nixpkgs/pkgs/tools/system/netdata/default.nix
Leo Gaskin 8bc3e5aaea
nixos/netdata: Disable PrivateTmp setting for Netdata service (#127382)
* Add patch to put IPC socket into /run/netdata

Co-authored-by: Jörg Thalheim <joerg@thalheim.io>

* Update pkgs/tools/system/netdata/default.nix

Co-authored-by: Jörg Thalheim <joerg@thalheim.io>
Co-authored-by: Jörg Thalheim <Mic92@users.noreply.github.com>
2021-07-01 06:24:30 +01:00

99 lines
3.3 KiB
Nix

{ lib, stdenv, callPackage, fetchFromGitHub, autoreconfHook, pkg-config, makeWrapper
, CoreFoundation, IOKit, libossp_uuid
, nixosTests
, curl, libcap, libuuid, lm_sensors, zlib
, withCups ? false, cups
, withDBengine ? true, libuv, lz4, judy
, withIpmi ? (!stdenv.isDarwin), freeipmi
, withNetfilter ? (!stdenv.isDarwin), libmnl, libnetfilter_acct
, withCloud ? (!stdenv.isDarwin), json_c
, withSsl ? true, openssl
, withDebug ? false
}:
with lib;
let
go-d-plugin = callPackage ./go.d.plugin.nix {};
in stdenv.mkDerivation rec {
version = "1.31.0";
pname = "netdata";
src = fetchFromGitHub {
owner = "netdata";
repo = "netdata";
rev = "v${version}";
sha256 = "0735cxmljrp8zlkcq7hcxizy4j4xiv7vf782zkz5chn06n38mcik";
fetchSubmodules = true;
};
nativeBuildInputs = [ autoreconfHook pkg-config makeWrapper ];
buildInputs = [ curl.dev zlib.dev ]
++ optionals stdenv.isDarwin [ CoreFoundation IOKit libossp_uuid ]
++ optionals (!stdenv.isDarwin) [ libcap.dev libuuid.dev ]
++ optionals withCups [ cups ]
++ optionals withDBengine [ libuv lz4.dev judy ]
++ optionals withIpmi [ freeipmi ]
++ optionals withNetfilter [ libmnl libnetfilter_acct ]
++ optionals withCloud [ json_c ]
++ optionals withSsl [ openssl.dev ];
patches = [
# required to prevent plugins from relying on /etc
# and /var
./no-files-in-etc-and-var.patch
# The current IPC location is unsafe as it writes
# a fixed path in /tmp, which is world-writable.
# Therefore we put it into `/run/netdata`, which is owned
# by netdata only.
./ipc-socket-in-run.patch
];
NIX_CFLAGS_COMPILE = optionalString withDebug "-O1 -ggdb -DNETDATA_INTERNAL_CHECKS=1";
postInstall = ''
ln -s ${go-d-plugin}/lib/netdata/conf.d/* $out/lib/netdata/conf.d
ln -s ${go-d-plugin}/bin/godplugin $out/libexec/netdata/plugins.d/go.d.plugin
'' + optionalString (!stdenv.isDarwin) ''
# rename this plugin so netdata will look for setuid wrapper
mv $out/libexec/netdata/plugins.d/apps.plugin \
$out/libexec/netdata/plugins.d/apps.plugin.org
mv $out/libexec/netdata/plugins.d/cgroup-network \
$out/libexec/netdata/plugins.d/cgroup-network.org
mv $out/libexec/netdata/plugins.d/perf.plugin \
$out/libexec/netdata/plugins.d/perf.plugin.org
mv $out/libexec/netdata/plugins.d/slabinfo.plugin \
$out/libexec/netdata/plugins.d/slabinfo.plugin.org
${optionalString withIpmi ''
mv $out/libexec/netdata/plugins.d/freeipmi.plugin \
$out/libexec/netdata/plugins.d/freeipmi.plugin.org
''}
'';
preConfigure = optionalString (!stdenv.isDarwin) ''
substituteInPlace collectors/python.d.plugin/python_modules/third_party/lm_sensors.py \
--replace 'ctypes.util.find_library("sensors")' '"${lm_sensors.out}/lib/libsensors${stdenv.hostPlatform.extensions.sharedLibrary}"'
'';
configureFlags = [
"--localstatedir=/var"
"--sysconfdir=/etc"
] ++ optionals withCloud [
"--enable-cloud"
"--with-aclk-ng"
];
postFixup = ''
wrapProgram $out/bin/netdata-claim.sh --prefix PATH : ${lib.makeBinPath [ openssl ]}
'';
passthru.tests.netdata = nixosTests.netdata;
meta = {
description = "Real-time performance monitoring tool";
homepage = "https://www.netdata.cloud/";
license = licenses.gpl3Plus;
platforms = platforms.unix;
maintainers = [ ];
};
}