mirror of
https://github.com/NixOS/nixpkgs.git
synced 2025-11-10 17:54:53 +01:00
71 lines
1.6 KiB
Nix
71 lines
1.6 KiB
Nix
{
|
|
config,
|
|
lib,
|
|
pkgs,
|
|
...
|
|
}:
|
|
|
|
let
|
|
cfg = config.services.prometheus.exporters.node-cert;
|
|
inherit (lib) mkOption types concatStringsSep;
|
|
in
|
|
{
|
|
port = 9141;
|
|
|
|
extraOpts = {
|
|
paths = mkOption {
|
|
type = types.listOf types.str;
|
|
description = ''
|
|
List of paths to search for SSL certificates.
|
|
'';
|
|
};
|
|
|
|
excludePaths = mkOption {
|
|
type = types.listOf types.str;
|
|
description = ''
|
|
List of paths to exclute from searching for SSL certificates.
|
|
'';
|
|
default = [ ];
|
|
};
|
|
|
|
includeGlobs = mkOption {
|
|
type = types.listOf types.str;
|
|
description = ''
|
|
List files matching a pattern to include. Uses Go blob pattern.
|
|
'';
|
|
default = [ ];
|
|
};
|
|
|
|
excludeGlobs = mkOption {
|
|
type = types.listOf types.str;
|
|
description = ''
|
|
List files matching a pattern to include. Uses Go blob pattern.
|
|
'';
|
|
default = [ ];
|
|
};
|
|
|
|
user = mkOption {
|
|
type = types.str;
|
|
description = ''
|
|
User owning the certs.
|
|
'';
|
|
default = "acme";
|
|
};
|
|
};
|
|
|
|
serviceOpts = {
|
|
serviceConfig = {
|
|
User = cfg.user;
|
|
ExecStart = ''
|
|
${lib.getExe pkgs.prometheus-node-cert-exporter} \
|
|
--listen ${toString cfg.listenAddress}:${toString cfg.port} \
|
|
--path ${concatStringsSep "," cfg.paths} \
|
|
--exclude-path "${concatStringsSep "," cfg.excludePaths}" \
|
|
--include-glob "${concatStringsSep "," cfg.includeGlobs}" \
|
|
--exclude-glob "${concatStringsSep "," cfg.excludeGlobs}" \
|
|
${concatStringsSep " \\\n " cfg.extraFlags}
|
|
'';
|
|
};
|
|
};
|
|
}
|