diff options
author | Frederik Rietdijk <fridh@fridh.nl> | 2019-08-02 09:18:37 +0200 |
---|---|---|
committer | Frederik Rietdijk <fridh@fridh.nl> | 2019-08-02 09:18:37 +0200 |
commit | 6f723b9bad655a64f1234557b5e08b5ce9556228 (patch) | |
tree | 68931ba6b8defdba041734ccc72ac40a0fee5b94 /nixos | |
parent | 55e4555b77ff7506579c1d4f5d9b562ca6e853b4 (diff) | |
parent | 7d4f67a23f599d82f26d1ec9b89f82e1cc5f3ba9 (diff) | |
download | nixlib-6f723b9bad655a64f1234557b5e08b5ce9556228.tar nixlib-6f723b9bad655a64f1234557b5e08b5ce9556228.tar.gz nixlib-6f723b9bad655a64f1234557b5e08b5ce9556228.tar.bz2 nixlib-6f723b9bad655a64f1234557b5e08b5ce9556228.tar.lz nixlib-6f723b9bad655a64f1234557b5e08b5ce9556228.tar.xz nixlib-6f723b9bad655a64f1234557b5e08b5ce9556228.tar.zst nixlib-6f723b9bad655a64f1234557b5e08b5ce9556228.zip |
Merge master into staging-next
Diffstat (limited to 'nixos')
-rw-r--r-- | nixos/doc/manual/release-notes/rl-1909.xml | 5 | ||||
-rw-r--r-- | nixos/modules/config/xdg/portal.nix | 2 | ||||
-rw-r--r-- | nixos/modules/programs/ssh.nix | 1 | ||||
-rw-r--r-- | nixos/modules/services/misc/gitlab.nix | 1 | ||||
-rw-r--r-- | nixos/modules/services/monitoring/prometheus/exporters.nix | 11 | ||||
-rw-r--r-- | nixos/modules/services/monitoring/prometheus/exporters/mail.nix | 156 | ||||
-rw-r--r-- | nixos/modules/services/network-filesystems/kbfs.nix | 1 | ||||
-rw-r--r-- | nixos/modules/services/networking/keybase.nix | 1 | ||||
-rw-r--r-- | nixos/modules/services/networking/syncthing.nix | 8 | ||||
-rw-r--r-- | nixos/tests/prometheus-exporters.nix | 42 |
10 files changed, 222 insertions, 6 deletions
diff --git a/nixos/doc/manual/release-notes/rl-1909.xml b/nixos/doc/manual/release-notes/rl-1909.xml index 0e067cf1f55b..049d21d01b25 100644 --- a/nixos/doc/manual/release-notes/rl-1909.xml +++ b/nixos/doc/manual/release-notes/rl-1909.xml @@ -214,6 +214,11 @@ have a look at the <link xlink:href="https://github.com/nginxinc/nginx-prometheus-exporter">official repo</link>. </para> </listitem> + <listitem> + <para> + Nodejs 8 is scheduled EOL under the lifetime of 19.09 and has been dropped. + </para> + </listitem> </itemizedlist> </section> diff --git a/nixos/modules/config/xdg/portal.nix b/nixos/modules/config/xdg/portal.nix index 89ddf80b5755..bdbbfda2bb42 100644 --- a/nixos/modules/config/xdg/portal.nix +++ b/nixos/modules/config/xdg/portal.nix @@ -51,7 +51,7 @@ with lib; systemd.packages = packages; environment.variables = { - GTK_USE_PORTAL = optional cfg.gtkUsePortal "1"; + GTK_USE_PORTAL = mkIf cfg.gtkUsePortal "1"; XDG_DESKTOP_PORTAL_PATH = map (p: "${p}/share/xdg-desktop-portal/portals") cfg.extraPortals; }; }; diff --git a/nixos/modules/programs/ssh.nix b/nixos/modules/programs/ssh.nix index 18b183eca9e2..733b8f7636fd 100644 --- a/nixos/modules/programs/ssh.nix +++ b/nixos/modules/programs/ssh.nix @@ -235,6 +235,7 @@ in systemd.user.services.ssh-agent = mkIf cfg.startAgent { description = "SSH Agent"; wantedBy = [ "default.target" ]; + unitConfig.ConditionUser = "!@system"; serviceConfig = { ExecStartPre = "${pkgs.coreutils}/bin/rm -f %t/ssh-agent"; ExecStart = diff --git a/nixos/modules/services/misc/gitlab.nix b/nixos/modules/services/misc/gitlab.nix index 9fce9419a1af..2f3f76d79ff3 100644 --- a/nixos/modules/services/misc/gitlab.nix +++ b/nixos/modules/services/misc/gitlab.nix @@ -502,6 +502,7 @@ in { "d ${cfg.statePath} 0750 ${cfg.user} ${cfg.group} -" "d ${cfg.statePath}/builds 0750 ${cfg.user} ${cfg.group} -" "d ${cfg.statePath}/config 0750 ${cfg.user} ${cfg.group} -" + "d ${cfg.statePath}/config/initializers 0750 ${cfg.user} ${cfg.group} -" "d ${cfg.statePath}/db 0750 ${cfg.user} ${cfg.group} -" "d ${cfg.statePath}/log 0750 ${cfg.user} ${cfg.group} -" "d ${cfg.statePath}/repositories 2770 ${cfg.user} ${cfg.group} -" diff --git a/nixos/modules/services/monitoring/prometheus/exporters.nix b/nixos/modules/services/monitoring/prometheus/exporters.nix index 802281e71643..03f3da75b148 100644 --- a/nixos/modules/services/monitoring/prometheus/exporters.nix +++ b/nixos/modules/services/monitoring/prometheus/exporters.nix @@ -28,6 +28,7 @@ let "dovecot" "fritzbox" "json" + "mail" "minio" "nginx" "node" @@ -162,13 +163,19 @@ in }; config = mkMerge ([{ - assertions = [{ + assertions = [ { assertion = (cfg.snmp.configurationPath == null) != (cfg.snmp.configuration == null); message = '' Please ensure you have either `services.prometheus.exporters.snmp.configuration' or `services.prometheus.exporters.snmp.configurationPath' set! ''; - }]; + } { + assertion = (cfg.mail.configFile == null) != (cfg.mail.configuration == {}); + message = '' + Please specify either 'services.prometheus.exporters.mail.configuration' + or 'services.prometheus.exporters.mail.configFile'. + ''; + } ]; }] ++ [(mkIf config.services.minio.enable { services.prometheus.exporters.minio.minioAddress = mkDefault "http://localhost:9000"; services.prometheus.exporters.minio.minioAccessKey = mkDefault config.services.minio.accessKey; diff --git a/nixos/modules/services/monitoring/prometheus/exporters/mail.nix b/nixos/modules/services/monitoring/prometheus/exporters/mail.nix new file mode 100644 index 000000000000..a1b46140d3e6 --- /dev/null +++ b/nixos/modules/services/monitoring/prometheus/exporters/mail.nix @@ -0,0 +1,156 @@ +{ config, lib, pkgs, options }: + +with lib; + +let + cfg = config.services.prometheus.exporters.mail; + + configurationFile = pkgs.writeText "prometheus-mail-exporter.conf" (builtins.toJSON ( + # removes the _module attribute, null values and converts attrNames to lowercase + mapAttrs' (name: value: + if name == "servers" + then nameValuePair (toLower name) + ((map (srv: (mapAttrs' (n: v: nameValuePair (toLower n) v) + (filterAttrs (n: v: !(n == "_module" || v == null)) srv) + ))) value) + else nameValuePair (toLower name) value + ) (filterAttrs (n: _: !(n == "_module")) cfg.configuration) + )); + + serverOptions.options = { + name = mkOption { + type = types.str; + description = '' + Value for label 'configname' which will be added to all metrics. + ''; + }; + server = mkOption { + type = types.str; + description = '' + Hostname of the server that should be probed. + ''; + }; + port = mkOption { + type = types.int; + example = 587; + description = '' + Port to use for SMTP. + ''; + }; + from = mkOption { + type = types.str; + example = "exporteruser@domain.tld"; + description = '' + Content of 'From' Header for probing mails. + ''; + }; + to = mkOption { + type = types.str; + example = "exporteruser@domain.tld"; + description = '' + Content of 'To' Header for probing mails. + ''; + }; + detectionDir = mkOption { + type = types.path; + example = "/var/spool/mail/exporteruser/new"; + description = '' + Directory in which new mails for the exporter user are placed. + Note that this needs to exist when the exporter starts. + ''; + }; + login = mkOption { + type = types.nullOr types.str; + default = null; + example = "exporteruser@domain.tld"; + description = '' + Username to use for SMTP authentication. + ''; + }; + passphrase = mkOption { + type = types.nullOr types.str; + default = null; + description = '' + Password to use for SMTP authentication. + ''; + }; + }; + + exporterOptions.options = { + monitoringInterval = mkOption { + type = types.str; + example = "10s"; + description = '' + Time interval between two probe attempts. + ''; + }; + mailCheckTimeout = mkOption { + type = types.str; + description = '' + Timeout until mails are considered "didn't make it". + ''; + }; + disableFileDelition = mkOption { + type = types.bool; + default = false; + description = '' + Disables the exporter's function to delete probing mails. + ''; + }; + servers = mkOption { + type = types.listOf (types.submodule serverOptions); + default = []; + example = literalExample '' + [ { + name = "testserver"; + server = "smtp.domain.tld"; + port = 587; + from = "exporteruser@domain.tld"; + to = "exporteruser@domain.tld"; + detectionDir = "/path/to/Maildir/new"; + } ] + ''; + description = '' + List of servers that should be probed. + ''; + }; + }; +in +{ + port = 9225; + extraOpts = { + configFile = mkOption { + type = types.nullOr types.path; + default = null; + description = '' + Specify the mailexporter configuration file to use. + ''; + }; + configuration = mkOption { + type = types.submodule exporterOptions; + default = {}; + description = '' + Specify the mailexporter configuration file to use. + ''; + }; + telemetryPath = mkOption { + type = types.str; + default = "/metrics"; + description = '' + Path under which to expose metrics. + ''; + }; + }; + serviceOpts = { + serviceConfig = { + ExecStart = '' + ${pkgs.prometheus-mail-exporter}/bin/mailexporter \ + --web.listen-address ${cfg.listenAddress}:${toString cfg.port} \ + --config.file ${ + if cfg.configuration != {} then configurationFile else cfg.configFile + } \ + ${concatStringsSep " \\\n " cfg.extraFlags} + ''; + }; + }; +} diff --git a/nixos/modules/services/network-filesystems/kbfs.nix b/nixos/modules/services/network-filesystems/kbfs.nix index 7b2eea3b5850..263b70d04a56 100644 --- a/nixos/modules/services/network-filesystems/kbfs.nix +++ b/nixos/modules/services/network-filesystems/kbfs.nix @@ -48,6 +48,7 @@ in { requires = [ "keybase.service" ]; after = [ "keybase.service" ]; path = [ "/run/wrappers" ]; + unitConfig.ConditionUser = "!@system"; serviceConfig = { ExecStartPre = "${pkgs.coreutils}/bin/mkdir -p ${cfg.mountPoint}"; ExecStart = "${pkgs.kbfs}/bin/kbfsfuse ${toString cfg.extraFlags} ${cfg.mountPoint}"; diff --git a/nixos/modules/services/networking/keybase.nix b/nixos/modules/services/networking/keybase.nix index a149f16a84cb..85f52be8a6ac 100644 --- a/nixos/modules/services/networking/keybase.nix +++ b/nixos/modules/services/networking/keybase.nix @@ -26,6 +26,7 @@ in { systemd.user.services.keybase = { description = "Keybase service"; + unitConfig.ConditionUser = "!@system"; serviceConfig = { ExecStart = '' ${pkgs.keybase}/bin/keybase service --auto-forked diff --git a/nixos/modules/services/networking/syncthing.nix b/nixos/modules/services/networking/syncthing.nix index 8148139c3a81..126f5b7b527b 100644 --- a/nixos/modules/services/networking/syncthing.nix +++ b/nixos/modules/services/networking/syncthing.nix @@ -372,16 +372,18 @@ in { systemd.packages = [ pkgs.syncthing ]; - users = mkIf (cfg.systemService && cfg.user == defaultUser) { - users."${defaultUser}" = + users.users = mkIf (cfg.systemService && cfg.user == defaultUser) { + "${defaultUser}" = { group = cfg.group; home = cfg.dataDir; createHome = true; uid = config.ids.uids.syncthing; description = "Syncthing daemon user"; }; + }; - groups."${defaultUser}".gid = + users.groups = mkIf (cfg.systemService && cfg.group == defaultUser) { + "${defaultUser}".gid = config.ids.gids.syncthing; }; diff --git a/nixos/tests/prometheus-exporters.nix b/nixos/tests/prometheus-exporters.nix index 2286d70be289..533054a46864 100644 --- a/nixos/tests/prometheus-exporters.nix +++ b/nixos/tests/prometheus-exporters.nix @@ -188,6 +188,48 @@ let ''; }; + mail = { + exporterConfig = { + enable = true; + user = "mailexporter"; + configuration = { + monitoringInterval = "2s"; + mailCheckTimeout = "10s"; + servers = [ { + name = "testserver"; + server = "localhost"; + port = 25; + from = "mailexporter@localhost"; + to = "mailexporter@localhost"; + detectionDir = "/var/spool/mail/mailexporter/new"; + } ]; + }; + }; + metricProvider = { + services.postfix.enable = true; + systemd.services.prometheus-mail-exporter = { + after = [ "postfix.service" ]; + requires = [ "postfix.service" ]; + preStart = '' + mkdir -p 0600 mailexporter/new + ''; + serviceConfig = { + ProtectHome = true; + ReadOnlyPaths = "/"; + ReadWritePaths = "/var/spool/mail"; + WorkingDirectory = "/var/spool/mail"; + }; + }; + users.users.mailexporter.isSystemUser = true; + }; + exporterTest = '' + waitForUnit("postfix.service") + waitForUnit("prometheus-mail-exporter.service") + waitForOpenPort(9225) + waitUntilSucceeds("curl -sSf http://localhost:9225/metrics | grep -q 'mail_deliver_success{configname=\"testserver\"} 1'") + ''; + }; + nginx = { exporterConfig = { enable = true; |