diff options
Diffstat (limited to 'nixos/modules/services/networking/ntopng.nix')
-rw-r--r-- | nixos/modules/services/networking/ntopng.nix | 63 |
1 files changed, 53 insertions, 10 deletions
diff --git a/nixos/modules/services/networking/ntopng.nix b/nixos/modules/services/networking/ntopng.nix index 77a004e8ab3a5..022fc923edaa3 100644 --- a/nixos/modules/services/networking/ntopng.nix +++ b/nixos/modules/services/networking/ntopng.nix @@ -6,7 +6,13 @@ let cfg = config.services.ntopng; opt = options.services.ntopng; - redisCfg = config.services.redis; + + createRedis = cfg.redis.createInstance != null; + redisService = + if cfg.redis.createInstance == "" then + "redis.service" + else + "redis-${cfg.redis.createInstance}.service"; configFile = if cfg.configText != "" then pkgs.writeText "ntopng.conf" '' @@ -15,8 +21,10 @@ let else pkgs.writeText "ntopng.conf" '' ${concatStringsSep " " (map (e: "--interface=" + e) cfg.interfaces)} - --http-port=${toString cfg.http-port} - --redis=localhost:${toString redisCfg.port} + --http-port=${toString cfg.httpPort} + --redis=${cfg.redis.address} + --data-dir=/var/lib/ntopng + --user=ntopng ${cfg.extraConfig} ''; @@ -24,6 +32,10 @@ in { + imports = [ + (mkRenamedOptionModule [ "services" "ntopng" "http-port" ] [ "services" "ntopng" "httpPort" ]) + ]; + options = { services.ntopng = { @@ -56,7 +68,7 @@ in ''; }; - http-port = mkOption { + httpPort = mkOption { default = 3000; type = types.int; description = '' @@ -64,6 +76,24 @@ in ''; }; + redis.address = mkOption { + type = types.str; + example = literalExpression "config.services.redis.ntopng.unixSocket"; + description = '' + Redis address - may be a Unix socket or a network host and port. + ''; + }; + + redis.createInstance = mkOption { + type = types.nullOr types.str; + default = if versionAtLeast config.system.stateVersion "22.05" then "ntopng" else ""; + description = '' + Local Redis instance name. Set to <literal>null</literal> to disable + local Redis instance. Defaults to <literal>""</literal> for + <literal>system.stateVersion</literal> older than 22.05. + ''; + }; + configText = mkOption { default = ""; example = '' @@ -95,23 +125,36 @@ in config = mkIf cfg.enable { # ntopng uses redis for data storage - services.redis.enable = true; + services.ntopng.redis.address = + mkIf createRedis config.services.redis.servers.${cfg.redis.createInstance}.unixSocket; + + services.redis.servers = mkIf createRedis { + ${cfg.redis.createInstance} = { + enable = true; + user = mkIf (cfg.redis.createInstance == "ntopng") "ntopng"; + }; + }; # nice to have manual page and ntopng command in PATH environment.systemPackages = [ pkgs.ntopng ]; + systemd.tmpfiles.rules = [ "d /var/lib/ntopng 0700 ntopng ntopng -" ]; + systemd.services.ntopng = { description = "Ntopng Network Monitor"; - requires = [ "redis.service" ]; - after = [ "network.target" "redis.service" ]; + requires = optional createRedis redisService; + after = [ "network.target" ] ++ optional createRedis redisService; wantedBy = [ "multi-user.target" ]; - preStart = "mkdir -p /var/lib/ntopng/"; serviceConfig.ExecStart = "${pkgs.ntopng}/bin/ntopng ${configFile}"; unitConfig.Documentation = "man:ntopng(8)"; }; - # ntopng drops priveleges to user "nobody" and that user is already defined - # in users-groups.nix. + users.extraUsers.ntopng = { + group = "ntopng"; + isSystemUser = true; + }; + + users.extraGroups.ntopng = { }; }; } |