diff options
author | Shawn8901 <shawn8901@googlemail.com> | 2022-11-20 20:46:27 +0100 |
---|---|---|
committer | Shawn8901 <shawn8901@googlemail.com> | 2022-11-21 20:20:50 +0100 |
commit | 5ed08d83f71a7eea1963fb77f1f1f3092e3a001d (patch) | |
tree | ce40332ecf4ad7e8819c45d4a5fe9eb5a7615877 /nixos/modules/services/monitoring | |
parent | d1bf8378843eed3f90e91dfe8d79aba81ebc3c6b (diff) |
nixos/prometheus-pve-exporter: Use LoadCredentials to make configFiles readable to DynamicUser
Diffstat (limited to 'nixos/modules/services/monitoring')
-rw-r--r-- | nixos/modules/services/monitoring/prometheus/exporters/pve.nix | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/nixos/modules/services/monitoring/prometheus/exporters/pve.nix b/nixos/modules/services/monitoring/prometheus/exporters/pve.nix index 8e2573d084bc5..e02acad3ecd1d 100644 --- a/nixos/modules/services/monitoring/prometheus/exporters/pve.nix +++ b/nixos/modules/services/monitoring/prometheus/exporters/pve.nix @@ -10,7 +10,7 @@ let text = "default:"; }; - computedConfigFile = "${if cfg.configFile == null then emptyConfigFile else cfg.configFile}"; + computedConfigFile = if cfg.configFile == null then emptyConfigFile else cfg.configFile; in { port = 9221; @@ -100,6 +100,8 @@ in }; serviceOpts = { serviceConfig = { + DynamicUser = cfg.environmentFile == null; + LoadCredential = "configFile:${computedConfigFile}"; ExecStart = '' ${cfg.package}/bin/pve_exporter \ --${if cfg.collectors.status == true then "" else "no-"}collector.status \ @@ -108,11 +110,11 @@ in --${if cfg.collectors.cluster == true then "" else "no-"}collector.cluster \ --${if cfg.collectors.resources == true then "" else "no-"}collector.resources \ --${if cfg.collectors.config == true then "" else "no-"}collector.config \ - ${computedConfigFile} \ + %d/configFile \ ${toString cfg.port} ${cfg.listenAddress} ''; } // optionalAttrs (cfg.environmentFile != null) { - EnvironmentFile = cfg.environmentFile; + EnvironmentFile = cfg.environmentFile; }; }; } |