nixpkgs/nixos/modules/services/monitoring/nagios.nix

202 lines
5.7 KiB
Nix

# Nagios system/network monitoring daemon.
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.nagios;
nagiosState = "/var/lib/nagios";
nagiosLogDir = "/var/log/nagios";
urlPath = "/nagios";
nagiosObjectDefs = cfg.objectDefs;
nagiosObjectDefsDir = pkgs.runCommand "nagios-objects" {
inherit nagiosObjectDefs;
preferLocalBuild = true;
} "mkdir -p $out; ln -s $nagiosObjectDefs $out/";
nagiosCfgFile = pkgs.writeText "nagios.cfg"
''
# Paths for state and logs.
log_file=${nagiosLogDir}/current
log_archive_path=${nagiosLogDir}/archive
status_file=${nagiosState}/status.dat
object_cache_file=${nagiosState}/objects.cache
temp_file=${nagiosState}/nagios.tmp
lock_file=/run/nagios.lock # Not used I think.
state_retention_file=${nagiosState}/retention.dat
query_socket=${nagiosState}/nagios.qh
check_result_path=${nagiosState}
command_file=${nagiosState}/nagios.cmd
# Configuration files.
#resource_file=resource.cfg
cfg_dir=${nagiosObjectDefsDir}
# Uid/gid that the daemon runs under.
nagios_user=nagios
nagios_group=nagios
# Misc. options.
illegal_macro_output_chars=`~$&|'"<>
retain_state_information=1
''; # "
# Plain configuration for the Nagios web-interface with no
# authentication.
nagiosCGICfgFile = pkgs.writeText "nagios.cgi.conf"
''
main_config_file=${cfg.mainConfigFile}
use_authentication=0
url_html_path=${urlPath}
'';
extraHttpdConfig =
''
ScriptAlias ${urlPath}/cgi-bin ${pkgs.nagios}/sbin
<Directory "${pkgs.nagios}/sbin">
Options ExecCGI
Require all granted
SetEnv NAGIOS_CGI_CONFIG ${cfg.cgiConfigFile}
</Directory>
Alias ${urlPath} ${pkgs.nagios}/share
<Directory "${pkgs.nagios}/share">
Options None
Require all granted
</Directory>
'';
in
{
imports = [
(mkRemovedOptionModule [ "services" "nagios" "urlPath" ] "The urlPath option has been removed as it is hard coded to /nagios in the nagios package.")
];
options = {
services.nagios = {
enable = mkOption {
default = false;
description = "
Whether to use <link
xlink:href='http://www.nagios.org/'>Nagios</link> to monitor
your system or network.
";
};
objectDefs = mkOption {
description = "
A list of Nagios object configuration files that must define
the hosts, host groups, services and contacts for the
network that you want Nagios to monitor.
";
};
plugins = mkOption {
type = types.listOf types.package;
default = [pkgs.nagiosPluginsOfficial pkgs.ssmtp];
defaultText = "[pkgs.nagiosPluginsOfficial pkgs.ssmtp]";
description = "
Packages to be added to the Nagios <envar>PATH</envar>.
Typically used to add plugins, but can be anything.
";
};
mainConfigFile = mkOption {
type = types.package;
default = nagiosCfgFile;
defaultText = "nagiosCfgFile";
description = "
Derivation for the main configuration file of Nagios.
";
};
cgiConfigFile = mkOption {
type = types.package;
default = nagiosCGICfgFile;
defaultText = "nagiosCGICfgFile";
description = "
Derivation for the configuration file of Nagios CGI scripts
that can be used in web servers for running the Nagios web interface.
";
};
enableWebInterface = mkOption {
default = false;
description = "
Whether to enable the Nagios web interface. You should also
enable Apache (<option>services.httpd.enable</option>).
";
};
virtualHost = mkOption {
type = types.submodule (import ../web-servers/apache-httpd/per-server-options.nix);
example = literalExample ''
{ hostName = "example.org";
adminAddr = "webmaster@example.org";
enableSSL = true;
sslServerCert = "/var/lib/acme/example.org/full.pem";
sslServerKey = "/var/lib/acme/example.org/key.pem";
}
'';
description = ''
Apache configuration can be done by adapting <option>services.httpd.virtualHosts</option>.
See <xref linkend="opt-services.httpd.virtualHosts"/> for further information.
'';
};
};
};
config = mkIf cfg.enable {
users.users.nagios = {
description = "Nagios user ";
uid = config.ids.uids.nagios;
home = nagiosState;
group = "nagios";
};
users.groups.nagios = { };
# This isn't needed, it's just so that the user can type "nagiostats
# -c /etc/nagios.cfg".
environment.etc = [
{ source = cfg.mainConfigFile;
target = "nagios.cfg";
}
];
environment.systemPackages = [ pkgs.nagios ];
systemd.services.nagios = {
description = "Nagios monitoring daemon";
path = [ pkgs.nagios ];
wantedBy = [ "multi-user.target" ];
after = [ "network.target" ];
serviceConfig = {
User = "nagios";
Group = "nagios";
Restart = "always";
RestartSec = 2;
LogsDirectory = "nagios";
StateDirectory = "nagios";
};
script = ''
for i in ${toString cfg.plugins}; do
export PATH=$i/bin:$i/sbin:$i/libexec:$PATH
done
exec ${pkgs.nagios}/bin/nagios ${cfg.mainConfigFile}
'';
};
services.httpd.virtualHosts = optionalAttrs cfg.enableWebInterface {
${cfg.virtualHost.hostName} = mkMerge [ cfg.virtualHost { extraConfig = extraHttpdConfig; } ];
};
};
}