pyrox.dev
1{
2 config,
3 pkgs,
4 lib,
5 ...
6}:
7
8let
9 cfg = config.services.vmagent;
10 settingsFormat = pkgs.formats.yaml { };
11
12 startCLIList =
13 [
14 "${cfg.package}/bin/vmagent"
15 ]
16 ++ lib.optionals (cfg.remoteWrite.url != null) [
17 "-remoteWrite.url=${cfg.remoteWrite.url}"
18 "-remoteWrite.tmpDataPath=%C/vmagent/remote_write_tmp"
19 ]
20 ++ lib.optional (
21 cfg.remoteWrite.basicAuthUsername != null
22 ) "-remoteWrite.basicAuth.username=${cfg.remoteWrite.basicAuthUsername}"
23 ++ lib.optional (
24 cfg.remoteWrite.basicAuthPasswordFile != null
25 ) "-remoteWrite.basicAuth.passwordFile=\${CREDENTIALS_DIRECTORY}/remote_write_basic_auth_password"
26 ++ cfg.extraArgs;
27 prometheusConfigYml = checkedConfig (
28 settingsFormat.generate "prometheusConfig.yaml" cfg.prometheusConfig
29 );
30
31 checkedConfig =
32 file:
33 pkgs.runCommand "checked-config" { nativeBuildInputs = [ cfg.package ]; } ''
34 ln -s ${file} $out
35 ${lib.escapeShellArgs startCLIList} -promscrape.config=${file} -dryRun
36 '';
37in
38{
39 imports = [
40 (lib.mkRemovedOptionModule [
41 "services"
42 "vmagent"
43 "dataDir"
44 ] "dataDir has been deprecated in favor of systemd provided CacheDirectory")
45 (lib.mkRemovedOptionModule [
46 "services"
47 "vmagent"
48 "user"
49 ] "user has been deprecated in favor of systemd DynamicUser")
50 (lib.mkRemovedOptionModule [
51 "services"
52 "vmagent"
53 "group"
54 ] "group has been deprecated in favor of systemd DynamicUser")
55 (lib.mkRenamedOptionModule
56 [ "services" "vmagent" "remoteWriteUrl" ]
57 [ "services" "vmagent" "remoteWrite" "url" ]
58 )
59 ];
60
61 options.services.vmagent = {
62 enable = lib.mkOption {
63 type = lib.types.bool;
64 default = false;
65 description = ''
66 Whether to enable VictoriaMetrics's `vmagent`.
67
68 `vmagent` efficiently scrape metrics from Prometheus-compatible exporters
69 '';
70 };
71
72 package = lib.mkPackageOption pkgs "vmagent" { };
73
74 remoteWrite = {
75 url = lib.mkOption {
76 default = null;
77 type = lib.types.nullOr lib.types.str;
78 description = ''
79 Endpoint for prometheus compatible remote_write
80 '';
81 };
82 basicAuthUsername = lib.mkOption {
83 default = null;
84 type = lib.types.nullOr lib.types.str;
85 description = ''
86 Basic Auth username used to connect to remote_write endpoint
87 '';
88 };
89 basicAuthPasswordFile = lib.mkOption {
90 default = null;
91 type = lib.types.nullOr lib.types.str;
92 description = ''
93 File that contains the Basic Auth password used to connect to remote_write endpoint
94 '';
95 };
96 };
97
98 prometheusConfig = lib.mkOption {
99 type = lib.types.submodule { freeformType = settingsFormat.type; };
100 description = ''
101 Config for prometheus style metrics
102 '';
103 };
104
105 openFirewall = lib.mkOption {
106 type = lib.types.bool;
107 default = false;
108 description = ''
109 Whether to open the firewall for the default ports.
110 '';
111 };
112
113 extraArgs = lib.mkOption {
114 type = lib.types.listOf lib.types.str;
115 default = [ ];
116 description = ''
117 Extra args to pass to `vmagent`. See the docs:
118 <https://docs.victoriametrics.com/vmagent.html#advanced-usage>
119 or {command}`vmagent -help` for more information.
120 '';
121 };
122 };
123
124 config = lib.mkIf cfg.enable {
125 networking.firewall.allowedTCPPorts = lib.mkIf cfg.openFirewall [ 8429 ];
126
127 systemd.services.vmagent = {
128 wantedBy = [ "multi-user.target" ];
129 after = [ "network.target" ];
130 description = "vmagent system service";
131 serviceConfig = {
132 DynamicUser = true;
133 User = "vmagent";
134 Group = "vmagent";
135 Type = "simple";
136 Restart = "on-failure";
137 CacheDirectory = "vmagent";
138 ExecStart = lib.escapeShellArgs (
139 startCLIList
140 ++ lib.optionals (cfg.prometheusConfig != { }) [ "-promscrape.config=${prometheusConfigYml}" ]
141 );
142 LoadCredential = lib.optional (cfg.remoteWrite.basicAuthPasswordFile != null) [
143 "remote_write_basic_auth_password:${cfg.remoteWrite.basicAuthPasswordFile}"
144 ];
145 };
146 };
147 };
148}