mirror of
https://github.com/ilyakooo0/nixpkgs.git
synced 2024-09-21 20:49:52 +03:00
Merge pull request #252041 from mweinelt/unbound-exporter
prometheus-unbound-exporter: replace at 0.4.4
This commit is contained in:
commit
d17a82f986
@ -116,6 +116,9 @@
|
||||
|
||||
- The ISC DHCP package and corresponding module have been removed, because they are end of life upstream. See https://www.isc.org/blogs/isc-dhcp-eol/ for details and switch to a different DHCP implementation like kea or dnsmasq.
|
||||
|
||||
- `prometheus-unbound-exporter` has been replaced by the Let's Encrypt maintained version, since the previous version was archived. This requires some changes to the module configuration, most notable `controlInterface` needs migration
|
||||
towards `unbound.host` and requires either the `tcp://` or `unix://` URI scheme.
|
||||
|
||||
- `odoo` now defaults to 16, updated from 15.
|
||||
|
||||
- `util-linux` is now supported on Darwin and is no longer an alias to `unixtools`. Use the `unixtools.util-linux` package for access to the Apple variants of the utilities.
|
||||
|
@ -1,4 +1,8 @@
|
||||
{ config, lib, pkgs, options }:
|
||||
{ config
|
||||
, lib
|
||||
, pkgs
|
||||
, options
|
||||
}:
|
||||
|
||||
with lib;
|
||||
|
||||
@ -6,17 +10,14 @@ let
|
||||
cfg = config.services.prometheus.exporters.unbound;
|
||||
in
|
||||
{
|
||||
imports = [
|
||||
(mkRemovedOptionModule [ "controlInterface" ] "This option was removed, use the `unbound.host` option instead.")
|
||||
(mkRemovedOptionModule [ "fetchType" ] "This option was removed, use the `unbound.host` option instead.")
|
||||
({ options.warnings = options.warnings; options.assertions = options.assertions; })
|
||||
];
|
||||
|
||||
port = 9167;
|
||||
extraOpts = {
|
||||
fetchType = mkOption {
|
||||
# TODO: add shm when upstream implemented it
|
||||
type = types.enum [ "tcp" "uds" ];
|
||||
default = "uds";
|
||||
description = lib.mdDoc ''
|
||||
Which methods the exporter uses to get the information from unbound.
|
||||
'';
|
||||
};
|
||||
|
||||
telemetryPath = mkOption {
|
||||
type = types.str;
|
||||
default = "/metrics";
|
||||
@ -25,34 +26,65 @@ in
|
||||
'';
|
||||
};
|
||||
|
||||
controlInterface = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
default = null;
|
||||
example = "/run/unbound/unbound.socket";
|
||||
description = lib.mdDoc ''
|
||||
Path to the unbound socket for uds mode or the control interface port for tcp mode.
|
||||
unbound = {
|
||||
ca = mkOption {
|
||||
type = types.nullOr types.path;
|
||||
default = "/var/lib/unbound/unbound_server.pem";
|
||||
example = null;
|
||||
description = ''
|
||||
Path to the Unbound server certificate authority
|
||||
'';
|
||||
};
|
||||
|
||||
Example:
|
||||
uds-mode: /run/unbound/unbound.socket
|
||||
tcp-mode: 127.0.0.1:8953
|
||||
'';
|
||||
certificate = mkOption {
|
||||
type = types.nullOr types.path;
|
||||
default = "/var/lib/unbound/unbound_control.pem";
|
||||
example = null;
|
||||
description = ''
|
||||
Path to the Unbound control socket certificate
|
||||
'';
|
||||
};
|
||||
|
||||
key = mkOption {
|
||||
type = types.nullOr types.path;
|
||||
default = "/var/lib/unbound/unbound_control.key";
|
||||
example = null;
|
||||
description = ''
|
||||
Path to the Unbound control socket key.
|
||||
'';
|
||||
};
|
||||
|
||||
host = mkOption {
|
||||
type = types.str;
|
||||
default = "tcp://127.0.0.1:8953";
|
||||
example = "unix:///run/unbound/unbound.socket";
|
||||
description = lib.mdDoc ''
|
||||
Path to the unbound control socket. Supports unix domain sockets, as well as the TCP interface.
|
||||
'';
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
serviceOpts = mkMerge ([{
|
||||
serviceConfig = {
|
||||
User = "unbound"; # to access the unbound_control.key
|
||||
ExecStart = ''
|
||||
${pkgs.prometheus-unbound-exporter}/bin/unbound-telemetry \
|
||||
${cfg.fetchType} \
|
||||
--bind ${cfg.listenAddress}:${toString cfg.port} \
|
||||
--path ${cfg.telemetryPath} \
|
||||
${optionalString (cfg.controlInterface != null) "--control-interface ${cfg.controlInterface}"} \
|
||||
${pkgs.prometheus-unbound-exporter}/bin/unbound_exporter \
|
||||
--unbound.host "${cfg.unbound.host}" \
|
||||
--web.listen-address ${cfg.listenAddress}:${toString cfg.port} \
|
||||
--web.telemetry-path ${cfg.telemetryPath} \
|
||||
${optionalString (cfg.unbound.ca != null) "--unbound.ca ${cfg.unbound.ca}"} \
|
||||
${optionalString (cfg.unbound.certificate != null) "--unbound.cert ${cfg.unbound.certificate}"} \
|
||||
${optionalString (cfg.unbound.key != null) "--unbound.key ${cfg.unbound.key}"} \
|
||||
${toString cfg.extraFlags}
|
||||
'';
|
||||
RestrictAddressFamilies = [
|
||||
# Need AF_UNIX to collect data
|
||||
"AF_UNIX"
|
||||
"AF_INET"
|
||||
"AF_INET6"
|
||||
];
|
||||
} // optionalAttrs (!config.services.unbound.enable) {
|
||||
DynamicUser = true;
|
||||
};
|
||||
}] ++ [
|
||||
(mkIf config.services.unbound.enable {
|
||||
|
@ -1422,8 +1422,7 @@ let
|
||||
unbound = {
|
||||
exporterConfig = {
|
||||
enable = true;
|
||||
fetchType = "uds";
|
||||
controlInterface = "/run/unbound/unbound.ctl";
|
||||
unbound.host = "unix:///run/unbound/unbound.ctl";
|
||||
};
|
||||
metricProvider = {
|
||||
services.unbound = {
|
||||
@ -1438,7 +1437,7 @@ let
|
||||
wait_for_unit("unbound.service")
|
||||
wait_for_unit("prometheus-unbound-exporter.service")
|
||||
wait_for_open_port(9167)
|
||||
succeed("curl -sSf localhost:9167/metrics | grep 'unbound_up 1'")
|
||||
wait_until_succeeds("curl -sSf localhost:9167/metrics | grep 'unbound_up 1'")
|
||||
'';
|
||||
};
|
||||
|
||||
|
@ -1,36 +1,34 @@
|
||||
{ lib, stdenv, rustPlatform, fetchFromGitHub, openssl, pkg-config, nixosTests, Security }:
|
||||
{ lib
|
||||
, buildGoModule
|
||||
, fetchFromGitHub
|
||||
, nixosTests
|
||||
}:
|
||||
|
||||
rustPlatform.buildRustPackage rec {
|
||||
pname = "unbound-telemetry";
|
||||
version = "unstable-2021-09-18";
|
||||
let
|
||||
version = "0.4.4";
|
||||
in
|
||||
buildGoModule {
|
||||
pname = "unbound_exporter";
|
||||
inherit version;
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "svartalf";
|
||||
repo = pname;
|
||||
rev = "19e53b05828a43b7062b67a9cc6c84836ca26439";
|
||||
sha256 = "sha256-wkr9T6GlJP/PSv17z3MC7vC0cXg/Z6rGlhlCUHH3Ua4=";
|
||||
owner = "letsencrypt";
|
||||
repo = "unbound_exporter";
|
||||
rev = "refs/tags/v${version}";
|
||||
hash = "sha256-0eo56z5b+hzKCY5OKg/9F7rjLyoSKPJoHLoXeMjCuFU=";
|
||||
};
|
||||
|
||||
cargoLock = {
|
||||
lockFile = ./Cargo.lock;
|
||||
outputHashes = {
|
||||
"native-tls-0.2.3" = "sha256-I1+ZNLDVGS1x9Iu81RD2//xnqhKhNGBmlrT0ryNFSlE=";
|
||||
};
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ pkg-config ];
|
||||
|
||||
buildInputs = [ openssl ]
|
||||
++ lib.optional stdenv.isDarwin Security;
|
||||
vendorHash = "sha256-4aWuf9UTPQseEwDJfWIcQW4uGMffRnWlHhiu0yMz4vk=";
|
||||
|
||||
passthru.tests = {
|
||||
inherit (nixosTests.prometheus-exporters) unbound;
|
||||
};
|
||||
|
||||
meta = with lib; {
|
||||
changelog = "https://github.com/letsencrypt/unbound_exporter/releases/tag/v${version}";
|
||||
description = "Prometheus exporter for Unbound DNS resolver";
|
||||
homepage = "https://github.com/svartalf/unbound-telemetry";
|
||||
license = licenses.mit;
|
||||
maintainers = with maintainers; [ ];
|
||||
homepage = "https://github.com/letsencrypt/unbound_exporter/tree/main";
|
||||
license = licenses.asl20;
|
||||
maintainers = with maintainers; [ hexa ];
|
||||
};
|
||||
}
|
||||
|
@ -27319,9 +27319,7 @@ with pkgs;
|
||||
prometheus-sql-exporter = callPackage ../servers/monitoring/prometheus/sql-exporter.nix { };
|
||||
prometheus-systemd-exporter = callPackage ../servers/monitoring/prometheus/systemd-exporter.nix { };
|
||||
prometheus-tor-exporter = callPackage ../servers/monitoring/prometheus/tor-exporter.nix { };
|
||||
prometheus-unbound-exporter = callPackage ../servers/monitoring/prometheus/unbound-exporter.nix {
|
||||
inherit (darwin.apple_sdk.frameworks) Security;
|
||||
};
|
||||
prometheus-unbound-exporter = callPackage ../servers/monitoring/prometheus/unbound-exporter.nix { };
|
||||
prometheus-v2ray-exporter = callPackage ../servers/monitoring/prometheus/v2ray-exporter.nix { };
|
||||
prometheus-varnish-exporter = callPackage ../servers/monitoring/prometheus/varnish-exporter.nix { };
|
||||
prometheus-wireguard-exporter = callPackage ../servers/monitoring/prometheus/wireguard-exporter.nix {
|
||||
|
Loading…
Reference in New Issue
Block a user