nixos: introduce a service for prometheus-tailscale-exporter
Signed-off-by: squat <lserven@gmail.com>
This commit is contained in:
squat
@@ -144,6 +144,8 @@
|
|||||||
|
|
||||||
- [conman](https://github.com/dun/conman), a serial console management program. Available as [services.conman](#opt-services.conman.enable).
|
- [conman](https://github.com/dun/conman), a serial console management program. Available as [services.conman](#opt-services.conman.enable).
|
||||||
|
|
||||||
|
- [Prometheus Tailscale Exporter](https://github.com/adinhodovic/tailscale-exporter), a Prometheus exporter for Tailscale Tailnet metrics.
|
||||||
|
|
||||||
- [KMinion](https://github.com/redpanda-data/kminion), feature-rich Prometheus exporter for Apache Kafka. Available as [services.prometheus.exporters.kafka](options.html#opt-services.prometheus.exporters.kafka).
|
- [KMinion](https://github.com/redpanda-data/kminion), feature-rich Prometheus exporter for Apache Kafka. Available as [services.prometheus.exporters.kafka](options.html#opt-services.prometheus.exporters.kafka).
|
||||||
|
|
||||||
- [Spoolman](https://github.com/Donkie/Spoolman), a inventory management system for Filament spools. Available as [services.spoolman](#opt-services.spoolman.enable).
|
- [Spoolman](https://github.com/Donkie/Spoolman), a inventory management system for Filament spools. Available as [services.spoolman](#opt-services.spoolman.enable).
|
||||||
|
|||||||
@@ -127,6 +127,7 @@ let
|
|||||||
"storagebox"
|
"storagebox"
|
||||||
"surfboard"
|
"surfboard"
|
||||||
"systemd"
|
"systemd"
|
||||||
|
"tailscale"
|
||||||
"tibber"
|
"tibber"
|
||||||
"unbound"
|
"unbound"
|
||||||
"unpoller"
|
"unpoller"
|
||||||
|
|||||||
@@ -0,0 +1,47 @@
|
|||||||
|
{
|
||||||
|
config,
|
||||||
|
lib,
|
||||||
|
pkgs,
|
||||||
|
utils,
|
||||||
|
...
|
||||||
|
}:
|
||||||
|
|
||||||
|
let
|
||||||
|
inherit (lib)
|
||||||
|
getExe
|
||||||
|
mkOption
|
||||||
|
mkPackageOption
|
||||||
|
types
|
||||||
|
;
|
||||||
|
|
||||||
|
inherit (utils) escapeSystemdExecArgs;
|
||||||
|
|
||||||
|
cfg = config.services.prometheus.exporters.tailscale;
|
||||||
|
in
|
||||||
|
{
|
||||||
|
port = 9250;
|
||||||
|
extraOpts = with types; {
|
||||||
|
package = mkPackageOption pkgs "prometheus-tailscale-exporter" { };
|
||||||
|
environmentFile = mkOption {
|
||||||
|
type = path;
|
||||||
|
description = ''
|
||||||
|
Environment file containg at least the TAILSCALE_TAILNET,
|
||||||
|
TAILSCALE_OAUTH_CLIENT_ID, and TAILSCALE_OAUTH_CLIENT_SECRET
|
||||||
|
environment variables.
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
};
|
||||||
|
serviceOpts = {
|
||||||
|
serviceConfig = {
|
||||||
|
EnvironmentFile = cfg.environmentFile;
|
||||||
|
ExecStart = escapeSystemdExecArgs (
|
||||||
|
[
|
||||||
|
(getExe cfg.package)
|
||||||
|
"--listen-address"
|
||||||
|
"${cfg.listenAddress}:${toString cfg.port}"
|
||||||
|
]
|
||||||
|
++ cfg.extraFlags
|
||||||
|
);
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
||||||
@@ -1760,6 +1760,51 @@ let
|
|||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
|
|
||||||
|
tailscale = {
|
||||||
|
exporterConfig = {
|
||||||
|
package = pkgs.prometheus-tailscale-exporter.overrideAttrs {
|
||||||
|
patches = [
|
||||||
|
# This patch prevents the exporter from exiting immediately upon
|
||||||
|
# startup when no credentials are provided, which is useful for
|
||||||
|
# testing the NixOS module.
|
||||||
|
(pkgs.writeText "allow-running-without-credentials" ''
|
||||||
|
diff --git a/cmd/tailscale-exporter/root.go b/cmd/tailscale-exporter/root.go
|
||||||
|
index 2ff11cb..2fb576f 100644
|
||||||
|
--- a/cmd/tailscale-exporter/root.go
|
||||||
|
+++ b/cmd/tailscale-exporter/root.go
|
||||||
|
@@ -137,14 +137,6 @@ func runExporter(cmd *cobra.Command, args []string) error {
|
||||||
|
''\t// Create HTTP client that automatically handles token refresh
|
||||||
|
''\thttpClient := oauthConfig.Client(context.Background())
|
||||||
|
|
||||||
|
-''\t// Test OAuth token generation
|
||||||
|
-''\ttoken, err := oauthConfig.Token(context.Background())
|
||||||
|
-''\tif err != nil {
|
||||||
|
-''\t''\treturn fmt.Errorf("failed to obtain OAuth token: %w", err)
|
||||||
|
-''\t}
|
||||||
|
-''\tlogger.Info("OAuth token obtained", "token_type", token.TokenType)
|
||||||
|
-''\tlogger.Info("Successfully obtained OAuth token", "expires", token.Expiry)
|
||||||
|
-
|
||||||
|
''\t// Default labels for all metrics
|
||||||
|
''\tdefaultLabels := prometheus.Labels{"tailnet": tailnet}
|
||||||
|
''\treg := prometheus.WrapRegistererWith(
|
||||||
|
'')
|
||||||
|
];
|
||||||
|
};
|
||||||
|
enable = true;
|
||||||
|
environmentFile = pkgs.writeText "tailscale-exporter-env" ''
|
||||||
|
TAILSCALE_OAUTH_CLIENT_ID=12345678
|
||||||
|
TAILSCALE_OAUTH_CLIENT_SECRET=12345678
|
||||||
|
TAILSCALE_TAILNET=example.com
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
|
exporterTest = ''
|
||||||
|
wait_for_unit("prometheus-tailscale-exporter.service")
|
||||||
|
wait_for_open_port(9250)
|
||||||
|
succeed("curl -sSf localhost:9250/metrics | grep 'tailscale_up{tailnet=\"example.com\"} 1'")
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
unpoller = {
|
unpoller = {
|
||||||
nodeName = "unpoller";
|
nodeName = "unpoller";
|
||||||
exporterConfig.enable = true;
|
exporterConfig.enable = true;
|
||||||
|
|||||||
Reference in New Issue
Block a user