Merge pull request #120492 from SuperSandro2000/prometheus-unbound-exporter

Prometheus unbound exporter

nixos/modules/services/monitoring/prometheus/exporters.nix

@@ -59,6 +59,7 @@ let
     "surfboard"
     "systemd"
     "tor"
+    "unbound"
     "unifi"
     "unifi-poller"
     "varnish"

nixos/modules/services/monitoring/prometheus/exporters/unbound.nix

@@ -0,0 +1,59 @@
+{ config, lib, pkgs, options }:
+
+with lib;
+
+let
+  cfg = config.services.prometheus.exporters.unbound;
+in
+{
+  port = 9167;
+  extraOpts = {
+    fetchType = mkOption {
+      # TODO: add shm when upstream implemented it
+      type = types.enum [ "tcp" "uds" ];
+      default = "uds";
+      description = ''
+        Which methods the exporter uses to get the information from unbound.
+      '';
+    };
+
+    telemetryPath = mkOption {
+      type = types.str;
+      default = "/metrics";
+      description = ''
+        Path under which to expose metrics.
+      '';
+    };
+
+    controlInterface = mkOption {
+      type = types.nullOr types.str;
+      default = null;
+      example = "/run/unbound/unbound.socket";
+      description = ''
+        Path to the unbound socket for uds mode or the control interface port for tcp mode.
+
+        Example:
+          uds-mode: /run/unbound/unbound.socket
+          tcp-mode: 127.0.0.1:8953
+      '';
+    };
+  };
+
+  serviceOpts = mkMerge ([{
+    serviceConfig = {
+      ExecStart = ''
+        ${pkgs.prometheus-unbound-exporter}/bin/unbound-telemetry \
+          ${cfg.fetchType} \
+          --bind ${cfg.listenAddress}:${toString cfg.port} \
+          --path ${cfg.telemetryPath} \
+          ${optionalString (cfg.controlInterface != null) "--control-interface ${cfg.controlInterface}"} \
+          ${toString cfg.extraFlags}
+      '';
+    };
+  }] ++ [
+    (mkIf config.services.unbound.enable {
+      after = [ "unbound.service" ];
+      requires = [ "unbound.service" ];
+    })
+  ]);
+}

nixos/tests/prometheus-exporters.nix

@@ -1,5 +1,5 @@
 { system ? builtins.currentSystem
-, config ? {}
+, config ? { }
 , pkgs ? import ../.. { inherit system config; }
 }:
 
@@ -8,7 +8,7 @@ let
   inherit (pkgs.lib) concatStringsSep maintainers mapAttrs mkMerge
     removeSuffix replaceChars singleton splitString;
 
-/*
+  /*
     * The attrset `exporterTests` contains one attribute
     * for each exporter test. Each of these attributes
     * is expected to be an attrset containing:
@@ -192,7 +192,8 @@ let
           "plugin":"testplugin",
           "time":DATE
         }]
-        ''; in ''
+      ''; in
+        ''
           wait_for_unit("prometheus-collectd-exporter.service")
           wait_for_open_port(9103)
           succeed(
@@ -258,7 +259,8 @@ let
       '';
     };
 
-    fritzbox = { # TODO add proper test case
+    fritzbox = {
+      # TODO add proper test case
       exporterConfig = {
         enable = true;
       };
@@ -411,14 +413,14 @@ let
         configuration = {
           monitoringInterval = "2s";
           mailCheckTimeout = "10s";
-          servers = [ {
+          servers = [{
             name = "testserver";
             server = "localhost";
             port = 25;
             from = "mail-exporter@localhost";
             to = "mail-exporter@localhost";
             detectionDir = "/var/spool/mail/mail-exporter/new";
-          } ];
+          }];
         };
       };
       metricProvider = {
@@ -520,9 +522,11 @@ let
         url = "http://localhost";
       };
       metricProvider = {
-        systemd.services.nc-pwfile = let
+        systemd.services.nc-pwfile =
+          let
             passfile = (pkgs.writeText "pwfile" "snakeoilpw");
-        in {
+          in
+          {
             requiredBy = [ "prometheus-nextcloud-exporter.service" ];
             before = [ "prometheus-nextcloud-exporter.service" ];
             serviceConfig.ExecStart = ''
@@ -585,7 +589,7 @@ let
                 syslog = {
                   listen_address = "udp://127.0.0.1:10000";
                   format = "rfc3164";
-                  tags = ["nginx"];
+                  tags = [ "nginx" ];
                 };
               };
             }
@@ -705,10 +709,10 @@ let
       exporterConfig = {
         enable = true;
         group = "openvpn";
-        statusPaths = ["/run/openvpn-test"];
+        statusPaths = [ "/run/openvpn-test" ];
       };
       metricProvider = {
-        users.groups.openvpn = {};
+        users.groups.openvpn = { };
         services.openvpn.servers.test = {
           config = ''
             dev tun
@@ -828,8 +832,9 @@ let
       };
       metricProvider = {
         # Mock rtl_433 binary to return a dummy metric stream.
-        nixpkgs.overlays = [ (self: super: {
+        nixpkgs.overlays = [
-          rtl_433 = self.runCommand "rtl_433" {} ''
+          (self: super: {
+            rtl_433 = self.runCommand "rtl_433" { } ''
               mkdir -p "$out/bin"
               cat <<EOF > "$out/bin/rtl_433"
               #!/bin/sh
@@ -840,7 +845,8 @@ let
               EOF
               chmod +x "$out/bin/rtl_433"
             '';
-        }) ];
+          })
+        ];
       };
       exporterTest = ''
         wait_for_unit("prometheus-rtl_433-exporter.service")
@@ -856,7 +862,7 @@ let
     smokeping = {
       exporterConfig = {
         enable = true;
-        hosts = ["127.0.0.1"];
+        hosts = [ "127.0.0.1" ];
       };
       exporterTest = ''
         wait_for_unit("prometheus-smokeping-exporter.service")
@@ -994,7 +1000,7 @@ let
     unifi-poller = {
       nodeName = "unifi_poller";
       exporterConfig.enable = true;
-      exporterConfig.controllers = [ { } ];
+      exporterConfig.controllers = [{ }];
       exporterTest = ''
         wait_for_unit("prometheus-unifi-poller-exporter.service")
         wait_for_open_port(9130)
@@ -1004,6 +1010,29 @@ let
       '';
     };
 
+    unbound = {
+      exporterConfig = {
+        enable = true;
+        fetchType = "uds";
+        controlInterface = "/run/unbound/unbound.ctl";
+      };
+      metricProvider = {
+        services.unbound = {
+          enable = true;
+          localControlSocketPath = "/run/unbound/unbound.ctl";
+        };
+        systemd.services.prometheus-unbound-exporter.serviceConfig = {
+          SupplementaryGroups = [ "unbound" ];
+        };
+      };
+      exporterTest = ''
+        wait_for_unit("unbound.service")
+        wait_for_unit("prometheus-unbound-exporter.service")
+        wait_for_open_port(9167)
+        succeed("curl -sSf localhost:9167/metrics | grep -q 'unbound_up 1'")
+      '';
+    };
+
     varnish = {
       exporterConfig = {
         enable = true;
@@ -1033,7 +1062,8 @@ let
       '';
     };
 
-    wireguard = let snakeoil = import ./wireguard/snakeoil-keys.nix; in {
+    wireguard = let snakeoil = import ./wireguard/snakeoil-keys.nix; in
+      {
         exporterConfig.enable = true;
         metricProvider = {
           networking.wireguard.interfaces.wg0 = {
@@ -1060,15 +1090,18 @@ let
       };
   };
 in
-mapAttrs (exporter: testConfig: (makeTest (let
+mapAttrs
+  (exporter: testConfig: (makeTest (
+    let
       nodeName = testConfig.nodeName or exporter;
 
-in {
+    in
+    {
       name = "prometheus-${exporter}-exporter";
 
       nodes.${nodeName} = mkMerge [{
         services.prometheus.exporters.${exporter} = testConfig.exporterConfig;
-  } testConfig.metricProvider or {}];
+      } testConfig.metricProvider or { }];
 
       testScript = ''
         ${nodeName}.start()
@@ -1083,4 +1116,6 @@ in {
       meta = with maintainers; {
         maintainers = [ willibutz elseym ];
       };
-}))) exporterTests
+    }
+  )))
+  exporterTests

pkgs/servers/monitoring/prometheus/unbound-exporter.nix

@@ -0,0 +1,30 @@
+{ lib, rustPlatform, fetchFromGitHub, openssl, pkg-config, nixosTests }:
+
+rustPlatform.buildRustPackage rec {
+  pname = "unbound-telemetry";
+  version = "unstable-2021-03-17";
+
+  src = fetchFromGitHub {
+    owner = "svartalf";
+    repo = pname;
+    rev = "7f1b6d4e9e4b6a3216a78c23df745bcf8fc84021";
+    sha256 = "xCelL6WGaTRhDJkkUdpdwj1zcKKAU2dyUv3mHeI4oAw=";
+  };
+
+  cargoSha256 = "P3nAtYOuwNSLMP7q1L5zKTsZ6rJA/qL1mhVHzP3szi4=";
+
+  nativeBuildInputs = [ pkg-config ];
+
+  buildInputs = [ openssl ];
+
+  passthru.tests = {
+    inherit (nixosTests.prometheus-exporters) unbound;
+  };
+
+  meta = with lib; {
+    description = "Prometheus exporter for Unbound DNS resolver";
+    homepage = "https://github.com/svartalf/unbound-telemetry";
+    license = licenses.mit;
+    maintainers = with maintainers; [ SuperSandro2000 ];
+  };
+}

pkgs/top-level/all-packages.nix

@@ -19184,6 +19184,7 @@ in
   prometheus-tor-exporter = callPackage ../servers/monitoring/prometheus/tor-exporter.nix { };
   prometheus-statsd-exporter = callPackage ../servers/monitoring/prometheus/statsd-exporter.nix { };
   prometheus-surfboard-exporter = callPackage ../servers/monitoring/prometheus/surfboard-exporter.nix { };
+  prometheus-unbound-exporter = callPackage ../servers/monitoring/prometheus/unbound-exporter.nix { };
   prometheus-unifi-exporter = callPackage ../servers/monitoring/prometheus/unifi-exporter { };
   prometheus-varnish-exporter = callPackage ../servers/monitoring/prometheus/varnish-exporter.nix { };
   prometheus-jmx-httpserver = callPackage ../servers/monitoring/prometheus/jmx-httpserver.nix {  };