nixos/modules/services/monitoring/prometheus/exporters/node-cert.nix at master · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs

lol

nixpkgs / nixos / modules / services / monitoring / prometheus / exporters / node-cert.nix

at master 1.6 kB view raw

 1{
 2  config,
 3  lib,
 4  pkgs,
 5  ...
 6}:
 7
 8let
 9  cfg = config.services.prometheus.exporters.node-cert;
10  inherit (lib) mkOption types concatStringsSep;
11in
12{
13  port = 9141;
14
15  extraOpts = {
16    paths = mkOption {
17      type = types.listOf types.str;
18      description = ''
19        List of paths to search for SSL certificates.
20      '';
21    };
22
23    excludePaths = mkOption {
24      type = types.listOf types.str;
25      description = ''
26        List of paths to exclute from searching for SSL certificates.
27      '';
28      default = [ ];
29    };
30
31    includeGlobs = mkOption {
32      type = types.listOf types.str;
33      description = ''
34        List files matching a pattern to include. Uses Go blob pattern.
35      '';
36      default = [ ];
37    };
38
39    excludeGlobs = mkOption {
40      type = types.listOf types.str;
41      description = ''
42        List files matching a pattern to include. Uses Go blob pattern.
43      '';
44      default = [ ];
45    };
46
47    user = mkOption {
48      type = types.str;
49      description = ''
50        User owning the certs.
51      '';
52      default = "acme";
53    };
54  };
55
56  serviceOpts = {
57    serviceConfig = {
58      User = cfg.user;
59      ExecStart = ''
60        ${lib.getExe pkgs.prometheus-node-cert-exporter} \
61          --listen ${toString cfg.listenAddress}:${toString cfg.port} \
62          --path ${concatStringsSep "," cfg.paths} \
63          --exclude-path "${concatStringsSep "," cfg.excludePaths}" \
64          --include-glob "${concatStringsSep "," cfg.includeGlobs}" \
65          --exclude-glob "${concatStringsSep "," cfg.excludeGlobs}" \
66          ${concatStringsSep " \\\n  " cfg.extraFlags}
67      '';
68    };
69  };
70}