ae359d1ef2
Fixes issues described in #208242 for this part of the nixpkgs tree. There are no behavioral changes in this, it only adjusts the code so that it is easier to understand.
67 lines
1.6 KiB
Nix
67 lines
1.6 KiB
Nix
{ config, lib, pkgs, ... }:
|
|
|
|
let
|
|
cfg = config.services.prometheus.exporters.openldap;
|
|
inherit (lib) mkOption types concatStringsSep;
|
|
in {
|
|
port = 9330;
|
|
extraOpts = {
|
|
ldapCredentialFile = mkOption {
|
|
type = types.path;
|
|
example = "/run/keys/ldap_pass";
|
|
description = ''
|
|
Environment file to contain the credentials to authenticate against
|
|
`openldap`.
|
|
|
|
The file should look like this:
|
|
```
|
|
---
|
|
ldapUser: "cn=monitoring,cn=Monitor"
|
|
ldapPass: "secret"
|
|
```
|
|
'';
|
|
};
|
|
protocol = mkOption {
|
|
default = "tcp";
|
|
example = "udp";
|
|
type = types.str;
|
|
description = ''
|
|
Which protocol to use to connect against `openldap`.
|
|
'';
|
|
};
|
|
ldapAddr = mkOption {
|
|
default = "localhost:389";
|
|
type = types.str;
|
|
description = ''
|
|
Address of the `openldap`-instance.
|
|
'';
|
|
};
|
|
metricsPath = mkOption {
|
|
default = "/metrics";
|
|
type = types.str;
|
|
description = ''
|
|
URL path where metrics should be exposed.
|
|
'';
|
|
};
|
|
interval = mkOption {
|
|
default = "30s";
|
|
type = types.str;
|
|
example = "1m";
|
|
description = ''
|
|
Scrape interval of the exporter.
|
|
'';
|
|
};
|
|
};
|
|
serviceOpts.serviceConfig = {
|
|
ExecStart = ''
|
|
${pkgs.prometheus-openldap-exporter}/bin/openldap_exporter \
|
|
--promAddr ${cfg.listenAddress}:${toString cfg.port} \
|
|
--metrPath ${cfg.metricsPath} \
|
|
--ldapNet ${cfg.protocol} \
|
|
--interval ${cfg.interval} \
|
|
--config ${cfg.ldapCredentialFile} \
|
|
${concatStringsSep " \\\n " cfg.extraFlags}
|
|
'';
|
|
};
|
|
}
|