nixos/modules/services/monitoring/snmpd.nix at 25.11-pre · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs
lol
nixpkgs / nixos / modules / services / monitoring / snmpd.nix
at 25.11-pre 2.3 kB view raw
 1{
 2  pkgs,
 3  config,
 4  lib,
 5  ...
 6}:
 7
 8let
 9  cfg = config.services.snmpd;
10  configFile =
11    if cfg.configText != "" then
12      pkgs.writeText "snmpd.cfg" ''
13        ${cfg.configText}
14      ''
15    else
16      null;
17in
18{
19  options.services.snmpd = {
20    enable = lib.mkEnableOption "snmpd";
21
22    package = lib.mkPackageOption pkgs "net-snmp" { };
23
24    listenAddress = lib.mkOption {
25      type = lib.types.str;
26      default = "0.0.0.0";
27      description = ''
28        The address to listen on for SNMP and AgentX messages.
29      '';
30      example = "127.0.0.1";
31    };
32
33    port = lib.mkOption {
34      type = lib.types.port;
35      default = 161;
36      description = ''
37        The port to listen on for SNMP and AgentX messages.
38      '';
39    };
40
41    openFirewall = lib.mkOption {
42      type = lib.types.bool;
43      default = false;
44      description = ''
45        Open port in firewall for snmpd.
46      '';
47    };
48
49    configText = lib.mkOption {
50      type = lib.types.lines;
51      default = "";
52      description = ''
53        The contents of the snmpd.conf. If the {option}`configFile` option
54        is set, this value will be ignored.
55
56        Note that the contents of this option will be added to the Nix
57        store as world-readable plain text, {option}`configFile` can be used in
58        addition to a secret management tool to protect sensitive data.
59      '';
60    };
61
62    configFile = lib.mkOption {
63      type = lib.types.path;
64      default = configFile;
65      defaultText = lib.literalMD "The value of {option}`configText`.";
66      description = ''
67        Path to the snmpd.conf file. By default, if {option}`configText` is set,
68        a config file will be automatically generated.
69      '';
70    };
71
72  };
73
74  config = lib.mkIf cfg.enable {
75    systemd.services."snmpd" = {
76      description = "Simple Network Management Protocol (SNMP) daemon.";
77      after = [ "network.target" ];
78      wantedBy = [ "multi-user.target" ];
79      serviceConfig = {
80        Type = "simple";
81        ExecStart = "${lib.getExe' cfg.package "snmpd"} -f -Lo -c ${cfg.configFile} ${cfg.listenAddress}:${toString cfg.port}";
82      };
83    };
84
85    networking.firewall.allowedUDPPorts = lib.mkIf cfg.openFirewall [
86      cfg.port
87    ];
88  };
89
90  meta.maintainers = [ lib.maintainers.eliandoran ];
91
92}