nixos/modules/services/web-apps/icingaweb2/module-monitoring.nix at 23.11-pre · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs
lol
nixpkgs / nixos / modules / services / web-apps / icingaweb2 / module-monitoring.nix
at 23.11-pre 5.3 kB view raw
  1{ config, lib, pkgs, ... }: with lib; let
  2  cfg = config.services.icingaweb2.modules.monitoring;
  3
  4  configIni = ''
  5    [security]
  6    protected_customvars = "${concatStringsSep "," cfg.generalConfig.protectedVars}"
  7  '';
  8
  9  backendsIni = let
 10    formatBool = b: if b then "1" else "0";
 11  in concatStringsSep "\n" (mapAttrsToList (name: config: ''
 12    [${name}]
 13    type = "ido"
 14    resource = "${config.resource}"
 15    disabled = "${formatBool config.disabled}"
 16  '') cfg.backends);
 17
 18  transportsIni = concatStringsSep "\n" (mapAttrsToList (name: config: ''
 19    [${name}]
 20    type = "${config.type}"
 21    ${optionalString (config.instance != null) ''instance = "${config.instance}"''}
 22    ${optionalString (config.type == "local" || config.type == "remote") ''path = "${config.path}"''}
 23    ${optionalString (config.type != "local") ''
 24      host = "${config.host}"
 25      ${optionalString (config.port != null) ''port = "${toString config.port}"''}
 26      user${optionalString (config.type == "api") "name"} = "${config.username}"
 27    ''}
 28    ${optionalString (config.type == "api") ''password = "${config.password}"''}
 29    ${optionalString (config.type == "remote") ''resource = "${config.resource}"''}
 30  '') cfg.transports);
 31
 32in {
 33  options.services.icingaweb2.modules.monitoring = with types; {
 34    enable = mkOption {
 35      type = bool;
 36      default = true;
 37      description = lib.mdDoc "Whether to enable the icingaweb2 monitoring module.";
 38    };
 39
 40    generalConfig = {
 41      mutable = mkOption {
 42        type = bool;
 43        default = false;
 44        description = lib.mdDoc "Make config.ini of the monitoring module mutable (e.g. via the web interface).";
 45      };
 46
 47      protectedVars = mkOption {
 48        type = listOf str;
 49        default = [ "*pw*" "*pass*" "community" ];
 50        description = lib.mdDoc "List of string patterns for custom variables which should be excluded from user’s view.";
 51      };
 52    };
 53
 54    mutableBackends = mkOption {
 55      type = bool;
 56      default = false;
 57      description = lib.mdDoc "Make backends.ini of the monitoring module mutable (e.g. via the web interface).";
 58    };
 59
 60    backends = mkOption {
 61      default = { icinga = { resource = "icinga_ido"; }; };
 62      description = lib.mdDoc "Monitoring backends to define";
 63      type = attrsOf (submodule ({ name, ... }: {
 64        options = {
 65          name = mkOption {
 66            visible = false;
 67            default = name;
 68            type = str;
 69            description = lib.mdDoc "Name of this backend";
 70          };
 71
 72          resource = mkOption {
 73            type = str;
 74            description = lib.mdDoc "Name of the IDO resource";
 75          };
 76
 77          disabled = mkOption {
 78            type = bool;
 79            default = false;
 80            description = lib.mdDoc "Disable this backend";
 81          };
 82        };
 83      }));
 84    };
 85
 86    mutableTransports = mkOption {
 87      type = bool;
 88      default = true;
 89      description = lib.mdDoc "Make commandtransports.ini of the monitoring module mutable (e.g. via the web interface).";
 90    };
 91
 92    transports = mkOption {
 93      default = {};
 94      description = lib.mdDoc "Command transports to define";
 95      type = attrsOf (submodule ({ name, ... }: {
 96        options = {
 97          name = mkOption {
 98            visible = false;
 99            default = name;
100            type = str;
101            description = lib.mdDoc "Name of this transport";
102          };
103
104          type = mkOption {
105            type = enum [ "api" "local" "remote" ];
106            default = "api";
107            description = lib.mdDoc "Type of  this transport";
108          };
109
110          instance = mkOption {
111            type = nullOr str;
112            default = null;
113            description = lib.mdDoc "Assign a icinga instance to this transport";
114          };
115
116          path = mkOption {
117            type = str;
118            description = lib.mdDoc "Path to the socket for local or remote transports";
119          };
120
121          host = mkOption {
122            type = str;
123            description = lib.mdDoc "Host for the api or remote transport";
124          };
125
126          port = mkOption {
127            type = nullOr str;
128            default = null;
129            description = lib.mdDoc "Port to connect to for the api or remote transport";
130          };
131
132          username = mkOption {
133            type = str;
134            description = lib.mdDoc "Username for the api or remote transport";
135          };
136
137          password = mkOption {
138            type = str;
139            description = lib.mdDoc "Password for the api transport";
140          };
141
142          resource = mkOption {
143            type = str;
144            description = lib.mdDoc "SSH identity resource for the remote transport";
145          };
146        };
147      }));
148    };
149  };
150
151  config = mkIf (config.services.icingaweb2.enable && cfg.enable) {
152    environment.etc = { "icingaweb2/enabledModules/monitoring" = { source = "${pkgs.icingaweb2}/modules/monitoring"; }; }
153      // optionalAttrs (!cfg.generalConfig.mutable) { "icingaweb2/modules/monitoring/config.ini".text = configIni; }
154      // optionalAttrs (!cfg.mutableBackends) { "icingaweb2/modules/monitoring/backends.ini".text = backendsIni; }
155      // optionalAttrs (!cfg.mutableTransports) { "icingaweb2/modules/monitoring/commandtransports.ini".text = transportsIni; };
156  };
157}