From 188526da3da7162be11e7cc4e46e64d4279b834b Mon Sep 17 00:00:00 2001
From: Franz Pletz <fpletz@fnordicwalking.de>
Date: Wed, 15 Feb 2017 06:34:20 +0100
Subject: [PATCH] prometheus.blackboxExporter service: add CAP_NET_RAW

The blackbox-exporter for prometheus needs CAP_NET_RAW for sending icmp
probes.
---
 .../modules/services/monitoring/prometheus/blackbox-exporter.nix | 1 +
 1 file changed, 1 insertion(+)

diff --git a/nixos/modules/services/monitoring/prometheus/blackbox-exporter.nix b/nixos/modules/services/monitoring/prometheus/blackbox-exporter.nix
index 7a343299c31..388e4d4ac01 100644
--- a/nixos/modules/services/monitoring/prometheus/blackbox-exporter.nix
+++ b/nixos/modules/services/monitoring/prometheus/blackbox-exporter.nix
@@ -54,6 +54,7 @@ in {
         Restart = "always";
         PrivateTmp = true;
         WorkingDirectory = /tmp;
+        AmbientCapabilities = [ "CAP_NET_RAW" ]; # for ping probes
         ExecStart = ''
           ${pkgs.prometheus-blackbox-exporter}/bin/blackbox_exporter \
             -web.listen-address :${toString cfg.port} \