diff options
Diffstat (limited to 'nixpkgs/nixos/modules/services/monitoring/zabbix-proxy.nix')
-rw-r--r-- | nixpkgs/nixos/modules/services/monitoring/zabbix-proxy.nix | 75 |
1 files changed, 44 insertions, 31 deletions
diff --git a/nixpkgs/nixos/modules/services/monitoring/zabbix-proxy.nix b/nixpkgs/nixos/modules/services/monitoring/zabbix-proxy.nix index 9d214469c3b..2c8b8b92cb3 100644 --- a/nixpkgs/nixos/modules/services/monitoring/zabbix-proxy.nix +++ b/nixpkgs/nixos/modules/services/monitoring/zabbix-proxy.nix @@ -5,8 +5,9 @@ let pgsql = config.services.postgresql; mysql = config.services.mysql; - inherit (lib) mkDefault mkEnableOption mkIf mkOption; - inherit (lib) attrValues concatMapStringsSep literalExample optional optionalAttrs optionalString types; + inherit (lib) mkAfter mkDefault mkEnableOption mkIf mkMerge mkOption; + inherit (lib) attrValues concatMapStringsSep getName literalExample optional optionalAttrs optionalString types; + inherit (lib.generators) toKeyValue; user = "zabbix"; group = "zabbix"; @@ -19,24 +20,7 @@ let paths = attrValues cfg.modules; }; - configFile = pkgs.writeText "zabbix_proxy.conf" '' - LogType = console - ListenIP = ${cfg.listen.ip} - ListenPort = ${toString cfg.listen.port} - Server = ${cfg.server} - # TODO: set to cfg.database.socket if database type is pgsql? - DBHost = ${optionalString (cfg.database.createLocally != true) cfg.database.host} - ${optionalString (cfg.database.createLocally != true) "DBPort = ${cfg.database.port}"} - DBName = ${cfg.database.name} - DBUser = ${cfg.database.user} - ${optionalString (cfg.database.passwordFile != null) "Include ${passwordFile}"} - ${optionalString (mysqlLocal && cfg.database.socket != null) "DBSocket = ${cfg.database.socket}"} - SocketDir = ${runtimeDir} - FpingLocation = /run/wrappers/bin/fping - ${optionalString (cfg.modules != {}) "LoadModulePath = ${moduleEnv}/lib"} - ${concatMapStringsSep "\n" (name: "LoadModule = ${name}") (builtins.attrNames cfg.modules)} - ${cfg.extraConfig} - ''; + configFile = pkgs.writeText "zabbix_proxy.conf" (toKeyValue { listsAsDuplicateKeys = true; } cfg.settings); mysqlLocal = cfg.database.createLocally && cfg.database.type == "mysql"; pgsqlLocal = cfg.database.createLocally && cfg.database.type == "pgsql"; @@ -44,6 +28,10 @@ let in { + imports = [ + (lib.mkRemovedOptionModule [ "services" "zabbixProxy" "extraConfig" ] "Use services.zabbixProxy.settings instead.") + ]; + # interface options = { @@ -182,15 +170,19 @@ in ''; }; - # TODO: for bonus points migrate this to https://github.com/NixOS/rfcs/pull/42 - extraConfig = mkOption { - default = ""; - type = types.lines; + settings = mkOption { + type = with types; attrsOf (oneOf [ int str (listOf str) ]); + default = {}; description = '' - Configuration that is injected verbatim into the configuration file. Refer to + Zabbix Proxy configuration. Refer to <link xlink:href="https://www.zabbix.com/documentation/current/manual/appendix/config/zabbix_proxy"/> for details on supported values. ''; + example = { + CacheSize = "1G"; + SSHKeyLocation = "/var/lib/zabbix/.ssh"; + StartPingers = 32; + }; }; }; @@ -213,6 +205,26 @@ in } ]; + services.zabbixProxy.settings = mkMerge [ + { + LogType = "console"; + ListenIP = cfg.listen.ip; + ListenPort = cfg.listen.port; + Server = cfg.server; + # TODO: set to cfg.database.socket if database type is pgsql? + DBHost = optionalString (cfg.database.createLocally != true) cfg.database.host; + DBName = cfg.database.name; + DBUser = cfg.database.user; + SocketDir = runtimeDir; + FpingLocation = "/run/wrappers/bin/fping"; + LoadModule = builtins.attrNames cfg.modules; + } + (mkIf (cfg.database.createLocally != true) { DBPort = cfg.database.port; }) + (mkIf (cfg.database.passwordFile != null) { Include = [ "${passwordFile}" ]; }) + (mkIf (mysqlLocal && cfg.database.socket != null) { DBSocket = cfg.database.socket; }) + (mkIf (cfg.modules != {}) { LoadModulePath = "${moduleEnv}/lib"; }) + ]; + networking.firewall = mkIf cfg.openFirewall { allowedTCPPorts = [ cfg.listen.port ]; }; @@ -220,14 +232,15 @@ in services.mysql = optionalAttrs mysqlLocal { enable = true; package = mkDefault pkgs.mariadb; - ensureDatabases = [ cfg.database.name ]; - ensureUsers = [ - { name = cfg.database.user; - ensurePermissions = { "${cfg.database.name}.*" = "ALL PRIVILEGES"; }; - } - ]; }; + systemd.services.mysql.postStart = mkAfter (optionalString mysqlLocal '' + ( echo "CREATE DATABASE IF NOT EXISTS \`${cfg.database.name}\` CHARACTER SET utf8 COLLATE utf8_bin;" + echo "CREATE USER IF NOT EXISTS '${cfg.database.user}'@'localhost' IDENTIFIED WITH ${if (getName config.services.mysql.package == getName pkgs.mariadb) then "unix_socket" else "auth_socket"};" + echo "GRANT ALL PRIVILEGES ON \`${cfg.database.name}\`.* TO '${cfg.database.user}'@'localhost';" + ) | ${config.services.mysql.package}/bin/mysql -N + ''); + services.postgresql = optionalAttrs pgsqlLocal { enable = true; ensureDatabases = [ cfg.database.name ]; |