diff options
Diffstat (limited to 'nixos/modules/services')
| -rw-r--r-- | nixos/modules/services/monitoring/dd-agent.nix | 105 | ||||
| -rw-r--r-- | nixos/modules/services/networking/btsync.nix | 8 | ||||
| -rw-r--r-- | nixos/modules/services/networking/dhcpcd.nix | 17 |
3 files changed, 99 insertions, 31 deletions
diff --git a/nixos/modules/services/monitoring/dd-agent.nix b/nixos/modules/services/monitoring/dd-agent.nix index bddf102ee517..5794ee7fe534 100644 --- a/nixos/modules/services/monitoring/dd-agent.nix +++ b/nixos/modules/services/monitoring/dd-agent.nix @@ -5,54 +5,113 @@ with lib; let cfg = config.services.dd-agent; - datadog_conf = pkgs.runCommand "datadog.conf" {} '' - sed -e 's|^api_key:|api_key: ${cfg.api_key}|' ${optionalString (cfg.hostname != null) - "-e 's|^#hostname: mymachine.mydomain|hostname: ${cfg.hostname}|'" - } ${pkgs.dd-agent}/etc/dd-agent/datadog.conf.example > $out + ddConf = pkgs.writeText "datadog.conf" '' + [Main] + dd_url: https://app.datadoghq.com + skip_ssl_validation: no + api_key: ${cfg.api_key} + ${optionalString (cfg.hostname != null) "hostname: ${cfg.hostname}"} + + collector_log_file: /var/log/datadog/collector.log + forwarder_log_file: /var/log/datadog/forwarder.log + dogstatsd_log_file: /var/log/datadog/dogstatsd.log + pup_log_file: /var/log/datadog/pup.log + + # proxy_host: my-proxy.com + # proxy_port: 3128 + # proxy_user: user + # proxy_password: password + + # tags: mytag0, mytag1 + + # collect_ec2_tags: no + # recent_point_threshold: 30 + # use_mount: no + # listen_port: 17123 + # graphite_listen_port: 17124 + # non_local_traffic: no + # use_curl_http_client: False + # bind_host: localhost + + # use_pup: no + # pup_port: 17125 + # pup_interface: localhost + # pup_url: http://localhost:17125 + + # dogstatsd_port : 8125 + # dogstatsd_interval : 10 + # dogstatsd_normalize : yes + # statsd_forward_host: address_of_own_statsd_server + # statsd_forward_port: 8125 + + # device_blacklist_re: .*\/dev\/mapper\/lxc-box.* + + # ganglia_host: localhost + # ganglia_port: 8651 ''; + + postgresqlConfig = pkgs.writeText "postgres.yaml" cfg.postgresqlConfig; + nginxConfig = pkgs.writeText "nginx.yaml" cfg.nginxConfig; + + etcfiles = + [ { source = ddConf; + target = "dd-agent/datadog.conf"; + } ] ++ + (optional (cfg.postgresqlConfig != null) + { source = postgresqlConfig; + target = "dd-agent/conf.d/postgres.yaml"; + }) ++ + (optional (cfg.nginxConfig != null) + { source = nginxConfig; + target = "dd-agent/conf.d/nginx.yaml"; + }); + in { options.services.dd-agent = { enable = mkOption { description = "Whether to enable the dd-agent montioring service"; - default = false; - type = types.bool; }; - # !!! This gets stored in the store (world-readable), wish we had https://github.com/NixOS/nix/issues/8 api_key = mkOption { description = "The Datadog API key to associate the agent with your account"; - example = "ae0aa6a8f08efa988ba0a17578f009ab"; - type = types.str; }; hostname = mkOption { description = "The hostname to show in the Datadog dashboard (optional)"; - default = null; - example = "mymachine.mydomain"; + type = types.uniq (types.nullOr types.string); + }; + + postgresqlConfig = mkOption { + description = "Datadog PostgreSQL integration configuration"; + default = null; + type = types.uniq (types.nullOr types.string); + }; + nginxConfig = mkOption { + description = "Datadog nginx integration configuration"; + default = null; type = types.uniq (types.nullOr types.string); }; }; config = mkIf cfg.enable { - environment.etc = [ { source = datadog_conf; target = "dd-agent/datadog.conf"; } ]; environment.systemPackages = [ pkgs."dd-agent" pkgs.sysstat pkgs.procps ]; - users.extraUsers."dd-agent" = { + users.extraUsers.datadog = { description = "Datadog Agent User"; - uid = config.ids.uids.dd-agent; - group = "dd-agent"; + uid = config.ids.uids.datadog; + group = "datadog"; home = "/var/log/datadog/"; createHome = true; }; - users.extraGroups.dd-agent.gid = config.ids.gids.dd-agent; + users.extraGroups.datadog.gid = config.ids.gids.datadog; systemd.services.dd-agent = { description = "Datadog agent monitor"; @@ -60,12 +119,12 @@ in { wantedBy = [ "multi-user.target" ]; serviceConfig = { ExecStart = "${pkgs.dd-agent}/bin/dd-agent foreground"; - User = "dd-agent"; - Group = "dd-agent"; + User = "datadog"; + Group = "datadog"; Restart = "always"; RestartSec = 2; }; - restartTriggers = [ pkgs.dd-agent datadog_conf ]; + restartTriggers = [ pkgs.dd-agent ddConf postgresqlConfig nginxConfig ]; }; systemd.services.dogstatsd = { @@ -74,14 +133,16 @@ in { wantedBy = [ "multi-user.target" ]; serviceConfig = { ExecStart = "${pkgs.dd-agent}/bin/dogstatsd start"; - User = "dd-agent"; - Group = "dd-agent"; + User = "datadog"; + Group = "datadog"; Type = "forking"; PIDFile = "/tmp/dogstatsd.pid"; Restart = "always"; RestartSec = 2; }; - restartTriggers = [ pkgs.dd-agent datadog_conf ]; + restartTriggers = [ pkgs.dd-agent ddConf postgresqlConfig nginxConfig ]; }; + + environment.etc = etcfiles; }; } diff --git a/nixos/modules/services/networking/btsync.nix b/nixos/modules/services/networking/btsync.nix index 8b288a713c60..5d0e17c293e3 100644 --- a/nixos/modules/services/networking/btsync.nix +++ b/nixos/modules/services/networking/btsync.nix @@ -164,6 +164,7 @@ in httpLogin = mkOption { type = types.str; example = "allyourbase"; + default = ""; description = '' HTTP web login username. ''; @@ -172,6 +173,7 @@ in httpPass = mkOption { type = types.str; example = "arebelongtous"; + default = ""; description = '' HTTP web login password. ''; @@ -237,12 +239,6 @@ in { assertion = cfg.apiKey != "" -> cfg.enableWebUI; message = "If you're using an API key, you must enable the web server."; } - # TODO FIXME: the README says not specifying the login/pass means it - # should disable authentication, but apparently it doesn't? - { assertion = cfg.enableWebUI -> cfg.httpLogin != "" && cfg.httpPass != ""; - message = "If using the web UI, you must configure a login/password."; - } - # TODO FIXME: assert the existence of sharedFolder directories? ]; users.extraUsers.btsync = { diff --git a/nixos/modules/services/networking/dhcpcd.nix b/nixos/modules/services/networking/dhcpcd.nix index 757340b3c2cd..5a353fc0942a 100644 --- a/nixos/modules/services/networking/dhcpcd.nix +++ b/nixos/modules/services/networking/dhcpcd.nix @@ -34,9 +34,8 @@ let # Ignore peth* devices; on Xen, they're renamed physical # Ethernet cards used for bridging. Likewise for vif* and tap* - # (Xen) and virbr* and vnet* (libvirt) and c-* and ctmp-* (NixOS - # containers). - denyinterfaces ${toString ignoredInterfaces} lo peth* vif* tap* tun* virbr* vnet* vboxnet* c-* ctmp-* + # (Xen) and virbr* and vnet* (libvirt). + denyinterfaces ${toString ignoredInterfaces} lo peth* vif* tap* tun* virbr* vnet* vboxnet* ${config.networking.dhcpcd.extraConfig} ''; @@ -58,6 +57,8 @@ let #if [ "$reason" = EXPIRE -o "$reason" = RELEASE -o "$reason" = NOCARRIER ] ; then # ${config.systemd.package}/bin/systemctl start ip-down.target #fi + + ${config.networking.dhcpcd.runHook} ''; in @@ -87,6 +88,16 @@ in ''; }; + networking.dhcpcd.runHook = mkOption { + type = types.lines; + default = ""; + example = "if [[ $reason =~ BOUND ]]; then echo $interface: Routers are $new_routers - were $old_routers; fi"; + description = '' + Shell code that will be run after all other hooks. See + `man dhcpcd-run-hooks` for details on what is possible. + ''; + }; + }; |