···

       
14
       
14
       
 
       
    global = {

     

       
15
       
15
       
 
       
      "plugins directory" = "${wrappedPlugins}/libexec/netdata/plugins.d ${pkgs.netdata}/libexec/netdata/plugins.d";

     

       
16
       
16
       
 
       
    };

     

       
17
       
17
       
+
       
    web = {

     

       
18
       
18
       
+
       
      "web files owner" = "root";

     

       
19
       
19
       
+
       
      "web files group" = "root";

     

       
20
       
20
       
+
       
    };

     

       
17
       
21
       
 
       
  };

     

       
18
       
22
       
 
       
  mkConfig = generators.toINI {} (recursiveUpdate localConfig cfg.config);

     

       
19
       
23
       
 
       
  configFile = pkgs.writeText "netdata.conf" (if cfg.configText != null then cfg.configText else mkConfig);

     

···

       
19
       
19
       
 
       
    startAll;

     

       
20
       
20
       
 
       


     

       
21
       
21
       
 
       
    $netdata->waitForUnit("netdata.service");

     

       
22
       
22
       
-
       
    # check if netdata can read disk ops for root owned processes. 

     

       
23
       
23
       
-
       
    # if > 0, successful. verifies both netdata working and 

     

       
22
       
22
       
+
       


     

       
23
       
23
       
+
       
    # check if the netdata main page loads.

     

       
24
       
24
       
+
       
    $netdata->succeed("curl --fail http://localhost:19999/");

     

       
25
       
25
       
+
       


     

       
26
       
26
       
+
       
    # check if netdata can read disk ops for root owned processes.

     

       
27
       
27
       
+
       
    # if > 0, successful. verifies both netdata working and

     

       
24
       
28
       
 
       
    # apps.plugin has elevated capabilities.

     

       
25
       
29
       
 
       
    my $cmd = <<'CMD';

     

       
26
       
30
       
 
       
    curl -s http://localhost:19999/api/v1/data\?chart=users.pwrites | \

     

···

       
1
       
1
       
 
       
{ stdenv, fetchFromGitHub, autoreconfHook, zlib, pkgconfig, libuuid }:

     

       
2
       
2
       
 
       


     

       
3
       
3
       
 
       
stdenv.mkDerivation rec{

     

       
4
       
4
       
-
       
  version = "1.9.0";

     

       
4
       
4
       
+
       
  version = "1.10.0";

     

       
5
       
5
       
 
       
  name = "netdata-${version}";

     

       
6
       
6
       
 
       


     

       
7
       
7
       
 
       
  src = fetchFromGitHub {

     

       
8
       
8
       
 
       
    rev = "v${version}";

     

       
9
       
9
       
 
       
    owner = "firehol";

     

       
10
       
10
       
 
       
    repo = "netdata";

     

       
11
       
11
       
-
       
    sha256 = "1vy0jz5lxw63b830l9jgf1qqhp41gzapyhdr5k1gwg3zghvlg10w";

     

       
11
       
11
       
+
       
    sha256 = "02spfisabjkkgd9fairldlf84n83vbv2xafg0g5jrpfa972pjl9r";

     

       
12
       
12
       
 
       
  };

     

       
13
       
13
       
 
       


     

       
14
       
14
       
 
       
  nativeBuildInputs = [ autoreconfHook pkgconfig ];

     

       
15
       
15
       
 
       
  buildInputs = [ zlib libuuid ];

     

       
16
       
16
       
-
       


     

       
17
       
17
       
-
       
  # Allow UI to load when running as non-root

     

       
18
       
18
       
-
       
  patches = [ ./web_access.patch ];

     

       
19
       
16
       
 
       


     

       
20
       
17
       
 
       
  # Build will fail trying to create /var/{cache,lib,log}/netdata without this

     

       
21
       
18
       
 
       
  postPatch = ''

     

···

       
1
       
1
       
-
       
--- a/src/web_client.c.orig

     

       
2
       
2
       
-
       
+++ b/src/web_client.c

     

       
3
       
3
       
-
       
@@ -302,7 +302,7 @@

     

       
4
       
4
       
-
       
         buffer_strcat_htmlescape(w->response.data, webfilename);

     

       
5
       
5
       
-
       
         return 404;

     

       
6
       
6
       
-
       
     }

     

       
7
       
7
       
-
       
-

     

       
8
       
8
       
-
       
+#if 0

     

       
9
       
9
       
-
       
     // check if the file is owned by expected user

     

       
10
       
10
       
-
       
     if(stat.st_uid != web_files_uid()) {

     

       
11
       
11
       
-
       
         error("%llu: File '%s' is owned by user %u (expected user %u). Access Denied.", w->id, webfilename, stat.st_uid, web_files_uid());

     

       
12
       
12
       
-
       
@@ -320,7 +320,7 @@

     

       
13
       
13
       
-
       
         buffer_strcat_htmlescape(w->response.data, webfilename);

     

       
14
       
14
       
-
       
         return 403;

     

       
15
       
15
       
-
       
     }

     

       
16
       
16
       
-
       
-

     

       
17
       
17
       
-
       
+#endif

     

       
18
       
18
       
-
       
     if((stat.st_mode & S_IFMT) == S_IFDIR) {

     

       
19
       
19
       
-
       
         snprintfz(webfilename, FILENAME_MAX, "%s/index.html", filename);

     

       
20
       
20
       
-
       
         return mysendfile(w, webfilename);