nix/pkgs: init prometheus-bird-exporter-lfty

This commit is contained in:
Luke Granger-Brown 2021-08-31 02:01:38 +00:00
parent a0d97e082d
commit f7fbfa5436
4 changed files with 49 additions and 0 deletions

View file

@ -32,5 +32,6 @@
propagatedBuildInputs = [python3Packages.hg-evolve python3Packages.pygit2];
}));
netbox = pkgs.python3Packages.callPackage ./netbox {};
prometheus-bird-exporter-lfty = pkgs.callPackage ./prometheus-bird-exporter-lfty.nix {};
} // (import ./heptapod-runner.nix args)
// (import ./lightspeed args)

View file

@ -0,0 +1,26 @@
{ buildGoPackage
, prometheus-bird-exporter
, fetchFromGitea
}:
buildGoPackage rec {
pname = "prometheus-bird-exporter-lfty";
version = "1.2.5";
name = "${pname}-${version}";
src = fetchFromGitea {
domain = "scm.linefinity.com";
owner = "common";
repo = pname;
rev = "ea2538b4391508f5c23b6c6874a36cc68180cb24";
sha256 = "sha256:0c1wj43kfwvyhi1p45akfqrincf8n36pffx2kyb050a2llsgx70z";
};
goPackagePath = "github.com/czerwonk/bird_exporter";
passthru.tests = null;
meta = prometheus-bird-exporter.meta // {
url = "https://scm.linefinity.com/common/prometheus-bird-exporter-lfty";
};
}

View file

@ -220,6 +220,27 @@ in {
NetworkNamespacePath = "/var/run/netns/wg-endpoint";
};
};
# It is at this point he realises it would've been easier if he'd used NixOS containers instead.
systemd.services.bird-wg-endpoint-exporter = {
after = [ "bird-wg-endpoint.service" "network.target" ];
wantedBy = [ "multi-user.target" ];
serviceConfig = {
DynamicUser = true;
User = "bird-exporter";
Group = "bird-exporter";
PrivateTmp = true;
Restart = "always";
WorkingDirectory = "/tmp";
SupplementaryGroups = "bird2";
ExecStart = ''
${pkgs.prometheus-bird-exporter}/bin/bird_exporter \
-web.listen-address 0.0.0.0:9325 \
-bird.socket /var/run/bird-wg-endpoint.ctl \
-bird.v2=true \
-format.new=true
'';
};
};
services.lukegbgp.config.export = {
v4Extra = ''
route 92.118.30.0/24 via 92.118.28.252;

View file

@ -336,6 +336,7 @@ in {
};
'';
};
services.prometheus.exporters.bird.enable = config.services.bird2.enable;
networking.firewall.allowedTCPPorts = lib.mkIf config.services.lukegbgp.enable (lib.mkAfter [ 179 ]);
networking.firewall.checkReversePath = false;