From 9750813b89bfa38d2c319a28d8537d8754047d05 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Sat, 22 Aug 2020 08:17:40 +0100 Subject: [PATCH 1/5] nixos/telegraf: add support for native ping --- nixos/modules/services/monitoring/telegraf.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/nixos/modules/services/monitoring/telegraf.nix b/nixos/modules/services/monitoring/telegraf.nix index 5d131557e8be..c6b0b8906fd6 100644 --- a/nixos/modules/services/monitoring/telegraf.nix +++ b/nixos/modules/services/monitoring/telegraf.nix @@ -60,6 +60,8 @@ in { ExecReload="${pkgs.coreutils}/bin/kill -HUP $MAINPID"; User = "telegraf"; Restart = "on-failure"; + # for ping probes + AmbientCapabilities = [ "CAP_NET_RAW" ]; }; }; From 157d7354d6e66153352e5ef2c054ef4398c67187 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Sat, 22 Aug 2020 11:31:34 +0100 Subject: [PATCH 2/5] nixos/telegraf: add environmentFile option --- .../modules/services/monitoring/telegraf.nix | 25 +++++++++++++++++-- 1 file changed, 23 insertions(+), 2 deletions(-) diff --git a/nixos/modules/services/monitoring/telegraf.nix b/nixos/modules/services/monitoring/telegraf.nix index c6b0b8906fd6..c0733f6b89cf 100644 --- a/nixos/modules/services/monitoring/telegraf.nix +++ b/nixos/modules/services/monitoring/telegraf.nix @@ -26,6 +26,19 @@ in { type = types.package; }; + environmentFile = mkOption { + type = types.nullOr types.path; + default = null; + example = "/run/keys/telegraf.env"; + description = '' + File to load as environment file. Environment variables + from this file will be interpolated into the config file + using envsubst with this syntax: + $ENVIRONMENT ''${VARIABLE} + This is useful to avoid putting secrets into the nix store. + ''; + }; + extraConfig = mkOption { default = {}; description = "Extra configuration options for telegraf"; @@ -51,15 +64,23 @@ in { ###### implementation config = mkIf config.services.telegraf.enable { - systemd.services.telegraf = { + systemd.services.telegraf = let + finalConfigFile = if config.services.telegraf.environmentFile == null + then configFile + else "/tmp/config.toml"; + in { description = "Telegraf Agent"; wantedBy = [ "multi-user.target" ]; after = [ "network-online.target" ]; serviceConfig = { - ExecStart=''${cfg.package}/bin/telegraf -config "${configFile}"''; + EnvironmentFile = config.services.telegraf.environmentFile; + ExecStartPre = lib.optional (config.services.telegraf.environmentFile != null) + ''${pkgs.envsubst}/bin/envsubst -o /tmp/config.toml -i "${configFile}"''; + ExecStart=''${cfg.package}/bin/telegraf -config ${finalConfigFile}''; ExecReload="${pkgs.coreutils}/bin/kill -HUP $MAINPID"; User = "telegraf"; Restart = "on-failure"; + PrivateTmp = true; # for ping probes AmbientCapabilities = [ "CAP_NET_RAW" ]; }; From 8edc4619abc884d97583c1ec714c9f7c795fbbac Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Tue, 8 Sep 2020 07:59:50 +0200 Subject: [PATCH 3/5] nixos/telegraf: switch to setting types This allows to split up configuration into multiple modules --- .../modules/services/monitoring/telegraf.nix | 21 ++++++++----------- nixos/tests/telegraf.nix | 5 ++++- 2 files changed, 13 insertions(+), 13 deletions(-) diff --git a/nixos/modules/services/monitoring/telegraf.nix b/nixos/modules/services/monitoring/telegraf.nix index c0733f6b89cf..12a360e7229a 100644 --- a/nixos/modules/services/monitoring/telegraf.nix +++ b/nixos/modules/services/monitoring/telegraf.nix @@ -5,14 +5,8 @@ with lib; let cfg = config.services.telegraf; - configFile = pkgs.runCommand "config.toml" { - buildInputs = [ pkgs.remarshal ]; - preferLocalBuild = true; - } '' - remarshal -if json -of toml \ - < ${pkgs.writeText "config.json" (builtins.toJSON cfg.extraConfig)} \ - > $out - ''; + settingsFormat = pkgs.formats.toml {}; + configFile = settingsFormat.generate "config.toml" cfg.extraConfig; in { ###### interface options = { @@ -42,7 +36,7 @@ in { extraConfig = mkOption { default = {}; description = "Extra configuration options for telegraf"; - type = types.attrs; + type = settingsFormat.type; example = { outputs = { influxdb = { @@ -67,7 +61,7 @@ in { systemd.services.telegraf = let finalConfigFile = if config.services.telegraf.environmentFile == null then configFile - else "/tmp/config.toml"; + else "/var/run/telegraf/config.toml"; in { description = "Telegraf Agent"; wantedBy = [ "multi-user.target" ]; @@ -75,12 +69,15 @@ in { serviceConfig = { EnvironmentFile = config.services.telegraf.environmentFile; ExecStartPre = lib.optional (config.services.telegraf.environmentFile != null) - ''${pkgs.envsubst}/bin/envsubst -o /tmp/config.toml -i "${configFile}"''; + (pkgs.writeShellScript "pre-start" '' + umask 077 + ${pkgs.envsubst}/bin/envsubst -i "${configFile}" > /var/run/telegraf/config.toml + ''); ExecStart=''${cfg.package}/bin/telegraf -config ${finalConfigFile}''; ExecReload="${pkgs.coreutils}/bin/kill -HUP $MAINPID"; + RuntimeDirectory = "telegraf"; User = "telegraf"; Restart = "on-failure"; - PrivateTmp = true; # for ping probes AmbientCapabilities = [ "CAP_NET_RAW" ]; }; diff --git a/nixos/tests/telegraf.nix b/nixos/tests/telegraf.nix index 73f741b11357..483a5ae7e540 100644 --- a/nixos/tests/telegraf.nix +++ b/nixos/tests/telegraf.nix @@ -6,12 +6,15 @@ import ./make-test-python.nix ({ pkgs, ...} : { machine = { ... }: { services.telegraf.enable = true; + services.telegraf.environmentFile = pkgs.writeText "secrets" '' + SECRET=example + ''; services.telegraf.extraConfig = { agent.interval = "1s"; agent.flush_interval = "1s"; inputs.exec = { commands = [ - "${pkgs.runtimeShell} -c 'echo example,tag=a i=42i'" + "${pkgs.runtimeShell} -c 'echo $SECRET,tag=a i=42i'" ]; timeout = "5s"; data_format = "influx"; From 7534d92648cc4a7c708718e72c21b9483aca385d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Thu, 12 Nov 2020 13:49:00 +0100 Subject: [PATCH 4/5] nixos/telegraf: allow multiple env files --- nixos/modules/services/monitoring/telegraf.nix | 12 ++++++------ nixos/tests/telegraf.nix | 4 ++-- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/nixos/modules/services/monitoring/telegraf.nix b/nixos/modules/services/monitoring/telegraf.nix index 12a360e7229a..1fc17ec72daf 100644 --- a/nixos/modules/services/monitoring/telegraf.nix +++ b/nixos/modules/services/monitoring/telegraf.nix @@ -20,9 +20,9 @@ in { type = types.package; }; - environmentFile = mkOption { - type = types.nullOr types.path; - default = null; + environmentFiles = mkOption { + type = types.nullOr (types.listOf types.path); + default = []; example = "/run/keys/telegraf.env"; description = '' File to load as environment file. Environment variables @@ -59,7 +59,7 @@ in { ###### implementation config = mkIf config.services.telegraf.enable { systemd.services.telegraf = let - finalConfigFile = if config.services.telegraf.environmentFile == null + finalConfigFile = if config.services.telegraf.environmentFiles == [] then configFile else "/var/run/telegraf/config.toml"; in { @@ -67,8 +67,8 @@ in { wantedBy = [ "multi-user.target" ]; after = [ "network-online.target" ]; serviceConfig = { - EnvironmentFile = config.services.telegraf.environmentFile; - ExecStartPre = lib.optional (config.services.telegraf.environmentFile != null) + EnvironmentFile = config.services.telegraf.environmentFiles; + ExecStartPre = lib.optional (config.services.telegraf.environmentFiles != []) (pkgs.writeShellScript "pre-start" '' umask 077 ${pkgs.envsubst}/bin/envsubst -i "${configFile}" > /var/run/telegraf/config.toml diff --git a/nixos/tests/telegraf.nix b/nixos/tests/telegraf.nix index 483a5ae7e540..938bbd518b5a 100644 --- a/nixos/tests/telegraf.nix +++ b/nixos/tests/telegraf.nix @@ -6,9 +6,9 @@ import ./make-test-python.nix ({ pkgs, ...} : { machine = { ... }: { services.telegraf.enable = true; - services.telegraf.environmentFile = pkgs.writeText "secrets" '' + services.telegraf.environmentFiles = [pkgs.writeText "secrets" '' SECRET=example - ''; + '']; services.telegraf.extraConfig = { agent.interval = "1s"; agent.flush_interval = "1s"; From b696d7962f4f2724918622fd086a781220fcfade Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Tue, 10 Nov 2020 09:26:41 +0100 Subject: [PATCH 5/5] telegraf: 1.15.2 -> 1.16.2 --- pkgs/servers/monitoring/telegraf/default.nix | 15 +++------------ 1 file changed, 3 insertions(+), 12 deletions(-) diff --git a/pkgs/servers/monitoring/telegraf/default.nix b/pkgs/servers/monitoring/telegraf/default.nix index a12b9e50adb5..fa94a3332a82 100644 --- a/pkgs/servers/monitoring/telegraf/default.nix +++ b/pkgs/servers/monitoring/telegraf/default.nix @@ -2,7 +2,7 @@ buildGoModule rec { pname = "telegraf"; - version = "1.15.2"; + version = "1.16.2"; excludedPackages = "test"; @@ -12,19 +12,10 @@ buildGoModule rec { owner = "influxdata"; repo = "telegraf"; rev = "v${version}"; - sha256 = "045wjpq29dr0s48ns3a4p8pw1j0ssfcw6m91iim4pkrppj7bm2di"; + sha256 = "sha256-XdlXUwGn2isGn7SqCGaAjntposBEd6WbbdfN6dEycDI="; }; - patches = [ - # https://github.com/influxdata/telegraf/pull/7988 - # fix broken cgo vendoring - (fetchpatch { - url = "https://github.com/influxdata/telegraf/commit/63e1f41d8ff246d191d008ff7f69d69cc34b4fae.patch"; - sha256 = "0ikifc4414bid3g6hhxz18cw71z63s5g805klx98vrndjlpbqkzw"; - }) - ]; - - vendorSha256 = "0f95xigpkindd7dmci8kqpqq5dlirimbqh8ai73142asbrd5h4yr"; + vendorSha256 = "02fqx817w6f9grfc69ri06a6qygbr5chan6w9waq2y0mxvmypz28"; buildFlagsArray = [ ''-ldflags= -w -s -X main.version=${version}