summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--krebs/3modules/default.nix1
-rw-r--r--krebs/3modules/monit.nix116
2 files changed, 117 insertions, 0 deletions
diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix
index e0810ab63..f336c966f 100644
--- a/krebs/3modules/default.nix
+++ b/krebs/3modules/default.nix
@@ -22,6 +22,7 @@ let
./go.nix
./iptables.nix
./kapacitor.nix
+ ./monit.nix
./newsbot-js.nix
./nginx.nix
./nixpkgs.nix
diff --git a/krebs/3modules/monit.nix b/krebs/3modules/monit.nix
new file mode 100644
index 000000000..5191a1754
--- /dev/null
+++ b/krebs/3modules/monit.nix
@@ -0,0 +1,116 @@
+{ config, lib, pkgs, ... }:
+
+with builtins;
+with import <stockholm/lib>;
+
+let
+ cfg = config.krebs.monit;
+
+ out = {
+ options.krebs.monit = api;
+ config = mkIf cfg.enable imp;
+ };
+
+ api = {
+ enable = mkEnableOption "monit";
+ http = {
+ enable = mkEnableOption "monit http server";
+ port = mkOption {
+ type = types.int;
+ default = 9093;
+ };
+ user = mkOption {
+ type = types.str;
+ default = "krebs";
+ };
+ pass = mkOption {
+ type = types.str;
+ default = "bob";
+ };
+ };
+ user = mkOption {
+ type = types.user;
+ default = {
+ name = "monit";
+ };
+ };
+ group = mkOption {
+ type = types.group;
+ default = {
+ name = "monitor";
+ };
+ };
+ extraConfig = mkOption {
+ type = types.attrs;
+ default = {};
+ };
+ alarms = mkOption {
+ default = {};
+ type = with types; attrsOf (submodule {
+ options = {
+ test = mkOption {
+ type = path;
+ };
+ alarm = mkOption {
+ type = path;
+ };
+ interval = mkOption {
+ type = str;
+ default = "10";
+ };
+ };
+ });
+ };
+ };
+
+ imp = let
+ configFile = pkgs.writeText "monit.cfg" ''
+ ${optionalString cfg.http.enable ''
+ set httpd port ${toString cfg.http.port}
+ allow ${cfg.http.user}:${cfg.http.pass}
+ ''}
+ set daemon 10
+
+ ${concatStringsSep "\n" (mapAttrsToList (name: alarm: ''
+ check program ${name} with path "${alarm.test}"
+ every 10 cycles
+ if status != 0 then exec "${alarm.alarm}"
+ '') cfg.alarms)}
+ '';
+ in {
+ environment.etc = [
+ {
+ source = configFile;
+ target = "monit.conf";
+ mode = "0400";
+ uid = config.users.users.${cfg.user.name}.uid;
+ }
+ ];
+ users = {
+ groups.${cfg.group.name} = {
+ inherit (cfg.group) name gid;
+ };
+ users.${cfg.user.name} = {
+ inherit (cfg.user) home name uid;
+ createHome = true;
+ group = cfg.group.name;
+ };
+ };
+
+ systemd.services.monit = {
+ description = "monit";
+ after = [ "network.target" ];
+ wantedBy = [ "multi-user.target" ];
+
+ restartIfChanged = true;
+
+ serviceConfig = {
+ Restart = "always";
+ User = cfg.user.name;
+ ExecStart = "${pkgs.monit}/bin/monit -I -c /etc/monit.conf";
+ # Monit should restart when the config changes
+ ExecStartPre = "${pkgs.coreutils}/bin/echo ${configFile}";
+ };
+ };
+ };
+in out