hswaw/machines/customs: check in code.hackerspace.pl/vuko/customs
Change-Id: Ic698cce2ef0060a54b195cf90574696b8be1eb0f
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1162
Reviewed-by: informatic <informatic@hackerspace.pl>
diff --git a/hswaw/machines/customs.hackerspace.pl/mikrotik-exporter.nix b/hswaw/machines/customs.hackerspace.pl/mikrotik-exporter.nix
new file mode 100644
index 0000000..26399f3
--- /dev/null
+++ b/hswaw/machines/customs.hackerspace.pl/mikrotik-exporter.nix
@@ -0,0 +1,32 @@
+{ pkgs, ... }:
+
+let
+ unstable = import (fetchTarball {
+ sha256 = "0ww70kl08rpcsxb9xdx8m48vz41dpss4hh3vvsmswll35l158x0v";
+ url = "https://api.github.com/repos/NixOS/nixpkgs-channels/tarball/84d74ae9c9cbed73274b8e4e00be14688ffc93fe";
+ }) {config = pkgs.config; };
+
+ name = "mikrotik-exporter";
+ user = name;
+ group = name;
+
+ prepare-secrets = pkgs.writeShellScript "${name}-secrets" ''
+ ${pkgs.coreutils}/bin/install --owner=${user} --mode=500 --directory /mnt/secrets/${name}
+ ${pkgs.coreutils}/bin/install --owner=${user} --mode=400 -t /mnt/secrets/${name} \
+ /etc/nixos/secrets/${name}/ap.yml
+ '';
+in {
+ users.users."${user}" = {
+ group = "${group}";
+ useDefaultShell = true;
+ };
+ users.groups."${group}" = {};
+
+ systemd.services."${name}" = {
+ description = "Mikrotik prometheus exporter";
+ wantedBy = [ "multi-user.target" ];
+ serviceConfig.Type = "simple";
+ serviceConfig.ExecStartPre = [ "!${prepare-secrets}" ];
+ serviceConfig.ExecStart = "${unstable.prometheus-mikrotik-exporter}/bin/mikrotik-exporter -config-file /mnt/secrets/${name}/ap.yml -port 127.0.0.1:9436";
+ };
+}