ilyakooo0/nixpkgs
1
0
Fork 0
mirror of https://github.com/ilyakooo0/nixpkgs.git synced 2024-09-20 20:20:26 +03:00
Code Issues Projects Releases Wiki Activity

nixos/tempo: add extraFlags option

Browse Source 
Main use-case for me is to specify `-config.expand-env=true` which
allows me inject secrets via systemd's environment file mechanism[1]
like this:

    storage.trace.s3 = {
      /* all the other stuff */
      secret_key = "\${GARAGE_SECRET_KEY}";
    };

[1] https://grafana.com/docs/tempo/latest/configuration/#use-environment-variables-in-the-configuration
This commit is contained in:
Maximilian Bosch 2023-08-14 18:05:25 +02:00
parent afde5d87aa
commit 10c6be32e4
No known key found for this signature in database
GPG Key ID: 9A6EEA275CA5BE0A
1 changed files with 13 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
nixos/modules/services/tracing/tempo.nix
View File

@ -27,6 +27,18 @@ in {
Specify a path to a configuration file that Tempo should use.
'';
};
extraFlags = mkOption {
type = types.listOf types.str;
default = [];
example = lib.literalExpression
''
[ "-config.expand-env=true" ]
'';
description = lib.mdDoc ''
Additional flags to pass to the `ExecStart=` in `tempo.service`.
'';
};
};
config = mkIf cfg.enable {
@ -54,7 +66,7 @@ in {
else cfg.configFile;
in
{
ExecStart = "${pkgs.tempo}/bin/tempo --config.file=${conf}";
ExecStart = "${pkgs.tempo}/bin/tempo --config.file=${conf} ${lib.escapeShellArgs cfg.extraFlags}";
DynamicUser = true;
Restart = "always";
ProtectSystem = "full";