nixos/modules/services/monitoring/snmpd.nix at 24.11-pre · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs
lol
nixpkgs / nixos / modules / services / monitoring / snmpd.nix
at 24.11-pre 2.3 kB view raw
 1{ pkgs, config, lib, ... }:
 2
 3let
 4  cfg = config.services.snmpd;
 5  configFile = if cfg.configText != "" then
 6    pkgs.writeText "snmpd.cfg" ''
 7      ${cfg.configText}
 8    '' else null;
 9in {
10  options.services.snmpd = {
11    enable = lib.mkEnableOption "snmpd";
12
13    package = lib.mkPackageOption pkgs "net-snmp" {};
14
15    listenAddress = lib.mkOption {
16      type = lib.types.str;
17      default = "0.0.0.0";
18      description = ''
19        The address to listen on for SNMP and AgentX messages.
20      '';
21      example = "127.0.0.1";
22    };
23
24    port = lib.mkOption {
25      type = lib.types.port;
26      default = 161;
27      description = ''
28        The port to listen on for SNMP and AgentX messages.
29      '';
30    };
31
32    openFirewall = lib.mkOption {
33      type = lib.types.bool;
34      default = false;
35      description = ''
36        Open port in firewall for snmpd.
37      '';
38    };
39
40    configText = lib.mkOption {
41      type = lib.types.lines;
42      default = "";
43      description = ''
44        The contents of the snmpd.conf. If the {option}`configFile` option
45        is set, this value will be ignored.
46
47        Note that the contents of this option will be added to the Nix
48        store as world-readable plain text, {option}`configFile` can be used in
49        addition to a secret management tool to protect sensitive data.
50      '';
51    };
52
53    configFile = lib.mkOption {
54      type = lib.types.path;
55      default = configFile;
56      defaultText = lib.literalMD "The value of {option}`configText`.";
57      description = ''
58        Path to the snmpd.conf file. By default, if {option}`configText` is set,
59        a config file will be automatically generated.
60      '';
61    };
62
63  };
64
65  config = lib.mkIf cfg.enable {
66    systemd.services."snmpd" = {
67      description = "Simple Network Management Protocol (SNMP) daemon.";
68      after = [ "network.target" ];
69      wantedBy = [ "multi-user.target" ];
70      serviceConfig = {
71        Type = "simple";
72        ExecStart = "${lib.getExe' cfg.package "snmpd"} -f -Lo -c ${cfg.configFile} ${cfg.listenAddress}:${toString cfg.port}";
73      };
74    };
75
76    networking.firewall.allowedUDPPorts = lib.mkIf cfg.openFirewall [
77      cfg.port
78    ];
79  };
80
81  meta.maintainers = [ lib.maintainers.eliandoran ];
82
83}