diff options
author | Luke Granger-Brown <git@lukegb.com> | 2022-11-24 15:30:14 +0000 |
---|---|---|
committer | Luke Granger-Brown <git@lukegb.com> | 2022-12-03 20:12:54 +0000 |
commit | ffcd97b521a413eb53b532952be847406a9495ed (patch) | |
tree | 21b10d54c348f7e353c599f7f0ffe77a2a31406a /nixos/modules/services/monitoring/unifi-poller.nix | |
parent | 40ddf3e2c6c18122ba4d783252870adb7c5dff92 (diff) | |
download | nixpkgs-ffcd97b521a413eb53b532952be847406a9495ed.tar nixpkgs-ffcd97b521a413eb53b532952be847406a9495ed.tar.gz nixpkgs-ffcd97b521a413eb53b532952be847406a9495ed.tar.bz2 nixpkgs-ffcd97b521a413eb53b532952be847406a9495ed.tar.lz nixpkgs-ffcd97b521a413eb53b532952be847406a9495ed.tar.xz nixpkgs-ffcd97b521a413eb53b532952be847406a9495ed.tar.zst nixpkgs-ffcd97b521a413eb53b532952be847406a9495ed.zip |
nixos/unifi-poller: rename to unpoller.
Diffstat (limited to 'nixos/modules/services/monitoring/unifi-poller.nix')
-rw-r--r-- | nixos/modules/services/monitoring/unifi-poller.nix | 318 |
1 files changed, 0 insertions, 318 deletions
diff --git a/nixos/modules/services/monitoring/unifi-poller.nix b/nixos/modules/services/monitoring/unifi-poller.nix deleted file mode 100644 index b30e28a3ecc..00000000000 --- a/nixos/modules/services/monitoring/unifi-poller.nix +++ /dev/null @@ -1,318 +0,0 @@ -{ config, lib, pkgs, ... }: - -with lib; - -let - cfg = config.services.unifi-poller; - - configFile = pkgs.writeText "unifi-poller.json" (generators.toJSON {} { - inherit (cfg) poller influxdb loki prometheus unifi; - }); - -in { - options.services.unifi-poller = { - enable = mkEnableOption (lib.mdDoc "unifi-poller"); - - poller = { - debug = mkOption { - type = types.bool; - default = false; - description = lib.mdDoc '' - Turns on line numbers, microsecond logging, and a per-device log. - This may be noisy if you have a lot of devices. It adds one line per device. - ''; - }; - quiet = mkOption { - type = types.bool; - default = false; - description = lib.mdDoc '' - Turns off per-interval logs. Only startup and error logs will be emitted. - ''; - }; - plugins = mkOption { - type = with types; listOf str; - default = []; - description = lib.mdDoc '' - Load additional plugins. - ''; - }; - }; - - prometheus = { - disable = mkOption { - type = types.bool; - default = false; - description = lib.mdDoc '' - Whether to disable the prometheus ouput plugin. - ''; - }; - http_listen = mkOption { - type = types.str; - default = "[::]:9130"; - description = lib.mdDoc '' - Bind the prometheus exporter to this IP or hostname. - ''; - }; - report_errors = mkOption { - type = types.bool; - default = false; - description = lib.mdDoc '' - Whether to report errors. - ''; - }; - }; - - influxdb = { - disable = mkOption { - type = types.bool; - default = false; - description = lib.mdDoc '' - Whether to disable the influxdb ouput plugin. - ''; - }; - url = mkOption { - type = types.str; - default = "http://127.0.0.1:8086"; - description = lib.mdDoc '' - URL of the influxdb host. - ''; - }; - user = mkOption { - type = types.str; - default = "unifipoller"; - description = lib.mdDoc '' - Username for the influxdb. - ''; - }; - pass = mkOption { - type = types.path; - default = pkgs.writeText "unifi-poller-influxdb-default.password" "unifipoller"; - defaultText = literalExpression "unifi-poller-influxdb-default.password"; - description = lib.mdDoc '' - Path of a file containing the password for influxdb. - This file needs to be readable by the unifi-poller user. - ''; - apply = v: "file://${v}"; - }; - db = mkOption { - type = types.str; - default = "unifi"; - description = lib.mdDoc '' - Database name. Database should exist. - ''; - }; - verify_ssl = mkOption { - type = types.bool; - default = true; - description = lib.mdDoc '' - Verify the influxdb's certificate. - ''; - }; - interval = mkOption { - type = types.str; - default = "30s"; - description = lib.mdDoc '' - Setting this lower than the Unifi controller's refresh - interval may lead to zeroes in your database. - ''; - }; - }; - - loki = { - url = mkOption { - type = types.str; - default = ""; - description = lib.mdDoc '' - URL of the Loki host. - ''; - }; - user = mkOption { - type = types.str; - default = ""; - description = lib.mdDoc '' - Username for Loki. - ''; - }; - pass = mkOption { - type = types.path; - default = pkgs.writeText "unifi-poller-loki-default.password" ""; - defaultText = "unifi-poller-influxdb-default.password"; - description = lib.mdDoc '' - Path of a file containing the password for Loki. - This file needs to be readable by the unifi-poller user. - ''; - apply = v: "file://${v}"; - }; - verify_ssl = mkOption { - type = types.bool; - default = false; - description = lib.mdDoc '' - Verify Loki's certificate. - ''; - }; - tenant_id = mkOption { - type = types.str; - default = ""; - description = lib.mdDoc '' - Tenant ID to use in Loki. - ''; - }; - interval = mkOption { - type = types.str; - default = "2m"; - description = lib.mdDoc '' - How often the events are polled and pushed to Loki. - ''; - }; - timeout = mkOption { - type = types.str; - default = "10s"; - description = lib.mdDoc '' - Should be increased in case of timeout errors. - ''; - }; - }; - - unifi = let - controllerOptions = { - user = mkOption { - type = types.str; - default = "unifi"; - description = lib.mdDoc '' - Unifi service user name. - ''; - }; - pass = mkOption { - type = types.path; - default = pkgs.writeText "unifi-poller-unifi-default.password" "unifi"; - defaultText = literalExpression "unifi-poller-unifi-default.password"; - description = lib.mdDoc '' - Path of a file containing the password for the unifi service user. - This file needs to be readable by the unifi-poller user. - ''; - apply = v: "file://${v}"; - }; - url = mkOption { - type = types.str; - default = "https://unifi:8443"; - description = lib.mdDoc '' - URL of the Unifi controller. - ''; - }; - sites = mkOption { - type = with types; either (enum [ "default" "all" ]) (listOf str); - default = "all"; - description = lib.mdDoc '' - List of site names for which statistics should be exported. - Or the string "default" for the default site or the string "all" for all sites. - ''; - apply = toList; - }; - save_ids = mkOption { - type = types.bool; - default = false; - description = lib.mdDoc '' - Collect and save data from the intrusion detection system to influxdb and Loki. - ''; - }; - save_events = mkOption { - type = types.bool; - default = false; - description = lib.mdDoc '' - Collect and save data from UniFi events to influxdb and Loki. - ''; - }; - save_alarms = mkOption { - type = types.bool; - default = false; - description = lib.mdDoc '' - Collect and save data from UniFi alarms to influxdb and Loki. - ''; - }; - save_anomalies = mkOption { - type = types.bool; - default = false; - description = lib.mdDoc '' - Collect and save data from UniFi anomalies to influxdb and Loki. - ''; - }; - save_dpi = mkOption { - type = types.bool; - default = false; - description = lib.mdDoc '' - Collect and save data from deep packet inspection. - Adds around 150 data points and impacts performance. - ''; - }; - save_sites = mkOption { - type = types.bool; - default = true; - description = lib.mdDoc '' - Collect and save site data. - ''; - }; - hash_pii = mkOption { - type = types.bool; - default = false; - description = lib.mdDoc '' - Hash, with md5, client names and MAC addresses. This attempts - to protect personally identifiable information. - ''; - }; - verify_ssl = mkOption { - type = types.bool; - default = true; - description = lib.mdDoc '' - Verify the Unifi controller's certificate. - ''; - }; - }; - - in { - dynamic = mkOption { - type = types.bool; - default = false; - description = lib.mdDoc '' - Let prometheus select which controller to poll when scraping. - Use with default credentials. See unifi-poller wiki for more. - ''; - }; - - defaults = controllerOptions; - - controllers = mkOption { - type = with types; listOf (submodule { options = controllerOptions; }); - default = []; - description = lib.mdDoc '' - List of Unifi controllers to poll. Use defaults if empty. - ''; - apply = map (flip removeAttrs [ "_module" ]); - }; - }; - }; - - config = mkIf cfg.enable { - users.groups.unifi-poller = { }; - users.users.unifi-poller = { - description = "unifi-poller Service User"; - group = "unifi-poller"; - isSystemUser = true; - }; - - systemd.services.unifi-poller = { - wantedBy = [ "multi-user.target" ]; - after = [ "network.target" ]; - serviceConfig = { - ExecStart = "${pkgs.unifi-poller}/bin/unifi-poller --config ${configFile}"; - Restart = "always"; - PrivateTmp = true; - ProtectHome = true; - ProtectSystem = "full"; - DevicePolicy = "closed"; - NoNewPrivileges = true; - User = "unifi-poller"; - WorkingDirectory = "/tmp"; - }; - }; - }; -} |