStopSec = 60;
 91      };
 92    };
 93
 94    security.wrappers."apps.plugin" = {
 95      source = "${pkgs.netdata}/libexec/netdata/plugins.d/apps.plugin";
 96      capabilities = "cap_dac_read_search,cap_sys_ptrace+ep";
 97      owner = cfg.user;
 98      group = cfg.group;
 99      permissions = "u+rx,g+rx,o-rwx";
100    };
101
102
103    users.extraUsers = optional (cfg.user == defaultUser) {
104      name = defaultUser;
105    };
106
107    users.extraGroups = optional (cfg.group == defaultUser) {
108      name = defaultUser;
109    };
110
111  };
112}