nixos/modules/services/monitoring/prometheus/exporters/process.nix at master · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs

lol

nixpkgs / nixos / modules / services / monitoring / prometheus / exporters / process.nix

at master 1.5 kB view raw

 1{
 2  config,
 3  lib,
 4  pkgs,
 5  options,
 6  ...
 7}:
 8
 9let
10  cfg = config.services.prometheus.exporters.process;
11  inherit (lib)
12    mkOption
13    types
14    literalExpression
15    concatStringsSep
16    ;
17  configFile = pkgs.writeText "process-exporter.yaml" (builtins.toJSON cfg.settings);
18in
19{
20  port = 9256;
21  extraOpts = {
22    settings.process_names = mkOption {
23      type = types.listOf types.anything;
24      default = [ ];
25      example = literalExpression ''
26        [
27          # Remove nix store path from process name
28          { name = "{{.Matches.Wrapped}} {{ .Matches.Args }}"; cmdline = [ "^/nix/store[^ ]*/(?P<Wrapped>[^ /]*) (?P<Args>.*)" ]; }
29        ]
30      '';
31      description = ''
32        All settings expressed as an Nix attrset.
33
34        Check the official documentation for the corresponding YAML
35        settings that can all be used here: <https://github.com/ncabatoff/process-exporter>
36      '';
37    };
38  };
39  serviceOpts = {
40    serviceConfig = {
41      DynamicUser = false;
42      ExecStart = ''
43        ${pkgs.prometheus-process-exporter}/bin/process-exporter \
44          --web.listen-address ${cfg.listenAddress}:${toString cfg.port} \
45          --config.path ${configFile} \
46          ${concatStringsSep " \\\n  " cfg.extraFlags}
47      '';
48      NoNewPrivileges = true;
49      ProtectHome = true;
50      ProtectSystem = true;
51      ProtectKernelTunables = true;
52      ProtectKernelModules = true;
53      ProtectControlGroups = true;
54    };
55  };
56}