ae359d1ef2
Fixes issues described in #208242 for this part of the nixpkgs tree. There are no behavioral changes in this, it only adjusts the code so that it is easier to understand.
75 lines
2.2 KiB
Nix
75 lines
2.2 KiB
Nix
{ config, lib, pkgs, options, ... }:
|
|
|
|
let
|
|
logPrefix = "services.prometheus.exporter.blackbox";
|
|
cfg = config.services.prometheus.exporters.blackbox;
|
|
inherit (lib)
|
|
mkOption
|
|
types
|
|
concatStringsSep
|
|
escapeShellArg
|
|
;
|
|
|
|
# This ensures that we can deal with string paths, path types and
|
|
# store-path strings with context.
|
|
coerceConfigFile = file:
|
|
if (builtins.isPath file) || (lib.isStorePath file) then
|
|
file
|
|
else
|
|
(lib.warn ''
|
|
${logPrefix}: configuration file "${file}" is being copied to the nix-store.
|
|
If you would like to avoid that, please set enableConfigCheck to false.
|
|
'' /. + file);
|
|
checkConfigLocation = file:
|
|
if lib.hasPrefix "/tmp/" file then
|
|
throw
|
|
"${logPrefix}: configuration file must not reside within /tmp - it won't be visible to the systemd service."
|
|
else
|
|
file;
|
|
checkConfig = file:
|
|
pkgs.runCommand "checked-blackbox-exporter.conf" {
|
|
preferLocalBuild = true;
|
|
nativeBuildInputs = [ pkgs.buildPackages.prometheus-blackbox-exporter ];
|
|
} ''
|
|
ln -s ${coerceConfigFile file} $out
|
|
blackbox_exporter --config.check --config.file $out
|
|
'';
|
|
in {
|
|
port = 9115;
|
|
extraOpts = {
|
|
configFile = mkOption {
|
|
type = types.path;
|
|
description = ''
|
|
Path to configuration file.
|
|
'';
|
|
};
|
|
enableConfigCheck = mkOption {
|
|
type = types.bool;
|
|
default = true;
|
|
description = ''
|
|
Whether to run a correctness check for the configuration file. This depends
|
|
on the configuration file residing in the nix-store. Paths passed as string will
|
|
be copied to the store.
|
|
'';
|
|
};
|
|
};
|
|
|
|
serviceOpts = let
|
|
adjustedConfigFile = if cfg.enableConfigCheck then
|
|
checkConfig cfg.configFile
|
|
else
|
|
checkConfigLocation cfg.configFile;
|
|
in {
|
|
serviceConfig = {
|
|
AmbientCapabilities = [ "CAP_NET_RAW" ]; # for ping probes
|
|
ExecStart = ''
|
|
${pkgs.prometheus-blackbox-exporter}/bin/blackbox_exporter \
|
|
--web.listen-address ${cfg.listenAddress}:${toString cfg.port} \
|
|
--config.file ${escapeShellArg adjustedConfigFile} \
|
|
${concatStringsSep " \\\n " cfg.extraFlags}
|
|
'';
|
|
ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID";
|
|
};
|
|
};
|
|
}
|