nixos/modules/services/monitoring/uptime-kuma.nix at 23.11-pre · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs
lol
nixpkgs / nixos / modules / services / monitoring / uptime-kuma.nix
at 23.11-pre 2.3 kB view raw
 1{ config, pkgs, lib, ... }:
 2
 3with lib;
 4
 5let
 6  cfg = config.services.uptime-kuma;
 7in
 8{
 9
10  meta.maintainers = [ lib.maintainers.julienmalka ];
11
12  options = {
13    services.uptime-kuma = {
14      enable = mkEnableOption (mdDoc "Uptime Kuma, this assumes a reverse proxy to be set");
15
16      package = mkOption {
17        type = types.package;
18        default = pkgs.uptime-kuma;
19        defaultText = literalExpression "pkgs.uptime-kuma";
20        description = lib.mdDoc "Uptime Kuma package to use.";
21      };
22
23      appriseSupport = mkEnableOption (mdDoc "apprise support for notifications");
24
25      settings = lib.mkOption {
26        type = lib.types.submodule { freeformType = with lib.types; attrsOf str; };
27        default = { };
28        example = {
29          PORT = "4000";
30          NODE_EXTRA_CA_CERTS = "/etc/ssl/certs/ca-certificates.crt";
31        };
32        description = lib.mdDoc ''
33          Additional configuration for Uptime Kuma, see
34          <https://github.com/louislam/uptime-kuma/wiki/Environment-Variables>
35          for supported values.
36        '';
37      };
38    };
39  };
40
41  config = mkIf cfg.enable {
42
43    services.uptime-kuma.settings = {
44      DATA_DIR = "/var/lib/uptime-kuma/";
45      NODE_ENV = mkDefault "production";
46      HOST = mkDefault "127.0.0.1";
47      PORT = mkDefault "3001";
48    };
49
50    systemd.services.uptime-kuma = {
51      description = "Uptime Kuma";
52      after = [ "network.target" ];
53      wantedBy = [ "multi-user.target" ];
54      environment = cfg.settings;
55      path = with pkgs; [ unixtools.ping ] ++ lib.optional cfg.appriseSupport apprise;
56      serviceConfig = {
57        Type = "simple";
58        StateDirectory = "uptime-kuma";
59        DynamicUser = true;
60        ExecStart = "${cfg.package}/bin/uptime-kuma-server";
61        Restart = "on-failure";
62        ProtectHome = true;
63        ProtectSystem = "strict";
64        PrivateTmp = true;
65        PrivateDevices = true;
66        ProtectHostname = true;
67        ProtectClock = true;
68        ProtectKernelTunables = true;
69        ProtectKernelModules = true;
70        ProtectKernelLogs = true;
71        ProtectControlGroups = true;
72        NoNewPrivileges = true;
73        RestrictRealtime = true;
74        RestrictSUIDSGID = true;
75        RemoveIPC = true;
76        PrivateMounts = true;
77      };
78    };
79  };
80}
81