movefasta/nixpkgs
0
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2025-07-14 06:00:33 +03:00
Code Activity

nixos/prometheus-fastly-exporter: fix runtime environment

Browse source 
- Make the token a required option
- Drop the proto from the listen parameter
- Use systemd credentials to pass the token file
- Drop debug flag, use extraArgs instead
- Actually hook up extraArgs
- Escape shell arguments
- Drop overly broad `with lib` statement
This commit is contained in:
Martin Weinelt 2024-02-09 02:08:02 +01:00
parent f1f689a8e8
commit a43d9cd69a
No known key found for this signature in database
GPG key ID: 87C1E9888F856759
1 changed files with 32 additions and 19 deletions
Download patch file Download diff file Expand all files Collapse all files

51
nixos/modules/services/monitoring/prometheus/exporters/fastly.nix
View file

@ -1,41 +1,54 @@
{ config, lib, pkgs, options }: { config
, lib
, pkgs
, options
}:
with lib; let
inherit (lib)
escapeShellArgs
mkOption
optionals
types
;
let cfg = config.services.prometheus.exporters.fastly; cfg = config.services.prometheus.exporters.fastly;
in in
{ {
port = 9118; port = 9118;
extraOpts = { extraOpts = with types; {
debug = mkEnableOption (lib.mdDoc "Debug logging mode for fastly-exporter");
configFile = mkOption { configFile = mkOption {
type = types.nullOr types.path; type = nullOr path;
default = null; default = null;
description = lib.mdDoc '' example = "./fastly-exporter-config.txt";
description = ''
Path to a fastly-exporter configuration file. Path to a fastly-exporter configuration file.
Example one can be generated with `fastly-exporter --config-file-example`. Example one can be generated with `fastly-exporter --config-file-example`.
''; '';
example = "./fastly-exporter-config.txt";
}; };
tokenPath = mkOption { tokenPath = mkOption {
type = types.nullOr types.path; type = path;
apply = final: if final == null then null else toString final; description = ''
description = lib.mdDoc ''
A run-time path to the token file, which is supposed to be provisioned A run-time path to the token file, which is supposed to be provisioned
outside of Nix store. outside of Nix store.
''; '';
}; };
}; };
serviceOpts = { serviceOpts = {
script = '' serviceConfig = {
${optionalString (cfg.tokenPath != null) LoadCredential = "fastly-api-token:${cfg.tokenPath}";
"export FASTLY_API_TOKEN=$(cat ${toString cfg.tokenPath})"} };
${pkgs.prometheus-fastly-exporter}/bin/fastly-exporter \ script = let
-listen http://${cfg.listenAddress}:${toString cfg.port} call = escapeShellArgs ([
${optionalString cfg.debug "-debug true"} \ "${pkgs.prometheus-fastly-exporter}/bin/fastly-exporter"
${optionalString (cfg.configFile != null) "-config-file ${cfg.configFile}"} "-listen" "${cfg.listenAddress}:${toString cfg.port}"
] ++ optionals (cfg.configFile != null) [
"--config-file" cfg.configFile
] ++ cfg.extraFlags);
in ''
export FASTLY_API_TOKEN="$(cat $CREDENTIALS_DIRECTORY/fastly-api-token)"
${call}
''; '';
}; };
} }