Skip to content

Commit

Permalink
WIP
Browse files Browse the repository at this point in the history
  • Loading branch information
@rhoriguchi
rhoriguchi committed Nov 26, 2024
1 parent 886457d commit 51903e9
Show file tree
Hide file tree
Showing 5 changed files with 98 additions and 0 deletions.
2 changes: 2 additions & 0 deletions configuration/devices/headless/router/default.nix
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,9 @@ in {

./adguardhome.nix
./firewall.nix
./librenms.nix
./routing.nix
./snmp.nix
./web-proxy.nix

./hardware-configuration.nix
Expand Down
62 changes: 62 additions & 0 deletions configuration/devices/headless/router/librenms.nix
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,62 @@
{ config, lib, secrets, ... }: {
services = {
infomaniak = {
enable = true;

username = secrets.infomaniak.username;
password = secrets.infomaniak.password;
hostnames = [ "librenms.00a.ch" ];
};

librenms = {
enable = true;

hostname = "librenms.00a.ch";

settings = {
autodiscovery.nets-exclude = [ ];
nets = [ "127.0.0.1" "192.168.1.0/24" ];
discovery_by_ip = true;
};

database = {
createLocally = true;
socket = "/run/mysqld/mysqld.sock";
};

nginx = {
enableACME = true;
forceSSL = true;
};
};
};

systemd.services.librenms-create-admin-user = {
after = [ "librenms-setup.service" ];
wantedBy = [ "multi-user.target" ];

serviceConfig = {
Type = "oneshot";
RemainAfterExit = true;
User = config.services.librenms.user;
Group = config.services.librenms.group;
};

script = let
pkg = builtins.head (builtins.filter (pkg: pkg.name == "lnms") config.environment.systemPackages);
lnms = "${pkg}/bin/lnms";
in ''
${lnms} db:seed --force
${lib.concatStringsSep "\n" (lib.mapAttrsToList (key: value:
"${lnms} user:add ${
lib.concatStringsSep " " [
''--password "${value.password}"''
"--role admin"
''--email "${config.security.acme.defaults.email}"''
"--no-interaction"
]
} ${key} || true") secrets.librenms.users)}
'';
};
}
15 changes: 15 additions & 0 deletions configuration/devices/headless/router/snmp.nix
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,15 @@
{ config, ... }: {
services.snmpd = {
enable = true;

listenAddress = "127.0.0.1";
configText = ''
rocommunity public
sysLocation Cabinet
sysContact "${config.security.acme.defaults.email}"
deny write all
'';
};
}
19 changes: 19 additions & 0 deletions modules/default/librenms.nix
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
# TODO remove when merged https://nixpk.gs/pr-tracker.html?pr=359182

{ modulesPath, ... }:
let
src = let
owner = "NixOS";
repo = "nixpkgs";
rev = "d288f8679b6767758391b51cd4b0bf918e56f243";
sha256 = "sha256:0fnwag40a33dvcpaz4bbl2sz38b7fslhcnpl2336lb7w27ahbqqb";
in builtins.fetchTarball {
name = "nixpkgs";
url = "https://github.com/${owner}/${repo}/archive/${rev}.tar.gz";
inherit sha256;
};
in {
disabledModules = [ "${modulesPath}/services/monitoring/librenms.nix" ];

imports = [ "${src}/nixos/modules/services/monitoring/librenms.nix" ];
}
Binary file modified secrets.nix
View file
Binary file not shown.

0 comments on commit 51903e9

Please sign in to comment.