1
0
Fork 0
nix-configuration/modules/services/netdata.nix

123 lines
3.6 KiB
Nix
Raw Normal View History

2024-08-04 21:55:02 +00:00
{
pkgs,
config,
lib,
...
}:
let
cfg = config.aux.system.services.netdata;
in
{
options = {
aux.system.services.netdata = {
enable = lib.mkEnableOption "Enables Netdata monitoring.";
auth = {
user = lib.mkOption {
default = "netdata";
type = lib.types.str;
description = "Username for basic auth.";
};
password = lib.mkOption {
default = "";
type = lib.types.str;
description = "Password for basic auth.";
};
apiKey = lib.mkOption {
default = "";
type = lib.types.str;
description = "API key for streaming data from a child to a parent.";
};
2024-08-04 21:55:02 +00:00
};
type = lib.mkOption {
default = "parent";
type = lib.types.enum [
"parent"
"child"
];
description = "Whether this is a parent (default: includes web UI) or child (no web UI - streaming only).";
example = "child";
};
2024-08-04 21:55:02 +00:00
url = lib.mkOption {
default = "";
type = lib.types.str;
description = "The complete URL where Netdata is hosted.";
example = "https://netdata.example.com";
};
};
};
config = lib.mkMerge [
(lib.mkIf (cfg.enable && cfg.type == "parent") {
services = {
nginx.virtualHosts."${cfg.url}" = {
useACMEHost = pkgs.util.getDomainFromURI cfg.url;
forceSSL = true;
basicAuth = {
"${cfg.auth.user}" = cfg.auth.password;
};
locations."/" = {
proxyPass = "http://127.0.0.1:19999";
extraConfig = ''
# Taken from https://learn.netdata.cloud/docs/netdata-agent/configuration/running-the-netdata-agent-behind-a-reverse-proxy/nginx
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass_request_headers on;
proxy_set_header Connection "keep-alive";
proxy_store off;
'';
};
};
netdata = {
enable = true;
package = pkgs.unstable.netdataCloud;
enableAnalyticsReporting = false;
configDir = {
# Allow incoming streams
"stream.conf" = pkgs.writeText "stream.conf" ''
[${config.secrets.services.netdata.apiKey}]
2024-11-26 17:08:06 +00:00
enabled = no
default history = 3600
default memory mode = dbengine
health enabled by default = auto
allow streaming from = *
'';
};
2024-08-04 21:55:02 +00:00
};
};
systemd.services.nginx.wants = [ config.systemd.services.netdata.name ];
})
2024-08-04 21:55:02 +00:00
(lib.mkIf (cfg.enable && cfg.type == "child") {
services.netdata = {
enable = true;
package = pkgs.unstable.netdataCloud;
enableAnalyticsReporting = false;
# Disable web UI
config = {
global = {
"memory mode" = "none";
};
web = {
mode = "none";
"accept a streaming request every seconds" = 0;
};
};
# Set up streaming
# FIXME: Requires a non-HTTP port. See https://community.netdata.cloud/t/properly-running-parent-child-nodes/1417/4
2024-08-04 21:55:02 +00:00
configDir = {
"stream.conf" = pkgs.writeText "stream.conf" ''
[stream]
enabled = yes
destination = ${cfg.url}:443:SSL
api key = ${cfg.auth.apiKey}
[${cfg.auth.apiKey}]
enabled = yes
2024-08-04 21:55:02 +00:00
'';
};
};
})
];
2024-08-04 21:55:02 +00:00
}