mirrors/nixpkgs
1
0
Fork 1
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-11-17 19:21:04 +00:00
Code Issues Wiki Activity

tremor-rs: module init

Browse source
This commit is contained in:
happysalada 2022-11-18 17:20:05 -05:00 committed by Yt
parent ef945c5e88
commit 4a3aa6ff98
2 changed files with 130 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
nixos/modules/module-list.nix
View file

@ -718,6 +718,7 @@
./services/monitoring/teamviewer.nix
./services/monitoring/telegraf.nix
./services/monitoring/thanos.nix
./services/monitoring/tremor-rs.nix
./services/monitoring/tuptime.nix
./services/monitoring/unifi-poller.nix
./services/monitoring/ups.nix

129
nixos/modules/services/monitoring/tremor-rs.nix Normal file
View file

@ -0,0 +1,129 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.tremor-rs;
loggerSettingsFormat = pkgs.formats.yaml { };
loggerConfigFile = loggerSettingsFormat.generate "logger.yaml" cfg.loggerSettings;
in {
options = {
services.tremor-rs = {
enable = lib.mkEnableOption (lib.mdDoc "Tremor event- or stream-processing system");
troyFileList = mkOption {
type = types.listOf types.path;
default = [];
description = lib.mdDoc "List of troy files to load.";
};
tremorLibDir = mkOption {
type = types.path;
default = "";
description = lib.mdDoc "Directory where to find /lib containing tremor script files";
};
host = mkOption {
type = types.str;
default = "127.0.0.1";
description = lib.mdDoc "The host tremor should be listening on";
};
port = mkOption {
type = types.port;
default = 9898;
description = lib.mdDoc "the port tremor should be listening on";
};
loggerSettings = mkOption {
description = lib.mdDoc "Tremor logger configuration";
default = {};
type = loggerSettingsFormat.type;
example = {
refresh_rate = "30 seconds";
appenders.stdout.kind = "console";
root = {
level = "warn";
appenders = [ "stdout" ];
};
loggers = {
tremor_runtime = {
level = "debug";
appenders = [ "stdout" ];
additive = false;
};
tremor = {
level = "debug";
appenders = [ "stdout" ];
additive = false;
};
};
};
defaultText = literalExpression ''
{
refresh_rate = "30 seconds";
appenders.stdout.kind = "console";
root = {
level = "warn";
appenders = [ "stdout" ];
};
loggers = {
tremor_runtime = {
level = "debug";
appenders = [ "stdout" ];
additive = false;
};
tremor = {
level = "debug";
appenders = [ "stdout" ];
additive = false;
};
};
}
'';
};
};
};
config = mkIf (cfg.enable) {
environment.systemPackages = [ pkgs.tremor-rs ] ;
systemd.services.tremor-rs = {
description = "Tremor event- or stream-processing system";
wantedBy = [ "multi-user.target" ];
requires = [ "network-online.target" ];
after = [ "network-online.target" ];
environment.TREMOR_PATH = "${pkgs.tremor-rs}/lib:${cfg.tremorLibDir}";
serviceConfig = {
ExecStart = "${pkgs.tremor-rs}/bin/tremor --logger-config ${loggerConfigFile} server run ${concatStringsSep " " cfg.troyFileList} --api-host ${cfg.host}:${toString cfg.port}";
DynamicUser = true;
Restart = "always";
NoNewPrivileges = true;
PrivateTmp = true;
ProtectHome = true;
ProtectClock = true;
ProtectProc = "noaccess";
ProcSubset = "pid";
ProtectKernelLogs = true;
ProtectKernelModules = true;
ProtectKernelTunables = true;
ProtectControlGroups = true;
ProtectHostname = true;
RestrictSUIDSGID = true;
RestrictRealtime = true;
RestrictNamespaces = true;
LockPersonality = true;
RemoveIPC = true;
SystemCallFilter = [ "@system-service" "~@privileged" ];
};
};
};
}