From f7fbfa543619c37c09c9ecf2bb50da76367fed77 Mon Sep 17 00:00:00 2001 From: Luke Granger-Brown Date: Tue, 31 Aug 2021 02:01:38 +0000 Subject: [PATCH] nix/pkgs: init prometheus-bird-exporter-lfty --- nix/pkgs/default.nix | 1 + nix/pkgs/prometheus-bird-exporter-lfty.nix | 26 ++++++++++++++++++++++ ops/nixos/blade-tuvok/default.nix | 21 +++++++++++++++++ ops/nixos/lib/bgp.nix | 1 + 4 files changed, 49 insertions(+) create mode 100644 nix/pkgs/prometheus-bird-exporter-lfty.nix diff --git a/nix/pkgs/default.nix b/nix/pkgs/default.nix index faaeda78f8..d412792c91 100644 --- a/nix/pkgs/default.nix +++ b/nix/pkgs/default.nix @@ -32,5 +32,6 @@ propagatedBuildInputs = [python3Packages.hg-evolve python3Packages.pygit2]; })); netbox = pkgs.python3Packages.callPackage ./netbox {}; + prometheus-bird-exporter-lfty = pkgs.callPackage ./prometheus-bird-exporter-lfty.nix {}; } // (import ./heptapod-runner.nix args) // (import ./lightspeed args) diff --git a/nix/pkgs/prometheus-bird-exporter-lfty.nix b/nix/pkgs/prometheus-bird-exporter-lfty.nix new file mode 100644 index 0000000000..5454e9925f --- /dev/null +++ b/nix/pkgs/prometheus-bird-exporter-lfty.nix @@ -0,0 +1,26 @@ +{ buildGoPackage +, prometheus-bird-exporter +, fetchFromGitea +}: + +buildGoPackage rec { + pname = "prometheus-bird-exporter-lfty"; + version = "1.2.5"; + name = "${pname}-${version}"; + + src = fetchFromGitea { + domain = "scm.linefinity.com"; + owner = "common"; + repo = pname; + rev = "ea2538b4391508f5c23b6c6874a36cc68180cb24"; + sha256 = "sha256:0c1wj43kfwvyhi1p45akfqrincf8n36pffx2kyb050a2llsgx70z"; + }; + + goPackagePath = "github.com/czerwonk/bird_exporter"; + + passthru.tests = null; + + meta = prometheus-bird-exporter.meta // { + url = "https://scm.linefinity.com/common/prometheus-bird-exporter-lfty"; + }; +} diff --git a/ops/nixos/blade-tuvok/default.nix b/ops/nixos/blade-tuvok/default.nix index 365a062a23..b2894d93cd 100644 --- a/ops/nixos/blade-tuvok/default.nix +++ b/ops/nixos/blade-tuvok/default.nix @@ -220,6 +220,27 @@ in { NetworkNamespacePath = "/var/run/netns/wg-endpoint"; }; }; + # It is at this point he realises it would've been easier if he'd used NixOS containers instead. + systemd.services.bird-wg-endpoint-exporter = { + after = [ "bird-wg-endpoint.service" "network.target" ]; + wantedBy = [ "multi-user.target" ]; + serviceConfig = { + DynamicUser = true; + User = "bird-exporter"; + Group = "bird-exporter"; + PrivateTmp = true; + Restart = "always"; + WorkingDirectory = "/tmp"; + SupplementaryGroups = "bird2"; + ExecStart = '' + ${pkgs.prometheus-bird-exporter}/bin/bird_exporter \ + -web.listen-address 0.0.0.0:9325 \ + -bird.socket /var/run/bird-wg-endpoint.ctl \ + -bird.v2=true \ + -format.new=true + ''; + }; + }; services.lukegbgp.config.export = { v4Extra = '' route 92.118.30.0/24 via 92.118.28.252; diff --git a/ops/nixos/lib/bgp.nix b/ops/nixos/lib/bgp.nix index 198ca9edc0..f82445ec91 100644 --- a/ops/nixos/lib/bgp.nix +++ b/ops/nixos/lib/bgp.nix @@ -336,6 +336,7 @@ in { }; ''; }; + services.prometheus.exporters.bird.enable = config.services.bird2.enable; networking.firewall.allowedTCPPorts = lib.mkIf config.services.lukegbgp.enable (lib.mkAfter [ 179 ]); networking.firewall.checkReversePath = false;