forked from NixOS/nixpkgs
-
Notifications
You must be signed in to change notification settings - Fork 0
/
unifi-poller.nix
136 lines (125 loc) · 4.43 KB
/
unifi-poller.nix
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
{ config, pkgs, lib, ... }:
with lib;
let
cfg = config.services.unifi-poller;
controllerConfig = types.submodule {
options = {
role = mkOption {
type = types.nullOr types.str;
description = "Role allows grouping of controllers. By default grouping is done on the URL.";
default = null;
};
url = mkOption {
type = types.str;
description = "URL of the Unifi controller.";
example = "https://127.0.0.1:8443";
};
username = mkOption {
type = types.str;
description = "Username used to access the unifi controller. The user needs read access.";
example = "unifipoller";
};
passwordFile = mkOption {
description = "File that containts the password to access the unifi controller.";
type = types.path;
};
verifySSL = mkOption {
description = "Wheter to verify the TLS certificate of the unifi controller.";
type = types.bool;
default = false;
};
};
};
controllerToEnv = i: controller: (''
# Controller ${toString i}
export UP_UNIFI_CONTROLLER_${toString i}_URL="${controller.url}"
export UP_UNIFI_CONTROLLER_${toString i}_USER="${controller.username}"
export UP_UNIFI_CONTROLLER_${toString i}_PASS="$(cat ${escapeShellArg controller.passwordFile})"
export UP_UNIFI_CONTROLLER_${toString i}_VERIFY_SSL="${if controller.verifySSL then "true" else "false"}"
''
+ lib.optionalString (controller.role != null) ''
export UP_UNIFI_CONTROLLER_${toString i}_ROLE="${controller.role}"
'');
controllerEnvOptions = foldr (l: r: l + r) "" (imap0 controllerToEnv cfg.controllers);
influxdbEnvOptions = optionalString (cfg.influxdb.url != null) ''
# InfluxDB
export UP_INFLUXDB_URL="${cfg.influxdb.url}"
export UP_INFLUXDB_DB="${cfg.influxdb.db}"
export UP_INFLUXDB_USER="${cfg.influxdb.username}"
export UP_INFLUXDB_PASS="$(cat ${escapeShellArg cfg.influxdb.passwordFile})"
export UP_INFLUXDB_INTERVAL="${cfg.influxdb.interval}"
'';
prometheusEnvOptions = ''
# Prometheus
export UP_PROMETHEUS_DISABLE="${if cfg.prometheus.enable then "false" else "true"}"
export UP_PROMETHEUS_HTTP_LISTEN="${cfg.prometheus.httpListen}"
'';
in {
options = {
services.unifi-poller = {
enable = mkEnableOption "unifi-poller service";
controllers = mkOption {
description = "Unifi controller configuration";
type = types.listOf controllerConfig;
};
prometheus = {
enable = mkOption {
description = "Enable the prometheus exporter.";
type = types.bool;
default = true;
};
httpListen = mkOption {
description = "Address and port to listen for incomming prometheus requests.";
type = types.str;
default = "0.0.0.0:9130";
};
};
influxdb = {
url = mkOption {
type = types.nullOr types.str;
description = "URL of the influx database server.";
example = "http://127.0.0.1:8086";
default = null;
};
db = mkOption {
type = types.str;
description = "Name of influx database. Must already exist and be writable.";
default = "unifi";
};
username = mkOption {
type = types.str;
description = "Username to access the influx database.";
};
passwordFile = mkOption {
description = "File that containts the password to access the influx database.";
type = types.path;
};
interval = mkOption {
type = types.str;
description = "How often to poll and collect metrics.";
example = "1m";
default = "30s";
};
};
};
};
config = mkIf cfg.enable {
systemd.services.unifi-poller = {
description = "Unifi poller service";
wantedBy = ["multi-user.target"];
after = ["networking.target"];
script = ''
${prometheusEnvOptions}
${controllerEnvOptions}
${influxdbEnvOptions}
# We configure unifi-poller via env variable, but it still tries to load a config file from /etc
# so we pass /dev/null as config file which is sufficient as the content of the file is not used.
exec ${pkgs.unifi-poller}/bin/unifi-poller -c /dev/null
'';
serviceConfig = {
DynamicUser = true;
};
};
};
meta.maintainers = with lib.maintainers; [ bachp ];
}