HCoop / jackhill / guix / guix.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
gnu: desktop: Add seatd-service-type.
[jackhill/guix/guix.git] / gnu / services / monitoring.scm
CommitLineData
693b52df
SB		 1;;; GNU Guix --- Functional package management for GNU
2;;; Copyright © 2018 Sou Bunnbu <iyzsong@member.fsf.org>
0f9bbd32 3;;; Copyright © 2018, 2019 Gábor Boskovits <boskovits@gmail.com>
8518a369 4;;; Copyright © 2018, 2019, 2020 Oleg Pykhalov <go.wigust@gmail.com>
5122805c 5;;; Copyright © 2022 Marius Bakke <marius@gnu.org>
693b52df
SB		 6;;;
7;;; This file is part of GNU Guix.
8;;;
9;;; GNU Guix is free software; you can redistribute it and/or modify it
10;;; under the terms of the GNU General Public License as published by
11;;; the Free Software Foundation; either version 3 of the License, or (at
12;;; your option) any later version.
13;;;
14;;; GNU Guix is distributed in the hope that it will be useful, but
15;;; WITHOUT ANY WARRANTY; without even the implied warranty of
16;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17;;; GNU General Public License for more details.
18;;;
19;;; You should have received a copy of the GNU General Public License
20;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
21
22(define-module (gnu services monitoring)
23 #:use-module (gnu services)
6b1c4179 24 #:use-module (gnu services configuration)
693b52df 25 #:use-module (gnu services shepherd)
85c07cff 26 #:use-module (gnu services web)
693b52df
SB		 27 #:use-module (gnu packages admin)
28 #:use-module (gnu packages monitoring)
29 #:use-module (gnu system shadow)
30 #:use-module (guix gexp)
6b1c4179 31 #:use-module (guix packages)
693b52df 32 #:use-module (guix records)
e44de1d2
OP		 33 #:use-module (guix utils)
34 #:use-module ((guix ui) #:select (display-hint G_))
693b52df 35 #:use-module (ice-9 match)
85c07cff 36 #:use-module (ice-9 rdelim)
6b1c4179 37 #:use-module (srfi srfi-26)
0485717e 38 #:use-module (srfi srfi-35)
693b52df 39 #:export (darkstat-configuration
a33652ee 40 darkstat-service-type
502cb3f8
CB		 41
42 prometheus-node-exporter-configuration
43 prometheus-node-exporter-configuration?
44 prometheus-node-exporter-configuration-package
45 prometheus-node-exporter-web-listen-address
6b1c4179
OP		 46 prometheus-node-exporter-service-type
47
48 zabbix-server-configuration
6106d7ca
OP		 49 zabbix-server-service-type
50 zabbix-agent-configuration
85c07cff
OP		 51 zabbix-agent-service-type
52 zabbix-front-end-configuration
326e08bf
MB		 53 zabbix-front-end-service-type
54 %zabbix-front-end-configuration-nginx))
693b52df
SB		 55
56\f
57;;;
58;;; darkstat
59;;;
60
61(define-record-type* <darkstat-configuration>
62 darkstat-configuration make-darkstat-configuration darkstat-configuration?
63 (package darkstat-configuration-package
64 (default darkstat))
65 (interface darkstat-configuration-interface)
66 (port darkstat-configuration-port
67 (default "667"))
68 (bind-address darkstat-configuration-bind-address
69 (default "127.0.0.1"))
70 (base darkstat-configuration-base
71 (default "/")))
72
73(define %darkstat-accounts
74 (list (user-account
75 (name "darkstat")
76 (group "darkstat")
77 (system? #t)
78 (comment "darkstat daemon user")
79 (home-directory "/var/lib/darkstat")
80 (shell (file-append shadow "/sbin/nologin")))
81 (user-group
82 (name "darkstat")
83 (system? #t))))
84
85(define darkstat-shepherd-service
86 (match-lambda
87 (($ <darkstat-configuration>
88 package interface port bind-address base)
89 (shepherd-service
90 (documentation "Network statistics gatherer.")
91 (provision '(darkstat))
92 (requirement '(networking))
93 (start #~(make-forkexec-constructor
94 (list #$(file-append package "/sbin/darkstat")
95 "-i" #$interface
96 "-p" #$port
97 "-b" #$bind-address
98 "--base" #$base
99 "--syslog" "--no-daemon"
100 "--chroot" "/var/lib/darkstat"
101 "--user" "darkstat"
102 "--import" "darkstat.db"
103 "--export" "darkstat.db")))
104 (stop #~(make-kill-destructor))))))
105
106(define darkstat-service-type
107 (service-type
108 (name 'darkstat)
109 (description
f3a2c297 110 "Run @command{darkstat} to serve network traffic statistics reports over
693b52df
SB		 111HTTP.")
112 (extensions
113 (list (service-extension account-service-type
114 (const %darkstat-accounts))
115 (service-extension shepherd-root-service-type
116 (compose list darkstat-shepherd-service))))))
a33652ee 117
502cb3f8
CB		 118\f
119;;;
120;;; Prometheus node exporter
121;;;
122
a33652ee
GB		 123(define-record-type* <prometheus-node-exporter-configuration>
124 prometheus-node-exporter-configuration
125 make-prometheus-node-exporter-configuration
126 prometheus-node-exporter-configuration?
127 (package prometheus-node-exporter-configuration-package
128 (default go-github-com-prometheus-node-exporter))
129 (web-listen-address prometheus-node-exporter-web-listen-address
fd143855
CB		 130 (default ":9100"))
131 (textfile-directory prometheus-node-exporter-textfile-directory
92f7c11a
CB		 132 (default "/var/lib/prometheus/node-exporter"))
133 (extra-options prometheus-node-exporter-extra-options
134 (default '())))
a33652ee 135
6574298e
CB		 136(define %prometheus-node-exporter-accounts
137 (list (user-account
138 (name "prometheus-node-exporter")
139 (group "prometheus-node-exporter")
140 (system? #t)
141 (comment "Prometheus node exporter daemon user")
142 (home-directory "/var/empty")
143 (shell (file-append shadow "/sbin/nologin")))
144 (user-group
145 (name "prometheus-node-exporter")
146 (system? #t))))
147
a33652ee
GB		 148(define prometheus-node-exporter-shepherd-service
149 (match-lambda
150 (( $ <prometheus-node-exporter-configuration>
92f7c11a 151 package web-listen-address textfile-directory extra-options)
6574298e
CB		 152 (list
153 (shepherd-service
154 (documentation "Prometheus node exporter.")
155 (provision '(prometheus-node-exporter))
156 (requirement '(networking))
157 (start #~(make-forkexec-constructor
158 (list #$(file-append package "/bin/node_exporter")
fd143855
CB		 159 "--web.listen-address" #$web-listen-address
160 #$@(if textfile-directory
161 (list "--collector.textfile.directory"
162 textfile-directory)
92f7c11a
CB		 163 '())
164 #$@extra-options)
6574298e 165 #:user "prometheus-node-exporter"
fa0975ad
CB		 166 #:group "prometheus-node-exporter"
167 #:log-file "/var/log/prometheus-node-exporter.log"))
6574298e 168 (stop #~(make-kill-destructor)))))))
a33652ee 169
fd143855
CB		 170(define (prometheus-node-exporter-activation config)
171 (with-imported-modules '((guix build utils))
172 #~(let ((textfile-directory
173 #$(prometheus-node-exporter-textfile-directory config)))
174 (use-modules (guix build utils))
175
176 (when textfile-directory
177 (let ((user (getpw "prometheus-node-exporter")))
178 #t
179 (mkdir-p textfile-directory)
180 (chown textfile-directory (passwd:uid user) (passwd:gid user))
181 (chmod textfile-directory #o775))))))
182
a33652ee
GB		 183(define prometheus-node-exporter-service-type
184 (service-type
185 (name 'prometheus-node-exporter)
186 (description
187 "Run @command{node_exporter} to serve hardware and OS metrics to
502cb3f8 188Prometheus.")
a33652ee 189 (extensions
6574298e
CB		 190 (list
191 (service-extension account-service-type
192 (const %prometheus-node-exporter-accounts))
fd143855
CB		 193 (service-extension activation-service-type
194 prometheus-node-exporter-activation)
6574298e
CB		 195 (service-extension shepherd-root-service-type
196 prometheus-node-exporter-shepherd-service)))
4074ee4e 197 (default-value (prometheus-node-exporter-configuration))))
6b1c4179
OP		 198
199\f
200;;;
201;;; Zabbix server
202;;;
203
204(define (uglify-field-name field-name)
205 (apply string-append
206 (map (lambda (str)
207 (if (member (string->symbol str) '(ca db ssl))
208 (string-upcase str)
209 (string-capitalize str)))
210 (string-split (string-delete #\?
211 (symbol->string field-name))
212 #\-))))
213
214(define (serialize-field field-name val)
ab8b76b7 215 #~(format #f "~a=~a~%" #$(uglify-field-name field-name) #$val))
6b1c4179
OP		 216
217(define (serialize-number field-name val)
218 (serialize-field field-name (number->string val)))
219
220(define (serialize-list field-name val)
ab8b76b7
MB		 221 #~(if (null? '#$val)
222 ""
223 #$(serialize-field field-name (string-join val ","))))
224
6b1c4179
OP		 225
226(define (serialize-string field-name val)
227 (if (and (string? val) (string=? val ""))
228 ""
229 (serialize-field field-name val)))
230
231(define group? string?)
232
233(define serialize-group
234 (const ""))
235
236(define include-files? list?)
237
238(define (serialize-include-files field-name val)
ab8b76b7 239 #~(string-append #$@(map (cut serialize-field 'include <>) val)))
6b1c4179
OP		 240
241(define extra-options? string?)
242
243(define (serialize-extra-options field-name val)
ab8b76b7 244 #~(if (= 0 (string-length #$val)) "" #$(format #f "~a~%" val)))
6b1c4179 245
85c07cff
OP		 246(define (nginx-server-configuration-list? val)
247 (and (list? val) (and-map nginx-server-configuration? val)))
248
249(define (serialize-nginx-server-configuration-list field-name val)
250 "")
251
6b1c4179
OP		 252(define-configuration zabbix-server-configuration
253 (zabbix-server
892f1b72 254 (file-like zabbix-server)
6b1c4179
OP		 255 "The zabbix-server package.")
256 (user
257 (string "zabbix")
258 "User who will run the Zabbix server.")
259 (group ;for zabbix-server-account procedure
260 (group "zabbix")
261 "Group who will run the Zabbix server.")
262 (db-host
263 (string "127.0.0.1")
264 "Database host name.")
265 (db-name
266 (string "zabbix")
267 "Database name.")
268 (db-user
269 (string "zabbix")
270 "Database user.")
271 (db-password
272 (string "")
273 "Database password. Please, use @code{include-files} with
274@code{DBPassword=SECRET} inside a specified file instead.")
275 (db-port
276 (number 5432)
277 "Database port.")
278 (log-type
279 (string "")
280 "Specifies where log messages are written to:
281@itemize
282@item @code{system} - syslog.
283@item @code{file} - file specified with @code{log-file} parameter.
284@item @code{console} - standard output.
285@end itemize\n")
286 (log-file
287 (string "/var/log/zabbix/server.log")
288 "Log file name for @code{log-type} @code{file} parameter.")
289 (pid-file
290 (string "/var/run/zabbix/zabbix_server.pid")
291 "Name of PID file.")
292 (ssl-ca-location
293 (string "/etc/ssl/certs/ca-certificates.crt")
294 "The location of certificate authority (CA) files for SSL server
295certificate verification.")
296 (ssl-cert-location
297 (string "/etc/ssl/certs")
298 "Location of SSL client certificates.")
299 (extra-options
300 (extra-options "")
301 "Extra options will be appended to Zabbix server configuration file.")
302 (include-files
303 (include-files '())
304 "You may include individual files or all files in a directory in the
305configuration file."))
306
307(define (zabbix-server-account config)
308 "Return the user accounts and user groups for CONFIG."
309 (let ((zabbix-user (zabbix-server-configuration-user config))
310 (zabbix-group (zabbix-server-configuration-group config)))
311 (list (user-group (name zabbix-group) (system? #t))
312 (user-account
313 (name zabbix-user)
314 (system? #t)
315 (group zabbix-group)
316 (comment "zabbix privilege separation user")
317 (home-directory (string-append "/var/run/" zabbix-user))
56a93cb9 318 (shell (file-append shadow "/sbin/nologin"))))))
6b1c4179
OP		 319
320(define (zabbix-server-config-file config)
321 "Return the zabbix-server configuration file corresponding to CONFIG."
322 (computed-file
323 "zabbix_server.conf"
324 #~(begin
325 (call-with-output-file #$output
326 (lambda (port)
ab8b76b7
MB		 327 (format port "# Generated by 'zabbix-server-service'.~%")
328 (format port #$(serialize-configuration
329 config zabbix-server-configuration-fields)))))))
6b1c4179
OP		 330
331(define (zabbix-server-activation config)
332 "Return the activation gexp for CONFIG."
a4e7749e 333 (with-imported-modules '((guix build utils))
6b1c4179
OP		 334 #~(begin
335 (use-modules (guix build utils)
336 (ice-9 rdelim))
337 (let ((user (getpw #$(zabbix-server-configuration-user config))))
338 (for-each (lambda (file)
339 (let ((directory (dirname file)))
340 (mkdir-p directory)
341 (chown directory (passwd:uid user) (passwd:gid user))
342 (chmod directory #o755)))
343 (list #$(zabbix-server-configuration-log-file config)
344 #$(zabbix-server-configuration-pid-file config)
345 "/etc/zabbix/maintenance.inc.php"))))))
346
5122805c
MB		 347(define (zabbix-server-runtime-control-procedure zabbix-server config command)
348 ;; XXX: This is duplicated from mcron; factorize.
349 #~(lambda (_ . args)
350 ;; Run 'zabbix_server' in a pipe so we can explicitly redirect its output
351 ;; to 'current-output-port', which at this stage is bound to the client
352 ;; connection.
353 (let ((pipe (apply open-pipe* OPEN_READ #$zabbix-server
354 "--config" #$config
355 "-R" #$command args)))
356 (let loop ()
357 (match (read-line pipe 'concat)
358 ((? eof-object?)
359 (catch 'system-error
360 (lambda ()
361 (zero? (close-pipe pipe)))
362 (lambda args
363 ;; There's a race with the SIGCHLD handler, which could
364 ;; call 'waitpid' before 'close-pipe' above does. If we
365 ;; get ECHILD, that means we lost the race; in that case, we
366 ;; cannot tell what the exit code was (FIXME).
367 (or (= ECHILD (system-error-errno args))
368 (apply throw args)))))
369 (line
370 (display line)
371 (loop)))))))
372
373;; Provide shepherd actions for common "zabbix_server -R" commands
374;; mainly for a convenient way to use the correct configuration file.
375(define (zabbix-server-actions zabbix-server config)
376 (list (shepherd-action
377 (name 'reload-config-cache)
378 (documentation "Reload the configuration cache.")
379 (procedure (zabbix-server-runtime-control-procedure
380 zabbix-server config "config_cache_reload")))
381 (shepherd-action
382 (name 'reload-snmp-cache)
383 (documentation "Reload SNMP cache.")
384 (procedure (zabbix-server-runtime-control-procedure
385 zabbix-server config "snmp_cache_reload")))))
386
6b1c4179
OP		 387(define (zabbix-server-shepherd-service config)
388 "Return a <shepherd-service> for Zabbix server with CONFIG."
5122805c
MB		 389 (let ((zabbix-server
390 (file-append (zabbix-server-configuration-zabbix-server config)
391 "/sbin/zabbix_server"))
392 (config-file (zabbix-server-config-file config)))
393 (list (shepherd-service
394 (provision '(zabbix-server))
1059c2bb 395 (requirement '(user-processes))
5122805c
MB		 396 (documentation "Run the Zabbix server daemon.")
397 (actions (zabbix-server-actions zabbix-server config-file))
398 (start #~(make-forkexec-constructor
399 (list #$zabbix-server
400 "--config" #$config-file
401 "--foreground")
402 #:user #$(zabbix-server-configuration-user config)
403 #:group #$(zabbix-server-configuration-group config)
404 #:pid-file #$(zabbix-server-configuration-pid-file config)
405 #:environment-variables
406 (list "SSL_CERT_DIR=/run/current-system/profile\
6b1c4179 407/etc/ssl/certs"
5122805c 408 "SSL_CERT_FILE=/run/current-system/profile\
6b1c4179 409/etc/ssl/certs/ca-certificates.crt")))
5122805c 410 (stop #~(make-kill-destructor))))))
6b1c4179
OP		 411
412(define zabbix-server-service-type
413 (service-type
414 (name 'zabbix-server)
415 (extensions
416 (list (service-extension shepherd-root-service-type
417 zabbix-server-shepherd-service)
418 (service-extension account-service-type
419 zabbix-server-account)
420 (service-extension activation-service-type
421 zabbix-server-activation)))
9d7248cd
LC		 422 (default-value (zabbix-server-configuration))
423 (description "Run the Zabbix server, a high-performance monitoring system
424that can collect data about machines from a variety of sources and provide the
425results in a Web interface.")))
6b1c4179
OP		 426
427(define (generate-zabbix-server-documentation)
428 (generate-documentation
429 `((zabbix-server-configuration
430 ,zabbix-server-configuration-fields))
431 'zabbix-server-configuration))
6106d7ca
OP		 432
433(define-configuration zabbix-agent-configuration
434 (zabbix-agent
892f1b72 435 (file-like zabbix-agentd)
6106d7ca
OP		 436 "The zabbix-agent package.")
437 (user
438 (string "zabbix")
439 "User who will run the Zabbix agent.")
440 (group
441 (group "zabbix")
442 "Group who will run the Zabbix agent.")
443 (hostname
8518a369 444 (string "")
6106d7ca
OP		 445 "Unique, case sensitive hostname which is required for active checks and
446must match hostname as configured on the server.")
447 (log-type
448 (string "")
449 "Specifies where log messages are written to:
450@itemize
451@item @code{system} - syslog.
452@item @code{file} - file specified with @code{log-file} parameter.
453@item @code{console} - standard output.
454@end itemize\n")
455 (log-file
456 (string "/var/log/zabbix/agent.log")
457 "Log file name for @code{log-type} @code{file} parameter.")
458 (pid-file
459 (string "/var/run/zabbix/zabbix_agent.pid")
460 "Name of PID file.")
461 (server
462 (list '("127.0.0.1"))
463 "List of IP addresses, optionally in CIDR notation, or hostnames of Zabbix
464servers and Zabbix proxies. Incoming connections will be accepted only from
465the hosts listed here.")
466 (server-active
467 (list '("127.0.0.1"))
468 "List of IP:port (or hostname:port) pairs of Zabbix servers and Zabbix
469proxies for active checks. If port is not specified, default port is used.
470If this parameter is not specified, active checks are disabled.")
471 (extra-options
85c07cff 472 (extra-options "")
6106d7ca
OP		 473 "Extra options will be appended to Zabbix server configuration file.")
474 (include-files
475 (include-files '())
476 "You may include individual files or all files in a directory in the
477configuration file."))
478
479(define (zabbix-agent-account config)
480 "Return the user accounts and user groups for CONFIG."
88e4c874
MB		 481 (let ((zabbix-user (zabbix-agent-configuration-user config))
482 (zabbix-group (zabbix-agent-configuration-group config)))
6106d7ca
OP		 483 (list (user-group (name zabbix-group) (system? #t))
484 (user-account
485 (name zabbix-user)
486 (system? #t)
487 (group zabbix-group)
488 (comment "zabbix privilege separation user")
489 (home-directory (string-append "/var/run/" zabbix-user))
56a93cb9 490 (shell (file-append shadow "/sbin/nologin"))))))
6106d7ca
OP		 491
492(define (zabbix-agent-activation config)
493 "Return the activation gexp for CONFIG."
a4e7749e 494 (with-imported-modules '((guix build utils))
6106d7ca
OP		 495 #~(begin
496 (use-modules (guix build utils)
497 (ice-9 rdelim))
498 (let ((user
499 (getpw #$(zabbix-agent-configuration-user config))))
500 (for-each (lambda (file)
501 (let ((directory (dirname file)))
502 (mkdir-p directory)
503 (chown directory (passwd:uid user) (passwd:gid user))
504 (chmod directory #o755)))
505 (list #$(zabbix-agent-configuration-log-file config)
506 #$(zabbix-agent-configuration-pid-file config)))))))
507
508(define (zabbix-agent-config-file config)
509 "Return the zabbix-agent configuration file corresponding to CONFIG."
510 (computed-file
511 "zabbix_agent.conf"
512 #~(begin
513 (call-with-output-file #$output
514 (lambda (port)
ab8b76b7
MB		 515 (format port "# Generated by 'zabbix-agent-service'.~%")
516 (format port #$(serialize-configuration
517 config zabbix-agent-configuration-fields)))))))
6106d7ca
OP		 518
519(define (zabbix-agent-shepherd-service config)
520 "Return a <shepherd-service> for Zabbix agent with CONFIG."
521 (list (shepherd-service
522 (provision '(zabbix-agent))
1059c2bb 523 (requirement '(user-processes))
6106d7ca
OP		 524 (documentation "Run Zabbix agent daemon.")
525 (start #~(make-forkexec-constructor
526 (list #$(file-append (zabbix-agent-configuration-zabbix-agent config)
527 "/sbin/zabbix_agentd")
528 "--config" #$(zabbix-agent-config-file config)
529 "--foreground")
530 #:user #$(zabbix-agent-configuration-user config)
531 #:group #$(zabbix-agent-configuration-group config)
532 #:pid-file #$(zabbix-agent-configuration-pid-file config)
533 #:environment-variables
534 (list "SSL_CERT_DIR=/run/current-system/profile\
535/etc/ssl/certs"
536 "SSL_CERT_FILE=/run/current-system/profile\
756f16aa
MB		 537/etc/ssl/certs/ca-certificates.crt"
538 "PATH=/run/setuid-programs:\
539/run/current-system/profile/bin:/run/current-system/profile/sbin")))
6106d7ca
OP		 540 (stop #~(make-kill-destructor)))))
541
542(define zabbix-agent-service-type
543 (service-type
544 (name 'zabbix-agent)
545 (extensions
546 (list (service-extension shepherd-root-service-type
547 zabbix-agent-shepherd-service)
548 (service-extension account-service-type
549 zabbix-agent-account)
550 (service-extension activation-service-type
551 zabbix-agent-activation)))
9d7248cd
LC		 552 (default-value (zabbix-agent-configuration))
553 (description "Run the Zabbix agent, @command{zabbix_agentd}, which gathers
554information about the running system for the Zabbix monitoring server.")))
6106d7ca
OP		 555
556(define (generate-zabbix-agent-documentation)
557 (generate-documentation
558 `((zabbix-agent-configuration
559 ,zabbix-agent-configuration-fields))
560 'zabbix-agent-configuration))
85c07cff 561
7c75fff6 562(define %zabbix-front-end-configuration-nginx
326e08bf
MB		 563 (nginx-server-configuration
564 (root #~(string-append #$zabbix-server:front-end "/share/zabbix/php"))
565 (index '("index.php"))
566 (locations
567 (let ((php-location (nginx-php-location)))
568 (list (nginx-location-configuration
569 (inherit php-location)
570 (body (append (nginx-location-configuration-body php-location)
571 (list "
572fastcgi_param PHP_VALUE \"post_max_size = 16M
573 max_execution_time = 300\";
574")))))))
575 (listen '("80"))))
576
577(define (zabbix-front-end-nginx-extension config)
578 (match config
579 (($ <zabbix-front-end-configuration> _ server nginx)
580 (if (null? nginx)
581 (list
582 (nginx-server-configuration
7c75fff6 583 (inherit %zabbix-front-end-configuration-nginx)
326e08bf
MB		 584 (root #~(string-append #$server:front-end "/share/zabbix/php"))))
585 nginx))))
586
85c07cff 587(define-configuration zabbix-front-end-configuration
e301f1a8
MB		 588 (zabbix-server
589 (file-like zabbix-server)
590 "The Zabbix server package to use.")
326e08bf
MB		 591 (nginx
592 (list '())
b38ce848
MB		 593 "List of @ref{nginx-server-configuration,@code{nginx-server-configuration}}
594blocks for the Zabbix front-end. When empty, a default that listens on port 80
595is used.")
85c07cff
OP		 596 (db-host
597 (string "localhost")
598 "Database host name.")
599 (db-port
600 (number 5432)
601 "Database port.")
602 (db-name
603 (string "zabbix")
604 "Database name.")
605 (db-user
606 (string "zabbix")
607 "Database user.")
608 (db-password
609 (string "")
610 "Database password. Please, use @code{db-secret-file} instead.")
611 (db-secret-file
612 (string "")
613 "Secret file which will be appended to @file{zabbix.conf.php} file. This
614file contains credentials for use by Zabbix front-end. You are expected to
615create it manually.")
616 (zabbix-host
617 (string "localhost")
618 "Zabbix server hostname.")
619 (zabbix-port
620 (number 10051)
621 "Zabbix server port."))
622
e44de1d2
OP		 623(define (zabbix-front-end-config config)
624 (match-record config <zabbix-front-end-configuration>
625 (%location db-host db-port db-name db-user db-password db-secret-file
626 zabbix-host zabbix-port)
627 (mixed-text-file "zabbix.conf.php"
628 "\
85c07cff
OP		 629<?php
630// Zabbix GUI configuration file.
631global $DB;
632
633$DB['TYPE'] = 'POSTGRESQL';
634$DB['SERVER'] = '" db-host "';
635$DB['PORT'] = '" (number->string db-port) "';
636$DB['DATABASE'] = '" db-name "';
637$DB['USER'] = '" db-user "';
078f5bfa 638$DB['PASSWORD'] = " (let ((file (location-file %location))
8fa6f975
MB		 639 (line (location-line %location))
640 (column (location-column %location)))
641 (if (string-null? db-password)
642 (if (string-null? db-secret-file)
643 (raise (make-compound-condition
644 (condition
645 (&message
646 (message
647 (format #f "no '~A' or '~A' field in your '~A' record"
648 'db-secret-file 'db-password
649 'zabbix-front-end-configuration))))
650 (condition
651 (&error-location
652 (location %location)))))
653 (string-append "trim(file_get_contents('"
654 db-secret-file "'));\n"))
655 (begin
656 (display-hint (format #f (G_ "~a:~a:~a: ~a:
e44de1d2
OP		 657Consider using @code{db-secret-file} instead of @code{db-password} for better
658security.") file line column 'zabbix-front-end-configuration))
8fa6f975
MB		 659 (format #f "'~a';~%" db-password))))
660 "
85c07cff
OP		 661// Schema name. Used for IBM DB2 and PostgreSQL.
662$DB['SCHEMA'] = '';
663
7f12a40e
MB		 664// Use IEEE754 compatible value range for 64-bit Numeric (float) history values.
665$DB['DOUBLE_IEEE754'] = true;
666
85c07cff
OP		 667$ZBX_SERVER = '" zabbix-host "';
668$ZBX_SERVER_PORT = '" (number->string zabbix-port) "';
669$ZBX_SERVER_NAME = '';
670
671$IMAGE_FORMAT_DEFAULT = IMAGE_FORMAT_PNG;
e44de1d2 672")))
85c07cff
OP		 673
674(define %maintenance.inc.php
675 ;; Empty php file to allow us move zabbix-frontend configs to ‘/etc/zabbix’
676 ;; directory. See ‘install-front-end’ phase in
677 ;; (@ (gnu packages monitoring) zabbix-server) package.
678 "\
679<?php
680")
681
682(define (zabbix-front-end-activation config)
683 "Return the activation gexp for CONFIG."
684 #~(begin
685 (use-modules (guix build utils))
686 (mkdir-p "/etc/zabbix")
687 (call-with-output-file "/etc/zabbix/maintenance.inc.php"
688 (lambda (port)
689 (display #$%maintenance.inc.php port)))
690 (copy-file #$(zabbix-front-end-config config)
691 "/etc/zabbix/zabbix.conf.php")))
692
693(define zabbix-front-end-service-type
694 (service-type
695 (name 'zabbix-front-end)
696 (extensions
697 (list (service-extension activation-service-type
698 zabbix-front-end-activation)
699 (service-extension nginx-service-type
326e08bf 700 zabbix-front-end-nginx-extension)
85c07cff
OP		 701 ;; Make sure php-fpm is instantiated.
702 (service-extension php-fpm-service-type
703 (const #t))))
704 (default-value (zabbix-front-end-configuration))
705 (description
706 "Run the zabbix-front-end web interface, which allows users to interact
707with Zabbix server.")))
708
709(define (generate-zabbix-front-end-documentation)
710 (generate-documentation
711 `((zabbix-front-end-configuration
712 ,zabbix-front-end-configuration-fields))
713 'zabbix-front-end-configuration))
jackhill's copy of GNU Guix: https://guix.gnu.org/