From 1e54f84012afc15bb3432792980576d54cff60a3 Mon Sep 17 00:00:00 2001 From: Izorkin Date: Sun, 19 Sep 2021 19:15:02 +0300 Subject: [PATCH] nixos/netdata: fix working with disabled ipmi plugin --- nixos/modules/services/monitoring/netdata.nix | 73 ++++++++++--------- pkgs/tools/system/netdata/default.nix | 5 +- 2 files changed, 42 insertions(+), 36 deletions(-) diff --git a/nixos/modules/services/monitoring/netdata.nix b/nixos/modules/services/monitoring/netdata.nix index e76979fa6d17..3ea84ca815f4 100644 --- a/nixos/modules/services/monitoring/netdata.nix +++ b/nixos/modules/services/monitoring/netdata.nix @@ -9,9 +9,9 @@ let mkdir -p $out/libexec/netdata/plugins.d ln -s /run/wrappers/bin/apps.plugin $out/libexec/netdata/plugins.d/apps.plugin ln -s /run/wrappers/bin/cgroup-network $out/libexec/netdata/plugins.d/cgroup-network - ln -s /run/wrappers/bin/freeipmi.plugin $out/libexec/netdata/plugins.d/freeipmi.plugin ln -s /run/wrappers/bin/perf.plugin $out/libexec/netdata/plugins.d/perf.plugin ln -s /run/wrappers/bin/slabinfo.plugin $out/libexec/netdata/plugins.d/slabinfo.plugin + ln -s /run/wrappers/bin/freeipmi.plugin $out/libexec/netdata/plugins.d/freeipmi.plugin ''; plugins = [ @@ -211,44 +211,47 @@ in { systemd.enableCgroupAccounting = true; - security.wrappers."apps.plugin" = { - source = "${cfg.package}/libexec/netdata/plugins.d/apps.plugin.org"; - capabilities = "cap_dac_read_search,cap_sys_ptrace+ep"; - owner = cfg.user; - group = cfg.group; - permissions = "u+rx,g+x,o-rwx"; - }; + security.wrappers = { + "apps.plugin" = { + source = "${cfg.package}/libexec/netdata/plugins.d/apps.plugin.org"; + capabilities = "cap_dac_read_search,cap_sys_ptrace+ep"; + owner = cfg.user; + group = cfg.group; + permissions = "u+rx,g+x,o-rwx"; + }; - security.wrappers."cgroup-network" = { - source = "${cfg.package}/libexec/netdata/plugins.d/cgroup-network.org"; - capabilities = "cap_setuid+ep"; - owner = cfg.user; - group = cfg.group; - permissions = "u+rx,g+x,o-rwx"; - }; + "cgroup-network" = { + source = "${cfg.package}/libexec/netdata/plugins.d/cgroup-network.org"; + capabilities = "cap_setuid+ep"; + owner = cfg.user; + group = cfg.group; + permissions = "u+rx,g+x,o-rwx"; + }; - security.wrappers."freeipmi.plugin" = { - source = "${cfg.package}/libexec/netdata/plugins.d/freeipmi.plugin.org"; - capabilities = "cap_dac_override,cap_fowner+ep"; - owner = cfg.user; - group = cfg.group; - permissions = "u+rx,g+x,o-rwx"; - }; + "perf.plugin" = { + source = "${cfg.package}/libexec/netdata/plugins.d/perf.plugin.org"; + capabilities = "cap_sys_admin+ep"; + owner = cfg.user; + group = cfg.group; + permissions = "u+rx,g+x,o-rwx"; + }; - security.wrappers."perf.plugin" = { - source = "${cfg.package}/libexec/netdata/plugins.d/perf.plugin.org"; - capabilities = "cap_sys_admin+ep"; - owner = cfg.user; - group = cfg.group; - permissions = "u+rx,g+x,o-rwx"; - }; + "slabinfo.plugin" = { + source = "${cfg.package}/libexec/netdata/plugins.d/slabinfo.plugin.org"; + capabilities = "cap_dac_override+ep"; + owner = cfg.user; + group = cfg.group; + permissions = "u+rx,g+x,o-rwx"; + }; - security.wrappers."slabinfo.plugin" = { - source = "${cfg.package}/libexec/netdata/plugins.d/slabinfo.plugin.org"; - capabilities = "cap_dac_override+ep"; - owner = cfg.user; - group = cfg.group; - permissions = "u+rx,g+x,o-rwx"; + } // optionalAttrs (cfg.package.withIpmi) { + "freeipmi.plugin" = { + source = "${cfg.package}/libexec/netdata/plugins.d/freeipmi.plugin.org"; + capabilities = "cap_dac_override,cap_fowner+ep"; + owner = cfg.user; + group = cfg.group; + permissions = "u+rx,g+x,o-rwx"; + }; }; security.pam.loginLimits = [ diff --git a/pkgs/tools/system/netdata/default.nix b/pkgs/tools/system/netdata/default.nix index 25d0366ef715..3c025247377d 100644 --- a/pkgs/tools/system/netdata/default.nix +++ b/pkgs/tools/system/netdata/default.nix @@ -87,7 +87,10 @@ in stdenv.mkDerivation rec { wrapProgram $out/bin/netdata-claim.sh --prefix PATH : ${lib.makeBinPath [ openssl ]} ''; - passthru.tests.netdata = nixosTests.netdata; + passthru = { + inherit withIpmi; + tests.netdata = nixosTests.netdata; + }; meta = { description = "Real-time performance monitoring tool";