| blob | 035485a939b853e82afb262380383833ec0431bc |
1 {
2 config,
3 lib,
4 pkgs,
5 ...
6 }:
7 let
8 cfg = config.services.nezha-agent;
9 in
10 {
11 meta = {
12 maintainers = with lib.maintainers; [ moraxyc ];
13 };
14 options = {
15 services.nezha-agent = {
16 enable = lib.mkEnableOption "Agent of Nezha Monitoring";
18 package = lib.mkPackageOption pkgs "nezha-agent" { };
19 debug = lib.mkEnableOption "verbose log";
20 tls = lib.mkOption {
21 type = lib.types.bool;
22 default = false;
23 description = ''
24 Enable SSL/TLS encryption.
25 '';
26 };
27 gpu = lib.mkOption {
28 type = lib.types.bool;
29 default = true;
30 description = ''
31 Enable GPU monitoring.
32 '';
33 };
34 temperature = lib.mkOption {
35 type = lib.types.bool;
36 default = true;
37 description = ''
38 Enable temperature monitoring.
39 '';
40 };
41 useIPv6CountryCode = lib.mkOption {
42 type = lib.types.bool;
43 default = true;
44 description = ''
45 Use ipv6 countrycode to report location.
46 '';
47 };
48 disableCommandExecute = lib.mkOption {
49 type = lib.types.bool;
50 default = true;
51 description = ''
52 Disable executing the command from dashboard.
53 '';
54 };
55 disableNat = lib.mkOption {
56 type = lib.types.bool;
57 default = false;
58 description = ''
59 Disable NAT penetration.
60 '';
61 };
62 disableSendQuery = lib.mkOption {
63 type = lib.types.bool;
64 default = false;
65 description = ''
66 Disable sending TCP/ICMP/HTTP requests.
67 '';
68 };
69 skipConnection = lib.mkOption {
70 type = lib.types.bool;
71 default = false;
72 description = ''
73 Do not monitor the number of connections.
74 '';
75 };
76 skipProcess = lib.mkOption {
77 type = lib.types.bool;
78 default = false;
79 description = ''
80 Do not monitor the number of processes.
81 '';
82 };
83 reportDelay = lib.mkOption {
84 type = lib.types.enum [
85 1
86 2
87 3
88 4
89 ];
90 default = 1;
91 description = ''
92 The interval between system status reportings.
93 The value must be an integer from 1 to 4
94 '';
95 };
96 passwordFile = lib.mkOption {
97 type = with lib.types; nullOr str;
98 default = null;
99 description = ''
100 Path to the file contained the password from dashboard.
101 '';
102 };
103 server = lib.mkOption {
104 type = lib.types.str;
105 description = ''
106 Address to the dashboard
107 '';
108 };
109 extraFlags = lib.mkOption {
110 type = lib.types.listOf lib.types.str;
111 default = [ ];
112 example = [ "--gpu" ];
113 description = ''
114 Extra command-line flags passed to nezha-agent.
115 '';
116 };
117 };
118 };
120 config = lib.mkIf cfg.enable {
121 systemd.packages = [ cfg.package ];
123 systemd.services.nezha-agent = {
124 serviceConfig = {
125 ProtectSystem = "full";
126 PrivateDevices = "yes";
127 PrivateTmp = "yes";
128 NoNewPrivileges = true;
129 };
130 path = [ cfg.package ];
131 startLimitIntervalSec = 10;
132 startLimitBurst = 3;
133 script = lib.concatStringsSep " " (
134 [
135 "${lib.getExe cfg.package}"
136 "--disable-auto-update"
137 "--disable-force-update"
138 "--password $(cat ${cfg.passwordFile})"
139 ]
140 ++ lib.optional cfg.debug "--debug"
141 ++ lib.optional cfg.disableCommandExecute "--disable-command-execute"
142 ++ lib.optional cfg.disableNat "--disable-nat"
143 ++ lib.optional cfg.disableSendQuery "--disable-send-query"
144 ++ lib.optional (cfg.reportDelay != null) "--report-delay ${toString cfg.reportDelay}"
145 ++ lib.optional (cfg.server != null) "--server ${cfg.server}"
146 ++ lib.optional cfg.skipConnection "--skip-conn"
147 ++ lib.optional cfg.skipProcess "--skip-procs"
148 ++ lib.optional cfg.tls "--tls"
149 ++ lib.optional cfg.gpu "--gpu"
150 ++ lib.optional cfg.temperature "--temperature"
151 ++ lib.optional cfg.useIPv6CountryCode "--use-ipv6-countrycode"
152 ++ cfg.extraFlags
153 );
154 wantedBy = [ "multi-user.target" ];
155 };
156 };
157 }