sokai/mynixos-config
1
1
Fork 0
forked from mirrors_public/oddlama_nix-config
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

chore: only enable sensors in telegraf for physical machines

Browse source
This commit is contained in:
oddlama 2023-07-05 15:04:23 +02:00
parent 822bace189
commit 31ef29569d
No known key found for this signature in database
GPG key ID: 14EFE510775FE39A
1 changed files with 10 additions and 9 deletions
Download patch file Download diff file Expand all files Collapse all files

19
modules/meta/telegraf.nix
View file

@ -56,20 +56,23 @@ in {
group = "telegraf"; group = "telegraf";
}; };
security.elewrap.telegraf-sensors = { # It's intentional to gate this behind smartd. Hosts without smartd are usually
command = ["${pkgs.lm_sensors}/bin/sensors" "-A" "-d"]; # virtual and won't need sensor collection either.
# XXX: maybe as separate option?
security.elewrap.telegraf-sensors = mkIf config.services.smartd.enable {
command = ["${pkgs.lm_sensors}/bin/sensors" "-A" "-u"];
targetUser = "root"; targetUser = "root";
allowedUsers = ["telegraf"]; allowedUsers = ["telegraf"];
}; };
security.elewrap.telegraf-nvme = { security.elewrap.telegraf-nvme = mkIf config.services.smartd.enable {
command = ["${pkgs.nvme-cli}/bin/nvme"]; command = ["${pkgs.nvme-cli}/bin/nvme"];
targetUser = "root"; targetUser = "root";
allowedUsers = ["telegraf"]; allowedUsers = ["telegraf"];
passArguments = true; passArguments = true;
}; };
security.elewrap.telegraf-smartctl = { security.elewrap.telegraf-smartctl = mkIf config.services.smartd.enable {
command = ["${pkgs.smartmontools}/bin/smartctl"]; command = ["${pkgs.smartmontools}/bin/smartctl"];
targetUser = "root"; targetUser = "root";
allowedUsers = ["telegraf"]; allowedUsers = ["telegraf"];
@ -115,9 +118,6 @@ in {
netstat = {}; netstat = {};
nstat = {}; nstat = {};
processes = {}; processes = {};
sensors = {
inherit (config.security.elewrap.telegraf-sensors) path;
};
swap = {}; swap = {};
system = {}; system = {};
systemd_units = { systemd_units = {
@ -129,6 +129,7 @@ in {
# ping = { urls = [ "9.9.9.9" ]; }; # ping = { urls = [ "9.9.9.9" ]; };
} }
// optionalAttrs config.services.smartd.enable { // optionalAttrs config.services.smartd.enable {
sensors = {};
smart = { smart = {
path_nvme = config.security.elewrap.telegraf-nvme.path; path_nvme = config.security.elewrap.telegraf-nvme.path;
path_smartctl = config.security.elewrap.telegraf-smartctl.path; path_smartctl = config.security.elewrap.telegraf-smartctl.path;
@ -156,8 +157,8 @@ in {
systemd.services.telegraf = { systemd.services.telegraf = {
path = [ path = [
"/run/wrappers" # Make sensors refer to the correct wrapper
pkgs.lm_sensors (mkIf config.services.smartd.enable (pkgs.writeShellScriptBin "sensors" config.security.elewrap.telegraf-sensors.path))
]; ];
serviceConfig = { serviceConfig = {
# For wireguard statistics # For wireguard statistics