pyrox.dev
1{ config, lib, pkgs, ... }:
2
3with lib;
4let cfg = config.services.vector;
5
6in
7{
8 options.services.vector = {
9 enable = mkEnableOption (lib.mdDoc "Vector");
10
11 package = mkPackageOptionMD pkgs "vector" { };
12
13 journaldAccess = mkOption {
14 type = types.bool;
15 default = false;
16 description = lib.mdDoc ''
17 Enable Vector to access journald.
18 '';
19 };
20
21 settings = mkOption {
22 type = (pkgs.formats.json { }).type;
23 default = { };
24 description = lib.mdDoc ''
25 Specify the configuration for Vector in Nix.
26 '';
27 };
28 };
29
30 config = mkIf cfg.enable {
31 # for cli usage
32 environment.systemPackages = [ pkgs.vector ];
33
34 systemd.services.vector = {
35 description = "Vector event and log aggregator";
36 wantedBy = [ "multi-user.target" ];
37 after = [ "network-online.target" ];
38 requires = [ "network-online.target" ];
39 serviceConfig =
40 let
41 format = pkgs.formats.toml { };
42 conf = format.generate "vector.toml" cfg.settings;
43 validateConfig = file:
44 pkgs.runCommand "validate-vector-conf" {
45 nativeBuildInputs = [ pkgs.vector ];
46 } ''
47 vector validate --no-environment "${file}"
48 ln -s "${file}" "$out"
49 '';
50 in
51 {
52 ExecStart = "${getExe cfg.package} --config ${validateConfig conf}";
53 DynamicUser = true;
54 Restart = "no";
55 StateDirectory = "vector";
56 ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID";
57 AmbientCapabilities = "CAP_NET_BIND_SERVICE";
58 # This group is required for accessing journald.
59 SupplementaryGroups = mkIf cfg.journaldAccess "systemd-journal";
60 };
61 };
62 };
63}