{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.graphite;
writeTextOrNull = f: t: mapNullable (pkgs.writeTextDir f) t;
dataDir = cfg.dataDir;
staticDir = cfg.dataDir + "/static";
graphiteLocalSettingsDir = pkgs.runCommand "graphite_local_settings" {
inherit graphiteLocalSettings;
preferLocalBuild = true;
} ''
mkdir -p $out
ln -s $graphiteLocalSettings $out/graphite_local_settings.py
'';
graphiteLocalSettings = pkgs.writeText "graphite_local_settings.py" (
"STATIC_ROOT = '${staticDir}'\n" +
optionalString (config.time.timeZone != null) "TIME_ZONE = '${config.time.timeZone}'\n"
+ cfg.web.extraConfig
);
graphiteApiConfig = pkgs.writeText "graphite-api.yaml" ''
search_index: ${dataDir}/index
${optionalString (config.time.timeZone != null) ''time_zone: ${config.time.timeZone}''}
${optionalString (cfg.api.finders != []) ''finders:''}
${concatMapStringsSep "\n" (f: " - " + f.moduleName) cfg.api.finders}
${optionalString (cfg.api.functions != []) ''functions:''}
${concatMapStringsSep "\n" (f: " - " + f) cfg.api.functions}
${cfg.api.extraConfig}
'';
seyrenConfig = {
SEYREN_URL = cfg.seyren.seyrenUrl;
MONGO_URL = cfg.seyren.mongoUrl;
GRAPHITE_URL = cfg.seyren.graphiteUrl;
} // cfg.seyren.extraConfig;
configDir = pkgs.buildEnv {
name = "graphite-config";
paths = lists.filter (el: el != null) [
(writeTextOrNull "carbon.conf" cfg.carbon.config)
(writeTextOrNull "storage-aggregation.conf" cfg.carbon.storageAggregation)
(writeTextOrNull "storage-schemas.conf" cfg.carbon.storageSchemas)
(writeTextOrNull "blacklist.conf" cfg.carbon.blacklist)
(writeTextOrNull "whitelist.conf" cfg.carbon.whitelist)
(writeTextOrNull "rewrite-rules.conf" cfg.carbon.rewriteRules)
(writeTextOrNull "relay-rules.conf" cfg.carbon.relayRules)
(writeTextOrNull "aggregation-rules.conf" cfg.carbon.aggregationRules)
];
};
carbonOpts = name: with config.ids; ''
--nodaemon --syslog --prefix=${name} --pidfile /run/${name}/${name}.pid ${name}
'';
carbonEnv = {
PYTHONPATH = let
cenv = pkgs.python3.buildEnv.override {
extraLibs = [ pkgs.python3Packages.carbon ];
};
in "${cenv}/${pkgs.python3.sitePackages}";
GRAPHITE_ROOT = dataDir;
GRAPHITE_CONF_DIR = configDir;
GRAPHITE_STORAGE_DIR = dataDir;
};
in {
imports = [
(mkRemovedOptionModule ["services" "graphite" "pager"] "")
];
###### interface
options.services.graphite = {
dataDir = mkOption {
type = types.path;
default = "/var/db/graphite";
description = ''
Data directory for graphite.
'';
};
web = {
enable = mkOption {
description = "Whether to enable graphite web frontend.";
default = false;
type = types.bool;
};
listenAddress = mkOption {
description = "Graphite web frontend listen address.";
default = "127.0.0.1";
type = types.str;
};
port = mkOption {
description = "Graphite web frontend port.";
default = 8080;
type = types.int;
};
extraConfig = mkOption {
type = types.str;
default = "";
description = ''
Graphite webapp settings. See:
'';
};
};
api = {
enable = mkOption {
description = ''
Whether to enable graphite api. Graphite api is lightweight alternative
to graphite web, with api and without dashboard. It's advised to use
grafana as alternative dashboard and influxdb as alternative to
graphite carbon.
For more information visit
'';
default = false;
type = types.bool;
};
finders = mkOption {
description = "List of finder plugins to load.";
default = [];
example = literalExample "[ pkgs.python3Packages.influxgraph ]";
type = types.listOf types.package;
};
functions = mkOption {
description = "List of functions to load.";
default = [
"graphite_api.functions.SeriesFunctions"
"graphite_api.functions.PieFunctions"
];
type = types.listOf types.str;
};
listenAddress = mkOption {
description = "Graphite web service listen address.";
default = "127.0.0.1";
type = types.str;
};
port = mkOption {
description = "Graphite api service port.";
default = 8080;
type = types.int;
};
package = mkOption {
description = "Package to use for graphite api.";
default = pkgs.python3Packages.graphite_api;
defaultText = "pkgs.python3Packages.graphite_api";
type = types.package;
};
extraConfig = mkOption {
description = "Extra configuration for graphite api.";
default = ''
whisper:
directories:
- ${dataDir}/whisper
'';
example = ''
allowed_origins:
- dashboard.example.com
cheat_times: true
influxdb:
host: localhost
port: 8086
user: influxdb
pass: influxdb
db: metrics
cache:
CACHE_TYPE: 'filesystem'
CACHE_DIR: '/tmp/graphite-api-cache'
'';
type = types.lines;
};
};
carbon = {
config = mkOption {
description = "Content of carbon configuration file.";
default = ''
[cache]
# Listen on localhost by default for security reasons
UDP_RECEIVER_INTERFACE = 127.0.0.1
PICKLE_RECEIVER_INTERFACE = 127.0.0.1
LINE_RECEIVER_INTERFACE = 127.0.0.1
CACHE_QUERY_INTERFACE = 127.0.0.1
# Do not log every update
LOG_UPDATES = False
LOG_CACHE_HITS = False
'';
type = types.str;
};
enableCache = mkOption {
description = "Whether to enable carbon cache, the graphite storage daemon.";
default = false;
type = types.bool;
};
storageAggregation = mkOption {
description = "Defines how to aggregate data to lower-precision retentions.";
default = null;
type = types.nullOr types.str;
example = ''
[all_min]
pattern = \.min$
xFilesFactor = 0.1
aggregationMethod = min
'';
};
storageSchemas = mkOption {
description = "Defines retention rates for storing metrics.";
default = "";
type = types.nullOr types.str;
example = ''
[apache_busyWorkers]
pattern = ^servers\.www.*\.workers\.busyWorkers$
retentions = 15s:7d,1m:21d,15m:5y
'';
};
blacklist = mkOption {
description = "Any metrics received which match one of the experssions will be dropped.";
default = null;
type = types.nullOr types.str;
example = "^some\\.noisy\\.metric\\.prefix\\..*";
};
whitelist = mkOption {
description = "Only metrics received which match one of the experssions will be persisted.";
default = null;
type = types.nullOr types.str;
example = ".*";
};
rewriteRules = mkOption {
description = ''
Regular expression patterns that can be used to rewrite metric names
in a search and replace fashion.
'';
default = null;
type = types.nullOr types.str;
example = ''
[post]
_sum$ =
_avg$ =
'';
};
enableRelay = mkOption {
description = "Whether to enable carbon relay, the carbon replication and sharding service.";
default = false;
type = types.bool;
};
relayRules = mkOption {
description = "Relay rules are used to send certain metrics to a certain backend.";
default = null;
type = types.nullOr types.str;
example = ''
[example]
pattern = ^mydata\.foo\..+
servers = 10.1.2.3, 10.1.2.4:2004, myserver.mydomain.com
'';
};
enableAggregator = mkOption {
description = "Whether to enable carbon aggregator, the carbon buffering service.";
default = false;
type = types.bool;
};
aggregationRules = mkOption {
description = "Defines if and how received metrics will be aggregated.";
default = null;
type = types.nullOr types.str;
example = ''
.applications..all.requests (60) = sum .applications..*.requests
.applications..all.latency (60) = avg .applications..*.latency
'';
};
};
seyren = {
enable = mkOption {
description = "Whether to enable seyren service.";
default = false;
type = types.bool;
};
port = mkOption {
description = "Seyren listening port.";
default = 8081;
type = types.int;
};
seyrenUrl = mkOption {
default = "http://localhost:${toString cfg.seyren.port}/";
description = "Host where seyren is accessible.";
type = types.str;
};
graphiteUrl = mkOption {
default = "http://${cfg.web.listenAddress}:${toString cfg.web.port}";
description = "Host where graphite service runs.";
type = types.str;
};
mongoUrl = mkOption {
default = "mongodb://${config.services.mongodb.bind_ip}:27017/seyren";
description = "Mongodb connection string.";
type = types.str;
};
extraConfig = mkOption {
default = {};
description = ''
Extra seyren configuration. See
'';
type = types.attrsOf types.str;
example = literalExample ''
{
GRAPHITE_USERNAME = "user";
GRAPHITE_PASSWORD = "pass";
}
'';
};
};
beacon = {
enable = mkEnableOption "graphite beacon";
config = mkOption {
description = "Graphite beacon configuration.";
default = {};
type = types.attrs;
};
};
};
###### implementation
config = mkMerge [
(mkIf cfg.carbon.enableCache {
systemd.services.carbonCache = let name = "carbon-cache"; in {
description = "Graphite Data Storage Backend";
wantedBy = [ "multi-user.target" ];
after = [ "network.target" ];
environment = carbonEnv;
serviceConfig = {
RuntimeDirectory = name;
ExecStart = "${pkgs.python3Packages.twisted}/bin/twistd ${carbonOpts name}";
User = "graphite";
Group = "graphite";
PermissionsStartOnly = true;
PIDFile="/run/${name}/${name}.pid";
};
preStart = ''
install -dm0700 -o graphite -g graphite ${cfg.dataDir}
install -dm0700 -o graphite -g graphite ${cfg.dataDir}/whisper
'';
};
})
(mkIf cfg.carbon.enableAggregator {
systemd.services.carbonAggregator = let name = "carbon-aggregator"; in {
enable = cfg.carbon.enableAggregator;
description = "Carbon Data Aggregator";
wantedBy = [ "multi-user.target" ];
after = [ "network.target" ];
environment = carbonEnv;
serviceConfig = {
RuntimeDirectory = name;
ExecStart = "${pkgs.python3Packages.twisted}/bin/twistd ${carbonOpts name}";
User = "graphite";
Group = "graphite";
PIDFile="/run/${name}/${name}.pid";
};
};
})
(mkIf cfg.carbon.enableRelay {
systemd.services.carbonRelay = let name = "carbon-relay"; in {
description = "Carbon Data Relay";
wantedBy = [ "multi-user.target" ];
after = [ "network.target" ];
environment = carbonEnv;
serviceConfig = {
RuntimeDirectory = name;
ExecStart = "${pkgs.python3Packages.twisted}/bin/twistd ${carbonOpts name}";
User = "graphite";
Group = "graphite";
PIDFile="/run/${name}/${name}.pid";
};
};
})
(mkIf (cfg.carbon.enableCache || cfg.carbon.enableAggregator || cfg.carbon.enableRelay) {
environment.systemPackages = [
pkgs.python3Packages.carbon
];
})
(mkIf cfg.web.enable ({
systemd.services.graphiteWeb = {
description = "Graphite Web Interface";
wantedBy = [ "multi-user.target" ];
after = [ "network.target" ];
path = [ pkgs.perl ];
environment = {
PYTHONPATH = let
penv = pkgs.python3.buildEnv.override {
extraLibs = [
pkgs.python3Packages.graphite-web
];
};
penvPack = "${penv}/${pkgs.python3.sitePackages}";
in concatStringsSep ":" [
"${graphiteLocalSettingsDir}"
"${penvPack}"
# explicitly adding pycairo in path because it cannot be imported via buildEnv
"${pkgs.python3Packages.pycairo}/${pkgs.python3.sitePackages}"
];
DJANGO_SETTINGS_MODULE = "graphite.settings";
GRAPHITE_SETTINGS_MODULE = "graphite_local_settings";
GRAPHITE_CONF_DIR = configDir;
GRAPHITE_STORAGE_DIR = dataDir;
LD_LIBRARY_PATH = "${pkgs.cairo.out}/lib";
};
serviceConfig = {
ExecStart = ''
${pkgs.python3Packages.waitress-django}/bin/waitress-serve-django \
--host=${cfg.web.listenAddress} --port=${toString cfg.web.port}
'';
User = "graphite";
Group = "graphite";
PermissionsStartOnly = true;
};
preStart = ''
if ! test -e ${dataDir}/db-created; then
mkdir -p ${dataDir}/{whisper/,log/webapp/}
chmod 0700 ${dataDir}/{whisper/,log/webapp/}
${pkgs.python3Packages.django}/bin/django-admin.py migrate --noinput
chown -R graphite:graphite ${dataDir}
touch ${dataDir}/db-created
fi
# Only collect static files when graphite_web changes.
if ! [ "${dataDir}/current_graphite_web" -ef "${pkgs.python3Packages.graphite-web}" ]; then
mkdir -p ${staticDir}
${pkgs.python3Packages.django}/bin/django-admin.py collectstatic --noinput --clear
chown -R graphite:graphite ${staticDir}
ln -sfT "${pkgs.python3Packages.graphite-web}" "${dataDir}/current_graphite_web"
fi
'';
};
environment.systemPackages = [ pkgs.python3Packages.graphite-web ];
}))
(mkIf cfg.api.enable {
systemd.services.graphiteApi = {
description = "Graphite Api Interface";
wantedBy = [ "multi-user.target" ];
after = [ "network.target" ];
environment = {
PYTHONPATH = let
aenv = pkgs.python3.buildEnv.override {
extraLibs = [ cfg.api.package pkgs.cairo pkgs.python3Packages.cffi ] ++ cfg.api.finders;
};
in "${aenv}/${pkgs.python3.sitePackages}";
GRAPHITE_API_CONFIG = graphiteApiConfig;
LD_LIBRARY_PATH = "${pkgs.cairo.out}/lib";
};
serviceConfig = {
ExecStart = ''
${pkgs.python3Packages.waitress}/bin/waitress-serve \
--host=${cfg.api.listenAddress} --port=${toString cfg.api.port} \
graphite_api.app:app
'';
User = "graphite";
Group = "graphite";
PermissionsStartOnly = true;
};
preStart = ''
if ! test -e ${dataDir}/db-created; then
mkdir -p ${dataDir}/cache/
chmod 0700 ${dataDir}/cache/
chown graphite:graphite ${cfg.dataDir}
chown -R graphite:graphite ${cfg.dataDir}/cache
touch ${dataDir}/db-created
fi
'';
};
})
(mkIf cfg.seyren.enable {
systemd.services.seyren = {
description = "Graphite Alerting Dashboard";
wantedBy = [ "multi-user.target" ];
after = [ "network.target" "mongodb.service" ];
environment = seyrenConfig;
serviceConfig = {
ExecStart = "${pkgs.seyren}/bin/seyren -httpPort ${toString cfg.seyren.port}";
WorkingDirectory = dataDir;
User = "graphite";
Group = "graphite";
};
preStart = ''
if ! test -e ${dataDir}/db-created; then
mkdir -p ${dataDir}
chown graphite:graphite ${dataDir}
fi
'';
};
services.mongodb.enable = mkDefault true;
})
(mkIf cfg.beacon.enable {
systemd.services.graphite-beacon = {
description = "Grpahite Beacon Alerting Daemon";
wantedBy = [ "multi-user.target" ];
serviceConfig = {
ExecStart = ''
${pkgs.python3Packages.graphite_beacon}/bin/graphite-beacon \
--config=${pkgs.writeText "graphite-beacon.json" (builtins.toJSON cfg.beacon.config)}
'';
User = "graphite";
Group = "graphite";
};
};
})
(mkIf (
cfg.carbon.enableCache || cfg.carbon.enableAggregator || cfg.carbon.enableRelay ||
cfg.web.enable || cfg.api.enable ||
cfg.seyren.enable || cfg.beacon.enable
) {
users.users.graphite = {
uid = config.ids.uids.graphite;
description = "Graphite daemon user";
home = dataDir;
};
users.groups.graphite.gid = config.ids.gids.graphite;
})
];
}