depot/nixos/modules/services/monitoring/snmpd.nix

{ pkgs, config, lib, ... }:

let
  cfg = config.services.snmpd;
  configFile = if cfg.configText != "" then
    pkgs.writeText "snmpd.cfg" ''
      ${cfg.configText}
    '' else null;
in {
  options.services.snmpd = {
    enable = lib.mkEnableOption "snmpd";

    package = lib.mkPackageOption pkgs "net-snmp" {};

    listenAddress = lib.mkOption {
      type = lib.types.str;
      default = "0.0.0.0";
      description = ''
        The address to listen on for SNMP and AgentX messages.
      '';
      example = "127.0.0.1";
    };

    port = lib.mkOption {
      type = lib.types.port;
      default = 161;
      description = ''
        The port to listen on for SNMP and AgentX messages.
      '';
    };

    openFirewall = lib.mkOption {
      type = lib.types.bool;
      default = false;
      description = ''
        Open port in firewall for snmpd.
      '';
    };

    configText = lib.mkOption {
      type = lib.types.lines;
      default = "";
      description = ''
        The contents of the snmpd.conf. If the {option}`configFile` option
        is set, this value will be ignored.

        Note that the contents of this option will be added to the Nix
        store as world-readable plain text, {option}`configFile` can be used in
        addition to a secret management tool to protect sensitive data.
      '';
    };

    configFile = lib.mkOption {
      type = lib.types.path;
      default = configFile;
      defaultText = lib.literalMD "The value of {option}`configText`.";
      description = ''
        Path to the snmpd.conf file. By default, if {option}`configText` is set,
        a config file will be automatically generated.
      '';
    };

  };

  config = lib.mkIf cfg.enable {
    systemd.services."snmpd" = {
      description = "Simple Network Management Protocol (SNMP) daemon.";
      after = [ "network.target" ];
      wantedBy = [ "multi-user.target" ];
      serviceConfig = {
        Type = "simple";
        ExecStart = "${lib.getExe' cfg.package "snmpd"} -f -Lo -c ${cfg.configFile} ${cfg.listenAddress}:${toString cfg.port}";
      };
    };

    networking.firewall.allowedUDPPorts = lib.mkIf cfg.openFirewall [
      cfg.port
    ];
  };

  meta.maintainers = [ lib.maintainers.eliandoran ];

}
Squashed 'third_party/nixpkgs/' content from commit 76612b17c0ce git-subtree-dir: third_party/nixpkgs git-subtree-split: 76612b17c0ce71689921ca12d9ffdc9c23ce40b2 2024-11-10 23:59:47 +00:00			`{ pkgs, config, lib, ... }:`

			`let`
			`cfg = config.services.snmpd;`
			`configFile = if cfg.configText != "" then`
			`pkgs.writeText "snmpd.cfg" ''`
			`${cfg.configText}`
			`'' else null;`
			`in {`
			`options.services.snmpd = {`
			`enable = lib.mkEnableOption "snmpd";`

			`package = lib.mkPackageOption pkgs "net-snmp" {};`

			`listenAddress = lib.mkOption {`
			`type = lib.types.str;`
			`default = "0.0.0.0";`
			`description = ''`
			`The address to listen on for SNMP and AgentX messages.`
			`'';`
			`example = "127.0.0.1";`
			`};`

			`port = lib.mkOption {`
			`type = lib.types.port;`
			`default = 161;`
			`description = ''`
			`The port to listen on for SNMP and AgentX messages.`
			`'';`
			`};`

			`openFirewall = lib.mkOption {`
			`type = lib.types.bool;`
			`default = false;`
			`description = ''`
			`Open port in firewall for snmpd.`
			`'';`
			`};`

			`configText = lib.mkOption {`
			`type = lib.types.lines;`
			`default = "";`
			`description = ''`
			The contents of the snmpd.conf. If the {option}`configFile` option
			`is set, this value will be ignored.`

			`Note that the contents of this option will be added to the Nix`
			store as world-readable plain text, {option}`configFile` can be used in
			`addition to a secret management tool to protect sensitive data.`
			`'';`
			`};`

			`configFile = lib.mkOption {`
			`type = lib.types.path;`
			`default = configFile;`
			defaultText = lib.literalMD "The value of {option}`configText`.";
			`description = ''`
			Path to the snmpd.conf file. By default, if {option}`configText` is set,
			`a config file will be automatically generated.`
			`'';`
			`};`

			`};`

			`config = lib.mkIf cfg.enable {`
			`systemd.services."snmpd" = {`
			`description = "Simple Network Management Protocol (SNMP) daemon.";`
			`after = [ "network.target" ];`
			`wantedBy = [ "multi-user.target" ];`
			`serviceConfig = {`
			`Type = "simple";`
			`ExecStart = "${lib.getExe' cfg.package "snmpd"} -f -Lo -c ${cfg.configFile} ${cfg.listenAddress}:${toString cfg.port}";`
			`};`
			`};`

			`networking.firewall.allowedUDPPorts = lib.mkIf cfg.openFirewall [`
			`cfg.port`
			`];`
			`};`

			`meta.maintainers = [ lib.maintainers.eliandoran ];`

			`}`