diff options
author | Linus Heckemann <git@sphalerite.org> | 2020-09-25 12:24:09 +0200 |
---|---|---|
committer | Linus Heckemann <git@sphalerite.org> | 2020-09-29 10:53:04 +0200 |
commit | a560936cabdc339a75a6ab9d665f296880d0e39a (patch) | |
tree | 12e0d625b000c6ad84f0bb1df09c33b87c96e85d /nixos | |
parent | 2c1e72ee6a2eb2ad5bb58e7d1a8512f6bdc7f8e5 (diff) | |
download | nixpkgs-a560936cabdc339a75a6ab9d665f296880d0e39a.tar nixpkgs-a560936cabdc339a75a6ab9d665f296880d0e39a.tar.gz nixpkgs-a560936cabdc339a75a6ab9d665f296880d0e39a.tar.bz2 nixpkgs-a560936cabdc339a75a6ab9d665f296880d0e39a.tar.lz nixpkgs-a560936cabdc339a75a6ab9d665f296880d0e39a.tar.xz nixpkgs-a560936cabdc339a75a6ab9d665f296880d0e39a.tar.zst nixpkgs-a560936cabdc339a75a6ab9d665f296880d0e39a.zip |
nixos/prometheus-exporters/openvpn: init
Co-Authored-By: Franz Pletz <fpletz@fnordicwalking.de> Co-Authored-By: Robin Gloster <mail@glob.in>
Diffstat (limited to 'nixos')
-rw-r--r-- | nixos/modules/services/monitoring/prometheus/exporters.nix | 1 | ||||
-rw-r--r-- | nixos/modules/services/monitoring/prometheus/exporters/openvpn.nix | 39 | ||||
-rw-r--r-- | nixos/tests/prometheus-exporters.nix | 25 |
3 files changed, 65 insertions, 0 deletions
diff --git a/nixos/modules/services/monitoring/prometheus/exporters.nix b/nixos/modules/services/monitoring/prometheus/exporters.nix index c71cbafaa82..ddc92f1efe2 100644 --- a/nixos/modules/services/monitoring/prometheus/exporters.nix +++ b/nixos/modules/services/monitoring/prometheus/exporters.nix @@ -38,6 +38,7 @@ let "nextcloud" "nginx" "node" + "openvpn" "postfix" "postgres" "redis" diff --git a/nixos/modules/services/monitoring/prometheus/exporters/openvpn.nix b/nixos/modules/services/monitoring/prometheus/exporters/openvpn.nix new file mode 100644 index 00000000000..a97a753ebc3 --- /dev/null +++ b/nixos/modules/services/monitoring/prometheus/exporters/openvpn.nix @@ -0,0 +1,39 @@ +{ config, pkgs, lib, ... }: + +with lib; + +let + cfg = config.services.prometheus.exporters.openvpn; +in { + port = 9176; + extraOpts = { + statusPaths = mkOption { + type = types.listOf types.str; + description = '' + Paths to OpenVPN status files. Please configure the OpenVPN option + <literal>status</literal> accordingly. + ''; + }; + telemetryPath = mkOption { + type = types.str; + default = "/metrics"; + description = '' + Path under which to expose metrics. + ''; + }; + }; + + serviceOpts = { + serviceConfig = { + PrivateDevices = true; + ProtectKernelModules = true; + NoNewPrivileges = true; + ExecStart = '' + ${pkgs.prometheus-openvpn-exporter}/bin/openvpn_exporter \ + -openvpn.status_paths "${concatStringsSep "," cfg.statusPaths}" \ + -web.listen-address ${cfg.listenAddress}:${toString cfg.port} \ + -web.telemetry-path ${cfg.telemetryPath} + ''; + }; + }; +} diff --git a/nixos/tests/prometheus-exporters.nix b/nixos/tests/prometheus-exporters.nix index fdcc4072132..79c4ab962e9 100644 --- a/nixos/tests/prometheus-exporters.nix +++ b/nixos/tests/prometheus-exporters.nix @@ -457,6 +457,31 @@ let ''; }; + openvpn = { + exporterConfig = { + enable = true; + group = "openvpn"; + statusPaths = ["/run/openvpn-test"]; + }; + metricProvider = { + users.groups.openvpn = {}; + services.openvpn.servers.test = { + config = '' + dev tun + status /run/openvpn-test + status-version 3 + ''; + up = "chmod g+r /run/openvpn-test"; + }; + systemd.services."openvpn-test".serviceConfig.Group = "openvpn"; + }; + exporterTest = '' + wait_for_unit("openvpn-test.service") + wait_for_unit("prometheus-openvpn-exporter.service") + succeed("curl -sSf http://localhost:9176/metrics | grep -q 'openvpn_up{.*} 1'") + ''; + }; + postfix = { exporterConfig = { enable = true; |