nixos/modules/services/monitoring/prometheus/exporters/process.nix at 23.11-beta · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs

lol

nixpkgs / nixos / modules / services / monitoring / prometheus / exporters / process.nix

at 23.11-beta 1.4 kB view raw

 1{ config, lib, pkgs, options }:
 2
 3with lib;
 4
 5let
 6  cfg = config.services.prometheus.exporters.process;
 7  configFile = pkgs.writeText "process-exporter.yaml" (builtins.toJSON cfg.settings);
 8in
 9{
10  port = 9256;
11  extraOpts = {
12    settings.process_names = mkOption {
13      type = types.listOf types.anything;
14      default = [];
15      example = literalExpression ''
16        [
17          # Remove nix store path from process name
18          { name = "{{.Matches.Wrapped}} {{ .Matches.Args }}"; cmdline = [ "^/nix/store[^ ]*/(?P<Wrapped>[^ /]*) (?P<Args>.*)" ]; }
19        ]
20      '';
21      description = lib.mdDoc ''
22        All settings expressed as an Nix attrset.
23
24        Check the official documentation for the corresponding YAML
25        settings that can all be used here: <https://github.com/ncabatoff/process-exporter>
26      '';
27    };
28  };
29  serviceOpts = {
30    serviceConfig = {
31      DynamicUser = false;
32      ExecStart = ''
33        ${pkgs.prometheus-process-exporter}/bin/process-exporter \
34          --web.listen-address ${cfg.listenAddress}:${toString cfg.port} \
35          --config.path ${configFile} \
36          ${concatStringsSep " \\\n  " cfg.extraFlags}
37      '';
38      NoNewPrivileges = true;
39      ProtectHome = true;
40      ProtectSystem = true;
41      ProtectKernelTunables = true;
42      ProtectKernelModules = true;
43      ProtectControlGroups = true;
44    };
45  };
46}