diff options
author | Maximilian Bosch <maximilian@mbosch.me> | 2021-12-03 17:59:53 +0100 |
---|---|---|
committer | Maximilian Bosch <maximilian@mbosch.me> | 2021-12-03 19:01:19 +0100 |
commit | 8e6d403e65c62b052123e4a8eed295885d3dd4eb (patch) | |
tree | a15ddce617ba14dc5384f32085c9e1b0ccee3f39 /nixos/modules/services/monitoring | |
parent | 7fff1e9c0c77a22c83504bf9ba63c3c949bd66f0 (diff) |
nixos/prometheus-postfix-exporter: whitelist addr-family `AF_UNIX`
Otherwise, `postfix_up{path="/var/lib/postfix/queue/public/showq"}` will always be `0` indicating an postfix outage because this is a unix domain socket that cannot be connected to: 2021/12/03 14:50:46 Failed to scrape showq socket: dial unix /var/lib/postfix/queue/public/showq: socket: address family not supported by protocol
Diffstat (limited to 'nixos/modules/services/monitoring')
-rw-r--r-- | nixos/modules/services/monitoring/prometheus/exporters/postfix.nix | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/nixos/modules/services/monitoring/prometheus/exporters/postfix.nix b/nixos/modules/services/monitoring/prometheus/exporters/postfix.nix index f57589a59c7bc..4d3c1fa267e5f 100644 --- a/nixos/modules/services/monitoring/prometheus/exporters/postfix.nix +++ b/nixos/modules/services/monitoring/prometheus/exporters/postfix.nix @@ -76,6 +76,9 @@ in serviceOpts = { serviceConfig = { DynamicUser = false; + # By default, each prometheus exporter only gets AF_INET & AF_INET6, + # but AF_UNIX is needed to read from the `showq`-socket. + RestrictAddressFamilies = [ "AF_UNIX" ]; ExecStart = '' ${pkgs.prometheus-postfix-exporter}/bin/postfix_exporter \ --web.listen-address ${cfg.listenAddress}:${toString cfg.port} \ |