pyrox.dev
1{
2 config,
3 lib,
4 pkgs,
5 options,
6 ...
7}:
8
9let
10 cfg = config.services.prometheus.exporters.script;
11 inherit (lib)
12 mkOption
13 types
14 literalExpression
15 concatStringsSep
16 ;
17 configFile = pkgs.writeText "script-exporter.yaml" (builtins.toJSON cfg.settings);
18in
19{
20 port = 9172;
21 extraOpts = {
22 settings.scripts = mkOption {
23 type =
24 with types;
25 listOf (submodule {
26 options = {
27 name = mkOption {
28 type = str;
29 example = "sleep";
30 description = "Name of the script.";
31 };
32 script = mkOption {
33 type = str;
34 example = "sleep 5";
35 description = "Shell script to execute when metrics are requested.";
36 };
37 timeout = mkOption {
38 type = nullOr int;
39 default = null;
40 example = 60;
41 description = "Optional timeout for the script in seconds.";
42 };
43 };
44 });
45 example = literalExpression ''
46 {
47 scripts = [
48 { name = "sleep"; script = "sleep 5"; }
49 ];
50 }
51 '';
52 description = ''
53 All settings expressed as an Nix attrset.
54
55 Check the official documentation for the corresponding YAML
56 settings that can all be used here: <https://github.com/adhocteam/script_exporter#sample-configuration>
57 '';
58 };
59 };
60 serviceOpts = {
61 serviceConfig = {
62 ExecStart = ''
63 ${pkgs.prometheus-script-exporter}/bin/script_exporter \
64 --web.listen-address ${cfg.listenAddress}:${toString cfg.port} \
65 --config.file ${configFile} \
66 ${concatStringsSep " \\\n " cfg.extraFlags}
67 '';
68 NoNewPrivileges = true;
69 ProtectHome = true;
70 ProtectSystem = "strict";
71 ProtectKernelTunables = true;
72 ProtectKernelModules = true;
73 ProtectControlGroups = true;
74 };
75 };
76}