Merge branch 'LnL7:master' into add-toplevel-option-lib

4 files changed, 150 insertions, 1 deletions

diff --git a/modules/module-list.nix b/modules/module-list.nix
index 03c770e..71ea9a2 100644
--- a/modules/module-list.nix
+++ b/modules/module-list.nix
@@ -42,6 +42,7 @@
   ./services/autossh.nix
   ./services/buildkite-agent.nix
   ./services/chunkwm.nix
+  ./services/cachix-agent.nix
   ./services/dnsmasq.nix
   ./services/emacs.nix
   ./services/khd
@@ -49,6 +50,7 @@
   ./services/lorri.nix
   ./services/mail/offlineimap.nix
   ./services/mopidy.nix
+  ./services/monitoring/telegraf.nix
   ./services/nix-daemon.nix
   ./services/nix-gc
   ./services/ofborg
diff --git a/modules/nix/nixpkgs.nix b/modules/nix/nixpkgs.nix
index b00a182..9db3b6a 100644
--- a/modules/nix/nixpkgs.nix
+++ b/modules/nix/nixpkgs.nix
@@ -109,7 +109,7 @@ in
 
   config = {
 
-    # _module.args.pkgs is defined in ../../default.nix
+    # _module.args.pkgs is defined in ../../eval-config.nix
 
   };
 }
diff --git a/modules/services/cachix-agent.nix b/modules/services/cachix-agent.nix
new file mode 100644
index 0000000..29d8329
--- /dev/null
+++ b/modules/services/cachix-agent.nix
@@ -0,0 +1,76 @@
+{ config, lib, pkgs, ... }:
+
+with lib;
+
+let
+  cfg = config.services.cachix-agent;
+in {
+  options.services.cachix-agent = {
+    enable = mkOption {
+      type = types.bool;
+      default = false;
+      description = ''
+        Enable to run Cachix Agent as a system service.
+        
+        Read <link xlink:href="https://docs.cachix.org/deploy/">Cachix Deploy</link> documentation for more information.
+      '';
+    };
+
+    name = mkOption {
+      type = types.str;
+      default = config.networking.hostName;
+      description = ''
+        Agent name, usually the same as the hostname.
+      '';
+    };
+
+    package = mkOption {
+      description = ''
+        Package containing cachix executable.
+      '';
+      type = types.package;
+      default = pkgs.cachix;
+      defaultText = literalExample "pkgs.cachix";
+    };
+
+    credentialsFile = mkOption {
+      type = types.path;
+      default = "/etc/cachix-agent.token";
+      description = ''
+        Required file that needs to contain CACHIX_AGENT_TOKEN=...
+      '';
+    };
+
+    logFile = mkOption {
+      type = types.nullOr types.path;
+      default = "/var/log/cachix-agent.log";
+      description = "Absolute path to log all stderr and stdout";
+    };
+  };
+
+  config = mkIf cfg.enable {
+    launchd.daemons.cachix-agent = {
+      script = ''
+        . ${cfg.credentialsFile}
+
+        exec ${cfg.package}/bin/cachix deploy agent ${cfg.name}
+      '';
+
+      path = [ config.nix.package pkgs.coreutils ];
+
+      environment = {
+        NIX_SSL_CERT_FILE = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt";
+        USER = "root";
+      };
+
+      serviceConfig.KeepAlive = true;
+      serviceConfig.RunAtLoad = true;
+      serviceConfig.ProcessType = "Interactive";
+      serviceConfig.StandardErrorPath = cfg.logFile;
+      serviceConfig.StandardOutPath = cfg.logFile;
+      serviceConfig.WatchPaths = [
+        cfg.credentialsFile
+      ];
+    };
+  };
+}
diff --git a/modules/services/monitoring/telegraf.nix b/modules/services/monitoring/telegraf.nix
new file mode 100644
index 0000000..f40e013
--- /dev/null
+++ b/modules/services/monitoring/telegraf.nix
@@ -0,0 +1,71 @@
+{ config, lib, pkgs, ... }:
+
+let
+  inherit (lib) mkEnableOption mkOption types mkIf;
+
+  cfg = config.services.telegraf;
+
+  settingsFormat = pkgs.formats.toml { };
+  configFile = settingsFormat.generate "config.toml" cfg.extraConfig;
+in {
+  options = {
+    services.telegraf = {
+      enable = mkEnableOption "telegraf agent";
+
+      package = mkOption {
+        default = pkgs.telegraf;
+        defaultText = lib.literalExpression "pkgs.telegraf";
+        description = "Which telegraf derivation to use";
+        type = types.package;
+      };
+
+      environmentFiles = mkOption {
+        type = types.listOf types.path;
+        default = [ ];
+        example = [ "/run/keys/telegraf.env" ];
+        description = ''
+          File to load as environment file.
+          This is useful to avoid putting secrets into the nix store.
+        '';
+      };
+
+      extraConfig = mkOption {
+        default = { };
+        description = "Extra configuration options for telegraf";
+        type = settingsFormat.type;
+        example = {
+          outputs.influxdb = {
+            urls = [ "http://localhost:8086" ];
+            database = "telegraf";
+          };
+          inputs.statsd = {
+            service_address = ":8125";
+            delete_timings = true;
+          };
+        };
+      };
+
+      configUrl = mkOption {
+        default = null;
+        description = "Url to fetch config from";
+        type = types.nullOr types.str;
+      };
+    };
+  };
+
+  config = mkIf cfg.enable {
+    launchd.daemons.telegraf = {
+      script = ''
+        ${lib.concatStringsSep "\n"
+        (map (file: "source ${file}") cfg.environmentFiles)}
+        ${cfg.package}/bin/telegraf --config ${
+          if cfg.configUrl == null then configFile else cfg.configUrl
+        }
+      '';
+      serviceConfig = {
+        KeepAlive = true;
+        RunAtLoad = true;
+      };
+    };
+  };
+}