prometheus-openldap-exporter: init at 2.1

This commit is contained in:
Maximilian Bosch 2021-04-02 12:24:20 +02:00
parent 763933b3d0
commit 4794829734
No known key found for this signature in database
GPG key ID: 091DBF4D1FC46B8E
5 changed files with 158 additions and 0 deletions

View file

@ -43,6 +43,7 @@ let
"nginx"
"nginxlog"
"node"
"openldap"
"openvpn"
"postfix"
"postgres"

View file

@ -0,0 +1,67 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.prometheus.exporters.openldap;
in {
port = 9330;
extraOpts = {
ldapCredentialFile = mkOption {
type = types.path;
example = "/run/keys/ldap_pass";
description = ''
Environment file to contain the credentials to authenticate against
<package>openldap</package>.
The file should look like this:
<programlisting>
---
ldapUser: "cn=monitoring,cn=Monitor"
ldapPass: "secret"
</programlisting>
'';
};
protocol = mkOption {
default = "tcp";
example = "udp";
type = types.str;
description = ''
Which protocol to use to connect against <package>openldap</package>.
'';
};
ldapAddr = mkOption {
default = "localhost:389";
type = types.str;
description = ''
Address of the <package>openldap</package>-instance.
'';
};
metricsPath = mkOption {
default = "/metrics";
type = types.str;
description = ''
URL path where metrics should be exposed.
'';
};
interval = mkOption {
default = "30s";
type = types.str;
example = "1m";
description = ''
Scrape interval of the exporter.
'';
};
};
serviceOpts.serviceConfig = {
ExecStart = ''
${pkgs.prometheus-openldap-exporter}/bin/openldap_exporter \
--promAddr ${cfg.listenAddress}:${toString cfg.port} \
--metrPath ${cfg.metricsPath} \
--ldapNet ${cfg.protocol} \
--interval ${cfg.interval} \
--config ${cfg.ldapCredentialFile} \
${concatStringsSep " \\\n " cfg.extraFlags}
'';
};
}

View file

@ -603,6 +603,66 @@ let
'';
};
openldap = {
exporterConfig = {
enable = true;
ldapCredentialFile = "${pkgs.writeText "exporter.yml" ''
ldapUser: "cn=root,dc=example"
ldapPass: "notapassword"
''}";
};
metricProvider = {
services.openldap = {
enable = true;
settings.children = {
"cn=schema".includes = [
"${pkgs.openldap}/etc/schema/core.ldif"
"${pkgs.openldap}/etc/schema/cosine.ldif"
"${pkgs.openldap}/etc/schema/inetorgperson.ldif"
"${pkgs.openldap}/etc/schema/nis.ldif"
];
"olcDatabase={1}mdb" = {
attrs = {
objectClass = [ "olcDatabaseConfig" "olcMdbConfig" ];
olcDatabase = "{1}mdb";
olcDbDirectory = "/var/db/openldap";
olcSuffix = "dc=example";
olcRootDN = {
# cn=root,dc=example
base64 = "Y249cm9vdCxkYz1leGFtcGxl";
};
olcRootPW = {
path = "${pkgs.writeText "rootpw" "notapassword"}";
};
};
};
"olcDatabase={2}monitor".attrs = {
objectClass = [ "olcDatabaseConfig" ];
olcDatabase = "{2}monitor";
olcAccess = [ "to dn.subtree=cn=monitor by users read" ];
};
};
declarativeContents."dc=example" = ''
dn: dc=example
objectClass: domain
dc: example
dn: ou=users,dc=example
objectClass: organizationalUnit
ou: users
'';
};
};
exporterTest = ''
wait_for_unit("prometheus-openldap-exporter.service")
wait_for_open_port(389)
wait_for_open_port(9330)
wait_until_succeeds(
"curl -sSf http://localhost:9330/metrics | grep -q 'openldap_scrape{result=\"ok\"} 1'"
)
'';
};
openvpn = {
exporterConfig = {
enable = true;

View file

@ -0,0 +1,29 @@
{ buildGoPackage, lib, fetchFromGitHub }:
buildGoPackage rec {
pname = "openldap_exporter";
version = "2.1";
src = fetchFromGitHub {
owner = "tomcz";
repo = pname;
rev = "v${version}";
sha256 = "sha256-Di1GiyVp/hGCFhqxhlqJSucGZK7f/FDDUFtJRaiAZu4=";
};
buildFlagsArray = ''
-ldflags=
-s -w
-X github.com/tomcz/openldap_exporter.tag=v${version}
-X github.com/tomcz/openldap_exporter.commit=unknown
'';
goPackagePath = "github.com/tomcz/openldap_exporter";
meta = with lib; {
homepage = "https://github.com/tomcz/openldap_exporter";
description = " Simple service that scrapes metrics from OpenLDAP and exports them via HTTP for Prometheus consumption";
license = licenses.mit;
maintainers = with maintainers; [ ma27 ];
};
}

View file

@ -18850,6 +18850,7 @@ in
prometheus-nginx-exporter = callPackage ../servers/monitoring/prometheus/nginx-exporter.nix { };
prometheus-nginxlog-exporter = callPackage ../servers/monitoring/prometheus/nginxlog-exporter.nix { };
prometheus-node-exporter = callPackage ../servers/monitoring/prometheus/node-exporter.nix { };
prometheus-openldap-exporter = callPackage ../servers/monitoring/prometheus/openldap-exporter.nix { };
prometheus-openvpn-exporter = callPackage ../servers/monitoring/prometheus/openvpn-exporter.nix { };
prometheus-postfix-exporter = callPackage ../servers/monitoring/prometheus/postfix-exporter.nix { };
prometheus-postgres-exporter = callPackage ../servers/monitoring/prometheus/postgres-exporter.nix { };