| blob | 5a2b2ab47ccd6a1a34b8ee43fe727474ad78c6f7 |
1 {
2 config,
3 lib,
4 pkgs,
5 options,
6 ...
7 }:
8 let
9 cfg = config.services.prometheus.exporters.mysqld;
10 inherit (lib)
11 types
12 mkOption
13 mkIf
14 mkForce
15 cli
16 concatStringsSep
17 optionalString
18 escapeShellArgs
19 ;
20 in
21 {
22 port = 9104;
23 extraOpts = {
24 telemetryPath = mkOption {
25 type = types.str;
26 default = "/metrics";
27 description = ''
28 Path under which to expose metrics.
29 '';
30 };
32 runAsLocalSuperUser = mkOption {
33 type = types.bool;
34 default = false;
35 description = ''
36 Whether to run the exporter as {option}`services.mysql.user`.
37 '';
38 };
40 configFile = mkOption {
41 type = types.path;
42 example = "/var/lib/prometheus-mysqld-exporter.cnf";
43 description = ''
44 Path to the services config file.
46 See <https://github.com/prometheus/mysqld_exporter#running> for more information about
47 the available options.
49 ::: {.warn}
50 Please do not store this file in the nix store if you choose to include any credentials here,
51 as it would be world-readable.
52 :::
53 '';
54 };
55 };
57 serviceOpts = {
58 serviceConfig = {
59 DynamicUser = !cfg.runAsLocalSuperUser;
60 User = mkIf cfg.runAsLocalSuperUser (mkForce config.services.mysql.user);
61 LoadCredential = mkIf (cfg.configFile != null) (mkForce ("config:" + cfg.configFile));
62 ExecStart = concatStringsSep " " [
63 "${pkgs.prometheus-mysqld-exporter}/bin/mysqld_exporter"
64 "--web.listen-address=${cfg.listenAddress}:${toString cfg.port}"
65 "--web.telemetry-path=${cfg.telemetryPath}"
66 (optionalString (cfg.configFile != null) ''--config.my-cnf=''${CREDENTIALS_DIRECTORY}/config'')
67 (escapeShellArgs cfg.extraFlags)
68 ];
69 RestrictAddressFamilies = [
70 # The exporter can be configured to talk to a local mysql server via a unix socket.
71 "AF_UNIX"
72 ];
73 };
74 };
75 }