prometheus-openldap-exporter: init at 2.1
This commit is contained in:
parent
763933b3d0
commit
4794829734
5 changed files with 158 additions and 0 deletions
|
@ -43,6 +43,7 @@ let
|
|||
"nginx"
|
||||
"nginxlog"
|
||||
"node"
|
||||
"openldap"
|
||||
"openvpn"
|
||||
"postfix"
|
||||
"postgres"
|
||||
|
|
|
@ -0,0 +1,67 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
cfg = config.services.prometheus.exporters.openldap;
|
||||
in {
|
||||
port = 9330;
|
||||
extraOpts = {
|
||||
ldapCredentialFile = mkOption {
|
||||
type = types.path;
|
||||
example = "/run/keys/ldap_pass";
|
||||
description = ''
|
||||
Environment file to contain the credentials to authenticate against
|
||||
<package>openldap</package>.
|
||||
|
||||
The file should look like this:
|
||||
<programlisting>
|
||||
---
|
||||
ldapUser: "cn=monitoring,cn=Monitor"
|
||||
ldapPass: "secret"
|
||||
</programlisting>
|
||||
'';
|
||||
};
|
||||
protocol = mkOption {
|
||||
default = "tcp";
|
||||
example = "udp";
|
||||
type = types.str;
|
||||
description = ''
|
||||
Which protocol to use to connect against <package>openldap</package>.
|
||||
'';
|
||||
};
|
||||
ldapAddr = mkOption {
|
||||
default = "localhost:389";
|
||||
type = types.str;
|
||||
description = ''
|
||||
Address of the <package>openldap</package>-instance.
|
||||
'';
|
||||
};
|
||||
metricsPath = mkOption {
|
||||
default = "/metrics";
|
||||
type = types.str;
|
||||
description = ''
|
||||
URL path where metrics should be exposed.
|
||||
'';
|
||||
};
|
||||
interval = mkOption {
|
||||
default = "30s";
|
||||
type = types.str;
|
||||
example = "1m";
|
||||
description = ''
|
||||
Scrape interval of the exporter.
|
||||
'';
|
||||
};
|
||||
};
|
||||
serviceOpts.serviceConfig = {
|
||||
ExecStart = ''
|
||||
${pkgs.prometheus-openldap-exporter}/bin/openldap_exporter \
|
||||
--promAddr ${cfg.listenAddress}:${toString cfg.port} \
|
||||
--metrPath ${cfg.metricsPath} \
|
||||
--ldapNet ${cfg.protocol} \
|
||||
--interval ${cfg.interval} \
|
||||
--config ${cfg.ldapCredentialFile} \
|
||||
${concatStringsSep " \\\n " cfg.extraFlags}
|
||||
'';
|
||||
};
|
||||
}
|
|
@ -603,6 +603,66 @@ let
|
|||
'';
|
||||
};
|
||||
|
||||
openldap = {
|
||||
exporterConfig = {
|
||||
enable = true;
|
||||
ldapCredentialFile = "${pkgs.writeText "exporter.yml" ''
|
||||
ldapUser: "cn=root,dc=example"
|
||||
ldapPass: "notapassword"
|
||||
''}";
|
||||
};
|
||||
metricProvider = {
|
||||
services.openldap = {
|
||||
enable = true;
|
||||
settings.children = {
|
||||
"cn=schema".includes = [
|
||||
"${pkgs.openldap}/etc/schema/core.ldif"
|
||||
"${pkgs.openldap}/etc/schema/cosine.ldif"
|
||||
"${pkgs.openldap}/etc/schema/inetorgperson.ldif"
|
||||
"${pkgs.openldap}/etc/schema/nis.ldif"
|
||||
];
|
||||
"olcDatabase={1}mdb" = {
|
||||
attrs = {
|
||||
objectClass = [ "olcDatabaseConfig" "olcMdbConfig" ];
|
||||
olcDatabase = "{1}mdb";
|
||||
olcDbDirectory = "/var/db/openldap";
|
||||
olcSuffix = "dc=example";
|
||||
olcRootDN = {
|
||||
# cn=root,dc=example
|
||||
base64 = "Y249cm9vdCxkYz1leGFtcGxl";
|
||||
};
|
||||
olcRootPW = {
|
||||
path = "${pkgs.writeText "rootpw" "notapassword"}";
|
||||
};
|
||||
};
|
||||
};
|
||||
"olcDatabase={2}monitor".attrs = {
|
||||
objectClass = [ "olcDatabaseConfig" ];
|
||||
olcDatabase = "{2}monitor";
|
||||
olcAccess = [ "to dn.subtree=cn=monitor by users read" ];
|
||||
};
|
||||
};
|
||||
declarativeContents."dc=example" = ''
|
||||
dn: dc=example
|
||||
objectClass: domain
|
||||
dc: example
|
||||
|
||||
dn: ou=users,dc=example
|
||||
objectClass: organizationalUnit
|
||||
ou: users
|
||||
'';
|
||||
};
|
||||
};
|
||||
exporterTest = ''
|
||||
wait_for_unit("prometheus-openldap-exporter.service")
|
||||
wait_for_open_port(389)
|
||||
wait_for_open_port(9330)
|
||||
wait_until_succeeds(
|
||||
"curl -sSf http://localhost:9330/metrics | grep -q 'openldap_scrape{result=\"ok\"} 1'"
|
||||
)
|
||||
'';
|
||||
};
|
||||
|
||||
openvpn = {
|
||||
exporterConfig = {
|
||||
enable = true;
|
||||
|
|
29
pkgs/servers/monitoring/prometheus/openldap-exporter.nix
Normal file
29
pkgs/servers/monitoring/prometheus/openldap-exporter.nix
Normal file
|
@ -0,0 +1,29 @@
|
|||
{ buildGoPackage, lib, fetchFromGitHub }:
|
||||
|
||||
buildGoPackage rec {
|
||||
pname = "openldap_exporter";
|
||||
version = "2.1";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "tomcz";
|
||||
repo = pname;
|
||||
rev = "v${version}";
|
||||
sha256 = "sha256-Di1GiyVp/hGCFhqxhlqJSucGZK7f/FDDUFtJRaiAZu4=";
|
||||
};
|
||||
|
||||
buildFlagsArray = ''
|
||||
-ldflags=
|
||||
-s -w
|
||||
-X github.com/tomcz/openldap_exporter.tag=v${version}
|
||||
-X github.com/tomcz/openldap_exporter.commit=unknown
|
||||
'';
|
||||
|
||||
goPackagePath = "github.com/tomcz/openldap_exporter";
|
||||
|
||||
meta = with lib; {
|
||||
homepage = "https://github.com/tomcz/openldap_exporter";
|
||||
description = " Simple service that scrapes metrics from OpenLDAP and exports them via HTTP for Prometheus consumption";
|
||||
license = licenses.mit;
|
||||
maintainers = with maintainers; [ ma27 ];
|
||||
};
|
||||
}
|
|
@ -18850,6 +18850,7 @@ in
|
|||
prometheus-nginx-exporter = callPackage ../servers/monitoring/prometheus/nginx-exporter.nix { };
|
||||
prometheus-nginxlog-exporter = callPackage ../servers/monitoring/prometheus/nginxlog-exporter.nix { };
|
||||
prometheus-node-exporter = callPackage ../servers/monitoring/prometheus/node-exporter.nix { };
|
||||
prometheus-openldap-exporter = callPackage ../servers/monitoring/prometheus/openldap-exporter.nix { };
|
||||
prometheus-openvpn-exporter = callPackage ../servers/monitoring/prometheus/openvpn-exporter.nix { };
|
||||
prometheus-postfix-exporter = callPackage ../servers/monitoring/prometheus/postfix-exporter.nix { };
|
||||
prometheus-postgres-exporter = callPackage ../servers/monitoring/prometheus/postgres-exporter.nix { };
|
||||
|
|
Loading…
Reference in a new issue