nixos/modules/services/monitoring/prometheus/exporters/blackbox.nix at 23.11-beta · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs
lol
nixpkgs / nixos / modules / services / monitoring / prometheus / exporters / blackbox.nix
at 23.11-beta 2.2 kB view raw
 1{ config, lib, pkgs, options }:
 2
 3with lib;
 4
 5let
 6  logPrefix = "services.prometheus.exporter.blackbox";
 7  cfg = config.services.prometheus.exporters.blackbox;
 8
 9  # This ensures that we can deal with string paths, path types and
10  # store-path strings with context.
11  coerceConfigFile = file:
12    if (builtins.isPath file) || (lib.isStorePath file) then
13      file
14    else
15      (lib.warn ''
16        ${logPrefix}: configuration file "${file}" is being copied to the nix-store.
17        If you would like to avoid that, please set enableConfigCheck to false.
18      '' /. + file);
19  checkConfigLocation = file:
20    if lib.hasPrefix "/tmp/" file then
21      throw
22      "${logPrefix}: configuration file must not reside within /tmp - it won't be visible to the systemd service."
23    else
24      file;
25  checkConfig = file:
26    pkgs.runCommand "checked-blackbox-exporter.conf" {
27      preferLocalBuild = true;
28      nativeBuildInputs = [ pkgs.buildPackages.prometheus-blackbox-exporter ];
29    } ''
30      ln -s ${coerceConfigFile file} $out
31      blackbox_exporter --config.check --config.file $out
32    '';
33in {
34  port = 9115;
35  extraOpts = {
36    configFile = mkOption {
37      type = types.path;
38      description = lib.mdDoc ''
39        Path to configuration file.
40      '';
41    };
42    enableConfigCheck = mkOption {
43      type = types.bool;
44      default = true;
45      description = lib.mdDoc ''
46        Whether to run a correctness check for the configuration file. This depends
47        on the configuration file residing in the nix-store. Paths passed as string will
48        be copied to the store.
49      '';
50    };
51  };
52
53  serviceOpts = let
54    adjustedConfigFile = if cfg.enableConfigCheck then
55      checkConfig cfg.configFile
56    else
57      checkConfigLocation cfg.configFile;
58  in {
59    serviceConfig = {
60      AmbientCapabilities = [ "CAP_NET_RAW" ]; # for ping probes
61      ExecStart = ''
62        ${pkgs.prometheus-blackbox-exporter}/bin/blackbox_exporter \
63          --web.listen-address ${cfg.listenAddress}:${toString cfg.port} \
64          --config.file ${escapeShellArg adjustedConfigFile} \
65          ${concatStringsSep " \\\n  " cfg.extraFlags}
66      '';
67      ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID";
68    };
69  };
70}