From ae7ce180dd8bd30721d19dd1c2e6af00fce0d9ec Mon Sep 17 00:00:00 2001
From: Matthias Treydte <mt@waldheinz.de>
Date: Wed, 13 Oct 2021 12:57:34 +0200
Subject: [PATCH] nixos/prometheus: fix node exporter systemd collector

The systemd collector needs AF_UNIX to talk to
/var/run/dbus/system_bus_socket, which was broken
with 9fea6d4c8551b7c8783f23e011a2ba113c95d0dd.

This commit allows AF_UNIX when needed.
---
 nixos/modules/services/monitoring/prometheus/exporters/node.nix | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/nixos/modules/services/monitoring/prometheus/exporters/node.nix b/nixos/modules/services/monitoring/prometheus/exporters/node.nix
index ed594460d95c..bc89799006eb 100644
--- a/nixos/modules/services/monitoring/prometheus/exporters/node.nix
+++ b/nixos/modules/services/monitoring/prometheus/exporters/node.nix
@@ -35,6 +35,8 @@ in
           ${concatMapStringsSep " " (x: "--no-collector." + x) cfg.disabledCollectors} \
           --web.listen-address ${cfg.listenAddress}:${toString cfg.port} ${concatStringsSep " " cfg.extraFlags}
       '';
+      # The systemd collector needs AF_UNIX
+      RestrictAddressFamilies = lib.optional (lib.any (x: x == "systemd") cfg.enabledCollectors) "AF_UNIX";
     };
   };
 }