diff options
Diffstat (limited to 'gnu/services')
-rw-r--r-- | gnu/services/monitoring.scm | 191 |
1 files changed, 190 insertions, 1 deletions
diff --git a/gnu/services/monitoring.scm b/gnu/services/monitoring.scm index aa3b63a0e4..cb1f71ebff 100644 --- a/gnu/services/monitoring.scm +++ b/gnu/services/monitoring.scm @@ -1,6 +1,7 @@ ;;; GNU Guix --- Functional package management for GNU ;;; Copyright © 2018 Sou Bunnbu <iyzsong@member.fsf.org> ;;; Copyright © 2018 Gábor Boskovits <boskovits@gmail.com> +;;; Copyright © 2018 Oleg Pykhalov <go.wigust@gmail.com> ;;; ;;; This file is part of GNU Guix. ;;; @@ -19,17 +20,23 @@ (define-module (gnu services monitoring) #:use-module (gnu services) + #:use-module (gnu services configuration) #:use-module (gnu services shepherd) #:use-module (gnu packages admin) #:use-module (gnu packages monitoring) #:use-module (gnu system shadow) #:use-module (guix gexp) + #:use-module (guix packages) #:use-module (guix records) #:use-module (ice-9 match) + #:use-module (srfi srfi-26) #:export (darkstat-configuration prometheus-node-exporter-configuration darkstat-service-type - prometheus-node-exporter-service-type)) + prometheus-node-exporter-service-type + + zabbix-server-configuration + zabbix-server-service-type)) ;;; @@ -125,3 +132,185 @@ prometheus.") (list (service-extension shepherd-root-service-type (compose list prometheus-node-exporter-shepherd-service)))))) + + +;;; +;;; Zabbix server +;;; + +(define (uglify-field-name field-name) + (apply string-append + (map (lambda (str) + (if (member (string->symbol str) '(ca db ssl)) + (string-upcase str) + (string-capitalize str))) + (string-split (string-delete #\? + (symbol->string field-name)) + #\-)))) + +(define (serialize-field field-name val) + (format #t "~a=~a~%" (uglify-field-name field-name) val)) + +(define (serialize-number field-name val) + (serialize-field field-name (number->string val))) + +(define (serialize-list field-name val) + (if (null? val) "" (serialize-field field-name (string-join val ",")))) + +(define (serialize-string field-name val) + (if (and (string? val) (string=? val "")) + "" + (serialize-field field-name val))) + +(define group? string?) + +(define serialize-group + (const "")) + +(define include-files? list?) + +(define (serialize-include-files field-name val) + (if (null? val) "" (for-each (cut serialize-field 'include <>) val))) + +(define extra-options? string?) + +(define (serialize-extra-options field-name val) + (if (null? val) "" (display val))) + +(define-configuration zabbix-server-configuration + (zabbix-server + (package zabbix-server) + "The zabbix-server package.") + (user + (string "zabbix") + "User who will run the Zabbix server.") + (group ;for zabbix-server-account procedure + (group "zabbix") + "Group who will run the Zabbix server.") + (db-host + (string "127.0.0.1") + "Database host name.") + (db-name + (string "zabbix") + "Database name.") + (db-user + (string "zabbix") + "Database user.") + (db-password + (string "") + "Database password. Please, use @code{include-files} with +@code{DBPassword=SECRET} inside a specified file instead.") + (db-port + (number 5432) + "Database port.") + (log-type + (string "") + "Specifies where log messages are written to: +@itemize +@item @code{system} - syslog. +@item @code{file} - file specified with @code{log-file} parameter. +@item @code{console} - standard output. +@end itemize\n") + (log-file + (string "/var/log/zabbix/server.log") + "Log file name for @code{log-type} @code{file} parameter.") + (pid-file + (string "/var/run/zabbix/zabbix_server.pid") + "Name of PID file.") + (ssl-ca-location + (string "/etc/ssl/certs/ca-certificates.crt") + "The location of certificate authority (CA) files for SSL server +certificate verification.") + (ssl-cert-location + (string "/etc/ssl/certs") + "Location of SSL client certificates.") + (extra-options + (extra-options "") + "Extra options will be appended to Zabbix server configuration file.") + (include-files + (include-files '()) + "You may include individual files or all files in a directory in the +configuration file.")) + +(define (zabbix-server-account config) + "Return the user accounts and user groups for CONFIG." + (let ((zabbix-user (zabbix-server-configuration-user config)) + (zabbix-group (zabbix-server-configuration-group config))) + (list (user-group (name zabbix-group) (system? #t)) + (user-account + (name zabbix-user) + (system? #t) + (group zabbix-group) + (comment "zabbix privilege separation user") + (home-directory (string-append "/var/run/" zabbix-user)) + (shell #~(string-append #$shadow "/sbin/nologin")))))) + +(define (zabbix-server-config-file config) + "Return the zabbix-server configuration file corresponding to CONFIG." + (computed-file + "zabbix_server.conf" + #~(begin + (call-with-output-file #$output + (lambda (port) + (display "# Generated by 'zabbix-server-service'.\n" port) + (display #$(with-output-to-string + (lambda () + (serialize-configuration + config zabbix-server-configuration-fields))) + port) + #t))))) + +(define (zabbix-server-activation config) + "Return the activation gexp for CONFIG." + (with-imported-modules '((guix build utils) + (ice-9 rdelim)) + #~(begin + (use-modules (guix build utils) + (ice-9 rdelim)) + (let ((user (getpw #$(zabbix-server-configuration-user config)))) + (for-each (lambda (file) + (let ((directory (dirname file))) + (mkdir-p directory) + (chown directory (passwd:uid user) (passwd:gid user)) + (chmod directory #o755))) + (list #$(zabbix-server-configuration-log-file config) + #$(zabbix-server-configuration-pid-file config) + "/etc/zabbix/maintenance.inc.php")))))) + +(define (zabbix-server-shepherd-service config) + "Return a <shepherd-service> for Zabbix server with CONFIG." + (list (shepherd-service + (provision '(zabbix-server)) + (documentation "Run Zabbix server daemon.") + (start #~(make-forkexec-constructor + (list #$(file-append (zabbix-server-configuration-zabbix-server config) + "/sbin/zabbix_server") + "--config" #$(zabbix-server-config-file config) + "--foreground") + #:user #$(zabbix-server-configuration-user config) + #:group #$(zabbix-server-configuration-group config) + #:pid-file #$(zabbix-server-configuration-pid-file config) + #:environment-variables + (list "SSL_CERT_DIR=/run/current-system/profile\ +/etc/ssl/certs" + "SSL_CERT_FILE=/run/current-system/profile\ +/etc/ssl/certs/ca-certificates.crt"))) + (stop #~(make-kill-destructor))))) + +(define zabbix-server-service-type + (service-type + (name 'zabbix-server) + (extensions + (list (service-extension shepherd-root-service-type + zabbix-server-shepherd-service) + (service-extension account-service-type + zabbix-server-account) + (service-extension activation-service-type + zabbix-server-activation))) + (default-value (zabbix-server-configuration)))) + +(define (generate-zabbix-server-documentation) + (generate-documentation + `((zabbix-server-configuration + ,zabbix-server-configuration-fields)) + 'zabbix-server-configuration)) |