Merge pull request #99079 from mayflower/openvpn-exporter-upstream

nixos/prometheus-exporters/openvpn: init
This commit is contained in:
Maximilian Bosch 2020-09-30 15:37:03 +02:00 committed by GitHub
commit 6148b0e59f
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 66 additions and 4 deletions

View file

@ -38,6 +38,7 @@ let
"nextcloud"
"nginx"
"node"
"openvpn"
"postfix"
"postgres"
"redis"
@ -101,7 +102,6 @@ let
default = "${name}-exporter";
description = ''
User name under which the ${name} exporter shall be run.
Has no effect when <option>systemd.services.prometheus-${name}-exporter.serviceConfig.DynamicUser</option> is true.
'';
};
group = mkOption {
@ -109,7 +109,6 @@ let
default = "${name}-exporter";
description = ''
Group under which the ${name} exporter shall be run.
Has no effect when <option>systemd.services.prometheus-${name}-exporter.serviceConfig.DynamicUser</option> is true.
'';
};
});
@ -161,10 +160,9 @@ let
serviceConfig.PrivateTmp = mkDefault true;
serviceConfig.WorkingDirectory = mkDefault /tmp;
serviceConfig.DynamicUser = mkDefault enableDynamicUser;
} serviceOpts ] ++ optional (!enableDynamicUser) {
serviceConfig.User = conf.user;
serviceConfig.Group = conf.group;
});
} serviceOpts ]);
};
in
{

View file

@ -0,0 +1,39 @@
{ config, pkgs, lib, ... }:
with lib;
let
cfg = config.services.prometheus.exporters.openvpn;
in {
port = 9176;
extraOpts = {
statusPaths = mkOption {
type = types.listOf types.str;
description = ''
Paths to OpenVPN status files. Please configure the OpenVPN option
<literal>status</literal> accordingly.
'';
};
telemetryPath = mkOption {
type = types.str;
default = "/metrics";
description = ''
Path under which to expose metrics.
'';
};
};
serviceOpts = {
serviceConfig = {
PrivateDevices = true;
ProtectKernelModules = true;
NoNewPrivileges = true;
ExecStart = ''
${pkgs.prometheus-openvpn-exporter}/bin/openvpn_exporter \
-openvpn.status_paths "${concatStringsSep "," cfg.statusPaths}" \
-web.listen-address ${cfg.listenAddress}:${toString cfg.port} \
-web.telemetry-path ${cfg.telemetryPath}
'';
};
};
}

View file

@ -457,6 +457,31 @@ let
'';
};
openvpn = {
exporterConfig = {
enable = true;
group = "openvpn";
statusPaths = ["/run/openvpn-test"];
};
metricProvider = {
users.groups.openvpn = {};
services.openvpn.servers.test = {
config = ''
dev tun
status /run/openvpn-test
status-version 3
'';
up = "chmod g+r /run/openvpn-test";
};
systemd.services."openvpn-test".serviceConfig.Group = "openvpn";
};
exporterTest = ''
wait_for_unit("openvpn-test.service")
wait_for_unit("prometheus-openvpn-exporter.service")
succeed("curl -sSf http://localhost:9176/metrics | grep -q 'openvpn_up{.*} 1'")
'';
};
postfix = {
exporterConfig = {
enable = true;