| { pkgs, ... }: |
| |
| let |
| unstable = import (fetchTarball { |
| sha256 = "0ww70kl08rpcsxb9xdx8m48vz41dpss4hh3vvsmswll35l158x0v"; |
| url = "https://api.github.com/repos/NixOS/nixpkgs-channels/tarball/84d74ae9c9cbed73274b8e4e00be14688ffc93fe"; |
| }) {config = pkgs.config; }; |
| |
| name = "mikrotik-exporter"; |
| user = name; |
| group = name; |
| |
| prepare-secrets = pkgs.writeShellScript "${name}-secrets" '' |
| ${pkgs.coreutils}/bin/install --owner=${user} --mode=500 --directory /mnt/secrets/${name} |
| ${pkgs.coreutils}/bin/install --owner=${user} --mode=400 -t /mnt/secrets/${name} \ |
| /etc/nixos/secrets/${name}/ap.yml |
| ''; |
| in { |
| users.users."${user}" = { |
| group = "${group}"; |
| isSystemUser = true; |
| uid = 1003; |
| }; |
| users.groups."${group}" = {}; |
| |
| systemd.services."${name}" = { |
| description = "Mikrotik prometheus exporter"; |
| wantedBy = [ "multi-user.target" ]; |
| serviceConfig.Type = "simple"; |
| serviceConfig.ExecStartPre = [ "!${prepare-secrets}" ]; |
| serviceConfig.ExecStart = "${unstable.prometheus-mikrotik-exporter}/bin/mikrotik-exporter -config-file /mnt/secrets/${name}/ap.yml -port 127.0.0.1:9436"; |
| }; |
| } |