nixos/modules/services/monitoring/nezha-agent.nix at 24.11-pre · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs
lol
nixpkgs / nixos / modules / services / monitoring / nezha-agent.nix
at 24.11-pre 2.8 kB view raw
  1{
  2  config,
  3  lib,
  4  pkgs,
  5  ...
  6}:
  7let
  8  cfg = config.services.nezha-agent;
  9in
 10{
 11  meta = {
 12    maintainers = with lib.maintainers; [ moraxyc ];
 13  };
 14  options = {
 15    services.nezha-agent = {
 16      enable = lib.mkEnableOption "Agent of Nezha Monitoring";
 17
 18      package = lib.mkPackageOption pkgs "nezha-agent" { };
 19      debug = lib.mkEnableOption "verbose log";
 20      tls = lib.mkOption {
 21        type = lib.types.bool;
 22        default = false;
 23        description = ''
 24          Enable SSL/TLS encryption.
 25        '';
 26      };
 27      disableCommandExecute = lib.mkOption {
 28        type = lib.types.bool;
 29        default = true;
 30        description = ''
 31          Disable executing the command from dashboard.
 32        '';
 33      };
 34      skipConnection = lib.mkOption {
 35        type = lib.types.bool;
 36        default = false;
 37        description = ''
 38          Do not monitor the number of connections.
 39        '';
 40      };
 41      skipProcess = lib.mkOption {
 42        type = lib.types.bool;
 43        default = false;
 44        description = ''
 45          Do not monitor the number of processes.
 46        '';
 47      };
 48      reportDelay = lib.mkOption {
 49        type = lib.types.enum [ 1 2 3 4 ];
 50        default = 1;
 51        description = ''
 52          The interval between system status reportings.
 53          The value must be an integer from 1 to 4
 54        '';
 55      };
 56      passwordFile = lib.mkOption {
 57        type = with lib.types; nullOr str;
 58        default = null;
 59        description = ''
 60          Path to the file contained the password from dashboard.
 61        '';
 62      };
 63      server = lib.mkOption {
 64        type = lib.types.str;
 65        description = ''
 66          Address to the dashboard
 67        '';
 68      };
 69    };
 70  };
 71
 72  config = lib.mkIf cfg.enable {
 73    systemd.packages = [ cfg.package ];
 74
 75    systemd.services.nezha-agent = {
 76      serviceConfig = {
 77        ProtectSystem = "full";
 78        PrivateDevices = "yes";
 79        PrivateTmp = "yes";
 80        NoNewPrivileges = true;
 81      };
 82      path = [ cfg.package ];
 83      startLimitIntervalSec = 10;
 84      startLimitBurst = 3;
 85      script = lib.concatStringsSep " " (
 86        [
 87          "${cfg.package}/bin/agent"
 88          "--disable-auto-update"
 89          "--disable-force-update"
 90          "--password $(cat ${cfg.passwordFile})"
 91        ]
 92        ++ lib.optional cfg.debug "--debug"
 93        ++ lib.optional cfg.disableCommandExecute "--disable-command-execute"
 94        ++ lib.optional (cfg.reportDelay != null) "--report-delay ${toString cfg.reportDelay}"
 95        ++ lib.optional (cfg.server != null) "--server ${cfg.server}"
 96        ++ lib.optional cfg.skipConnection "--skip-conn"
 97        ++ lib.optional cfg.skipProcess "--skip-procs"
 98        ++ lib.optional cfg.tls "--tls"
 99      );
100      wantedBy = [ "multi-user.target" ];
101    };
102  };
103}