Merge pull request #8227 from offlinehacker/nixos/consul/alerts-fix
nixos/consul: fix consul alerts enable
This commit is contained in:
commit
a5d0ac2003
|
@ -106,6 +106,12 @@ in
|
||||||
alerts = {
|
alerts = {
|
||||||
enable = mkEnableOption "Whether to enable consul-alerts";
|
enable = mkEnableOption "Whether to enable consul-alerts";
|
||||||
|
|
||||||
|
package = mkOption {
|
||||||
|
description = "Package to use for consul-alerts.";
|
||||||
|
default = pkgs.consul-alerts;
|
||||||
|
type = types.package;
|
||||||
|
};
|
||||||
|
|
||||||
listenAddr = mkOption {
|
listenAddr = mkOption {
|
||||||
description = "Api listening address.";
|
description = "Api listening address.";
|
||||||
default = "localhost:9000";
|
default = "localhost:9000";
|
||||||
|
@ -135,96 +141,101 @@ in
|
||||||
|
|
||||||
};
|
};
|
||||||
|
|
||||||
config = mkIf cfg.enable {
|
config = mkIf cfg.enable (
|
||||||
|
mkMerge [{
|
||||||
|
|
||||||
users.extraUsers."consul" = {
|
users.extraUsers."consul" = {
|
||||||
description = "Consul agent daemon user";
|
description = "Consul agent daemon user";
|
||||||
uid = config.ids.uids.consul;
|
uid = config.ids.uids.consul;
|
||||||
# The shell is needed for health checks
|
# The shell is needed for health checks
|
||||||
shell = "/run/current-system/sw/bin/bash";
|
shell = "/run/current-system/sw/bin/bash";
|
||||||
};
|
|
||||||
|
|
||||||
environment = {
|
|
||||||
etc."consul.json".text = builtins.toJSON configOptions;
|
|
||||||
# We need consul.d to exist for consul to start
|
|
||||||
etc."consul.d/dummy.json".text = "{ }";
|
|
||||||
systemPackages = with pkgs; [ consul ];
|
|
||||||
};
|
|
||||||
|
|
||||||
systemd.services.consul = {
|
|
||||||
wantedBy = [ "multi-user.target" ];
|
|
||||||
after = [ "network.target" ] ++ systemdDevices;
|
|
||||||
bindsTo = systemdDevices;
|
|
||||||
restartTriggers = [ config.environment.etc."consul.json".source ]
|
|
||||||
++ mapAttrsToList (_: d: d.source)
|
|
||||||
(filterAttrs (n: _: hasPrefix "consul.d/" n) config.environment.etc);
|
|
||||||
|
|
||||||
serviceConfig = {
|
|
||||||
ExecStart = "@${pkgs.consul}/bin/consul consul agent -config-dir /etc/consul.d"
|
|
||||||
+ concatMapStrings (n: " -config-file ${n}") configFiles;
|
|
||||||
ExecReload = "${pkgs.consul}/bin/consul reload";
|
|
||||||
PermissionsStartOnly = true;
|
|
||||||
User = if cfg.dropPrivileges then "consul" else null;
|
|
||||||
TimeoutStartSec = "0";
|
|
||||||
} // (optionalAttrs (cfg.leaveOnStop) {
|
|
||||||
ExecStop = "${pkgs.consul}/bin/consul leave";
|
|
||||||
});
|
|
||||||
|
|
||||||
path = with pkgs; [ iproute gnugrep gawk consul ];
|
|
||||||
preStart = ''
|
|
||||||
mkdir -m 0700 -p ${dataDir}
|
|
||||||
chown -R consul ${dataDir}
|
|
||||||
|
|
||||||
# Determine interface addresses
|
|
||||||
getAddrOnce () {
|
|
||||||
ip addr show dev "$1" \
|
|
||||||
| grep 'inet${optionalString (cfg.forceIpv4) " "}.*scope global' \
|
|
||||||
| awk -F '[ /\t]*' '{print $3}' | head -n 1
|
|
||||||
}
|
|
||||||
getAddr () {
|
|
||||||
ADDR="$(getAddrOnce $1)"
|
|
||||||
LEFT=60 # Die after 1 minute
|
|
||||||
while [ -z "$ADDR" ]; do
|
|
||||||
sleep 1
|
|
||||||
LEFT=$(expr $LEFT - 1)
|
|
||||||
if [ "$LEFT" -eq "0" ]; then
|
|
||||||
echo "Address lookup timed out"
|
|
||||||
exit 1
|
|
||||||
fi
|
|
||||||
ADDR="$(getAddrOnce $1)"
|
|
||||||
done
|
|
||||||
echo "$ADDR"
|
|
||||||
}
|
|
||||||
echo "{" > /etc/consul-addrs.json
|
|
||||||
delim=" "
|
|
||||||
''
|
|
||||||
+ concatStrings (flip mapAttrsToList cfg.interface (name: i:
|
|
||||||
optionalString (i != null) ''
|
|
||||||
echo "$delim \"${name}_addr\": \"$(getAddr "${i}")\"" >> /etc/consul-addrs.json
|
|
||||||
delim=","
|
|
||||||
''))
|
|
||||||
+ ''
|
|
||||||
echo "}" >> /etc/consul-addrs.json
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
|
|
||||||
systemd.services.consul-alerts = mkIf (cfg.alerts.enable) {
|
|
||||||
wantedBy = [ "multi-user.target" ];
|
|
||||||
after = [ "consul.service" ];
|
|
||||||
|
|
||||||
path = [ pkgs.consul ];
|
|
||||||
|
|
||||||
serviceConfig = {
|
|
||||||
ExecStart = ''
|
|
||||||
${pkgs.consul-alerts}/bin/consul-alerts start \
|
|
||||||
--alert-addr=${cfg.alerts.listenAddr} \
|
|
||||||
--consul-addr=${cfg.alerts.consulAddr} \
|
|
||||||
${optionalString cfg.alerts.watchChecks "--watch-checks"} \
|
|
||||||
${optionalString cfg.alerts.watchEvents "--watch-events"}
|
|
||||||
'';
|
|
||||||
User = if cfg.dropPrivileges then "consul" else null;
|
|
||||||
};
|
};
|
||||||
};
|
|
||||||
|
|
||||||
};
|
environment = {
|
||||||
|
etc."consul.json".text = builtins.toJSON configOptions;
|
||||||
|
# We need consul.d to exist for consul to start
|
||||||
|
etc."consul.d/dummy.json".text = "{ }";
|
||||||
|
systemPackages = with pkgs; [ consul ];
|
||||||
|
};
|
||||||
|
|
||||||
|
systemd.services.consul = {
|
||||||
|
wantedBy = [ "multi-user.target" ];
|
||||||
|
after = [ "network.target" ] ++ systemdDevices;
|
||||||
|
bindsTo = systemdDevices;
|
||||||
|
restartTriggers = [ config.environment.etc."consul.json".source ]
|
||||||
|
++ mapAttrsToList (_: d: d.source)
|
||||||
|
(filterAttrs (n: _: hasPrefix "consul.d/" n) config.environment.etc);
|
||||||
|
|
||||||
|
serviceConfig = {
|
||||||
|
ExecStart = "@${pkgs.consul}/bin/consul consul agent -config-dir /etc/consul.d"
|
||||||
|
+ concatMapStrings (n: " -config-file ${n}") configFiles;
|
||||||
|
ExecReload = "${pkgs.consul}/bin/consul reload";
|
||||||
|
PermissionsStartOnly = true;
|
||||||
|
User = if cfg.dropPrivileges then "consul" else null;
|
||||||
|
TimeoutStartSec = "0";
|
||||||
|
} // (optionalAttrs (cfg.leaveOnStop) {
|
||||||
|
ExecStop = "${pkgs.consul}/bin/consul leave";
|
||||||
|
});
|
||||||
|
|
||||||
|
path = with pkgs; [ iproute gnugrep gawk consul ];
|
||||||
|
preStart = ''
|
||||||
|
mkdir -m 0700 -p ${dataDir}
|
||||||
|
chown -R consul ${dataDir}
|
||||||
|
|
||||||
|
# Determine interface addresses
|
||||||
|
getAddrOnce () {
|
||||||
|
ip addr show dev "$1" \
|
||||||
|
| grep 'inet${optionalString (cfg.forceIpv4) " "}.*scope global' \
|
||||||
|
| awk -F '[ /\t]*' '{print $3}' | head -n 1
|
||||||
|
}
|
||||||
|
getAddr () {
|
||||||
|
ADDR="$(getAddrOnce $1)"
|
||||||
|
LEFT=60 # Die after 1 minute
|
||||||
|
while [ -z "$ADDR" ]; do
|
||||||
|
sleep 1
|
||||||
|
LEFT=$(expr $LEFT - 1)
|
||||||
|
if [ "$LEFT" -eq "0" ]; then
|
||||||
|
echo "Address lookup timed out"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
ADDR="$(getAddrOnce $1)"
|
||||||
|
done
|
||||||
|
echo "$ADDR"
|
||||||
|
}
|
||||||
|
echo "{" > /etc/consul-addrs.json
|
||||||
|
delim=" "
|
||||||
|
''
|
||||||
|
+ concatStrings (flip mapAttrsToList cfg.interface (name: i:
|
||||||
|
optionalString (i != null) ''
|
||||||
|
echo "$delim \"${name}_addr\": \"$(getAddr "${i}")\"" >> /etc/consul-addrs.json
|
||||||
|
delim=","
|
||||||
|
''))
|
||||||
|
+ ''
|
||||||
|
echo "}" >> /etc/consul-addrs.json
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
}
|
||||||
|
|
||||||
|
(mkIf (cfg.alerts.enable) {
|
||||||
|
systemd.services.consul-alerts = {
|
||||||
|
wantedBy = [ "multi-user.target" ];
|
||||||
|
after = [ "consul.service" ];
|
||||||
|
|
||||||
|
path = [ pkgs.consul ];
|
||||||
|
|
||||||
|
serviceConfig = {
|
||||||
|
ExecStart = ''
|
||||||
|
${cfg.alerts.package}/bin/consul-alerts start \
|
||||||
|
--alert-addr=${cfg.alerts.listenAddr} \
|
||||||
|
--consul-addr=${cfg.alerts.consulAddr} \
|
||||||
|
${optionalString cfg.alerts.watchChecks "--watch-checks"} \
|
||||||
|
${optionalString cfg.alerts.watchEvents "--watch-events"}
|
||||||
|
'';
|
||||||
|
User = if cfg.dropPrivileges then "consul" else null;
|
||||||
|
Restart = "on-failure";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
})
|
||||||
|
|
||||||
|
]);
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue